summaryrefslogtreecommitdiffstats
path: root/puppet
diff options
context:
space:
mode:
authorGiulio Fidente <gfidente@redhat.com>2015-08-13 20:10:29 +0200
committerGiulio Fidente <gfidente@redhat.com>2015-11-05 19:39:09 +0100
commit9ea7831eaeadced1b5599b6ef1feb01d0cb6dca2 (patch)
tree0720707f75fdd9b7ec320a52958392585620415a /puppet
parente19ae9dfe03e2868562ef090c455aa9e8c394d9e (diff)
Allow customization of Ceph client user
Previously we enforced the Ceph user used by the OpenStack clients to be named 'openstack', this change allows for customization of such a name. Change-Id: Idef3e1ed4e8e21b645081869b8d6fad2329bdc60
Diffstat (limited to 'puppet')
-rw-r--r--puppet/ceph-cluster-config.yaml16
-rw-r--r--puppet/extraconfig/ceph/ceph-external-config.yaml14
-rw-r--r--puppet/hieradata/compute.yaml2
-rw-r--r--puppet/manifests/overcloud_compute.pp3
-rw-r--r--puppet/manifests/overcloud_controller.pp2
-rw-r--r--puppet/manifests/overcloud_controller_pacemaker.pp2
6 files changed, 31 insertions, 8 deletions
diff --git a/puppet/ceph-cluster-config.yaml b/puppet/ceph-cluster-config.yaml
index 5e54a621..96198c3f 100644
--- a/puppet/ceph-cluster-config.yaml
+++ b/puppet/ceph-cluster-config.yaml
@@ -13,7 +13,7 @@ parameters:
ceph_client_key:
default: ''
type: string
- description: Ceph key used to create the 'openstack' user keyring.
+ description: Ceph key used to create the client user keyring.
ceph_fsid:
default: ''
type: string
@@ -36,6 +36,9 @@ parameters:
GlanceRbdPoolName:
default: images
type: string
+ CephClientUserName:
+ default: openstack
+ type: string
resources:
CephClusterConfigImpl:
@@ -74,7 +77,7 @@ resources:
keyring_path: '/var/lib/ceph/bootstrap-osd/ceph.keyring',
cap_mon: 'allow profile bootstrap-osd'
},
- client.openstack: {
+ client.CLIENT_USER: {
secret: 'ADMIN_KEY',
mode: '0644',
cap_mon: 'allow r',
@@ -82,6 +85,7 @@ resources:
}
}"
params:
+ CLIENT_USER: {get_param: CephClientUserName}
ADMIN_KEY: {get_param: ceph_admin_key}
NOVA_POOL: {get_param: NovaRbdPoolName}
CINDER_POOL: {get_param: CinderRbdPoolName}
@@ -89,6 +93,14 @@ resources:
nova::compute::rbd::libvirt_images_rbd_pool: {get_param: NovaRbdPoolName}
cinder_rbd_pool_name: {get_param: CinderRbdPoolName}
glance::backend::rbd::rbd_store_pool: {get_param: GlanceRbdPoolName}
+ nova::compute::rbd::libvirt_rbd_user: {get_param: CephClientUserName}
+ glance::backend::rbd::rbd_store_user: {get_param: CephClientUserName}
+ nova::compute::rbd::rbd_keyring:
+ list_join:
+ - '.'
+ - - 'client'
+ - {get_param: CephClientUserName}
+ ceph_client_user_name: {get_param: CephClientUserName}
ceph_pools:
- {get_param: CinderRbdPoolName}
- {get_param: NovaRbdPoolName}
diff --git a/puppet/extraconfig/ceph/ceph-external-config.yaml b/puppet/extraconfig/ceph/ceph-external-config.yaml
index fadc8a00..7cefc24b 100644
--- a/puppet/extraconfig/ceph/ceph-external-config.yaml
+++ b/puppet/extraconfig/ceph/ceph-external-config.yaml
@@ -38,6 +38,9 @@ parameters:
GlanceRbdPoolName:
default: images
type: string
+ CephClientUserName:
+ default: openstack
+ type: string
resources:
CephClusterConfigImpl:
@@ -56,7 +59,7 @@ resources:
ceph::profile::params::client_keys:
str_replace:
template: "{
- client.openstack: {
+ client.CLIENT_USER: {
secret: 'CLIENT_KEY',
mode: '0644',
cap_mon: 'allow r',
@@ -64,6 +67,7 @@ resources:
}
}"
params:
+ CLIENT_USER: {get_param: CephClientUserName}
CLIENT_KEY: {get_param: ceph_client_key}
NOVA_POOL: {get_param: NovaRbdPoolName}
CINDER_POOL: {get_param: CinderRbdPoolName}
@@ -71,6 +75,14 @@ resources:
nova::compute::rbd::libvirt_images_rbd_pool: {get_param: NovaRbdPoolName}
cinder_rbd_pool_name: {get_param: CinderRbdPoolName}
glance::backend::rbd::rbd_store_pool: {get_param: GlanceRbdPoolName}
+ nova::compute::rbd::libvirt_rbd_user: {get_param: CephClientUserName}
+ glance::backend::rbd::rbd_store_pool: {get_param: CephClientUserName}
+ nova::compute::rbd::rbd_keyring:
+ list_join:
+ - '.'
+ - - 'client'
+ - {get_param: CephClientUserName}
+ ceph_client_user_name: {get_param: CephClientUserName}
ceph_pools:
- {get_param: CinderRbdPoolName}
- {get_param: NovaRbdPoolName}
diff --git a/puppet/hieradata/compute.yaml b/puppet/hieradata/compute.yaml
index 659008a5..173020f8 100644
--- a/puppet/hieradata/compute.yaml
+++ b/puppet/hieradata/compute.yaml
@@ -10,8 +10,6 @@ nova::compute::vnc_enabled: true
nova::compute::libvirt::vncserver_listen: '0.0.0.0'
nova::compute::libvirt::migration_support: true
-nova::compute::rbd::libvirt_rbd_user: 'openstack'
-nova::compute::rbd::rbd_keyring: 'client.openstack'
nova::compute::rbd::libvirt_rbd_secret_uuid: "%{hiera('ceph::profile::params::fsid')}"
ceilometer::agent::auth::auth_tenant_name: 'service'
diff --git a/puppet/manifests/overcloud_compute.pp b/puppet/manifests/overcloud_compute.pp
index 2150bab8..cd82554d 100644
--- a/puppet/manifests/overcloud_compute.pp
+++ b/puppet/manifests/overcloud_compute.pp
@@ -49,8 +49,9 @@ if $rbd_ephemeral_storage or $rbd_persistent_storage {
include ::ceph::profile::client
$client_keys = hiera('ceph::profile::params::client_keys')
+ $client_user = join(['client.', hiera('ceph_client_user_name')])
class { '::nova::compute::rbd':
- libvirt_rbd_secret_key => $client_keys['client.openstack']['secret'],
+ libvirt_rbd_secret_key => $client_keys[$client_user]['secret'],
}
}
diff --git a/puppet/manifests/overcloud_controller.pp b/puppet/manifests/overcloud_controller.pp
index f5b69f78..523e4897 100644
--- a/puppet/manifests/overcloud_controller.pp
+++ b/puppet/manifests/overcloud_controller.pp
@@ -327,7 +327,7 @@ if hiera('step') >= 3 {
cinder::backend::rbd { $cinder_rbd_backend :
rbd_pool => hiera('cinder_rbd_pool_name'),
- rbd_user => 'openstack',
+ rbd_user => hiera('ceph_client_user_name'),
rbd_secret_uuid => hiera('ceph::profile::params::fsid'),
require => $cinder_pool_requires,
}
diff --git a/puppet/manifests/overcloud_controller_pacemaker.pp b/puppet/manifests/overcloud_controller_pacemaker.pp
index 153b25ee..5641fba7 100644
--- a/puppet/manifests/overcloud_controller_pacemaker.pp
+++ b/puppet/manifests/overcloud_controller_pacemaker.pp
@@ -703,7 +703,7 @@ if hiera('step') >= 3 {
cinder::backend::rbd { $cinder_rbd_backend :
rbd_pool => hiera('cinder_rbd_pool_name'),
- rbd_user => 'openstack',
+ rbd_user => hiera('ceph_client_user_name'),
rbd_secret_uuid => hiera('ceph::profile::params::fsid'),
require => $cinder_pool_requires,
}