kolla-ansible/ansible/roles/ceph/templates/ceph.conf.j2
Jeffrey Zhang 1cf116cd6c Use a separate user for ceph-rgw rather than keystone admin user
If not, change admin user password will break ceph rgw service.

Change-Id: Ia872f6f1aa2d9917d3f5851e0edcffed61e71355
Closes-Bug: #1705929
2017-07-27 16:41:41 +08:00

47 lines
2.2 KiB
Django/Jinja

[global]
log file = /var/log/kolla/ceph/$cluster-$name.log
log to syslog = false
err to syslog = false
log to stderr = false
err to stderr = false
fsid = {{ ceph_cluster_fsid }}
mon initial members = {% for host in groups['ceph-mon'] %}{{ hostvars[host]['ansible_' + hostvars[host]['storage_interface']]['ipv4']['address'] }}{% if not loop.last %}, {% endif %}{% endfor %}
mon host = {% for host in groups['ceph-mon'] %}{{ hostvars[host]['ansible_' + hostvars[host]['storage_interface']]['ipv4']['address'] }}{% if not loop.last %}, {% endif %}{% endfor %}
mon addr = {% for host in groups['ceph-mon'] %}{{ hostvars[host]['ansible_' + hostvars[host]['storage_interface']]['ipv4']['address'] }}:6789{% if not loop.last %}, {% endif %}{% endfor %}
auth cluster required = cephx
auth service required = cephx
auth client required = cephx
# NOTE(inc0): This line will mean that if ceph was upgraded, it will run as root
# until contents of /var/lib/ceph are chowned to ceph user.
# This change was introduced in Jewel version and we should include
# chown operation in upgrade procedure. https://bugs.launchpad.net/kolla/+bug/1620702
setuser match path = /var/lib/ceph/$type/$cluster-$id
[mon]
# NOTE(SamYaple): The monitor files have been known to grow very large. The
# only fix for that is to compact the files.
mon compact on start = true
mon cluster log file = /var/log/kolla/ceph/$cluster.log
{% if service_name is defined and service_name == 'ceph-rgw' %}
[client.radosgw.gateway]
host = {{ hostvars[inventory_hostname]['ansible_' + storage_interface]['ipv4']['address'] }}
rgw frontends = civetweb port={{ api_interface_address }}:{{ rgw_port }}
{% if enable_ceph_rgw_keystone | bool %}
rgw_keystone_url = {{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_admin_port }}
rgw_keystone_admin_user = {{ ceph_rgw_keystone_user }}
rgw_keystone_admin_password = {{ ceph_rgw_keystone_password }}
rgw_keystone_admin_project = service
rgw_keystone_admin_domain = default
rgw_keystone_api_version = 3
rgw_keystone_accepted_roles = admin, {{ keystone_default_user_role }}
{% endif %}
keyring = /etc/ceph/ceph.client.radosgw.keyring
log file = /var/log/kolla/ceph/client.radosgw.gateway.log
{% endif %}