mirror of https://github.com/ceph/ceph-ansible.git
163 lines
5.7 KiB
YAML
163 lines
5.7 KiB
YAML
|
---
|
||
|
- name: set mgr_prefix default
|
||
|
set_fact:
|
||
|
mgr_prefix: ""
|
||
|
|
||
|
- block:
|
||
|
- name: check to see if the mgr is containerized
|
||
|
command: "{{ container_binary }} inspect ceph-mgr-{{ ansible_hostname }}"
|
||
|
register: mgr_container
|
||
|
failed_when: false
|
||
|
changed_when: false
|
||
|
|
||
|
- name: choose the correct container name
|
||
|
set_fact:
|
||
|
container_name: "{% if mgr_container.rc == 0 %}ceph-mgr-{{ ansible_hostname }}{% endif %}"
|
||
|
|
||
|
- name: prefix the mgr command with a {{ container_binary }} command
|
||
|
set_fact:
|
||
|
mgr_prefix: "{{ container_binary }} exec {{ container_name }}"
|
||
|
when: container_name != ""
|
||
|
when: container_binary != ""
|
||
|
|
||
|
- name: disable SSL for dashboard
|
||
|
shell: |
|
||
|
{{ mgr_prefix }} ceph config set mgr mgr/dashboard/ssl false || \
|
||
|
{{ mgr_prefix }} ceph config-key set mgr/dashboard/ssl false
|
||
|
when: dashboard_protocol != "https"
|
||
|
|
||
|
- name: enable SSL for dashboard
|
||
|
shell: |
|
||
|
{{ mgr_prefix }} ceph config set mgr mgr/dashboard/ssl true || \
|
||
|
{{ mgr_prefix }} ceph config-key set mgr/dashboard/ssl true
|
||
|
when: dashboard_protocol == "https"
|
||
|
|
||
|
- name: copy dashboard SSL certificate file
|
||
|
copy:
|
||
|
src: "{{ dashboard_crt }}"
|
||
|
dest: "/etc/ceph/ceph-dashboard.crt"
|
||
|
owner: root
|
||
|
group: root
|
||
|
mode: 0644
|
||
|
when:
|
||
|
- dashboard_crt
|
||
|
- dashboard_protocol == "https"
|
||
|
|
||
|
- name: copy dashboard SSL certificate key
|
||
|
copy:
|
||
|
src: "{{ dashboard_key }}"
|
||
|
dest: "/etc/ceph/ceph-dashboard.key"
|
||
|
owner: root
|
||
|
group: root
|
||
|
mode: 0644
|
||
|
when:
|
||
|
- dashboard_key
|
||
|
- dashboard_protocol == "https"
|
||
|
|
||
|
- name: generate a Self Signed OpenSSL certificate for dashboard
|
||
|
shell: |
|
||
|
test -f /etc/ceph/ceph-dashboard.key -a -f /etc/ceph/ceph-dashboard.crt || \
|
||
|
openssl req -new -nodes -x509 -subj '/O=IT/CN=ceph-dashboard' -days 3650 -keyout /etc/ceph/ceph-dashboard.key -out /etc/ceph/ceph-dashboard.crt -extensions v3_ca
|
||
|
when:
|
||
|
- dashboard_protocol == "https"
|
||
|
- not dashboard_key or not dashboard_crt
|
||
|
|
||
|
- name: import dashboard certificate file
|
||
|
command: "{{ mgr_prefix }} ceph config-key set mgr/dashboard/crt -i /etc/ceph/ceph-dashboard.crt"
|
||
|
changed_when: false
|
||
|
when: dashboard_protocol == "https"
|
||
|
|
||
|
- name: import dashboard certificate key
|
||
|
command: "{{ mgr_prefix }} ceph config-key set mgr/dashboard/key -i /etc/ceph/ceph-dashboard.key"
|
||
|
changed_when: false
|
||
|
when: dashboard_protocol == "https"
|
||
|
|
||
|
- name: "set the dashboard port ({{ dashboard_port }})"
|
||
|
shell: |
|
||
|
{{ mgr_prefix }} ceph config set mgr mgr/dashboard/server_port {{ dashboard_port }} || \
|
||
|
{{ mgr_prefix }} ceph config-key set mgr/dashboard/server_port {{ dashboard_port }}
|
||
|
|
||
|
- name: disable mgr dashboard module (restart)
|
||
|
command: "{{ mgr_prefix }} ceph mgr module disable dashboard"
|
||
|
changed_when: false
|
||
|
|
||
|
- name: enable mgr dashboard module (restart)
|
||
|
command: "{{ mgr_prefix }} ceph mgr module enable dashboard"
|
||
|
