diff options
author | Jenkins <jenkins@review.openstack.org> | 2017-01-18 10:20:40 +0000 |
---|---|---|
committer | Gerrit Code Review <review@openstack.org> | 2017-01-18 10:20:40 +0000 |
commit | 7c4e17059bf44c01a7b7023fdd93ed9d17c730ac (patch) | |
tree | 40d0e3011ed6e63f62b8d80de4a43a2c620aa136 | |
parent | 430e1b89ba95bcc7cdff2964025da2205f05606d (diff) | |
parent | 2dcc387fa67c6ee705c1bf5a9f79afe5cd818d4a (diff) |
Merge "Set ceph key when using manila ceph backend"
-rw-r--r-- | manifests/profile/pacemaker/manila.pp | 37 |
1 files changed, 36 insertions, 1 deletions
diff --git a/manifests/profile/pacemaker/manila.pp b/manifests/profile/pacemaker/manila.pp index 4d79782..0bf78af 100644 --- a/manifests/profile/pacemaker/manila.pp +++ b/manifests/profile/pacemaker/manila.pp @@ -30,6 +30,12 @@ # (Optional) Whether or not the cephfs backend is enabled # Defaults to hiera('manila_backend_cephfs_enabled', false) # +# [*ceph_mds_enabled*] +# (Optional) Whether or not the ceph mds is enabled. This option is used +# to distinguish if an external ceph is used or if ceph is deployed by +# tripleo. By default ceph mds is not deployed by tripleo. +# Defaults to hiera('ceph_mds_enabled', false) +# # [*bootstrap_node*] # (Optional) The hostname of the node responsible for bootstrapping tasks # Defaults to hiera('bootstrap_nodeid') @@ -43,6 +49,7 @@ class tripleo::profile::pacemaker::manila ( $backend_generic_enabled = hiera('manila_backend_generic_enabled', false), $backend_netapp_enabled = hiera('manila_backend_netapp_enabled', false), $backend_cephfs_enabled = hiera('manila_backend_cephfs_enabled', false), + $ceph_mds_enabled = hiera('ceph_mds_enabled', false), $bootstrap_node = hiera('bootstrap_nodeid'), $step = hiera('step'), ) { @@ -95,14 +102,42 @@ class tripleo::profile::pacemaker::manila ( # manila cephfsnative: if $backend_cephfs_enabled { $manila_cephfsnative_backend = hiera('manila::backend::cephfsnative::title') + $cephfs_auth_id = hiera('manila::backend::cephfsnative::cephfs_auth_id') + $keyring_path = "/etc/ceph/ceph.client.${cephfs_auth_id}.keyring" + + # $ceph_mds_enabled is used to distinguish if an external ceph is used or + # if ceph is deployed by TripleO + if $ceph_mds_enabled { + include ::ceph::profile::fs + } + manila::backend::cephfsnative { $manila_cephfsnative_backend : driver_handles_share_servers => hiera('manila::backend::cephfsnative::driver_handles_share_servers', false), share_backend_name => hiera('manila::backend::cephfsnative::share_backend_name'), cephfs_conf_path => hiera('manila::backend::cephfsnative::cephfs_conf_path'), - cephfs_auth_id => hiera('manila::backend::cephfsnative::cephfs_auth_id'), + cephfs_auth_id => $cephfs_auth_id, cephfs_cluster_name => hiera('manila::backend::cephfsnative::cephfs_cluster_name'), cephfs_enable_snapshots => hiera('manila::backend::cephfsnative::cephfs_enable_snapshots'), } + + ceph::key { "client.${cephfs_auth_id}" : + secret => hiera('manila::backend::cephfsnative::ceph_client_key'), + keyring_path => $keyring_path, + # inject the new key into ceph cluster only if ceph is deployed by + # tripleo (if external ceph is used it should be added manually) + inject => $ceph_mds_enabled, + user => 'manila', + cap_mds => 'allow *', + cap_mon => 'allow r, allow command \"auth del\", allow command \"auth caps\", \ +allow command \"auth get\", allow command \"auth get-or-create\"', + cap_osd => 'allow rw' + } + + ceph_config { + "client.${cephfs_auth_id}/keyring": value => $keyring_path; + "client.${cephfs_auth_id}/client mount uid": value => 0; + "client.${cephfs_auth_id}/client mount gid": value => 0; + } } # manila netapp: |