Use kolla-ceph-rgw role to add swift endpoint (#1813)

Signed-off-by: Christian Berendt <[email protected]>
osism · Oct 23, 2023 · 0472cf2 · 0472cf2
1 parent 29ae613
commit 0472cf2
Show file tree

Hide file tree

Showing 7 changed files with 31 additions and 32 deletions.
diff --git a/environments/ceph/configuration.yml b/environments/ceph/configuration.yml
@@ -41,17 +41,18 @@ ceph_conf_overrides:
   "client.rgw.{{ hostvars[inventory_hostname]['ansible_hostname'] }}.rgw0":
     "rgw content length compat": "true"
     "rgw enable apis": "swift, s3, admin"
-    "rgw keystone accepted roles": "member, admin"
     "rgw keystone accepted admin roles": "admin"
+    "rgw keystone accepted roles": "member, admin"
     "rgw keystone admin domain": "default"
-    "rgw keystone admin password": "{{ swift_keystone_password }}"
+    "rgw keystone admin password": "{{ ceph_rgw_keystone_password }}"
     "rgw keystone admin project": "service"
     "rgw keystone admin tenant": "service"
-    "rgw keystone admin user": "swift"
+    "rgw keystone admin user": "ceph_rgw"
     "rgw keystone api version": "3"
+    "rgw keystone implicit tenants": "true"
     "rgw keystone url": "https://api-int.testbed.osism.xyz:5000"
     "rgw keystone verify ssl": "false"
-    "rgw keystone implicit tenants": "true"
     "rgw s3 auth use keystone": "true"
     "rgw swift account in url": "true"
     "rgw swift versioning enabled": "true"
+    "rgw verify ssl": "false"
diff --git a/environments/ceph/secrets.yml b/environments/ceph/secrets.yml
@@ -1,4 +1,3 @@
 ---
 ceph_dashboard_password: password
-
-swift_keystone_password: hF6NWPG4rWTpK00oANEcRAiKbwbEcKFHHYYskar2
+ceph_rgw_keystone_password: AEG973UFjZvUhef4FgTorudoDe7OH98H07XsEPGi
diff --git a/environments/kolla/configuration.yml b/environments/kolla/configuration.yml
@@ -99,6 +99,25 @@ enable_metering: "yes"
 ceilometer_metering_pushgateway_host: "testbed-manager.testbed.osism.xyz"
 ceilometer_metering_pushgateway_port: 8088
 
+# rgw integration
+
+enable_ceph_rgw: true
+enable_ceph_rgw_keystone: true
+
+ceph_rgw_swift_compatibility: false
+ceph_rgw_swift_account_in_url: true
+
+ceph_rgw_hosts:
+  - host: testbed-node-0
+    ip: 192.168.16.10
+    port: 8081
+  - host: testbed-node-1
+    ip: 192.168.16.11
+    port: 8081
+  - host: testbed-node-2
+    ip: 192.168.16.12
+    port: 8081
+
 ##########################################################
 # external ceph
 

diff --git a/environments/kolla/files/overlays/haproxy/services.d/haproxy.cfg b/environments/kolla/files/overlays/haproxy/services.d/haproxy.cfg
@@ -2,32 +2,7 @@
 
 # OSISM specific configuration
 
-{%- set external_tls_bind_info = 'ssl crt /etc/haproxy/haproxy.pem' if kolla_enable_tls_external|bool else '' %}
 {%- set internal_tls_bind_info = 'ssl crt /etc/haproxy/haproxy-internal.pem' if kolla_enable_tls_internal|bool else '' %}
-{% set radosgw_frontend_port = 8081 %}
-
-listen swift_api_internal
-  mode http
-  http-request del-header X-Forwarded-Proto
-  option httplog
-  option forwardfor
-  {{ "bind %s:%s %s"|e|format(kolla_internal_vip_address, swift_proxy_server_port, internal_tls_bind_info)|trim() }}
-{% for host in groups['ceph-rgw'] %}
-  server {{ hostvars[host]['ansible_facts']['hostname'] }} {{ hostvars[host]['radosgw_address'] }}:{{ radosgw_frontend_port }} check inter 2000 rise 2 fall 5
-{% endfor %}
-{% if haproxy_enable_external_vip | bool %}
-
-listen swift_api_external
-  mode http
-  http-request del-header X-Forwarded-Proto
-  option httplog
-  option forwardfor
-  http-request set-header X-Forwarded-Proto https if { ssl_fc }
-  {{ "bind %s:%s %s"|e|format(kolla_external_vip_address, swift_proxy_server_port, external_tls_bind_info)|trim() }}
-{% for host in groups['ceph-rgw'] %}
-  server {{ hostvars[host]['ansible_facts']['hostname'] }} {{ hostvars[host]['radosgw_address'] }}:{{ radosgw_frontend_port }} check inter 2000 rise 2 fall 5
-{% endfor %}
-{% endif %}
 
 listen ceph_dashboard
   option httpchk

diff --git a/releasenotes/notes/kolla-ceph-rgw-baf79d526034f91f.yaml b/releasenotes/notes/kolla-ceph-rgw-baf79d526034f91f.yaml
@@ -0,0 +1,5 @@
+---
+features:
+  - |
+    Instead of a custom playbook for creating the Swift endpoint, the role ceph-rgw,
+    which is available in Kolla for this purpose, is used from now on.
diff --git a/scripts/bootstrap/300-openstack-services.sh b/scripts/bootstrap/300-openstack-services.sh
@@ -8,7 +8,6 @@ OPENSTACK_VERSION=$(docker inspect --format '{{ index .Config.Labels "de.osism.r
 
 osism apply --environment openstack bootstrap-flavors
 osism apply --environment openstack bootstrap-basic -e openstack_version=$OPENSTACK_VERSION
-osism apply --environment openstack bootstrap-ceph-rgw
 
 # osism manage images is only available since 5.0.0. To enable the
 # testbed to be used with < 5.0.0, here is this check.

diff --git a/scripts/deploy/300-openstack-services-basic.sh b/scripts/deploy/300-openstack-services-basic.sh
@@ -16,6 +16,7 @@ osism apply glance
 osism apply cinder
 osism apply designate
 osism apply octavia
+osism apply kolla-ceph-rgw
 
 if [[ $MANAGER_VERSION =~ ^6\.[0-9]\.[0-9][a-z]?$ || $MANAGER_VERSION == "latest" ]]; then
     osism apply magnum