diff options
author | Keith Schincke <keith.schincke@gmail.com> | 2016-12-01 13:37:12 -0500 |
---|---|---|
committer | Giulio Fidente <gfidente@redhat.com> | 2017-01-09 18:31:33 +0100 |
commit | bbf13fe1d5dd242ce370afbdb7bb13db77d53d7f (patch) | |
tree | 40a737c43b78d9c24bd7ee66346945bdf54d7f08 /manifests/profile/base | |
parent | 17fbadba7df13df3df5c263e27fd55d561a6b576 (diff) |
Add support for not using admin_token in Ceph/RGW
This patch add the option for using Keyston V3 authention with
the Ceph/RGW service instead of using the admin_token
Change-Id: I42861afcac221478dcb68be13b6dbc2533a7f158
Diffstat (limited to 'manifests/profile/base')
-rw-r--r-- | manifests/profile/base/ceph/rgw.pp | 37 |
1 files changed, 28 insertions, 9 deletions
diff --git a/manifests/profile/base/ceph/rgw.pp b/manifests/profile/base/ceph/rgw.pp index 2ecca52..8443de0 100644 --- a/manifests/profile/base/ceph/rgw.pp +++ b/manifests/profile/base/ceph/rgw.pp @@ -29,6 +29,10 @@ # [*keystone_admin_token*] # The keystone admin token # +# [*rgw_keystone_version*] The api version for keystone. +# Possible values 'v2.0', 'v3' +# Optional. Default is 'v2.0' +# # [*keystone_url*] # The internal or admin url for keystone # @@ -44,9 +48,10 @@ class tripleo::profile::base::ceph::rgw ( $keystone_admin_token, $keystone_url, $rgw_key, - $civetweb_bind_ip = '127.0.0.1', - $civetweb_bind_port = '8080', - $step = hiera('step'), + $civetweb_bind_ip = '127.0.0.1', + $civetweb_bind_port = '8080', + $rgw_keystone_version = 'v2.0', + $step = hiera('step'), ) { include ::tripleo::profile::base::ceph @@ -58,7 +63,8 @@ class tripleo::profile::base::ceph::rgw ( include ::ceph::profile::base ceph::rgw { $rgw_name: frontend_type => 'civetweb', - rgw_frontends => "civetweb port=${civetweb_bind_ip_real}:${civetweb_bind_port}" + rgw_frontends => "civetweb port=${civetweb_bind_ip_real}:${civetweb_bind_port}", + user => 'ceph', } ceph::key { "client.${rgw_name}": secret => $rgw_key, @@ -69,11 +75,24 @@ class tripleo::profile::base::ceph::rgw ( } if $step >= 4 { - ceph::rgw::keystone { $rgw_name: - rgw_keystone_accepted_roles => ['admin', '_member_', 'Member'], - use_pki => false, - rgw_keystone_admin_token => $keystone_admin_token, - rgw_keystone_url => $keystone_url, + if $rgw_keystone_version == 'v2.0' { + ceph::rgw::keystone { $rgw_name: + rgw_keystone_accepted_roles => ['admin', '_member_', 'Member'], + use_pki => false, + rgw_keystone_admin_token => $keystone_admin_token, + rgw_keystone_url => $keystone_url, + user => 'ceph', + } + } + else + { + ceph::rgw::keystone { $rgw_name: + rgw_keystone_accepted_roles => ['admin', '_member_', 'Member'], + use_pki => false, + rgw_keystone_url => $keystone_url, + rgw_keystone_version => $rgw_keystone_version, + user => 'ceph', + } } } } |