Merge "Allow tripleo_cephadm to process tls info when provided"
This commit is contained in:
commit
f01c7a2b37
|
@ -42,7 +42,8 @@ ALLOWED_SPEC_KEYS = {
|
|||
'rgw_frontend_type',
|
||||
'rgw_realm',
|
||||
'rgw_zone',
|
||||
'rgw_ip_address'
|
||||
'rgw_ip_address',
|
||||
'rgw_frontend_ssl_certificate'
|
||||
],
|
||||
'nfs': [
|
||||
'namespace',
|
||||
|
@ -206,8 +207,8 @@ class CephDaemonSpec(object):
|
|||
|
||||
# append the spec if provided
|
||||
if len(self.spec.keys()) > 0:
|
||||
if(self.validate_keys(self.spec.keys(), ALLOWED_SPEC_KEYS)):
|
||||
sp = {'spec': self.spec}
|
||||
if self.validate_keys(self.spec.keys(), ALLOWED_SPEC_KEYS):
|
||||
sp = {'spec': self.filter_spec(self.spec)}
|
||||
else:
|
||||
raise Exception("Fatal: the spec should be composed by only allowed keywords")
|
||||
|
||||
|
@ -215,6 +216,9 @@ class CephDaemonSpec(object):
|
|||
spec_template = {**spec_template, **ntw, **self.extra, **pl, **sp}
|
||||
return spec_template
|
||||
|
||||
def filter_spec(self, spec):
|
||||
return {k: v for k, v in spec.items() if v}
|
||||
|
||||
def validate_keys(self, spec, ALLOWED_KEYS):
|
||||
'''
|
||||
When the spec section is created, if constraints are
|
||||
|
|
|
@ -184,11 +184,21 @@ def render(path, content):
|
|||
if path is not None and len(path) > 0:
|
||||
with open(path, 'w') as f:
|
||||
f.write('---\n')
|
||||
f.write(yaml.dump(content, indent=2))
|
||||
f.write(yaml.safe_dump(content, indent=2))
|
||||
else:
|
||||
print('Nothing to dump!')
|
||||
|
||||
|
||||
def repr_str(dumper, data):
|
||||
if '\n' in data:
|
||||
return dumper.represent_scalar(u'tag:yaml.org,2002:str', data, style='|')
|
||||
return dumper.org_represent_str(data)
|
||||
|
||||
|
||||
yaml.SafeDumper.org_represent_str = yaml.SafeDumper.represent_str
|
||||
yaml.add_representer(str, repr_str, Dumper=yaml.SafeDumper)
|
||||
|
||||
|
||||
def run_module():
|
||||
|
||||
module = AnsibleModule(
|
||||
|
|
|
@ -44,5 +44,6 @@ tripleo_cephadm_conf_overrides: {}
|
|||
tripleo_cephadm_fsid_list: []
|
||||
tripleo_cephadm_fqdn: false
|
||||
tripleo_cephadm_crush_rules: []
|
||||
tripleo_cephadm_internal_tls_enabled: false
|
||||
# todo(fultonj) add is_hci boolean for target memory
|
||||
# https://lists.ceph.io/hyperkitty/list/dev@ceph.io/thread/Z77XO23JPXDNHKM7IG6UN4URYKA6L7VH/
|
||||
|
|
|
@ -39,11 +39,19 @@
|
|||
rgw_frontend_port: "{{ radosgw_frontend_port }}"
|
||||
rgw_realm: 'default'
|
||||
rgw_zone: 'default'
|
||||
rgw_frontend_ssl_certificate: "{{ rgw_frontend_cert }}"
|
||||
render_path: "{{ tripleo_cephadm_spec_home }}"
|
||||
networks: "{{ radosgw_address_block }}"
|
||||
register: spc
|
||||
environment:
|
||||
CEPH_CONTAINER_IMAGE: "{{ tripleo_cephadm_container_ns + '/' + tripleo_cephadm_container_image + ':' + tripleo_cephadm_container_tag }}"
|
||||
CEPH_CONTAINER_BINARY: "{{ tripleo_cephadm_container_cli }}"
|
||||
vars:
|
||||
rgw_frontend_cert: |-
|
||||
{% set fcert_lookup = '' %}
|
||||
{% if tripleo_cephadm_internal_tls_enabled | bool %}
|
||||
{% set fcert_lookup = lookup('file', radosgw_frontend_ssl_certificate) %}
|
||||
{% endif %}
|
||||
{{ fcert_lookup }}
|
||||
when:
|
||||
- tripleo_enabled_services | intersect(['ceph_rgw'])
|
||||
|
|
|
@ -122,3 +122,4 @@
|
|||
tripleo_enabled_services: {{ enabled_services | default([]) }}
|
||||
tripleo_cephadm_fqdn: "{{ ceph_spec_fqdn | bool }}"
|
||||
tripleo_cephadm_spec_ansible_host: "{{ tripleo_run_cephadm_spec_path }}"
|
||||
tripleo_cephadm_internal_tls_enabled: "{{ enable_internal_tls }}"
|
||||
|
|
Loading…
Reference in New Issue