TCIB: Add cinder-volume extend_start.sh script
Add an extend_start.sh script for the cinder-volume service that recursively chowns /var/lib/cinder to cinder:kolla. This ensures cinder has permission to access the directory, especially in situations where the directory may be owned by root. Just like kolla itself did prior to tripleo's switch to TCIB, the recursive chown is conditional on whether the top level /var/lib/cinder directory isn't already owned by cinder:kolla. This is done so the chown is only run once, which prevents slow service startups when the directory contains a large number of entries. Note: There was an initial fear that a recursive chown could traverse onto any NFS share mounted by cinder. However, the extend_start.sh script runs on container startup, prior to when cinder would create any mounts. Even restarting the cinder-volume container is safe, because NFS shares are automatically unmounted during the container restart. Closes-Bug: #1908750 Change-Id: I2d82c1ca86735d2a8d69b3e28e8cea7acd637f0b
This commit is contained in:
parent
8e57c59eb5
commit
1b45bb8838
|
@ -0,0 +1 @@
|
|||
%kolla ALL=(root) NOPASSWD: /bin/chown -R cinder\:kolla /var/lib/cinder
|
|
@ -0,0 +1,5 @@
|
|||
#!/bin/bash
|
||||
|
||||
if [[ $(stat -c %U:%G /var/lib/cinder) != "cinder:kolla" ]]; then
|
||||
sudo chown -R cinder:kolla /var/lib/cinder
|
||||
fi
|
|
@ -1,7 +1,10 @@
|
|||
tcib_actions:
|
||||
- run: dnf -y install {{ tcib_packages.common | join(' ') }} && dnf clean all && rm -rf /var/cache/dnf
|
||||
- run: mkdir -p /etc/libqb
|
||||
- copy: /usr/share/tripleo-common/container-images/kolla/cinder-volume/extend_start.sh /usr/local/bin/kolla_extend_start
|
||||
- copy: /usr/share/tripleo-common/container-images/kolla/cinder-volume/cinder-volume-sudoers /etc/sudoers.d/cinder-volume-sudoers
|
||||
- run: chmod 755 /usr/local/bin/kolla_extend_start && chmod 440 /etc/sudoers.d/cinder-volume-sudoers && mkdir -p /etc/libqb
|
||||
- run: ln -s /usr/share/openstack-tripleo-common/healthcheck/cinder-volume /openstack/healthcheck && chmod a+rx /openstack/healthcheck
|
||||
tcib_gather_files: '{{ lookup(''fileglob'', ''/usr/share/tripleo-common/container-images/kolla/cinder-volume/*'', wantlist=True) }}'
|
||||
tcib_packages:
|
||||
common:
|
||||
- libqb
|
||||
|
|
Loading…
Reference in New Issue