Puppet Class: profile::swift::proxy

Defined in:
modules/profile/manifests/swift/proxy.pp

Overview

SPDX-License-Identifier: Apache-2.0

Parameters:

  • accounts (Hash) (defaults to: lookup('profile::swift::accounts'))
  • global_account_keys (Hash[String, Hash]) (defaults to: lookup('profile::swift::global_account_keys'))
  • replication_accounts (Hash[String, Hash]) (defaults to: lookup('profile::swift::replication_accounts'))
  • replication_keys (Hash[String, Hash]) (defaults to: lookup('profile::swift::replication_keys'))
  • hash_path_suffix (String) (defaults to: lookup('profile::swift::hash_path_suffix'))
  • stats_reporter_host (String) (defaults to: lookup('profile::swift::stats_reporter_host'))
  • swift_clusters (Swift::Clusters) (defaults to: lookup('swift_clusters'))
  • swift_cluster_label (String) (defaults to: lookup('profile::swift::cluster_label'))
  • swift_backends (Array[Stdlib::Host]) (defaults to: lookup('profile::swift::storagehosts'))
  • swift_frontends (Array[Stdlib::Host]) (defaults to: lookup('profile::swift::proxyhosts'))
  • use_tls (Boolean) (defaults to: lookup('profile::swift::proxy::use_tls'))
  • proxy_service_host (String) (defaults to: lookup('profile::swift::proxy::proxy_service_host'))
  • shard_container_list (Array[String]) (defaults to: lookup('profile::swift::proxy::shard_container_list'))
  • puppetmasters (Hash[String, Puppetmaster::Backends]) (defaults to: lookup('puppetmaster::servers'))
  • statsd_host (Optional[Stdlib::Host]) (defaults to: lookup('profile::swift::proxy::statsd_host'))
  • statsd_port (Optional[Stdlib::Port]) (defaults to: lookup('profile::swift::proxy::statsd_port'))
  • dispersion_account (Optional[String]) (defaults to: lookup('profile::swift::proxy::dispersion_account'))
  • rewrite_account (Optional[String]) (defaults to: lookup('profile::swift::proxy::rewrite_account'))
  • memcached_servers (Optional[Array[String]]) (defaults to: lookup('profile::swift::proxy::memcached_servers'))
  • thumborhost (Optional[String]) (defaults to: lookup('profile::swift::proxy::thumborhost'))
  • inactivedc_thumborhost (Optional[String]) (defaults to: lookup('profile::swift::proxy::inactivedc_thumborhost')) 


2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
 
# File 'modules/profile/manifests/swift/proxy.pp', line 2

class profile::swift::proxy (
    Hash $accounts                             = lookup('profile::swift::accounts'),
    Hash[String, Hash] $global_account_keys   = lookup('profile::swift::global_account_keys'),
    Hash[String, Hash] $replication_accounts   = lookup('profile::swift::replication_accounts'),
    Hash[String, Hash] $replication_keys       = lookup('profile::swift::replication_keys'),
    String $hash_path_suffix                   = lookup('profile::swift::hash_path_suffix'),
    String $stats_reporter_host                = lookup('profile::swift::stats_reporter_host'),
    Swift::Clusters $swift_clusters            = lookup('swift_clusters'),
    String $swift_cluster_label                = lookup('profile::swift::cluster_label'),
    Array[Stdlib::Host] $swift_backends        = lookup('profile::swift::storagehosts'),
    Array[Stdlib::Host] $swift_frontends       = lookup('profile::swift::proxyhosts'),
    Boolean $use_tls                           = lookup('profile::swift::proxy::use_tls'),
    String $proxy_service_host                 = lookup('profile::swift::proxy::proxy_service_host'),
    Array[String] $shard_container_list        = lookup('profile::swift::proxy::shard_container_list'),
    Hash[String, Puppetmaster::Backends] $puppetmasters = lookup('puppetmaster::servers'),
    Optional[Stdlib::Host] $statsd_host        = lookup('profile::swift::proxy::statsd_host'),
    Optional[Stdlib::Port] $statsd_port        = lookup('profile::swift::proxy::statsd_port'),
    Optional[String] $dispersion_account       = lookup('profile::swift::proxy::dispersion_account'),
    Optional[String] $rewrite_account          = lookup('profile::swift::proxy::rewrite_account'),
    Optional[Array[String]] $memcached_servers = lookup('profile::swift::proxy::memcached_servers'),
    Optional[String] $thumborhost              = lookup('profile::swift::proxy::thumborhost'),
    Optional[String] $inactivedc_thumborhost   = lookup('profile::swift::proxy::inactivedc_thumborhost'),
){

