External Ceph: add ceph_*_user variables
To make the configuration easier for the user, and to allow non-standard ceph authentication ids - introduce ceph_*_user variables. Change-Id: I24e01c43c826b62b6748d93a498f4b7d8ce9e309
This commit is contained in:
parent
4d0c442b88
commit
fdf3729f83
@ -1007,6 +1007,13 @@ ceph_glance_pool_name: "images"
|
|||||||
ceph_gnocchi_pool_name: "gnocchi"
|
ceph_gnocchi_pool_name: "gnocchi"
|
||||||
ceph_nova_pool_name: "vms"
|
ceph_nova_pool_name: "vms"
|
||||||
|
|
||||||
|
ceph_cinder_backup_user: "cinder-backup"
|
||||||
|
ceph_cinder_volume_user: "cinder"
|
||||||
|
ceph_glance_user: "glance"
|
||||||
|
ceph_gnocchi_user: "gnocchi"
|
||||||
|
ceph_manila_user: "manila"
|
||||||
|
ceph_nova_user: "nova"
|
||||||
|
|
||||||
ceph_erasure_profile: "k=4 m=2 ruleset-failure-domain=host"
|
ceph_erasure_profile: "k=4 m=2 ruleset-failure-domain=host"
|
||||||
ceph_rule: "default host {{ 'indep' if ceph_pool_type == 'erasure' else 'firstn' }}"
|
ceph_rule: "default host {{ 'indep' if ceph_pool_type == 'erasure' else 'firstn' }}"
|
||||||
ceph_cache_rule: "cache host firstn"
|
ceph_cache_rule: "cache host firstn"
|
||||||
|
@ -28,7 +28,7 @@ enabled_backends = {{ cinder_enabled_backends|map(attribute='name')|join(',') }}
|
|||||||
{% if cinder_backup_driver == "ceph" %}
|
{% if cinder_backup_driver == "ceph" %}
|
||||||
backup_driver = cinder.backup.drivers.ceph.CephBackupDriver
|
backup_driver = cinder.backup.drivers.ceph.CephBackupDriver
|
||||||
backup_ceph_conf = /etc/ceph/ceph.conf
|
backup_ceph_conf = /etc/ceph/ceph.conf
|
||||||
backup_ceph_user = cinder-backup
|
backup_ceph_user = {{ ceph_cinder_backup_user }}
|
||||||
backup_ceph_chunk_size = 134217728
|
backup_ceph_chunk_size = 134217728
|
||||||
backup_ceph_pool = {{ ceph_cinder_backup_pool_name }}
|
backup_ceph_pool = {{ ceph_cinder_backup_pool_name }}
|
||||||
backup_ceph_stripe_unit = 0
|
backup_ceph_stripe_unit = 0
|
||||||
@ -131,7 +131,7 @@ rbd_flatten_volume_from_snapshot = false
|
|||||||
rbd_max_clone_depth = 5
|
rbd_max_clone_depth = 5
|
||||||
rbd_store_chunk_size = 4
|
rbd_store_chunk_size = 4
|
||||||
rados_connect_timeout = 5
|
rados_connect_timeout = 5
|
||||||
rbd_user = cinder
|
rbd_user = {{ ceph_cinder_volume_user }}
|
||||||
rbd_secret_uuid = {{ cinder_rbd_secret_uuid }}
|
rbd_secret_uuid = {{ cinder_rbd_secret_uuid }}
|
||||||
report_discard_supported = True
|
report_discard_supported = True
|
||||||
image_upload_use_cinder_backend = True
|
image_upload_use_cinder_backend = True
|
||||||
|
@ -61,7 +61,7 @@ stores = {{ glance_store_backends|map(attribute='name')|join(',') }}
|
|||||||
{% endif %}
|
{% endif %}
|
||||||
|
|
||||||
{% if glance_backend_ceph | bool %}
|
{% if glance_backend_ceph | bool %}
|
||||||
rbd_store_user = glance
|
rbd_store_user = {{ ceph_glance_user }}
|
||||||
rbd_store_pool = {{ ceph_glance_pool_name }}
|
rbd_store_pool = {{ ceph_glance_pool_name }}
|
||||||
rbd_store_chunk_size = 8
|
rbd_store_chunk_size = 8
|
||||||
{% endif %}
|
{% endif %}
|
||||||
|
@ -74,8 +74,8 @@ file_basepath = /var/lib/gnocchi
|
|||||||
{% elif gnocchi_backend_storage == 'ceph' %}
|
{% elif gnocchi_backend_storage == 'ceph' %}
|
||||||
driver = ceph
|
driver = ceph
|
||||||
ceph_pool = {{ gnocchi_pool_name }}
|
ceph_pool = {{ gnocchi_pool_name }}
|
||||||
ceph_username = gnocchi
|
ceph_username = {{ ceph_gnocchi_user }}
|
||||||
ceph_keyring = /etc/ceph/ceph.client.gnocchi.keyring
|
ceph_keyring = {{ ceph_gnocchi_keyring }}
|
||||||
ceph_conffile = /etc/ceph/ceph.conf
|
ceph_conffile = /etc/ceph/ceph.conf
|
||||||
{% elif gnocchi_backend_storage == 'swift' %}
|
{% elif gnocchi_backend_storage == 'swift' %}
|
||||||
driver = swift
|
driver = swift
|
||||||
|
@ -99,7 +99,7 @@ driver_handles_share_servers = False
|
|||||||
share_backend_name = CEPHFS1
|
share_backend_name = CEPHFS1
|
||||||
share_driver = manila.share.drivers.cephfs.driver.CephFSDriver
|
share_driver = manila.share.drivers.cephfs.driver.CephFSDriver
|
||||||
cephfs_conf_path = /etc/ceph/ceph.conf
|
cephfs_conf_path = /etc/ceph/ceph.conf
|
||||||
cephfs_auth_id = manila
|
cephfs_auth_id = {{ ceph_manila_user }}
|
||||||
cephfs_cluster_name = ceph
|
cephfs_cluster_name = ceph
|
||||||
cephfs_enable_snapshots = False
|
cephfs_enable_snapshots = False
|
||||||
{% endif %}
|
{% endif %}
|
||||||
@ -111,7 +111,7 @@ share_backend_name = CEPHFSNFS1
|
|||||||
share_driver = manila.share.drivers.cephfs.driver.CephFSDriver
|
share_driver = manila.share.drivers.cephfs.driver.CephFSDriver
|
||||||
cephfs_protocol_helper_type = NFS
|
cephfs_protocol_helper_type = NFS
|
||||||
cephfs_conf_path = /etc/ceph/ceph.conf
|
cephfs_conf_path = /etc/ceph/ceph.conf
|
||||||
cephfs_auth_id = manila
|
cephfs_auth_id = {{ ceph_manila_user }}
|
||||||
cephfs_cluster_name = ceph
|
cephfs_cluster_name = ceph
|
||||||
cephfs_enable_snapshots = False
|
cephfs_enable_snapshots = False
|
||||||
cephfs_ganesha_server_is_remote= False
|
cephfs_ganesha_server_is_remote= False
|
||||||
|
@ -5,11 +5,11 @@ live_migration_uri = "qemu+tls://%s/system"
|
|||||||
{% else %}
|
{% else %}
|
||||||
connection_uri = "qemu+tcp://{{ migration_interface_address | put_address_in_context('url') }}/system"
|
connection_uri = "qemu+tcp://{{ migration_interface_address | put_address_in_context('url') }}/system"
|
||||||
{% endif %}
|
{% endif %}
|
||||||
{% if enable_ceph | bool and nova_backend == "rbd" %}
|
{% if nova_backend == "rbd" %}
|
||||||
images_type = rbd
|
images_type = rbd
|
||||||
images_rbd_pool = {{ ceph_nova_pool_name }}
|
images_rbd_pool = {{ ceph_nova_pool_name }}
|
||||||
images_rbd_ceph_conf = /etc/ceph/ceph.conf
|
images_rbd_ceph_conf = /etc/ceph/ceph.conf
|
||||||
rbd_user = nova
|
rbd_user = {{ ceph_nova_user }}
|
||||||
disk_cachemodes="network=writeback"
|
disk_cachemodes="network=writeback"
|
||||||
{% if nova_hw_disk_discard != '' %}
|
{% if nova_hw_disk_discard != '' %}
|
||||||
hw_disk_discard = {{ nova_hw_disk_discard }}
|
hw_disk_discard = {{ nova_hw_disk_discard }}
|
||||||
|
@ -66,17 +66,11 @@ Glance
|
|||||||
|
|
||||||
Configuring Glance for Ceph includes the following steps:
|
Configuring Glance for Ceph includes the following steps:
|
||||||
|
|
||||||
#. Configure RBD back end in ``glance-api.conf``
|
#. Configure Ceph authentication details in ``/etc/kolla/globals.yml``:
|
||||||
|
|
||||||
.. path /etc/kolla/config/glance/glance-api.conf
|
* ``ceph_glance_keyring`` (default: ``ceph.client.glance.keyring``)
|
||||||
.. code-block:: ini
|
* ``ceph_glance_user`` (default: ``glance``)
|
||||||
|
* ``ceph_glance_pool_name`` (default: ``images``)
|
||||||
[glance_store]
|
|
||||||
stores = rbd
|
|
||||||
default_store = rbd
|
|
||||||
rbd_store_pool = images
|
|
||||||
rbd_store_user = glance
|
|
||||||
rbd_store_ceph_conf = /etc/ceph/ceph.conf
|
|
||||||
|
|
||||||
#. Copy Ceph configuration file to ``/etc/kolla/config/glance/ceph.conf``
|
#. Copy Ceph configuration file to ``/etc/kolla/config/glance/ceph.conf``
|
||||||
|
|
||||||
@ -91,10 +85,6 @@ Configuring Glance for Ceph includes the following steps:
|
|||||||
auth_service_required = cephx
|
auth_service_required = cephx
|
||||||
auth_client_required = cephx
|
auth_client_required = cephx
|
||||||
|
|
||||||
#. Configure Ceph authentication details in ``/etc/kolla/globals.yml``:
|
|
||||||
|
|
||||||
* ``ceph_glance_keyring`` (default: ``ceph.client.glance.keyring``)
|
|
||||||
|
|
||||||
#. Copy Ceph keyring to ``/etc/kolla/config/glance/<ceph_glance_keyring>``
|
#. Copy Ceph keyring to ``/etc/kolla/config/glance/<ceph_glance_keyring>``
|
||||||
|
|
||||||
Cinder
|
Cinder
|
||||||
@ -102,43 +92,14 @@ Cinder
|
|||||||
|
|
||||||
Configuring Cinder for Ceph includes following steps:
|
Configuring Cinder for Ceph includes following steps:
|
||||||
|
|
||||||
#. Configure RBD backend in ``cinder-volume.conf`` and ``cinder-backup.conf``
|
#. Configure Ceph authentication details in ``/etc/kolla/globals.yml``:
|
||||||
|
* ``ceph_cinder_keyring`` (default: ``ceph.client.cinder.keyring``)
|
||||||
.. path /etc/kolla/config/cinder/cinder-volume.conf
|
* ``ceph_cinder_user`` (default: ``cinder``)
|
||||||
.. code-block:: ini
|
* ``ceph_cinder_pool_name`` (default: ``volumes``)
|
||||||
|
* ``ceph_cinder_backup_keyring``
|
||||||
[DEFAULT]
|
(default: ``ceph.client.cinder-backup.keyring``)
|
||||||
enabled_backends=rbd-1
|
* ``ceph_cinder_backup_user`` (default: ``cinder-backup``)
|
||||||
|
* ``ceph_cinder_backup_pool_name`` (default: ``backups``)
|
||||||
[rbd-1]
|
|
||||||
rbd_ceph_conf=/etc/ceph/ceph.conf
|
|
||||||
rbd_user=cinder
|
|
||||||
backend_host=rbd:volumes
|
|
||||||
rbd_pool=volumes
|
|
||||||
volume_backend_name=rbd-1
|
|
||||||
volume_driver=cinder.volume.drivers.rbd.RBDDriver
|
|
||||||
rbd_secret_uuid = {{ cinder_rbd_secret_uuid }}
|
|
||||||
|
|
||||||
.. note::
|
|
||||||
|
|
||||||
``cinder_rbd_secret_uuid`` can be found in ``/etc/kolla/passwords.yml``.
|
|
||||||
|
|
||||||
.. path /etc/kolla/config/cinder/cinder-backup.conf
|
|
||||||
.. code-block:: ini
|
|
||||||
|
|
||||||
[DEFAULT]
|
|
||||||
backup_ceph_conf=/etc/ceph/ceph.conf
|
|
||||||
backup_ceph_user=cinder-backup
|
|
||||||
backup_ceph_chunk_size = 134217728
|
|
||||||
backup_ceph_pool=backups
|
|
||||||
backup_driver = cinder.backup.drivers.ceph.CephBackupDriver
|
|
||||||
backup_ceph_stripe_unit = 0
|
|
||||||
backup_ceph_stripe_count = 0
|
|
||||||
restore_discard_excess_bytes = true
|
|
||||||
|
|
||||||
For more information about the Cinder backup configuration, see
|
|
||||||
:cinder-doc:`Ceph backup driver
|
|
||||||
<configuration/block-storage/backup/ceph-backup-driver.html>`.
