Bug 1132647

Summary: [RFE] Puppet should generate client keyring for the Controller and Compute nodes
Product: Red Hat OpenStack Reporter: Neil Levine <nlevine>
Component: rubygem-staypuftAssignee: Scott Seago <sseago>
Status: CLOSED ERRATA QA Contact: nlevinki <nlevinki>
Severity: urgent Docs Contact:
Priority: urgent    
Version: 5.0 (RHEL 7)CC: aberezin, adeza, ajeain, mburns, nlevine, yeylon
Target Milestone: z1Keywords: FutureFeature, ZStream
Target Release: Installer   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: ruby193-rubygem-staypuft-0.3.4-2.el6ost Doc Type: Enhancement
Doc Text:
Story Points: ---
Clone Of:
: 1132649 (view as bug list) Environment:
Last Closed: 2014-10-02 12:56:31 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1132649    
Bug Blocks: 1132648, 1132650    

Description Neil Levine 2014-08-21 18:26:10 UTC 
A Ceph keyring containing client keys is needed for Cinder, Glance and Nova nodes. 

The keyring is created using the ceph-authtool program, included in the ceph-common packages.

Puppet should generate the client keyring and distribute it to all the OpenStack nodes that need it, placing it in the /etc/ceph directory.
Comment 41 nlevinki 2014-09-26 18:28:30 UTC 
[root@maca25400702875 ~]# cd /etc/ceph/
[root@maca25400702875 ceph]# ls -la
total 28
drwxr-xr-x.   2 root root  102 Sep 26 13:14 .
drwxr-xr-x. 103 root root 8192 Sep 26 13:22 ..
-rw-r--r--.   1 root root  182 Sep 26 13:09 ceph.client.images.keyring
-rw-r--r--.   1 root root  184 Sep 26 13:09 ceph.client.volumes.keyring
-rw-r--r--.   1 root root  432 Sep 26 13:09 ceph.conf
-rwxr-xr-x.   1 root root   92 Aug 25 10:51 rbdmap
[root@maca25400702875 ceph]#

verified it is also on the compute.
Comment 43 Scott Lewis 2014-10-02 12:56:31 UTC 
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. http://rhn.redhat.com/errata/RHBA-2014-1350.html