summaryrefslogtreecommitdiff
path: root/openstack/usr/share/openstack
diff options
context:
space:
mode:
authorPedro Alvarez <pedro.alvarez@codethink.co.uk>2015-04-13 18:06:31 +0000
committerPedro Alvarez <pedro.alvarez@codethink.co.uk>2015-04-16 12:13:45 +0000
commit76bc5fabd58eca8a2859d9f3474276c613aeaaff (patch)
tree1ec6199865fa8e97ca3836cea3a9b1e95e05e549 /openstack/usr/share/openstack
parent1a09fe5755f0f7f69ecbf44615fdd01f6a01c7be (diff)
downloaddefinitions-76bc5fabd58eca8a2859d9f3474276c613aeaaff.tar.gz
Openstack: Make Glance configurable
Change-Id: I137bd286b2f8ad6eeb37d34803f9ae41a735e7ec Signed-off-by: Pedro Alvarez <pedro.alvarez@codethink.co.uk> Signed-off-by: Francisco Redondo Marchena <francisco.marchena@codethink.co.uk>
Diffstat (limited to 'openstack/usr/share/openstack')
-rw-r--r--openstack/usr/share/openstack/glance.yml93
-rw-r--r--openstack/usr/share/openstack/glance/glance-api.conf64
-rw-r--r--openstack/usr/share/openstack/glance/glance-cache.conf6
-rw-r--r--openstack/usr/share/openstack/glance/glance-registry.conf18
-rw-r--r--openstack/usr/share/openstack/glance/glance-scrubber.conf6
5 files changed, 142 insertions, 45 deletions
diff --git a/openstack/usr/share/openstack/glance.yml b/openstack/usr/share/openstack/glance.yml
new file mode 100644
index 00000000..aa7e4c78
--- /dev/null
+++ b/openstack/usr/share/openstack/glance.yml
@@ -0,0 +1,93 @@
+---
+- hosts: localhost
+ vars_files:
+ - "/etc/openstack/glance.conf"
+ tasks:
+ - name: Create the glance user.
+ user:
+ name: glance
+ comment: Openstack Glance Daemons
+ shell: /sbin/nologin
+ home: /var/lib/glance
+
+ - name: Create the /var folders for glance
+ file:
+ path: "{{ item }}"
+ state: directory
+ owner: glance
+ group: glance
+ with_items:
+ - /var/run/glance
+ - /var/lock/glance
+ - /var/log/glance
+ - /var/lib/glance
+ - /var/lib/glance/images
+ - /var/lib/glance/image-cache
+
+ - name: Create /etc/glance directory
+ file:
+ path: /etc/glance
+ state: directory
+
+ - name: Add the configuration needed for glance in /etc/glance using templates
+ template:
+ src: /usr/share/openstack/glance/{{ item }}
+ dest: /etc/glance/{{ item }}
+ with_lines:
+ - cd /usr/share/openstack/glance && find -type f
+
+ - name: Create glance service user in service tenant
+ keystone_user:
+ user: "{{ GLANCE_SERVICE_USER }}"
+ password: "{{ GLANCE_SERVICE_PASSWORD }}"
+ tenant: service
+ token: "{{ KEYSTONE_TEMPORARY_ADMIN_TOKEN }}"
+
+ - name: Assign admin role to glances service user in the service tenant
+ keystone_user:
+ role: admin
+ user: "{{ GLANCE_SERVICE_USER }}"
+ tenant: service
+ token: "{{ KEYSTONE_TEMPORARY_ADMIN_TOKEN }}"
+
+ - name: Add glance endpoint
+ keystone_service:
+ name: glance
+ type: image
+ description: Openstack Image Service
+ publicurl: http://{{ CONTROLLER_HOST_ADDRESS }}:9292
+ internalurl: http://{{ CONTROLLER_HOST_ADDRESS }}:9292
+ adminurl: http://{{ CONTROLLER_HOST_ADDRESS }}:9292
+ region: regionOne
+ token: "{{ KEYSTONE_TEMPORARY_ADMIN_TOKEN }}"
+
+ - name: Create postgresql user for glance
