From 29b239a8f858a14aabbe1d1ae552856ca3bb866e Mon Sep 17 00:00:00 2001 From: Huamin Chen Date: Thu, 21 Jan 2016 19:54:41 +0000 Subject: [PATCH] containerized mon: create restapi keyring add sample config for containerized deployment --- group_vars/all.docker | 25 +++++++++++++++++++++++++ roles/ceph-mon/tasks/ceph_keys.yml | 13 ++++++++++++- roles/ceph-mon/tasks/docker/main.yml | 1 + 3 files changed, 38 insertions(+), 1 deletion(-) create mode 100644 group_vars/all.docker diff --git a/group_vars/all.docker b/group_vars/all.docker new file mode 100644 index 000000000..67f995812 --- /dev/null +++ b/group_vars/all.docker @@ -0,0 +1,25 @@ +--- +dummy: +cephx_require_signatures: false # Kernel RBD does NOT support signatures! +cephx_cluster_require_signatures: false +restapi_group_name: restapis +fetch_directory: fetch/ +mon_containerized_deployment: true +ceph_mon_docker_username: hchen +ceph_mon_docker_imagename: rhceph +ceph_mon_docker_interface: "{{ monitor_interface }}" +ceph_mon_docker_subnet: "{{ public_network }}" # subnet of the ceph_mon_docker_interface +ceph_mon_extra_envs: "MON_NAME={{ ansible_hostname }}" # comma separated variables +osd_containerized_deployment: true +ceph_osd_docker_username: hchen +ceph_osd_docker_imagename: rhceph +ceph_osd_docker_extra_env: "CEPH_DAEMON=OSD_CEPH_DISK,OSD_FORCE_ZAP=1" # comma separated variables +ceph_osd_docker_devices: + - /dev/sdb +rgw_containerized_deployment: true +ceph_rgw_docker_username: hchen +ceph_rgw_docker_imagename: rhceph +ceph_rgw_civetweb_port: 80 +ceph_rgw_docker_extra_env: "RGW_CIVETWEB_PORT={{ ceph_rgw_civetweb_port }}" # comma separated variables +rbd_client_directories: false +ceph_stable_release: hammer diff --git a/roles/ceph-mon/tasks/ceph_keys.yml b/roles/ceph-mon/tasks/ceph_keys.yml index f2d33f467..f5eba729b 100644 --- a/roles/ceph-mon/tasks/ceph_keys.yml +++ b/roles/ceph-mon/tasks/ceph_keys.yml @@ -5,13 +5,24 @@ wait_for: path: /etc/ceph/ceph.client.admin.keyring -- name: create ceph rest api keyring +- name: create ceph rest api keyring when mon is not containerized command: ceph auth get-or-create client.restapi osd 'allow *' mon 'allow *' -o /etc/ceph/ceph.client.restapi.keyring args: creates: /etc/ceph/ceph.client.restapi.keyring changed_when: false when: cephx and + not mon_containerized_deployment and + groups[restapi_group_name] is defined + +- name: create ceph rest api keyring when mon is containerized + command: docker exec {{ ansible_hostname }} ceph auth get-or-create client.restapi osd 'allow *' mon 'allow *' -o /etc/ceph/ceph.client.restapi.keyring + args: + creates: /etc/ceph/ceph.client.restapi.keyring + changed_when: false + when: + cephx and + mon_containerized_deployment and groups[restapi_group_name] is defined - include: openstack_config.yml diff --git a/roles/ceph-mon/tasks/docker/main.yml b/roles/ceph-mon/tasks/docker/main.yml index 22489ff99..e2d02ba20 100644 --- a/roles/ceph-mon/tasks/docker/main.yml +++ b/roles/ceph-mon/tasks/docker/main.yml @@ -15,3 +15,4 @@ - include: fetch_configs.yml - include: start_docker_monitor.yml - include: copy_configs.yml +- include: ../ceph_keys.yml