diff options
Diffstat (limited to 'ansible/roles/ceph/tasks/rgw.yml')
-rw-r--r-- | ansible/roles/ceph/tasks/rgw.yml | 40 |
1 files changed, 40 insertions, 0 deletions
diff --git a/ansible/roles/ceph/tasks/rgw.yml b/ansible/roles/ceph/tasks/rgw.yml new file mode 100644 index 0000000..032e7e8 --- /dev/null +++ b/ansible/roles/ceph/tasks/rgw.yml @@ -0,0 +1,40 @@ +- name: Create radosgw key + template: src=rgw_keyring dest=/etc/ceph/ceph.client.radosgw.{{rgw_host}}.keyring + +- name: Authrize the rgw keyring + shell: ceph -k /etc/ceph/ceph.client.admin.keyring auth add client.radosgw.{{rgw_host}} -i /etc/ceph/ceph.client.radosgw.{{rgw_host}}.keyring + ignore_errors: False + +- name: Generate Keystone SSL key + shell: keystone-manage pki_setup --keystone-user keystone --keystone-group keystone + ignore_errors: False + +- name: Create SSL key path in Ceph + file: + path: /etc/ceph/nss + mode: 0775 + state: directory + +- name: Copy ca.pem + shell: cp /etc/keystone/ssl/certs/ca.pem /etc/ceph/nss/ca.pem + ignore_errors: False + +- name: Copy signing_cert.pem + shell: cp /etc/keystone/ssl/certs/signing_cert.pem /etc/ceph/nss/signing_cert.pem + ignore_errors: False + +- name: Install libnss3-tools + apt: + name: libnss3-tools + state: present + +- name: Synchronize Keystone SSL key with Ceph rgw step1 + shell: openssl x509 -in /etc/ceph/nss/ca.pem -pubkey | certutil -d /etc/ceph/nss -A -n ca -t "TCu,Cu,Tuw" + ignore_errors: False + +- name: Synchronize Keystone SSL key with Ceph rgw step2 + shell: openssl x509 -in /etc/ceph/nss/signing_cert.pem -pubkey | certutil -A -d /etc/ceph/nss -n signing_cert -t "P,P,P" + ignore_errors: False + +- name: Enable Ceph rgw service and running + service: name=radosgw.service enabled=yes state=started |