Remove Ceph{Admin,Mon,Mds}Key parameters

ceph-ansible does not support replacing these secrets for existing clusters and it generates them randomly if unset customizing the secret for fresh deployments is possible but causes issues on upgrade to train for pre-existing deployments on queens where it was generated randomly this submission removes support for the parameters which allow for customization of the secret, letting ceph-ansible create one and reuse the existing one on upgrade Change-Id: If77935345de70ae261b091b8bf49b997dc71a781 Closes-Bug: 1878014
2020-05-11 16:48:30 +02:00 · 2020-05-11 16:48:30 +02:00 · 18274de03a
commit 18274de03a
parent a44b659bcf
8 changed files with 2 additions and 37 deletions
--- a/ci/environments/scenario001-multinode-containers.yaml
+++ b/ci/environments/scenario001-multinode-containers.yaml
@ -149,8 +149,6 @@ parameter_defaults:
  # a production deployment. What is here is suitable for
  # developer and CI testing only.
  CephClusterFSID: '4b5c8c0a-ff60-454b-a1b4-9747aa737d19'
-  CephMonKey: 'AQC+Ox1VmEr3BxAALZejqeHj50Nj6wJDvs96OQ=='
-  CephAdminKey: 'AQDLOh1VgEp6FRAAFzT7Zw+Y9V6JJExQAsRnRQ=='
  CephClientKey: 'AQC+vYNXgDAgAhAAc8UoYt+OTz5uhV7ItLdwUw=='
  CephAnsiblePlaybookVerbosity: 1
  CephAnsibleEnvironmentVariables:
--- a/ci/environments/scenario001-standalone.yaml
+++ b/ci/environments/scenario001-standalone.yaml
@ -88,8 +88,6 @@ parameter_defaults:
  # a production deployment. What is here is suitable for
  # developer and CI testing only.
  CephClusterFSID: '4b5c8c0a-ff60-454b-a1b4-9747aa737d19'
-  CephMonKey: 'AQC+Ox1VmEr3BxAALZejqeHj50Nj6wJDvs96OQ=='
-  CephAdminKey: 'AQDLOh1VgEp6FRAAFzT7Zw+Y9V6JJExQAsRnRQ=='
  CephClientKey: 'AQC+vYNXgDAgAhAAc8UoYt+OTz5uhV7ItLdwUw=='
  CephExtraKeys:
    - name: "client.glance"
--- a/ci/environments/scenario004-standalone.yaml
+++ b/ci/environments/scenario004-standalone.yaml
@ -56,9 +56,8 @@ parameter_defaults:
  # a production deployment. What is here is suitable for
  # developer and CI testing only.
  CephClusterFSID: '4b5c8c0a-ff60-454b-a1b4-9747aa737d19'
-  CephMonKey: 'AQC+Ox1VmEr3BxAALZejqeHj50Nj6wJDvs96OQ=='
-  CephAdminKey: 'AQDLOh1VgEp6FRAAFzT7Zw+Y9V6JJExQAsRnRQ=='
  CephClientKey: 'AQC+vYNXgDAgAhAAc8UoYt+OTz5uhV7ItLdwUw=='
+  CephRgwKey: 'AQDLOh1VgEp6FRAAFzT7Zw+Y9V6JJExQAsRnRQ=='
  CephAnsiblePlaybookVerbosity: 1
  CephAnsibleRepo: "tripleo-centos-ceph-nautilus"
  CephAnsibleEnvironmentVariables:
--- a/ci/environments/scenario010-multinode-containers.yaml
+++ b/ci/environments/scenario010-multinode-containers.yaml
@ -107,8 +107,6 @@ parameter_defaults:
  CephClusterFSID: '4b5c8c0a-ff60-454b-a1b4-9747aa737d19'
  CephAnsibleRepo: "tripleo-centos-ceph-nautilus"
  CephClusterName: mycephcluster
-  CephMonKey: 'AQC+Ox1VmEr3BxAALZejqeHj50Nj6wJDvs96OQ=='
-  CephAdminKey: 'AQDLOh1VgEp6FRAAFzT7Zw+Y9V6JJExQAsRnRQ=='
  CephClientKey: 'AQC+vYNXgDAgAhAAc8UoYt+OTz5uhV7ItLdwUw=='
  NovaEnableRbdBackend: true
  CeilometerEnableGnocchi: true
--- a/ci/environments/scenario010-standalone.yaml
+++ b/ci/environments/scenario010-standalone.yaml
@ -62,8 +62,6 @@ parameter_defaults:
