Browse Source

Remove Ceph{Admin,Mon,Mds}Key parameters

ceph-ansible does not support replacing these secrets for existing
clusters and it generates them randomly if unset

customizing the secret for fresh deployments is possible but causes
issues on upgrade to train for pre-existing deployments on queens
where it was generated randomly

this submission removes support for the parameters which allow for
customization of the secret, letting ceph-ansible create one and
reuse the existing one on upgrade

Change-Id: If77935345de70ae261b091b8bf49b997dc71a781
Closes-Bug: 1878014
changes/75/726875/1
Giulio Fidente 1 year ago
parent
commit
18274de03a
  1. 2
      ci/environments/scenario001-multinode-containers.yaml
  2. 2
      ci/environments/scenario001-standalone.yaml
  3. 3
      ci/environments/scenario004-standalone.yaml
  4. 2
      ci/environments/scenario010-multinode-containers.yaml
  5. 2
      ci/environments/scenario010-standalone.yaml
  6. 7
      deployment/ceph-ansible/ceph-mds.yaml
  7. 17
      deployment/ceph-ansible/ceph-mon.yaml
  8. 4
      environments/storage-environment.yaml

2
ci/environments/scenario001-multinode-containers.yaml

@ -149,8 +149,6 @@ parameter_defaults:
# a production deployment. What is here is suitable for
# developer and CI testing only.
CephClusterFSID: '4b5c8c0a-ff60-454b-a1b4-9747aa737d19'
CephMonKey: 'AQC+Ox1VmEr3BxAALZejqeHj50Nj6wJDvs96OQ=='
CephAdminKey: 'AQDLOh1VgEp6FRAAFzT7Zw+Y9V6JJExQAsRnRQ=='
CephClientKey: 'AQC+vYNXgDAgAhAAc8UoYt+OTz5uhV7ItLdwUw=='
CephAnsiblePlaybookVerbosity: 1
CephAnsibleEnvironmentVariables:

2
ci/environments/scenario001-standalone.yaml

@ -88,8 +88,6 @@ parameter_defaults:
# a production deployment. What is here is suitable for
# developer and CI testing only.
CephClusterFSID: '4b5c8c0a-ff60-454b-a1b4-9747aa737d19'
CephMonKey: 'AQC+Ox1VmEr3BxAALZejqeHj50Nj6wJDvs96OQ=='
CephAdminKey: 'AQDLOh1VgEp6FRAAFzT7Zw+Y9V6JJExQAsRnRQ=='
CephClientKey: 'AQC+vYNXgDAgAhAAc8UoYt+OTz5uhV7ItLdwUw=='
CephExtraKeys:
- name: "client.glance"

3
ci/environments/scenario004-standalone.yaml

@ -56,9 +56,8 @@ parameter_defaults:
# a production deployment. What is here is suitable for
# developer and CI testing only.
CephClusterFSID: '4b5c8c0a-ff60-454b-a1b4-9747aa737d19'
CephMonKey: 'AQC+Ox1VmEr3BxAALZejqeHj50Nj6wJDvs96OQ=='
CephAdminKey: 'AQDLOh1VgEp6FRAAFzT7Zw+Y9V6JJExQAsRnRQ=='
CephClientKey: 'AQC+vYNXgDAgAhAAc8UoYt+OTz5uhV7ItLdwUw=='
CephRgwKey: 'AQDLOh1VgEp6FRAAFzT7Zw+Y9V6JJExQAsRnRQ=='
CephAnsiblePlaybookVerbosity: 1
CephAnsibleRepo: "tripleo-centos-ceph-nautilus"
CephAnsibleEnvironmentVariables:

2
ci/environments/scenario010-multinode-containers.yaml

@ -107,8 +107,6 @@ parameter_defaults:
CephClusterFSID: '4b5c8c0a-ff60-454b-a1b4-9747aa737d19'
CephAnsibleRepo: "tripleo-centos-ceph-nautilus"
CephClusterName: mycephcluster
CephMonKey: 'AQC+Ox1VmEr3BxAALZejqeHj50Nj6wJDvs96OQ=='
CephAdminKey: 'AQDLOh1VgEp6FRAAFzT7Zw+Y9V6JJExQAsRnRQ=='
CephClientKey: 'AQC+vYNXgDAgAhAAc8UoYt+OTz5uhV7ItLdwUw=='
NovaEnableRbdBackend: true
CeilometerEnableGnocchi: true

2
ci/environments/scenario010-standalone.yaml

@ -62,8 +62,6 @@ parameter_defaults:
# a production deployment. What is here is suitable for
# developer and CI testing only.
CephClusterFSID: '4b5c8c0a-ff60-454b-a1b4-9747aa737d19'
CephMonKey: 'AQC+Ox1VmEr3BxAALZejqeHj50Nj6wJDvs96OQ=='
CephAdminKey: 'AQDLOh1VgEp6FRAAFzT7Zw+Y9V6JJExQAsRnRQ=='
CephClientKey: 'AQC+vYNXgDAgAhAAc8UoYt+OTz5uhV7ItLdwUw=='
CephAnsiblePlaybookVerbosity: 1
CephAnsibleEnvironmentVariables:

7
deployment/ceph-ansible/ceph-mds.yaml

@ -30,13 +30,6 @@ parameters:
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
CephMdsKey:
description: The cephx key for the MDS service. Can be created
with ceph-authtool --gen-print-key.
type: string
hidden: true
constraints:
- allowed_pattern: "^[a-zA-Z0-9+/]{38}==$"
CephEnableDashboard:
type: boolean
default: false

17
deployment/ceph-ansible/ceph-mon.yaml

@ -30,19 +30,6 @@ parameters:
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
CephMonKey:
description: The Ceph monitors key. Can be created with ceph-authtool --gen-print-key.
type: string
hidden: true
constraints:
- allowed_pattern: "^[a-zA-Z0-9+/]{38}==$"
CephAdminKey:
default: ''
description: The Ceph admin client key. Can be created with ceph-authtool --gen-print-key.
type: string
hidden: true
constraints:
- allowed_pattern: "^[a-zA-Z0-9+/]{38}==$"
CephValidationRetries:
type: number
default: 40
@ -75,9 +62,7 @@ resources:
properties:
type: json
value:
vars:
monitor_secret: {get_param: CephMonKey}
admin_secret: {get_param: CephAdminKey}
vars: {}
outputs:
role_data:

4
environments/storage-environment.yaml

@ -77,10 +77,6 @@ parameter_defaults:
## Ceph FSID, e.g. '4b5c8c0a-ff60-454b-a1b4-9747aa737d19'
# CephClusterFSID: ''
## Ceph monitor key, e.g. 'AQC+Ox1VmEr3BxAALZejqeHj50Nj6wJDvs96OQ=='
# CephMonKey: ''
## Ceph admin key, e.g. 'AQDLOh1VgEp6FRAAFzT7Zw+Y9V6JJExQAsRnRQ=='
# CephAdminKey: ''
## Ceph client key, e.g 'AQC+vYNXgDAgAhAAc8UoYt+OTz5uhV7ItLdwUw=='
# CephClientKey: ''
## OSDs configuration
## See https://github.com/ceph/ceph-ansible/blob/stable-3.0/docs/source/osds/scenarios.rst

Loading…
Cancel
Save