ceph-ansible/roles/ceph-mon/tasks/ceph_keys.yml

80 lines
3.1 KiB
YAML
Raw Normal View History

---
- name: waiting for the monitor(s) to form the quorum...
command: >
{{ docker_exec_cmd }}
ceph
--cluster {{ cluster }}
-n mon.
-k /var/lib/ceph/mon/{{ cluster }}-{{ ansible_hostname }}/keyring
mon_status
--format json
register: ceph_health_raw
run_once: true
until: >
(ceph_health_raw.stdout != "") and (ceph_health_raw.stdout | default('{}') | from_json)['state'] in ['leader', 'peon']
retries: "{{ handler_health_mon_check_retries }}"
delay: "{{ handler_health_mon_check_delay }}"
changed_when: false
- name: tasks for MONs when cephx is enabled
when:
- cephx
block:
- name: fetch ceph initial keys
ceph_key:
state: fetch_initial_keys
cluster: "{{ cluster }}"
owner: "{{ ceph_uid if containerized_deployment else 'ceph' }}"
group: "{{ ceph_uid if containerized_deployment else 'ceph' }}"
mode: "0400"
environment:
CEPH_CONTAINER_IMAGE: "{{ ceph_docker_registry + '/' + ceph_docker_image + ':' + ceph_docker_image_tag if containerized_deployment else None }}"
CEPH_CONTAINER_BINARY: "{{ container_binary }}"
CEPH_ROLLING_UPDATE: "{{ rolling_update }}"
- name: create ceph mgr keyring(s)
ceph_key:
name: "mgr.{{ hostvars[item]['ansible_hostname'] }}"
state: present
caps:
mon: allow profile mgr
osd: allow *
mds: allow *
cluster: "{{ cluster }}"
secret: "{{ (mgr_secret != 'mgr_secret') | ternary(mgr_secret, omit) }}"
owner: "{{ ceph_uid if containerized_deployment else 'ceph' }}"
group: "{{ ceph_uid if containerized_deployment else 'ceph' }}"
mode: "0400"
environment:
CEPH_CONTAINER_IMAGE: "{{ ceph_docker_registry + '/' + ceph_docker_image + ':' + ceph_docker_image_tag if containerized_deployment else None }}"
CEPH_CONTAINER_BINARY: "{{ container_binary }}"
with_items:
- "{{ groups.get(mon_group_name) if groups.get(mgr_group_name, []) | length == 0 else groups.get(mgr_group_name, []) }}"
run_once: True
delegate key creation to first mon Otherwise keys get scattered over the mons and the mgr key is not copied properly. With ansible_inventory: [mdss] mds-000 ansible_ssh_host=192.168.129.110 ansible_ssh_port=22 ansible_ssh_user='root' ansible_ssh_private_key_file='/root/.ssh/id_rsa' [clients] client-000 ansible_ssh_host=192.168.143.94 ansible_ssh_port=22 ansible_ssh_user='root' ansible_ssh_private_key_file='/root/.ssh/id_rsa' [mgrs] mgr-000 ansible_ssh_host=192.168.222.195 ansible_ssh_port=22 ansible_ssh_user='root' ansible_ssh_private_key_file='/root/.ssh/id_rsa' [mons] mon-000 ansible_ssh_host=192.168.139.173 ansible_ssh_port=22 ansible_ssh_user='root' ansible_ssh_private_key_file='/root/.ssh/id_rsa' monitor_address=192.168.139.173 mon-002 ansible_ssh_host=192.168.212.114 ansible_ssh_port=22 ansible_ssh_user='root' ansible_ssh_private_key_file='/root/.ssh/id_rsa' monitor_address=192.168.212.114 mon-001 ansible_ssh_host=192.168.167.177 ansible_ssh_port=22 ansible_ssh_user='root' ansible_ssh_private_key_file='/root/.ssh/id_rsa' monitor_address=192.168.167.177 [osds] osd-001 ansible_ssh_host=192.168.178.128 ansible_ssh_port=22 ansible_ssh_user='root' ansible_ssh_private_key_file='/root/.ssh/id_rsa' osd-000 ansible_ssh_host=192.168.138.233 ansible_ssh_port=22 ansible_ssh_user='root' ansible_ssh_private_key_file='/root/.ssh/id_rsa' osd-002 ansible_ssh_host=192.168.197.23 ansible_ssh_port=22 ansible_ssh_user='root' ansible_ssh_private_key_file='/root/.ssh/id_rsa' We get this failure: TASK [ceph-mon : include_tasks ceph_keys.yml] ********************************************************************************************************************************************************************** included: /root/ceph-ansible/roles/ceph-mon/tasks/ceph_keys.yml for mon-000, mon-002, mon-001 TASK [ceph-mon : waiting for the monitor(s) to form the quorum...] ************************************************************************************************************************************************* changed: [mon-000] => { "attempts": 1, "changed": true, "cmd": [ "ceph", "--cluster", "ceph", "-n", "mon.", "-k", "/var/lib/ceph/mon/ceph-li1166-30/keyring", "mon_status", "--format", "json" ], "delta": "0:00:01.897397", "end": "2019-02-14 17:08:09.340534", "rc": 0, "start": "2019-02-14 17:08:07.443137" } STDOUT: {"name":"li1166-30","rank":0,"state":"leader","election_epoch":4,"quorum":[0,1,2],"quorum_age":0,"features":{"required_con":"2449958747315912708","required_mon":["kraken","luminous","mimic","osdmap-prune","nautilus"],"quorum_con":"4611087854031667199","quorum_mon":["kraken","luminous","mimic","osdmap-prune","nautilus"]},"outside_quorum":[],"extra_probe_peers":[{"addrvec":[{"type":"v2","addr":"192.168.167.177:3300","nonce":0},{"type":"v1","addr":"192.168.167.177:6789","nonce":0}]},{"addrvec":[{"type":"v2","addr":"192.168.212.114:3300","nonce":0},{"type":"v1","addr":"192.168.212.114:6789","nonce":0}]}],"sync_provider":[],"monmap":{"epoch":1,"fsid":"bb401e2a-c524-428e-bba9-8977bc96f04b","modified":"2019-02-14 17:08:05.012133","created":"2019-02-14 17:08:05.012133","features":{"persistent":["kraken","luminous","mimic","osdmap-prune","nautilus"],"optional":[]},"mons":[{"rank":0,"name":"li1166-30","public_addrs":{"addrvec":[{"type":"v2","addr":"192.168.139.173:3300","nonce":0},{"type":"v1","addr":"192.168.139.173:6789","nonce":0}]},"addr":"192.168.139.173:6789/0","public_addr":"192.168.139.173:6789/0"},{"rank":1,"name":"li985-128","public_addrs":{"addrvec":[{"type":"v2","addr":"192.168.167.177:3300","nonce":0},{"type":"v1","addr":"192.168.167.177:6789","nonce":0}]},"addr":"192.168.167.177:6789/0","public_addr":"192.168.167.177:6789/0"},{"rank":2,"name":"li895-17","public_addrs":{"addrvec":[{"type":"v2","addr":"192.168.212.114:3300","nonce":0},{"type":"v1","addr":"192.168.212.114:6789","nonce":0}]},"addr":"192.168.212.114:6789/0","public_addr":"192.168.212.114:6789/0"}]},"feature_map":{"mon":[{"features":"0x3ffddff8ffacffff","release":"luminous","num":1}],"client":[{"features":"0x3ffddff8ffacffff","release":"luminous","num":1}]}} TASK [ceph-mon : fetch ceph initial keys] ************************************************************************************************************************************************************************** changed: [mon-001] => { "changed": true, "cmd": [ "ceph", "-n", "mon.", "-k", "/var/lib/ceph/mon/ceph-li985-128/keyring", "--cluster", "ceph", "auth", "get", "client.bootstrap-rgw", "-f", "plain", "-o", "/var/lib/ceph/bootstrap-rgw/ceph.keyring" ], "delta": "0:00:03.179584", "end": "2019-02-14 17:08:14.305348", "rc": 0, "start": "2019-02-14 17:08:11.125764" } STDERR: exported keyring for client.bootstrap-rgw changed: [mon-002] => { "changed": true, "cmd": [ "ceph", "-n", "mon.", "-k", "/var/lib/ceph/mon/ceph-li895-17/keyring", "--cluster", "ceph", "auth", "get", "client.bootstrap-rgw", "-f", "plain", "-o", "/var/lib/ceph/bootstrap-rgw/ceph.keyring" ], "delta": "0:00:03.706169", "end": "2019-02-14 17:08:14.041698", "rc": 0, "start": "2019-02-14 17:08:10.335529" } STDERR: exported keyring for client.bootstrap-rgw changed: [mon-000] => { "changed": true, "cmd": [ "ceph", "-n", "mon.", "-k", "/var/lib/ceph/mon/ceph-li1166-30/keyring", "--cluster", "ceph", "auth", "get", "client.bootstrap-rgw", "-f", "plain", "-o", "/var/lib/ceph/bootstrap-rgw/ceph.keyring" ], "delta": "0:00:03.916467", "end": "2019-02-14 17:08:13.803999", "rc": 0, "start": "2019-02-14 17:08:09.887532" } STDERR: exported keyring for client.bootstrap-rgw TASK [ceph-mon : create ceph mgr keyring(s)] *********************************************************************************************************************************************************************** skipping: [mon-000] => (item=mgr-000) => { "changed": false, "item": "mgr-000", "skip_reason": "Conditional result was False" } skipping: [mon-000] => (item=mon-000) => { "changed": false, "item": "mon-000", "skip_reason": "Conditional result was False" } skipping: [mon-000] => (item=mon-002) => { "changed": false, "item": "mon-002", "skip_reason": "Conditional result was False" } skipping: [mon-000] => (item=mon-001) => { "changed": false, "item": "mon-001", "skip_reason": "Conditional result was False" } skipping: [mon-002] => (item=mgr-000) => { "changed": false, "item": "mgr-000", "skip_reason": "Conditional result was False" } skipping: [mon-002] => (item=mon-000) => { "changed": false, "item": "mon-000", "skip_reason": "Conditional result was False" } skipping: [mon-002] => (item=mon-002) => { "changed": false, "item": "mon-002", "skip_reason": "Conditional result was False" } skipping: [mon-002] => (item=mon-001) => { "changed": false, "item": "mon-001", "skip_reason": "Conditional result was False" } changed: [mon-001] => (item=mgr-000) => { "changed": true, "cmd": [ "ceph", "-n", "client.admin", "-k", "/etc/ceph/ceph.client.admin.keyring", "--cluster", "ceph", "auth", "import", "-i", "/etc/ceph//ceph.mgr.li547-145.keyring" ], "delta": "0:00:05.822460", "end": "2019-02-14 17:08:21.422810", "item": "mgr-000", "rc": 0, "start": "2019-02-14 17:08:15.600350" } STDERR: imported keyring changed: [mon-001] => (item=mon-000) => { "changed": true, "cmd": [ "ceph", "-n", "client.admin", "-k", "/etc/ceph/ceph.client.admin.keyring", "--cluster", "ceph", "auth", "import", "-i", "/etc/ceph//ceph.mgr.li1166-30.keyring" ], "delta": "0:00:05.814039", "end": "2019-02-14 17:08:27.663745", "item": "mon-000", "rc": 0, "start": "2019-02-14 17:08:21.849706" } STDERR: imported keyring changed: [mon-001] => (item=mon-002) => { "changed": true, "cmd": [ "ceph", "-n", "client.admin", "-k", "/etc/ceph/ceph.client.admin.keyring", "--cluster", "ceph", "auth", "import", "-i", "/etc/ceph//ceph.mgr.li895-17.keyring" ], "delta": "0:00:05.787291", "end": "2019-02-14 17:08:33.921243", "item": "mon-002", "rc": 0, "start": "2019-02-14 17:08:28.133952" } STDERR: imported keyring changed: [mon-001] => (item=mon-001) => { "changed": true, "cmd": [ "ceph", "-n", "client.admin", "-k", "/etc/ceph/ceph.client.admin.keyring", "--cluster", "ceph", "auth", "import", "-i", "/etc/ceph//ceph.mgr.li985-128.keyring" ], "delta": "0:00:05.782064", "end": "2019-02-14 17:08:40.138706", "item": "mon-001", "rc": 0, "start": "2019-02-14 17:08:34.356642" } STDERR: imported keyring TASK [ceph-mon : copy ceph mgr key(s) to the ansible server] ******************************************************************************************************************************************************* skipping: [mon-000] => (item=mgr-000) => { "changed": false, "item": "mgr-000", "skip_reason": "Conditional result was False" } skipping: [mon-002] => (item=mgr-000) => { "changed": false, "item": "mgr-000", "skip_reason": "Conditional result was False" } changed: [mon-001] => (item=mgr-000) => { "changed": true, "checksum": "aa0fa40225c9e09d67fe7700ce9d033f91d46474", "dest": "/root/ceph-ansible/fetch/bb401e2a-c524-428e-bba9-8977bc96f04b/etc/ceph/ceph.mgr.li547-145.keyring", "item": "mgr-000", "md5sum": "cd884fb9ddc9b8b4e3cd1ad6a98fb531", "remote_checksum": "aa0fa40225c9e09d67fe7700ce9d033f91d46474", "remote_md5sum": null } TASK [ceph-mon : copy keys to the ansible server] ****************************************************************************************************************************************************************** skipping: [mon-000] => (item=/var/lib/ceph/bootstrap-osd/ceph.keyring) => { "changed": false, "item": "/var/lib/ceph/bootstrap-osd/ceph.keyring", "skip_reason": "Conditional result was False" } skipping: [mon-000] => (item=/var/lib/ceph/bootstrap-rgw/ceph.keyring) => { "changed": false, "item": "/var/lib/ceph/bootstrap-rgw/ceph.keyring", "skip_reason": "Conditional result was False" } skipping: [mon-000] => (item=/var/lib/ceph/bootstrap-mds/ceph.keyring) => { "changed": false, "item": "/var/lib/ceph/bootstrap-mds/ceph.keyring", "skip_reason": "Conditional result was False" } skipping: [mon-000] => (item=/var/lib/ceph/bootstrap-rbd/ceph.keyring) => { "changed": false, "item": "/var/lib/ceph/bootstrap-rbd/ceph.keyring", "skip_reason": "Conditional result was False" } skipping: [mon-000] => (item=/var/lib/ceph/bootstrap-rbd-mirror/ceph.keyring) => { "changed": false, "item": "/var/lib/ceph/bootstrap-rbd-mirror/ceph.keyring", "skip_reason": "Conditional result was False" } skipping: [mon-002] => (item=/var/lib/ceph/bootstrap-osd/ceph.keyring) => { "changed": false, "item": "/var/lib/ceph/bootstrap-osd/ceph.keyring", "skip_reason": "Conditional result was False" } skipping: [mon-000] => (item=/etc/ceph/ceph.client.admin.keyring) => { "changed": false, "item": "/etc/ceph/ceph.client.admin.keyring", "skip_reason": "Conditional result was False" } skipping: [mon-002] => (item=/var/lib/ceph/bootstrap-rgw/ceph.keyring) => { "changed": false, "item": "/var/lib/ceph/bootstrap-rgw/ceph.keyring", "skip_reason": "Conditional result was False" } skipping: [mon-002] => (item=/var/lib/ceph/bootstrap-mds/ceph.keyring) => { "changed": false, "item": "/var/lib/ceph/bootstrap-mds/ceph.keyring", "skip_reason": "Conditional result was False" } skipping: [mon-002] => (item=/var/lib/ceph/bootstrap-rbd/ceph.keyring) => { "changed": false, "item": "/var/lib/ceph/bootstrap-rbd/ceph.keyring", "skip_reason": "Conditional result was False" } skipping: [mon-002] => (item=/var/lib/ceph/bootstrap-rbd-mirror/ceph.keyring) => { "changed": false, "item": "/var/lib/ceph/bootstrap-rbd-mirror/ceph.keyring", "skip_reason": "Conditional result was False" } skipping: [mon-002] => (item=/etc/ceph/ceph.client.admin.keyring) => { "changed": false, "item": "/etc/ceph/ceph.client.admin.keyring", "skip_reason": "Conditional result was False" } changed: [mon-001] => (item=/var/lib/ceph/bootstrap-osd/ceph.keyring) => { "changed": true, "checksum": "095c7868a080b4c53494335d3a2223abbad12605", "dest": "/root/ceph-ansible/fetch/bb401e2a-c524-428e-bba9-8977bc96f04b/var/lib/ceph/bootstrap-osd/ceph.keyring", "item": "/var/lib/ceph/bootstrap-osd/ceph.keyring", "md5sum": "d8f4c4fa564aade81b844e3d92c7cac6", "remote_checksum": "095c7868a080b4c53494335d3a2223abbad12605", "remote_md5sum": null } changed: [mon-001] => (item=/var/lib/ceph/bootstrap-rgw/ceph.keyring) => { "changed": true, "checksum": "ce7a2d4441626f22e995b37d5131b9e768f18494", "dest": "/root/ceph-ansible/fetch/bb401e2a-c524-428e-bba9-8977bc96f04b/var/lib/ceph/bootstrap-rgw/ceph.keyring", "item": "/var/lib/ceph/bootstrap-rgw/ceph.keyring", "md5sum": "271e4f90c5853c74264b6b749650c3f2", "remote_checksum": "ce7a2d4441626f22e995b37d5131b9e768f18494", "remote_md5sum": null } changed: [mon-001] => (item=/var/lib/ceph/bootstrap-mds/ceph.keyring) => { "changed": true, "checksum": "e35e8613076382dd3c9d89b5bc2090e37871aab7", "dest": "/root/ceph-ansible/fetch/bb401e2a-c524-428e-bba9-8977bc96f04b/var/lib/ceph/bootstrap-mds/ceph.keyring", "item": "/var/lib/ceph/bootstrap-mds/ceph.keyring", "md5sum": "ed7c32277914c8e34ad5c532d8293dd2", "remote_checksum": "e35e8613076382dd3c9d89b5bc2090e37871aab7", "remote_md5sum": null } changed: [mon-001] => (item=/var/lib/ceph/bootstrap-rbd/ceph.keyring) => { "changed": true, "checksum": "ac43101ad249f6b6bb07ceb3287a3693aeae7f6c", "dest": "/root/ceph-ansible/fetch/bb401e2a-c524-428e-bba9-8977bc96f04b/var/lib/ceph/bootstrap-rbd/ceph.keyring", "item": "/var/lib/ceph/bootstrap-rbd/ceph.keyring", "md5sum": "1460e3c9532b0b7b3a5cb329d77342cd", "remote_checksum": "ac43101ad249f6b6bb07ceb3287a3693aeae7f6c", "remote_md5sum": null } changed: [mon-001] => (item=/var/lib/ceph/bootstrap-rbd-mirror/ceph.keyring) => { "changed": true, "checksum": "01d74751810f5da621937b10c83d47fc7f1865c5", "dest": "/root/ceph-ansible/fetch/bb401e2a-c524-428e-bba9-8977bc96f04b/var/lib/ceph/bootstrap-rbd-mirror/ceph.keyring", "item": "/var/lib/ceph/bootstrap-rbd-mirror/ceph.keyring", "md5sum": "979987f10fd7da5cff67e665f54bfe4d", "remote_checksum": "01d74751810f5da621937b10c83d47fc7f1865c5", "remote_md5sum": null } changed: [mon-001] => (item=/etc/ceph/ceph.client.admin.keyring) => { "changed": true, "checksum": "482f702cf861b41021d76de655ecf996fe9a4a4a", "dest": "/root/ceph-ansible/fetch/bb401e2a-c524-428e-bba9-8977bc96f04b/etc/ceph/ceph.client.admin.keyring", "item": "/etc/ceph/ceph.client.admin.keyring", "md5sum": "7581c187044fd4e0f7a5440244a6b306", "remote_checksum": "482f702cf861b41021d76de655ecf996fe9a4a4a", "remote_md5sum": null } TASK [ceph-mon : include secure_cluster.yml] *********************************************************************************************************************************************************************** skipping: [mon-000] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [ceph-mon : crush_rules.yml] ********************************************************************************************************************************************************************************** skipping: [mon-000] => { "changed": false, "skip_reason": "Conditional result was False" } skipping: [mon-002] => { "changed": false, "skip_reason": "Conditional result was False" } skipping: [mon-001] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [ceph-mgr : set_fact docker_exec_cmd] ************************************************************************************************************************************************************************* skipping: [mon-000] => { "changed": false, "skip_reason": "Conditional result was False" } skipping: [mon-002] => { "changed": false, "skip_reason": "Conditional result was False" } skipping: [mon-001] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [ceph-mgr : include common.yml] ******************************************************************************************************************************************************************************* included: /root/ceph-ansible/roles/ceph-mgr/tasks/common.yml for mon-000, mon-002, mon-001 TASK [ceph-mgr : create mgr directory] ***************************************************************************************************************************************************************************** changed: [mon-000] => { "changed": true, "gid": 167, "group": "ceph", "mode": "0755", "owner": "ceph", "path": "/var/lib/ceph/mgr/ceph-li1166-30", "secontext": "unconfined_u:object_r:ceph_var_lib_t:s0", "size": 4096, "state": "directory", "uid": 167 } changed: [mon-002] => { "changed": true, "gid": 167, "group": "ceph", "mode": "0755", "owner": "ceph", "path": "/var/lib/ceph/mgr/ceph-li895-17", "secontext": "unconfined_u:object_r:ceph_var_lib_t:s0", "size": 4096, "state": "directory", "uid": 167 } changed: [mon-001] => { "changed": true, "gid": 167, "group": "ceph", "mode": "0755", "owner": "ceph", "path": "/var/lib/ceph/mgr/ceph-li985-128", "secontext": "unconfined_u:object_r:ceph_var_lib_t:s0", "size": 4096, "state": "directory", "uid": 167 } TASK [ceph-mgr : fetch ceph mgr keyring] *************************************************************************************************************************************************************************** skipping: [mon-000] => { "changed": false, "skip_reason": "Conditional result was False" } skipping: [mon-002] => { "changed": false, "skip_reason": "Conditional result was False" } skipping: [mon-001] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [ceph-mgr : copy ceph keyring(s) if needed] ******************************************************************************************************************************************************************* An exception occurred during task execution. To see the full traceback, use -vvv. The error was: If you are using a module and expect the file to exist on the remote, see the remote_src option failed: [mon-002] (item={'name': '/etc/ceph/ceph.mgr.li895-17.keyring', 'dest': '/var/lib/ceph/mgr/ceph-li895-17/keyring', 'copy_key': True}) => { "changed": false, "item": { "copy_key": true, "dest": "/var/lib/ceph/mgr/ceph-li895-17/keyring", "name": "/etc/ceph/ceph.mgr.li895-17.keyring" } } MSG: Could not find or access 'fetch//bb401e2a-c524-428e-bba9-8977bc96f04b//etc/ceph/ceph.mgr.li895-17.keyring' Searched in: /root/ceph-ansible/roles/ceph-mgr/files/fetch//bb401e2a-c524-428e-bba9-8977bc96f04b//etc/ceph/ceph.mgr.li895-17.keyring /root/ceph-ansible/roles/ceph-mgr/fetch//bb401e2a-c524-428e-bba9-8977bc96f04b//etc/ceph/ceph.mgr.li895-17.keyring /root/ceph-ansible/roles/ceph-mgr/tasks/files/fetch//bb401e2a-c524-428e-bba9-8977bc96f04b//etc/ceph/ceph.mgr.li895-17.keyring /root/ceph-ansible/roles/ceph-mgr/tasks/fetch//bb401e2a-c524-428e-bba9-8977bc96f04b//etc/ceph/ceph.mgr.li895-17.keyring /root/ceph-ansible/files/fetch//bb401e2a-c524-428e-bba9-8977bc96f04b//etc/ceph/ceph.mgr.li895-17.keyring /root/ceph-ansible/fetch//bb401e2a-c524-428e-bba9-8977bc96f04b//etc/ceph/ceph.mgr.li895-17.keyring on the Ansible Controller. If you are using a module and expect the file to exist on the remote, see the remote_src option skipping: [mon-002] => (item={'name': '/etc/ceph/ceph.client.admin.keyring', 'dest': '/etc/ceph/ceph.client.admin.keyring', 'copy_key': False}) => { "changed": false, "item": { "copy_key": false, "dest": "/etc/ceph/ceph.client.admin.keyring", "name": "/etc/ceph/ceph.client.admin.keyring" }, "skip_reason": "Conditional result was False" } An exception occurred during task execution. To see the full traceback, use -vvv. The error was: If you are using a module and expect the file to exist on the remote, see the remote_src option failed: [mon-001] (item={'name': '/etc/ceph/ceph.mgr.li985-128.keyring', 'dest': '/var/lib/ceph/mgr/ceph-li985-128/keyring', 'copy_key': True}) => { "changed": false, "item": { "copy_key": true, "dest": "/var/lib/ceph/mgr/ceph-li985-128/keyring", "name": "/etc/ceph/ceph.mgr.li985-128.keyring" } } MSG: Could not find or access 'fetch//bb401e2a-c524-428e-bba9-8977bc96f04b//etc/ceph/ceph.mgr.li985-128.keyring' Searched in: /root/ceph-ansible/roles/ceph-mgr/files/fetch//bb401e2a-c524-428e-bba9-8977bc96f04b//etc/ceph/ceph.mgr.li985-128.keyring /root/ceph-ansible/roles/ceph-mgr/fetch//bb401e2a-c524-428e-bba9-8977bc96f04b//etc/ceph/ceph.mgr.li985-128.keyring /root/ceph-ansible/roles/ceph-mgr/tasks/files/fetch//bb401e2a-c524-428e-bba9-8977bc96f04b//etc/ceph/ceph.mgr.li985-128.keyring /root/ceph-ansible/roles/ceph-mgr/tasks/fetch//bb401e2a-c524-428e-bba9-8977bc96f04b//etc/ceph/ceph.mgr.li985-128.keyring /root/ceph-ansible/files/fetch//bb401e2a-c524-428e-bba9-8977bc96f04b//etc/ceph/ceph.mgr.li985-128.keyring /root/ceph-ansible/fetch//bb401e2a-c524-428e-bba9-8977bc96f04b//etc/ceph/ceph.mgr.li985-128.keyring on the Ansible Controller. If you are using a module and expect the file to exist on the remote, see the remote_src option skipping: [mon-001] => (item={'name': '/etc/ceph/ceph.client.admin.keyring', 'dest': '/etc/ceph/ceph.client.admin.keyring', 'copy_key': False}) => { "changed": false, "item": { "copy_key": false, "dest": "/etc/ceph/ceph.client.admin.keyring", "name": "/etc/ceph/ceph.client.admin.keyring" }, "skip_reason": "Conditional result was False" } An exception occurred during task execution. To see the full traceback, use -vvv. The error was: If you are using a module and expect the file to exist on the remote, see the remote_src option failed: [mon-000] (item={'name': '/etc/ceph/ceph.mgr.li1166-30.keyring', 'dest': '/var/lib/ceph/mgr/ceph-li1166-30/keyring', 'copy_key': True}) => { "changed": false, "item": { "copy_key": true, "dest": "/var/lib/ceph/mgr/ceph-li1166-30/keyring", "name": "/etc/ceph/ceph.mgr.li1166-30.keyring" } } MSG: Could not find or access 'fetch//bb401e2a-c524-428e-bba9-8977bc96f04b//etc/ceph/ceph.mgr.li1166-30.keyring' Searched in: /root/ceph-ansible/roles/ceph-mgr/files/fetch//bb401e2a-c524-428e-bba9-8977bc96f04b//etc/ceph/ceph.mgr.li1166-30.keyring /root/ceph-ansible/roles/ceph-mgr/fetch//bb401e2a-c524-428e-bba9-8977bc96f04b//etc/ceph/ceph.mgr.li1166-30.keyring /root/ceph-ansible/roles/ceph-mgr/tasks/files/fetch//bb401e2a-c524-428e-bba9-8977bc96f04b//etc/ceph/ceph.mgr.li1166-30.keyring /root/ceph-ansible/roles/ceph-mgr/tasks/fetch//bb401e2a-c524-428e-bba9-8977bc96f04b//etc/ceph/ceph.mgr.li1166-30.keyring /root/ceph-ansible/files/fetch//bb401e2a-c524-428e-bba9-8977bc96f04b//etc/ceph/ceph.mgr.li1166-30.keyring /root/ceph-ansible/fetch//bb401e2a-c524-428e-bba9-8977bc96f04b//etc/ceph/ceph.mgr.li1166-30.keyring on the Ansible Controller. If you are using a module and expect the file to exist on the remote, see the remote_src option skipping: [mon-000] => (item={'name': '/etc/ceph/ceph.client.admin.keyring', 'dest': '/etc/ceph/ceph.client.admin.keyring', 'copy_key': False}) => { "changed": false, "item": { "copy_key": false, "dest": "/etc/ceph/ceph.client.admin.keyring", "name": "/etc/ceph/ceph.client.admin.keyring" }, "skip_reason": "Conditional result was False" } NO MORE HOSTS LEFT ************************************************************************************************************************************************************************************************* to retry, use: --limit @/root/ceph-linode/linode.retry PLAY RECAP ********************************************************************************************************************************************************************************************************* client-000 : ok=30 changed=2 unreachable=0 failed=0 mds-000 : ok=32 changed=4 unreachable=0 failed=0 mgr-000 : ok=32 changed=4 unreachable=0 failed=0 mon-000 : ok=89 changed=21 unreachable=0 failed=1 mon-001 : ok=84 changed=20 unreachable=0 failed=1 mon-002 : ok=81 changed=17 unreachable=0 failed=1 osd-000 : ok=32 changed=4 unreachable=0 failed=0 osd-001 : ok=32 changed=4 unreachable=0 failed=0 osd-002 : ok=32 changed=4 unreachable=0 failed=0 Also, create all keys on the first mon and copy those to the other mons to be consistent. Signed-off-by: Patrick Donnelly <pdonnell@redhat.com>
2019-01-27 06:55:37 +08:00
delegate_to: "{{ groups[mon_group_name][0] }}"
- name: copy ceph mgr key(s) to the ansible server
fetch:
src: "{{ ceph_conf_key_directory }}/{{ cluster }}.mgr.{{ hostvars[item]['ansible_hostname'] }}.keyring"
dest: "{{ fetch_directory }}/{{ fsid }}/{{ ceph_conf_key_directory }}/{{ cluster }}.mgr.{{ hostvars[item]['ansible_hostname'] }}.keyring"
flat: yes
with_items:
- "{{ groups.get(mon_group_name) if groups.get(mgr_group_name, []) | length == 0 else groups.get(mgr_group_name, []) }}"
delegate key creation to first mon Otherwise keys get scattered over the mons and the mgr key is not copied properly. With ansible_inventory: [mdss] mds-000 ansible_ssh_host=192.168.129.110 ansible_ssh_port=22 ansible_ssh_user='root' ansible_ssh_private_key_file='/root/.ssh/id_rsa' [clients] client-000 ansible_ssh_host=192.168.143.94 ansible_ssh_port=22 ansible_ssh_user='root' ansible_ssh_private_key_file='/root/.ssh/id_rsa' [mgrs] mgr-000 ansible_ssh_host=192.168.222.195 ansible_ssh_port=22 ansible_ssh_user='root' ansible_ssh_private_key_file='/root/.ssh/id_rsa' [mons] mon-000 ansible_ssh_host=192.168.139.173 ansible_ssh_port=22 ansible_ssh_user='root' ansible_ssh_private_key_file='/root/.ssh/id_rsa' monitor_address=192.168.139.173 mon-002 ansible_ssh_host=192.168.212.114 ansible_ssh_port=22 ansible_ssh_user='root' ansible_ssh_private_key_file='/root/.ssh/id_rsa' monitor_address=192.168.212.114 mon-001 ansible_ssh_host=192.168.167.177 ansible_ssh_port=22 ansible_ssh_user='root' ansible_ssh_private_key_file='/root/.ssh/id_rsa' monitor_address=192.168.167.177 [osds] osd-001 ansible_ssh_host=192.168.178.128 ansible_ssh_port=22 ansible_ssh_user='root' ansible_ssh_private_key_file='/root/.ssh/id_rsa' osd-000 ansible_ssh_host=192.168.138.233 ansible_ssh_port=22 ansible_ssh_user='root' ansible_ssh_private_key_file='/root/.ssh/id_rsa' osd-002 ansible_ssh_host=192.168.197.23 ansible_ssh_port=22 ansible_ssh_user='root' ansible_ssh_private_key_file='/root/.ssh/id_rsa' We get this failure: TASK [ceph-mon : include_tasks ceph_keys.yml] ********************************************************************************************************************************************************************** included: /root/ceph-ansible/roles/ceph-mon/tasks/ceph_keys.yml for mon-000, mon-002, mon-001 TASK [ceph-mon : waiting for the monitor(s) to form the quorum...] ************************************************************************************************************************************************* changed: [mon-000] => { "attempts": 1, "changed": true, "cmd": [ "ceph", "--cluster", "ceph", "-n", "mon.", "-k", "/var/lib/ceph/mon/ceph-li1166-30/keyring", "mon_status", "--format", "json" ], "delta": "0:00:01.897397", "end": "2019-02-14 17:08:09.340534", "rc": 0, "start": "2019-02-14 17:08:07.443137" } STDOUT: {"name":"li1166-30","rank":0,"state":"leader","election_epoch":4,"quorum":[0,1,2],"quorum_age":0,"features":{"required_con":"2449958747315912708","required_mon":["kraken","luminous","mimic","osdmap-prune","nautilus"],"quorum_con":"4611087854031667199","quorum_mon":["kraken","luminous","mimic","osdmap-prune","nautilus"]},"outside_quorum":[],"extra_probe_peers":[{"addrvec":[{"type":"v2","addr":"192.168.167.177:3300","nonce":0},{"type":"v1","addr":"192.168.167.177:6789","nonce":0}]},{"addrvec":[{"type":"v2","addr":"192.168.212.114:3300","nonce":0},{"type":"v1","addr":"192.168.212.114:6789","nonce":0}]}],"sync_provider":[],"monmap":{"epoch":1,"fsid":"bb401e2a-c524-428e-bba9-8977bc96f04b","modified":"2019-02-14 17:08:05.012133","created":"2019-02-14 17:08:05.012133","features":{"persistent":["kraken","luminous","mimic","osdmap-prune","nautilus"],"optional":[]},"mons":[{"rank":0,"name":"li1166-30","public_addrs":{"addrvec":[{"type":"v2","addr":"192.168.139.173:3300","nonce":0},{"type":"v1","addr":"192.168.139.173:6789","nonce":0}]},"addr":"192.168.139.173:6789/0","public_addr":"192.168.139.173:6789/0"},{"rank":1,"name":"li985-128","public_addrs":{"addrvec":[{"type":"v2","addr":"192.168.167.177:3300","nonce":0},{"type":"v1","addr":"192.168.167.177:6789","nonce":0}]},"addr":"192.168.167.177:6789/0","public_addr":"192.168.167.177:6789/0"},{"rank":2,"name":"li895-17","public_addrs":{"addrvec":[{"type":"v2","addr":"192.168.212.114:3300","nonce":0},{"type":"v1","addr":"192.168.212.114:6789","nonce":0}]},"addr":"192.168.212.114:6789/0","public_addr":"192.168.212.114:6789/0"}]},"feature_map":{"mon":[{"features":"0x3ffddff8ffacffff","release":"luminous","num":1}],"client":[{"features":"0x3ffddff8ffacffff","release":"luminous","num":1}]}} TASK [ceph-mon : fetch ceph initial keys] ************************************************************************************************************************************************************************** changed: [mon-001] => { "changed": true, "cmd": [ "ceph", "-n", "mon.", "-k", "/var/lib/ceph/mon/ceph-li985-128/keyring", "--cluster", "ceph", "auth", "get", "client.bootstrap-rgw", "-f", "plain", "-o", "/var/lib/ceph/bootstrap-rgw/ceph.keyring" ], "delta": "0:00:03.179584", "end": "2019-02-14 17:08:14.305348", "rc": 0, "start": "2019-02-14 17:08:11.125764" } STDERR: exported keyring for client.bootstrap-rgw changed: [mon-002] => { "changed": true, "cmd": [ "ceph", "-n", "mon.", "-k", "/var/lib/ceph/mon/ceph-li895-17/keyring", "--cluster", "ceph", "auth", "get", "client.bootstrap-rgw", "-f", "plain", "-o", "/var/lib/ceph/bootstrap-rgw/ceph.keyring" ], "delta": "0:00:03.706169", "end": "2019-02-14 17:08:14.041698", "rc": 0, "start": "2019-02-14 17:08:10.335529" } STDERR: exported keyring for client.bootstrap-rgw changed: [mon-000] => { "changed": true, "cmd": [ "ceph", "-n", "mon.", "-k", "/var/lib/ceph/mon/ceph-li1166-30/keyring", "--cluster", "ceph", "auth", "get", "client.bootstrap-rgw", "-f", "plain", "-o", "/var/lib/ceph/bootstrap-rgw/ceph.keyring" ], "delta": "0:00:03.916467", "end": "2019-02-14 17:08:13.803999", "rc": 0, "start": "2019-02-14 17:08:09.887532" } STDERR: exported keyring for client.bootstrap-rgw TASK [ceph-mon : create ceph mgr keyring(s)] *********************************************************************************************************************************************************************** skipping: [mon-000] => (item=mgr-000) => { "changed": false, "item": "mgr-000", "skip_reason": "Conditional result was False" } skipping: [mon-000] => (item=mon-000) => { "changed": false, "item": "mon-000", "skip_reason": "Conditional result was False" } skipping: [mon-000] => (item=mon-002) => { "changed": false, "item": "mon-002", "skip_reason": "Conditional result was False" } skipping: [mon-000] => (item=mon-001) => { "changed": false, "item": "mon-001", "skip_reason": "Conditional result was False" } skipping: [mon-002] => (item=mgr-000) => { "changed": false, "item": "mgr-000", "skip_reason": "Conditional result was False" } skipping: [mon-002] => (item=mon-000) => { "changed": false, "item": "mon-000", "skip_reason": "Conditional result was False" } skipping: [mon-002] => (item=mon-002) => { "changed": false, "item": "mon-002", "skip_reason": "Conditional result was False" } skipping: [mon-002] => (item=mon-001) => { "changed": false, "item": "mon-001", "skip_reason": "Conditional result was False" } changed: [mon-001] => (item=mgr-000) => { "changed": true, "cmd": [ "ceph", "-n", "client.admin", "-k", "/etc/ceph/ceph.client.admin.keyring", "--cluster", "ceph", "auth", "import", "-i", "/etc/ceph//ceph.mgr.li547-145.keyring" ], "delta": "0:00:05.822460", "end": "2019-02-14 17:08:21.422810", "item": "mgr-000", "rc": 0, "start": "2019-02-14 17:08:15.600350" } STDERR: imported keyring changed: [mon-001] => (item=mon-000) => { "changed": true, "cmd": [ "ceph", "-n", "client.admin", "-k", "/etc/ceph/ceph.client.admin.keyring", "--cluster", "ceph", "auth", "import", "-i", "/etc/ceph//ceph.mgr.li1166-30.keyring" ], "delta": "0:00:05.814039", "end": "2019-02-14 17:08:27.663745", "item": "mon-000", "rc": 0, "start": "2019-02-14 17:08:21.849706" } STDERR: imported keyring changed: [mon-001] => (item=mon-002) => { "changed": true, "cmd": [ "ceph", "-n", "client.admin", "-k", "/etc/ceph/ceph.client.admin.keyring", "--cluster", "ceph", "auth", "import", "-i", "/etc/ceph//ceph.mgr.li895-17.keyring" ], "delta": "0:00:05.787291", "end": "2019-02-14 17:08:33.921243", "item": "mon-002", "rc": 0, "start": "2019-02-14 17:08:28.133952" } STDERR: imported keyring changed: [mon-001] => (item=mon-001) => { "changed": true, "cmd": [ "ceph", "-n", "client.admin", "-k", "/etc/ceph/ceph.client.admin.keyring", "--cluster", "ceph", "auth", "import", "-i", "/etc/ceph//ceph.mgr.li985-128.keyring" ], "delta": "0:00:05.782064", "end": "2019-02-14 17:08:40.138706", "item": "mon-001", "rc": 0, "start": "2019-02-14 17:08:34.356642" } STDERR: imported keyring TASK [ceph-mon : copy ceph mgr key(s) to the ansible server] ******************************************************************************************************************************************************* skipping: [mon-000] => (item=mgr-000) => { "changed": false, "item": "mgr-000", "skip_reason": "Conditional result was False" } skipping: [mon-002] => (item=mgr-000) => { "changed": false, "item": "mgr-000", "skip_reason": "Conditional result was False" } changed: [mon-001] => (item=mgr-000) => { "changed": true, "checksum": "aa0fa40225c9e09d67fe7700ce9d033f91d46474", "dest": "/root/ceph-ansible/fetch/bb401e2a-c524-428e-bba9-8977bc96f04b/etc/ceph/ceph.mgr.li547-145.keyring", "item": "mgr-000", "md5sum": "cd884fb9ddc9b8b4e3cd1ad6a98fb531", "remote_checksum": "aa0fa40225c9e09d67fe7700ce9d033f91d46474", "remote_md5sum": null } TASK [ceph-mon : copy keys to the ansible server] ****************************************************************************************************************************************************************** skipping: [mon-000] => (item=/var/lib/ceph/bootstrap-osd/ceph.keyring) => { "changed": false, "item": "/var/lib/ceph/bootstrap-osd/ceph.keyring", "skip_reason": "Conditional result was False" } skipping: [mon-000] => (item=/var/lib/ceph/bootstrap-rgw/ceph.keyring) => { "changed": false, "item": "/var/lib/ceph/bootstrap-rgw/ceph.keyring", "skip_reason": "Conditional result was False" } skipping: [mon-000] => (item=/var/lib/ceph/bootstrap-mds/ceph.keyring) => { "changed": false, "item": "/var/lib/ceph/bootstrap-mds/ceph.keyring", "skip_reason": "Conditional result was False" } skipping: [mon-000] => (item=/var/lib/ceph/bootstrap-rbd/ceph.keyring) => { "changed": false, "item": "/var/lib/ceph/bootstrap-rbd/ceph.keyring", "skip_reason": "Conditional result was False" } skipping: [mon-000] => (item=/var/lib/ceph/bootstrap-rbd-mirror/ceph.keyring) => { "changed": false, "item": "/var/lib/ceph/bootstrap-rbd-mirror/ceph.keyring", "skip_reason": "Conditional result was False" } skipping: [mon-002] => (item=/var/lib/ceph/bootstrap-osd/ceph.keyring) => { "changed": false, "item": "/var/lib/ceph/bootstrap-osd/ceph.keyring", "skip_reason": "Conditional result was False" } skipping: [mon-000] => (item=/etc/ceph/ceph.client.admin.keyring) => { "changed": false, "item": "/etc/ceph/ceph.client.admin.keyring", "skip_reason": "Conditional result was False" } skipping: [mon-002] => (item=/var/lib/ceph/bootstrap-rgw/ceph.keyring) => { "changed": false, "item": "/var/lib/ceph/bootstrap-rgw/ceph.keyring", "skip_reason": "Conditional result was False" } skipping: [mon-002] => (item=/var/lib/ceph/bootstrap-mds/ceph.keyring) => { "changed": false, "item": "/var/lib/ceph/bootstrap-mds/ceph.keyring", "skip_reason": "Conditional result was False" } skipping: [mon-002] => (item=/var/lib/ceph/bootstrap-rbd/ceph.keyring) => { "changed": false, "item": "/var/lib/ceph/bootstrap-rbd/ceph.keyring", "skip_reason": "Conditional result was False" } skipping: [mon-002] => (item=/var/lib/ceph/bootstrap-rbd-mirror/ceph.keyring) => { "changed": false, "item": "/var/lib/ceph/bootstrap-rbd-mirror/ceph.keyring", "skip_reason": "Conditional result was False" } skipping: [mon-002] => (item=/etc/ceph/ceph.client.admin.keyring) => { "changed": false, "item": "/etc/ceph/ceph.client.admin.keyring", "skip_reason": "Conditional result was False" } changed: [mon-001] => (item=/var/lib/ceph/bootstrap-osd/ceph.keyring) => { "changed": true, "checksum": "095c7868a080b4c53494335d3a2223abbad12605", "dest": "/root/ceph-ansible/fetch/bb401e2a-c524-428e-bba9-8977bc96f04b/var/lib/ceph/bootstrap-osd/ceph.keyring", "item": "/var/lib/ceph/bootstrap-osd/ceph.keyring", "md5sum": "d8f4c4fa564aade81b844e3d92c7cac6", "remote_checksum": "095c7868a080b4c53494335d3a2223abbad12605", "remote_md5sum": null } changed: [mon-001] => (item=/var/lib/ceph/bootstrap-rgw/ceph.keyring) => { "changed": true, "checksum": "ce7a2d4441626f22e995b37d5131b9e768f18494", "dest": "/root/ceph-ansible/fetch/bb401e2a-c524-428e-bba9-8977bc96f04b/var/lib/ceph/bootstrap-rgw/ceph.keyring", "item": "/var/lib/ceph/bootstrap-rgw/ceph.keyring", "md5sum": "271e4f90c5853c74264b6b749650c3f2", "remote_checksum": "ce7a2d4441626f22e995b37d5131b9e768f18494", "remote_md5sum": null } changed: [mon-001] => (item=/var/lib/ceph/bootstrap-mds/ceph.keyring) => { "changed": true, "checksum": "e35e8613076382dd3c9d89b5bc2090e37871aab7", "dest": "/root/ceph-ansible/fetch/bb401e2a-c524-428e-bba9-8977bc96f04b/var/lib/ceph/bootstrap-mds/ceph.keyring", "item": "/var/lib/ceph/bootstrap-mds/ceph.keyring", "md5sum": "ed7c32277914c8e34ad5c532d8293dd2", "remote_checksum": "e35e8613076382dd3c9d89b5bc2090e37871aab7", "remote_md5sum": null } changed: [mon-001] => (item=/var/lib/ceph/bootstrap-rbd/ceph.keyring) => { "changed": true, "checksum": "ac43101ad249f6b6bb07ceb3287a3693aeae7f6c", "dest": "/root/ceph-ansible/fetch/bb401e2a-c524-428e-bba9-8977bc96f04b/var/lib/ceph/bootstrap-rbd/ceph.keyring", "item": "/var/lib/ceph/bootstrap-rbd/ceph.keyring", "md5sum": "1460e3c9532b0b7b3a5cb329d77342cd", "remote_checksum": "ac43101ad249f6b6bb07ceb3287a3693aeae7f6c", "remote_md5sum": null } changed: [mon-001] => (item=/var/lib/ceph/bootstrap-rbd-mirror/ceph.keyring) => { "changed": true, "checksum": "01d74751810f5da621937b10c83d47fc7f1865c5", "dest": "/root/ceph-ansible/fetch/bb401e2a-c524-428e-bba9-8977bc96f04b/var/lib/ceph/bootstrap-rbd-mirror/ceph.keyring", "item": "/var/lib/ceph/bootstrap-rbd-mirror/ceph.keyring", "md5sum": "979987f10fd7da5cff67e665f54bfe4d", "remote_checksum": "01d74751810f5da621937b10c83d47fc7f1865c5", "remote_md5sum": null } changed: [mon-001] => (item=/etc/ceph/ceph.client.admin.keyring) => { "changed": true, "checksum": "482f702cf861b41021d76de655ecf996fe9a4a4a", "dest": "/root/ceph-ansible/fetch/bb401e2a-c524-428e-bba9-8977bc96f04b/etc/ceph/ceph.client.admin.keyring", "item": "/etc/ceph/ceph.client.admin.keyring", "md5sum": "7581c187044fd4e0f7a5440244a6b306", "remote_checksum": "482f702cf861b41021d76de655ecf996fe9a4a4a", "remote_md5sum": null } TASK [ceph-mon : include secure_cluster.yml] *********************************************************************************************************************************************************************** skipping: [mon-000] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [ceph-mon : crush_rules.yml] ********************************************************************************************************************************************************************************** skipping: [mon-000] => { "changed": false, "skip_reason": "Conditional result was False" } skipping: [mon-002] => { "changed": false, "skip_reason": "Conditional result was False" } skipping: [mon-001] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [ceph-mgr : set_fact docker_exec_cmd] ************************************************************************************************************************************************************************* skipping: [mon-000] => { "changed": false, "skip_reason": "Conditional result was False" } skipping: [mon-002] => { "changed": false, "skip_reason": "Conditional result was False" } skipping: [mon-001] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [ceph-mgr : include common.yml] ******************************************************************************************************************************************************************************* included: /root/ceph-ansible/roles/ceph-mgr/tasks/common.yml for mon-000, mon-002, mon-001 TASK [ceph-mgr : create mgr directory] ***************************************************************************************************************************************************************************** changed: [mon-000] => { "changed": true, "gid": 167, "group": "ceph", "mode": "0755", "owner": "ceph", "path": "/var/lib/ceph/mgr/ceph-li1166-30", "secontext": "unconfined_u:object_r:ceph_var_lib_t:s0", "size": 4096, "state": "directory", "uid": 167 } changed: [mon-002] => { "changed": true, "gid": 167, "group": "ceph", "mode": "0755", "owner": "ceph", "path": "/var/lib/ceph/mgr/ceph-li895-17", "secontext": "unconfined_u:object_r:ceph_var_lib_t:s0", "size": 4096, "state": "directory", "uid": 167 } changed: [mon-001] => { "changed": true, "gid": 167, "group": "ceph", "mode": "0755", "owner": "ceph", "path": "/var/lib/ceph/mgr/ceph-li985-128", "secontext": "unconfined_u:object_r:ceph_var_lib_t:s0", "size": 4096, "state": "directory", "uid": 167 } TASK [ceph-mgr : fetch ceph mgr keyring] *************************************************************************************************************************************************************************** skipping: [mon-000] => { "changed": false, "skip_reason": "Conditional result was False" } skipping: [mon-002] => { "changed": false, "skip_reason": "Conditional result was False" } skipping: [mon-001] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [ceph-mgr : copy ceph keyring(s) if needed] ******************************************************************************************************************************************************************* An exception occurred during task execution. To see the full traceback, use -vvv. The error was: If you are using a module and expect the file to exist on the remote, see the remote_src option failed: [mon-002] (item={'name': '/etc/ceph/ceph.mgr.li895-17.keyring', 'dest': '/var/lib/ceph/mgr/ceph-li895-17/keyring', 'copy_key': True}) => { "changed": false, "item": { "copy_key": true, "dest": "/var/lib/ceph/mgr/ceph-li895-17/keyring", "name": "/etc/ceph/ceph.mgr.li895-17.keyring" } } MSG: Could not find or access 'fetch//bb401e2a-c524-428e-bba9-8977bc96f04b//etc/ceph/ceph.mgr.li895-17.keyring' Searched in: /root/ceph-ansible/roles/ceph-mgr/files/fetch//bb401e2a-c524-428e-bba9-8977bc96f04b//etc/ceph/ceph.mgr.li895-17.keyring /root/ceph-ansible/roles/ceph-mgr/fetch//bb401e2a-c524-428e-bba9-8977bc96f04b//etc/ceph/ceph.mgr.li895-17.keyring /root/ceph-ansible/roles/ceph-mgr/tasks/files/fetch//bb401e2a-c524-428e-bba9-8977bc96f04b//etc/ceph/ceph.mgr.li895-17.keyring /root/ceph-ansible/roles/ceph-mgr/tasks/fetch//bb401e2a-c524-428e-bba9-8977bc96f04b//etc/ceph/ceph.mgr.li895-17.keyring /root/ceph-ansible/files/fetch//bb401e2a-c524-428e-bba9-8977bc96f04b//etc/ceph/ceph.mgr.li895-17.keyring /root/ceph-ansible/fetch//bb401e2a-c524-428e-bba9-8977bc96f04b//etc/ceph/ceph.mgr.li895-17.keyring on the Ansible Controller. If you are using a module and expect the file to exist on the remote, see the remote_src option skipping: [mon-002] => (item={'name': '/etc/ceph/ceph.client.admin.keyring', 'dest': '/etc/ceph/ceph.client.admin.keyring', 'copy_key': False}) => { "changed": false, "item": { "copy_key": false, "dest": "/etc/ceph/ceph.client.admin.keyring", "name": "/etc/ceph/ceph.client.admin.keyring" }, "skip_reason": "Conditional result was False" } An exception occurred during task execution. To see the full traceback, use -vvv. The error was: If you are using a module and expect the file to exist on the remote, see the remote_src option failed: [mon-001] (item={'name': '/etc/ceph/ceph.mgr.li985-128.keyring', 'dest': '/var/lib/ceph/mgr/ceph-li985-128/keyring', 'copy_key': True}) => { "changed": false, "item": { "copy_key": true, "dest": "/var/lib/ceph/mgr/ceph-li985-128/keyring", "name": "/etc/ceph/ceph.mgr.li985-128.keyring" } } MSG: Could not find or access 'fetch//bb401e2a-c524-428e-bba9-8977bc96f04b//etc/ceph/ceph.mgr.li985-128.keyring' Searched in: /root/ceph-ansible/roles/ceph-mgr/files/fetch//bb401e2a-c524-428e-bba9-8977bc96f04b//etc/ceph/ceph.mgr.li985-128.keyring /root/ceph-ansible/roles/ceph-mgr/fetch//bb401e2a-c524-428e-bba9-8977bc96f04b//etc/ceph/ceph.mgr.li985-128.keyring /root/ceph-ansible/roles/ceph-mgr/tasks/files/fetch//bb401e2a-c524-428e-bba9-8977bc96f04b//etc/ceph/ceph.mgr.li985-128.keyring /root/ceph-ansible/roles/ceph-mgr/tasks/fetch//bb401e2a-c524-428e-bba9-8977bc96f04b//etc/ceph/ceph.mgr.li985-128.keyring /root/ceph-ansible/files/fetch//bb401e2a-c524-428e-bba9-8977bc96f04b//etc/ceph/ceph.mgr.li985-128.keyring /root/ceph-ansible/fetch//bb401e2a-c524-428e-bba9-8977bc96f04b//etc/ceph/ceph.mgr.li985-128.keyring on the Ansible Controller. If you are using a module and expect the file to exist on the remote, see the remote_src option skipping: [mon-001] => (item={'name': '/etc/ceph/ceph.client.admin.keyring', 'dest': '/etc/ceph/ceph.client.admin.keyring', 'copy_key': False}) => { "changed": false, "item": { "copy_key": false, "dest": "/etc/ceph/ceph.client.admin.keyring", "name": "/etc/ceph/ceph.client.admin.keyring" }, "skip_reason": "Conditional result was False" } An exception occurred during task execution. To see the full traceback, use -vvv. The error was: If you are using a module and expect the file to exist on the remote, see the remote_src option failed: [mon-000] (item={'name': '/etc/ceph/ceph.mgr.li1166-30.keyring', 'dest': '/var/lib/ceph/mgr/ceph-li1166-30/keyring', 'copy_key': True}) => { "changed": false, "item": { "copy_key": true, "dest": "/var/lib/ceph/mgr/ceph-li1166-30/keyring", "name": "/etc/ceph/ceph.mgr.li1166-30.keyring" } } MSG: Could not find or access 'fetch//bb401e2a-c524-428e-bba9-8977bc96f04b//etc/ceph/ceph.mgr.li1166-30.keyring' Searched in: /root/ceph-ansible/roles/ceph-mgr/files/fetch//bb401e2a-c524-428e-bba9-8977bc96f04b//etc/ceph/ceph.mgr.li1166-30.keyring /root/ceph-ansible/roles/ceph-mgr/fetch//bb401e2a-c524-428e-bba9-8977bc96f04b//etc/ceph/ceph.mgr.li1166-30.keyring /root/ceph-ansible/roles/ceph-mgr/tasks/files/fetch//bb401e2a-c524-428e-bba9-8977bc96f04b//etc/ceph/ceph.mgr.li1166-30.keyring /root/ceph-ansible/roles/ceph-mgr/tasks/fetch//bb401e2a-c524-428e-bba9-8977bc96f04b//etc/ceph/ceph.mgr.li1166-30.keyring /root/ceph-ansible/files/fetch//bb401e2a-c524-428e-bba9-8977bc96f04b//etc/ceph/ceph.mgr.li1166-30.keyring /root/ceph-ansible/fetch//bb401e2a-c524-428e-bba9-8977bc96f04b//etc/ceph/ceph.mgr.li1166-30.keyring on the Ansible Controller. If you are using a module and expect the file to exist on the remote, see the remote_src option skipping: [mon-000] => (item={'name': '/etc/ceph/ceph.client.admin.keyring', 'dest': '/etc/ceph/ceph.client.admin.keyring', 'copy_key': False}) => { "changed": false, "item": { "copy_key": false, "dest": "/etc/ceph/ceph.client.admin.keyring", "name": "/etc/ceph/ceph.client.admin.keyring" }, "skip_reason": "Conditional result was False" } NO MORE HOSTS LEFT ************************************************************************************************************************************************************************************************* to retry, use: --limit @/root/ceph-linode/linode.retry PLAY RECAP ********************************************************************************************************************************************************************************************************* client-000 : ok=30 changed=2 unreachable=0 failed=0 mds-000 : ok=32 changed=4 unreachable=0 failed=0 mgr-000 : ok=32 changed=4 unreachable=0 failed=0 mon-000 : ok=89 changed=21 unreachable=0 failed=1 mon-001 : ok=84 changed=20 unreachable=0 failed=1 mon-002 : ok=81 changed=17 unreachable=0 failed=1 osd-000 : ok=32 changed=4 unreachable=0 failed=0 osd-001 : ok=32 changed=4 unreachable=0 failed=0 osd-002 : ok=32 changed=4 unreachable=0 failed=0 Also, create all keys on the first mon and copy those to the other mons to be consistent. Signed-off-by: Patrick Donnelly <pdonnell@redhat.com>
2019-01-27 06:55:37 +08:00
delegate_to: "{{ groups[mon_group_name][0] }}"
- name: copy keys to the ansible server
2015-10-17 07:55:31 +08:00
fetch:
src: "{{ item }}"
dest: "{{ fetch_directory }}/{{ fsid }}/{{ item }}"
flat: yes
with_items:
- /var/lib/ceph/bootstrap-osd/{{ cluster }}.keyring
- /var/lib/ceph/bootstrap-rgw/{{ cluster }}.keyring
- /var/lib/ceph/bootstrap-mds/{{ cluster }}.keyring
- /var/lib/ceph/bootstrap-rbd/{{ cluster }}.keyring
- /var/lib/ceph/bootstrap-rbd-mirror/{{ cluster }}.keyring
- /etc/ceph/{{ cluster }}.client.admin.keyring
when:
- cephx
- inventory_hostname == groups[mon_group_name] | last