X-Git-Url: https://gerrit.opnfv.org/gerrit/gitweb?a=blobdiff_plain;f=puppet%2Fservices%2Fceph-base.yaml;h=ce9f9b9d6206fc729170c119ae5f6cf1c3105f96;hb=ef6b8d44c26c5bb172e5f9c90e170eba43084066;hp=415b77b61f50da366fb2e0eb03e2ce36d60c306d;hpb=a6044b2ba9933e05b7b4685c4863c70410238bfe;p=apex-tripleo-heat-templates.git diff --git a/puppet/services/ceph-base.yaml b/puppet/services/ceph-base.yaml index 415b77b6..ce9f9b9d 100644 --- a/puppet/services/ceph-base.yaml +++ b/puppet/services/ceph-base.yaml @@ -1,10 +1,12 @@ -heat_template_version: 2016-04-08 +heat_template_version: pike description: > Ceph base service. Shared by all Ceph services. parameters: + # NOTE(gfidente): needs a default to cope with external Ceph deployments were we don't pass (and need) an Admin key CephAdminKey: + default: '' description: The Ceph admin client key. Can be created with ceph-authtool --gen-print-key. type: string hidden: true @@ -18,9 +20,6 @@ parameters: CephClusterFSID: type: string description: The Ceph cluster FSID. Must be a UUID. - CephIPv6: - default: False - type: boolean CinderRbdPoolName: default: volumes type: string @@ -36,6 +35,10 @@ parameters: NovaRbdPoolName: default: vms type: string + ServiceData: + default: {} + description: Dictionary packing service data + type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -45,6 +48,14 @@ parameters: DefaultPasswords: default: {} type: json + RoleName: + default: '' + description: Role name on which the service is applied + type: string + RoleParameters: + default: {} + description: Parameters specific to the role + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -70,41 +81,58 @@ outputs: value: service_name: ceph_base config_settings: - tripleo::profile::base::ceph::ceph_ipv6: {get_param: CephIPv6} tripleo::profile::base::ceph::enable_ceph_storage: {get_param: ControllerEnableCephStorage} - ceph::profile::params::osd_pool_default_min_size: 1 ceph::profile::params::osds: {/srv/data: {}} ceph::profile::params::manage_repo: false ceph::profile::params::authentication_type: cephx ceph::profile::params::fsid: {get_param: CephClusterFSID} - ceph::profile::params::client_keys: + # FIXME(gfidente): we should not have to list the packages explicitly in the templates, + # but this has to stay until https://bugs.launchpad.net/puppet-ceph/+bug/1629933 is fixed + ceph::params::packages: + - ceph-base + - ceph-mon + - ceph-osd + # NOTE: bind IP is found in Heat replacing the network name with the local node IP + # for the given network; replacement examples (eg. for internal_api): + # internal_api -> IP + # internal_api_uri -> [IP] + # internal_api_subnet - > IP/CIDR + ceph::profile::params::cluster_network: + str_replace: + template: "NETWORK_subnet" + params: + NETWORK: {get_param: [ServiceNetMap, CephClusterNetwork]} + ceph::profile::params::public_network: str_replace: - template: "{ - client.admin: { - secret: 'ADMIN_KEY', - mode: '0600', - cap_mon: 'allow *', - cap_osd: 'allow *', + template: "NETWORK_subnet" + params: + NETWORK: {get_param: [ServiceNetMap, CephMonNetwork]} + ceph::profile::params::public_addr: {get_param: [ServiceNetMap, CephMonNetwork]} + ceph::profile::params::client_keys: + map_replace: + - client.admin: + secret: {get_param: CephAdminKey} + mode: '0600' + cap_mon: 'allow *' + cap_osd: 'allow *' cap_mds: 'allow *' - }, - client.bootstrap-osd: { - secret: 'ADMIN_KEY', - keyring_path: '/var/lib/ceph/bootstrap-osd/ceph.keyring', + client.bootstrap-osd: + secret: {get_param: CephAdminKey} + keyring_path: '/var/lib/ceph/bootstrap-osd/ceph.keyring' cap_mon: 'allow profile bootstrap-osd' - }, - client.CLIENT_USER: { - secret: 'CLIENT_KEY', - mode: '0644', - cap_mon: 'allow r', - cap_osd: 'allow class-read object_prefix rbd_children, allow rwx pool=CINDER_POOL, allow rwx pool=CINDERBACKUP_POOL, allow rwx pool=NOVA_POOL, allow rwx pool=GLANCE_POOL, allow rwx pool=GNOCCHI_POOL' - } - }" - params: - CLIENT_USER: {get_param: CephClientUserName} - CLIENT_KEY: {get_param: CephClientKey} - ADMIN_KEY: {get_param: CephAdminKey} - NOVA_POOL: {get_param: NovaRbdPoolName} - CINDER_POOL: {get_param: CinderRbdPoolName} - CINDERBACKUP_POOL: {get_param: CinderBackupRbdPoolName} - GLANCE_POOL: {get_param: GlanceRbdPoolName} - GNOCCHI_POOL: {get_param: GnocchiRbdPoolName} + CEPH_CLIENT_KEY: + secret: {get_param: CephClientKey} + mode: '0644' + cap_mon: 'allow r' + cap_osd: + str_replace: + template: 'allow class-read object_prefix rbd_children, allow rwx pool=CINDER_POOL, allow rwx pool=CINDERBACKUP_POOL, allow rwx pool=NOVA_POOL, allow rwx pool=GLANCE_POOL, allow rwx pool=GNOCCHI_POOL' + params: + NOVA_POOL: {get_param: NovaRbdPoolName} + CINDER_POOL: {get_param: CinderRbdPoolName} + CINDERBACKUP_POOL: {get_param: CinderBackupRbdPoolName} + GLANCE_POOL: {get_param: GlanceRbdPoolName} + GNOCCHI_POOL: {get_param: GnocchiRbdPoolName} + - keys: + CEPH_CLIENT_KEY: + list_join: ['.', ['client', {get_param: CephClientUserName}]]