OpenStack RDO + S3

Packstack(RDO) installation "sync db timeout" issue

version:

openstack-packstack-13.0.0-0.1.0rc1.el7.noarch
openstack-packstack-puppet-13.0.0-0.1.0rc1.el7.noarch

add timeout => 0, into /usr/share/openstack-puppet/modules/module/manifests/db/sync.pp, or set $db_sync_timeout = 300 to $db_sync_timeout = 0

For example:

# vim /usr/share/openstack-puppet/modules/nova/manifests/db/sync.pp
class nova::db::sync(
  $extra_params    = undef,
  $db_sync_timeout = 0,
)

Create ec2 credentials

# source keystonerc_admin
# openstack ec2 credentials create --project demo --user demo

swfit s3api configuration (openstack-rocky)

Set s3api before your auth in your pipeline in proxy-server.conf file. To enable all compatibility currently supported, you should make sure that bulk, slo, and your auth middleware are also included in your proxy pipeline setting.

[pipeline:main]
# Our traditional pipeline produces a cluster without any authentication,
# open to access by any client. This is almost always a very bad idea, and
# it's overridden by OSP Director, so it is likely to go away some time
# after Newton.
pipeline = catch_errors bulk healthcheck cache authtoken s3api s3token crossdomain ratelimit keystone formpost staticweb tempurl slo account_quotas container_quotas proxy-server


[filter:s3api]
use = egg:swift#s3api

[filter:s3token]
# s3token middleware authenticates with keystone using the s3 credentials
# provided in the request header. Please put s3token between s3api
# and keystoneauth if you're using keystoneauth.
use = egg:swift#s3token

# Prefix that will be prepended to the tenant to form the account
reseller_prefix = AUTH_

# By default, s3token will reject all invalid S3-style requests. Set this to
# True to delegate that decision to downstream WSGI components. This may be
# useful if there are multiple auth systems in the proxy pipeline.
delay_auth_decision = True

# Keystone server details. Note that this differs from how swift3 was
# configured: in particular, the Keystone API version must be included.
auth_uri = http://keystonehost:35357/v3

swfit s3api configuration (openstack-stein)

[pipeline:main]
# Our traditional pipeline produces a cluster without any authentication,
# open to access by any client. This is almost always a very bad idea, and
# it's overridden by OSP Director, so it is likely to go away some time
# after Newton.
pipeline = catch_errors bulk healthcheck cache authtoken s3api s3token crossdomain ratelimit keystone formpost staticweb tempurl slo account_quotas container_quotas proxy-server


[filter:s3api]
use = egg:swift#s3api

[filter:s3token]
# s3token middleware authenticates with keystone using the s3 credentials
# provided in the request header. Please put s3token between s3api
# and keystoneauth if you're using keystoneauth.
use = egg:swift#s3token

# Prefix that will be prepended to the tenant to form the account
reseller_prefix = AUTH_

# By default, s3token will reject all invalid S3-style requests. Set this to
# True to delegate that decision to downstream WSGI components. This may be
# useful if there are multiple auth systems in the proxy pipeline.
delay_auth_decision = True

# Keystone server details. Note that this differs from how swift3 was
# configured: in particular, the Keystone API version must be included.
auth_uri = http://keystonehost:5000/v3

How to increse size of swiftloopback?

# backup first
cp -a /srv/node/swiftloopback /srv/node/swiftloopback.bak
umount /srv/node/swiftloopback
systemctl list-unit-files | grep enabled|grep swift|awk '{print $1}'|while read service;do systemctl stop $service; done
# add xxx M
dd if=/dev/zero bs=1MiB of=/srv/loopback-device/swiftloopback conv=notrunc oflag=append count=xxx
e2fsck -f /srv/loopback-device/swiftloopback
resize2fs /srv/loopback-device/swiftloopback
mount -a
systemctl list-unit-files | grep enabled|grep swift|awk '{print $1}'|while read service;do systemctl restart $service; done

• https://github.com/openstack/swift/blob/master/etc/proxy-server.conf-sample
• https://docs.openstack.org/swift/latest/middleware.html
• https://docs.openstack.org/python-openstackclient/pike/cli/command-objects/ec2-credentials.html
• https://askubuntu.com/questions/795226/how-to-list-all-enabled-services-from-systemctl
• https://askubuntu.com/questions/260620/resize-dev-loop0-and-increase-space