From 11df83578913263016c233edd25fa16bfdb97245 Mon Sep 17 00:00:00 2001 From: Guillaume Abrioux Date: Wed, 2 Mar 2022 23:13:53 +0100 Subject: [PATCH] iscsi: drop old style iSCSI support this kind of deployment is no longer supported, let's drop it. Signed-off-by: Guillaume Abrioux --- group_vars/all.yml.sample | 58 ------ group_vars/rhcs.yml.sample | 58 ------ .../purge-iscsi-gateways.yml | 96 ---------- library/igw_client.py | 135 -------------- library/igw_gateway.py | 145 --------------- library/igw_lun.py | 168 ------------------ library/igw_purge.py | 161 ----------------- roles/ceph-defaults/defaults/main.yml | 58 ------ roles/ceph-facts/tasks/facts.yml | 5 - roles/ceph-iscsi-gw/tasks/main.yml | 6 - .../tasks/non-container/configure_iscsi.yml | 33 ---- .../tasks/non-container/prerequisites.yml | 25 +-- roles/ceph-validate/tasks/check_iscsi.yml | 26 --- 13 files changed, 6 insertions(+), 968 deletions(-) delete mode 100644 infrastructure-playbooks/purge-iscsi-gateways.yml delete mode 100644 library/igw_client.py delete mode 100644 library/igw_gateway.py delete mode 100644 library/igw_lun.py delete mode 100644 library/igw_purge.py delete mode 100644 roles/ceph-iscsi-gw/tasks/non-container/configure_iscsi.yml diff --git a/group_vars/all.yml.sample b/group_vars/all.yml.sample index ad6bc08ad..9fa78268e 100644 --- a/group_vars/all.yml.sample +++ b/group_vars/all.yml.sample @@ -735,64 +735,6 @@ dummy: #igw_network: "{{ public_network }}" -################################## -# DEPRECIATED iSCSI TARGET SETUP # -################################## - -# WARNING # - -# The following values are depreciated. To setup targets, gateways, LUNs, and -# clients you should use gwcli or dashboard. If the following values are set, -# the old ceph-iscsi-config/ceph-iscsi-cli packages will be used. - -# Specify the iqn for ALL gateways. This iqn is shared across the gateways, so an iscsi -# client sees the gateway group as a single storage subsystem. -#gateway_iqn: "" - -# gateway_ip_list provides a list of the IP Addrresses - one per gateway - that will be used -# as an iscsi target portal ip. The list must be comma separated - and the order determines -# the sequence of TPG's within the iscsi target across each gateway. Once set, additional -# gateways can be added, but the order must *not* be changed. -#gateway_ip_list: 0.0.0.0 - -# rbd_devices defines the images that should be created and exported from the iscsi gateways. -# If the rbd does not exist, it will be created for you. In addition you may increase the -# size of rbd's by changing the size parameter and rerunning the playbook. A size value lower -# than the current size of the rbd is ignored. -# -# the 'host' parameter defines which of the gateway nodes should handle the physical -# allocation/expansion or removal of the rbd -# to remove an image, simply use a state of 'absent'. This will first check the rbd is not allocated -# to any client, and the remove it from LIO and then delete the rbd image -# -# NB. this variable definition can be commented out to bypass LUN management -# -# Example: -# -#rbd_devices: -# - { pool: 'rbd', image: 'ansible1', size: '30G', host: 'ceph-1', state: 'present' } -# - { pool: 'rbd', image: 'ansible2', size: '15G', host: 'ceph-1', state: 'present' } -# - { pool: 'rbd', image: 'ansible3', size: '30G', host: 'ceph-1', state: 'present' } -# - { pool: 'rbd', image: 'ansible4', size: '50G', host: 'ceph-1', state: 'present' } -#rbd_devices: {} - -# client_connections defines the client ACL's to restrict client access to specific LUNs -# The settings are as follows; -# - image_list is a comma separated list of rbd images of the form . -# - chap supplies the user and password the client will use for authentication of the -# form / -# - status shows the intended state of this client definition - 'present' or 'absent' -# -# NB. this definition can be commented out to skip client (nodeACL) management -# -# Example: -# -#client_connections: -# - { client: 'iqn.1994-05.com.redhat:rh7-iscsi-client', image_list: 'rbd.ansible1,rbd.ansible2', chap: 'rh7-iscsi-client/redhat', status: 'present' } -# - { client: 'iqn.1991-05.com.microsoft:w2k12r2', image_list: 'rbd.ansible4', chap: 'w2k12r2/microsoft_w2k12', status: 'absent' } - -#client_connections: {} - #no_log_on_ceph_key_tasks: True ############### diff --git a/group_vars/rhcs.yml.sample b/group_vars/rhcs.yml.sample index d57830ceb..18c311a5d 100644 --- a/group_vars/rhcs.yml.sample +++ b/group_vars/rhcs.yml.sample @@ -735,64 +735,6 @@ alertmanager_container_image: registry.redhat.io/openshift4/ose-prometheus-alert #igw_network: "{{ public_network }}" -################################## -# DEPRECIATED iSCSI TARGET SETUP # -################################## - -# WARNING # - -# The following values are depreciated. To setup targets, gateways, LUNs, and -# clients you should use gwcli