2018-12-06 02:59:47 +08:00
---
2019-05-14 20:46:25 +08:00
- name : set_fact container_exec_cmd
2018-12-06 02:59:47 +08:00
set_fact :
2019-05-14 20:46:25 +08:00
container_exec_cmd : "{{ container_binary }} exec ceph-mon-{{ hostvars[groups[mon_group_name][0]]['ansible_hostname'] }}"
2019-05-22 16:02:42 +08:00
when : containerized_deployment | bool
2018-12-06 02:59:47 +08:00
- name : disable SSL for dashboard
2019-05-15 20:35:24 +08:00
command : "{{ container_exec_cmd }} ceph config set mgr mgr/dashboard/ssl false"
2019-05-14 20:46:25 +08:00
delegate_to : "{{ groups[mon_group_name][0] }}"
2019-05-15 20:35:24 +08:00
when : dashboard_protocol == "http"
2018-12-06 02:59:47 +08:00
- name : enable SSL for dashboard
2019-05-15 20:35:24 +08:00
command : "{{ container_exec_cmd }} ceph config set mgr mgr/dashboard/ssl true"
2019-05-14 20:46:25 +08:00
delegate_to : "{{ groups[mon_group_name][0] }}"
2018-12-06 02:59:47 +08:00
when : dashboard_protocol == "https"
- name : copy dashboard SSL certificate file
copy :
src : "{{ dashboard_crt }}"
dest : "/etc/ceph/ceph-dashboard.crt"
owner : root
group : root
2019-05-15 20:38:46 +08:00
mode : 0440
2018-12-06 02:59:47 +08:00
when :
2019-05-22 16:02:42 +08:00
- dashboard_crt | bool
2018-12-06 02:59:47 +08:00
- dashboard_protocol == "https"
- name : copy dashboard SSL certificate key
copy :
src : "{{ dashboard_key }}"
dest : "/etc/ceph/ceph-dashboard.key"
owner : root
group : root
2019-05-15 20:38:46 +08:00
mode : 0440
2018-12-06 02:59:47 +08:00
when :
2019-05-22 16:02:42 +08:00
- dashboard_key | bool
2018-12-06 02:59:47 +08:00
- dashboard_protocol == "https"
- name : generate a Self Signed OpenSSL certificate for dashboard
shell : |
test -f /etc/ceph/ceph-dashboard.key -a -f /etc/ceph/ceph-dashboard.crt || \
openssl req -new -nodes -x509 -subj '/O=IT/CN=ceph-dashboard' -days 3650 -keyout /etc/ceph/ceph-dashboard.key -out /etc/ceph/ceph-dashboard.crt -extensions v3_ca
when :
- dashboard_protocol == "https"
2019-05-22 16:02:42 +08:00
- not dashboard_key | bool or not dashboard_crt | bool
2018-12-06 02:59:47 +08:00
- name : import dashboard certificate file
2019-05-14 20:46:25 +08:00
command : "{{ container_exec_cmd }} ceph config-key set mgr/dashboard/crt -i /etc/ceph/ceph-dashboard.crt"
2018-12-06 02:59:47 +08:00
changed_when : false
2019-05-14 20:46:25 +08:00
delegate_to : "{{ groups[mon_group_name][0] }}"
2018-12-06 02:59:47 +08:00
when : dashboard_protocol == "https"
- name : import dashboard certificate key
2019-05-14 20:46:25 +08:00
command : "{{ container_exec_cmd }} ceph config-key set mgr/dashboard/key -i /etc/ceph/ceph-dashboard.key"
2018-12-06 02:59:47 +08:00
changed_when : false
2019-05-14 20:46:25 +08:00
delegate_to : "{{ groups[mon_group_name][0] }}"
2018-12-06 02:59:47 +08:00
when : dashboard_protocol == "https"
- name : "set the dashboard port ({{ dashboard_port }})"
shell : |
2019-05-14 20:46:25 +08:00
{{ container_exec_cmd }} ceph config set mgr mgr/dashboard/server_port {{ dashboard_port }} || \
{{ container_exec_cmd }} ceph config-key set mgr/dashboard/server_port {{ dashboard_port }}
delegate_to : "{{ groups[mon_group_name][0] }}"
2018-12-06 02:59:47 +08:00
2019-04-05 01:51:16 +08:00
- name : "set the dashboard SSL port ({{ dashboard_port }})"
2019-05-14 20:46:25 +08:00
command : "{{ container_exec_cmd }} ceph config set mgr mgr/dashboard/ssl_server_port {{ dashboard_port }}" # Do not use the old fashioned config-key way ssl_server_port, it was not supported when this option was introduced
delegate_to : "{{ groups[mon_group_name][0] }}"
2019-04-05 01:51:16 +08:00
failed_when : false # Do not fail if the option does not exist, it only exists post-14.2.0
2018-12-06 02:59:47 +08:00
- name : disable mgr dashboard module (restart)
2019-05-14 20:46:25 +08:00
command : "{{ container_exec_cmd }} ceph mgr module disable dashboard"
delegate_to : "{{ groups[mon_group_name][0] }}"
2018-12-06 02:59:47 +08:00
changed_when : false
- name : enable mgr dashboard module (restart)
2019-05-14 20:46:25 +08:00
command : "{{ container_exec_cmd }} ceph mgr module enable dashboard"
delegate_to : "{{ groups[mon_group_name][0] }}"
2018-12-06 02:59:47 +08:00
changed_when : false
- name : set or update dashboard admin username and password
shell : |
2019-05-14 20:46:25 +08:00
