diff --git a/account-server.conf b/account-server.conf index ff18157ffb03abe10b6b2253038ad2097f8ead18..ab78395db7d2cad6687ca5277ab2300cf98e7581 100644 --- a/account-server.conf +++ b/account-server.conf @@ -1,24 +1,21 @@ [DEFAULT] - -# Make sure your swift-ring-builder arguments match the bind_ip and bind_port. -# You almost certainly do not want to listen just on loopback unless testing. -# However, you want to keep port 6202 if SElinux is enabled. bind_ip = 127.0.0.1 bind_port = 6202 - workers = 2 +user = swift +swift_dir = /etc/swift +devices = /srv/node +mount_check = True [pipeline:main] -pipeline = recon account-server +pipeline = healthcheck recon account-server + +[filter:healthcheck] +use = egg:swift#healthcheck [filter:recon] use = egg:swift#recon +recon_cache_path = /var/cache/swift [app:account-server] use = egg:swift#account - -[account-replicator] - -[account-auditor] - -[account-reaper] diff --git a/container-server.conf b/container-server.conf index b3abcaf2c1c47a37eff005e338af3c7a1c55eb8d..c64e153bce543a692ee062d7ffa42cbde861ebb6 100644 --- a/container-server.conf +++ b/container-server.conf @@ -1,29 +1,21 @@ [DEFAULT] - -# Make sure your swift-ring-builder arguments match the bind_ip and bind_port. -# You almost certainly do not want to listen just on loopback unless testing. -# However, you want to keep port 6201 if SElinux is enabled. bind_ip = 127.0.0.1 bind_port = 6201 - workers = 2 +user = swift +swift_dir = /etc/swift +devices = /srv/node +mount_check = True [pipeline:main] -pipeline = recon container-server +pipeline = healthcheck recon container-server + +[filter:healthcheck] +use = egg:swift#healthcheck [filter:recon] use = egg:swift#recon +recon_cache_path = /var/cache/swift [app:container-server] use = egg:swift#container - -[container-replicator] - -[container-updater] - -[container-auditor] - -[container-sync] - -[container-sharder] - diff --git a/object-server.conf b/object-server.conf index fd41c62772565471579de1cffd6a971c77253d93..74912b3293986dbb54f7e5fe6b479cf7d8f1325e 100644 --- a/object-server.conf +++ b/object-server.conf @@ -1,26 +1,22 @@ [DEFAULT] - -# Make sure your swift-ring-builder arguments match the bind_ip and bind_port. -# You almost certainly do not want to listen just on loopback unless testing. -# However, you want to keep port 6200 if SElinux is enabled. bind_ip = 127.0.0.1 bind_port = 6200 - -workers = 3 +workers = 2 +user = swift +swift_dir = /etc/swift +devices = /srv/node +mount_check = True [pipeline:main] -pipeline = recon object-server +pipeline = healthcheck recon object-server + +[filter:healthcheck] +use = egg:swift#healthcheck [filter:recon] use = egg:swift#recon +recon_cache_path = /var/cache/swift +recon_lock_path = /var/lock [app:object-server] use = egg:swift#object - -[object-replicator] - -[object-updater] - -[object-auditor] - -[object-reconstructor] diff --git a/openstack-swift.spec b/openstack-swift.spec index 4c36a409f4a4af47328709e260133e6fc9780008..44f081e0205ecf71fffef3816909f09a7cd621da 100644 --- a/openstack-swift.spec +++ b/openstack-swift.spec @@ -16,7 +16,7 @@ expensive equipment. Name: openstack-swift Version: 2.27.0 -Release: 4 +Release: 5 Summary: OpenStack Object Storage License: ASL 2.0 URL: https://docs.openstack.org/swift/latest/ @@ -580,6 +580,9 @@ exit 0 %endif %changelog +* Mon Aug 30 2021 wangixyuan - 2.27.0-5 +- Update swift service config file content. + * Tue Aug 24 2021 wangxiyuan - 2.27.0-4 - Nit Fix diff --git a/proxy-server.conf b/proxy-server.conf index 5aeeef90e93334b28261694d7fb175f7d0e3ef7d..1085cab05607c5c7636b3e9adb93c6dcf0732b40 100644 --- a/proxy-server.conf +++ b/proxy-server.conf @@ -1,66 +1,58 @@ [DEFAULT] bind_port = 8080 -workers = 8 +workers = 2 user = swift +swift_dir = /etc/swift [pipeline:main] -# Our traditional pipeline produces a cluster without any authentication, -# open to access by any client. This is almost always a very bad idea, and -# it's overridden by OSP Director, so it is likely to go away some time -# after Newton. -pipeline = catch_errors gatekeeper healthcheck proxy-logging cache container_sync bulk tempurl ratelimit copy container-quotas account-quotas slo dlo versioned_writes proxy-logging proxy-server - -# This sample pipeline uses tempauth and is used for SAIO dev work and -# testing. See below for a pipeline using keystone. -#pipeline = catch_errors gatekeeper healthcheck proxy-logging cache container_sync bulk tempurl ratelimit tempauth copy container-quotas account-quotas slo dlo versioned_writes proxy-logging proxy-server - -# The following pipeline shows keystone integration. Comment out the one -# above and uncomment this one. Additional steps for integrating keystone are -# covered further below in the filter sections for authtoken and keystoneauth. -#pipeline = catch_errors gatekeeper healthcheck proxy-logging cache container_sync bulk tempurl ratelimit authtoken keystone copy container-quotas account-quotas slo dlo versioned_writes proxy-logging proxy-server +pipeline = catch_errors gatekeeper healthcheck proxy-logging cache container_sync bulk ratelimit authtoken keystoneauth container-quotas account-quotas slo dlo versioned_writes proxy-logging proxy-server [app:proxy-server] use = egg:swift#proxy -allow_account_management = true -account_autocreate = true - -# This is a sample used for functional tests in SAIO. Contains well-known -# passwords. -#[filter:tempauth] -#use = egg:swift#tempauth -#user_admin_admin = admin .admin .reseller_admin -#user_test_tester = testing .admin -#user_test2_tester2 = testing2 .admin -#user_test_tester3 = testing3 -#user_test5_tester5 = testing5 service - -[filter:healthcheck] -use = egg:swift#healthcheck - -[filter:cache] -use = egg:swift#memcache -memcache_servers = 127.0.0.1:11211 - -[filter:ratelimit] -use = egg:swift#ratelimit +account_autocreate = True [filter:catch_errors] use = egg:swift#catch_errors -[filter:tempurl] -use = egg:swift#tempurl +[filter:gatekeeper] +use = egg:swift#gatekeeper + +[filter:healthcheck] +use = egg:swift#healthcheck [filter:proxy-logging] use = egg:swift#proxy_logging +[filter:cache] +use = egg:swift#memcache +memcache_servers = controller:11211 + +[filter:container_sync] +use = egg:swift#container_sync + [filter:bulk] use = egg:swift#bulk -[filter:slo] -use = egg:swift#slo +[filter:ratelimit] +use = egg:swift#ratelimit -[filter:dlo] -use = egg:swift#dlo +[filter:authtoken] +paste.filter_factory = keystonemiddleware.auth_token:filter_factory +www_authenticate_uri = http://controller:5000 +auth_url = http://controller:5000 +memcached_servers = controller:11211 +auth_type = password +project_domain_id = default +user_domain_id = default +project_name = service +username = swift +# 根据用户创建的keystoneswift用户,自行修改密码 +password = swift +delay_auth_decision = True + +[filter:keystoneauth] +use = egg:swift#keystoneauth +operator_roles = admin,user [filter:container-quotas] use = egg:swift#container_quotas @@ -68,28 +60,11 @@ use = egg:swift#container_quotas [filter:account-quotas] use = egg:swift#account_quotas -[filter:gatekeeper] -use = egg:swift#gatekeeper +[filter:slo] +use = egg:swift#slo -[filter:container_sync] -use = egg:swift#container_sync +[filter:dlo] +use = egg:swift#dlo [filter:versioned_writes] use = egg:swift#versioned_writes - -[filter:copy] -use = egg:swift#copy -object_post_as_copy = false - -[filter:keystone] -use = egg:swift#keystoneauth -operator_roles = admin, SwiftOperator -cache = swift.cache - -[filter:authtoken] -paste.filter_factory = keystonemiddleware.auth_token:filter_factory -project_name = %SERVICE_TENANT_NAME% -username = %SERVICE_USER% -password = %SERVICE_PASSWORD% -auth_url = http://127.0.0.1:5000 -signing_dir = /tmp/keystone-signing-swift diff --git a/swift.conf b/swift.conf index adbd96f7122bccad804c761a010f234fe3634ff4..e84efd61626e35d8aefe36ab928d60b7a30f6564 100644 --- a/swift.conf +++ b/swift.conf @@ -1,2 +1,7 @@ [swift-hash] -swift_hash_path_suffix = %SWIFT_HASH_PATH_SUFFIX% +swift_hash_path_suffix = test-hash +swift_hash_path_prefix = test-hash + +[storage-policy:0] +name = Policy-0 +default = yes