diff --git a/ansible/group_vars/all.yml b/ansible/group_vars/all.yml
index 1119c8df8284922947d6f34f3608a38ec8754daa..1b19ebb271db55ea849b2eb6eb91cf9b1afedf67 100644
--- a/ansible/group_vars/all.yml
+++ b/ansible/group_vars/all.yml
@@ -91,6 +91,10 @@ cinder_api_port: "8776"
memcached_port: "11211"
+swift_proxy_server_port: "8080"
+swift_object_server_port: "6000"
+swift_account_server_port: "6001"
+swift_container_server_port: "6002"
####################
# Openstack options
@@ -130,6 +134,7 @@ enable_rabbitmq: "yes"
# Additional optional OpenStack services are specified here
enable_cinder: "no"
enable_horizon: "yes"
+enable_swift: "no"
####################
# RabbitMQ options
diff --git a/ansible/inventory/all-in-one b/ansible/inventory/all-in-one
index f00cc65a3cfbf9fd5973fa49f923a6838fcfa46c..b0cbdb457a75bb601c7b2418940c09bca866301f 100644
--- a/ansible/inventory/all-in-one
+++ b/ansible/inventory/all-in-one
@@ -45,6 +45,9 @@ control
[horizon:children]
control
+[swift:children]
+control
+
# Additional control implemented here. These groups allow you to control which
# services run on which hosts at a per-service level.
@@ -83,7 +86,7 @@ neutron
[neutron-agents:children]
neutron
-#Cinder
+# Cinder
[cinder-api:children]
cinder
@@ -95,3 +98,16 @@ cinder
[cinder-volume:children]
storage
+
+# Swift
+[swift-proxy-server:children]
+swift
+
+[swift-account-server:children]
+storage
+
+[swift-container-server:children]
+storage
+
+[swift-object-server:children]
+storage
diff --git a/ansible/inventory/multinode b/ansible/inventory/multinode
index e75805ff259e21ecb89b40c037d20ee41b8c109b..7db8c12a5fdfe70f0dd03a7e473e3ea18cf644dd 100644
--- a/ansible/inventory/multinode
+++ b/ansible/inventory/multinode
@@ -51,6 +51,9 @@ control
[horizon:children]
control
+[swift:children]
+control
+
# Additional control implemented here. These groups allow you to control which
# services run on which hosts at a per-service level.
@@ -89,7 +92,7 @@ neutron
[neutron-agents:children]
neutron
-#Cinder
+# Cinder
[cinder-api:children]
cinder
@@ -101,3 +104,16 @@ cinder
[cinder-volume:children]
storage
+
+# Swift
+[swift-proxy-server:children]
+storage
+
+[swift-account-server:children]
+storage
+
+[swift-container-server:children]
+storage
+
+[swift-object-server:children]
+storage
diff --git a/ansible/roles/swift/defaults/main.yml b/ansible/roles/swift/defaults/main.yml
new file mode 100644
index 0000000000000000000000000000000000000000..6e156a8f39fe3a22b1adf6c48233c981f3d2695c
--- /dev/null
+++ b/ansible/roles/swift/defaults/main.yml
@@ -0,0 +1,58 @@
+---
+project_name: "swift"
+
+####################
+# Docker
+####################
+swift_proxy_server_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ kolla_install_type }}-swift-proxy-server"
+swift_proxy_server_tag: "{{ openstack_release }}"
+swift_proxy_server_image_full: "{{ swift_proxy_server_image }}:{{ swift_proxy_server_tag }}"
+
+swift_data_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ kolla_install_type }}-data"
+swift_data_tag: "{{ openstack_release }}"
+swift_data_image_full: "{{ swift_data_image }}:{{ swift_data_tag }}"
+
+swift_account_server_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ kolla_install_type }}-swift-account-server"
+swift_account_server_tag: "{{ openstack_release }}"
+swift_account_server_image_full: "{{ swift_account_server_image }}:{{ swift_account_server_tag }}"
+
+swift_container_server_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ kolla_install_type }}-swift-container-server"
+swift_container_server_tag: "{{ openstack_release }}"
+swift_container_server_image_full: "{{ swift_container_server_image }}:{{ swift_container_server_tag }}"
+
+swift_object_auditor_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ kolla_install_type }}-swift-object-auditor"
+swift_object_auditor_tag: "{{ openstack_release }}"
+swift_object_auditor_image_full: "{{ swift_object_auditor_image }}:{{ swift_object_auditor_tag }}"
+
+swift_object_expirer_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ kolla_install_type }}-swift-object-expirer"
+swift_object_expirer_tag: "{{ openstack_release }}"
+swift_object_expirer_image_full: "{{ swift_object_expirer_image }}:{{ swift_object_expirer_tag }}"
+
+swift_object_replicator_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ kolla_install_type }}-swift-object-replicator"
+swift_object_replicator_tag: "{{ openstack_release }}"
+swift_object_replicator_image_full: "{{ swift_object_replicator_image }}:{{ swift_object_replicator_tag }}"
+
+swift_object_server_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ kolla_install_type }}-swift-object-server"
+swift_object_server_tag: "{{ openstack_release }}"
+swift_object_server_image_full: "{{ swift_object_server_image }}:{{ swift_object_server_tag }}"
+
+swift_object_updater_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ kolla_install_type }}-swift-object-updater"
+swift_object_updater_tag: "{{ openstack_release }}"
+swift_object_updater_image_full: "{{ swift_object_updater_image }}:{{ swift_object_updater_tag }}"
+
+####################
+# Openstack
+####################
+swift_public_address: "{{ kolla_external_address }}"
+swift_admin_address: "{{ kolla_internal_address }}"
+swift_internal_address: "{{ kolla_internal_address }}"
+
+swift_logging_verbose: "{{ openstack_logging_verbose }}"
+swift_logging_debug: "{{ openstack_logging_debug }}"
+
+swift_keystone_user: "swift"
+swift_admin_tenant_name: "admin"
+
+swift_devices_mount_point: "/srv/node"
+
+openstack_swift_auth: "{'auth_url':'{{ openstack_auth_v2.auth_url }}','username':'{{ openstack_auth_v2.username }}','password':'{{ openstack_auth_v2.password }}','project_name':'{{ openstack_auth_v2.project_name }}'}"
diff --git a/ansible/roles/swift/meta/main.yml b/ansible/roles/swift/meta/main.yml
new file mode 100644
index 0000000000000000000000000000000000000000..f478e69120dd537150ef2afaec943bc8e664e9a7
--- /dev/null
+++ b/ansible/roles/swift/meta/main.yml
@@ -0,0 +1,4 @@
+---
+dependencies:
+ - { role: common }
+ - { role: memcached }
diff --git a/ansible/roles/swift/tasks/bootstrap.yml b/ansible/roles/swift/tasks/bootstrap.yml
new file mode 100644
index 0000000000000000000000000000000000000000..4d035fbb75ac8ebca9ca705d169d40e8a40e182a
--- /dev/null
+++ b/ansible/roles/swift/tasks/bootstrap.yml
@@ -0,0 +1,19 @@
+---
+- name: Starting Swift data container
+ docker:
+ docker_api_version: "{{ docker_api_version }}"
+ net: host
+ pull: "{{ docker_pull_policy }}"
+ restart_policy: "{{ docker_restart_policy }}"
+ restart_policy_retry: "{{ docker_restart_policy_retry }}"
+ state: reloaded
+ registry: "{{ docker_registry }}"
+ username: "{{ docker_registry_username }}"
+ password: "{{ docker_registry_password }}"
+ insecure_registry: "{{ docker_insecure_registry }}"
+ name: swift_data
+ image: "{{ swift_data_image_full }}"
+ volumes:
+ - "/srv/node/sdb1"
+ - "/srv/node/sdb2"
+ - "/srv/node/sdb3"
diff --git a/ansible/roles/swift/tasks/config.yml b/ansible/roles/swift/tasks/config.yml
new file mode 100644
index 0000000000000000000000000000000000000000..b3ec2f1db7f47debf061f283258114e1a7440f29
--- /dev/null
+++ b/ansible/roles/swift/tasks/config.yml
@@ -0,0 +1,84 @@
+---
+# TODO(pbourke): There needs to be one swift.conf generated per service for updates to work
+# correctly. Figure out a way (with_items seems to not be allowed when using include)
+- include: ../../config.yml
+ vars:
+ service_name: "swift"
+ config_source:
+ - "roles/swift/templates/swift.conf.j2"
+ - "/etc/kolla/config/global.conf"
+ - "/etc/kolla/config/swift/swift.conf"
+ config_template_dest:
+ - "{{ node_templates_directory }}/{{ service_name }}/swift.conf_minimal"
+ - "{{ node_templates_directory }}/{{ service_name }}/swift.conf_global"
+ - "{{ node_templates_directory }}/{{ service_name }}/swift.conf_augment"
+ config_dest: "{{ node_config_directory }}/{{ service_name }}/swift.conf"
+
+- include: ../../config.yml
+ vars:
+ service_name: "swift-proxy-server"
+ config_source:
+ - "roles/swift/templates/proxy-server.conf.j2"
+ - "/etc/kolla/config/global.conf"
+ - "/etc/kolla/config/swift/proxy-server.conf"
+ config_template_dest:
+ - "{{ node_templates_directory }}/{{ service_name }}/proxy-server.conf_minimal"
+ - "{{ node_templates_directory }}/{{ service_name }}/proxy-server.conf_global"
+ - "{{ node_templates_directory }}/{{ service_name }}/proxy-server.conf_augment"
+ config_dest: "{{ node_config_directory }}/{{ service_name }}/proxy-server.conf"
+ when: inventory_hostname in groups['swift-proxy-server']
+
+- include: ../../config.yml
+ vars:
+ service_name: "swift-account-server"
+ config_source:
+ - "roles/swift/templates/account-server.conf.j2"
+ - "/etc/kolla/config/global.conf"
+ - "/etc/kolla/config/swift/account-server.conf"
+ config_template_dest:
+ - "{{ node_templates_directory }}/{{ service_name }}/account-server.conf_minimal"
+ - "{{ node_templates_directory }}/{{ service_name }}/account-server.conf_global"
+ - "{{ node_templates_directory }}/{{ service_name }}/account-server.conf_augment"
+ config_dest: "{{ node_config_directory }}/{{ service_name }}/account-server.conf"
+ when: inventory_hostname in groups['swift-account-server']
+
+- include: ../../config.yml
+ vars:
+ service_name: "swift-container-server"
+ config_source:
+ - "roles/swift/templates/container-server.conf.j2"
+ - "/etc/kolla/config/global.conf"
+ - "/etc/kolla/config/swift/container-server.conf"
+ config_template_dest:
+ - "{{ node_templates_directory }}/{{ service_name }}/container-server.conf_minimal"
+ - "{{ node_templates_directory }}/{{ service_name }}/container-server.conf_global"
+ - "{{ node_templates_directory }}/{{ service_name }}/container-server.conf_augment"
+ config_dest: "{{ node_config_directory }}/{{ service_name }}/container-server.conf"
+ when: inventory_hostname in groups['swift-container-server']
+
+- include: ../../config.yml
+ vars:
+ service_name: "swift-object-server"
+ config_source:
+ - "roles/swift/templates/object-server.conf.j2"
+ - "/etc/kolla/config/global.conf"
+ - "/etc/kolla/config/swift/object-server.conf"
+ config_template_dest:
+ - "{{ node_templates_directory }}/{{ service_name }}/object-server.conf_minimal"
+ - "{{ node_templates_directory }}/{{ service_name }}/object-server.conf_global"
+ - "{{ node_templates_directory }}/{{ service_name }}/object-server.conf_augment"
+ config_dest: "{{ node_config_directory }}/{{ service_name }}/object-server.conf"
+ when: inventory_hostname in groups['swift-object-server']
+
+- name: Copying over Swift ring files
+ copy:
+ src: "{{ item.src }}"
+ dest: "{{ item.dest }}"
+ backup: yes
+ with_items:
+ - { src: "/etc/kolla/config/swift/object.ring.gz",
+ dest: "{{ node_config_directory }}/swift/object.ring.gz" }
+ - { src: "/etc/kolla/config/swift/container.ring.gz",
+ dest: "{{ node_config_directory }}/swift/container.ring.gz" }
+ - { src: "/etc/kolla/config/swift/account.ring.gz",
+ dest: "{{ node_config_directory }}/swift/account.ring.gz" }
diff --git a/ansible/roles/swift/tasks/main.yml b/ansible/roles/swift/tasks/main.yml
new file mode 100644
index 0000000000000000000000000000000000000000..5c48120b7c9e6ee00027462c3f23aa25c6b05dd7
--- /dev/null
+++ b/ansible/roles/swift/tasks/main.yml
@@ -0,0 +1,8 @@
+---
+- include: register.yml
+
+- include: config.yml
+
+- include: bootstrap.yml
+
+- include: start.yml
diff --git a/ansible/roles/swift/tasks/register.yml b/ansible/roles/swift/tasks/register.yml
new file mode 100644
index 0000000000000000000000000000000000000000..d2d61dd7698c76fc08da9d7b016c8d2aaf9b9065
--- /dev/null
+++ b/ansible/roles/swift/tasks/register.yml
@@ -0,0 +1,37 @@
+---
+- name: Creating the Swift service and endpoint
+ command: docker exec -t kolla_ansible /usr/bin/ansible localhost
+ -m kolla_keystone_service
+ -a "service_name=swift
+ service_type=object-store
+ description='Openstack Object Storage'
+ endpoint_region={{ openstack_region_name }}
+ admin_url='http://{{ kolla_internal_address }}:{{ swift_proxy_server_port }}'
+ internal_url='http://{{ kolla_internal_address }}:{{ swift_proxy_server_port }}/v1/AUTH_%(tenant_id)s'
+ public_url='http://{{ kolla_external_address }}:{{ swift_proxy_server_port }}/v1/AUTH_%(tenant_id)s'
+ region_name={{ openstack_region_name }}
+ auth={{ '{{ openstack_swift_auth }}' }}"
+ -e "{'openstack_swift_auth':{{ openstack_swift_auth }}}"
+ register: swift_endpoint
+ changed_when: "{{ swift_endpoint.stdout.find('localhost | SUCCESS => ') != -1 and (swift_endpoint.stdout.split('localhost | SUCCESS => ')[1]|from_json).changed }}"
+ until: swift_endpoint.stdout.split()[2] == 'SUCCESS'
+ retries: 10
+ delay: 5
+ run_once: True
+
+- name: Creating the Swift project, user, and role
+ command: docker exec -t kolla_ansible /usr/bin/ansible localhost
+ -m kolla_keystone_user
+ -a "project=service
+ user={{ swift_keystone_user }}
+ password={{ swift_keystone_password }}
+ role={{ swift_admin_tenant_name }}
+ region_name={{ openstack_region_name }}
+ auth={{ '{{ openstack_swift_auth }}' }}"
+ -e "{'openstack_swift_auth':{{ openstack_swift_auth }}}"
+ register: swift_user
+ changed_when: "{{ swift_user.stdout.find('localhost | SUCCESS => ') != -1 and (swift_user.stdout.split('localhost | SUCCESS => ')[1]|from_json).changed }}"
+ until: swift_user.stdout.split()[2] == 'SUCCESS'
+ retries: 10
+ delay: 5
+ run_once: True
diff --git a/ansible/roles/swift/tasks/start.yml b/ansible/roles/swift/tasks/start.yml
new file mode 100644
index 0000000000000000000000000000000000000000..eaf9c9a6cd3180f0f113f0ec235b371ef73bf6dd
--- /dev/null
+++ b/ansible/roles/swift/tasks/start.yml
@@ -0,0 +1,92 @@
+---
+- name: Starting Swift Proxy Server container
+ docker:
+ docker_api_version: "{{ docker_api_version }}"
+ net: host
+ pull: "{{ docker_pull_policy }}"
+ restart_policy: "{{ docker_restart_policy }}"
+ restart_policy_retry: "{{ docker_restart_policy_retry }}"
+ state: reloaded
+ registry: "{{ docker_registry }}"
+ username: "{{ docker_registry_username }}"
+ password: "{{ docker_registry_password }}"
+ insecure_registry: "{{ docker_insecure_registry }}"
+ name: swift_proxy_server
+ image: "{{ swift_proxy_server_image_full }}"
+ volumes:
+ - "{{ node_config_directory }}/swift/:/opt/kolla/swift/:ro"
+ - "{{ node_config_directory }}/swift-proxy-server/:/opt/kolla/swift-proxy-server/:ro"
+ volumes_from:
+ - swift_data
+ env:
+ KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}"
+ when: inventory_hostname in groups['swift-proxy-server']
+
+- name: Starting Swift Account Server container
+ docker:
+ docker_api_version: "{{ docker_api_version }}"
+ net: host
+ pull: "{{ docker_pull_policy }}"
+ restart_policy: "{{ docker_restart_policy }}"
+ restart_policy_retry: "{{ docker_restart_policy_retry }}"
+ state: reloaded
+ registry: "{{ docker_registry }}"
+ username: "{{ docker_registry_username }}"
+ password: "{{ docker_registry_password }}"
+ insecure_registry: "{{ docker_insecure_registry }}"
+ name: swift_account_server
+ image: "{{ swift_account_server_image_full }}"
+ volumes:
+ - "{{ node_config_directory }}/swift/:/opt/kolla/swift/:ro"
+ - "{{ node_config_directory }}/swift-account-server/:/opt/kolla/swift-account-server/:ro"
+ volumes_from:
+ - swift_data
+ env:
+ KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}"
+ when: inventory_hostname in groups['swift-account-server']
+
+- name: Starting Swift Container Server container
+ docker:
+ docker_api_version: "{{ docker_api_version }}"
+ net: host
+ pull: "{{ docker_pull_policy }}"
+ restart_policy: "{{ docker_restart_policy }}"
+ restart_policy_retry: "{{ docker_restart_policy_retry }}"
+ state: reloaded
+ registry: "{{ docker_registry }}"
+ username: "{{ docker_registry_username }}"
+ password: "{{ docker_registry_password }}"
+ insecure_registry: "{{ docker_insecure_registry }}"
+ name: swift_container_server
+ image: "{{ swift_container_server_image_full }}"
+ volumes:
+ - "{{ node_config_directory }}/swift/:/opt/kolla/swift/:ro"
+ - "{{ node_config_directory }}/swift-container-server/:/opt/kolla/swift-container-server/:ro"
+ volumes_from:
+ - swift_data
+ env:
+ KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}"
+ when: inventory_hostname in groups['swift-container-server']
+
+- name: Starting Swift Object Server container
+ docker:
+ docker_api_version: "{{ docker_api_version }}"
+ net: host
+ pull: "{{ docker_pull_policy }}"
+ restart_policy: "{{ docker_restart_policy }}"
+ restart_policy_retry: "{{ docker_restart_policy_retry }}"
+ state: reloaded
+ registry: "{{ docker_registry }}"
+ username: "{{ docker_registry_username }}"
+ password: "{{ docker_registry_password }}"
+ insecure_registry: "{{ docker_insecure_registry }}"
+ name: swift_object_server
+ image: "{{ swift_object_server_image_full }}"
+ volumes:
+ - "{{ node_config_directory }}/swift/:/opt/kolla/swift/:ro"
+ - "{{ node_config_directory }}/swift-object-server/:/opt/kolla/swift-object-server/:ro"
+ volumes_from:
+ - swift_data
+ env:
+ KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}"
+ when: inventory_hostname in groups['swift-object-server']
diff --git a/ansible/roles/swift/templates/account-server.conf.j2 b/ansible/roles/swift/templates/account-server.conf.j2
new file mode 100644
index 0000000000000000000000000000000000000000..db7a63c6e978cded44a5622b3fe187b9a6992e21
--- /dev/null
+++ b/ansible/roles/swift/templates/account-server.conf.j2
@@ -0,0 +1,11 @@
+[DEFAULT]
+bind_ip = {{ hostvars[inventory_hostname]['ansible_' + api_interface]['ipv4']['address'] }}
+bind_port = {{ swift_account_server_port }}
+devices = {{ swift_devices_mount_point }}
+mount_check = false
+
+[pipeline:main]
+pipeline = account-server
+
+[app:account-server]
+use = egg:swift#account
diff --git a/ansible/roles/swift/templates/container-server.conf.j2 b/ansible/roles/swift/templates/container-server.conf.j2
new file mode 100644
index 0000000000000000000000000000000000000000..2baf9b72ce0caab5a59d71f380b090a2cd77a12a
--- /dev/null
+++ b/ansible/roles/swift/templates/container-server.conf.j2
@@ -0,0 +1,11 @@
+[DEFAULT]
+bind_ip = {{ hostvars[inventory_hostname]['ansible_' + api_interface]['ipv4']['address'] }}
+bind_port = {{ swift_container_server_port }}
+devices = {{ swift_devices_mount_point }}
+mount_check = false
+
+[pipeline:main]
+pipeline = container-server
+
+[app:container-server]
+use = egg:swift#container
diff --git a/ansible/roles/swift/templates/object-server.conf.j2 b/ansible/roles/swift/templates/object-server.conf.j2
new file mode 100644
index 0000000000000000000000000000000000000000..3f36d5e72185aa3f8abbf8d87fd32ac8b8c9f201
--- /dev/null
+++ b/ansible/roles/swift/templates/object-server.conf.j2
@@ -0,0 +1,11 @@
+[DEFAULT]
+bind_ip = {{ hostvars[inventory_hostname]['ansible_' + api_interface]['ipv4']['address'] }}
+bind_port = {{ swift_object_server_port }}
+devices = {{ swift_devices_mount_point }}
+mount_check = false
+
+[pipeline:main]
+pipeline = object-server
+
+[app:object-server]
+use = egg:swift#object
