Merge "Allow tripleo_cephadm to process tls info when provided"
This commit is contained in:
commit
f01c7a2b37
|
@ -42,7 +42,8 @@ ALLOWED_SPEC_KEYS = {
|
||||||
'rgw_frontend_type',
|
'rgw_frontend_type',
|
||||||
'rgw_realm',
|
'rgw_realm',
|
||||||
'rgw_zone',
|
'rgw_zone',
|
||||||
'rgw_ip_address'
|
'rgw_ip_address',
|
||||||
|
'rgw_frontend_ssl_certificate'
|
||||||
],
|
],
|
||||||
'nfs': [
|
'nfs': [
|
||||||
'namespace',
|
'namespace',
|
||||||
|
@ -206,8 +207,8 @@ class CephDaemonSpec(object):
|
||||||
|
|
||||||
# append the spec if provided
|
# append the spec if provided
|
||||||
if len(self.spec.keys()) > 0:
|
if len(self.spec.keys()) > 0:
|
||||||
if(self.validate_keys(self.spec.keys(), ALLOWED_SPEC_KEYS)):
|
if self.validate_keys(self.spec.keys(), ALLOWED_SPEC_KEYS):
|
||||||
sp = {'spec': self.spec}
|
sp = {'spec': self.filter_spec(self.spec)}
|
||||||
else:
|
else:
|
||||||
raise Exception("Fatal: the spec should be composed by only allowed keywords")
|
raise Exception("Fatal: the spec should be composed by only allowed keywords")
|
||||||
|
|
||||||
|
@ -215,6 +216,9 @@ class CephDaemonSpec(object):
|
||||||
spec_template = {**spec_template, **ntw, **self.extra, **pl, **sp}
|
spec_template = {**spec_template, **ntw, **self.extra, **pl, **sp}
|
||||||
return spec_template
|
return spec_template
|
||||||
|
|
||||||
|
def filter_spec(self, spec):
|
||||||
|
return {k: v for k, v in spec.items() if v}
|
||||||
|
|
||||||
def validate_keys(self, spec, ALLOWED_KEYS):
|
def validate_keys(self, spec, ALLOWED_KEYS):
|
||||||
'''
|
'''
|
||||||
When the spec section is created, if constraints are
|
When the spec section is created, if constraints are
|
||||||
|
|
|
@ -184,11 +184,21 @@ def render(path, content):
|
||||||
if path is not None and len(path) > 0:
|
if path is not None and len(path) > 0:
|
||||||
with open(path, 'w') as f:
|
with open(path, 'w') as f:
|
||||||
f.write('---\n')
|
f.write('---\n')
|
||||||
f.write(yaml.dump(content, indent=2))
|
f.write(yaml.safe_dump(content, indent=2))
|
||||||
else:
|
else:
|
||||||
print('Nothing to dump!')
|
print('Nothing to dump!')
|
||||||
|
|
||||||
|
|
||||||
|
def repr_str(dumper, data):
|
||||||
|
if '\n' in data:
|
||||||
|
return dumper.represent_scalar(u'tag:yaml.org,2002:str', data, style='|')
|
||||||
|
return dumper.org_represent_str(data)
|
||||||
|
|
||||||
|
|
||||||
|
yaml.SafeDumper.org_represent_str = yaml.SafeDumper.represent_str
|
||||||
|
yaml.add_representer(str, repr_str, Dumper=yaml.SafeDumper)
|
||||||
|
|
||||||
|
|
||||||
def run_module():
|
def run_module():
|
||||||
|
|
||||||
module = AnsibleModule(
|
module = AnsibleModule(
|
||||||
|
|
|
@ -44,5 +44,6 @@ tripleo_cephadm_conf_overrides: {}
|
||||||
tripleo_cephadm_fsid_list: []
|
tripleo_cephadm_fsid_list: []
|
||||||
tripleo_cephadm_fqdn: false
|
tripleo_cephadm_fqdn: false
|
||||||
tripleo_cephadm_crush_rules: []
|
tripleo_cephadm_crush_rules: []
|
||||||
|
tripleo_cephadm_internal_tls_enabled: false
|
||||||
# todo(fultonj) add is_hci boolean for target memory
|
# todo(fultonj) add is_hci boolean for target memory
|
||||||
# https://lists.ceph.io/hyperkitty/list/dev@ceph.io/thread/Z77XO23JPXDNHKM7IG6UN4URYKA6L7VH/
|
# https://lists.ceph.io/hyperkitty/list/dev@ceph.io/thread/Z77XO23JPXDNHKM7IG6UN4URYKA6L7VH/
|
||||||
|
|
|
@ -39,11 +39,19 @@
|
||||||
rgw_frontend_port: "{{ radosgw_frontend_port }}"
|
rgw_frontend_port: "{{ radosgw_frontend_port }}"
|
||||||
rgw_realm: 'default'
|
rgw_realm: 'default'
|
||||||
rgw_zone: 'default'
|
rgw_zone: 'default'
|
||||||
|
rgw_frontend_ssl_certificate: "{{ rgw_frontend_cert }}"
|
||||||
render_path: "{{ tripleo_cephadm_spec_home }}"
|
render_path: "{{ tripleo_cephadm_spec_home }}"
|
||||||
networks: "{{ radosgw_address_block }}"
|
networks: "{{ radosgw_address_block }}"
|
||||||
register: spc
|
register: spc
|
||||||
environment:
|
environment:
|
||||||
CEPH_CONTAINER_IMAGE: "{{ tripleo_cephadm_container_ns + '/' + tripleo_cephadm_container_image + ':' + tripleo_cephadm_container_tag }}"
|
CEPH_CONTAINER_IMAGE: "{{ tripleo_cephadm_container_ns + '/' + tripleo_cephadm_container_image + ':' + tripleo_cephadm_container_tag }}"
|
||||||
CEPH_CONTAINER_BINARY: "{{ tripleo_cephadm_container_cli }}"
|
CEPH_CONTAINER_BINARY: "{{ tripleo_cephadm_container_cli }}"
|
||||||
|
vars:
|
||||||
|
rgw_frontend_cert: |-
|
||||||
|
{% set fcert_lookup = '' %}
|
||||||
|
{% if tripleo_cephadm_internal_tls_enabled | bool %}
|
||||||
|
{% set fcert_lookup = lookup('file', radosgw_frontend_ssl_certificate) %}
|
||||||
|
{% endif %}
|
||||||
|
{{ fcert_lookup }}
|
||||||
when:
|
when:
|
||||||
- tripleo_enabled_services | intersect(['ceph_rgw'])
|
- tripleo_enabled_services | intersect(['ceph_rgw'])
|
||||||
|
|
|
@ -122,3 +122,4 @@
|
||||||
tripleo_enabled_services: {{ enabled_services | default([]) }}
|
tripleo_enabled_services: {{ enabled_services | default([]) }}
|
||||||
tripleo_cephadm_fqdn: "{{ ceph_spec_fqdn | bool }}"
|
tripleo_cephadm_fqdn: "{{ ceph_spec_fqdn | bool }}"
|
||||||
tripleo_cephadm_spec_ansible_host: "{{ tripleo_run_cephadm_spec_path }}"
|
tripleo_cephadm_spec_ansible_host: "{{ tripleo_run_cephadm_spec_path }}"
|
||||||
|
tripleo_cephadm_internal_tls_enabled: "{{ enable_internal_tls }}"
|
||||||
|
|
Loading…
Reference in New Issue