or dashboard. If the following values are set, -# the old ceph-iscsi-config/ceph-iscsi-cli packages will be used. - -# Specify the iqn for ALL gateways. This iqn is shared across the gateways, so an iscsi -# client sees the gateway group as a single storage subsystem. -#gateway_iqn: "" - -# gateway_ip_list provides a list of the IP Addrresses - one per gateway - that will be used -# as an iscsi target portal ip. The list must be comma separated - and the order determines -# the sequence of TPG's within the iscsi target across each gateway. Once set, additional -# gateways can be added, but the order must *not* be changed. -#gateway_ip_list: 0.0.0.0 - -# rbd_devices defines the images that should be created and exported from the iscsi gateways. -# If the rbd does not exist, it will be created for you. In addition you may increase the -# size of rbd's by changing the size parameter and rerunning the playbook. A size value lower -# than the current size of the rbd is ignored. -# -# the 'host' parameter defines which of the gateway nodes should handle the physical -# allocation/expansion or removal of the rbd -# to remove an image, simply use a state of 'absent'. This will first check the rbd is not allocated -# to any client, and the remove it from LIO and then delete the rbd image -# -# NB. this variable definition can be commented out to bypass LUN management -# -# Example: -# -#rbd_devices: -# - { pool: 'rbd', image: 'ansible1', size: '30G', host: 'ceph-1', state: 'present' } -# - { pool: 'rbd', image: 'ansible2', size: '15G', host: 'ceph-1', state: 'present' } -# - { pool: 'rbd', image: 'ansible3', size: '30G', host: 'ceph-1', state: 'present' } -# - { pool: 'rbd', image: 'ansible4', size: '50G', host: 'ceph-1', state: 'present' } -#rbd_devices: {} - -# client_connections defines the client ACL's to restrict client access to specific LUNs -# The settings are as follows; -# - image_list is a comma separated list of rbd images of the form . -# - chap supplies the user and password the client will use for authentication of the -# form / -# - status shows the intended state of this client definition - 'present' or 'absent' -# -# NB. this definition can be commented out to skip client (nodeACL) management -# -# Example: -# -#client_connections: -# - { client: 'iqn.1994-05.com.redhat:rh7-iscsi-client', image_list: 'rbd.ansible1,rbd.ansible2', chap: 'rh7-iscsi-client/redhat', status: 'present' } -# - { client: 'iqn.1991-05.com.microsoft:w2k12r2', image_list: 'rbd.ansible4', chap: 'w2k12r2/microsoft_w2k12', status: 'absent' } - -#client_connections: {} - #no_log_on_ceph_key_tasks: True ############### diff --git a/infrastructure-playbooks/purge-iscsi-gateways.yml b/infrastructure-playbooks/purge-iscsi-gateways.yml deleted file mode 100644 index ec2247d2f..000000000 --- a/infrastructure-playbooks/purge-iscsi-gateways.yml +++ /dev/null @@ -1,96 +0,0 @@ ---- - -- name: Confirm removal of the iSCSI gateway configuration - hosts: localhost - - vars_prompt: - - name: purge_config - prompt: Which configuration elements should be purged? (all, lio or abort) - default: 'abort' - private: no - - tasks: - - name: Exit playbook if user aborted the purge - fail: - msg: > - "You have aborted the purge of the iSCSI gateway configuration" - when: purge_config == 'abort' - - - name: set_fact igw_purge_type - set_fact: - igw_purge_type: "{{ purge_config }}" - -- name: stopping the gateways - hosts: - - iscsigws - become: yes - vars: - - igw_purge_type: "{{ hostvars['localhost']['igw_purge_type'] }}" - - tasks: - - name: stopping and disabling iscsi daemons - service: - name: "{{ item }}" - state: stopped - enabled: no - with_items: - - rbd-target-gw - - rbd-target-api - - tcmu-runner - -- name: removing the gateway configuration - hosts: - - iscsigws - become: yes - vars: - - igw_purge_type: "{{ hostvars['localhost']['igw_purge_type'] }}" - - tasks: - - name: igw_purge | deleting configured rbd devices - igw_purge: mode="disks" - when: igw_purge_type == 'all' - run_once: true - - - name: igw_purge | purging the gateway configuration - igw_purge: mode="gateway" - run_once: true - - - name: restart and enable iscsi daemons - when: igw_purge_type == 'lio' - service: - name: "{{ item }}" - state: started - enabled: yes - with_items: - - tcmu-runner - - rbd-target-api - - rbd-target-gw - -- name: remove the gateways from the ceph dashboard - hosts: mons - become: true - tasks: - - import_role: - name: ceph-defaults - - - name: iscsi gateways with ceph dashboard - when: dashboard_enabled | bool - run_once: true - block: - - import_role: - name: ceph-facts - tasks_from: container_binary - - - name: set_fact container_exec_cmd - set_fact: - container_exec_cmd: "{{ container_binary }} exec ceph-mon-{{ ansible_facts['hostname'] }}" - when: containerized_deployment | bool - - - name: get iscsi gateway list - command: "{{ container_exec_cmd | default('') }} ceph --cluster {{ cluster }} dashboard iscsi-gateway-list -f json" - changed_when: false - register: gateways - - - name: remove iscsi gateways - command: "{{ container_exec_cmd | default('') }} ceph --cluster {{ cluster }} dashboard iscsi-gateway-rm {{ item }}" - with_items: '{{ (gateways.stdout | from_json)["gateways"] }}' diff --git a/library/igw_client.py b/library/igw_client.py deleted file mode 100644 index d4905f69a..000000000 --- a/library/igw_client.py +++ /dev/null @@ -1,135 +0,0 @@ -#!