diff --git a/ansible/roles/swift/templates/proxy-server.conf.j2 b/ansible/roles/swift/templates/proxy-server.conf.j2
new file mode 100644
index 0000000000000000000000000000000000000000..44dddc12b68d0607ebc19c6c814977ee4fedad0b
--- /dev/null
+++ b/ansible/roles/swift/templates/proxy-server.conf.j2
@@ -0,0 +1,57 @@
+[DEFAULT]
+bind_ip = {{ hostvars[inventory_hostname]['ansible_' + api_interface]['ipv4']['address'] }}
+bind_port = {{ swift_proxy_server_port }}
+
+[pipeline:main]
+pipeline = catch_errors gatekeeper healthcheck cache container_sync bulk ratelimit authtoken keystoneauth slo dlo proxy-server
+
+[app:proxy-server]
+use = egg:swift#proxy
+allow_account_management = true
+account_autocreate = true
+
+[filter:cache]
+use = egg:swift#memcache
+memcache_servers = {% for host in groups['swift-proxy-server'] %}{{ hostvars[host]['ansible_' + api_interface]['ipv4']['address'] }}:{{ memcached_port }}{% if not loop.last %},{% endif %}{% endfor %}
+
+[filter:catch_errors]
+use = egg:swift#catch_errors
+
+[filter:healthcheck]
+use = egg:swift#healthcheck
+
+[filter:proxy-logging]
+use = egg:swift#proxy_logging
+
+[filter:authtoken]
+paste.filter_factory = keystonemiddleware.auth_token:filter_factory
+auth_uri = http://{{ kolla_internal_address }}:{{ keystone_public_port }}
+auth_url = http://{{ kolla_internal_address }}:{{ keystone_admin_port }}
+auth_plugin = password
+project_domain_id = default
+user_domain_id = default
+project_name = service
+username = {{ swift_keystone_user }}
+password = {{ swift_keystone_password }}
+
+[filter:keystoneauth]
+use = egg:swift#keystoneauth
+operator_roles = admin,user
+
+[filter:container_sync]
+use = egg:swift#container_sync
+
+[filter:bulk]
+use = egg:swift#bulk
+
+[filter:ratelimit]
+use = egg:swift#ratelimit
+
+[filter:gatekeeper]
+use = egg:swift#gatekeeper
+
+[filter:slo]
+use = egg:swift#slo
+
+[filter:dlo]
+use = egg:swift#dlo
diff --git a/ansible/roles/swift/templates/swift.conf.j2 b/ansible/roles/swift/templates/swift.conf.j2
new file mode 100644
index 0000000000000000000000000000000000000000..917a32cf1c8966dc709a2e8cb4b37089e4c1a6de
--- /dev/null
+++ b/ansible/roles/swift/templates/swift.conf.j2
@@ -0,0 +1,3 @@
+[swift-hash]
+swift_hash_path_suffix = {{ swift_hash_path_suffix }}
+swift_hash_path_prefix = {{ swift_hash_path_prefix }}
diff --git a/ansible/site.yml b/ansible/site.yml
index ae1d34885958081f686a0fb36c1fb993eafa2e0a..b395249023567025e24559f7e26cdc3fbb503bdb 100755
--- a/ansible/site.yml
+++ b/ansible/site.yml
@@ -15,6 +15,10 @@
roles:
- { role: keystone, tags: keystone, when: enable_keystone | bool }
+- hosts: [swift-proxy-server, swift-account-server, swift-object-server, swift-container-server ]
+ roles:
+ - { role: swift, tags: swift, when: enable_swift | bool }
+
- hosts: [glance-api, glance-registry]
roles:
- { role: glance, tags: glance, when: enable_glance | bool }
diff --git a/docker/common/swift/swift-account-server/config-external.sh b/docker/common/swift/swift-account-server/config-external.sh
index 613fd30f080330cbde9d65276980404708e0f3d8..61adefcd06ff3440b7c49a4e5c14c4835587a437 100644
--- a/docker/common/swift/swift-account-server/config-external.sh
+++ b/docker/common/swift/swift-account-server/config-external.sh
@@ -1,18 +1,19 @@
#!/bin/bash
-SOURCE="/opt/kolla/swift/swift.conf"
-TARGET="/etc/swift/swift.conf"
-SOURCE_ACCOUNT_SERVER="/opt/kolla/swift/account-server.conf"
-TARGET_ACCOUNT_SERVER="/etc/swift/account-server.conf"
-OWNER="swift"
-if [[ -f "$SOURCE" ]]; then
- cp $SOURCE $TARGET
- chown ${OWNER}: $TARGET
- chmod 0640 $TARGET
+if [[ -f /opt/kolla/swift/swift.conf ]]; then
+ cp /opt/kolla/swift/swift.conf /etc/swift/
+ chown swift: /etc/swift/swift.conf
+ chmod 0640 /etc/swift/swift.conf
fi
-if [[ -f "$SOURCE_ACCOUNT_SERVER" ]]; then
- cp $SOURCE_ACCOUNT_SERVER $TARGET_ACCOUNT_SERVER
- chown ${OWNER}: $TARGET_ACCOUNT_SERVER
- chmod 0640 $TARGET_ACCOUNT_SERVER
+if [[ -f "/opt/kolla/swift/account.ring.gz" ]]; then
+ cp /opt/kolla/swift/account.ring.gz /etc/swift/account.ring.gz
+ chown swift: /etc/swift/account.ring.gz
+ chmod 0640 /etc/swift/account.ring.gz
+fi
+
+if [[ -f /opt/kolla/swift-account-server/account-server.conf ]]; then
+ cp /opt/kolla/swift-account-server/account-server.conf /etc/swift/
+ chown swift: /etc/swift/account-server.conf
+ chmod 0640 /etc/swift/account-server.conf
fi
diff --git a/docker/common/swift/swift-account-server/start.sh b/docker/common/swift/swift-account-server/start.sh
index 1c205cb26f83f87a53ac156ba271806c8f9e1ff2..402ee6f44fa2abcfae6cd9c1ece74f350a7514f5 100755
--- a/docker/common/swift/swift-account-server/start.sh
+++ b/docker/common/swift/swift-account-server/start.sh
@@ -8,6 +8,8 @@ ARGS="/etc/swift/account-server.conf --verbose"
