Refactor pvcapid to use new configuration
This commit is contained in:
parent
bcc57638a9
commit
17f81e8296
|
@ -8,7 +8,7 @@ After = network-online.target
|
||||||
Type = simple
|
Type = simple
|
||||||
WorkingDirectory = /usr/share/pvc
|
WorkingDirectory = /usr/share/pvc
|
||||||
Environment = PYTHONUNBUFFERED=true
|
Environment = PYTHONUNBUFFERED=true
|
||||||
Environment = PVC_CONFIG_FILE=/etc/pvc/pvcapid.yaml
|
Environment = PVC_CONFIG_FILE=/etc/pvc/pvc.conf
|
||||||
ExecStart = /usr/share/pvc/pvcapid.py
|
ExecStart = /usr/share/pvc/pvcapid.py
|
||||||
Restart = on-failure
|
Restart = on-failure
|
||||||
|
|
||||||
|
|
|
@ -54,24 +54,105 @@ def strtobool(stringv):
|
||||||
##########################################################
|
##########################################################
|
||||||
|
|
||||||
# Parse the configuration file
|
# Parse the configuration file
|
||||||
|
config_file = None
|
||||||
try:
|
try:
|
||||||
pvcapid_config_file = os.environ["PVC_CONFIG_FILE"]
|
_config_file = "/etc/pvc/pvcapid.yaml"
|
||||||
|
if not os.path.exists(_config_file):
|
||||||
|
raise
|
||||||
|
config_file = _config_file
|
||||||
|
config_type = "legacy"
|
||||||
except Exception:
|
except Exception:
|
||||||
|
pass
|
||||||
|
try:
|
||||||
|
_config_file = os.environ["PVC_CONFIG_FILE"]
|
||||||
|
if not os.path.exists(_config_file):
|
||||||
|
raise
|
||||||
|
config_file = _config_file
|
||||||
|
config_type = "current"
|
||||||
|
except Exception:
|
||||||
|
pass
|
||||||
|
|
||||||
|
if not config_file:
|
||||||
print(
|
print(
|
||||||
'Error: The "PVC_CONFIG_FILE" environment variable must be set before starting pvcapid.'
|
'Error: The "PVC_CONFIG_FILE" environment variable must be set before starting pvcapid.'
|
||||||
)
|
)
|
||||||
exit(1)
|
exit(1)
|
||||||
|
|
||||||
print('Loading configuration from file "{}"'.format(pvcapid_config_file))
|
|
||||||
|
def load_configuration_file(config_file):
|
||||||
|
print('Loading configuration from file "{}"'.format(config_file))
|
||||||
|
|
||||||
# Read in the config
|
# Read in the config
|
||||||
try:
|
try:
|
||||||
with open(pvcapid_config_file, "r") as cfgfile:
|
with open(config_file, "r") as cfgfile:
|
||||||
o_config = yaml.load(cfgfile, Loader=yaml.BaseLoader)
|
o_config = yaml.load(cfgfile, Loader=yaml.BaseLoader)
|
||||||
except Exception as e:
|
except Exception as e:
|
||||||
print("ERROR: Failed to parse configuration file: {}".format(e))
|
print("ERROR: Failed to parse configuration file: {}".format(e))
|
||||||
exit(1)
|
exit(1)
|
||||||
|
|
||||||
|
return o_config
|
||||||
|
|
||||||
|
|
||||||
|
def get_configuration_current(config_file):
|
||||||
|
o_config = load_configuration_file(config_file)
|
||||||
|
try:
|
||||||
|
# Create the config object
|
||||||
|
config = {
|
||||||
|
"debug": strtobool(o_config["logging"].get("debug_logging", "False")),
|
||||||
|
"coordinators": o_config["cluster"]["all_coordinators"],
|
||||||
|
"listen_address": o_config["api"]["listen"]["address"],
|
||||||
|
"listen_port": int(o_config["api"]["listen"]["port"]),
|
||||||
|
"auth_enabled": strtobool(
|
||||||
|
o_config["api"]["authentication"].get("enabled", "False")
|
||||||
|
),
|
||||||
|
"auth_secret_key": o_config["api"]["authentication"]["secret_key"],
|
||||||
|
"auth_source": o_config["api"]["authentication"]["source"],
|
||||||
|
"ssl_enabled": strtobool(o_config["api"]["ssl"].get("enabled", "False")),
|
||||||
|
"ssl_cert_file": o_config["api"]["ssl"]["certificate"],
|
||||||
|
"ssl_key_file": o_config["api"]["ssl"]["private_key"],
|
||||||
|
"database_port": o_config["database"]["postgres"]["port"],
|
||||||
|
"database_host": o_config["database"]["postgres"]["hostname"],
|
||||||
|
"database_name": o_config["database"]["postgres"]["credentials"]["api"][
|
||||||
|
"database"
|
||||||
|
],
|
||||||
|
"database_user": o_config["database"]["postgres"]["credentials"]["api"][
|
||||||
|
"username"
|
||||||
|
],
|
||||||
|
"database_password": o_config["database"]["postgres"]["credentials"]["api"][
|
||||||
|
"password"
|
||||||
|
],
|
||||||
|
"queue_port": o_config["database"]["keydb"]["port"],
|
||||||
|
"queue_host": o_config["database"]["keydb"]["hostname"],
|
||||||
|
"queue_path": o_config["database"]["keydb"]["path"],
|
||||||
|
"storage_domain": o_config["cluster"]["networks"]["storage"]["domain"],
|
||||||
|
"storage_hosts": o_config["ceph"].get("monitor_hosts", None),
|
||||||
|
"ceph_monitor_port": o_config["ceph"]["monitor_port"],
|
||||||
|
"ceph_storage_secret_uuid": o_config["ceph"]["secret_uuid"],
|
||||||
|
}
|
||||||
|
|
||||||
|
# Use coordinators as storage hosts if not explicitly specified
|
||||||
|
if not config["storage_hosts"] or len(config["storage_hosts"]) < 1:
|
||||||
|
config["storage_hosts"] = config["coordinators"]
|
||||||
|
|
||||||
|
# Set up our token list if specified
|
||||||
|
if config["auth_source"] == "token":
|
||||||
|
config["auth_tokens"] = o_config["api"]["token"]
|
||||||
|
else:
|
||||||
|
if config["auth_enabled"]:
|
||||||
|
print(
|
||||||
|
"WARNING: No authentication method provided; disabling authentication."
|
||||||
|
)
|
||||||
|
config["auth_enabled"] = False
|
||||||
|
|
||||||
|
except Exception as e:
|
||||||
|
print(f"ERROR: Failed to load configuration: {e}")
|
||||||
|
exit(1)
|
||||||
|
|
||||||
|
return config
|
||||||
|
|
||||||
|
|
||||||
|
def get_configuration_legacy(config_file):
|
||||||
|
o_config = load_configuration_file(config_file)
|
||||||
try:
|
try:
|
||||||
# Create the config object
|
# Create the config object
|
||||||
config = {
|
config = {
|
||||||
|
@ -79,7 +160,9 @@ try:
|
||||||
"coordinators": o_config["pvc"]["coordinators"],
|
"coordinators": o_config["pvc"]["coordinators"],
|
||||||
"listen_address": o_config["pvc"]["api"]["listen_address"],
|
"listen_address": o_config["pvc"]["api"]["listen_address"],
|
||||||
"listen_port": int(o_config["pvc"]["api"]["listen_port"]),
|
"listen_port": int(o_config["pvc"]["api"]["listen_port"]),
|
||||||
"auth_enabled": strtobool(o_config["pvc"]["api"]["authentication"]["enabled"]),
|
"auth_enabled": strtobool(
|
||||||
|
o_config["pvc"]["api"]["authentication"]["enabled"]
|
||||||
|
),
|
||||||
"auth_secret_key": o_config["pvc"]["api"]["authentication"]["secret_key"],
|
"auth_secret_key": o_config["pvc"]["api"]["authentication"]["secret_key"],
|
||||||
"auth_tokens": o_config["pvc"]["api"]["authentication"]["tokens"],
|
"auth_tokens": o_config["pvc"]["api"]["authentication"]["tokens"],
|
||||||
"ssl_enabled": strtobool(o_config["pvc"]["api"]["ssl"]["enabled"]),
|
"ssl_enabled": strtobool(o_config["pvc"]["api"]["ssl"]["enabled"]),
|
||||||
|
@ -115,6 +198,13 @@ except Exception as e:
|
||||||
print("ERROR: Failed to load configuration: {}".format(e))
|
print("ERROR: Failed to load configuration: {}".format(e))
|
||||||
exit(1)
|
exit(1)
|
||||||
|
|
||||||
|
return config
|
||||||
|
|
||||||
|
|
||||||
|
if config_type == "legacy":
|
||||||
|
config = get_configuration_legacy(config_file)
|
||||||
|
else:
|
||||||
|
config = get_configuration_current(config_file)
|
||||||
|
|
||||||
##########################################################
|
##########################################################
|
||||||
# Entrypoint
|
# Entrypoint
|
||||||
|
|
|
@ -8,7 +8,7 @@ After = network-online.target
|
||||||
Type = simple
|
Type = simple
|
||||||
WorkingDirectory = /usr/share/pvc
|
WorkingDirectory = /usr/share/pvc
|
||||||
Environment = PYTHONUNBUFFERED=true
|
Environment = PYTHONUNBUFFERED=true
|
||||||
Environment = PVC_CONFIG_FILE=/etc/pvc/pvcapid.yaml
|
Environment = PVC_CONFIG_FILE=/etc/pvc/pvc.conf
|
||||||
ExecStart = /usr/share/pvc/pvcworkerd.sh
|
ExecStart = /usr/share/pvc/pvcworkerd.sh
|
||||||
Restart = on-failure
|
Restart = on-failure
|
||||||
|
|
||||||
|
|
|
@ -317,15 +317,18 @@ ceph:
|
||||||
# Monitor port, usually 6789
|
# Monitor port, usually 6789
|
||||||
monitor_port: 6789
|
monitor_port: 6789
|
||||||
|
|
||||||
|
# Monitor host(s), enable only you want to use hosts other than the coordinators
|
||||||
|
#monitor_hosts:
|
||||||
|
# - pvchv1
|
||||||
|
# - pvchv2
|
||||||
|
# - pvchv3
|
||||||
|
|
||||||
# Storage secret UUID, generated during Ansible cluster bootstrap
|
# Storage secret UUID, generated during Ansible cluster bootstrap
|
||||||
secret_uuid: ""
|
secret_uuid: ""
|
||||||
|
|
||||||
# API configuration
|
# API configuration
|
||||||
api:
|
api:
|
||||||
|
|
||||||
# Secret key for API cookies (long and secure password or UUID)
|
|
||||||
secret_key: "1234567890abcdefghijklmnopqrstuvwxyz"
|
|
||||||
|
|
||||||
# API listening configuration
|
# API listening configuration
|
||||||
listen:
|
listen:
|
||||||
|
|
||||||
|
@ -341,6 +344,9 @@ api:
|
||||||
# Enable or disable authentication
|
# Enable or disable authentication
|
||||||
enabled: yes
|
enabled: yes
|
||||||
|
|
||||||
|
# Secret key for API cookies (long and secure password or UUID)
|
||||||
|
secret_key: "1234567890abcdefghijklmnopqrstuvwxyz"
|
||||||
|
|
||||||
# Authentication source (token, others in future)
|
# Authentication source (token, others in future)
|
||||||
source: token
|
source: token
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue