aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--environments/puppet-ceph-external.yaml4
-rw-r--r--os-apply-config/ceph-cluster-config.yaml5
-rw-r--r--puppet/ceph-cluster-config.yaml16
-rw-r--r--puppet/extraconfig/ceph/ceph-external-config.yaml14
-rw-r--r--puppet/hieradata/compute.yaml2
-rw-r--r--puppet/manifests/overcloud_compute.pp3
-rw-r--r--puppet/manifests/overcloud_controller.pp2
-rw-r--r--puppet/manifests/overcloud_controller_pacemaker.pp2
8 files changed, 38 insertions, 10 deletions
diff --git a/environments/puppet-ceph-external.yaml b/environments/puppet-ceph-external.yaml
index f22967f4..7f5b5080 100644
--- a/environments/puppet-ceph-external.yaml
+++ b/environments/puppet-ceph-external.yaml
@@ -14,10 +14,12 @@ parameter_defaults:
CinderEnableRbdBackend: true
GlanceBackend: rbd
# If the Ceph pools which host VMs, Volumes and Images do not match these
- # names, edit the following as needed.
+ # names OR the client keyring to use is not named 'openstack', edit the
+ # following as needed.
NovaRbdPoolName: vms
CinderRbdPoolName: volumes
GlanceRbdPoolName: images
+ CephClientUserName: openstack
# finally we disable the Cinder LVM backend
CinderEnableIscsiBackend: false
diff --git a/os-apply-config/ceph-cluster-config.yaml b/os-apply-config/ceph-cluster-config.yaml
index 4e435ffb..115de085 100644
--- a/os-apply-config/ceph-cluster-config.yaml
+++ b/os-apply-config/ceph-cluster-config.yaml
@@ -13,7 +13,7 @@ parameters:
ceph_client_key:
default: ''
type: string
- description: Ceph key used to create the 'openstack' user keyring.
+ description: Ceph key used to create the client user keyring.
ceph_fsid:
default: ''
type: string
@@ -36,6 +36,9 @@ parameters:
GlanceRbdPoolName:
default: images
type: string
+ CephClientUserName:
+ default: openstack
+ type: string
resources:
CephClusterConfigImpl:
diff --git a/puppet/ceph-cluster-config.yaml b/puppet/ceph-cluster-config.yaml
index 5e54a621..96198c3f 100644
--- a/puppet/ceph-cluster-config.yaml
+++ b/puppet/ceph-cluster-config.yaml
@@ -13,7 +13,7 @@ parameters:
ceph_client_key:
default: ''
type: string
- description: Ceph key used to create the 'openstack' user keyring.
+ description: Ceph key used to create the client user keyring.
ceph_fsid:
default: ''
type: string
@@ -36,6 +36,9 @@ parameters:
GlanceRbdPoolName:
default: images
type: string
+ CephClientUserName:
+ default: openstack
+ type: string
resources:
CephClusterConfigImpl:
@@ -74,7 +77,7 @@ resources:
keyring_path: '/var/lib/ceph/bootstrap-osd/ceph.keyring',
cap_mon: 'allow profile bootstrap-osd'
},
- client.openstack: {
+ client.CLIENT_USER: {
secret: 'ADMIN_KEY',
mode: '0644',
cap_mon: 'allow r',
@@ -82,6 +85,7 @@ resources:
}
}"
params:
+ CLIENT_USER: {get_param: CephClientUserName}
ADMIN_KEY: {get_param: ceph_admin_key}
NOVA_POOL: {get_param: NovaRbdPoolName}
CINDER_POOL: {get_param: CinderRbdPoolName}
@@ -89,6 +93,14 @@ resources:
nova::compute::rbd::libvirt_images_rbd_pool: {get_param: NovaRbdPoolName}
cinder_rbd_pool_name: {get_param: CinderRbdPoolName}
glance::backend::rbd::rbd_store_pool: {get_param: GlanceRbdPoolName}
+ nova::compute::rbd::libvirt_rbd_user: {get_param: CephClientUserName}
+ glance::backend::rbd::rbd_store_user: {get_param: CephClientUserName}
+ nova::compute::rbd::rbd_keyring:
+ list_join:
+ - '.'
+ - - 'client'
+ - {get_param: CephClientUserName}
+ ceph_client_user_name: {get_param: CephClientUserName}
ceph_pools:
- {get_param: CinderRbdPoolName}
- {get_param: NovaRbdPoolName}
diff --git a/puppet/extraconfig/ceph/ceph-external-config.yaml b/puppet/extraconfig/ceph/ceph-external-config.yaml
index fadc8a00..7cefc24b 100644
--- a/puppet/extraconfig/ceph/ceph-external-config.yaml
+++ b/puppet/extraconfig/ceph/ceph-external-config.yaml
@@ -38,6 +38,9 @@ parameters:
GlanceRbdPoolName:
default: images
type: string
+ CephClientUserName:
+ default: openstack
+ type: string
resources:
CephClusterConfigImpl:
@@ -56,7 +59,7 @@ resources:
ceph::profile::params::client_keys:
str_replace:
template: "{
- client.openstack: {
+ client.CLIENT_USER: {
secret: 'CLIENT_KEY',
mode: '0644',
cap_mon: 'allow r',
@@ -64,6 +67,7 @@ resources:
}
}"
params:
+ CLIENT_USER: {get_param: CephClientUserName}
CLIENT_KEY: {get_param: ceph_client_key}
NOVA_POOL: {get_param: NovaRbdPoolName}
CINDER_POOL: {get_param: CinderRbdPoolName}
@@ -71,6 +75,14 @@ resources:
nova::compute::rbd::libvirt_images_rbd_pool: {get_param: NovaRbdPoolName}
cinder_rbd_pool_name: {get_param: CinderRbdPoolName}
glance::backend::rbd::rbd_store_pool: {get_param: GlanceRbdPoolName}
+ nova::compute::rbd::libvirt_rbd_user: {get_param: CephClientUserName}
+ glance::backend::rbd::rbd_store_pool: {get_param: CephClientUserName}
+ nova::compute::rbd::rbd_keyring:
+ list_join:
+ - '.'
+ - - 'client'
+ - {get_param: CephClientUserName}
+ ceph_client_user_name: {get_param: CephClientUserName}
ceph_pools:
- {get_param: CinderRbdPoolName}
- {get_param: NovaRbdPoolName}
diff --git a/puppet/hieradata/compute.yaml b/puppet/hieradata/compute.yaml
index 659008a5..173020f8 100644
--- a/puppet/hieradata/compute.yaml
+++ b/puppet/hieradata/compute.yaml
@@ -10,8 +10,6 @@ nova::compute::vnc_enabled: true
nova::compute::libvirt::vncserver_listen: '0.0.0.0'
nova::compute::libvirt::migration_support: true
-nova::compute::rbd::libvirt_rbd_user: 'openstack'
-nova::compute::rbd::rbd_keyring: 'client.openstack'
nova::compute::rbd::libvirt_rbd_secret_uuid: "%{hiera('ceph::profile::params::fsid')}"
ceilometer::agent::auth::auth_tenant_name: 'service'
diff --git a/puppet/manifests/overcloud_compute.pp b/puppet/manifests/overcloud_compute.pp
index 2150bab8..cd82554d 100644
--- a/puppet/manifests/overcloud_compute.pp
+++ b/puppet/manifests/overcloud_compute.pp
@@ -49,8 +49,9 @@ if $rbd_ephemeral_storage or $rbd_persistent_storage {
include ::ceph::profile::client
$client_keys = hiera('ceph::profile::params::client_keys')
+ $client_user = join(['client.', hiera('ceph_client_user_name')])
class { '::nova::compute::rbd':
- libvirt_rbd_secret_key => $client_keys['client.openstack']['secret'],
+ libvirt_rbd_secret_key => $client_keys[$client_user]['secret'],
}
}
diff --git a/puppet/manifests/overcloud_controller.pp b/puppet/manifests/overcloud_controller.pp
index f5b69f78..523e4897 100644
--- a/puppet/manifests/overcloud_controller.pp
+++ b/puppet/manifests/overcloud_controller.pp
@@ -327,7 +327,7 @@ if hiera('step') >= 3 {
cinder::backend::rbd { $cinder_rbd_backend :
rbd_pool => hiera('cinder_rbd_pool_name'),
- rbd_user => 'openstack',
+ rbd_user => hiera('ceph_client_user_name'),
rbd_secret_uuid => hiera('ceph::profile::params::fsid'),
require => $cinder_pool_requires,
}
diff --git a/puppet/manifests/overcloud_controller_pacemaker.pp b/puppet/manifests/overcloud_controller_pacemaker.pp
index 153b25ee..5641fba7 100644
--- a/puppet/manifests/overcloud_controller_pacemaker.pp
+++ b/puppet/manifests/overcloud_controller_pacemaker.pp
@@ -703,7 +703,7 @@ if hiera('step') >= 3 {
cinder::backend::rbd { $cinder_rbd_backend :
rbd_pool => hiera('cinder_rbd_pool_name'),
- rbd_user => 'openstack',
+ rbd_user => hiera('ceph_client_user_name'),
rbd_secret_uuid => hiera('ceph::profile::params::fsid'),
require => $cinder_pool_requires,
}