+ postgresql_user:
+ name: "{{ GLANCE_DB_USER }}"
+ login_host: "{{ CONTROLLER_HOST_ADDRESS }}"
+ password: "{{ GLANCE_DB_PASSWORD }}"
+ sudo: yes
+ sudo_user: glance
+
+ - name: Create database for glance services
+ postgresql_db:
+ name: glance
+ owner: "{{ GLANCE_DB_USER }}"
+ login_host: "{{ CONTROLLER_HOST_ADDRESS }}"
+ sudo: yes
+ sudo_user: glance
+
+ - name: Initiate glance database
+ glance_manage:
+ action: dbsync
+ sudo: yes
+ sudo_user: glance
+
+ - name: Enable and start openstack-glance services
+ service:
+ name: "{{ item }}"
+ enabled: yes
+ state: started
+ with_items:
+ - openstack-glance-api.service
+ - openstack-glance-registry.service
diff --git a/openstack/usr/share/openstack/glance/glance-api.conf b/openstack/usr/share/openstack/glance/glance-api.conf
index cfc214e9..675062a6 100644
--- a/openstack/usr/share/openstack/glance/glance-api.conf
+++ b/openstack/usr/share/openstack/glance/glance-api.conf
@@ -18,7 +18,7 @@ default_store = file
#image_size_cap = 1099511627776
# Address to bind the API server
-bind_host = 0.0.0.0
+bind_host = {{ MANAGEMENT_INTERFACE_IP_ADDRESS }}
# Port the bind the API server to
bind_port = 9292
@@ -28,7 +28,7 @@ bind_port = 9292
#
# If `log_file` is omitted and `use_syslog` is false, then log messages are
# sent to stdout as a fallback.
-log_file = /var/log/glance/api.log
+# log_file = /var/log/glance/api.log
# Backlog requests when creating socket
backlog = 4096
@@ -113,7 +113,7 @@ backlog = 4096
# Send logs to syslog (/dev/log) instead of to file specified
# by `log_file`
-#use_syslog = False
+use_syslog = True
# Facility to use. If unset defaults to LOG_USER.
#syslog_log_facility = LOG_LOCAL0
@@ -139,7 +139,7 @@ backlog = 4096
# ============ Registry Options ===============================
# Address to find the registry server
-registry_host = 0.0.0.0
+registry_host = {{ MANAGEMENT_INTERFACE_IP_ADDRESS }}
# Port the registry server is listening on
registry_port = 9191
@@ -213,15 +213,14 @@ registry_client_protocol = http
# default_publisher_id = image.localhost
# Messaging driver used for 'messaging' notifications driver
-# rpc_backend = 'rabbit'
+rpc_backend=rabbit
-# Configuration options if sending notifications via rabbitmq (these are
-# the defaults)
-rabbit_host = localhost
-rabbit_port = 5672
+# Configuration options if sending notifications via rabbitmq
+rabbit_host = {{ RABBITMQ_HOST }}
+rabbit_port = {{ RABBITMQ_PORT }}
rabbit_use_ssl = false
-rabbit_userid = guest
-rabbit_password = guest
+rabbit_userid = {{ RABBITMQ_USER }}
+rabbit_password = {{ RABBITMQ_PASSWORD }}
rabbit_virtual_host = /
rabbit_notification_exchange = glance
rabbit_notification_topic = notifications
@@ -229,22 +228,22 @@ rabbit_durable_queues = False
# Configuration options if sending notifications via Qpid (these are
# the defaults)
-qpid_notification_exchange = glance
-qpid_notification_topic = notifications
-qpid_hostname = localhost
-qpid_port = 5672
-qpid_username =
-qpid_password =
-qpid_sasl_mechanisms =
-qpid_reconnect_timeout = 0
-qpid_reconnect_limit = 0
