├── .gitignore ├── Jenkinsfile ├── README.md └── openio-sds ├── 16.10 └── centos │ └── 7 │ ├── Dockerfile │ ├── README.md │ └── openio-docker-init.sh ├── 17.04 ├── centos │ └── 7 │ │ ├── Dockerfile │ │ ├── README.md │ │ ├── openio-docker-init.sh │ │ └── swift.pp └── ubuntu │ └── xenial │ ├── Dockerfile │ ├── README.md │ ├── openio-docker-init.sh │ └── swift.pp ├── 18.04 ├── README.md ├── build.sh ├── inventory.ini ├── jenkins │ ├── Dockerfile │ └── ansible.cfg ├── openio-docker-init.sh ├── rsyslog.conf ├── standalone.yml └── test.sh ├── 18.10 ├── README.md ├── build.sh ├── deploy.sh ├── inventory.ini ├── jenkins │ ├── Dockerfile │ └── ansible.cfg ├── openio-docker-init.sh ├── standalone.yml └── test.sh ├── 19.04 ├── README.md ├── build.sh ├── deploy.sh ├── inventory.yml ├── jenkins │ ├── Dockerfile │ └── ansible.cfg ├── openio-docker-init.sh └── test.sh ├── 19.10 ├── README.md ├── build.sh ├── deploy.sh ├── inventory.yml ├── jenkins │ ├── Dockerfile │ └── ansible.cfg ├── openio-docker-init.sh └── test.sh ├── 20.04 ├── DOCKERHUB_DESC.md ├── README.md ├── build.sh ├── deploy.sh ├── inventory.yml ├── jenkins │ ├── Dockerfile │ └── ansible.cfg ├── openio-docker-init.sh └── test.sh ├── README.md ├── commons ├── rsyslog.conf └── sds-healthcheck.sh ├── scratch ├── README.md ├── deps │ └── centos │ │ └── 7 │ │ └── Dockerfile └── sds │ └── centos │ └── 7 │ └── Dockerfile └── tester ├── Dockerfile ├── checks.bats ├── helpers.bash └── load.bash /.gitignore: -------------------------------------------------------------------------------- 1 | *ansible-playbook-openio-deployment/ 2 | .DS_Store 3 | -------------------------------------------------------------------------------- /Jenkinsfile: -------------------------------------------------------------------------------- 1 | pipeline { 2 | agent any 3 | options { 4 | // Cleanup build older than 10 previous ones 5 | buildDiscarder logRotator(artifactDaysToKeepStr: '', artifactNumToKeepStr: '', daysToKeepStr: '', numToKeepStr: '10') 6 | // Let's measure time 7 | timestamps() 8 | // Fail build if more than 10 minutes 9 | timeout(activity: true, time: 600, unit: 'SECONDS') 10 | } 11 | parameters { 12 | booleanParam(name: 'FORCE_DEPLOY', defaultValue: false, description: 'Force deployment step even if not on master branch?') 13 | } 14 | environment { 15 | PYTHONUNBUFFERED = '1' 16 | ANSIBLE_FORCE_COLOR = 'true' 17 | } 18 | triggers { 19 | cron('@weekly') 20 | } 21 | stages { 22 | stage('Shell Lint') { 23 | agent { 24 | label 'docker && small' 25 | } 26 | steps { 27 | sh ''' 28 | docker run --rm -t -v ${WORKSPACE}:${WORKSPACE}:ro koalaman/shellcheck-alpine \ 29 | sh -x -c "find ${WORKSPACE}/openio-sds -type f -name *.bats -or -name build.sh -or -name test.sh | grep -v ansible-playbook-openio-deployment \ 30 | | xargs -I- shellcheck -" 31 | ''' 32 | } 33 | } /* stage('Shell Lint') */ 34 | stage('Build a SDS Release Docker Image') { 35 | matrix { 36 | axes { 37 | axis { 38 | name 'DOCKER_IMAGE_DIR' 39 | values 'openio-sds/20.04', 'openio-sds/19.10', 'openio-sds/19.04','openio-sds/18.10' 40 | } 41 | } 42 | agent { 43 | dockerfile { 44 | label 'docker && big' 45 | dir "${DOCKER_IMAGE_DIR}/jenkins/" 46 | filename 'Dockerfile' 47 | args '-v /var/run/docker.sock:/var/run/docker.sock -u root' 48 | } 49 | } 50 | environment { 51 | DOCKER_IMAGE_NAME = DOCKER_IMAGE_DIR.replaceAll("/","-") 52 | DOCKER_BUILD_CONTAINER_NAME = "${GIT_COMMIT.substring(0,6)}-${BUILD_ID}-${DOCKER_IMAGE_NAME}-build" 53 | DOCKER_TEST_CONTAINER_NAME = "${GIT_COMMIT.substring(0,6)}-${BUILD_ID}-${DOCKER_IMAGE_NAME}-test" 54 | } 55 | stages { 56 | stage('build') { 57 | steps { 58 | sh 'echo "Building Docker Image ${DOCKER_IMAGE_NAME} from ${DOCKER_IMAGE_DIR}"' 59 | sh 'bash ${WORKSPACE}/${DOCKER_IMAGE_DIR}/build.sh' 60 | } 61 | post { 62 | always { 63 | script { 64 | // Cleanup with forced removal, and removal of volumes 65 | sh ''' 66 | docker kill ${DOCKER_BUILD_CONTAINER_NAME} || true 67 | docker rm -f -v ${DOCKER_BUILD_CONTAINER_NAME} || true 68 | ''' 69 | } 70 | } 71 | } 72 | } // stage('build') 73 | 74 | stage('test') { 75 | steps { 76 | sh 'echo "Testing Docker Image ${DOCKER_IMAGE_NAME} from ${DOCKER_IMAGE_DIR}"' 77 | sh 'bash ${WORKSPACE}/${DOCKER_IMAGE_DIR}/test.sh' 78 | } 79 | post { 80 | always { 81 | script { 82 | // Cleanup with forced removal, and removal of volumes 83 | sh ''' 84 | docker kill ${DOCKER_TEST_CONTAINER_NAME} || true 85 | docker rm -f -v ${DOCKER_TEST_CONTAINER_NAME} || true 86 | ''' 87 | } 88 | } 89 | } 90 | } // stage('test') 91 | 92 | stage('deploy') { 93 | environment { 94 | DOCKER_HUB = credentials('ID_HUB_DOCKER') // Defines DOCKER_HUB_USR and DOCKER_HUB_PSW env variables 95 | } 96 | steps { 97 | sh 'echo "Deploying Docker Image ${DOCKER_IMAGE_NAME} from ${DOCKER_IMAGE_DIR}"' 98 | 99 | // Log in local Docker to the remote registry 100 | sh 'echo ${DOCKER_HUB_PSW} | docker login --password-stdin -u ${DOCKER_HUB_USR}' 101 | 102 | sh 'bash ${WORKSPACE}/${DOCKER_IMAGE_DIR}/deploy.sh' 103 | } 104 | when { 105 | anyOf { 106 | branch 'master' 107 | buildingTag() 108 | expression { return params.FORCE_DEPLOY } 109 | } 110 | } 111 | } // stage('deploy') 112 | } // stages 113 | post { 114 | always { 115 | sh 'docker rmi -f ${DOCKER_IMAGE_NAME} || true' 116 | sh 'chmod -R 777 ${WORKSPACE}' 117 | cleanWs() 118 | } 119 | } // post 120 | } // matrix 121 | } // stage('Build a SDS Release Docker Image') 122 | } // stages 123 | post { 124 | failure { 125 | slackMessageUserMention("Build Failed - ${env.JOB_NAME} #${env.BUILD_NUMBER} (<${env.RUN_DISPLAY_URL}|Open>) is ${currentBuild.result}", '#AA0000') 126 | } 127 | success { 128 | slackMessageUserMention("Build Success - ${env.JOB_NAME} #${env.BUILD_NUMBER} (<${env.RUN_DISPLAY_URL}|Open>) is ${currentBuild.result}", '#008800') 129 | } 130 | } 131 | } 132 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # OpenIO's Dockerfiles 2 | 3 | This repository stores OpenIO's Docker Images. 4 | 5 | In order to be built, tested and deployed, each Docker image is expected to follow these conventions: 6 | 7 | - An image is represented by a directory. I can be anywhere in the repository 8 | - For a given image, the corresponding directory must provides 3 shell scripts (to allow freedom of the implementation): 9 | - `build.sh` which builds the image, with a temporary name 10 | - `test.sh`, which test the freshly built (and temporary) image 11 | - `deploy.sh`, which deploy the image where it's expected to be deployed 12 | - The shell scripts expect the following environment variables to be defined (and exported). The CI (Jenkins) takes care of this for you, but it is required to be done manually 13 | when building imags locally: 14 | - `DOCKER_IMAGE_NAME`: the temporary name of the image to be built and tested 15 | - `DOCKER_BUILD_CONTAINER_NAME`: the temporary name of any "build" container used during the build 16 | - `DOCKER_TEST_CONTAINER_NAME`: the temporary name of any "test" container used for testing the temporary image 17 | - For a given image, the CI steps (build, test and deploy) are run inside a custom Docker container, defined in the file `./jenkins/Dockerfile` on each image repository. 18 | This is where you define any dependency used by your scripts (for instance if `test.sh` execute `bats` tests, then `./jenkins/Dockerfile` must install `bats` CLI). 19 | - The script `deploy.sh` is responsible to set the final name of the Docker image, including its tag 20 | -------------------------------------------------------------------------------- /openio-sds/16.10/centos/7/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM centos:7.3.1611 2 | MAINTAINER "Romain Acciari" 3 | 4 | ENV OIOSDS_RELEASE 16.10 5 | ENV REPO_OPENIO http://mirror.openio.io/pub/repo/openio/sds/${OIOSDS_RELEASE}/el/openio-sds-release-${OIOSDS_RELEASE}-1.el.noarch.rpm 6 | ENV PUPPET_PROFILE docker 7 | ENV PUPPETOPTS --color=none 8 | 9 | # Force the mirror definitions to point to the 7.3.1611 subdirectory, as for 10 | # CentOS-Base the default is still to use $releasever (which is just "7") 11 | # and for OpenStack, the default is hardcoded to just "7". 12 | # Then install and configure OpenIO 13 | RUN sed -i -e 's/\$releasever/7.3.1611/g' -e 's/^mirrorlist/#mirrorlist/g' -e 's/^#baseurl=/baseurl=/g' /etc/yum.repos.d/CentOS-Base.repo \ 14 | && yum clean all \ 15 | && yum -y install centos-release-openstack-mitaka \ 16 | && sed -i -e 's|centos/7/cloud|centos/7.3.1611/cloud|g' /etc/yum.repos.d/CentOS-OpenStack-mitaka.repo \ 17 | && yum -y --disableplugin=fastestmirror install ${REPO_OPENIO} \ 18 | && yum -y --disableplugin=fastestmirror update \ 19 | && yum -y --disableplugin=fastestmirror install puppet-openio-sds-profile ${ADDITIONAL_PKGS} \ 20 | && /usr/share/puppet/modules/openiosds/profiles/install.sh ${PUPPET_PROFILE} \ 21 | && rm -rf /var/cache/yum \ 22 | && yum clean all 23 | VOLUME ["/var/lib/oio"] 24 | ADD openio-docker-init.sh / 25 | EXPOSE 6007 26 | CMD ["/openio-docker-init.sh"] 27 | -------------------------------------------------------------------------------- /openio-sds/16.10/centos/7/README.md: -------------------------------------------------------------------------------- 1 | ../../../README.md -------------------------------------------------------------------------------- /openio-sds/16.10/centos/7/openio-docker-init.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | #set -x 3 | 4 | # Default configuration 5 | NS='OPENIO' 6 | NBREPLICAS=1 7 | IGNOREDISTANCE='on' 8 | TIMEOUT=20 9 | 10 | # Initialize OpenIO cluster 11 | function initcluster(){ 12 | echo "# Initializing the OpenIO cluster" 13 | 14 | # Temporarily disabling the swift gateway, to avoid answering when not completely setup 15 | sed -i -e 's/^enabled=.*$/enabled=false/' /etc/gridinit.d/OPENIO-oioswift-0 16 | 17 | echo "> Starting services" 18 | /usr/bin/gridinit -d /etc/gridinit.conf >/dev/null 2>&1 19 | 20 | echo "> Waiting for the services to start ..." 21 | etime_start=$(date +"%s") 22 | etime_end=$(($etime_start + $TIMEOUT)) 23 | nbmeta1=0 24 | while [ $(date +"%s") -le $etime_end -a $nbmeta1 -lt $NBREPLICAS ] 25 | do 26 | sleep 2 27 | # Count registered meta1 28 | nbmeta1=$(/usr/bin/openio --oio-ns=$NS cluster list meta1 -f value -c Id|wc -l) 29 | done 30 | if [ $nbmeta1 -ne $NBREPLICAS ]; then 31 | echo "Error: Install script did not found $NBREPLICAS meta1 services registered. Return: $nbmeta1" 32 | exit 1 33 | fi 34 | etime_start=$(date +"%s") 35 | etime_end=$(($etime_start + $TIMEOUT)) 36 | score=0 37 | while [ $(date +"%s") -le $etime_end -a $score -eq 0 ] 38 | do 39 | /usr/bin/openio --oio-ns=$NS cluster unlockall >/dev/null 2>&1 40 | sleep 5 41 | score=$(/usr/bin/openio --oio-ns=$NS cluster list meta1 -f value -c Score || echo 0) 42 | done 43 | if [ $score -eq 0 ]; then 44 | echo "Error: Unlocking scores failed. Unable to bootstrap namespace. Return: Meta1 score = $score" 45 | exit 1 46 | fi 47 | 48 | # Initialize meta1 with 3 replicas on the same server 49 | echo "> Bootstrapping directory ..." 50 | /usr/bin/openio --oio-ns=$NS directory bootstrap --replicas $NBREPLICAS || \ 51 | (echo "Error: Directory bootstrap failed. Aborting." ; exit 1) 52 | 53 | # Stopping services 54 | echo "> Stopping services ..." 55 | gridinit_pid=$(cat /run/gridinit/gridinit.pid) 56 | kill "$gridinit_pid" >/dev/null 2>&1 57 | /usr/bin/timeout "30s" tail --pid="$gridinit_pid" -f /dev/null || kill -s 9 "$gridinit_pid" 58 | 59 | } 60 | 61 | function unlock(){ 62 | echo "> Unlocking scores ..." 63 | etime_start=$(date +"%s") 64 | etime_end=$(($etime_start + $TIMEOUT)) 65 | nbscore=1 66 | while [ $(date +"%s") -le $etime_end -a $nbscore -gt 0 ] 67 | do 68 | /usr/bin/openio --oio-ns=$NS cluster unlockall >/dev/null 2>&1 69 | sleep 5 70 | nbscore=$(/usr/bin/openio --oio-ns=$NS cluster list -f value -c Score|grep -c -e '^0$') 71 | done 72 | if [ $nbscore -gt 0 ]; then 73 | echo "Error: Unlocking scores failed." 74 | exit 1 75 | fi 76 | } 77 | 78 | function gridinit_start(){ 79 | echo "> Starting services ..." 80 | pkill -0 -F /run/gridinit/gridinit.pid >/dev/null 2>&1 || \ 81 | exec /usr/bin/gridinit /etc/gridinit.conf 82 | } 83 | 84 | function set_unlock(){ 85 | sed -i -e "/^\[type:/a lock_at_first_register=false" /etc/oio/sds/*/conscience-*/conscience-*-services.conf 86 | } 87 | 88 | function update_swift_credentials(){ 89 | if [ ! -z "$SWIFT_CREDENTIALS" ]; then 90 | # Remove default credentials 91 | sed -i -e '/user_demo_demo=DEMO_PASS .admin/d' \ 92 | /etc/oio/sds/OPENIO/oioswift-0/proxy-server.conf 93 | # Add credentials to the Swift proxy configuration 94 | IFS=',' read -r -a swiftcreds <<< "$SWIFT_CREDENTIALS" 95 | for creds in "${swiftcreds[@]}" 96 | do 97 | echo "Adding Openstack Swift credentials $creds" 98 | IFS=':' read -r -a cred <<< "$creds" 99 | sed -i -e "s@^use = egg:swift\#tempauth\$@use = egg:swift\#tempauth\nuser_${cred[0]}_${cred[1]}=${cred[2]} ${cred[3]}@" \ 100 | /etc/oio/sds/OPENIO/oioswift-0/proxy-server.conf 101 | done 102 | fi 103 | } 104 | 105 | 106 | ### Main 107 | 108 | # Clean 109 | /usr/bin/rm -f /run/oio/sds/* 110 | mkdir -p /run/oio/sds 111 | chown openio.openio /run/oio /run/oio/sds 112 | chmod 750 /run/oio /run/oio/sds 113 | 114 | # Firstboot script to setup OpenIO configuration 115 | if [ ! -f /etc/oio/sds/firstboot ]; then 116 | echo "# Firstboot: Setting up the OpenIO cluster" 117 | if [ ! -z "${OPENIO_IPADDR}" ]; then 118 | IPADDR=${OPENIO_IPADDR} 119 | elif [ ! -z "${OPENIO_IFDEV}" ]; then 120 | IPADDR=$(/usr/bin/facter "ipaddress_${OPENIO_IFDEV}") 121 | if [ -z "$IPADDR" ]; then 122 | echo "Error: Failed to get IP for device ${OPENIO_IFDEV}" 123 | fi 124 | fi 125 | if [ ! -z "$IPADDR" ]; then 126 | echo "> Using ${IPADDR} IP address for services" 127 | /usr/bin/find /etc/oio /etc/gridinit.d -type f -print0 | xargs --no-run-if-empty -0 sed -i "s/127.0.0.1/${IPADDR}/g" 128 | fi 129 | 130 | # Update Swift credentials 131 | update_swift_credentials 132 | 133 | # Deploy OpenIO 134 | initcluster 135 | 136 | # Unlock services 137 | set_unlock 138 | 139 | # Firstboot is done 140 | touch /etc/oio/sds/firstboot 141 | fi 142 | 143 | # Re-enabling the swift gateway, now that it's ready 144 | sed -i -e 's/^enabled=.*$/enabled=true/' /etc/gridinit.d/OPENIO-oioswift-0 145 | 146 | # Start gridinit 147 | gridinit_start 148 | -------------------------------------------------------------------------------- /openio-sds/17.04/centos/7/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM centos:7 2 | MAINTAINER "Romain Acciari" 3 | 4 | ENV OIOSDS_RELEASE 17.04 5 | ENV REPO_OPENIO http://mirror.openio.io/pub/repo/openio/sds/${OIOSDS_RELEASE}/el/openio-sds-release-${OIOSDS_RELEASE}-1.el.noarch.rpm 6 | ENV PUPPET_PROFILE docker 7 | ENV PUPPETOPTS --color=none 8 | 9 | # Install and configure OpenIO 10 | RUN yum clean all \ 11 | && yum -y --disableplugin=fastestmirror install ${REPO_OPENIO} \ 12 | && yum -y --disableplugin=fastestmirror update \ 13 | && yum -y --disableplugin=fastestmirror install puppet-openio-sds-profile ${ADDITIONAL_PKGS} \ 14 | && /usr/share/puppet/modules/openiosds/profiles/install.sh ${PUPPET_PROFILE} \ 15 | && rm -rf /var/cache/yum \ 16 | && yum clean all 17 | VOLUME ["/var/lib/oio/sds/OPENIO"] 18 | ADD openio-docker-init.sh / 19 | EXPOSE 6007 20 | ADD swift.pp /root/swift.pp 21 | CMD ["/openio-docker-init.sh"] 22 | -------------------------------------------------------------------------------- /openio-sds/17.04/centos/7/README.md: -------------------------------------------------------------------------------- 1 | ../../../README.md -------------------------------------------------------------------------------- /openio-sds/17.04/centos/7/openio-docker-init.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | # Default configuration 4 | NS='OPENIO' 5 | NBREPLICAS=1 6 | IGNOREDISTANCE='on' 7 | TIMEOUT=20 8 | 9 | # Initialize OpenIO cluster 10 | function initcluster(){ 11 | echo "# Initializing the OpenIO cluster" 12 | 13 | # Temporarily disabling the swift gateway, to avoid answering when not completely setup 14 | sed -i -e 's/^enabled=.*$/enabled=false/' /etc/gridinit.d/OPENIO-oioswift-0 15 | 16 | echo "> Starting services" 17 | /usr/bin/gridinit -d /etc/gridinit.conf >/dev/null 2>&1 18 | 19 | echo "> Waiting for the services to start ..." 20 | etime_start=$(date +"%s") 21 | etime_end=$(($etime_start + $TIMEOUT)) 22 | nbmeta1=0 23 | while [ $(date +"%s") -le $etime_end -a $nbmeta1 -lt $NBREPLICAS ] 24 | do 25 | sleep 2 26 | # Count registered meta1 27 | nbmeta1=$(/usr/bin/openio --oio-ns=$NS cluster list meta1 -f value -c Id|wc -l) 28 | done 29 | if [ $nbmeta1 -ne $NBREPLICAS ]; then 30 | echo "Error: Install script did not found $NBREPLICAS meta1 services registered. Return: $nbmeta1" 31 | exit 1 32 | fi 33 | etime_start=$(date +"%s") 34 | etime_end=$(($etime_start + $TIMEOUT)) 35 | score=0 36 | while [ $(date +"%s") -le $etime_end -a $score -eq 0 ] 37 | do 38 | /usr/bin/openio --oio-ns=$NS cluster unlockall >/dev/null 2>&1 39 | sleep 5 40 | score=$(/usr/bin/openio --oio-ns=$NS cluster list meta1 -f value -c Score || echo 0) 41 | done 42 | if [ $score -eq 0 ]; then 43 | echo "Error: Unlocking scores failed. Unable to bootstrap namespace. Return: Meta1 score = $score" 44 | exit 1 45 | fi 46 | 47 | # Initialize meta1 with 3 replicas on the same server 48 | echo "> Bootstrapping directory ..." 49 | /usr/bin/openio --oio-ns=$NS directory bootstrap --replicas $NBREPLICAS || \ 50 | (echo "Error: Directory bootstrap failed. Aborting." ; exit 1) 51 | 52 | # Stopping services 53 | echo "> Stopping services ..." 54 | gridinit_pid=$(cat /run/gridinit/gridinit.pid) 55 | kill "$gridinit_pid" >/dev/null 2>&1 56 | /usr/bin/timeout "30s" tail --pid="$gridinit_pid" -f /dev/null || kill -s 9 "$gridinit_pid" 57 | 58 | } 59 | 60 | function unlock(){ 61 | echo "> Unlocking scores ..." 62 | etime_start=$(date +"%s") 63 | etime_end=$(($etime_start + $TIMEOUT)) 64 | nbscore=1 65 | while [ $(date +"%s") -le $etime_end -a $nbscore -gt 0 ] 66 | do 67 | /usr/bin/openio --oio-ns=$NS cluster unlockall >/dev/null 2>&1 68 | sleep 5 69 | nbscore=$(/usr/bin/openio --oio-ns=$NS cluster list -f value -c Score|grep -c -e '^0$') 70 | done 71 | if [ $nbscore -gt 0 ]; then 72 | echo "Error: Unlocking scores failed." 73 | exit 1 74 | fi 75 | } 76 | 77 | function gridinit_start(){ 78 | echo "> Starting services ..." 79 | pkill -0 -F /run/gridinit/gridinit.pid >/dev/null 2>&1 || \ 80 | exec /usr/bin/gridinit /etc/gridinit.conf 81 | } 82 | 83 | function set_unlock(){ 84 | sed -i -e "/^\[type:/a lock_at_first_register=false" /etc/oio/sds/*/conscience-*/conscience-*-services.conf 85 | } 86 | 87 | function update_swift_credentials(){ 88 | if [ ! -z "$SWIFT_CREDENTIALS" ]; then 89 | # Remove default credentials 90 | sed -i -e '/user_demo_demo=DEMO_PASS .admin/d' \ 91 | /etc/oio/sds/OPENIO/oioswift-0/proxy-server.conf 92 | # Add credentials to the Swift proxy configuration 93 | IFS=',' read -r -a swiftcreds <<< "$SWIFT_CREDENTIALS" 94 | for creds in "${swiftcreds[@]}" 95 | do 96 | echo "Adding Openstack Swift credentials $creds" 97 | IFS=':' read -r -a cred <<< "$creds" 98 | sed -i -e "s@^use = egg:swift\#tempauth\$@use = egg:swift\#tempauth\nuser_${cred[0]}_${cred[1]}=${cred[2]} ${cred[3]}@" \ 99 | /etc/oio/sds/OPENIO/oioswift-0/proxy-server.conf 100 | done 101 | fi 102 | } 103 | 104 | function prepare(){ 105 | /usr/bin/rm -f /run/oio/sds/* 106 | mkdir -p /run/oio/sds 107 | chown openio.openio /run/oio /run/oio/sds 108 | chmod 750 /run/oio /run/oio/sds 109 | mkdir -p /var/lib/oio/sds/OPENIO/{beanstalkd-0,coredump,ecd-0,meta0-0,meta1-0,meta2-0,rawx-0,rdir-0,redis-0} 110 | chown openio.openio /var/lib/oio/sds/OPENIO /var/lib/oio/sds/OPENIO/{beanstalkd-0,coredump,ecd-0,meta0-0,meta1-0,meta2-0,rawx-0,rdir-0,redis-0} 111 | } 112 | 113 | function keystone_config(){ 114 | if [ ! -z "$KEYSTONE_ENABLED" ]; then 115 | echo "Setting up Openstack Keystone authentication" 116 | : "${KEYSTONE_URI:=${IPADDR}:5000}" 117 | : "${KEYSTONE_URL:=${IPADDR}:35357}" 118 | : "${SWIFT_USERNAME:=swift}" 119 | : "${SWIFT_PASSWORD:=SWIFT_PASS}" 120 | sed -i -e "s@%KEYSTONE_URI%@$KEYSTONE_URI@" \ 121 | -e "s@%KEYSTONE_URL%@$KEYSTONE_URL@" \ 122 | -e "s@%SWIFT_USERNAME%@$SWIFT_USERNAME@" \ 123 | -e "s@%SWIFT_PASSWORD%@$SWIFT_PASSWORD@" \ 124 | /root/swift.pp 125 | puppet apply --no-stringify_facts /root/swift.pp 126 | fi 127 | } 128 | 129 | function enable_log(){ 130 | if [ ! -z "$LOG_ENABLED" ]; then 131 | echo 'Enabling local logs' 132 | echo '$AddUnixListenSocket /dev/log' >>/etc/rsyslog.conf 133 | /usr/sbin/rsyslogd 134 | fi 135 | } 136 | 137 | function set_region(){ 138 | : "${REGION:=RegionOne}" 139 | sed -i -e "s@%REGION%@$REGION@" \ 140 | /root/swift.pp 141 | } 142 | 143 | ### Main 144 | 145 | prepare 146 | enable_log 147 | 148 | # Firstboot script to setup OpenIO configuration 149 | if [ ! -f /etc/oio/sds/firstboot ]; then 150 | echo "# Firstboot: Setting up the OpenIO cluster" 151 | if [ ! -z "${OPENIO_IPADDR}" ]; then 152 | IPADDR=${OPENIO_IPADDR} 153 | elif [ ! -z "${OPENIO_IFDEV}" ]; then 154 | IPADDR=$(/usr/bin/facter "ipaddress_${OPENIO_IFDEV}") 155 | if [ -z "$IPADDR" ]; then 156 | echo "Error: Failed to get IP for device ${OPENIO_IFDEV}" 157 | fi 158 | fi 159 | 160 | # Update Swift credentials 161 | update_swift_credentials 162 | set_region 163 | keystone_config 164 | 165 | # Update listenning address 166 | if [ ! -z "$IPADDR" ]; then 167 | echo "> Using ${IPADDR} IP address for services" 168 | /usr/bin/find /etc/oio /etc/gridinit.d -type f -print0 | xargs --no-run-if-empty -0 sed -i "s/127.0.0.1/${IPADDR}/g" 169 | fi 170 | 171 | # Deploy OpenIO 172 | initcluster 173 | 174 | # Unlock services 175 | set_unlock 176 | 177 | # Firstboot is done 178 | touch /etc/oio/sds/firstboot 179 | fi 180 | 181 | # Re-enabling the swift gateway, now that it's ready 182 | sed -i -e 's/^enabled=.