docker/services/ceph-ansible/ceph-base.yaml

   1 heat_template_version: pike
   2
   3 description: >
   4   Ceph base service. Shared by all Ceph services.
   5
   6 parameters:
   7   ServiceData:
   8     default: {}
   9     description: Dictionary packing service data
  10     type: json
  11   ServiceNetMap:
  12     default: {}
  13     description: Mapping of service_name -> network name. Typically set
  14                  via parameter_defaults in the resource registry.  This
  15                  mapping overrides those in ServiceNetMapDefaults.
  16     type: json
  17   DefaultPasswords:
  18     default: {}
  19     type: json
  20   RoleName:
  21     default: ''
  22     description: Role name on which the service is applied
  23     type: string
  24   RoleParameters:
  25     default: {}
  26     description: Parameters specific to the role
  27     type: json
  28   EndpointMap:
  29     default: {}
  30     description: Mapping of service endpoint -> protocol. Typically set
  31                  via parameter_defaults in the resource registry.
  32     type: json
  33   StackUpdateType:
  34     type: string
  35     description: >
  36       Type of update, to differentiate between UPGRADE and UPDATE cases
  37       when StackAction is UPDATE (both are the same stack action).
  38     constraints:
  39     - allowed_values: ['', 'UPGRADE']
  40     default: ''
  41   CephAnsibleWorkflowName:
  42     type: string
  43     description: Name of the Mistral workflow to execute
  44     default: tripleo.storage.v1.ceph-install
  45   CephAnsiblePlaybook:
  46     type: string
  47     description: Path to the ceph-ansible playbook to execute
  48     default: /usr/share/ceph-ansible/site-docker.yml.sample
  49   CephAnsibleUpgradePlaybook:
  50     type: string
  51     description: Path to the ceph-ansible playbook to execute on upgrade
  52     default: /usr/share/ceph-ansible/infrastructure-playbooks/switch-from-non-containerized-to-containerized-ceph-daemons.yml
  53   CephAnsibleExtraConfig:
  54     type: json
  55     description: Extra vars for the ceph-ansible playbook
  56     default: {}
  57   CephAnsibleSkipTags:
  58     type: string
  59     description: List of ceph-ansible tags to skip
  60     default: 'package-install,with_pkg'
  61   CephConfigOverrides:
  62     type: json
  63     description: Extra config settings to dump into ceph.conf
  64     default: {}
  65   CephClusterFSID:
  66     type: string
  67     description: The Ceph cluster FSID. Must be a UUID.
  68   CephPoolDefaultPgNum:
  69     description: default pg_num to use for the RBD pools
  70     type: number
  71     default: 128
  72   CephPools:
  73     description: >
  74       It can be used to override settings for one of the predefined pools, or to create
  75       additional ones. Example:
  76       {
  77         "volumes": {
  78           "size": 5,
  79           "pg_num": 128,
  80           "pgp_num": 128
  81          }
  82       }
  83     default: {}
  84     type: json
  85   CinderRbdPoolName:
  86     default: volumes
  87     type: string
  88   CinderBackupRbdPoolName:
  89     default: backups
  90     type: string
  91   GlanceRbdPoolName:
  92     default: images
  93     type: string
  94   GnocchiRbdPoolName:
  95     default: metrics
  96     type: string
  97   NovaRbdPoolName:
  98     default: vms
  99     type: string
 100   CephClientKey:
 101     description: The Ceph client key. Can be created with ceph-authtool --gen-print-key.
 102     type: string
 103     hidden: true
 104   CephClientUserName:
 105     default: openstack
 106     type: string
 107   CephRgwClientName:
 108     default: radosgw
 109     type: string
 110   CephRgwKey:
 111     description: The cephx key for the radosgw client. Can be created
 112                  with ceph-authtool --gen-print-key.