|
|
||||||
|
|
||||||
#. Copy Ceph configuration file to ``/etc/kolla/config/cinder/ceph.conf``
|
#. Copy Ceph configuration file to ``/etc/kolla/config/cinder/ceph.conf``
|
||||||
|
|
||||||
@ -148,11 +109,6 @@ Configuring Cinder for Ceph includes following steps:
|
|||||||
``/etc/kolla/config/cinder/cinder-backup`` respectively. They
|
``/etc/kolla/config/cinder/cinder-backup`` respectively. They
|
||||||
will be merged with ``/etc/kolla/config/cinder/ceph.conf``.
|
will be merged with ``/etc/kolla/config/cinder/ceph.conf``.
|
||||||
|
|
||||||
#. Configure Ceph authentication details in ``/etc/kolla/globals.yml``:
|
|
||||||
* ``ceph_cinder_keyring`` (default: ``ceph.client.cinder.keyring``)
|
|
||||||
* ``ceph_cinder_backup_keyring``
|
|
||||||
(default: ``ceph.client.cinder-backup.keyring``)
|
|
||||||
|
|
||||||
#. Copy Ceph keyring files to:
|
#. Copy Ceph keyring files to:
|
||||||
* ``/etc/kolla/config/cinder/cinder-volume/<ceph_cinder_keyring>``
|
* ``/etc/kolla/config/cinder/cinder-volume/<ceph_cinder_keyring>``
|
||||||
* ``/etc/kolla/config/cinder/cinder-backup/<ceph_cinder_keyring>``
|
* ``/etc/kolla/config/cinder/cinder-backup/<ceph_cinder_keyring>``
|
||||||
@ -168,12 +124,14 @@ Nova
|
|||||||
|
|
||||||
Configuring Nova for Ceph includes following steps:
|
Configuring Nova for Ceph includes following steps:
|
||||||
|
|
||||||
#. Copy Ceph configuration file to ``/etc/kolla/config/nova/ceph.conf``
|
|
||||||
#. Configure Ceph authentication details in ``/etc/kolla/globals.yml``:
|
#. Configure Ceph authentication details in ``/etc/kolla/globals.yml``:
|
||||||
|
|
||||||
* ``ceph_cinder_keyring`` (default: ``ceph.client.cinder.keyring``)
|
* ``ceph_cinder_keyring`` (default: ``ceph.client.cinder.keyring``)
|
||||||
* ``ceph_nova_keyring`` (by default it's the same as ceph_cinder_keyring)
|
* ``ceph_nova_keyring`` (by default it's the same as ceph_cinder_keyring)
|
||||||
|
* ``ceph_nova_user`` (default: ``nova``)
|
||||||
|
* ``ceph_nova_pool_name`` (default: ``vms``)
|
||||||
|
|
||||||
|
#. Copy Ceph configuration file to ``/etc/kolla/config/nova/ceph.conf``
|
||||||
#. Copy Ceph keyring file(s) to:
|
#. Copy Ceph keyring file(s) to:
|
||||||
|
|
||||||
* ``/etc/kolla/config/nova/<ceph_cinder_keyring>``
|
* ``/etc/kolla/config/nova/<ceph_cinder_keyring>``
|
||||||
@ -183,41 +141,23 @@ Configuring Nova for Ceph includes following steps:
|
|||||||
.. warning::
|
.. warning::
|
||||||
|
|
||||||
If you are using ceph-ansible or another deployment tool that doesn't
|
If you are using ceph-ansible or another deployment tool that doesn't
|
||||||
create separate key for Nova just copy the Cinder key.
|
create separate key for Nova just copy the Cinder key and configure
|
||||||
|
``ceph_nova_user`` to the same value as ``ceph_cinder_user``.
