!8 Update swift service config file content

From: @xiyuanwang Reviewed-by: @huangtianhua Signed-off-by: @huangtianhua
2021-08-30 06:36:40 +00:00 · 2021-08-30 06:36:40 +00:00 · 56bbce7a61
commit 56bbce7a61
parent e0368132f4 29c08383b0
6 changed files with 78 additions and 110 deletions
--- a/account-server.conf
+++ b/account-server.conf
@ -1,24 +1,21 @@
 [DEFAULT]
-
-# Make sure your swift-ring-builder arguments match the bind_ip and bind_port.
-# You almost certainly do not want to listen just on loopback unless testing.
-# However, you want to keep port 6202 if SElinux is enabled.
 bind_ip = 127.0.0.1
 bind_port = 6202
-
 workers = 2
+user = swift
+swift_dir = /etc/swift
+devices = /srv/node
+mount_check = True

 [pipeline:main]
-pipeline = recon account-server
+pipeline = healthcheck recon account-server
+
+[filter:healthcheck]
+use = egg:swift#healthcheck

 [filter:recon]
 use = egg:swift#recon
+recon_cache_path = /var/cache/swift

 [app:account-server]
 use = egg:swift#account
-
-[account-replicator]
-
-[account-auditor]
-
-[account-reaper]
--- a/container-server.conf
+++ b/container-server.conf
@ -1,29 +1,21 @@
 [DEFAULT]
-
-# Make sure your swift-ring-builder arguments match the bind_ip and bind_port.
-# You almost certainly do not want to listen just on loopback unless testing.
-# However, you want to keep port 6201 if SElinux is enabled.
 bind_ip = 127.0.0.1
 bind_port = 6201
-
 workers = 2
+user = swift
+swift_dir = /etc/swift
+devices = /srv/node
+mount_check = True

 [pipeline:main]
-pipeline = recon container-server
+pipeline = healthcheck recon container-server
+
+[filter:healthcheck]
+use = egg:swift#healthcheck

 [filter:recon]
 use = egg:swift#recon
+recon_cache_path = /var/cache/swift

 [app:container-server]
 use = egg:swift#container
-
-[container-replicator]
-
-[container-updater]
-
-[container-auditor]
-
-[container-sync]
-
-[container-sharder]
-
--- a/object-server.conf
+++ b/object-server.conf
@ -1,26 +1,22 @@
 [DEFAULT]
-
-# Make sure your swift-ring-builder arguments match the bind_ip and bind_port.
-# You almost certainly do not want to listen just on loopback unless testing.
-# However, you want to keep port 6200 if SElinux is enabled.
 bind_ip = 127.0.0.1
 bind_port = 6200
-
-workers = 3
+workers = 2
+user = swift
+swift_dir = /etc/swift
+devices = /srv/node
+mount_check = True

 [pipeline:main]
-pipeline = recon object-server
+pipeline = healthcheck recon object-server
+
+[filter:healthcheck]
+use = egg:swift#healthcheck

 [filter:recon]
 use = egg:swift#recon
+recon_cache_path = /var/cache/swift
+recon_lock_path = /var/lock

 [app:object-server]
 use = egg:swift#object
-
-[object-replicator]
-
-[object-updater]
-
-[object-auditor]
-
-[object-reconstructor]
--- a/openstack-swift.spec
+++ b/openstack-swift.spec
@ -16,7 +16,7 @@ expensive equipment.

 Name:             openstack-swift
 Version:          2.27.0
-Release:          4
+Release:          5
 Summary:          OpenStack Object Storage
 License:          ASL 2.0
 URL:              https://docs.openstack.org/swift/latest/
@ -580,6 +580,9 @@ exit 0
 %endif

 %changelog
+* Mon Aug 30 2021 wangixyuan <wangxiyuan1007@gmail.com> - 2.27.0-5
+- Update swift service config file content.
+
 * Tue Aug 24 2021 wangxiyuan <wangxiyuan1007@gmail.com> - 2.27.0-4
 - Nit Fix

--- a/proxy-server.conf
+++ b/proxy-server.conf
@ -1,66 +1,58 @@
 [DEFAULT]
 bind_port = 8080
-workers = 8
+workers = 2
 user = swift
+swift_dir = /etc/swift

 [pipeline:main]
-# Our traditional pipeline produces a cluster without any authentication,
-# open to access by any client. This is almost always a very bad idea, and
-# it's overridden by OSP Director, so it is likely to go away some time
-# after Newton.
-pipeline = catch_errors gatekeeper healthcheck proxy-logging cache container_sync bulk tempurl ratelimit copy container-quotas account-quotas slo dlo versioned_writes proxy-logging proxy-server
-
-# This sample pipeline uses tempauth and is used for SAIO dev work and
-# testing. See below for a pipeline using keystone.
-#pipeline = catch_errors gatekeeper healthcheck proxy-logging cache container_sync bulk tempurl ratelimit tempauth copy container-quotas account-quotas slo dlo versioned_writes proxy-logging proxy-server
-
-# The following pipeline shows keystone integration. Comment out the one
-# above and uncomment this one. Additional steps for integrating keystone are
-# covered further below in the filter sections for authtoken and keystoneauth.
-#pipeline = catch_errors gatekeeper healthcheck proxy-logging cache container_sync bulk tempurl ratelimit authtoken keystone copy container-quotas account-quotas slo dlo versioned_writes proxy-logging proxy-server
+pipeline = catch_errors gatekeeper healthcheck proxy-logging cache container_sync bulk ratelimit authtoken keystoneauth container-quotas account-quotas slo dlo versioned_writes proxy-logging proxy-server

 [app:proxy-server]
 use = egg:swift#proxy
-allow_account_management = true
-account_autocreate = true
-
-# This is a sample used for functional tests in SAIO. Contains well-known
-# passwords.
-#[filter:tempauth]
-#use = egg:swift#tempauth
-#user_admin_admin = admin .admin .reseller_admin
-#user_test_tester = testing .admin
-#user_test2_tester2 = testing2 .admin
-#user_test_tester3 = testing3
-#user_test5_tester5 = testing5 service
-
-[filter:healthcheck]
-use = egg:swift#healthcheck
-
-[filter:cache]
-use = egg:swift#memcache
-memcache_servers = 127.0.0.1:11211
-
-[filter:ratelimit]
-use = egg:swift#ratelimit
+account_autocreate = True

 [filter:catch_errors]
 use = egg:swift#catch_errors

-[filter:tempurl]
-use = egg:swift#tempurl
+[filter:gatekeeper]
+use = egg:swift#gatekeeper
+
+[filter:healthcheck]
+use = egg:swift#healthcheck

 [filter:proxy-logging]
 use = egg:swift#proxy_logging

+[filter:cache]
+use = egg:swift#memcache
+memcache_servers = controller:11211
+
+[filter:container_sync]
+use = egg:swift#container_sync
+
 [filter:bulk]
 use = egg:swift#bulk

-[filter:slo]
-use = egg:swift#slo
+[filter:ratelimit]
+use = egg:swift#ratelimit

-[filter:dlo]
-use = egg:swift#dlo
+[filter:authtoken]
+paste.filter_factory = keystonemiddleware.auth_token:filter_factory
+www_authenticate_uri = http://controller:5000
+auth_url = http://controller:5000
+memcached_servers = controller:11211
+auth_type = password
+project_domain_id = default
+user_domain_id = default
+project_name = service
+username = swift
+# 根据用户创建的keystoneswift用户，自行修改密码
+password = swift
+delay_auth_decision = True
+
+[filter:keystoneauth]
+use = egg:swift#keystoneauth
+operator_roles = admin,user

 [filter:container-quotas]
 use = egg:swift#container_quotas
@ -68,28 +60,11 @@ use = egg:swift#container_quotas
 [filter:account-quotas]
 use = egg:swift#account_quotas

-[filter:gatekeeper]
-use = egg:swift#gatekeeper
+[filter:slo]
+use = egg:swift#slo

-[filter:container_sync]
-use = egg:swift#container_sync
+[filter:dlo]
+use = egg:swift#dlo

 [filter:versioned_writes]
 use = egg:swift#versioned_writes
-
-[filter:copy]
-use = egg:swift#copy
-object_post_as_copy = false
-
-[filter:keystone]
-use = egg:swift#keystoneauth
-operator_roles = admin, SwiftOperator
-cache = swift.cache
-
-[filter:authtoken]
-paste.filter_factory = keystonemiddleware.auth_token:filter_factory
-project_name = %SERVICE_TENANT_NAME%
-username = %SERVICE_USER%
-password = %SERVICE_PASSWORD%
-auth_url = http://127.0.0.1:5000
-signing_dir = /tmp/keystone-signing-swift
--- a/swift.conf
+++ b/swift.conf
@ -1,2 +1,7 @@
 [swift-hash]
-swift_hash_path_suffix = %SWIFT_HASH_PATH_SUFFIX%
+swift_hash_path_suffix = test-hash
+swift_hash_path_prefix = test-hash
+
+[storage-policy:0]
+name = Policy-0
+default = yes