openstack
/
tripleo-heat-templates
Code Issues Proposed changes

Allow customization of Ceph client user 

Previously we enforced the Ceph user used by the OpenStack clients
to be named 'openstack', this change allows for customization
of such a name.

Change-Id: Idef3e1ed4e8e21b645081869b8d6fad2329bdc60
This commit is contained in:
Giulio Fidente 2015-08-13 20:10:29 +02:00
parent e19ae9dfe0
commit 9ea7831eae
8 changed files with 38 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
environments/puppet-ceph-external.yaml
View File

@ -14,10 +14,12 @@ parameter_defaults:
CinderEnableRbdBackend: true
GlanceBackend: rbd
# If the Ceph pools which host VMs, Volumes and Images do not match these
# names, edit the following as needed.
# names OR the client keyring to use is not named 'openstack', edit the
# following as needed.
NovaRbdPoolName: vms
CinderRbdPoolName: volumes
GlanceRbdPoolName: images
CephClientUserName: openstack
# finally we disable the Cinder LVM backend
CinderEnableIscsiBackend: false

5
os-apply-config/ceph-cluster-config.yaml
View File

@ -13,7 +13,7 @@ parameters:
ceph_client_key:
default: ''
type: string
description: Ceph key used to create the 'openstack' user keyring.
description: Ceph key used to create the client user keyring.
ceph_fsid:
default: ''
type: string
@ -36,6 +36,9 @@ parameters:
GlanceRbdPoolName:
default: images
type: string
CephClientUserName:
default: openstack
type: string
resources:
CephClusterConfigImpl:

16
puppet/ceph-cluster-config.yaml
View File

@ -13,7 +13,7 @@ parameters:
ceph_client_key:
default: ''
type: string
description: Ceph key used to create the 'openstack' user keyring.
description: Ceph key used to create the client user keyring.
ceph_fsid:
default: ''
type: string
@ -36,6 +36,9 @@ parameters:
GlanceRbdPoolName:
default: images
type: string
CephClientUserName:
default: openstack
type: string
resources:
CephClusterConfigImpl:
@ -74,7 +77,7 @@ resources:
keyring_path: '/var/lib/ceph/bootstrap-osd/ceph.keyring',
cap_mon: 'allow profile bootstrap-osd'
},
client.openstack: {
client.CLIENT_USER: {
secret: 'ADMIN_KEY',
mode: '0644',
cap_mon: 'allow r',
@ -82,6 +85,7 @@ resources:
}
}"
params:
CLIENT_USER: {get_param: CephClientUserName}
ADMIN_KEY: {get_param: ceph_admin_key}
NOVA_POOL: {get_param: NovaRbdPoolName}
CINDER_POOL: {get_param: CinderRbdPoolName}
@ -89,6 +93,14 @@ resources:
nova::compute::rbd::libvirt_images_rbd_pool: {get_param: NovaRbdPoolName}
cinder_rbd_pool_name: {get_param: CinderRbdPoolName}
glance::backend::rbd::rbd_store_pool: {get_param: GlanceRbdPoolName}
nova::compute::rbd::libvirt_rbd_user: {get_param: CephClientUserName}
glance::backend::rbd::rbd_store_user: {get_param: CephClientUserName}
nova::compute::rbd::rbd_keyring:
list_join:
- '.'
- - 'client'
- {get_param: CephClientUserName}
ceph_client_user_name: {get_param: CephClientUserName}
ceph_pools:
- {get_param: CinderRbdPoolName}
- {get_param: NovaRbdPoolName}

14
puppet/extraconfig/ceph/ceph-external-config.yaml
View File

@ -38,6 +38,9 @@ parameters:
GlanceRbdPoolName:
default: images
type: string
CephClientUserName:
default: openstack
type: string
resources:
CephClusterConfigImpl:
@ -56,7 +59,7 @@ resources:
ceph::profile::params::client_keys:
str_replace:
template: "{
client.openstack: {
client.CLIENT_USER: {
secret: 'CLIENT_KEY',
mode: '0644',
cap_mon: 'allow r',
@ -64,6 +67,7 @@ resources:
}
}"
params:
CLIENT_USER: {get_param: CephClientUserName}
CLIENT_KEY: {get_param: ceph_client_key}
NOVA_POOL: {get_param: NovaRbdPoolName}
CINDER_POOL: {get_param: CinderRbdPoolName}
@ -71,6 +75,14 @@ resources:
nova::compute::rbd::libvirt_images_rbd_pool: {get_param: NovaRbdPoolName}
cinder_rbd_pool_name: {get_param: CinderRbdPoolName}
glance::backend::rbd::rbd_store_pool: {get_param: GlanceRbdPoolName}
nova::compute::rbd::libvirt_rbd_user: {get_param: CephClientUserName}
glance::backend::rbd::rbd_store_pool: {get_param: CephClientUserName}
nova::compute::rbd::rbd_keyring:
list_join:
- '.'
- - 'client'
- {get_param: CephClientUserName}
ceph_client_user_name: {get_param: CephClientUserName}
ceph_pools:
- {get_param: CinderRbdPoolName}
- {get_param: NovaRbdPoolName}

2
puppet/hieradata/compute.yaml
View File

@ -10,8 +10,6 @@ nova::compute::vnc_enabled: true
nova::compute::libvirt::vncserver_listen: '0.0.0.0'
nova::compute::libvirt::migration_support: true
nova::compute::rbd::libvirt_rbd_user: 'openstack'
nova::compute::rbd::rbd_keyring: 'client.openstack'
nova::compute::rbd::libvirt_rbd_secret_uuid: "%{hiera('ceph::profile::params::fsid')}"
ceilometer::agent::auth::auth_tenant_name: 'service'

3
puppet/manifests/overcloud_compute.pp
View File

@ -49,8 +49,9 @@ if $rbd_ephemeral_storage or $rbd_persistent_storage {
include ::ceph::profile::client
$client_keys = hiera('ceph::profile::params::client_keys')
$client_user = join(['client.', hiera('ceph_client_user_name')])
class { '::nova::compute::rbd':
libvirt_rbd_secret_key => $client_keys['client.openstack']['secret'],
libvirt_rbd_secret_key => $client_keys[$client_user]['secret'],
}
}

2
puppet/manifests/overcloud_controller.pp
View File

@ -327,7 +327,7 @@ if hiera('step') >= 3 {
cinder::backend::rbd { $cinder_rbd_backend :
rbd_pool => hiera('cinder_rbd_pool_name'),
rbd_user => 'openstack',
rbd_user => hiera('ceph_client_user_name'),
rbd_secret_uuid => hiera('ceph::profile::params::fsid'),
require => $cinder_pool_requires,
}

2
puppet/manifests/overcloud_controller_pacemaker.pp
View File

@ -703,7 +703,7 @@ if hiera('step') >= 3 {
cinder::backend::rbd { $cinder_rbd_backend :
rbd_pool => hiera('cinder_rbd_pool_name'),
rbd_user => 'openstack',
rbd_user => hiera('ceph_client_user_name'),
rbd_secret_uuid => hiera('ceph::profile::params::fsid'),
require => $cinder_pool_requires,
}