# Copyright 2017 The Openstack-Helm Authors. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. # Default values for ceph-mon. # This is a YAML-formatted file. # Declare name/value pairs to be passed into your templates. # name: value deployment: ceph: true storage_secrets: true images: pull_policy: IfNotPresent tags: ceph_bootstrap: 'docker.io/openstackhelm/ceph-daemon:latest' ceph_config_helper: 'docker.io/port/ceph-config-helper:v1.10.3' ceph_mon: 'docker.io/openstackhelm/ceph-daemon:latest' ceph_mon_check: 'docker.io/port/ceph-config-helper:v1.10.3' dep_check: 'quay.io/stackanetes/kubernetes-entrypoint:v0.3.1' image_repo_sync: 'docker.io/docker:17.07.0' local_registry: active: false exclude: - dep_check - image_repo_sync labels: job: node_selector_key: openstack-control-plane node_selector_value: enabled mon: node_selector_key: ceph-mon node_selector_value: enabled pod: dns_policy: "ClusterFirstWithHostNet" replicas: mon_check: 1 affinity: anti: type: default: preferredDuringSchedulingIgnoredDuringExecution topologyKey: default: kubernetes.io/hostname resources: enabled: false mon: requests: memory: "50Mi" cpu: "250m" limits: memory: "100Mi" cpu: "500m" mon_check: requests: memory: "5Mi" cpu: "250m" limits: memory: "50Mi" cpu: "500m" jobs: bootstrap: limits: memory: "1024Mi" cpu: "2000m" requests: memory: "128Mi" cpu: "500m" secret_provisioning: limits: memory: "1024Mi" cpu: "2000m" requests: memory: "128Mi" cpu: "500m" image_repo_sync: requests: memory: "128Mi" cpu: "100m" limits: memory: "1024Mi" cpu: "2000m" secrets: keyrings: mon: ceph-mon-keyring mds: ceph-bootstrap-mds-keyring osd: ceph-bootstrap-osd-keyring mgr: ceph-bootstrap-mgr-keyring admin: ceph-client-admin-keyring network: public: 192.168.0.0/16 cluster: 192.168.0.0/16 jobs: pool_checkPGs: # Execute every 15 minutes cron: "*/15 * * * *" history: # Number of successful job to keep successJob: 1 # Number of failed job to keep failJob: 1 concurrency: # Skip new job if previous job still active execPolicy: Forbid startingDeadlineSecs: 60 conf: templates: keyring: admin: | [client.admin] key = {{ key }} auid = 0 caps mds = "allow" caps mon = "allow *" caps osd = "allow *" caps mgr = "allow *" mon: | [mon.] key = {{ key }} caps mon = "allow *" bootstrap: mds: | [client.bootstrap-mds] key = {{ key }} caps mon = "allow profile bootstrap-mds" mgr: | [client.bootstrap-mgr] key = {{ key }} caps mgr = "allow profile bootstrap-mgr" osd: | [client.bootstrap-osd] key = {{ key }} caps mon = "allow profile bootstrap-osd" ceph: global: # auth cephx: true cephx_require_signatures: false cephx_cluster_require_signatures: true cephx_service_require_signatures: false objecter_inflight_op_bytes: "1073741824" objecter_inflight_ops: 10240 debug_ms: "0/0" mon_osd_down_out_interval: 1800 osd: osd_mkfs_type: xfs osd_mkfs_options_xfs: -f -i size=2048 osd_max_object_name_len: 256 ms_bind_port_min: 6800 ms_bind_port_max: 7100 osd_snap_trim_priority: 1 osd_snap_trim_sleep: 0.1 osd_pg_max_concurrent_snap_trims: 1 filestore_merge_threshold: -10 filestore_split_multiple: 12 filestore_max_sync_interval: 10 osd_scrub_begin_hour: 22 osd_scrub_end_hour: 4 osd_scrub_during_recovery: false osd_scrub_sleep: 0.1 osd_scrub_chunk_min: 1 osd_scrub_chunk_max: 4 osd_scrub_load_threshold: 10.0 osd_deep_scrub_stride: "1048576" osd_scrub_priority: 1 osd_recovery_op_priority: 1 osd_recovery_max_active: 1 osd_mount_options_xfs: "rw,noatime,largeio,inode64,swalloc,logbufs=8,logbsize=256k,allocsize=4M" osd_journal_size: 10240 storage: mon: directory: /var/lib/openstack-helm/ceph/mon dependencies: dynamic: common: local_image_registry: jobs: - ceph-mon-image-repo-sync services: - endpoint: node service: local_image_registry static: bootstrap: jobs: null services: - endpoint: internal service: ceph_mon job_keyring_generator: jobs: null mon: jobs: - ceph-storage-keys-generator - ceph-mon-keyring-generator moncheck: jobs: - ceph-storage-keys-generator - ceph-mon-keyring-generator services: - endpoint: discovery service: ceph_mon storage_keys_generator: jobs: null image_repo_sync: services: - endpoint: internal service: local_image_registry bootstrap: enabled: false script: | ceph -s function ensure_pool () { ceph osd pool stats $1 || ceph osd pool create $1 $2 local test_version=$(ceph tell osd.* version | egrep -c "mimic|luminous" | xargs echo) if [[ ${test_version} -gt 0 ]]; then ceph osd pool application enable $1 $3 fi } #ensure_pool volumes 8 cinder # if you change provision_storage_class to false # it is presumed you manage your own storage # class definition externally storageclass: rbd: provision_storage_class: true provisioner: ceph.com/rbd name: general monitors: null pool: rbd admin_id: admin admin_secret_name: pvc-ceph-conf-combined-storageclass admin_secret_namespace: ceph user_id: admin user_secret_name: pvc-ceph-client-key image_format: "2" image_features: layering cephfs: provision_storage_class: true provisioner: ceph.com/cephfs name: cephfs admin_id: admin user_secret_name: pvc-ceph-cephfs-client-key admin_secret_name: pvc-ceph-conf-combined-storageclass admin_secret_namespace: ceph endpoints: cluster_domain_suffix: cluster.local local_image_registry: name: docker-registry namespace: docker-registry hosts: default: localhost internal: docker-registry node: localhost host_fqdn_override: default: null port: registry: node: 5000 ceph_mon: namespace: null hosts: default: ceph-mon discovery: ceph-mon-discovery host_fqdn_override: default: null port: mon: default: 6789 manifests: configmap_bin: true configmap_etc: true configmap_templates: true daemonset_mon: true deployment_moncheck: true job_image_repo_sync: true job_bootstrap: true job_keyring: true service_mon: true service_mon_discovery: true job_storage_admin_keys: true cronjob_checkPGs: false