Simplify cephadm service templates
Removes a number of unnecessary resources and conditions. Change-Id: I38e27b9479f709f78f4a9a20d16ad3bb702cf64f
This commit is contained in:
ramishra
parent
a28c3e4c5e
commit
03213d643e
@ -383,18 +383,10 @@ parameter_groups:
|
||||
- CephOsdPercentageMin
|
||||
|
||||
conditions:
|
||||
msgr_secure_mode: {equals: [{get_param: CephMsgrSecureMode}, true]}
|
||||
custom_registry_host:
|
||||
yaql:
|
||||
data: {get_param: ContainerCephDaemonImage}
|
||||
expression: $.data.split('/')[0].matches('(\.|:)')
|
||||
perform_upgrade:
|
||||
equals: [{get_param: StackUpdateType}, 'UPGRADE']
|
||||
ceph_ansible_skip_tags_set:
|
||||
not:
|
||||
equals:
|
||||
- {get_param: CephAnsibleSkipTags}
|
||||
- ''
|
||||
ceph_authenticated_registry:
|
||||
and:
|
||||
- not:
|
||||
@ -415,11 +407,6 @@ conditions:
|
||||
expression: let(location => $.data.rightSplit(':', 1)[0]) -> regex('(?:https?://)?(.*?)/(.*)').split($location)[1]
|
||||
data: {get_param: ContainerCephDaemonImage}
|
||||
expression: let(c => $.data.cred) -> $c.get($.data.ns, {}).values().last(default => "").isEmpty()
|
||||
is_ipv6:
|
||||
equals:
|
||||
- {get_param: [ServiceData, net_ip_version_map, {get_param: [ServiceNetMap, CephMonNetwork]}]}
|
||||
- 6
|
||||
internal_tls_enabled: {equals: [{get_param: EnableInternalTLS}, true]}
|
||||
|
||||
resources:
|
||||
ContainerImageUrlParts:
|
||||
@ -448,98 +435,15 @@ resources:
|
||||
expression: $.data.rightSplit(':', 1)[1]
|
||||
data: {get_param: ContainerCephDaemonImage}
|
||||
|
||||
MsgrSecureModeOverrides:
|
||||
type: OS::Heat::Value
|
||||
properties:
|
||||
type: json
|
||||
value:
|
||||
vars:
|
||||
global:
|
||||
ms_cluster_mode: secure
|
||||
ms_service_mode: secure
|
||||
ms_client_mode: secure
|
||||
|
||||
DefaultCephConfigOverrides:
|
||||
type: OS::Heat::Value
|
||||
properties:
|
||||
type: json
|
||||
value:
|
||||
vars:
|
||||
global:
|
||||
osd_pool_default_size: {get_param: CephPoolDefaultSize}
|
||||
osd_pool_default_pg_num: {get_param: CephPoolDefaultPgNum}
|
||||
osd_pool_default_pgp_num: {get_param: CephPoolDefaultPgNum}
|
||||
|
||||
CephBasePoolVars:
|
||||
type: OS::Heat::Value
|
||||
properties:
|
||||
type: json
|
||||
value:
|
||||
vars:
|
||||
gnocchi_pool:
|
||||
name: {get_param: GnocchiRbdPoolName}
|
||||
enabled:
|
||||
if:
|
||||
- equals:
|
||||
- {get_param: GnocchiBackend}
|
||||
- 'rbd'
|
||||
- true
|
||||
- false
|
||||
nova_pool:
|
||||
name: {get_param: NovaRbdPoolName}
|
||||
enabled: {get_param: NovaEnableRbdBackend}
|
||||
glance_pool:
|
||||
name: {get_param: GlanceRbdPoolName}
|
||||
enabled:
|
||||
if:
|
||||
- equals:
|
||||
- {get_param: GlanceBackend}
|
||||
- 'rbd'
|
||||
- true
|
||||
- false
|
||||
cinder_pool:
|
||||
name: {get_param: CinderRbdPoolName}
|
||||
