heat_template_version: queens description: > Ceph base service. Shared by all Ceph services. parameters: ServiceData: default: {} description: Dictionary packing service data type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set via parameter_defaults in the resource registry. This mapping overrides those in ServiceNetMapDefaults. type: json DefaultPasswords: default: {} type: json RoleName: default: '' description: Role name on which the service is applied type: string RoleParameters: default: {} description: Parameters specific to the role type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json StackUpdateType: type: string description: > Type of update, to differentiate between UPGRADE and UPDATE cases when StackAction is UPDATE (both are the same stack action). constraints: - allowed_values: ['', 'UPGRADE', 'FASTFORWARDUPGRADE'] default: '' NodeDataLookup: type: string default: '{}' description: json string containing per-node configuration map CephAnsibleWorkflowName: type: string description: Name of the Mistral workflow to execute default: tripleo.storage.v1.ceph-install CephAnsiblePlaybook: type: comma_delimited_list description: List of paths to the ceph-ansible playbooks to execute default: ['/usr/share/ceph-ansible/site-docker.yml.sample'] CephAnsibleUpgradePlaybook: type: string description: Path to the ceph-ansible playbook to execute on upgrade default: /usr/share/ceph-ansible/infrastructure-playbooks/rolling_update.yml CephAnsibleExtraConfig: type: json description: Extra vars for the ceph-ansible playbook default: {} CephAnsibleSkipTags: type: string description: List of ceph-ansible tags to skip default: 'package-install,with_pkg' CephConfigOverrides: type: json description: Extra config settings to dump into ceph.conf default: {} CephClusterFSID: type: string description: The Ceph cluster FSID. Must be a UUID. CephClusterName: type: string default: ceph description: The Ceph cluster name. constraints: - allowed_pattern: "[a-zA-Z0-9]+" description: > The Ceph cluster name must be at least 1 character and contain only letters and numbers. CephPoolDefaultPgNum: description: default pg_num to use for the RBD pools type: number default: 128 CephPools: description: > It can be used to override settings for one of the predefined pools, or to create additional ones. Example: [{"name": "volumes", "pg_num": 64, "rule_name": ""}] default: [] type: json CinderRbdPoolName: default: volumes type: string CinderRbdExtraPools: default: [] description: > List of extra Ceph pools for use with RBD backends for Cinder. An extra Cinder RBD backend driver is created for each pool in the list. This is in addition to the standard RBD backend driver associated with the CinderRbdPoolName. type: comma_delimited_list CinderBackupRbdPoolName: default: backups type: string GlanceRbdPoolName: default: images type: string GnocchiRbdPoolName: default: metrics type: string NovaRbdPoolName: default: vms type: string CephClientKey: description: The Ceph client key. Can be created with ceph-authtool --gen-print-key. type: string hidden: true CephClientUserName: default: openstack type: string CephRgwClientName: default: radosgw type: string CephRgwKey: description: The cephx key for the radosgw client. Can be created with ceph-authtool --gen-print-key. type: string hidden: true CephPoolDefaultSize: description: default minimum replication for RBD copies type: number default: 3 ManilaCephFSNativeCephFSAuthId: default: manila type: string CephManilaClientKey: default: '' description: The Ceph client key. Can be created with ceph-authtool --gen-print-key. type: string hidden: true CephIPv6: default: False type: boolean SwiftPassword: description: The password for the swift service account type: string hidden: true DockerCephDaemonImage: description: image type: string CephAnsiblePlaybookVerbosity: default: 0 description: number of '-v', '-vv', etc. passed to ansible-playbook command (max 5) type: number CephAnsibleEnvironmentVariables: default: {} description: Mapping of Ansible environment variables to override defaults. type: json conditions: custom_registry_host: yaql: data: {get_param: DockerCephDaemonImage} expression: $.data.split('/')[0].matches('(\.|:)') perform_upgrade: equals: [{get_param: StackUpdateType}, 'UPGRADE'] resources: DockerImageUrlParts: type: OS::Heat::Value properties: type: json value: host: if: - custom_registry_host - yaql: expression: let(location => $.data.rightSplit(':', 1)[0]) -> regex('(?:https?://)?(.*?)/(.*)').split($location)[1] data: {get_param: DockerCephDaemonImage} - docker.io image: if: - custom_registry_host - yaql: expression: let(location => $.data.rightSplit(':', 1)[0]) -> regex('(?:https?://)?(.*?)/(.*)').split($location)[2] data: {get_param: DockerCephDaemonImage} - yaql: expression: $.data.rightSplit(':', 1)[0] data: {get_param: DockerCephDaemonImage} image_tag: yaql: expression: $.data.rightSplit(':', 1)[1] data: {get_param: DockerCephDaemonImage} outputs: role_data: description: Role data for the Ceph base service. value: service_name: ceph_base upgrade_tasks: [] puppet_config: config_image: '' config_volume: '' step_config: '' docker_config: {} workflow_tasks: step2: - name: ceph_base_ansible_workflow workflow: {get_param: CephAnsibleWorkflowName} input: ansible_skip_tags: {get_param: CephAnsibleSkipTags} ceph_ansible_extra_vars: {get_param: CephAnsibleExtraConfig} ceph_ansible_playbook: if: - perform_upgrade - {get_param: CephAnsibleUpgradePlaybook} - {get_param: CephAnsiblePlaybook} ansible_playbook_verbosity: {get_param: CephAnsiblePlaybookVerbosity} node_data_lookup: {get_param: NodeDataLookup} ansible_env_variables: {get_param: CephAnsibleEnvironmentVariables} config_settings: ceph_common_ansible_vars: ireallymeanit: 'yes' fsid: { get_param: CephClusterFSID } cluster: { get_param: CephClusterName } docker: true ceph_release: luminous ceph_docker_registry: {get_attr: [DockerImageUrlParts, value, host]} ceph_docker_image: {get_attr: [DockerImageUrlParts, value, image]} ceph_docker_image_tag: {get_attr: [DockerImageUrlParts, value, image_tag]} containerized_deployment: true public_network: {get_param: [ServiceData, net_cidr_map, {get_param: [ServiceNetMap, CephMonNetwork]}]} monitor_address_block: {get_param: [ServiceData, net_cidr_map, {get_param: [ServiceNetMap, CephMonNetwork]}]} cluster_network: {get_param: [ServiceData, net_cidr_map, {get_param: [ServiceNetMap, CephClusterNetwork]}]} user_config: true ceph_stable: true ceph_origin: distro openstack_config: true openstack_pools: yaql: expression: $.data.toDict($.get('name')).values() data: list_concat_unique: - repeat: template: name: <%pool%> pg_num: {get_param: CephPoolDefaultPgNum} rule_name: "" for_each: <%pool%>: list_concat_unique: - - {get_param: CinderRbdPoolName} - {get_param: CinderBackupRbdPoolName} - {get_param: NovaRbdPoolName} - {get_param: GlanceRbdPoolName} - {get_param: GnocchiRbdPoolName} # CinderRbdExtraPools is a list (do not indent further) - {get_param: CinderRbdExtraPools} - {get_param: CephPools} openstack_keys: &openstack_keys - name: list_join: - '.' - - client - {get_param: CephClientUserName} key: {get_param: CephClientKey} mgr_cap: "allow *" mon_cap: "allow r" osd_cap: str_replace: template: 'allow class-read object_prefix rbd_children, allow rwx pool=CEPH_CLIENT_POOLS' params: CEPH_CLIENT_POOLS: list_join: - ', allow rwx pool=' - list_concat_unique: - - {get_param: CinderRbdPoolName} - {get_param: CinderBackupRbdPoolName} - {get_param: NovaRbdPoolName} - {get_param: GlanceRbdPoolName} - {get_param: GnocchiRbdPoolName} # CinderRbdExtraPools is a list (do not indent further) - {get_param: CinderRbdExtraPools} - yaql: data: {get_param: CephPools} expression: $.data.select($.name) mode: "0600" - name: list_join: - '.' - - client - {get_param: ManilaCephFSNativeCephFSAuthId} key: {get_param: CephManilaClientKey} mgr_cap: "allow *" mon_cap: 'allow r, allow command \\\"auth del\\\", allow command \\\"auth caps\\\", allow command \\\"auth get\\\", allow command \\\"auth get-or-create\\\"' mds_cap: "allow *" osd_cap: "allow rw" mode: "0600" - name: list_join: - '.' - - client - {get_param: CephRgwClientName} key: {get_param: CephRgwKey} mgr_cap: "allow *" mon_cap: "allow rw" osd_cap: "allow rwx" mode: "0600" keys: *openstack_keys pools: [] ceph_conf_overrides: global: map_merge: - osd_pool_default_size: {get_param: CephPoolDefaultSize} osd_pool_default_pg_num: {get_param: CephPoolDefaultPgNum} osd_pool_default_pgp_num: {get_param: CephPoolDefaultPgNum} rgw_keystone_api_version: 3 rgw_keystone_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]} rgw_keystone_accepted_roles: 'Member, admin' rgw_keystone_admin_domain: default rgw_keystone_admin_project: service rgw_keystone_admin_user: swift rgw_keystone_admin_password: {get_param: SwiftPassword} rgw_keystone_implicit_tenants: 'true' rgw_keystone_revocation_interval: '0' rgw_s3_auth_use_keystone: 'true' - {get_param: CephConfigOverrides} ntp_service_enabled: false generate_fsid: false ip_version: if: - {get_param: CephIPv6} - ipv6 - ipv4