171 lines
6.9 KiB
Bash
171 lines
6.9 KiB
Bash
#!/bin/bash
|
|
#
|
|
# lib/glance
|
|
# Functions to control the configuration and operation of the **Glance** service
|
|
|
|
# Dependencies:
|
|
#
|
|
# - ``functions`` file
|
|
# - ``DEST``, ``DATA_DIR``, ``STACK_USER`` must be defined
|
|
# - ``SERVICE_{TENANT_NAME|PASSWORD}`` must be defined
|
|
# - ``SERVICE_HOST``
|
|
# - ``KEYSTONE_TOKEN_FORMAT`` must be defined
|
|
|
|
# ``stack.sh`` calls the entry points in this order:
|
|
#
|
|
# - install_glance
|
|
# - configure_glance
|
|
# - init_glance
|
|
# - start_glance
|
|
# - stop_glance
|
|
# - cleanup_glance
|
|
|
|
# configure_glance() - Set config files, create data dirs, etc
|
|
function configure_glance {
|
|
sudo install -d -o $STACK_USER $GLANCE_CONF_DIR $GLANCE_METADEF_DIR
|
|
|
|
# Set non-default configuration options for the API server
|
|
# Get mysql password
|
|
GLANCE_DATABASE_USER=$(get_data_from_secret glance-mysql openstack USER)
|
|
GLANCE_DATABASE_PASSWORD=$(get_data_from_secret glance-mysql openstack PASSWORD)
|
|
GLANCE_DATABASE_NAME=$(get_data_from_secret glance-mysql openstack DATABASE)
|
|
|
|
# Configure multiple stores
|
|
if [[ "$GLANCE_ENABLE_MULTIPLE_STORES" == "True" ]]; then
|
|
local store enabled_backends
|
|
enabled_backends=""
|
|
for store in $(echo $GLANCE_MULTIPLE_FILE_STORES | tr "," "\n"); do
|
|
enabled_backends+="${store}:file,"
|
|
done
|
|
iniset $GLANCE_API_CONF DEFAULT enabled_backends ${enabled_backends::-1}
|
|
fi
|
|
|
|
iniset $GLANCE_API_CONF DEFAULT debug $ENABLE_DEBUG_LOG_LEVEL
|
|
iniset $GLANCE_API_CONF database connection "mysql+pymysql://$GLANCE_DATABASE_USER:$GLANCE_DATABASE_PASSWORD@glance-mysql/$GLANCE_DATABASE_NAME?charset=utf8"
|
|
iniset $GLANCE_API_CONF DEFAULT use_syslog $SYSLOG
|
|
iniset $GLANCE_API_CONF oslo_concurrency lock_path $GLANCE_LOCK_DIR
|
|
iniset $GLANCE_API_CONF paste_deploy flavor keystone
|
|
kubernetes_ensure_resource secret/glance-application-credential
|
|
GLANCE_APPLICATION_CREDENTIAL_SECRET=$(get_data_from_secret glance-application-credential openstack secret)
|
|
GLANCE_APPLICATION_CREDENTIAL_ID=$(get_data_from_secret glance-application-credential openstack id)
|
|
iniset $GLANCE_API_CONF keystone_authtoken auth_url $KEYSTONE_AUTH_URI_V3
|
|
iniset $GLANCE_API_CONF keystone_authtoken auth_type v3applicationcredential
|
|
iniset $GLANCE_API_CONF keystone_authtoken application_credential_id $GLANCE_APPLICATION_CREDENTIAL_ID
|
|
iniset $GLANCE_API_CONF keystone_authtoken application_credential_secret $GLANCE_APPLICATION_CREDENTIAL_SECRET
|
|
|
|
iniset $GLANCE_API_CONF oslo_messaging_notifications driver messagingv2
|
|
iniset_rpc_backend glance $GLANCE_API_CONF
|
|
if [ "$VIRT_DRIVER" = 'xenserver' ]; then
|
|
iniset $GLANCE_API_CONF DEFAULT container_formats "ami,ari,aki,bare,ovf,tgz"
|
|
iniset $GLANCE_API_CONF DEFAULT disk_formats "ami,ari,aki,vhd,raw,iso"
|
|
fi
|
|
if [ "$VIRT_DRIVER" = 'libvirt' ] && [ "$LIBVIRT_TYPE" = 'parallels' ]; then
|
|
iniset $GLANCE_API_CONF DEFAULT disk_formats "ami,ari,aki,vhd,vmdk,raw,qcow2,vdi,iso,ploop"
|
|
fi
|
|
|
|
# Glance multiple store Store specific configs
|
|
if [[ "$GLANCE_ENABLE_MULTIPLE_STORES" == "True" ]]; then
|
|
iniset $GLANCE_API_CONF glance_store default_backend $GLANCE_DEFAULT_BACKEND
|
|
local store
|
|
for store in $(echo $GLANCE_MULTIPLE_FILE_STORES | tr "," "\n"); do
|
|
iniset $GLANCE_API_CONF $store filesystem_store_datadir "${GLANCE_MULTISTORE_FILE_IMAGE_DIR}/${store}/"
|
|
done
|
|
|
|
# Glance configure reserved stores
|
|
iniset $GLANCE_API_CONF os_glance_staging_store filesystem_store_datadir "${GLANCE_MULTISTORE_FILE_IMAGE_DIR}/os_glance_staging_store/"
