[ceph.git] / ceph / qa / tasks / rgw.py

"""
rgw routines
"""
import argparse
import contextlib
import logging

from teuthology.orchestra import run
from teuthology import misc as teuthology
from teuthology import contextutil
from teuthology.exceptions import ConfigError
from tasks.ceph_manager import get_valgrind_args
from tasks.util import get_remote_for_role
from tasks.util.rgw import rgwadmin, wait_for_radosgw
from tasks.util.rados import (create_ec_pool,
                              create_replicated_pool,
                              create_cache_pool)

log = logging.getLogger(__name__)

class RGWEndpoint:
    def __init__(self, hostname=None, port=None, cert=None, dns_name=None, website_dns_name=None):
        self.hostname = hostname
        self.port = port
        self.cert = cert
        self.dns_name = dns_name
        self.website_dns_name = website_dns_name

    def url(self):
        proto = 'https' if self.cert else 'http'
        return '{proto}://{hostname}:{port}/'.format(proto=proto, hostname=self.hostname, port=self.port)

@contextlib.contextmanager
def start_rgw(ctx, config, clients):
    """
    Start rgw on remote sites.
    """
    log.info('Starting rgw...')
    testdir = teuthology.get_testdir(ctx)
    for client in clients:
        (remote,) = ctx.cluster.only(client).remotes.keys()
        cluster_name, daemon_type, client_id = teuthology.split_role(client)
        client_with_id = daemon_type + '.' + client_id
        client_with_cluster = cluster_name + '.' + client_with_id

        client_config = config.get(client)
        if client_config is None:
            client_config = {}
        log.info("rgw %s config is %s", client, client_config)
        cmd_prefix = [
            'sudo',
            'adjust-ulimits',
            'ceph-coverage',
            '{tdir}/archive/coverage'.format(tdir=testdir),
            'daemon-helper',
            'term',
            ]

        rgw_cmd = ['radosgw']

        log.info("Using %s as radosgw frontend", ctx.rgw.frontend)

        endpoint = ctx.rgw.role_endpoints[client]
        frontends = ctx.rgw.frontend
        frontend_prefix = client_config.get('frontend_prefix', None)
        if frontend_prefix:
            frontends += ' prefix={pfx}'.format(pfx=frontend_prefix)

        if endpoint.cert:
            # add the ssl certificate path
            frontends += ' ssl_certificate={}'.format(endpoint.cert.certificate)
            frontends += ' ssl_port={}'.format(endpoint.port)
        else:
            frontends += ' port={}'.format(endpoint.port)

        rgw_cmd.extend([
            '--rgw-frontends', frontends,
            '-n', client_with_id,
            '--cluster', cluster_name,
            '-k', '/etc/ceph/{client_with_cluster}.keyring'.format(client_with_cluster=client_with_cluster),
            '--log-file',
            '/var/log/ceph/rgw.{client_with_cluster}.log'.format(client_with_cluster=client_with_cluster),
            '--rgw_ops_log_socket_path',
            '{tdir}/rgw.opslog.{client_with_cluster}.sock'.format(tdir=testdir,
                                                     client_with_cluster=client_with_cluster),
	    ])

        keystone_role = client_config.get('use-keystone-role', None)
        if keystone_role is not None:
            if not ctx.keystone:
                raise ConfigError('rgw must run after the keystone task')
            url = 'http://{host}:{port}/v1/KEY_$(tenant_id)s'.format(host=endpoint.hostname,
                                                                     port=endpoint.port)
            ctx.keystone.create_endpoint(ctx, keystone_role, 'swift', url)

            keystone_host, keystone_port = \
                ctx.keystone.public_endpoints[keystone_role]
            rgw_cmd.extend([
                '--rgw_keystone_url',
                'http://{khost}:{kport}'.format(khost=keystone_host,
                                                kport=keystone_port),
                ])


        if client_config.get('dns-name') is not None:
            rgw_cmd.extend(['--rgw-dns-name', endpoint.dns_name])
        if client_config.get('dns-s3website-name') is not None:
            rgw_cmd.extend(['--rgw-dns-s3website-name', endpoint.website_dns_name])


        vault_role = client_config.get('use-vault-role', None)
        barbican_role = client_config.get('use-barbican-role', None)
        pykmip_role = client_config.get('use-pykmip-role', None)

        token_path = '/etc/ceph/vault-root-token'
        if barbican_role is not None:
            if not hasattr(ctx, 'barbican'):
                raise ConfigError('rgw must run after the barbican task')

            barbican_host, barbican_port = \
                ctx.barbican.endpoints[barbican_role]
            log.info("Use barbican url=%s:%s", barbican_host, barbican_port)

            rgw_cmd.extend([
                '--rgw_barbican_url',
                'http://{bhost}:{bport}'.format(bhost=barbican_host,
                                                bport=barbican_port),
                ])
        elif vault_role is not None:
            if not ctx.vault.root_token:
                raise ConfigError('vault: no "root_token" specified')
            # create token on file
            ctx.rgw.vault_role = vault_role
            ctx.cluster.only(client).run(args=['sudo', 'echo', '-n', ctx.vault.root_token, run.Raw('|'), 'sudo', 'tee', token_path])
            log.info("Token file content")
            ctx.cluster.only(client).run(args=['cat', token_path])
            log.info("Restrict access to token file")
            ctx.cluster.only(client).run(args=['sudo', 'chmod', '600', token_path])
            ctx.cluster.only(client).run(args=['sudo', 'chown', 'ceph', token_path])

            vault_addr = "{}:{}".format(*ctx.vault.endpoints[vault_role])
            rgw_cmd.extend([
                '--rgw_crypt_vault_addr', vault_addr,
                '--rgw_crypt_vault_token_file', token_path,
                '--rgw_crypt_sse_s3_vault_addr', vault_addr,
                '--rgw_crypt_sse_s3_vault_token_file', token_path,
            ])
        elif pykmip_role is not None:
            if not hasattr(ctx, 'pykmip'):
                raise ConfigError('rgw must run after the pykmip task')
            ctx.rgw.pykmip_role = pykmip_role
            rgw_cmd.extend([
                '--rgw_crypt_kmip_addr', "{}:{}".format(*ctx.pykmip.endpoints[pykmip_role]),
            ])

            clientcert = ctx.ssl_certificates.get('kmip-client')
            servercert = ctx.ssl_certificates.get('kmip-server')
            clientca = ctx.ssl_certificates.get('kmiproot')

            clientkey = clientcert.key
            clientcert = clientcert.certificate
            serverkey = servercert.key
            servercert = servercert.certificate
            rootkey = clientca.key
            rootcert = clientca.certificate

            cert_path = '/etc/ceph/'
            ctx.cluster.only(client).run(args=['sudo', 'cp', clientcert, cert_path])
            ctx.cluster.only(client).run(args=['sudo', 'cp', clientkey, cert_path])
            ctx.cluster.only(client).run(args=['sudo', 'cp', servercert, cert_path])
            ctx.cluster.only(client).run(args=['sudo', 'cp', serverkey, cert_path])
            ctx.cluster.only(client).run(args=['sudo', 'cp', rootkey, cert_path])
            ctx.cluster.only(client).run(args=['sudo', 'cp', rootcert, cert_path])

            clientcert = cert_path + 'kmip-client.crt'
            clientkey = cert_path + 'kmip-client.key'
            servercert = cert_path + 'kmip-server.crt'
            serverkey = cert_path + 'kmip-server.key'
            rootkey = cert_path + 'kmiproot.key'
            rootcert = cert_path + 'kmiproot.crt'

            ctx.cluster.only(client).run(args=['sudo', 'chmod', '600', clientcert, clientkey, servercert, serverkey, rootkey, rootcert])
            ctx.cluster.only(client).run(args=['sudo', 'chown', 'ceph', clientcert, clientkey, servercert, serverkey, rootkey, rootcert])

        rgw_cmd.extend([
            '--foreground',
            run.Raw('|'),
            'sudo',
            'tee',
            '/var/log/ceph/rgw.{client_with_cluster}.stdout'.format(client_with_cluster=client_with_cluster),
            run.Raw('2>&1'),
            ])

        if client_config.get('valgrind'):
            cmd_prefix = get_valgrind_args(
                testdir,
                client_with_cluster,
                cmd_prefix,
                client_config.get('valgrind'),
                # see https://github.com/ceph/teuthology/pull/1600
                exit_on_first_error=False
                )

        run_cmd = list(cmd_prefix)
        run_cmd.extend(rgw_cmd)

        ctx.daemons.add_daemon(
            remote, 'rgw', client_with_id,
            cluster=cluster_name,
            fsid=ctx.ceph[cluster_name].fsid,
            args=run_cmd,
            logger=log.getChild(client),
            stdin=run.PIPE,
            wait=False,
            )

    # XXX: add_daemon() doesn't let us wait until radosgw finishes startup
    for client in clients:
        endpoint = ctx.rgw.role_endpoints[client]
        url = endpoint.url()
        log.info('Polling {client} until it starts accepting connections on {url}'.format(client=client, url=url))
        (remote,) = ctx.cluster.only(client).remotes.keys()
        wait_for_radosgw(url, remote)

    try:
        yield
    finally:
        for client in clients:
            cluster_name, daemon_type, client_id = teuthology.split_role(client)
            client_with_id = daemon_type + '.' + client_id
            client_with_cluster = cluster_name + '.' + client_with_id
            ctx.daemons.get_daemon('rgw', client_with_id, cluster_name).stop()
            ctx.cluster.only(client).run(
                args=[
                    'rm',
                    '-f',
                    '{tdir}/rgw.opslog.{client}.sock'.format(tdir=testdir,
                                                             client=client_with_cluster),
                    ],
                )
            ctx.cluster.only(client).run(args=['sudo', 'rm', '-f', token_path])

def assign_endpoints(ctx, config, default_cert):
    role_endpoints = {}
    for role, client_config in config.items():
        client_config = client_config or {}
        remote = get_remote_for_role(ctx, role)

        cert = client_config.get('ssl certificate', default_cert)
        if cert:
            # find the certificate created by the ssl task
            if not hasattr(ctx, 'ssl_certificates'):
                raise ConfigError('rgw: no ssl task found for option "ssl certificate"')
            ssl_certificate = ctx.ssl_certificates.get(cert, None)
            if not ssl_certificate:
                raise ConfigError('rgw: missing ssl certificate "{}"'.format(cert))
        else:
            ssl_certificate = None

        port = client_config.get('port', 443 if ssl_certificate else 80)

