From 2826c5fd70bf38ca226f81fa994fb4222f5163ef Mon Sep 17 00:00:00 2001 From: mkatari Date: Tue, 11 Nov 2025 14:20:03 +0530 Subject: [PATCH] Add Swift RGW configuration playbook for post-adoption setup This commit adds support for configuring Swift object storage to use Ceph RGW after adoption is complete. The configuration requires the adopted OpenShift environment to be running with Keystone services available. Changes: - Add configure_swift_rgw.yaml playbook with three phases: 1. Extract Swift password and Keystone endpoint from OpenShift 2. Configure Ceph RGW with Keystone integration settings 3. Configure Swift endpoints to use RGW backend - Add test-configure-object Makefile target to invoke the playbook - Playbook uses variables extracted at runtime from the live OpenShift environment (ceph_keystone_ep, ceph_keystone_swift_pwd, and ceph_rgw_virtual_ips_list) which are passed to the ceph_migrate role --- Makefile | 5 +++ tests/playbooks/configure_swift_rgw.yaml | 39 ++++++++++++++++++++++++ 2 files changed, 44 insertions(+) create mode 100644 tests/playbooks/configure_swift_rgw.yaml diff --git a/Makefile b/Makefile index fdaff6e59..406b61a59 100644 --- a/Makefile +++ b/Makefile @@ -95,6 +95,11 @@ test-with-ironic: ## Launch test suite with Ironic mkdir -p tests/logs ANSIBLE_CONFIG=$(TEST_CONFIG) ansible-playbook -v -i $(TEST_INVENTORY) -e @$(TEST_SECRETS) -e @$(TEST_VARS) $(TEST_ARGS) tests/playbooks/test_with_ironic.yaml 2>&1 | tee $(TEST_OUTFILE) +test-configure-object: TEST_OUTFILE ?= tests/logs/test_configure_object_out_$(shell date +%FT%T%Z).log +test-configure-object: ## Configure Swift object store to use Ceph RGW + mkdir -p tests/logs + ANSIBLE_CONFIG=$(TEST_CONFIG) ansible-playbook -v -i $(TEST_INVENTORY) -e @$(TEST_SECRETS) -e @$(TEST_VARS) $(TEST_ARGS) tests/playbooks/configure_swift_rgw.yaml 2>&1 | tee $(TEST_OUTFILE) + ##@ DOCS docs-dependencies: .bundle diff --git a/tests/playbooks/configure_swift_rgw.yaml b/tests/playbooks/configure_swift_rgw.yaml new file mode 100644 index 000000000..bc73e9acb --- /dev/null +++ b/tests/playbooks/configure_swift_rgw.yaml @@ -0,0 +1,39 @@ +--- +- name: Configure Swift to use Ceph RGW + hosts: localhost + gather_facts: true + vars: + shell_header: "set -euo pipefail" + rgw_service_name: "rgw.rgw" + tasks: + - name: Extract Swift password from OpenShift secret + ansible.builtin.shell: | + oc get secret osp-secret -o json | jq -r '.data.SwiftPassword' | base64 -d + register: swift_password_result + changed_when: false + failed_when: swift_password_result.stdout | length == 0 + + - name: Get keystone-internal service details + ansible.builtin.shell: "oc get svc keystone-internal -o json | jq -r '.status.loadBalancer.ingress[0].ip'" + register: keystone_svc_lb_ip + changed_when: false + failed_when: keystone_svc_lb_ip.stdout | length == 0 + + - name: Set variables for Ceph RGW configuration + ansible.builtin.set_fact: + ceph_keystone_ep: "{{ keystone_protocol | default('http') }}://{{ keystone_svc_lb_ip.stdout | ansible.utils.ipwrap }}:5000" + ceph_keystone_swift_pwd: "{{ swift_password_result.stdout }}" + + - name: Configure Ceph RGW Keystone settings + ansible.builtin.shell: | + sudo cephadm shell -- ceph config set global rgw_keystone_url {{ ceph_keystone_ep }} + sudo cephadm shell -- ceph config set global rgw_keystone_admin_password {{ ceph_keystone_swift_pwd }} + # refresh rgw after updating keystone rgw config + sudo cephadm shell -- ceph orch redeploy {{ rgw_service_name }} + delegate_to: "{{ groups['ceph'][0] }}" + changed_when: true + + - name: Configure swift endpoints to use rgw + ansible.builtin.import_role: + name: ceph_migrate + tasks_from: configure_object