/usr/bin/env python - -__author__ = 'pcuzner@redhat.com' - -DOCUMENTATION = """ ---- -module: igw_client -short_description: Manage iscsi gateway client definitions -description: - - This module calls the 'client' configuration management module installed - on the iscsi gateway node to handle the definition of iscsi clients on the - gateway(s). This definition will setup iscsi authentication (e.g. chap), - and mask the required rbd images to the client. - - The 'client' configuration module is provided by ceph-iscsi-config - rpm which is installed on the gateway nodes. - - To support module debugging, this module logs to - /var/log/ansible-module-igw_config.log on the target machine(s). - -option: - client_iqn: - description: - - iqn of the client machine which should be connected or removed from the - iscsi gateway environment - required: true - - image_list: - description: - - comma separated string providing the rbd images that this - client definition should have. The rbd images provided must use the - following format . - e.g. rbd.disk1,rbd.disk2 - required: true - - chap: - description: - - chap credentials for the client to authenticate to the gateways - to gain access to the exported rbds (LUNs). The credentials is a string - value of the form 'username/password'. The iscsi client must then use - these settings to gain access to any LUN resources. - required: true - - state: - description: - - desired state for this client - absent or present - required: true - -requirements: ['ceph-iscsi-config'] - -author: - - 'Paul Cuzner' - -""" - -import os # noqa: E402 -import logging # noqa: E402 -from logging.handlers import RotatingFileHandler # noqa: E402 -from ansible.module_utils.basic import * # noqa: E402,F403 - -from ceph_iscsi_config.client import GWClient # noqa: E402 -import ceph_iscsi_config.settings as settings # noqa: E402 - - -# the main function is called ansible_main to allow the call stack -# to be checked to determine whether the call to the ceph_iscsi_config -# modules is from ansible or not -def ansible_main(): - - fields = { - "client_iqn": {"required": True, "type": "str"}, - "image_list": {"required": True, "type": "str"}, - "chap": {"required": True, "type": "str"}, - "state": { - "required": True, - "choices": ['present', 'absent'], - "type": "str" - }, - } - - module = AnsibleModule(argument_spec=fields, # noqa: F405 - supports_check_mode=False) - - client_iqn = module.params['client_iqn'] - - if module.params['image_list']: - image_list = module.params['image_list'].split(',') - else: - image_list = [] - - chap = module.params['chap'] - desired_state = module.params['state'] - - logger.info("START - Client configuration started : {}".format(client_iqn)) - - # The client is defined using the GWClient class. This class handles - # client attribute updates, rados configuration object updates and LIO - # settings. Since the logic is external to this custom module, clients - # can be created/deleted by other methods in the same manner. - client = GWClient(logger, client_iqn, image_list, chap) - if client.error: - module.fail_json(msg=client.error_msg) - - client.manage(desired_state) - if client.error: - module.fail_json(msg=client.error_msg) - - logger.info("END - Client configuration complete - {} " - "changes made".format(client.change_count)) - - changes_made = True if client.change_count > 0 else False - - module.exit_json(changed=changes_made, - meta={"msg": "Client definition completed {} " - "changes made".format(client.change_count)}) - - -if __name__ == '__main__': - - module_name = os.path.basename(__file__).replace('ansible_module_', '') - logger = logging.getLogger(os.path.basename(module_name)) - logger.setLevel(logging.DEBUG) - handler = RotatingFileHandler('/var/log/ansible-module-igw_config.log', - maxBytes=5242880, - backupCount=7) - log_fmt = logging.Formatter('%(asctime)s %(name)s %(levelname)-8s : ' - '%(message)s') - handler.setFormatter(log_fmt) - logger.addHandler(handler) - - # initialise global variables used by all called modules - # e.g. ceph conffile, keyring etc - settings.init() - - ansible_main() diff --git a/library/igw_gateway.py b/library/igw_gateway.py deleted file mode 100644 index 7ad9aa330..000000000 --- a/library/igw_gateway.py +++ /dev/null @@ -1,145 +0,0 @@ -#!/usr/bin/env python -__author__ = 'pcuzner@redhat.com' - - -DOCUMENTATION = """ ---- -module: igw_gateway -short_description: Manage the iscsi gateway definition -description: - - This module calls the 'gateway' configuration management module installed - on the iscsi gateway node(s) to handle the definition of iscsi gateways. - The module will configure; - * the iscsi target and target portal group (TPG) - * rbd maps to the gateway and registration of those rbds as LUNs to the - kernels LIO subsystem - - The actual configuration modules are provided by ceph-iscsi-config rpm - which is installed on the gateway nodes. - - To support module debugging, this module logs to - /var/log/ansible-module-igw_config.log on the target machine(s). - -option: - gateway_iqn: - description: - - iqn that all gateway nodes will use to present a common system image - name to iscsi clients - required: true - - gateway_ip_list: - description: - - comma separated string providing the IP addresses that will be used - as iSCSI portal IPs to accept iscsi client connections. Each IP address - should equate to an IP on a gateway node - typically dedicated to iscsi - traffic. The order of the IP addresses determines the TPG sequence - within the target definition - so once defined, new gateways can be - added but *must* be added to the end of this list to preserve the tpg - sequence - - e.g. 192.168.122.101,192.168.122.103 - required: true - - mode: - description: - - mode in which to run the gateway module. Two modes are supported - target ... define the iscsi target iqn, tpg's and portals - map ...... map luns to the tpg's, and also define the ALUA path setting - for each LUN (activeOptimized/activenonoptimized) - required: true - - -requirements: ['ceph-iscsi-config'] - -author: - - 'Paul Cuzner' - -""" - -import os # noqa: E402 -import logging # noqa: E402 - -from logging.handlers import RotatingFileHandler # noqa: E402 -from ansible.module_utils.basic import * # noqa: E402,F403 - -import ceph_iscsi_config.settings as settings # noqa: E402 -from ceph_iscsi_config.common import Config # noqa: E402 - -from ceph_iscsi_config.gateway import GWTarget # noqa: E402 -from ceph_iscsi_config.utils import valid_ip # noqa: E402 - - -# the main function is called ansible_main to allow the call stack -# to be checked to determine whether the call to the ceph_iscsi_config -# modules is from ansible or not -def ansible_main(): - # Configures the gateway on the host. All images defined are added to - # the default tpg for later allocation to clients - fields = {"gateway_iqn": {"required": True, "type": "str"}, - "gateway_ip_list": {"required": True}, # "type": "list"}, - "mode": { - "required": True, - "choices": ['target', 'map'] - } - } - - module = AnsibleModule(argument_spec=fields, # noqa: F405 - supports_check_mode=False) - - cfg = Config(logger) - if cfg.config['version'] > 3: - module.fail_json(msg="Unsupported iscsigws.yml/iscsi-gws.yml setting " - "detected. Remove depreciated iSCSI target, LUN, " - "client, and gateway settings from " - "iscsigws.yml/iscsi-gws.yml. See " - "iscsigws.yml.sample for list of supported " - "settings") - - gateway_iqn = module.params['gateway_iqn'] - gateway_ip_list = module.params['gateway_ip_list'].split(',') - mode = module.params['mode'] - - if not valid_ip(gateway_ip_list): - module.fail_json(msg="Invalid gateway IP address(es) provided - port " - "22 check failed ({})".format(gateway_ip_list)) - - logger.info("START - GATEWAY configuration started - mode {}".format(mode)) - - gateway = GWTarget(logger, gateway_iqn, gateway_ip_list) - if gateway.error: - logger.critical("(ansible_main) Gateway init failed - " - "{}".format(gateway.error_msg)) - module.fail_json(msg="iSCSI gateway initialisation failed " - "({})".format(gateway.error_msg)) - - gateway.manage(mode) - - if gateway.error: - logger.critical("(main) Gateway creation or load failed, " - "unable to continue") - module.fail_json(msg="iSCSI gateway creation/load failure " - "({})".format(gateway.error_msg)) - - logger.info("END - GATEWAY configuration complete") - module.exit_json(changed=gateway.changes_made, - meta={"msg": "Gateway setup complete"}) - - -if __name__ == '__main__': - - module_name = os.path.basename(__file__).replace('ansible_module_', '') - logger = logging.getLogger(os.path.basename(module_name)) - logger.setLevel(logging.DEBUG) - handler = RotatingFileHandler('/var/log/ansible-module-igw_config.log', - maxBytes=5242880, - backupCount=7) - log_fmt = logging.Formatter('%(asctime)s %(name)s %(levelname)-8s : ' - '%(message)s') - handler.setFormatter(log_fmt) - logger.addHandler(handler) - - # initialise global variables used by all called modules - # e.g. ceph conffile, keyring etc - settings.init() - - ansible_main() diff --git a/library/igw_lun.py b/library/igw_lun.py deleted file mode 100644 index 8fae72cf2..000000000 --- a/library/igw_lun.py +++ /dev/null @@ -1,168 +0,0 @@ -#!/usr/bin/env python - -__author__ = 'pcuzner@redhat.com' - -DOCUMENTATION = """ ---- -module: igw_lun -short_description: Manage ceph rbd images to present as iscsi LUNs to clients -description: - - This module calls the 'lun' configuration management module installed - on the iscsi gateway node(s). The lun module handles the creation and resize # noqa: E501 - of rbd images, and then maps these rbd devices to the gateway node(s) to be - exposed through the kernel's LIO target. - - To support module debugging, this module logs to /var/log/ansible-module-igw_config.log # noqa: E501 - on the target machine(s). - -option: - pool: - description: - - The ceph pool where the image should exist or be created in. - - NOTE - The pool *must* exist prior to the Ansible run. - - required: true - - image: - description: - - this is the rbd image name to create/resize - if the rbd does not exist it - is created for you with the settings optimised for exporting over iscsi. - required: true - - size: - description: - - The size of the rbd image to create/resize. The size is numeric suffixed by - G or T (GB or TB). Increasing the size of a LUN is supported, but if a size - is provided that is smaller that the current size, the request is simply ignored. - - e.g. 100G - required: true - - host: - description: - - the host variable defines the name of the gateway node that will be - the allocation host for this rbd image. RBD creation and resize can - only be performed by one gateway, the other gateways in the - configuration will wait for the operation to complete. - required: true - - features: - description: - - placeholder to potentially allow different rbd features to be set at - allocation time by Ansible. NOT CURRENTLY USED - required: false - - state: - description: - - desired state for this LUN - absent or present. For a state='absent' - request, the lun module will verify that the rbd image is not allocated to - a client. As long as the rbd image is not in use, the LUN definition will be - removed from LIO, unmapped from all gateways AND DELETED. - - USE WITH CARE! - required: true - -requirements: ['ceph-iscsi-config'] - -author: - - 'Paul Cuzner' - -""" - -import os # noqa: E402 -import logging # noqa: E402 -from logging.handlers import RotatingFileHandler # noqa: E402 - -from ansible.module_utils.basic import * # noqa: E402,F403 - -from ceph_iscsi_config.lun import LUN # noqa: E402 -from ceph_iscsi_config.utils import valid_size # noqa: E402 -import ceph_iscsi_config.settings as settings # noqa: E402 - - -# the main function is called ansible_main to allow the call stack -# to be checked to determine whether the call to the ceph_iscsi_config -# modules is from ansible or not -def ansible_main(): - - # Define the fields needs to create/map rbd's the the host(s) - # NB. features and state are reserved/unused - fields = { - "pool": {"required": False, "default": "rbd", "type": "str"}, - "image": {"required": True, "type": "str"}, - "size": {"required": True, "type": "str"}, - "host": {"required": True, "type": "str"}, - "features": {"required": False, "type": "str"}, - "state": { - "required": False, - "default": "present", - "choices": ['present', 'absent'], - "type": "str" - }, - } - - # not supporting check mode currently - module = AnsibleModule(argument_spec=fields, # noqa: F405 - supports_check_mode=False) - - pool = module.params["pool"] - image = module.params['image'] - size = module.params['size'] - allocating_host = module.params['host'] - desired_state = module.params['state'] - - ################################################ - # Validate the parameters passed from Ansible # - ################################################ - if not valid_size(size): - logger.critical("image '{}' has an invalid size specification '{}' " - "in the ansible configuration".format(image, - size)) - module.fail_json(msg="(main) Unable to use the size parameter '{}' " - "for image '{}' from the playbook - " - "must be a number suffixed by M,G " - "or T".format(size, - image)) - - # define a lun object and perform some initial parameter validation - lun = LUN(logger, pool, image, size, allocating_host) - if lun.error: - module.fail_json(msg=lun.error_msg) - - logger.info("START - LUN configuration started for {}/{}".format(pool, - image)) - - # attempt to create/allocate the LUN for LIO - lun.manage(desired_state) - if lun.error: - module.fail_json(msg=lun.error_msg) - - if lun.num_changes == 0: - logger.info("END - No changes needed") - else: - logger.info("END - {} configuration changes " - "made".format(lun.num_changes)) - - module.exit_json(changed=(lun.num_changes > 0), - meta={"msg": "Configuration updated"}) - - -if __name__ == '__main__': - - module_name = os.path.basename(__file__).replace('ansible_module_', '') - logger = logging.getLogger(os.path.basename(module_name)) - logger.setLevel(logging.DEBUG) - handler = RotatingFileHandler('/var/log/ansible-module-igw_config.log', - maxBytes=5242880, - backupCount=7) - log_fmt = logging.Formatter('%(asctime)s %(name)s %(levelname)-8s : ' - '%(message)s') - handler.setFormatter(log_fmt) - logger.addHandler(handler) - - # initialise global variables used by all called modules - # e.g. ceph conffile, keyring etc - settings.init() - - ansible_main() diff --git a/library/igw_purge.py b/library/igw_purge.py deleted file mode 100644 index a2a9f8421..000000000 --- a/library/igw_purge.py +++ /dev/null @@ -1,161 +0,0 @@ -#!