X-Git-Url: https://gerrit.opnfv.org/gerrit/gitweb?a=blobdiff_plain;f=puppet%2Fceph-cluster-config.yaml;h=96198c3f3fcbefeac84bec87ea0070a11d7509ad;hb=a2cb9e478d9a4cfaf064a2956bffe6d414bd47c0;hp=dab029f33672cfdf1c66cd08fdec88f2bd63603a;hpb=44a22fc61e24c2efc221edd7085c8f4d44b39fc0;p=apex-tripleo-heat-templates.git diff --git a/puppet/ceph-cluster-config.yaml b/puppet/ceph-cluster-config.yaml index dab029f3..96198c3f 100644 --- a/puppet/ceph-cluster-config.yaml +++ b/puppet/ceph-cluster-config.yaml @@ -1,7 +1,19 @@ -heat_template_version: 2014-10-16 +heat_template_version: 2015-04-30 description: 'Ceph Cluster config data for Puppet' parameters: + ceph_storage_count: + default: 0 + type: number + description: Number of Ceph storage nodes. Used to enable/disable managed Ceph installation. + ceph_external_mon_ips: + default: '' + type: string + description: List of external Ceph Mon host IPs. + ceph_client_key: + default: '' + type: string + description: Ceph key used to create the client user keyring. ceph_fsid: default: '' type: string @@ -15,6 +27,18 @@ parameters: type: comma_delimited_list ceph_mon_ips: type: comma_delimited_list + NovaRbdPoolName: + default: vms + type: string + CinderRbdPoolName: + default: volumes + type: string + GlanceRbdPoolName: + default: images + type: string + CephClientUserName: + default: openstack + type: string resources: CephClusterConfigImpl: @@ -26,6 +50,7 @@ resources: datafiles: ceph_cluster: mapped_data: + ceph_storage_count: {get_param: ceph_storage_count} ceph_mon_initial_members: list_join: - ',' @@ -35,11 +60,51 @@ resources: - ',' - {get_param: ceph_mon_ips} ceph::profile::params::fsid: {get_param: ceph_fsid} - ceph::profile::params::admin_key: {get_param: ceph_admin_key} ceph::profile::params::mon_key: {get_param: ceph_mon_key} - # We would need a dedicated key for OSD - ceph::profile::params::bootstrap_osd_key: {get_param: ceph_mon_key} - ceph::profile::params::osds: '{"/srv/data": {}}' + # We should use a separated key for the non-admin clients + ceph::profile::params::client_keys: + str_replace: + template: "{ + client.admin: { + secret: 'ADMIN_KEY', + mode: '0600', + cap_mon: 'allow *', + cap_osd: 'allow *', + cap_mds: 'allow *' + }, + client.bootstrap-osd: { + secret: 'ADMIN_KEY', + keyring_path: '/var/lib/ceph/bootstrap-osd/ceph.keyring', + cap_mon: 'allow profile bootstrap-osd' + }, + client.CLIENT_USER: { + secret: 'ADMIN_KEY', + mode: '0644', + cap_mon: 'allow r', + cap_osd: 'allow class-read object_prefix rbd_children, allow rwx pool=CINDER_POOL, allow rwx pool=NOVA_POOL, allow rwx pool=GLANCE_POOL' + } + }" + params: + CLIENT_USER: {get_param: CephClientUserName} + ADMIN_KEY: {get_param: ceph_admin_key} + NOVA_POOL: {get_param: NovaRbdPoolName} + CINDER_POOL: {get_param: CinderRbdPoolName} + GLANCE_POOL: {get_param: GlanceRbdPoolName} + nova::compute::rbd::libvirt_images_rbd_pool: {get_param: NovaRbdPoolName} + cinder_rbd_pool_name: {get_param: CinderRbdPoolName} + glance::backend::rbd::rbd_store_pool: {get_param: GlanceRbdPoolName} + nova::compute::rbd::libvirt_rbd_user: {get_param: CephClientUserName} + glance::backend::rbd::rbd_store_user: {get_param: CephClientUserName} + nova::compute::rbd::rbd_keyring: + list_join: + - '.' + - - 'client' + - {get_param: CephClientUserName} + ceph_client_user_name: {get_param: CephClientUserName} + ceph_pools: + - {get_param: CinderRbdPoolName} + - {get_param: NovaRbdPoolName} + - {get_param: GlanceRbdPoolName} outputs: config_id: