927495fe3d
The new master branch should point now to queens instead of pike. So, HOT templates should specify that they might contain features for queens release [1] [1]: https://docs.openstack.org/heat/latest/template_guide/hot_spec.html#queens Change-Id: I7654d1c59db0c4508a9d7045f452612d22493004
115 lines
4.4 KiB
YAML
115 lines
4.4 KiB
YAML
heat_template_version: queens
|
|
|
|
description: >
|
|
Ceph RadosGW service.
|
|
|
|
parameters:
|
|
ServiceData:
|
|
default: {}
|
|
description: Dictionary packing service data
|
|
type: json
|
|
ServiceNetMap:
|
|
default: {}
|
|
description: Mapping of service_name -> network name. Typically set
|
|
via parameter_defaults in the resource registry. This
|
|
mapping overrides those in ServiceNetMapDefaults.
|
|
type: json
|
|
DefaultPasswords:
|
|
default: {}
|
|
type: json
|
|
RoleName:
|
|
default: ''
|
|
description: Role name on which the service is applied
|
|
type: string
|
|
RoleParameters:
|
|
default: {}
|
|
description: Parameters specific to the role
|
|
type: json
|
|
EndpointMap:
|
|
default: {}
|
|
description: Mapping of service endpoint -> protocol. Typically set
|
|
via parameter_defaults in the resource registry.
|
|
type: json
|
|
AdminToken:
|
|
description: The keystone auth secret and db password.
|
|
type: string
|
|
hidden: true
|
|
CephRgwKey:
|
|
description: The cephx key for the radosgw client. Can be created
|
|
with ceph-authtool --gen-print-key.
|
|
type: string
|
|
hidden: true
|
|
SwiftPassword:
|
|
description: The password for the swift service account
|
|
type: string
|
|
hidden: true
|
|
KeystoneRegion:
|
|
type: string
|
|
default: 'regionOne'
|
|
description: Keystone region for endpoint
|
|
|
|
resources:
|
|
CephBase:
|
|
type: ./ceph-base.yaml
|
|
properties:
|
|
ServiceData: {get_param: ServiceData}
|
|
ServiceNetMap: {get_param: ServiceNetMap}
|
|
DefaultPasswords: {get_param: DefaultPasswords}
|
|
EndpointMap: {get_param: EndpointMap}
|
|
RoleName: {get_param: RoleName}
|
|
RoleParameters: {get_param: RoleParameters}
|
|
|
|
outputs:
|
|
role_data:
|
|
description: Role data for the Ceph RadosGW service.
|
|
value:
|
|
service_name: ceph_rgw
|
|
config_settings:
|
|
map_merge:
|
|
- get_attr: [CephBase, role_data, config_settings]
|
|
- tripleo::profile::base::ceph::rgw::rgw_key: {get_param: CephRgwKey}
|
|
tripleo::profile::base::ceph::rgw::keystone_admin_token: {get_param: AdminToken}
|
|
tripleo::profile::base::ceph::rgw::keystone_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
|
|
tripleo::profile::base::ceph::rgw::civetweb_bind_ip: {get_param: [ServiceNetMap, CephRgwNetwork]}
|
|
tripleo::profile::base::ceph::rgw::civetweb_bind_port: {get_param: [EndpointMap, CephRgwInternal, port]}
|
|
tripleo::profile::base::ceph::rgw::rgw_keystone_version: v3
|
|
ceph::profile::params::rgw_keystone_admin_domain: default
|
|
ceph::profile::params::rgw_keystone_admin_project: service
|
|
ceph::profile::params::rgw_keystone_admin_user: swift
|
|
ceph::profile::params::rgw_keystone_admin_password: {get_param: SwiftPassword}
|
|
tripleo.ceph_rgw.firewall_rules:
|
|
'122 ceph rgw':
|
|
dport: {get_param: [EndpointMap, CephRgwInternal, port]}
|
|
step_config: |
|
|
include ::tripleo::profile::base::ceph::rgw
|
|
service_config_settings:
|
|
keystone:
|
|
ceph::rgw::keystone::auth::public_url: {get_param: [EndpointMap, CephRgwPublic, uri]}
|
|
ceph::rgw::keystone::auth::internal_url: {get_param: [EndpointMap, CephRgwInternal, uri]}
|
|
ceph::rgw::keystone::auth::admin_url: {get_param: [EndpointMap, CephRgwAdmin, uri]}
|
|
ceph::rgw::keystone::auth::region: {get_param: KeystoneRegion}
|
|
ceph::rgw::keystone::auth::roles: [ 'admin', 'Member', '_member_' ]
|
|
ceph::rgw::keystone::auth::tenant: service
|
|
ceph::rgw::keystone::auth::user: swift
|
|
ceph::rgw::keystone::auth::password: {get_param: SwiftPassword}
|
|
upgrade_tasks:
|
|
- name: Gather RGW instance ID
|
|
tags: common
|
|
shell: hiera -c /etc/puppet/hiera.yaml ceph::profile::params::rgw_name radosgw.gateway
|
|
register: rgw_id
|
|
- name: Check if ceph_rgw is deployed
|
|
command: systemctl is-enabled ceph-radosgw@{{rgw_id.stdout}}
|
|
tags: common
|
|
ignore_errors: True
|
|
register: ceph_rgw_enabled
|
|
- name: Check status
|
|
shell: /usr/bin/systemctl show ceph-radosgw@{{rgw_id.stdout}} --property ActiveState | grep '\bactive\b'
|
|
when: ceph_rgw_enabled.rc == 0
|
|
tags: step0,validation
|
|
- name: Stop RGW instance
|
|
tags: step1
|
|
when: ceph_rgw_enabled.rc == 0
|
|
service:
|
|
name: ceph-radosgw@{{rgw_id.stdout}}
|
|
state: stopped
|