Code Review / apex-tripleo-heat-templates.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | inline | side by side
Merge "Maintain ceph-osd package only on nodes hosting CephOSD service" into stable...
[apex-tripleo-heat-templates.git] / docker / services / ceph-ansible / ceph-base.yaml
diff --git a/docker/services/ceph-ansible/ceph-base.yaml b/docker/services/ceph-ansible/ceph-base.yaml
index 2f2af2d..18d3e6a 100644 (file)
--- a/docker/services/ceph-ansible/ceph-base.yaml
+++ b/docker/services/ceph-ansible/ceph-base.yaml
@@ -100,6 +100,14 @@ parameters:
   CephClientUserName:
     default: openstack
     type: string
+  CephRgwClientName:
+    default: radosgw
+    type: string
+  CephRgwKey:
+    description: The cephx key for the radosgw client. Can be created
+                 with ceph-authtool --gen-print-key.
+    type: string
+    hidden: true
   CephPoolDefaultSize:
     description: default minimum replication for RBD copies
     type: number
@@ -115,10 +123,13 @@ parameters:
   CephIPv6:
     default: False
     type: boolean
+  SwiftPassword:
+    description: The password for the swift service account
+    type: string
+    hidden: true
   DockerCephDaemonImage:
     description: image
     type: string
-    default: 'ceph/daemon:tag-build-master-jewel-centos-7'
 
 conditions:
   custom_registry_host:
@@ -245,12 +256,29 @@ outputs:
             mds_cap: "allow *"
             osd_cap: "allow rw"
             mode: "0644"
+          - name:
+              list_join:
+              - '.'
+              - - client
+                - {get_param: CephRgwClientName}
+            key: {get_param: CephRgwKey}
+            mon_cap: "allow rw"
+            osd_cap: "allow rwx"
+            mode: "0644"
           keys: *openstack_keys
           pools: []
           ceph_conf_overrides:
             global:
               osd_pool_default_size: {get_param: CephPoolDefaultSize}
               osd_pool_default_pg_num: {get_param: CephPoolDefaultPgNum}
+              rgw_keystone_api_version: 3
+              rgw_keystone_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
+              rgw_keystone_accepted_roles: 'Member, _member_, admin'
+              rgw_keystone_admin_domain: default
+              rgw_keystone_admin_project: service
+              rgw_keystone_admin_user: swift
+              rgw_keystone_admin_password: {get_param: SwiftPassword}
+              rgw_s3_auth_use_keystone: 'true'
           ntp_service_enabled: false
           generate_fsid: false
           ip_version: