Cinder role for OpenStack-Ansible

This Ansible role installs and configures OpenStack cinder.

The following cinder services are managed by the role:
  • cinder-api
  • cinder-volume
  • cinder-scheduler

By default, cinder API v1 and v2 are both enabled.

Default variables

# Set the package install state for distribution packages
# Options are 'present' and 'latest'
cinder_package_state: "latest"

cinder_git_repo: https://git.openstack.org/openstack/cinder
cinder_git_install_branch: stable/newton
cinder_developer_mode: false
cinder_developer_constraints:
  - "git+{{ cinder_git_repo }}@{{ cinder_git_install_branch }}#egg=cinder"

# Name of the virtual env to deploy into
cinder_venv_tag: untagged
cinder_bin: "/openstack/venvs/cinder-{{ cinder_venv_tag }}/bin"

cinder_venv_download_url: http://127.0.0.1/venvs/untagged/ubuntu/cinder.tgz

# Enable/Disable Ceilometer
cinder_ceilometer_enabled: False

cinder_storage_availability_zone: nova
cinder_default_availability_zone: "{{ cinder_storage_availability_zone }}"

cinder_storage_address: 127.0.0.1
cinder_management_address: 127.0.0.1

cinder_nova_catalog_info: compute:nova:internalURL
cinder_nova_catalog_admin_info: compute:nova:adminURL

cinder_fatal_deprecations: False

## DB
cinder_galera_user: cinder
cinder_galera_database: cinder

## RabbitMQ info

## Configuration for RPC communications
cinder_rabbitmq_userid: cinder
cinder_rabbitmq_vhost: /cinder
cinder_rabbitmq_port: 5672
cinder_rabbitmq_servers: 127.0.0.1
cinder_rabbitmq_use_ssl: False

## Configuration for notifications communication, i.e. [oslo_messaging_notifications]
cinder_rabbitmq_telemetry_userid: "{{ cinder_rabbitmq_userid }}"
cinder_rabbitmq_telemetry_password: "{{ cinder_rabbitmq_password }}"
cinder_rabbitmq_telemetry_vhost: "{{ cinder_rabbitmq_vhost }}"
cinder_rabbitmq_telemetry_port: "{{ cinder_rabbitmq_port }}"
cinder_rabbitmq_telemetry_servers: "{{ cinder_rabbitmq_servers }}"
cinder_rabbitmq_telemetry_use_ssl: "{{ cinder_rabbitmq_use_ssl }}"

## Cinder User / Group
cinder_system_user_name: cinder
cinder_system_group_name: cinder
cinder_system_comment: cinder system user
cinder_system_shell: /bin/false
cinder_system_home_folder: "/var/lib/{{ cinder_system_user_name }}"

cinder_lock_path: /var/lock/cinder

## Cinder Auth
cinder_service_admin_tenant_name: "service"
cinder_service_admin_username: "cinder"

## Cinder API's enabled
cinder_enable_v1_api: true
cinder_enable_v2_api: true
cinder_enable_v3_api: true

## Cinder api service type and data
cinder_service_name: cinder
cinder_service_project_domain_id: default
cinder_service_user_domain_id: default
cinder_service_user_name: cinder
cinder_service_project_name: service
cinder_service_role_name: admin
cinder_service_region: RegionOne
cinder_service_description: "Cinder Volume Service"
cinder_service_port: 8776
cinder_service_proto: http
cinder_service_publicuri_proto: "{{ openstack_service_publicuri_proto | default(cinder_service_proto) }}"
cinder_service_adminuri_proto: "{{ openstack_service_adminuri_proto | default(cinder_service_proto) }}"
cinder_service_internaluri_proto: "{{ openstack_service_internaluri_proto | default(cinder_service_proto) }}"
cinder_service_type: volume
cinder_service_publicuri: "{{ cinder_service_publicuri_proto }}://{{ external_lb_vip_address }}:{{ cinder_service_port }}"
cinder_service_publicurl: "{{ cinder_service_publicuri }}/v1/%(tenant_id)s"
cinder_service_adminuri: "{{ cinder_service_adminuri_proto }}://{{ internal_lb_vip_address }}:{{ cinder_service_port }}"
cinder_service_adminurl: "{{ cinder_service_adminuri }}/v1/%(tenant_id)s"
cinder_service_internaluri: "{{ cinder_service_internaluri_proto }}://{{ internal_lb_vip_address }}:{{ cinder_service_port }}"
cinder_service_internalurl: "{{ cinder_service_internaluri }}/v1/%(tenant_id)s"