changed_when: false
|
||
|
|
||
|
- name: set or update dashboard admin username and password
|
||
|
shell: |
|
||
|
if {{ mgr_prefix }} ceph dashboard ac-user-show {{ dashboard_admin_user }}; then
|
||
|
{{ mgr_prefix }} ceph dashboard ac-user-set-password {{ dashboard_admin_user }} {{ dashboard_admin_password }}
|
||
|
else
|
||
|
{{ mgr_prefix }} ceph dashboard ac-user-create {{ dashboard_admin_user }} {{ dashboard_admin_password }} administrator
|
||
|
fi
|
||
|
retries: 6
|
||
|
delay: 5
|
||
|
register: ac_result
|
||
|
until: ac_result.rc == 0
|
||
|
|
||
|
- name: set grafana url
|
||
|
command: "{{ mgr_prefix }} ceph dashboard set-grafana-api-url {{ dashboard_protocol }}://{{ groups['grafana-server'][0] }}:3000/"
|
||
|
changed_when: false
|
||
|
|
||
|
- name: set alertmanager host
|
||
|
command: "{{ mgr_prefix }} ceph dashboard set-alertmanager-api-host {{ dashboard_protocol }}://{{ groups['grafana-server'][0] }}:9093/"
|
||
|
changed_when: false
|
||
|
|
||
|
- name: create radosgw system user
|
||
|
shell: "timeout 20 {{ mgr_prefix }} radosgw-admin user create --uid={{ dashboard_rgw_api_user_id }} --display-name='Ceph dashboard' --system"
|
||
|
register: rgw_user_output
|
||
|
until: rgw_user_output.rc == 0
|
||
|
retries: 3
|
||
|
|
||
|
- name: get the rgw access and secret keys
|
||
|
set_fact:
|
||
|
rgw_access_key: "{{ (rgw_user_output.stdout | from_json)['keys'][0]['access_key'] }}"
|
||
|
rgw_secret_key: "{{ (rgw_user_output.stdout | from_json)['keys'][0]['secret_key'] }}"
|
||
|
|
||
|
- name: set the rgw user
|
||
|
command: "{{ mgr_prefix }} ceph dashboard set-rgw-api-user-id {{ dashboard_rgw_api_user_id }}"
|
||
|
changed_when: false
|
||
|
|
||
|
- name: set the rgw access key
|
||
|
command: "{{ mgr_prefix }} ceph dashboard set-rgw-api-access-key {{ rgw_access_key }}"
|
||
|
changed_when: false
|
||
|
|
||
|
- name: set the rgw secret key
|
||
|
command: "{{ mgr_prefix }} ceph dashboard set-rgw-api-secret-key {{ rgw_secret_key }}"
|
||
|
changed_when: false
|
||
|
|
||
|
- name: set the rgw host
|
||
|
command: "{{ mgr_prefix }} ceph dashboard set-rgw-api-host {{ dashboard_rgw_api_host }}"
|
||
|
changed_when: false
|
||
|
when: dashboard_rgw_api_host
|
||
|
|
||
|
- name: set the rgw port
|
||
|
command: "{{ mgr_prefix }} ceph dashboard set-rgw-api-port {{ dashboard_rgw_api_port }}"
|
||
|
changed_when: false
|
||
|
when: dashboard_rgw_api_port
|
||
|
|
||
|
- name: set the rgw scheme
|
||
|
command: "{{ mgr_prefix }} ceph dashboard set-rgw-api-scheme {{ dashboard_rgw_api_scheme }}"
|
||
|
changed_when: false
|
||
|
when: dashboard_rgw_api_scheme
|
||
|
|
||
|
- name: set the rgw admin resource
|
||
|
command: "{{ mgr_prefix }} ceph dashboard set-rgw-api-admin-resource {{ dashboard_rgw_api_admin_resource }}"
|
||
|
changed_when: false
|
||
|
when: dashboard_rgw_api_admin_resource
|
||
|
|
||
|
- name: disable ssl verification for rgw
|
||
|
command: "{{ mgr_prefix }} ceph dashboard set-rgw-api-ssl-verify False"
|
||
|
changed_when: false
|
||
|
when: dashboard_rgw_api_no_ssl_verify
|
||
|
|
||
|
- name: disable mgr dashboard module (restart)
|
||
|
command: "{{ mgr_prefix }} ceph mgr module disable dashboard"
|
||
|
changed_when: false
|
||
|
|
||
|
- name: enable mgr dashboard module (restart)
|
||
|
command: "{{ mgr_prefix }} ceph mgr module enable dashboard"
|
||
|
changed_when: false
|