Fix Swift ring management in container deployments

The ring up- and downloading was never executed if run within a containerized environment. This is due to the fact that this manifest gets executed within step 6(5) only. There is also an ordering issue, which actually tries to create the tarballs before rebalancing. This patch fixes the step conditions and also chains the tarball creation to the rebalance. The check to query rings on all nodes can now be disabled. This is required on containerized environments: the local ring will be modified and rebalanced, but rings on the existing servers are not yet modified. Therefore a recon-check will fail, and needs to be disabled. Closes-Bug: 1694211 Change-Id: I51c5795b9893d797bd73e059910f17a98f04cdbe
2017-05-29 09:56:55 +02:00 · 2017-05-29 09:56:55 +02:00 · 410e05ba63
parent 0a75929ade
commit 410e05ba63
2 changed files with 33 additions and 7 deletions
--- a/manifests/profile/base/swift/ringbuilder.pp
+++ b/manifests/profile/base/swift/ringbuilder.pp
@ -69,6 +69,10 @@
 # [*swift_ring_put_tempurl*]
 # PUT tempurl to upload Swift rings to
 #
+# [*skip_consistency_check*]
+# If set to true, skip the recon check to ensure rings are identical on all
+# nodes. Defaults to false
+#
 class tripleo::profile::base::swift::ringbuilder (
  $replicas,
  $build_ring  = true,
@ -82,9 +86,10 @@ class tripleo::profile::base::swift::ringbuilder (
  $min_part_hours = undef,
  $swift_ring_get_tempurl = hiera('swift_ring_get_tempurl', ''),
  $swift_ring_put_tempurl = hiera('swift_ring_put_tempurl', ''),
+  $skip_consistency_check = false,
 ) {

-  if $step == 2 and $swift_ring_get_tempurl != '' {
+  if $step >= 2 and $swift_ring_get_tempurl != '' {
    exec{'fetch_swift_ring_tarball':
      path    => ['/usr/bin'],
      command => "curl --insecure --silent '${swift_ring_get_tempurl}' -o /tmp/swift-rings.tar.gz",
@ -135,17 +140,30 @@ class tripleo::profile::base::swift::ringbuilder (
    }
  }

-  if $step == 5 and $build_ring and $swift_ring_put_tempurl != '' {
-    exec{'create_swift_ring_tarball':
-      path    => ['/bin', '/usr/bin'],
-      command => 'tar cvzf /tmp/swift-rings.tar.gz /etc/swift/*.builder /etc/swift/*.ring.gz /etc/swift/backups/',
-      unless  => 'swift-recon --md5 | grep -q "doesn\'t match"'
-    } ~>
+  if $step >= 5 and $build_ring and $swift_ring_put_tempurl != '' {
+    if $skip_consistency_check {
+      exec{'create_swift_ring_tarball':
+        path    => ['/bin', '/usr/bin'],
+        command => 'tar cvzf /tmp/swift-rings.tar.gz /etc/swift/*.builder /etc/swift/*.ring.gz /etc/swift/backups/',
+      }
+    } else {
+      exec{'create_swift_ring_tarball':
+        path    => ['/bin', '/usr/bin'],
+        command => 'tar cvzf /tmp/swift-rings.tar.gz /etc/swift/*.builder /etc/swift/*.ring.gz /etc/swift/backups/',
+        unless  => 'swift-recon --md5 | grep -q "doesn\'t match"',
+      }
+    }
    exec{'upload_swift_ring_tarball':
      path        => ['/usr/bin'],
      command     => "curl --insecure --silent -X PUT '${$swift_ring_put_tempurl}' --data-binary @/tmp/swift-rings.tar.gz",
      require     => Exec['create_swift_ring_tarball'],
      refreshonly => true,
    }
+
+    Exec['rebalance_account'] ~> Exec['create_swift_ring_tarball']
+    Exec['rebalance_container'] ~> Exec['create_swift_ring_tarball']
+    Exec['rebalance_object'] ~> Exec['create_swift_ring_tarball']
+
+    Exec['create_swift_ring_tarball'] ~> Exec['upload_swift_ring_tarball']
  }
 }
--- a/releasenotes/notes/swift-container-ring-mgmt-ecf65b9fbae0d297.yaml
+++ b/releasenotes/notes/swift-container-ring-mgmt-ecf65b9fbae0d297.yaml
@ -0,0 +1,8 @@
+---
+fixes:
+  - |
+    Fixes the step conditions in the Swift ring building process and
+    also chains the tarball creation to the rebalance. Adds an option to
+    disable the recon check before uploading modified rings. These fixes
+    are required to properly manage rings when used in containerized
+    environments.