Swift replication fails due to missing rsync in swift-account/container/object images
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
kolla |
Expired
|
Undecided
|
Unassigned |
Bug Description
There are two issues regarding rsync in the kolla swift-* images.
First, rsync is missing in swift-account/
Second, swift-rsyncd image is built with 'swift' as the default user, which doesn't have enough permission for rsyncd to chroot, rsync client will see errors like "@ERROR chroot failed". Another issue is that swift replicator seems to use the default rsync port(873) for replication, while in kolla-ansible the default value for swift_rsync_port is 10873, making swift-rsyncd listening on a different port. Although we can override the default swift_rsync_port, swift-rysncd still need root user(or sudo privilege) to listen on 873 port.
General steps to reproduce:
1, build swift ring files with two regions (r1 and r2)
2, customize /etc/kolla/
[app:proxy-server]
sorting_method = affinity
read_affinity = r1=100
write_affinity = r1
3, kolla deploy, post-deploy and source admin-openrc.sh
4, create an object , e.g. swift upload test abc , and swift stat test abc to find out the account AUTH_xxxxxx.
5, enter one swift-proxy , run swift-get-nodes, for example:
docker exec swift_proxy_server swift-get-nodes /etc/swift/
this will show where the replicas will be written to.
6, The replicas should be in region1, but not in region2
7, check replicator logs: docker logs swift_object_
swift-object-
My test environment was using ubuntu-source-* images with tag Pike , but I also see this in Ocata and Queens.
So the proposals here are:
1, include rysnc package when building swift-account/
2, Change USER to root in Dockerfile.j2 of swift-rsyncd
3, Change the default swift_rsync_port in kolla-ansible/
Regards,
It's been a long time and no response. Could someone have a look?