|
||||||
#. Configure nova-compute to use Ceph as the ephemeral back end by creating
|
|
||||||
``/etc/kolla/config/nova/nova-compute.conf`` and adding the following
|
|
||||||
configurations:
|
|
||||||
|
|
||||||
.. code-block:: ini
|
|
||||||
|
|
||||||
[libvirt]
|
|
||||||
images_rbd_pool=vms
|
|
||||||
images_type=rbd
|
|
||||||
images_rbd_ceph_conf=/etc/ceph/ceph.conf
|
|
||||||
|
|
||||||
Gnocchi
|
Gnocchi
|
||||||
-------
|
-------
|
||||||
|
|
||||||
Configuring Gnocchi for Ceph includes following steps:
|
Configuring Gnocchi for Ceph includes following steps:
|
||||||
|
|
||||||
#. Copy Ceph configuration file to ``/etc/kolla/config/gnocchi/ceph.conf``
|
|
||||||
#. Configure Ceph authentication details in ``/etc/kolla/globals.yml``:
|
#. Configure Ceph authentication details in ``/etc/kolla/globals.yml``:
|
||||||
|
|
||||||
* ``ceph_gnocchi_keyring``
|
* ``ceph_gnocchi_keyring``
|
||||||
(default: ``ceph.client.gnocchi.keyring``)
|
(default: ``ceph.client.gnocchi.keyring``)
|
||||||
|
* ``ceph_gnocchi_user`` (default: ``gnocchi``)
|
||||||
|
* ``ceph_gnocchi_pool_name`` (default: ``gnocchi``)
|
||||||
|
|
||||||
|
#. Copy Ceph configuration file to ``/etc/kolla/config/gnocchi/ceph.conf``
|
||||||
#. Copy Ceph keyring to ``/etc/kolla/config/gnocchi/<ceph_gnocchi_keyring>``
|
#. Copy Ceph keyring to ``/etc/kolla/config/gnocchi/<ceph_gnocchi_keyring>``
|
||||||
#. Modify ``/etc/kolla/config/gnocchi.conf`` file according to the following
|
|
||||||
configuration:
|
|
||||||
|
|
||||||
.. code-block:: ini
|
|
||||||
|
|
||||||
[storage]
|
|
||||||
driver = ceph
|
|
||||||
ceph_username = gnocchi
|
|
||||||
ceph_keyring = /etc/ceph/ceph.client.gnocchi.keyring
|
|
||||||
ceph_conffile = /etc/ceph/ceph.conf
|
|
||||||
|
|
||||||
Manila
|
Manila
|
||||||
------
|
------
|
||||||
@ -229,6 +169,7 @@ Configuring Manila for Ceph includes following steps:
|
|||||||
#. Configure Ceph authentication details in ``/etc/kolla/globals.yml``:
|
#. Configure Ceph authentication details in ``/etc/kolla/globals.yml``:
|
||||||
|
|
||||||
* ``ceph_manila_keyring`` (default: ``ceph.client.manila.keyring``)
|
* ``ceph_manila_keyring`` (default: ``ceph.client.manila.keyring``)
|
||||||
|
* ``ceph_manila_user`` (default: ``manila``)
|
||||||
|
|
||||||
#. Copy Ceph configuration file to ``/etc/kolla/config/manila/ceph.conf``
|
#. Copy Ceph configuration file to ``/etc/kolla/config/manila/ceph.conf``
|
||||||
#. Copy Ceph keyring to ``/etc/kolla/config/manila/<ceph_manila_keyring>``
|
#. Copy Ceph keyring to ``/etc/kolla/config/manila/<ceph_manila_keyring>``
|
||||||
|
12
releasenotes/notes/external-ceph-users-2715eebf8a8df1af.yaml
Normal file
12
releasenotes/notes/external-ceph-users-2715eebf8a8df1af.yaml
Normal file
@ -0,0 +1,12 @@
|
|||||||
|
---
|
||||||
|
features:
|
||||||
|
- |
|
||||||
|
Introduce External Ceph user ids as variables to allow non-standard ceph
|
||||||
|
authentication ids in OpenStack services configuration without the need to
|
||||||
|
override configuration files.
|
||||||
|
upgrade:
|
||||||
|
- |
|
||||||
|
Now the rbd part of ``nova.conf`` in ``nova-compute`` is being generated
|
||||||
|
when ``nova_backend`` is set to ``"rbd"`` (previously it was generated when
|
||||||
|
both ``enable_ceph`` was ``"yes"`` and ``nova_backend`` was set to
|
||||||
|
``"rbd"``).
|
@ -133,4 +133,5 @@ enable_cinder: "yes"
|
|||||||
glance_backend_ceph: "yes"
|
glance_backend_ceph: "yes"
|
||||||
cinder_backend_ceph: "yes"
|
cinder_backend_ceph: "yes"
|
||||||
nova_backend_ceph: "yes"
|
nova_backend_ceph: "yes"
|
||||||
|
ceph_nova_user: "cinder"
|
||||||
{% endif %}
|
{% endif %}
|
||||||
|
Loading…
Reference in New Issue
Block a user