From 93a6551b87e8a722b7d0f5b851a3c6c1f67da1e8 Mon Sep 17 00:00:00 2001 From: Pedro Alvarez Date: Tue, 14 Apr 2015 08:52:51 +0000 Subject: Openstack: Make Cinder configurable Change-Id: I9c2bb1a204a01fa82e90d517663f6cf654666395 Signed-off-by: Pedro Alvarez Signed-off-by: Francisco Redondo Marchena Signed-off-by: Patrick Darley --- openstack-cinder.configure | 88 ++++++++++++ openstack/manifest | 10 ++ .../systemd/system/openstack-cinder-api.service | 12 ++ .../systemd/system/openstack-cinder-backup.service | 12 ++ .../system/openstack-cinder-scheduler.service | 12 ++ .../systemd/system/openstack-cinder-setup.service | 9 ++ .../systemd/system/openstack-cinder-volume.service | 12 ++ openstack/usr/share/openstack/cinder.yml | 153 +++++++++++++++++++++ openstack/usr/share/openstack/cinder/cinder.conf | 54 ++++---- systems/openstack-system-x86_64.morph | 1 + 10 files changed, 336 insertions(+), 27 deletions(-) create mode 100644 openstack-cinder.configure create mode 100644 openstack/usr/lib/systemd/system/openstack-cinder-api.service create mode 100644 openstack/usr/lib/systemd/system/openstack-cinder-backup.service create mode 100644 openstack/usr/lib/systemd/system/openstack-cinder-scheduler.service create mode 100644 openstack/usr/lib/systemd/system/openstack-cinder-setup.service create mode 100644 openstack/usr/lib/systemd/system/openstack-cinder-volume.service create mode 100644 openstack/usr/share/openstack/cinder.yml diff --git a/openstack-cinder.configure b/openstack-cinder.configure new file mode 100644 index 00000000..0c15bd23 --- /dev/null +++ b/openstack-cinder.configure @@ -0,0 +1,88 @@ +#!/bin/sh + +# Copyright (C) 2014-2015 Codethink Limited +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; version 2 of the License. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License along +# with this program. If not, see . + +set -e + +ROOT="$1" + +########################################################################## + +ln -sf "/usr/lib/systemd/system/openstack-cinder-setup.service" \ + "$ROOT/etc/systemd/system/multi-user.target.wants/openstack-cinder-setup.service" + +########################################################################## +# Check variables +########################################################################## + +if [ -z "$RABBITMQ_HOST" -a \ + -z "$RABBITMQ_PORT" -a \ + -z "$RABBITMQ_USER" -a \ + -z "$RABBITMQ_PASSWORD" -a \ + -z "$KEYSTONE_TEMPORARY_ADMIN_TOKEN" -a \ + -z "$CINDER_DB_USER" -a \ + -z "$CINDER_DB_PASSWORD" -a \ + -z "$CONTROLLER_HOST_ADDRESS" -a \ + -z "$CINDER_SERVICE_USER" -a \ + -z "$CINDER_SERVICE_PASSWORD" -a \ + -z "$CINDER_DEVICE" -a \ + -z "$MANAGEMENT_INTERFACE_IP_ADDRESS" ]; then + # No Cinder options defined, do nothing. + exit 0 +fi + +if [ -z "$RABBITMQ_HOST" -o \ + -z "$RABBITMQ_PORT" -o \ + -z "$RABBITMQ_USER" -o \ + -z "$RABBITMQ_PASSWORD" -o \ + -z "$KEYSTONE_TEMPORARY_ADMIN_TOKEN" -o \ + -z "$CINDER_DB_USER" -o \ + -z "$CINDER_DB_PASSWORD" -o \ + -z "$CONTROLLER_HOST_ADDRESS" -o \ + -z "$CINDER_SERVICE_USER" -o \ + -z "$CINDER_SERVICE_PASSWORD" -o \ + -z "$CINDER_DEVICE" -o \ + -z "$MANAGEMENT_INTERFACE_IP_ADDRESS" ]; then + echo Some options required for Cinder were defined, but not all. + exit 1 +fi + +########################################################################## +# Generate configuration file +########################################################################## + +OPENSTACK_DATA="$ROOT/etc/openstack" +mkdir -p "$OPENSTACK_DATA" + +python <<'EOF' >"$OPENSTACK_DATA/cinder.conf" +import os, sys, yaml + +cinder_configuration={ + 'RABBITMQ_HOST':os.environ['RABBITMQ_HOST'], + 'RABBITMQ_PORT':os.environ['RABBITMQ_PORT'], + 'RABBITMQ_USER':os.environ['RABBITMQ_USER'], + 'RABBITMQ_PASSWORD':os.environ['RABBITMQ_PASSWORD'], + 'KEYSTONE_TEMPORARY_ADMIN_TOKEN':os.environ['KEYSTONE_TEMPORARY_ADMIN_TOKEN'], + 'CINDER_DB_USER':os.environ['CINDER_DB_USER'], + 'CINDER_DB_PASSWORD':os.environ['CINDER_DB_PASSWORD'], + 'CONTROLLER_HOST_ADDRESS':os.environ['CONTROLLER_HOST_ADDRESS'], + 'CINDER_SERVICE_USER':os.environ['CINDER_SERVICE_USER'], + 'CINDER_SERVICE_PASSWORD':os.environ['CINDER_SERVICE_PASSWORD'], + 'CINDER_DEVICE':os.environ['CINDER_DEVICE'], + 'MANAGEMENT_INTERFACE_IP_ADDRESS':os.environ['MANAGEMENT_INTERFACE_IP_ADDRESS'], +} + +yaml.dump(cinder_configuration, sys.stdout, default_flow_style=False) +EOF diff --git a/openstack/manifest b/openstack/manifest index 85b9cc7a..02155ed2 100644 --- a/openstack/manifest +++ b/openstack/manifest @@ -1,5 +1,10 @@ 0040755 0 0 /usr/share/openstack 0100644 0 0 /usr/share/openstack/hosts +0040755 0 0 /usr/share/openstack/cinder +0100644 0 0 /usr/share/openstack/cinder.yml +0100644 0 0 /usr/share/openstack/cinder/cinder.conf +0100644 0 0 /usr/share/openstack/cinder/api-paste.ini +0100644 0 0 /usr/share/openstack/cinder/policy.json 0100644 0 0 /usr/share/openstack/glance.yml 0040755 0 0 /usr/share/openstack/glance 0100644 0 0 /usr/share/openstack/glance/logging.conf @@ -29,4 +34,9 @@ 0100644 0 0 /usr/lib/systemd/system/openstack-glance-api.service 0100644 0 0 /usr/lib/systemd/system/openstack-glance-registry.service 0100644 0 0 /usr/lib/systemd/system/rabbitmq-server.service +0100644 0 0 /usr/lib/systemd/system/openstack-cinder-setup.service +0100644 0 0 /usr/lib/systemd/system/openstack-cinder-api.service +0100644 0 0 /usr/lib/systemd/system/openstack-cinder-scheduler.service +0100644 0 0 /usr/lib/systemd/system/openstack-cinder-volume.service +0100644 0 0 /usr/lib/systemd/system/openstack-cinder-backup.service 0100644 0 0 /usr/lib/systemd/system/postgres-server.service diff --git a/openstack/usr/lib/systemd/system/openstack-cinder-api.service b/openstack/usr/lib/systemd/system/openstack-cinder-api.service new file mode 100644 index 00000000..c863f3f5 --- /dev/null +++ b/openstack/usr/lib/systemd/system/openstack-cinder-api.service @@ -0,0 +1,12 @@ +[Unit] +Description=OpenStack Volume Service (code-named Cinder) API server +After=syslog.target network-online.target +Wants=network-online.target + +[Service] +Type=simple +User=cinder +ExecStart=/usr/bin/cinder-api --config-file /etc/cinder/cinder.conf --log-file=/var/log/cinder/cinder-api.log + +[Install] +WantedBy=multi-user.target diff --git a/openstack/usr/lib/systemd/system/openstack-cinder-backup.service b/openstack/usr/lib/systemd/system/openstack-cinder-backup.service new file mode 100644 index 00000000..2f489228 --- /dev/null +++ b/openstack/usr/lib/systemd/system/openstack-cinder-backup.service @@ -0,0 +1,12 @@ +[Unit] +Description=OpenStack Cinder backup server +After=syslog.target network-online.target +Wants=network-online.target + +[Service] +Type=simple +User=cinder +ExecStart=/usr/bin/cinder-backup --config-file /etc/cinder/cinder.conf --log-file=/var/log/cinder/cinder-backup.log + +[Install] +WantedBy=multi-user.target diff --git a/openstack/usr/lib/systemd/system/openstack-cinder-scheduler.service b/openstack/usr/lib/systemd/system/openstack-cinder-scheduler.service new file mode 100644 index 00000000..025f1f3c --- /dev/null +++ b/openstack/usr/lib/systemd/system/openstack-cinder-scheduler.service @@ -0,0 +1,12 @@ +[Unit] +Description=OpenStack Cinder scheduler server +After=syslog.target network-online.target +Wants=network-online.target + +[Service] +Type=simple +User=cinder +ExecStart=/usr/bin/cinder-scheduler --config-file /etc/cinder/cinder.conf --log-file=/var/log/cinder/cinder-scheduler.log + +[Install] +WantedBy=multi-user.target diff --git a/openstack/usr/lib/systemd/system/openstack-cinder-setup.service b/openstack/usr/lib/systemd/system/openstack-cinder-setup.service new file mode 100644 index 00000000..bac80b6b --- /dev/null +++ b/openstack/usr/lib/systemd/system/openstack-cinder-setup.service @@ -0,0 +1,9 @@ +[Unit] +Description=Run cinder-setup Ansible scripts +After=local-fs.target openstack-keystone-setup.service postgres-server.service + +[Service] +ExecStart=/usr/bin/ansible-playbook -v -M /usr/share/ansible/ansible-openstack-modules -i /usr/share/openstack/hosts /usr/share/openstack/cinder.yml + +[Install] +WantedBy=multi-user.target diff --git a/openstack/usr/lib/systemd/system/openstack-cinder-volume.service b/openstack/usr/lib/systemd/system/openstack-cinder-volume.service new file mode 100644 index 00000000..4a8da9c3 --- /dev/null +++ b/openstack/usr/lib/systemd/system/openstack-cinder-volume.service @@ -0,0 +1,12 @@ +[Unit] +Description=OpenStack Cinder volume server +After=syslog.target network-online.target +Wants=network-online.target + +[Service] +Type=simple +User=cinder +ExecStart=/usr/bin/cinder-volume --config-file /etc/cinder/cinder.conf --log-file=/var/log/cinder/cinder-volume.log + +[Install] +WantedBy=multi-user.target diff --git a/openstack/usr/share/openstack/cinder.yml b/openstack/usr/share/openstack/cinder.yml new file mode 100644 index 00000000..29490843 --- /dev/null +++ b/openstack/usr/share/openstack/cinder.yml @@ -0,0 +1,153 @@ +--- +- hosts: localhost + vars_files: + - "/etc/openstack/cinder.conf" + tasks: + +# Configure iscsid, this can go in a separate script + - name: Update kernel module dependencies + command: depmod -a + + - name: generate InitiatorName for iscsi + shell: iscsi-iname + register: initiator_name + + - lineinfile: + dest: /etc/iscsi/initiatorname.iscsi + regexp: '^InitiatorName=$' + line: 'InitiatorName={{ initiator_name.stdout }}' + backrefs: yes + + - name: Enable and start iscsid + service: + name: "{{ item }}" + enabled: yes + state: started + with_items: + - iscsid + +# Configure LVM and target for Cinder + - name: Check that CINDER_DEVICE exists + stat: + path: "{{ CINDER_DEVICE }}" + register: cinder_device_stats + failed_when: cinder_device_stats.stat.exists == false + + - name: Configure LVM group for cinder + lvg: + vg: cinder-volumes + pvs: "{{ CINDER_DEVICE }}" + + - lineinfile: + dest: /etc/lvm/lvm.conf + regexp: '# filter = \[ \"a\/\.\*/\" \]' + line: ' filter = [ "a|{{ CINDER_DEVICE }}|", "r/.*/" ]' + backrefs: yes + + - name: Enable and start lvm2-lvmetad and target services + service: + name: "{{ item }}" + enabled: yes + state: started + with_items: + - lvm2-lvmetad + - target + +# Configure cinder + - name: Create the cinder user. + user: + name: cinder + comment: Openstack Cinder Daemons + shell: /sbin/nologin + home: /var/lib/cinder + + - name: Create the /var folders for cinder + file: + path: "{{ item }}" + state: directory + owner: cinder + group: cinder + with_items: + - /var/run/cinder + - /var/lock/cinder + - /var/log/cinder + - /var/lib/cinder + - /var/lib/cinder/volumer + + - name: Create /etc/cinder directory + file: + path: /etc/cinder + state: directory + + - name: Add the configuration needed for cinder in /etc/cinder using templates + template: + src: /usr/share/openstack/cinder/{{ item }} + dest: /etc/cinder/{{ item }} + with_lines: + - cd /usr/share/openstack/cinder && find -type f + + - name: Create cinder service user in service tenant + keystone_user: + user: "{{ CINDER_SERVICE_USER }}" + password: "{{ CINDER_SERVICE_PASSWORD }}" + tenant: service + token: "{{ KEYSTONE_TEMPORARY_ADMIN_TOKEN }}" + + - name: Assign admin role to cinder service user in the service tenant + keystone_user: + role: admin + user: "{{ CINDER_SERVICE_USER }}" + tenant: service + token: "{{ KEYSTONE_TEMPORARY_ADMIN_TOKEN }}" + + - name: Add cinder endpoint + keystone_service: + name: cinder + type: volume + description: Openstack Block Storage + publicurl: 'http://{{ CONTROLLER_HOST_ADDRESS }}:8776/v1/%(tenant_id)s' + internalurl: 'http://{{ CONTROLLER_HOST_ADDRESS }}:8776/v1/%(tenant_id)s' + adminurl: 'http://{{ CONTROLLER_HOST_ADDRESS }}:8776/v1/%(tenant_id)s' + region: regionOne + token: "{{ KEYSTONE_TEMPORARY_ADMIN_TOKEN }}" + + - name: Add cinderv2 endpoint + keystone_service: + name: cinderv2 + type: volumev2 + description: Openstack Block Storage + publicurl: 'http://{{ CONTROLLER_HOST_ADDRESS }}:8776/v2/%(tenant_id)s' + internalurl: 'http://{{ CONTROLLER_HOST_ADDRESS }}:8776/v2/%(tenant_id)s' + adminurl: 'http://{{ CONTROLLER_HOST_ADDRESS }}:8776/v2/%(tenant_id)s' + region: regionOne + token: "{{ KEYSTONE_TEMPORARY_ADMIN_TOKEN }}" + + - name: Create postgresql user for cinder + postgresql_user: + name: "{{ CINDER_DB_USER }}" + sudo: yes + sudo_user: cinder + + - name: Create database for cinder services + postgresql_db: + name: cinder + owner: "{{ CINDER_DB_USER }}" + sudo: yes + sudo_user: cinder + + - name: Initiate cinder database + cinder_manage: + action: dbsync + sudo: yes + sudo_user: cinder + + - name: Enable and start openstack-cinder services + service: + name: "{{ item }}" + enabled: yes + state: started + with_items: + - openstack-cinder-api + - openstack-cinder-scheduler + - openstack-cinder-volume + - openstack-cinder-backup diff --git a/openstack/usr/share/openstack/cinder/cinder.conf b/openstack/usr/share/openstack/cinder/cinder.conf index 30c3f15b..1ca21082 100644 --- a/openstack/usr/share/openstack/cinder/cinder.conf +++ b/openstack/usr/share/openstack/cinder/cinder.conf @@ -76,11 +76,11 @@ # The RabbitMQ broker address where a single node is used. # (string value) -#rabbit_host=localhost +rabbit_host={{ RABBITMQ_HOST }} # The RabbitMQ broker port where a single node is used. # (integer value) -#rabbit_port=5672 +rabbit_port={{ RABBITMQ_PORT }} # RabbitMQ HA cluster host:port pairs. (list value) #rabbit_hosts=$rabbit_host:$rabbit_port @@ -89,12 +89,12 @@ #rabbit_use_ssl=false # The RabbitMQ userid. (string value) -#rabbit_userid=guest +rabbit_userid={{ RABBITMQ_USER }} # The RabbitMQ password. (string value) -#rabbit_password=guest +rabbit_password={{ RABBITMQ_PASSWORD }} -# The RabbitMQ login method. (string value) +# the RabbitMQ login method (string value) #rabbit_login_method=AMQPLAIN # The RabbitMQ virtual host. (string value) @@ -178,7 +178,7 @@ # The messaging driver to use, defaults to rabbit. Other # drivers include qpid and zmq. (string value) -#rpc_backend=rabbit +rpc_backend=rabbit # The default exchange under which topics are scoped. May be # overridden by an exchange name specified in the @@ -492,18 +492,18 @@ # File name for the paste.deploy config for cinder-api (string # value) -#api_paste_config=api-paste.ini +api_paste_config=api-paste.ini # Top-level directory for maintaining cinder's state (string # value) # Deprecated group/name - [DEFAULT]/pybasedir -#state_path=/var/lib/cinder +state_path=/var/lib/cinder # IP address of this host (string value) -#my_ip=10.0.0.1 +my_ip={{ MANAGEMENT_INTERFACE_IP_ADDRESS }} # Default glance host name or IP (string value) -#glance_host=$my_ip +glance_host={{ CONTROLLER_HOST_ADDRESS }} # Default glance port (integer value) #glance_port=9292 @@ -597,7 +597,7 @@ # Path to the rootwrap configuration file to use for running # commands as root (string value) -#rootwrap_config=/etc/cinder/rootwrap.conf +rootwrap_config=/etc/cinder/rootwrap.conf # Enable monkey patching (boolean value) #monkey_patch=false @@ -619,7 +619,7 @@ # The strategy to use for auth. Supports noauth, keystone, and # deprecated. (string value) -#auth_strategy=noauth +auth_strategy=keystone # A list of backend names to use. These backend names should # be backed by a unique [CONFIG] group with its options (list @@ -699,7 +699,7 @@ # Template string to be used to generate volume names (string # value) -#volume_name_template=volume-%s +volume_name_template=volume-%s # Template string to be used to generate snapshot names # (string value) @@ -764,7 +764,7 @@ # Directory to use for lock files. Default to a temp directory # (string value) -#lock_path= +lock_path=/var/lock/cinder # @@ -848,7 +848,7 @@ # Use syslog for logging. Existing syslog format is DEPRECATED # during I, and will change in J to honor RFC5424. (boolean # value) -#use_syslog=false +use_syslog = True # (Optional) Enables or disables syslog rfc5424 format for # logging. If enabled, prefixes the MSG part of the syslog @@ -1031,7 +1031,7 @@ # The IP address that the iSCSI daemon is listening on (string # value) -#iscsi_ip_address=$my_ip +iscsi_ip_address={{ MANAGEMENT_INTERFACE_IP_ADDRESS }} # The port that the iSCSI daemon is listening on (integer # value) @@ -1044,7 +1044,7 @@ # The backend name for a given driver implementation (string # value) -#volume_backend_name= +volume_backend_name=LVM_iSCSI # Do we attach/detach volumes in cinder using multipath for # volume to image and image to volume transfers? (boolean @@ -1067,10 +1067,10 @@ # iSCSI target user-land tool to use. tgtadm is default, use # lioadm for LIO iSCSI support, iseradm for the ISER protocol, # or fake for testing. (string value) -#iscsi_helper=tgtadm +iscsi_helper=lioadm # Volume configuration file storage directory (string value) -#volumes_dir=$state_path/volumes +volumes_dir=$state_path/volumes # IET configuration file (string value) #iet_conf=/etc/iet/ietd.conf @@ -1565,7 +1565,7 @@ # Name for the VG that will contain exported volumes (string # value) -#volume_group=cinder-volumes +volume_group=cinder-volumes # If >0, create LVs with multiple mirrors. Note that this # requires lvm_mirrors + 2 PVs with available space (integer @@ -2267,7 +2267,7 @@ # # Driver to use for volume creation (string value) -#volume_driver=cinder.volume.drivers.lvm.LVMISCSIDriver +volume_driver=cinder.volume.drivers.lvm.LVMISCSIDriver # Timeout for creating the volume to migrate to when # performing volume migration (seconds) (integer value) @@ -2368,7 +2368,7 @@ # Deprecated group/name - [DEFAULT]/sql_connection # Deprecated group/name - [DATABASE]/sql_connection # Deprecated group/name - [sql]/connection -#connection= +connection=postgresql://{{ CINDER_DB_USER }}:{{ CINDER_DB_PASSWORD }}@{{ CONTROLLER_HOST_ADDRESS }}/cinder # The SQLAlchemy connection string to use to connect to the # slave database. (string value) @@ -2557,12 +2557,12 @@ #auth_protocol=https # Complete public Identity API endpoint (string value) -#auth_uri= +auth_uri = http://{{ CONTROLLER_HOST_ADDRESS }}:5000/v2.0 # Complete admin Identity API endpoint. This should specify # the unversioned root endpoint e.g. https://localhost:35357/ # (string value) -#identity_uri= +identity_uri = http://{{ CONTROLLER_HOST_ADDRESS }}:35357 # API version of the admin Identity API endpoint (string # value) @@ -2590,14 +2590,14 @@ #admin_token= # Keystone account username (string value) -#admin_user= +admin_user={{ CINDER_SERVICE_USER }} # Keystone account password (string value) -#admin_password= +admin_password={{ CINDER_SERVICE_PASSWORD }} # Keystone service account tenant name to validate user tokens # (string value) -#admin_tenant_name=admin +admin_tenant_name=service # Env key for the swift cache (string value) #cache= diff --git a/systems/openstack-system-x86_64.morph b/systems/openstack-system-x86_64.morph index cec51aa3..1b53df06 100644 --- a/systems/openstack-system-x86_64.morph +++ b/systems/openstack-system-x86_64.morph @@ -65,3 +65,4 @@ configuration-extensions: - hosts - openstack-keystone - openstack-glance +- openstack-cinder -- cgit v1.2.1