From 943e41d2cb3629f4af46a3c0803406c3ec4f221c Mon Sep 17 00:00:00 2001 From: Xinliang Liu Date: Wed, 8 Aug 2018 13:46:02 +0800 Subject: [PATCH] Add ResellerAdmin role for ceph-rgw ResellerAdmin role is used to give users object storage administration role in their projects. It is required to pass object storage quotas tests[1] of DefCore (OpenStack Powered) certification test suite. [1] tempest.api.object_storage.test_account_quotas* Related-Bug: #1700729 Change-Id: Id976827aa7da271e54b77476f175f06bd1a00cc8 --- ansible/roles/ceph/tasks/start_rgw_keystone.yml | 10 ++++++++++ ansible/roles/ceph/templates/ceph.conf.j2 | 1 + 2 files changed, 11 insertions(+) diff --git a/ansible/roles/ceph/tasks/start_rgw_keystone.yml b/ansible/roles/ceph/tasks/start_rgw_keystone.yml index 7036ff6f92..945cad0ab1 100644 --- a/ansible/roles/ceph/tasks/start_rgw_keystone.yml +++ b/ansible/roles/ceph/tasks/start_rgw_keystone.yml @@ -30,3 +30,13 @@ auth: "{{ openstack_ceph_rgw_auth }}" endpoint_type: "{{ openstack_interface }}" run_once: True + +- name: Creating the ResellerAdmin role + kolla_toolbox: + module_name: "os_keystone_role" + module_args: + name: "ResellerAdmin" + region_name: "{{ openstack_region_name }}" + auth: "{{ openstack_ceph_rgw_auth }}" + endpoint_type: "{{ openstack_interface }}" + run_once: True diff --git a/ansible/roles/ceph/templates/ceph.conf.j2 b/ansible/roles/ceph/templates/ceph.conf.j2 index 704bc8a663..0ea2522f6f 100644 --- a/ansible/roles/ceph/templates/ceph.conf.j2 +++ b/ansible/roles/ceph/templates/ceph.conf.j2 @@ -40,6 +40,7 @@ rgw_keystone_admin_project = service rgw_keystone_admin_domain = default rgw_keystone_api_version = 3 rgw_keystone_accepted_roles = admin, {{ keystone_default_user_role }} +rgw_keystone_accepted_admin_roles = ResellerAdmin rgw_swift_versioning_enabled = true {% endif %} keyring = /etc/ceph/ceph.client.radosgw.keyring