ceph-ansible/roles/mon/tasks/main.yml

43 lines
1.8 KiB
YAML
Raw Normal View History

---
## Deploy Ceph monitor(s)
#
- name: Create monitor initial keyring
command: ceph-authtool /var/lib/ceph/tmp/keyring.mon.{{ ansible_hostname }} --create-keyring --name=mon. --add-key={{ monitor_secret }} --cap mon 'allow *' creates=/var/lib/ceph/tmp/keyring.mon.{{ ansible_hostname }}
- name: Set initial monitor key permissions
file: path=/var/lib/ceph/tmp/keyring.mon.{{ ansible_hostname }} mode=0600 owner=root group=root
- name: Create monitor directory
file: path=/var/lib/ceph/mon/ceph-{{ ansible_hostname }} state=directory owner=root group=root mode=0644
- name: Ceph monitor mkfs
command: ceph-mon --mkfs -i {{ ansible_hostname }} --keyring /var/lib/ceph/tmp/keyring.mon.{{ ansible_hostname }} creates=/var/lib/ceph/mon/ceph-{{ ansible_hostname }}/keyring
- name: Start and add that the monitor service to the init sequence
service: name=ceph state=started enabled=yes args=mon
# Wait for mon discovery and quorum resolution
# the admin key is not instantanely created so we have to wait a bit
#
- name: If client.admin key exists
command: stat /etc/ceph/ceph.client.admin.keyring
register: result
until: result.rc == 0
changed_when: False
- name: Create RGW keyring
command: ceph auth get-or-create client.radosgw.gateway osd 'allow rwx' mon 'allow rw' -o /etc/ceph/keyring.radosgw.gateway creates=/etc/ceph/keyring.radosgw.gateway
when: cephx and radosgw
changed_when: False
- name: Copy keys to the ansible server
fetch: src={{ item }} dest=fetch/
when: ansible_fqdn == hostvars[groups['mons'][0]]['ansible_fqdn'] and cephx
with_items:
- /etc/ceph/ceph.client.admin.keyring # just in case another application needs it
- /var/lib/ceph/bootstrap-osd/ceph.keyring # this handles the non-colocation case
- /var/lib/ceph/bootstrap-mds/ceph.keyring
- /etc/ceph/keyring.radosgw.gateway