Simplify swift service templates
Change-Id: I8416d17bcca6e1cc387a65fbf2ab9b15ed73cb23
This commit is contained in:
parent
b356d3d1e4
commit
4c9b1ba81a
@ -92,16 +92,12 @@ parameters:
|
|||||||
"origin" header.
|
"origin" header.
|
||||||
|
|
||||||
conditions:
|
conditions:
|
||||||
|
cors_allowed_origin_set:
|
||||||
internal_tls_enabled: {equals: [{get_param: EnableInternalTLS}, true]}
|
not: {equals : [{get_param: SwiftCorsAllowedOrigin}, '']}
|
||||||
swift_encryption_enabled: {equals : [{get_param: SwiftEncryptionEnabled}, true]}
|
swift_workers_set:
|
||||||
ceilometer_pipeline_enabled: {equals : [{get_param: SwiftCeilometerPipelineEnabled}, true]}
|
not: {equals : [{get_param: SwiftWorkers}, '0']}
|
||||||
use_tls_proxy: {equals : [{get_param: EnableInternalTLS}, true]}
|
|
||||||
cors_allowed_origin_unset: {equals : [{get_param: SwiftCorsAllowedOrigin}, '']}
|
|
||||||
swift_workers_zero: {equals : [{get_param: SwiftWorkers}, '0']}
|
|
||||||
|
|
||||||
resources:
|
resources:
|
||||||
|
|
||||||
ContainersCommon:
|
ContainersCommon:
|
||||||
type: ../containers-common.yaml
|
type: ../containers-common.yaml
|
||||||
|
|
||||||
@ -151,12 +147,11 @@ outputs:
|
|||||||
map_merge:
|
map_merge:
|
||||||
- get_attr: [SwiftBase, role_data, config_settings]
|
- get_attr: [SwiftBase, role_data, config_settings]
|
||||||
- get_attr: [TLSProxyBase, role_data, config_settings]
|
- get_attr: [TLSProxyBase, role_data, config_settings]
|
||||||
-
|
- swift::proxy::cors_allow_origin:
|
||||||
if:
|
if:
|
||||||
- cors_allowed_origin_unset
|
- cors_allowed_origin_set
|
||||||
- {}
|
- {get_param: SwiftCorsAllowedOrigin}
|
||||||
- swift::proxy::cors_allow_origin: {get_param: SwiftCorsAllowedOrigin}
|
swift::proxy::authtoken::www_authenticate_uri: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
|
||||||
- swift::proxy::authtoken::www_authenticate_uri: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
|
|
||||||
swift::proxy::authtoken::auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
|
swift::proxy::authtoken::auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
|
||||||
swift::proxy::authtoken::password: {get_param: SwiftPassword}
|
swift::proxy::authtoken::password: {get_param: SwiftPassword}
|
||||||
swift::proxy::authtoken::project_name: 'service'
|
swift::proxy::authtoken::project_name: 'service'
|
||||||
@ -165,22 +160,18 @@ outputs:
|
|||||||
swift::proxy::s3token::auth_uri: {get_param: [EndpointMap, KeystoneV3Internal, uri]}
|
swift::proxy::s3token::auth_uri: {get_param: [EndpointMap, KeystoneV3Internal, uri]}
|
||||||
swift::proxy::node_timeout: {get_param: SwiftProxyNodeTimeout}
|
swift::proxy::node_timeout: {get_param: SwiftProxyNodeTimeout}
|
||||||
swift::proxy::recoverable_node_timeout: {get_param: SwiftProxyRecoverableNodeTimeout}
|
swift::proxy::recoverable_node_timeout: {get_param: SwiftProxyRecoverableNodeTimeout}
|
||||||
-
|
swift::proxy::workers:
|
||||||
if:
|
if:
|
||||||
- swift_workers_zero
|
- swift_workers_set
|
||||||
- {}
|
- {get_param: SwiftWorkers}
|
||||||
- swift::proxy::workers: {get_param: SwiftWorkers}
|
- if:
|
||||||
-
|
- {get_param: SwiftCeilometerPipelineEnabled}
|
||||||
if:
|
- swift::proxy::ceilometer::auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
|
||||||
- ceilometer_pipeline_enabled
|
|
||||||
-
|
|
||||||
swift::proxy::ceilometer::auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
