diff --git a/ansible/group_vars/all.yml b/ansible/group_vars/all.yml index b1c28b93c3..8ab39156b1 100644 --- a/ansible/group_vars/all.yml +++ b/ansible/group_vars/all.yml @@ -526,6 +526,8 @@ octavia_amp_flavor_id: # must provide separate disks than those for the OSDs ceph_enable_cache: "no" +external_ceph_cephx_enabled: "yes" + # Ceph is not able to determine the size of a cache pool automatically, # so the configuration on the absolute size is required here, otherwise the flush/evict will not work. ceph_target_max_bytes: "" diff --git a/ansible/roles/nova/tasks/external-ceph.yml b/ansible/roles/nova/tasks/external-ceph.yml index 79363106bf..2ce1bfca57 100644 --- a/ansible/roles/nova/tasks/external-ceph.yml +++ b/ansible/roles/nova/tasks/external-ceph.yml @@ -12,12 +12,15 @@ local_action: stat path="{{ node_custom_config }}/nova/ceph.client.nova.keyring" register: nova_cephx_keyring_file failed_when: not nova_cephx_keyring_file.stat.exists + when: external_ceph_cephx_enabled | bool - name: Check cinder keyring file local_action: stat path="{{ node_custom_config }}/nova/ceph.client.cinder.keyring" register: cinder_cephx_keyring_file failed_when: not cinder_cephx_keyring_file.stat.exists - when: cinder_backend_ceph | bool + when: + - cinder_backend_ceph | bool + - external_ceph_cephx_enabled | bool # NOTE: nova-compute and nova-libvirt only need ceph.client.nova.keyring. - name: Copy over ceph nova keyring file @@ -27,7 +30,9 @@ with_items: - nova-compute - nova-libvirt - when: inventory_hostname in groups['compute'] + when: + - inventory_hostname in groups['compute'] + - external_ceph_cephx_enabled | bool - name: Copy over ceph.conf copy: @@ -57,11 +62,14 @@ - name: Extract nova key from file local_action: shell cat "{{ nova_cephx_keyring_file.stat.path }}" | grep -E 'key\s*=' | awk '{ print $3 }' register: nova_cephx_raw_key + when: external_ceph_cephx_enabled | bool - name: Extract cinder key from file local_action: shell cat "{{ cinder_cephx_keyring_file.stat.path }}" | grep -E 'key\s*=' | awk '{ print $3 }' register: cinder_cephx_raw_key - when: cinder_backend_ceph | bool + when: + - cinder_backend_ceph | bool + - external_ceph_cephx_enabled | bool - name: Pushing secrets key for libvirt copy: @@ -71,6 +79,7 @@ when: - inventory_hostname in groups['compute'] - item.enabled | bool + - external_ceph_cephx_enabled | bool with_items: - uuid: "{{ rbd_secret_uuid }}" content: "{{ nova_cephx_raw_key.stdout }}" diff --git a/ansible/roles/nova/templates/nova.conf.j2 b/ansible/roles/nova/templates/nova.conf.j2 index 73d01c7e7f..a7e74cce15 100644 --- a/ansible/roles/nova/templates/nova.conf.j2 +++ b/ansible/roles/nova/templates/nova.conf.j2 @@ -194,7 +194,7 @@ disk_cachemodes="network=writeback" hw_disk_discard = {{ nova_hw_disk_discard }} {% endif %} {% endif %} -{% if nova_backend == "rbd" %} +{% if nova_backend == "rbd" and external_ceph_cephx_enabled | bool %} rbd_secret_uuid = {{ rbd_secret_uuid }} {% endif %} diff --git a/etc/kolla/globals.yml b/etc/kolla/globals.yml index dcd969c83f..6352e3c874 100644 --- a/etc/kolla/globals.yml +++ b/etc/kolla/globals.yml @@ -202,6 +202,9 @@ kolla_internal_vip_address: "10.10.10.254" # must provide separate disks than those for the OSDs #ceph_enable_cache: "no" +# Set to no if using external Ceph without cephx. +#external_ceph_cephx_enabled: "yes" + # Ceph is not able to determine the size of a cache pool automatically, # so the configuration on the absolute size is required here, otherwise the flush/evict will not work. #ceph_target_max_bytes: ""