ceph-ansible/roles/ceph-rgw/tasks/multisite/create_zone_user.yml

- name: check if the realm system user already exists
  command: "{{ container_exec_cmd }} radosgw-admin user info --cluster={{ cluster }} --rgw-realm={{ rgw_realm }} --rgw-zonegroup={{ rgw_zonegroup }} --rgw-zone={{ rgw_zone }} --uid={{ rgw_zone_user }}"
  delegate_to: "{{ groups[mon_group_name][0] }}"
  register: usercheck
  failed_when: False
  changed_when: False
  check_mode: no

- name: create list zone_users
  set_fact:
    zone_users: "{{ zone_users | default([]) + [{ 'realm': hostvars[item]['rgw_realm'], 'zonegroup': hostvars[item]['rgw_zonegroup'], 'zone': hostvars[item]['rgw_zone'], 'access_key': hostvars[item]['system_access_key'], 'secret_key': hostvars[item]['system_secret_key'], 'user': hostvars[item]['rgw_zone_user'], 'display_name': hostvars[item]['rgw_zone_user_display_name'] }] }}"
  with_items: "{{ groups.get(rgw_group_name, []) }}"
  run_once: true
  when:
    - hostvars[item]['rgw_zonemaster'] | bool
    - hostvars[item]['rgw_zonegroupmaster'] | bool
    - "'could not fetch user info: no user info saved' in hostvars[item]['usercheck'].stderr"

- name: make all items in zone_users unique
  set_fact:
    zone_users: "{{ zone_users | unique }}"
  run_once: true
  when:
    - zone_users is defined

- name: create the zone user(s)
  command: "{{ container_exec_cmd }} radosgw-admin user create --cluster={{ cluster }} --rgw-realm={{ item.realm }} --rgw-zonegroup={{ item.zonegroup }} --rgw-zone={{ item.zone }} --uid={{ item.user }} --display-name='{{ item.display_name }}' --access-key={{ item.access_key }} --secret={{ item.secret_key }} --system"
  delegate_to: "{{ groups[mon_group_name][0] }}"
  run_once: true
  with_items: "{{ zone_users }}"
  when: zone_users is defined
rgw multisite: enable more than 1 realm per cluster Make it so that more than one realm, zonegroup, or zone can be created during a run of the rgw multisite ansible playbooks. The rgw hosts now need to be grouped into zones and realms in the inventory. .yml files need to be created in group_vars for the realms and zones. Sample yaml files are available. Also remove multsite destroy playbook and add --cluster before radosgw-admin commands remove manually added rgw_zone_endpoints var and have ceph-ansible automatically add the correct endpoints of all the rgws in a rgw_zone from the information provided in that rgws hostvars. Signed-off-by: Ali Maredia <amaredia@redhat.com> 2019-10-05 03:31:25 +08:00			`- name: check if the realm system user already exists`
			`command: "{{ container_exec_cmd }} radosgw-admin user info --cluster={{ cluster }} --rgw-realm={{ rgw_realm }} --rgw-zonegroup={{ rgw_zonegroup }} --rgw-zone={{ rgw_zone }} --uid={{ rgw_zone_user }}"`
			`delegate_to: "{{ groups[mon_group_name][0] }}"`
			`register: usercheck`
			`failed_when: False`
			`changed_when: False`
			`check_mode: no`

			`- name: create list zone_users`
			`set_fact:`
			`zone_users: "{{ zone_users \| default([]) + [{ 'realm': hostvars[item]['rgw_realm'], 'zonegroup': hostvars[item]['rgw_zonegroup'], 'zone': hostvars[item]['rgw_zone'], 'access_key': hostvars[item]['system_access_key'], 'secret_key': hostvars[item]['system_secret_key'], 'user': hostvars[item]['rgw_zone_user'], 'display_name': hostvars[item]['rgw_zone_user_display_name'] }] }}"`
			`with_items: "{{ groups.get(rgw_group_name, []) }}"`
			`run_once: true`
			`when:`
			`- hostvars[item]['rgw_zonemaster'] \| bool`
			`- hostvars[item]['rgw_zonegroupmaster'] \| bool`
			`- "'could not fetch user info: no user info saved' in hostvars[item]['usercheck'].stderr"`

			`- name: make all items in zone_users unique`
			`set_fact:`
			`zone_users: "{{ zone_users \| unique }}"`
			`run_once: true`
			`when:`
			`- zone_users is defined`

			`- name: create the zone user(s)`
			`command: "{{ container_exec_cmd }} radosgw-admin user create --cluster={{ cluster }} --rgw-realm={{ item.realm }} --rgw-zonegroup={{ item.zonegroup }} --rgw-zone={{ item.zone }} --uid={{ item.user }} --display-name='{{ item.display_name }}' --access-key={{ item.access_key }} --secret={{ item.secret_key }} --system"`
			`delegate_to: "{{ groups[mon_group_name][0] }}"`
			`run_once: true`
			`with_items: "{{ zone_users }}"`
			`when: zone_users is defined`