Support deploying additional internal glance-api service
OSSN-0090 [1] recommends deploying two instances of the glance-api service: a "user facing" service, plus an "internal" service that is accessible via keystone's internal endpoint. To support this, the tripleo::profile::base::glance::api class is enhanced to allow overriding certain associated glance::api parameters. This makes it possible to override parameters when including the glance::api class in order to facilitate configuring two different instances of the glance-api service, each with their own configuration. The tripleo::haproxy class is enhanced to provide HA support for running the internal glance-api service on its own TCP port (defaults to 9293). [1] https://wiki.openstack.org/wiki/OSSN/OSSN-0090 stable/wallaby: Minor conflicts were resolved, most of which were due to using the hiera() versus lookup() functions. Change-Id: Ideb5a951d538d9e2c7cca11dfe0e8b99520de959 (cherry picked from commitb3be1dc18c
) (cherry picked from commitd5a1c0d4d8
)
This commit is contained in:
parent
4fbfb41695
commit
08e4898053
|
@ -209,6 +209,10 @@
|
|||
# (optional) Enable or not Glance API binding
|
||||
# Defaults to hiera('glance_api_enabled', false)
|
||||
#
|
||||
# [*glance_api_internal*]
|
||||
# (optional) Enable or not Glance API (internal) binding
|
||||
# Defaults to hiera('glance_api_internal_enabled', false)
|
||||
#
|
||||
# [*nova_osapi*]
|
||||
# (optional) Enable or not Nova API binding
|
||||
# Defaults to hiera('nova_api_enabled', false)
|
||||
|
@ -485,6 +489,7 @@
|
|||
# 'docker_registry_port' (Defaults to 8787)
|
||||
# 'docker_registry_ssl_port' (Defaults to 13787)
|
||||
# 'glance_api_port' (Defaults to 9292)
|
||||
# 'glance_api_internal_port' (Defaults to 9293)
|
||||
# 'glance_api_ssl_port' (Defaults to 13292)
|
||||
# 'gnocchi_api_port' (Defaults to 8041)
|
||||
# 'gnocchi_api_ssl_port' (Defaults to 13041)
|
||||
|
@ -567,6 +572,7 @@ class tripleo::haproxy (
|
|||
$cinder = hiera('cinder_api_enabled', false),
|
||||
$manila = hiera('manila_api_enabled', false),
|
||||
$glance_api = hiera('glance_api_enabled', false),
|
||||
$glance_api_internal = hiera('glance_api_internal_enabled', false),
|
||||
$nova_osapi = hiera('nova_api_enabled', false),
|
||||
$placement = hiera('placement_enabled', false),
|
||||
$nova_metadata = hiera('nova_metadata_enabled', false),
|
||||
|
@ -646,6 +652,7 @@ class tripleo::haproxy (
|
|||
docker_registry_ssl_port => 13787,
|
||||
etcd_port => 2379,
|
||||
glance_api_port => 9292,
|
||||
glance_api_internal_port => 9293,
|
||||
glance_api_ssl_port => 13292,
|
||||
gnocchi_api_port => 8041,
|
||||
gnocchi_api_ssl_port => 13041,
|
||||
|
@ -968,6 +975,32 @@ class tripleo::haproxy (
|
|||
}
|
||||
}
|
||||
|
||||
if $glance_api_internal {
|
||||
$glance_internal_frontend_opts = {
|
||||
'option' => [ 'httplog', 'forwardfor' ],
|
||||
}
|
||||
$glance_internal_backend_opts = {
|
||||
'option' => [ 'httpchk GET /healthcheck' ],
|
||||
}
|
||||
$glance_internal_listen_opts = merge_hash_values($glance_internal_frontend_opts,
|
||||
$glance_internal_backend_opts)
