[WIP] swift-proxy service
Change-Id: Ic50bc775cc03b419252ed977d7a6c5e26452cfdf
This commit is contained in:
parent
d835f916c5
commit
0900ae1434
|
@ -0,0 +1,19 @@
|
|||
FROM {{ image_spec("openstack-base") }}
|
||||
MAINTAINER {{ maintainer }}
|
||||
|
||||
COPY swift_sudoers /etc/sudoers.d/swift_sudoers
|
||||
{{ copy_sources("openstack/swift", "/swift") }}
|
||||
{{ copy_sources("openstack/swift3", "/swift3") }}
|
||||
|
||||
RUN apt-get update \
|
||||
&& apt-get install -y liberasurecode-dev \
|
||||
&& apt-get clean \
|
||||
&& useradd --user-group --create-home --home-dir /etc/swift -G microservices swift \
|
||||
&& /var/lib/microservices/venv/bin/pip install --upgrade /swift \
|
||||
&& /var/lib/microservices/venv/bin/pip install --upgrade /swift3 \
|
||||
&& mkdir -p /etc/swift \
|
||||
&& chmod 750 /etc/sudoers.d \
|
||||
&& chmod 440 /etc/sudoers.d/swift_sudoers \
|
||||
&& chown -R swift: /etc/swift
|
||||
|
||||
USER swift
|
|
@ -7,6 +7,35 @@ configs:
|
|||
cont: 7480
|
||||
ingress: object-store
|
||||
key: "Changeme"
|
||||
swift:
|
||||
proxy:
|
||||
pipelines:
|
||||
- catch_errors
|
||||
- crossdomain
|
||||
- healthcheck
|
||||
- cache
|
||||
- bulk
|
||||
- tempurl
|
||||
- ratelimit
|
||||
- formpost
|
||||
- swift3
|
||||
- s3token
|
||||
- authtoken
|
||||
- keystone
|
||||
- staticweb
|
||||
- container_quotas
|
||||
- account_quotas
|
||||
- slo
|
||||
- proxy-server
|
||||
port:
|
||||
cont: 8080
|
||||
sources:
|
||||
openstack/swift:
|
||||
git_url: https://git.openstack.org/openstack/swift.git
|
||||
git_ref: stable/newton
|
||||
openstack/swift3:
|
||||
git_url: https://git.openstack.org/openstack/swift3.git
|
||||
git_ref: master
|
||||
url:
|
||||
ceph:
|
||||
debian:
|
||||
|
|
|
@ -0,0 +1,96 @@
|
|||
[DEFAULT]
|
||||
swift_dir = /var/swift
|
||||
bind_ip = {{ network_topology["private"]["address"] }}
|
||||
bind_port = {{ swift.proxy.port.cont }}
|
||||
use_syslog = false
|
||||
use_stderr = true
|
||||
|
||||
workers = 2
|
||||
user = swift
|
||||
|
||||
[pipeline:main]
|
||||
pipeline = {{ swift.proxy.pipelines | join(" ") }}
|
||||
|
||||
[app:proxy-server]
|
||||
use = egg:swift#proxy
|
||||
log_handoffs = true
|
||||
allow_account_management = true
|
||||
account_autocreate = true
|
||||
|
||||
[filter:bulk]
|
||||
use = egg:swift#bulk
|
||||
max_containers_per_extraction = 10000
|
||||
max_failed_extractions = 1000
|
||||
max_deletes_per_request = 10000
|
||||
yield_frequency = 60
|
||||
|
||||
[filter:authtoken]
|
||||
paste.filter_factory = keystonemiddleware.auth_token:filter_factory
|
||||
|
||||
{{ keystone_authtoken.keystone_authtoken(swift.user, swift.password) }}
|
||||
|
||||
[filter:cache]
|
||||
use = egg:swift#memcache
|
||||
memcache_servers = {{ address('memcached', memcached.port) }}
|
||||
|
||||
[filter:catch_errors]
|
||||
use = egg:swift#catch_errors
|
||||
|
||||
[filter:healthcheck]
|
||||
use = egg:swift#healthcheck
|
||||
|
||||
[filter:ratelimit]
|
||||
use = egg:swift#ratelimit
|
||||
clock_accuracy = 1000
|
||||
max_sleep_time_seconds = 60
|
||||
log_sleep_time_seconds = 0
|
||||
rate_buffer_seconds = 5
|
||||
account_ratelimit = 0
|
||||
|
||||
[filter:swift3]
|
||||
use = egg:swift3#swift3
|
||||
|
||||
[filter:s3token]
|
||||
paste.filter_factory = keystonemiddleware.s3_token:filter_factory
|
||||
#auth_port = 35357
|
||||
#auth_protocol = http
|
||||
#auth_host =
|
||||
|
||||
{{ keystone_authtoken.keystone_authtoken(swift.user, swift.password) }}
|
||||
|
||||
[filter:tempurl]
|
||||
use = egg:swift#tempurl
|
||||
|
||||
[filter:formpost]
|
||||
use = egg:swift#formpost
|
||||
|
||||
[filter:staticweb]
|
||||
use = egg:swift#staticweb
|
||||
|
||||
[filter:ceilometer]
|
||||
use = egg:ceilometer#swift
|
||||
|
||||
[filter:crossdomain]
|
||||
use = egg:swift#crossdomain
|
||||
cross_domain_policy = <allow-access-from domain="*" secure="false" />
|
||||
|
||||
[filter:slo]
|
||||
use = egg:swift#slo
|
||||
max_manifest_segments = 1000
|
||||
max_manifest_size = 2097152
|
||||
min_segment_size = 1048576
|
||||
rate_limit_after_segment = 10
|
||||
rate_limit_segments_per_sec = 0
|
||||
max_get_time = 86400
|
||||
|
||||
[filter:keystone]
|
||||
use = egg:swift#keystoneauth
|
||||
operator_roles = admin, SwiftOperator, _member_
|
||||
is_admin = true
|
||||
reseller_prefix = AUTH_
|
||||
|
||||
[filter:account_quotas]
|
||||
use = egg:swift#account_quotas
|
||||
|
||||
[filter:container_quotas]
|
||||
use = egg:swift#container_quotas
|
|
@ -0,0 +1,51 @@
|
|||
dsl_version: 0.7.0
|
||||
service:
|
||||
name: swift-proxy
|
||||
ports:
|
||||
- {{ swift.proxy.port }}
|
||||
containers:
|
||||
- name: swift-proxy
|
||||
image: swift-proxy
|
||||
volumes:
|
||||
- name: swift-rings
|
||||
path: "/var/swift"
|
||||
type: host
|
||||
readOnly: false
|
||||
pre:
|
||||
- name: chown-datadir
|
||||
command: sudo /bin/chown -R swift:swift /var/swift
|
||||
- name: swift-proxy-create-swift-service
|
||||
type: single
|
||||
command: exit 0 ; openstack service create --name swift --description "Swift Service" object-store
|
||||
dependencies:
|
||||
- keystone
|
||||
#- name: swift-proxy-create-swift-public-endpoint
|
||||
# type: single
|
||||
# command: openstack endpoint create --region RegionOne swift public
|
||||
# "{{ address('swift-proxy', swift.proxy.port, external=True, with_scheme=True) }}/v1/AUTH_%(tenant_id)s"
|
||||
# dependencies:
|
||||
# - swift-proxy-create-swift-service
|
||||
- name: swift-proxy-create-swift-admin-endpoint
|
||||
type: single
|
||||
command: openstack endpoint create --region RegionOne swift admin
|
||||
"{{ address('swift-proxy', swift.proxy.port, with_scheme=True) }}/v1/AUTH_%(tenant_id)s"
|
||||
dependencies:
|
||||
- swift-proxy-create-swift-service
|
||||
- name: swift-proxy-create-swift-internal-endpoint
|
||||
type: single
|
||||
command: openstack endpoint create --region RegionOne swift internal
|
||||
"{{ address('swift-proxy', swift.proxy.port, with_scheme=True) }}/v1/AUTH_%(tenant_id)s"
|
||||
dependencies:
|
||||
- swift-proxy-create-swift-service
|
||||
daemon:
|
||||
command: swift-proxy-server /etc/swift/proxy-server.conf --verbose
|
||||
files:
|
||||
- swift-proxy-conf
|
||||
- swift-conf
|
||||
files:
|
||||
swift-proxy-conf:
|
||||
path: /etc/swift/proxy-server.conf
|
||||
content: swift-proxy.conf.j2
|
||||
swift-conf:
|
||||
path: /etc/swift/swift.conf
|
||||
content: swift.conf
|
Loading…
Reference in New Issue