*$/enabled=true/' /etc/gridinit.d/OPENIO-oioswift-0 183 | 184 | # Start gridinit 185 | gridinit_start 186 | -------------------------------------------------------------------------------- /openio-sds/17.04/centos/7/swift.pp: -------------------------------------------------------------------------------- 1 | # Default ipaddress to use 2 | $ipaddr = '127.0.0.1' 3 | 4 | # Deploy a single node 5 | class {'gridinit': 6 | no_exec => true, 7 | } 8 | class{'openiosds':} 9 | openiosds::namespace {'OPENIO': 10 | ns => 'OPENIO', 11 | conscience_url => "${ipaddr}:6000", 12 | oioproxy_url => "${ipaddr}:6006", 13 | eventagent_url => "beanstalk://${ipaddr}:6014", 14 | ecd_url => "${ipaddr}:6017", 15 | meta1_digits => 0, 16 | ns_storage_policy => 'SINGLE', 17 | ns_chunk_size => '10485760', 18 | ns_service_update_policy => { 19 | 'meta2' => 'KEEP|1|1|', 20 | 'sqlx' => 'KEEP|1|1|', 21 | 'rdir' => 'KEEP|1|1|user_is_a_service=rawx'}, 22 | } 23 | openiosds::oioswift {'oioswift-0': 24 | ns => 'OPENIO', 25 | ipaddress => '0.0.0.0', 26 | sds_proxy_url => "http://${ipaddr}:6006", 27 | auth_system => 'keystone', 28 | username => "%SWIFT_USERNAME%", 29 | password => "%SWIFT_PASSWORD%", 30 | auth_uri => "http://%KEYSTONE_URI%", 31 | auth_url => "http://%KEYSTONE_URL%", 32 | memcache_servers => "${ipaddr}:6019", 33 | region_name => "%REGION%", 34 | middleware_swift3 => {'location' => '%REGION%'}, 35 | no_exec => true, 36 | } 37 | -------------------------------------------------------------------------------- /openio-sds/17.04/ubuntu/xenial/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM ubuntu:xenial 2 | MAINTAINER "Romain Acciari" 3 | 4 | ENV OIOSDS_RELEASE 17.04 5 | ENV OPENSTACK_RELEASE ocata 6 | ENV REPO_OPENIO http://mirror.openio.io/pub/repo/openio/sds/${OIOSDS_RELEASE}/ubuntu 7 | ENV PUPPET_PROFILE docker 8 | ENV PUPPETOPTS --color=none 9 | 10 | # Shut up "debconf: unable to initialize frontend: Readline" 11 | ENV DEBIAN_FRONTEND noninteractive 12 | 13 | RUN apt-get update \ 14 | && apt-get install -y curl wget software-properties-common 15 | 16 | # Openstack release 17 | RUN add-apt-repository -y cloud-archive:${OPENSTACK_RELEASE} 18 | 19 | # Install and configure OpenIO 20 | RUN curl "http://mirror.openio.io/pub/repo/openio/APT-GPG-KEY-OPENIO-0" | apt-key add - \ 21 | && echo "deb ${REPO_OPENIO} xenial/" > /etc/apt/sources.list.d/openio-sds.list 22 | RUN apt-get update \ 23 | && apt-get install -y puppet-module-openio-openiosds 24 | 25 | # Get the "docker" puppet profile for openio-sds 26 | RUN mkdir -p /usr/share/puppet/modules/openiosds \ 27 | && wget https://github.com/open-io/puppet-openiosds-profile/archive/master.tar.gz \ 28 | && tar -C /usr/share/puppet/modules/openiosds -xf /master.tar.gz \ 29 | && mv /usr/share/puppet/modules/openiosds/puppet-openiosds-profile-master /usr/share/puppet/modules/openiosds/profiles \ 30 | && rm /master.tar.gz 31 | 32 | # Fix missing /run/gridinit 33 | # Some utilities are not located at the same place as other distros 34 | RUN mkdir -p /run/gridinit \ 35 | && ln -s /bin/sed /usr/bin/sed \ 36 | && ln -s /usr/bin/basename /bin/basename \ 37 | && ln -s /bin/rm /usr/bin/rm 38 | 39 | # Install OpenIO SDS 40 | RUN /usr/share/puppet/modules/openiosds/profiles/install.sh ${PUPPET_PROFILE} \ 41 | && apt-get clean 42 | 43 | VOLUME ["/var/lib/oio/sds/OPENIO"] 44 | ADD openio-docker-init.sh / 45 | EXPOSE 6007 46 | ADD swift.pp /root/swift.pp 47 | CMD ["/openio-docker-init.sh"] 48 | -------------------------------------------------------------------------------- /openio-sds/17.04/ubuntu/xenial/README.md: -------------------------------------------------------------------------------- 1 | ../../../README.md -------------------------------------------------------------------------------- /openio-sds/17.04/ubuntu/xenial/openio-docker-init.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # Default configuration 4 | NS='OPENIO' 5 | NBREPLICAS=1 6 | IGNOREDISTANCE='on' 7 | TIMEOUT=20 8 | 9 | # Initialize OpenIO cluster 10 | function initcluster(){ 11 | echo "# Initializing the OpenIO cluster" 12 | 13 | # Temporarily disabling the swift gateway, to avoid answering when not completely setup 14 | sed -i -e 's/^enabled=.*$/enabled=false/' /etc/gridinit.d/OPENIO-oioswift-0 15 | 16 | echo "> Starting services" 17 | /usr/bin/gridinit -d /etc/gridinit.conf >/dev/null 2>&1 18 | 19 | echo "> Waiting for the services to start ..." 20 | etime_start=$(date +"%s") 21 | etime_end=$(($etime_start + $TIMEOUT)) 22 | nbmeta1=0 23 | while [ $(date +"%s") -le $etime_end -a $nbmeta1 -lt $NBREPLICAS ] 24 | do 25 | sleep 2 26 | # Count registered meta1 27 | nbmeta1=$(/usr/bin/openio --oio-ns=$NS cluster list meta1 -f value -c Id|wc -l) 28 | done 29 | if [ $nbmeta1 -ne $NBREPLICAS ]; then 30 | echo "Error: Install script did not found $NBREPLICAS meta1 services registered. Return: $nbmeta1" 31 | exit 1 32 | fi 33 | etime_start=$(date +"%s") 34 | etime_end=$(($etime_start + $TIMEOUT)) 35 | score=0 36 | while [ $(date +"%s") -le $etime_end -a $score -eq 0 ] 37 | do 38 | /usr/bin/openio --oio-ns=$NS cluster unlockall >/dev/null 2>&1 39 | sleep 5 40 | score=$(/usr/bin/openio --oio-ns=$NS cluster list meta1 -f value -c Score || echo 0) 41 | done 42 | if [ $score -eq 0 ]; then 43 | echo "Error: Unlocking scores failed. Unable to bootstrap namespace. Return: Meta1 score = $score" 44 | exit 1 45 | fi 46 | 47 | # Initialize meta1 with 3 replicas on the same server 48 | echo "> Bootstrapping directory ..." 49 | /usr/bin/openio --oio-ns=$NS directory bootstrap --replicas $NBREPLICAS || \ 50 | (echo "Error: Directory bootstrap failed. Aborting." ; exit 1) 51 | 52 | # Stopping services 53 | echo "> Stopping services ..." 54 | gridinit_pid=$(cat /run/gridinit/gridinit.pid) 55 | kill "$gridinit_pid" >/dev/null 2>&1 56 | /usr/bin/timeout "30s" tail --pid="$gridinit_pid" -f /dev/null || kill -s 9 "$gridinit_pid" 57 | 58 | } 59 | 60 | function unlock(){ 61 | echo "> Unlocking scores ..." 62 | etime_start=$(date +"%s") 63 | etime_end=$(($etime_start + $TIMEOUT)) 64 | nbscore=1 65 | while [ $(date +"%s") -le $etime_end -a $nbscore -gt 0 ] 66 | do 67 | /usr/bin/openio --oio-ns=$NS cluster unlockall >/dev/null 2>&1 68 | sleep 5 69 | nbscore=$(/usr/bin/openio --oio-ns=$NS cluster list -f value -c Score|grep -c -e '^0$') 70 | done 71 | if [ $nbscore -gt 0 ]; then 72 | echo "Error: Unlocking scores failed." 73 | exit 1 74 | fi 75 | } 76 | 77 | function gridinit_start(){ 78 | echo "> Starting services ..." 79 | pkill -0 -F /run/gridinit/gridinit.pid >/dev/null 2>&1 || \ 80 | exec /usr/bin/gridinit /etc/gridinit.conf 81 | } 82 | 83 | function set_unlock(){ 84 | sed -i -e "/^\[type:/a lock_at_first_register=false" /etc/oio/sds/*/conscience-*/conscience-*-services.conf 85 | } 86 | 87 | function update_swift_credentials(){ 88 | if [ ! -z "$SWIFT_CREDENTIALS" ]; then 89 | # Remove default credentials 90 | sed -i -e '/user_demo_demo=DEMO_PASS .admin/d' \ 91 | /etc/oio/sds/OPENIO/oioswift-0/proxy-server.conf 92 | # Add credentials to the Swift proxy configuration 93 | IFS=',' read -r -a swiftcreds <<< "$SWIFT_CREDENTIALS" 94 | for creds in "${swiftcreds[@]}" 95 | do 96 | echo "Adding Openstack Swift credentials $creds" 97 | IFS=':' read -r -a cred <<< "$creds" 98 | sed -i -e "s@^use = egg:swift\#tempauth\$@use = egg:swift\#tempauth\nuser_${cred[0]}_${cred[1]}=${cred[2]} ${cred[3]}@" \ 99 | /etc/oio/sds/OPENIO/oioswift-0/proxy-server.conf 100 | done 101 | fi 102 | } 103 | 104 | function prepare(){ 105 | /usr/bin/rm -f /run/oio/sds/* 106 | mkdir -p /run/oio/sds 107 | chown openio.openio /run/oio /run/oio/sds 108 | chmod 750 /run/oio /run/oio/sds 109 | mkdir -p /var/lib/oio/sds/OPENIO/{beanstalkd-0,coredump,ecd-0,meta0-0,meta1-0,meta2-0,rawx-0,rdir-0,redis-0} 110 | chown openio.openio /var/lib/oio/sds/OPENIO /var/lib/oio/sds/OPENIO/{beanstalkd-0,coredump,ecd-0,meta0-0,meta1-0,meta2-0,rawx-0,rdir-0,redis-0} 111 | } 112 | 113 | function keystone_config(){ 114 | if [ ! -z "$KEYSTONE_ENABLED" ]; then 115 | echo "Setting up Openstack Keystone authentication" 116 | : "${KEYSTONE_URI:=${IPADDR}:5000}" 117 | : "${KEYSTONE_URL:=${IPADDR}:35357}" 118 | : "${SWIFT_USERNAME:=swift}" 119 | : "${SWIFT_PASSWORD:=SWIFT_PASS}" 120 | sed -i -e "s@%KEYSTONE_URI%@$KEYSTONE_URI@" \ 121 | -e "s@%KEYSTONE_URL%@$KEYSTONE_URL@" \ 122 | -e "s@%SWIFT_USERNAME%@$SWIFT_USERNAME@" \ 123 | -e "s@%SWIFT_PASSWORD%@$SWIFT_PASSWORD@" \ 124 | /root/swift.pp 125 | puppet apply --no-stringify_facts /root/swift.pp 126 | fi 127 | } 128 | 129 | function enable_log(){ 130 | if [ ! -z "$LOG_ENABLED" ]; then 131 | echo 'Enabling local logs' 132 | echo '$AddUnixListenSocket /dev/log' >>/etc/rsyslog.conf 133 | /usr/sbin/rsyslogd 134 | fi 135 | } 136 | 137 | function set_region(){ 138 | : "${REGION:=RegionOne}" 139 | sed -i -e "s@%REGION%@$REGION@" \ 140 | /root/swift.pp 141 | } 142 | 143 | ### Main 144 | 145 | prepare 146 | enable_log 147 | 148 | # Firstboot script to setup OpenIO configuration 149 | if [ ! -f /etc/oio/sds/firstboot ]; then 150 | echo "# Firstboot: Setting up the OpenIO cluster" 151 | if [ ! -z "${OPENIO_IPADDR}" ]; then 152 | IPADDR=${OPENIO_IPADDR} 153 | elif [ ! -z "${OPENIO_IFDEV}" ]; then 154 | IPADDR=$(/usr/bin/facter "ipaddress_${OPENIO_IFDEV}") 155 | if [ -z "$IPADDR" ]; then 156 | echo "Error: Failed to get IP for device ${OPENIO_IFDEV}" 157 | fi 158 | fi 159 | 160 | # Update Swift credentials 161 | update_swift_credentials 162 | set_region 163 | keystone_config 164 | 165 | # Update listenning address 166 | if [ ! -z "$IPADDR" ]; then 167 | echo "> Using ${IPADDR} IP address for services" 168 | /usr/bin/find /etc/oio /etc/gridinit.d -type f -print0 | xargs --no-run-if-empty -0 sed -i "s/127.0.0.1/${IPADDR}/g" 169 | fi 170 | 171 | # Deploy OpenIO 172 | initcluster 173 | 174 | # Unlock services 175 | set_unlock 176 | 177 | # Firstboot is done 178 | touch /etc/oio/sds/firstboot 179 | fi 180 | 181 | # Re-enabling the swift gateway, now that it's ready 182 | sed -i -e 's/^enabled=.*$/enabled=true/' /etc/gridinit.d/OPENIO-oioswift-0 183 | 184 | # Start gridinit 185 | gridinit_start 186 | -------------------------------------------------------------------------------- /openio-sds/17.04/ubuntu/xenial/swift.pp: -------------------------------------------------------------------------------- 1 | # Default ipaddress to use 2 | $ipaddr = '127.0.0.1' 3 | 4 | # Deploy a single node 5 | class {'gridinit': 6 | no_exec => true, 7 | } 8 | class{'openiosds':} 9 | openiosds::namespace {'OPENIO': 10 | ns => 'OPENIO', 11 | conscience_url => "${ipaddr}:6000", 12 | oioproxy_url => "${ipaddr}:6006", 13 | eventagent_url => "beanstalk://${ipaddr}:6014", 14 | ecd_url => "${ipaddr}:6017", 15 | meta1_digits => 0, 16 | ns_storage_policy => 'SINGLE', 17 | ns_chunk_size => '10485760', 18 | ns_service_update_policy => { 19 | 'meta2' => 'KEEP|1|1|', 20 | 'sqlx' => 'KEEP|1|1|', 21 | 'rdir' => 'KEEP|1|1|user_is_a_service=rawx'}, 22 | } 23 | openiosds::oioswift {'oioswift-0': 24 | ns => 'OPENIO', 25 | ipaddress => '0.0.0.0', 26 | sds_proxy_url => "http://${ipaddr}:6006", 27 | auth_system => 'keystone', 28 | username => "%SWIFT_USERNAME%", 29 | password => "%SWIFT_PASSWORD%", 30 | auth_uri => "http://%KEYSTONE_URI%", 31 | auth_url => "http://%KEYSTONE_URL%", 32 | memcache_servers => "${ipaddr}:6019", 33 | region_name => "%REGION%", 34 | middleware_swift3 => {'location' => '%REGION%'}, 35 | no_exec => true, 36 | } 37 | -------------------------------------------------------------------------------- /openio-sds/18.04/README.md: -------------------------------------------------------------------------------- 1 | # openio/sds 2 | 3 | 4 | Build Docker image based on [ansible playbook](https://github.com/open-io/ansible-playbook-openio-deployment) 5 | 6 | 7 | ## How to get this image from the hub 8 | 9 | To get the latest one built on the [docker hub](https://hub.docker.com/r/openio/sds) 10 | 11 | ```shell 12 | docker pull openio/sds 13 | ``` 14 | 15 | or 16 | 17 | ```shell 18 | docker pull openio/sds:18.04 19 | ``` 20 | 21 | ## How to (re-)build this image 22 | 23 | First get the source: 24 | 25 | ```shell 26 | git clone https://github.com/open-io/dockerfiles.git 27 | cd dockerfiles/openio-sds/18.04/centos/7 28 | ./build.sh 29 | docker push openio/sds:18.04 30 | ``` 31 | -------------------------------------------------------------------------------- /openio-sds/18.04/build.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | set -eux -o pipefail 4 | 5 | test -n "${DOCKER_BUILD_CONTAINER_NAME}" || ( echo "Error: variable DOCKER_BUILD_CONTAINER_NAME not set. Exiting." && exit 1 ) 6 | test -n "${DOCKER_IMAGE_NAME}" || ( echo "Error: variable DOCKER_IMAGE_NAME not set. Exiting." && exit 1 ) 7 | 8 | OIOSDS_RELEASE=18.04 9 | export OIOSDS_RELEASE 10 | CURRENT_DIR="$(cd "$(dirname "$0")" && pwd -P)" 11 | pushd "${CURRENT_DIR}" 12 | 13 | docker run --detach --name="${DOCKER_BUILD_CONTAINER_NAME}" --privileged --volume=/sys/fs/cgroup:/sys/fs/cgroup:ro --hostname openiosds centos/systemd:latest /usr/sbin/init 14 | 15 | # 18.04 has been created from 18.10 skeleton ! 16 | git clone -b 18.10 https://github.com/open-io/ansible-playbook-openio-deployment.git 17 | cp inventory.ini ansible-playbook-openio-deployment/products/sds 18 | pushd ansible-playbook-openio-deployment/products/sds 19 | 20 | #custom inventory 21 | sed -i -e "s@ansible_host=ID@ansible_host=${DOCKER_BUILD_CONTAINER_NAME}@" inventory.ini 22 | 23 | # Download roles 24 | ./requirements_install.sh 25 | 26 | # Deploy without bootstrap 27 | ansible-playbook -i inventory.ini --skip-tags checks main.yml -e "@../../../standalone.yml" -e strategy=mitogen_free 28 | 29 | # Fix redis: remove cluster mode 30 | ansible openio -i inventory.ini -m shell -a 'sed -i -e "/slaveof/d" /etc/oio/sds/OPENIO/redis-0/redis.conf; rm /etc/gridinit.d/OPENIO-redissentinel-0.conf' 31 | # Wipe install logs 32 | ansible openio -i inventory.ini -m shell -a "find /var/log/oio -type f | xargs -n1 cp /dev/null" 33 | 34 | popd 35 | # Logs to stdout 36 | ansible node1 -i ansible-playbook-openio-deployment/products/sds/inventory.ini -m copy -a 'src=rsyslog.conf dest=/etc/rsyslog.d/openio-sds.conf mode=0644' 37 | 38 | # Copy entrypoint 39 | ansible node1 -i ansible-playbook-openio-deployment/products/sds/inventory.ini -m copy -a 'src=openio-docker-init.sh dest=/openio-docker-init.sh mode=0755' 40 | 41 | docker commit --change='CMD ["/openio-docker-init.sh"]' --change "EXPOSE 6000 6001 6006 6007 6009 6011 6014 6017 6110 6120 6200 6300" "${DOCKER_BUILD_CONTAINER_NAME}" "${DOCKER_IMAGE_NAME}" 42 | docker stop "${DOCKER_BUILD_CONTAINER_NAME}" 43 | docker rm -f -v "${DOCKER_BUILD_CONTAINER_NAME}" 44 | -------------------------------------------------------------------------------- /openio-sds/18.04/inventory.ini: -------------------------------------------------------------------------------- 1 | [all] 2 | node1 ansible_connection=docker ansible_host=ID 3 | 4 | [all:vars] 5 | ansible_user=root 6 | 7 | # what is not used for storage 8 | [fronts] 9 | 10 | # what is used for storage 11 | [backs] 12 | node1 13 | 14 | [openio:children] 15 | fronts 16 | backs 17 | 18 | [conscience] 19 | node1 20 | 21 | [namespace:children] 22 | openio 23 | 24 | [oioproxy:children] 25 | openio 26 | 27 | [conscience_agent:children] 28 | backs 29 | 30 | [oio-blob-indexer:children] 31 | backs 32 | 33 | [meta:children] 34 | meta0 35 | meta1 36 | meta2 37 | 38 | [meta0] 39 | node1 40 | 41 | [meta1] 42 | node1 43 | 44 | [meta2] 45 | node1 46 | 47 | [zookeeper] 48 | #node1 49 | 50 | [redis] 51 | node1 52 | 53 | [oioswift:children] 54 | backs 55 | 56 | [ecd:children] 57 | #backs 58 | 59 | [oio-event-agent:children] 60 | backs 61 | 62 | [account:children] 63 | backs 64 | 65 | [rawx:children] 66 | backs 67 | -------------------------------------------------------------------------------- /openio-sds/18.04/jenkins/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM alpine:3.11 2 | 3 | RUN apk add --no-cache \ 4 | bats \ 5 | bash \ 6 | curl \ 7 | docker-cli \ 8 | git \ 9 | python2 \ 10 | py2-pip \ 11 | && apk --no-cache add --virtual \ 12 | .build-deps \ 13 | python2-dev \ 14 | libffi-dev \ 15 | openssl-dev \ 16 | build-base \ 17 | && pip install 'ansible<2.8' netaddr 18 | 19 | ARG MITOGEN_VERSION=0.2.9 20 | RUN curl -sSL "https://networkgenomics.com/try/mitogen-${MITOGEN_VERSION}.tar.gz" -o "/tmp/mitogen-${MITOGEN_VERSION}.tar.gz" \ 21 | && tar -xzf "/tmp/mitogen-${MITOGEN_VERSION}.tar.gz" -C /tmp \ 22 | && mkdir -p /ansible/plugins \ 23 | && cp -r "/tmp/mitogen-${MITOGEN_VERSION}.tar.gz" /ansible/plugins/ \ 24 | && rm -rf /tmp/mitogen* 25 | 26 | COPY ./ansible.cfg /root/.ansible.cfg 27 | -------------------------------------------------------------------------------- /openio-sds/18.04/jenkins/ansible.cfg: -------------------------------------------------------------------------------- 1 | # config file for ansible -- https://ansible.com/ 2 | # =============================================== 3 | 4 | # nearly all parameters can be overridden in ansible-playbook 5 | # or with command line flags. ansible will read ANSIBLE_CONFIG, 6 | # ansible.cfg in the current working directory, .ansible.cfg in 7 | # the home directory or /etc/ansible/ansible.cfg, whichever it 8 | # finds first 9 | 10 | [defaults] 11 | 12 | remote_tmp = /tmp 13 | local_tmp = /tmp 14 | 15 | strategy_plugins = /ansible/plugins/mitogen-0.2.9/ansible_mitogen/plugins/strategy 16 | 17 | host_key_checking = False 18 | 19 | [paramiko_connection] 20 | record_host_keys=False 21 | -------------------------------------------------------------------------------- /openio-sds/18.04/openio-docker-init.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | # Default configuration 4 | NS='OPENIO' 5 | NBREPLICAS=1 6 | TIMEOUT=20 7 | 8 | function prepare(){ 9 | mkdir /run/gridinit 10 | install -d -o openio -g openio -m 750 /run/rawx/OPENIO/rawx-0 11 | } 12 | 13 | function update_swift_credentials(){ 14 | if [ ! -z "${SWIFT_CREDENTIALS}" ]; then 15 | # Remove default credentials 16 | sed -i -e '/user_demo_demo = DEMO_PASS .member/d' \ 17 | /etc/oio/sds/OPENIO/oioswift-0/proxy-server.conf 18 | # Add credentials to the Swift proxy configuration 19 | IFS=',' read -r -a swiftcreds <<< "${SWIFT_CREDENTIALS}" 20 | for creds in "${swiftcreds[@]}" 21 | do 22 | echo "> Adding Openstack Swift credentials $creds" 23 | IFS=':' read -r -a cred <<< "$creds" 24 | sed -i -e "s@^use = egg:oioswift#tempauth\$@use = egg:oioswift#tempauth\nuser_${cred[0]}_${cred[1]} = ${cred[2]} ${cred[3]}@" \ 25 | /etc/oio/sds/OPENIO/oioswift-0/proxy-server.conf 26 | if [ "${creds}" == "${swiftcreds[0]}" ]; then 27 | sed -i -e "s@aws_access_key_id = demo:demo@aws_access_key_id = ${cred[0]}:${cred[1]}@" /root/.aws/credentials 28 | sed -i -e "s@aws_secret_access_key = DEMO_PASS@aws_secret_access_key = ${cred[2]}@" /root/.aws/credentials 29 | AKEY="${cred[0]}:${cred[1]}" 30 | SKEY="${cred[2]}" 31 | fi 32 | done 33 | else 34 | AKEY="demo:demo" 35 | SKEY="DEMO_PASS" 36 | fi 37 | } 38 | 39 | function set_region(){ 40 | if [ ! -z "${REGION}" ]; then 41 | echo "> Change S3 region" 42 | sed -i -e "s@location = us-east-1@location = ${REGION}@" /etc/oio/sds/OPENIO/oioswift-0/proxy-server.conf 43 | sed -i -e "s@region = us-east-1@region = ${REGION}@" /root/.aws/config 44 | else 45 | REGION="us-east-1" 46 | fi 47 | } 48 | 49 | # Initialize OpenIO cluster 50 | function initcluster(){ 51 | echo "# Initializing the OpenIO cluster" 52 | 53 | # Temporarily disabling the swift gateway, to avoid answering when not completely setup 54 | sed -i -e 's/^enabled=.*$/enabled=false/' /etc/gridinit.d/OPENIO-oioswift-0.conf 55 | 56 | echo "> Starting services" 57 | /usr/bin/gridinit -d /etc/gridinit.conf >/dev/null 2>&1 58 | 59 | echo "> Waiting for the services to start ..." 60 | etime_start=$(date +"%s") 61 | etime_end=$((${etime_start} + ${TIMEOUT})) 62 | nbmeta1=0 63 | while [ $(date +"%s") -le ${etime_end} -a ${nbmeta1} -lt ${NBREPLICAS} ] 64 | do 65 | sleep 2 66 | # Count registered meta1 67 | nbmeta1=$(/usr/bin/openio --oio-ns=${NS} cluster list meta1 -f value -c Addr|wc -l) 68 | done 69 | if [ ${nbmeta1} -ne ${NBREPLICAS} ]; then 70 | echo "Error: Install script did not found ${NBREPLICAS} meta1 services registered. Return: ${nbmeta1}" 71 | exit 1 72 | fi 73 | etime_start=$(date +"%s") 74 | etime_end=$((${etime_start} + ${TIMEOUT})) 75 | score=0 76 | while [ $(date +"%s") -le ${etime_end} -a ${score} -eq 0 ] 77 | do 78 | /usr/bin/openio --oio-ns=${NS} cluster unlockall >/dev/null 2>&1 79 | sleep 5 80 | score=$(/usr/bin/openio --oio-ns=${NS} cluster list meta1 -f value -c Score || echo 0) 81 | done 82 | if [ ${score} -eq 0 ]; then 83 | echo "Error: Unlocking scores failed. Unable to bootstrap namespace. Return: Meta1 score = ${score}" 84 | exit 1 85 | fi 86 | 87 | # Initialize meta1 with 3 replicas on the same server 88 | echo "> Bootstrapping directory ..." 89 | /usr/bin/openio --oio-ns=${NS} directory bootstrap --replicas ${NBREPLICAS} || \ 90 | (echo "Error: Directory bootstrap failed. Aborting." ; exit 1) 91 | 92 | echo "> Bootstrapping Reverse Directory and volume for namespace ${NS}" 93 | /usr/bin/openio --oio-ns=${NS} volume admin bootstrap || 94 | (echo "Error: Directory bootstrap failed. Aborting." ; exit 1) 95 | 96 | # Stopping services 97 | echo "> Stopping services ..." 98 | gridinit_pid=$(cat /run/gridinit/gridinit.pid) 99 | kill "${gridinit_pid}" >/dev/null 2>&1 100 | /usr/bin/timeout "30s" tail --pid="${gridinit_pid}" -f /dev/null || kill -s 9 "${gridinit_pid}" 101 | 102 | } 103 | 104 | function set_unlock(){ 105 | sed -i -e "/^\[type:/a lock_at_first_register=false" /etc/oio/sds/*/conscience-*/conscience-*-services.conf 106 | } 107 | 108 | function unlock(){ 109 | echo "> Unlocking scores ..." 110 | etime_start=$(date +"%s") 111 | etime_end=$((${etime_start} + ${TIMEOUT})) 112 | nbscore=1 113 | while [ $(date +"%s") -le ${etime_end} -a ${nbscore} -gt 0 ] 114 | do 115 | /usr/bin/openio --oio-ns=${NS} cluster unlockall >/dev/null 2>&1 116 | sleep 5 117 | nbscore=$(/usr/bin/openio --oio-ns=${NS} cluster list -f value -c Score|grep -c -e '^0$') 118 | done 119 | if [ ${nbscore} -gt 0 ]; then 120 | echo "Error: Unlocking scores failed." 121 | exit 1 122 | fi 123 | } 124 | 125 | function gridinit_start(){ 126 | echo "> Starting services ..." 127 | pkill -0 -F /run/gridinit/gridinit.pid >/dev/null 2>&1 || \ 128 | exec /usr/bin/gridinit /etc/gridinit.conf 129 | } 130 | 131 | function keystone_config(){ 132 | if [ ! -z "$KEYSTONE_ENABLED" ]; then 133 | echo "Setting up Openstack Keystone authentication" 134 | : "${KEYSTONE_URI:=${IPADDR}:5000}" 135 | : "${KEYSTONE_URL:=${IPADDR}:35357}" 136 | : "${SWIFT_USERNAME:=swift}" 137 | : "${SWIFT_PASSWORD:=SWIFT_PASS}" 138 | sed -i -e "/filter:tempauth/i [filter:s3token]\ndelay_auth_decision = True\nauth_uri = http://${KEYSTONE_URL}/\nuse = egg:swift3#s3token\n\n[filter:authtoken]\nauth_type = password\nusername = ${SWIFT_USERNAME}\nproject_name = service\nregion_name = ${REGION}\nuser_domain_id = default\nmemcache_secret_key = memcache_secret_key\npaste.filter_factory = keystonemiddleware.auth_token:filter_factory\ninsecure = True\ncache = swift.cache\ndelay_auth_decision = True\ntoken_cache_time = 300\nauth_url =http://${KEYSTONE_URL}\ninclude_service_catalog = False\nwww_authenticate_uri = http://${KEYSTONE_URI}\nmemcached_servers = ${IPADDR}:6019\npassword = ${SWIFT_PASSWORD}\nrevocation_cache_time = 60\nmemcache_security_strategy = ENCRYPT\nproject_domain_id = default\n\n[filter:keystoneauth]\nuse = egg:swift#keystoneauth\noperator_roles = admin,swiftoperator,_member_\n" /etc/oio/sds/OPENIO/oioswift-0/proxy-server.conf 139 | sed -i -e '/filter:tempauth/,+2d' /etc/oio/sds/OPENIO/oioswift-0/proxy-server.conf 140 | sed -i -e 's@^pipeline =.*@pipeline = catch_errors gatekeeper healthcheck proxy-logging cache bulk tempurl proxy-logging authtoken swift3 s3token keystoneauth proxy-logging copy container-quotas account-quotas slo dlo versioned_writes proxy-logging proxy-server@' /etc/oio/sds/OPENIO/oioswift-0/proxy-server.conf 141 | fi 142 | } 143 | 144 | ### Main 145 | 146 | prepare 147 | 148 | # Firstboot script to setup OpenIO configuration 149 | if [ ! -f /etc/oio/sds/firstboot ]; then 150 | echo "# Firstboot: Setting up the OpenIO cluster" 151 | if [ ! -z "${OPENIO_IPADDR}" ]; then 152 | IPADDR=${OPENIO_IPADDR} 153 | elif [ ! -z "${OPENIO_IFDEV}" ]; then 154 | IPADDR=$(ip -4 addr show ${OPENIO_IFDEV} | awk '/inet/ {print $2}' | sed 's#/.*##') 155 | if [ -z "${IPADDR}" ]; then 156 | echo "Error: Failed to get IP for device ${OPENIO_IFDEV}" 157 | fi 158 | else 159 | IPADDR=$(ip -4 addr show | grep -v 127.0.0.1 | awk '/inet/ {print $2}' | sed 's#/.*##') 160 | fi 161 | 162 | # Update Swift credentials 163 | update_swift_credentials 164 | set_region 165 | keystone_config 166 | 167 | # Update listenning address 168 | if [ ! -z "${IPADDR}" ]; then 169 | echo "> Using ${IPADDR} IP address for services" 170 | /usr/bin/find /etc/oio /etc/gridinit.d /root -type f -print0 | xargs --no-run-if-empty -0 sed -i "s/127.0.0.1/${IPADDR}/g" 171 | fi 172 | 173 | # Deploy OpenIO 174 | initcluster 175 | 176 | # Unlock services 177 | set_unlock 178 | 179 | # Firstboot is done 180 | touch /etc/oio/sds/firstboot 181 | fi 182 | 183 | # Re-enabling the swift gateway, now that it's ready 184 | sed -i -e 's/^enabled=.*$/enabled=true/' /etc/gridinit.d/OPENIO-oioswift-0.conf 185 | 186 | # Activate logs 187 | /usr/sbin/rsyslogd 188 | 189 | echo " 190 | .oo. .ooo. OIO Conscience: ${IPADDR}:6000 191 | .ooooo. o ..oo. OIO Proxy: ${IPADDR}:6006 192 | .oooo. .oo. .o. 193 | .oooo. .o+ .o. S3 Endpoint: http://${IPADDR}:6007 194 | iooo. .o..oo S3 Region: ${REGION} 195 | oooo .o, :o S3 SSL: False 196 | oooi .o: .o S3 Signature: s3v4 197 | iooo. .o..oo S3 Access bucket: path-style 198 | .oooo. .oo .o. S3 Access key: ${AKEY} 199 | .oooo. .oo. .o. S3 Secret key: ${SKEY} 200 | .ooooo. o...oo. 201 | .ooo. .ioo.. Visit https://docs.openio.io/latest/source/integrations for more informations. 202 | " 203 | 204 | # start gridinit 205 | gridinit_start 206 | -------------------------------------------------------------------------------- /openio-sds/18.04/rsyslog.conf: -------------------------------------------------------------------------------- 1 | $AddUnixListenSocket /dev/log 2 | template(name="TraditionalFormatWithPRI" type="string" string="%TIMESTAMP:::date-rfc3339% %HOSTNAME% %syslogtag% %syslogpriority-text% %msg:::sp-if-no-1st-sp%%msg:::drop-last-lf%\n") 3 | 4 | if $syslogfacility-text == ['local0','local1'] and $syslogtag startswith 'OIO' then { 5 | action(type="omfile" template="TraditionalFormatWithPRI" file="/proc/self/fd/1" flushOnTXEnd="on") 6 | &stop 7 | } 8 | 9 | -------------------------------------------------------------------------------- /openio-sds/18.04/standalone.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # Use 18.10 playbook for 18.04 3 | openio_sds_release: "18.04" 4 | openio_release_supported: 5 | - '18.04' 6 | openio_openstack_distro: 'pike' 7 | 8 | #Single node 9 | namespace_storage_policy: SINGLE 10 | 11 | # low resources node 12 | openio_account_workers: 1 13 | openio_oioswift_workers: 1 14 | openio_event_agent_workers: 1 15 | openio_zookeeper_parallel_gc_threads: 1 16 | openio_zookeeper_memory: "256M" 17 | openio_minimal_score_for_volume_admin_bootstrap: 5 18 | openio_minimal_score_for_directory_bootstrap: 5 19 | 20 | # Reduce directory size 21 | namespace_meta1_digits: 0 22 | 23 | # bind 127.0.0.1 by default 24 | openio_bind_address: "127.0.0.1" 25 | 26 | # Remove zookeeper url 27 | openio_namespace_zookeeper_url: "" 28 | 29 | # Reduce service policy for a standalone node 30 | openio_namespace_service_update_policy: 31 | - name: meta2 32 | policy: KEEP 33 | replicas: 1 34 | distance: 1 35 | - name: rdir 36 | policy: KEEP 37 | replicas: 1 38 | distance: 1 39 | 40 | openio_rdir_serviceid: 1 41 | 42 | openio_manage_os_requirement: false 43 | 44 | openio_account_redis_standalone: "127.0.0.1:6011" 45 | ... 46 | -------------------------------------------------------------------------------- /openio-sds/18.04/test.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | set -eux -o pipefail 4 | 5 | CURRENT_DIR="$(cd "$(dirname "$0")" && pwd -P)" 6 | 7 | test -n "${DOCKER_TEST_CONTAINER_NAME}" || ( echo "Error: variable DOCKER_TEST_CONTAINER_NAME not set. Exiting." && exit 1 ) 8 | test -n "${DOCKER_IMAGE_NAME}" || ( echo "Error: variable DOCKER_IMAGE_NAME not set. Exiting." && exit 1 ) 9 | 10 | # Launch an openio-sds container to test 11 | docker run -d --name "${DOCKER_TEST_CONTAINER_NAME}" "${DOCKER_IMAGE_NAME}" 12 | 13 | # Build the tester image 14 | TESTER_IMAGE_NAME=openio-sds-tester 15 | docker build -t "${TESTER_IMAGE_NAME}" "${CURRENT_DIR}"/../tester/ 16 | 17 | # Wait a bit before all services are initialized 18 | sleep 30 19 | 20 | # Run tests 21 | docker run --rm -t \ 22 | --network="container:${DOCKER_TEST_CONTAINER_NAME}" \ 23 | -e "SUT_ID=${DOCKER_TEST_CONTAINER_NAME}" \ 24 | -e SUT_IP="$(docker inspect -f '{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' "${DOCKER_TEST_CONTAINER_NAME}")" \ 25 | -v /var/run/docker.sock:/var/run/docker.sock \ 26 | "${TESTER_IMAGE_NAME}" 27 | -------------------------------------------------------------------------------- /openio-sds/18.10/README.md: -------------------------------------------------------------------------------- 1 | # openio/sds 2 | 3 | Build Docker image based on [ansible playbook](https://github.com/open-io/ansible-playbook-openio-deployment) 4 | 5 | ## How to get this image from the hub 6 | 7 | To get the latest built of this version on the [docker hub](https://hub.docker.com/r/openio/sds) 8 | 9 | ```shell 10 | docker pull openio/sds:18.10 11 | ``` 12 | 13 | ## How to (re-)build this image 14 | 15 | First set up the environement: 16 | 17 | ```shell 18 | # Configure build 19 | export SDS_VERSION=18.10 20 | export DOCKER_IMAGE_NAME="openio-sds-${SDS_VERSION}" 21 | export DOCKER_BUILD_CONTAINER_NAME="openio-sds-${SDS_VERSION}-build" 22 | export DOCKER_TEST_CONTAINER_NAME="openio-sds-${SDS_VERSION}-test" 23 | 24 | # Get the source 25 | git clone https://github.com/open-io/dockerfiles.git 26 | cd "./dockerfiles/openio-sds/${SDS_VERSION}/" 27 | 28 | # Generate the builder image, which holds all the required tooling in the correct versions 29 | docker build -t "openio-sds-docker-builder:${SDS_VERSION}" ./jenkins/ 30 | ``` 31 | 32 | Then, execute the build step, using this "builder" image (which uses Docker-on-Docker pattern): 33 | 34 | ```shell 35 | docker run --rm -t -v /var/run/docker.sock:/var/run/docker.sock -u root -v "$(pwd):$(pwd)" -w "$(pwd)" \ 36 | -e DOCKER_BUILD_CONTAINER_NAME -e DOCKER_IMAGE_NAME -e DOCKER_TEST_CONTAINER_NAME "openio-sds-docker-builder:${SDS_VERSION}" \ 37 | bash ./build.sh 38 | ``` 39 | 40 | Now, execute the test harness on this newly built image: 41 | 42 | ```shell 43 | docker run --rm -t -v /var/run/docker.sock:/var/run/docker.sock -u root -v "$(pwd):$(pwd)" -w "$(pwd)" \ 44 | -e DOCKER_BUILD_CONTAINER_NAME -e DOCKER_IMAGE_NAME -e DOCKER_TEST_CONTAINER_NAME "openio-sds-docker-builder:${SDS_VERSION}" \ 45 | bash ./test.sh 46 | ``` 47 | 48 | Finally, if you want to tag and deploy the image, execute the `deploy.sh` script: 49 | 50 | ```shell 51 | export LATEST=true # Only if you want the image to be tagged as latest, along with current tag 52 | test -n "${DOCKER_IMAGE_NAME}" # Required to select the image to tag 53 | bash ./deploy.sh 54 | ``` 55 | -------------------------------------------------------------------------------- /openio-sds/18.10/build.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | set -eux -o pipefail 4 | 5 | test -n "${DOCKER_BUILD_CONTAINER_NAME}" || { 6 | echo "Error: variable DOCKER_BUILD_CONTAINER_NAME not set. Exiting." 7 | exit 1 8 | } 9 | test -n "${DOCKER_IMAGE_NAME}" || { 10 | echo "Error: variable DOCKER_IMAGE_NAME not set. Exiting." 11 | exit 1 12 | } 13 | 14 | OIOSDS_RELEASE=18.10 15 | CURRENT_DIR="$(cd "$(dirname "$0")" && pwd -P)" 16 | pushd "${CURRENT_DIR}" 17 | 18 | docker run --detach --name="${DOCKER_BUILD_CONTAINER_NAME}" --privileged --volume=/sys/fs/cgroup:/sys/fs/cgroup:ro --hostname openiosds centos/systemd:latest /usr/sbin/init 19 | 20 | rm -rf ansible-playbook-openio-deployment 21 | git clone -b "${OIOSDS_RELEASE}" https://github.com/open-io/ansible-playbook-openio-deployment.git 22 | cp inventory.ini ansible-playbook-openio-deployment/products/sds 23 | pushd ansible-playbook-openio-deployment/products/sds 24 | 25 | #custom inventory 26 | sed -i -e "s@ansible_host=ID@ansible_host=${DOCKER_BUILD_CONTAINER_NAME}@" inventory.ini 27 | 28 | # Download roles 29 | ./requirements_install.sh 30 | 31 | # Deploy without bootstrap 32 | ansible-playbook -i inventory.ini --skip-tags checks main.yml -e "@../../../standalone.yml" -e strategy=mitogen_free 33 | 34 | # Fix redis: remove cluster mode 35 | ansible openio -i inventory.ini -m shell -a 'sed -i -e "/slaveof/d" /etc/oio/sds/OPENIO/redis-0/redis.conf; rm /etc/gridinit.d/OPENIO-redissentinel-0.conf' 36 | # Wipe install logs 37 | ansible openio -i inventory.ini -m shell -a "find /var/log/oio -type f | xargs -n1 cp /dev/null" 38 | 39 | popd 40 | # Logs to stdout 41 | ansible node1 -i ansible-playbook-openio-deployment/products/sds/inventory.ini -m copy -a 'src=../commons/rsyslog.conf dest=/etc/rsyslog.d/openio-sds.conf mode=0644' 42 | 43 | # Copy required scripts 44 | ansible node1 -i ansible-playbook-openio-deployment/products/sds/inventory.ini -m copy -a 'src=openio-docker-init.sh dest=/openio-docker-init.sh mode=0755' 45 | ansible node1 -i ansible-playbook-openio-deployment/products/sds/inventory.ini -m copy -a 'src=../commons/sds-healthcheck.sh dest=/usr/local/bin/sds-healthcheck.sh mode=0755' 46 | 47 | docker commit \ 48 | --change='CMD ["/openio-docker-init.sh"]' \ 49 | --change "EXPOSE 6000 6001 6006 6007 6009 6011 6014 6017 6110 6120 6200 6300" \ 50 | --change='HEALTHCHECK --start-period=5s --retries=30 --interval=10s --timeout=2s CMD bash /usr/local/bin/sds-healthcheck.sh' \ 51 | "${DOCKER_BUILD_CONTAINER_NAME}" "${DOCKER_IMAGE_NAME}" 52 | 53 | docker stop "${DOCKER_BUILD_CONTAINER_NAME}" 54 | docker rm -f -v "${DOCKER_BUILD_CONTAINER_NAME}" 55 | -------------------------------------------------------------------------------- /openio-sds/18.10/deploy.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | LATEST=false 4 | 5 | set -eux -o pipefail 6 | 7 | test -n "${DOCKER_IMAGE_NAME}" || { 8 | echo "Error: variable DOCKER_IMAGE_NAME not set. Exiting." 9 | exit 1 10 | } 11 | 12 | DEPLOY_IMAGE_NAME="openio/sds" 13 | DEPLOY_IMAGE_TAG="18.10" 14 | 15 | docker tag "${DOCKER_IMAGE_NAME}" "${DEPLOY_IMAGE_NAME}:${DEPLOY_IMAGE_TAG}" 16 | docker push "${DEPLOY_IMAGE_NAME}:${DEPLOY_IMAGE_TAG}" 17 | 18 | if [ "${LATEST}" == "true" ] 19 | then 20 | docker tag "${DOCKER_IMAGE_NAME}" "${DEPLOY_IMAGE_NAME}:latest" 21 | docker push "${DEPLOY_IMAGE_NAME}:latest" 22 | fi 23 | -------------------------------------------------------------------------------- /openio-sds/18.10/inventory.ini: -------------------------------------------------------------------------------- 1 | [all] 2 | node1 ansible_connection=docker ansible_host=ID 3 | 4 | [all:vars] 5 | ansible_user=root 6 | 7 | # what is not used for storage 8 | [fronts] 9 | 10 | # what is used for storage 11 | [backs] 12 | node1 13 | 14 | [openio:children] 15 | fronts 16 | backs 17 | 18 | [conscience] 19 | node1 20 | 21 | [namespace:children] 22 | openio 23 | 24 | [oioproxy:children] 25 | openio 26 | 27 | [conscience_agent:children] 28 | backs 29 | 30 | [oio-blob-indexer:children] 31 | backs 32 | 33 | [meta:children] 34 | meta0 35 | meta1 36 | meta2 37 | 38 | [meta0] 39 | node1 40 | 41 | [meta1] 42 | node1 43 | 44 | [meta2] 45 | node1 46 | 47 | [zookeeper] 48 | #node1 49 | 50 | [redis] 51 | node1 52 | 53 | [oioswift:children] 54 | backs 55 | 56 | [ecd:children] 57 | #backs 58 | 59 | [oio-event-agent:children] 60 | backs 61 | 62 | [account:children] 63 | backs 64 | 65 | [rawx:children] 66 | backs 67 | -------------------------------------------------------------------------------- /openio-sds/18.10/jenkins/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM alpine:3.11 2 | 3 | RUN apk add --no-cache \ 4 | bats \ 5 | bash \ 6 | curl \ 7 | docker-cli \ 8 | git \ 9 | python2 \ 10 | py2-pip \ 11 | && apk --no-cache add --virtual \ 12 | .build-deps \ 13 | python2-dev \ 14 | libffi-dev \ 15 | openssl-dev \ 16 | build-base \ 17 | && pip install 'ansible<2.8' netaddr 18 | 19 | ARG MITOGEN_VERSION=0.2.9 20 | RUN curl -sSL "https://networkgenomics.com/try/mitogen-${MITOGEN_VERSION}.tar.gz" -o "/tmp/mitogen-${MITOGEN_VERSION}.tar.gz" \ 21 | && tar -xzf "/tmp/mitogen-${MITOGEN_VERSION}.tar.gz" -C /tmp \ 22 | && mkdir -p /ansible/plugins \ 23 | && cp -r "/tmp/mitogen-${MITOGEN_VERSION}.tar.gz" /ansible/plugins/ \ 24 | && rm -rf /tmp/mitogen* 25 | 26 | COPY ./ansible.cfg /root/.ansible.cfg 27 | -------------------------------------------------------------------------------- /openio-sds/18.10/jenkins/ansible.cfg: -------------------------------------------------------------------------------- 1 | # config file for ansible -- https://ansible.com/ 2 | # =============================================== 3 | 4 | # nearly all parameters can be overridden in ansible-playbook 5 | # or with command line flags. ansible will read ANSIBLE_CONFIG, 6 | # ansible.cfg in the current working directory, .ansible.cfg in 7 | # the home directory or /etc/ansible/ansible.cfg, whichever it 8 | # finds first 9 | 10 | [defaults] 11 | 12 | remote_tmp = /tmp 13 | local_tmp = /tmp 14 | 15 | strategy_plugins = /ansible/plugins/mitogen-0.2.9/ansible_mitogen/plugins/strategy 16 | 17 | host_key_checking = False 18 | 19 | [paramiko_connection] 20 | record_host_keys=False 21 | -------------------------------------------------------------------------------- /openio-sds/18.10/openio-docker-init.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | # Default configuration 4 | NS='OPENIO' 5 | NBREPLICAS=1 6 | TIMEOUT=20 7 | 8 | function prepare(){ 9 | mkdir /run/gridinit 10 | install -d -o openio -g openio -m 750 /run/rawx/OPENIO/rawx-0 11 | } 12 | 13 | function update_swift_credentials(){ 14 | if [ ! -z "${SWIFT_CREDENTIALS}" ]; then 15 | # Remove default credentials 16 | sed -i -e '/user_demo_demo = DEMO_PASS .member/d' \ 17 | /etc/oio/sds/OPENIO/oioswift-0/proxy-server.conf 18 | # Add credentials to the Swift proxy configuration 19 | IFS=',' read -r -a swiftcreds <<< "${SWIFT_CREDENTIALS}" 20 | for creds in "${swiftcreds[@]}" 21 | do 22 | echo "> Adding Openstack Swift credentials $creds" 23 | IFS=':' read -r -a cred <<< "$creds" 24 | sed -i -e "s@^use = egg:oioswift#tempauth\$@use = egg:oioswift#tempauth\nuser_${cred[0]}_${cred[1]} = ${cred[2]} ${cred[3]}@" \ 25 | /etc/oio/sds/OPENIO/oioswift-0/proxy-server.conf 26 | if [ "${creds}" == "${swiftcreds[0]}" ]; then 27 | sed -i -e "s@aws_access_key_id = demo:demo@aws_access_key_id = ${cred[0]}:${cred[1]}@" /root/.aws/credentials 28 | sed -i -e "s@aws_secret_access_key = DEMO_PASS@aws_secret_access_key = ${cred[2]}@" /root/.aws/credentials 29 | AKEY="${cred[0]}:${cred[1]}" 30 | SKEY="${cred[2]}" 31 | fi 32 | done 33 | else 34 | AKEY="demo:demo" 35 | SKEY="DEMO_PASS" 36 | fi 37 | } 38 | 39 | function set_region(){ 40 | if [ ! -z "${REGION}" ]; then 41 | echo "> Change S3 region" 42 | sed -i -e "s@location = us-east-1@location = ${REGION}@" /etc/oio/sds/OPENIO/oioswift-0/proxy-server.conf 43 | sed -i -e "s@region = us-east-1@region = ${REGION}@" /root/.aws/config 44 | else 45 | REGION="us-east-1" 46 | fi 47 | } 48 | 49 | function update_rawx(){ 50 | if [ ! -z "${RAWX_BETA}" ]; then 51 | echo "> Activate beta rawx" 52 | sed -i -e 's@/usr/sbin/httpd -D FOREGROUND -f /etc/oio/sds/OPENIO/rawx-0/rawx-0-httpd.conf@/usr/bin/oio-rawx -s OIO,OPENIO,rawx,0 -f /etc/oio/sds/OPENIO/rawx-0/rawx-0-httpd.conf@' /etc/gridinit.d/OPENIO-rawx-0.conf 53 | fi 54 | } 55 | # Initialize OpenIO cluster 56 | function initcluster(){ 57 | echo "# Initializing the OpenIO cluster" 58 | 59 | # Temporarily disabling the swift gateway, to avoid answering when not completely setup 60 | sed -i -e 's/^enabled=.