Appendix A. Google Cloud Storage configuration

To configure the Block Storage service (cinder) to use Google Cloud Storage as a backup back end, complete the following procedures:

  1. Create and download the service account credentials of your Google account:

  2. Create an environment file to map the Block Storage settings that you require:

  3. Re-deploy the overcloud with the environment file that you created:

Prerequisites

  • You have the username and password of an account with elevated privileges. You can use the stack user account that is created to deploy the overcloud. For more information, see the Director Installation and Usage guide.
  • You have a Google account with access to Google Cloud Platform. The Block Storage service uses this account to access and use Google Cloud to store backups.

A.1. Creating the GCS credentials file

The Block Storage service (cinder) requires your Google credentials to access and use Google Cloud for backups. You can provide these credentials to the Block Storage service by creating a service account key.

Procedure

  1. Log in to the Google developer console (http://console.developers.google.com) with your Google account.
  2. Click the Credentials tab and select Service account key from the Create credentials drop-down menu.

    creds create

  3. In the Create service account key screen, select the service account that you want the Block Storage service to use from the Service account drop-down menu:

    creds json compengine

  4. In the same screen, select JSON from the Key type section and click Create. The browser will then download the key to its default download location:

    creds key

  5. Open the file and note the value of the project_id parameter:

    {
      "type": "service_account",
      "project_id": "*cloud-backup-1370*",
    ...
  6. Save a copy of the GCS JSON credentials to /home/stack/templates/Cloud-Backup.json

    Important
    Name the file Cloud-Backup.json and do not change the file name. This JSON file must be in the same directory location as the cinder-backup-gcs.yaml file that you create as part of the procedure in Section A.2, “Creating cinder-backup-gcs.yaml.

A.2. Creating cinder-backup-gcs.yaml

Using the example file provided, create the cinder-backup-gcs.yaml file.

Note

The white space and format used in this the example (and in your file) are critical. If the white space is changed, then the file might not function as expected.

Procedure

  1. Copy the text below, paste it into the new file. Do not make any modifications to the file contents.

    heat_template_version: rocky
    
    description: >
      Post-deployment for configuration cinder-backup to GCS
    
    parameters:
      servers:
        type: json
      DeployIdentifier:
        type: string
    
    resources:
      CinderBackupGcsExtraConfig:
        type: OS::Heat::SoftwareConfig
        properties:
          group: script
          config:
            str_replace:
              template: |
                #!/bin/bash
                GCS_FILE=/var/lib/config-data/puppet-generated/cinder/etc/cinder/Cloud-Backup.json
                HOSTNAME=$(hostname -s)
                for NODE in $(hiera -c /etc/puppet/hiera.yaml cinder_backup_short_node_names | tr -d '[]",'); do
                  if [ $NODE == $HOSTNAME ]; then
                    cat <<EOF > $GCS_FILE
                GCS_JSON_DATA
                EOF
                    chmod 0640 $GCS_FILE
                    chown root:42407 $GCS_FILE
                  fi
                done
              params:
                GCS_JSON_DATA: {get_file: Cloud-Backup.json}
    
      CinderBackupGcsDeployment:
        type: OS::Heat::SoftwareDeploymentGroup
        properties:
          servers:  {get_param: servers}
          config: {get_resource: CinderBackupGcsExtraConfig}
          actions: ['CREATE','UPDATE']
          input_values:
            deploy_identifier: {get_param: DeployIdentifier}
  2. Save the file as /home/stack/templates/cinder-backup-gcs.yaml.

A.3. Creating the environment file with your Google Cloud settings

Create the environment file to contain the settings that you want to apply to the Block Storage service (cinder). In this case, the environment file configures the Block Storage service to store volume backups to Google Cloud. For more information about environment files, see the Director Installation and Usage guide.

Use the following example environment file and update the backup_gcs_project_id with the project ID that is listed in the Cloud-Backup.json file. You can also change the backup_gcs_bucket_location location from US to location that is closer to your location.

For a list of configuration options for the Google Cloud Backup Storage backup back end, see Table A.1, “Google Cloud Storage backup back end configuration options”.

Procedure

  1. Copy the environment file example below. Retain the white space usage.
  2. Paste the content into a new file: /home/stack/templates/cinder-backup-settings.yaml
  3. Change the value for backup_gcs_project_id from cloud-backup-1370 to the project ID listed in the Cloud-Backup.json file.
  4. Save the file.

Environment file example

Define each setting in the environment file. Use Table A.1, “Google Cloud Storage backup back end configuration options” to select the available configuration options.

resource_registry:
  OS::TripleO::Services::CinderBackup: /usr/share/openstack-tripleo-heat-templates/deployment/cinder/cinder-backup-pacemaker-puppet.yaml
  # For non-pcmk managed implementation
  # OS::TripleO::Services::CinderBackup: /usr/share/openstack-tripleo-heat-templates/deployment/cinder/cinder-backup-container-puppet.yaml
  OS::TripleO::NodeExtraConfigPost: /home/stack/templates/cinder-backup-gcs.yaml

parameter_defaults:
  CinderBackupBackend: swift
  ExtraConfig:
    cinder::backup::swift::backup_driver: cinder.backup.drivers.gcs.GoogleBackupDriver
    cinder::config::cinder_config:
      DEFAULT/backup_gcs_credential_file:
        value: /etc/cinder/Cloud-Backup.json
      DEFAULT/backup_gcs_project_id:
        value: cloud-backup-1370
      DEFAULT/backup_gcs_bucket:
        value: cinder-backup-gcs
      DEFAULT/backup_gcs_bucket_location:
        value: us

Table A.1. Google Cloud Storage backup back end configuration options

PARAMDefaultCONFIG Description

backup_gcs_project_id

 

Required. The project ID of the service account that you are using and that is included in the project_id of the service account key from Section A.1, “Creating the GCS credentials file”.

backup_gcs_credential_file

 

The absolute path to the service account key file that you created in Section A.1, “Creating the GCS credentials file”.

backup_gcs_bucket

 

The GCS bucket, or object storage repository, that you want to use, which might or might not exist. If you specify a non-existent bucket, the Google Cloud Storage backup driver creates one and assigns it the name that you specify here. For more information, see Buckets and Bucket name requirements.

backup_gcs_bucket_location

us

The location of the GCS bucket. This value is used only if you specify a non-existent bucket in backup_gcs_bucket; in which case, the Google Cloud Storage backup driver specifies this as the GCS bucket location.

backup_gcs_object_size

52428800

The size, in bytes, of GCS backup objects.

backup_gcs_block_size

32768

The size, in bytes, that changes are tracked for incremental backups. This value must be a multiple of the backup_gcs_object_size value.

backup_gcs_user_agent

gcscinder

The HTTP user-agent string for the GCS API.

backup_gcs_reader_chunk_size

2097152

GCS objects are downloaded in chunks of this size, in bytes.

backup_gcs_writer_chunk_size

2097152

GCS objects are uploaded in chunks of this size, in bytes. To upload files as a single chunk instead, use the value -1.

backup_gcs_num_retries

3

Number of retries to attempt.

backup_gcs_storage_class

NEARLINE

Storage class of the GCS bucket. This value is used only if you specify a non-existent bucket in backup_gcs_bucket; in which case, the Google Cloud Storage backup driver specifies this as the GCS bucket storage class. For more information, see Storage Classes.

backup_gcs_retry_error_codes

429

List of GCS error codes.

backup_gcs_enable_progress_timer

True

Boolean to enable or disable the timer for sending periodic progress notifications to the Telemetry service (ceilometer) during volume backups. This is enabled by default (True).

Warning

When you create new buckets, Google Cloud Storage charges based on the storage class that you choose (backup_gcs_storage_class). The default NEARLINE class is appropriate for backup services.

Warning

You cannot edit the location or class of a bucket after you create it. For more information, see Managing a bucket’s storage class or location.

A.4. Deploying the overcloud

When you have created the environment file file in /home/stack/templates/, deploy the overcloud then restart the cinder-backup service:

Procedure

  1. Log in as the stack user.
  2. Deploy the configuration:

    $ openstack overcloud deploy --templates \
    -e /home/stack/templates/cinder-backup-settings.yaml
    Important

    If you passed any extra environment files when you created the overcloud, pass them again here using the -e option to avoid making undesired changes to the overcloud.

  3. Restart the cinder-backup service after the deployment finishes.

For more information, see the Including Environment Files in Overcloud Creation in the Director Installation and Usage Guide and the Environment Files section of the Advanced Overcloud Customization Guide.