        # if dns-name is given, use it as the hostname (or as a prefix)
        dns_name = client_config.get('dns-name', '')
        if len(dns_name) == 0 or dns_name.endswith('.'):
            dns_name += remote.hostname

        website_dns_name = client_config.get('dns-s3website-name')
        if website_dns_name is not None and (len(website_dns_name) == 0 or website_dns_name.endswith('.')):
            website_dns_name += remote.hostname

        role_endpoints[role] = RGWEndpoint(remote.hostname, port, ssl_certificate, dns_name, website_dns_name)

    return role_endpoints

@contextlib.contextmanager
def create_pools(ctx, clients):
    """Create replicated or erasure coded data pools for rgw."""

    log.info('Creating data pools')
    for client in clients:
        log.debug("Obtaining remote for client {}".format(client))
        (remote,) = ctx.cluster.only(client).remotes.keys()
        data_pool = 'default.rgw.buckets.data'
        cluster_name, daemon_type, client_id = teuthology.split_role(client)

        if ctx.rgw.ec_data_pool:
            create_ec_pool(remote, data_pool, client, ctx.rgw.data_pool_pg_size,
                           ctx.rgw.erasure_code_profile, cluster_name, 'rgw')
        else:
            create_replicated_pool(remote, data_pool, ctx.rgw.data_pool_pg_size, cluster_name, 'rgw')

        index_pool = 'default.rgw.buckets.index'
        create_replicated_pool(remote, index_pool, ctx.rgw.index_pool_pg_size, cluster_name, 'rgw')

        if ctx.rgw.cache_pools:
            create_cache_pool(remote, data_pool, data_pool + '.cache', 64,
                              64*1024*1024, cluster_name)
    log.debug('Pools created')
    yield

@contextlib.contextmanager
def configure_compression(ctx, clients, compression):
    """ set a compression type in the default zone placement """
    log.info('Configuring compression type = %s', compression)
    for client in clients:
        # XXX: the 'default' zone and zonegroup aren't created until we run RGWRados::init_complete().
        # issue a 'radosgw-admin user list' command to trigger this
        rgwadmin(ctx, client, cmd=['user', 'list'], check_status=True)

        rgwadmin(ctx, client,
                cmd=['zone', 'placement', 'modify', '--rgw-zone', 'default',
                     '--placement-id', 'default-placement',
                     '--compression', compression],
                check_status=True)
    yield

@contextlib.contextmanager
def configure_datacache(ctx, clients, datacache_path):
    """ create directory for rgw datacache """
    log.info('Preparing directory for rgw datacache at %s', datacache_path)
    for client in clients:
        if(datacache_path != None):
            ctx.cluster.only(client).run(args=['mkdir', '-p', datacache_path])
            ctx.cluster.only(client).run(args=['sudo', 'chmod', 'a+rwx', datacache_path])
        else:
            log.info('path for datacache was not provided')
    yield

@contextlib.contextmanager
def configure_storage_classes(ctx, clients, storage_classes):
    """ set a compression type in the default zone placement """

    sc = [s.strip() for s in storage_classes.split(',')]

    for client in clients:
        # XXX: the 'default' zone and zonegroup aren't created until we run RGWRados::init_complete().
        # issue a 'radosgw-admin user list' command to trigger this
        rgwadmin(ctx, client, cmd=['user', 'list'], check_status=True)

        for storage_class in sc:
            log.info('Configuring storage class type = %s', storage_class)
            rgwadmin(ctx, client,
                    cmd=['zonegroup', 'placement', 'add',
                        '--rgw-zone', 'default',
                        '--placement-id', 'default-placement',
                        '--storage-class', storage_class],
                    check_status=True)
            rgwadmin(ctx, client,
                    cmd=['zone', 'placement', 'add',
                        '--rgw-zone', 'default',
                        '--placement-id', 'default-placement',
                        '--storage-class', storage_class,
                        '--data-pool', 'default.rgw.buckets.data.' + storage_class.lower()],
                    check_status=True)
    yield

@contextlib.contextmanager
def task(ctx, config):
    """
    For example, to run rgw on all clients::

        tasks:
        - ceph:
        - rgw:

    To only run on certain clients::

        tasks:
        - ceph:
        - rgw: [client.0, client.3]

    or

        tasks:
        - ceph:
        - rgw:
            client.0:
            client.3:

    To run radosgw through valgrind:

        tasks:
        - ceph:
        - rgw:
            client.0:
              valgrind: [--tool=memcheck]
            client.3:
              valgrind: [--tool=memcheck]

    To configure data or index pool pg_size:

        overrides:
          rgw:
            data_pool_pg_size: 256
            index_pool_pg_size: 128
    """
    if config is None:
        config = dict(('client.{id}'.format(id=id_), None)
                      for id_ in teuthology.all_roles_of_type(
                          ctx.cluster, 'client'))
    elif isinstance(config, list):
        config = dict((name, None) for name in config)

    clients = config.keys() # http://tracker.ceph.com/issues/20417

    overrides = ctx.config.get('overrides', {})
    teuthology.deep_merge(config, overrides.get('rgw', {}))

    ctx.rgw = argparse.Namespace()
    ctx.rgw_cloudtier = None

    ctx.rgw.ec_data_pool = bool(config.pop('ec-data-pool', False))
    ctx.rgw.erasure_code_profile = config.pop('erasure_code_profile', {})
    ctx.rgw.cache_pools = bool(config.pop('cache-pools', False))
    ctx.rgw.frontend = config.pop('frontend', 'beast')
    ctx.rgw.compression_type = config.pop('compression type', None)
    ctx.rgw.storage_classes = config.pop('storage classes', None)
    default_cert = config.pop('ssl certificate', None)
    ctx.rgw.data_pool_pg_size = config.pop('data_pool_pg_size', 64)
    ctx.rgw.index_pool_pg_size = config.pop('index_pool_pg_size', 64)
    ctx.rgw.datacache = bool(config.pop('datacache', False))
    ctx.rgw.datacache_path = config.pop('datacache_path', None)
    ctx.rgw.config = config

    log.debug("config is {}".format(config))
    log.debug("client list is {}".format(clients))

    ctx.rgw.role_endpoints = assign_endpoints(ctx, config, default_cert)

    subtasks = [
        lambda: create_pools(ctx=ctx, clients=clients),
    ]
    if ctx.rgw.compression_type:
        subtasks.extend([
            lambda: configure_compression(ctx=ctx, clients=clients,
                                          compression=ctx.rgw.compression_type),
        ])
    if ctx.rgw.datacache:
        subtasks.extend([
            lambda: configure_datacache(ctx=ctx, clients=clients,
                                        datacache_path=ctx.rgw.datacache_path),
        ])
    if ctx.rgw.storage_classes:
        subtasks.extend([
            lambda: configure_storage_classes(ctx=ctx, clients=clients,
                                              storage_classes=ctx.rgw.storage_classes),
        ])
    subtasks.extend([
        lambda: start_rgw(ctx=ctx, config=config, clients=clients),
    ])

