heat_template_version: 2015-04-30 description: 'Ceph Cluster config data for Puppet' parameters: ceph_storage_count: default: 0 type: number description: Number of Ceph storage nodes. Used to enable/disable managed Ceph installation. ceph_external_mon_ips: default: '' type: string description: List of external Ceph Mon host IPs. ceph_client_key: default: '' type: string description: Ceph key used to create the 'openstack' user keyring. ceph_fsid: default: '' type: string ceph_admin_key: default: '' type: string ceph_mon_key: default: '' type: string ceph_mon_names: type: comma_delimited_list ceph_mon_ips: type: comma_delimited_list resources: CephClusterConfigImpl: type: OS::Heat::StructuredConfig properties: group: os-apply-config config: hiera: datafiles: ceph_cluster: mapped_data: ceph_storage_count: {get_param: ceph_storage_count} ceph_mon_initial_members: list_join: - ',' - {get_param: ceph_mon_names} ceph::profile::params::mon_host: list_join: - ',' - {get_param: ceph_mon_ips} ceph::profile::params::fsid: {get_param: ceph_fsid} ceph::profile::params::mon_key: {get_param: ceph_mon_key} # We should use a separated key for the non-admin clients ceph::profile::params::client_keys: str_replace: template: "{ client.admin: { secret: 'ADMIN_KEY', mode: '0600', cap_mon: 'allow *', cap_osd: 'allow *', cap_mds: 'allow *' }, client.bootstrap-osd: { secret: 'ADMIN_KEY', keyring_path: '/var/lib/ceph/bootstrap-osd/ceph.keyring', cap_mon: 'allow profile bootstrap-osd' }, client.openstack: { secret: 'ADMIN_KEY', mode: '0644', cap_mon: 'allow r', cap_osd: 'allow class-read object_prefix rbd_children, allow rwx pool=volumes, allow rwx pool=vms, allow rwx pool=images' } }" params: ADMIN_KEY: {get_param: ceph_admin_key} outputs: config_id: description: The ID of the CephClusterConfigImpl resource. value: {get_resource: CephClusterConfigImpl}