# Configure the Ceph services # # [*deploy_rgw*] # (optional) Setting flag to enable the deployment of Ceph RadosGW and # configure various services to use Swift provided by RGW as a backend. # Defaults to false # # [*pg_num*] # (optional) Number of PGs per pool. # Defaults to 16. # # [*create_cephfs*] # (optional) Flag if CephFS will be created. # Defaults to false # # [*ceph_pools*] # (optional) Ceph pools # Defaults to ['glance', 'nova'] # class openstack_integration::ceph ( $deploy_rgw = false, $pg_num = 16, $create_cephfs = false, $ceph_pools = ['glance', 'nova'] ) { include openstack_integration::config if $::openstack_integration::config::ipv6 { $ms_bind_ipv4 = false $ms_bind_ipv6 = true } else { $ms_bind_ipv4 = true $ms_bind_ipv6 = false } ensure_packages(['lvm2'], {'ensure' => 'present', before => Exec['lvm_create']}) exec { 'lvm_create': command => "/bin/true # comment to satisfy puppet syntax requirements truncate --size=10G /diskimage.img losetup /dev/loop0 /diskimage.img pvcreate /dev/loop0 vgcreate ceph_vg /dev/loop0 sleep 5 lvcreate -n lv_data -a y -l 100%FREE ceph_vg ", unless => "/bin/true # comment to satisfy puppet syntax requirements set -ex test -b /dev/ceph_vg/lv_data ", logoutput => true, } Exec['lvm_create'] -> Class['Ceph::Osds'] class { 'ceph::params': # Since Quincy, the ceph-volume command is provided by the separate package packages => ['ceph', 'ceph-volume'] } $rgw_frontends = $::openstack_integration::config::ssl ? { true => [ 'beast', "ssl_endpoint=${::openstack_integration::config::ip_for_url}:8080", "ssl_private_key=/etc/ceph/ssl/private/${facts['networking']['fqdn']}.pem", "ssl_certificate=${::openstack_integration::params::cert_path}" ], default => [ 'beast', "endpoint=${::openstack_integration::config::ip_for_url}:8080" ] } class { 'ceph::profile::params': fsid => '7200aea0-2ddd-4a32-aa2a-d49f66ab554c', manage_repo => false, # repo already managed in openstack_integration::repo ms_bind_ipv4 => $ms_bind_ipv4, ms_bind_ipv6 => $ms_bind_ipv6, authentication_type => 'cephx', mon_host => $::openstack_integration::config::ip_for_url, mon_initial_members => $facts['networking']['hostname'], osd_pool_default_size => '1', osd_pool_default_min_size => '1', mon_key => 'AQD7kyJQQGoOBhAAqrPAqSopSwPrrfMMomzVdw==', mgr_key => 'AQD7kyJQQGoOBhAAqrPAqSopSwPrrfMMomzVdw==', mds_key => 'AQD7kyJQQGoOBhAAqrPAqSopSwPrrfMMomzVdw==', osd_max_object_name_len => 256, osd_max_object_namespace_len => 64, client_keys => { 'client.admin' => { 'secret' => 'AQD7kyJQQGoOBhAAqrPAqSopSwPrrfMMomzVdw==', 'mode' => '0600', 'cap_mon' => 'allow *', 'cap_osd' => 'allow *', 'cap_mds' => 'allow *', }, 'client.bootstrap-osd' => { 'secret' => 'AQD7kyJQQGoOBhAAqrPAqSopSwPrrfMMomzVdw==', 'keyring_path' => '/var/lib/ceph/bootstrap-osd/ceph.keyring', 'cap_mon' => 'allow profile bootstrap-osd', }, 'client.openstack' => { 'secret' => 'AQD7kyJQQGoOBhAAqrPAqSopSwPrrfMMomzVdw==', 'mode' => '0644', 'cap_mon' => 'profile rbd', 'cap_osd' => 'profile rbd pool=cinder, profile rbd pool=nova, profile rbd pool=glance, profile rbd pool=gnocchi, profile rbd pool=backups', }, 'client.manila' => { 'secret' => 'AQD7kyJQQGoOBhAAqrPAqSopSwPrrfMMomzVdw==', 'mode' => '0644', 'cap_mgr' => 'allow rw', 'cap_mon' => 'allow r', }, 'client.radosgw.gateway' => { 'user' => 'ceph', 'secret' => 'AQD7kyJQQGoOBhAAqrPAqSopSwPrrfMMomzVdw==', 'cap_mon' => 'allow rwx', 'cap_osd' => 'allow rwx', 'inject' => true, } }, osds => { 'ceph_vg/lv_data' => {}, }, # Configure Ceph RadosGW # These could be always set in the above call to ceph::profile::params frontend_type => 'beast', rgw_frontends => join($rgw_frontends, ' '), rgw_user => 'ceph', rgw_keystone_integration => true, rgw_keystone_url => $::openstack_integration::config::keystone_admin_uri, rgw_keystone_admin_domain => 'Default', rgw_keystone_admin_user => 'rgwuser', rgw_keystone_admin_password => 'secret', rgw_keystone_admin_project => 'services', rgw_swift_url => "${::openstack_integration::config::base_url}:8080", rgw_swift_public_url => "${::openstack_integration::config::base_url}:8080/swift/v1", rgw_swift_admin_url => "${::openstack_integration::config::base_url}:8080/swift/v1", rgw_swift_internal_url => "${::openstack_integration::config::base_url}:8080/swift/v1", rbd_default_features => '15', } ceph::pool { $ceph_pools: pg_num => $pg_num, } class { 'ceph::profile::mgr': } class { 'ceph::profile::mon': } class { 'ceph::profile::osd': } if $create_cephfs { ceph::pool { ['cephfs_data', 'cephfs_metadata']: pg_num => $pg_num, } -> ceph::fs { 'cephfs': metadata_pool => 'cephfs_metadata', data_pool => 'cephfs_data', } ~> exec { 'enable cephfs snapshot': command => 'ceph fs set cephfs allow_new_snaps true', path => ['/bin', '/usr/bin'], refreshonly => true, tag => 'create-cephfs', } class { 'ceph::profile::mds': } } # Extra Ceph configuration to increase performances $ceph_extra_config = { 'global/osd_journal_size' => { value => '100' }, } class { 'ceph::conf': args => $ceph_extra_config, } if $deploy_rgw { if $::openstack_integration::config::ssl { openstack_integration::ssl_key { 'ceph': require => Package['ceph'], } Openstack_integration::Ssl_key['ceph'] ~> Service<| tag == 'ceph-radosgw' |> Exec['update-ca-certificates'] ~> Service<| tag == 'ceph-radosgw' |> } class { 'ceph::profile::rgw': } Service<| tag == 'ceph-radosgw' |> -> Service <| tag == 'glance-service' |> } }