rbd: export keyring
Close bug #309 Signed-off-by: Emilien Macchi <emilien.macchi@enovance.com>
This commit is contained in:
Emilien Macchi
@@ -115,6 +115,9 @@ Host *
|
|||||||
class { 'nova::compute::neutron': }
|
class { 'nova::compute::neutron': }
|
||||||
|
|
||||||
if $has_ceph {
|
if $has_ceph {
|
||||||
|
|
||||||
|
include 'cloud::storage::rbd'
|
||||||
|
|
||||||
# TODO(EmilienM) Temporary, while https://review.openstack.org/#/c/72440 got merged
|
# TODO(EmilienM) Temporary, while https://review.openstack.org/#/c/72440 got merged
|
||||||
nova_config {
|
nova_config {
|
||||||
'DEFAULT/libvirt_images_type': value => 'rbd';
|
'DEFAULT/libvirt_images_type': value => 'rbd';
|
||||||
|
|||||||
@@ -59,10 +59,11 @@ class cloud::storage::rbd::pools(
|
|||||||
|
|
||||||
if $::ceph_keyring_glance {
|
if $::ceph_keyring_glance {
|
||||||
# NOTE(fc): Puppet needs to run a second time to enter this
|
# NOTE(fc): Puppet needs to run a second time to enter this
|
||||||
ceph::key { $glance_rbd_user:
|
@@ceph::key { $glance_rbd_user:
|
||||||
secret => $::ceph_keyring_glance,
|
secret => $::ceph_keyring_glance,
|
||||||
keyring_path => "/etc/ceph/ceph.client.${glance_rbd_user}.keyring"
|
keyring_path => "/etc/ceph/ceph.client.${glance_rbd_user}.keyring"
|
||||||
} ->
|
}
|
||||||
|
Ceph::Key <<| title == $cinder_rbd_user |>> ->
|
||||||
file { "/etc/ceph/ceph.client.${glance_rbd_user}.keyring":
|
file { "/etc/ceph/ceph.client.${glance_rbd_user}.keyring":
|
||||||
owner => 'glance',
|
owner => 'glance',
|
||||||
group => 'glance',
|
group => 'glance',
|
||||||
@@ -72,10 +73,11 @@ class cloud::storage::rbd::pools(
|
|||||||
|
|
||||||
if $::ceph_keyring_cinder {
|
if $::ceph_keyring_cinder {
|
||||||
# NOTE(fc): Puppet needs to run a second time to enter this
|
# NOTE(fc): Puppet needs to run a second time to enter this
|
||||||
ceph::key { $cinder_rbd_user:
|
@@ceph::key { $cinder_rbd_user:
|
||||||
secret => $::ceph_keyring_cinder,
|
secret => $::ceph_keyring_cinder,
|
||||||
keyring_path => "/etc/ceph/ceph.client.${cinder_rbd_user}.keyring"
|
keyring_path => "/etc/ceph/ceph.client.${cinder_rbd_user}.keyring"
|
||||||
} ->
|
}
|
||||||
|
Ceph::Key <<| title == $cinder_rbd_user |>> ->
|
||||||
file { "/etc/ceph/ceph.client.${cinder_rbd_user}.keyring":
|
file { "/etc/ceph/ceph.client.${cinder_rbd_user}.keyring":
|
||||||
owner => 'cinder',
|
owner => 'cinder',
|
||||||
group => 'cinder',
|
group => 'cinder',
|
||||||
@@ -90,15 +92,6 @@ class cloud::storage::rbd::pools(
|
|||||||
content => template('cloud/storage/ceph/ceph-client.conf.erb')
|
content => template('cloud/storage/ceph/ceph-client.conf.erb')
|
||||||
}
|
}
|
||||||
|
|
||||||
#exec { "create cinder backup pool":
|
|
||||||
#TODO: point PG num with a cluster variable + keyring
|
|
||||||
# command => "/usr/bin/ceph osd pool create ${::cinder_backup_pool} 128 128",
|
|
||||||
# command => "ceph auth get-or-create client.${::cinder_backup_user} mon 'allow r' osd 'allow class-read object_prefix rbd_children, allow rwx pool=${::cinder_backup_pool}'",
|
|
||||||
# unless => "/usr/bin/rados lspools | grep -sq ${::cinder_backup_pool}",
|
|
||||||
# unless => "ceph auth list | egrep '^${::cinder_backup_pool}$'",
|
|
||||||
# require => Ceph::Key['admin'],
|
|
||||||
#}
|
|
||||||
|
|
||||||
@@file { '/etc/ceph/secret.xml':
|
@@file { '/etc/ceph/secret.xml':
|
||||||
content => template('cloud/storage/ceph/secret-compute.xml.erb'),
|
content => template('cloud/storage/ceph/secret-compute.xml.erb'),
|
||||||
tag => 'ceph_compute_secret_file',
|
tag => 'ceph_compute_secret_file',
|
||||||
|
|||||||
Reference in New Issue
Block a user