94b72365ac
We currently have two issues with venvs:
- if you update your venv on the repo server, it is not possible for
that updated venv to land on the service's container as the get_url
task always skips if the file exists (even if the file is different)
- if you have an updated venv on the repo server and forcefully delete
the cached venv tarball on the service's container, the new tarball
will get unarchived over top of the existing venv
This commit does the following:
- gets the checksum of the /var/cache tarball and downloads checksum
file from repo server
- updates "Attempt venv download" to only download the venv if the
cache doesn't exist or if the local and remote checksums differ
- adds a "force: true" to "Attempt venv download" task so that the venv
tarball will get re-downloaded when the when condition is true (this
is necessary otherwise the download will get skipped since the
destination already exists)
- adds a new task "Remove existing venv" so we can first remove the
venv before we unarchive the potentially new venv from the repo
server
- updates "Create swift venv dir" and "Unarchive pre-built venv"
tasks to only proceed if "swift_get_venv | changed", which
prevents these tasks from running when they the venv tarball hasn't
changed
- adds multiple service restarts to
os_swift/tasks/swift_install.yml so that swift will restart
correctly should the venv/packages update without any associated
config changes
NOTE: The reason why we compare local and remote checksum is to avoid
unnecessarily downloading the venv when the checksums are in fact
the same. On small deploys this is more or less a non-issue but
if a deploy w/ thousands of compute nodes re-runs playbooks we
want to limit the venv downloads when it's unnecessary.
Change-Id: I4b028f6e4ca59eceac010d2bbc10a8d79f6f3937
259 lines
8.4 KiB
YAML
259 lines
8.4 KiB
YAML
---
|
|
# Copyright 2014, Rackspace US, Inc.
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
# you may not use this file except in compliance with the License.
|
|
# You may obtain a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
# See the License for the specific language governing permissions and
|
|
# limitations under the License.
|
|
|
|
# Enable/Disable Ceilometer
|
|
swift_ceilometer_enabled: False
|
|
|
|
## Verbosity Options
|
|
debug: False
|
|
verbose: True
|
|
|
|
# Name of the virtual env to deploy into
|
|
swift_venv_tag: untagged
|
|
swift_venv_bin: "/openstack/venvs/swift-{{ swift_venv_tag }}/bin"
|
|
|
|
# Set this to enable or disable installing in a venv
|
|
swift_venv_enabled: true
|
|
|
|
# The bin path defaults to the venv path however if installation in a
|
|
# venv is disabled the bin path will be dynamically set based on the
|
|
# system path used when the installing.
|
|
swift_bin: "{{ swift_venv_bin }}"
|
|
|
|
swift_venv_download_url: http://127.0.0.1/venvs/untagged/ubuntu/swift.tgz
|
|
|
|
# Set the full path to the swift recon cron
|
|
recon_cron_path: "{{ swift_bin }}/swift-recon-cron"
|
|
|
|
|
|
## Swift User / Group
|
|
swift_system_user_name: swift
|
|
swift_system_group_name: swift
|
|
swift_system_shell: /bin/bash
|
|
swift_system_comment: swift system user
|
|
swift_system_home_folder: "/var/lib/{{ swift_system_user_name }}"
|
|
|
|
## Auth token
|
|
swift_delay_auth_decision: true
|
|
|
|
## Swift middleware
|
|
# NB: The order is important!
|
|
swift_middleware_list:
|
|
- catch_errors
|
|
- gatekeeper
|
|
- healthcheck
|
|
- proxy-logging
|
|
# - ceilometer
|
|
- cache
|
|
- container_sync
|
|
- bulk
|
|
- tempurl
|
|
- ratelimit
|
|
- authtoken
|
|
- keystoneauth
|
|
- container-quotas
|
|
- account-quotas
|
|
- slo
|
|
- dlo
|
|
- proxy-logging
|
|
- proxy-server
|
|
|
|
## Swift default ports
|
|
swift_proxy_port: "8080"
|
|
swift_object_port: "6000"
|
|
swift_container_port: "6001"
|
|
swift_account_port: "6002"
|
|
|
|
## Swift service defaults
|
|
swift_service_name: swift
|
|
swift_service_user_name: swift
|
|
swift_service_project_name: service
|
|
swift_service_project_domain_id: "default"
|
|
swift_service_user_domain_id: "default"
|
|
swift_service_role_name: "admin"
|
|
swift_service_type: object-store
|
|
swift_service_proto: http
|
|
swift_service_publicuri_proto: "{{ openstack_service_publicuri_proto | default(swift_service_proto) }}"
|
|
swift_service_adminuri_proto: "{{ openstack_service_adminuri_proto | default(swift_service_proto) }}"
|
|
swift_service_internaluri_proto: "{{ openstack_service_internaluri_proto | default(swift_service_proto) }}"
|
|
swift_service_description: "Object Storage Service"
|
|
swift_service_publicuri: "{{ swift_service_publicuri_proto }}://{{ external_lb_vip_address }}:{{ swift_proxy_port }}"
|
|
swift_service_publicurl: "{{ swift_service_publicuri }}/v1/AUTH_%(tenant_id)s"
|
|
swift_service_adminuri: "{{ swift_service_adminuri_proto }}://{{ internal_lb_vip_address }}:{{ swift_proxy_port }}"
|
|
swift_service_adminurl: "{{ swift_service_adminuri }}/v1/AUTH_%(tenant_id)s"
|
|
swift_service_internaluri: "{{ swift_service_internaluri_proto }}://{{ internal_lb_vip_address }}:{{ swift_proxy_port }}"
|
|
swift_service_internalurl: "{{ swift_service_internaluri }}/v1/AUTH_%(tenant_id)s"
|
|
swift_service_region: RegionOne
|
|
statsd_host:
|
|
statsd_port: 8125
|
|
statsd_default_sample_rate: 1.0
|
|
statsd_sample_rate_factor: 1.0
|
|
statsd_metric_prefix:
|
|
|
|
## Keystone authentication middleware
|
|
swift_keystone_auth_plugin: "password"
|
|
|
|
## Swift default variables
|
|
swift_dispersion_user: dispersion
|
|
swift_operator_role: swiftoperator
|
|
swift_allow_versions: True
|
|
# This will allow all users to create containers and upload to swift if set to True
|
|
swift_allow_all_users: False
|
|
# If you want to regenerate the swift keys, on a run, for rsync purposes set this var to True otherwise keys will be generated on the first run and not regenerated each run.
|
|
swift_recreate_keys: False
|
|
swift_sorting_method: shuffle
|
|
|
|
## Swift ceilometer variables
|
|
swift_reselleradmin_role: ResellerAdmin
|
|
|
|
swift_account_server_program_config_options: /etc/swift/account-server/account-server.conf
|
|
swift_account_replicator_program_config_options: /etc/swift/account-server/account-server-replicator.conf
|
|
|
|
swift_container_server_program_config_options: /etc/swift/container-server/container-server.conf
|
|
swift_container_replicator_program_config_options: /etc/swift/container-server/container-server-replicator.conf
|
|
swift_container_reconciler_program_config_options: /etc/swift/container-server/container-reconciler.conf
|
|
|
|
swift_object_server_program_config_options: /etc/swift/object-server/object-server.conf
|
|
swift_object_replicator_program_config_options: /etc/swift/object-server/object-server-replicator.conf
|
|
swift_object_expirer_program_config_options: /etc/swift/object-server/object-expirer.conf
|
|
|
|
swift_proxy_server_program_config_options: /etc/swift/proxy-server/proxy-server.conf
|
|
|
|
## General Swift configuration
|
|
# If ``swift_account_server_replicator_workers`` is unset the system will use half the number
|
|
# of available VCPUS to compute the number of api workers to use.
|
|
# swift_account_server_replicator_workers: 16
|
|
|
|
# If ``swift_server_replicator_workers`` is unset the system will use half the number
|
|
# of available VCPUS to compute the number of api workers to use.
|
|
# swift_server_replicator_workers: 16
|
|
|
|
# If ``swift_object_replicator_workers`` is unset the system will use half the number
|
|
# of available VCPUS to compute the number of api workers to use.
|
|
# swift_object_replicator_workers: 16
|
|
|
|
# If ``swift_account_server_workers`` is unset the system will use half the number
|
|
# of available VCPUS to compute the number of api workers to use.
|
|
# swift_account_server_workers: 16
|
|
|
|
# If ``swift_container_server_workers`` is unset the system will use half the number
|
|
# of available VCPUS to compute the number of api workers to use.
|
|
# swift_container_server_workers: 16
|
|
|
|
# If ``swift_object_server_workers`` is unset the system will use half the number
|
|
# of available VCPUS to compute the number of api workers to use.
|
|
# swift_object_server_workers: 16
|
|
|
|
# If ``swift_proxy_server_workers`` is unset the system will use half the number
|
|
# of available VCPUS to compute the number of api workers to use.
|
|
# swift_proxy_server_workers: 16
|
|
|
|
# This is the storage addressed used to define the network for swift replication
|
|
swift_storage_address: 127.0.0.1
|
|
swift_replication_address: 127.0.0.1
|
|
|
|
swift_service_in_ldap: false
|
|
|
|
# Basic swift configuration for the cluster
|
|
swift: {}
|
|
|
|
# Example basic swift configuration for the cluster
|
|
# swift:
|
|
# part_power: 8
|
|
# storage_network: 'br-storage'
|
|
# replication_network: 'br-storage'
|
|
# drives:
|
|
# - name: swift1.img
|
|
# - name: swift2.img
|
|
# - name: swift3.img
|
|
# mount_point: /srv
|
|
# storage_policies:
|
|
# - policy:
|
|
# name: default
|
|
# index: 0
|
|
# default: True
|
|
|
|
# swift packages that must be installed before anything else
|
|
swift_requires_pip_packages:
|
|
- virtualenv
|
|
- virtualenv-tools
|
|
- python-keystoneclient # Keystoneclient needed to OSA keystone lib
|
|
- httplib2
|
|
|
|
swift_pip_packages:
|
|
- ceilometermiddleware
|
|
- dnspython
|
|
- ecdsa
|
|
- keystonemiddleware
|
|
- pyeclib
|
|
- pycrypto
|
|
- python-cinderclient
|
|
- python-keystoneclient
|
|
- python-memcached
|
|
- python-swiftclient
|
|
- pywbem
|
|
- swift
|
|
|
|
swift_apt_packages:
|
|
- curl
|
|
- gcc
|
|
- git-core
|
|
- liberasurecode1
|
|
- liberasurecode-dev
|
|
- libffi-dev
|
|
- openssh-server
|
|
- python-dev
|
|
- rsync
|
|
|
|
swift_account_program_names:
|
|
- swift-account-server
|
|
- swift-account-auditor
|
|
- swift-account-replicator
|
|
- swift-account-reaper
|
|
- swift-account-replicator-server
|
|
|
|
swift_container_program_names:
|
|
- swift-container-server
|
|
- swift-container-auditor
|
|
- swift-container-replicator
|
|
- swift-container-sync
|
|
- swift-container-updater
|
|
- swift-container-replicator-server
|
|
- swift-container-reconciler
|
|
|
|
swift_object_program_names:
|
|
- swift-object-server
|
|
- swift-object-auditor
|
|
- swift-object-replicator
|
|
- swift-object-updater
|
|
- swift-object-replicator-server
|
|
- swift-object-expirer
|
|
|
|
swift_proxy_program_names:
|
|
- swift-proxy-server
|
|
|
|
## Tunable overrides
|
|
swift_swift_conf_overrides: {}
|
|
swift_swift_dispersion_conf_overrides: {}
|
|
swift_proxy_server_conf_overrides: {}
|
|
swift_account_server_conf_overrides: {}
|
|
swift_account_server_replicator_conf_overrides: {}
|
|
swift_container_server_conf_overrides: {}
|
|
swift_container_reconciler_conf_overrides: {}
|
|
swift_container_server_replicator_conf_overrides: {}
|
|
swift_object_server_conf_overrides: {}
|
|
swift_object_expirer_conf_overrides: {}
|
|
swift_object_server_replicator_conf_overrides: {}
|