From 33f3e1d8caa57f2582d9a19edc446837165627f5 Mon Sep 17 00:00:00 2001
From: SamYaple <sam@yaple.net>
Date: Thu, 28 Jan 2016 17:47:30 +0000
Subject: [PATCH] Update ceph-mon keyrings

Since the fetch script fetched _all_ keyrings from the ceph-mon
container, the ceph-mon container must contain all keyrings. This
setup works AIO but was broken on multinode because the ceph-mon
container did not have the radosgw keyring. This issue affects every
multinode install regardless of using the radosgw or not.

TrivialFix

Change-Id: Ie416de1a5275862da6d77ef0dd174e85e499fc0f
---
 ansible/roles/ceph/tasks/distribute_keyrings.yml | 1 +
 ansible/roles/ceph/templates/ceph-mon.json.j2    | 7 +++++++
 2 files changed, 8 insertions(+)

diff --git a/ansible/roles/ceph/tasks/distribute_keyrings.yml b/ansible/roles/ceph/tasks/distribute_keyrings.yml
index 95658e455b..ea4952a42a 100644
--- a/ansible/roles/ceph/tasks/distribute_keyrings.yml
+++ b/ansible/roles/ceph/tasks/distribute_keyrings.yml
@@ -30,6 +30,7 @@
   with_items:
     - "{{ ceph_files['ceph.client.admin.keyring'] }}"
     - "{{ ceph_files['ceph.client.mon.keyring'] }}"
+    - "{{ ceph_files['ceph.client.radosgw.keyring'] }}"
     - "{{ ceph_files['ceph.monmap'] }}"
   when: inventory_hostname in groups['ceph-mon']
 
diff --git a/ansible/roles/ceph/templates/ceph-mon.json.j2 b/ansible/roles/ceph/templates/ceph-mon.json.j2
index c4de81b8a0..3ce4869e9e 100644
--- a/ansible/roles/ceph/templates/ceph-mon.json.j2
+++ b/ansible/roles/ceph/templates/ceph-mon.json.j2
@@ -21,6 +21,13 @@
             "perm": "0600",
             "optional": "True"
         },
+        {
+            "source": "{{ container_config_directory }}/ceph.client.radosgw.keyring",
+            "dest": "/etc/ceph/ceph.client.radosgw.keyring",
+            "owner": "ceph",
+            "perm": "0600",
+            "optional": "True"
+        },
         {
             "source": "{{ container_config_directory }}/ceph.monmap",
             "dest": "/etc/ceph/ceph.monmap",
-- 
GitLab