[feature] allow for option for custom user accounts to bind to custom service names
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| OpenStack Ceph-Proxy Charm |
Triaged
|
Wishlist
|
Unassigned | ||
Bug Description
Currently, the ceph-proxy charm acts very similar (if not identical) to the ceph-mon charm.
In that, when ceph-mon is deployed, and a service related to it, a user is client to match that service.
Example: if glance is bound to ceph-mon, a glance user is configured in ceph and on the glance client, /etc/ceph/
For ceph-proxy, we're attaching to an external ceph cluster, with external ceph administrators. If we want to connect to something, say, kubernetes-master, the current standardization of ceph-proxy requires that a ceph user be created called kubernetes-master, and then a different user for kubernetes-worker.
This is "forcing the hand" of the ceph administrators to follow our way of doing this. Ceph-proxy is not ceph-mon, and should be treated at least, somewhat, differently.
The proposal is to add a config option to ceph-proxy, so that for each ceph-user specified, we can specify the service to map that user to. Similar to how bridges map to interfaces with multiples on the same line for Neutron.
Example: "service-mappings: kubernetes-
| Changed in charm-ceph-proxy: | |
| status: | New → Triaged |
| importance: | Undecided → Wishlist |
