!8 Update swift service config file content

From: @xiyuanwang Reviewed-by: @huangtianhua Signed-off-by: @huangtianhua
2021-08-30 06:36:40 +00:00 · 2021-08-30 06:36:40 +00:00 · 56bbce7a61
commit 56bbce7a61
parent e0368132f4 29c08383b0
6 changed files with 78 additions and 110 deletions
--- a/account-server.conf
+++ b/account-server.conf
@ -1,24 +1,21 @@
 [DEFAULT]
 # Make sure your swift-ring-builder arguments match the bind_ip and bind_port.
 # You almost certainly do not want to listen just on loopback unless testing.
 # However, you want to keep port 6202 if SElinux is enabled.
 bind_ip = 127.0.0.1
 bind_port = 6202
 workers = 2
 user = swift
 swift_dir = /etc/swift
 devices = /srv/node
 mount_check = True
 [pipeline:main]
-pipeline = recon account-server
+pipeline = healthcheck recon account-server
 [filter:healthcheck]
 use = egg:swift#healthcheck
 [filter:recon]
 use = egg:swift#recon
 recon_cache_path = /var/cache/swift
 [app:account-server]
 use = egg:swift#account
 [account-replicator]
 [account-auditor]
 [account-reaper]
--- a/container-server.conf
+++ b/container-server.conf
@ -1,29 +1,21 @@
 [DEFAULT]
 # Make sure your swift-ring-builder arguments match the bind_ip and bind_port.
 # You almost certainly do not want to listen just on loopback unless testing.
 # However, you want to keep port 6201 if SElinux is enabled.
 bind_ip = 127.0.0.1
 bind_port = 6201
 workers = 2
 user = swift
 swift_dir = /etc/swift
 devices = /srv/node
 mount_check = True
 [pipeline:main]
-pipeline = recon container-server
+pipeline = healthcheck recon container-server
 [filter:healthcheck]
 use = egg:swift#healthcheck
 [filter:recon]
 use = egg:swift#recon
 recon_cache_path = /var/cache/swift
 [app:container-server]
 use = egg:swift#container
 [container-replicator]
 [container-updater]
 [container-auditor]
 [container-sync]
 [container-sharder]
--- a/object-server.conf
+++ b/object-server.conf
@ -1,26 +1,22 @@
 [DEFAULT]
 # Make sure your swift-ring-builder arguments match the bind_ip and bind_port.
 # You almost certainly do not want to listen just on loopback unless testing.
 # However, you want to keep port 6200 if SElinux is enabled.
 bind_ip = 127.0.0.1
 bind_port = 6200
-
+workers = 2
-workers = 3
+user = swift
 swift_dir = /etc/swift
 devices = /srv/node
 mount_check = True
 [pipeline:main]
-pipeline = recon object-server
+pipeline = healthcheck recon object-server
 [filter:healthcheck]
 use = egg:swift#healthcheck
 [filter:recon]
 use = egg:swift#recon
 recon_cache_path = /var/cache/swift
 recon_lock_path = /var/lock
 [app:object-server]
 use = egg:swift#object
 [object-replicator]
 [object-updater]
 [object-auditor]
 [object-reconstructor]
--- a/openstack-swift.spec
+++ b/openstack-swift.spec
@ -16,7 +16,7 @@ expensive equipment.
 Name:             openstack-swift
 Version:          2.27.0
-Release:          4
+Release:          5
 Summary:          OpenStack Object Storage
 License:          ASL 2.0
 URL:              https://docs.openstack.org/swift/latest/
@ -580,6 +580,9 @@ exit 0
 %endif
 %changelog
 * Mon Aug 30 2021 wangixyuan <wangxiyuan1007@gmail.com> - 2.27.0-5
 - Update swift service config file content.
 * Tue Aug 24 2021 wangxiyuan <wangxiyuan1007@gmail.com> - 2.27.0-4
 - Nit Fix
--- a/proxy-server.conf
+++ b/proxy-server.conf
@ -1,66 +1,58 @@
 [DEFAULT]
 bind_port = 8080
-workers = 8
+workers = 2
 user = swift
 swift_dir = /etc/swift
 [pipeline:main]
-# Our traditional pipeline produces a cluster without any authentication,
+pipeline = catch_errors gatekeeper healthcheck proxy-logging cache container_sync bulk ratelimit authtoken keystoneauth container-quotas account-quotas slo dlo versioned_writes proxy-logging proxy-server
 # open to access by any client. This is almost always a very bad idea, and
 # it's overridden by OSP Director, so it is likely to go away some time
 # after Newton.
 pipeline = catch_errors gatekeeper healthcheck proxy-logging cache container_sync bulk tempurl ratelimit copy container-quotas account-quotas slo dlo versioned_writes proxy-logging proxy-server