    $puppetservers = wmflib::role::hosts('puppetserver')

    class { 'swift':
        hash_path_suffix => $hash_path_suffix,
    }

    class { 'swift::container_sync':
        accounts => $replication_accounts,
        keys     => $replication_keys,
    }

    $swift_cluster_name = $swift_clusters[$swift_cluster_label]['cluster_name']

    class { 'swift::ring':
        swift_cluster => $swift_cluster_name,
    }

    class { 'conftool::scripts': }

    $stats_ensure = ($stats_reporter_host == $facts['networking']['fqdn']).bool2str('present','absent')

    $account_keys = $global_account_keys[$swift_cluster_label]

    class { 'swift::stats_reporter':
        ensure        => $stats_ensure,
        swift_cluster => $swift_cluster_name,
        accounts      => $accounts,
        credentials   => $account_keys,
    }

    swift::stats::stats_container { 'mw-media':
        ensure        => $stats_ensure,
        account_name  => 'AUTH_mw',
        container_set => 'mw-media',
        statsd_host   => $statsd_host,
        statsd_port   => $statsd_port,
        statsd_prefix => "swift.${swift_cluster_name}.containers.mw-media",
    }

    class { 'swift::proxy':
        proxy_service_host     => $proxy_service_host,
        shard_container_list   => $shard_container_list,
        statsd_metric_prefix   => "swift.${swift_cluster_name}.${facts['networking']['hostname']}",
        accounts               => $accounts,
        credentials            => $account_keys,
        statsd_host            => $statsd_host,
        statsd_port            => $statsd_port,
        dispersion_account     => $dispersion_account,
        rewrite_account        => $rewrite_account,
        memcached_servers      => $memcached_servers,
        thumborhost            => $thumborhost,
        inactivedc_thumborhost => $inactivedc_thumborhost,
    }

    if $use_tls {
        include profile::swift::proxy_tls
    }

    class { 'memcached':
        size          => 128,
        port          => 11211,
        # TODO: the following were implicit defaults from
        # MW settings, need to be reviewed.
        growth_factor => 1.05,
        min_slab_size => 5,
    }

    class { 'profile::prometheus::statsd_exporter':
        relay_address => '',
    }

    ferm::service { 'swift-proxy':
        proto   => 'tcp',
        notrack => true,
        port    => '80',
    }

    ferm::client { 'swift-object-server-client':
        proto   => 'tcp',
        notrack => true,
        port    => 6000,
    }

    # Per-disk object-server ports T222366
    ferm::client { 'swift-object-server-client-disks':
        proto   => 'tcp',
        notrack => true,
        port    => '6010:6040'
    }

    ferm::client { 'swift-container-server-client':
        proto   => 'tcp',
        notrack => true,
        port    => 6001,
    }

    ferm::client { 'swift-account-server-client':
        proto   => 'tcp',
        notrack => true,
        port    => 6002,
    }

    $swift_access = concat($swift_backends, $swift_frontends)
    $swift_access_ferm = join($swift_access, ' ')

    ferm::service { 'swift-memcached':
        proto   => 'tcp',
        port    => '11211',
        notrack => true,
        srange  => "@resolve((${swift_access_ferm}))",
    }

    $http_s = $use_tls ? {
        true  => 'https',
        false => 'http',
    }
    monitoring::service { "swift-${http_s}-frontend":
        description   => "Swift ${http_s} frontend",
        check_command => "check_${http_s}_url!${::swift::proxy::proxy_service_host}!/monitoring/frontend",
        notes_url     => 'https://wikitech.wikimedia.org/wiki/Swift',
    }
    monitoring::service { "swift-${http_s}-backend":
        description   => "Swift ${http_s} backend",
        check_command => "check_${http_s}_url!${::swift::proxy::proxy_service_host}!/monitoring/backend",
        notes_url     => 'https://wikitech.wikimedia.org/wiki/Swift',
    }


    $ring_manager_ensure = $swift_clusters[$swift_cluster_label]['ring_manager'] ? {
        $facts['networking']['fqdn'] => 'present',
        default => 'absent',
    }
    class { 'rsync::server':
        ensure_service => stdlib::ensure($ring_manager_ensure, 'service'),
    }

    class { 'swift::ring_manager':
        ensure        => $ring_manager_ensure,
        swift_cluster => $swift_cluster_name,
        puppetmasters => keys($puppetmasters) + $puppetservers,
    }
}