*$/enabled=false/' /etc/gridinit.d/OPENIO-oioswift-0.conf 61 | 62 | echo "> Starting services" 63 | /usr/bin/gridinit -d /etc/gridinit.conf >/dev/null 2>&1 64 | 65 | echo "> Waiting for the services to start ..." 66 | etime_start=$(date +"%s") 67 | etime_end=$((${etime_start} + ${TIMEOUT})) 68 | nbmeta1=0 69 | while [ $(date +"%s") -le ${etime_end} -a ${nbmeta1} -lt ${NBREPLICAS} ] 70 | do 71 | sleep 2 72 | # Count registered meta1 73 | nbmeta1=$(/usr/bin/openio --oio-ns=${NS} cluster list meta1 -f value -c Addr|wc -l) 74 | done 75 | if [ ${nbmeta1} -ne ${NBREPLICAS} ]; then 76 | echo "Error: Install script did not found ${NBREPLICAS} meta1 services registered. Return: ${nbmeta1}" 77 | exit 1 78 | fi 79 | etime_start=$(date +"%s") 80 | etime_end=$((${etime_start} + ${TIMEOUT})) 81 | score=0 82 | while [ $(date +"%s") -le ${etime_end} -a ${score} -eq 0 ] 83 | do 84 | /usr/bin/openio --oio-ns=${NS} cluster unlockall >/dev/null 2>&1 85 | sleep 5 86 | score=$(/usr/bin/openio --oio-ns=${NS} cluster list meta1 -f value -c Score || echo 0) 87 | done 88 | if [ ${score} -eq 0 ]; then 89 | echo "Error: Unlocking scores failed. Unable to bootstrap namespace. Return: Meta1 score = ${score}" 90 | exit 1 91 | fi 92 | 93 | # Initialize meta1 with 3 replicas on the same server 94 | echo "> Bootstrapping directory ..." 95 | /usr/bin/openio --oio-ns=${NS} directory bootstrap --replicas ${NBREPLICAS} || \ 96 | (echo "Error: Directory bootstrap failed. Aborting." ; exit 1) 97 | 98 | echo "> Bootstrapping Reverse Directory and rawx for namespace ${NS}" 99 | /usr/bin/openio --oio-ns=${NS} rdir bootstrap rawx || 100 | (echo "Error: Directory bootstrap failed. Aborting." ; exit 1) 101 | echo "> Bootstrapping Reverse Directory and meta2 for namespace ${NS}" 102 | /usr/bin/openio --oio-ns=${NS} rdir bootstrap meta2 || 103 | (echo "Error: Directory bootstrap failed. Aborting." ; exit 1) 104 | 105 | # Stopping services 106 | echo "> Stopping services ..." 107 | gridinit_pid=$(cat /run/gridinit/gridinit.pid) 108 | kill "${gridinit_pid}" >/dev/null 2>&1 109 | /usr/bin/timeout "30s" tail --pid="${gridinit_pid}" -f /dev/null || kill -s 9 "${gridinit_pid}" 110 | 111 | } 112 | 113 | function set_unlock(){ 114 | sed -i -e "/^\[type:/a lock_at_first_register=false" /etc/oio/sds/*/conscience-*/conscience-*-services.conf 115 | } 116 | 117 | function unlock(){ 118 | echo "> Unlocking scores ..." 119 | etime_start=$(date +"%s") 120 | etime_end=$((${etime_start} + ${TIMEOUT})) 121 | nbscore=1 122 | while [ $(date +"%s") -le ${etime_end} -a ${nbscore} -gt 0 ] 123 | do 124 | /usr/bin/openio --oio-ns=${NS} cluster unlockall >/dev/null 2>&1 125 | sleep 5 126 | nbscore=$(/usr/bin/openio --oio-ns=${NS} cluster list -f value -c Score|grep -c -e '^0$') 127 | done 128 | if [ ${nbscore} -gt 0 ]; then 129 | echo "Error: Unlocking scores failed." 130 | exit 1 131 | fi 132 | } 133 | 134 | function gridinit_start(){ 135 | echo "> Starting services ..." 136 | pkill -0 -F /run/gridinit/gridinit.pid >/dev/null 2>&1 || \ 137 | exec /usr/bin/gridinit /etc/gridinit.conf 138 | } 139 | 140 | function keystone_config(){ 141 | if [ ! -z "$KEYSTONE_ENABLED" ]; then 142 | echo "Setting up Openstack Keystone authentication" 143 | : "${KEYSTONE_URI:=${IPADDR}:5000}" 144 | : "${KEYSTONE_URL:=${IPADDR}:35357}" 145 | : "${SWIFT_USERNAME:=swift}" 146 | : "${SWIFT_PASSWORD:=SWIFT_PASS}" 147 | sed -i -e "/filter:tempauth/i [filter:s3token]\ndelay_auth_decision = True\nauth_uri = http://${KEYSTONE_URL}/\nuse = egg:swift3#s3token\n\n[filter:authtoken]\nauth_type = password\nusername = ${SWIFT_USERNAME}\nproject_name = service\nregion_name = ${REGION}\nuser_domain_id = default\nmemcache_secret_key = memcache_secret_key\npaste.filter_factory = keystonemiddleware.auth_token:filter_factory\ninsecure = True\ncache = swift.cache\ndelay_auth_decision = True\ntoken_cache_time = 300\nauth_url =http://${KEYSTONE_URL}\ninclude_service_catalog = False\nwww_authenticate_uri = http://${KEYSTONE_URI}\nmemcached_servers = ${IPADDR}:6019\npassword = ${SWIFT_PASSWORD}\nrevocation_cache_time = 60\nmemcache_security_strategy = ENCRYPT\nproject_domain_id = default\n\n[filter:keystoneauth]\nuse = egg:swift#keystoneauth\noperator_roles = admin,swiftoperator,_member_\n" /etc/oio/sds/OPENIO/oioswift-0/proxy-server.conf 148 | sed -i -e '/filter:tempauth/,+2d' /etc/oio/sds/OPENIO/oioswift-0/proxy-server.conf 149 | sed -i -e 's@^pipeline =.*@pipeline = catch_errors gatekeeper healthcheck proxy-logging cache bulk tempurl proxy-logging authtoken swift3 s3token keystoneauth proxy-logging copy container-quotas account-quotas slo dlo versioned_writes proxy-logging proxy-server@' /etc/oio/sds/OPENIO/oioswift-0/proxy-server.conf 150 | fi 151 | } 152 | 153 | ### Main 154 | 155 | prepare 156 | 157 | # Firstboot script to setup OpenIO configuration 158 | if [ ! -f /etc/oio/sds/firstboot ]; then 159 | echo "# Firstboot: Setting up the OpenIO cluster" 160 | if [ ! -z "${OPENIO_IPADDR}" ]; then 161 | IPADDR=${OPENIO_IPADDR} 162 | elif [ ! -z "${OPENIO_IFDEV}" ]; then 163 | IPADDR=$(ip -4 addr show ${OPENIO_IFDEV} | awk '/inet/ {print $2}' | sed 's#/.*##') 164 | if [ -z "${IPADDR}" ]; then 165 | echo "Error: Failed to get IP for device ${OPENIO_IFDEV}" 166 | fi 167 | else 168 | IPADDR=$(ip -4 addr show | grep -v 127.0.0.1 | awk '/inet/ {print $2}' | sed 's#/.*##') 169 | fi 170 | 171 | # Update Swift credentials 172 | update_swift_credentials 173 | set_region 174 | keystone_config 175 | 176 | # Switch rawx 177 | update_rawx 178 | 179 | # Update listenning address 180 | if [ ! -z "${IPADDR}" ]; then 181 | echo "> Using ${IPADDR} IP address for services" 182 | /usr/bin/find /etc/oio /etc/gridinit.d /root -type f -print0 | xargs --no-run-if-empty -0 sed -i "s/127.0.0.1/${IPADDR}/g" 183 | fi 184 | 185 | # Deploy OpenIO 186 | initcluster 187 | 188 | # Unlock services 189 | set_unlock 190 | 191 | # Firstboot is done 192 | touch /etc/oio/sds/firstboot 193 | fi 194 | 195 | # Re-enabling the swift gateway, now that it's ready 196 | sed -i -e 's/^enabled=.*$/enabled=true/' /etc/gridinit.d/OPENIO-oioswift-0.conf 197 | 198 | # Activate logs 199 | /usr/sbin/rsyslogd 200 | 201 | echo " 202 | .oo. .ooo. OIO Conscience: ${IPADDR}:6000 203 | .ooooo. o ..oo. OIO Proxy: ${IPADDR}:6006 204 | .oooo. .oo. .o. 205 | .oooo. .o+ .o. S3 Endpoint: http://${IPADDR}:6007 206 | iooo. .o..oo S3 Region: ${REGION} 207 | oooo .o, :o S3 SSL: False 208 | oooi .o: .o S3 Signature: s3v4 209 | iooo. .o..oo S3 Access bucket: path-style 210 | .oooo. .oo .o. S3 Access key: ${AKEY} 211 | .oooo. .oo. .o. S3 Secret key: ${SKEY} 212 | .ooooo. o...oo. 213 | .ooo. .ioo.. Visit https://docs.openio.io/latest/source/integrations for more informations. 214 | " 215 | 216 | # start gridinit 217 | gridinit_start 218 | -------------------------------------------------------------------------------- /openio-sds/18.10/standalone.yml: -------------------------------------------------------------------------------- 1 | --- 2 | #Single node 3 | namespace_storage_policy: SINGLE 4 | 5 | # low resources node 6 | openio_account_workers: 1 7 | openio_oioswift_workers: 1 8 | openio_event_agent_workers: 1 9 | openio_zookeeper_parallel_gc_threads: 1 10 | openio_zookeeper_memory: "256M" 11 | openio_minimal_score_for_volume_admin_bootstrap: 5 12 | openio_minimal_score_for_directory_bootstrap: 5 13 | 14 | # Reduce directory size 15 | namespace_meta1_digits: 0 16 | 17 | # bind 127.0.0.1 by default 18 | openio_bind_address: "127.0.0.1" 19 | 20 | # Remove zookeeper url 21 | openio_namespace_zookeeper_url: "" 22 | 23 | # Reduce service policy for a standalone node 24 | openio_namespace_service_update_policy: 25 | - name: meta2 26 | policy: KEEP 27 | replicas: 1 28 | distance: 1 29 | - name: rdir 30 | policy: KEEP 31 | replicas: 1 32 | distance: 1 33 | 34 | openio_rdir_serviceid: 1 35 | 36 | openio_manage_os_requirement: false 37 | 38 | openio_account_redis_standalone: "127.0.0.1:6011" 39 | 40 | openio_oioswift_filter_swift3: 41 | use: "egg:swift3#swift3" 42 | force_swift_request_proxy_log: true 43 | s3_acl: true 44 | check_bucket_owner: true 45 | location: "us-east-1" 46 | # always set same value 47 | max_bucket_listing: 1000 48 | max_multi_delete_objects: 1000 49 | bucket_db_enabled: true 50 | bucket_db_host: "127.0.0.1:6011" 51 | 52 | ... 53 | -------------------------------------------------------------------------------- /openio-sds/18.10/test.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | set -eux -o pipefail 4 | 5 | CURRENT_DIR="$(cd "$(dirname "$0")" && pwd -P)" 6 | 7 | test -n "${DOCKER_TEST_CONTAINER_NAME}" || ( echo "Error: variable DOCKER_TEST_CONTAINER_NAME not set. Exiting." && exit 1 ) 8 | test -n "${DOCKER_IMAGE_NAME}" || ( echo "Error: variable DOCKER_IMAGE_NAME not set. Exiting." && exit 1 ) 9 | 10 | clean_sut() { 11 | docker kill "${1}" 12 | docker rm -f "${1}" 13 | docker system prune -f --volumes 14 | } 15 | 16 | # Launch an openio-sds container to test 17 | clean_sut "${DOCKER_TEST_CONTAINER_NAME}" || true # Never fail cleanup 18 | docker run -d --name "${DOCKER_TEST_CONTAINER_NAME}" "${DOCKER_IMAGE_NAME}" 19 | 20 | # Build the tester image 21 | TESTER_IMAGE_NAME=openio-sds-tester 22 | docker build -t "${TESTER_IMAGE_NAME}" "${CURRENT_DIR}"/../tester/ 23 | 24 | # Run tests 25 | docker run --rm -t \ 26 | --network="container:${DOCKER_TEST_CONTAINER_NAME}" \ 27 | -e "SUT_ID=${DOCKER_TEST_CONTAINER_NAME}" \ 28 | -e SUT_IP="$(docker inspect -f '{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' "${DOCKER_TEST_CONTAINER_NAME}")" \ 29 | -v /var/run/docker.sock:/var/run/docker.sock \ 30 | "${TESTER_IMAGE_NAME}" \ 31 | || { 32 | echo "== Tests failure: please check SUT logs below:" 33 | docker logs "${DOCKER_TEST_CONTAINER_NAME}" 34 | echo "==============================================" 35 | clean_sut "${DOCKER_TEST_CONTAINER_NAME}" || true # Never fail cleanup 36 | exit 1 37 | } 38 | clean_sut "${DOCKER_TEST_CONTAINER_NAME}" || true # Never fail cleanup 39 | -------------------------------------------------------------------------------- /openio-sds/19.04/README.md: -------------------------------------------------------------------------------- 1 | # openio/sds 2 | 3 | Build Docker image based on [ansible playbook](https://github.com/open-io/ansible-playbook-openio-deployment) 4 | 5 | ## How to get this image from the hub 6 | 7 | To get the latest built of this version on the [docker hub](https://hub.docker.com/r/openio/sds) 8 | 9 | ```shell 10 | docker pull openio/sds:19.04 11 | ``` 12 | 13 | ## How to (re-)build this image 14 | 15 | First set up the environement: 16 | 17 | ```shell 18 | # Configure build 19 | export SDS_VERSION=19.04 20 | export DOCKER_IMAGE_NAME="openio-sds-${SDS_VERSION}" 21 | export DOCKER_BUILD_CONTAINER_NAME="openio-sds-${SDS_VERSION}-build" 22 | export DOCKER_TEST_CONTAINER_NAME="openio-sds-${SDS_VERSION}-test" 23 | 24 | # Get the source 25 | git clone https://github.com/open-io/dockerfiles.git 26 | cd "./dockerfiles/openio-sds/${SDS_VERSION}/" 27 | 28 | # Generate the builder image, which holds all the required tooling in the correct versions 29 | docker build -t "openio-sds-docker-builder:${SDS_VERSION}" ./jenkins/ 30 | ``` 31 | 32 | Then, execute the build step, using this "builder" image (which uses Docker-on-Docker pattern): 33 | 34 | ```shell 35 | docker run --rm -t -v /var/run/docker.sock:/var/run/docker.sock -u root -v "$(pwd):$(pwd)" -w "$(pwd)" \ 36 | -e DOCKER_BUILD_CONTAINER_NAME -e DOCKER_IMAGE_NAME -e DOCKER_TEST_CONTAINER_NAME "openio-sds-docker-builder:${SDS_VERSION}" \ 37 | bash ./build.sh 38 | ``` 39 | 40 | Now, execute the test harness on this newly built image: 41 | 42 | ```shell 43 | docker run --rm -t -v /var/run/docker.sock:/var/run/docker.sock -u root -v "$(pwd):$(pwd)" -w "$(pwd)" \ 44 | -e DOCKER_BUILD_CONTAINER_NAME -e DOCKER_IMAGE_NAME -e DOCKER_TEST_CONTAINER_NAME "openio-sds-docker-builder:${SDS_VERSION}" \ 45 | bash ./test.sh 46 | ``` 47 | 48 | Finally, if you want to tag and deploy the image, execute the `deploy.sh` script: 49 | 50 | ```shell 51 | export LATEST=true # Only if you want the image to be tagged as latest, along with current tag 52 | test -n "${DOCKER_IMAGE_NAME}" # Required to select the image to tag 53 | bash ./deploy.sh 54 | ``` 55 | -------------------------------------------------------------------------------- /openio-sds/19.04/build.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | set -eux -o pipefail 4 | 5 | test -n "${DOCKER_BUILD_CONTAINER_NAME}" || { 6 | echo "Error: variable DOCKER_BUILD_CONTAINER_NAME not set. Exiting." 7 | exit 1 8 | } 9 | test -n "${DOCKER_IMAGE_NAME}" || { 10 | echo "Error: variable DOCKER_IMAGE_NAME not set. Exiting." 11 | exit 1 12 | } 13 | 14 | OIOSDS_RELEASE=19.04 15 | CURRENT_DIR="$(cd "$(dirname "$0")" && pwd -P)" 16 | pushd "${CURRENT_DIR}" 17 | 18 | docker run --detach --name="${DOCKER_BUILD_CONTAINER_NAME}" --privileged --volume=/sys/fs/cgroup:/sys/fs/cgroup:ro --hostname openiosds centos/systemd:latest /usr/sbin/init 19 | 20 | rm -rf ansible-playbook-openio-deployment 21 | git clone -b "${OIOSDS_RELEASE}" https://github.com/open-io/ansible-playbook-openio-deployment.git 22 | cp inventory.yml ansible-playbook-openio-deployment/products/sds 23 | pushd ansible-playbook-openio-deployment/products/sds 24 | 25 | #custom inventory 26 | sed -i -e "s@ansible_host: ID@ansible_host: ${DOCKER_BUILD_CONTAINER_NAME}@" inventory.yml 27 | 28 | 29 | # Download roles 30 | ./requirements_install.sh 31 | 32 | # Deploy without bootstrap 33 | ansible-playbook -i inventory.yml main.yml --skip-tags checks -e strategy=mitogen_free 34 | 35 | # Fix redis: remove cluster mode 36 | ansible openio -i inventory.yml -m shell -a 'sed -i -e "/slaveof/d" /etc/oio/sds/OPENIO/redis-0/redis.conf; rm /etc/gridinit.d/OPENIO-redissentinel-0.conf' 37 | # Wipe install logs 38 | ansible openio -i inventory.yml -m shell -a "find /var/log/oio -type f | xargs -n1 cp /dev/null" 39 | 40 | popd 41 | # Logs to stdout 42 | ansible node1 -i ansible-playbook-openio-deployment/products/sds/inventory.yml -m copy -a 'src=../commons/rsyslog.conf dest=/etc/rsyslog.d/openio-sds.conf mode=0644' 43 | 44 | # Copy required scripts 45 | ansible node1 -i ansible-playbook-openio-deployment/products/sds/inventory.yml -m copy -a 'src=openio-docker-init.sh dest=/openio-docker-init.sh mode=0755' 46 | ansible node1 -i ansible-playbook-openio-deployment/products/sds/inventory.yml -m copy -a 'src=../commons/sds-healthcheck.sh dest=/usr/local/bin/sds-healthcheck.sh mode=0755' 47 | 48 | docker commit \ 49 | --change='CMD ["/openio-docker-init.sh"]' \ 50 | --change "EXPOSE 6000 6001 6006 6007 6009 6011 6014 6017 6110 6120 6200 6300" \ 51 | --change='HEALTHCHECK --start-period=5s --retries=30 --interval=10s --timeout=2s CMD bash /usr/local/bin/sds-healthcheck.sh' \ 52 | "${DOCKER_BUILD_CONTAINER_NAME}" "${DOCKER_IMAGE_NAME}" 53 | 54 | docker stop "${DOCKER_BUILD_CONTAINER_NAME}" 55 | docker rm -f -v "${DOCKER_BUILD_CONTAINER_NAME}" 56 | -------------------------------------------------------------------------------- /openio-sds/19.04/deploy.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | LATEST=false 4 | 5 | set -eux -o pipefail 6 | 7 | test -n "${DOCKER_IMAGE_NAME}" || { 8 | echo "Error: variable DOCKER_IMAGE_NAME not set. Exiting." 9 | exit 1 10 | } 11 | 12 | DEPLOY_IMAGE_NAME="openio/sds" 13 | DEPLOY_IMAGE_TAG="19.04" 14 | 15 | docker tag "${DOCKER_IMAGE_NAME}" "${DEPLOY_IMAGE_NAME}:${DEPLOY_IMAGE_TAG}" 16 | docker push "${DEPLOY_IMAGE_NAME}:${DEPLOY_IMAGE_TAG}" 17 | 18 | if [ "${LATEST}" == "true" ] 19 | then 20 | docker tag "${DOCKER_IMAGE_NAME}" "${DEPLOY_IMAGE_NAME}:latest" 21 | docker push "${DEPLOY_IMAGE_NAME}:latest" 22 | fi 23 | -------------------------------------------------------------------------------- /openio-sds/19.04/inventory.yml: -------------------------------------------------------------------------------- 1 | --- 2 | all: 3 | hosts: 4 | node1: 5 | ansible_host: ID 6 | openio_data_mounts: 7 | - mountpoint: "/var/lib/oio/sds" 8 | partition: "/dev/vdb" 9 | openio_metadata_mounts: 10 | - mountpoint: "/var/lib/oio/sds" 11 | partition: "/dev/vdb" 12 | vars: 13 | ansible_user: root 14 | ansible_connection: docker 15 | openio_checks_filter: 16 | reachability: false 17 | mountpoint: false 18 | openio_bootstrap: false 19 | openio_maintenance_mode: false 20 | openio_no_log: false 21 | openio_mirror: mirror2.openio.io 22 | 23 | children: 24 | openio: 25 | children: 26 | fronts: {} 27 | backs: {} 28 | 29 | vars: 30 | namespace: OPENIO 31 | namespace_storage_policy: SINGLE 32 | 33 | openio_bind_interface: '{{ ansible_default_ipv4.alias }}' 34 | # bind 127.0.0.1 by default 35 | openio_bind_address: "127.0.0.1" 36 | # Remove zookeeper url 37 | openio_namespace_zookeeper_url: "" 38 | # Reduce service policy for a standalone node 39 | openio_namespace_service_update_policy: 40 | - name: meta2 41 | policy: KEEP 42 | replicas: 1 43 | distance: 1 44 | - name: rdir 45 | policy: KEEP 46 | replicas: 1 47 | distance: 1 48 | openio_rdir_location: "{{ ansible_hostname ~ '.1' }}" 49 | openio_manage_os_requirement: false 50 | openio_account_redis_standalone: "127.0.0.1:6011" 51 | 52 | openio_oioswift_users: 53 | - name: "demo:demo" 54 | password: "DEMO_PASS" 55 | roles: 56 | - admin 57 | 58 | #openio_conscience_multiple_enable: true 59 | #openio_conscience_services_common_timeout: 30 60 | 61 | ######## 62 | # Special needs 63 | # ---- Low memory nodes (ARM, docker, ...) 64 | openio_account_workers: 1 65 | openio_oioswift_workers: 1 66 | openio_event_agent_workers: 1 67 | openio_zookeeper_parallel_gc_threads: 1 68 | openio_zookeeper_memory: "256M" 69 | openio_minimal_score_for_volume_admin_bootstrap: 5 70 | openio_minimal_score_for_directory_bootstrap: 5 71 | # ---- End Low memory nodes 72 | 73 | # Reduce directory size 74 | namespace_meta1_digits: 0 75 | 76 | # what is not used for storage 77 | fronts: 78 | hosts: {} 79 | 80 | # what is used for storage 81 | backs: 82 | hosts: 83 | node1: {} 84 | 85 | ### SDS 86 | account: 87 | children: 88 | backs: {} 89 | 90 | beanstalkd: 91 | children: 92 | backs: {} 93 | 94 | conscience: 95 | hosts: 96 | node1: {} 97 | 98 | conscience-agent: 99 | children: 100 | backs: {} 101 | 102 | ecd: {} 103 | 104 | meta: 105 | children: 106 | meta0: {} 107 | meta1: {} 108 | meta2: {} 109 | 110 | meta0: 111 | hosts: 112 | node1: {} 113 | 114 | meta1: 115 | hosts: 116 | node1: {} 117 | 118 | meta2: 119 | hosts: 120 | node1: {} 121 | 122 | namespace: 123 | children: 124 | openio: {} 125 | vars: 126 | openio_namespace_conscience_url: "{{ hostvars[groups['conscience'][0]]['openio_bind_address'] }}:6000" 127 | 128 | oio-blob-indexer: 129 | children: 130 | backs: {} 131 | 132 | oio-blob-rebuilder: 133 | children: 134 | backs: {} 135 | 136 | oio-event-agent: 137 | children: 138 | backs: {} 139 | 140 | oioproxy: 141 | children: 142 | openio: {} 143 | 144 | oioswift: 145 | children: 146 | backs: {} 147 | vars: 148 | openio_oioswift_pipeline: "{{ pipeline_tempauth }}" 149 | openio_oioswift_filter_tempauth: 150 | "{{ {'use': 'egg:oioswift#tempauth'} | combine(openio_oioswift_users | dict_to_tempauth) }}" 151 | rawx: 152 | children: 153 | backs: {} 154 | 155 | rdir: 156 | children: 157 | backs: {} 158 | 159 | redis: 160 | hosts: 161 | node1: {} 162 | 163 | zookeeper: {} 164 | 165 | ### OIOFS 166 | oiofs: 167 | hosts: {} 168 | vars: {} 169 | 170 | oiofs_redis: 171 | hosts: {} 172 | ... 173 | -------------------------------------------------------------------------------- /openio-sds/19.04/jenkins/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM alpine:3.11 2 | 3 | RUN apk add --no-cache \ 4 | bats \ 5 | bash \ 6 | curl \ 7 | docker-cli \ 8 | git \ 9 | python2 \ 10 | py2-pip \ 11 | && apk --no-cache add --virtual \ 12 | .build-deps \ 13 | python2-dev \ 14 | libffi-dev \ 15 | openssl-dev \ 16 | build-base \ 17 | && pip install 'ansible<2.8' netaddr 18 | 19 | ARG MITOGEN_VERSION=0.2.9 20 | RUN curl -sSL "https://networkgenomics.com/try/mitogen-${MITOGEN_VERSION}.tar.gz" -o "/tmp/mitogen-${MITOGEN_VERSION}.tar.gz" \ 21 | && tar -xzf "/tmp/mitogen-${MITOGEN_VERSION}.tar.gz" -C /tmp \ 22 | && mkdir -p /ansible/plugins \ 23 | && cp -r "/tmp/mitogen-${MITOGEN_VERSION}.tar.gz" /ansible/plugins/ \ 24 | && rm -rf /tmp/mitogen* 25 | 26 | COPY ./ansible.cfg /root/.ansible.cfg 27 | -------------------------------------------------------------------------------- /openio-sds/19.04/jenkins/ansible.cfg: -------------------------------------------------------------------------------- 1 | # config file for ansible -- https://ansible.com/ 2 | # =============================================== 3 | 4 | # nearly all parameters can be overridden in ansible-playbook 5 | # or with command line flags. ansible will read ANSIBLE_CONFIG, 6 | # ansible.cfg in the current working directory, .ansible.cfg in 7 | # the home directory or /etc/ansible/ansible.cfg, whichever it 8 | # finds first 9 | 10 | [defaults] 11 | 12 | remote_tmp = /tmp 13 | local_tmp = /tmp 14 | 15 | strategy_plugins = /ansible/plugins/mitogen-0.2.9/ansible_mitogen/plugins/strategy 16 | 17 | host_key_checking = False 18 | 19 | [paramiko_connection] 20 | record_host_keys=False 21 | -------------------------------------------------------------------------------- /openio-sds/19.04/openio-docker-init.