openstack/openstack-ansible-os_swift
Code Issues Proposed changes
openstack-ansible-os_swift/defaults/main.yml
Andy McCrae 750ccaa9e8 Refactor and improve swift-rings.py 
We can simplify and refactor swift_rings.py and swift_rings_check.py by
moving to a "FULL_HOST_KEY" model where we simply compare the full
string, rather than individual elements.

To do this we need to adjust the contents template to use the same field
values as used by swift:
* rename repl_ip to replication_ip
* rename repl_port to replication_port

Additionally, this allows us the ability to change port values on the
fly, by adjusting the "DEVICE_KEY" to only be the IP and device name the
port will now automatically get changed if the service port changes.

This is a precursor to adjusting the default swift storage service ports
to match upstream defaults, and will reduce the upgrade impact of that
task.

Change-Id: I704edcba4facb2170990ebec2a67d4179a023fc2
2016-09-02 05:10:17 +00:00

352 lines
13 KiB
YAML
Raw Blame History

---
# Copyright 2014, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Enable/Disable Ceilometer
swift_ceilometer_enabled: False
## Verbosity Options
debug: False
# Set the package install state for distribution packages
# Options are 'present' and 'latest'
swift_package_state: "latest"
swift_git_repo: https://git.openstack.org/openstack/swift
swift_git_install_branch: master
swift_requirements_git_repo: https://git.openstack.org/openstack/requirements
swift_requirements_git_install_branch: master
swift_developer_mode: false
swift_developer_constraints:
- "git+{{ swift_git_repo }}@{{ swift_git_install_branch }}#egg=swift"
# Name of the virtual env to deploy into
swift_venv_tag: untagged
swift_bin: "/openstack/venvs/swift-{{ swift_venv_tag }}/bin"
swift_venv_download_url: http://127.0.0.1/venvs/untagged/ubuntu/swift.tgz
# Set the full path to the swift recon cron
recon_cron_path: "{{ swift_bin }}/swift-recon-cron"
## Swift User / Group
swift_system_user_name: swift
swift_system_group_name: swift
swift_system_shell: /bin/bash
swift_system_comment: swift system user
swift_system_home_folder: "/var/lib/{{ swift_system_user_name }}"
## Swift Syslog User / Group
swift_syslog_user_name: syslog
swift_syslog_group_name: syslog
swift_syslog_log_perms: "0644"
## Auth token
swift_delay_auth_decision: true
## Swift middleware
# NB: The order is important!
swift_middleware_list:
- catch_errors
- gatekeeper
- healthcheck
- proxy-logging
- "{% if swift_ceilometer_enabled | bool %}ceilometer{% endif %}"
- cache
- container_sync
- bulk
- tempurl
- ratelimit
- authtoken
- keystoneauth
- staticweb
- container-quotas
- account-quotas
- slo
- dlo
- proxy-logging
- proxy-server
## Swift default ports
swift_proxy_port: "8080"
# You can change the object, container, account ports.
# This will update the ring, on the next playbook run,
# without requiring a rebalance.
# NB: There is service downtime, during the run, between
# the service restart and the ring updating.
swift_object_port: "6000"
swift_container_port: "6001"
swift_account_port: "6002"
# Default swift ring settings:
swift_default_replication_number: 3
swift_default_min_part_hours: 1
swift_default_host_zone: 0
swift_default_host_region: 1
swift_default_drive_weight: 100
## Swift service defaults
swift_service_name: swift
swift_service_user_name: swift
swift_service_project_name: service
swift_service_project_domain_id: "default"
swift_service_project_domain_name: "Default"
swift_service_user_domain_id: "default"
swift_service_role_name: "admin"
swift_service_type: object-store
swift_service_proto: http
swift_service_publicuri_proto: "{{ openstack_service_publicuri_proto | default(swift_service_proto) }}"
swift_service_adminuri_proto: "{{ openstack_service_adminuri_proto | default(swift_service_proto) }}"
swift_service_internaluri_proto: "{{ openstack_service_internaluri_proto | default(swift_service_proto) }}"
swift_service_description: "Object Storage Service"
swift_service_publicuri: "{{ swift_service_publicuri_proto }}://{{ external_lb_vip_address }}:{{ swift_proxy_port }}"
swift_service_publicurl: "{{ swift_service_publicuri }}/v1/AUTH_%(tenant_id)s"
swift_service_adminuri: "{{ swift_service_adminuri_proto }}://{{ internal_lb_vip_address }}:{{ swift_proxy_port }}"
swift_service_adminurl: "{{ swift_service_adminuri }}/v1/AUTH_%(tenant_id)s"
swift_service_internaluri: "{{ swift_service_internaluri_proto }}://{{ internal_lb_vip_address }}:{{ swift_proxy_port }}"
swift_service_internalurl: "{{ swift_service_internaluri }}/v1/AUTH_%(tenant_id)s"
swift_service_region: RegionOne
statsd_host:
statsd_port: 8125
statsd_default_sample_rate: 1.0
statsd_sample_rate_factor: 1.0
statsd_metric_prefix:
# Set the file limits
swift_hard_open_file_limits: 10240
swift_soft_open_file_limits: 4096
swift_max_file_limits: "{{ swift_hard_open_file_limits * 24 }}"
## Keystone authentication middleware
swift_keystone_auth_plugin: "password"
swift_dispersion_user: dispersion
swift_dispersion_user_domain_name: "Default"
swift_operator_role: swiftoperator
swift_allow_versions: True
# This will allow all users to create containers and upload to swift if set to True
swift_allow_all_users: False
# If you want to regenerate the swift keys, on a run, for rsync purposes set this var to True otherwise keys will be generated on the first run and not regenerated each run.
swift_recreate_keys: False
swift_sorting_method: shuffle
# Set the fallocate_reserve value which will reserve space and fail on PUTs above this value in bytes (Default 10GB)
swift_fallocate_reserve: "1%"
swift_account_fallocate_reserve: "{{ swift_fallocate_reserve }}"
swift_container_fallocate_reserve: "{{ swift_fallocate_reserve }}"
swift_object_fallocate_reserve: "{{ swift_fallocate_reserve }}"
# Set this to true to disable fallocate
swift_disable_fallocate: false
swift_account_disable_fallocate: "{{ swift_disable_fallocate }}"
swift_container_disable_fallocate: "{{ swift_disable_fallocate }}"
swift_object_disable_fallocate: "{{ swift_disable_fallocate }}"
## Swift ceilometer variables
swift_reselleradmin_role: ResellerAdmin
# Swift ceilometer rabbitmq settings
swift_rabbitmq_telemetry_userid: "swift"
swift_rabbitmq_telemetry_vhost: "/swift"
swift_rabbitmq_telemetry_port: "5672"
swift_rabbitmq_telemetry_servers: "127.0.0.1"
# For now swift ceilometer does not work with SSL - this is a speculative option in the hope it gets added
swift_rabbitmq_telemetry_use_ssl: "False"
swift_account_server_program_config_options: /etc/swift/account-server/account-server.conf
swift_account_replicator_program_config_options: /etc/swift/account-server/account-server-replicator.conf
swift_container_server_program_config_options: /etc/swift/container-server/container-server.conf
swift_container_replicator_program_config_options: /etc/swift/container-server/container-server-replicator.conf
swift_container_reconciler_program_config_options: /etc/swift/container-server/container-reconciler.conf
swift_object_server_program_config_options: /etc/swift/object-server/object-server.conf
swift_object_replicator_program_config_options: /etc/swift/object-server/object-server-replicator.conf
swift_object_expirer_program_config_options: /etc/swift/object-server/object-expirer.conf
swift_proxy_server_program_config_options: /etc/swift/proxy-server/proxy-server.conf
## General Swift configuration
# If ``swift_account_server_replicator_workers`` is unset the system will use half the number
# of available VCPUS to compute the number of api workers to use.
# swift_account_server_replicator_workers: 16
# If ``swift_server_replicator_workers`` is unset the system will use half the number
# of available VCPUS to compute the number of api workers to use.
# swift_server_replicator_workers: 16
# If ``swift_object_replicator_workers`` is unset the system will use half the number
# of available VCPUS to compute the number of api workers to use.
# swift_object_replicator_workers: 16
# If ``swift_account_server_workers`` is unset the system will use half the number
# of available VCPUS to compute the number of api workers to use.
# swift_account_server_workers: 16
# If ``swift_container_server_workers`` is unset the system will use half the number
# of available VCPUS to compute the number of api workers to use.
# swift_container_server_workers: 16
# If ``swift_object_server_workers`` is unset the system will use half the number
# of available VCPUS to compute the number of api workers to use.
# swift_object_server_workers: 16
# If ``swift_proxy_server_workers`` is unset the system will use half the number
# of available VCPUS to compute the number of api workers to use.
# swift_proxy_server_workers: 16
# This is the storage addressed used to define the network for swift replication
swift_storage_address: 127.0.0.1
swift_replication_address: 127.0.0.1
swift_service_in_ldap: false
# Basic swift configuration for the cluster
swift: {}
# Example basic swift configuration for the cluster
# swift:
# part_power: 8
# storage_network: 'br-storage'
# replication_network: 'br-storage'
# drives:
# - name: swift1.img
# - name: swift2.img
# - name: swift3.img
# mount_point: /srv
# storage_policies:
# - policy:
# name: default
# index: 0
# default: True
# Set rsync max_connections vars
swift_max_rsync_connections: 4
swift_account_max_rsync_connections: "{{ swift_max_rsync_connections }}"
swift_container_max_rsync_connections: "{{ swift_max_rsync_connections }}"
swift_object_max_rsync_connections: "{{ swift_max_rsync_connections }}"
# Set Swift to use rsync module per object server drive
swift_rsync_module_per_drive: False
# Set the managed regions as a list of swift regions to manage
# Use for global clusters, default when not set is all regions.
# swift_managed_regions:
# - 1
# - 2
# swift_do_setup and swift_do_sync control which parts of the swift
# role get run. You should never need to adjust these, they are set
# within the swift-setup and swift-sync roles to ensure only the
# appropriate tasks within the os-swift role are run.
swift_do_setup: True
swift_do_sync: True
# Example swift_container_sync_realms to specify container_sync realms
# This can exist for multiple realms (in a list)
# swift_container_sync_realms:
# - name: realm1
# # You may want to put swift_realm_keyx in user_secrets.yml or ansible-vault
# # Otherwise specify it manually below.
# key1: {{ swift_realm_key1 }}
# # key2 is optional and used for rotating/deprecated keys
# key2: {{ swift_realm_key2 }}
# clustername1: https://<cluster1-ip>/v1
# clustername2: https://<cluster2-ip>/v1
# swift packages that must be installed before anything else
swift_requires_pip_packages:
- virtualenv
- virtualenv-tools
- python-keystoneclient # Keystoneclient needed to OSA keystone lib
- httplib2
swift_pip_packages:
- ceilometermiddleware
- dnspython
- ecdsa
- keystonemiddleware
- pyeclib
- pycrypto
- python-cinderclient
- python-keystoneclient
- python-memcached
- python-swiftclient
- swift
swift_account_program_names:
- swift-account-server
- swift-account-auditor
- swift-account-replicator
- swift-account-reaper
- swift-account-replicator-server
swift_container_program_names:
- swift-container-server
- swift-container-auditor
- swift-container-replicator
- swift-container-sync
- swift-container-updater
- swift-container-replicator-server
- swift-container-reconciler
swift_object_program_names:
- swift-object-server
- swift-object-auditor
- swift-object-replicator
- swift-object-updater
- swift-object-replicator-server
- swift-object-expirer
swift_proxy_program_names:
- swift-proxy-server
# Set to True to reset the clock on the last time a rebalance happened,
# circumventing the min_part_hours check.
# USE WITH EXTREME CAUTION
# If you run the swift playbook with this option enabled, before a swift
# replication pass completes, you may introduce unavailability in your
# cluster. This has an end-user impact.
swift_pretend_min_part_hours_passed: False
# Set this option to enable or disable the pypy interpreter for swift
swift_pypy_enabled: false
swift_pypy_archive:
url: "https://bitbucket.org/pypy/pypy/downloads/pypy2-v5.3.1-linux64.tar.bz2"
sha256: "6d0e8b14875b76b1e77f06a2ee3f1fb5015a645a951ba7a7586289344d4d9c22"
swift_pypy_version: "{{ swift_pypy_archive['url'] | basename | replace('.tar.bz2', '') }}"
swift_pypy_env: "/opt/pypy-runtime/{{ swift_pypy_version }}/bin/pypy"
# This variable is used by the repo_build process to determine
# which host group to check for members of before building the
# pip packages required by this role. The value is picked up
# by the py_pkgs lookup.
swift_role_project_group: swift_all
## Tunable overrides
swift_swift_conf_overrides: {}
swift_swift_dispersion_conf_overrides: {}
swift_proxy_server_conf_overrides: {}
swift_account_server_conf_overrides: {}
swift_account_server_replicator_conf_overrides: {}
swift_container_server_conf_overrides: {}
swift_container_reconciler_conf_overrides: {}
swift_container_server_replicator_conf_overrides: {}
swift_container_sync_realms_conf_overrides: {}
swift_drive_audit_conf_overrides: {}
swift_object_server_conf_overrides: {}
swift_object_expirer_conf_overrides: {}
swift_object_server_replicator_conf_overrides: {}
swift_memcache_conf_overrides: {}
View Git Blame Copy Permalink