 # This sample pipeline uses tempauth and is used for SAIO dev work and
 # testing. See below for a pipeline using keystone.
 #pipeline = catch_errors gatekeeper healthcheck proxy-logging cache container_sync bulk tempurl ratelimit tempauth copy container-quotas account-quotas slo dlo versioned_writes proxy-logging proxy-server
 # The following pipeline shows keystone integration. Comment out the one
 # above and uncomment this one. Additional steps for integrating keystone are
 # covered further below in the filter sections for authtoken and keystoneauth.
 #pipeline = catch_errors gatekeeper healthcheck proxy-logging cache container_sync bulk tempurl ratelimit authtoken keystone copy container-quotas account-quotas slo dlo versioned_writes proxy-logging proxy-server
 [app:proxy-server]
 use = egg:swift#proxy
-allow_account_management = true
+account_autocreate = True
 account_autocreate = true
 # This is a sample used for functional tests in SAIO. Contains well-known
 # passwords.
 #[filter:tempauth]
 #use = egg:swift#tempauth
 #user_admin_admin = admin .admin .reseller_admin
 #user_test_tester = testing .admin
 #user_test2_tester2 = testing2 .admin
 #user_test_tester3 = testing3
 #user_test5_tester5 = testing5 service
 [filter:healthcheck]
 use = egg:swift#healthcheck
 [filter:cache]
 use = egg:swift#memcache
 memcache_servers = 127.0.0.1:11211
 [filter:ratelimit]
 use = egg:swift#ratelimit
 [filter:catch_errors]
 use = egg:swift#catch_errors
-[filter:tempurl]
+[filter:gatekeeper]
-use = egg:swift#tempurl
+use = egg:swift#gatekeeper
 [filter:healthcheck]
 use = egg:swift#healthcheck
 [filter:proxy-logging]
 use = egg:swift#proxy_logging
 [filter:cache]
 use = egg:swift#memcache
 memcache_servers = controller:11211
 [filter:container_sync]
 use = egg:swift#container_sync
 [filter:bulk]
 use = egg:swift#bulk
-[filter:slo]
+[filter:ratelimit]
-use = egg:swift#slo
+use = egg:swift#ratelimit
-[filter:dlo]
+[filter:authtoken]
-use = egg:swift#dlo
+paste.filter_factory = keystonemiddleware.auth_token:filter_factory
 www_authenticate_uri = http://controller:5000
 auth_url = http://controller:5000
 memcached_servers = controller:11211
 auth_type = password
 project_domain_id = default
 user_domain_id = default
 project_name = service
 username = swift
 # 根据用户创建的keystoneswift用户，自行修改密码
 password = swift
 delay_auth_decision = True
 [filter:keystoneauth]
 use = egg:swift#keystoneauth
 operator_roles = admin,user
 [filter:container-quotas]
 use = egg:swift#container_quotas
@ -68,28 +60,11 @@ use = egg:swift#container_quotas
 [filter:account-quotas]
 use = egg:swift#account_quotas
-[filter:gatekeeper]
+[filter:slo]
-use = egg:swift#gatekeeper
+use = egg:swift#slo
-[filter:container_sync]
+[filter:dlo]
-use = egg:swift#container_sync
+use = egg:swift#dlo
 [filter:versioned_writes]
 use = egg:swift#versioned_writes
 [filter:copy]
 use = egg:swift#copy
 object_post_as_copy = false
 [filter:keystone]
 use = egg:swift#keystoneauth
 operator_roles = admin, SwiftOperator
 cache = swift.cache
 [filter:authtoken]
 paste.filter_factory = keystonemiddleware.auth_token:filter_factory
 project_name = %SERVICE_TENANT_NAME%
 username = %SERVICE_USER%
 password = %SERVICE_PASSWORD%
 auth_url = http://127.0.0.1:5000
 signing_dir = /tmp/keystone-signing-swift
--- a/swift.conf
+++ b/swift.conf
@ -1,2 +1,7 @@
 [swift-hash]
-swift_hash_path_suffix = %SWIFT_HASH_PATH_SUFFIX%
+swift_hash_path_suffix = test-hash
 swift_hash_path_prefix = test-hash
 [storage-policy:0]
 name = Policy-0
 default = yes