Simplify swift service templates
Change-Id: I8416d17bcca6e1cc387a65fbf2ab9b15ed73cb23
This commit is contained in:
parent
b356d3d1e4
commit
4c9b1ba81a
@ -92,16 +92,12 @@ parameters:
|
||||
"origin" header.
|
||||
|
||||
conditions:
|
||||
|
||||
internal_tls_enabled: {equals: [{get_param: EnableInternalTLS}, true]}
|
||||
swift_encryption_enabled: {equals : [{get_param: SwiftEncryptionEnabled}, true]}
|
||||
ceilometer_pipeline_enabled: {equals : [{get_param: SwiftCeilometerPipelineEnabled}, true]}
|
||||
use_tls_proxy: {equals : [{get_param: EnableInternalTLS}, true]}
|
||||
cors_allowed_origin_unset: {equals : [{get_param: SwiftCorsAllowedOrigin}, '']}
|
||||
swift_workers_zero: {equals : [{get_param: SwiftWorkers}, '0']}
|
||||
cors_allowed_origin_set:
|
||||
not: {equals : [{get_param: SwiftCorsAllowedOrigin}, '']}
|
||||
swift_workers_set:
|
||||
not: {equals : [{get_param: SwiftWorkers}, '0']}
|
||||
|
||||
resources:
|
||||
|
||||
ContainersCommon:
|
||||
type: ../containers-common.yaml
|
||||
|
||||
@ -151,12 +147,11 @@ outputs:
|
||||
map_merge:
|
||||
- get_attr: [SwiftBase, role_data, config_settings]
|
||||
- get_attr: [TLSProxyBase, role_data, config_settings]
|
||||
-
|
||||
if:
|
||||
- cors_allowed_origin_unset
|
||||
- {}
|
||||
- swift::proxy::cors_allow_origin: {get_param: SwiftCorsAllowedOrigin}
|
||||
- swift::proxy::authtoken::www_authenticate_uri: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
|
||||
- swift::proxy::cors_allow_origin:
|
||||
if:
|
||||
- cors_allowed_origin_set
|
||||
- {get_param: SwiftCorsAllowedOrigin}
|
||||
swift::proxy::authtoken::www_authenticate_uri: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
|
||||
swift::proxy::authtoken::auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
|
||||
swift::proxy::authtoken::password: {get_param: SwiftPassword}
|
||||
swift::proxy::authtoken::project_name: 'service'
|
||||
@ -165,22 +160,18 @@ outputs:
|
||||
swift::proxy::s3token::auth_uri: {get_param: [EndpointMap, KeystoneV3Internal, uri]}
|
||||
swift::proxy::node_timeout: {get_param: SwiftProxyNodeTimeout}
|
||||
swift::proxy::recoverable_node_timeout: {get_param: SwiftProxyRecoverableNodeTimeout}
|
||||
-
|
||||
if:
|
||||
- swift_workers_zero
|
||||
- {}
|
||||
- swift::proxy::workers: {get_param: SwiftWorkers}
|
||||
-
|
||||
if:
|
||||
- ceilometer_pipeline_enabled
|
||||
-
|
||||
swift::proxy::ceilometer::auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
|
||||
swift::proxy::workers:
|
||||
if:
|
||||
- swift_workers_set
|
||||
- {get_param: SwiftWorkers}
|
||||
- if:
|
||||
- {get_param: SwiftCeilometerPipelineEnabled}
|
||||
- swift::proxy::ceilometer::auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
|
||||
swift::proxy::ceilometer::password: {get_param: SwiftPassword}
|
||||
swift::proxy::ceilometer::project_name: 'service'
|
||||
swift::proxy::ceilometer::region_name: {get_param: KeystoneRegion}
|
||||
swift::proxy::ceilometer::ignore_projects: {get_param: SwiftCeilometerIgnoreProjects}
