Port the parts of this upstream commit:
commit
91bf53ee932a6748c464bea762f8fb6f07f11347
Author: Sébastien Han <seb@redhat.com>
Date: Fri Mar 23 11:24:56 2018 +0800
ceph-iscsi: support for containerize deployment
that allows configuration of
API settings in roles/ceph-iscsi-gw/templates/iscsi-gateway.cfg.j2
using the iscsi-gws.yml.
This fixes Red Hat BZ:
https://bugzilla.redhat.com/show_bug.cgi?id=
1613963
Signed-off-by: Mike Christie <mchristi@redhat.com>
# You can override vars by using host or group vars
+###########
+# GENERAL #
+###########
# Specify the iqn for ALL gateways. This iqn is shared across the gateways, so an iscsi
# client sees the gateway group as a single storage subsystem.
#gateway_iqn: "iqn.2003-01.com.redhat.iscsi-gw:ceph-igw"
# - { pool: 'rbd', image: 'ansible4', size: '50G', host: 'ceph-1', state: 'present' }
#rbd_devices: {}
-
# client_connections defines the client ACL's to restrict client access to specific LUNs
# The settings are as follows;
# - image_list is a comma separated list of rbd images of the form <pool name>.<rbd_image_name>
#client_connections: {}
+
# Whether or not to generate secure certificate to iSCSI gateway nodes
#generate_crt: False
+
+##################
+# RBD-TARGET-API #
+##################
+# Optional settings related to the CLI/API service
+#api_user: admin
+#api_password: admin
+#api_port: 5001
+#api_secure: false
+#loop_delay: 1
+#trusted_ip_list: 192.168.122.1
+
---
# You can override vars by using host or group vars
+###########
+# GENERAL #
+###########
# Specify the iqn for ALL gateways. This iqn is shared across the gateways, so an iscsi
# client sees the gateway group as a single storage subsystem.
gateway_iqn: "iqn.2003-01.com.redhat.iscsi-gw:ceph-igw"
# - { pool: 'rbd', image: 'ansible4', size: '50G', host: 'ceph-1', state: 'present' }
rbd_devices: {}
-
# client_connections defines the client ACL's to restrict client access to specific LUNs
# The settings are as follows;
# - image_list is a comma separated list of rbd images of the form <pool name>.<rbd_image_name>
client_connections: {}
+
# Whether or not to generate secure certificate to iSCSI gateway nodes
generate_crt: False
+
+
+##################
+# RBD-TARGET-API #
+##################
+# Optional settings related to the CLI/API service
+api_user: admin
+api_password: admin
+api_port: 5001
+api_secure: false
+loop_delay: 1
+trusted_ip_list: 192.168.122.1
cluster_name = {{ cluster }}
gateway_keyring = {{ cluster }}.client.admin.keyring
+# API settings.
+# The API supports a number of options that allow you to tailor it to your
+# local environment. If you want to run the API under https, you will need to
+# create cert/key files that are compatible for each iSCSI gateway node, that is
+# not locked to a specific node. SSL cert and key files *must* be called
+# 'iscsi-gateway.crt' and 'iscsi-gateway.key' and placed in the '/etc/ceph/' directory
+# on *each* gateway node. With the SSL files in place, you can use 'api_secure = true'
+# to switch to https mode.
+
+# To support the API, the bear minimum settings are:
+api_secure = {{ api_secure }}
# Optional settings related to the CLI/API service
-#api_user = admin
-#api_password = admin
-#api_port = 5001
-#api_secure = true
-#loop_delay = .5
-#trusted_ip_list = 192.168.122.1
+api_user = {{ api_user }}
+api_password = {{ api_password }}
+api_port = {{ api_port }}
+loop_delay = {{ loop_delay }}
+trusted_ip_list = {{ trusted_ip_list }}
projects / ceph-ansible.git / commitdiff