Code Review / apex-tripleo-heat-templates.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | patch | inline | side by side (parent: cd706a8)
Add support for not using admin_token in Ceph/RGW
authorKeith Schincke <keith.schincke@gmail.com>
Thu, 1 Dec 2016 20:46:09 +0000 (15:46 -0500)
committerGiulio Fidente <gfidente@redhat.com>
Fri, 20 Jan 2017 16:34:36 +0000 (17:34 +0100)
This patch adds support for using Keystone V3 authentication
with Ceph/RGW. This removes the usage of the admin_token

Change-Id: I3265b787ed1f059f86fdc80a91d0f7ed498c1e16
Depends-On: I42861afcac221478dcb68be13b6dbc2533a7f158

puppet/services/ceph-rgw.yaml patch | blob | history

diff --git a/puppet/services/ceph-rgw.yaml b/puppet/services/ceph-rgw.yaml
index 6448387..9253699 100644 (file)
--- a/puppet/services/ceph-rgw.yaml
+++ b/puppet/services/ceph-rgw.yaml
@@ -57,7 +57,11 @@ outputs:
             tripleo::profile::base::ceph::rgw::keystone_url: {get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix]}
             tripleo::profile::base::ceph::rgw::civetweb_bind_ip: {get_param: [ServiceNetMap, CephRgwNetwork]}
             tripleo::profile::base::ceph::rgw::civetweb_bind_port: {get_param: [EndpointMap, CephRgwInternal, port]}
-            ceph::params::user_radosgw: ceph
+            tripleo::profile::base::ceph::rgw::rgw_keystone_version: v3
+            ceph::profile::params::rgw_keystone_admin_domain: default
+            ceph::profile::params::rgw_keystone_admin_project: service
+            ceph::profile::params::rgw_keystone_admin_user: swift
+            ceph::profile::params::rgw_keystone_admin_password: {get_param: SwiftPassword}
             tripleo.ceph_rgw.firewall_rules:
               '122 ceph rgw':
                 dport: {get_param: [EndpointMap, CephRgwInternal, port]}
@@ -68,7 +72,8 @@ outputs:
           ceph::rgw::keystone::auth::public_url: {get_param: [EndpointMap, CephRgwPublic, uri]}
           ceph::rgw::keystone::auth::internal_url: {get_param: [EndpointMap, CephRgwInternal, uri]}
           ceph::rgw::keystone::auth::admin_url: {get_param: [EndpointMap, CephRgwAdmin, uri]}
-          ceph::rgw::keystone::auth::user: 'swift'
-          ceph::rgw::keystone::auth::password: {get_param: SwiftPassword}
           ceph::rgw::keystone::auth::region: {get_param: KeystoneRegion}
-          ceph::rgw::keystone::auth::tenant: 'service'
+          ceph::rgw::keystone::auth::roles: [ 'admin', 'member', '_member_' ]
+          ceph::rgw::keystone::auth::tenant: service
+          ceph::rgw::keystone::auth::user: swift
+          ceph::rgw::keystone::auth::password: {get_param: SwiftPassword}