Unify cinder's volume and backup kolla_config settings
Define a common set of kolla config_files and permissions for use by
cinder's volume and backup services (both pcmk and non-pcmk variants).
Previously, there were four different sets and some of them contained
subtle errors.
Change-Id: Id6a1ab51041a3cd870449399b6793c10bbb1fdca
(cherry picked from commit 8d38363a78
)
This commit is contained in:
parent
c8c5fc1092
commit
51a9a07810
|
@ -62,18 +62,6 @@ parameters:
|
||||||
CinderBackupRbdPoolName:
|
CinderBackupRbdPoolName:
|
||||||
default: backups
|
default: backups
|
||||||
type: string
|
type: string
|
||||||
CephClusterName:
|
|
||||||
type: string
|
|
||||||
default: ceph
|
|
||||||
description: The Ceph cluster name.
|
|
||||||
constraints:
|
|
||||||
- allowed_pattern: "[a-zA-Z0-9]+"
|
|
||||||
description: >
|
|
||||||
The Ceph cluster name must be at least 1 character and contain only
|
|
||||||
letters and numbers.
|
|
||||||
CephClientUserName:
|
|
||||||
default: openstack
|
|
||||||
type: string
|
|
||||||
CinderBackupNfsShare:
|
CinderBackupNfsShare:
|
||||||
default: ''
|
default: ''
|
||||||
description: NFS share to be mounted
|
description: NFS share to be mounted
|
||||||
|
@ -153,43 +141,8 @@ outputs:
|
||||||
kolla_config:
|
kolla_config:
|
||||||
/var/lib/kolla/config_files/cinder_backup.json:
|
/var/lib/kolla/config_files/cinder_backup.json:
|
||||||
command: /usr/bin/cinder-backup --config-file /usr/share/cinder/cinder-dist.conf --config-file /etc/cinder/cinder.conf
|
command: /usr/bin/cinder-backup --config-file /usr/share/cinder/cinder-dist.conf --config-file /etc/cinder/cinder.conf
|
||||||
config_files:
|
config_files: {get_attr: [CinderCommon, cinder_common_kolla_config_files]}
|
||||||
- source: "/var/lib/kolla/config_files/src/*"
|
permissions: {get_attr: [CinderCommon, cinder_common_kolla_permissions]}
|
||||||
dest: "/"
|
|
||||||
merge: true
|
|
||||||
preserve_properties: true
|
|
||||||
- source: "/var/lib/kolla/config_files/src-ceph/"
|
|
||||||
dest: "/etc/ceph/"
|
|
||||||
merge: true
|
|
||||||
preserve_properties: true
|
|
||||||
- source: "/var/lib/kolla/config_files/src-iscsid/*"
|
|
||||||
dest: "/etc/iscsi/"
|
|
||||||
merge: true
|
|
||||||
preserve_properties: true
|
|
||||||
- source: "/var/lib/kolla/config_files/src-tls/*"
|
|
||||||
dest: "/"
|
|
||||||
merge: true
|
|
||||||
preserve_properties: true
|
|
||||||
optional: true
|
|
||||||
permissions:
|
|
||||||
- path: /var/lib/cinder
|
|
||||||
owner: cinder:cinder
|
|
||||||
recurse: true
|
|
||||||
- path: /var/log/cinder
|
|
||||||
owner: cinder:cinder
|
|
||||||
recurse: true
|
|
||||||
- path:
|
|
||||||
str_replace:
|
|
||||||
template: /etc/ceph/CLUSTER.client.USER.keyring
|
|
||||||
params:
|
|
||||||
CLUSTER: {get_param: CephClusterName}
|
|
||||||
USER: {get_param: CephClientUserName}
|
|
||||||
owner: cinder:cinder
|
|
||||||
perm: '0600'
|
|
||||||
- path: /etc/pki/tls/certs/etcd.crt
|
|
||||||
owner: cinder:cinder
|
|
||||||
- path: /etc/pki/tls/private/etcd.key
|
|
||||||
owner: cinder:cinder
|
|
||||||
docker_config:
|
docker_config:
|
||||||
step_3:
|
step_3:
|
||||||
cinder_backup_init_logs:
|
cinder_backup_init_logs:
|
||||||
|
|
|
@ -159,35 +159,8 @@ outputs:
|
||||||
kolla_config:
|
kolla_config:
|
||||||
/var/lib/kolla/config_files/cinder_backup.json:
|
/var/lib/kolla/config_files/cinder_backup.json:
|
||||||
command: /usr/bin/cinder-backup --config-file /usr/share/cinder/cinder-dist.conf --config-file /etc/cinder/cinder.conf
|
command: /usr/bin/cinder-backup --config-file /usr/share/cinder/cinder-dist.conf --config-file /etc/cinder/cinder.conf
|
||||||
config_files:
|
config_files: {get_attr: [CinderCommon, cinder_common_kolla_config_files]}
|
||||||
- source: "/var/lib/kolla/config_files/src/*"
|
permissions: {get_attr: [CinderCommon, cinder_common_kolla_permissions]}
|
||||||
dest: "/"
|
|
||||||
merge: true
|
|
||||||
preserve_properties: true
|
|
||||||
- source: "/var/lib/kolla/config_files/src-ceph/"
|
|
||||||
dest: "/etc/ceph/"
|
|
||||||
merge: true
|
|
||||||
preserve_properties: true
|
|
||||||
- source: "/var/lib/kolla/config_files/src-iscsid/*"
|
|
||||||
dest: "/etc/iscsi/"
|
|
||||||
merge: true
|
|
||||||
preserve_properties: true
|
|
||||||
- source: "/var/lib/kolla/config_files/src-tls/*"
|
|
||||||
dest: "/"
|
|
||||||
merge: true
|
|
||||||
preserve_properties: true
|
|
||||||
optional: true
|
|
||||||
permissions:
|
|
||||||
- path: /var/lib/cinder
|
|
||||||
owner: cinder:cinder
|
|
||||||
recurse: true
|
|
||||||
- path: /var/log/cinder
|
|
||||||
owner: cinder:cinder
|
|
||||||
recurse: true
|
|
||||||
- path: /etc/pki/tls/certs/etcd.crt
|
|
||||||
owner: cinder:cinder
|
|
||||||
- path: /etc/pki/tls/private/etcd.key
|
|
||||||
owner: cinder:cinder
|
|
||||||
container_config_scripts: {get_attr: [ContainersCommon, container_config_scripts]}
|
container_config_scripts: {get_attr: [ContainersCommon, container_config_scripts]}
|
||||||
docker_config:
|
docker_config:
|
||||||
step_3:
|
step_3:
|
||||||
|
|
|
@ -73,6 +73,18 @@ parameters:
|
||||||
API network is using TLS.
|
API network is using TLS.
|
||||||
type: boolean
|
type: boolean
|
||||||
default: false
|
default: false
|
||||||
|
CephClientUserName:
|
||||||
|
default: openstack
|
||||||
|
type: string
|
||||||
|
CephClusterName:
|
||||||
|
type: string
|
||||||
|
default: ceph
|
||||||
|
description: The Ceph cluster name.
|
||||||
|
constraints:
|
||||||
|
- allowed_pattern: "[a-zA-Z0-9]+"
|
||||||
|
description: >
|
||||||
|
The Ceph cluster name must be at least 1 character and contain only
|
||||||
|
letters and numbers.
|
||||||
|
|
||||||
conditions:
|
conditions:
|
||||||
|
|
||||||
|
@ -123,6 +135,46 @@ outputs:
|
||||||
- /etc/pki/tls/private/etcd.key:/var/lib/kolla/config_files/src-tls/etc/pki/tls/private/etcd.key:ro
|
- /etc/pki/tls/private/etcd.key:/var/lib/kolla/config_files/src-tls/etc/pki/tls/private/etcd.key:ro
|
||||||
- []
|
- []
|
||||||
|
|
||||||
|
cinder_common_kolla_config_files:
|
||||||
|
description: Common kolla config_files for cinder-volume and cinder-backup services
|
||||||
|
value:
|
||||||
|
- source: "/var/lib/kolla/config_files/src/*"
|
||||||
|
dest: "/"
|
||||||
|
merge: true
|
||||||
|
preserve_properties: true
|
||||||
|
- source: "/var/lib/kolla/config_files/src-ceph/"
|
||||||
|
dest: "/etc/ceph/"
|
||||||
|
merge: true
|
||||||
|
preserve_properties: true
|
||||||
|
- source: "/var/lib/kolla/config_files/src-iscsid/*"
|
||||||
|
dest: "/etc/iscsi/"
|
||||||
|
merge: true
|
||||||
|
preserve_properties: true
|
||||||
|
- source: "/var/lib/kolla/config_files/src-tls/*"
|
||||||
|
dest: "/"
|
||||||
|
merge: true
|
||||||
|
preserve_properties: true
|
||||||
|
optional: true
|
||||||
|
|
||||||
|
cinder_common_kolla_permissions:
|
||||||
|
description: Common kolla permissions for cinder-volume and cinder-backup services
|
||||||
|
value:
|
||||||
|
- path: /var/log/cinder
|
||||||
|
owner: cinder:cinder
|
||||||
|
recurse: true
|
||||||
|
- path:
|
||||||
|
str_replace:
|
||||||
|
template: /etc/ceph/CLUSTER.client.USER.keyring
|
||||||
|
params:
|
||||||
|
CLUSTER: {get_param: CephClusterName}
|
||||||
|
USER: {get_param: CephClientUserName}
|
||||||
|
owner: cinder:cinder
|
||||||
|
perm: '0600'
|
||||||
|
- path: /etc/pki/tls/certs/etcd.crt
|
||||||
|
owner: cinder:cinder
|
||||||
|
- path: /etc/pki/tls/private/etcd.key
|
||||||
|
owner: cinder:cinder
|
||||||
|
|
||||||
cinder_volume_host_prep_tasks:
|
cinder_volume_host_prep_tasks:
|
||||||
description: Host prep tasks for the cinder-volume service (HA or non-HA)
|
description: Host prep tasks for the cinder-volume service (HA or non-HA)
|
||||||
value:
|
value:
|
||||||
|
|
|
@ -297,40 +297,8 @@ outputs:
|
||||||
kolla_config:
|
kolla_config:
|
||||||
/var/lib/kolla/config_files/cinder_volume.json:
|
/var/lib/kolla/config_files/cinder_volume.json:
|
||||||
command: /usr/bin/cinder-volume --config-file /usr/share/cinder/cinder-dist.conf --config-file /etc/cinder/cinder.conf
|
command: /usr/bin/cinder-volume --config-file /usr/share/cinder/cinder-dist.conf --config-file /etc/cinder/cinder.conf
|
||||||
config_files:
|
config_files: {get_attr: [CinderCommon, cinder_common_kolla_config_files]}
|
||||||
- source: "/var/lib/kolla/config_files/src/*"
|
permissions: {get_attr: [CinderCommon, cinder_common_kolla_permissions]}
|
||||||
dest: "/"
|
|
||||||
merge: true
|
|
||||||
preserve_properties: true
|
|
||||||
- source: "/var/lib/kolla/config_files/src-ceph/"
|
|
||||||
dest: "/etc/ceph/"
|
|
||||||
merge: true
|
|
||||||
preserve_properties: true
|
|
||||||
- source: "/var/lib/kolla/config_files/src-iscsid/*"
|
|
||||||
dest: "/etc/iscsi/"
|
|
||||||
merge: true
|
|
||||||
preserve_properties: true
|
|
||||||
- source: "/var/lib/kolla/config_files/src-tls/*"
|
|
||||||
dest: "/"
|
|
||||||
merge: true
|
|
||||||
preserve_properties: true
|
|
||||||
optional: true
|
|
||||||
permissions:
|
|
||||||
- path: /var/log/cinder
|
|
||||||
owner: cinder:cinder
|
|
||||||
recurse: true
|
|
||||||
- path:
|
|
||||||
str_replace:
|
|
||||||
template: /etc/ceph/CLUSTER.client.USER.keyring
|
|
||||||
params:
|
|
||||||
CLUSTER: {get_param: CephClusterName}
|
|
||||||
USER: {get_param: CephClientUserName}
|
|
||||||
owner: cinder:cinder
|
|
||||||
perm: '0600'
|
|
||||||
- path: /etc/pki/tls/certs/etcd.crt
|
|
||||||
owner: cinder:cinder
|
|
||||||
- path: /etc/pki/tls/private/etcd.key
|
|
||||||
owner: cinder:cinder
|
|
||||||
docker_config:
|
docker_config:
|
||||||
step_3:
|
step_3:
|
||||||
cinder_volume_init_logs:
|
cinder_volume_init_logs:
|
||||||
|
|
|
@ -148,27 +148,8 @@ outputs:
|
||||||
kolla_config:
|
kolla_config:
|
||||||
/var/lib/kolla/config_files/cinder_volume.json:
|
/var/lib/kolla/config_files/cinder_volume.json:
|
||||||
command: /usr/bin/cinder-volume --config-file /usr/share/cinder/cinder-dist.conf --config-file /etc/cinder/cinder.conf
|
command: /usr/bin/cinder-volume --config-file /usr/share/cinder/cinder-dist.conf --config-file /etc/cinder/cinder.conf
|
||||||
config_files:
|
config_files: {get_attr: [CinderCommon, cinder_common_kolla_config_files]}
|
||||||
- source: "/var/lib/kolla/config_files/src/*"
|
permissions: {get_attr: [CinderCommon, cinder_common_kolla_permissions]}
|
||||||
dest: "/"
|
|
||||||
merge: true
|
|
||||||
preserve_properties: true
|
|
||||||
- source: "/var/lib/kolla/config_files/src-ceph/"
|
|
||||||
dest: "/etc/ceph/"
|
|
||||||
merge: true
|
|
||||||
preserve_properties: true
|
|
||||||
- source: "/var/lib/kolla/config_files/src-iscsid/*"
|
|
||||||
dest: "/etc/iscsi/"
|
|
||||||
merge: true
|
|
||||||
preserve_properties: true
|
|
||||||
# NOTE(abishop): no need to copy any src-tls/* files or set ownership
|
|
||||||
# of etcd's TLS certificate and key. The etcd service is only used by
|
|
||||||
# cinder-volume when it's running active/active, and *not* when it's
|
|
||||||
# under pcmk control.
|
|
||||||
permissions:
|
|
||||||
- path: /var/log/cinder
|
|
||||||
owner: cinder:cinder
|
|
||||||
recurse: true
|
|
||||||
container_config_scripts: {get_attr: [ContainersCommon, container_config_scripts]}
|
container_config_scripts: {get_attr: [ContainersCommon, container_config_scripts]}
|
||||||
docker_config:
|
docker_config:
|
||||||
step_3:
|
step_3:
|
||||||
|
|
Loading…
Reference in New Issue