85a657dbf0
This patch adds a var used by the repo_build process to determine which host group to check for members of before building the pip packages required by this role. This provides the ability to optimise the repo build process to only building the packages that are required for an environment. Depends-On: Idda16b4f382eee57c7469af898859d6d81d4eb30 Change-Id: Iedb4c0c91daa291f881a9fc00c5b8c40bb312ce3
337 lines
12 KiB
YAML
337 lines
12 KiB
YAML
---
|
|
# Copyright 2014, Rackspace US, Inc.
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
# you may not use this file except in compliance with the License.
|
|
# You may obtain a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
# See the License for the specific language governing permissions and
|
|
# limitations under the License.
|
|
|
|
# Enable/Disable Ceilometer
|
|
swift_ceilometer_enabled: False
|
|
|
|
## Verbosity Options
|
|
debug: False
|
|
|
|
# Set the package install state for distribution packages
|
|
# Options are 'present' and 'latest'
|
|
swift_package_state: "latest"
|
|
|
|
swift_git_repo: https://git.openstack.org/openstack/swift
|
|
swift_git_install_branch: master
|
|
swift_requirements_git_repo: https://git.openstack.org/openstack/requirements
|
|
swift_requirements_git_install_branch: master
|
|
swift_developer_mode: false
|
|
swift_developer_constraints:
|
|
- "git+{{ swift_git_repo }}@{{ swift_git_install_branch }}#egg=swift"
|
|
|
|
# Name of the virtual env to deploy into
|
|
swift_venv_tag: untagged
|
|
swift_bin: "/openstack/venvs/swift-{{ swift_venv_tag }}/bin"
|
|
|
|
swift_venv_download_url: http://127.0.0.1/venvs/untagged/ubuntu/swift.tgz
|
|
|
|
# Set the full path to the swift recon cron
|
|
recon_cron_path: "{{ swift_bin }}/swift-recon-cron"
|
|
|
|
|
|
## Swift User / Group
|
|
swift_system_user_name: swift
|
|
swift_system_group_name: swift
|
|
swift_system_shell: /bin/bash
|
|
swift_system_comment: swift system user
|
|
swift_system_home_folder: "/var/lib/{{ swift_system_user_name }}"
|
|
## Swift Syslog User / Group
|
|
swift_syslog_user_name: syslog
|
|
swift_syslog_group_name: syslog
|
|
|
|
## Auth token
|
|
swift_delay_auth_decision: true
|
|
|
|
## Swift middleware
|
|
# NB: The order is important!
|
|
swift_middleware_list:
|
|
- catch_errors
|
|
- gatekeeper
|
|
- healthcheck
|
|
- proxy-logging
|
|
- "{% if swift_ceilometer_enabled | bool %}ceilometer{% endif %}"
|
|
- cache
|
|
- container_sync
|
|
- bulk
|
|
- tempurl
|
|
- ratelimit
|
|
- authtoken
|
|
- keystoneauth
|
|
- staticweb
|
|
- container-quotas
|
|
- account-quotas
|
|
- slo
|
|
- dlo
|
|
- proxy-logging
|
|
- proxy-server
|
|
|
|
## Swift default ports
|
|
swift_proxy_port: "8080"
|
|
swift_object_port: "6000"
|
|
swift_container_port: "6001"
|
|
swift_account_port: "6002"
|
|
|
|
# Default swift ring settings:
|
|
swift_default_replication_number: 3
|
|
swift_default_min_part_hours: 1
|
|
swift_default_host_zone: 0
|
|
swift_default_host_region: 1
|
|
swift_default_drive_weight: 100
|
|
|
|
## Swift service defaults
|
|
swift_service_name: swift
|
|
swift_service_user_name: swift
|
|
swift_service_project_name: service
|
|
swift_service_project_domain_id: "default"
|
|
swift_service_project_domain_name: "Default"
|
|
swift_service_user_domain_id: "default"
|
|
swift_service_role_name: "admin"
|
|
swift_service_type: object-store
|
|
swift_service_proto: http
|
|
swift_service_publicuri_proto: "{{ openstack_service_publicuri_proto | default(swift_service_proto) }}"
|
|
swift_service_adminuri_proto: "{{ openstack_service_adminuri_proto | default(swift_service_proto) }}"
|
|
swift_service_internaluri_proto: "{{ openstack_service_internaluri_proto | default(swift_service_proto) }}"
|
|
swift_service_description: "Object Storage Service"
|
|
swift_service_publicuri: "{{ swift_service_publicuri_proto }}://{{ external_lb_vip_address }}:{{ swift_proxy_port }}"
|
|
swift_service_publicurl: "{{ swift_service_publicuri }}/v1/AUTH_%(tenant_id)s"
|
|
swift_service_adminuri: "{{ swift_service_adminuri_proto }}://{{ internal_lb_vip_address }}:{{ swift_proxy_port }}"
|
|
swift_service_adminurl: "{{ swift_service_adminuri }}/v1/AUTH_%(tenant_id)s"
|
|
swift_service_internaluri: "{{ swift_service_internaluri_proto }}://{{ internal_lb_vip_address }}:{{ swift_proxy_port }}"
|
|
swift_service_internalurl: "{{ swift_service_internaluri }}/v1/AUTH_%(tenant_id)s"
|
|
swift_service_region: RegionOne
|
|
statsd_host:
|
|
statsd_port: 8125
|
|
statsd_default_sample_rate: 1.0
|
|
statsd_sample_rate_factor: 1.0
|
|
statsd_metric_prefix:
|
|
|
|
# Set the file limits
|
|
swift_hard_open_file_limits: 10240
|
|
swift_soft_open_file_limits: 4096
|
|
swift_max_file_limits: "{{ swift_hard_open_file_limits * 24 }}"
|
|
|
|
## Keystone authentication middleware
|
|
swift_keystone_auth_plugin: "password"
|
|
|
|
swift_dispersion_user: dispersion
|
|
swift_dispersion_user_domain_name: "Default"
|
|
|
|
swift_operator_role: swiftoperator
|
|
swift_allow_versions: True
|
|
# This will allow all users to create containers and upload to swift if set to True
|
|
swift_allow_all_users: False
|
|
# If you want to regenerate the swift keys, on a run, for rsync purposes set this var to True otherwise keys will be generated on the first run and not regenerated each run.
|
|
swift_recreate_keys: False
|
|
swift_sorting_method: shuffle
|
|
# Set the fallocate_reserve value which will reserve space and fail on PUTs above this value in bytes (Default 10GB)
|
|
swift_fallocate_reserve: "1%"
|
|
swift_account_fallocate_reserve: "{{ swift_fallocate_reserve }}"
|
|
swift_container_fallocate_reserve: "{{ swift_fallocate_reserve }}"
|
|
swift_object_fallocate_reserve: "{{ swift_fallocate_reserve }}"
|
|
# Set this to true to disable fallocate
|
|
swift_disable_fallocate: false
|
|
swift_account_disable_fallocate: "{{ swift_disable_fallocate }}"
|
|
swift_container_disable_fallocate: "{{ swift_disable_fallocate }}"
|
|
swift_object_disable_fallocate: "{{ swift_disable_fallocate }}"
|
|
|
|
## Swift ceilometer variables
|
|
swift_reselleradmin_role: ResellerAdmin
|
|
|
|
swift_account_server_program_config_options: /etc/swift/account-server/account-server.conf
|
|
swift_account_replicator_program_config_options: /etc/swift/account-server/account-server-replicator.conf
|
|
|
|
swift_container_server_program_config_options: /etc/swift/container-server/container-server.conf
|
|
swift_container_replicator_program_config_options: /etc/swift/container-server/container-server-replicator.conf
|
|
swift_container_reconciler_program_config_options: /etc/swift/container-server/container-reconciler.conf
|
|
|
|
swift_object_server_program_config_options: /etc/swift/object-server/object-server.conf
|
|
swift_object_replicator_program_config_options: /etc/swift/object-server/object-server-replicator.conf
|
|
swift_object_expirer_program_config_options: /etc/swift/object-server/object-expirer.conf
|
|
|
|
swift_proxy_server_program_config_options: /etc/swift/proxy-server/proxy-server.conf
|
|
|
|
## General Swift configuration
|
|
# If ``swift_account_server_replicator_workers`` is unset the system will use half the number
|
|
# of available VCPUS to compute the number of api workers to use.
|
|
# swift_account_server_replicator_workers: 16
|
|
|
|
# If ``swift_server_replicator_workers`` is unset the system will use half the number
|
|
# of available VCPUS to compute the number of api workers to use.
|
|
# swift_server_replicator_workers: 16
|
|
|
|
# If ``swift_object_replicator_workers`` is unset the system will use half the number
|
|
# of available VCPUS to compute the number of api workers to use.
|
|
# swift_object_replicator_workers: 16
|
|
|
|
# If ``swift_account_server_workers`` is unset the system will use half the number
|
|
# of available VCPUS to compute the number of api workers to use.
|
|
# swift_account_server_workers: 16
|
|
|
|
# If ``swift_container_server_workers`` is unset the system will use half the number
|
|
# of available VCPUS to compute the number of api workers to use.
|
|
# swift_container_server_workers: 16
|
|
|
|
# If ``swift_object_server_workers`` is unset the system will use half the number
|
|
# of available VCPUS to compute the number of api workers to use.
|
|
# swift_object_server_workers: 16
|
|
|
|
# If ``swift_proxy_server_workers`` is unset the system will use half the number
|
|
# of available VCPUS to compute the number of api workers to use.
|
|
# swift_proxy_server_workers: 16
|
|
|
|
# This is the storage addressed used to define the network for swift replication
|
|
swift_storage_address: 127.0.0.1
|
|
swift_replication_address: 127.0.0.1
|
|
|
|
swift_service_in_ldap: false
|
|
|
|
# Basic swift configuration for the cluster
|
|
swift: {}
|
|
|
|
# Example basic swift configuration for the cluster
|
|
# swift:
|
|
# part_power: 8
|
|
# storage_network: 'br-storage'
|
|
# replication_network: 'br-storage'
|
|
# drives:
|
|
# - name: swift1.img
|
|
# - name: swift2.img
|
|
# - name: swift3.img
|
|
# mount_point: /srv
|
|
# storage_policies:
|
|
# - policy:
|
|
# name: default
|
|
# index: 0
|
|
# default: True
|
|
|
|
# Set rsync max_connections vars
|
|
swift_max_rsync_connections: 4
|
|
swift_account_max_rsync_connections: "{{ swift_max_rsync_connections }}"
|
|
swift_container_max_rsync_connections: "{{ swift_max_rsync_connections }}"
|
|
swift_object_max_rsync_connections: "{{ swift_max_rsync_connections }}"
|
|
|
|
# Set Swift to use rsync module per object server drive
|
|
swift_rsync_module_per_drive: False
|
|
|
|
# Set the managed regions as a list of swift regions to manage
|
|
# Use for global clusters, default when not set is all regions.
|
|
# swift_managed_regions:
|
|
# - 1
|
|
# - 2
|
|
|
|
# swift_do_setup and swift_do_sync control which parts of the swift
|
|
# role get run. You should never need to adjust these, they are set
|
|
# within the swift-setup and swift-sync roles to ensure only the
|
|
# appropriate tasks within the os-swift role are run.
|
|
swift_do_setup: True
|
|
swift_do_sync: True
|
|
|
|
# Example swift_container_sync_realms to specify container_sync realms
|
|
# This can exist for multiple realms (in a list)
|
|
# swift_container_sync_realms:
|
|
# - name: realm1
|
|
# # You may want to put swift_realm_keyx in user_secrets.yml or ansible-vault
|
|
# # Otherwise specify it manually below.
|
|
# key1: {{ swift_realm_key1 }}
|
|
# # key2 is optional and used for rotating/deprecated keys
|
|
# key2: {{ swift_realm_key2 }}
|
|
# clustername1: https://<cluster1-ip>/v1
|
|
# clustername2: https://<cluster2-ip>/v1
|
|
|
|
# swift packages that must be installed before anything else
|
|
swift_requires_pip_packages:
|
|
- virtualenv
|
|
- virtualenv-tools
|
|
- python-keystoneclient # Keystoneclient needed to OSA keystone lib
|
|
- httplib2
|
|
|
|
swift_pip_packages:
|
|
- ceilometermiddleware
|
|
- dnspython
|
|
- ecdsa
|
|
- keystonemiddleware
|
|
- pyeclib
|
|
- pycrypto
|
|
- python-cinderclient
|
|
- python-keystoneclient
|
|
- python-memcached
|
|
- python-swiftclient
|
|
- swift
|
|
|
|
swift_account_program_names:
|
|
- swift-account-server
|
|
- swift-account-auditor
|
|
- swift-account-replicator
|
|
- swift-account-reaper
|
|
- swift-account-replicator-server
|
|
|
|
swift_container_program_names:
|
|
- swift-container-server
|
|
- swift-container-auditor
|
|
- swift-container-replicator
|
|
- swift-container-sync
|
|
- swift-container-updater
|
|
- swift-container-replicator-server
|
|
- swift-container-reconciler
|
|
|
|
swift_object_program_names:
|
|
- swift-object-server
|
|
- swift-object-auditor
|
|
- swift-object-replicator
|
|
- swift-object-updater
|
|
- swift-object-replicator-server
|
|
- swift-object-expirer
|
|
|
|
swift_proxy_program_names:
|
|
- swift-proxy-server
|
|
|
|
# Set to True to reset the clock on the last time a rebalance happened,
|
|
# circumventing the min_part_hours check.
|
|
# USE WITH EXTREME CAUTION
|
|
# If you run the swift playbook with this option enabled, before a swift
|
|
# replication pass completes, you may introduce unavailability in your
|
|
# cluster. This has an end-user impact.
|
|
swift_pretend_min_part_hours_passed: False
|
|
|
|
# Set this option to enable or disable the pypy interpreter for swift
|
|
swift_pypy_enabled: false
|
|
swift_pypy_archive:
|
|
url: "https://bitbucket.org/pypy/pypy/downloads/pypy2-v5.3.1-linux64.tar.bz2"
|
|
sha256: "6d0e8b14875b76b1e77f06a2ee3f1fb5015a645a951ba7a7586289344d4d9c22"
|
|
swift_pypy_version: "{{ swift_pypy_archive['url'] | basename | replace('.tar.bz2', '') }}"
|
|
swift_pypy_env: "/opt/pypy-runtime/{{ swift_pypy_version }}/bin/pypy"
|
|
|
|
# This variable is used by the repo_build process to determine
|
|
# which host group to check for members of before building the
|
|
# pip packages required by this role. The value is picked up
|
|
# by the py_pkgs lookup.
|
|
swift_role_project_group: swift_all
|
|
|
|
## Tunable overrides
|
|
swift_swift_conf_overrides: {}
|
|
swift_swift_dispersion_conf_overrides: {}
|
|
swift_proxy_server_conf_overrides: {}
|
|
swift_account_server_conf_overrides: {}
|
|
swift_account_server_replicator_conf_overrides: {}
|
|
swift_container_server_conf_overrides: {}
|
|
swift_container_reconciler_conf_overrides: {}
|
|
swift_container_server_replicator_conf_overrides: {}
|
|
swift_container_sync_realms_conf_overrides: {}
|
|
swift_drive_audit_conf_overrides: {}
|
|
swift_object_server_conf_overrides: {}
|
|
swift_object_expirer_conf_overrides: {}
|
|
swift_object_server_replicator_conf_overrides: {}
|
|
swift_memcache_conf_overrides: {}
|