stackforge/puppet-openstack-cloud
Code Issues Proposed changes

Fix ceph keyring permissions

Browse Source 
When ceph osd are not on same nodes than cinder a keyring permissions
problem appear. With this ordering the problem doesn't appear anymore
and all node get the right permissions for the ceph keyring file.

Change-Id: Ib8c5394f56f06192911669d84c172e74d388fafa
(cherry picked from commit a29ff73153)
This commit is contained in:
Cedric Lecomte
2015-04-23 08:36:57 -04:00
committed by Cédric LECOMTE
parent 5f6fa04b1d
commit e8c90ddcb5
4 changed files with 26 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
manifests/compute/hypervisor.pp
View File

@@ -359,7 +359,6 @@ Host *
# Configure Ceph keyring # Configure Ceph keyring
Ceph::Key <<| title == $cinder_rbd_user |>> Ceph::Key <<| title == $cinder_rbd_user |>>
if defined(Ceph::Key[$cinder_rbd_user]) {
ensure_resource( ensure_resource(
'file', 'file',
"/etc/ceph/ceph.client.${cinder_rbd_user}.keyring", { "/etc/ceph/ceph.client.${cinder_rbd_user}.keyring", {
@@ -370,7 +369,6 @@ Host *
notify => Service['nova-compute'], notify => Service['nova-compute'],
} }
) )
}
Concat::Fragment <<| title == 'ceph-client-os' |>> Concat::Fragment <<| title == 'ceph-client-os' |>>
} else { } else {

2
manifests/volume/backend/rbd.pp
View File

@@ -84,14 +84,12 @@ define cloud::volume::backend::rbd (
# Configure Ceph keyring # Configure Ceph keyring
Ceph::Key <<| title == $rbd_user |>> Ceph::Key <<| title == $rbd_user |>>
if defined(Ceph::Key[$rbd_user]) {
ensure_resource('file', "/etc/ceph/ceph.client.${rbd_user}.keyring", { ensure_resource('file', "/etc/ceph/ceph.client.${rbd_user}.keyring", {
owner => 'root', owner => 'root',
group => 'cephkeyring', group => 'cephkeyring',
mode => '0440', mode => '0440',
require => Ceph::Key[$rbd_user], require => Ceph::Key[$rbd_user],
}) })
}
Concat::Fragment <<| title == 'ceph-client-os' |>> Concat::Fragment <<| title == 'ceph-client-os' |>>

5
spec/classes/cloud_compute_hypervisor_spec.rb
View File

@@ -383,6 +383,11 @@ describe 'cloud::compute::hypervisor' do
:command => 'usermod -a -G cephkeyring nova', :command => 'usermod -a -G cephkeyring nova',
:unless => 'groups nova | grep cephkeyring' :unless => 'groups nova | grep cephkeyring'
) )
is_expected.to contain_file('/etc/ceph/ceph.client.cinder.keyring').with({
'owner' => 'root',
'group' => 'cephkeyring',
'mode' => '0440',
})
end end
it 'configure libvirt driver' do it 'configure libvirt driver' do

5
spec/classes/cloud_volume_storage_spec.rb
View File

@@ -154,6 +154,11 @@ describe 'cloud::volume::storage' do
:path => ['/usr/sbin', '/usr/bin', '/bin', '/sbin'], :path => ['/usr/sbin', '/usr/bin', '/bin', '/sbin'],
:unless => 'groups cinder | grep cephkeyring' :unless => 'groups cinder | grep cephkeyring'
) )
is_expected.to contain_file('/etc/ceph/ceph.client.cinder.keyring').with({
'owner' => 'root',
'group' => 'cephkeyring',
'mode' => '0440',
})
end end
end end