openstack
/
tripleo-heat-templates
Code Issues Proposed changes

Merge "Enable Ceph RGW 'account in url' option" into stable/queens

This commit is contained in:
Zuul 2020-02-13 18:14:58 +00:00 committed by Gerrit Code Review
parent d4c8e6a26b f1eb048f7d
commit af178417ba
4 changed files with 135 additions and 72 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
docker/services/ceph-ansible/ceph-base.yaml
View File

@ -235,6 +235,7 @@ resources:
rgw_keystone_implicit_tenants: 'true' rgw_keystone_implicit_tenants: 'true'
rgw_keystone_revocation_interval: '0' rgw_keystone_revocation_interval: '0'
rgw_s3_auth_use_keystone: 'true' rgw_s3_auth_use_keystone: 'true'
rgw_swift_account_in_url: 'true'
outputs: outputs:
role_data: role_data:

53
docker/services/ceph-ansible/ceph-rgw.yaml
View File

@ -38,6 +38,10 @@ parameters:
type: string type: string
default: 'regionOne' default: 'regionOne'
description: Keystone region for endpoint description: Keystone region for endpoint
AdminPassword:
description: The password for the keystone admin account, used for monitoring, querying neutron etc.
type: string
hidden: true
resources: resources:
CephBase: CephBase:
@ -74,6 +78,55 @@ outputs:
radosgw_keystone_ssl: false radosgw_keystone_ssl: false
radosgw_address_block: {get_param: [ServiceData, net_cidr_map, {get_param: [ServiceNetMap, CephRgwNetwork]}]} radosgw_address_block: {get_param: [ServiceData, net_cidr_map, {get_param: [ServiceNetMap, CephRgwNetwork]}]}
radosgw_civetweb_port: {get_param: [EndpointMap, CephRgwInternal, port]} radosgw_civetweb_port: {get_param: [EndpointMap, CephRgwInternal, port]}
update_tasks: &endpoint_update_tasks
- name: get bootstrap nodeid
tags: common
command: hiera -c /etc/puppet/hiera.yaml bootstrap_nodeid
register: bootstrap_node
- name: set is_bootstrap_node fact
tags: common
set_fact: is_bootstrap_node={{bootstrap_node.stdout|lower == ansible_hostname|lower}}
when: bootstrap_node.rc == 0
- name: update rgw endpoints
when:
- step|int == 5
- is_bootstrap_node|bool
block:
- name: set openstack command
set_fact:
oc_openstack_cmd:
- openstack
- '--os-username admin'
- '--os-password'
- {get_param: AdminPassword}
- '--os-identity-api-version 3'
- '--os-project-name admin'
- '--os-project-domain-name Default'
- '--os-region-name'
- {get_param: KeystoneRegion}
- '--os-user-domain-name Default'
- '--os-auth-type password'
- '--os-auth-url'
- {get_param: [EndpointMap, KeystoneV3Internal, uri]}
- name: get endpoint IDs
command: "{{ oc_openstack_cmd|join(' ') }} endpoint list --service object-store --interface {{ item }} -f json"
loop:
- 'internal'
- 'public'
- 'admin'
register: endpoint_ids
- name: update keystone endpoint
command: "{{ oc_openstack_cmd|join(' ') }} endpoint set --url {{ item }} {{ (endpoint_ids.results[idx].stdout|from_json)[0]['ID'] }}"
when:
- endpoint_ids.results[idx].rc == 0
- (endpoint_ids.results[idx].stdout|from_json)[0]['URL'] != item
loop:
- {get_param: [EndpointMap, CephRgwInternal, uri]}
- {get_param: [EndpointMap, CephRgwPublic, uri]}
- {get_param: [EndpointMap, CephRgwAdmin, uri]}
loop_control:
index_var: idx
upgrade_tasks: *endpoint_update_tasks
service_config_settings: service_config_settings:
keystone: keystone:
ceph::rgw::keystone::auth::public_url: {get_param: [EndpointMap, CephRgwPublic, uri]} ceph::rgw::keystone::auth::public_url: {get_param: [EndpointMap, CephRgwPublic, uri]}

6
network/endpoints/endpoint_data.yaml
View File

@ -263,15 +263,15 @@ CephRgw:
Internal: Internal:
net_param: CephRgw net_param: CephRgw
uri_suffixes: uri_suffixes:
'': /swift/v1 '': /swift/v1/AUTH_%(project_id)s
Public: Public:
net_param: Public net_param: Public
uri_suffixes: uri_suffixes:
'': /swift/v1 '': /swift/v1/AUTH_%(project_id)s
Admin: Admin:
net_param: CephRgw net_param: CephRgw
uri_suffixes: uri_suffixes:
'': /swift/v1 '': /swift/v1/AUTH_%(project_id)s
port: 8080 port: 8080
Sahara: Sahara:

147
network/endpoints/endpoint_map.yaml
View File

@ -881,29 +881,32 @@ outputs:
protocol: protocol:
get_param: [EndpointMap, CephRgwAdmin, protocol] get_param: [EndpointMap, CephRgwAdmin, protocol]
uri: uri:
make_url: list_join:
scheme: - ''
get_param: [EndpointMap, CephRgwAdmin, protocol] - - make_url:
host: scheme:
str_replace: get_param: [EndpointMap, CephRgwAdmin, protocol]
template: host:
get_param: [EndpointMap, CephRgwAdmin, host] str_replace:
params: template:
CLOUDNAME: get_param: [EndpointMap, CephRgwAdmin, host]
get_param: params:
- CloudEndpoints CLOUDNAME:
- get_param: [ServiceNetMap, CephRgwNetwork] get_param:
IP_ADDRESS: - CloudEndpoints
get_param: - get_param: [ServiceNetMap, CephRgwNetwork]
- NetIpMap IP_ADDRESS:
- str_replace: get_param:
params: - NetIpMap
NETWORK: - str_replace:
get_param: [ServiceNetMap, CephRgwNetwork] params:
template: NETWORK_uri NETWORK:
port: get_param: [ServiceNetMap, CephRgwNetwork]
get_param: [EndpointMap, CephRgwAdmin, port] template: NETWORK_uri
path: /swift/v1 port:
get_param: [EndpointMap, CephRgwAdmin, port]
path: /swift/v1/AUTH_
- '%(project_id)s'
uri_no_suffix: uri_no_suffix:
make_url: make_url:
scheme: scheme:
@ -963,29 +966,32 @@ outputs:
protocol: protocol:
get_param: [EndpointMap, CephRgwInternal, protocol] get_param: [EndpointMap, CephRgwInternal, protocol]
uri: uri:
make_url: list_join:
scheme: - ''
get_param: [EndpointMap, CephRgwInternal, protocol] - - make_url:
host: scheme:
str_replace: get_param: [EndpointMap, CephRgwInternal, protocol]
template: host:
get_param: [EndpointMap, CephRgwInternal, host] str_replace:
params: template:
CLOUDNAME: get_param: [EndpointMap, CephRgwInternal, host]
get_param: params:
- CloudEndpoints CLOUDNAME:
- get_param: [ServiceNetMap, CephRgwNetwork] get_param:
IP_ADDRESS: - CloudEndpoints
get_param: - get_param: [ServiceNetMap, CephRgwNetwork]
- NetIpMap IP_ADDRESS:
- str_replace: get_param:
params: - NetIpMap
NETWORK: - str_replace:
get_param: [ServiceNetMap, CephRgwNetwork] params:
template: NETWORK_uri NETWORK:
port: get_param: [ServiceNetMap, CephRgwNetwork]
get_param: [EndpointMap, CephRgwInternal, port] template: NETWORK_uri
path: /swift/v1 port:
get_param: [EndpointMap, CephRgwInternal, port]
path: /swift/v1/AUTH_
- '%(project_id)s'
uri_no_suffix: uri_no_suffix:
make_url: make_url:
scheme: scheme:
@ -1045,29 +1051,32 @@ outputs:
protocol: protocol:
get_param: [EndpointMap, CephRgwPublic, protocol] get_param: [EndpointMap, CephRgwPublic, protocol]
uri: uri:
make_url: list_join:
scheme: - ''
get_param: [EndpointMap, CephRgwPublic, protocol] - - make_url:
host: scheme:
str_replace: get_param: [EndpointMap, CephRgwPublic, protocol]
template: host:
get_param: [EndpointMap, CephRgwPublic, host] str_replace:
params: template:
CLOUDNAME: get_param: [EndpointMap, CephRgwPublic, host]
get_param: params:
- CloudEndpoints CLOUDNAME:
- get_param: [ServiceNetMap, PublicNetwork] get_param:
IP_ADDRESS: - CloudEndpoints
get_param: - get_param: [ServiceNetMap, PublicNetwork]
- NetIpMap IP_ADDRESS:
- str_replace: get_param:
params: - NetIpMap
NETWORK: - str_replace:
get_param: [ServiceNetMap, PublicNetwork] params:
template: NETWORK_uri NETWORK:
port: get_param: [ServiceNetMap, PublicNetwork]
get_param: [EndpointMap, CephRgwPublic, port] template: NETWORK_uri
path: /swift/v1 port:
get_param: [EndpointMap, CephRgwPublic, port]
path: /swift/v1/AUTH_
- '%(project_id)s'
uri_no_suffix: uri_no_suffix:
make_url: make_url:
scheme: scheme: