ceph: deploy keys & pools

* Configure Ceph to use 'cephx' authentification method.
* Manage Admin, Mon and Clients keys.
* Manage pools for Glance, Cinder and Nova, used for RBD backend.

Depends-On: Ied38afc03d68f7868b1d1320752a48989fa2d018
Change-Id: I23b1163faf3253daa74c57121cd8e5da4f04cff9

manifests/ceph.pp

@@ -1,16 +1,42 @@
 class openstack_integration::ceph {
 
-  class { '::ceph':
+  class { '::ceph::profile::params':
     fsid                      => '7200aea0-2ddd-4a32-aa2a-d49f66ab554c',
+    authentication_type       => 'cephx',
     mon_host                  => '127.0.0.1',
-    authentication_type       => 'none',
+    mon_initial_members       => $::hostname,
     osd_pool_default_size     => '1',
     osd_pool_default_min_size => '1',
+    mon_key                   => 'AQD7kyJQQGoOBhAAqrPAqSopSwPrrfMMomzVdw==',
+    client_keys               => {
+      'client.admin'         => {
+        'secret'  => 'AQD7kyJQQGoOBhAAqrPAqSopSwPrrfMMomzVdw==',
+        'mode'    => '0600',
+        'cap_mon' => 'allow *',
+        'cap_osd' => 'allow *',
+        'cap_mds' => 'allow *',
+      },
+      'client.bootstrap-osd' => {
+        'secret'       => 'AQD7kyJQQGoOBhAAqrPAqSopSwPrrfMMomzVdw==',
+        'keyring_path' => '/var/lib/ceph/bootstrap-osd/ceph.keyring',
+        'cap_mon'      => 'allow profile bootstrap-osd',
+      },
+      'client.openstack'     => {
+        'secret'  => 'AQD7kyJQQGoOBhAAqrPAqSopSwPrrfMMomzVdw==',
+        'mode'    => '0644',
+        'cap_mon' => 'allow r',
+        'cap_osd' => 'allow class-read object_prefix rbd_children, allow rwx pool=cinder, allow rwx pool=nova, allow rwx pool=glance',
+      },
+    },
+    osds                      => {
+      '/srv/data' => {},
+    },
   }
-  ceph::mon { 'mon1':
+
-    public_addr         => '127.0.0.1',
+  $ceph_pools = ['glance', 'nova', 'cinder']
-    authentication_type => 'none',
+  ceph::pool { $ceph_pools: }
-  }
+
-  ceph::osd { '/srv/data': }
+  class { '::ceph::profile::mon': }
+  class { '::ceph::profile::osd': }
 
 }