/usr/bin/env python - -DOCUMENTATION = """ ---- -module: igw_purge -short_description: Provide a purge capability to remove an iSCSI gateway -environment -description: - - This module handles the removal of a gateway configuration from a ceph - environment. - The playbook that calls this module prompts the user for the type of purge - to perform. - The purge options are; - all ... purge all LIO configuration *and* delete all defined rbd images - lio ... purge only the LIO configuration (rbd's are left intact) - - USE WITH CAUTION - - To support module debugging, this module logs to - /var/log/ansible-module-igw_config.log on each target machine(s). - -option: - mode: - description: - - the mode defines the type of purge requested - gateway ... remove the LIO configuration only - disks ... remove the rbd disks defined to the gateway - required: true - -requirements: ['ceph-iscsi-config', 'python-rtslib'] - -author: - - 'Paul Cuzner' - -""" - -import os # noqa: E402 -import logging # noqa: E402 -import socket # noqa: E402,F401 -import rados # noqa: E402 -import rbd # noqa: E402 - -from logging.handlers import RotatingFileHandler # noqa: E402 -from ansible.module_utils.basic import * # noqa: E402,F403 - -import ceph_iscsi_config.settings as settings # noqa: E402 -from ceph_iscsi_config.common import Config # noqa: E402 -from ceph_iscsi_config.lun import RBDDev # noqa: E402 - -__author__ = 'pcuzner@redhat.com' - - -def delete_images(cfg): - changes_made = False - - for disk_name, disk in cfg.config['disks'].items(): - image = disk['image'] - - logger.debug("Deleing image {}".format(image)) - - backstore = disk.get('backstore') - if backstore is None: - # ceph iscsi-config based. - rbd_dev = RBDDev(image, 0, disk['pool']) - else: - # ceph-iscsi based. - rbd_dev = RBDDev(image, 0, backstore, disk['pool']) - - try: - rbd_dev.delete() - except rbd.ImageNotFound: - # Just log and ignore. If we crashed while purging we could delete - # the image but not removed it from the config - logger.debug("Image already deleted.") - except rbd.ImageHasSnapshots: - logger.error("Image still has snapshots.") - # Older versions of ceph-iscsi-config do not have a error_msg - # string. - if not rbd_dev.error_msg: - rbd_dev.error_msg = "Image has snapshots." - - if rbd_dev.error: - if rbd_dev.error_msg: - logger.error("Could not remove {}. Error: {}. Manually run the " # noqa: E501 - "rbd command line tool to delete.". - format(image, rbd_dev.error_msg)) - else: - logger.error("Could not remove {}. Manually run the rbd " - "command line tool to delete.".format(image)) - else: - changes_made = True - - return changes_made - - -def delete_gateway_config(cfg, module): - ioctx = cfg._open_ioctx() - try: - size, mtime = ioctx.stat(cfg.config_name) - except rados.ObjectNotFound: - logger.debug("gateway.conf already removed.") - return False - - try: - ioctx.remove_object(cfg.config_name) - except Exception as err: - module.fail_json(msg="Gateway config object failed: {}".format(err)) - - return True - - -def ansible_main(): - - fields = {"mode": {"required": True, - "type": "str", - "choices": ["gateway", "disks"] - } - } - - module = AnsibleModule(argument_spec=fields, # noqa: F405 - supports_check_mode=False) - - run_mode = module.params['mode'] - changes_made = False - - logger.info("START - GATEWAY configuration PURGE started, run mode " - "is {}".format(run_mode)) - cfg = Config(logger) - # - # Purge gateway configuration, if the config has gateways - if run_mode == 'gateway': - changes_made = delete_gateway_config(cfg, module) - elif run_mode == 'disks' and len(cfg.config['disks'].keys()) > 0: - # - # Remove the disks on this host, that have been registered in the - # config object - changes_made = delete_images(cfg) - - logger.info("END - GATEWAY configuration PURGE complete") - - module.exit_json(changed=changes_made, - meta={"msg": "Purge of iSCSI settings ({}) " - "complete".format(run_mode)}) - - -if __name__ == '__main__': - - module_name = os.path.basename(__file__).replace('ansible_module_', '') - logger = logging.getLogger(os.path.basename(module_name)) - logger.setLevel(logging.DEBUG) - handler = RotatingFileHandler('/var/log/ansible-module-igw_config.log', - maxBytes=5242880, - backupCount=7) - log_fmt = logging.Formatter('%(asctime)s %(name)s %(levelname)-8s : ' - '%(message)s') - handler.setFormatter(log_fmt) - logger.addHandler(handler) - - settings.init() - - ansible_main() diff --git a/roles/ceph-defaults/defaults/main.yml b/roles/ceph-defaults/defaults/main.yml index f4e55dbde..306cafc10 100644 --- a/roles/ceph-defaults/defaults/main.yml +++ b/roles/ceph-defaults/defaults/main.yml @@ -727,64 +727,6 @@ alertmanager_dashboard_api_no_ssl_verify: "{{ true if dashboard_protocol == 'htt igw_network: "{{ public_network }}" -################################## -# DEPRECIATED iSCSI TARGET SETUP # -################################## - -# WARNING # - -# The following values are depreciated. To setup targets, gateways, LUNs, and -# clients you should use gwcli or dashboard. If the following values are set, -# the old ceph-iscsi-config/ceph-iscsi-cli packages will be used. - -# Specify the iqn for ALL gateways. This iqn is shared across the gateways, so an iscsi -# client sees the gateway group as a single storage subsystem. -gateway_iqn: "" - -# gateway_ip_list provides a list of the IP Addrresses - one per gateway - that will be used -# as an iscsi target portal ip. The list must be comma separated - and the order determines -# the sequence of TPG's within the iscsi target across each gateway. Once set, additional -# gateways can be added, but the order must *not* be changed. -gateway_ip_list: 0.0.0.0 - -# rbd_devices defines the images that should be created and exported from the iscsi gateways. -# If the rbd does not exist, it will be created for you. In addition you may increase the -# size of rbd's by changing the size parameter and rerunning the playbook. A size value lower -# than the current size of the rbd is ignored. -# -# the 'host' parameter defines which of the gateway nodes should handle the physical -# allocation/expansion or removal of the rbd -# to remove an image, simply use a state of 'absent'. This will first check the rbd is not allocated -# to any client, and the remove it from LIO and then delete the rbd image -# -# NB. this variable definition can be commented out to bypass LUN management -# -# Example: -# -#rbd_devices: -# - { pool: 'rbd', image: 'ansible1', size: '30G', host: 'ceph-1', state: 'present' } -# - { pool: 'rbd', image: 'ansible2', size: '15G', host: 'ceph-1', state: 'present' } -# - { pool: 'rbd', image: 'ansible3', size: '30G', host: 'ceph-1', state: 'present' } -# - { pool: 'rbd', image: 'ansible4', size: '50G', host: 'ceph-1', state: 'present' } -rbd_devices: {} - -# client_connections defines the client ACL's to restrict client access to specific LUNs -# The settings are as follows; -# - image_list is a comma separated list of rbd images of the form . -# - chap supplies the user and password the client will use for authentication of the -# form / -# - status shows the intended state of this client definition - 'present' or 'absent' -# -# NB. this definition can be commented out to skip client (nodeACL) management -# -# Example: -# -#client_connections: -# - { client: 'iqn.1994-05.com.redhat:rh7-iscsi-client', image_list: 'rbd.ansible1,rbd.ansible2', chap: 'rh7-iscsi-client/redhat', status: 'present' } -# - { client: 'iqn.1991-05.com.microsoft:w2k12r2', image_list: 'rbd.ansible4', chap: 'w2k12r2/microsoft_w2k12', status: 'absent' } - -client_connections: {} - no_log_on_ceph_key_tasks: True ############### diff --git a/roles/ceph-facts/tasks/facts.yml b/roles/ceph-facts/tasks/facts.yml index be318de3c..82976803c 100644 --- a/roles/ceph-facts/tasks/facts.yml +++ b/roles/ceph-facts/tasks/facts.yml @@ -255,11 +255,6 @@ import_tasks: set_radosgw_address.yml when: inventory_hostname in groups.get(rgw_group_name, []) -- name: set_fact use_new_ceph_iscsi package or old ceph-iscsi-config/cli - set_fact: - use_new_ceph_iscsi: "{{ (gateway_ip_list == '0.0.0.0' and gateway_iqn | length == 0 and client_connections | length == 0 and rbd_devices | length == 0) | bool | ternary(true, false) }}" - when: iscsi_gw_group_name in group_names - - name: set_fact ceph_run_cmd set_fact: ceph_run_cmd: "{{ container_binary + ' run --rm --net=host -v /etc/ceph:/etc/ceph:z -v /var/lib/ceph/:/var/lib/ceph/:z -v /var/log/ceph/:/var/log/ceph/:z --entrypoint=ceph ' + ceph_docker_registry + '/' + ceph_docker_image + ':' + ceph_docker_image_tag if containerized_deployment | bool else 'ceph' }}" diff --git a/roles/ceph-iscsi-gw/tasks/main.yml b/roles/ceph-iscsi-gw/tasks/main.yml index 0366ce294..cbb54c280 100644 --- a/roles/ceph-iscsi-gw/tasks/main.yml +++ b/roles/ceph-iscsi-gw/tasks/main.yml @@ -13,12 +13,6 @@ include_tasks: deploy_ssl_keys.yml when: generate_crt | bool -- name: include non-container/configure_iscsi.yml - include_tasks: non-container/configure_iscsi.yml - when: - - not containerized_deployment | bool - - not use_new_ceph_iscsi | bool - - name: include non-container/postrequisites.yml