2015-01-30 20:34:35 +08:00
|
|
|
|
---
|
2017-06-23 18:35:39 +08:00
|
|
|
|
- name: create openstack pool(s)
|
2017-06-12 16:36:29 +08:00
|
|
|
|
command: "{{ docker_exec_cmd }} ceph --cluster {{ cluster }} osd pool create {{ item.name }} {{ item.pg_num }} {{ item.rule_name }}"
|
2017-01-24 03:53:43 +08:00
|
|
|
|
with_items: "{{ openstack_pools | unique }}"
|
2015-06-26 06:26:03 +08:00
|
|
|
|
changed_when: false
|
2015-07-29 00:21:15 +08:00
|
|
|
|
failed_when: false
|
2015-01-30 20:34:35 +08:00
|
|
|
|
|
2017-06-23 18:35:39 +08:00
|
|
|
|
# A future version could use "--caps CAPSFILE"
|
|
|
|
|
|
# which will set all of capabilities associated with a given key, for all subsystems
|
|
|
|
|
|
- name: create openstack key(s)
|
2017-07-19 05:11:55 +08:00
|
|
|
|
shell: "{{ docker_exec_cmd }} bash -c 'ceph-authtool -C /etc/ceph/{{ cluster }}.{{ item.name }}.keyring --name {{ item.name }} --add-key {{ item.key }} --cap mon \"{{ item.mon_cap|default('') }}\" --cap osd \"{{ item.osd_cap|default('') }}\" --cap mds \"{{ item.mds_cap|default('') }}\"'"
|
2015-10-17 07:55:31 +08:00
|
|
|
|
args:
|
2017-06-23 18:35:39 +08:00
|
|
|
|
creates: "/etc/ceph/{{ cluster }}.{{ item.name }}.keyring"
|
2016-09-21 20:21:41 +08:00
|
|
|
|
with_items: "{{ openstack_keys }}"
|
2015-06-26 06:26:03 +08:00
|
|
|
|
changed_when: false
|
2016-02-27 05:39:27 +08:00
|
|
|
|
when: cephx
|
2017-06-23 18:35:39 +08:00
|
|
|
|
|
|
|
|
|
|
- name: check if openstack key(s) already exist(s)
|
|
|
|
|
|
command: "{{ docker_exec_cmd }} ceph --cluster {{ cluster }} auth get {{ item.name }}"
|
|
|
|
|
|
changed_when: false
|
|
|
|
|
|
failed_when: false
|
|
|
|
|
|
with_items: "{{ openstack_keys }}"
|
|
|
|
|
|
register: openstack_key_exist
|
|
|
|
|
|
|
|
|
|
|
|
- name: add openstack key(s) to ceph
|
2017-06-27 17:47:02 +08:00
|
|
|
|
command: "{{ docker_exec_cmd }} ceph --cluster {{ cluster }} auth import -i /etc/ceph/{{ cluster }}.{{ item.0.name }}.keyring"
|
2017-06-23 18:35:39 +08:00
|
|
|
|
changed_when: false
|
|
|
|
|
|
with_together:
|
|
|
|
|
|
- "{{ openstack_keys }}"
|
|
|
|
|
|
- "{{ openstack_key_exist.results }}"
|
|
|
|
|
|
when: item.1.rc != 0
|
2017-07-19 05:11:55 +08:00
|
|
|
|
|
|
|
|
|
|
- name: fetch openstack key(s)
|
|
|
|
|
|
fetch:
|
|
|
|
|
|
src: "/etc/ceph/{{ cluster }}.{{ item.name }}.keyring"
|
|
|
|
|
|
dest: "{{ fetch_directory }}/{{ fsid }}/etc/ceph/{{ cluster }}.{{ item.name }}.keyring"
|
|
|
|
|
|
flat: yes
|
|
|
|
|
|
with_items: "{{ openstack_keys }}"
|
|
|
|
|
|
|
|
|
|
|
|
- name: copy to other mons the openstack key(s)
|
|
|
|
|
|
copy:
|
|
|
|
|
|
src: "{{ fetch_directory }}/{{ fsid }}/etc/ceph/{{ cluster }}.{{ item.1.name }}.keyring"
|
|
|
|
|
|
dest: "/etc/ceph/{{ cluster }}.{{ item.1.name }}.keyring"
|
|
|
|
|
|
with_nested:
|
|
|
|
|
|
- "{{ groups[mon_group_name] }}"
|
|
|
|
|
|
- "{{ openstack_keys }}"
|
|
|
|
|
|
delegate_to: "{{ item.0 }}"
|
|
|
|
|
|
when:
|
|
|
|
|
|
- cephx
|
|
|
|
|
|
- openstack_config
|
|
|
|
|
|
- item.0 != groups[mon_group_name] | last
|
2017-07-20 06:20:18 +08:00
|
|
|
|
|
|
|
|
|
|
- name: setfacl for openstack key(s)
|
|
|
|
|
|
acl:
|
|
|
|
|
|
path: "/etc/ceph/{{ cluster }}.{{ item.0.name }}.keyring"
|
|
|
|
|
|
entry: "{{ item.1 }}"
|
|
|
|
|
|
state: present
|
|
|
|
|
|
with_subelements:
|
|
|
|
|
|
- "{{ openstack_keys }}"
|
|
|
|
|
|
- acls
|
|
|
|
|
|
- skip_missing: true
|
|
|
|
|
|
when:
|
|
|
|
|
|
- openstack_config
|
|
|
|
|
|
- cephx
|
2017-08-11 01:50:08 +08:00
|
|
|
|
|
|
|
|
|
|
- name: chmod openstack key(s)
|
|
|
|
|
|
file:
|
|
|
|
|
|
path: "/etc/ceph/{{ cluster }}.{{ item.name }}.keyring"
|
|
|
|
|
|
mode: "{{ item.mode }}"
|
|
|
|
|
|
with_items: "{{ openstack_keys }}"
|
|
|
|
|
|
when:
|
|
|
|
|
|
- openstack_config
|
|
|
|
|
|
- cephx
|