-qpid_reconnect_interval_min = 0
-qpid_reconnect_interval_max = 0
-qpid_reconnect_interval = 0
-qpid_heartbeat = 5
+#qpid_notification_exchange = glance
+#qpid_notification_topic = notifications
+#qpid_hostname = localhost
+#qpid_port = 5672
+#qpid_username =
+#qpid_password =
+#qpid_sasl_mechanisms =
+#qpid_reconnect_timeout = 0
+#qpid_reconnect_limit = 0
+#qpid_reconnect_interval_min = 0
+#qpid_reconnect_interval_max = 0
+#qpid_reconnect_interval = 0
+#qpid_heartbeat = 5
# Set to 'ssl' to enable SSL
-qpid_protocol = tcp
-qpid_tcp_nodelay = True
+#qpid_protocol = tcp
+#qpid_tcp_nodelay = True
# ============ Delayed Delete Options =============================
@@ -301,6 +300,8 @@ image_cache_dir = /var/lib/glance/image-cache/
# Deprecated group/name - [DATABASE]/sql_connection
# Deprecated group/name - [sql]/connection
#connection = <None>
+connection=postgresql://{{ GLANCE_DB_USER }}:{{ GLANCE_DB_PASSWORD }}@{{ CONTROLLER_HOST_ADDRESS }}/glance
+
# The SQL mode to be used for MySQL sessions. This option,
# including the default, overrides any server-set SQL mode. To
@@ -381,10 +382,11 @@ image_cache_dir = /var/lib/glance/image-cache/
#db_max_retries = 20
[keystone_authtoken]
-identity_uri = http://127.0.0.1:35357
-admin_tenant_name = %SERVICE_TENANT_NAME%
-admin_user = %SERVICE_USER%
-admin_password = %SERVICE_PASSWORD%
+auth_uri = http://{{ CONTROLLER_HOST_ADDRESS }}:5000/v2.0
+identity_uri = http://{{ CONTROLLER_HOST_ADDRESS }}:35357
+admin_tenant_name = service
+admin_user = {{ GLANCE_SERVICE_USER }}
+admin_password = {{ GLANCE_SERVICE_PASSWORD }}
revocation_cache_time = 10
[paste_deploy]
@@ -395,7 +397,7 @@ revocation_cache_time = 10
# service name removed. For example, if your paste section name is
# [pipeline:glance-api-keystone], you would configure the flavor below
# as 'keystone'.
-#flavor=
+flavor=keystone
[store_type_location_strategy]
# The scheme list to use to get store preference order. The scheme must be
diff --git a/openstack/usr/share/openstack/glance/glance-cache.conf b/openstack/usr/share/openstack/glance/glance-cache.conf
index 0246b672..3f2d4603 100644
--- a/openstack/usr/share/openstack/glance/glance-cache.conf
+++ b/openstack/usr/share/openstack/glance/glance-cache.conf
@@ -10,10 +10,10 @@
#
# If `log_file` is omitted and `use_syslog` is false, then log messages are
# sent to stdout as a fallback.
-log_file = /var/log/glance/image-cache.log
+# log_file = /var/log/glance/image-cache.log
# Send logs to syslog (/dev/log) instead of to file specified by `log_file`
-#use_syslog = False
+use_syslog = True
# Directory that the Image Cache writes data to
image_cache_dir = /var/lib/glance/image-cache/
@@ -26,7 +26,7 @@ image_cache_stall_time = 86400
image_cache_max_size = 10737418240
# Address to find the registry server
-registry_host = 0.0.0.0
+registry_host = {{ MANAGEMENT_INTERFACE_IP_ADDRESS }}
# Port the registry server is listening on
registry_port = 9191
diff --git a/openstack/usr/share/openstack/glance/glance-registry.conf b/openstack/usr/share/openstack/glance/glance-registry.conf