    with contextutil.nested(*subtasks):
        yield
Commit	Line	Data
7c673cae FG	1	"""
	2	rgw routines
	3	"""
	4	import argparse
	5	import contextlib
7c673cae	6	import logging
7c673cae	7
7c673cae FG	8	from teuthology.orchestra import run
	9	from teuthology import misc as teuthology
	10	from teuthology import contextutil
11fdf7f2	11	from teuthology.exceptions import ConfigError
f67539c2	12	from tasks.ceph_manager import get_valgrind_args
e306af50 TL	13	from tasks.util import get_remote_for_role
	14	from tasks.util.rgw import rgwadmin, wait_for_radosgw
	15	from tasks.util.rados import (create_ec_pool,
	16	create_replicated_pool,
	17	create_cache_pool)
7c673cae FG	18
	19	log = logging.getLogger(__name__)
	20
11fdf7f2	21	class RGWEndpoint:
494da23a	22	def __init__(self, hostname=None, port=None, cert=None, dns_name=None, website_dns_name=None):
11fdf7f2 TL	23	self.hostname = hostname
	24	self.port = port
	25	self.cert = cert
494da23a TL	26	self.dns_name = dns_name
494da23a TL	27	self.website_dns_name = website_dns_name
11fdf7f2 TL	28
	29	def url(self):
	30	proto = 'https' if self.cert else 'http'
	31	return '{proto}://{hostname}:{port}/'.format(proto=proto, hostname=self.hostname, port=self.port)
	32
7c673cae	33	@contextlib.contextmanager
224ce89b	34	def start_rgw(ctx, config, clients):
7c673cae FG	35	"""
	36	Start rgw on remote sites.
	37	"""
	38	log.info('Starting rgw...')
7c673cae	39	testdir = teuthology.get_testdir(ctx)
224ce89b	40	for client in clients:
9f95a23c	41	(remote,) = ctx.cluster.only(client).remotes.keys()
7c673cae FG	42	cluster_name, daemon_type, client_id = teuthology.split_role(client)
	43	client_with_id = daemon_type + '.' + client_id
	44	client_with_cluster = cluster_name + '.' + client_with_id
7c673cae FG	45
	46	client_config = config.get(client)
	47	if client_config is None:
	48	client_config = {}
	49	log.info("rgw %s config is %s", client, client_config)
7c673cae FG	50	cmd_prefix = [
	51	'sudo',
	52	'adjust-ulimits',
	53	'ceph-coverage',
	54	'{tdir}/archive/coverage'.format(tdir=testdir),
	55	'daemon-helper',
	56	'term',
	57	]
	58
	59	rgw_cmd = ['radosgw']
	60
31f18b77	61	log.info("Using %s as radosgw frontend", ctx.rgw.frontend)
7c673cae	62
11fdf7f2 TL	63	endpoint = ctx.rgw.role_endpoints[client]
	64	frontends = ctx.rgw.frontend
	65	frontend_prefix = client_config.get('frontend_prefix', None)
	66	if frontend_prefix:
	67	frontends += ' prefix={pfx}'.format(pfx=frontend_prefix)
	68
	69	if endpoint.cert:
	70	# add the ssl certificate path
	71	frontends += ' ssl_certificate={}'.format(endpoint.cert.certificate)
20effc67	72	frontends += ' ssl_port={}'.format(endpoint.port)
11fdf7f2 TL	73	else:
	74	frontends += ' port={}'.format(endpoint.port)
	75
7c673cae	76	rgw_cmd.extend([
11fdf7f2	77	'--rgw-frontends', frontends,
7c673cae FG	78	'-n', client_with_id,
	79	'--cluster', cluster_name,
	80	'-k', '/etc/ceph/{client_with_cluster}.keyring'.format(client_with_cluster=client_with_cluster),
	81	'--log-file',
	82	'/var/log/ceph/rgw.{client_with_cluster}.log'.format(client_with_cluster=client_with_cluster),
	83	'--rgw_ops_log_socket_path',
	84	'{tdir}/rgw.opslog.{client_with_cluster}.sock'.format(tdir=testdir,
9f95a23c	85	client_with_cluster=client_with_cluster),
11fdf7f2 TL	86	])
	87
	88	keystone_role = client_config.get('use-keystone-role', None)
	89	if keystone_role is not None:
	90	if not ctx.keystone:
	91	raise ConfigError('rgw must run after the keystone task')
	92	url = 'http://{host}:{port}/v1/KEY_$(tenant_id)s'.format(host=endpoint.hostname,
	93	port=endpoint.port)
	94	ctx.keystone.create_endpoint(ctx, keystone_role, 'swift', url)
	95
	96	keystone_host, keystone_port = \
	97	ctx.keystone.public_endpoints[keystone_role]
	98	rgw_cmd.extend([
	99	'--rgw_keystone_url',
	100	'http://{khost}:{kport}'.format(khost=keystone_host,
	101	kport=keystone_port),
	102	])
	103
9f95a23c	104
e306af50	105	if client_config.get('dns-name') is not None:
494da23a	106	rgw_cmd.extend(['--rgw-dns-name', endpoint.dns_name])
e306af50	107	if client_config.get('dns-s3website-name') is not None:
494da23a TL	108	rgw_cmd.extend(['--rgw-dns-s3website-name', endpoint.website_dns_name])
494da23a TL	109
9f95a23c TL	110
	111	vault_role = client_config.get('use-vault-role', None)
	112	barbican_role = client_config.get('use-barbican-role', None)
f67539c2	113	pykmip_role = client_config.get('use-pykmip-role', None)
9f95a23c	114
20effc67	115	token_path = '/etc/ceph/vault-root-token'
9f95a23c TL	116	if barbican_role is not None:
