[radosgw, upgrades] Fix for radosgw keyring path and user
Issue:
If customer has its own external ceph cluster and have
specified only one keyring for radosgw it is possible to use
linux.system.file to control this keyring, but it is not
possible to specify path properly for this keyring.
Also it is not possible to specify arbitrary username for keyring.
Fix:
Specify keyring_path variable. If not specified then it
is calculated by default.
Specify keyring_user variable. If not specified then it
is calculated by default.
What has been fixed:
- Added keystone_path variable
- Added keystone_user variable
- Added tests
- Updated README
Prod-Related: PROD-32721
Change-Id: I4b59442ac6d892ec33063eca5e289894d05257cd
diff --git a/README.rst b/README.rst
index a0c3d3c..8509a3b 100644
--- a/README.rst
+++ b/README.rst
@@ -544,6 +544,16 @@
osd: "allow class-read object_prefix rdb_children, allow rwx pool=images"
+Specify alternative keyring path and username
+
+.. code-block:: yaml
+
+ ceph:
+ radosgw:
+ keyring_user: radosgw.gateway
+ keyring_path: /etc/ceph/keyring.radosgw.gateway
+
+
Generate CRUSH map - Recommended way
-----------------------------------
diff --git a/ceph/files/luminous/ceph.conf.Debian b/ceph/files/luminous/ceph.conf.Debian
index 43cb2f7..725109f 100644
--- a/ceph/files/luminous/ceph.conf.Debian
+++ b/ceph/files/luminous/ceph.conf.Debian
@@ -89,9 +89,17 @@
{%- if pillar.ceph.radosgw is defined %}
+{%- if radosgw.keyring_user is defined %}
+[client.{{ radosgw.keyring_user }}]
+{%- else %}
[client.rgw.{{ grains.host }}]
+{%- endif %}
host = {{ grains.host }}
+{%- if radosgw.keyring_path is defined %}
+keyring = {{ radosgw.keyring_path }}
+{%- else %}
keyring = /etc/ceph/{{ common.get('cluster_name', 'ceph') }}.client.rgw.{{ grains.host }}.keyring
+{%- endif %}
rgw socket path = /tmp/radosgw-{{ grains.host }}.sock
log file = /var/log/ceph/{{ common.get('cluster_name', 'ceph') }}-rgw-{{ grains.host }}.log
rgw data = /var/lib/ceph/radosgw/{{ common.get('cluster_name', 'ceph') }}-rgw.{{ grains.host }}
diff --git a/ceph/map.jinja b/ceph/map.jinja
index 9533c09..1833052 100644
--- a/ceph/map.jinja
+++ b/ceph/map.jinja
@@ -46,7 +46,11 @@
- librados2
services:
{%- if grains.get('init', None) == 'systemd' %}
+ {%- if pillar.get('ceph',{}).get('radosgw',{}).keyring_user is defined %}
+ - ceph-radosgw@{{ pillar.ceph.radosgw.keyring_user }}
+ {%- else %}
- ceph-radosgw@rgw.{{ grains.host }}
+ {%- endif %}
{%- else %}
- radosgw-all
{%- endif %}
diff --git a/tests/pillar/ceph_mon_single.sls b/tests/pillar/ceph_mon_single.sls
index 05ed121..5ad74c9 100644
--- a/tests/pillar/ceph_mon_single.sls
+++ b/tests/pillar/ceph_mon_single.sls
@@ -1,6 +1,6 @@
ceph:
common:
- version: kraken
+ version: luminous
cluster_name: ceph
config:
global:
@@ -27,7 +27,7 @@
osd: "allow *"
mon:
enabled: true
- version: kraken
+ version: luminous
keyring:
mon:
key: AQAnQIhZ6in5KxAAdf467upoRMWFcVg5pbh1yg==
@@ -40,3 +40,24 @@
mgr: "allow *"
mon: "allow *"
osd: "allow *"
+ radosgw:
+ enabled: true
+ hostname: gw.ceph.lab
+ keyring_user: radosgw.gateway
+ keyring_path: /etc/ceph/keyring.radosgw.gateway
+ bind:
+ address: 10.10.10.1
+ port: 8080
+ identity:
+ engine: keystone
+ api_version: 3
+ host: 10.10.10.100
+ port: 5000
+ user: admin
+ password: password
+ project: admin
+ domain: default
+ swift:
+ versioning:
+ enabled: true
+ enforce_content_length: true