include_tasks: non-container/postrequisites.yml when: not containerized_deployment | bool diff --git a/roles/ceph-iscsi-gw/tasks/non-container/configure_iscsi.yml b/roles/ceph-iscsi-gw/tasks/non-container/configure_iscsi.yml deleted file mode 100644 index 4138b0c49..000000000 --- a/roles/ceph-iscsi-gw/tasks/non-container/configure_iscsi.yml +++ /dev/null @@ -1,33 +0,0 @@ ---- -- name: igw_gateway (tgt) | configure iscsi target (gateway) - igw_gateway: - mode: "target" - gateway_iqn: "{{ gateway_iqn }}" - gateway_ip_list: "{{ gateway_ip_list }}" - register: target - -- name: igw_lun | configure luns (create/map rbds and add to lio) - igw_lun: - pool: "{{ item.pool }}" - image: "{{ item.image }}" - size: "{{ item.size }}" - host: "{{ item.host }}" - state: "{{ item.state }}" - with_items: "{{ rbd_devices }}" - register: images - -- name: igw_gateway (map) | map luns to the iscsi target - igw_gateway: - mode: "map" - gateway_iqn: "{{ gateway_iqn }}" - gateway_ip_list: "{{ gateway_ip_list }}" - register: luns - -- name: igw_client | configure client connectivity - igw_client: - client_iqn: "{{ item.client }}" - image_list: "{{ item.image_list }}" - chap: "{{ item.chap }}" - state: "{{ item.status }}" - with_items: "{{ client_connections }}" - register: clients diff --git a/roles/ceph-iscsi-gw/tasks/non-container/prerequisites.yml b/roles/ceph-iscsi-gw/tasks/non-container/prerequisites.yml index 7e3e93ebe..216aaf064 100644 --- a/roles/ceph-iscsi-gw/tasks/non-container/prerequisites.yml +++ b/roles/ceph-iscsi-gw/tasks/non-container/prerequisites.yml @@ -2,24 +2,12 @@ - name: red hat based systems tasks when: ansible_facts['os_family'] == 'RedHat' block: - - name: set_fact common_pkgs + - name: set_fact iscsi_pkgs set_fact: - common_pkgs: + iscsi_pkgs: - tcmu-runner - targetcli - - - name: set_fact base iscsi pkgs if new style ceph-iscsi - set_fact: - iscsi_base: - ceph-iscsi - when: use_new_ceph_iscsi | bool - - - name: set_fact base iscsi pkgs if using older ceph-iscsi-config - set_fact: - iscsi_base: - - ceph-iscsi-cli - - ceph-iscsi-config - when: not use_new_ceph_iscsi | bool - name: when ceph_iscsi_config_dev is true when: @@ -37,17 +25,16 @@ - name: ceph-iscsi development repository get_url: - url: "https://shaman.ceph.com/api/repos/{{ item }}/master/latest/{{ ansible_facts['distribution'] | lower }}/{{ ansible_facts['distribution_major_version'] }}/repo" - dest: '/etc/yum.repos.d/{{ item }}-dev.repo' + url: "https://shaman.ceph.com/api/repos/ceph-iscsi/master/latest/{{ ansible_facts['distribution'] | lower }}/{{ ansible_facts['distribution_major_version'] }}/repo" + dest: '/etc/yum.repos.d/ceph-iscsi-dev.repo' force: true register: result until: result is succeeded - with_items: '{{ iscsi_base }}' when: ceph_repository == 'dev' - name: ceph-iscsi stable repository get_url: - url: "https://download.ceph.com/ceph-iscsi/{{ '3' if use_new_ceph_iscsi | bool else '2' }}/rpm/el{{ ansible_facts['distribution_major_version'] }}/ceph-iscsi.repo" + url: "https://download.ceph.com/ceph-iscsi/3/rpm/el{{ ansible_facts['distribution_major_version'] }}/ceph-iscsi.repo" dest: /etc/yum.repos.d/ceph-iscsi.repo force: true register: result @@ -56,7 +43,7 @@ - name: install ceph iscsi package package: - name: "{{ common_pkgs + iscsi_base }}" + name: "{{ iscsi_pkgs }}" state: "{{ (upgrade_ceph_packages|bool) | ternary('latest','present') }}" register: result until: result is succeeded diff --git a/roles/ceph-validate/tasks/check_iscsi.yml b/roles/ceph-validate/tasks/check_iscsi.yml index 7bf11b31c..055cc4e1b 100644 --- a/roles/ceph-validate/tasks/check_iscsi.yml +++ b/roles/ceph-validate/tasks/check_iscsi.yml @@ -4,32 +4,6 @@ msg: "iSCSI gateways can only be deployed on Red Hat Enterprise Linux, CentOS or Fedora" when: ansible_facts['distribution'] not in ['RedHat', 'CentOS', 'Fedora'] -- name: make sure gateway_ip_list is configured - fail: - msg: "you must set a list of IPs (comma separated) for gateway_ip_list" - when: - - gateway_ip_list == '0.0.0.0' - - not containerized_deployment | bool - - not use_new_ceph_iscsi | bool - -- name: make sure gateway_iqn is configured - fail: - msg: "you must set a iqn for the iSCSI target" - when: - - gateway_iqn | length == 0 - - not containerized_deployment | bool - - not use_new_ceph_iscsi | bool - -- name: fail if unsupported chap configuration - fail: - msg: "Mixing clients with CHAP enabled and disabled is not supported." - with_items: "{{ client_connections }}" - when: - - item.status is defined - - item.status == "present" - - item.chap - - " '' in client_connections | selectattr('status', 'match', 'present') | map(attribute='chap') | list" - - name: fail on unsupported distribution version for iscsi gateways command: "grep -q {{ item }}=m {% if is_atomic|bool %}/usr/lib/ostree-boot{% else %}/boot{% endif %}/config-{{ ansible_facts['kernel'] }}" register: iscsi_kernel