	117	if not hasattr(ctx, 'barbican'):
	118	raise ConfigError('rgw must run after the barbican task')
	119
	120	barbican_host, barbican_port = \
	121	ctx.barbican.endpoints[barbican_role]
	122	log.info("Use barbican url=%s:%s", barbican_host, barbican_port)
	123
	124	rgw_cmd.extend([
	125	'--rgw_barbican_url',
	126	'http://{bhost}:{bport}'.format(bhost=barbican_host,
	127	bport=barbican_port),
	128	])
	129	elif vault_role is not None:
	130	if not ctx.vault.root_token:
	131	raise ConfigError('vault: no "root_token" specified')
	132	# create token on file
f67539c2	133	ctx.rgw.vault_role = vault_role
20effc67	134	ctx.cluster.only(client).run(args=['sudo', 'echo', '-n', ctx.vault.root_token, run.Raw('\|'), 'sudo', 'tee', token_path])
9f95a23c TL	135	log.info("Token file content")
9f95a23c TL	136	ctx.cluster.only(client).run(args=['cat', token_path])
1911f103	137	log.info("Restrict access to token file")
20effc67	138	ctx.cluster.only(client).run(args=['sudo', 'chmod', '600', token_path])
1911f103	139	ctx.cluster.only(client).run(args=['sudo', 'chown', 'ceph', token_path])
9f95a23c	140
2a845540	141	vault_addr = "{}:{}".format(*ctx.vault.endpoints[vault_role])
9f95a23c	142	rgw_cmd.extend([
2a845540 TL	143	'--rgw_crypt_vault_addr', vault_addr,
	144	'--rgw_crypt_vault_token_file', token_path,
	145	'--rgw_crypt_sse_s3_vault_addr', vault_addr,
	146	'--rgw_crypt_sse_s3_vault_token_file', token_path,
9f95a23c	147	])
f67539c2 TL	148	elif pykmip_role is not None:
	149	if not hasattr(ctx, 'pykmip'):
	150	raise ConfigError('rgw must run after the pykmip task')
	151	ctx.rgw.pykmip_role = pykmip_role
	152	rgw_cmd.extend([
	153	'--rgw_crypt_kmip_addr', "{}:{}".format(*ctx.pykmip.endpoints[pykmip_role]),
	154	])
9f95a23c	155
20effc67 TL	156	clientcert = ctx.ssl_certificates.get('kmip-client')
	157	servercert = ctx.ssl_certificates.get('kmip-server')
	158	clientca = ctx.ssl_certificates.get('kmiproot')
	159
	160	clientkey = clientcert.key
	161	clientcert = clientcert.certificate
	162	serverkey = servercert.key
	163	servercert = servercert.certificate
	164	rootkey = clientca.key
	165	rootcert = clientca.certificate
	166
	167	cert_path = '/etc/ceph/'
	168	ctx.cluster.only(client).run(args=['sudo', 'cp', clientcert, cert_path])
	169	ctx.cluster.only(client).run(args=['sudo', 'cp', clientkey, cert_path])
	170	ctx.cluster.only(client).run(args=['sudo', 'cp', servercert, cert_path])
	171	ctx.cluster.only(client).run(args=['sudo', 'cp', serverkey, cert_path])
	172	ctx.cluster.only(client).run(args=['sudo', 'cp', rootkey, cert_path])
	173	ctx.cluster.only(client).run(args=['sudo', 'cp', rootcert, cert_path])
	174
	175	clientcert = cert_path + 'kmip-client.crt'
	176	clientkey = cert_path + 'kmip-client.key'
	177	servercert = cert_path + 'kmip-server.crt'
	178	serverkey = cert_path + 'kmip-server.key'
	179	rootkey = cert_path + 'kmiproot.key'
	180	rootcert = cert_path + 'kmiproot.crt'
	181
	182	ctx.cluster.only(client).run(args=['sudo', 'chmod', '600', clientcert, clientkey, servercert, serverkey, rootkey, rootcert])
	183	ctx.cluster.only(client).run(args=['sudo', 'chown', 'ceph', clientcert, clientkey, servercert, serverkey, rootkey, rootcert])
	184
11fdf7f2	185	rgw_cmd.extend([
7c673cae FG	186	'--foreground',
	187	run.Raw('\|'),
	188	'sudo',
	189	'tee',
9f95a23c	190	'/var/log/ceph/rgw.{client_with_cluster}.stdout'.format(client_with_cluster=client_with_cluster),
7c673cae FG	191	run.Raw('2>&1'),
	192	])
	193
	194	if client_config.get('valgrind'):
f67539c2	195	cmd_prefix = get_valgrind_args(
7c673cae	196	testdir,
31f18b77	197	client_with_cluster,
7c673cae	198	cmd_prefix,
20effc67 TL	199	client_config.get('valgrind'),
	200	# see https://github.com/ceph/teuthology/pull/1600
	201	exit_on_first_error=False
7c673cae FG	202	)
	203
	204	run_cmd = list(cmd_prefix)
	205	run_cmd.extend(rgw_cmd)
	206
	207	ctx.daemons.add_daemon(
31f18b77	208	remote, 'rgw', client_with_id,
7c673cae	209	cluster=cluster_name,
f67539c2	210	fsid=ctx.ceph[cluster_name].fsid,
7c673cae FG	211	args=run_cmd,
	212	logger=log.getChild(client),
	213	stdin=run.PIPE,
	214	wait=False,
	215	)
	216
	217	# XXX: add_daemon() doesn't let us wait until radosgw finishes startup
11fdf7f2 TL	218	for client in clients:
	219	endpoint = ctx.rgw.role_endpoints[client]
	220	url = endpoint.url()
	221	log.info('Polling {client} until it starts accepting connections on {url}'.format(client=client, url=url))
9f95a23c	222	(remote,) = ctx.cluster.only(client).remotes.keys()
81eedcae	223	wait_for_radosgw(url, remote)