|
|
||||||
swift::proxy::ceilometer::password: {get_param: SwiftPassword}
|
swift::proxy::ceilometer::password: {get_param: SwiftPassword}
|
||||||
swift::proxy::ceilometer::project_name: 'service'
|
swift::proxy::ceilometer::project_name: 'service'
|
||||||
swift::proxy::ceilometer::region_name: {get_param: KeystoneRegion}
|
swift::proxy::ceilometer::region_name: {get_param: KeystoneRegion}
|
||||||
swift::proxy::ceilometer::ignore_projects: {get_param: SwiftCeilometerIgnoreProjects}
|
swift::proxy::ceilometer::ignore_projects: {get_param: SwiftCeilometerIgnoreProjects}
|
||||||
swift::proxy::ceilometer::nonblocking_notify: true
|
swift::proxy::ceilometer::nonblocking_notify: true
|
||||||
- {}
|
|
||||||
- swift::proxy::staticweb::url_base: {get_param: [EndpointMap, SwiftPublic, uri_no_suffix]}
|
- swift::proxy::staticweb::url_base: {get_param: [EndpointMap, SwiftPublic, uri_no_suffix]}
|
||||||
tripleo::profile::base::swift::proxy::ceilometer_enabled: {get_param: SwiftCeilometerPipelineEnabled}
|
tripleo::profile::base::swift::proxy::ceilometer_enabled: {get_param: SwiftCeilometerPipelineEnabled}
|
||||||
swift::proxy::keystone::operator_roles:
|
swift::proxy::keystone::operator_roles:
|
||||||
@ -189,20 +180,17 @@ outputs:
|
|||||||
- ResellerAdmin
|
- ResellerAdmin
|
||||||
swift::proxy::versioned_writes::allow_versioned_writes: true
|
swift::proxy::versioned_writes::allow_versioned_writes: true
|
||||||
- if:
|
- if:
|
||||||
- swift_encryption_enabled
|
- {get_param: SwiftEncryptionEnabled}
|
||||||
-
|
- swift::keymaster::key_id: 'test_id'
|
||||||
swift::keymaster::key_id: 'test_id'
|
|
||||||
swift::keymaster::username: 'swift'
|
swift::keymaster::username: 'swift'
|
||||||
swift::keymaster::password: {get_param: SwiftPassword}
|
swift::keymaster::password: {get_param: SwiftPassword}
|
||||||
swift::keymaster::project_name: 'service'
|
swift::keymaster::project_name: 'service'
|
||||||
swift::keymaster::project_domain_id: 'default'
|
swift::keymaster::project_domain_id: 'default'
|
||||||
swift::keymaster::user_domain_id: 'default'
|
swift::keymaster::user_domain_id: 'default'
|
||||||
swift::keymaster::auth_endpoint: {get_param: [EndpointMap, KeystoneInternal, uri]}
|
swift::keymaster::auth_endpoint: {get_param: [EndpointMap, KeystoneInternal, uri]}
|
||||||
- {}
|
|
||||||
- swift::proxy::pipeline:
|
- swift::proxy::pipeline:
|
||||||
list_concat:
|
list_concat:
|
||||||
-
|
- - 'catch_errors'
|
||||||
- 'catch_errors'
|
|
||||||
- 'gatekeeper'
|
- 'gatekeeper'
|
||||||
- 'healthcheck'
|
- 'healthcheck'
|
||||||
- 'proxy-logging'
|
- 'proxy-logging'
|
||||||
@ -223,20 +211,15 @@ outputs:
|
|||||||
- 'slo'
|
- 'slo'
|
||||||
- 'dlo'
|
- 'dlo'
|
||||||
- 'versioned_writes'
|
- 'versioned_writes'
|
||||||
- if:
|
|
||||||
- ceilometer_pipeline_enabled
|
|
||||||
-
|
|
||||||
- 'ceilometer'
|
|
||||||
- []
|
|
||||||
- if:
|
|
||||||
- swift_encryption_enabled
|
|
||||||
-
|
|
||||||
- 'kms_keymaster'
|
|
||||||
- 'encryption'
|
|
||||||
- []
|
|
||||||
-
|
|
||||||
- 'proxy-logging'
|
- 'proxy-logging'
|
||||||
- 'proxy-server'
|
- 'proxy-server'
|
||||||
|
- if:
|
||||||
|
- {get_param: SwiftCeilometerPipelineEnabled}
|
||||||
|
- - 'ceilometer'
|
||||||
|
- if:
|
||||||
|
- {get_param: SwiftEncryptionEnabled}
|
||||||
|
- - 'kms_keymaster'
|
||||||
|
- 'encryption'
|
||||||
swift::proxy::account_autocreate: true
|
swift::proxy::account_autocreate: true
|
||||||
# NOTE: bind IP is found in hiera replacing the network name with the
|
# NOTE: bind IP is found in hiera replacing the network name with the
|
||||||
# local node IP for the given network; replacement examples
|
# local node IP for the given network; replacement examples
|
||||||
@ -261,7 +244,7 @@ outputs:
|
|||||||
swift::proxy::port: {get_param: [EndpointMap, SwiftInternal, port]}
|
swift::proxy::port: {get_param: [EndpointMap, SwiftInternal, port]}
|
||||||
swift::proxy::proxy_local_net_ip:
|
swift::proxy::proxy_local_net_ip:
|
||||||
if:
|
if:
|
||||||
- use_tls_proxy
|
- {get_param: EnableInternalTLS}
|
||||||
- "%{hiera('localhost_address')}"
|
- "%{hiera('localhost_address')}"
|
||||||
- str_replace:
|
- str_replace:
|
||||||
template:
|
template:
|
||||||
@ -358,7 +341,7 @@ outputs:
|
|||||||
step_4:
|
step_4:
|
||||||
map_merge:
|
map_merge:
|
||||||
- if:
|
- if:
|
||||||
- swift_encryption_enabled
|
- {get_param: SwiftEncryptionEnabled}
|
||||||
- create_swift_secret:
|
- create_swift_secret:
|
||||||
# NOTE: Barbican should be started before creating secrets
|
# NOTE: Barbican should be started before creating secrets
|
||||||
start_order: 0
|
start_order: 0
|
||||||
@ -373,10 +356,7 @@ outputs:
|
|||||||
- /var/lib/container-config-scripts/create_swift_secret.sh:/create_swift_secret.sh:ro
|
- /var/lib/container-config-scripts/create_swift_secret.sh:/create_swift_secret.sh:ro
|
||||||
user: root
|
user: root
|
||||||
command: "/usr/bin/bootstrap_host_exec swift_proxy /create_swift_secret.sh"
|
command: "/usr/bin/bootstrap_host_exec swift_proxy /create_swift_secret.sh"
|
||||||
- {}
|
set_swift_secret:
|
||||||
- if:
|
|
||||||
- swift_encryption_enabled
|
|
||||||
- set_swift_secret:
|
|
||||||
start_order: 1
|
start_order: 1
|
||||||
image: *swift_proxy_image
|
image: *swift_proxy_image
|
||||||
net: host
|
net: host
|
||||||
@ -393,7 +373,6 @@ outputs:
|
|||||||
# NOTE: this should force this container to re-run on each
|
# NOTE: this should force this container to re-run on each
|
||||||
# update (scale-out, etc.)
|
# update (scale-out, etc.)
|
||||||
TRIPLEO_DEPLOY_IDENTIFIER: {get_param: DeployIdentifier}
|
TRIPLEO_DEPLOY_IDENTIFIER: {get_param: DeployIdentifier}
|
||||||
- {}
|
|
||||||
- swift_proxy:
|
- swift_proxy:
|
||||||
image: *swift_proxy_image
|
image: *swift_proxy_image
|
||||||
start_order: 2
|
start_order: 2
|
||||||
@ -414,7 +393,7 @@ outputs:
|
|||||||
environment:
|
environment:
|
||||||
KOLLA_CONFIG_STRATEGY: COPY_ALWAYS
|
KOLLA_CONFIG_STRATEGY: COPY_ALWAYS
|
||||||
- if:
|
- if:
|
||||||
- internal_tls_enabled
|
- {get_param: EnableInternalTLS}
|
||||||
- swift_proxy_tls_proxy:
|
- swift_proxy_tls_proxy:
|
||||||
start_order: 3
|
start_order: 3
|
||||||
image: *swift_proxy_image
|
image: *swift_proxy_image
|
||||||
@ -431,7 +410,6 @@ outputs:
|
|||||||
- /etc/pki/tls/private/httpd:/etc/pki/tls/private/httpd:ro
|
- /etc/pki/tls/private/httpd:/etc/pki/tls/private/httpd:ro
|
||||||
environment:
|
environment:
|
||||||
KOLLA_CONFIG_STRATEGY: COPY_ALWAYS
|
KOLLA_CONFIG_STRATEGY: COPY_ALWAYS
|
||||||
- {}
|
|
||||||
host_prep_tasks:
|
host_prep_tasks:
|
||||||
- name: create persistent directories
|
- name: create persistent directories
|
||||||
file:
|
file:
|
||||||
|
@ -76,12 +76,10 @@ parameters:
|
|||||||
conditions:
|
conditions:
|
||||||
swift_use_local_dir:
|
swift_use_local_dir:
|
||||||
and:
|
and:
|
||||||
- equals:
|
|
||||||
- get_param: SwiftUseLocalDir
|
- get_param: SwiftUseLocalDir
|
||||||
- true
|
- equals:
|
||||||
- equals:
|
- get_param: SwiftRawDisks
|
||||||
- get_param: SwiftRawDisks
|
- {}
|
||||||
- {}
|
|
||||||
|
|
||||||
outputs:
|
outputs:
|
||||||
role_data:
|
role_data:
|
||||||
@ -99,8 +97,7 @@ outputs:
|
|||||||
tripleo::profile::base::swift::ringbuilder::min_part_hours: {get_param: SwiftMinPartHours}
|
tripleo::profile::base::swift::ringbuilder::min_part_hours: {get_param: SwiftMinPartHours}
|
||||||
tripleo::profile::base::swift::ringbuilder::raw_disk_prefix: 'r1z1-'
|
tripleo::profile::base::swift::ringbuilder::raw_disk_prefix: 'r1z1-'
|
||||||
- if:
|
- if:
|
||||||
- {get_param: SwiftUseNodeDataLookup}
|
- not: {get_param: SwiftUseNodeDataLookup}
|
||||||
- {}
|
|
||||||
- tripleo::profile::base::swift::ringbuilder::raw_disks:
|
- tripleo::profile::base::swift::ringbuilder::raw_disks:
|
||||||
list_concat:
|
list_concat:
|
||||||
- if:
|
- if:
|
||||||
|
@ -109,23 +109,22 @@ parameter_groups:
|
|||||||
|
|
||||||
conditions:
|
conditions:
|
||||||
single_replica_mode: {equals: [{get_param: SwiftReplicas}, 1]}
|
single_replica_mode: {equals: [{get_param: SwiftReplicas}, 1]}
|
||||||
swift_container_sharder_enabled: {equals : [{get_param: SwiftContainerSharderEnabled}, true]}
|
|
||||||
swift_mount_check:
|
swift_mount_check:
|
||||||
or:
|
or:
|
||||||
- equals:
|
- {get_param: SwiftMountCheck}
|
||||||
- get_param: SwiftMountCheck
|
|
||||||
- true
|
|
||||||
- not:
|
- not:
|
||||||
equals:
|
equals:
|
||||||
- get_param: SwiftRawDisks
|
- get_param: SwiftRawDisks
|
||||||
- {}
|
- {}
|
||||||
account_workers_zero: {equals : [{get_param: SwiftAccountWorkers}, '0']}
|
account_workers_set:
|
||||||
container_workers_zero: {equals : [{get_param: SwiftContainerWorkers}, '0']}
|
not: {equals : [{get_param: SwiftAccountWorkers}, '0']}
|
||||||
object_workers_zero: {equals : [{get_param: SwiftObjectWorkers}, '0']}
|
container_workers_set:
|
||||||
|
not: {equals : [{get_param: SwiftContainerWorkers}, '0']}
|
||||||
|
object_workers_set:
|
||||||
|
not: {equals : [{get_param: SwiftObjectWorkers}, '0']}
|
||||||
use_node_data_lookup: {equals : [{get_param: SwiftUseNodeDataLookup}, true]}
|
use_node_data_lookup: {equals : [{get_param: SwiftUseNodeDataLookup}, true]}
|
||||||
|
|
||||||
resources:
|
resources:
|
||||||
|
|
||||||
ContainersCommon:
|
ContainersCommon:
|
||||||
type: ../containers-common.yaml
|
type: ../containers-common.yaml
|
||||||
|
|
||||||
@ -174,12 +173,11 @@ outputs:
|
|||||||
- healthcheck
|
- healthcheck
|
||||||
- recon
|
- recon
|
||||||
- account-server
|
- account-server
|
||||||
-
|
swift::storage::disks::args:
|
||||||
if:
|
if:
|
||||||
- use_node_data_lookup
|
- {get_param: SwiftUseNodeDataLookup}
|
||||||
- {}
|
- {get_param: SwiftRawDisks}
|
||||||
- swift::storage::disks::args: {get_param: SwiftRawDisks}
|
swift::storage::all::storage_local_net_ip:
|
||||||
- swift::storage::all::storage_local_net_ip:
|
|
||||||
str_replace:
|
str_replace:
|
||||||
template:
|
template:
|
||||||
"%{hiera('$NETWORK')}"
|
"%{hiera('$NETWORK')}"
|
||||||
@ -187,21 +185,18 @@ outputs:
|
|||||||
$NETWORK: {get_param: [ServiceNetMap, SwiftStorageNetwork]}
|
$NETWORK: {get_param: [ServiceNetMap, SwiftStorageNetwork]}
|
||||||
rsync::server::pid_file: 'UNSET'
|
rsync::server::pid_file: 'UNSET'
|
||||||
swift::objectexpirer::cache_tls_enabled: {get_param: MemcachedTLS}
|
swift::objectexpirer::cache_tls_enabled: {get_param: MemcachedTLS}
|
||||||
-
|
swift::storage::all::account_server_workers:
|
||||||
if:
|
if:
|
||||||
- account_workers_zero
|
- account_workers_set
|
||||||
- {}
|
- {get_param: SwiftAccountWorkers}
|
||||||
- swift::storage::all::account_server_workers: {get_param: SwiftAccountWorkers}
|
swift::storage::all::container_server_workers:
|
||||||
-
|
if:
|
||||||
if:
|
- container_workers_set
|
||||||
- container_workers_zero
|
- {get_param: SwiftContainerWorkers}
|
||||||
- {}
|
swift::storage::all::object_server_workers:
|
||||||
- swift::storage::all::container_server_workers: {get_param: SwiftContainerWorkers}
|
if:
|
||||||
-
|
- object_workers_set
|
||||||
if:
|
- {get_param: SwiftObjectWorkers}
|
||||||
- object_workers_zero
|
|
||||||
- {}
|
|
||||||
- swift::storage::all::object_server_workers: {get_param: SwiftObjectWorkers}
|
|
||||||
service_config_settings: {}
|
service_config_settings: {}
|
||||||
# BEGIN DOCKER SETTINGS
|
# BEGIN DOCKER SETTINGS
|
||||||
puppet_config:
|
puppet_config:
|
||||||
@ -343,10 +338,8 @@ outputs:
|
|||||||
step_4:
|
step_4:
|
||||||
map_merge:
|
map_merge:
|
||||||
- if:
|
- if:
|
||||||
- single_replica_mode
|
- not: single_replica_mode
|
||||||
- {}
|
- swift_account_auditor:
|
||||||
-
|
|
||||||
swift_account_auditor:
|
|
||||||
image: *swift_account_image
|
image: *swift_account_image
|
||||||
net: host
|
net: host
|
||||||
user: swift
|
user: swift
|
||||||
@ -591,9 +584,8 @@ outputs:
|
|||||||
# /var/cache/swift not needed in this container
|
# /var/cache/swift not needed in this container
|
||||||
environment: *kolla_env
|
environment: *kolla_env
|
||||||
- if:
|
- if:
|
||||||
- swift_container_sharder_enabled
|
- {get_param: SwiftContainerSharderEnabled}
|
||||||
-
|
- swift_container_sharder:
|
||||||
swift_container_sharder:
|
|
||||||
image: *swift_container_image
|
image: *swift_container_image
|
||||||
net: host
|
net: host
|
||||||
user: swift
|
user: swift
|
||||||
@ -601,14 +593,12 @@ outputs:
|
|||||||
volumes:
|
volumes:
|
||||||
list_concat:
|
list_concat:
|
||||||
- {get_attr: [ContainersCommon, volumes]}
|
- {get_attr: [ContainersCommon, volumes]}
|
||||||
-
|
- - /var/lib/kolla/config_files/swift_container_sharder.json:/var/lib/kolla/config_files/config.json:ro
|
||||||
- /var/lib/kolla/config_files/swift_container_sharder.json:/var/lib/kolla/config_files/config.json:ro
|
|
||||||
- /var/lib/config-data/puppet-generated/swift:/var/lib/kolla/config_files/src:ro
|
- /var/lib/config-data/puppet-generated/swift:/var/lib/kolla/config_files/src:ro
|
||||||
- /srv/node:/srv/node
|
- /srv/node:/srv/node
|
||||||
- /dev:/dev
|
- /dev:/dev
|
||||||
- /var/cache/swift:/var/cache/swift
|
- /var/cache/swift:/var/cache/swift
|
||||||
- /var/log/containers/swift:/var/log/swift:z
|
- /var/log/containers/swift:/var/log/swift:z
|
||||||
- {}
|
|
||||||
|
|
||||||
host_prep_tasks:
|
host_prep_tasks:
|
||||||
# NOTE: we can't set fcontext for swift locations since they are
|
# NOTE: we can't set fcontext for swift locations since they are
|
||||||
|
Loading…
x
Reference in New Issue
Block a user