cinder_service_v2_name: cinderv2
cinder_service_v2_port: 8776
cinder_service_v2_proto: http
cinder_service_v2_type: volumev2
cinder_service_v2_description: "Cinder Volume Service V2"
cinder_service_v2_publicuri: "{{ cinder_service_publicuri_proto }}://{{ external_lb_vip_address }}:{{ cinder_service_port }}"
cinder_service_v2_publicurl: "{{ cinder_service_publicuri }}/v2/%(tenant_id)s"
cinder_service_v2_adminuri: "{{ cinder_service_adminuri_proto }}://{{ internal_lb_vip_address }}:{{ cinder_service_port }}"
cinder_service_v2_adminurl: "{{ cinder_service_adminuri }}/v2/%(tenant_id)s"
cinder_service_v2_internaluri: "{{ cinder_service_internaluri_proto }}://{{ internal_lb_vip_address }}:{{ cinder_service_port }}"
cinder_service_v2_internalurl: "{{ cinder_service_internaluri }}/v2/%(tenant_id)s"

cinder_service_v3_name: cinderv3
cinder_service_v3_port: 8776
cinder_service_v3_proto: http
cinder_service_v3_type: volumev3
cinder_service_v3_description: "Cinder Volume Service V3"
cinder_service_v3_publicuri: "{{ cinder_service_publicuri_proto }}://{{ external_lb_vip_address }}:{{ cinder_service_port }}"
cinder_service_v3_publicurl: "{{ cinder_service_publicuri }}/v3/%(tenant_id)s"
cinder_service_v3_adminuri: "{{ cinder_service_adminuri_proto }}://{{ internal_lb_vip_address }}:{{ cinder_service_port }}"
cinder_service_v3_adminurl: "{{ cinder_service_adminuri }}/v3/%(tenant_id)s"
cinder_service_v3_internaluri: "{{ cinder_service_internaluri_proto }}://{{ internal_lb_vip_address }}:{{ cinder_service_port }}"
cinder_service_v3_internalurl: "{{ cinder_service_internaluri }}/v3/%(tenant_id)s"

## Keystone authentication middleware
cinder_keystone_auth_plugin: password

## In order to enable the cinder backup you MUST set ``cinder_service_backup_program_enabled`` to "true"
cinder_service_backup_program_enabled: false
# cinder_service_backup_driver: Options include 'cinder.backup.drivers.swift' or
#                               'cinder.backup.drivers.ceph'
cinder_service_backup_driver: cinder.backup.drivers.swift
# cinder_service_backup_swift_auth: Options include 'per_user' or 'single_user', we default to
#                                   'per_user' so that backups are saved to a user's swift account.
cinder_service_backup_swift_auth: per_user
# cinder_service_backup_swift_url: This is your swift storage url when using 'per_user', or keystone
#                                  endpoint when using 'single_user'.  When using 'per_user', you
#                                  can leave this as empty or as None to allow cinder-backup to
#                                  obtain storage url from environment.
cinder_service_backup_swift_url:
cinder_service_backup_swift_auth_version: 2
cinder_service_backup_swift_user:
cinder_service_backup_swift_tenant:
cinder_service_backup_swift_key:
cinder_service_backup_swift_container: volumebackups
cinder_service_backup_swift_object_size: 52428800
cinder_service_backup_swift_retry_attempts: 3
cinder_service_backup_swift_retry_backoff: 2
cinder_service_backup_ceph_user: cinder-backup
cinder_service_backup_ceph_pool: backups
cinder_service_backup_compression_algorithm: zlib
cinder_service_backup_metadata_version: 2

cinder_swift_catalog_info: "object-store:swift:internalURL"

# If ``cinder_osapi_volume_workers`` is unset the system will use half the number of
# available VCPUS to compute the number of api workers to use.
# cinder_osapi_volume_workers: 16

## Cinder iscsi
cinder_iscsi_helper: tgtadm
cinder_iscsi_iotype: fileio
cinder_iscsi_num_targets: 100
cinder_iscsi_port: 3260

## Cinder RPC
cinder_rpc_backend: rabbit
cinder_rpc_executor_thread_pool_size: 64
cinder_rpc_response_timeout: 60

# (StrOpt) Method used to wipe old volumes (valid options are: none, zero,
# shred)
cinder_volume_clear: shred
# (StrOpt) The flag to pass to ionice to alter the i/o priority of the process
# used to zero a volume after deletion, for example "-c3" for idle only
# priority.
cinder_volume_clear_ionice: -c3