7c673cae FG	224
	225	try:
	226	yield
	227	finally:
11fdf7f2	228	for client in clients:
31f18b77 FG	229	cluster_name, daemon_type, client_id = teuthology.split_role(client)
	230	client_with_id = daemon_type + '.' + client_id
	231	client_with_cluster = cluster_name + '.' + client_with_id
	232	ctx.daemons.get_daemon('rgw', client_with_id, cluster_name).stop()
7c673cae FG	233	ctx.cluster.only(client).run(
	234	args=[
	235	'rm',
	236	'-f',
31f18b77 FG	237	'{tdir}/rgw.opslog.{client}.sock'.format(tdir=testdir,
31f18b77 FG	238	client=client_with_cluster),
7c673cae FG	239	],
7c673cae FG	240	)
20effc67	241	ctx.cluster.only(client).run(args=['sudo', 'rm', '-f', token_path])
7c673cae	242
11fdf7f2	243	def assign_endpoints(ctx, config, default_cert):
7c673cae	244	role_endpoints = {}
9f95a23c	245	for role, client_config in config.items():
11fdf7f2 TL	246	client_config = client_config or {}
	247	remote = get_remote_for_role(ctx, role)
	248
	249	cert = client_config.get('ssl certificate', default_cert)
	250	if cert:
	251	# find the certificate created by the ssl task
	252	if not hasattr(ctx, 'ssl_certificates'):
	253	raise ConfigError('rgw: no ssl task found for option "ssl certificate"')
	254	ssl_certificate = ctx.ssl_certificates.get(cert, None)
	255	if not ssl_certificate:
	256	raise ConfigError('rgw: missing ssl certificate "{}"'.format(cert))
	257	else:
	258	ssl_certificate = None
	259
494da23a TL	260	port = client_config.get('port', 443 if ssl_certificate else 80)
	261
	262	# if dns-name is given, use it as the hostname (or as a prefix)
	263	dns_name = client_config.get('dns-name', '')
	264	if len(dns_name) == 0 or dns_name.endswith('.'):
	265	dns_name += remote.hostname
	266
	267	website_dns_name = client_config.get('dns-s3website-name')
e306af50 TL	268	if website_dns_name is not None and (len(website_dns_name) == 0 or website_dns_name.endswith('.')):
e306af50 TL	269	website_dns_name += remote.hostname
494da23a TL	270
494da23a TL	271	role_endpoints[role] = RGWEndpoint(remote.hostname, port, ssl_certificate, dns_name, website_dns_name)
7c673cae FG	272
	273	return role_endpoints
	274
7c673cae	275	@contextlib.contextmanager
224ce89b	276	def create_pools(ctx, clients):
7c673cae	277	"""Create replicated or erasure coded data pools for rgw."""
7c673cae	278
31f18b77	279	log.info('Creating data pools')
224ce89b WB	280	for client in clients:
224ce89b WB	281	log.debug("Obtaining remote for client {}".format(client))
9f95a23c	282	(remote,) = ctx.cluster.only(client).remotes.keys()
11fdf7f2	283	data_pool = 'default.rgw.buckets.data'
7c673cae FG	284	cluster_name, daemon_type, client_id = teuthology.split_role(client)
	285
	286	if ctx.rgw.ec_data_pool:
11fdf7f2	287	create_ec_pool(remote, data_pool, client, ctx.rgw.data_pool_pg_size,
b5b8bbf5	288	ctx.rgw.erasure_code_profile, cluster_name, 'rgw')
7c673cae	289	else:
11fdf7f2 TL	290	create_replicated_pool(remote, data_pool, ctx.rgw.data_pool_pg_size, cluster_name, 'rgw')
	291
	292	index_pool = 'default.rgw.buckets.index'
	293	create_replicated_pool(remote, index_pool, ctx.rgw.index_pool_pg_size, cluster_name, 'rgw')
	294
7c673cae FG	295	if ctx.rgw.cache_pools:
7c673cae FG	296	create_cache_pool(remote, data_pool, data_pool + '.cache', 64,
181888fb	297	6410241024, cluster_name)
31f18b77	298	log.debug('Pools created')
7c673cae FG	299	yield
	300
	301	@contextlib.contextmanager
224ce89b	302	def configure_compression(ctx, clients, compression):
31f18b77 FG	303	""" set a compression type in the default zone placement """
31f18b77 FG	304	log.info('Configuring compression type = %s', compression)
224ce89b	305	for client in clients:
7c673cae FG	306	# XXX: the 'default' zone and zonegroup aren't created until we run RGWRados::init_complete().
	307	# issue a 'radosgw-admin user list' command to trigger this
	308	rgwadmin(ctx, client, cmd=['user', 'list'], check_status=True)
	309
	310	rgwadmin(ctx, client,
	311	cmd=['zone', 'placement', 'modify', '--rgw-zone', 'default',
31f18b77 FG	312	'--placement-id', 'default-placement',
31f18b77 FG	313	'--compression', compression],
7c673cae	314	check_status=True)
7c673cae FG	315	yield
7c673cae FG	316
20effc67 TL	317	@contextlib.contextmanager
	318	def configure_datacache(ctx, clients, datacache_path):
	319	""" create directory for rgw datacache """
	320	log.info('Preparing directory for rgw datacache at %s', datacache_path)
	321	for client in clients:
	322	if(datacache_path != None):
	323	ctx.cluster.only(client).run(args=['mkdir', '-p', datacache_path])
	324	ctx.cluster.only(client).run(args=['sudo', 'chmod', 'a+rwx', datacache_path])
	325	else:
	326	log.info('path for datacache was not provided')
	327	yield
	328
11fdf7f2 TL	329	@contextlib.contextmanager
	330	def configure_storage_classes(ctx, clients, storage_classes):
	331	""" set a compression type in the default zone placement """
	332
	333	sc = [s.strip() for s in storage_classes.split(',')]
	334
	335	for client in clients:
	336	# XXX: the 'default' zone and zonegroup aren't created until we run RGWRados::init_complete().
	337	# issue a 'radosgw-admin user list' command to trigger this
	338	rgwadmin(ctx, client, cmd=['user', 'list'], check_status=True)
	339
	340	for storage_class in sc:
	341	log.info('Configuring storage class type = %s', storage_class)
	342	rgwadmin(ctx, client,
	343	cmd=['zonegroup', 'placement', 'add',
	344	'--rgw-zone', 'default',
	345	'--placement-id', 'default-placement',
	346	'--storage-class', storage_class],
	347	check_status=True)
	348	rgwadmin(ctx, client,
	349	cmd=['zone', 'placement', 'add',
	350	'--rgw-zone', 'default',
	351	'--placement-id', 'default-placement',
	352	'--storage-class', storage_class,
	353	'--data-pool', 'default.rgw.buckets.data.' + storage_class.lower()],
	354	check_status=True)
	355	yield
	356
7c673cae FG	357	@contextlib.contextmanager
	358	def task(ctx, config):
	359	"""
7c673cae FG	360	For example, to run rgw on all clients::
	361
	362	tasks:
	363	- ceph:
	364	- rgw:
	365
	366	To only run on certain clients::
	367
	368	tasks:
	369	- ceph:
	370	- rgw: [client.0, client.3]
	371
	372	or
	373
	374	tasks:
	375	- ceph:
	376	- rgw:
	377	client.0:
	378	client.3:
	379
7c673cae FG	380	To run radosgw through valgrind:
	381
	382	tasks:
	383	- ceph:
	384	- rgw:
	385	client.0:
	386	valgrind: [--tool=memcheck]
	387	client.3:
	388	valgrind: [--tool=memcheck]
11fdf7f2 TL	389
	390	To configure data or index pool pg_size:
	391
	392	overrides:
	393	rgw:
	394	data_pool_pg_size: 256
	395	index_pool_pg_size: 128
7c673cae FG	396	"""
	397	if config is None:
	398	config = dict(('client.{id}'.format(id=id_), None)
	399	for id_ in teuthology.all_roles_of_type(
	400	ctx.cluster, 'client'))
	401	elif isinstance(config, list):
	402	config = dict((name, None) for name in config)
	403
224ce89b WB	404	clients = config.keys() # http://tracker.ceph.com/issues/20417
224ce89b WB	405
7c673cae FG	406	overrides = ctx.config.get('overrides', {})
	407	teuthology.deep_merge(config, overrides.get('rgw', {}))
	408
7c673cae	409	ctx.rgw = argparse.Namespace()
39ae355f	410	ctx.rgw_cloudtier = None
7c673cae	411
31f18b77 FG	412	ctx.rgw.ec_data_pool = bool(config.pop('ec-data-pool', False))
	413	ctx.rgw.erasure_code_profile = config.pop('erasure_code_profile', {})
	414	ctx.rgw.cache_pools = bool(config.pop('cache-pools', False))
20effc67	415	ctx.rgw.frontend = config.pop('frontend', 'beast')
31f18b77	416	ctx.rgw.compression_type = config.pop('compression type', None)
11fdf7f2 TL	417	ctx.rgw.storage_classes = config.pop('storage classes', None)
	418	default_cert = config.pop('ssl certificate', None)
	419	ctx.rgw.data_pool_pg_size = config.pop('data_pool_pg_size', 64)
	420	ctx.rgw.index_pool_pg_size = config.pop('index_pool_pg_size', 64)
20effc67 TL	421	ctx.rgw.datacache = bool(config.pop('datacache', False))
20effc67 TL	422	ctx.rgw.datacache_path = config.pop('datacache_path', None)
7c673cae	423	ctx.rgw.config = config
7c673cae	424
224ce89b WB	425	log.debug("config is {}".format(config))
224ce89b WB	426	log.debug("client list is {}".format(clients))
11fdf7f2 TL	427
	428	ctx.rgw.role_endpoints = assign_endpoints(ctx, config, default_cert)
	429
31f18b77	430	subtasks = [
224ce89b	431	lambda: create_pools(ctx=ctx, clients=clients),
31f18b77 FG	432	]
31f18b77 FG	433	if ctx.rgw.compression_type:
7c673cae	434	subtasks.extend([
224ce89b	435	lambda: configure_compression(ctx=ctx, clients=clients,
31f18b77	436	compression=ctx.rgw.compression_type),
7c673cae	437	])
20effc67 TL	438	if ctx.rgw.datacache:
	439	subtasks.extend([
	440	lambda: configure_datacache(ctx=ctx, clients=clients,
	441	datacache_path=ctx.rgw.datacache_path),
	442	])
11fdf7f2 TL	443	if ctx.rgw.storage_classes:
	444	subtasks.extend([
	445	lambda: configure_storage_classes(ctx=ctx, clients=clients,
	446	storage_classes=ctx.rgw.storage_classes),
	447	])
31f18b77	448	subtasks.extend([
224ce89b	449	lambda: start_rgw(ctx=ctx, config=config, clients=clients),
31f18b77	450	])
7c673cae	451
7c673cae FG	452	with contextutil.nested(*subtasks):
7c673cae FG	453	yield