diff options
author | Giulio Fidente <gfidente@redhat.com> | 2015-08-13 20:10:29 +0200 |
---|---|---|
committer | Giulio Fidente <gfidente@redhat.com> | 2015-11-05 19:39:09 +0100 |
commit | 9ea7831eaeadced1b5599b6ef1feb01d0cb6dca2 (patch) | |
tree | 0720707f75fdd9b7ec320a52958392585620415a /puppet | |
parent | e19ae9dfe03e2868562ef090c455aa9e8c394d9e (diff) |
Allow customization of Ceph client user
Previously we enforced the Ceph user used by the OpenStack clients
to be named 'openstack', this change allows for customization
of such a name.
Change-Id: Idef3e1ed4e8e21b645081869b8d6fad2329bdc60
Diffstat (limited to 'puppet')
-rw-r--r-- | puppet/ceph-cluster-config.yaml | 16 | ||||
-rw-r--r-- | puppet/extraconfig/ceph/ceph-external-config.yaml | 14 | ||||
-rw-r--r-- | puppet/hieradata/compute.yaml | 2 | ||||
-rw-r--r-- | puppet/manifests/overcloud_compute.pp | 3 | ||||
-rw-r--r-- | puppet/manifests/overcloud_controller.pp | 2 | ||||
-rw-r--r-- | puppet/manifests/overcloud_controller_pacemaker.pp | 2 |
6 files changed, 31 insertions, 8 deletions
diff --git a/puppet/ceph-cluster-config.yaml b/puppet/ceph-cluster-config.yaml index 5e54a621..96198c3f 100644 --- a/puppet/ceph-cluster-config.yaml +++ b/puppet/ceph-cluster-config.yaml @@ -13,7 +13,7 @@ parameters: ceph_client_key: default: '' type: string - description: Ceph key used to create the 'openstack' user keyring. + description: Ceph key used to create the client user keyring. ceph_fsid: default: '' type: string @@ -36,6 +36,9 @@ parameters: GlanceRbdPoolName: default: images type: string + CephClientUserName: + default: openstack + type: string resources: CephClusterConfigImpl: @@ -74,7 +77,7 @@ resources: keyring_path: '/var/lib/ceph/bootstrap-osd/ceph.keyring', cap_mon: 'allow profile bootstrap-osd' }, - client.openstack: { + client.CLIENT_USER: { secret: 'ADMIN_KEY', mode: '0644', cap_mon: 'allow r', @@ -82,6 +85,7 @@ resources: } }" params: + CLIENT_USER: {get_param: CephClientUserName} ADMIN_KEY: {get_param: ceph_admin_key} NOVA_POOL: {get_param: NovaRbdPoolName} CINDER_POOL: {get_param: CinderRbdPoolName} @@ -89,6 +93,14 @@ resources: nova::compute::rbd::libvirt_images_rbd_pool: {get_param: NovaRbdPoolName} cinder_rbd_pool_name: {get_param: CinderRbdPoolName} glance::backend::rbd::rbd_store_pool: {get_param: GlanceRbdPoolName} + nova::compute::rbd::libvirt_rbd_user: {get_param: CephClientUserName} + glance::backend::rbd::rbd_store_user: {get_param: CephClientUserName} + nova::compute::rbd::rbd_keyring: + list_join: + - '.' + - - 'client' + - {get_param: CephClientUserName} + ceph_client_user_name: {get_param: CephClientUserName} ceph_pools: - {get_param: CinderRbdPoolName} - {get_param: NovaRbdPoolName} diff --git a/puppet/extraconfig/ceph/ceph-external-config.yaml b/puppet/extraconfig/ceph/ceph-external-config.yaml index fadc8a00..7cefc24b 100644 --- a/puppet/extraconfig/ceph/ceph-external-config.yaml +++ b/puppet/extraconfig/ceph/ceph-external-config.yaml @@ -38,6 +38,9 @@ parameters: GlanceRbdPoolName: default: images type: string + CephClientUserName: + default: openstack + type: string resources: CephClusterConfigImpl: @@ -56,7 +59,7 @@ resources: ceph::profile::params::client_keys: str_replace: template: "{ - client.openstack: { + client.CLIENT_USER: { secret: 'CLIENT_KEY', mode: '0644', cap_mon: 'allow r', @@ -64,6 +67,7 @@ resources: } }" params: + CLIENT_USER: {get_param: CephClientUserName} CLIENT_KEY: {get_param: ceph_client_key} NOVA_POOL: {get_param: NovaRbdPoolName} CINDER_POOL: {get_param: CinderRbdPoolName} @@ -71,6 +75,14 @@ resources: nova::compute::rbd::libvirt_images_rbd_pool: {get_param: NovaRbdPoolName} cinder_rbd_pool_name: {get_param: CinderRbdPoolName} glance::backend::rbd::rbd_store_pool: {get_param: GlanceRbdPoolName} + nova::compute::rbd::libvirt_rbd_user: {get_param: CephClientUserName} + glance::backend::rbd::rbd_store_pool: {get_param: CephClientUserName} + nova::compute::rbd::rbd_keyring: + list_join: + - '.' + - - 'client' + - {get_param: CephClientUserName} + ceph_client_user_name: {get_param: CephClientUserName} ceph_pools: - {get_param: CinderRbdPoolName} - {get_param: NovaRbdPoolName} diff --git a/puppet/hieradata/compute.yaml b/puppet/hieradata/compute.yaml index 659008a5..173020f8 100644 --- a/puppet/hieradata/compute.yaml +++ b/puppet/hieradata/compute.yaml @@ -10,8 +10,6 @@ nova::compute::vnc_enabled: true nova::compute::libvirt::vncserver_listen: '0.0.0.0' nova::compute::libvirt::migration_support: true -nova::compute::rbd::libvirt_rbd_user: 'openstack' -nova::compute::rbd::rbd_keyring: 'client.openstack' nova::compute::rbd::libvirt_rbd_secret_uuid: "%{hiera('ceph::profile::params::fsid')}" ceilometer::agent::auth::auth_tenant_name: 'service' diff --git a/puppet/manifests/overcloud_compute.pp b/puppet/manifests/overcloud_compute.pp index 2150bab8..cd82554d 100644 --- a/puppet/manifests/overcloud_compute.pp +++ b/puppet/manifests/overcloud_compute.pp @@ -49,8 +49,9 @@ if $rbd_ephemeral_storage or $rbd_persistent_storage { include ::ceph::profile::client $client_keys = hiera('ceph::profile::params::client_keys') + $client_user = join(['client.', hiera('ceph_client_user_name')]) class { '::nova::compute::rbd': - libvirt_rbd_secret_key => $client_keys['client.openstack']['secret'], + libvirt_rbd_secret_key => $client_keys[$client_user]['secret'], } } diff --git a/puppet/manifests/overcloud_controller.pp b/puppet/manifests/overcloud_controller.pp index f5b69f78..523e4897 100644 --- a/puppet/manifests/overcloud_controller.pp +++ b/puppet/manifests/overcloud_controller.pp @@ -327,7 +327,7 @@ if hiera('step') >= 3 { cinder::backend::rbd { $cinder_rbd_backend : rbd_pool => hiera('cinder_rbd_pool_name'), - rbd_user => 'openstack', + rbd_user => hiera('ceph_client_user_name'), rbd_secret_uuid => hiera('ceph::profile::params::fsid'), require => $cinder_pool_requires, } diff --git a/puppet/manifests/overcloud_controller_pacemaker.pp b/puppet/manifests/overcloud_controller_pacemaker.pp index 153b25ee..5641fba7 100644 --- a/puppet/manifests/overcloud_controller_pacemaker.pp +++ b/puppet/manifests/overcloud_controller_pacemaker.pp @@ -703,7 +703,7 @@ if hiera('step') >= 3 { cinder::backend::rbd { $cinder_rbd_backend : rbd_pool => hiera('cinder_rbd_pool_name'), - rbd_user => 'openstack', + rbd_user => hiera('ceph_client_user_name'), rbd_secret_uuid => hiera('ceph::profile::params::fsid'), require => $cinder_pool_requires, } |