stackforge/puppet-openstack-cloud
Code Issues Proposed changes

Merge pull request #212 from enovance/bug/154/fcleseb

Browse Source 
Write CephX keys to files
This commit is contained in:
Emilien Macchi
2014-02-11 13:48:14 +01:00
parent 6eadc31814 052600554d
commit 6662cad9da
4 changed files with 85 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
manifests/image.pp
View File

@@ -132,6 +132,17 @@ class cloud::image(
rbd_store_pool => $rbd_store_pool rbd_store_pool => $rbd_store_pool
} }
Ceph::Key <<| title == $glance_user |>>
if defined(Ceph::Key[$glance_user]) {
file { '/etc/ceph/ceph.client.glance.keyring':
owner => 'glance',
group => 'glance',
mode => '0400',
require => Ceph::Key[$glance_user]
}
}
Concat::Fragment <<| title == 'ceph-client-os' |>>
class { 'glance::cache::cleaner': } class { 'glance::cache::cleaner': }
class { 'glance::cache::pruner': } class { 'glance::cache::pruner': }

55
manifests/storage/rbd/pools.pp
View File

@@ -54,6 +54,61 @@ class cloud::storage::rbd::pools(
require => Exec['create_cinder_volumes_pool']; require => Exec['create_cinder_volumes_pool'];
} }
concat::fragment { 'ceph-clients-os':
target => '/etc/ceph/ceph.conf',
order => '95',
content => template('cloud/storage/ceph/ceph-client.conf.erb')
}
if $::ceph_keyring_glance {
# NOTE(fc): Puppet needs to run a second time to enter this
ceph::key { $glance_user:
secret => $::ceph_keyring_glance,
keyring_path => "/etc/ceph/ceph.client.${glance_user}.keyring"
} ->
file { '/etc/ceph/ceph.client.glance.keyring':
owner => 'glance',
group => 'glance',
mode => '0400'
}
}
if $::ceph_keyring_cinder {
# NOTE(fc): Puppet needs to run a second time to enter this
ceph::key { $cinder_user:
secret => $::ceph_keyring_cinder,
keyring_path => "/etc/ceph/ceph.client.${cinder_user}.keyring"
} ->
file { '/etc/ceph/ceph.client.cinder.keyring':
owner => 'cinder',
group => 'cinder',
mode => '0400'
}
}
$clients = ['glance', 'cinder']
@@concat::fragment { 'ceph-clients-os':
target => '/etc/ceph/ceph.conf',
order => '95',
content => template('cloud/storage/ceph/ceph-client.conf.erb')
}
if $::ceph_keyring_glance {
# NOTE(fc): Puppet needs to run a second time to enter this
@@ceph::key { $glance_user:
secret => $::ceph_keyring_glance,
keyring_path => "/etc/ceph/ceph.client.${glance_user}.keyring"
}
}
if $::ceph_keyring_cinder {
# NOTE(fc): Puppet needs to run a second time to enter this
@@ceph::key { $cinder_user:
secret => $::ceph_keyring_cinder,
keyring_path => "/etc/ceph/ceph.client.${cinder_user}.keyring"
}
}
#exec { "create cinder backup pool": #exec { "create cinder backup pool":
#TODO: point PG num with a cluster variable + keyring #TODO: point PG num with a cluster variable + keyring
# command => "/usr/bin/ceph osd pool create ${::cinder_backup_pool} 128 128", # command => "/usr/bin/ceph osd pool create ${::cinder_backup_pool} 128 128",

11
manifests/volume/storage.pp
View File

@@ -34,4 +34,15 @@ class cloud::volume::storage(
rbd_secret_uuid => $cinder_rbd_secret_uuid rbd_secret_uuid => $cinder_rbd_secret_uuid
} }
Ceph::Key <<| title == $cinder_user |>>
if defined(Ceph::Key[$cinder_user]) {
file { '/etc/ceph/ceph.client.cinder.keyring':
owner => 'cinder',
group => 'cinder',
mode => '0400',
require => Ceph::Key[$cinder_user]
}
}
Concat::Fragment <<| title == 'ceph-client-os' |>>
} }

8
templates/storage/ceph/ceph-client.conf.erb Normal file
View File

@@ -0,0 +1,8 @@
<% if @clients %>
<% @clients.each do |client| %>
[client.<%= @client %>]
keyring = /etc/ceph/ceph.client.<%= @client %>.keyring
<% end %>
<% end %>