Use new Infernalis release

Add proper fixes for the new ceph user and dir/files permissions

Signed-off-by: Sébastien Han <seb@redhat.com>
pull/436/head
Sébastien Han 2015-11-17 16:10:02 +01:00
parent d092c0c899
commit 2fa995a889
9 changed files with 509 additions and 48 deletions

View File

@ -45,7 +45,7 @@ dummy:
# COMMUNITY VERSION
#ceph_stable: false # use ceph stable branch
#ceph_stable_key: https://download.ceph.com/keys/release.asc
#ceph_stable_release: hammer # ceph stable release
#ceph_stable_release: infernalis # ceph stable release
# Use the option below to specify your applicable package tree, eg. when using non-LTS Ubuntu versions
# # for a list of available Debian distributions, visit http://ceph.com/debian-{{ ceph_stable_release }}/dists/

View File

@ -43,7 +43,7 @@ ceph_use_distro_backports: false # DEBIAN ONLY
# COMMUNITY VERSION
ceph_stable: false # use ceph stable branch
ceph_stable_key: https://download.ceph.com/keys/release.asc
ceph_stable_release: hammer # ceph stable release
ceph_stable_release: infernalis # ceph stable release
# Use the option below to specify your applicable package tree, eg. when using non-LTS Ubuntu versions
# # for a list of available Debian distributions, visit http://ceph.com/debian-{{ ceph_stable_release }}/dists/

