deploy-guide: cleanup rook (#788)

Signed-off-by: Christian Berendt <[email protected]>
osism · Feb 6, 2025 · 13e130f · 13e130f
1 parent 6b0cec5
commit 13e130f
Show file tree

Hide file tree

Showing 8 changed files with 149 additions and 293 deletions.
diff --git a/docs/guides/configuration-guide/rook.md b/docs/guides/configuration-guide/rook.md
@@ -20,7 +20,7 @@ The File System ID is a unique identifier for the cluster.
 ~The identifier is set via the parameter `fsid` in `environments/rook/configuration.yml`~
 ~and must be unique. It can be generated with `uuidgen`.~
 
-It is generated automatically by the [Rook Deployment](../deploy-guide/services/rook.md).
+It is generated automatically by the [Rook Deployment](../deploy-guide/services/ceph/rook.md).
 
 TODO: To evaluate if we want and can pass a `fsid`. This is no out-of-the-box Rook feature, though.
 

diff --git a/docs/guides/deploy-guide/rookify.md b/docs/guides/deploy-guide/rookify.md
diff --git a/docs/guides/deploy-guide/services/ceph.mdx → ...ides/deploy-guide/services/ceph/index.mdx b/docs/guides/deploy-guide/services/ceph.mdx → ...ides/deploy-guide/services/ceph/index.mdx
@@ -20,11 +20,13 @@ open source projects, please refer to
 [cephadm](https://docs.ceph.com/en/latest/cephadm/index.html) and
 [Rook](https://rook.io).
 
+## Deployment with Ansible
+
 :::warning
 
 Before starting the Ceph deployment, the configuration and preparation of the
 OSD devices must be completed. The steps that are required for this can be found in the
-[Ceph Configuration Guide](../../configuration-guide/ceph.md#osd-devices).
+[Ceph Configuration Guide](../../../configuration-guide/ceph.md#osd-devices).
 
 :::
 
@@ -131,7 +133,7 @@ OSD devices must be completed. The steps that are required for this can be found
    osism apply ceph-bootstrap-dashboard
    ```
 
-## RGW service
+### RGW service
 
 Deployment of the Ceph RGW Service is optional. How the Ceph RGW service can be deployed
 and integrated into OpenStack is described here.
@@ -145,7 +147,7 @@ Step 3 is then performed **later after** the OpenStack Keystone service has been
 
 :::
 
-1. [Configure the RGW service](./../../configuration-guide/ceph.md#rgw-service)
+1. [Configure the RGW service](../../../configuration-guide/ceph.md#rgw-service)
 
 2. Apply role `ceph-rgws` to deploy the Ceph RGW services.
 
@@ -174,7 +176,7 @@ Step 3 is then performed **later after** the OpenStack Keystone service has been
    osism apply horizon
    ```
 
-## Avoiding service restarts
+### Avoiding service restarts
 
 :::info
 Usable from OSISM 7.0.3 onwards.
@@ -202,7 +204,7 @@ ceph_handler_rbdmirrors_restart
 ceph_handler_rgws_restart
 ```
 
-## Throttling service restarts
+### Throttling service restarts
 
 :::info
 Usable from OSISM 7.0.3 onwards.

diff --git a/docs/guides/deploy-guide/services/ceph/rook.md b/docs/guides/deploy-guide/services/ceph/rook.md
@@ -0,0 +1,111 @@
+---
+sidebar_label: Deployment with Rook
+sidebar_position: 51
+---
+
+import Tabs from '@theme/Tabs';
+import TabItem from '@theme/TabItem';
+
+# Deployment with Rook
+
+:::warning
+
+The deployment of Ceph with Rook is a technical preview and not recommended for
+production use yet.
+
+:::
+
+1. Deploy services.
+
+   When using Rook, all services are deployed via a single helm chart and at the
+   same time. This could be altered by passing custom CRDs. See
+   the [Rook Configuration Guide](../../../configuration-guide/rook).
+
+   * Deploy [Kubernetes Cluster](../../../deploy-guide/services/kubernetes.md)
+
+   * Deploy [Rook Operator](https://rook.io/docs/rook/latest/Helm-Charts/operator-chart/)
+
+     ```
+     osism apply rook-operator
+     ```
+
+   * Deploy Ceph cluster
+
+     ```
+     osism apply rook
+     ```
+
+   * Copy Ceph keyrings to kolla directories (if deploying OpenStack)
+
+     ```
+     osism apply rook-fetch-keys
+     ```
+
+2. Get Ceph keyrings. This places the necessary keys in `/opt/configuration`.
+
+   ```
+   osism apply rook-fetch-keys
+   ```
+
+   After run, these keys must be permanently added to the configuration repository
+   via Git.
+
+   ```
+   environments/infrastructure/files/ceph/ceph.client.admin.keyring
+   environments/kolla/files/overlays/gnocchi/ceph.client.gnocchi.keyring
+   environments/kolla/files/overlays/nova/ceph.client.cinder.keyring
+   environments/kolla/files/overlays/nova/ceph.client.nova.keyring
+   environments/kolla/files/overlays/cinder/cinder-backup/ceph.client.cinder.keyring
+   environments/kolla/files/overlays/cinder/cinder-backup/ceph.client.cinder-backup.keyring
+   environments/kolla/files/overlays/cinder/cinder-volume/ceph.client.cinder.keyring
+   environments/kolla/files/overlays/manila/ceph.client.manila.keyring
+   environments/kolla/files/overlays/glance/ceph.client.glance.keyring
+   ```
+
+   You can also overwrite the `rook_cephclients` parameter to skip
+   these keys.
+
+   ```yaml title="environments/rook/configuration.yml"
+   rook_cephclients: {}
+   ```
+
+3. A Ceph client, a wrapper on the manager for entering the Rook toolbox, can be deployed.
+
+   ```
+   osism apply cephclient
+   ```
+
+   You have to make sure the correct [Configuration Options for the Rook Ceph Client Wrapper](../../../configuration-guide/rook.md#client) are net.
+
+4. After getting the Ceph Keyrings, the [OpenStack Deployment](../../../deploy-guide/services/openstack.md) can optionally be done.
+
+## RGW service
+
+Deployment of the Ceph RGW Service is enabled by default in Rook. This is done by creating a default [CephObjectStore CRD](https://rook.io/docs/rook/latest-release/CRDs/Object-Storage/ceph-object-store-crd/). How the Ceph RGW service can be deployed and integrated into OpenStack is described here.
+
+In the `environments/rook/configuration.yml` file you have to adapt accordingly to your environment at least like shown below:
+
+```yaml title="environments/rook/configuration.yml"
+rook_cephconfig:
+  client.rgw.rgw.a:
+    rgw_keystone_verify_ssl: "false"
+    rgw_verify_ssl: "false"
+## keystone
+rook_cephobjectstore_keystone_acceptedRoles:
+  - admin
+  - member
+rook_cephobjectstore_keystone_implicitTenants: "true"
+rook_cephobjectstore_keystone_url: "https://api-int.testbed.osism.xyz:5000"
+rook_cephobjectstore_swift_urlPrefix: "swift"
+## keystone user
+rook_cephobjectstore_keystone_auth_type: "password"
+rook_cephobjectstore_keystone_project_domain_name: "Default"
+rook_cephobjectstore_keystone_project_name: "service"
+rook_cephobjectstore_keystone_user_domain_name: "Default"
+rook_cephobjectstore_keystone_username: "ceph_rgw"
+````
+As well as in the `environments/rook/secrets.yml` file:
+
+```yaml title="environments/rook/secrets.yml"
+rook_cephobjectstore_keystone_passwor: supersecretpassword
+````