Merge "rgw profile: Support keystone integration"

manifests/profile/params.pp

@@ -115,11 +115,14 @@
 #  Optional.
 #
 # [*frontend_type*] What type of frontend to use
-#   Optional. Options are apache-fastcgi, apache-proxy-fcgi or civetweb
+#   Optional. Options are civetweb, beast, apache-proxy-fcgi or apache-fastcgi.
 #
 # [*rgw_frontends*] Arguments to the rgw frontend
 #   Optional. Example: "civetweb port=7480"
 #
+# [*rgw_swift_url*] The URL for the Ceph Object Gateway Swift API.
+#   Optional.
+#
 # [*osd_max_backfills*] The maximum number of backfills allowed to or from a single OSD.
 #   Optional. Default provided by Ceph
 #
@@ -140,25 +143,32 @@
 #   Set to 0 to disable it.
 #   Optional. Default provided by Ceph
 #
-# [*rgw_keystone_version*] The api version for keystone.
-#   Possible values 'v2.0', 'v3'
-#   Optional. Default is 'v2.0'
+# [*rgw_keystone_integration*] Enables RGW integration with OpenStack Keystone
+#   Optional. Default is false
 #
-# [*rgw_keystone_admin_domain*] The name of OpenStack domain with admin
-#   privilege when using OpenStack Identity API v3
+# [*rgw_keystone_url*] The internal or admin url for keystone.
 #   Optional. Default is undef
 #
-# [*rgw_keystone_admin_project*] The name of OpenStack project with admin
-#   privilege when using OpenStack Identity API v3
+# [*rgw_keystone_admin_domain*] The name of OpenStack domain with admin privilege.
 #   Optional. Default is undef
 #
-# [*rgw_keystone_admin_user*] The user name of OpenStack tenant with admin
-#   privilege (Service Tenant)
-#   Required if is 'v3'.
+# [*rgw_keystone_admin_project*] The name of OpenStack project with admin privilege.
+#   Required when RGW integration with Keystone is enabled.
+#
+# [*rgw_keystone_admin_user*] The user name of OpenStack tenant with admin privilege.
+#   Required when RGW integration with Keystone is enabled.
 #
 # [*rgw_keystone_admin_password*] The password for OpenStack admin user
-#   Required if is 'v3'.
-# 
+#   Required when RGW integration with Keystone is enabled.
+#
+# [*rgw_swift_public_url*] The public URL of Swift API. Optional.
+#
+# [*rgw_swift_admin_url*] The admin URL of Swift API. Optional.
+#
+# [*rgw_swift_internal_url*] The internal URL of Swift API. Optional.
+#
+# [*rgw_swift_region*] The region for Swift API. Optional
+#
 # [*rbd_mirror_client_name*] Name of the cephx client key used for rbd mirroring
 #   Optional. Default is undef
 #
@@ -173,7 +183,7 @@
 #
 # [*rbd_default_features*] Set RBD features configuration.
 #   Optional. String. Defaults to undef.
-# 
+#
 # **DEPRECATED PARAMS**
 #
 # [*pid_max*] Value for pid_max. Defaults to undef. Optional.
@@ -213,17 +223,23 @@ class ceph::profile::params (
   $rgw_print_continue = undef,
   $frontend_type = undef,
   $rgw_frontends = undef,
+  $rgw_swift_url = undef,
   $osd_max_backfills = undef,
   $osd_recovery_max_active = undef,
   $osd_recovery_op_priority = undef,
   $osd_recovery_max_single_start = undef,
   $osd_max_scrubs = undef,
   $osd_op_threads = undef,
-  $rgw_keystone_version = 'v2.0',
+  Boolean $rgw_keystone_integration = false,
+  $rgw_keystone_url = undef,
   $rgw_keystone_admin_domain = undef,
   $rgw_keystone_admin_project = undef,
   $rgw_keystone_admin_user = undef,
   $rgw_keystone_admin_password = undef,
+  $rgw_swift_public_url = undef,
+  $rgw_swift_admin_url = undef,
+  $rgw_swift_internal_url = undef,
+  $rgw_swift_region = undef,
   $rbd_mirror_client_name = undef,
   $fs_metadata_pool = undef,
   $fs_data_pool = undef,

manifests/profile/rgw.pp

@@ -30,5 +30,26 @@ class ceph::profile::rgw {
     rgw_print_continue => $ceph::profile::params::rgw_print_continue,
     frontend_type      => $ceph::profile::params::frontend_type,
     rgw_frontends      => $ceph::profile::params::rgw_frontends,
+    rgw_swift_url      => $ceph::profile::params::rgw_swift_url,
+  }
+
+  if $ceph::profile::params::rgw_keystone_integration {
+    ceph::rgw::keystone { $rgw_name:
+      rgw_keystone_admin_domain   => $ceph::profile::params::rgw_keystone_admin_domain,
+      rgw_keystone_admin_project  => $ceph::profile::params::rgw_keystone_admin_project,
+      rgw_keystone_admin_user     => $ceph::profile::params::rgw_keystone_admin_user,
+      rgw_keystone_admin_password => $ceph::profile::params::rgw_keystone_admin_password,
+      rgw_keystone_url            => $ceph::profile::params::rgw_keystone_url,
+    }
+
+    class { 'ceph::rgw::keystone::auth':
+      password     => $ceph::profile::params::rgw_keystone_admin_password,
+      user         => $ceph::profile::params::rgw_keystone_admin_user,
+      tenant       => $ceph::profile::params::rgw_keystone_admin_project,
+      public_url   => $ceph::profile::params::rgw_swift_public_url,
+      admin_url    => $ceph::profile::params::rgw_swift_admin_url,
+      internal_url => $ceph::profile::params::rgw_swift_internal_url,
+      region       => $ceph::profile::params::rgw_swift_region,
+    }
   }
 }

manifests/rgw/keystone/auth.pp

@@ -5,12 +5,13 @@
 # === Parameters
 #
 # [*password*]
-#  Password for the RGW user. 
-#  Defaults to ceph::profile::params::rgw_keystone_admin_password
+#   Password for the RGW user. Required.
 #
 # [*user*]
-#   Username for the RGW user. Optional.
-#   Defaults to ceph::profile::params::rgw_keystone_admin_use
+#   Username for the RGW user. Required.
+#
+# [*tenant*]
+#   Tenant for user. Required.
 #
 # [*email*]
 #   Email for the RGW user. Optional.
@@ -36,10 +37,6 @@
 #   Region for endpoint. Optional.
 #   Defaults to 'RegionOne'
 #
-# [*tenant*]
-#   Tenant for user. Optional.
-#   Defaults to ceph::profile::params::rgw_keystone_admin_project
-#
 # [*service_description*]
 #   (Optional) Description of the service.
 #   Default to 'Ceph RGW Service'
@@ -59,15 +56,15 @@
 #   Defaults to undef
 #
 class ceph::rgw::keystone::auth (
-  $password            = $ceph::profile::params::rgw_keystone_admin_password,
-  $user                = $ceph::profile::params::rgw_keystone_admin_user,
+  $password,
+  $user,
+  $tenant,
   $email               = 'rgwuser@localhost',
   $roles               = ['admin'],
   $public_url          = 'http://127.0.0.1:8080/swift/v1',
   $admin_url           = 'http://127.0.0.1:8080/swift/v1',
   $internal_url        = 'http://127.0.0.1:8080/swift/v1',
   $region              = 'RegionOne',
-  $tenant              = $ceph::profile::params::rgw_keystone_admin_project,
   $service_description = 'Ceph RGW Service',
   $service_name        = 'swift',
   $service_type        = 'object-store',

releasenotes/notes/profole-rgw-keystone-ae3e12516963d52e.yaml

@@ -0,0 +1,11 @@
+---
+features:
+  - |
+    The new ``ceph::profile::params::rgw_keystone_integration`` parameter has
+    been added. This allows enabling Ceph RADOS Gateway integration with
+    OpenStack Keystone.
+
+upgrade:
+  - |
+    The ``ceph::profile::params::rgw_keystone_version`` parameter has been
+    removed.

spec/classes/ceph_profile_rgw_spec.rb

@@ -0,0 +1,41 @@
+require 'spec_helper'
+
+describe 'ceph::profile::rgw' do
+
+  shared_examples 'ceph profile rgw' do
+
+    it { should contain_ceph__rgw('radosgw.gateway').with(
+      :user          => 'ceph',
+      :frontend_type => 'beast',
+      :rgw_frontends => 'beast endpoint=127.0.0.1:8080',
+      :rgw_swift_url => 'http://127.0.0.1:8080',
+    ) }
+    it { should contain_ceph__rgw__keystone('radosgw.gateway').with(
+      :rgw_keystone_admin_domain   => 'Default',
+      :rgw_keystone_admin_project  => 'services',
+      :rgw_keystone_admin_user     => 'rgwuser',
+      :rgw_keystone_admin_password => 'secret',
+      :rgw_keystone_url            => 'http://127.0.0.1:5000'
+    ) }
+    it { should contain_class('ceph::rgw::keystone::auth').with(
+      :password     => 'secret',
+      :user         => 'rgwuser',
+      :tenant       => 'services',
+      :public_url   => 'http://127.0.0.1:8080/swift/v1',
+      :admin_url    => 'http://127.0.0.1:8080/swift/v1',
+      :internal_url => 'http://127.0.0.1:8080/swift/v1',
+    ) }
+  end
+
+  on_supported_os({
+    :supported_os => OSDefaults.get_supported_os
+  }).each do |os,facts|
+    context "on #{os}" do
+      let (:facts) do
+        facts.merge!(OSDefaults.get_facts())
+      end
+
+      it_behaves_like 'ceph profile rgw'
+    end
+  end
+end

spec/fixtures/hieradata/common.yaml

@@ -26,6 +26,20 @@ ceph::profile::params::osd_op_threads: '2'
 ceph::profile::params::fs_name: 'fs_name'
 ceph::profile::params::fs_metadata_pool: 'metadata_pool'
 ceph::profile::params::fs_data_pool: 'data_pool'
+ceph::profile::params::rgw_user: 'ceph'
+ceph::profile::params::frontend_type: 'beast'
+ceph::profile::params::rgw_frontends: 'beast endpoint=127.0.0.1:8080'
+ceph::profile::params::rgw_swift_url: 'http://127.0.0.1:8080'
+ceph::profile::params::rgw_keystone_integration: true
+ceph::profile::params::rgw_keystone_url: 'http://127.0.0.1:5000'
+ceph::profile::params::rgw_keystone_admin_domain: 'Default'
+ceph::profile::params::rgw_keystone_admin_project: 'services'
+ceph::profile::params::rgw_keystone_admin_user: 'rgwuser'
+ceph::profile::params::rgw_keystone_admin_password: 'secret'
+ceph::profile::params::rgw_swift_public_url: 'http://127.0.0.1:8080/swift/v1'
+ceph::profile::params::rgw_swift_admin_url: 'http://127.0.0.1:8080/swift/v1'
+ceph::profile::params::rgw_swift_internal_url: 'http://127.0.0.1:8080/swift/v1'
+ceph::profile::params::rgw_swift_region: 'RegionOne'
 
 ######## Keys
 ceph::profile::params::mds_key: 'AQDLOh1VgEp6FRAAFzT7Zw+Y9V6JJExQAsRnRQ=='