2015-12-23 22:54:56 +01:00
class openstack_integration::swift {
2016-03-01 18:50:40 -05:00
include ::openstack_integration::config
2016-07-15 14:48:19 -04:00
# Setup logging to /var/log/swift
# TODO: Move rsyslog implementation to something more generic
package { 'rsyslog':
ensure => present,
service { 'rsyslog':
ensure => running,
enable => true,
require => Package['rsyslog'],
file { '/var/log/swift':
ensure => directory,
mode => '0755',
file { '/etc/rsyslog.d/10-swift.conf':
ensure => present,
source => "puppet:///modules/${module_name}/rsyslog-swift.conf",
require => [Package['rsyslog'], File['/var/log/swift']],
notify => Service['rsyslog'],
# Ubuntu/Debian requires particular permissions for rsyslog to work
if $::osfamily == 'Debian' {
2018-05-04 09:56:26 +02:00
if $::os_package_type == 'debian' {
File<| title == '/var/log/swift' |> {
owner => 'root',
group => 'adm'
} else {
File<| title == '/var/log/swift' |> {
owner => 'syslog',
group => 'adm'
2016-07-15 14:48:19 -04:00
2015-12-23 22:54:56 +01:00
class { '::swift':
2016-05-20 10:02:32 +02:00
swift_hash_path_suffix => 'secrete',
2015-12-23 22:54:56 +01:00
class { '::swift::proxy':
2016-04-08 12:35:29 -04:00
proxy_local_net_ip => $::openstack_integration::config::host,
2016-02-24 12:36:11 -05:00
workers => '2',
2015-12-23 22:54:56 +01:00
pipeline => [
'catch_errors', 'healthcheck', 'cache', 'tempurl', 'ratelimit',
'authtoken', 'keystone', 'formpost', 'staticweb', 'container_quotas',
'account_quotas', 'proxy-logging', 'proxy-server'
2017-03-06 12:59:37 +01:00
node_timeout => 30,
2015-12-23 22:54:56 +01:00
include ::swift::proxy::catch_errors
include ::swift::proxy::healthcheck
include ::swift::proxy::proxy_logging
2016-07-14 16:24:48 -04:00
# Note (dmsimard): ipv6 parsing in Swift and keystone_authtoken are
# different: https://bugs.launchpad.net/swift/+bug/1610064
class { '::swift::proxy::cache':
memcache_servers => $::openstack_integration::config::swift_memcached_servers
2015-12-23 22:54:56 +01:00
include ::swift::proxy::tempurl
include ::swift::proxy::ratelimit
class { '::swift::proxy::authtoken':
2016-08-30 14:56:51 -04:00
auth_uri => "${::openstack_integration::config::keystone_auth_uri}/v2.0",
auth_url => "${::openstack_integration::config::keystone_admin_uri}/",
password => 'a_big_secret',
2015-12-23 22:54:56 +01:00
class { '::swift::proxy::keystone':
operator_roles => ['Member', 'admin', 'SwiftOperator']
include ::swift::proxy::formpost
include ::swift::proxy::staticweb
include ::swift::proxy::container_quotas
include ::swift::proxy::account_quotas
include ::swift::proxy::tempauth
class { '::swift::keystone::auth':
2016-04-08 12:35:29 -04:00
public_url => "http://${::openstack_integration::config::ip_for_url}:8080/v1/AUTH_%(tenant_id)s",
admin_url => "http://${::openstack_integration::config::ip_for_url}:8080",
internal_url => "http://${::openstack_integration::config::ip_for_url}:8080/v1/AUTH_%(tenant_id)s",
2015-12-23 22:54:56 +01:00
password => 'a_big_secret',
operator_roles => ['admin', 'SwiftOperator', 'ResellerAdmin'],
file { '/srv/node':
ensure => directory,
owner => 'swift',
group => 'swift',
require => Package['swift'],
2017-11-08 16:04:16 +05:30
# Create 3 directories under /srv/node for 3 devices
[1, 2, 3].each | $device | {
file { "/srv/node/${device}":
ensure => directory,
owner => 'swift',
group => 'swift',
require => File['/srv/node'],
2015-12-23 22:54:56 +01:00
include ::swift::ringbuilder
class { '::swift::storage::all':
2016-04-08 12:35:29 -04:00
storage_local_net_ip => $::openstack_integration::config::host,
2015-12-23 22:54:56 +01:00
incoming_chmod => 'Du=rwx,g=rx,o=rx,Fu=rw,g=r,o=r',
outgoing_chmod => 'Du=rwx,g=rx,o=rx,Fu=rw,g=r,o=r',
2015-12-31 09:48:58 -05:00
mount_check => false,
2015-12-23 22:54:56 +01:00
$swift_components = ['account', 'container', 'object']
swift::storage::filter::recon { $swift_components : }
swift::storage::filter::healthcheck { $swift_components : }
2016-01-05 10:01:28 -05:00
# As of mitaka swift-ring-builder requires devices >= replica count
# Default replica count is 3
2016-04-08 12:35:29 -04:00
ring_object_device { ["${::openstack_integration::config::ip_for_url}:6000/1", "${::openstack_integration::config::ip_for_url}:6000/2", "${::openstack_integration::config::ip_for_url}:6000/3"]:
2015-12-23 22:54:56 +01:00
zone => 1,
weight => 1,
2016-04-08 12:35:29 -04:00
ring_container_device { ["${::openstack_integration::config::ip_for_url}:6001/1", "${::openstack_integration::config::ip_for_url}:6001/2", "${::openstack_integration::config::ip_for_url}:6001/3"]:
2015-12-23 22:54:56 +01:00
zone => 1,
weight => 1,
2016-04-08 12:35:29 -04:00
ring_account_device { ["${::openstack_integration::config::ip_for_url}:6002/1", "${::openstack_integration::config::ip_for_url}:6002/2", "${::openstack_integration::config::ip_for_url}:6002/3"]:
2015-12-23 22:54:56 +01:00
zone => 1,
weight => 1,