|
||||
swift::proxy::ceilometer::nonblocking_notify: true
|
||||
- {}
|
||||
- swift::proxy::staticweb::url_base: {get_param: [EndpointMap, SwiftPublic, uri_no_suffix]}
|
||||
tripleo::profile::base::swift::proxy::ceilometer_enabled: {get_param: SwiftCeilometerPipelineEnabled}
|
||||
swift::proxy::keystone::operator_roles:
|
||||
@ -189,20 +180,17 @@ outputs:
|
||||
- ResellerAdmin
|
||||
swift::proxy::versioned_writes::allow_versioned_writes: true
|
||||
- if:
|
||||
- swift_encryption_enabled
|
||||
-
|
||||
swift::keymaster::key_id: 'test_id'
|
||||
- {get_param: SwiftEncryptionEnabled}
|
||||
- swift::keymaster::key_id: 'test_id'
|
||||
swift::keymaster::username: 'swift'
|
||||
swift::keymaster::password: {get_param: SwiftPassword}
|
||||
swift::keymaster::project_name: 'service'
|
||||
swift::keymaster::project_domain_id: 'default'
|
||||
swift::keymaster::user_domain_id: 'default'
|
||||
swift::keymaster::auth_endpoint: {get_param: [EndpointMap, KeystoneInternal, uri]}
|
||||
- {}
|
||||
- swift::proxy::pipeline:
|
||||
list_concat:
|
||||
-
|
||||
- 'catch_errors'
|
||||
- - 'catch_errors'
|
||||
- 'gatekeeper'
|
||||
- 'healthcheck'
|
||||
- 'proxy-logging'
|
||||
@ -223,20 +211,15 @@ outputs:
|
||||
- 'slo'
|
||||
- 'dlo'
|
||||
- 'versioned_writes'
|
||||
- if:
|
||||
- ceilometer_pipeline_enabled
|
||||
-
|
||||
- 'ceilometer'
|
||||
- []
|
||||
- if:
|
||||
- swift_encryption_enabled
|
||||
-
|
||||
- 'kms_keymaster'
|
||||
- 'encryption'
|
||||
- []
|
||||
-
|
||||
- 'proxy-logging'
|
||||
- 'proxy-server'
|
||||
- if:
|
||||
- {get_param: SwiftCeilometerPipelineEnabled}
|
||||
- - 'ceilometer'
|
||||
- if:
|
||||
- {get_param: SwiftEncryptionEnabled}
|
||||
- - 'kms_keymaster'
|
||||
- 'encryption'
|
||||
swift::proxy::account_autocreate: true
|
||||
# NOTE: bind IP is found in hiera replacing the network name with the
|
||||
# local node IP for the given network; replacement examples
|
||||
@ -261,7 +244,7 @@ outputs:
|
||||
swift::proxy::port: {get_param: [EndpointMap, SwiftInternal, port]}
|
||||
swift::proxy::proxy_local_net_ip:
|
||||
if:
|
||||
- use_tls_proxy
|
||||
- {get_param: EnableInternalTLS}
|
||||
- "%{hiera('localhost_address')}"
|
||||
- str_replace:
|
||||
template:
|
||||
@ -358,7 +341,7 @@ outputs:
|
||||
step_4:
|
||||
map_merge:
|
||||
- if:
|
||||
- swift_encryption_enabled
|
||||
- {get_param: SwiftEncryptionEnabled}
|
||||
- create_swift_secret:
|
||||
# NOTE: Barbican should be started before creating secrets
|
||||
start_order: 0
|
||||
@ -373,10 +356,7 @@ outputs:
|
||||
- /var/lib/container-config-scripts/create_swift_secret.sh:/create_swift_secret.sh:ro
|
||||
user: root
|
||||
command: "/usr/bin/bootstrap_host_exec swift_proxy /create_swift_secret.sh"
|
||||
- {}
|
||||
- if:
|
||||
- swift_encryption_enabled
|
||||
- set_swift_secret:
|
||||
set_swift_secret:
|
||||
start_order: 1
|
||||
image: *swift_proxy_image
|
||||
net: host
|
||||
@ -393,7 +373,6 @@ outputs:
|
||||
# NOTE: this should force this container to re-run on each
|
||||
# update (scale-out, etc.)
|
||||
TRIPLEO_DEPLOY_IDENTIFIER: {get_param: DeployIdentifier}
|
||||
- {}
|
||||
- swift_proxy:
|
||||
image: *swift_proxy_image
|
||||
start_order: 2
|
||||
@ -414,7 +393,7 @@ outputs:
|
||||
environment:
|
||||
KOLLA_CONFIG_STRATEGY: COPY_ALWAYS
|
||||
- if:
|
||||
- internal_tls_enabled
|
||||
- {get_param: EnableInternalTLS}
|
||||
- swift_proxy_tls_proxy:
|
||||
start_order: 3
|
||||
image: *swift_proxy_image
|
||||
@ -431,7 +410,6 @@ outputs:
|
||||
- /etc/pki/tls/private/httpd:/etc/pki/tls/private/httpd:ro
|
||||
environment:
|
||||
KOLLA_CONFIG_STRATEGY: COPY_ALWAYS
|
||||
- {}
|
||||
host_prep_tasks:
|
||||
- name: create persistent directories
|
||||
file:
|
||||
|
@ -76,12 +76,10 @@ parameters:
|
||||
conditions:
|
||||
swift_use_local_dir:
|
||||
and:
|
||||
- equals:
|
||||
- get_param: SwiftUseLocalDir
|
||||
- true
|
||||
- equals:
|
||||
- get_param: SwiftRawDisks
|
||||
- {}
|
||||
- equals:
|
||||
- get_param: SwiftRawDisks
|
||||
- {}
|
||||
|
||||
outputs:
|
||||
role_data:
|
||||
@ -99,8 +97,7 @@ outputs:
|
||||
tripleo::profile::base::swift::ringbuilder::min_part_hours: {get_param: SwiftMinPartHours}
|
||||
tripleo::profile::base::swift::ringbuilder::raw_disk_prefix: 'r1z1-'
|
||||
- if:
|
||||
- {get_param: SwiftUseNodeDataLookup}
|
||||
- {}
|
||||
- not: {get_param: SwiftUseNodeDataLookup}
|
||||
- tripleo::profile::base::swift::ringbuilder::raw_disks:
|
||||
list_concat:
|
||||
- if:
|
||||
|
@ -109,23 +109,22 @@ parameter_groups:
|
||||
|
||||
conditions:
|
||||
single_replica_mode: {equals: [{get_param: SwiftReplicas}, 1]}
|
||||
swift_container_sharder_enabled: {equals : [{get_param: SwiftContainerSharderEnabled}, true]}
|
||||
swift_mount_check:
|
||||
or:
|
||||
- equals:
|
||||
- get_param: SwiftMountCheck
|
||||
- true
|
||||
- {get_param: SwiftMountCheck}
|
||||
- not:
|
||||
equals:
|
||||
- get_param: SwiftRawDisks
|
||||
- {}
|
||||
account_workers_zero: {equals : [{get_param: SwiftAccountWorkers}, '0']}
|
||||
container_workers_zero: {equals : [{get_param: SwiftContainerWorkers}, '0']}
|
||||
object_workers_zero: {equals : [{get_param: SwiftObjectWorkers}, '0']}
|
||||
account_workers_set:
|
||||
not: {equals : [{get_param: SwiftAccountWorkers}, '0']}
|
||||
container_workers_set:
|
||||
not: {equals : [{get_param: SwiftContainerWorkers}, '0']}
|
||||
object_workers_set:
|
||||
not: {equals : [{get_param: SwiftObjectWorkers}, '0']}
|
||||
use_node_data_lookup: {equals : [{get_param: SwiftUseNodeDataLookup}, true]}
|
||||
|
||||
resources:
|
||||
|
||||
ContainersCommon:
|
||||
type: ../containers-common.yaml
|
||||
|
||||
@ -174,12 +173,11 @@ outputs:
|
||||
- healthcheck
|
||||
- recon
|
||||
- account-server
|
||||
-
|
||||
if:
|
||||
- use_node_data_lookup
|
||||
- {}
|
||||
- swift::storage::disks::args: {get_param: SwiftRawDisks}