  # a production deployment. What is here is suitable for
  # developer and CI testing only.
  CephClusterFSID: '4b5c8c0a-ff60-454b-a1b4-9747aa737d19'
-  CephMonKey: 'AQC+Ox1VmEr3BxAALZejqeHj50Nj6wJDvs96OQ=='
-  CephAdminKey: 'AQDLOh1VgEp6FRAAFzT7Zw+Y9V6JJExQAsRnRQ=='
  CephClientKey: 'AQC+vYNXgDAgAhAAc8UoYt+OTz5uhV7ItLdwUw=='
  CephAnsiblePlaybookVerbosity: 1
  CephAnsibleEnvironmentVariables:
--- a/deployment/ceph-ansible/ceph-mds.yaml
+++ b/deployment/ceph-ansible/ceph-mds.yaml
@ -30,13 +30,6 @@ parameters:
    description: Mapping of service endpoint -> protocol. Typically set
                 via parameter_defaults in the resource registry.
    type: json
-  CephMdsKey:
-    description: The cephx key for the MDS service. Can be created
-                 with ceph-authtool --gen-print-key.
-    type: string
-    hidden: true
-    constraints:
-    - allowed_pattern: "^[a-zA-Z0-9+/]{38}==$"
  CephEnableDashboard:
    type: boolean
    default: false
--- a/deployment/ceph-ansible/ceph-mon.yaml
+++ b/deployment/ceph-ansible/ceph-mon.yaml
@ -30,19 +30,6 @@ parameters:
    description: Mapping of service endpoint -> protocol. Typically set
                 via parameter_defaults in the resource registry.
    type: json
-  CephMonKey:
-    description: The Ceph monitors key. Can be created with ceph-authtool --gen-print-key.
-    type: string
-    hidden: true
-    constraints:
-    - allowed_pattern: "^[a-zA-Z0-9+/]{38}==$"
-  CephAdminKey:
-    default: ''
-    description: The Ceph admin client key. Can be created with ceph-authtool --gen-print-key.
-    type: string
-    hidden: true
-    constraints:
-    - allowed_pattern: "^[a-zA-Z0-9+/]{38}==$"
  CephValidationRetries:
    type: number
    default: 40
@ -75,9 +62,7 @@ resources:
    properties:
      type: json
      value:
-        vars:
-          monitor_secret: {get_param: CephMonKey}
-          admin_secret: {get_param: CephAdminKey}
+        vars: {}

 outputs:
  role_data:
--- a/environments/storage-environment.yaml
+++ b/environments/storage-environment.yaml
@ -77,10 +77,6 @@ parameter_defaults:
  ## Ceph FSID, e.g. '4b5c8c0a-ff60-454b-a1b4-9747aa737d19'
  # CephClusterFSID: ''
  ## Ceph monitor key, e.g. 'AQC+Ox1VmEr3BxAALZejqeHj50Nj6wJDvs96OQ=='
-  # CephMonKey: ''
-  ## Ceph admin key, e.g. 'AQDLOh1VgEp6FRAAFzT7Zw+Y9V6JJExQAsRnRQ=='
-  # CephAdminKey: ''
-  ## Ceph client key, e.g 'AQC+vYNXgDAgAhAAc8UoYt+OTz5uhV7ItLdwUw=='
  # CephClientKey: ''
  ## OSDs configuration
  ## See https://github.com/ceph/ceph-ansible/blob/stable-3.0/docs/source/osds/scenarios.rst