index a72abf8c..e663148d 100644
--- a/openstack/usr/share/openstack/glance/glance-registry.conf
+++ b/openstack/usr/share/openstack/glance/glance-registry.conf
@@ -6,7 +6,7 @@
#debug = False
# Address to bind the registry server
-bind_host = 0.0.0.0
+bind_host = {{ MANAGEMENT_INTERFACE_IP_ADDRESS }}
# Port the bind the registry server to
bind_port = 9191
@@ -16,7 +16,7 @@ bind_port = 9191
#
# If `log_file` is omitted and `use_syslog` is false, then log messages are
# sent to stdout as a fallback.
-log_file = /var/log/glance/registry.log
+# log_file = /var/log/glance/registry.log
# Backlog requests when creating socket
backlog = 4096
@@ -62,7 +62,7 @@ limit_param_default = 25
# Send logs to syslog (/dev/log) instead of to file specified
# by `log_file`
-#use_syslog = False
+use_syslog = True
# Facility to use. If unset defaults to LOG_USER.
#syslog_log_facility = LOG_LOCAL1
@@ -141,6 +141,7 @@ qpid_tcp_nodelay = True
# Deprecated group/name - [DATABASE]/sql_connection
# Deprecated group/name - [sql]/connection
#connection = <None>
+connection=postgresql://{{ GLANCE_DB_USER }}:{{ GLANCE_DB_PASSWORD }}@{{ CONTROLLER_HOST_ADDRESS }}/glance
# The SQL mode to be used for MySQL sessions. This option,
# including the default, overrides any server-set SQL mode. To
@@ -221,10 +222,11 @@ qpid_tcp_nodelay = True
#db_max_retries = 20
[keystone_authtoken]
-identity_uri = http://127.0.0.1:35357
-admin_tenant_name = %SERVICE_TENANT_NAME%
-admin_user = %SERVICE_USER%
-admin_password = %SERVICE_PASSWORD%
+auth_uri = http://{{ CONTROLLER_HOST_ADDRESS }}:5000/v2.0
+identity_uri = http://{{ CONTROLLER_HOST_ADDRESS }}:35357
+admin_tenant_name = service
+admin_user = {{ GLANCE_SERVICE_USER }}
+admin_password = {{ GLANCE_SERVICE_PASSWORD }}
[paste_deploy]
# Name of the paste configuration file that defines the available pipelines
@@ -234,7 +236,7 @@ admin_password = %SERVICE_PASSWORD%
# service name removed. For example, if your paste section name is
# [pipeline:glance-registry-keystone], you would configure the flavor below
# as 'keystone'.
-#flavor=
+flavor=keystone
[profiler]
# If False fully disable profiling feature.
diff --git a/openstack/usr/share/openstack/glance/glance-scrubber.conf b/openstack/usr/share/openstack/glance/glance-scrubber.conf
index ecfc7bff..cdbfda71 100644
--- a/openstack/usr/share/openstack/glance/glance-scrubber.conf
+++ b/openstack/usr/share/openstack/glance/glance-scrubber.conf
@@ -10,10 +10,10 @@
#
# If `log_file` is omitted and `use_syslog` is false, then log messages are
# sent to stdout as a fallback.
-log_file = /var/log/glance/scrubber.log
+# log_file = /var/log/glance/scrubber.log
# Send logs to syslog (/dev/log) instead of to file specified by `log_file`
-#use_syslog = False
+use_syslog = True
# Should we run our own loop or rely on cron/scheduler to run us
daemon = False
@@ -32,7 +32,7 @@ cleanup_scrubber = False
cleanup_scrubber_time = 86400
# Address to find the registry server for cleanups
-registry_host = 0.0.0.0
+registry_host = {{ MANAGEMENT_INTERFACE_IP_ADDRESS }}
# Port the registry server is listening on
registry_port = 9191