|
|
iniset $GLANCE_API_CONF os_glance_tasks_store filesystem_store_datadir "${GLANCE_MULTISTORE_FILE_IMAGE_DIR}/os_glance_tasks_store/"
|
|
else
|
|
# Store specific configs
|
|
iniset $GLANCE_API_CONF glance_store filesystem_store_datadir $GLANCE_IMAGE_DIR/
|
|
fi
|
|
|
|
# CORS feature support - to allow calls from Horizon by default
|
|
if [ -n "$GLANCE_CORS_ALLOWED_ORIGIN" ]; then
|
|
iniset $GLANCE_API_CONF cors allowed_origin "$GLANCE_CORS_ALLOWED_ORIGIN"
|
|
else
|
|
iniset $GLANCE_API_CONF cors allowed_origin "http://$SERVICE_HOST"
|
|
fi
|
|
|
|
# We need to tell glance what it's public endpoint is so that the version
|
|
# discovery document will be correct
|
|
iniset $GLANCE_API_CONF DEFAULT public_endpoint $GLANCE_URL
|
|
|
|
if is_service_enabled tls-proxy; then
|
|
iniset $GLANCE_API_CONF DEFAULT bind_port $GLANCE_SERVICE_PORT_INT
|
|
iniset $GLANCE_API_CONF keystone_authtoken identity_uri $KEYSTONE_SERVICE_URI
|
|
iniset $GLANCE_API_CONF keystone_authtoken memcached_servers "mcrouter-memcached-glance:11211"
|
|
fi
|
|
|
|
# Format logging
|
|
setup_logging $GLANCE_API_CONF
|
|
|
|
cp -p $GLANCE_DIR/etc/glance-api-paste.ini $GLANCE_API_PASTE_INI
|
|
|
|
# Set default configuration options for the glance-image-import
|
|
iniset $GLANCE_IMAGE_IMPORT_CONF image_import_opts image_import_plugins []
|
|
iniset $GLANCE_IMAGE_IMPORT_CONF inject_metadata_properties ignore_user_roles admin
|
|
iniset $GLANCE_IMAGE_IMPORT_CONF inject_metadata_properties inject
|
|
|
|
cp -p $GLANCE_DIR/etc/schema-image.json $GLANCE_SCHEMA_JSON
|
|
|
|
cp -p $GLANCE_DIR/etc/metadefs/*.json $GLANCE_METADEF_DIR
|
|
|
|
if is_service_enabled tls-proxy; then
|
|
CINDER_SERVICE_HOST=${CINDER_SERVICE_HOST:-$SERVICE_HOST}
|
|
CINDER_SERVICE_PORT=${CINDER_SERVICE_PORT:-8776}
|
|
|
|
iniset $GLANCE_API_CONF DEFAULT cinder_endpoint_template "https://$CINDER_SERVICE_HOST:$CINDER_SERVICE_PORT/v3/%(project_id)s"
|
|
fi
|
|
|
|
if [[ "$GLANCE_STANDALONE" == False ]]; then
|
|
write_local_uwsgi_http_config "$GLANCE_UWSGI_CONF" "$GLANCE_UWSGI" "/image"
|
|
else
|
|
write_local_proxy_http_config glance "http://$GLANCE_SERVICE_HOST:$GLANCE_SERVICE_PORT_INT" "/image"
|
|
iniset $GLANCE_API_CONF DEFAULT bind_host $GLANCE_SERVICE_LISTEN_ADDRESS
|
|
iniset $GLANCE_API_CONF DEFAULT bind_port $GLANCE_SERVICE_PORT_INT
|
|
iniset $GLANCE_API_CONF DEFAULT workers "$API_WORKERS"
|
|
fi
|
|
}
|
|
|
|
# create_glance_accounts() - Set up common required glance accounts
|
|
function create_glance_accounts {
|
|
echo noop
|
|
}
|
|
export -f create_glance_accounts
|
|
|
|
# init_glance()
|
|
function init_glance {
|
|
# Delete existing images
|
|
rm -rf $GLANCE_IMAGE_DIR
|
|
mkdir -p $GLANCE_IMAGE_DIR
|
|
|
|
# NOTE: Permissions here are bad but it's temporary so we don't care as much.
|
|
sudo chmod -Rv 777 $DATA_DIR/glance
|
|
}
|
|
export -f init_glance
|
|
|
|
# install_glance() - Collect source and prepare
|
|
function install_glance {
|
|
echo noop
|
|
}
|
|
export -f install_glance
|
|
|
|
# start_glance() - Start running processes
|
|
function start_glance {
|
|
|
|
kubernetes_rollout_restart daemonset/glance
|
|
kubernetes_rollout_status daemonset/glance
|
|
|
|
run_process g-reg "$GLANCE_BIN_DIR/glance-registry --config-file=$GLANCE_CONF_DIR/glance-registry.conf"
|
|
|
|
echo "Waiting for g-api ($GLANCE_SERVICE_HOST) to start..."
|
|
|
|
proxy_pass_to_kubernetes /image glance glance-wsgi-api
|
|
}
|
|
export -f start_glance
|
|
|
|
# Tell emacs to use shell-script-mode
|
|
## Local variables:
|
|
## mode: shell-script
|
|
## End:
|