From 9f1e982758065d84b2aa1b172e61c27698a38377 Mon Sep 17 00:00:00 2001 From: Takashi Kajinami Date: Mon, 8 Jun 2020 14:57:04 +0900 Subject: [PATCH] Add support for Gnocchi NFS Backend This patch introduces support for Gnocchi NFS backend, so that operators can configure nfs share to store data of Gnocchi. Resolved the conflict caused by different selinux type assigned to /var/lib/gnocchi directories. stable/train : svirt_sandbox_file_t stable/ussuri and later: container_file_t Conflicts: deployment/gnocchi/gnocchi-api-container-puppet.yaml Closes-Bug: #1889075 Change-Id: I41c93394c171572bdd6e0b24c842b5e86e0b8e07 (cherry picked from commit a6bbb4941ba846c9561f40c190f36991f384f68a) (cherry picked from commit 3631ee2ff42fa82b85bcfcb011556fe28ec98a8d) --- .../gnocchi/gnocchi-api-container-puppet.yaml | 64 +++++++++++++++++-- .../gnocchi-metricd-container-puppet.yaml | 16 ++++- .../gnocchi-statsd-container-puppet.yaml | 16 ++++- .../gnocchi-nfs-backend-90febc9f87e7df08.yaml | 9 +++ 4 files changed, 97 insertions(+), 8 deletions(-) create mode 100644 releasenotes/notes/gnocchi-nfs-backend-90febc9f87e7df08.yaml diff --git a/deployment/gnocchi/gnocchi-api-container-puppet.yaml b/deployment/gnocchi/gnocchi-api-container-puppet.yaml index 7826246a6b..d4ca39a32e 100644 --- a/deployment/gnocchi/gnocchi-api-container-puppet.yaml +++ b/deployment/gnocchi/gnocchi-api-container-puppet.yaml @@ -82,6 +82,21 @@ parameters: type: string constraints: - allowed_values: ['swift', 'file', 'rbd', 's3'] + GnocchiNfsEnabled: + default: false + description: > + When using GnocchiBackend 'file', mount NFS share for data storage + type: boolean + GnocchiNfsShare: + default: '' + description: > + NFS share to mount for data storage (when GnocchiNfsEnabled is true) + type: string + GnocchiNfsOptions: + default: '_netdev,bg,intr,context=system_u:object_r:svirt_sandbox_file_t:s0' + description: > + Nfs mount options for data storage (when GnocchiNfsEnabled is true) + type: string GnocchiIncomingStorageDriver: default: redis description: Storage driver to use for incoming metric data @@ -111,6 +126,7 @@ parameters: conditions: cors_allowed_origin_unset: {equals : [{get_param: GnocchiCorsAllowedOrigin}, '']} internal_tls_enabled: {equals: [{get_param: EnableInternalTLS}, true]} + nfs_backend_enabled: {equals: [{get_param: GnocchiNfsEnabled}, true]} resources: @@ -298,13 +314,20 @@ outputs: volumes: - str_replace: template: GNOCCHI_FILE_BASE_PATH:GNOCCHI_FILE_BASE_PATH:SE_FLAGS - params: {GNOCCHI_FILE_BASE_PATH: {get_param: GnocchiFileBasePath}, SE_FLAGS: 'shared,z'} + params: + GNOCCHI_FILE_BASE_PATH: {get_param: GnocchiFileBasePath} + SE_FLAGS: + if: + - nfs_backend_enabled + - 'shared' + - 'shared,z' command: - '/bin/bash' - '-c' - str_replace: template: 'chown -R gnocchi:gnocchi GNOCCHI_FILE_BASE_PATH' - params: {GNOCCHI_FILE_BASE_PATH: {get_param: GnocchiFileBasePath}} + params: + GNOCCHI_FILE_BASE_PATH: {get_param: GnocchiFileBasePath} step_5: gnocchi_db_sync: start_order: 0 @@ -321,7 +344,13 @@ outputs: - /var/lib/config-data/puppet-generated/gnocchi:/var/lib/kolla/config_files/src:ro - str_replace: template: GNOCCHI_FILE_BASE_PATH:GNOCCHI_FILE_BASE_PATH:SE_FLAGS - params: {GNOCCHI_FILE_BASE_PATH: {get_param: GnocchiFileBasePath}, SE_FLAGS: 'shared,z'} + params: + GNOCCHI_FILE_BASE_PATH: {get_param: GnocchiFileBasePath} + SE_FLAGS: + if: + - nfs_backend_enabled + - 'shared' + - 'shared,z' - /var/log/containers/gnocchi:/var/log/gnocchi:z - /var/log/containers/httpd/gnocchi-api:/var/log/httpd:z - /etc/ceph:/var/lib/kolla/config_files/src-ceph:ro @@ -342,7 +371,13 @@ outputs: - - str_replace: template: GNOCCHI_FILE_BASE_PATH:GNOCCHI_FILE_BASE_PATH:SE_FLAGS - params: {GNOCCHI_FILE_BASE_PATH: {get_param: GnocchiFileBasePath}, SE_FLAGS: 'shared,z'} + params: + GNOCCHI_FILE_BASE_PATH: {get_param: GnocchiFileBasePath} + SE_FLAGS: + if: + - nfs_backend_enabled + - 'shared' + - 'shared,z' - /var/lib/kolla/config_files/gnocchi_api.json:/var/lib/kolla/config_files/config.json:ro - /var/lib/config-data/puppet-generated/gnocchi:/var/lib/kolla/config_files/src:ro - /var/log/containers/gnocchi:/var/log/gnocchi:z @@ -359,7 +394,7 @@ outputs: environment: KOLLA_CONFIG_STRATEGY: COPY_ALWAYS host_prep_tasks: - - name: create persistent data and logs directory + - name: create logs directory file: path: "{{ item.path }}" state: directory @@ -368,7 +403,24 @@ outputs: with_items: - { 'path': /var/log/containers/gnocchi, 'setype': svirt_sandbox_file_t, 'mode': '0750' } - { 'path': /var/log/containers/httpd/gnocchi-api, 'setype': svirt_sandbox_file_t, 'mode': '0750' } - - { 'path': {get_param: GnocchiFileBasePath}, 'setype': svirt_sandbox_file_t } + - name: Mount Gnocchi NFS on host + vars: + nfs_backend_enabled: {get_param: GnocchiNfsEnabled} + nfs_share: {get_param: GnocchiNfsShare} + nfs_options: {get_param: GnocchiNfsOptions} + file_base_path: {get_param: GnocchiFileBasePath} + mount: + name: "{{file_base_path}}" + state: mounted + src: "{{nfs_share}}" + fstype: nfs + opts: "{{nfs_options}}" + when: nfs_backend_enabled + - name: ensure GnocchiFileBasePath exists + file: + path: {get_param: GnocchiFileBasePath} + state: directory + setype: svirt_sandbox_file_t - name: ensure ceph configurations exist file: path: /etc/ceph diff --git a/deployment/gnocchi/gnocchi-metricd-container-puppet.yaml b/deployment/gnocchi/gnocchi-metricd-container-puppet.yaml index 950d00824e..f6b5c79e55 100644 --- a/deployment/gnocchi/gnocchi-metricd-container-puppet.yaml +++ b/deployment/gnocchi/gnocchi-metricd-container-puppet.yaml @@ -53,6 +53,11 @@ parameters: description: Path to use when file driver is used. This could be NFS or a flat file. type: string + GnocchiNfsEnabled: + default: false + description: > + When using GnocchiBackend 'file', mount NFS share for data storage + type: boolean MonitoringSubscriptionGnocchiMetricd: default: 'overcloud-gnocchi-metricd' type: string @@ -65,6 +70,9 @@ parameters: description: Delay between processing metrics. type: number +conditions: + nfs_backend_enabled: {equals: [{get_param: GnocchiNfsEnabled}, true]} + resources: ContainersCommon: @@ -149,7 +157,13 @@ outputs: - /etc/ceph:/var/lib/kolla/config_files/src-ceph:ro - str_replace: template: GNOCCHI_FILE_BASE_PATH:GNOCCHI_FILE_BASE_PATH:SE_FLAGS - params: {GNOCCHI_FILE_BASE_PATH: {get_param: GnocchiFileBasePath}, SE_FLAGS: 'shared,z'} + params: + GNOCCHI_FILE_BASE_PATH: {get_param: GnocchiFileBasePath} + SE_FLAGS: + if: + - nfs_backend_enabled + - 'shared' + - 'shared,z' environment: KOLLA_CONFIG_STRATEGY: COPY_ALWAYS host_prep_tasks: diff --git a/deployment/gnocchi/gnocchi-statsd-container-puppet.yaml b/deployment/gnocchi/gnocchi-statsd-container-puppet.yaml index eb2930aa08..644063dc69 100644 --- a/deployment/gnocchi/gnocchi-statsd-container-puppet.yaml +++ b/deployment/gnocchi/gnocchi-statsd-container-puppet.yaml @@ -53,10 +53,18 @@ parameters: description: Path to use when file driver is used. This could be NFS or a flat file. type: string + GnocchiNfsEnabled: + default: false + description: > + When using GnocchiBackend 'file', mount NFS share for data storage + type: boolean MonitoringSubscriptionGnocchiStatsd: default: 'overcloud-gnocchi-statsd' type: string +conditions: + nfs_backend_enabled: {equals: [{get_param: GnocchiNfsEnabled}, true]} + resources: ContainersCommon: @@ -143,7 +151,13 @@ outputs: - /etc/ceph:/var/lib/kolla/config_files/src-ceph:ro - str_replace: template: GNOCCHI_FILE_BASE_PATH:GNOCCHI_FILE_BASE_PATH:SE_FLAGS - params: {GNOCCHI_FILE_BASE_PATH: {get_param: GnocchiFileBasePath}, SE_FLAGS: 'shared,z'} + params: + GNOCCHI_FILE_BASE_PATH: {get_param: GnocchiFileBasePath} + SE_FLAGS: + if: + - nfs_backend_enabled + - 'shared' + - 'shared,z' environment: KOLLA_CONFIG_STRATEGY: COPY_ALWAYS host_prep_tasks: diff --git a/releasenotes/notes/gnocchi-nfs-backend-90febc9f87e7df08.yaml b/releasenotes/notes/gnocchi-nfs-backend-90febc9f87e7df08.yaml new file mode 100644 index 0000000000..a5acd90680 --- /dev/null +++ b/releasenotes/notes/gnocchi-nfs-backend-90febc9f87e7df08.yaml @@ -0,0 +1,9 @@ +--- +features: + - | + The following parameters were added to support configuration of gnocchi nfs + backend. + + - GnocchiNfsEnabled + - GnocchiNfsShare + - GnocchiNfsOptions