|
||||
|
||||
# The glance_api_internal service uses the same network and internal VIP as the
|
||||
# glance_api service. There is no public VIP (that's handled by the glance_api service).
|
||||
::tripleo::haproxy::endpoint { 'glance_api_internal':
|
||||
internal_ip => lookup('glance_api_vip', undef, undef, $controller_virtual_ip),
|
||||
service_port => $ports[glance_api_internal_port],
|
||||
ip_addresses => lookup('glance_api_internal_node_ips', undef, undef, $controller_hosts_real),
|
||||
server_names => lookup('glance_api_internal_node_names', undef, undef, $controller_hosts_names_real),
|
||||
mode => 'http',
|
||||
listen_options => merge($default_listen_options, $glance_internal_listen_opts),
|
||||
frontend_options => merge($default_frontend_options, $glance_internal_frontend_opts),
|
||||
backend_options => merge($default_backend_options, $glance_internal_backend_opts),
|
||||
service_network => $glance_api_network,
|
||||
member_options => union($haproxy_member_options, $internal_tls_member_options),
|
||||
}
|
||||
}
|
||||
|
||||
if $ceph_grafana {
|
||||
if $enable_internal_tls {
|
||||
$ceph_grafana_tls_member_options = ['ssl check verify none']
|
||||
|
|
|
@ -51,6 +51,29 @@
|
|||
# This is set by t-h-t.
|
||||
# Defaults to hiera('glance_api_network', undef)
|
||||
#
|
||||
# [*bind_port*]
|
||||
# (optional) The port the server should bind to.
|
||||
# Default: 9292
|
||||
#
|
||||
# [*log_dir*]
|
||||
# (Optional) Directory where logs should be stored.
|
||||
# If set to $::os_service_default, it will not log to any directory.
|
||||
# Defaults to '/var/log/glance'.
|
||||
#
|
||||
# [*log_file*]
|
||||
# (Optional) File where logs should be stored.
|
||||
# If set to $::os_service_default, it will not log to any file.
|
||||
# Defaults to '/var/log/glance/api.log'.
|
||||
#
|
||||
# [*show_image_direct_url*]
|
||||
# (optional) Expose image location to trusted clients.
|
||||
# Defaults to false
|
||||
#
|
||||
# [*show_multiple_locations*]
|
||||
# (optional) Whether to include the backend image locations in image
|
||||
# properties.
|
||||
# Defaults to false
|
||||
#
|
||||
# [*multistore_config*]
|
||||
# (Optional) Hash of settings for configuring additional glance-api backends.
|
||||
# Defaults to {}
|
||||
|
@ -144,6 +167,11 @@ class tripleo::profile::base::glance::api (
|
|||
$glance_backend = downcase(hiera('glance_backend', 'swift')),
|
||||
$glance_backend_id = 'default_backend',
|
||||
$glance_network = hiera('glance_api_network', undef),
|
||||
$bind_port = 9292,
|
||||
$log_dir = '/var/log/glance',
|
||||
$log_file = '/var/log/glance/api.log',
|
||||
$show_image_direct_url = false,
|
||||
$show_multiple_locations = false,
|
||||
$multistore_config = {},
|
||||
$step = Integer(hiera('step')),
|
||||
$oslomsg_rpc_proto = hiera('oslo_messaging_rpc_scheme', 'rabbit'),
|
||||
|
@ -211,11 +239,17 @@ class tripleo::profile::base::glance::api (
|
|||
include glance
|
||||
include glance::config
|
||||
include glance::healthcheck
|
||||
include glance::api::logging
|
||||
class { 'glance::api::logging':
|
||||
log_dir => $log_dir,
|
||||
log_file => $log_file,
|
||||
}
|
||||
class { 'glance::api':
|
||||
enabled_backends => $enabled_backends,
|
||||
default_backend => $glance_backend_id,
|
||||
sync_db => $sync_db,
|
||||
bind_port => $bind_port,
|
||||
enabled_backends => $enabled_backends,
|
||||
default_backend => $glance_backend_id,
|
||||
show_image_direct_url => $show_image_direct_url,
|
||||
show_multiple_locations => $show_multiple_locations,
|
||||
sync_db => $sync_db,
|
||||
}
|
||||
|
||||
['cinder', 'file', 'rbd', 'swift'].each |String $backend_type| {
|
||||
|
|
Loading…
Reference in New Issue