From f42b2b8865274b292aef2f61b3c5ef30d071fd87 Mon Sep 17 00:00:00 2001 From: Pranali Deore Date: Mon, 11 Sep 2017 11:51:57 +0530 Subject: Providing required priviledges to the mounted NFS volume Since, user ID on host and container differs, image-create with NFS backend was failing with permission error. But even after resolving permission error[1] the image was not getting created on the nfs share as the NFS endpoint is not mounted successfully on the container via puppet. This will be fixed by [2]. Now, adding two below changes in this patch, [1]. chown glance:glance /var/lib/glance. [2]. Proposing this solution to mount NFS endpoint on the host instead of mounting it on glance container, because mounting in container does not work as explained in LP Bug. Closes-Bug: 1708629 Change-Id: Ib60cb0d179e7c117dc26440746154136aa9d163e (cherry picked from commit ed11f8ebcfbaf1fbbebb4c83e3201e462fee14ee) --- docker/services/glance-api.yaml | 23 +++++++++++++++++++++++ 1 file changed, 23 insertions(+) (limited to 'docker/services') diff --git a/docker/services/glance-api.yaml b/docker/services/glance-api.yaml index e1a3827a..1a6f5c77 100644 --- a/docker/services/glance-api.yaml +++ b/docker/services/glance-api.yaml @@ -48,6 +48,16 @@ parameters: default: false description: Remove package if the service is being disabled during upgrade type: boolean + GlanceNfsShare: + default: '' + description: > + NFS share to mount for image storage (when GlanceNfsEnabled is true) + type: string + GlanceNfsOptions: + default: 'intr,context=system_u:object_r:glance_var_lib_t:s0' + description: > + NFS mount options for image storage (when GlanceNfsEnabled is true) + type: string conditions: @@ -108,6 +118,10 @@ outputs: dest: "/etc/ceph/" merge: true preserve_properties: true + permissions: + - path: /var/lib/glance + owner: glance:glance + recurse: true /var/lib/kolla/config_files/glance_api_tls_proxy.json: command: /usr/sbin/httpd -DFOREGROUND config_files: @@ -182,6 +196,15 @@ outputs: - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS - {} host_prep_tasks: + - name: Mount NFS on host + vars: + nfs_backend_enable: {get_param: GlanceNfsEnabled} + mount: name=/var/lib/glance src="{{item.NFS_SHARE}}" fstype=nfs4 opts="{{item.NFS_OPTIONS}}" state=mounted + with_items: + - NFS_SHARE: {get_param: GlanceNfsShare} + NFS_OPTIONS: {get_param: GlanceNfsOptions} + when: + - nfs_backend_enable - name: create persistent logs directory file: path: "{{ item }}" -- cgit 1.2.3-korg