Add a cinder element.
Change-Id: I4729cf003896c3b4f8267d16e1b4822099231051
This commit is contained in:
parent
07c476b590
commit
aa8a2174a6
61
elements/cinder-config/config/etc/cinder/api-paste.ini
Normal file
61
elements/cinder-config/config/etc/cinder/api-paste.ini
Normal file
@ -0,0 +1,61 @@
|
||||
#############
|
||||
# OpenStack #
|
||||
#############
|
||||
|
||||
[composite:osapi_volume]
|
||||
use = call:cinder.api:root_app_factory
|
||||
/: apiversions
|
||||
/v1: openstack_volume_api_v1
|
||||
/v2: openstack_volume_api_v2
|
||||
|
||||
[composite:openstack_volume_api_v1]
|
||||
use = call:cinder.api.middleware.auth:pipeline_factory
|
||||
noauth = faultwrap sizelimit noauth apiv1
|
||||
keystone = faultwrap sizelimit authtoken keystonecontext apiv1
|
||||
keystone_nolimit = faultwrap sizelimit authtoken keystonecontext apiv1
|
||||
|
||||
[composite:openstack_volume_api_v2]
|
||||
use = call:cinder.api.middleware.auth:pipeline_factory
|
||||
noauth = faultwrap sizelimit noauth apiv2
|
||||
keystone = faultwrap sizelimit authtoken keystonecontext apiv2
|
||||
keystone_nolimit = faultwrap sizelimit authtoken keystonecontext apiv2
|
||||
|
||||
[filter:faultwrap]
|
||||
paste.filter_factory = cinder.api.middleware.fault:FaultWrapper.factory
|
||||
|
||||
[filter:noauth]
|
||||
paste.filter_factory = cinder.api.middleware.auth:NoAuthMiddleware.factory
|
||||
|
||||
[filter:sizelimit]
|
||||
paste.filter_factory = cinder.api.middleware.sizelimit:RequestBodySizeLimiter.factory
|
||||
|
||||
[app:apiv1]
|
||||
paste.app_factory = cinder.api.v1.router:APIRouter.factory
|
||||
|
||||
[app:apiv2]
|
||||
paste.app_factory = cinder.api.v2.router:APIRouter.factory
|
||||
|
||||
[pipeline:apiversions]
|
||||
pipeline = faultwrap osvolumeversionapp
|
||||
|
||||
[app:osvolumeversionapp]
|
||||
paste.app_factory = cinder.api.versions:Versions.factory
|
||||
|
||||
##########
|
||||
# Shared #
|
||||
##########
|
||||
|
||||
[filter:keystonecontext]
|
||||
paste.filter_factory = cinder.api.middleware.auth:CinderKeystoneContext.factory
|
||||
|
||||
[filter:authtoken]
|
||||
paste.filter_factory = keystone.middleware.auth_token:filter_factory
|
||||
service_protocol = http
|
||||
service_host = {{keystone.host}}
|
||||
service_port = 5000
|
||||
auth_host = {{keystone.host}}
|
||||
auth_port = 35357
|
||||
auth_protocol = http
|
||||
admin_tenant_name = service
|
||||
admin_user = cinder
|
||||
admin_password = {{service-password}}
|
20
elements/cinder-config/config/etc/cinder/cinder.conf
Normal file
20
elements/cinder-config/config/etc/cinder/cinder.conf
Normal file
@ -0,0 +1,20 @@
|
||||
[DEFAULT]
|
||||
debug = True
|
||||
|
||||
state_path = /var/run/cinder
|
||||
|
||||
rootwrap_config=/etc/cinder/rootwrap.conf
|
||||
api_paste_config = /etc/cinder/api-paste.ini
|
||||
|
||||
iscsi_helper=tgtadm
|
||||
volume_name_template = volume-%s
|
||||
volume_group = cinder-volumes
|
||||
verbose = True
|
||||
auth_strategy = keystone
|
||||
|
||||
sql_connection={{cinder.db}}
|
||||
|
||||
rabbit_host = {{rabbit.host}}
|
||||
rabbit_port = 5672
|
||||
rabbit_userid = {{rabbit.user}}
|
||||
rabbit_password = {{rabbit.password}}
|
34
elements/cinder-config/config/etc/cinder/policy.json
Normal file
34
elements/cinder-config/config/etc/cinder/policy.json
Normal file
@ -0,0 +1,34 @@
|
||||
{
|
||||
"context_is_admin": [["role:admin"]],
|
||||
"admin_or_owner": [["is_admin:True"], ["project_id:%(project_id)s"]],
|
||||
"default": [["rule:admin_or_owner"]],
|
||||
|
||||
"admin_api": [["is_admin:True"]],
|
||||
|
||||
"volume:create": [],
|
||||
"volume:get_all": [],
|
||||
"volume:get_volume_metadata": [],
|
||||
"volume:get_snapshot": [],
|
||||
"volume:get_all_snapshots": [],
|
||||
|
||||
"volume_extension:types_manage": [["rule:admin_api"]],
|
||||
"volume_extension:types_extra_specs": [["rule:admin_api"]],
|
||||
"volume_extension:extended_snapshot_attributes": [],
|
||||
"volume_extension:volume_image_metadata": [],
|
||||
|
||||
"volume_extension:quotas:show": [],
|
||||
"volume_extension:quotas:update_for_project": [["rule:admin_api"]],
|
||||
"volume_extension:quotas:update_for_user": [["rule:admin_or_projectadmin"]],
|
||||
"volume_extension:quota_classes": [],
|
||||
|
||||
"volume_extension:volume_admin_actions:reset_status": [["rule:admin_api"]],
|
||||
"volume_extension:snapshot_admin_actions:reset_status": [["rule:admin_api"]],
|
||||
"volume_extension:volume_admin_actions:force_delete": [["rule:admin_api"]],
|
||||
"volume_extension:snapshot_admin_actions:force_delete": [["rule:admin_api"]],
|
||||
|
||||
"volume_extension:volume_host_attribute": [["rule:admin_api"]],
|
||||
"volume_extension:volume_tenant_attribute": [["rule:admin_api"]],
|
||||
"volume_extension:hosts": [["rule:admin_api"]],
|
||||
"volume_extension:services": [["rule:admin_api"]],
|
||||
"volume:services": [["rule:admin_api"]]
|
||||
}
|
27
elements/cinder-config/config/etc/cinder/rootwrap.conf
Normal file
27
elements/cinder-config/config/etc/cinder/rootwrap.conf
Normal file
@ -0,0 +1,27 @@
|
||||
# Configuration for cinder-rootwrap
|
||||
# This file should be owned by (and only-writeable by) the root user
|
||||
|
||||
[DEFAULT]
|
||||
# List of directories to load filter definitions from (separated by ',').
|
||||
# These directories MUST all be only writeable by root !
|
||||
filters_path=/etc/cinder/rootwrap.d,/usr/share/cinder/rootwrap
|
||||
|
||||
# List of directories to search executables in, in case filters do not
|
||||
# explicitely specify a full path (separated by ',')
|
||||
# If not specified, defaults to system PATH environment variable.
|
||||
# These directories MUST all be only writeable by root !
|
||||
exec_dirs=/sbin,/usr/sbin,/bin,/usr/bin
|
||||
|
||||
# Enable logging to syslog
|
||||
# Default value is False
|
||||
use_syslog=False
|
||||
|
||||
# Which syslog facility to use.
|
||||
# Valid values include auth, authpriv, syslog, user0, user1...
|
||||
# Default value is 'syslog'
|
||||
syslog_log_facility=syslog
|
||||
|
||||
# Which messages to log.
|
||||
# INFO means log all usage
|
||||
# ERROR means only log unsuccessful attempts
|
||||
syslog_log_level=ERROR
|
@ -0,0 +1,55 @@
|
||||
# cinder-rootwrap command filters for volume nodes
|
||||
# This file should be owned by (and only-writeable by) the root user
|
||||
|
||||
[Filters]
|
||||
# cinder/volume/iscsi.py: iscsi_helper '--op' ...
|
||||
ietadm: CommandFilter, /usr/sbin/ietadm, root
|
||||
tgtadm: CommandFilter, /usr/sbin/tgtadm, root
|
||||
tgt-admin: CommandFilter, /usr/sbin/tgt-admin, root
|
||||
|
||||
# cinder/volume/driver.py: 'vgs', '--noheadings', '-o', 'name'
|
||||
vgs: CommandFilter, /sbin/vgs, root
|
||||
|
||||
# cinder/volume/driver.py: 'lvcreate', '-L', sizestr, '-n', volume_name,..
|
||||
# cinder/volume/driver.py: 'lvcreate', '-L', ...
|
||||
lvcreate: CommandFilter, /sbin/lvcreate, root
|
||||
|
||||
# cinder/volume/driver.py: 'dd', 'if=%s' % srcstr, 'of=%s' % deststr,...
|
||||
dd: CommandFilter, /bin/dd, root
|
||||
|
||||
# cinder/volume/driver.py: 'lvremove', '-f', %s/%s % ...
|
||||
lvremove: CommandFilter, /sbin/lvremove, root
|
||||
|
||||
# cinder/volume/driver.py: 'lvdisplay', '--noheading', '-C', '-o', 'Attr',..
|
||||
lvdisplay: CommandFilter, /sbin/lvdisplay, root
|
||||
|
||||
# cinder/volume/driver.py: 'iscsiadm', '-m', 'discovery', '-t',...
|
||||
# cinder/volume/driver.py: 'iscsiadm', '-m', 'node', '-T', ...
|
||||
iscsiadm: CommandFilter, /sbin/iscsiadm, root
|
||||
iscsiadm_usr: CommandFilter, /usr/bin/iscsiadm, root
|
||||
|
||||
# cinder/volume/drivers/lvm.py: 'shred', '-n3'
|
||||
# cinder/volume/drivers/lvm.py: 'shred', '-n0', '-z', '-s%dMiB'
|
||||
shred: CommandFilter, /usr/bin/shred, root
|
||||
|
||||
#cinder/volume/.py: utils.temporary_chown(path, 0), ...
|
||||
chown: CommandFilter, /bin/chown, root
|
||||
|
||||
# cinder/volume/driver.py
|
||||
dmsetup: CommandFilter, /sbin/dmsetup, root
|
||||
dmsetup_usr: CommandFilter, /usr/sbin/dmsetup, root
|
||||
ln: CommandFilter, /bin/ln, root
|
||||
qemu-img: CommandFilter, /usr/bin/qemu-img, root
|
||||
env: CommandFilter, /usr/bin/env, root
|
||||
|
||||
# cinder/volume/driver.py: utils.read_file_as_root()
|
||||
cat: CommandFilter, /bin/cat, root
|
||||
|
||||
# cinder/volume/nfs.py
|
||||
stat: CommandFilter, /usr/bin/stat, root
|
||||
mount: CommandFilter, /bin/mount, root
|
||||
df: CommandFilter, /bin/df, root
|
||||
truncate: CommandFilter, /usr/bin/truncate, root
|
||||
chmod: CommandFilter, /bin/chmod, root
|
||||
rm: CommandFilter, /bin/rm, root
|
||||
lvs: CommandFilter, /sbin/lvs, root
|
2
elements/cinder-config/config/etc/default/iscsitarget
Normal file
2
elements/cinder-config/config/etc/default/iscsitarget
Normal file
@ -0,0 +1,2 @@
|
||||
ISCSITARGET_ENABLE=true
|
||||
|
1
elements/cinder-config/element-deps
Normal file
1
elements/cinder-config/element-deps
Normal file
@ -0,0 +1 @@
|
||||
os-config-applier
|
3
elements/cinder-config/install.d/01-cinder-config
Executable file
3
elements/cinder-config/install.d/01-cinder-config
Executable file
@ -0,0 +1,3 @@
|
||||
#!/bin/bash
|
||||
set -eu
|
||||
use-config-templates $(dirname $0)/../config
|
1
elements/cinder/README.md
Normal file
1
elements/cinder/README.md
Normal file
@ -0,0 +1 @@
|
||||
Install cinder service from git.