# Loading common functions.
source /opt/kolla/kolla-common.sh
+source /opt/kolla/config-swift.sh
+
# Execute config strategy
set_configs
diff --git a/docker/common/swift/swift-base/config-swift.sh b/docker/common/swift/swift-base/config-swift.sh
index 343abdcec85cabb833068429a0a5c57e81b13ab9..b101b4e696d2603055e873d8bb93615943ba0790 100755
--- a/docker/common/swift/swift-base/config-swift.sh
+++ b/docker/common/swift/swift-base/config-swift.sh
@@ -1,9 +1,3 @@
#!/bin/bash
-. /opt/kolla/kolla-common.sh
-
-check_required_vars SWIFT_HASH_PATH_SUFFIX
-
-cfg=/etc/swift/swift.conf
-
-crudini --set $cfg swift-hash swift_hash_path_suffix "${SWIFT_HASH_PATH_SUFFIX}"
+chown -R swift: /srv/node
diff --git a/docker/common/swift/swift-container-server/config-external.sh b/docker/common/swift/swift-container-server/config-external.sh
index 93f696349a637487c0ca2f24c87ffc7fde101e07..d81ba6cc41c29170f906dd2d1634e442477dfaa2 100644
--- a/docker/common/swift/swift-container-server/config-external.sh
+++ b/docker/common/swift/swift-container-server/config-external.sh
@@ -1,18 +1,21 @@
#!/bin/bash
-SOURCE="/opt/kolla/swift/swift.conf"
-TARGET="/etc/swift/swift.conf"
-SOURCE_CONTAINER_SERVER="/opt/kolla/swift/container-server.conf"
-TARGET_CONTAINER_SERVER="/etc/swift/container-server.conf"
+
OWNER="swift"
-if [[ -f "$SOURCE" ]]; then
- cp $SOURCE $TARGET
- chown ${OWNER}: $TARGET
- chmod 0640 $TARGET
+if [[ -f "/opt/kolla/swift/swift.conf" ]]; then
+ cp /opt/kolla/swift/swift.conf /etc/swift/swift.conf
+ chown ${OWNER}: /etc/swift/swift.conf
+ chmod 0640 /etc/swift/swift.conf
+fi
+
+if [[ -f "/opt/kolla/swift/container.ring.gz" ]]; then
+ cp /opt/kolla/swift/container.ring.gz /etc/swift/container.ring.gz
+ chown ${OWNER}: /etc/swift/container.ring.gz
+ chmod 0640 /etc/swift/container.ring.gz
fi
-if [[ -f "$SOURCE_CONTAINER_SERVER" ]]; then
- cp $SOURCE_CONTAINER_SERVER $TARGET_CONTAINER_SERVER
- chown ${OWNER}: $TARGET_CONTAINER_SERVER
- chmod 0640 $TARGET_CONTAINER_SERVER
+if [[ -f "/opt/kolla/swift-container-server/container-server.conf" ]]; then
+ cp /opt/kolla/swift-container-server/container-server.conf /etc/swift/container-server.conf
+ chown ${OWNER}: /etc/swift/container-server.conf
+ chmod 0640 /etc/swift/container-server.conf
fi
diff --git a/docker/common/swift/swift-container-server/start.sh b/docker/common/swift/swift-container-server/start.sh
index 2c8977d50b2c4f804964bd19f470aa73be40b03d..78070ab29c8c24456319e1d408ae8120d511cc59 100755
--- a/docker/common/swift/swift-container-server/start.sh
+++ b/docker/common/swift/swift-container-server/start.sh
@@ -8,6 +8,8 @@ ARGS="/etc/swift/container-server.conf --verbose"
# Loading common functions.
source /opt/kolla/kolla-common.sh
+source /opt/kolla/config-swift.sh
+
# Execute config strategy
set_configs
diff --git a/docker/common/swift/swift-object-auditor/start.sh b/docker/common/swift/swift-object-auditor/start.sh
index 18978e703eb6f922237f11e98085eca230eab9a3..6319eed6bdd4b2a79981a8fa2e1959483e646e42 100755
--- a/docker/common/swift/swift-object-auditor/start.sh
+++ b/docker/common/swift/swift-object-auditor/start.sh
@@ -8,6 +8,8 @@ ARGS="/etc/swift/object-server.conf --verbose"
# Loading common functions.
source /opt/kolla/kolla-common.sh
+source /opt/kolla/config-swift.sh
+
# Execute config strategy
set_configs
diff --git a/docker/common/swift/swift-object-expirer/start.sh b/docker/common/swift/swift-object-expirer/start.sh
index 3d073fcc21a3ed8940ee020fb990905c7ce374e2..434e8dc499e95f33f1310f7355da04683408d038 100755
--- a/docker/common/swift/swift-object-expirer/start.sh
+++ b/docker/common/swift/swift-object-expirer/start.sh
@@ -8,6 +8,8 @@ ARGS="/etc/swift/object-server.conf --verbose"
# Loading common functions.
source /opt/kolla/kolla-common.sh
+source /opt/kolla/config-swift.sh
+
# Execute config strategy
set_configs
diff --git a/docker/common/swift/swift-object-replicator/start.sh b/docker/common/swift/swift-object-replicator/start.sh
index 409661c6fadbe086a01c2a00518f4e5a79dadbd3..203f8864d1c1f3a99a81a633b9620738255a12a0 100755
--- a/docker/common/swift/swift-object-replicator/start.sh
+++ b/docker/common/swift/swift-object-replicator/start.sh
@@ -8,6 +8,8 @@ ARGS="/etc/swift/object-server.conf --verbose"
# Loading common functions.
source /opt/kolla/kolla-common.sh
+source /opt/kolla/config-swift.sh
+
# Execute config strategy
set_configs
diff --git a/docker/common/swift/swift-object-server/config-external.sh b/docker/common/swift/swift-object-server/config-external.sh
index 0fa02e9855ab122fc7c2e38dd4eb5ec4c9eca7eb..a3fb1a2cc5e71a6231cfeff41f606747775557b8 100644
--- a/docker/common/swift/swift-object-server/config-external.sh
+++ b/docker/common/swift/swift-object-server/config-external.sh
@@ -1,18 +1,27 @@
#!/bin/bash
-SOURCE="/opt/kolla/swift/swift.conf"
-TARGET="/etc/swift/swift.conf"
-SOURCE_OBJECT_SERVER="/opt/kolla/swift/object-server.conf"
-TARGET_OBJECT_SERVER="/etc/swift/object-server.conf"
+
OWNER="swift"
-if [[ -f "$SOURCE" ]]; then
- cp $SOURCE $TARGET
- chown ${OWNER}: $TARGET
- chmod 0640 $TARGET
+if [[ -f "/opt/kolla/swift/swift.conf" ]]; then
+ cp /opt/kolla/swift/swift.conf /etc/swift/swift.conf
+ chown ${OWNER}: /etc/swift/swift.conf
+ chmod 0640 /etc/swift/swift.conf
+fi
+
+if [[ -f "/opt/kolla/swift/object.ring.gz" ]]; then
+ cp /opt/kolla/swift/object.ring.gz /etc/swift/object.ring.gz
+ chown ${OWNER}: /etc/swift/object.ring.gz
+ chmod 0640 /etc/swift/object.ring.gz
+fi
+
+if [[ -f "/opt/kolla/swift/container.ring.gz" ]]; then
+ cp /opt/kolla/swift/container.ring.gz /etc/swift/container.ring.gz
+ chown ${OWNER}: /etc/swift/container.ring.gz
+ chmod 0640 /etc/swift/container.ring.gz
fi
-if [[ -f "$SOURCE_OBJECT_SERVER" ]]; then
- cp $SOURCE_OBJECT_SERVER $TARGET_OBJECT_SERVER
- chown ${OWNER}: $TARGET_OBJECT_SERVER
- chmod 0640 $TARGET_OBJECT_SERVER
+if [[ -f "/opt/kolla/swift-object-server/object-server.conf" ]]; then
+ cp /opt/kolla/swift-object-server/object-server.conf /etc/swift/object-server.conf
+ chown ${OWNER}: /etc/swift/object-server.conf
+ chmod 0640 /etc/swift/object-server.conf
fi
diff --git a/docker/common/swift/swift-object-server/start.sh b/docker/common/swift/swift-object-server/start.sh
index c5def0a7a099a23c58a8a8f5a19dbb2294c82aba..f2a32b4d370c4a056fe2445bf06e9c87cd1e4e7e 100755
--- a/docker/common/swift/swift-object-server/start.sh
+++ b/docker/common/swift/swift-object-server/start.sh
@@ -8,6 +8,8 @@ ARGS="/etc/swift/object-server.conf --verbose"
# Loading common functions.
source /opt/kolla/kolla-common.sh
+source /opt/kolla/config-swift.sh
+
# Execute config strategy
set_configs
diff --git a/docker/common/swift/swift-object-updater/start.sh b/docker/common/swift/swift-object-updater/start.sh
index d2648582487dbf1efcf9373f3abd8ed632048566..744344f74c6c2053bf3a7075c3fb24345dc86485 100755
--- a/docker/common/swift/swift-object-updater/start.sh
+++ b/docker/common/swift/swift-object-updater/start.sh
@@ -8,6 +8,8 @@ ARGS="/etc/swift/object-server.conf --verbose"
# Loading common functions.
source /opt/kolla/kolla-common.sh
+source /opt/kolla/config-swift.sh
+
# Execute config strategy
set_configs
diff --git a/docker/common/swift/swift-proxy-server/config-external.sh b/docker/common/swift/swift-proxy-server/config-external.sh
index 2b3327b33c76e84b35b3fc267aeb731c8bd441b1..434cce7e5fc37b21bbab6669db5f8b78bd4fdde2 100755
--- a/docker/common/swift/swift-proxy-server/config-external.sh
+++ b/docker/common/swift/swift-proxy-server/config-external.sh
@@ -1,10 +1,33 @@
#!/bin/bash
-SOURCE="/opt/kolla/swift-proxy-server/swift.conf"
-TARGET="/etc/swift/swift.conf"
+
OWNER="swift"
-if [[ -f "$SOURCE" ]]; then
- cp $SOURCE $TARGET
- chown ${OWNER}: $TARGET
- chmod 0640 $TARGET
+if [[ -f "/opt/kolla/swift/swift.conf" ]]; then
+ cp /opt/kolla/swift/swift.conf /etc/swift/swift.conf
+ chown ${OWNER}: /etc/swift/swift.conf
+ chmod 0640 /etc/swift/swift.conf
+fi
+
+if [[ -f "/opt/kolla/swift/object.ring.gz" ]]; then
+ cp /opt/kolla/swift/object.ring.gz /etc/swift/object.ring.gz
+ chown ${OWNER}: /etc/swift/object.ring.gz
+ chmod 0640 /etc/swift/object.ring.gz
+fi
+
+if [[ -f "/opt/kolla/swift/container.ring.gz" ]]; then
+ cp /opt/kolla/swift/container.ring.gz /etc/swift/container.ring.gz
+ chown ${OWNER}: /etc/swift/container.ring.gz
+ chmod 0640 /etc/swift/container.ring.gz
+fi
+
+if [[ -f "/opt/kolla/swift/account.ring.gz" ]]; then
+ cp /opt/kolla/swift/account.ring.gz /etc/swift/account.ring.gz
+ chown ${OWNER}: /etc/swift/account.ring.gz
+ chmod 0640 /etc/swift/account.ring.gz
+fi
+
+if [[ -f "/opt/kolla/swift-proxy-server/proxy-server.conf" ]]; then
+ cp /opt/kolla/swift-proxy-server/proxy-server.conf /etc/swift/proxy-server.conf
+ chown ${OWNER}: /etc/swift/proxy-server.conf
+ chmod 0640 /etc/swift/proxy-server.conf
fi
diff --git a/docker/common/swift/swift-proxy-server/start.sh b/docker/common/swift/swift-proxy-server/start.sh
index da8bd088d0b2378b07522c6896ade97d404bd44e..99a142e526575ac19b305c6fc411706bef32b7bc 100755
--- a/docker/common/swift/swift-proxy-server/start.sh
+++ b/docker/common/swift/swift-proxy-server/start.sh
@@ -8,6 +8,8 @@ ARGS="/etc/swift/proxy-server.conf --verbose"
# Loading common functions.
source /opt/kolla/kolla-common.sh
+source /opt/kolla/config-swift.sh
+
# Execute config strategy
set_configs
diff --git a/docs/swift-readme.rst b/docs/swift-readme.rst
new file mode 100644
index 0000000000000000000000000000000000000000..9f8e19ecda52bfd4b2201e60cce50c979b57d801
--- /dev/null
+++ b/docs/swift-readme.rst
@@ -0,0 +1,130 @@
+Swift in Kolla
+==============
+
+Overview
+--------
+Currently Kolla can deploy the "core" services required for a working Swift, in either an AIO or
+multi node setup:
+
+- swift-proxy
+- swift-account
+- swift-container
+- swift-object
+
+There are a variety of other services such the replicator, expirer, rsyncd, etc. which actually make
+Swift useful, which are in progress and hope to be finished in liberty-rc1.
+
+Prerequisites
+-------------
+Before running Swift we need to generate "rings", which are binary compressed files that at a high
+level let the various Swift services know where data is in the cluster. Again, we hope to be able to
+generate these automatically for liberty-rc1.