if {{ container_exec_cmd }} ceph dashboard ac-user-show {{ dashboard_admin_user }}; then
{{ container_exec_cmd }} ceph dashboard ac-user-set-password {{ dashboard_admin_user }} {{ dashboard_admin_password }}
2018-12-06 02:59:47 +08:00
else
2019-05-14 20:46:25 +08:00
{{ container_exec_cmd }} ceph dashboard ac-user-create {{ dashboard_admin_user }} {{ dashboard_admin_password }} administrator
2018-12-06 02:59:47 +08:00
fi
retries : 6
delay : 5
register : ac_result
2019-05-14 20:46:25 +08:00
delegate_to : "{{ groups[mon_group_name][0] }}"
2018-12-06 02:59:47 +08:00
until : ac_result.rc == 0
- name : set grafana url
2019-07-11 05:15:45 +08:00
command : "{{ container_exec_cmd }} ceph dashboard set-grafana-api-url {{ dashboard_protocol }}://{{ dashboard_url }}:{{ grafana_port }}/"
2019-05-14 20:46:25 +08:00
delegate_to : "{{ groups[mon_group_name][0] }}"
2018-12-06 02:59:47 +08:00
changed_when : false
- name : set alertmanager host
2019-07-11 05:15:45 +08:00
command : "{{ container_exec_cmd }} ceph dashboard set-alertmanager-api-host {{ dashboard_protocol }}://{{ dashboard_url }}:{{ alertmanager_port }}/"
2019-05-14 20:46:25 +08:00
delegate_to : "{{ groups[mon_group_name][0] }}"
2018-12-06 02:59:47 +08:00
changed_when : false
2019-07-11 22:38:44 +08:00
- name : dashboard object gateway management frontend
when : groups.get(rgw_group_name, []) | length > 0
block :
- name : create radosgw system user
shell : "timeout 20 {{ container_exec_cmd }} radosgw-admin user create --uid={{ dashboard_rgw_api_user_id }} --display-name='Ceph dashboard' --system"
register : rgw_user_output
until : rgw_user_output.rc == 0
retries : 3
delegate_to : "{{ groups[mon_group_name][0] }}"
- name : get the rgw access and secret keys
set_fact :
rgw_access_key : "{{ (rgw_user_output.stdout | from_json)['keys'][0]['access_key'] }}"
rgw_secret_key : "{{ (rgw_user_output.stdout | from_json)['keys'][0]['secret_key'] }}"
- name : set the rgw user
command : "{{ container_exec_cmd }} ceph dashboard set-rgw-api-user-id {{ dashboard_rgw_api_user_id }}"
delegate_to : "{{ groups[mon_group_name][0] }}"
changed_when : false
- name : set the rgw access key
command : "{{ container_exec_cmd }} ceph dashboard set-rgw-api-access-key {{ rgw_access_key }}"
delegate_to : "{{ groups[mon_group_name][0] }}"
changed_when : false
- name : set the rgw secret key
command : "{{ container_exec_cmd }} ceph dashboard set-rgw-api-secret-key {{ rgw_secret_key }}"
delegate_to : "{{ groups[mon_group_name][0] }}"
changed_when : false
- name : set the rgw host
command : "{{ container_exec_cmd }} ceph dashboard set-rgw-api-host {{ dashboard_rgw_api_host }}"
changed_when : false
delegate_to : "{{ groups[mon_group_name][0] }}"
when : dashboard_rgw_api_host != ''
- name : set the rgw port
command : "{{ container_exec_cmd }} ceph dashboard set-rgw-api-port {{ dashboard_rgw_api_port }}"
changed_when : false
delegate_to : "{{ groups[mon_group_name][0] }}"
when : dashboard_rgw_api_port != ''
- name : set the rgw scheme
command : "{{ container_exec_cmd }} ceph dashboard set-rgw-api-scheme {{ dashboard_rgw_api_scheme }}"
changed_when : false
delegate_to : "{{ groups[mon_group_name][0] }}"
when : dashboard_rgw_api_scheme != ''
- name : set the rgw admin resource
command : "{{ container_exec_cmd }} ceph dashboard set-rgw-api-admin-resource {{ dashboard_rgw_api_admin_resource }}"
changed_when : false
delegate_to : "{{ groups[mon_group_name][0] }}"
when : dashboard_rgw_api_admin_resource != ''
- name : disable ssl verification for rgw
command : "{{ container_exec_cmd }} ceph dashboard set-rgw-api-ssl-verify False"
changed_when : false
delegate_to : "{{ groups[mon_group_name][0] }}"
when : dashboard_rgw_api_no_ssl_verify | bool
2018-12-06 02:59:47 +08:00
- name : disable mgr dashboard module (restart)
2019-05-14 20:46:25 +08:00
command : "{{ container_exec_cmd }} ceph mgr module disable dashboard"
2018-12-06 02:59:47 +08:00
changed_when : false
2019-05-14 20:46:25 +08:00
delegate_to : "{{ groups[mon_group_name][0] }}"
2018-12-06 02:59:47 +08:00
- name : enable mgr dashboard module (restart)
2019-05-14 20:46:25 +08:00
command : "{{ container_exec_cmd }} ceph mgr module enable dashboard"
2018-12-06 02:59:47 +08:00
changed_when : false
2019-05-14 20:46:25 +08:00
delegate_to : "{{ groups[mon_group_name][0] }}"