# Copyright 2017 The Openstack-Helm Authors. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. deployment: ceph: true storage_secrets: true images: pull_policy: IfNotPresent tags: ceph_bootstrap: 'docker.io/ceph/daemon:tag-build-master-luminous-ubuntu-16.04' ceph_config_helper: 'docker.io/port/ceph-config-helper:v1.10.2' ceph_mon: 'docker.io/ceph/daemon:tag-build-master-luminous-ubuntu-16.04' ceph_mon_check: 'docker.io/port/ceph-config-helper:v1.10.2' dep_check: 'quay.io/stackanetes/kubernetes-entrypoint:v0.3.1' image_repo_sync: docker.io/docker:17.07.0 local_registry: active: false exclude: - dep_check - image_repo_sync labels: job: node_selector_key: openstack-control-plane node_selector_value: enabled mon: node_selector_key: ceph-mon node_selector_value: enabled pod: dns_policy: "ClusterFirstWithHostNet" replicas: mon_check: 1 affinity: anti: type: default: preferredDuringSchedulingIgnoredDuringExecution topologyKey: default: kubernetes.io/hostname resources: enabled: false mon: requests: memory: "50Mi" cpu: "250m" limits: memory: "100Mi" cpu: "500m" mon_check: requests: memory: "5Mi" cpu: "250m" limits: memory: "50Mi" cpu: "500m" jobs: bootstrap: limits: memory: "1024Mi" cpu: "2000m" requests: memory: "128Mi" cpu: "500m" secret_provisioning: limits: memory: "1024Mi" cpu: "2000m" requests: memory: "128Mi" cpu: "500m" image_repo_sync: requests: memory: "128Mi" cpu: "100m" limits: memory: "1024Mi" cpu: "2000m" secrets: keyrings: mon: ceph-mon-keyring mds: ceph-bootstrap-mds-keyring osd: ceph-bootstrap-osd-keyring rgw: ceph-bootstrap-rgw-keyring mgr: ceph-bootstrap-mgr-keyring admin: ceph-client-admin-keyring network: public: 192.168.0.0/16 cluster: 192.168.0.0/16 port: mon: 6789 conf: templates: keyring: admin: | [client.admin] key = {{ key }} auid = 0 caps mds = "allow" caps mon = "allow *" caps osd = "allow *" caps mgr = "allow *" mon: | [mon.] key = {{ key }} caps mon = "allow *" bootstrap: mds: | [client.bootstrap-mds] key = {{ key }} caps mon = "allow profile bootstrap-mds" mgr: | [client.bootstrap-mgr] key = {{ key }} caps mgr = "allow profile bootstrap-mgr" osd: | [client.bootstrap-osd] key = {{ key }} caps mon = "allow profile bootstrap-osd" rgw: | [client.bootstrap-rgw] key = {{ key }} caps mon = "allow profile bootstrap-rgw" ceph: global: # auth cephx: true cephx_require_signatures: false cephx_cluster_require_signatures: true cephx_service_require_signatures: false osd: osd_mkfs_type: xfs osd_mkfs_options_xfs: -f -i size=2048 osd_max_object_name_len: 256 ms_bind_port_min: 6800 ms_bind_port_max: 7100 storage: mon: directory: /var/lib/openstack-helm/ceph/mon dependencies: dynamic: common: local_image_registry: jobs: - ceph-mon-image-repo-sync services: - endpoint: node service: local_image_registry static: bootstrap: jobs: null services: - endpoint: internal service: ceph_mon job_keyring_generator: jobs: null mon: jobs: - ceph-storage-keys-generator - ceph-mon-keyring-generator moncheck: jobs: - ceph-storage-keys-generator - ceph-mon-keyring-generator services: - endpoint: discovery service: ceph_mon storage_keys_generator: jobs: null image_repo_sync: services: - endpoint: internal service: local_image_registry bootstrap: enabled: false script: | ceph -s function ensure_pool () { ceph osd pool stats $1 || ceph osd pool create $1 $2 local test_luminous=$(ceph tell osd.* version | egrep -c "12.2|luminous") if [[ ${test_luminous} -gt 0 ]]; then ceph osd pool application enable $1 $3 fi } #ensure_pool volumes 8 cinder # if you change provision_storage_class to false # it is presumed you manage your own storage # class definition externally storageclass: rbd: provision_storage_class: true provisioner: ceph.com/rbd name: general monitors: null pool: rbd admin_id: admin admin_secret_name: pvc-ceph-conf-combined-storageclass admin_secret_namespace: ceph user_id: admin user_secret_name: pvc-ceph-client-key image_format: "2" image_features: layering cephfs: provision_storage_class: true provisioner: ceph.com/cephfs name: cephfs admin_id: admin user_secret_name: pvc-ceph-cephfs-client-key admin_secret_name: pvc-ceph-conf-combined-storageclass admin_secret_namespace: ceph endpoints: cluster_domain_suffix: cluster.local local_image_registry: name: docker-registry namespace: docker-registry hosts: default: localhost internal: docker-registry node: localhost host_fqdn_override: default: null port: registry: node: 5000 ceph_mon: namespace: null hosts: default: ceph-mon discovery: ceph-mon-discovery host_fqdn_override: default: null port: mon: default: 6789 manifests: configmap_bin: true configmap_etc: true configmap_templates: true daemonset_mon: true deployment_moncheck: true deployment_rgw: true job_image_repo_sync: true job_bootstrap: true job_keyring: true service_mon: true service_mon_discovery: true job_storage_admin_keys: true