scottk/openstack-helm
1
0
Fork 0
mirror of https://github.com/optim-enterprises-bv/openstack-helm.git synced 2026-01-06 15:01:28 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
b7fa4dce2a3c9ef538fb3072c2cb6129dbefcf52
openstack-helm/helm-toolkit/utils/secret-generator
History
Chris Wedgwood 192f02d100 [Ceph] Update default cluster network 
The current default network for ceph works for very few people by
default.  Update it to match what most people seem to be using.

Change-Id: Icd5f87189b067865721203065e8caf33772d56ba
2017-06-09 20:29:01 +00:00
..
templates/ceph
[Ceph] Update default cluster network
2017-06-09 20:29:01 +00:00
ceph-key.py
add license headers to helm-toolkit (#217)
2017-02-20 07:06:34 -08:00
generate_secrets.sh
add license headers to helm-toolkit (#217)
2017-02-20 07:06:34 -08:00
README.rst
Update remaining markdown docs to RST
2017-05-22 10:56:51 +02:00

README.rst 

Ceph Kubernetes Secret Generation
=================================

This script will generate ceph keyrings and configs as Kubernetes
secrets.

Sigil is required for template handling and must be installed in system
``PATH``. Instructions can be found`here
<https://github.com/gliderlabs/sigil>`__

The following functions are provided:

Generate raw FSID (can be used for other functions)
---------------------------------------------------

.. code:: bash

    ./generate_secrets.sh fsid

Generate raw ceph.conf (For verification)
-----------------------------------------

.. code:: bash

    ./generate_secrets.sh ceph-conf-raw <fsid> "overridekey=value"

Take a look at ``ceph/ceph.conf.tmpl`` for the default values

Generate encoded ceph.conf secret
---------------------------------

.. code:: bash

    ./generate_secrets.sh ceph-conf <fsid> "overridekey=value"

Generate encoded admin keyring secret
-------------------------------------

.. code:: bash

    ./generate_secrets.sh admin-keyring

Generate encoded mon keyring secret
-----------------------------------

.. code:: bash

    ./generate_secrets.sh mon-keyring

Generate a combined secret
--------------------------

Contains ceph.conf, admin keyring and mon keyring. Useful for generating
the ``/etc/ceph`` directory

.. code:: bash

    ./generate_secrets.sh combined-conf

Generate encoded boostrap keyring secret
----------------------------------------

.. code:: bash

    ./generate_secrets.sh bootstrap-keyring <osd|mds|rgw>

Kubernetes workflow
===================

.. code:: bash

    ./generator/generate_secrets.sh all `./generate_secrets.sh fsid`

    kubectl create secret generic ceph-conf-combined --from-file=ceph.conf --from-file=ceph.client.admin.keyring --from-file=ceph.mon.keyring --namespace=ceph
    kubectl create secret generic ceph-bootstrap-rgw-keyring --from-file=ceph.keyring=ceph.rgw.keyring --namespace=ceph
    kubectl create secret generic ceph-bootstrap-mds-keyring --from-file=ceph.keyring=ceph.mds.keyring --namespace=ceph
    kubectl create secret generic ceph-bootstrap-osd-keyring --from-file=ceph.keyring=ceph.osd.keyring --namespace=ceph
    kubectl create secret generic ceph-client-key --from-file=ceph-client-key --namespace=ceph
Reference in New Issue View Git Blame Copy Permalink