diff --git a/manifests/compute/hypervisor.pp b/manifests/compute/hypervisor.pp index 1253855e..65840dec 100644 --- a/manifests/compute/hypervisor.pp +++ b/manifests/compute/hypervisor.pp @@ -180,9 +180,6 @@ Host * Exec <<| tag == 'get_or_set_virsh_secret' |>> Exec <<| tag == 'set_secret_value_virsh' |>> - # Configure Ceph keyring - Ceph::Key <<| title == $cinder_rbd_user |>> - # If Cinder & Nova reside on the same node, we need a group # where nova & cinder users have read permissions. ensure_resource('group', 'cephkeyring', { @@ -195,6 +192,8 @@ Host * 'unless' => 'groups nova | grep cephkeyring' }) + # Configure Ceph keyring + Ceph::Key <<| title == $cinder_rbd_user |>> -> ensure_resource('file', "/etc/ceph/ceph.client.${cinder_rbd_user}.keyring", { owner => 'root', group => 'cephkeyring', diff --git a/manifests/image/api.pp b/manifests/image/api.pp index 22e45f22..4ea20c3c 100644 --- a/manifests/image/api.pp +++ b/manifests/image/api.pp @@ -157,7 +157,7 @@ class cloud::image::api( rbd_store_pool => $glance_rbd_pool } - Ceph::Key <<| title == $glance_rbd_user |>> + Ceph::Key <<| title == $glance_rbd_user |>> -> file { '/etc/ceph/ceph.client.glance.keyring': owner => 'glance', group => 'glance', diff --git a/manifests/volume/backend/rbd.pp b/manifests/volume/backend/rbd.pp index 6a5c6a71..db2416f7 100644 --- a/manifests/volume/backend/rbd.pp +++ b/manifests/volume/backend/rbd.pp @@ -71,9 +71,6 @@ define cloud::volume::backend::rbd ( volume_tmp_dir => '/tmp' } - # Configure Ceph keyring - Ceph::Key <<| title == $rbd_user |>> - # If Cinder & Nova reside on the same node, we need a group # where nova & cinder users have read permissions. ensure_resource('group', 'cephkeyring', { @@ -86,6 +83,8 @@ define cloud::volume::backend::rbd ( 'unless' => 'groups cinder | grep cephkeyring' }) + # Configure Ceph keyring + Ceph::Key <<| title == $rbd_user |>> -> ensure_resource('file', "/etc/ceph/ceph.client.${rbd_user}.keyring", { owner => 'root', group => 'cephkeyring',