mon: fix cephx disabled deployment

Due to missing condition on `cephx` variable, cephx disabled deployments are broken. This commit fixes this. Closes: https://bugzilla.redhat.com/show_bug.cgi?id=1910151 Signed-off-by: Guillaume Abrioux <gabrioux@redhat.com>
2021-01-13 11:07:50 +01:00 · 2021-01-13 11:07:50 +01:00 · 4af0845702
parent 6616908577
commit 4af0845702
1 changed files with 50 additions and 48 deletions
--- a/roles/ceph-mon/tasks/deploy_monitors.yml
+++ b/roles/ceph-mon/tasks/deploy_monitors.yml
@ -1,56 +1,58 @@
 ---
- name: check if monitor initial keyring already exists
+- name: cephx related tasks
-  ceph_key:
+  when: cephx | bool
-    name: mon.
+  block:
-    cluster: "{{ cluster }}"
+    - name: check if monitor initial keyring already exists
-    user: mon.
+      ceph_key:
-    user_key: "/var/lib/ceph/mon/{{ cluster }}-{{ hostvars[running_mon]['ansible_hostname'] }}/keyring"
+        name: mon.
-    output_format: json
+        cluster: "{{ cluster }}"
-    state: info
+        user: mon.
-  environment:
+        user_key: "/var/lib/ceph/mon/{{ cluster }}-{{ hostvars[running_mon]['ansible_hostname'] }}/keyring"
-    CEPH_CONTAINER_IMAGE: "{{ ceph_docker_registry + '/' + ceph_docker_image + ':' + ceph_docker_image_tag if containerized_deployment | bool else None }}"
+        output_format: json
-    CEPH_CONTAINER_BINARY: "{{ container_binary }}"
+        state: info
-  register: initial_mon_key
+      environment:
-  run_once: True
+        CEPH_CONTAINER_IMAGE: "{{ ceph_docker_registry + '/' + ceph_docker_image + ':' + ceph_docker_image_tag if containerized_deployment | bool else None }}"
-  delegate_to: "{{ running_mon }}"
+        CEPH_CONTAINER_BINARY: "{{ container_binary }}"
-  when: running_mon is defined
+      register: initial_mon_key
      run_once: True
      delegate_to: "{{ running_mon }}"
      when: running_mon is defined
- name: generate monitor initial keyring
+    - name: generate monitor initial keyring
-  ceph_key:
+      ceph_key:
-    state: generate_secret
+        state: generate_secret
-  register: monitor_keyring
+      register: monitor_keyring
-  delegate_to: localhost
+      delegate_to: localhost
-  become: false
+      become: false
-  run_once: true
+      run_once: true
-  when:
+      when: initial_mon_key.skipped is defined
    - initial_mon_key.skipped is defined
- name: get initial keyring when it already exists
+    - name: get initial keyring when it already exists
-  set_fact:
+      set_fact:
-    monitor_keyring: "{{ (initial_mon_key.stdout | from_json)[0]['key'] if initial_mon_key is not skipped else monitor_keyring.stdout }}"
+        monitor_keyring: "{{ (initial_mon_key.stdout | from_json)[0]['key'] if initial_mon_key is not skipped else monitor_keyring.stdout }}"
- name: create monitor initial keyring
+    - name: create monitor initial keyring
-  ceph_key:
+      ceph_key:
-    name: mon.
+        name: mon.
-    dest: "/var/lib/ceph/tmp/"
+        dest: "/var/lib/ceph/tmp/"
-    secret: "{{ monitor_keyring }}"
+        secret: "{{ monitor_keyring }}"
-    cluster: "{{ cluster }}"
+        cluster: "{{ cluster }}"
-    caps:
+        caps:
-      mon: allow *
+          mon: allow *
-    import_key: False
+        import_key: False
-    owner: "{{ ceph_uid if containerized_deployment | bool else 'ceph' }}"
+        owner: "{{ ceph_uid if containerized_deployment | bool else 'ceph' }}"
-    group: "{{ ceph_uid if containerized_deployment | bool else 'ceph' }}"
+        group: "{{ ceph_uid if containerized_deployment | bool else 'ceph' }}"
-    mode: "0400"
+        mode: "0400"
-  environment:
+      environment:
-    CEPH_CONTAINER_IMAGE: "{{ ceph_docker_registry + '/' + ceph_docker_image + ':' + ceph_docker_image_tag if containerized_deployment | bool else None }}"
+        CEPH_CONTAINER_IMAGE: "{{ ceph_docker_registry + '/' + ceph_docker_image + ':' + ceph_docker_image_tag if containerized_deployment | bool else None }}"
-    CEPH_CONTAINER_BINARY: "{{ container_binary }}"
+        CEPH_CONTAINER_BINARY: "{{ container_binary }}"
- name: copy the initial key in /etc/ceph (for containers)
+    - name: copy the initial key in /etc/ceph (for containers)
-  copy:
+      copy:
-    src: /var/lib/ceph/tmp/{{ cluster }}.mon..keyring
+        src: /var/lib/ceph/tmp/{{ cluster }}.mon..keyring
-    dest: /etc/ceph/{{ cluster }}.mon.keyring
+        dest: /etc/ceph/{{ cluster }}.mon.keyring
-    remote_src: true
+        remote_src: true
-  when: containerized_deployment | bool
+      when: containerized_deployment | bool
 - name: create monitor directory
  file: