Merge "Fix cinder's cephx keyring file permissions" into stable/victoria
This commit is contained in:
commit
de7f67a5e1
@ -85,6 +85,34 @@ parameters:
|
|||||||
description: >
|
description: >
|
||||||
The Ceph cluster name must be at least 1 character and contain only
|
The Ceph cluster name must be at least 1 character and contain only
|
||||||
letters and numbers.
|
letters and numbers.
|
||||||
|
CephExternalMultiConfig:
|
||||||
|
type: json
|
||||||
|
hidden: true
|
||||||
|
description: |
|
||||||
|
List of maps describing extra overrides which will be applied when configuring
|
||||||
|
extra external Ceph clusters. If this list is non-empty, ceph-ansible will run
|
||||||
|
an extra count(list) times using the same parameters as the first run except
|
||||||
|
each parameter within each map will override the defaults. If the following
|
||||||
|
were used, the second run would configure the overcloud to also use the ceph2
|
||||||
|
cluster with all the previous parameters except /etc/ceph/ceph2.conf would have
|
||||||
|
a mon_host entry containing the value of external_cluster_mon_ips below, and
|
||||||
|
not the default CephExternalMonHost. Subsequent ceph-ansible runs are restricted
|
||||||
|
to just ceph clients. CephExternalMultiConfig may not be used to deploy additional
|
||||||
|
internal Ceph clusters within one Heat stack. The map for each list should contain
|
||||||
|
not tripleo-heat-template parameters but ceph-ansible parameters.
|
||||||
|
- cluster: 'ceph2'
|
||||||
|
fsid: 'e2cba068-5f14-4b0f-b047-acf375c0004a'
|
||||||
|
external_cluster_mon_ips: '172.18.0.5,172.18.0.6,172.18.0.7'
|
||||||
|
keys:
|
||||||
|
- name: "client.openstack"
|
||||||
|
caps:
|
||||||
|
mgr: "allow *"
|
||||||
|
mon: "profile rbd"
|
||||||
|
osd: "osd: profile rbd pool=volumes, profile rbd pool=backups, profile rbd pool=vms, profile rbd pool=images"
|
||||||
|
key: "AQCwmeRcAAAAABAA6SQU/bGqFjlfLro5KxrB1Q=="
|
||||||
|
mode: "0600"
|
||||||
|
dashboard_enabled: false
|
||||||
|
default: []
|
||||||
|
|
||||||
conditions:
|
conditions:
|
||||||
|
|
||||||
@ -159,6 +187,8 @@ outputs:
|
|||||||
cinder_common_kolla_permissions:
|
cinder_common_kolla_permissions:
|
||||||
description: Common kolla permissions for cinder-volume and cinder-backup services
|
description: Common kolla permissions for cinder-volume and cinder-backup services
|
||||||
value:
|
value:
|
||||||
|
list_concat:
|
||||||
|
-
|
||||||
- path: /var/log/cinder
|
- path: /var/log/cinder
|
||||||
owner: cinder:cinder
|
owner: cinder:cinder
|
||||||
recurse: true
|
recurse: true
|
||||||
@ -174,6 +204,17 @@ outputs:
|
|||||||
owner: cinder:cinder
|
owner: cinder:cinder
|
||||||
- path: /etc/pki/tls/private/etcd.key
|
- path: /etc/pki/tls/private/etcd.key
|
||||||
owner: cinder:cinder
|
owner: cinder:cinder
|
||||||
|
- repeat:
|
||||||
|
template:
|
||||||
|
path: /etc/ceph/<%cluster%>.client.*.keyring
|
||||||
|
owner: cinder:cinder
|
||||||
|
perm: '0600'
|
||||||
|
for_each:
|
||||||
|
<%cluster%>:
|
||||||
|
yaql:
|
||||||
|
expression: $.data.multiconfig.select($.cluster)
|
||||||
|
data:
|
||||||
|
multiconfig: {get_param: CephExternalMultiConfig}
|
||||||
|
|
||||||
cinder_volume_host_prep_tasks:
|
cinder_volume_host_prep_tasks:
|
||||||
description: Host prep tasks for the cinder-volume service (HA or non-HA)
|
description: Host prep tasks for the cinder-volume service (HA or non-HA)
|
||||||
|
Loading…
Reference in New Issue
Block a user