heat_template_version: queens description: > Ceph base service. Shared by all Ceph services. parameters: ServiceData: default: {} description: Dictionary packing service data type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set via parameter_defaults in the resource registry. This mapping overrides those in ServiceNetMapDefaults. type: json DefaultPasswords: default: {} type: json RoleName: default: '' description: Role name on which the service is applied type: string RoleParameters: default: {} description: Parameters specific to the role type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json StackUpdateType: type: string description: > Type of update, to differentiate between UPGRADE and UPDATE cases when StackAction is UPDATE (both are the same stack action). constraints: - allowed_values: ['', 'UPGRADE', 'FASTFORWARDUPGRADE'] default: '' NodeDataLookup: type: string default: '{}' description: json string containing per-node configuration map CephAnsibleWorkflowName: type: string description: Name of the Mistral workflow to execute default: tripleo.storage.v1.ceph-install CephAnsiblePlaybook: type: comma_delimited_list description: List of paths to the ceph-ansible playbooks to execute default: ['/usr/share/ceph-ansible/site-docker.yml.sample'] CephAnsibleUpgradePlaybook: type: string description: Path to the ceph-ansible playbook to execute on upgrade default: /usr/share/ceph-ansible/infrastructure-playbooks/rolling_update.yml CephAnsibleExtraConfig: type: json description: Extra vars for the ceph-ansible playbook default: {} CephAnsibleSkipTags: type: string description: List of ceph-ansible tags to skip default: 'package-install,with_pkg' CephConfigOverrides: type: json description: Extra config settings to dump into ceph.conf default: {} CephClusterFSID: type: string description: The Ceph cluster FSID. Must be a UUID. CephClusterName: type: string default: ceph description: The Ceph cluster name. constraints: - allowed_pattern: "[a-zA-Z0-9]+" description: > The Ceph cluster name must be at least 1 character and contain only letters and numbers. CephPoolDefaultPgNum: description: default pg_num to use for the RBD pools type: number default: 128 CephPools: description: > It can be used to override settings for one of the predefined pools, or to create additional ones. Example: [{"name": "volumes", "pg_num": 64, "rule_name": "replicated_rule"}] default: [] type: json CinderRbdPoolName: default: volumes type: string CinderRbdExtraPools: default: [] description: > List of extra Ceph pools for use with RBD backends for Cinder. An extra Cinder RBD backend driver is created for each pool in the list. This is in addition to the standard RBD backend driver associated with the CinderRbdPoolName. type: comma_delimited_list CinderBackupRbdPoolName: default: backups type: string GlanceRbdPoolName: default: images type: string GnocchiRbdPoolName: default: metrics type: string NovaRbdPoolName: default: vms type: string description: The pool name for RBD backend ephemeral storage. tags: - role_specific CephClientKey: description: The Ceph client key. Can be created with ceph-authtool --gen-print-key. type: string hidden: true CephClientUserName: default: openstack type: string CephRgwClientName: default: radosgw type: string CephRgwKey: description: The cephx key for the radosgw client. Can be created with ceph-authtool --gen-print-key. type: string hidden: true CephPoolDefaultSize: description: default minimum replication for RBD copies type: number default: 3 ManilaCephFSDataPoolName: default: manila_data type: string ManilaCephFSMetadataPoolName: default: manila_metadata type: string ManilaCephFSDataPoolPGNum: default: 128 type: number ManilaCephFSMetadataPoolPGNum: default: 128 type: number ManilaCephFSShareBackendName: default: cephfs type: string ManilaCephFSCephFSAuthId: default: manila type: string CephManilaClientKey: default: '' description: The Ceph client key. Can be created with ceph-authtool --gen-print-key. type: string hidden: true CephIPv6: default: False type: boolean SwiftPassword: description: The password for the swift service account type: string hidden: true DockerCephDaemonImage: description: image type: string CephAnsiblePlaybookVerbosity: default: 0 description: number of '-v', '-vv', etc. passed to ansible-playbook command (max 5) type: number CephAnsibleEnvironmentVariables: default: {} description: Mapping of Ansible environment variables to override defaults. type: json conditions: custom_registry_host: yaql: data: {get_param: DockerCephDaemonImage} expression: $.data.split('/')[0].matches('(\.|:)') perform_upgrade: equals: [{get_param: StackUpdateType}, 'UPGRADE'] ceph_config_overrides_with_sections: yaql: data: {get_param: CephConfigOverrides} expression: $.data.keys().any(predicate => $ in ['global', 'mon', 'mgr', 'osd', 'mds', 'client']) resources: DockerImageUrlParts: type: OS::Heat::Value properties: type: json value: host: if: - custom_registry_host - yaql: expression: let(location => $.data.rightSplit(':', 1)[0]) -> regex('(?:https?://)?(.*?)/(.*)').split($location)[1] data: {get_param: DockerCephDaemonImage} - docker.io image: if: - custom_registry_host - yaql: expression: let(location => $.data.rightSplit(':', 1)[0]) -> regex('(?:https?://)?(.*?)/(.*)').split($location)[2] data: {get_param: DockerCephDaemonImage} - yaql: expression: $.data.rightSplit(':', 1)[0] data: {get_param: DockerCephDaemonImage} image_tag: yaql: expression: $.data.rightSplit(':', 1)[1] data: {get_param: DockerCephDaemonImage} DefaultCephConfigOverrides: type: OS::Heat::Value properties: type: json value: global: osd_pool_default_size: {get_param: CephPoolDefaultSize} osd_pool_default_pg_num: {get_param: CephPoolDefaultPgNum} osd_pool_default_pgp_num: {get_param: CephPoolDefaultPgNum} rgw_keystone_api_version: 3 rgw_keystone_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]} rgw_keystone_accepted_roles: 'Member, admin' rgw_keystone_accepted_admin_roles: ResellerAdmin rgw_keystone_admin_domain: default rgw_keystone_admin_project: service rgw_keystone_admin_user: swift rgw_keystone_admin_password: {get_param: SwiftPassword} rgw_keystone_implicit_tenants: 'true' rgw_keystone_revocation_interval: '0' rgw_s3_auth_use_keystone: 'true' rgw_swift_versioning_enabled: 'true' rgw_swift_account_in_url: 'true' outputs: role_data: description: Role data for the Ceph base service. value: service_name: ceph_base upgrade_tasks: [] puppet_config: config_image: '' config_volume: '' step_config: '' docker_config: {} workflow_tasks: step2: - name: ceph_base_ansible_workflow workflow: {get_param: CephAnsibleWorkflowName} input: ansible_skip_tags: {get_param: CephAnsibleSkipTags} ceph_ansible_extra_vars: {get_param: CephAnsibleExtraConfig} ceph_ansible_playbook: if: - perform_upgrade - {get_param: CephAnsibleUpgradePlaybook} - {get_param: CephAnsiblePlaybook} ansible_playbook_verbosity: {get_param: CephAnsiblePlaybookVerbosity} node_data_lookup: {get_param: NodeDataLookup} ansible_env_variables: {get_param: CephAnsibleEnvironmentVariables} config_settings: ceph_common_ansible_vars: ireallymeanit: 'yes' fsid: { get_param: CephClusterFSID } cluster: { get_param: CephClusterName } docker: true configure_firewall: false ceph_docker_registry: {get_attr: [DockerImageUrlParts, value, host]} ceph_docker_image: {get_attr: [DockerImageUrlParts, value, image]} ceph_docker_image_tag: {get_attr: [DockerImageUrlParts, value, image_tag]} containerized_deployment: true public_network: {get_param: [ServiceData, net_cidr_map, {get_param: [ServiceNetMap, CephMonNetwork]}]} monitor_address_block: {get_param: [ServiceData, net_cidr_map, {get_param: [ServiceNetMap, CephMonNetwork]}]} cluster_network: {get_param: [ServiceData, net_cidr_map, {get_param: [ServiceNetMap, CephClusterNetwork]}]} user_config: true ceph_stable: true ceph_origin: distro openstack_config: true openstack_pools: yaql: expression: $.data.toDict($.get('name')).values() data: list_concat_unique: - repeat: template: name: <%pool%> pg_num: {get_param: CephPoolDefaultPgNum} rule_name: replicated_rule application: rbd for_each: <%pool%>: list_concat_unique: - - {get_param: CinderRbdPoolName} - {get_param: CinderBackupRbdPoolName} - if: - equals: [{get_param: [RoleParameters, NovaRbdPoolName]}, ''] - {get_param: NovaRbdPoolName} - {get_param: [RoleParameters, NovaRbdPoolName]} - {get_param: GlanceRbdPoolName} # CinderRbdExtraPools is a list (do not indent further) - {get_param: CinderRbdExtraPools} - if: - equals: [{get_param: GnocchiRbdPoolName}, ''] - [] - - name: {get_param: GnocchiRbdPoolName} pg_num: {get_param: CephPoolDefaultPgNum} rule_name: replicated_rule application: openstack_gnocchi - {get_param: CephPools} openstack_keys: &openstack_keys - name: list_join: - '.' - - client - {get_param: CephClientUserName} key: {get_param: CephClientKey} caps: mgr: "allow *" mon: "profile rbd" osd: list_join: - ', ' - repeat: template: 'profile rbd pool=<%pool%>' for_each: <%pool%>: list_concat_unique: - - {get_param: CinderRbdPoolName} - {get_param: CinderBackupRbdPoolName} - if: - equals: [{get_param: [RoleParameters, NovaRbdPoolName]}, ''] - {get_param: NovaRbdPoolName} - {get_param: [RoleParameters, NovaRbdPoolName]} - {get_param: GlanceRbdPoolName} - if: - equals: [{get_param: GnocchiRbdPoolName}, ''] - [] - [{get_param: GnocchiRbdPoolName}] # CinderRbdExtraPools is a list (do not indent further) - {get_param: CinderRbdExtraPools} - yaql: data: {get_param: CephPools} expression: $.data.select($.name) mode: "0600" - name: list_join: - '.' - - client - {get_param: ManilaCephFSCephFSAuthId} key: {get_param: CephManilaClientKey} caps: mgr: "allow *" mon: "allow r, allow command 'auth del', allow command 'auth caps', allow command 'auth get', allow command 'auth get-or-create'" mds: "allow *" osd: "allow rw" mode: "0600" - name: list_join: - '.' - - client - {get_param: CephRgwClientName} key: {get_param: CephRgwKey} caps: mgr: "allow *" mon: "allow rw" osd: "allow rwx" mode: "0600" keys: *openstack_keys pools: [] ceph_conf_overrides: if: - ceph_config_overrides_with_sections - yaql: data: default: map_merge: - {get_attr: [DefaultCephConfigOverrides, value]} overrides: {get_param: CephConfigOverrides} expression: $.data.default.mergeWith($.data.overrides) - global: map_merge: - {get_attr: [DefaultCephConfigOverrides, value, global]} - {get_param: CephConfigOverrides} ntp_service_enabled: false generate_fsid: false ip_version: if: - {get_param: CephIPv6} - ipv6 - ipv4 cephfs_data: {get_param: ManilaCephFSDataPoolName} cephfs_metadata: {get_param: ManilaCephFSMetadataPoolName} cephfs: {get_param: ManilaCephFSShareBackendName} cephfs_pools: - { name: {get_param: ManilaCephFSDataPoolName}, pgs: {get_param: ManilaCephFSDataPoolPGNum} } - { name: {get_param: ManilaCephFSMetadataPoolName}, pgs: {get_param: ManilaCephFSMetadataPoolPGNum} }