# (IntOpt) Size in MiB to wipe at start of old volumes. 0 => all
cinder_volume_clear_size: 0

cinder_volume_name_template: volume-%s

# osprofiler
cinder_profiler_enabled: false
# cinder_profiler_hmac_key is set in user_secrets.yml
cinder_profiler_trace_sqlalchemy: false

cinder_client_socket_timeout: 900

## Cinder quota
cinder_quota_volumes: 10
cinder_quota_snapshots: 10
cinder_quota_consistencygroups: 10
cinder_quota_gigabytes: 1000
cinder_quota_backups: 10
cinder_quota_backup_gigabytes: 1000

## General configuration
# cinder_backends:
#   lvm:
#     volume_group: cinder-volumes
#     volume_driver: cinder.volume.drivers.lvm.LVMVolumeDriver
#     volume_backend_name: LVM_iSCSI
#     extra_volume_types:
#       - lvm_high_iops
#       - lvm_low_iops

# cinder_backend_lvm_inuse: True if current host has an lvm backend
cinder_backend_lvm_inuse: '{{ (cinder_backends|default("")|to_json).find("lvm") != -1 }}'

## Policy vars
# Provide a list of access controls to update the default policy.json with. These changes will be merged
# with the access controls in the default policy.json. E.g.
#cinder_policy_overrides:
#  "volume:create": ""
#  "volume:delete": ""

# Comma separated list of Glance API servers
# cinder_glance_api_servers:

cinder_glance_api_version: 1

cinder_service_in_ldap: false

# Cinder packages that must be installed before anything else
cinder_requires_pip_packages:
  - virtualenv
  - virtualenv-tools
  - python-keystoneclient # Keystoneclient needed by the keystone Ansible module
  - httplib2

# Common pip packages
cinder_pip_packages:
  - cinder
  - ecdsa
  - httplib2
  - keystonemiddleware
  - PyMySQL
  - python-memcached
  - pycrypto
  - python-cinderclient
  - python-keystoneclient

## Service Name-Group Mapping
cinder_services:
  cinder-api:
    group: cinder_api
    service_name: cinder-api
  cinder-scheduler:
    group: cinder_scheduler
    service_name: cinder-scheduler
  cinder-volume:
    group: cinder_volume
    service_name: cinder-volume
  cinder-backup:
    group: cinder_backup
    service_name: cinder-backup
    condition: "{{ cinder_service_backup_program_enabled | bool }}"

# This variable is used by the repo_build process to determine
# which host group to check for members of before building the
# pip packages required by this role. The value is picked up
# by the py_pkgs lookup.
cinder_role_project_group: cinder_all

# Define the following dictionary variable to enable qos settings on volumes.
# cinder_qos_specs
# - name: high-iops
#   options:
#     consumer: front-end
#     read_iops_sec: 2000
#     write_iops_sec: 2000
#   cinder_volume_types:
#     - volumes-1
#     - volumes-2
# - name: low-iops
#   options:
#     consumer: front-end
#     write_iops_sec: 100

## Tunable overrides
cinder_policy_overrides: {}
cinder_rootwrap_conf_overrides: {}
cinder_api_paste_ini_overrides: {}
cinder_cinder_conf_overrides: {}

# Timeout (in seconds) for cinder to wait between SIGTERM and SIGKILL
# Applies to TimeoutSec in systemd, affecting start and stop times.
# 'sigkill_timeout' is a global option should one desired.
cinder_sigkill_timeout: 120

# Number of seconds to wait before restarting the service
cinder_restart_wait: 5

_UUID_regex: "[0-9a-f]{8}-([0-9a-f]{4}-){3}[0-9a-f]{12}"

Required variables

This list is not exhaustive at present. See role internals for further details.

# Comma separated list of Glance API servers
cinder_glance_api_servers: "http://glance_server:9292"

# Hostname or IP address of the Galera database
cinder_galera_address: "1.2.3.4"

Example playbook

- name: Installation and setup of cinder
  hosts: cinder_all
  user: root
  roles:
    - { role: "os_cinder", tags: [ "os-cinder" ] }
  vars:
    cinder_glance_api_servers: "http://glance_server:9292"
    cinder_galera_address: "{{ internal_lb_vip_address }}"

Tags

This role supports two tags: cinder-install and cinder-config

The cinder-install tag can be used to install and upgrade.

The cinder-config tag can be used to maintain configuration of the service.

Table Of Contents

Next topic

Configuring the Block (cinder) storage service (optional)

Project Source

This Page