+
+Swift also expects block devices to be available and partitioned on the host, which Swift uses in
+combination with the rings to store data. Swift demos commonly just use directories created under
+/srv/node to simulate these devices. In order to ease "out of the box" testing of Kolla, we offer a
+similar setup with a data container. *Note*, data containers are very inefficient for this purpose.
+In production setups operators will want to provision disks according to the Swift operator guide,
+which can then be added the rings and used in Kolla.
+
+For an AIO setup, the following commands can be used, locally, to generate rings containing the data
+container directories:
+
+::
+
+ export KOLLA_INTERNAL_ADDRESS=1.2.3.4
+
+ # Object ring
+ docker run \
+ -v /etc/kolla/config/swift/:/etc/kolla/config/swift/ \
+ kollaglue/centos-binary-swift-base \
+ swift-ring-builder /etc/kolla/config/swift/object.builder create 10 3 1
+
+ for partition in sdb1 sdb2 sdb3; do
+ docker run \
+ -v /etc/kolla/config/swift/:/etc/kolla/config/swift/ \
+ kollaglue/centos-binary-swift-base swift-ring-builder \
+ /etc/kolla/config/swift/object.builder add z1-${KOLLA_INTERNAL_ADDRESS}:6000/${partition} 1
+ done
+
+ # Account ring
+ docker run \
+ -v /etc/kolla/config/swift/:/etc/kolla/config/swift/ \
+ kollaglue/centos-binary-swift-base \
+ swift-ring-builder /etc/kolla/config/swift/account.builder create 10 3 1
+
+ for partition in sdb1 sdb2 sdb3; do
+ docker run \
+ -v /etc/kolla/config/swift/:/etc/kolla/config/swift/ \
+ kollaglue/centos-binary-swift-base swift-ring-builder \
+ /etc/kolla/config/swift/account.builder add z1-${KOLLA_INTERNAL_ADDRESS}:6001/${partition} 1
+ done
+
+ # Container ring
+ docker run \
+ -v /etc/kolla/config/swift/:/etc/kolla/config/swift/ \
+ kollaglue/centos-binary-swift-base \
+ swift-ring-builder /etc/kolla/config/swift/container.builder create 10 3 1
+
+ for partition in sdb1 sdb2 sdb3; do
+ docker run \
+ -v /etc/kolla/config/swift/:/etc/kolla/config/swift/ \
+ kollaglue/centos-binary-swift-base swift-ring-builder \
+ /etc/kolla/config/swift/container.builder add z1-${KOLLA_INTERNAL_ADDRESS}:6002/${partition} 1
+ done
+
+ for ring in object account container; do
+ docker run \
+ -v /etc/kolla/config/swift/:/etc/kolla/config/swift/ \
+ kollaglue/centos-binary-swift-base swift-ring-builder \
+ /etc/kolla/config/swift/${ring}.builder rebalance
+ done
+
+Similar commands can be used for multinode, you will just need to run the the 'add' step for each IP
+in the cluster.
+
+For more info, see
+http://docs.openstack.org/kilo/install-guide/install/apt/content/swift-initial-rings.html
+
+Deploying
+---------
+Once the rings are in place, deploying Swift is the same as any other Kolla Ansible service. Below
+is the minimal command to bring up Swift AIO, and it's dependencies:
+
+::
+
+ ansible-playbook \
+ -i ansible/inventory/all-in-one \
+ -e @/etc/kolla/globals.yml \
+ -e @etc/kolla/passwords.yml \
+ ansible/site.yml \
+ --tags=rabbitmq,mariadb,keystone,swift
+
+Validation
+----------
+A very basic smoke test:
+
+::
+
+ $ swift stat
+ Account: AUTH_4c19d363b9cf432a80e34f06b1fa5749
+ Containers: 1
+ Objects: 0
+ Bytes: 0
+ Containers in policy "policy-0": 1
+ Objects in policy "policy-0": 0
+ Bytes in policy "policy-0": 0
+ X-Account-Project-Domain-Id: default
+ X-Timestamp: 1440168098.28319
+ X-Trans-Id: txf5a62b7d7fc541f087703-0055d73be7
+ Content-Type: text/plain; charset=utf-8
+ Accept-Ranges: bytes
+
+ $ swift upload mycontainer README.rst
+ README.md
+
+ $ swift list
+ mycontainer
+
+ $ swift download mycontainer README.md
+ README.md [auth 0.248s, headers 0.939s, total 0.939s, 0.006 MB/s]
diff --git a/etc/kolla/config/swift.conf b/etc/kolla/config/swift.conf
new file mode 100644
index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391
diff --git a/etc/kolla/config/swift/account-server.conf b/etc/kolla/config/swift/account-server.conf
new file mode 100644
index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391
diff --git a/etc/kolla/config/swift/container-server.conf b/etc/kolla/config/swift/container-server.conf
new file mode 100644
index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391
diff --git a/etc/kolla/config/swift/object-server.conf b/etc/kolla/config/swift/object-server.conf
new file mode 100644
index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391
diff --git a/etc/kolla/config/swift/proxy-server.conf b/etc/kolla/config/swift/proxy-server.conf
new file mode 100644
index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391
diff --git a/etc/kolla/config/swift/swift.conf b/etc/kolla/config/swift/swift.conf
new file mode 100644
index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391
diff --git a/etc/kolla/passwords.yml b/etc/kolla/passwords.yml
index cfe3c08cb4b4baa1261051e0bd9a8a7f3ae5f6e7..e73f573f72a21f62488cf463ca48167bb6a53b8d 100644
--- a/etc/kolla/passwords.yml
+++ b/etc/kolla/passwords.yml
@@ -36,6 +36,10 @@ metadata_secret: "password"
cinder_database_password: "password"
cinder_keystone_password: "password"
+swift_keystone_password: "password"
+swift_hash_path_suffix: "kolla"
+swift_hash_path_prefix: "kolla"
+
####################
# RabbitMQ options
####################