ceph
/
ceph-ansible
mirror of https://github.com/ceph/ceph-ansible.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

mon: add mgr cap to admin key 

Signed-off-by: Sébastien Han <seb@redhat.com>
pull/1707/head
Sébastien Han 2017-07-24 16:00:06 +02:00
parent 37f73cafa4
commit 2566db3e7c
1 changed files with 15 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
roles/ceph-mon/tasks/deploy_monitors.yml
View File

@ -38,8 +38,22 @@
mode: "0755" mode: "0755"
recurse: true recurse: true
- set_fact:
ceph_authtool_cap: "--cap mon 'allow *' --cap osd 'allow *' --cap mds 'allow' --cap mgr 'allow *'"
when:
- ceph_release_num.{{ ceph_release }} >= ceph_release_num.luminous
- cephx
- admin_secret != 'admin_secret'
- set_fact:
ceph_authtool_cap: "--cap mon 'allow *' --cap osd 'allow *' --cap mds 'allow'"
when:
- ceph_release_num.{{ ceph_release }} < ceph_release_num.luminous
- cephx
- admin_secret != 'admin_secret'
- name: create custom admin keyring - name: create custom admin keyring
command: ceph-authtool /etc/ceph/{{ cluster }}.client.admin.keyring --create-keyring --name=client.admin --add-key={{ admin_secret }} --set-uid=0 --cap mon 'allow *' --cap osd 'allow *' --cap mds 'allow' command: "ceph-authtool /etc/ceph/{{ cluster }}.client.admin.keyring --create-keyring --name=client.admin --add-key={{ admin_secret }} --set-uid=0 {{ ceph_authtool_cap }}"
args: args:
creates: /etc/ceph/{{ cluster }}.client.admin.keyring creates: /etc/ceph/{{ cluster }}.client.admin.keyring
register: create_custom_admin_secret register: create_custom_admin_secret