2016-02-29 23:35:07 +08:00
|
|
|
---
|
|
|
|
|
# You can override vars by using host or group vars
|
|
|
|
|
|
|
|
|
|
###########
|
|
|
|
|
# GENERAL #
|
|
|
|
|
###########
|
|
|
|
|
|
|
|
|
|
mon_group_name: mons
|
|
|
|
|
|
|
|
|
|
# ACTIVATE BOTH FSID AND MONITOR_SECRET VARIABLES FOR NON-VAGRANT DEPLOYMENT
|
|
|
|
|
monitor_secret: "{{ monitor_keyring.stdout }}"
|
2017-07-05 17:07:00 +08:00
|
|
|
admin_secret: 'admin_secret'
|
2016-02-29 23:35:07 +08:00
|
|
|
|
|
|
|
|
# CephFS
|
|
|
|
|
cephfs_data: cephfs_data
|
|
|
|
|
cephfs_metadata: cephfs_metadata
|
|
|
|
|
cephfs: cephfs
|
|
|
|
|
|
|
|
|
|
# Secure your cluster
|
|
|
|
|
# This will set the following flags on all the pools:
|
|
|
|
|
# * nosizechange
|
|
|
|
|
# * nopgchange
|
|
|
|
|
# * nodelete
|
|
|
|
|
|
|
|
|
|
secure_cluster: false
|
|
|
|
|
secure_cluster_flags:
|
|
|
|
|
- nopgchange
|
|
|
|
|
- nodelete
|
|
|
|
|
- nosizechange
|
|
|
|
|
|
2016-03-10 04:12:52 +08:00
|
|
|
# Enable the Calamari-backed REST API on a Monitor
|
|
|
|
|
calamari: false
|
2016-02-29 23:35:07 +08:00
|
|
|
|
2017-03-13 20:46:38 +08:00
|
|
|
# Enable debugging for Calamari
|
|
|
|
|
calamari_debug: false
|
|
|
|
|
|
2017-06-12 16:36:29 +08:00
|
|
|
|
|
|
|
|
#############
|
|
|
|
|
# crush rules
|
|
|
|
|
#############
|
|
|
|
|
crush_rule_config: false
|
|
|
|
|
|
|
|
|
|
crush_rule_hdd:
|
|
|
|
|
name: HDD
|
|
|
|
|
root: HDD
|
|
|
|
|
type: rack
|
|
|
|
|
default: true
|
|
|
|
|
|
|
|
|
|
crush_rule_ssd:
|
|
|
|
|
name: SSD
|
|
|
|
|
root: SSD
|
|
|
|
|
type: host
|
|
|
|
|
default: false
|
|
|
|
|
|
|
|
|
|
crush_rules:
|
|
|
|
|
- "{{ crush_rule_hdd }}"
|
|
|
|
|
- "{{ crush_rule_ssd }}"
|
2016-02-29 23:35:07 +08:00
|
|
|
#############
|
|
|
|
|
# OPENSTACK #
|
|
|
|
|
#############
|
|
|
|
|
|
|
|
|
|
openstack_config: false
|
|
|
|
|
openstack_glance_pool:
|
|
|
|
|
name: images
|
2016-12-05 21:21:54 +08:00
|
|
|
pg_num: "{{ osd_pool_default_pg_num }}"
|
2017-06-12 16:36:29 +08:00
|
|
|
rule_name: ""
|
2016-02-29 23:35:07 +08:00
|
|
|
openstack_cinder_pool:
|
|
|
|
|
name: volumes
|
2016-12-05 21:21:54 +08:00
|
|
|
pg_num: "{{ osd_pool_default_pg_num }}"
|
2017-06-12 16:36:29 +08:00
|
|
|
rule_name: ""
|
2016-02-29 23:35:07 +08:00
|
|
|
openstack_nova_pool:
|
|
|
|
|
name: vms
|
2016-12-05 21:21:54 +08:00
|
|
|
pg_num: "{{ osd_pool_default_pg_num }}"
|
2017-06-12 16:36:29 +08:00
|
|
|
rule_name: ""
|
2016-02-29 23:35:07 +08:00
|
|
|
openstack_cinder_backup_pool:
|
|
|
|
|
name: backups
|
2016-12-05 21:21:54 +08:00
|
|
|
pg_num: "{{ osd_pool_default_pg_num }}"
|
2017-06-12 16:36:29 +08:00
|
|
|
rule_name: ""
|
2017-06-20 02:25:59 +08:00
|
|
|
openstack_gnocchi_pool:
|
|
|
|
|
name: metrics
|
|
|
|
|
pg_num: "{{ osd_pool_default_pg_num }}"
|
2017-06-12 16:36:29 +08:00
|
|
|
rule_name: ""
|
2016-02-29 23:35:07 +08:00
|
|
|
|
2016-09-21 20:21:41 +08:00
|
|
|
openstack_pools:
|
|
|
|
|
- "{{ openstack_glance_pool }}"
|
|
|
|
|
- "{{ openstack_cinder_pool }}"
|
|
|
|
|
- "{{ openstack_nova_pool }}"
|
|
|
|
|
- "{{ openstack_cinder_backup_pool }}"
|
2017-06-20 02:25:59 +08:00
|
|
|
- "{{ openstack_gnocchi_pool }}"
|
2016-09-21 20:21:41 +08:00
|
|
|
|
2017-06-23 18:35:39 +08:00
|
|
|
|
|
|
|
|
# The value for 'key' can be a pre-generated key,
|
|
|
|
|
# e.g key: "AQDC2UxZH4yeLhAAgTaZb+4wDUlYOsr1OfZSpQ=="
|
|
|
|
|
# By default, keys will be auto-generated.
|
2017-07-20 06:20:18 +08:00
|
|
|
#
|
|
|
|
|
# To have have ansible setfacl the generated key, set the acls var like so:
|
|
|
|
|
# acls: ["u:nova:r--", "u:cinder:r--", "u:glance:r--", "u:gnocchi:r--"]
|
2016-02-29 23:35:07 +08:00
|
|
|
openstack_keys:
|
2017-08-10 04:52:18 +08:00
|
|
|
- { name: client.glance, key: "$(ceph-authtool --gen-print-key)", mon_cap: "allow r", osd_cap: "allow class-read object_prefix rbd_children, allow rwx pool={{ openstack_glance_pool.name }}", mode: "0600", acls: [] }
|
|
|
|
|
- { name: client.cinder, key: "$(ceph-authtool --gen-print-key)", mon_cap: "allow r", osd_cap: "allow class-read object_prefix rbd_children, allow rwx pool={{ openstack_cinder_pool.name }}, allow rwx pool={{ openstack_nova_pool.name }}, allow rx pool={{ openstack_glance_pool.name }}", mode: "0600", acls: [] }
|
|
|
|
|
- { name: client.cinder-backup, key: "$(ceph-authtool --gen-print-key)", mon_cap: "allow r", osd_cap: "allow class-read object_prefix rbd_children, allow rwx pool={{ openstack_cinder_backup_pool.name }}", mode: "0600", acls: [] }
|
|
|
|
|
- { name: client.gnocchi, key: "$(ceph-authtool --gen-print-key)", mon_cap: "allow r", osd_cap: "allow class-read object_prefix rbd_children, allow rwx pool={{ openstack_gnocchi_pool.name }}", mode: "0600", acls: [] }
|
|
|
|
|
- { name: client.openstack, key: "$(ceph-authtool --gen-print-key)", mon_cap: "allow r", osd_cap: "allow class-read object_prefix rbd_children, allow rwx pool=images, allow rwx pool=vms, allow rwx pool=volumes, allow rwx pool=backups", mode: "0600", acls: [] }
|
2016-02-29 23:35:07 +08:00
|
|
|
|
|
|
|
|
##########
|
|
|
|
|
# DOCKER #
|
|
|
|
|
##########
|
2017-07-05 00:08:59 +08:00
|
|
|
ceph_mon_docker_subnet: "{{ public_network }}"# subnet of the monitor_interface
|
2017-07-07 21:48:53 +08:00
|
|
|
|
|
|
|
|
# ceph_mon_docker_extra_env:
|
|
|
|
|
#
|
|
|
|
|
# Use this variable to add extra env configuration to run your mon container.
|
|
|
|
|
# If you want to set a custom admin keyring you can set this variable like following:
|
|
|
|
|
# ceph_mon_docker_extra_env: -e CLUSTER={{ cluster }} -e FSID={{ fsid }} -e MON_NAME={{ monitor_name }} -e ADMIN_SECRET={{ admin_secret }}
|
2017-03-28 20:15:27 +08:00
|
|
|
ceph_mon_docker_extra_env: -e CLUSTER={{ cluster }} -e FSID={{ fsid }} -e MON_NAME={{ monitor_name }}
|
2016-03-31 22:39:02 +08:00
|
|
|
mon_docker_privileged: false
|
|
|
|
|
mon_docker_net_host: true
|
2016-11-03 17:16:33 +08:00
|
|
|
ceph_config_keys: [] # DON'T TOUCH ME
|