enabled: {get_param: CinderEnableRbdBackend}
|
||||
cinder_extra_pools: {get_param: CinderRbdExtraPools}
|
||||
cinder_backup_pool:
|
||||
name: {get_param: CinderBackupRbdPoolName}
|
||||
enabled:
|
||||
if:
|
||||
- equals:
|
||||
- {get_param: CinderBackupBackend}
|
||||
- 'ceph'
|
||||
- true
|
||||
- false
|
||||
extra_pools: {get_param: CephPools}
|
||||
pg_num: {get_param: CephPoolDefaultPgNum}
|
||||
|
||||
CephManilaPoolVars:
|
||||
type: OS::Heat::Value
|
||||
properties:
|
||||
type: json
|
||||
value:
|
||||
vars:
|
||||
data: {get_param: ManilaCephFSDataPoolName}
|
||||
metadata: {get_param: ManilaCephFSMetadataPoolName}
|
||||
data_pg_num: {get_param: CephPoolDefaultPgNum}
|
||||
metadata_pg_num: {get_param: CephPoolDefaultPgNum}
|
||||
|
||||
CephKeyVars:
|
||||
type: OS::Heat::Value
|
||||
properties:
|
||||
type: json
|
||||
value:
|
||||
vars:
|
||||
openstack_client:
|
||||
name: {get_param: CephClientUserName}
|
||||
key: {get_param: CephClientKey}
|
||||
manila:
|
||||
name: {get_param: ManilaCephFSCephFSAuthId}
|
||||
key: {get_param: CephManilaClientKey}
|
||||
radosgw:
|
||||
name: {get_param: CephRgwClientName}
|
||||
key: {get_param: CephRgwKey}
|
||||
extra_keys: {get_param: CephExtraKeys}
|
||||
osd_pool_default_size: {get_param: CephPoolDefaultSize}
|
||||
osd_pool_default_pg_num: {get_param: CephPoolDefaultPgNum}
|
||||
osd_pool_default_pgp_num: {get_param: CephPoolDefaultPgNum}
|
||||
|
||||
CephAdmVars:
|
||||
type: OS::Heat::Value
|
||||
@ -606,26 +510,75 @@ outputs:
|
||||
name: tripleo_run_cephadm
|
||||
tasks_from: prepare.yml
|
||||
vars:
|
||||
ceph_pools: {get_attr: [CephBasePoolVars, value, vars]}
|
||||
manila_pools: {get_attr: [CephManilaPoolVars, value, vars]}
|
||||
ceph_keys: {get_attr: [CephKeyVars, value, vars]}
|
||||
ceph_pools:
|
||||
gnocchi_pool:
|
||||
name: {get_param: GnocchiRbdPoolName}
|
||||
enabled:
|
||||
if:
|
||||
- equals:
|
||||
- {get_param: GnocchiBackend}
|
||||
- 'rbd'
|
||||
- true
|
||||
- false
|
||||
nova_pool:
|
||||
name: {get_param: NovaRbdPoolName}
|
||||
enabled: {get_param: NovaEnableRbdBackend}
|
||||
glance_pool:
|
||||
name: {get_param: GlanceRbdPoolName}
|
||||
enabled:
|
||||
if:
|
||||
- equals:
|
||||
- {get_param: GlanceBackend}
|
||||
- 'rbd'
|
||||
- true
|
||||
- false
|
||||
cinder_pool:
|
||||
name: {get_param: CinderRbdPoolName}
|
||||
enabled: {get_param: CinderEnableRbdBackend}
|
||||
cinder_extra_pools: {get_param: CinderRbdExtraPools}
|
||||
cinder_backup_pool:
|
||||
name: {get_param: CinderBackupRbdPoolName}
|
||||
enabled:
|
||||
if:
|
||||
- equals:
|
||||
- {get_param: CinderBackupBackend}
|
||||
- 'ceph'
|
||||
- true
|
||||
- false
|
||||
extra_pools: {get_param: CephPools}
|
||||
pg_num: {get_param: CephPoolDefaultPgNum}
|
||||
manila_pools:
|
||||
data: {get_param: ManilaCephFSDataPoolName}
|
||||
metadata: {get_param: ManilaCephFSMetadataPoolName}
|
||||
data_pg_num: {get_param: CephPoolDefaultPgNum}
|
||||
metadata_pg_num: {get_param: CephPoolDefaultPgNum}
|
||||
ceph_keys:
|
||||
openstack_client:
|
||||
name: {get_param: CephClientUserName}
|
||||
key: {get_param: CephClientKey}
|
||||
manila:
|
||||
name: {get_param: ManilaCephFSCephFSAuthId}
|
||||
key: {get_param: CephManilaClientKey}
|
||||
radosgw:
|
||||
name: {get_param: CephRgwClientName}
|
||||
key: {get_param: CephRgwKey}
|
||||
extra_keys: {get_param: CephExtraKeys}
|
||||
ceph_config_overrides: {get_param: CephConfigOverrides}
|
||||
tripleo_run_cephadm_spec_path: {get_param: CephSpecPath}
|
||||
tripleo_cephadm_dynamic_spec: {get_param: CephDynamicSpec}
|
||||
ceph_spec_fqdn: {get_param: CephSpecFqdn}
|
||||
ceph_osd_spec: {get_param: CephOsdSpec}
|
||||
ceph_default_overrides:
|
||||
if:
|
||||
- msgr_secure_mode
|
||||
- yaql:
|
||||
expression: ($.data.default).mergeWith($.data.secure)
|
||||
data:
|
||||
default: {get_attr: [DefaultCephConfigOverrides, value, vars]}
|
||||
secure: {get_attr: [MsgrSecureModeOverrides, value, vars]}
|
||||
- {get_attr: [DefaultCephConfigOverrides, value, vars]}
|
||||
cephadm_extra_vars: # cephadm execution
|
||||
map_merge:
|
||||
- {get_attr: [CephAdmVars, value, vars]}
|
||||
global:
|
||||
if:
|
||||
- {get_param: CephMsgrSecureMode}
|
||||
- map_merge:
|
||||
- {get_attr: [DefaultCephConfigOverrides, value, vars]}
|
||||
- ms_cluster_mode: secure
|
||||
ms_service_mode: secure
|
||||
ms_client_mode: secure
|
||||
- {get_attr: [DefaultCephConfigOverrides, value, vars]}
|
||||
cephadm_extra_vars: {get_attr: [CephAdmVars, value, vars]}
|
||||
ceph_admin_extra_vars: # user creation
|
||||
tripleo_admin_generate_key: false
|
||||
distribute_private_key: true
|
||||
|
||||
@ -79,22 +79,6 @@ resources:
|
||||
RoleName: {get_param: RoleName}
|
||||
RoleParameters: {get_param: RoleParameters}
|
||||
|
||||
CephClientAnsibleVars:
|
||||
type: OS::Heat::Value
|
||||
properties:
|
||||
type: json
|
||||
value:
|
||||
vars: {}
|
||||
|
||||
CephClientConfigOverrides:
|
||||
type: OS::Heat::Value
|
||||
properties:
|
||||
type: json
|
||||
value:
|
||||
vars:
|
||||
client:
|
||||
rbd_concurrent_management_ops: 20
|
||||
|
||||
outputs:
|
||||
role_data:
|
||||
description: Role data for the Ceph Client service.
|
||||
|
||||
@ -46,14 +46,6 @@ resources:
|
||||
RoleName: {get_param: RoleName}
|
||||
RoleParameters: {get_param: RoleParameters}
|
||||
|
||||
CephExternalAnsibleVars:
|
||||
type: OS::Heat::Value
|
||||
properties:
|
||||
type: json
|
||||
value:
|
||||
vars:
|
||||
external_cluster_mon_ips: {get_param: CephExternalMonHost}
|
||||
|
||||
outputs:
|
||||
role_data:
|
||||
description: Role data for the Ceph External service.
|
||||
@ -76,6 +68,7 @@ outputs:
|
||||
block:
|
||||
- name: set ceph-ansible group vars clients
|
||||
set_fact:
|
||||
ceph_ansible_group_vars_clients: {get_attr: [CephExternalAnsibleVars, value, vars]}
|
||||
ceph_ansible_group_vars_clients:
|
||||
external_cluster_mon_ips: {get_param: CephExternalMonHost}
|
||||
external_update_tasks: []
|
||||
external_upgrade_tasks: []
|
||||
|
||||
@ -83,8 +83,8 @@ parameters:
|
||||
certificate for this service
|
||||
|
||||
conditions:
|
||||
internal_tls_enabled: {equals: [{get_param: EnableInternalTLS}, true]}
|
||||
key_size_override_unset: {equals: [{get_param: GrafanaCertificateKeySize}, '']}
|
||||
key_size_override_set:
|
||||
not: {equals: [{get_param: GrafanaCertificateKeySize}, '']}
|
||||
|
||||
resources:
|
||||
CephBase:
|
||||
@ -148,25 +148,18 @@ outputs:
|
||||
set_fact:
|
||||
ceph_monitoring_stack:
|
||||
if:
|
||||
- internal_tls_enabled
|
||||
- yaql:
|
||||
data:
|
||||
default:
|
||||
map_merge:
|
||||
- {get_attr: [CephGrafanaAnsibleVars, value, vars]}
|
||||
certmap:
|
||||
tripleo_cephadm_grafana_crt: '/etc/pki/tls/certs/ceph_grafana.crt'
|
||||
tripleo_cephadm_grafana_key: '/etc/pki/tls/private/ceph_grafana.key'
|
||||
expression: $.data.default.mergeWith($.data.certmap)
|
||||
- {get_param: EnableInternalTLS}
|
||||
- map_merge:
|
||||
- {get_attr: [CephGrafanaAnsibleVars, value, vars]}
|
||||
- tripleo_cephadm_grafana_crt: '/etc/pki/tls/certs/ceph_grafana.crt'
|
||||
tripleo_cephadm_grafana_key: '/etc/pki/tls/private/ceph_grafana.key'
|
||||
- {get_attr: [CephGrafanaAnsibleVars, value, vars]}
|
||||
metadata_settings:
|
||||
if:
|
||||
- internal_tls_enabled
|
||||
-
|
||||
- service: ceph_grafana
|
||||
- {get_param: EnableInternalTLS}
|
||||
- - service: ceph_grafana
|
||||
network: {get_param: [ServiceNetMap, CephGrafanaNetwork]}
|
||||
type: node
|
||||
- null
|
||||
deploy_steps_tasks:
|
||||
- name: Certificate generation
|
||||
when:
|
||||
@ -197,7 +190,7 @@ outputs:
|
||||
fi
|
||||
key_size:
|
||||
if:
|
||||
- key_size_override_unset
|
||||
- {get_param: CertificateKeySize}
|
||||
- key_size_override_set
|
||||
- {get_param: GrafanaCertificateKeySize}
|
||||
- {get_param: CertificateKeySize}
|
||||
ca: ipa
|
||||
|
||||
@ -35,27 +35,6 @@ parameters:
|
||||
default: false
|
||||
description: Parameter used to trigger the dashboard deployment.
|
||||
|
||||
conditions:
|
||||
dashboard_enabled: {equals: [{get_param: CephEnableDashboard}, true]}
|
||||
|
||||
resources:
|
||||
CephBase:
|
||||
type: ./ceph-base.yaml
|
||||
properties:
|
||||
ServiceData: {get_param: ServiceData}
|
||||
ServiceNetMap: {get_param: ServiceNetMap}
|
||||
DefaultPasswords: {get_param: DefaultPasswords}
|
||||
EndpointMap: {get_param: EndpointMap}
|
||||
RoleName: {get_param: RoleName}
|
||||
RoleParameters: {get_param: RoleParameters}
|
||||
|
||||
CephMdsAnsibleVars:
|
||||
type: OS::Heat::Value
|
||||
properties:
|
||||
type: json
|
||||
value:
|
||||
vars: {}
|
||||
|
||||
outputs:
|
||||
role_data:
|
||||
description: Role data for the Ceph Metadata service.
|
||||
@ -67,9 +46,8 @@ outputs:
|
||||
list_concat:
|
||||
- - '6800-7300'
|
||||
- if:
|
||||
- dashboard_enabled
|
||||
- {get_param: CephEnableDashboard}
|
||||
- - '9100'
|
||||
- []
|
||||
puppet_config:
|
||||
config_image: ''
|
||||
config_volume: ''
|
||||
|
||||
@ -65,14 +65,12 @@ parameters:
|
||||
certificate for this service
|
||||
|
||||
conditions:
|
||||
dashboard_enabled: {equals: [{get_param: CephEnableDashboard}, true]}
|
||||
internal_tls_enabled:
|
||||
and:
|
||||
- dashboard_enabled
|
||||
- equals:
|
||||
- get_param: EnableInternalTLS
|
||||
- true
|
||||
key_size_override_unset: {equals: [{get_param: CephCertificateKeySize}, '']}
|
||||
- {get_param: CephEnableDashboard}
|
||||
- {get_param: EnableInternalTLS}
|
||||
key_size_override_set:
|
||||
not: {equals: [{get_param: CephCertificateKeySize}, '']}
|
||||
|
||||
resources:
|
||||
CephBase:
|
||||
@ -112,9 +110,8 @@ outputs:
|
||||
list_concat:
|
||||
- - '6800-7300'
|
||||
- if:
|
||||
- dashboard_enabled
|
||||
- {get_param: CephEnableDashboard}
|
||||
- - {get_param: CephDashboardPort}
|
||||
- []
|
||||
upgrade_tasks: []
|
||||
puppet_config:
|
||||
config_image: ''
|
||||
@ -133,26 +130,21 @@ outputs:
|
||||
set_fact:
|
||||
ceph_dashboard_vars:
|
||||
if:
|
||||
- dashboard_enabled
|
||||
- map_merge:
|
||||
- {get_param: CephEnableDashboard}
|
||||
- if:
|
||||
- internal_tls_enabled
|
||||
-
|
||||
map_merge:
|
||||
- {get_attr: [CephMgrAnsibleVars, value, vars]}
|
||||
- tripleo_cephadm_dashboard_crt: /etc/pki/tls/certs/ceph_dashboard.crt
|
||||
- tripleo_cephadm_dashboard_key: /etc/pki/tls/private/ceph_dashboard.key
|
||||
- tripleo_cephadm_dashboard_grafana_api_no_ssl_verify: true
|
||||
- map_merge:
|
||||
- {get_attr: [CephMgrAnsibleVars, value, vars]}
|
||||
- tripleo_cephadm_dashboard_crt: /etc/pki/tls/certs/ceph_dashboard.crt
|
||||
- tripleo_cephadm_dashboard_key: /etc/pki/tls/private/ceph_dashboard.key
|
||||
- tripleo_cephadm_dashboard_grafana_api_no_ssl_verify: true
|
||||
- {get_attr: [CephMgrAnsibleVars, value, vars]}
|
||||
- {}
|
||||
metadata_settings:
|
||||
if:
|
||||
- internal_tls_enabled
|
||||
-
|
||||
- service: ceph_dashboard
|
||||
- - service: ceph_dashboard
|
||||
network: {get_param: [ServiceNetMap, CephDashboardNetwork]}
|
||||
type: node
|
||||
- null
|
||||
deploy_steps_tasks:
|
||||
- name: Certificate generation
|
||||
when:
|
||||
@ -183,7 +175,7 @@ outputs:
|
||||
fi
|
||||
key_size:
|
||||
if:
|
||||
- key_size_override_unset
|
||||
- {get_param: CertificateKeySize}
|
||||
- key_size_override_set
|
||||
- {get_param: CephCertificateKeySize}
|
||||
- {get_param: CertificateKeySize}
|
||||
ca: ipa
|
||||
|
||||
@ -71,7 +71,6 @@ outputs:
|
||||
- if:
|
||||
- dashboard_enabled
|
||||
- - '9100'
|
||||
- []
|
||||
service_config_settings:
|
||||
collectd:
|
||||
tripleo.collectd.plugins.ceph_osd:
|
||||
|
||||
@ -45,22 +45,6 @@ resources:
|
||||
RoleName: {get_param: RoleName}
|
||||
RoleParameters: {get_param: RoleParameters}
|
||||
|
||||
CephNfsAnsibleVars:
|
||||
type: OS::Heat::Value
|
||||
properties:
|
||||
type: json
|
||||
value:
|
||||
vars:
|
||||
tripleo_cephadm_ceph_nfs_bind_addr: {get_param: [EndpointMap, GaneshaInternal, host_nobrackets]}
|
||||
tripleo_cephadm_ceph_nfs_enable_service: false
|
||||
tripleo_cephadm_ceph_nfs_use_pacemaker: true
|
||||
tripleo_cephadm_ceph_nfs_dynamic_exports: true
|
||||
tripleo_cephadm_ceph_nfs_service_suffix: pacemaker
|
||||
tripleo_cephadm_nfs_obj_gw: false
|
||||
tripleo_cephadm_ceph_nfs_rados_backend: true
|
||||
tripleo_cephadm_ceph_nfs_disable_caching: true
|
||||
tripleo_cephadm_ceph_nfs_ceph_user: {get_param: ManilaCephFSCephFSAuthId}
|
||||
|
||||
outputs:
|
||||
role_data:
|
||||
description: Role data for the Ceph NFS Ganesha service.
|
||||
@ -131,6 +115,15 @@ outputs:
|
||||
block:
|
||||
- name: set tripleo-ansible group vars
|
||||
set_fact:
|
||||
ceph_nfs_vars: {get_attr: [CephNfsAnsibleVars, value, vars]}
|
||||
ceph_nfs_vars:
|
||||
tripleo_cephadm_ceph_nfs_bind_addr: {get_param: [EndpointMap, GaneshaInternal, host_nobrackets]}
|
||||
tripleo_cephadm_ceph_nfs_enable_service: false
|
||||
tripleo_cephadm_ceph_nfs_use_pacemaker: true
|
||||
tripleo_cephadm_ceph_nfs_dynamic_exports: true
|
||||
tripleo_cephadm_ceph_nfs_service_suffix: pacemaker
|
||||
tripleo_cephadm_nfs_obj_gw: false
|
||||
tripleo_cephadm_ceph_nfs_rados_backend: true
|
||||
tripleo_cephadm_ceph_nfs_disable_caching: true
|
||||
tripleo_cephadm_ceph_nfs_ceph_user: {get_param: ManilaCephFSCephFSAuthId}
|
||||
external_update_tasks: []
|
||||
external_upgrade_tasks: []
|
||||
|
||||
@ -42,9 +42,6 @@ parameters:
|
||||
default: false
|
||||
description: Parameter used to trigger the dashboard deployment.
|
||||
|
||||
conditions:
|
||||
dashboard_enabled: {equals: [{get_param: CephEnableDashboard}, true]}
|
||||
|
||||
resources:
|
||||
CephBase:
|
||||
type: ./ceph-base.yaml
|
||||
@ -56,13 +53,6 @@ resources:
|
||||
RoleName: {get_param: RoleName}
|
||||
RoleParameters: {get_param: RoleParameters}
|
||||
|
||||
CephOsdAnsibleVars:
|
||||
type: OS::Heat::Value
|
||||
properties:
|
||||
type: json
|
||||
value:
|
||||
vars: {get_param: CephAnsibleDisksConfig}
|
||||
|
||||
outputs:
|
||||
role_data:
|
||||
description: Role data for the Ceph OSD service.
|
||||
@ -74,9 +64,8 @@ outputs:
|
||||
list_concat:
|
||||
- - '6800-7300'
|
||||
- if:
|
||||
- dashboard_enabled
|
||||
- {get_param: CephEnableDashboard}
|
||||
- - '9100'
|
||||
- []
|
||||
service_config_settings:
|
||||
collectd:
|
||||
tripleo.collectd.plugins.ceph_osd:
|
||||
@ -97,4 +86,4 @@ outputs:
|
||||
block:
|
||||
- name: Build disk list for cephadm
|
||||
set_fact:
|
||||
cephadm_disk_list: {get_attr: [CephOsdAnsibleVars, value, vars]}
|
||||
cephadm_disk_list: {get_param: CephAnsibleDisksConfig}
|
||||
|
||||
@ -54,18 +54,6 @@ parameters:
|
||||
/etc/ceph/<remote_cluster>.client.<remote_user>.keyring
|
||||
type: string
|
||||
|
||||
resources:
|
||||
CephBase:
|
||||
type: ./ceph-base.yaml
|
||||
properties:
|
||||
ServiceData: {get_param: ServiceData}
|
||||
ServiceNetMap: {get_param: ServiceNetMap}
|
||||
DefaultPasswords: {get_param: DefaultPasswords}
|
||||
EndpointMap: {get_param: EndpointMap}
|
||||
RoleName: {get_param: RoleName}
|
||||
RoleParameters: {get_param: RoleParameters}
|
||||
|
||||
|
||||
outputs:
|
||||
role_data:
|
||||
description: Role data for the Ceph RBD Mirror service.
|
||||
|
||||
@ -57,9 +57,8 @@ parameters:
|
||||
certificate for this service
|
||||
|
||||
conditions:
|
||||
dashboard_enabled: {equals: [{get_param: CephEnableDashboard}, true]}
|
||||
internal_tls_enabled: {equals: [{get_param: EnableInternalTLS}, true]}
|
||||
key_size_override_unset: {equals: [{get_param: CephRgwCertificateKeySize}, '']}
|
||||
key_size_override_set:
|
||||
not: {equals: [{get_param: CephRgwCertificateKeySize}, '']}
|
||||
|
||||
resources:
|
||||
CephBase:
|
||||
@ -89,29 +88,6 @@ resources:
|
||||
data: {get_param: [EndpointMap, CephRgwInternal]}
|
||||
expression: int($.data.port)
|
||||
|
||||
|
||||
CephRgwConfigOverrides:
|
||||
type: OS::Heat::Value
|
||||
properties:
|
||||
type: json
|
||||
value:
|
||||
vars:
|
||||
global:
|
||||
rgw_keystone_api_version: 3
|
||||
rgw_keystone_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
|
||||
rgw_keystone_accepted_roles: 'member, Member, admin'
|
||||
rgw_keystone_accepted_admin_roles: ResellerAdmin, swiftoperator
|
||||
rgw_keystone_admin_domain: default
|
||||
rgw_keystone_admin_project: service
|
||||
rgw_keystone_admin_user: swift
|
||||
rgw_keystone_admin_password: {get_param: SwiftPassword}
|
||||
rgw_keystone_implicit_tenants: 'true'
|
||||
rgw_keystone_revocation_interval: '0'
|
||||
rgw_s3_auth_use_keystone: 'true'
|
||||
rgw_swift_versioning_enabled: 'true'
|
||||
rgw_swift_account_in_url: 'true'
|
||||
rgw_trust_forwarded_https: 'true'
|
||||
|
||||
outputs:
|
||||
role_data:
|
||||
description: Role data for the Ceph RadosGW service.
|
||||
@ -123,9 +99,8 @@ outputs:
|
||||
list_concat:
|
||||
- - {get_param: [EndpointMap, CephRgwInternal, port]}
|
||||
- if:
|
||||
- dashboard_enabled
|
||||
- {get_param: CephEnableDashboard}
|
||||
- - '9100'
|
||||
- []
|
||||
keystone_resources:
|
||||
swift:
|
||||
endpoints:
|
||||
@ -163,20 +138,34 @@ outputs:
|
||||
set_fact:
|
||||
cephadm_rgw_vars:
|
||||
if:
|
||||
- internal_tls_enabled
|
||||
- {get_param: EnableInternalTLS}
|
||||
- map_merge:
|
||||
- {get_attr: [CephRgwAnsibleVars, value, vars]}
|
||||
- radosgw_frontend_ssl_certificate: '/etc/pki/tls/certs/ceph_rgw.pem'
|
||||
- {get_attr: [CephRgwAnsibleVars, value, vars]}
|
||||
ceph_rgw_config_overrides: {get_attr: [CephRgwConfigOverrides, value, vars]}
|
||||
ceph_rgw_config_overrides:
|
||||
global:
|
||||
rgw_keystone_api_version: 3
|
||||
rgw_keystone_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
|
||||
rgw_keystone_accepted_roles: 'member, Member, admin'
|
||||
rgw_keystone_accepted_admin_roles: ResellerAdmin, swiftoperator
|
||||
rgw_keystone_admin_domain: default
|
||||
rgw_keystone_admin_project: service
|
||||
rgw_keystone_admin_user: swift
|
||||
rgw_keystone_admin_password: {get_param: SwiftPassword}
|
||||
rgw_keystone_implicit_tenants: 'true'
|
||||
rgw_keystone_revocation_interval: '0'
|
||||
rgw_s3_auth_use_keystone: 'true'
|
||||
rgw_swift_versioning_enabled: 'true'
|
||||
rgw_swift_account_in_url: 'true'
|
||||
rgw_trust_forwarded_https: 'true'
|
||||
|
||||
metadata_settings:
|
||||
if:
|
||||
- internal_tls_enabled
|
||||
-
|
||||
- service: ceph_rgw
|
||||
- {get_param: EnableInternalTLS}
|
||||
- - service: ceph_rgw
|
||||
network: {get_param: [ServiceNetMap, CephRgwNetwork]}
|
||||
type: node
|
||||
- null
|
||||
deploy_steps_tasks:
|
||||
- name: Certificate generation
|
||||
when:
|
||||
@ -212,7 +201,7 @@ outputs:
|
||||
fi
|
||||
key_size:
|
||||
if:
|
||||
- key_size_override_unset
|
||||
- {get_param: CertificateKeySize}
|
||||
- key_size_override_set
|
||||
- {get_param: CephRgwCertificateKeySize}
|
||||
- {get_param: CertificateKeySize}
|
||||
ca: ipa
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user