Integrate ceph-rgw with keystone

this patch change ceph-rgw configuration and add object-store endpoint. Co-Authored-By: zhubingbing <zhubingbing10@gmail.com> Change-Id: I3ae4171c69bec52846c92a5e5618c12cf36d4409 Implements: blueprint radosgw-keystone-integration
2016-12-05 21:50:33 +08:00 · 2016-12-05 21:50:33 +08:00 · d4f4134e35
commit d4f4134e35
parent eaa1af8f73
7 changed files with 67 additions and 11 deletions
--- a/ansible/group_vars/all.yml
+++ b/ansible/group_vars/all.yml
@ -440,6 +440,9 @@ ceph_osd_mount_options: "defaults,noatime"
 # Valid options are [ erasure, replicated ]
 ceph_pool_type: "replicated"

+# Integrate ceph rados object gateway with openstack keystone
+enable_ceph_rgw_keystone: "no"
+
 ceph_cinder_pool_name: "volumes"
 ceph_cinder_backup_pool_name: "backups"
 ceph_glance_pool_name: "images"
--- a/ansible/roles/ceph/defaults/main.yml
+++ b/ansible/roles/ceph/defaults/main.yml
@ -21,3 +21,12 @@ ceph_rgw_image_full: "{{ ceph_rgw_image }}:{{ ceph_rgw_tag }}"
 # Ceph
 ####################
 osd_initial_weight: "1"
+
+####################
+## Ceph_rgw_keystone
+####################
+swift_admin_endpoint: "{{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ rgw_port }}/swift/v1"
+swift_internal_endpoint: "{{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ rgw_port }}/swift/v1"
+swift_public_endpoint: "{{ public_protocol }}://{{ kolla_external_fqdn }}:{{ rgw_port }}/swift/v1"
+
+openstack_swift_auth: "{'auth_url':'{{ openstack_auth.auth_url }}','username':'{{ openstack_auth.username }}','password':'{{ openstack_auth.password }}','project_name':'{{ openstack_auth.project_name }}','domain_name':'default'}"
--- a/ansible/roles/ceph/tasks/deploy.yml
+++ b/ansible/roles/ceph/tasks/deploy.yml
@ -19,3 +19,8 @@
  when:
    - enable_ceph_rgw | bool
    - inventory_hostname in groups['ceph-rgw']
+
+- include: start_rgw_keystone.yml
+  when:
+    - enable_ceph_rgw_keystone | bool
+    - inventory_hostname in groups['ceph-rgw']
--- a/ansible/roles/ceph/tasks/start_rgw_keystone.yml
+++ b/ansible/roles/ceph/tasks/start_rgw_keystone.yml
@ -0,0 +1,27 @@
+---
+- name: Check whether the swift service is enabled
+  local_action: fail msg='Ceph-rgw-keystone is conflicted with swift, you should only enable one of them'
+  when: enable_swift | bool
+
+- name: Creating the Swift service and endpoint
+  command: docker exec -t kolla_toolbox /usr/bin/ansible localhost
+    -m kolla_keystone_service
+    -a "service_name=swift
+        service_type=object-store
+        description='Openstack Object Storage'
+        endpoint_region={{ openstack_region_name }}
+        url='{{ item.url }}'
+        interface='{{ item.interface }}'
+        region_name={{ openstack_region_name }}
+        auth={{ '{{ openstack_swift_auth }}' }}"
+    -e "{'openstack_swift_auth':{{ openstack_swift_auth }}}"
+  register: swift_endpoint
+  changed_when: "{{ swift_endpoint.stdout.find('localhost | SUCCESS => ') != -1 and (swift_endpoint.stdout.split('localhost | SUCCESS => ')[1]|from_json).changed }}"
+  until: swift_endpoint.stdout.split()[2] == 'SUCCESS'
+  retries: 10
+  delay: 5
+  run_once: True
+  with_items:
+    - {'interface': 'admin', 'url': '{{ swift_admin_endpoint }}'}
+    - {'interface': 'internal', 'url': '{{ swift_internal_endpoint }}'}
+    - {'interface': 'public', 'url': '{{ swift_public_endpoint }}'}
--- a/ansible/roles/ceph/templates/ceph.conf.j2
+++ b/ansible/roles/ceph/templates/ceph.conf.j2
@ -33,6 +33,15 @@ mon compact on start = true
 host = {{ hostvars[inventory_hostname]['ansible_' + storage_interface]['ipv4']['address'] }}
 rgw frontends = civetweb port={{ hostvars[inventory_hostname]['ansible_' + api_interface]['ipv4']['address'] }}:{{ rgw_port }}
 {% endif %}
+{% if enable_ceph_rgw_keystone | bool %}
+rgw_keystone_url = {{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_admin_port }}
+rgw_keystone_admin_user = {{ openstack_auth.username }}
+rgw_keystone_admin_password = {{ openstack_auth.password }}
+rgw_keystone_admin_project = {{ openstack_auth.project_name }}
+rgw_keystone_admin_domain = default
+rgw_keystone_api_version = 3
+rgw_keystone_accepted_roles = admin, _member_
+{% endif %}
 keyring = /etc/ceph/ceph.client.radosgw.keyring
 log file = /var/log/kolla/ceph/client.radosgw.gateway.log
 {% endif %}
--- a/ansible/site.yml
+++ b/ansible/site.yml
@ -38,17 +38,6 @@
    - role: prechecks
      when: action == "precheck"

- name: Apply role ceph
-  hosts:
-    - ceph-mon
-    - ceph-osd
-    - ceph-rgw
-  serial: '{{ serial|default("0") }}'
-  roles:
-    - { role: ceph,
-        tags: ceph,
-        when: enable_ceph | bool }
-
 - name: Apply role collectd
  hosts: collectd
  serial: '{{ serial|default("0") }}'
@ -157,6 +146,17 @@
        tags: keystone,
        when: enable_keystone | bool }

+- name: Apply role ceph
+  hosts:
+    - ceph-mon
+    - ceph-osd
+    - ceph-rgw
+  serial: '{{ serial|default("0") }}'
+  roles:
+    - { role: ceph,
+        tags: ceph,
+        when: enable_ceph | bool }
+
 - name: Apply role swift
  hosts:
    - swift-account-server
--- a/etc/kolla/globals.yml
+++ b/etc/kolla/globals.yml
@ -174,6 +174,9 @@ kolla_internal_vip_address: "10.10.10.254"
 # Valid options are [ erasure, replicated ]
 #ceph_pool_type: "replicated"

+# Integrate ceph rados object gateway with openstack keystone
+#enable_ceph_rgw_keystone: "no"
+

 ##############################
 # Keystone - Identity Options