Enable Cinder volume backups

To properly enable Cinder volume backup, the following configuration changes are required: - For Cinder, enable 'CephBackupDriver' as the Cinder backup_driver and 'cinder' as the rbd_user for each Cinder backend - For libvirt, enable Ceph and use 'cinder-volume-rbd-keyring' for the Ceph client user secret. This will create a libvirt secret that will be used with the 'cinder' user. - For nova, enable the rbd_secret_uuid shared with libvirt and set the 'rbd_user' to cinder. - Update the chart group initialization sequence, so that 'openstack-cinder' is initialized prior to 'openstack-compute-kit'. This is done because 'cinder-volume-rbd-keyring' is created by Cinder and is required by libvirt to successfully initialize. With these configuration changes: - Cinder volumes were created - Cinder volumes were backed up - Instances were booted by volume (from Cinder) - Instances were booted by image (from Ceph ephemeral disks) Change-Id: I29c7d3ed118f4a6726f2ea887a165f256bc32fd5 Depends-On: https://review.opendev.org/#/c/664619/ Story: 2004520 Task: 28266 Signed-off-by: Robert Church <robert.church@windriver.com>
2019-06-08 22:49:18 -04:00 · 2019-06-08 22:49:18 -04:00 · c69942d0d7
commit c69942d0d7
parent c7e73429e6
6 changed files with 14 additions and 13 deletions
--- a/kubernetes/applications/stx-openstack/stx-openstack-helm/centos/build_srpm.data
+++ b/kubernetes/applications/stx-openstack/stx-openstack-helm/centos/build_srpm.data
@ -1,4 +1,4 @@
 SRC_DIR="stx-openstack-helm"
 COPY_LIST_TO_TAR="$PKG_BASE/../../../helm-charts/garbd \
    $PKG_BASE/../../../helm-charts/clients"
-TIS_PATCH_VER=14
+TIS_PATCH_VER=15
--- a/kubernetes/applications/stx-openstack/stx-openstack-helm/stx-openstack-helm/manifests/manifest.yaml
+++ b/kubernetes/applications/stx-openstack/stx-openstack-helm/stx-openstack-helm/manifests/manifest.yaml
@ -684,7 +684,7 @@ data:
    conf:
      cinder:
        DEFAULT:
-          backup_driver: cinder.backup.drivers.swift
+          backup_driver: cinder.backup.drivers.ceph.CephBackupDriver
    storage: rbd
  source:
    type: tar
@ -711,12 +711,16 @@ data:
  upgrade:
    no_hooks: false
  values:
+    ceph_client:
+      user_secret_name: cinder-volume-rbd-keyring
    labels:
      agent:
        libvirt:
          node_selector_key: openstack-compute-node
          node_selector_value: enabled
    conf:
+      ceph:
+        enabled: true
      kubernetes:
        cgroup: "k8s-infra"
    images:
@ -929,8 +933,7 @@ data:
          live_migration_completion_timeout: 180
          live_migration_permit_auto_converge: true
          mem_stats_period_seconds: 0
-          rbd_secret_uuid: null
-          rbd_user: null
+          rbd_user: cinder
          # Allow up to 1 day for resize conf
          remove_unused_resized_minimum_age_seconds: 86400
        database:
@ -3242,9 +3245,9 @@ data:
    - openstack-clients
    - openstack-barbican
    - openstack-glance
+    - openstack-cinder
    - openstack-ceph-rgw
    - openstack-compute-kit
    - openstack-heat
    - openstack-horizon
-    - openstack-cinder
    - openstack-telemetry
--- a/sysinv/sysinv/centos/build_srpm.data
+++ b/sysinv/sysinv/centos/build_srpm.data
@ -1,2 +1,2 @@
 SRC_DIR="sysinv"
-TIS_PATCH_VER=322
+TIS_PATCH_VER=323
--- a/sysinv/sysinv/sysinv/sysinv/helm/cinder.py
+++ b/sysinv/sysinv/sysinv/sysinv/helm/cinder.py
@ -95,9 +95,6 @@ class CinderHelm(openstack.OpenstackBaseHelm):
            backend_type=constants.SB_TYPE_CEPH)
        conf_cinder = {
            'DEFAULT': {
-                # Use the CEPH backup driver. The chart will create a pool for
-                # keeping the backups. All cinder backup pods will use it.
-                'backup_driver': 'cinder.backup.drivers.ceph.CephBackupDriver',
                'enabled_backends': ','.join(
                    b.name.encode('utf8', 'strict') for b in backends)
            },
@ -152,6 +149,7 @@ class CinderHelm(openstack.OpenstackBaseHelm):
                'volume_backend_name': bk_name,
                'volume_driver': 'cinder.volume.drivers.rbd.RBDDriver',
                'rbd_pool': rbd_pool.encode('utf8', 'strict'),
+                'rbd_user': 'cinder',
                'rbd_ceph_conf':
                    (constants.CEPH_CONF_PATH +
                     constants.SB_TYPE_CEPH_CONF_FILENAME),
--- a/sysinv/sysinv/sysinv/sysinv/helm/libvirt.py
+++ b/sysinv/sysinv/sysinv/sysinv/helm/libvirt.py
@ -27,9 +27,6 @@ class LibvirtHelm(openstack.OpenstackBaseHelm):
                    'libvirt': {
                        'listen_addr': '0.0.0.0'
                    },
-                    'ceph': {
-                        'enabled': False
-                    },
                    'qemu': {
                        'user': "root",
                        'group': "root",
--- a/sysinv/sysinv/sysinv/sysinv/helm/nova.py
+++ b/sysinv/sysinv/sysinv/sysinv/helm/nova.py
@ -18,7 +18,10 @@ from sysinv.helm import openstack

 LOG = logging.getLogger(__name__)

-RBD_POOL_USER = "ephemeral"
+# Align ephemeral rbd_user with the cinder rbd_user so that the same libvirt
+# secret can be used for accessing both pools. This also aligns with the
+# behavior defined in nova/virt/libvirt/volume/net.py:_set_auth_config_rbd()
+RBD_POOL_USER = "cinder"

 DEFAULT_NOVA_PCI_ALIAS = [
    {"vendor_id": constants.NOVA_PCI_ALIAS_QAT_PF_VENDOR,