 113     type: string
 114     hidden: true
 115   CephPoolDefaultSize:
 116     description: default minimum replication for RBD copies
 117     type: number
 118     default: 3
 119   ManilaCephFSNativeCephFSAuthId:
 120     default: manila
 121     type: string
 122   CephManilaClientKey:
 123     default: ''
 124     description: The Ceph client key. Can be created with ceph-authtool --gen-print-key.
 125     type: string
 126     hidden: true
 127   CephIPv6:
 128     default: False
 129     type: boolean
 130   SwiftPassword:
 131     description: The password for the swift service account
 132     type: string
 133     hidden: true
 134   DockerCephDaemonImage:
 135     description: image
 136     type: string
 137
 138 conditions:
 139   custom_registry_host:
 140     yaql:
 141       data: {get_param: DockerCephDaemonImage}
 142       expression: $.data.split('/')[0].matches('(\.|:)')
 143   perform_upgrade:
 144     equals: [{get_param: StackUpdateType}, 'UPGRADE']
 145
 146 resources:
 147   DockerImageUrlParts:
 148     type: OS::Heat::Value
 149     properties:
 150       type: json
 151       value:
 152         host:
 153           if:
 154           - custom_registry_host
 155           - yaql:
 156               expression: let(location => $.data.rightSplit(':', 1)[0]) -> regex('(?:https?://)?(.*?)/(.*)').split($location)[1]
 157               data: {get_param: DockerCephDaemonImage}
 158           - docker.io
 159         image:
 160           if:
 161           - custom_registry_host
 162           - yaql:
 163               expression: let(location => $.data.rightSplit(':', 1)[0]) -> regex('(?:https?://)?(.*?)/(.*)').split($location)[2]
 164               data: {get_param: DockerCephDaemonImage}
 165           - yaql:
 166               expression: $.data.rightSplit(':', 1)[0]
 167               data: {get_param: DockerCephDaemonImage}
 168         image_tag:
 169           yaql:
 170             expression: $.data.rightSplit(':', 1)[1]
 171             data: {get_param: DockerCephDaemonImage}
 172
 173 outputs:
 174   role_data:
 175     description: Role data for the Ceph base service.
 176     value:
 177       service_name: ceph_base
 178       upgrade_tasks: []
 179       step_config: ''
 180       puppet_config:
 181         config_image: ''
 182         config_volume: ''
 183         step_config: ''
 184       docker_config: {}
 185       workflow_tasks:
 186         step2:
 187           - name: ceph_base_ansible_workflow
 188             workflow: { get_param: CephAnsibleWorkflowName }
 189             input:
 190               ansible_skip_tags: {get_param: CephAnsibleSkipTags}
 191               ceph_ansible_extra_vars: {get_param: CephAnsibleExtraConfig}
 192               ceph_ansible_playbook:
 193                 if:
 194                   - perform_upgrade
 195                   - {get_param: CephAnsibleUpgradePlaybook}
 196                   - {get_param: CephAnsiblePlaybook}
 197       config_settings:
 198         ceph_common_ansible_vars:
 199           ireallymeanit: 'yes'
 200           fsid: { get_param: CephClusterFSID }
 201           docker: true
 202           ceph_release: jewel
 203           ceph_docker_registry: {get_attr: [DockerImageUrlParts, value, host]}
 204           ceph_docker_image: {get_attr: [DockerImageUrlParts, value, image]}
 205           ceph_docker_image_tag: {get_attr: [DockerImageUrlParts, value, image_tag]}
 206           containerized_deployment: true
 207           public_network: {get_param: [ServiceData, net_cidr_map, {get_param: [ServiceNetMap, CephMonNetwork]}]}
 208           monitor_address_block: {get_param: [ServiceData, net_cidr_map, {get_param: [ServiceNetMap, CephMonNetwork]}]}
 209           cluster_network: {get_param: [ServiceData, net_cidr_map, {get_param: [ServiceNetMap, CephClusterNetwork]}]}
 210           user_config: true
 211           ceph_stable: true
 212           ceph_origin: distro
 213           openstack_config: true
 214           openstack_pools:
 215             list_concat:
 216               - repeat:
 217                   template:
 218                     name: <%pool%>
 219                     pg_num: {get_param: CephPoolDefaultPgNum}
 220                     rule_name: ""
 221                   for_each:
 222                     <%pool%>:
 223                       - {get_param: CinderRbdPoolName}
 224                       - {get_param: CinderBackupRbdPoolName}
 225                       - {get_param: NovaRbdPoolName}
 226                       - {get_param: GlanceRbdPoolName}
 227                       - {get_param: GnocchiRbdPoolName}
 228               - repeat:
 229                   template:
 230                     name: <%pool%>
 231                     pg_num: {get_param: CephPoolDefaultPgNum}
 232                     rule_name: ""
 233                   for_each:
 234                     <%pool%>: {get_param: CephPools}
 235           openstack_keys: &openstack_keys
 236           - name:
 237               list_join:
 238               - '.'
 239               - - client
 240                 - {get_param: CephClientUserName}
 241             key: {get_param: CephClientKey}
 242             mon_cap: "allow r"
 243             osd_cap:
 244               str_replace:
 245                template: "allow class-read object_prefix rbd_children, allow rwx pool=CINDER_POOL, allow rwx pool=CINDERBACKUP_POOL, allow rwx pool=NOVA_POOL, allow rwx pool=GLANCE_POOL, allow rwx pool=GNOCCHI_POOL"
 246                params:
 247                  NOVA_POOL: {get_param: NovaRbdPoolName}
 248                  CINDER_POOL: {get_param: CinderRbdPoolName}
 249                  CINDERBACKUP_POOL: {get_param: CinderBackupRbdPoolName}
 250                  GLANCE_POOL: {get_param: GlanceRbdPoolName}
 251                  GNOCCHI_POOL: {get_param: GnocchiRbdPoolName}
 252             mode: "0644"
 253           - name:
 254               list_join:
 255               - '.'
 256               - - client
 257                 - {get_param: ManilaCephFSNativeCephFSAuthId}
 258             key: {get_param: CephManilaClientKey}
 259             mon_cap: 'allow r, allow command \\\"auth del\\\", allow command \\\"auth caps\\\", allow command \\\"auth get\\\", allow command \\\"auth get-or-create\\\"'
 260             mds_cap: "allow *"
 261             osd_cap: "allow rw"
 262             mode: "0644"
 263           - name:
 264               list_join:
 265               - '.'
 266               - - client
 267                 - {get_param: CephRgwClientName}
 268             key: {get_param: CephRgwKey}
 269             mon_cap: "allow rw"
 270             osd_cap: "allow rwx"
 271             mode: "0644"
 272           keys: *openstack_keys
 273           pools: []
 274           ceph_conf_overrides:
 275             map_merge:
 276               - global:
 277                   osd_pool_default_size: {get_param: CephPoolDefaultSize}
 278                   osd_pool_default_pg_num: {get_param: CephPoolDefaultPgNum}
 279                   osd_pool_default_pgp_num: {get_param: CephPoolDefaultPgNum}
 280                   rgw_keystone_api_version: 3
 281                   rgw_keystone_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
 282                   rgw_keystone_accepted_roles: 'Member, _member_, admin'
 283                   rgw_keystone_admin_domain: default
 284                   rgw_keystone_admin_project: service
 285                   rgw_keystone_admin_user: swift
 286                   rgw_keystone_admin_password: {get_param: SwiftPassword}
 287                   rgw_s3_auth_use_keystone: 'true'
 288               - {get_param: CephConfigOverrides}
 289           ntp_service_enabled: false
 290           generate_fsid: false
 291           ip_version:
 292             if:
 293             - {get_param: CephIPv6}
 294             - ipv6
 295             - ipv4