Update NovaCompute to consume CephClientKey

It is not necessary to get the Ceph key issueing a get-key to the Ceph
cluster; this change provides the libvirt key via parameter instead.

Change-Id: Iff3dbcb0f1b4d2373570e184e636a71553cea708

diff --git a/puppet/services/nova-compute.yaml b/puppet/services/nova-compute.yaml
index 68a71e4..33b07de 100644 (file)
--- a/puppet/services/nova-compute.yaml
+++ b/puppet/services/nova-compute.yaml
@@ -32,6 +32,13 @@ parameters:
   CephClientUserName:
     default: openstack
     type: string
+  CephClientKey:
+    description: The Ceph client key. Can be created with ceph-authtool --gen-print-key. Currently only used for external Ceph deployments to create the openstack user keyring.
+    type: string
+    hidden: true
+  CephClusterFSID:
+    type: string
+    description: The Ceph cluster FSID. Must be a UUID.
   CinderEnableNfsBackend:
     default: false
     description: Whether to enable or not the NFS backend for Cinder
@@ -159,12 +166,8 @@ outputs:
             nova::compute::rbd::libvirt_rbd_user: {get_param: CephClientUserName}
             tripleo::profile::base::nova::compute::cinder_nfs_backend: {get_param: CinderEnableNfsBackend}
             rbd_persistent_storage: {get_param: CinderEnableRbdBackend}
-            nova::compute::rbd::rbd_keyring:
-              list_join:
-              - '.'
-              - - 'client'
-                - {get_param: CephClientUserName}
-            nova::compute::rbd::libvirt_rbd_secret_uuid: "%{hiera('ceph::profile::params::fsid')}"
+            nova::compute::rbd::libvirt_rbd_secret_key: {get_param: CephClientKey}
+            nova::compute::rbd::libvirt_rbd_secret_uuid: {get_param: CephClusterFSID}
             nova::compute::instance_usage_audit: true
             nova::compute::instance_usage_audit_period: 'hour'
             nova::compute::rbd::ephemeral_storage: {get_param: NovaEnableRbdBackend}