Simplify swift service templates

Change-Id: I8416d17bcca6e1cc387a65fbf2ab9b15ed73cb23
This commit is contained in:
ramishra 2021-05-22 22:23:11 +05:30
parent b356d3d1e4
commit 4c9b1ba81a
3 changed files with 63 additions and 98 deletions

@ -92,16 +92,12 @@ parameters:
"origin" header.
conditions:
internal_tls_enabled: {equals: [{get_param: EnableInternalTLS}, true]}
swift_encryption_enabled: {equals : [{get_param: SwiftEncryptionEnabled}, true]}
ceilometer_pipeline_enabled: {equals : [{get_param: SwiftCeilometerPipelineEnabled}, true]}
use_tls_proxy: {equals : [{get_param: EnableInternalTLS}, true]}
cors_allowed_origin_unset: {equals : [{get_param: SwiftCorsAllowedOrigin}, '']}
swift_workers_zero: {equals : [{get_param: SwiftWorkers}, '0']}
cors_allowed_origin_set:
not: {equals : [{get_param: SwiftCorsAllowedOrigin}, '']}
swift_workers_set:
not: {equals : [{get_param: SwiftWorkers}, '0']}
resources:
ContainersCommon:
type: ../containers-common.yaml
@ -151,12 +147,11 @@ outputs:
map_merge:
- get_attr: [SwiftBase, role_data, config_settings]
- get_attr: [TLSProxyBase, role_data, config_settings]
-
if:
- cors_allowed_origin_unset
- {}
- swift::proxy::cors_allow_origin: {get_param: SwiftCorsAllowedOrigin}
- swift::proxy::authtoken::www_authenticate_uri: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
- swift::proxy::cors_allow_origin:
if:
- cors_allowed_origin_set
- {get_param: SwiftCorsAllowedOrigin}
swift::proxy::authtoken::www_authenticate_uri: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
swift::proxy::authtoken::auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
swift::proxy::authtoken::password: {get_param: SwiftPassword}
swift::proxy::authtoken::project_name: 'service'
@ -165,22 +160,18 @@ outputs:
swift::proxy::s3token::auth_uri: {get_param: [EndpointMap, KeystoneV3Internal, uri]}
swift::proxy::node_timeout: {get_param: SwiftProxyNodeTimeout}
swift::proxy::recoverable_node_timeout: {get_param: SwiftProxyRecoverableNodeTimeout}
-
if:
- swift_workers_zero
- {}
- swift::proxy::workers: {get_param: SwiftWorkers}
-
if:
- ceilometer_pipeline_enabled
-
swift::proxy::ceilometer::auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
swift::proxy::workers:
if:
- swift_workers_set
- {get_param: SwiftWorkers}
- if:
- {get_param: SwiftCeilometerPipelineEnabled}
- swift::proxy::ceilometer::auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
swift::proxy::ceilometer::password: {get_param: SwiftPassword}
swift::proxy::ceilometer::project_name: 'service'
swift::proxy::ceilometer::region_name: {get_param: KeystoneRegion}
swift::proxy::ceilometer::ignore_projects: {get_param: SwiftCeilometerIgnoreProjects}
swift::proxy::ceilometer::nonblocking_notify: true
- {}
- swift::proxy::staticweb::url_base: {get_param: [EndpointMap, SwiftPublic, uri_no_suffix]}
tripleo::profile::base::swift::proxy::ceilometer_enabled: {get_param: SwiftCeilometerPipelineEnabled}
swift::proxy::keystone::operator_roles:
@ -189,20 +180,17 @@ outputs:
- ResellerAdmin
swift::proxy::versioned_writes::allow_versioned_writes: true
- if:
- swift_encryption_enabled
-
swift::keymaster::key_id: 'test_id'
- {get_param: SwiftEncryptionEnabled}
- swift::keymaster::key_id: 'test_id'
swift::keymaster::username: 'swift'
swift::keymaster::password: {get_param: SwiftPassword}
swift::keymaster::project_name: 'service'
swift::keymaster::project_domain_id: 'default'
swift::keymaster::user_domain_id: 'default'
swift::keymaster::auth_endpoint: {get_param: [EndpointMap, KeystoneInternal, uri]}
- {}
- swift::proxy::pipeline:
list_concat:
-
- 'catch_errors'
- - 'catch_errors'
- 'gatekeeper'
- 'healthcheck'
- 'proxy-logging'
@ -223,20 +211,15 @@ outputs:
- 'slo'
- 'dlo'
- 'versioned_writes'
- if:
- ceilometer_pipeline_enabled
-
- 'ceilometer'
- []
- if:
- swift_encryption_enabled
-
- 'kms_keymaster'
- 'encryption'
- []
-
- 'proxy-logging'
- 'proxy-server'
- if:
- {get_param: SwiftCeilometerPipelineEnabled}
- - 'ceilometer'
- if:
- {get_param: SwiftEncryptionEnabled}
- - 'kms_keymaster'
- 'encryption'
swift::proxy::account_autocreate: true
# NOTE: bind IP is found in hiera replacing the network name with the
# local node IP for the given network; replacement examples
@ -261,7 +244,7 @@ outputs:
swift::proxy::port: {get_param: [EndpointMap, SwiftInternal, port]}
swift::proxy::proxy_local_net_ip:
if:
- use_tls_proxy
- {get_param: EnableInternalTLS}
- "%{hiera('localhost_address')}"
- str_replace:
template:
@ -358,7 +341,7 @@ outputs:
step_4:
map_merge:
- if:
- swift_encryption_enabled
- {get_param: SwiftEncryptionEnabled}
- create_swift_secret:
# NOTE: Barbican should be started before creating secrets
start_order: 0
@ -373,10 +356,7 @@ outputs:
- /var/lib/container-config-scripts/create_swift_secret.sh:/create_swift_secret.sh:ro
user: root
command: "/usr/bin/bootstrap_host_exec swift_proxy /create_swift_secret.sh"
- {}
- if:
- swift_encryption_enabled
- set_swift_secret:
set_swift_secret:
start_order: 1
image: *swift_proxy_image
net: host
@ -393,7 +373,6 @@ outputs:
# NOTE: this should force this container to re-run on each
# update (scale-out, etc.)
TRIPLEO_DEPLOY_IDENTIFIER: {get_param: DeployIdentifier}
- {}
- swift_proxy:
image: *swift_proxy_image
start_order: 2
@ -414,7 +393,7 @@ outputs:
environment:
KOLLA_CONFIG_STRATEGY: COPY_ALWAYS
- if:
- internal_tls_enabled
- {get_param: EnableInternalTLS}
- swift_proxy_tls_proxy:
start_order: 3
image: *swift_proxy_image
@ -431,7 +410,6 @@ outputs:
- /etc/pki/tls/private/httpd:/etc/pki/tls/private/httpd:ro
environment:
KOLLA_CONFIG_STRATEGY: COPY_ALWAYS
- {}
host_prep_tasks:
- name: create persistent directories
file:

@ -76,12 +76,10 @@ parameters:
conditions:
swift_use_local_dir:
and:
- equals:
- get_param: SwiftUseLocalDir
- true
- equals:
- get_param: SwiftRawDisks
- {}
- equals:
- get_param: SwiftRawDisks
- {}
outputs:
role_data:
@ -99,8 +97,7 @@ outputs:
tripleo::profile::base::swift::ringbuilder::min_part_hours: {get_param: SwiftMinPartHours}
tripleo::profile::base::swift::ringbuilder::raw_disk_prefix: 'r1z1-'
- if:
- {get_param: SwiftUseNodeDataLookup}
- {}
- not: {get_param: SwiftUseNodeDataLookup}
- tripleo::profile::base::swift::ringbuilder::raw_disks:
list_concat:
- if:

@ -109,23 +109,22 @@ parameter_groups:
conditions:
single_replica_mode: {equals: [{get_param: SwiftReplicas}, 1]}
swift_container_sharder_enabled: {equals : [{get_param: SwiftContainerSharderEnabled}, true]}
swift_mount_check:
or:
- equals:
- get_param: SwiftMountCheck
- true
- {get_param: SwiftMountCheck}
- not:
equals:
- get_param: SwiftRawDisks
- {}
account_workers_zero: {equals : [{get_param: SwiftAccountWorkers}, '0']}
container_workers_zero: {equals : [{get_param: SwiftContainerWorkers}, '0']}
object_workers_zero: {equals : [{get_param: SwiftObjectWorkers}, '0']}
account_workers_set:
not: {equals : [{get_param: SwiftAccountWorkers}, '0']}
container_workers_set:
not: {equals : [{get_param: SwiftContainerWorkers}, '0']}
object_workers_set:
not: {equals : [{get_param: SwiftObjectWorkers}, '0']}
use_node_data_lookup: {equals : [{get_param: SwiftUseNodeDataLookup}, true]}
resources:
ContainersCommon:
type: ../containers-common.yaml
@ -174,12 +173,11 @@ outputs:
- healthcheck
- recon
- account-server
-
if:
- use_node_data_lookup
- {}
- swift::storage::disks::args: {get_param: SwiftRawDisks}
- swift::storage::all::storage_local_net_ip:
swift::storage::disks::args:
if:
- {get_param: SwiftUseNodeDataLookup}
- {get_param: SwiftRawDisks}
swift::storage::all::storage_local_net_ip:
str_replace:
template:
"%{hiera('$NETWORK')}"
@ -187,21 +185,18 @@ outputs:
$NETWORK: {get_param: [ServiceNetMap, SwiftStorageNetwork]}
rsync::server::pid_file: 'UNSET'
swift::objectexpirer::cache_tls_enabled: {get_param: MemcachedTLS}
-
if:
- account_workers_zero
- {}
- swift::storage::all::account_server_workers: {get_param: SwiftAccountWorkers}
-
if:
- container_workers_zero
- {}
- swift::storage::all::container_server_workers: {get_param: SwiftContainerWorkers}
-
if:
- object_workers_zero
- {}
- swift::storage::all::object_server_workers: {get_param: SwiftObjectWorkers}
swift::storage::all::account_server_workers:
if:
- account_workers_set
- {get_param: SwiftAccountWorkers}
swift::storage::all::container_server_workers:
if:
- container_workers_set
- {get_param: SwiftContainerWorkers}
swift::storage::all::object_server_workers:
if:
- object_workers_set
- {get_param: SwiftObjectWorkers}
service_config_settings: {}
# BEGIN DOCKER SETTINGS
puppet_config:
@ -343,10 +338,8 @@ outputs:
step_4:
map_merge:
- if:
- single_replica_mode
- {}
-
swift_account_auditor:
- not: single_replica_mode
- swift_account_auditor:
image: *swift_account_image
net: host
user: swift
@ -591,9 +584,8 @@ outputs:
# /var/cache/swift not needed in this container
environment: *kolla_env
- if:
- swift_container_sharder_enabled
-
swift_container_sharder:
- {get_param: SwiftContainerSharderEnabled}
- swift_container_sharder:
image: *swift_container_image
net: host
user: swift
@ -601,14 +593,12 @@ outputs:
volumes:
list_concat:
- {get_attr: [ContainersCommon, volumes]}
-
- /var/lib/kolla/config_files/swift_container_sharder.json:/var/lib/kolla/config_files/config.json:ro
- - /var/lib/kolla/config_files/swift_container_sharder.json:/var/lib/kolla/config_files/config.json:ro
- /var/lib/config-data/puppet-generated/swift:/var/lib/kolla/config_files/src:ro
- /srv/node:/srv/node
- /dev:/dev
- /var/cache/swift:/var/cache/swift
- /var/log/containers/swift:/var/log/swift:z
- {}
host_prep_tasks:
# NOTE: we can't set fcontext for swift locations since they are