View File

@ -1,23 +1,92 @@
---
# Deploy Ceph metadata server(s)
- name: create bootstrap-mds directory (for or after infernalis release)
file:
path: /var/lib/ceph/bootstrap-mds/
state: directory
owner: ceph
group: ceph
mode: 0755
when:
ceph_stable_release != 'dumpling' or
ceph_stable_release != 'emperor' or
ceph_stable_release != 'firefly' or
ceph_stable_release != 'giant' or
ceph_stable_release != 'hammer'
- name: copy mds bootstrap key
- name: create bootstrap-mds directory (before infernalis release)
file:
path: /var/lib/ceph/bootstrap-mds/
state: directory
owner: root
group: root
mode: 0755
when:
cephx and
(ceph_stable_release == 'dumpling' or
ceph_stable_release == 'emperor' or
ceph_stable_release == 'firefly' or
ceph_stable_release == 'giant' or
ceph_stable_release == 'hammer')
- name: copy mds bootstrap key (for or after infernalis release)
copy:
src: "{{ fetch_directory }}/{{ fsid }}/var/lib/ceph/bootstrap-mds/ceph.keyring"
dest: /var/lib/ceph/bootstrap-mds/ceph.keyring
owner: ceph
group: ceph
mode: 0600
when:
cephx and
(ceph_stable_release != 'dumpling' or
ceph_stable_release != 'emperor' or
ceph_stable_release != 'firefly' or
ceph_stable_release != 'giant' or
ceph_stable_release != 'hammer')
- name: copy mds bootstrap key (before infernalis release)
copy:
src: "{{ fetch_directory }}/{{ fsid }}/var/lib/ceph/bootstrap-mds/ceph.keyring"
dest: /var/lib/ceph/bootstrap-mds/ceph.keyring
owner: root
group: root
mode: 600
when: cephx
mode: 0600
when:
cephx and
(ceph_stable_release == 'dumpling' or
ceph_stable_release == 'emperor' or
ceph_stable_release == 'firefly' or
ceph_stable_release == 'giant' or
ceph_stable_release == 'hammer')
- name: create mds directory
- name: create mds directory (for or after infernalis release)
file:
path: /var/lib/ceph/mds/ceph-{{ ansible_hostname }}
state: directory
owner: root
group: root
mode: 0644
when: cephx
owner: ceph
group: ceph
mode: 0755
when:
cephx and
(ceph_stable_release != 'dumpling' or
ceph_stable_release != 'emperor' or
ceph_stable_release != 'firefly' or
ceph_stable_release != 'giant' or
ceph_stable_release != 'hammer')
- name: create mds directory (before infernalis release)
file:
path: /var/lib/ceph/mds/ceph-{{ ansible_hostname }}
state: directory
owner: ceph
group: cephh
mode: 0755
when:
cephx and
(ceph_stable_release == 'dumpling' or
ceph_stable_release == 'emperor' or
ceph_stable_release == 'firefly' or
ceph_stable_release == 'giant' or
ceph_stable_release == 'hammer')
- name: create mds keyring
command: ceph --cluster ceph --name client.bootstrap-mds --keyring /var/lib/ceph/bootstrap-mds/ceph.keyring auth get-or-create mds.{{ ansible_hostname }} osd 'allow rwx' mds 'allow' mon 'allow profile mds' -o /var/lib/ceph/mds/ceph-{{ ansible_hostname }}/keyring
@ -26,39 +95,109 @@
changed_when: false
when: cephx
- name: set mds key permissions
- name: set mds key permissions (for or after infernalis release)
file:
path: /var/lib/ceph/mds/ceph-{{ ansible_hostname }}/keyring
mode: 0600
owner: ceph
group: ceph
when:
cephx and
(ceph_stable_release != 'dumpling' or
ceph_stable_release != 'emperor' or
ceph_stable_release != 'firefly' or
ceph_stable_release != 'giant' or
ceph_stable_release != 'hammer')
- name: set mds key permissions (before infernalis)
file:
path: /var/lib/ceph/mds/ceph-{{ ansible_hostname }}/keyring
mode: 0600
owner: root
group: root
when: cephx
when:
cephx and
(ceph_stable_release == 'dumpling' or
ceph_stable_release == 'emperor' or
ceph_stable_release == 'firefly' or
ceph_stable_release == 'giant' or
ceph_stable_release == 'hammer')
- name: activate metadata server with upstart
- name: activate metadata server with upstart (for or after infernalis release)
file:
path: /var/lib/ceph/mds/ceph-{{ ansible_hostname }}/{{ item }}
state: touch
owner: root
group: root
owner: ceph
group: ceph
mode: 0600
with_items:
- done
- upstart
changed_when: false
when: ansible_distribution == "Ubuntu"
when:
ansible_distribution == "Ubuntu" and
(ceph_stable_release != 'dumpling' or
ceph_stable_release != 'emperor' or
ceph_stable_release != 'firefly' or
ceph_stable_release != 'giant' or
ceph_stable_release != 'hammer')
- name: activate metadata server with sysvinit
- name: activate metadata server with upstart (before infernalis release)
file:
path: /var/lib/ceph/mds/ceph-{{ ansible_hostname }}/{{ item }}
state: touch
owner: root
group: root
mode: 0600
mode: 0644
with_items:
- done
- upstart
changed_when: false
when:
ansible_distribution == "Ubuntu" and
(ceph_stable_release == 'dumpling' or
ceph_stable_release == 'emperor' or
ceph_stable_release == 'firefly' or
ceph_stable_release == 'giant' or
ceph_stable_release == 'hammer')
- name: activate metadata server with sysvinit (for or after infernalis release)
file:
path: /var/lib/ceph/mds/ceph-{{ ansible_hostname }}/{{ item }}
state: touch
owner: ceph
group: ceph
mode: 0644
with_items:
- done
- sysvinit
changed_when: false
when: ansible_distribution != "Ubuntu"
when:
ansible_distribution != "Ubuntu" and
(ceph_stable_release != 'dumpling' or
ceph_stable_release != 'emperor' or
ceph_stable_release != 'firefly' or
ceph_stable_release != 'giant' or
ceph_stable_release != 'hammer')
- name: activate metadata server with sysvinit (before infernalis release)
file:
path: /var/lib/ceph/mds/ceph-{{ ansible_hostname }}/{{ item }}
state: touch
owner: root
group: root
mode: 0644
with_items:
- done
- sysvinit
changed_when: false
when:
ansible_distribution != "Ubuntu" and
(ceph_stable_release == 'dumpling' or
ceph_stable_release == 'emperor' or
ceph_stable_release == 'firefly' or
ceph_stable_release == 'giant' or
ceph_stable_release == 'hammer')
- name: start and add that the metadata service to the init sequence (ubuntu)
service:

View File

@ -19,22 +19,78 @@
args:
creates: /var/lib/ceph/tmp/keyring.mon.{{ ansible_hostname }}
- name: set initial monitor key permissions
- name: set initial monitor key permissions (for or after infernalis release)
file:
path: /var/lib/ceph/tmp/keyring.mon.{{ ansible_hostname }}
mode: 0600
owner: ceph
group: ceph
when:
ceph_stable_release != 'dumpling' or
ceph_stable_release != 'emperor' or
ceph_stable_release != 'firefly' or
ceph_stable_release != 'giant' or
ceph_stable_release != 'hammer'
- name: create monitor directory (for or after infernalis release)
file:
path: /var/lib/ceph/mon/ceph-{{ ansible_hostname }}
state: directory
owner: ceph
group: ceph
mode: 0755
when:
ceph_stable_release != 'dumpling' or
ceph_stable_release != 'emperor' or
ceph_stable_release != 'firefly' or
ceph_stable_release != 'giant' or
ceph_stable_release != 'hammer'
- name: set initial monitor key permissions (before infernalis release)
file:
path: /var/lib/ceph/tmp/keyring.mon.{{ ansible_hostname }}
mode: 0600
owner: root
group: root
when:
ceph_stable_release == 'dumpling' or
ceph_stable_release == 'emperor' or
ceph_stable_release == 'firefly' or
ceph_stable_release == 'giant' or
ceph_stable_release == 'hammer'
- name: create monitor directory
- name: create monitor directory (before infernalis release)
file:
path: /var/lib/ceph/mon/ceph-{{ ansible_hostname }}
state: directory
owner: root
group: root
mode: 0755
when:
ceph_stable_release == 'dumpling' or
ceph_stable_release == 'emperor' or
ceph_stable_release == 'firefly' or
ceph_stable_release == 'giant' or
ceph_stable_release == 'hammer'
- name: ceph monitor mkfs
- name: ceph monitor mkfs (for or after infernalis release)
command: ceph-mon --setuser ceph --setgroup ceph --mkfs -i {{ ansible_hostname }} --fsid {{ fsid }} --keyring /var/lib/ceph/tmp/keyring.mon.{{ ansible_hostname }}
args:
creates: /var/lib/ceph/mon/ceph-{{ ansible_hostname }}/keyring
when:
ceph_stable_release != 'dumpling' or
ceph_stable_release != 'emperor' or
ceph_stable_release != 'firefly' or
ceph_stable_release != 'giant' or
ceph_stable_release != 'hammer'
- name: ceph monitor mkfs (before infernalis release)
command: ceph-mon --mkfs -i {{ ansible_hostname }} --fsid {{ fsid }} --keyring /var/lib/ceph/tmp/keyring.mon.{{ ansible_hostname }}
args:
creates: /var/lib/ceph/mon/ceph-{{ ansible_hostname }}/keyring
when:
ceph_stable_release == 'dumpling' or
ceph_stable_release == 'emperor' or
ceph_stable_release == 'firefly' or
ceph_stable_release == 'giant' or
ceph_stable_release == 'hammer'

View File

@ -10,7 +10,7 @@
- include: create_mds_filesystems.yml
when:
not ceph_containerized_deployment and
not mon_containerized_deployment and
groups[mds_group_name] is defined
- include: secure_cluster.yml

View File

@ -1,5 +1,18 @@
---
- name: activate monitor with upstart
- name: activate monitor with upstart for or after infernalis release
file:
path: /var/lib/ceph/mon/ceph-{{ ansible_hostname }}/{{ item }}
state: touch
owner: ceph
group: ceph
mode: 0600
with_items:
- done
- upstart
when: ansible_distribution == "Ubuntu"
changed_when: false
- name: activate monitor with upstart before infernalis release
file:
path: /var/lib/ceph/mon/ceph-{{ ansible_hostname }}/{{ item }}
state: touch
@ -9,7 +22,13 @@
with_items:
- done
- upstart
when: ansible_distribution == "Ubuntu"
when:
ansible_distribution == "Ubuntu" and
(ceph_stable_release == 'dumpling' or
ceph_stable_release == 'emperor' or
ceph_stable_release == 'firefly' or
ceph_stable_release == 'giant' or
ceph_stable_release == 'hammer')
changed_when: false
- name: start and add that the monitor service to the init sequence (ubuntu)

View File

@ -11,19 +11,62 @@
state: present
when: ansible_os_family == 'RedHat'
- name: create bootstrap-osd
- name: create bootstrap-osd directory (for or after infernalis release)
file:
path: /var/lib/ceph/bootstrap-osd/
state: directory
owner: ceph
group: ceph
mode: 0755
when:
cephx and
(ceph_stable_release != 'dumpling' or
ceph_stable_release != 'emperor' or
ceph_stable_release != 'firefly' or
ceph_stable_release != 'giant' or
ceph_stable_release != 'hammer')
- name: create bootstrap-osd directory (before infernalis release)
file:
path: /var/lib/ceph/bootstrap-osd/
state: directory
owner: root
group: root
mode: 600
mode: 0755
when:
cephx and
(ceph_stable_release == 'dumpling' or
ceph_stable_release == 'emperor' or
ceph_stable_release == 'firefly' or
ceph_stable_release == 'giant' or
ceph_stable_release == 'hammer')
- name: copy osd bootstrap key
- name: copy osd bootstrap key (for or after infernalis release)
copy:
src: "{{ fetch_directory }}/{{ fsid }}/var/lib/ceph/bootstrap-osd/ceph.keyring"
dest: /var/lib/ceph/bootstrap-osd/ceph.keyring
owner: ceph
group: ceph
mode: 0600
when:
cephx and
(ceph_stable_release != 'dumpling' or
ceph_stable_release != 'emperor' or
ceph_stable_release != 'firefly' or
ceph_stable_release != 'giant' or
ceph_stable_release != 'hammer')
- name: copy osd bootstrap key (before infernalis release)
copy:
src: "{{ fetch_directory }}/{{ fsid }}/var/lib/ceph/bootstrap-osd/ceph.keyring"
dest: /var/lib/ceph/bootstrap-osd/ceph.keyring
owner: root
group: root
mode: 600
when: cephx
when:
cephx and
(ceph_stable_release == 'dumpling' or
ceph_stable_release == 'emperor' or
ceph_stable_release == 'firefly' or
ceph_stable_release == 'giant' or
ceph_stable_release == 'hammer')

View File

@ -1,22 +1,82 @@
---
- name: create ceph rest api directory
- name: create ceph rest api directory (for or after infernalis release)
file:
path: /var/lib/ceph/restapi/ceph-restapi
state: directory
owner: ceph
group: ceph
mode: 0755
when:
ceph_stable_release != 'dumpling' or
ceph_stable_release != 'emperor' or
ceph_stable_release != 'firefly' or
ceph_stable_release != 'giant' or
ceph_stable_release != 'hammer'
- name: create ceph rest api directory (before infernalis release)
file:
path: /var/lib/ceph/restapi/ceph-restapi
state: directory
owner: root
group: root
mode: 0755
when:
ceph_stable_release == 'dumpling' or
ceph_stable_release == 'emperor' or
ceph_stable_release == 'firefly' or
ceph_stable_release == 'giant' or
ceph_stable_release == 'hammer'
- name: copy ceph rest api keyring
- name: copy ceph rest api keyring (for or after infernalis release)
copy:
src: "{{ fetch_directory }}/{{ fsid }}/etc/ceph/ceph.client.restapi.keyring"
dest: "/var/lib/ceph/restapi/ceph-restapi/keyring"
owner: ceph
group: ceph
mode: 600
when:
cephx and
(ceph_stable_release != 'dumpling' or
ceph_stable_release != 'emperor' or
ceph_stable_release != 'firefly' or
ceph_stable_release != 'giant' or
ceph_stable_release != 'hammer')
- name: copy ceph rest api keyring (before infernalis release)
copy:
src: "{{ fetch_directory }}/{{ fsid }}/etc/ceph/ceph.client.restapi.keyring"
dest: "/var/lib/ceph/restapi/ceph-restapi/keyring"
owner: root
group: root
mode: 600
when: cephx
when:
cephx and
(ceph_stable_release == 'dumpling' or
ceph_stable_release == 'emperor' or
ceph_stable_release == 'firefly' or
ceph_stable_release == 'giant' or
ceph_stable_release == 'hammer')
- name: activate ceph rest api with upstart
- name: activate ceph rest api with upstart (for or after infernalis release)
file:
path: /var/lib/ceph/restapi/{{ item }}
state: touch
owner: ceph
group: ceph
mode: 0600
with_items:
- done
- upstart
changed_when: false
when:
ansible_distribution == "Ubuntu" and
(ceph_stable_release != 'dumpling' or
ceph_stable_release != 'emperor' or
ceph_stable_release != 'firefly' or
ceph_stable_release != 'giant' or
ceph_stable_release != 'hammer')
- name: activate ceph rest api with upstart (before infernalis release)
file:
path: /var/lib/ceph/restapi/{{ item }}
state: touch
@ -27,9 +87,33 @@
- done
- upstart
changed_when: false
when: ansible_distribution == "Ubuntu"
when:
ansible_distribution == "Ubuntu" and
(ceph_stable_release != 'dumpling' or
ceph_stable_release != 'emperor' or
ceph_stable_release != 'firefly' or
ceph_stable_release != 'giant' or
ceph_stable_release != 'hammer')
- name: activate ceph rest api with sysvinit
- name: activate ceph rest api with sysvinit (for or after infernalis release))
file:
path: /var/lib/ceph/restapi/{{ item }}
state: touch
owner: ceph
group: ceph
mode: 0600
with_items:
- done
- sysvinit
when:
ansible_distribution != "Ubuntu" and
(ceph_stable_release != 'dumpling' or
ceph_stable_release != 'emperor' or
ceph_stable_release != 'firefly' or
ceph_stable_release != 'giant' or
ceph_stable_release != 'hammer')
- name: activate ceph rest api with sysvinit (before infernalis release))
file:
path: /var/lib/ceph/restapi/{{ item }}
state: touch
@ -39,7 +123,13 @@
with_items:
- done
- sysvinit
when: ansible_distribution != "Ubuntu"
when:
ansible_distribution != "Ubuntu" and
(ceph_stable_release != 'dumpling' or
ceph_stable_release != 'emperor' or
ceph_stable_release != 'firefly' or
ceph_stable_release != 'giant' or
ceph_stable_release != 'hammer')
# NOTE (leseb): will uncomment this when this https://github.com/ceph/ceph/pull/4144 lands
#- name: start and add that the Ceph REST API service to the init sequence (Ubuntu)

View File

@ -1,23 +1,67 @@
---
- name: create rados gateway directories
- name: create rados gateway directories (for or after infernalis release)
file:
path: "{{ item }}"
state: directory
owner: ceph
group: ceph
mode: 0755
with_items:
- /var/lib/ceph/bootstrap-rgw
- /var/lib/ceph/radosgw/ceph-rgw.{{ ansible_hostname }}
when:
ceph_stable_release != 'dumpling' or
ceph_stable_release != 'emperor' or
ceph_stable_release != 'firefly' or
ceph_stable_release != 'giant' or
ceph_stable_release != 'hammer'
- name: create rados gateway directories (before infernalis release)
file:
path: "{{ item }}"
state: directory
owner: root
group: root
mode: 0644
mode: 0755
with_items:
- /var/lib/ceph/bootstrap-rgw
- /var/lib/ceph/radosgw/ceph-rgw.{{ ansible_hostname }}
when:
ceph_stable_release == 'dumpling' or
ceph_stable_release == 'emperor' or
ceph_stable_release == 'firefly' or
ceph_stable_release == 'giant' or
ceph_stable_release == 'hammer'
- name: copy rados gateway bootstrap key
- name: copy rados gateway bootstrap key (for or after infernalis release)
copy:
src: "{{ fetch_directory }}/{{ fsid }}/var/lib/ceph/bootstrap-rgw/ceph.keyring"
dest: /var/lib/ceph/bootstrap-rgw/ceph.keyring
owner: ceph
group: ceph
mode: 0600
when:
cephx and
(ceph_stable_release != 'dumpling' or
ceph_stable_release != 'emperor' or
ceph_stable_release != 'firefly' or
ceph_stable_release != 'giant' or
ceph_stable_release != 'hammer')
- name: copy rados gateway bootstrap key (before infernalis release)
copy:
src: "{{ fetch_directory }}/{{ fsid }}/var/lib/ceph/bootstrap-rgw/ceph.keyring"
dest: /var/lib/ceph/bootstrap-rgw/ceph.keyring
owner: root
group: root
mode: 600
when: cephx
mode: 0600
when:
cephx and
(ceph_stable_release == 'dumpling' or
ceph_stable_release == 'emperor' or
ceph_stable_release == 'firefly' or
ceph_stable_release == 'giant' or
ceph_stable_release == 'hammer')
- name: create rados gateway keyring
command: ceph --cluster ceph --name client.bootstrap-rgw --keyring /var/lib/ceph/bootstrap-rgw/ceph.keyring auth get-or-create client.rgw.{{ ansible_hostname }} osd 'allow rwx' mon 'allow rw' -o /var/lib/ceph/radosgw/ceph-rgw.{{ ansible_hostname }}/keyring
@ -26,15 +70,54 @@
changed_when: false
when: cephx
- name: set rados gateway key permissions
- name: set rados gateway key permissions (for or after the infernalis release)
file:
path: /var/lib/ceph/radosgw/ceph-rgw.{{ ansible_hostname }}/keyring
mode: 0600
owner: ceph
group: ceph
when:
cephx and
(ceph_stable_release != 'dumpling' or
ceph_stable_release != 'emperor' or
ceph_stable_release != 'firefly' or
ceph_stable_release != 'giant' or
ceph_stable_release != 'hammer')
- name: set rados gateway key permissions (before infernalis release)
file:
path: /var/lib/ceph/radosgw/ceph-rgw.{{ ansible_hostname }}/keyring
mode: 0600
owner: root
group: root
when: cephx
when:
cephx and
(ceph_stable_release == 'dumpling' or
ceph_stable_release == 'emperor' or
ceph_stable_release == 'firefly' or
ceph_stable_release == 'giant' or
ceph_stable_release == 'hammer')
- name: activate rados gateway with upstart
- name: activate rados gateway with upstart (for or after infernalis release)
file:
path: /var/lib/ceph/radosgw/ceph-rgw.{{ ansible_hostname }}/{{ item }}
state: touch
owner: ceph
group: ceph
mode: 0644
with_items:
- done
- upstart
changed_when: false
when:
ansible_distribution == "Ubuntu" and
(ceph_stable_release != 'dumpling' or
ceph_stable_release != 'emperor' or
ceph_stable_release != 'firefly' or
ceph_stable_release != 'giant' or
ceph_stable_release != 'hammer')
- name: activate rados gateway with upstart (before infernalis release)
file:
path: /var/lib/ceph/radosgw/ceph-rgw.{{ ansible_hostname }}/{{ item }}
state: touch
@ -45,9 +128,34 @@
- done
- upstart
changed_when: false
when: ansible_distribution == "Ubuntu"
when:
ansible_distribution == "Ubuntu" and
(ceph_stable_release == 'dumpling' or
ceph_stable_release == 'emperor' or
ceph_stable_release == 'firefly' or
ceph_stable_release == 'giant' or
ceph_stable_release == 'hammer')
- name: activate rados gateway with sysvinit
- name: activate rados gateway with sysvinit (for or after infernalis release)
file:
path: /var/lib/ceph/radosgw/ceph-rgw.{{ ansible_hostname }}/{{ item }}
state: touch
owner: ceph
group: ceph
mode: 0644
with_items:
- done
- sysvinit
changed_when: false
when:
ansible_distribution != "Ubuntu" and
(ceph_stable_release != 'dumpling' or
ceph_stable_release != 'emperor' or
ceph_stable_release != 'firefly' or
ceph_stable_release != 'giant' or
ceph_stable_release != 'hammer')
- name: activate rados gateway with sysvinit (before infernalis release)
file:
path: /var/lib/ceph/radosgw/ceph-rgw.{{ ansible_hostname }}/{{ item }}
state: touch
@ -58,7 +166,13 @@
- done
- sysvinit
changed_when: false
when: ansible_distribution != "Ubuntu"
when:
ansible_distribution != "Ubuntu" and
(ceph_stable_release == 'dumpling' or
ceph_stable_release == 'emperor' or
ceph_stable_release == 'firefly' or
ceph_stable_release == 'giant' or
ceph_stable_release == 'hammer')
- name: generate rados gateway sudoers file
template: