aboutsummaryrefslogtreecommitdiff
path: root/ansible/roles/ceph/tasks/rgw.yml
diff options
context:
space:
mode:
Diffstat (limited to 'ansible/roles/ceph/tasks/rgw.yml')
-rw-r--r--ansible/roles/ceph/tasks/rgw.yml40
1 files changed, 40 insertions, 0 deletions
diff --git a/ansible/roles/ceph/tasks/rgw.yml b/ansible/roles/ceph/tasks/rgw.yml
new file mode 100644
index 0000000..032e7e8
--- /dev/null
+++ b/ansible/roles/ceph/tasks/rgw.yml
@@ -0,0 +1,40 @@
+- name: Create radosgw key
+ template: src=rgw_keyring dest=/etc/ceph/ceph.client.radosgw.{{rgw_host}}.keyring
+
+- name: Authrize the rgw keyring
+ shell: ceph -k /etc/ceph/ceph.client.admin.keyring auth add client.radosgw.{{rgw_host}} -i /etc/ceph/ceph.client.radosgw.{{rgw_host}}.keyring
+ ignore_errors: False
+
+- name: Generate Keystone SSL key
+ shell: keystone-manage pki_setup --keystone-user keystone --keystone-group keystone
+ ignore_errors: False
+
+- name: Create SSL key path in Ceph
+ file:
+ path: /etc/ceph/nss
+ mode: 0775
+ state: directory
+
+- name: Copy ca.pem
+ shell: cp /etc/keystone/ssl/certs/ca.pem /etc/ceph/nss/ca.pem
+ ignore_errors: False
+
+- name: Copy signing_cert.pem
+ shell: cp /etc/keystone/ssl/certs/signing_cert.pem /etc/ceph/nss/signing_cert.pem
+ ignore_errors: False
+
+- name: Install libnss3-tools
+ apt:
+ name: libnss3-tools
+ state: present
+
+- name: Synchronize Keystone SSL key with Ceph rgw step1
+ shell: openssl x509 -in /etc/ceph/nss/ca.pem -pubkey | certutil -d /etc/ceph/nss -A -n ca -t "TCu,Cu,Tuw"
+ ignore_errors: False
+
+- name: Synchronize Keystone SSL key with Ceph rgw step2
+ shell: openssl x509 -in /etc/ceph/nss/signing_cert.pem -pubkey | certutil -A -d /etc/ceph/nss -n signing_cert -t "P,P,P"
+ ignore_errors: False
+
+- name: Enable Ceph rgw service and running
+ service: name=radosgw.service enabled=yes state=started
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-29 08:31:59 +0000