Simplify ceph-ansible service templates

Simplifies conditions and removes some unnecessary heat
resources.

Change-Id: If82b26e1c664906f28427fdfd0a0bb3e35425157
This commit is contained in:
ramishra 2021-04-09 12:07:45 +05:30
parent 17cfe61e0b
commit c5e2ecc5e5
11 changed files with 115 additions and 240 deletions

View File

@ -357,8 +357,6 @@ parameter_groups:
- CephOsdPercentageMin - CephOsdPercentageMin
conditions: conditions:
dashboard_is_enabled: {equals: [{get_param: CephEnableDashboard}, true]}
msgr_secure_mode: {equals: [{get_param: CephMsgrSecureMode}, true]}
custom_registry_host: custom_registry_host:
yaql: yaql:
data: {get_param: ContainerCephDaemonImage} data: {get_param: ContainerCephDaemonImage}
@ -394,8 +392,6 @@ conditions:
equals: equals:
- {get_param: [ServiceData, net_ip_version_map, {get_param: [ServiceNetMap, CephMonNetwork]}]} - {get_param: [ServiceData, net_ip_version_map, {get_param: [ServiceNetMap, CephMonNetwork]}]}
- 6 - 6
internal_tls_enabled: {equals: [{get_param: EnableInternalTLS}, true]}
ceph_ansible_client_disabled: {equals: [{get_param: CephAnsibleSkipClient}, true]}
resources: resources:
ContainerImageUrlParts: ContainerImageUrlParts:
@ -424,17 +420,6 @@ resources:
expression: $.data.rightSplit(':', 1)[1] expression: $.data.rightSplit(':', 1)[1]
data: {get_param: ContainerCephDaemonImage} data: {get_param: ContainerCephDaemonImage}
MsgrSecureModeOverrides:
type: OS::Heat::Value
properties:
type: json
value:
vars:
global:
ms_cluster_mode: secure
ms_service_mode: secure
ms_client_mode: secure
DefaultCephConfigOverrides: DefaultCephConfigOverrides:
type: OS::Heat::Value type: OS::Heat::Value
properties: properties:
@ -489,34 +474,6 @@ resources:
extra_pools: {get_param: CephPools} extra_pools: {get_param: CephPools}
pg_num: {get_param: CephPoolDefaultPgNum} pg_num: {get_param: CephPoolDefaultPgNum}
CephManilaPoolVars:
type: OS::Heat::Value
properties:
type: json
value:
vars:
data: {get_param: ManilaCephFSDataPoolName}
metadata: {get_param: ManilaCephFSMetadataPoolName}
data_pg_num: {get_param: CephPoolDefaultPgNum}
metadata_pg_num: {get_param: CephPoolDefaultPgNum}
CephKeyVars:
type: OS::Heat::Value
properties:
type: json
value:
vars:
openstack_client:
name: {get_param: CephClientUserName}
key: {get_param: CephClientKey}
manila:
name: {get_param: ManilaCephFSCephFSAuthId}
key: {get_param: CephManilaClientKey}
radosgw:
name: {get_param: CephRgwClientName}
key: {get_param: CephRgwKey}
extra_keys: {get_param: CephExtraKeys}
CephBaseAnsibleVars: CephBaseAnsibleVars:
type: OS::Heat::Value type: OS::Heat::Value
properties: properties:
@ -619,16 +576,31 @@ outputs:
- name: set tripleo-ceph-prepare facts - name: set tripleo-ceph-prepare facts
set_fact: set_fact:
ceph_pools: {get_attr: [CephBasePoolVars, value, vars]} ceph_pools: {get_attr: [CephBasePoolVars, value, vars]}
manila_pools: {get_attr: [CephManilaPoolVars, value, vars]} manila_pools:
ceph_keys: {get_attr: [CephKeyVars, value, vars]} data: {get_param: ManilaCephFSDataPoolName}
metadata: {get_param: ManilaCephFSMetadataPoolName}
data_pg_num: {get_param: CephPoolDefaultPgNum}
metadata_pg_num: {get_param: CephPoolDefaultPgNum}
ceph_keys:
openstack_client:
name: {get_param: CephClientUserName}
key: {get_param: CephClientKey}
manila:
name: {get_param: ManilaCephFSCephFSAuthId}
key: {get_param: CephManilaClientKey}
radosgw:
name: {get_param: CephRgwClientName}
key: {get_param: CephRgwKey}
extra_keys: {get_param: CephExtraKeys}
ceph_default_overrides: ceph_default_overrides:
if: if:
- msgr_secure_mode - {get_param: CephMsgrSecureMode}
- yaql: - map_merge:
expression: ($.data.default).mergeWith($.data.secure) - {get_attr: [DefaultCephConfigOverrides, value, vars]}
data: - global:
default: {get_attr: [DefaultCephConfigOverrides, value, vars]} ms_cluster_mode: secure
secure: {get_attr: [MsgrSecureModeOverrides, value, vars]} ms_service_mode: secure
ms_client_mode: secure
- {get_attr: [DefaultCephConfigOverrides, value, vars]} - {get_attr: [DefaultCephConfigOverrides, value, vars]}
ceph_config_overrides: {get_param: CephConfigOverrides} ceph_config_overrides: {get_param: CephConfigOverrides}
- name: set ceph-ansible facts - name: set ceph-ansible facts
@ -636,17 +608,15 @@ outputs:
blacklisted_hostnames: {get_param: DeploymentServerBlacklist} blacklisted_hostnames: {get_param: DeploymentServerBlacklist}
ceph_ansible_group_vars_all: ceph_ansible_group_vars_all:
if: if:
- dashboard_is_enabled - {get_param: CephEnableDashboard}
- map_merge: - map_merge:
- if: - if:
- internal_tls_enabled - {get_param: EnableInternalTLS}
- - dashboard_tls_external: true
dashboard_tls_external: true
dashboard_grafana_api_no_ssl_verify: true dashboard_grafana_api_no_ssl_verify: true
- {}
- {get_attr: [CephBaseAnsibleVars, value, vars]} - {get_attr: [CephBaseAnsibleVars, value, vars]}
- dashboard_admin_password: {get_param: CephDashboardAdminPassword} - dashboard_admin_password: {get_param: CephDashboardAdminPassword}
- grafana_admin_password: {get_param: CephGrafanaAdminPassword} grafana_admin_password: {get_param: CephGrafanaAdminPassword}
- {get_attr: [CephBaseAnsibleVars, value, vars]} - {get_attr: [CephBaseAnsibleVars, value, vars]}
ceph_ansible_extra_vars: ceph_ansible_extra_vars:
map_merge: map_merge:
@ -679,19 +649,17 @@ outputs:
block: block:
- name: set ceph-ansible facts - name: set ceph-ansible facts
set_fact: set_fact:
map_merge:
- if:
- ceph_ansible_client_disabled
-
ceph_ansible_skip_tags: ceph_ansible_skip_tags:
list_join: if:
- {get_param: CephAnsibleSkipClient}
- list_join:
- ',' - ','
- - get_param: CephAnsibleSkipTags - - get_param: CephAnsibleSkipTags
- - 'ceph_client' - 'ceph_client'
- ceph_ansible_skip_tags: {get_param: CephAnsibleSkipTags} - {get_param: CephAnsibleSkipTags}
- ceph_ansible_playbook_verbosity: {get_param: CephAnsiblePlaybookVerbosity} ceph_ansible_playbook_verbosity: {get_param: CephAnsiblePlaybookVerbosity}
- ceph_ansible_playbooks_param: {get_param: CephAnsiblePlaybook} ceph_ansible_playbooks_param: {get_param: CephAnsiblePlaybook}
- ceph_ansible_environment_variables: ceph_ansible_environment_variables:
yaql: yaql:
data: {get_param: CephAnsibleEnvironmentVariables} data: {get_param: CephAnsibleEnvironmentVariables}
expression: $.data.items().select($.join('=')) expression: $.data.items().select($.join('='))

View File

@ -38,22 +38,6 @@ resources:
RoleName: {get_param: RoleName} RoleName: {get_param: RoleName}
RoleParameters: {get_param: RoleParameters} RoleParameters: {get_param: RoleParameters}
CephClientAnsibleVars:
type: OS::Heat::Value
properties:
type: json
value:
vars: {}
CephClientConfigOverrides:
type: OS::Heat::Value
properties:
type: json
value:
vars:
client:
rbd_concurrent_management_ops: 20
outputs: outputs:
role_data: role_data:
description: Role data for the Ceph Client service. description: Role data for the Ceph Client service.
@ -77,8 +61,10 @@ outputs:
block: block:
- name: set ceph-ansible group vars clients - name: set ceph-ansible group vars clients
set_fact: set_fact:
ceph_ansible_group_vars_clients: {get_attr: [CephClientAnsibleVars, value, vars]} ceph_ansible_group_vars_clients: {}
ceph_client_config_overrides: {get_attr: [CephClientConfigOverrides, value, vars]} ceph_client_config_overrides:
client:
rbd_concurrent_management_ops: 20
- name: generate ceph-ansible group vars clients - name: generate ceph-ansible group vars clients
copy: copy:
dest: "{{playbook_dir}}/ceph-ansible/group_vars/clients.yml" dest: "{{playbook_dir}}/ceph-ansible/group_vars/clients.yml"

View File

@ -42,14 +42,6 @@ resources:
RoleName: {get_param: RoleName} RoleName: {get_param: RoleName}
RoleParameters: {get_param: RoleParameters} RoleParameters: {get_param: RoleParameters}
CephExternalAnsibleVars:
type: OS::Heat::Value
properties:
type: json
value:
vars:
external_cluster_mon_ips: {get_param: CephExternalMonHost}
outputs: outputs:
role_data: role_data:
description: Role data for the Ceph External service. description: Role data for the Ceph External service.
@ -74,7 +66,8 @@ outputs:
block: block:
- name: set ceph-ansible group vars clients - name: set ceph-ansible group vars clients
set_fact: set_fact:
ceph_ansible_group_vars_clients: {get_attr: [CephExternalAnsibleVars, value, vars]} ceph_ansible_group_vars_clients:
external_cluster_mon_ips: {get_param: CephExternalMonHost}
- name: generate ceph-ansible group vars clients - name: generate ceph-ansible group vars clients
copy: copy:
dest: "{{playbook_dir}}/ceph-ansible/group_vars/clients.yml" dest: "{{playbook_dir}}/ceph-ansible/group_vars/clients.yml"

View File

@ -72,8 +72,8 @@ parameters:
certificate for this service certificate for this service
conditions: conditions:
internal_tls_enabled: {equals: [{get_param: EnableInternalTLS}, true]} key_size_override_set:
key_size_override_unset: {equals: [{get_param: GrafanaCertificateKeySize}, '']} not: {equals: [{get_param: GrafanaCertificateKeySize}, '']}
resources: resources:
CephBase: CephBase:
@ -135,16 +135,11 @@ outputs:
set_fact: set_fact:
ceph_ansible_group_vars_grafana: ceph_ansible_group_vars_grafana:
if: if:
- internal_tls_enabled - {get_param: EnableInternalTLS}
- yaql: - map_merge:
data:
default:
map_merge:
- {get_attr: [CephGrafanaAnsibleVars, value, vars]} - {get_attr: [CephGrafanaAnsibleVars, value, vars]}
certmap: - grafana_crt: '/etc/pki/tls/certs/ceph_grafana.crt'
grafana_crt: '/etc/pki/tls/certs/ceph_grafana.crt'
grafana_key: '/etc/pki/tls/private/ceph_grafana.key' grafana_key: '/etc/pki/tls/private/ceph_grafana.key'
expression: $.data.default.mergeWith($.data.certmap)
- {get_attr: [CephGrafanaAnsibleVars, value, vars]} - {get_attr: [CephGrafanaAnsibleVars, value, vars]}
- name: generate ceph-ansible grafana-server group vars - name: generate ceph-ansible grafana-server group vars
copy: copy:
@ -154,12 +149,10 @@ outputs:
external_upgrade_tasks: {get_attr: [CephBase, role_data, external_upgrade_tasks]} external_upgrade_tasks: {get_attr: [CephBase, role_data, external_upgrade_tasks]}
metadata_settings: metadata_settings:
if: if:
- internal_tls_enabled - {get_param: EnableInternalTLS}
- - - service: ceph_grafana
- service: ceph_grafana
network: {get_param: [ServiceNetMap, CephGrafanaNetwork]} network: {get_param: [ServiceNetMap, CephGrafanaNetwork]}
type: node type: node
- null
deploy_steps_tasks: deploy_steps_tasks:
- name: Certificate generation - name: Certificate generation
when: when:
@ -190,7 +183,7 @@ outputs:
fi fi
key_size: key_size:
if: if:
- key_size_override_unset - key_size_override_set
- {get_param: CertificateKeySize}
- {get_param: GrafanaCertificateKeySize} - {get_param: GrafanaCertificateKeySize}
- {get_param: CertificateKeySize}
ca: ipa ca: ipa

View File

@ -32,9 +32,6 @@ parameters:
default: false default: false
description: Parameter used to trigger the dashboard deployment. description: Parameter used to trigger the dashboard deployment.
conditions:
dashboard_enabled: {equals: [{get_param: CephEnableDashboard}, true]}
resources: resources:
CephBase: CephBase:
type: ./ceph-base.yaml type: ./ceph-base.yaml
@ -45,13 +42,6 @@ resources:
RoleName: {get_param: RoleName} RoleName: {get_param: RoleName}
RoleParameters: {get_param: RoleParameters} RoleParameters: {get_param: RoleParameters}
CephMdsAnsibleVars:
type: OS::Heat::Value
properties:
type: json
value:
vars: {}
outputs: outputs:
role_data: role_data:
description: Role data for the Ceph Metadata service. description: Role data for the Ceph Metadata service.
@ -63,7 +53,7 @@ outputs:
list_concat: list_concat:
- - '6800-7300' - - '6800-7300'
- if: - if:
- dashboard_enabled - {get_param: CephEnableDashboard}
- - '9100' - - '9100'
- [] - []
upgrade_tasks: {get_attr: [CephBase, role_data, upgrade_tasks]} upgrade_tasks: {get_attr: [CephBase, role_data, upgrade_tasks]}
@ -85,7 +75,7 @@ outputs:
block: block:
- name: set ceph-ansible group vars mdss - name: set ceph-ansible group vars mdss
set_fact: set_fact:
ceph_ansible_group_vars_mdss: {get_attr: [CephMdsAnsibleVars, value, vars]} ceph_ansible_group_vars_mdss: {}
- name: generate ceph-ansible group vars mdss - name: generate ceph-ansible group vars mdss
copy: copy:
dest: "{{playbook_dir}}/ceph-ansible/group_vars/mdss.yml" dest: "{{playbook_dir}}/ceph-ansible/group_vars/mdss.yml"

View File

@ -58,14 +58,12 @@ parameters:
certificate for this service certificate for this service
conditions: conditions:
dashboard_enabled: {equals: [{get_param: CephEnableDashboard}, true]}
internal_tls_enabled: internal_tls_enabled:
and: and:
- dashboard_enabled - {get_param: CephEnableDashboard}
- equals: - {get_param: EnableInternalTLS}
- get_param: EnableInternalTLS key_size_override_set:
- true not: {equals: [{get_param: CephCertificateKeySize}, '']}
key_size_override_unset: {equals: [{get_param: CephCertificateKeySize}, '']}
resources: resources:
CephBase: CephBase:
@ -108,9 +106,8 @@ outputs:
list_concat: list_concat:
- - '6800-7300' - - '6800-7300'
- if: - if:
- dashboard_enabled - {get_param: CephEnableDashboard}
- - {get_param: CephDashboardPort} - - {get_param: CephDashboardPort}
- []
upgrade_tasks: [] upgrade_tasks: []
puppet_config: puppet_config:
config_image: '' config_image: ''
@ -132,11 +129,10 @@ outputs:
ceph_ansible_group_vars_mgrs: ceph_ansible_group_vars_mgrs:
if: if:
- internal_tls_enabled - internal_tls_enabled
- - map_merge:
map_merge:
- {get_attr: [CephMgrAnsibleVars, value, vars]} - {get_attr: [CephMgrAnsibleVars, value, vars]}
- dashboard_crt: /etc/pki/tls/certs/ceph_dashboard.crt - dashboard_crt: /etc/pki/tls/certs/ceph_dashboard.crt
- dashboard_key: /etc/pki/tls/private/ceph_dashboard.key dashboard_key: /etc/pki/tls/private/ceph_dashboard.key
- {get_attr: [CephMgrAnsibleVars, value, vars]} - {get_attr: [CephMgrAnsibleVars, value, vars]}
- name: generate ceph-ansible group vars mgrs - name: generate ceph-ansible group vars mgrs
copy: copy:
@ -147,16 +143,13 @@ outputs:
metadata_settings: metadata_settings:
if: if:
- internal_tls_enabled - internal_tls_enabled
- - - service: ceph_dashboard
- service: ceph_dashboard
network: {get_param: [ServiceNetMap, CephDashboardNetwork]} network: {get_param: [ServiceNetMap, CephDashboardNetwork]}
type: node type: node
- null
deploy_steps_tasks: deploy_steps_tasks:
if: if:
- internal_tls_enabled - internal_tls_enabled
- - - name: Certificate generation
- name: Certificate generation
when: step|int == 1 when: step|int == 1
block: block:
- include_role: - include_role:
@ -183,8 +176,7 @@ outputs:
fi fi
key_size: key_size:
if: if:
- key_size_override_unset - key_size_override_set
- {get_param: CertificateKeySize}
- {get_param: CephCertificateKeySize} - {get_param: CephCertificateKeySize}
- {get_param: CertificateKeySize}
ca: ipa ca: ipa
- null

View File

@ -49,9 +49,6 @@ parameters:
The Ceph cluster name must be at least 1 character and contain only The Ceph cluster name must be at least 1 character and contain only
letters and numbers. letters and numbers.
conditions:
dashboard_enabled: {equals: [{get_param: CephEnableDashboard}, true]}
resources: resources:
CephBase: CephBase:
type: ./ceph-base.yaml type: ./ceph-base.yaml
@ -62,13 +59,6 @@ resources:
RoleName: {get_param: RoleName} RoleName: {get_param: RoleName}
RoleParameters: {get_param: RoleParameters} RoleParameters: {get_param: RoleParameters}
CephMonAnsibleVars:
type: OS::Heat::Value
properties:
type: json
value:
vars: {}
outputs: outputs:
role_data: role_data:
description: Role data for the Ceph Monitor service. description: Role data for the Ceph Monitor service.
@ -81,9 +71,8 @@ outputs:
- - 6789 - - 6789
- - 3300 - - 3300
- if: - if:
- dashboard_enabled - {get_param: CephEnableDashboard}
- - '9100' - - '9100'
- []
service_config_settings: service_config_settings:
collectd: collectd:
tripleo.collectd.plugins.ceph_osd: tripleo.collectd.plugins.ceph_osd:
@ -108,7 +97,7 @@ outputs:
block: block:
- name: set ceph-ansible group vars mons - name: set ceph-ansible group vars mons
set_fact: set_fact:
ceph_ansible_group_vars_mons: {get_attr: [CephMonAnsibleVars, value, vars]} ceph_ansible_group_vars_mons: {}
- name: generate ceph-ansible group vars mons - name: generate ceph-ansible group vars mons
copy: copy:
dest: "{{playbook_dir}}/ceph-ansible/group_vars/mons.yml" dest: "{{playbook_dir}}/ceph-ansible/group_vars/mons.yml"

View File

@ -41,22 +41,6 @@ resources:
RoleName: {get_param: RoleName} RoleName: {get_param: RoleName}
RoleParameters: {get_param: RoleParameters} RoleParameters: {get_param: RoleParameters}
CephNfsAnsibleVars:
type: OS::Heat::Value
properties:
type: json
value:
vars:
ceph_nfs_bind_addr: {get_param: [EndpointMap, GaneshaInternal, host_nobrackets]}
ceph_nfs_enable_service: false
ceph_nfs_use_pacemaker: true
ceph_nfs_dynamic_exports: true
ceph_nfs_service_suffix: pacemaker
nfs_obj_gw: false
ceph_nfs_rados_backend: true
ceph_nfs_disable_caching: true
ceph_nfs_ceph_user: {get_param: ManilaCephFSCephFSAuthId}
outputs: outputs:
role_data: role_data:
description: Role data for the Ceph NFS Ganesha service. description: Role data for the Ceph NFS Ganesha service.
@ -129,7 +113,16 @@ outputs:
block: block:
- name: set ceph-ansible group vars nfss - name: set ceph-ansible group vars nfss
set_fact: set_fact:
ceph_ansible_group_vars_nfss: {get_attr: [CephNfsAnsibleVars, value, vars]} ceph_ansible_group_vars_nfss:
ceph_nfs_bind_addr: {get_param: [EndpointMap, GaneshaInternal, host_nobrackets]}
ceph_nfs_enable_service: false
ceph_nfs_use_pacemaker: true
ceph_nfs_dynamic_exports: true
ceph_nfs_service_suffix: pacemaker
nfs_obj_gw: false
ceph_nfs_rados_backend: true
ceph_nfs_disable_caching: true
ceph_nfs_ceph_user: {get_param: ManilaCephFSCephFSAuthId}
- name: generate ceph-ansible group vars nfss - name: generate ceph-ansible group vars nfss
copy: copy:
dest: "{{playbook_dir}}/ceph-ansible/group_vars/nfss.yml" dest: "{{playbook_dir}}/ceph-ansible/group_vars/nfss.yml"

View File

@ -39,9 +39,6 @@ parameters:
default: false default: false
description: Parameter used to trigger the dashboard deployment. description: Parameter used to trigger the dashboard deployment.
conditions:
dashboard_enabled: {equals: [{get_param: CephEnableDashboard}, true]}
resources: resources:
CephBase: CephBase:
type: ./ceph-base.yaml type: ./ceph-base.yaml
@ -52,13 +49,6 @@ resources:
RoleName: {get_param: RoleName} RoleName: {get_param: RoleName}
RoleParameters: {get_param: RoleParameters} RoleParameters: {get_param: RoleParameters}
CephOsdAnsibleVars:
type: OS::Heat::Value
properties:
type: json
value:
vars: {get_param: CephAnsibleDisksConfig}
outputs: outputs:
role_data: role_data:
description: Role data for the Ceph OSD service. description: Role data for the Ceph OSD service.
@ -70,9 +60,8 @@ outputs:
list_concat: list_concat:
- - '6800-7300' - - '6800-7300'
- if: - if:
- dashboard_enabled - {get_param: CephEnableDashboard}
- - '9100' - - '9100'
- []
service_config_settings: service_config_settings:
collectd: collectd:
tripleo.collectd.plugins.ceph_osd: tripleo.collectd.plugins.ceph_osd:
@ -142,7 +131,7 @@ outputs:
block: block:
- name: set ceph-ansible group vars osds - name: set ceph-ansible group vars osds
set_fact: set_fact:
ceph_ansible_group_vars_osds: {get_attr: [CephOsdAnsibleVars, value, vars]} ceph_ansible_group_vars_osds: {get_param: CephAnsibleDisksConfig}
- name: generate ceph-ansible group vars osds - name: generate ceph-ansible group vars osds
copy: copy:
dest: "{{playbook_dir}}/ceph-ansible/group_vars/osds.yml" dest: "{{playbook_dir}}/ceph-ansible/group_vars/osds.yml"

View File

@ -61,18 +61,6 @@ resources:
RoleName: {get_param: RoleName} RoleName: {get_param: RoleName}
RoleParameters: {get_param: RoleParameters} RoleParameters: {get_param: RoleParameters}
CephRbdMirrorAnsibleVars:
type: OS::Heat::Value
properties:
type: json
value:
vars:
copy_admin_key: {get_param: CephRbdMirrorCopyAdminKey}
ceph_rbd_mirror_configure: {get_param: CephRbdMirrorConfigure}
ceph_rbd_mirror_pool: {get_param: CephRbdMirrorPool}
ceph_rbd_mirror_remote_cluster: {get_param: CephRbdMirrorRemoteCluster}
ceph_rbd_mirror_remote_user: {get_param: CephRbdMirrorRemoteUser}
outputs: outputs:
role_data: role_data:
description: Role data for the Ceph RBD Mirror service. description: Role data for the Ceph RBD Mirror service.
@ -100,7 +88,12 @@ outputs:
block: block:
- name: set ceph-ansible group vars rbdmirrors - name: set ceph-ansible group vars rbdmirrors
set_fact: set_fact:
ceph_ansible_group_vars_rbdmirrors: {get_attr: [CephRbdMirrorAnsibleVars, value, vars]} ceph_ansible_group_vars_rbdmirrors:
copy_admin_key: {get_param: CephRbdMirrorCopyAdminKey}
ceph_rbd_mirror_configure: {get_param: CephRbdMirrorConfigure}
ceph_rbd_mirror_pool: {get_param: CephRbdMirrorPool}
ceph_rbd_mirror_remote_cluster: {get_param: CephRbdMirrorRemoteCluster}
ceph_rbd_mirror_remote_user: {get_param: CephRbdMirrorRemoteUser}
- name: generate ceph-ansible group vars rbdmirrors - name: generate ceph-ansible group vars rbdmirrors
copy: copy:
dest: "{{playbook_dir}}/ceph-ansible/group_vars/rbdmirrors.yml" dest: "{{playbook_dir}}/ceph-ansible/group_vars/rbdmirrors.yml"

View File

@ -54,9 +54,8 @@ parameters:
certificate for this service certificate for this service
conditions: conditions:
dashboard_enabled: {equals: [{get_param: CephEnableDashboard}, true]} key_size_override_set:
internal_tls_enabled: {equals: [{get_param: EnableInternalTLS}, true]} not: {equals: [{get_param: CephRgwCertificateKeySize}, '']}
key_size_override_unset: {equals: [{get_param: CephRgwCertificateKeySize}, '']}
resources: resources:
CephBase: CephBase:
@ -82,28 +81,6 @@ resources:
- get_param: [ServiceData, net_cidr_map, {get_param: [ServiceNetMap, CephRgwNetwork]}] - get_param: [ServiceData, net_cidr_map, {get_param: [ServiceNetMap, CephRgwNetwork]}]
radosgw_frontend_port: {get_param: [EndpointMap, CephRgwInternal, port]} radosgw_frontend_port: {get_param: [EndpointMap, CephRgwInternal, port]}
CephRgwConfigOverrides:
type: OS::Heat::Value
properties:
type: json
value:
vars:
global:
rgw_keystone_api_version: 3
rgw_keystone_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
rgw_keystone_accepted_roles: 'member, Member, admin'
rgw_keystone_accepted_admin_roles: ResellerAdmin, swiftoperator
rgw_keystone_admin_domain: default
rgw_keystone_admin_project: service
rgw_keystone_admin_user: swift
rgw_keystone_admin_password: {get_param: SwiftPassword}
rgw_keystone_implicit_tenants: 'true'
rgw_keystone_revocation_interval: '0'
rgw_s3_auth_use_keystone: 'true'
rgw_swift_versioning_enabled: 'true'
rgw_swift_account_in_url: 'true'
rgw_trust_forwarded_https: 'true'
outputs: outputs:
role_data: role_data:
description: Role data for the Ceph RadosGW service. description: Role data for the Ceph RadosGW service.
@ -115,9 +92,8 @@ outputs:
list_concat: list_concat:
- - {get_param: [EndpointMap, CephRgwInternal, port]} - - {get_param: [EndpointMap, CephRgwInternal, port]}
- if: - if:
- dashboard_enabled - {get_param: CephEnableDashboard}
- - '9100' - - '9100'
- []
keystone_resources: keystone_resources:
swift: swift:
endpoints: endpoints:
@ -153,12 +129,27 @@ outputs:
set_fact: set_fact:
ceph_ansible_group_vars_rgws: ceph_ansible_group_vars_rgws:
if: if:
- internal_tls_enabled - {get_param: EnableInternalTLS}
- map_merge: - map_merge:
- {get_attr: [CephRgwAnsibleVars, value, vars]} - {get_attr: [CephRgwAnsibleVars, value, vars]}
- radosgw_frontend_ssl_certificate: '/etc/pki/tls/certs/ceph_rgw.pem' - radosgw_frontend_ssl_certificate: '/etc/pki/tls/certs/ceph_rgw.pem'
- {get_attr: [CephRgwAnsibleVars, value, vars]} - {get_attr: [CephRgwAnsibleVars, value, vars]}
ceph_rgw_config_overrides: {get_attr: [CephRgwConfigOverrides, value, vars]} ceph_rgw_config_overrides:
global:
rgw_keystone_api_version: 3
rgw_keystone_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
rgw_keystone_accepted_roles: 'member, Member, admin'
rgw_keystone_accepted_admin_roles: ResellerAdmin, swiftoperator
rgw_keystone_admin_domain: default
rgw_keystone_admin_project: service
rgw_keystone_admin_user: swift
rgw_keystone_admin_password: {get_param: SwiftPassword}
rgw_keystone_implicit_tenants: 'true'
rgw_keystone_revocation_interval: '0'
rgw_s3_auth_use_keystone: 'true'
rgw_swift_versioning_enabled: 'true'
rgw_swift_account_in_url: 'true'
rgw_trust_forwarded_https: 'true'
- name: generate ceph-ansible group vars rgws - name: generate ceph-ansible group vars rgws
copy: copy:
dest: "{{playbook_dir}}/ceph-ansible/group_vars/rgws.yml" dest: "{{playbook_dir}}/ceph-ansible/group_vars/rgws.yml"
@ -167,12 +158,10 @@ outputs:
external_upgrade_tasks: {get_attr: [CephBase, role_data, external_upgrade_tasks]} external_upgrade_tasks: {get_attr: [CephBase, role_data, external_upgrade_tasks]}
metadata_settings: metadata_settings:
if: if:
- internal_tls_enabled - {get_param: EnableInternalTLS}
- - - service: ceph_rgw
- service: ceph_rgw
network: {get_param: [ServiceNetMap, CephRgwNetwork]} network: {get_param: [ServiceNetMap, CephRgwNetwork]}
type: node type: node
- null
deploy_steps_tasks: deploy_steps_tasks:
- name: Certificate generation - name: Certificate generation
when: when:
@ -208,7 +197,7 @@ outputs:
fi fi
key_size: key_size:
if: if:
- key_size_override_unset - key_size_override_set
- {get_param: CertificateKeySize}
- {get_param: CephRgwCertificateKeySize} - {get_param: CephRgwCertificateKeySize}
- {get_param: CertificateKeySize}
ca: ipa ca: ipa