heat_template_version: 2015-04-30 description: 'Ceph Cluster config data for Puppet' parameters: ceph_storage_count: default: 0 type: number description: Number of Ceph storage nodes. Used to enable/disable managed Ceph installation. ceph_external_mon_ips: default: '' type: string description: List of external Ceph Mon host IPs. ceph_client_key: default: '' type: string description: Ceph key used to create the client user keyring. ceph_fsid: default: '' type: string ceph_admin_key: default: '' type: string ceph_mon_key: default: '' type: string ceph_mon_names: type: comma_delimited_list ceph_mon_ips: type: comma_delimited_list NovaRbdPoolName: default: vms type: string CinderRbdPoolName: default: volumes type: string GlanceRbdPoolName: default: images type: string CephClientUserName: default: openstack type: string resources: CephClusterConfigImpl: type: OS::Heat::StructuredConfig properties: group: os-apply-config config: hiera: datafiles: ceph_cluster: mapped_data: ceph_storage_count: {get_param: ceph_storage_count} ceph_mon_initial_members: list_join: - ',' - {get_param: ceph_mon_names} ceph::profile::params::mon_host: list_join: - ',' - {get_param: ceph_mon_ips} ceph::profile::params::fsid: {get_param: ceph_fsid} ceph::profile::params::mon_key: {get_param: ceph_mon_key} # We should use a separated key for the non-admin clients ceph::profile::params::client_keys: str_replace: template: "{ client.admin: { secret: 'ADMIN_KEY', mode: '0600', cap_mon: 'allow *', cap_osd: 'allow *', cap_mds: 'allow *' }, client.bootstrap-osd: { secret: 'ADMIN_KEY', keyring_path: '/var/lib/ceph/bootstrap-osd/ceph.keyring', cap_mon: 'allow profile bootstrap-osd' }, client.CLIENT_USER: { secret: 'ADMIN_KEY', mode: '0644', cap_mon: 'allow r', cap_osd: 'allow class-read object_prefix rbd_children, allow rwx pool=CINDER_POOL, allow rwx pool=NOVA_POOL, allow rwx pool=GLANCE_POOL' } }" params: CLIENT_USER: {get_param: CephClientUserName} ADMIN_KEY: {get_param: ceph_admin_key} NOVA_POOL: {get_param: NovaRbdPoolName} CINDER_POOL: {get_param: CinderRbdPoolName} GLANCE_POOL: {get_param: GlanceRbdPoolName} nova::compute::rbd::libvirt_images_rbd_pool: {get_param: NovaRbdPoolName} cinder_rbd_pool_name: {get_param: CinderRbdPoolName} glance::backend::rbd::rbd_store_pool: {get_param: GlanceRbdPoolName} nova::compute::rbd::libvirt_rbd_user: {get_param: CephClientUserName} glance::backend::rbd::rbd_store_user: {get_param: CephClientUserName} nova::compute::rbd::rbd_keyring: list_join: - '.' - - 'client' - {get_param: CephClientUserName} ceph_client_user_name: {get_param: CephClientUserName} ceph_pools: - {get_param: CinderRbdPoolName} - {get_param: NovaRbdPoolName} - {get_param: GlanceRbdPoolName} outputs: config_id: description: The ID of the CephClusterConfigImpl resource. value: {get_resource: CephClusterConfigImpl}