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | # Default configuration 4 | NS='OPENIO' 5 | NBREPLICAS=1 6 | TIMEOUT=20 7 | 8 | function prepare(){ 9 | mkdir /run/gridinit 10 | install -d -o openio -g openio -m 750 /run/oio/sds/OPENIO/ 11 | } 12 | 13 | function update_swift_credentials(){ 14 | if [ ! -z "${SWIFT_CREDENTIALS}" ]; then 15 | # Remove default credentials 16 | sed -i -e '/user_demo_demo = DEMO_PASS .member/d' \ 17 | /etc/oio/sds/OPENIO/oioswift-0/proxy-server.conf 18 | # Add credentials to the Swift proxy configuration 19 | IFS=',' read -r -a swiftcreds <<< "${SWIFT_CREDENTIALS}" 20 | for creds in "${swiftcreds[@]}" 21 | do 22 | echo "> Adding Openstack Swift credentials $creds" 23 | IFS=':' read -r -a cred <<< "$creds" 24 | sed -i -e "s@^use = egg:oioswift#tempauth\$@use = egg:oioswift#tempauth\nuser_${cred[0]}_${cred[1]} = ${cred[2]} ${cred[3]}@" \ 25 | /etc/oio/sds/OPENIO/oioswift-0/proxy-server.conf 26 | if [ "${creds}" == "${swiftcreds[0]}" ]; then 27 | sed -i -e "s@aws_access_key_id = demo:demo@aws_access_key_id = ${cred[0]}:${cred[1]}@" /root/.aws/credentials 28 | sed -i -e "s@aws_secret_access_key = DEMO_PASS@aws_secret_access_key = ${cred[2]}@" /root/.aws/credentials 29 | AKEY="${cred[0]}:${cred[1]}" 30 | SKEY="${cred[2]}" 31 | fi 32 | done 33 | else 34 | AKEY="demo:demo" 35 | SKEY="DEMO_PASS" 36 | fi 37 | } 38 | 39 | function set_region(){ 40 | if [ ! -z "${REGION}" ]; then 41 | echo "> Change S3 region" 42 | sed -i -e "s@location = us-east-1@location = ${REGION}@" /etc/oio/sds/OPENIO/oioswift-0/proxy-server.conf 43 | sed -i -e "s@region = us-east-1@region = ${REGION}@" /root/.aws/config 44 | else 45 | REGION="us-east-1" 46 | fi 47 | } 48 | 49 | function update_rawx(){ 50 | if [ ! -z "${RAWX_BETA}" ]; then 51 | echo "> Activate beta rawx" 52 | sed -i -e 's@/usr/sbin/httpd -D FOREGROUND -f /etc/oio/sds/OPENIO/rawx-0/rawx-0-httpd.conf@/usr/bin/oio-rawx -s OIO,OPENIO,rawx,0 -f /etc/oio/sds/OPENIO/rawx-0/rawx-0-httpd.conf@' /etc/gridinit.d/OPENIO-rawx-0.conf 53 | fi 54 | } 55 | # Initialize OpenIO cluster 56 | function initcluster(){ 57 | echo "# Initializing the OpenIO cluster" 58 | 59 | # Temporarily disabling the swift gateway, to avoid answering when not completely setup 60 | sed -i -e 's/^enabled=.*$/enabled=false/' /etc/gridinit.d/OPENIO-oioswift-0.conf 61 | 62 | rm /etc/oio/sds/OPENIO/conscience-0/conscience-0-persistence.dat 63 | echo "> Starting services" 64 | /usr/bin/gridinit -d /etc/gridinit.conf >/dev/null 2>&1 65 | 66 | echo "> Waiting for the services to start ..." 67 | etime_start=$(date +"%s") 68 | etime_end=$((${etime_start} + ${TIMEOUT})) 69 | nbmeta1=0 70 | while [ $(date +"%s") -le ${etime_end} -a ${nbmeta1} -lt ${NBREPLICAS} ] 71 | do 72 | sleep 2 73 | # Count registered meta1 74 | nbmeta1=$(/usr/bin/openio --oio-ns=${NS} cluster list meta1 -f value -c Addr|wc -l) 75 | done 76 | if [ ${nbmeta1} -ne ${NBREPLICAS} ]; then 77 | echo "Error: Install script did not found ${NBREPLICAS} meta1 services registered. Return: ${nbmeta1}" 78 | exit 1 79 | fi 80 | etime_start=$(date +"%s") 81 | etime_end=$((${etime_start} + ${TIMEOUT})) 82 | score=0 83 | while [ $(date +"%s") -le ${etime_end} -a ${score} -eq 0 ] 84 | do 85 | /usr/bin/openio --oio-ns=${NS} cluster unlockall >/dev/null 2>&1 86 | sleep 5 87 | score=$(/usr/bin/openio --oio-ns=${NS} cluster list meta1 -f value -c Score || echo 0) 88 | done 89 | if [ ${score} -eq 0 ]; then 90 | echo "Error: Unlocking scores failed. Unable to bootstrap namespace. Return: Meta1 score = ${score}" 91 | exit 1 92 | fi 93 | 94 | # Initialize meta1 with 3 replicas on the same server 95 | echo "> Bootstrapping directory ..." 96 | /usr/bin/openio --oio-ns=${NS} directory bootstrap --replicas ${NBREPLICAS} || \ 97 | (echo "Error: Directory bootstrap failed. Aborting." ; exit 1) 98 | 99 | echo "> Bootstrapping Reverse Directory and rawx for namespace ${NS}" 100 | /usr/bin/openio --oio-ns=${NS} rdir bootstrap rawx || 101 | (echo "Error: Directory bootstrap failed. Aborting." ; exit 1) 102 | echo "> Bootstrapping Reverse Directory and meta2 for namespace ${NS}" 103 | /usr/bin/openio --oio-ns=${NS} rdir bootstrap meta2 || 104 | (echo "Error: Directory bootstrap failed. Aborting." ; exit 1) 105 | 106 | # Stopping services 107 | echo "> Stopping services ..." 108 | gridinit_pid=$(cat /run/gridinit/gridinit.pid) 109 | kill "${gridinit_pid}" >/dev/null 2>&1 110 | /usr/bin/timeout "30s" tail --pid="${gridinit_pid}" -f /dev/null || kill -s 9 "${gridinit_pid}" 111 | 112 | } 113 | 114 | function set_unlock(){ 115 | sed -i -e "/^\[type:/a lock_at_first_register=false" /etc/oio/sds/*/conscience-*/conscience-*-services.conf 116 | } 117 | 118 | function unlock(){ 119 | echo "> Unlocking scores ..." 120 | etime_start=$(date +"%s") 121 | etime_end=$((${etime_start} + ${TIMEOUT})) 122 | nbscore=1 123 | while [ $(date +"%s") -le ${etime_end} -a ${nbscore} -gt 0 ] 124 | do 125 | /usr/bin/openio --oio-ns=${NS} cluster unlockall >/dev/null 2>&1 126 | sleep 5 127 | nbscore=$(/usr/bin/openio --oio-ns=${NS} cluster list -f value -c Score|grep -c -e '^0$') 128 | done 129 | if [ ${nbscore} -gt 0 ]; then 130 | echo "Error: Unlocking scores failed." 131 | exit 1 132 | fi 133 | } 134 | 135 | function gridinit_start(){ 136 | echo "> Starting services ..." 137 | pkill -0 -F /run/gridinit/gridinit.pid >/dev/null 2>&1 || \ 138 | exec /usr/bin/gridinit /etc/gridinit.conf 139 | } 140 | 141 | function keystone_config(){ 142 | if [ ! -z "$KEYSTONE_ENABLED" ]; then 143 | echo "Setting up Openstack Keystone authentication" 144 | : "${KEYSTONE_URI:=${IPADDR}:5000}" 145 | : "${KEYSTONE_URL:=${IPADDR}:35357}" 146 | : "${SWIFT_USERNAME:=swift}" 147 | : "${SWIFT_PASSWORD:=SWIFT_PASS}" 148 | sed -i -e "/filter:tempauth/i [filter:s3token]\ndelay_auth_decision = True\nauth_uri = http://${KEYSTONE_URL}/\nuse = egg:swift3#s3token\n\n[filter:authtoken]\nauth_type = password\nusername = ${SWIFT_USERNAME}\nproject_name = service\nregion_name = ${REGION}\nuser_domain_id = default\nmemcache_secret_key = memcache_secret_key\npaste.filter_factory = keystonemiddleware.auth_token:filter_factory\ninsecure = True\ncache = swift.cache\ndelay_auth_decision = True\ntoken_cache_time = 300\nauth_url =http://${KEYSTONE_URL}\ninclude_service_catalog = False\nwww_authenticate_uri = http://${KEYSTONE_URI}\nmemcached_servers = ${IPADDR}:6019\npassword = ${SWIFT_PASSWORD}\nrevocation_cache_time = 60\nmemcache_security_strategy = ENCRYPT\nproject_domain_id = default\n\n[filter:keystoneauth]\nuse = egg:swift#keystoneauth\noperator_roles = admin,swiftoperator,_member_\n" /etc/oio/sds/OPENIO/oioswift-0/proxy-server.conf 149 | sed -i -e '/filter:tempauth/,+2d' /etc/oio/sds/OPENIO/oioswift-0/proxy-server.conf 150 | sed -i -e 's@^pipeline =.*@pipeline = catch_errors gatekeeper healthcheck proxy-logging cache bulk tempurl proxy-logging authtoken swift3 s3token keystoneauth proxy-logging copy container-quotas account-quotas slo dlo versioned_writes proxy-logging proxy-server@' /etc/oio/sds/OPENIO/oioswift-0/proxy-server.conf 151 | fi 152 | } 153 | 154 | ### Main 155 | 156 | prepare 157 | 158 | # Firstboot script to setup OpenIO configuration 159 | if [ ! -f /etc/oio/sds/firstboot ]; then 160 | echo "# Firstboot: Setting up the OpenIO cluster" 161 | if [ ! -z "${OPENIO_IPADDR}" ]; then 162 | IPADDR=${OPENIO_IPADDR} 163 | elif [ ! -z "${OPENIO_IFDEV}" ]; then 164 | IPADDR=$(ip -4 addr show ${OPENIO_IFDEV} | awk '/inet/ {print $2}' | sed 's#/.*##') 165 | if [ -z "${IPADDR}" ]; then 166 | echo "Error: Failed to get IP for device ${OPENIO_IFDEV}" 167 | fi 168 | else 169 | IPADDR=$(ip -4 addr show | grep -v 127.0.0.1 | awk '/inet/ {print $2}' | sed 's#/.*##') 170 | fi 171 | 172 | # Update Swift credentials 173 | update_swift_credentials 174 | set_region 175 | keystone_config 176 | 177 | # Switch rawx 178 | update_rawx 179 | 180 | # Update listenning address 181 | if [ ! -z "${IPADDR}" ]; then 182 | echo "> Using ${IPADDR} IP address for services" 183 | /usr/bin/find /etc/oio /etc/gridinit.d /root -type f -print0 | xargs --no-run-if-empty -0 sed -i "s/127.0.0.1/${IPADDR}/g" 184 | fi 185 | 186 | # Deploy OpenIO 187 | initcluster 188 | 189 | # Unlock services 190 | set_unlock 191 | 192 | # Firstboot is done 193 | touch /etc/oio/sds/firstboot 194 | fi 195 | 196 | # Re-enabling the swift gateway, now that it's ready 197 | sed -i -e 's/^enabled=.*$/enabled=true/' /etc/gridinit.d/OPENIO-oioswift-0.conf 198 | 199 | # Activate logs 200 | /usr/sbin/rsyslogd 201 | 202 | echo " 203 | .oo. .ooo. OIO Conscience: ${IPADDR}:6000 204 | .ooooo. o ..oo. OIO Proxy: ${IPADDR}:6006 205 | .oooo. .oo. .o. 206 | .oooo. .o+ .o. S3 Endpoint: http://${IPADDR}:6007 207 | iooo. .o..oo S3 Region: ${REGION} 208 | oooo .o, :o S3 SSL: False 209 | oooi .o: .o S3 Signature: s3v4 210 | iooo. .o..oo S3 Access bucket: path-style 211 | .oooo. .oo .o. S3 Access key: ${AKEY} 212 | .oooo. .oo. .o. S3 Secret key: ${SKEY} 213 | .ooooo. o...oo. 214 | .ooo. .ioo.. Visit https://docs.openio.io/latest/source/integrations for more informations. 215 | " 216 | 217 | # start gridinit 218 | gridinit_start 219 | -------------------------------------------------------------------------------- /openio-sds/19.04/test.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | set -eux -o pipefail 4 | 5 | CURRENT_DIR="$(cd "$(dirname "$0")" && pwd -P)" 6 | 7 | test -n "${DOCKER_TEST_CONTAINER_NAME}" || { 8 | echo "Error: variable DOCKER_TEST_CONTAINER_NAME not set. Exiting." 9 | exit 1 10 | } 11 | test -n "${DOCKER_IMAGE_NAME}" || { 12 | echo "Error: variable DOCKER_IMAGE_NAME not set. Exiting." 13 | exit 1 14 | } 15 | 16 | clean_sut() { 17 | docker kill "${1}" 18 | docker rm -f "${1}" 19 | docker system prune -f --volumes 20 | } 21 | 22 | # Launch an openio-sds container to test 23 | clean_sut "${DOCKER_TEST_CONTAINER_NAME}" || true # Never fail cleanup 24 | docker run -d --name "${DOCKER_TEST_CONTAINER_NAME}" "${DOCKER_IMAGE_NAME}" 25 | 26 | # Build the tester image 27 | TESTER_IMAGE_NAME=openio-sds-tester 28 | docker build -t "${TESTER_IMAGE_NAME}" "${CURRENT_DIR}"/../tester/ 29 | 30 | # Run tests 31 | docker run --rm -t \ 32 | --network="container:${DOCKER_TEST_CONTAINER_NAME}" \ 33 | -e "SUT_ID=${DOCKER_TEST_CONTAINER_NAME}" \ 34 | -e SUT_IP="$(docker inspect -f '{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' "${DOCKER_TEST_CONTAINER_NAME}")" \ 35 | -v /var/run/docker.sock:/var/run/docker.sock \ 36 | "${TESTER_IMAGE_NAME}" \ 37 | || { 38 | echo "== Tests failure: please check SUT logs below:" 39 | docker logs "${DOCKER_TEST_CONTAINER_NAME}" 40 | echo "==============================================" 41 | clean_sut "${DOCKER_TEST_CONTAINER_NAME}" || true # Never fail cleanup 42 | exit 1 43 | } 44 | clean_sut "${DOCKER_TEST_CONTAINER_NAME}" || true # Never fail cleanup 45 | -------------------------------------------------------------------------------- /openio-sds/19.10/README.md: -------------------------------------------------------------------------------- 1 | # openio/sds 2 | 3 | Build Docker image based on [ansible playbook](https://github.com/open-io/ansible-playbook-openio-deployment) 4 | 5 | ## How to get this image from the hub 6 | 7 | To get the latest built of this version on the [docker hub](https://hub.docker.com/r/openio/sds) 8 | 9 | ```shell 10 | docker pull openio/sds:19.10 11 | ``` 12 | 13 | ## How to (re-)build this image 14 | 15 | First set up the environement: 16 | 17 | ```shell 18 | # Configure build 19 | export SDS_VERSION=19.10 20 | export DOCKER_IMAGE_NAME="openio-sds-${SDS_VERSION}" 21 | export DOCKER_BUILD_CONTAINER_NAME="openio-sds-${SDS_VERSION}-build" 22 | export DOCKER_TEST_CONTAINER_NAME="openio-sds-${SDS_VERSION}-test" 23 | 24 | # Get the source 25 | git clone https://github.com/open-io/dockerfiles.git 26 | cd "./dockerfiles/openio-sds/${SDS_VERSION}/" 27 | 28 | # Generate the builder image, which holds all the required tooling in the correct versions 29 | docker build -t "openio-sds-docker-builder:${SDS_VERSION}" ./jenkins/ 30 | ``` 31 | 32 | Then, execute the build step, using this "builder" image (which uses Docker-on-Docker pattern): 33 | 34 | ```shell 35 | docker run --rm -t -v /var/run/docker.sock:/var/run/docker.sock -u root -v "$(pwd):$(pwd)" -w "$(pwd)" \ 36 | -e DOCKER_BUILD_CONTAINER_NAME -e DOCKER_IMAGE_NAME -e DOCKER_TEST_CONTAINER_NAME "openio-sds-docker-builder:${SDS_VERSION}" \ 37 | bash ./build.sh 38 | ``` 39 | 40 | Now, execute the test harness on this newly built image: 41 | 42 | ```shell 43 | docker run --rm -t -v /var/run/docker.sock:/var/run/docker.sock -u root -v "$(pwd):$(pwd)" -w "$(pwd)" \ 44 | -e DOCKER_BUILD_CONTAINER_NAME -e DOCKER_IMAGE_NAME -e DOCKER_TEST_CONTAINER_NAME "openio-sds-docker-builder:${SDS_VERSION}" \ 45 | bash ./test.sh 46 | ``` 47 | 48 | Finally, if you want to tag and deploy the image, execute the `deploy.sh` script: 49 | 50 | ```shell 51 | export LATEST=true # Only if you want the image to be tagged as latest, along with current tag 52 | test -n "${DOCKER_IMAGE_NAME}" # Required to select the image to tag 53 | bash ./deploy.sh 54 | ``` 55 | -------------------------------------------------------------------------------- /openio-sds/19.10/build.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | set -eux -o pipefail 4 | 5 | test -n "${DOCKER_BUILD_CONTAINER_NAME}" || { 6 | echo "Error: variable DOCKER_BUILD_CONTAINER_NAME not set. Exiting." 7 | exit 1 8 | } 9 | test -n "${DOCKER_IMAGE_NAME}" || { 10 | echo "Error: variable DOCKER_IMAGE_NAME not set. Exiting." 11 | exit 1 12 | } 13 | 14 | OIOSDS_RELEASE=19.10 15 | CURRENT_DIR="$(cd "$(dirname "$0")" && pwd -P)" 16 | pushd "${CURRENT_DIR}" 17 | 18 | docker run --detach --name="${DOCKER_BUILD_CONTAINER_NAME}" --privileged --volume=/sys/fs/cgroup:/sys/fs/cgroup:ro --hostname openiosds centos/systemd:latest /usr/sbin/init 19 | 20 | rm -rf ansible-playbook-openio-deployment 21 | git clone -b "${OIOSDS_RELEASE}" https://github.com/open-io/ansible-playbook-openio-deployment.git 22 | cp inventory.yml ansible-playbook-openio-deployment/products/sds 23 | pushd ansible-playbook-openio-deployment/products/sds 24 | 25 | #custom inventory 26 | sed -i -e "s@ansible_host: ID@ansible_host: ${DOCKER_BUILD_CONTAINER_NAME}@" inventory.yml 27 | 28 | 29 | # Download roles 30 | ./requirements_install.sh 31 | 32 | # Deploy without bootstrap 33 | ansible all -m package -a name=iproute 34 | 35 | 36 | ansible-playbook -i inventory.yml main.yml --skip-tags checks -e strategy=mitogen_free 37 | 38 | # Fix redis: remove cluster mode 39 | ansible openio -i inventory.yml -m shell -a 'sed -i -e "/slaveof/d" /etc/oio/sds/OPENIO/redis-0/redis.conf; rm /etc/gridinit.d/OPENIO-redissentinel-0.conf' 40 | # Wipe install logs 41 | ansible openio -i inventory.yml -m shell -a "find /var/log/oio -type f | xargs -n1 cp /dev/null" 42 | 43 | popd 44 | # Logs to stdout 45 | ansible node1 -i ansible-playbook-openio-deployment/products/sds/inventory.yml -m copy -a 'src=../commons/rsyslog.conf dest=/etc/rsyslog.d/openio-sds.conf mode=0644' 46 | 47 | # Copy required scripts 48 | ansible node1 -i ansible-playbook-openio-deployment/products/sds/inventory.yml -m copy -a 'src=openio-docker-init.sh dest=/openio-docker-init.sh mode=0755' 49 | ansible node1 -i ansible-playbook-openio-deployment/products/sds/inventory.yml -m copy -a 'src=../commons/sds-healthcheck.sh dest=/usr/local/bin/sds-healthcheck.sh mode=0755' 50 | 51 | docker commit \ 52 | --change='CMD ["/openio-docker-init.sh"]' \ 53 | --change "EXPOSE 6000 6001 6006 6007 6009 6011 6014 6017 6110 6120 6200 6300" \ 54 | --change='HEALTHCHECK --start-period=5s --retries=30 --interval=10s --timeout=2s CMD bash /usr/local/bin/sds-healthcheck.sh' \ 55 | "${DOCKER_BUILD_CONTAINER_NAME}" "${DOCKER_IMAGE_NAME}" 56 | 57 | docker stop "${DOCKER_BUILD_CONTAINER_NAME}" 58 | docker rm -f -v "${DOCKER_BUILD_CONTAINER_NAME}" 59 | -------------------------------------------------------------------------------- /openio-sds/19.10/deploy.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | LATEST=false 4 | 5 | set -eux -o pipefail 6 | 7 | test -n "${DOCKER_IMAGE_NAME}" || { 8 | echo "Error: variable DOCKER_IMAGE_NAME not set. Exiting." 9 | exit 1 10 | } 11 | 12 | DEPLOY_IMAGE_NAME="openio/sds" 13 | DEPLOY_IMAGE_TAG="19.10" 14 | 15 | docker tag "${DOCKER_IMAGE_NAME}" "${DEPLOY_IMAGE_NAME}:${DEPLOY_IMAGE_TAG}" 16 | docker push "${DEPLOY_IMAGE_NAME}:${DEPLOY_IMAGE_TAG}" 17 | 18 | if [ "${LATEST}" == "true" ] 19 | then 20 | docker tag "${DOCKER_IMAGE_NAME}" "${DEPLOY_IMAGE_NAME}:latest" 21 | docker push "${DEPLOY_IMAGE_NAME}:latest" 22 | fi 23 | -------------------------------------------------------------------------------- /openio-sds/19.10/inventory.yml: -------------------------------------------------------------------------------- 1 | --- 2 | all: 3 | hosts: 4 | node1: 5 | ansible_host: ID 6 | openio_data_mounts: 7 | - mountpoint: "/var/lib/oio/sds" 8 | partition: "/dev/vdb" 9 | openio_metadata_mounts: 10 | - mountpoint: "/var/lib/oio/sds" 11 | partition: "/dev/vdb" 12 | vars: 13 | ansible_user: root 14 | ansible_connection: docker 15 | openio_checks_filter: 16 | reachability: false 17 | mountpoint: false 18 | openio_bootstrap: false 19 | openio_maintenance_mode: false 20 | openio_no_log: false 21 | openio_mirror: mirror2.openio.io 22 | 23 | children: 24 | openio: 25 | children: 26 | fronts: {} 27 | backs: {} 28 | 29 | vars: 30 | namespace: OPENIO 31 | namespace_storage_policy: SINGLE 32 | 33 | openio_bind_interface: '{{ ansible_default_ipv4.alias }}' 34 | # bind 127.0.0.1 by default 35 | openio_bind_address: "127.0.0.1" 36 | # Remove zookeeper url 37 | openio_namespace_zookeeper_url: "" 38 | # Reduce service policy for a standalone node 39 | openio_namespace_service_update_policy: 40 | - name: meta2 41 | policy: KEEP 42 | replicas: 1 43 | distance: 1 44 | - name: rdir 45 | policy: KEEP 46 | replicas: 1 47 | distance: 1 48 | openio_rdir_location: "{{ ansible_hostname ~ '.1' }}" 49 | openio_manage_os_requirement: false 50 | openio_account_redis_standalone: "127.0.0.1:6011" 51 | 52 | openio_oioswift_users: 53 | - name: "demo:demo" 54 | password: "DEMO_PASS" 55 | roles: 56 | - admin 57 | 58 | #openio_conscience_multiple_enable: true 59 | #openio_conscience_services_common_timeout: 30 60 | 61 | ######## 62 | # Special needs 63 | # ---- Low memory nodes (ARM, docker, ...) 64 | openio_account_workers: 1 65 | openio_oioswift_workers: 1 66 | openio_event_agent_workers: 1 67 | openio_zookeeper_parallel_gc_threads: 1 68 | openio_zookeeper_memory: "256M" 69 | openio_minimal_score_for_volume_admin_bootstrap: 5 70 | openio_minimal_score_for_directory_bootstrap: 5 71 | # ---- End Low memory nodes 72 | 73 | # Reduce directory size 74 | namespace_meta1_digits: 0 75 | 76 | # what is not used for storage 77 | fronts: 78 | hosts: {} 79 | 80 | # what is used for storage 81 | backs: 82 | hosts: 83 | node1: {} 84 | 85 | ### SDS 86 | account: 87 | children: 88 | backs: {} 89 | 90 | beanstalkd: 91 | children: 92 | backs: {} 93 | 94 | conscience: 95 | hosts: 96 | node1: {} 97 | 98 | conscience-agent: 99 | children: 100 | backs: {} 101 | 102 | ecd: {} 103 | 104 | meta: 105 | children: 106 | meta0: {} 107 | meta1: {} 108 | meta2: {} 109 | 110 | meta0: 111 | hosts: 112 | node1: {} 113 | 114 | meta1: 115 | hosts: 116 | node1: {} 117 | 118 | meta2: 119 | hosts: 120 | node1: {} 121 | 122 | namespace: 123 | children: 124 | openio: {} 125 | vars: 126 | openio_namespace_conscience_url: "{{ hostvars[groups['conscience'][0]]['openio_bind_address'] }}:6000" 127 | 128 | oio-blob-indexer: 129 | children: 130 | backs: {} 131 | 132 | oio-blob-rebuilder: 133 | children: {} 134 | 135 | oio-event-agent: 136 | children: 137 | backs: {} 138 | 139 | oioproxy: 140 | children: 141 | openio: {} 142 | 143 | oioswift: 144 | children: 145 | backs: {} 146 | vars: 147 | openio_oioswift_pipeline: "{{ pipeline_tempauth }}" 148 | openio_oioswift_filter_tempauth: 149 | "{{ {'use': 'egg:oioswift#tempauth'} | combine(openio_oioswift_users | dict_to_tempauth) }}" 150 | rawx: 151 | children: 152 | backs: {} 153 | 154 | rdir: 155 | children: 156 | backs: {} 157 | 158 | redis: 159 | hosts: 160 | node1: {} 161 | 162 | zookeeper: {} 163 | 164 | ### OIOFS 165 | oiofs: 166 | hosts: {} 167 | vars: {} 168 | 169 | oiofs_redis: 170 | hosts: {} 171 | ... 172 | -------------------------------------------------------------------------------- /openio-sds/19.10/jenkins/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM alpine:3.11 2 | 3 | RUN apk add --no-cache \ 4 | bash \ 5 | curl \ 6 | docker-cli \ 7 | git \ 8 | python3 \ 9 | py3-pip \ 10 | && apk --no-cache add --virtual \ 11 | .build-deps \ 12 | python3-dev \ 13 | libffi-dev \ 14 | openssl-dev \ 15 | build-base \ 16 | && python3 -m pip install 'ansible<2.10' netaddr 17 | 18 | ARG MITOGEN_VERSION=0.2.9 19 | RUN curl -sSL "https://networkgenomics.com/try/mitogen-${MITOGEN_VERSION}.tar.gz" -o "/tmp/mitogen-${MITOGEN_VERSION}.tar.gz" \ 20 | && tar -xzf "/tmp/mitogen-${MITOGEN_VERSION}.tar.gz" -C /tmp \ 21 | && mkdir -p /ansible/plugins \ 22 | && cp -r "/tmp/mitogen-${MITOGEN_VERSION}.tar.gz" /ansible/plugins/ \ 23 | && rm -rf /tmp/mitogen* 24 | 25 | COPY ./ansible.cfg /root/.ansible.cfg 26 | -------------------------------------------------------------------------------- /openio-sds/19.10/jenkins/ansible.cfg: -------------------------------------------------------------------------------- 1 | # config file for ansible -- https://ansible.com/ 2 | # =============================================== 3 | 4 | # nearly all parameters can be overridden in ansible-playbook 5 | # or with command line flags. ansible will read ANSIBLE_CONFIG, 6 | # ansible.cfg in the current working directory, .ansible.cfg in 7 | # the home directory or /etc/ansible/ansible.cfg, whichever it 8 | # finds first 9 | 10 | [defaults] 11 | 12 | remote_tmp = /tmp 13 | local_tmp = /tmp 14 | 15 | strategy_plugins = /ansible/plugins/mitogen-0.2.9/ansible_mitogen/plugins/strategy 16 | 17 | host_key_checking = False 18 | 19 | [paramiko_connection] 20 | record_host_keys=False 21 | -------------------------------------------------------------------------------- /openio-sds/19.10/openio-docker-init.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | # Default configuration 4 | NS='OPENIO' 5 | NBREPLICAS=1 6 | TIMEOUT=20 7 | 8 | function prepare(){ 9 | mkdir /run/gridinit 10 | install -d -o openio -g openio -m 750 /run/oio/sds/OPENIO/ 11 | } 12 | 13 | function update_swift_credentials(){ 14 | if [ ! -z "${SWIFT_CREDENTIALS}" ]; then 15 | # Remove default credentials 16 | sed -i -e '/user_demo_demo = DEMO_PASS .member/d' \ 17 | /etc/oio/sds/OPENIO/oioswift-0/proxy-server.conf 18 | # Add credentials to the Swift proxy configuration 19 | IFS=',' read -r -a swiftcreds <<< "${SWIFT_CREDENTIALS}" 20 | for creds in "${swiftcreds[@]}" 21 | do 22 | echo "> Adding Openstack Swift credentials $creds" 23 | IFS=':' read -r -a cred <<< "$creds" 24 | sed -i -e "s@^use = egg:oioswift#tempauth\$@use = egg:oioswift#tempauth\nuser_${cred[0]}_${cred[1]} = ${cred[2]} ${cred[3]}@" \ 25 | /etc/oio/sds/OPENIO/oioswift-0/proxy-server.conf 26 | if [ "${creds}" == "${swiftcreds[0]}" ]; then 27 | sed -i -e "s@aws_access_key_id = demo:demo@aws_access_key_id = ${cred[0]}:${cred[1]}@" /root/.aws/credentials 28 | sed -i -e "s@aws_secret_access_key = DEMO_PASS@aws_secret_access_key = ${cred[2]}@" /root/.aws/credentials 29 | AKEY="${cred[0]}:${cred[1]}" 30 | SKEY="${cred[2]}" 31 | fi 32 | done 33 | else 34 | AKEY="demo:demo" 35 | SKEY="DEMO_PASS" 36 | fi 37 | } 38 | 39 | function set_region(){ 40 | if [ ! -z "${REGION}" ]; then 41 | echo "> Change S3 region" 42 | sed -i -e "s@location = us-east-1@location = ${REGION}@" /etc/oio/sds/OPENIO/oioswift-0/proxy-server.conf 43 | sed -i -e "s@region = us-east-1@region = ${REGION}@" /root/.aws/config 44 | else 45 | REGION="us-east-1" 46 | fi 47 | } 48 | 49 | function set_workers(){ 50 | if [ ! -z "${WORKERS}" ]; then 51 | echo "> Change S3 workers" 52 | sed -i -e "s@workers = 1@workers = ${WORKERS}@" /etc/oio/sds/OPENIO/oioswift-0/proxy-server.conf 53 | else 54 | WORKERS="1" 55 | fi 56 | } 57 | 58 | function add_meta2(){ 59 | if [ ! -z "${SUPPL_M2}" ]; then 60 | echo "> Add supplementaries meta2" 61 | for i in $(seq 1 $SUPPL_M2); do 62 | # meta2 63 | install -d -o openio -g openio -m 755 /var/lib/oio/sds/OPENIO/meta2-$i 64 | cp -a -r /etc/oio/sds/OPENIO/meta2-0/ /etc/oio/sds/OPENIO/meta2-${i} 65 | mv /etc/oio/sds/OPENIO/meta2-${i}/meta2-0.conf /etc/oio/sds/OPENIO/meta2-${i}/meta2-${i}.conf 66 | cp -a /etc/gridinit.d/OPENIO-meta2-0.conf /etc/gridinit.d/OPENIO-meta2-${i}.conf 67 | sed -i \ 68 | -e "s/meta2-0/meta2-$i/g" -e "s/6120/$((6120 + $i))/" \ 69 | -e "s/OPENIO,meta2,0/OPENIO,meta2,$i/" \ 70 | /etc/gridinit.d/OPENIO-meta2-$i.conf 71 | cp -a /etc/oio/sds/OPENIO/watch/meta2-0.yml /etc/oio/sds/OPENIO/watch/meta2-$i.yml 72 | sed -i \ 73 | -e "s/meta2-0/meta2-$i/g" \ 74 | -e "s/6120/$((6120 + $i))/" \ 75 | -e "s@location: openiosds.0@location: openiosds.$i@" \ 76 | /etc/oio/sds/OPENIO/watch/meta2-$i.yml 77 | 78 | # rdir 79 | install -d -o openio -g openio -m 755 /var/lib/oio/sds/OPENIO/rdir-$i 80 | sed -i \ 81 | -e "s@location: openiosds.1@location: openiosds.0@" \ 82 | /etc/oio/sds/OPENIO/watch/rdir-0.yml 83 | install -d -o openio -g openio -m 755 /var/lib/oio/sds/OPENIO/rdir-$i 84 | cp -a -r /etc/oio/sds/OPENIO/rdir-0/ /etc/oio/sds/OPENIO/rdir-${i} 85 | mv /etc/oio/sds/OPENIO/rdir-${i}/rdir-0.conf /etc/oio/sds/OPENIO/rdir-${i}/rdir-${i}.conf 86 | sed -i \ 87 | -e "s/6300/$((6300 + $i))/" \ 88 | -e "s/rdir-0/rdir-$i/" -e "s/rdir,0/rdir,$i/" \ 89 | /etc/oio/sds/OPENIO/rdir-${i}/rdir-${i}.conf 90 | cp -a /etc/gridinit.d/OPENIO-rdir-0.conf /etc/gridinit.d/OPENIO-rdir-${i}.conf 91 | sed -i \ 92 | -e "s/rdir-0/rdir-$i/g" \ 93 | -e "s/6300/$((6300 + $i))/" \ 94 | -e "s/OPENIO,rdir,0/OPENIO,rdir,$i/" \ 95 | /etc/gridinit.d/OPENIO-rdir-$i.conf 96 | cp -a /etc/oio/sds/OPENIO/watch/rdir-0.yml /etc/oio/sds/OPENIO/watch/rdir-$i.yml 97 | sed -i \ 98 | -e "s/rdir-0/rdir-$i/g" \ 99 | -e "s/6300/$((6300 + $i))/" \ 100 | -e "s@location: openiosds.0@location: openiosds.$i@" \ 101 | /etc/oio/sds/OPENIO/watch/rdir-$i.yml 102 | 103 | done 104 | 105 | fi 106 | } 107 | 108 | # Initialize OpenIO cluster 109 | function initcluster(){ 110 | echo "# Initializing the OpenIO cluster" 111 | 112 | # Temporarily disabling the swift gateway, to avoid answering when not completely setup 113 | sed -i -e 's/^enabled=.*$/enabled=false/' /etc/gridinit.d/OPENIO-oioswift-0.conf 114 | 115 | rm /etc/oio/sds/OPENIO/conscience-0/conscience-0-persistence.dat 116 | echo "> Starting services" 117 | /usr/bin/gridinit -d /etc/gridinit.conf >/dev/null 2>&1 118 | 119 | echo "> Waiting for the services to start ..." 120 | etime_start=$(date +"%s") 121 | etime_end=$((${etime_start} + ${TIMEOUT})) 122 | nbmeta1=0 123 | while [ $(date +"%s") -le ${etime_end} -a ${nbmeta1} -lt ${NBREPLICAS} ] 124 | do 125 | sleep 2 126 | # Count registered meta1 127 | nbmeta1=$(/usr/bin/openio --oio-ns=${NS} cluster list meta1 -f value -c Addr|wc -l) 128 | done 129 | if [ ${nbmeta1} -ne ${NBREPLICAS} ]; then 130 | echo "Error: Install script did not found ${NBREPLICAS} meta1 services registered. Return: ${nbmeta1}" 131 | exit 1 132 | fi 133 | etime_start=$(date +"%s") 134 | etime_end=$((${etime_start} + ${TIMEOUT})) 135 | score=0 136 | while [ $(date +"%s") -le ${etime_end} -a ${score} -eq 0 ] 137 | do 138 | /usr/bin/openio --oio-ns=${NS} cluster unlockall >/dev/null 2>&1 139 | sleep 5 140 | score=$(/usr/bin/openio --oio-ns=${NS} cluster list meta1 -f value -c Score || echo 0) 141 | done 142 | if [ ${score} -eq 0 ]; then 143 | echo "Error: Unlocking scores failed. Unable to bootstrap namespace. Return: Meta1 score = ${score}" 144 | exit 1 145 | fi 146 | 147 | # Initialize meta1 with 3 replicas on the same server 148 | echo "> Bootstrapping directory ..." 149 | /usr/bin/openio --oio-ns=${NS} directory bootstrap --replicas ${NBREPLICAS} || \ 150 | (echo "Error: Directory bootstrap failed. Aborting." ; exit 1) 151 | 152 | echo "> Bootstrapping Reverse Directory and rawx for namespace ${NS}" 153 | /usr/bin/openio --oio-ns=${NS} rdir bootstrap rawx || 154 | (echo "Error: Directory bootstrap failed. Aborting." ; exit 1) 155 | echo "> Bootstrapping Reverse Directory and meta2 for namespace ${NS}" 156 | /usr/bin/openio --oio-ns=${NS} rdir bootstrap meta2 || 157 | (echo "Error: Directory bootstrap failed. Aborting." ; exit 1) 158 | 159 | # Stopping services 160 | echo "> Stopping services ..." 161 | gridinit_pid=$(cat /run/gridinit/gridinit.pid) 162 | kill "${gridinit_pid}" >/dev/null 2>&1 163 | /usr/bin/timeout "30s" tail --pid="${gridinit_pid}" -f /dev/null || kill -s 9 "${gridinit_pid}" 164 | 165 | } 166 | 167 | function set_unlock(){ 168 | sed -i -e "/^\[type:/a lock_at_first_register=false" /etc/oio/sds/*/conscience-*/conscience-*-services.conf 169 | } 170 | 171 | function unlock(){ 172 | echo "> Unlocking scores ..." 173 | etime_start=$(date +"%s") 174 | etime_end=$((${etime_start} + ${TIMEOUT})) 175 | nbscore=1 176 | while [ $(date +"%s") -le ${etime_end} -a ${nbscore} -gt 0 ] 177 | do 178 | /usr/bin/openio --oio-ns=${NS} cluster unlockall >/dev/null 2>&1 179 | sleep 5 180 | nbscore=$(/usr/bin/openio --oio-ns=${NS} cluster list -f value -c Score|grep -c -e '^0$') 181 | done 182 | if [ ${nbscore} -gt 0 ]; then 183 | echo "Error: Unlocking scores failed." 184 | exit 1 185 | fi 186 | } 187 | 188 | function gridinit_start(){ 189 | echo "> Starting services ..." 190 | pkill -0 -F /run/gridinit/gridinit.pid >/dev/null 2>&1 || \ 191 | exec /usr/bin/gridinit /etc/gridinit.conf 192 | } 193 | 194 | function keystone_config(){ 195 | if [ ! -z "$KEYSTONE_ENABLED" ]; then 196 | echo "Setting up Openstack Keystone authentication" 197 | : "${KEYSTONE_URI:=${IPADDR}:5000}" 198 | : "${KEYSTONE_URL:=${IPADDR}:35357}" 199 | : "${SWIFT_USERNAME:=swift}" 200 | : "${SWIFT_PASSWORD:=SWIFT_PASS}" 201 | sed -i -e "/filter:tempauth/i [filter:s3token]\ndelay_auth_decision = True\nauth_uri = http://${KEYSTONE_URL}/\nuse = egg:swift3#s3token\n\n[filter:authtoken]\nauth_type = password\nusername = ${SWIFT_USERNAME}\nproject_name = service\nregion_name = ${REGION}\nuser_domain_id = default\nmemcache_secret_key = memcache_secret_key\npaste.filter_factory = keystonemiddleware.auth_token:filter_factory\ninsecure = True\ncache = swift.cache\ndelay_auth_decision = True\ntoken_cache_time = 300\nauth_url =http://${KEYSTONE_URL}\ninclude_service_catalog = False\nwww_authenticate_uri = http://${KEYSTONE_URI}\nmemcached_servers = ${IPADDR}:6019\npassword = ${SWIFT_PASSWORD}\nrevocation_cache_time = 60\nmemcache_security_strategy = ENCRYPT\nproject_domain_id = default\n\n[filter:keystoneauth]\nuse = egg:swift#keystoneauth\noperator_roles = admin,swiftoperator,_member_\n" /etc/oio/sds/OPENIO/oioswift-0/proxy-server.conf 202 | sed -i -e '/filter:tempauth/,+2d' /etc/oio/sds/OPENIO/oioswift-0/proxy-server.conf 203 | sed -i -e 's@^pipeline =.*@pipeline = catch_errors gatekeeper healthcheck proxy-logging cache bulk tempurl proxy-logging authtoken swift3 s3token keystoneauth proxy-logging copy container-quotas account-quotas slo dlo versioned_writes proxy-logging proxy-server@' /etc/oio/sds/OPENIO/oioswift-0/proxy-server.conf 204 | fi 205 | } 206 | 207 | ### Main 208 | 209 | prepare 210 | 211 | # Firstboot script to setup OpenIO configuration 212 | if [ ! -f /etc/oio/sds/firstboot ]; then 213 | echo "# Firstboot: Setting up the OpenIO cluster" 214 | if [ ! -z "${OPENIO_IPADDR}" ]; then 215 | IPADDR=${OPENIO_IPADDR} 216 | elif [ ! -z "${OPENIO_IFDEV}" ]; then 217 | IPADDR=$(ip -4 addr show ${OPENIO_IFDEV} | awk '/inet/ {print $2}' | sed 's#/.*##') 218 | if [ -z "${IPADDR}" ]; then 219 | echo "Error: Failed to get IP for device ${OPENIO_IFDEV}" 220 | fi 221 | else 222 | IPADDR=$(ip -4 addr show | grep -v 127.0.0.1 | awk '/inet/ {print $2}' | sed 's#/.*##') 223 | fi 224 | 225 | # Update Swift credentials 226 | update_swift_credentials 227 | set_region 228 | set_workers 229 | keystone_config 230 | 231 | # Add supplementaries meta2 232 | add_meta2 233 | 234 | # Update listenning address 235 | if [ ! -z "${IPADDR}" ]; then 236 | echo "> Using ${IPADDR} IP address for services" 237 | /usr/bin/find /etc/oio /etc/gridinit.d /root /usr/bin/openio-basic-checks -type f -print0 | xargs --no-run-if-empty -0 sed -i "s/127.0.0.1/${IPADDR}/g" 238 | fi 239 | 240 | # Deploy OpenIO 241 | initcluster 242 | 243 | # Unlock services 244 | set_unlock 245 | 246 | # Firstboot is done 247 | touch /etc/oio/sds/firstboot 248 | fi 249 | 250 | # Re-enabling the swift gateway, now that it's ready 251 | sed -i -e 's/^enabled=.*$/enabled=true/' /etc/gridinit.d/OPENIO-oioswift-0.conf 252 | 253 | # Activate logs 254 | /usr/sbin/rsyslogd 255 | 256 | echo " 257 | .oo. .ooo. OIO Conscience: ${IPADDR}:6000 258 | .ooooo. o ..oo. OIO Proxy: ${IPADDR}:6006 259 | .oooo. .oo. .o. 260 | .oooo. .o+ .o. S3 Endpoint: http://${IPADDR}:6007 261 | iooo. .o..oo S3 Region: ${REGION} 262 | oooo .o, :o S3 SSL: False 263 | oooi .o: .o S3 Signature: s3v4 264 | iooo. .o..oo S3 Access bucket: path-style 265 | .oooo. .oo .o. S3 Access key: ${AKEY} 266 | .oooo. .oo. .o. S3 Secret key: ${SKEY} 267 | .ooooo. o...oo. 268 | .ooo. .ioo.. Visit https://docs.openio.io/latest/source/integrations for more informations. 269 | " 270 | 271 | # start gridinit 272 | gridinit_start 273 | -------------------------------------------------------------------------------- /openio-sds/19.10/test.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | set -eux -o pipefail 4 | 5 | CURRENT_DIR="$(cd "$(dirname "$0")" && pwd -P)" 6 | 7 | test -n "${DOCKER_TEST_CONTAINER_NAME}" || { 8 | echo "Error: variable DOCKER_TEST_CONTAINER_NAME not set. Exiting." 9 | exit 1 10 | } 11 | test -n "${DOCKER_IMAGE_NAME}" || { 12 | echo "Error: variable DOCKER_IMAGE_NAME not set. Exiting." 13 | exit 1 14 | } 15 | 16 | clean_sut() { 17 | docker kill "${1}" 18 | docker rm -f "${1}" 19 | docker system prune -f --volumes 20 | } 21 | 22 | # Launch an openio-sds container to test 23 | clean_sut "${DOCKER_TEST_CONTAINER_NAME}" || true # Never fail cleanup 24 | docker run -d --name "${DOCKER_TEST_CONTAINER_NAME}" "${DOCKER_IMAGE_NAME}" 25 | 26 | # Build the tester image 27 | TESTER_IMAGE_NAME=openio-sds-tester 28 | docker build -t "${TESTER_IMAGE_NAME}" "${CURRENT_DIR}"/../tester/ 29 | 30 | # Run tests 31 | docker run --rm -t \ 32 | --network="container:${DOCKER_TEST_CONTAINER_NAME}" \ 33 | -e "SUT_ID=${DOCKER_TEST_CONTAINER_NAME}" \ 34 | -e SUT_IP="$(docker inspect -f '{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' "${DOCKER_TEST_CONTAINER_NAME}")" \ 35 | -v /var/run/docker.sock:/var/run/docker.sock \ 36 | "${TESTER_IMAGE_NAME}" \ 37 | || { 38 | echo "== Tests failure: please check SUT logs below:" 39 | docker logs "${DOCKER_TEST_CONTAINER_NAME}" 40 | echo "==============================================" 41 | clean_sut "${DOCKER_TEST_CONTAINER_NAME}" || true # Never fail cleanup 42 | exit 1 43 | } 44 | clean_sut "${DOCKER_TEST_CONTAINER_NAME}" || true # Never fail cleanup 45 | -------------------------------------------------------------------------------- /openio-sds/20.04/DOCKERHUB_DESC.md: -------------------------------------------------------------------------------- 1 | # OpenIO SDS Docker Image 2 | 3 | ## Get Started 4 | 5 | * [Documentation for docker image](https://docs.openio.io/latest/source/sandbox-guide/docker_image.html) 6 | * [What is OpenIO](https://docs.openio.io/latest/source/arch-design/overview.html) 7 | * Run this image: 8 | 9 | ```shell 10 | docker run openio/sds:latest 11 | ``` 12 | 13 | ## Quick References 14 | 15 | * Maintained by: [OpenIO](https://openio.io) 16 | * Where to get help: the [Openio Community Slack](https://openio-community.slack.com) 17 | 18 | ## Supported Tags and Sources Links 19 | 20 | * [`20.04/latest`](https://github.com/open-io/dockerfiles/tree/master/openio-sds/20.04) 21 | * [`19.10`](https://github.com/open-io/dockerfiles/tree/master/openio-sds/19.10) 22 | * [`19.04`](https://github.com/open-io/dockerfiles/tree/master/openio-sds/19.04) 23 | * [`18.10`](https://github.com/open-io/dockerfiles/tree/master/openio-sds/18.10) 24 | 25 | ## License 26 | 27 | [GNU AFFERO GENERAL PUBLIC LICENSE](https://github.com/open-io/oio-sds/blob/master/LICENCE.agpl3) 28 | -------------------------------------------------------------------------------- /openio-sds/20.04/README.md: -------------------------------------------------------------------------------- 1 | # openio/sds 2 | 3 | Build Docker image based on [ansible playbook](https://github.com/open-io/ansible-playbook-openio-deployment) 4 | 5 | ## How to get this image from the hub 6 | 7 | To get the latest built of this version on the [docker hub](https://hub.docker.com/r/openio/sds) 8 | 9 | ```shell 10 | docker pull openio/sds:20.04 11 | ``` 12 | 13 | ## How to (re-)build this image 14 | 15 | First set up the environement: 16 | 17 | ```shell 18 | # Configure build 19 | export SDS_VERSION=20.04 20 | export DOCKER_IMAGE_NAME="openio-sds-${SDS_VERSION}" 21 | export DOCKER_BUILD_CONTAINER_NAME="openio-sds-${SDS_VERSION}-build" 22 | export DOCKER_TEST_CONTAINER_NAME="openio-sds-${SDS_VERSION}-test" 23 | 24 | # Get the source 25 | git clone https://github.com/open-io/dockerfiles.git 26 | cd "./dockerfiles/" 27 | 28 | # Generate the builder image, which holds all the required tooling in the correct versions 29 | docker build -t "openio-sds-docker-builder:${SDS_VERSION}" "./openio-sds/${SDS_VERSION}/jenkins/" 30 | ``` 31 | 32 | Then, execute the build step, using this "builder" image (which uses Docker-on-Docker pattern): 33 | 34 | ```shell 35 | docker run --rm -t -v /var/run/docker.sock:/var/run/docker.sock -u root -v "$(pwd):$(pwd)" -w "$(pwd)" \ 36 | -e DOCKER_BUILD_CONTAINER_NAME -e DOCKER_IMAGE_NAME "openio-sds-docker-builder:${SDS_VERSION}" \ 37 | bash "./openio-sds/${SDS_VERSION}/build.sh" 38 | ``` 39 | 40 | Now, execute the test harness on this newly built image: 41 | 42 | ```shell 43 | docker run --rm -t -v /var/run/docker.sock:/var/run/docker.sock -u root -v "$(pwd):$(pwd)" -w "$(pwd)" \ 44 | -e DOCKER_BUILD_CONTAINER_NAME -e DOCKER_IMAGE_NAME -e DOCKER_TEST_CONTAINER_NAME "openio-sds-docker-builder:${SDS_VERSION}" \ 45 | bash "./openio-sds/${SDS_VERSION}/test.sh" 46 | ``` 47 | 48 | Finally, if you want to tag and deploy the image, execute the `deploy.sh` script: 49 | 50 | ```shell 51 | export LATEST=true # Only if you want the image to be tagged as latest, along with current tag 52 | test -n "${DOCKER_IMAGE_NAME}" # Required to select the image to tag 53 | bash ./deploy.sh 54 | ``` 55 | -------------------------------------------------------------------------------- /openio-sds/20.04/build.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | set -eux -o pipefail 4 | 5 | test -n "${DOCKER_BUILD_CONTAINER_NAME}" || { 6 | echo "Error: variable DOCKER_BUILD_CONTAINER_NAME not set. Exiting." 7 | exit 1 8 | } 9 | test -n "${DOCKER_IMAGE_NAME}" || { 10 | echo "Error: variable DOCKER_IMAGE_NAME not set. Exiting." 11 | exit 1 12 | } 13 | 14 | OIOSDS_RELEASE=20.04 15 | CURRENT_DIR="$(cd "$(dirname "$0")" && pwd -P)" 16 | pushd "${CURRENT_DIR}" 17 | 18 | docker run --detach --name="${DOCKER_BUILD_CONTAINER_NAME}" --privileged --volume=/sys/fs/cgroup:/sys/fs/cgroup:ro --hostname openiosds centos/systemd:latest /usr/sbin/init 19 | 20 | rm -rf ansible-playbook-openio-deployment 21 | git clone -b "${OIOSDS_RELEASE}" https://github.com/open-io/ansible-playbook-openio-deployment.git 22 | cp inventory.yml ansible-playbook-openio-deployment/products/sds 23 | pushd ansible-playbook-openio-deployment/products/sds 24 | 25 | #custom inventory 26 | sed -i -e "s@ansible_host: ID@ansible_host: ${DOCKER_BUILD_CONTAINER_NAME}@" inventory.yml 27 | 28 | 29 | # Download roles 30 | ./requirements_install.sh 31 | 32 | # Deploy without bootstrap 33 | ansible all -m package -a name=iproute 34 | 35 | 36 | ansible-playbook -i inventory.yml main.yml --skip-tags checks -e strategy=mitogen_free 37 | 38 | # Fix redis: remove cluster mode 39 | ansible openio -i inventory.yml -m shell -a 'sed -i -e "/slaveof/d" /etc/oio/sds/OPENIO/redis-0/redis.conf; rm /etc/gridinit.d/OPENIO-redissentinel-0.conf' 40 | # Wipe install logs 41 | ansible openio -i inventory.yml -m shell -a "find /var/log/oio -type f | xargs -n1 cp /dev/null" 42 | 43 | popd 44 | 45 | ansible node1 -i ansible-playbook-openio-deployment/products/sds/inventory.yml -m lineinfile -a 'path=/etc/oio/sds/OPENIO/watch/rdir-0.yml regexp="location: openiosds.0" line="location: openiosds.1"' 46 | 47 | # Logs to stdout 48 | ansible node1 -i ansible-playbook-openio-deployment/products/sds/inventory.yml -m copy -a 'src=../commons/rsyslog.conf dest=/etc/rsyslog.d/openio-sds.conf mode=0644' 49 | 50 | # Copy required scripts 51 | ansible node1 -i ansible-playbook-openio-deployment/products/sds/inventory.yml -m copy -a 'src=openio-docker-init.sh dest=/openio-docker-init.sh mode=0755' 52 | ansible node1 -i ansible-playbook-openio-deployment/products/sds/inventory.yml -m copy -a 'src=../commons/sds-healthcheck.sh dest=/usr/local/bin/sds-healthcheck.sh mode=0755' 53 | 54 | docker commit \ 55 | --change='CMD ["/openio-docker-init.sh"]' \ 56 | --change "EXPOSE 6000 6001 6006 6007 6009 6011 6014 6017 6110 6120 6200 6300" \ 57 | --change='HEALTHCHECK --start-period=5s --retries=30 --interval=10s --timeout=2s CMD bash /usr/local/bin/sds-healthcheck.sh' \ 58 | "${DOCKER_BUILD_CONTAINER_NAME}" "${DOCKER_IMAGE_NAME}" 59 | 60 | docker stop "${DOCKER_BUILD_CONTAINER_NAME}" 61 | docker rm -f -v "${DOCKER_BUILD_CONTAINER_NAME}" 62 | -------------------------------------------------------------------------------- /openio-sds/20.04/deploy.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | LATEST=true 4 | CURRENT_DIR="$(cd "$(dirname "$0")" && pwd -P)" 5 | 6 | set -eux -o pipefail 7 | 8 | test -n "${DOCKER_IMAGE_NAME}" || { 9 | echo "Error: variable DOCKER_IMAGE_NAME not set. Exiting." 10 | exit 1 11 | } 12 | 13 | DEPLOY_IMAGE_NAME="openio/sds" 14 | DEPLOY_IMAGE_TAG="20.04" 15 | 16 | docker tag "${DOCKER_IMAGE_NAME}" "${DEPLOY_IMAGE_NAME}:${DEPLOY_IMAGE_TAG}" 17 | docker push "${DEPLOY_IMAGE_NAME}:${DEPLOY_IMAGE_TAG}" 18 | 19 | if [ "${LATEST}" == "true" ] 20 | then 21 | docker tag "${DOCKER_IMAGE_NAME}" "${DEPLOY_IMAGE_NAME}:latest" 22 | docker push "${DEPLOY_IMAGE_NAME}:latest" 23 | 24 | test -n "${DOCKER_HUB_USR}" || { 25 | echo "Error: variable DOCKER_HUB_USR not set. Exiting." 26 | exit 1 27 | } 28 | 29 | test -n "${DOCKER_HUB_PSW}" || { 30 | echo "Error: variable DOCKER_HUB_PSW not set. Exiting." 31 | exit 1 32 | } 33 | 34 | ## Update README 35 | README_FILEPATH="${CURRENT_DIR}/DOCKERHUB_DESC.md" 36 | 37 | echo "Acquiring token" 38 | LOGIN_PAYLOAD="$(jq -n --arg username "$DOCKER_HUB_USR" --arg password "$DOCKER_HUB_PSW" '{username: $username, password: $password}')" 39 | TOKEN="$(curl -s -H "Content-Type: application/json" -X POST -d "${LOGIN_PAYLOAD}" https://hub.docker.com/v2/users/login/ | jq -r .token)" 40 | 41 | # Send a PATCH request to update the description of the repository 42 | echo "Sending PATCH request" 43 | REPO_URL="https://hub.docker.com/v2/repositories/openio/sds/" 44 | RESPONSE_CODE="$(curl -s --write-out '%{response_code}' --output /dev/null -H "Authorization: JWT ${TOKEN}" -X PATCH --data-urlencode full_description@"${README_FILEPATH}" "${REPO_URL}")" 45 | echo "Received response code: $RESPONSE_CODE" 46 | 47 | if [ "${RESPONSE_CODE}" -eq 200 ]; then 48 | exit 0 49 | else 50 | exit 1 51 | fi 52 | 53 | 54 | 55 | fi 56 | 57 | -------------------------------------------------------------------------------- /openio-sds/20.04/inventory.yml: -------------------------------------------------------------------------------- 1 | --- 2 | all: 3 | hosts: 4 | node1: 5 | ansible_host: ID 6 | openio_data_mounts: 7 | - mountpoint: "/var/lib/oio/sds" 8 | partition: "/dev/vdb" 9 | openio_metadata_mounts: 10 | - mountpoint: "/var/lib/oio/sds" 11 | partition: "/dev/vdb" 12 | vars: 13 | ansible_user: root 14 | ansible_connection: docker 15 | openio_checks_filter: 16 | reachability: false 17 | mountpoint: false 18 | openio_bootstrap: false 19 | openio_maintenance_mode: false 20 | openio_no_log: false 21 | openio_mirror: mirror2.openio.io 22 | 23 | children: 24 | openio: 25 | children: 26 | fronts: {} 27 | backs: {} 28 | 29 | vars: 30 | namespace: OPENIO 31 | namespace_storage_policy: SINGLE 32 | 33 | openio_bind_interface: '{{ ansible_default_ipv4.alias }}' 34 | # bind 127.0.0.1 by default 35 | openio_bind_address: "127.0.0.1" 36 | # Remove zookeeper url 37 | openio_namespace_zookeeper_url: "" 38 | # Reduce service policy for a standalone node 39 | openio_namespace_service_update_policy: 40 | - name: meta2 41 | policy: KEEP 42 | replicas: 1 43 | distance: 1 44 | - name: rdir 45 | policy: KEEP 46 | replicas: 1 47 | distance: 1 48 | openio_manage_os_requirement: false 49 | openio_account_redis_standalone: "127.0.0.1:6011" 50 | 51 | openio_oioswift_users: 52 | - name: "demo:demo" 53 | password: "DEMO_PASS" 54 | roles: 55 | - admin 56 | 57 | #openio_conscience_multiple_enable: true 58 | #openio_conscience_services_common_timeout: 30 59 | 60 | ######## 61 | # Special needs 62 | # ---- Low memory nodes (ARM, docker, ...) 63 | openio_account_workers: 1 64 | openio_oioswift_workers: 1 65 | openio_event_agent_workers: 1 66 | openio_zookeeper_parallel_gc_threads: 1 67 | openio_zookeeper_memory: "256M" 68 | openio_minimal_score_for_volume_admin_bootstrap: 5 69 | openio_minimal_score_for_directory_bootstrap: 5 70 | # ---- End Low memory nodes 71 | 72 | # Reduce directory size 73 | namespace_meta1_digits: 0 74 | 75 | # what is not used for storage 76 | fronts: 77 | hosts: {} 78 | 79 | # what is used for storage 80 | backs: 81 | hosts: 82 | node1: {} 83 | 84 | ### SDS 85 | account: 86 | children: 87 | backs: {} 88 | 89 | beanstalkd: 90 | children: 91 | backs: {} 92 | 93 | conscience: 94 | hosts: 95 | node1: {} 96 | 97 | conscience-agent: 98 | children: 99 | backs: {} 100 | 101 | ecd: {} 102 | 103 | meta: 104 | children: 105 | meta0: {} 106 | meta1: {} 107 | meta2: {} 108 | 109 | meta0: 110 | hosts: 111 | node1: {} 112 | 113 | meta1: 114 | hosts: 115 | node1: {} 116 | 117 | meta2: 118 | hosts: 119 | node1: {} 120 | 121 | namespace: 122 | children: 123 | openio: {} 124 | vars: 125 | openio_namespace_conscience_url: "{{ hostvars[groups['conscience'][0]]['openio_bind_address'] }}:6000" 126 | 127 | oio-blob-indexer: 128 | children: 129 | backs: {} 130 | 131 | oio-blob-rebuilder: 132 | children: {} 133 | 134 | oio-event-agent: 135 | children: 136 | backs: {} 137 | 138 | oioproxy: 139 | children: 140 | openio: {} 141 | 142 | oioswift: 143 | children: 144 | backs: {} 145 | vars: 146 | openio_oioswift_pipeline: "{{ pipeline_tempauth }}" 147 | openio_oioswift_filter_tempauth: 148 | "{{ {'use': 'egg:oioswift#tempauth'} | combine(openio_oioswift_users | dict_to_tempauth) }}" 149 | rawx: 150 | children: 151 | backs: {} 152 | 153 | rdir: 154 | children: 155 | backs: {} 156 | 157 | redis: 158 | hosts: 159 | node1: {} 160 | 161 | zookeeper: {} 162 | 163 | ### OIOFS 164 | oiofs: 165 | hosts: {} 166 | vars: {} 167 | 168 | oiofs_redis: 169 | hosts: {} 170 | ... 171 | -------------------------------------------------------------------------------- /openio-sds/20.04/jenkins/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM alpine:3.11 2 | 3 | RUN apk add --no-cache \ 4 | bash \ 5 | curl \ 6 | docker-cli \ 7 | jq \ 8 | git \ 9 | python3 \ 10 | py3-pip \ 11 | && apk --no-cache add --virtual \ 12 | .build-deps \ 13 | python3-dev \ 14 | libffi-dev \ 15 | openssl-dev \ 16 | build-base \ 17 | && python3 -m pip install 'ansible<2.10' netaddr 18 | 19 | ARG MITOGEN_VERSION=0.2.9 20 | RUN curl -sSL "https://networkgenomics.com/try/mitogen-${MITOGEN_VERSION}.tar.gz" -o "/tmp/mitogen-${MITOGEN_VERSION}.tar.gz" \ 21 | && tar -xzf "/tmp/mitogen-${MITOGEN_VERSION}.tar.gz" -C /tmp \ 22 | && mkdir -p /ansible/plugins \ 23 | && cp -r "/tmp/mitogen-${MITOGEN_VERSION}.tar.gz" /ansible/plugins/ \ 24 | && rm -rf /tmp/mitogen* 25 | 26 | COPY ./ansible.cfg /root/.ansible.cfg 27 | -------------------------------------------------------------------------------- /openio-sds/20.04/jenkins/ansible.cfg: -------------------------------------------------------------------------------- 1 | # config file for ansible -- https://ansible.com/ 2 | # =============================================== 3 | 4 | # nearly all parameters can be overridden in ansible-playbook 5 | # or with command line flags. ansible will read ANSIBLE_CONFIG, 6 | # ansible.cfg in the current working directory, .ansible.cfg in 7 | # the home directory or /etc/ansible/ansible.cfg, whichever it 8 | # finds first 9 | 10 | [defaults] 11 | 12 | remote_tmp = /tmp 13 | local_tmp = /tmp 14 | 15 | strategy_plugins = /ansible/plugins/mitogen-0.2.9/ansible_mitogen/plugins/strategy 16 | 17 | host_key_checking = False 18 | 19 | [paramiko_connection] 20 | record_host_keys=False 21 | -------------------------------------------------------------------------------- /openio-sds/20.04/openio-docker-init.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | # Default configuration 4 | NS='OPENIO' 5 | NBREPLICAS=1 6 | TIMEOUT=20 7 | 8 | function prepare(){ 9 | mkdir /run/gridinit 10 | install -d -o openio -g openio -m 750 /run/oio/sds/OPENIO/ 11 | } 12 | 13 | function update_swift_credentials(){ 14 | if [ ! -z "${SWIFT_CREDENTIALS}" ]; then 15 | # Remove default credentials 16 | sed -i -e '/user_demo_demo = DEMO_PASS .member/d' \ 17 | /etc/oio/sds/OPENIO/oioswift-0/proxy-server.conf 18 | # Add credentials to the Swift proxy configuration 19 | IFS=',' read -r -a swiftcreds <<< "${SWIFT_CREDENTIALS}" 20 | for creds in "${swiftcreds[@]}" 21 | do 22 | echo "> Adding Openstack Swift credentials $creds" 23 | IFS=':' read -r -a cred <<< "$creds" 24 | sed -i -e "s@^use = egg:oioswift#tempauth\$@use = egg:oioswift#tempauth\nuser_${cred[0]}_${cred[1]} = ${cred[2]} ${cred[3]}@" \ 25 | /etc/oio/sds/OPENIO/oioswift-0/proxy-server.conf 26 | if [ "${creds}" == "${swiftcreds[0]}" ]; then 27 | sed -i -e "s@aws_access_key_id = demo:demo@aws_access_key_id = ${cred[0]}:${cred[1]}@" /root/.aws/credentials 28 | sed -i -e "s@aws_secret_access_key = DEMO_PASS@aws_secret_access_key = ${cred[2]}@" /root/.aws/credentials 29 | AKEY="${cred[0]}:${cred[1]}" 30 | SKEY="${cred[2]}" 31 | fi 32 | done 33 | else 34 | AKEY="demo:demo" 35 | SKEY="DEMO_PASS" 36 | fi 37 | } 38 | 39 | function set_region(){ 40 | if [ ! -z "${REGION}" ]; then 41 | echo "> Change S3 region" 42 | sed -i -e "s@location = us-east-1@location = ${REGION}@" /etc/oio/sds/OPENIO/oioswift-0/proxy-server.conf 43 | sed -i -e "s@region = us-east-1@region = ${REGION}@" /root/.aws/config 44 | else 45 | REGION="us-east-1" 46 | fi 47 | } 48 | 49 | function set_workers(){ 50 | if [ ! -z "${WORKERS}" ]; then 51 | echo "> Change S3 workers" 52 | sed -i -e "s@workers = 1@workers = ${WORKERS}@" /etc/oio/sds/OPENIO/oioswift-0/proxy-server.conf 53 | else 54 | WORKERS="1" 55 | fi 56 | } 57 | 58 | function add_meta2(){ 59 | if [ ! -z "${SUPPL_M2}" ]; then 60 | echo "> Add supplementaries meta2" 61 | for i in $(seq 1 $SUPPL_M2); do 62 | # meta2 63 | install -d -o openio -g openio -m 755 /var/lib/oio/sds/OPENIO/meta2-$i 64 | cp -a -r /etc/oio/sds/OPENIO/meta2-0/ /etc/oio/sds/OPENIO/meta2-${i} 65 | mv /etc/oio/sds/OPENIO/meta2-${i}/meta2-0.conf /etc/oio/sds/OPENIO/meta2-${i}/meta2-${i}.conf 66 | cp -a /etc/gridinit.d/OPENIO-meta2-0.conf /etc/gridinit.d/OPENIO-meta2-${i}.conf 67 | sed -i \ 68 | -e "s/meta2-0/meta2-$i/g" -e "s/6120/$((6120 + $i))/" \ 69 | -e "s/OPENIO,meta2,0/OPENIO,meta2,$i/" \ 70 | /etc/gridinit.d/OPENIO-meta2-$i.conf 71 | cp -a /etc/oio/sds/OPENIO/watch/meta2-0.yml /etc/oio/sds/OPENIO/watch/meta2-$i.yml 72 | sed -i \ 73 | -e "s/meta2-0/meta2-$i/g" \ 74 | -e "s/6120/$((6120 + $i))/" \ 75 | -e "s@location: openiosds.0@location: openiosds.$i@" \ 76 | /etc/oio/sds/OPENIO/watch/meta2-$i.yml 77 | 78 | # rdir 79 | install -d -o openio -g openio -m 755 /var/lib/oio/sds/OPENIO/rdir-$i 80 | sed -i \ 81 | -e "s@location: openiosds.1@location: openiosds.0@" \ 82 | /etc/oio/sds/OPENIO/watch/rdir-0.yml 83 | install -d -o openio -g openio -m 755 /var/lib/oio/sds/OPENIO/rdir-$i 84 | cp -a -r /etc/oio/sds/OPENIO/rdir-0/ /etc/oio/sds/OPENIO/rdir-${i} 85 | mv /etc/oio/sds/OPENIO/rdir-${i}/rdir-0.conf /etc/oio/sds/OPENIO/rdir-${i}/rdir-${i}.conf 86 | sed -i \ 87 | -e "s/6300/$((6300 + $i))/" \ 88 | -e "s/rdir-0/rdir-$i/" -e "s/rdir,0/rdir,$i/" \ 89 | /etc/oio/sds/OPENIO/rdir-${i}/rdir-${i}.conf 90 | cp -a /etc/gridinit.d/OPENIO-rdir-0.conf /etc/gridinit.d/OPENIO-rdir-${i}.conf 91 | sed -i \ 92 | -e "s/rdir-0/rdir-$i/g" \ 93 | -e "s/6300/$((6300 + $i))/" \ 94 | -e "s/OPENIO,rdir,0/OPENIO,rdir,$i/" \ 95 | /etc/gridinit.d/OPENIO-rdir-$i.conf 96 | cp -a /etc/oio/sds/OPENIO/watch/rdir-0.yml /etc/oio/sds/OPENIO/watch/rdir-$i.yml 97 | sed -i \ 98 | -e "s/rdir-0/rdir-$i/g" \ 99 | -e "s/6300/$((6300 + $i))/" \ 100 | -e "s@location: openiosds.0@location: openiosds.$i@" \ 101 | /etc/oio/sds/OPENIO/watch/rdir-$i.yml 102 | 103 | done 104 | 105 | fi 106 | } 107 | 108 | # Initialize OpenIO cluster 109 | function initcluster(){ 110 | echo "# Initializing the OpenIO cluster" 111 | 112 | # Temporarily disabling the swift gateway, to avoid answering when not completely setup 113 | sed -i -e 's/^enabled=.*$/enabled=false/' /etc/gridinit.d/OPENIO-oioswift-0.conf 114 | 115 | rm /etc/oio/sds/OPENIO/conscience-0/conscience-0-persistence.dat 116 | echo "> Starting services" 117 | /usr/bin/gridinit -d /etc/gridinit.conf >/dev/null 2>&1 118 | 119 | echo "> Waiting for the services to start ..." 120 | etime_start=$(date +"%s") 121 | etime_end=$((${etime_start} + ${TIMEOUT})) 122 | nbmeta1=0 123 | while [ $(date +"%s") -le ${etime_end} -a ${nbmeta1} -lt ${NBREPLICAS} ] 124 | do 125 | sleep 2 126 | # Count registered meta1 127 | nbmeta1=$(/usr/bin/openio --oio-ns=${NS} cluster list meta1 -f value -c Addr|wc -l) 128 | done 129 | if [ ${nbmeta1} -ne ${NBREPLICAS} ]; then 130 | echo "Error: Install script did not found ${NBREPLICAS} meta1 services registered. Return: ${nbmeta1}" 131 | exit 1 132 | fi 133 | etime_start=$(date +"%s") 134 | etime_end=$((${etime_start} + ${TIMEOUT})) 135 | score=0 136 | while [ $(date +"%s") -le ${etime_end} -a ${score} -eq 0 ] 137 | do 138 | /usr/bin/openio --oio-ns=${NS} cluster unlockall >/dev/null 2>&1 139 | sleep 5 140 | score=$(/usr/bin/openio --oio-ns=${NS} cluster list meta1 -f value -c Score || echo 0) 141 | done 142 | if [ ${score} -eq 0 ]; then 143 | echo "Error: Unlocking scores failed. Unable to bootstrap namespace. Return: Meta1 score = ${score}" 144 | exit 1 145 | fi 146 | 147 | # Initialize meta1 with 3 replicas on the same server 148 | echo "> Bootstrapping directory ..." 149 | /usr/bin/openio --oio-ns=${NS} directory bootstrap --replicas ${NBREPLICAS} || \ 150 | (echo "Error: Directory bootstrap failed. Aborting." ; exit 1) 151 | 152 | echo "> Bootstrapping Reverse Directory and rawx for namespace ${NS}" 153 | /usr/bin/openio --oio-ns=${NS} rdir bootstrap rawx || 154 | (echo "Error: Directory bootstrap failed. Aborting." ; exit 1) 155 | echo "> Bootstrapping Reverse Directory and meta2 for namespace ${NS}" 156 | /usr/bin/openio --oio-ns=${NS} rdir bootstrap meta2 || 157 | (echo "Error: Directory bootstrap failed. Aborting." ; exit 1) 158 | 159 | # Stopping services 160 | echo "> Stopping services ..." 161 | gridinit_pid=$(cat /run/gridinit/gridinit.pid) 162 | kill "${gridinit_pid}" >/dev/null 2>&1 163 | /usr/bin/timeout "30s" tail --pid="${gridinit_pid}" -f /dev/null || kill -s 9 "${gridinit_pid}" 164 | 165 | } 166 | 167 | function set_unlock(){ 168 | sed -i -e "/^\[type:/a lock_at_first_register=false" /etc/oio/sds/*/conscience-*/conscience-*-services.conf 169 | } 170 | 171 | function unlock(){ 172 | echo "> Unlocking scores ..." 173 | etime_start=$(date +"%s") 174 | etime_end=$((${etime_start} + ${TIMEOUT})) 175 | nbscore=1 176 | while [ $(date +"%s") -le ${etime_end} -a ${nbscore} -gt 0 ] 177 | do 178 | /usr/bin/openio --oio-ns=${NS} cluster unlockall >/dev/null 2>&1 179 | sleep 5 180 | nbscore=$(/usr/bin/openio --oio-ns=${NS} cluster list -f value -c Score|grep -c -e '^0$') 181 | done 182 | if [ ${nbscore} -gt 0 ]; then 183 | echo "Error: Unlocking scores failed." 184 | exit 1 185 | fi 186 | } 187 | 188 | function gridinit_start(){ 189 | echo "> Starting services ..." 190 | pkill -0 -F /run/gridinit/gridinit.pid >/dev/null 2>&1 || \ 191 | exec /usr/bin/gridinit /etc/gridinit.conf 192 | } 193 | 194 | function keystone_config(){ 195 | if [ ! -z "$KEYSTONE_ENABLED" ]; then 196 | echo "Setting up Openstack Keystone authentication" 197 | : "${KEYSTONE_URI:=${IPADDR}:5000}" 198 | : "${KEYSTONE_URL:=${IPADDR}:35357}" 199 | : "${SWIFT_USERNAME:=swift}" 200 | : "${SWIFT_PASSWORD:=SWIFT_PASS}" 201 | sed -i -e "/filter:tempauth/i [filter:s3token]\ndelay_auth_decision = True\nauth_uri = http://${KEYSTONE_URL}/\nuse = egg:swift3#s3token\n\n[filter:authtoken]\nauth_type = password\nusername = ${SWIFT_USERNAME}\nproject_name = service\nregion_name = ${REGION}\nuser_domain_id = default\nmemcache_secret_key = memcache_secret_key\npaste.filter_factory = keystonemiddleware.auth_token:filter_factory\ninsecure = True\ncache = swift.cache\ndelay_auth_decision = True\ntoken_cache_time = 300\nauth_url =http://${KEYSTONE_URL}\ninclude_service_catalog = False\nwww_authenticate_uri = http://${KEYSTONE_URI}\nmemcached_servers = ${IPADDR}:6019\npassword = ${SWIFT_PASSWORD}\nrevocation_cache_time = 60\nmemcache_security_strategy = ENCRYPT\nproject_domain_id = default\n\n[filter:keystoneauth]\nuse = egg:swift#keystoneauth\noperator_roles = admin,swiftoperator,_member_\n" /etc/oio/sds/OPENIO/oioswift-0/proxy-server.conf 202 | sed -i -e '/filter:tempauth/,+2d' /etc/oio/sds/OPENIO/oioswift-0/proxy-server.conf 203 | sed -i -e 's@^pipeline =.*@pipeline = catch_errors gatekeeper healthcheck proxy-logging cache bulk tempurl proxy-logging authtoken swift3 s3token keystoneauth proxy-logging copy slo dlo versioned_writes proxy-logging proxy-server@' /etc/oio/sds/OPENIO/oioswift-0/proxy-server.conf 204 | fi 205 | } 206 | 207 | ### Main 208 | 209 | prepare 210 | 211 | # Firstboot script to setup OpenIO configuration 212 | if [ ! -f /etc/oio/sds/firstboot ]; then 213 | echo "# Firstboot: Setting up the OpenIO cluster" 214 | if [ ! -z "${OPENIO_IPADDR}" ]; then 215 | IPADDR=${OPENIO_IPADDR} 216 | elif [ ! -z "${OPENIO_IFDEV}" ]; then 217 | IPADDR=$(ip -4 addr show ${OPENIO_IFDEV} | awk '/inet/ {print $2}' | sed 's#/.*##') 218 | if [ -z "${IPADDR}" ]; then 219 | echo "Error: Failed to get IP for device ${OPENIO_IFDEV}" 220 | fi 221 | else 222 | IPADDR=$(ip -4 addr show | grep -v 127.0.0.1 | awk '/inet/ {print $2}' | sed 's#/.*##') 223 | fi 224 | 225 | # Update Swift credentials 226 | update_swift_credentials 227 | set_region 228 | set_workers 229 | keystone_config 230 | 231 | # Add supplementaries meta2 232 | add_meta2 233 | 234 | # Update listenning address 235 | if [ ! -z "${IPADDR}" ]; then 236 | echo "> Using ${IPADDR} IP address for services" 237 | /usr/bin/find /etc/oio /etc/gridinit.d /root /usr/bin/openio-basic-checks -type f -print0 | xargs --no-run-if-empty -0 sed -i "s/127.0.0.1/${IPADDR}/g" 238 | fi 239 | 240 | # Activate logs 241 | /usr/sbin/rsyslogd 242 | # Deploy OpenIO 243 | initcluster 244 | 245 | # Unlock services 246 | set_unlock 247 | 248 | # Firstboot is done 249 | touch /etc/oio/sds/firstboot 250 | fi 251 | 252 | # Re-enabling the swift gateway, now that it's ready 253 | sed -i -e 's/^enabled=.*$/enabled=true/' /etc/gridinit.d/OPENIO-oioswift-0.conf 254 | 255 | 256 | echo " 257 | .oo. .ooo. OIO Conscience: ${IPADDR}:6000 258 | .ooooo. o ..oo. OIO Proxy: ${IPADDR}:6006 259 | .oooo. .oo. .o. 260 | .oooo. .o+ .o. S3 Endpoint: http://${IPADDR}:6007 261 | iooo. .o..oo S3 Region: ${REGION} 262 | oooo .o, :o S3 SSL: False 263 | oooi .o: .o S3 Signature: s3v4 264 | iooo. .o..oo S3 Access bucket: path-style 265 | .oooo. .oo .o. S3 Access key: ${AKEY} 266 | .oooo. .oo. .o. S3 Secret key: ${SKEY} 267 | .ooooo. o...oo. 268 | .ooo. .ioo.. Visit https://docs.openio.io/latest/source/integrations for more informations. 269 | " 270 | 271 | # start gridinit 272 | gridinit_start 273 | -------------------------------------------------------------------------------- /openio-sds/20.04/test.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | set -eux -o pipefail 4 | 5 | CURRENT_DIR="$(cd "$(dirname "$0")" && pwd -P)" 6 | 7 | test -n "${DOCKER_TEST_CONTAINER_NAME}" || { 8 | echo "Error: variable DOCKER_TEST_CONTAINER_NAME not set. Exiting." 9 | exit 1 10 | } 11 | test -n "${DOCKER_IMAGE_NAME}" || { 12 | echo "Error: variable DOCKER_IMAGE_NAME not set. Exiting." 13 | exit 1 14 | } 15 | 16 | clean_sut() { 17 | docker kill "${1}" 18 | docker rm -f "${1}" 19 | docker system prune -f --volumes 20 | } 21 | 22 | # Launch an openio-sds container to test 23 | clean_sut "${DOCKER_TEST_CONTAINER_NAME}" || true # Never fail cleanup 24 | docker run -d --name "${DOCKER_TEST_CONTAINER_NAME}" "${DOCKER_IMAGE_NAME}" 25 | 26 | # Build the tester image 27 | TESTER_IMAGE_NAME=openio-sds-tester 28 | docker build -t "${TESTER_IMAGE_NAME}" "${CURRENT_DIR}"/../tester/ 29 | 30 | # Run tests 31 | docker run --rm -t \ 32 | --network="container:${DOCKER_TEST_CONTAINER_NAME}" \ 33 | -e "SUT_ID=${DOCKER_TEST_CONTAINER_NAME}" \ 34 | -e SUT_IP="$(docker inspect -f '{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' "${DOCKER_TEST_CONTAINER_NAME}")" \ 35 | -v /var/run/docker.sock:/var/run/docker.sock \ 36 | "${TESTER_IMAGE_NAME}" \ 37 | || { 38 | echo "== Tests failure: please check SUT logs below:" 39 | docker logs "${DOCKER_TEST_CONTAINER_NAME}" 40 | echo "==============================================" 41 | clean_sut "${DOCKER_TEST_CONTAINER_NAME}" || true # Never fail cleanup 42 | exit 1 43 | } 44 | clean_sut "${DOCKER_TEST_CONTAINER_NAME}" || true # Never fail cleanup 45 | -------------------------------------------------------------------------------- /openio-sds/README.md: -------------------------------------------------------------------------------- 1 | # openio/sds Dockerfile 2 | 3 | This image provides an easy way to run an OPENIO namespace with an Openstack Swift/Swift3 proxy. 4 | It deploys and configure a simple non-replicated namespace in a single Docker container. 5 | 6 | ## How to get this image from the hub 7 | 8 | To get the latest one built on the [docker hub](https://hub.docker.com/r/openio/sds) 9 | 10 | ```console 11 | # docker pull openio/sds 12 | ``` 13 | 14 | or 15 | 16 | ```console 17 | # docker pull openio/sds:latest 18 | ``` 19 | 20 | If you want a specific OpenIO SDS version & linux distribution 21 | 22 | For example, run: 23 | 24 | ```console 25 | # docker pull openio/sds:16.10-centos-7 26 | ``` 27 | 28 | You can choose between: 29 | 30 | - 16.10-centos-7 31 | - 17.04-centos-7 32 | - 17.04-ubuntu-xenial 33 | 34 | Those images are rebuilt regularly, but if you want to have the most up-to-date 35 | versions, the best is to rebuild them locally (on your computer). 36 | 37 | ## How to (re-)build this image 38 | 39 | First get the source: 40 | 41 | ```console 42 | # git clone https://github.com/open-io/dockerfiles.git 43 | # cd dockerfiles 44 | ``` 45 | 46 | Then build one specific image: 47 | 48 | ```console 49 | # docker build -t openio/sds:17.04-centos-7-local openio-sds/17.04/centos/7 50 | ``` 51 | 52 | ## How to use this image 53 | 54 | OpenIO SDS depends on IPs, meaning that you can't change service IPs after they have been registered to the cluster. 55 | By default, Docker networking change your IP when your container restarts which is not compatible with OpenIO SDS at the moment. 56 | 57 | ### Keep it simple 58 | 59 | By default, start a simple namespace listening on 127.0.0.1 inside the container. 60 | An Openstack Swift proxy with the Swift3 middleware is available, with [TempAuth](https://docs.openstack.org/developer/swift/overview_auth.html#tempauth) authentication system and default credentials set to `demo:demo` and password `DEMO_PASS`. 61 | 62 | 63 | ```console 64 | # docker run -d openio/sds 65 | ``` 66 | 67 | When starting the container, it takes a few seconds to start (depending on your host performance). To show the container startup, you can remove the `-d` option to the command line. 68 | 69 | To access the `openio` command line, you can access inside the container (supposing the OpenIO SDS container is the latest you started): 70 | 71 | ```console 72 | # docker exec -ti --tty $(docker ps -l --format "{{.ID}}") /bin/bash 73 | ``` 74 | 75 | 76 | ### Using host network interface 77 | 78 | You can start an instance using Docker host mode networking, it allows you to access the services outside your container. You can specify the interface or the IP you want to use. 79 | 80 | Setting the interface: 81 | ```console 82 | # docker run -e OPENIO_IFDEV=enp0s8 --net=host openio/sds 83 | ``` 84 | 85 | Specifying the IP: 86 | ```console 87 | # docker run -e OPENIO_IPADDR=192.168.56.102 --net=host openio/sds 88 | ``` 89 | 90 | Change the Openstack Swift default credentials: 91 | ```console 92 | # docker run -e OPENIO_IFDEV=enp0s8 --net=host -e SWIFT_CREDENTIALS="myproject:myuser:mypassord:.admin" openio/sds 93 | ``` 94 | 95 | Bind the Openstack Swift/Swift3 proxy port to you host: 96 | ```console 97 | # docker run -p 192.168.56.102:6007:6007 openio/sds 98 | ``` 99 | 100 | Setting the default credentials to test Openstack Swift functionnal tests: 101 | ```console 102 | # docker run -p 192.168.56.102:6007:6007 -e SWIFT_CREDENTIALS="admin:admin:admin:.admin .reseller_admin,test2:tester2:testing2:.admin,test5:tester5:testing5:service,test:tester:testing:.admin,test:tester3:testing3" openio/sds 103 | ``` 104 | 105 | Before using `openio` CLI or Python, Java or C API from the outside, copy the contents of `/etc/oio/sds.conf.d/OPENIO` from the container to the same file on your host. 106 | ```console 107 | # docker exec -ti --tty $(docker ps -l --format "{{.ID}}") /bin/cat /etc/oio/sds.conf.d/OPENIO > /etc/oio/sds.conf.d/OPENIO 108 | ``` 109 | 110 | ### Binding the OpenIO Swift gateway with Openstack Keystone 111 | 112 | By default, the image comes standalone with the TempAuth authentification system which is very handy for development and testing. However, if you want to test along with Openstack Keystone identity service, you can specify Keystone URI and URL as follow: 113 | ```console 114 | # docker run -d --net=host -e KEYSTONE_ENABLED='true' -e KEYSTONE_URI='192.168.56.102:5000' -e KEYSTONE_URL='192.168.56.102:35357' openio/sds 115 | ``` 116 | 117 | ## Documentation 118 | 119 | To test with different object storage clients: 120 | - [OpenIO SDS command line](http://docs.openio.io/user-guide/openiocli.html) 121 | - [Openstack Swift command line (using TempAuth)](http://docs.openio.io/user-guide/swiftcli.html#tempauth) 122 | - [AWS S3 command line](http://docs.openio.io/user-guide/awscli.html) 123 | - [Openstack Keystone image](https://hub.docker.com/r/openio/openstack-keystone/) 124 | -------------------------------------------------------------------------------- /openio-sds/commons/rsyslog.conf: -------------------------------------------------------------------------------- 1 | $AddUnixListenSocket /dev/log 2 | template(name="TraditionalFormatWithPRI" type="string" string="%TIMESTAMP:::date-rfc3339% %HOSTNAME% %syslogtag% %syslogpriority-text% %msg:::sp-if-no-1st-sp%%msg:::drop-last-lf%\n") 3 | 4 | if $syslogfacility-text == ['local0','local1'] and $syslogtag startswith 'OIO' then { 5 | action(type="omfile" template="TraditionalFormatWithPRI" file="/proc/self/fd/1" flushOnTXEnd="on") 6 | &stop 7 | } 8 | 9 | -------------------------------------------------------------------------------- /openio-sds/commons/sds-healthcheck.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | set -eux -o pipefail 4 | 5 | CONTAINER_IP="$(hostname -i)" 6 | 7 | command -v curl >/dev/null 2>&1 || { 8 | echo "ERROR: No curl command found." 9 | exit 1 10 | } 11 | 12 | # Healtcheck on the S3 gateway 13 | curl --fail --silent --show-error --location "${CONTAINER_IP}:6007/healthcheck" 14 | -------------------------------------------------------------------------------- /openio-sds/scratch/README.md: -------------------------------------------------------------------------------- 1 | # openio/sds from scratch : the Dockerfile 2 | 3 | ## Build 4 | 5 | First build the docker image based on a Centos 7 with all the dependencies of openio-sds: 6 | 7 | ```console 8 | docker build -t oiosds:scratch-centos7-deps scratch/deps/centos/7 9 | ``` 10 | 11 | Then build one image for each openio-sds github branch you want to: 12 | 13 | ```console 14 | while read TAG COMMIT ; do 15 | COMMIT=${COMMIT:-$TAG} 16 | docker build -t oiosds:scratch-centos7-sds-${TAG} --build-arg COMMIT_ID=${COMMIT} scratch/sds/centos/7 17 | do < 3 | 4 | RUN yum clean all \ 5 | && yum -y --disableplugin=fastestmirror install epel-release \ 6 | && yum -y --disableplugin=fastestmirror install http://mirror.openio.io/pub/repo/openio/sds/17.04/el/openio-sds-release-17.04-1.el.noarch.rpm \ 7 | && rm -rf /var/cache/yum \ 8 | && yum clean all \ 9 | && yum -y --disableplugin=fastestmirror update \ 10 | && yum -y --disableplugin=fastestmirror install puppet-openio-sds-profile \ 11 | && yum -y --disableplugin=fastestmirror install \ 12 | screen cmake make flex bison lcov git gcc gcc-c++ \ 13 | glib2 glib2-devel \ 14 | zeromq3 zeromq3-devel \ 15 | curl libcurl libcurl-devel \ 16 | sqlite sqlite-devel \ 17 | attr libattr libattr-devel \ 18 | apr apr-devel apr-util apr-util-devel httpd httpd-devel mod_wsgi \ 19 | libevent libevent-devel \ 20 | json-c json-c-devel \ 21 | leveldb leveldb-devel \ 22 | lzo lzo-devel \ 23 | python-devel \ 24 | python-virtualenv python-pip \ 25 | liberasurecode liberasurecode-devel \ 26 | zookeeper zookeeper-lib zookeeper-lib-devel \ 27 | beanstalkd redis hiredis hiredis-devel \ 28 | openio-gridinit openio-asn1c \ 29 | rsyslog \ 30 | && rm -rf /var/cache/yum \ 31 | && yum clean all \ 32 | && pip install --upgrade pip tox virtualenv zkpython \ 33 | && useradd -U -m -G users,wheel openio \ 34 | && echo '$AddUnixListenSocket /dev/log' >> /etc/rsyslog.conf 35 | 36 | CMD ["/usr/bin/env", "bash"] 37 | 38 | -------------------------------------------------------------------------------- /openio-sds/scratch/sds/centos/7/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM oiosds:scratch-centos7-deps 2 | MAINTAINER "Jean-Francois Smigielski" 3 | ARG OIOREPO=https://github.com/open-io/oio-sds.git 4 | 5 | # Attempt to download only once the sources 6 | RUN mkdir /tmp/src \ 7 | && cd /tmp/src \ 8 | && git clone "$OIOREPO" \ 9 | && cd /tmp/src/oio-sds \ 10 | && git fetch --all 11 | 12 | ARG COMMIT_ID=master 13 | 14 | # Now checkout in the right commit-id, then build and install 15 | RUN cd /tmp/src/oio-sds \ 16 | && git checkout -b "$COMMIT_ID" "$COMMIT_ID" \ 17 | && cmake \ 18 | -D CMAKE_INSTALL_PREFIX=/usr \ 19 | -D CMAKE_BUILD_TYPE=Release \ 20 | . \ 21 | && make -j 4 \ 22 | && make install \ 23 | && pip install --upgrade -r test-requirements.txt \ 24 | && pip install --upgrade -r all-requirements.txt \ 25 | && python ./setup.py install 26 | 27 | EXPOSE 6000-7000 28 | 29 | CMD ["/usr/bin/env", "bash"] 30 | 31 | -------------------------------------------------------------------------------- /openio-sds/tester/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM alpine:3.11 2 | 3 | RUN apk add --no-cache \ 4 | bash \ 5 | bats \ 6 | curl \ 7 | docker-cli \ 8 | git \ 9 | netcat-openbsd \ 10 | redis 11 | 12 | ENV BATS_HELPERS_DIR=/bats/helpers 13 | 14 | RUN mkdir -p "${BATS_HELPERS_DIR}" 15 | RUN git clone "https://github.com/ztombol/bats-support" "${BATS_HELPERS_DIR}/bats-support" 16 | RUN git clone "https://github.com/ztombol/bats-assert" "${BATS_HELPERS_DIR}/bats-assert" 17 | RUN git clone "https://github.com/ztombol/bats-file" "${BATS_HELPERS_DIR}/bats-file" 18 | 19 | 20 | COPY ./*.bash "${BATS_HELPERS_DIR}"/ 21 | COPY ./checks.bats /tests/checks.bats 22 | 23 | ENTRYPOINT ["bats"] 24 | CMD ["/tests/"] 25 | -------------------------------------------------------------------------------- /openio-sds/tester/checks.bats: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bats 2 | 3 | load "${BATS_HELPERS_DIR}/load.bash" 4 | 5 | CURL_OPTS=("--insecure" "--fail" "--location" "--silent" "--verbose" "--show-error") 6 | 7 | @test "OpenIO SDS Container is up and healthy" { 8 | retry_contains_output 36 5 '"healthy"' docker inspect -f '{{json .State.Health.Status}}' "${SUT_ID}" 9 | } 10 | 11 | # Tests 12 | @test "All occurrences of '127.0.0.1' in the configuration have been replaced" { 13 | run docker exec -t "${SUT_ID}" grep -rI '127.0.0.1' /etc/oio /etc/gridinit.d /root/checks.sh 14 | assert_failure 1 # grep should return exit code "1" for "pattern not found" 15 | refute_output --partial '127.0.0.1' # No occurence found in the output 16 | } 17 | 18 | @test "The configuration defines a distance not null between the rawx and the rdir" { 19 | local rdir_location rawx_location 20 | rdir_location="$(docker exec -t "${SUT_ID}" openio --oio-ns OPENIO cluster list -c Location rdir -f value)" 21 | assert_success 22 | assert test -n "${rdir_location}" 23 | 24 | rawx_location="$(docker exec -t "${SUT_ID}" openio --oio-ns OPENIO cluster list -c Location rawx -f value)" 25 | assert_success 26 | assert test -n "${rawx_location}" 27 | 28 | assert [ "${rdir_location}" != "${rawx_location}" ] 29 | } 30 | 31 | @test 'Account - status' { 32 | run retry 60 2 curl "${CURL_OPTS[@]}" "${SUT_IP}:6009/status" 33 | assert_success 34 | } 35 | 36 | @test 'Conscience - up' { 37 | retry_contains_output 10 1 "PING OK" docker exec -t "${SUT_ID}" /usr/bin/oio-tool ping "${SUT_IP}:6000" 38 | } 39 | 40 | @test 'rawx - status' { 41 | retry_contains_output 10 1 "counter req.hits" curl "${CURL_OPTS[@]}" "${SUT_IP}:6200/stat" 42 | retry_contains_output 10 1 "counter req.hits.raw 0" curl "${CURL_OPTS[@]}" "${SUT_IP}:6200/stat" 43 | } 44 | 45 | @test 'rdir - up' { 46 | retry_contains_output 10 1 "succeeded" nc -zv "${SUT_IP}" 6300 \ 47 | || retry_contains_output 10 1 "Connected to" nc -zv "${SUT_IP}" 6300 48 | } 49 | 50 | @test 'Redis - up' { 51 | retry_contains_output 10 1 "PONG" redis-cli -h "${SUT_IP}" -p 6011 ping 52 | } 53 | 54 | @test 'Gridinit - Status of services' { 55 | retry 10 1 docker exec -t "${SUT_ID}" /usr/bin/gridinit_cmd status 56 | } 57 | 58 | @test 'Cluster - Status ' { 59 | retry_contains_output 10 1 "Up" docker exec -t "${SUT_ID}" openio cluster list -c Up -f csv --oio-ns OPENIO 60 | retry_refute_output 30 5 "False" docker exec -t "${SUT_ID}" openio cluster list -c Up -f csv --oio-ns OPENIO 61 | } 62 | 63 | @test 'Cluster - Score unlock' { 64 | retry_refute_output 10 1 '^0$' bash -c 'openio cluster list -c Score -f csv --oio-ns OPENIO |sed -e "s@^@^@" |cat -evt' 65 | } 66 | 67 | @test 'OIO - push object' { 68 | retry 12 5 docker exec -t "${SUT_ID}" openio object create MY_CONTAINER /etc/passwd --oio-account MY_ACCOUNT --oio-ns OPENIO 69 | } 70 | 71 | @test 'OIO - show object' { 72 | retry 10 1 docker exec -t "${SUT_ID}" openio container show MY_CONTAINER --oio-account MY_ACCOUNT --oio-ns OPENIO 73 | } 74 | 75 | @test 'OIO - list objects' { 76 | retry 10 1 docker exec -t "${SUT_ID}" openio object list --oio-account MY_ACCOUNT MY_CONTAINER --oio-ns OPENIO 77 | } 78 | 79 | @test 'OIO - Find the services involved for your container' { 80 | retry 10 1 docker exec -t "${SUT_ID}" openio container locate MY_CONTAINER --oio-account MY_ACCOUNT --oio-ns OPENIO 81 | } 82 | 83 | @test 'OIO - Consistency' { 84 | run docker exec -t "${SUT_ID}" bash -c 'md5sum /etc/passwd | cut -d" " -f1' 85 | assert_success 86 | md5orig="${output}" 87 | 88 | run docker exec -t "${SUT_ID}" bash -c "openio object list --oio-account MY_ACCOUNT MY_CONTAINER -c Hash -f value --oio-ns OPENIO|tr [A-Z] [a-z]" 89 | assert_success 90 | md5sds="${output}" 91 | 92 | assert_equal "$md5orig" "$md5sds" 93 | } 94 | 95 | @test 'OIO - Delete your object' { 96 | retry 10 1 docker exec -t "${SUT_ID}" openio object delete MY_CONTAINER passwd --oio-account MY_ACCOUNT --oio-ns OPENIO 97 | } 98 | 99 | @test 'OIO - Delete your empty container' { 100 | retry 10 1 docker exec -t "${SUT_ID}" openio container delete MY_CONTAINER --oio-account MY_ACCOUNT --oio-ns OPENIO 101 | } 102 | 103 | @test 'AWS - Get credentials' { 104 | retry 10 1 docker exec -t "${SUT_ID}" grep demo /root/.aws/credentials 105 | } 106 | 107 | @test 'AWS - create bucket' { 108 | retry 10 1 docker exec -t "${SUT_ID}" aws --endpoint-url "http://${SUT_IP}:6007" --no-verify-ssl s3 mb s3://mybucket 109 | } 110 | 111 | @test 'AWS - upload into bucket' { 112 | retry 10 1 docker exec -t "${SUT_ID}" aws --endpoint-url "http://${SUT_IP}:6007" --no-verify-ssl s3 cp /etc/passwd s3://mybucket 113 | } 114 | 115 | @test 'AWS - Consistency' { 116 | retry 10 1 docker exec -t "${SUT_ID}" bash -c 'md5sum /etc/passwd | cut -d" " -f1' 117 | assert_success 118 | md5orig="${output}" 119 | 120 | retry 10 1 docker exec -t "${SUT_ID}" aws --endpoint-url "http://${SUT_IP}:6007" --no-verify-ssl s3 cp s3://mybucket/passwd /tmp/passwd.aws 121 | assert_success 122 | 123 | retry 10 1 docker exec -i "${SUT_ID}" bash -c 'md5sum /tmp/passwd.aws | cut -d" " -f1' 124 | assert_success 125 | md5aws="${output}" 126 | 127 | assert_equal "$md5orig" "$md5aws" 128 | } 129 | 130 | @test 'AWS - Delete your object' { 131 | retry 10 1 docker exec -t "${SUT_ID}" aws --endpoint-url "http://${SUT_IP}:6007" --no-verify-ssl s3 rm s3://mybucket/passwd 132 | } 133 | 134 | @test 'AWS - Delete your empty bucket' { 135 | retry 10 1 docker exec -t "${SUT_ID}" aws --endpoint-url "http://${SUT_IP}:6007" --no-verify-ssl s3 rb s3://mybucket 136 | } 137 | 138 | @test 'OIO - Delete accounts' { 139 | retry 10 1 docker exec -t "${SUT_ID}" openio account delete MY_ACCOUNT --oio-ns OPENIO 140 | retry 10 1 docker exec -t "${SUT_ID}" openio account delete AUTH_demo --oio-ns OPENIO 141 | } 142 | -------------------------------------------------------------------------------- /openio-sds/tester/helpers.bash: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # Function which retries an instruction until the max amount of time, with sleep between retries. 4 | # Only the exit code of the instruction is checked. 5 | # Args: 6 | # - $1: max number of retries 7 | # - $2: time to wait between retries 8 | # - $3..: instruction to execute for each retry. 9 | function retry() { 10 | local counter=0 11 | local max_retries=$1 12 | shift 13 | local wait_time=$1 14 | shift 15 | until [ "${counter}" -ge "${max_retries}" ] 16 | do 17 | if "$@" 18 | then 19 | break 20 | fi 21 | sleep "${wait_time}" 22 | counter=$((counter+1)) 23 | done 24 | # assert is a Bats primitive 25 | assert [ "${counter}" -lt "${max_retries}" ] 26 | } 27 | 28 | # Function which retries to compare (exactly) an instruction's stdout with a provided value, until the max amount of time, with sleep between retries. 29 | # Args: 30 | # - $1: max number of retries 31 | # - $2: time to wait between retries 32 | # - $3: value to compare instruction with 33 | # - $4..: instruction to execute for each retry. 34 | function retry_equals() { 35 | local counter=0 36 | local max_retries=$1 37 | shift 38 | local wait_time=$1 39 | shift 40 | local equal_value=$1 41 | shift 42 | until [ "${counter}" -ge "${max_retries}" ] 43 | do 44 | # assert_equal is a Bats primitive 45 | if assert_equal "$("$@")" "${equal_value}" 46 | then 47 | break 48 | fi 49 | sleep "${wait_time}" 50 | counter=$((counter+1)) 51 | done 52 | # assert is a Bats primitive 53 | assert [ "${counter}" -lt "${max_retries}" ] 54 | } 55 | 56 | # Function which retries to compare (partially) an instruction's stdout with a provided value, until the max amount of time, with sleep between retries. 57 | # Args: 58 | # - $1: max number of retries 59 | # - $2: time to wait between retries 60 | # - $3: partial value to assert output with 61 | # - $4..: instruction to execute for each retry. 62 | function retry_contains_output() { 63 | local counter=0 64 | local max_retries=$1 65 | shift 66 | local wait_time=$1 67 | shift 68 | local partial_value=$1 69 | shift 70 | until [ "${counter}" -ge "${max_retries}" ] 71 | do 72 | # run and assert_output are a Bats-assert primitives 73 | if run "$@" && assert_output --partial "${partial_value}" 74 | then 75 | break 76 | fi 77 | sleep "${wait_time}" 78 | counter=$((counter+1)) 79 | done 80 | # assert is a Bats primitive 81 | assert [ "${counter}" -lt "${max_retries}" ] 82 | } 83 | 84 | # Function which retries to compare and refute (partially) an instruction's stdout with a provided value, until the max amount of time, with sleep between retries. 85 | # Args: 86 | # - $1: max number of retries 87 | # - $2: time to wait between retries 88 | # - $3: partial value to refute output with 89 | # - $4..: instruction to execute for each retry. 90 | function retry_refute_output() { 91 | local counter=0 92 | local max_retries=$1 93 | shift 94 | local wait_time=$1 95 | shift 96 | local partial_value=$1 97 | shift 98 | until [ "${counter}" -ge "${max_retries}" ] 99 | do 100 | # run and assert_output are a Bats-assert primitives 101 | if run "$@" && refute_output --partial "${partial_value}" 102 | then 103 | break 104 | fi 105 | sleep "${wait_time}" 106 | counter=$((counter+1)) 107 | done 108 | # assert is a Bats primitive 109 | assert [ "${counter}" -lt "${max_retries}" ] 110 | } 111 | -------------------------------------------------------------------------------- /openio-sds/tester/load.bash: -------------------------------------------------------------------------------- 1 | #!/bin/bats 2 | load "${BATS_HELPERS_DIR}/bats-support/load.bash" 3 | load "${BATS_HELPERS_DIR}/bats-assert/load.bash" 4 | load "${BATS_HELPERS_DIR}/bats-file/load.bash" 5 | load "${BATS_HELPERS_DIR}/helpers.bash" 6 | --------------------------------------------------------------------------------