summaryrefslogtreecommitdiffstats
path: root/puppet/ceph-cluster-config.yaml
blob: f5873ddbd78736870b322589ced265a4f4073f0c (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
heat_template_version: 2015-04-30
description: 'Ceph Cluster config data for Puppet'

parameters:
  ceph_storage_count:
    default: 0
    type: number
    description: Number of Ceph storage nodes. Used to enable/disable managed Ceph installation.
  ceph_external_mon_ips:
    default: ''
    type: string
    description: List of external Ceph Mon host IPs.
  ceph_client_key:
    default: ''
    type: string
    description: Ceph key used to create the client user keyring.
  ceph_fsid:
    default: ''
    type: string
  ceph_admin_key:
    default: ''
    type: string
  ceph_mon_key:
    default: ''
    type: string
  ceph_mon_names:
    type: comma_delimited_list
  ceph_mon_ips:
    type: comma_delimited_list
  NovaRbdPoolName:
    default: vms
    type: string
  CinderRbdPoolName:
    default: volumes
    type: string
  GlanceRbdPoolName:
    default: images
    type: string
  GnocchiRbdPoolName:
    default: metrics
    type: string
  CephClientUserName:
    default: openstack
    type: string
  CephIPv6:
    default: False
    type: boolean

resources:
  CephClusterConfigImpl:
    type: OS::Heat::StructuredConfig
    properties:
      group: os-apply-config
      config:
        hiera:
          datafiles:
            ceph_cluster:
              mapped_data:
                ceph_ipv6: {get_param: CephIPv6}
                ceph_storage_count: {get_param: ceph_storage_count}
                ceph_mon_initial_members:
                  list_join:
                  - ','
                  - {get_param: ceph_mon_names}
                ceph_mon_host:
                  list_join:
                  - ','
                  - {get_param: ceph_mon_ips}
                ceph_mon_host_v6:
                  str_replace:
                    template: "'[IPS_LIST]'"
                    params:
                      IPS_LIST:
                        list_join:
                        - '],['
                        - {get_param: ceph_mon_ips}
                ceph::profile::params::ms_bind_ipv6: {get_param: CephIPv6}
                ceph::profile::params::fsid: {get_param: ceph_fsid}
                ceph::profile::params::mon_key: {get_param: ceph_mon_key}
                # We should use a separated key for the non-admin clients
                ceph::profile::params::client_keys:
                  str_replace:
                    template: "{
                      client.admin: {
                        secret: 'ADMIN_KEY',
                        mode: '0600',
                        cap_mon: 'allow *',
                        cap_osd: 'allow *',
                        cap_mds: 'allow *'
                      },
                      client.bootstrap-osd: {
                        secret: 'ADMIN_KEY',
                        keyring_path: '/var/lib/ceph/bootstrap-osd/ceph.keyring',
                        cap_mon: 'allow profile bootstrap-osd'
                      },
                      client.CLIENT_USER: {
                        secret: 'CLIENT_KEY',
                        mode: '0644',
                        cap_mon: 'allow r',
                        cap_osd: 'allow class-read object_prefix rbd_children, allow rwx pool=CINDER_POOL, allow rwx pool=NOVA_POOL, allow rwx pool=GLANCE_POOL, allow rwx pool=GNOCCHI_POOL'
                      }
                    }"
                    params:
                      CLIENT_USER: {get_param: CephClientUserName}
                      CLIENT_KEY: {get_param: ceph_client_key}
                      ADMIN_KEY: {get_param: ceph_admin_key}
                      NOVA_POOL: {get_param: NovaRbdPoolName}
                      CINDER_POOL: {get_param: CinderRbdPoolName}
                      GLANCE_POOL: {get_param: GlanceRbdPoolName}
                      GNOCCHI_POOL: {get_param: GnocchiRbdPoolName}
                nova::compute::rbd::libvirt_images_rbd_pool: {get_param: NovaRbdPoolName}
                cinder_rbd_pool_name: {get_param: CinderRbdPoolName}
                glance::backend::rbd::rbd_store_pool: {get_param: GlanceRbdPoolName}
                gnocchi::storage::ceph::ceph_pool: {get_param: GnocchiRbdPoolName}
                gnocchi::storage::ceph::ceph_username: {get_param: CephClientUserName}
                nova::compute::rbd::libvirt_rbd_user: {get_param: CephClientUserName}
                glance::backend::rbd::rbd_store_user: {get_param: CephClientUserName}
                nova::compute::rbd::rbd_keyring:
                  list_join:
                  - '.'
                  - - 'client'
                    - {get_param: CephClientUserName}
                gnocchi::storage::ceph::ceph_keyring:
                  list_join:
                  - '.'
                  - - '/etc/ceph/ceph'
                    - 'client'
                    - {get_param: CephClientUserName}
                    - 'keyring'
                ceph_client_user_name: {get_param: CephClientUserName}
                ceph_pools:
                  - {get_param: CinderRbdPoolName}
                  - {get_param: NovaRbdPoolName}
                  - {get_param: GlanceRbdPoolName}
                  - {get_param: GnocchiRbdPoolName}

outputs:
  config_id:
    description: The ID of the CephClusterConfigImpl resource.
    value:
      {get_resource: CephClusterConfigImpl}