|
||||
- swift::storage::all::storage_local_net_ip:
|
||||
swift::storage::disks::args:
|
||||
if:
|
||||
- {get_param: SwiftUseNodeDataLookup}
|
||||
- {get_param: SwiftRawDisks}
|
||||
swift::storage::all::storage_local_net_ip:
|
||||
str_replace:
|
||||
template:
|
||||
"%{hiera('$NETWORK')}"
|
||||
@ -187,21 +185,18 @@ outputs:
|
||||
$NETWORK: {get_param: [ServiceNetMap, SwiftStorageNetwork]}
|
||||
rsync::server::pid_file: 'UNSET'
|
||||
swift::objectexpirer::cache_tls_enabled: {get_param: MemcachedTLS}
|
||||
-
|
||||
if:
|
||||
- account_workers_zero
|
||||
- {}
|
||||
- swift::storage::all::account_server_workers: {get_param: SwiftAccountWorkers}
|
||||
-
|
||||
if:
|
||||
- container_workers_zero
|
||||
- {}
|
||||
- swift::storage::all::container_server_workers: {get_param: SwiftContainerWorkers}
|
||||
-
|
||||
if:
|
||||
- object_workers_zero
|
||||
- {}
|
||||
- swift::storage::all::object_server_workers: {get_param: SwiftObjectWorkers}
|
||||
swift::storage::all::account_server_workers:
|
||||
if:
|
||||
- account_workers_set
|
||||
- {get_param: SwiftAccountWorkers}
|
||||
swift::storage::all::container_server_workers:
|
||||
if:
|
||||
- container_workers_set
|
||||
- {get_param: SwiftContainerWorkers}
|
||||
swift::storage::all::object_server_workers:
|
||||
if:
|
||||
- object_workers_set
|
||||
- {get_param: SwiftObjectWorkers}
|
||||
service_config_settings: {}
|
||||
# BEGIN DOCKER SETTINGS
|
||||
puppet_config:
|
||||
@ -343,10 +338,8 @@ outputs:
|
||||
step_4:
|
||||
map_merge:
|
||||
- if:
|
||||
- single_replica_mode
|
||||
- {}
|
||||
-
|
||||
swift_account_auditor:
|
||||
- not: single_replica_mode
|
||||
- swift_account_auditor:
|
||||
image: *swift_account_image
|
||||
net: host
|
||||
user: swift
|
||||
@ -591,9 +584,8 @@ outputs:
|
||||
# /var/cache/swift not needed in this container
|
||||
environment: *kolla_env
|
||||
- if:
|
||||
- swift_container_sharder_enabled
|
||||
-
|
||||
swift_container_sharder:
|
||||
- {get_param: SwiftContainerSharderEnabled}
|
||||
- swift_container_sharder:
|
||||
image: *swift_container_image
|
||||
net: host
|
||||
user: swift
|
||||
@ -601,14 +593,12 @@ outputs:
|
||||
volumes:
|
||||
list_concat:
|
||||
- {get_attr: [ContainersCommon, volumes]}
|
||||
-
|
||||
- /var/lib/kolla/config_files/swift_container_sharder.json:/var/lib/kolla/config_files/config.json:ro
|
||||
- - /var/lib/kolla/config_files/swift_container_sharder.json:/var/lib/kolla/config_files/config.json:ro
|
||||
- /var/lib/config-data/puppet-generated/swift:/var/lib/kolla/config_files/src:ro
|
||||
- /srv/node:/srv/node
|
||||
- /dev:/dev
|
||||
- /var/cache/swift:/var/cache/swift
|
||||
- /var/log/containers/swift:/var/log/swift:z
|
||||
- {}
|
||||
|
||||
host_prep_tasks:
|
||||
# NOTE: we can't set fcontext for swift locations since they are
|
||||
|
Loading…
x
Reference in New Issue
Block a user