|
4
elements/cinder/element-deps
Normal file
4
elements/cinder/element-deps
Normal file
@ -0,0 +1,4 @@
|
||||
os-svc-install
|
||||
os-refresh-config
|
||||
os-config-applier
|
||||
cinder-config
|
22
elements/cinder/install.d/72-cinder
Executable file
22
elements/cinder/install.d/72-cinder
Executable file
@ -0,0 +1,22 @@
|
||||
#!/bin/bash
|
||||
set -eux
|
||||
|
||||
install-packages lvm2
|
||||
os-svc-install -n cinder -u cinder -r https://github.com/openstack/cinder.git
|
||||
|
||||
os-svc-upstart cinder-api cinder /usr/local/bin/cinder-api "--config-dir /etc/cinder"
|
||||
os-svc-upstart cinder-volume cinder /usr/local/bin/cinder-volume "--config-dir /etc/cinder"
|
||||
os-svc-upstart cinder-scheduler cinder /usr/local/bin/cinder-scheduler "--config-dir /etc/cinder"
|
||||
mkdir -p /etc/tgt/conf.d
|
||||
echo 'include /etc/tgt/conf.d/cinder_tgt.conf' > /etc/tgt/targets.conf
|
||||
echo 'include /var/run/cinder/volumes/*' > /etc/tgt/conf.d/cinder_tgt.conf
|
||||
|
||||
echo "cinder ALL=(ALL) NOPASSWD:ALL" > /etc/sudoers.d/cinder
|
||||
chmod 0440 /etc/sudoers.d/cinder
|
||||
visudo -c
|
||||
|
||||
os_refresh=$(os-refresh-config --print-base)
|
||||
|
||||
for stage in pre-configure migration post-configure; do
|
||||
install -m 0755 -o root -g root $(dirname $0)/../$stage $os_refresh/$stage.d/72-cinder
|
||||
done
|
15
elements/cinder/migration
Executable file
15
elements/cinder/migration
Executable file
@ -0,0 +1,15 @@
|
||||
#!/bin/bash
|
||||
set -eu
|
||||
|
||||
# TODO: resize volume group in response to config changes.
|
||||
# TODO: is there a safe way to shrink a volume group?
|
||||
vol_group=cinder-volumes
|
||||
vol_file=/var/run/cinder/$vol_group-backing-file
|
||||
size=$(os-config-applier --key cinder.volume_size_mb --type int)M
|
||||
|
||||
if ! vgs $vol_group; then
|
||||
[[ -f $vol_file ]] || truncate -s $size $vol_file
|
||||
dev=`sudo losetup -f --show $vol_file`
|
||||
if ! vgs $vol_group; then vgcreate $vol_group $dev; fi
|
||||
mkdir -p /var/run/cinder/volumes
|
||||
fi
|
8
elements/cinder/post-configure
Executable file
8
elements/cinder/post-configure
Executable file
@ -0,0 +1,8 @@
|
||||
#!/bin/bash
|
||||
set -eu
|
||||
|
||||
service iscsitarget restart
|
||||
service open-iscsi restart
|
||||
service cinder-api restart
|
||||
service cinder-volume restart
|
||||
service cinder-scheduler restart
|
8
elements/cinder/pre-configure
Executable file
8
elements/cinder/pre-configure
Executable file
@ -0,0 +1,8 @@
|
||||
#!/bin/bash
|
||||
set -eu
|
||||
|
||||
# installation requires building a kernel module.
|
||||
# - TODO: use generic 'install-packages' instead of apt-get once
|
||||
# it is available from first-boot scripts.
|
||||
DEBIAN_FRONTEND=noninteractive apt-get install --yes linux-headers-`uname -r`
|
||||
DEBIAN_FRONTEND=noninteractive apt-get install --yes iscsitarget iscsitarget-dkms openvswitch-datapath-dkms
|
@ -8,6 +8,10 @@ install-packages git-core python-pip
|
||||
|
||||
pip install git+https://github.com/tripleo/os-refresh-config.git
|
||||
|
||||
for d in pre-configure.d configure.d migration.d post-configure.d; do
|
||||
install -m 0755 -o root -g root -d /opt/stack/os-config-refresh/$d
|
||||
done
|
||||
|
||||
cat > /etc/init/os-refresh-config.conf <<- eof
|
||||
start on runlevel [2345]
|
||||
task
|
||||
|
Loading…
Reference in New Issue
Block a user