Add support for deploying RGW with ceph-ansible
This patch allows usage of ceph-ansible to configure the RGW service in the overcloud. Still uses puppet-keystone to create the necessary user and endpoint in the catalog. Co-Authored-By: Giulio Fidente <gfidente@redhat.com> Change-Id: Iafa17bb64c54e40350b2ba7d76dea3d82fcab0e4
This commit is contained in:
parent
53db241cfb
commit
5b3cd1dcac
|
@ -100,6 +100,14 @@ parameters:
|
|||
CephClientUserName:
|
||||
default: openstack
|
||||
type: string
|
||||
CephRgwClientName:
|
||||
default: radosgw
|
||||
type: string
|
||||
CephRgwKey:
|
||||
description: The cephx key for the radosgw client. Can be created
|
||||
with ceph-authtool --gen-print-key.
|
||||
type: string
|
||||
hidden: true
|
||||
CephPoolDefaultSize:
|
||||
description: default minimum replication for RBD copies
|
||||
type: number
|
||||
|
@ -115,6 +123,10 @@ parameters:
|
|||
CephIPv6:
|
||||
default: False
|
||||
type: boolean
|
||||
SwiftPassword:
|
||||
description: The password for the swift service account
|
||||
type: string
|
||||
hidden: true
|
||||
DockerCephDaemonImage:
|
||||
description: image
|
||||
type: string
|
||||
|
@ -244,12 +256,29 @@ outputs:
|
|||
mds_cap: "allow *"
|
||||
osd_cap: "allow rw"
|
||||
mode: "0644"
|
||||
- name:
|
||||
list_join:
|
||||
- '.'
|
||||
- - client
|
||||
- {get_param: CephRgwClientName}
|
||||
key: {get_param: CephRgwKey}
|
||||
mon_cap: "allow rw"
|
||||
osd_cap: "allow rwx"
|
||||
mode: "0644"
|
||||
keys: *openstack_keys
|
||||
pools: []
|
||||
ceph_conf_overrides:
|
||||
global:
|
||||
osd_pool_default_size: {get_param: CephPoolDefaultSize}
|
||||
osd_pool_default_pg_num: {get_param: CephPoolDefaultPgNum}
|
||||
rgw_keystone_api_version: 3
|
||||
rgw_keystone_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
|
||||
rgw_keystone_accepted_roles: 'Member, _member_, admin'
|
||||
rgw_keystone_admin_domain: default
|
||||
rgw_keystone_admin_project: service
|
||||
rgw_keystone_admin_user: swift
|
||||
rgw_keystone_admin_password: {get_param: SwiftPassword}
|
||||
rgw_s3_auth_use_keystone: 'true'
|
||||
ntp_service_enabled: false
|
||||
generate_fsid: false
|
||||
ip_version:
|
||||
|
|
|
@ -0,0 +1,87 @@
|
|||
heat_template_version: pike
|
||||
|
||||
description: >
|
||||
Ceph RadosGW service.
|
||||
|
||||
parameters:
|
||||
ServiceData:
|
||||
default: {}
|
||||
description: Dictionary packing service data
|
||||
type: json
|
||||
ServiceNetMap:
|
||||
default: {}
|
||||
description: Mapping of service_name -> network name. Typically set
|
||||
via parameter_defaults in the resource registry. This
|
||||
mapping overrides those in ServiceNetMapDefaults.
|
||||
type: json
|
||||
DefaultPasswords:
|
||||
default: {}
|
||||
type: json
|
||||
RoleName:
|
||||
default: ''
|
||||
description: Role name on which the service is applied
|
||||
type: string
|
||||
RoleParameters:
|
||||
default: {}
|
||||
description: Parameters specific to the role
|
||||
type: json
|
||||
EndpointMap:
|
||||
default: {}
|
||||
description: Mapping of service endpoint -> protocol. Typically set
|
||||
via parameter_defaults in the resource registry.
|
||||
type: json
|
||||
SwiftPassword:
|
||||
description: The password for the swift service account
|
||||
type: string
|
||||
hidden: true
|
||||
KeystoneRegion:
|
||||
type: string
|
||||
default: 'regionOne'
|
||||
description: Keystone region for endpoint
|
||||
|
||||
resources:
|
||||
CephBase:
|
||||
type: ./ceph-base.yaml
|
||||
properties:
|
||||
ServiceData: {get_param: ServiceData}
|
||||
ServiceNetMap: {get_param: ServiceNetMap}
|
||||
DefaultPasswords: {get_param: DefaultPasswords}
|
||||
EndpointMap: {get_param: EndpointMap}
|
||||
RoleName: {get_param: RoleName}
|
||||
RoleParameters: {get_param: RoleParameters}
|
||||
|
||||
outputs:
|
||||
role_data:
|
||||
description: Role data for the Ceph RadosGW service.
|
||||
value:
|
||||
service_name: ceph_rgw
|
||||
upgrade_tasks: []
|
||||
step_config: ''
|
||||
puppet_config:
|
||||
config_image: ''
|
||||
config_volume: ''
|
||||
step_config: ''
|
||||
docker_config: {}
|
||||
service_workflow_tasks: {get_attr: [CephBase, role_data, service_workflow_tasks]}
|
||||
config_settings:
|
||||
map_merge:
|
||||
- tripleo.ceph_rgw.firewall_rules:
|
||||
'122 ceph rgw':
|
||||
dport: {get_param: [EndpointMap, CephRgwInternal, port]}
|
||||
- ceph_rgw_ansible_vars:
|
||||
map_merge:
|
||||
- {get_attr: [CephBase, role_data, config_settings, ceph_common_ansible_vars]}
|
||||
- radosgw_keystone: true
|
||||
radosgw_keystone_ssl: false
|
||||
radosgw_address_block: {get_param: [ServiceData, net_cidr_map, {get_param: [ServiceNetMap, CephRgwNetwork]}]}
|
||||
radosgw_civetweb_port: {get_param: [EndpointMap, CephRgwInternal, port]}
|
||||
service_config_settings:
|
||||
keystone:
|
||||
ceph::rgw::keystone::auth::public_url: {get_param: [EndpointMap, CephRgwPublic, uri]}
|
||||
ceph::rgw::keystone::auth::internal_url: {get_param: [EndpointMap, CephRgwInternal, uri]}
|
||||
ceph::rgw::keystone::auth::admin_url: {get_param: [EndpointMap, CephRgwAdmin, uri]}
|
||||
ceph::rgw::keystone::auth::region: {get_param: KeystoneRegion}
|
||||
ceph::rgw::keystone::auth::roles: [ 'admin', 'Member', '_member_' ]
|
||||
ceph::rgw::keystone::auth::tenant: service
|
||||
ceph::rgw::keystone::auth::user: swift
|
||||
ceph::rgw::keystone::auth::password: {get_param: SwiftPassword}
|
|
@ -0,0 +1,5 @@
|
|||
resource_registry:
|
||||
OS::TripleO::Services::CephRgw: ../../docker/services/ceph-ansible/ceph-rgw.yaml
|
||||
OS::TripleO::Services::SwiftProxy: OS::Heat::None
|
||||
OS::TripleO::Services::SwiftStorage: OS::Heat::None
|
||||
OS::TripleO::Services::SwiftRingBuilder: OS::Heat::None
|
Loading…
Reference in New Issue