openstack/tripleo-heat-templates
Code Issues Proposed changes

Unify cinder's volume and backup kolla_config settings

Browse Source 
Define a common set of kolla config_files and permissions for use by
cinder's volume and backup services (both pcmk and non-pcmk variants).
Previously, there were four different sets and some of them contained
subtle errors.

Change-Id: Id6a1ab51041a3cd870449399b6793c10bbb1fdca
This commit is contained in:
Alan Bishop 2021-02-03 08:50:21 -08:00
parent a46d302f70
commit 8d38363a78
5 changed files with 60 additions and 133 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

51
deployment/cinder/cinder-backup-container-puppet.yaml
View File

@ -62,18 +62,6 @@ parameters:
CinderBackupRbdPoolName:
default: backups
type: string
CephClusterName:
type: string
default: ceph
description: The Ceph cluster name.
constraints:
- allowed_pattern: "[a-zA-Z0-9]+"
description: >
The Ceph cluster name must be at least 1 character and contain only
letters and numbers.
CephClientUserName:
default: openstack
type: string
CinderBackupNfsShare:
default: ''
description: NFS share to be mounted
@ -153,43 +141,8 @@ outputs:
kolla_config:
/var/lib/kolla/config_files/cinder_backup.json:
command: /usr/bin/cinder-backup --config-file /usr/share/cinder/cinder-dist.conf --config-file /etc/cinder/cinder.conf
config_files:
- source: "/var/lib/kolla/config_files/src/*"
dest: "/"
merge: true
preserve_properties: true
- source: "/var/lib/kolla/config_files/src-ceph/"
dest: "/etc/ceph/"
merge: true
preserve_properties: true
- source: "/var/lib/kolla/config_files/src-iscsid/*"
dest: "/etc/iscsi/"
merge: true
preserve_properties: true
- source: "/var/lib/kolla/config_files/src-tls/*"
dest: "/"
merge: true
preserve_properties: true
optional: true
permissions:
- path: /var/lib/cinder
owner: cinder:cinder
recurse: true
- path: /var/log/cinder
owner: cinder:cinder
recurse: true
- path:
str_replace:
template: /etc/ceph/CLUSTER.client.USER.keyring
params:
CLUSTER: {get_param: CephClusterName}
USER: {get_param: CephClientUserName}
owner: cinder:cinder
perm: '0600'
- path: /etc/pki/tls/certs/etcd.crt
owner: cinder:cinder
- path: /etc/pki/tls/private/etcd.key
owner: cinder:cinder
config_files: {get_attr: [CinderCommon, cinder_common_kolla_config_files]}
permissions: {get_attr: [CinderCommon, cinder_common_kolla_permissions]}
docker_config:
step_3:
cinder_backup_init_logs:

31
deployment/cinder/cinder-backup-pacemaker-puppet.yaml
View File

@ -165,35 +165,8 @@ outputs:
kolla_config:
/var/lib/kolla/config_files/cinder_backup.json:
command: /usr/bin/cinder-backup --config-file /usr/share/cinder/cinder-dist.conf --config-file /etc/cinder/cinder.conf
config_files:
- source: "/var/lib/kolla/config_files/src/*"
dest: "/"
merge: true
preserve_properties: true
- source: "/var/lib/kolla/config_files/src-ceph/"
dest: "/etc/ceph/"
merge: true
preserve_properties: true
- source: "/var/lib/kolla/config_files/src-iscsid/*"
dest: "/etc/iscsi/"
merge: true
preserve_properties: true
- source: "/var/lib/kolla/config_files/src-tls/*"
dest: "/"
merge: true
preserve_properties: true
optional: true
permissions:
- path: /var/lib/cinder
owner: cinder:cinder
recurse: true
- path: /var/log/cinder
owner: cinder:cinder
recurse: true
- path: /etc/pki/tls/certs/etcd.crt
owner: cinder:cinder
- path: /etc/pki/tls/private/etcd.key
owner: cinder:cinder
config_files: {get_attr: [CinderCommon, cinder_common_kolla_config_files]}
permissions: {get_attr: [CinderCommon, cinder_common_kolla_permissions]}
container_config_scripts: {get_attr: [ContainersCommon, container_config_scripts]}
docker_config:
step_3:

52
deployment/cinder/cinder-common-container-puppet.yaml
View File

@ -78,6 +78,18 @@ parameters:
default: "/var/lib/tripleo-config/ceph"
description: |
The path where the Ceph Cluster config files are stored on the host.
CephClientUserName:
default: openstack
type: string
CephClusterName:
type: string
default: ceph
description: The Ceph cluster name.
constraints:
- allowed_pattern: "[a-zA-Z0-9]+"
description: >
The Ceph cluster name must be at least 1 character and contain only
letters and numbers.
conditions:
@ -128,6 +140,46 @@ outputs:
- /etc/pki/tls/private/etcd.key:/var/lib/kolla/config_files/src-tls/etc/pki/tls/private/etcd.key:ro
- []
cinder_common_kolla_config_files:
description: Common kolla config_files for cinder-volume and cinder-backup services
value:
- source: "/var/lib/kolla/config_files/src/*"
dest: "/"
merge: true
preserve_properties: true
- source: "/var/lib/kolla/config_files/src-ceph/"
dest: "/etc/ceph/"
merge: true
preserve_properties: true
- source: "/var/lib/kolla/config_files/src-iscsid/*"
dest: "/etc/iscsi/"
merge: true
preserve_properties: true
- source: "/var/lib/kolla/config_files/src-tls/*"
dest: "/"
merge: true
preserve_properties: true
optional: true
cinder_common_kolla_permissions:
description: Common kolla permissions for cinder-volume and cinder-backup services
value:
- path: /var/log/cinder
owner: cinder:cinder
recurse: true
- path:
str_replace:
template: /etc/ceph/CLUSTER.client.USER.keyring
params:
CLUSTER: {get_param: CephClusterName}
USER: {get_param: CephClientUserName}
owner: cinder:cinder
perm: '0600'
- path: /etc/pki/tls/certs/etcd.crt
owner: cinder:cinder
- path: /etc/pki/tls/private/etcd.key
owner: cinder:cinder
cinder_volume_host_prep_tasks:
description: Host prep tasks for the cinder-volume service (HA or non-HA)
value:

36
deployment/cinder/cinder-volume-container-puppet.yaml
View File

@ -303,40 +303,8 @@ outputs:
kolla_config:
/var/lib/kolla/config_files/cinder_volume.json:
command: /usr/bin/cinder-volume --config-file /usr/share/cinder/cinder-dist.conf --config-file /etc/cinder/cinder.conf
config_files:
- source: "/var/lib/kolla/config_files/src/*"
dest: "/"
merge: true
preserve_properties: true
- source: "/var/lib/kolla/config_files/src-ceph/"
dest: "/etc/ceph/"
merge: true
preserve_properties: true
- source: "/var/lib/kolla/config_files/src-iscsid/*"
dest: "/etc/iscsi/"
merge: true
preserve_properties: true
- source: "/var/lib/kolla/config_files/src-tls/*"
dest: "/"
merge: true
preserve_properties: true
optional: true
permissions:
- path: /var/log/cinder
owner: cinder:cinder
recurse: true
- path:
str_replace:
template: /etc/ceph/CLUSTER.client.USER.keyring
params:
CLUSTER: {get_param: CephClusterName}
USER: {get_param: CephClientUserName}
owner: cinder:cinder
perm: '0600'
- path: /etc/pki/tls/certs/etcd.crt
owner: cinder:cinder
- path: /etc/pki/tls/private/etcd.key
owner: cinder:cinder
config_files: {get_attr: [CinderCommon, cinder_common_kolla_config_files]}
permissions: {get_attr: [CinderCommon, cinder_common_kolla_permissions]}
docker_config:
step_3:
cinder_volume_init_logs:

23
deployment/cinder/cinder-volume-pacemaker-puppet.yaml
View File

@ -154,27 +154,8 @@ outputs:
kolla_config:
/var/lib/kolla/config_files/cinder_volume.json:
command: /usr/bin/cinder-volume --config-file /usr/share/cinder/cinder-dist.conf --config-file /etc/cinder/cinder.conf
config_files:
- source: "/var/lib/kolla/config_files/src/*"
dest: "/"
merge: true
preserve_properties: true
- source: "/var/lib/kolla/config_files/src-ceph/"
dest: "/etc/ceph/"
merge: true
preserve_properties: true
- source: "/var/lib/kolla/config_files/src-iscsid/*"
dest: "/etc/iscsi/"
merge: true
preserve_properties: true
# NOTE(abishop): no need to copy any src-tls/* files or set ownership
# of etcd's TLS certificate and key. The etcd service is only used by
# cinder-volume when it's running active/active, and *not* when it's
# under pcmk control.
permissions:
- path: /var/log/cinder
owner: cinder:cinder
recurse: true
config_files: {get_attr: [CinderCommon, cinder_common_kolla_config_files]}
permissions: {get_attr: [CinderCommon, cinder_common_kolla_permissions]}
container_config_scripts: {get_attr: [ContainersCommon, container_config_scripts]}
docker_config:
step_3: