Merge pull request #1018 from ceph/profile-examples

profiles: introducing cluster profiles
2017-07-28 15:38:06 +02:00 · 2017-07-28 15:38:06 +02:00 · 511750f31e
parent 050807471a 26f4752bc4
commit 511750f31e
8 changed files with 103 additions and 86 deletions
--- a/group_vars/all.yml.sample
+++ b/group_vars/all.yml.sample
@ -294,31 +294,6 @@ dummy:
 # https://github.com/civetweb/civetweb/blob/master/docs/UserManual.md
 #radosgw_civetweb_options: "port={{ radosgw_civetweb_bind_ip }}:{{ radosgw_civetweb_port }} num_threads={{ radosgw_civetweb_num_threads }}"
 #radosgw_keystone: false # activate OpenStack Keystone options full detail here: http://ceph.com/docs/master/radosgw/keystone/
-#radosgw_keystone_url: # url:admin_port ie: http://192.168.0.1:35357
-#radosgw_keystone_api_version: 2 # API versions 2 and 3 are supported
-#radosgw_keystone_ssl: true # Can be used to disable PKI revocation checks when other token types are used.
-# for admin_token method, define radosgw_keystone_admin_token
-# for auth_token method, define _user, _password, and _tenant
-#radosgw_keystone_auth_method: admin_token
-#radosgw_keystone_admin_token: password
-#radosgw_keystone_admin_user: username
-#radosgw_keystone_admin_password: password
-#radosgw_keystone_admin_tenant: tenant
-#radosgw_keystone_admin_domain: default
-#radosgw_keystone_accepted_roles: Member, _member_, admin
-#radosgw_keystone_token_cache_size: 10000
-#radosgw_keystone_revocation_internal: 900
-#radosgw_s3_auth_use_keystone: "true"
-#radosgw_nss_db_path: /var/lib/ceph/radosgw/ceph-radosgw.{{ ansible_hostname }}/nss
-# Settings for the RGW usage logging described at http://docs.ceph.com/docs/jewel/man/8/radosgw/#usage-logging
-#radosgw_usage_log: false
-#radosgw_usage_log_tick_interval: 30
-#radosgw_usage_log_flush_threshold: 1024
-#radosgw_usage_max_shards: 32
-#radosgw_usage_max_user_shards: 1
-# Settings for static website hosting
-#radosgw_static_website: false
-#radosgw_dns_s3website_name: your.subdomain.tld # subdomain used by radosgw for website bucket hosting.
 # Rados Gateway options
 #email_address: foo@bar.com

--- a/profiles/rgw-keystone-v2
+++ b/profiles/rgw-keystone-v2
@ -0,0 +1,30 @@
+---
+# THIS FILE IS AN EXAMPLE THAT CONTAINS A SET OF VARIABLE FOR A PARTICULAR PURPOSE
+# GOAL: CONFIGURE RADOS GATEWAY WITH KEYSTONE V2
+#
+# The following variables should be added in your group_vars/rgws.yml file
+# The double quotes are important, do NOT remove them.
+
+
+ceph_conf_overrides:
+  "client.rgw.{{ hostvars[inventory_hostname]['ansible_hostname'] }}":
+    "rgw keystone api version": "2"
+    "rgw keystone url": "http://192.168.0.1:35357"
+    "rgw keystone admin token": "password"
+    "rgw keystone admin tenant": "admin"
+    "rgw keystone accepted roles": "Member, _member_, admin"
+    "rgw keystone token cache size": "10000"
+    "rgw keystone revocation interval": "900"
+    "rgw s3 auth use keystone": "true"
+    "nss db path": "/var/lib/ceph/radosgw/ceph-radosgw.{{ ansible_hostname }}/nss"
+
+
+# NOTE (leseb): to authentivate with Keystone you have two options:
+# * using a token (like shown above)
+#     - "rgw keystone admin token" = admin"
+#     - "rgw keystone token cache size" = 10000"
+#
+# * use credential:
+#     - "rgw keystone admin user" = "admin"
+#     - "rgw keystone admin password" = "password"
+#
--- a/profiles/rgw-keystone-v3
+++ b/profiles/rgw-keystone-v3
@ -0,0 +1,31 @@
+---
+# THIS FILE IS AN EXAMPLE THAT CONTAINS A SET OF VARIABLE FOR A PARTICULAR PURPOSE
+# GOAL: CONFIGURE RADOS GATEWAY WITH KEYSTONE V3
+#
+# The following variables should be added in your group_vars/rgws.yml file
+# The double quotes are important, do NOT remove them.
+
+
+ceph_conf_overrides:
+  "client.rgw.{{ hostvars[inventory_hostname]['ansible_hostname'] }}":
+    "rgw keystone api version": "3"
+    "rgw keystone url": "http://192.168.0.1:35357"
+    "rgw keystone admin token": "password"
+    "rgw keystone admin project": "admin"
+    "rgw keystone admin domain": "default"
+    "rgw keystone accepted roles": "Member, _member_, admin"
+    "rgw keystone token cache size": "10000"
+    "rgw keystone revocation interval": "900"
+    "rgw s3 auth use keystone": "true"
+    "nss db path": "/var/lib/ceph/radosgw/ceph-radosgw.{{ ansible_hostname }}/nss"
+
+
+# NOTE (leseb): to authentivate with Keystone you have two options:
+# * using a token (like shown above)
+#     - "rgw keystone admin token" = admin"
+#     - "rgw keystone token cache size" = 10000"
+#
+# * use credential:
+#     - "rgw keystone admin user" = "admin"
+#     - "rgw keystone admin password" = "password"
+#
--- a/profiles/rgw-radosgw-static-website
+++ b/profiles/rgw-radosgw-static-website
@ -0,0 +1,11 @@
+---
+# THIS FILE IS AN EXAMPLE THAT CONTAINS A SET OF VARIABLE FOR A PARTICULAR PURPOSE
+# GOAL: CONFIGURE RADOS GATEWAY WITH STATIC WEBSITE
+#
+# The following variables should be added in your group_vars/rgws.yml file
+# The double quotes are important, do NOT remove them.
+
+ceph_conf_overrides:
+  "client.rgw.{{ hostvars[inventory_hostname]['ansible_hostname'] }}":
+    rgw enable static website = true
+    rgw dns s3website name = objects-website-region.domain.com
--- a/profiles/rgw-usage-log
+++ b/profiles/rgw-usage-log
@ -0,0 +1,15 @@
+---
+# THIS FILE IS AN EXAMPLE THAT CONTAINS A SET OF VARIABLE FOR A PARTICULAR PURPOSE
+# GOAL: CONFIGURE RADOS GATEWAY WITH USAGE LOG
+#
+# The following variables should be added in your group_vars/rgws.yml file
+# The double quotes are important, do NOT remove them.
+
+ceph_conf_overrides:
+  "client.rgw.{{ hostvars[inventory_hostname]['ansible_hostname'] }}":
+    rgw enable usage log = true
+    rgw usage log tick interval = 30
+    rgw usage log flush threshold = 1024
+    rgw usage max shards = 32
+    rgw usage max user shards = 1
+
--- a/roles/ceph-common/defaults/main.yml
+++ b/roles/ceph-common/defaults/main.yml
@ -286,31 +286,6 @@ radosgw_civetweb_num_threads: 100
 # https://github.com/civetweb/civetweb/blob/master/docs/UserManual.md
 radosgw_civetweb_options: "port={{ radosgw_civetweb_bind_ip }}:{{ radosgw_civetweb_port }} num_threads={{ radosgw_civetweb_num_threads }}"
 radosgw_keystone: false # activate OpenStack Keystone options full detail here: http://ceph.com/docs/master/radosgw/keystone/
-#radosgw_keystone_url: # url:admin_port ie: http://192.168.0.1:35357
-radosgw_keystone_api_version: 2 # API versions 2 and 3 are supported
-radosgw_keystone_ssl: true # Can be used to disable PKI revocation checks when other token types are used.
-# for admin_token method, define radosgw_keystone_admin_token
-# for auth_token method, define _user, _password, and _tenant
-radosgw_keystone_auth_method: admin_token
-radosgw_keystone_admin_token: password
-radosgw_keystone_admin_user: username
-radosgw_keystone_admin_password: password
-radosgw_keystone_admin_tenant: tenant
-radosgw_keystone_admin_domain: default
-radosgw_keystone_accepted_roles: Member, _member_, admin
-radosgw_keystone_token_cache_size: 10000
-radosgw_keystone_revocation_internal: 900
-radosgw_s3_auth_use_keystone: "true"
-radosgw_nss_db_path: /var/lib/ceph/radosgw/ceph-radosgw.{{ ansible_hostname }}/nss
-# Settings for the RGW usage logging described at http://docs.ceph.com/docs/jewel/man/8/radosgw/#usage-logging
-radosgw_usage_log: false
-radosgw_usage_log_tick_interval: 30
-radosgw_usage_log_flush_threshold: 1024
-radosgw_usage_max_shards: 32
-radosgw_usage_max_user_shards: 1
-# Settings for static website hosting
-radosgw_static_website: false
-radosgw_dns_s3website_name: your.subdomain.tld # subdomain used by radosgw for website bucket hosting.
 # Rados Gateway options
 email_address: foo@bar.com

--- a/roles/ceph-common/tasks/generate_ceph_conf.yml
+++ b/roles/ceph-common/tasks/generate_ceph_conf.yml
@ -10,6 +10,14 @@
    - /etc/ceph/
    - /etc/ceph/ceph.d/

+- name: template ceph_conf_overrides
+  local_action: copy content="{{ ceph_conf_overrides }}" dest=/tmp/ceph_conf_overrides_temp
+  run_once: true
+
+- name: get rendered ceph_conf_overrides
+  local_action: set_fact ceph_conf_overrides_rendered="{{ lookup('template', '/tmp/ceph_conf_overrides_temp') | from_yaml }}"
+  run_once: true
+
 - name: "generate ceph configuration file: {{ cluster }}.conf"
  action: config_template
  args:
@ -18,7 +26,7 @@
    owner: "ceph"
    group: "ceph"
    mode: "0644"
-    config_overrides: "{{ ceph_conf_overrides }}"
+    config_overrides: "{{ ceph_conf_overrides_rendered }}"
    config_type: ini

 - name: assemble {{ cluster }}.conf and fragments
--- a/roles/ceph-common/templates/ceph.conf.j2
+++ b/roles/ceph-common/templates/ceph.conf.j2
@ -112,6 +112,7 @@ filestore xattr use omap = true
 {% endif %}

 {% if groups[mds_group_name] is defined %}
+{% if mds_group_name in group_names %}
 {% for host in groups[mds_group_name] %}
 {% if hostvars[host]['ansible_fqdn'] is defined and mds_use_fqdn %}
 [mds.{{ hostvars[host]['ansible_fqdn'] }}]
@ -122,56 +123,26 @@ host = {{ hostvars[host]['ansible_hostname'] }}
 {% endif %}
 {% endfor %}
 {% endif %}
+{% endif %}

 {% if groups[rgw_group_name] is defined %}
+{% if rgw_group_name in group_names %}
 {% for host in groups[rgw_group_name] %}
 {% if hostvars[host]['ansible_hostname'] is defined %}
 [client.rgw.{{ hostvars[host]['ansible_hostname'] }}]
-{% if radosgw_dns_name is defined %}
-rgw dns name = {{ radosgw_dns_name }}
-{% endif %}
 host = {{ hostvars[host]['ansible_hostname'] }}
 keyring = /var/lib/ceph/radosgw/{{ cluster }}-rgw.{{ hostvars[host]['ansible_hostname'] }}/keyring
 rgw socket path = /tmp/radosgw-{{ hostvars[host]['ansible_hostname'] }}.sock
 log file = /var/log/ceph/{{ cluster }}-rgw-{{ hostvars[host]['ansible_hostname'] }}.log
 rgw data = /var/lib/ceph/radosgw/{{ cluster }}-rgw.{{ hostvars[host]['ansible_hostname'] }}
-rgw frontends = civetweb {{ radosgw_civetweb_options }}
-rgw resolve cname = {{ radosgw_resolve_cname | bool }}
-{% if radosgw_keystone %}
-rgw keystone url = {{ radosgw_keystone_url }}
-rgw keystone api version = {{ radosgw_keystone_api_version }}
-{% if radosgw_keystone_auth_method == 'admin_token' %}
-rgw keystone admin token = {{ radosgw_keystone_admin_token }}
-{% elif radosgw_keystone_auth_method == 'auth_token' %}
-rgw keystone admin user = {{ radosgw_keystone_admin_user }}
-rgw keystone admin password = {{ radosgw_keystone_admin_password }}
-rgw keystone admin tenant = {{ radosgw_keystone_admin_tenant }}
-rgw keystone admin domain = {{ radosgw_keystone_admin_domain }}
-{% endif %}
-rgw keystone accepted roles = {{ radosgw_keystone_accepted_roles }}
-rgw keystone token cache size = {{ radosgw_keystone_token_cache_size }}
-rgw keystone revocation interval = {{ radosgw_keystone_revocation_internal }}
-rgw s3 auth use keystone = {{ radosgw_s3_auth_use_keystone }}
-{% if radosgw_keystone_ssl | bool %}
-nss db path = {{ radosgw_nss_db_path }}
-{% endif %}
-{% endif %}
-{% if radosgw_usage_log | bool %}
-rgw enable usage log = true
-rgw usage log tick interval = {{ radosgw_usage_log_tick_interval }}
-rgw usage log flush threshold = {{ radosgw_usage_log_flush_threshold }}
-rgw usage max shards = {{ radosgw_usage_max_shards }}
-rgw usage max user shards = {{ radosgw_usage_max_user_shards }}
-{% endif %}
-{% if radosgw_static_website | bool %}
-rgw enable static website = {{ radosgw_static_website }}
-rgw dns s3website name = {{ radosgw_dns_s3website_name }}
-{% endif %}
+rgw frontends = civetweb port={{ radosgw_civetweb_bind_ip }}:{{ radosgw_civetweb_port }} num_threads={{ radosgw_civetweb_num_threads }}
 {% endif %}
 {% endfor %}
 {% endif %}
+{% endif %}

 {% if groups[restapi_group_name] is defined %}
+{% if restapi_group_name in group_names %}
 [client.restapi]
 {% if restapi_interface != "interface" %}
 {% include 'client_restapi_interface.j2' %}
@ -181,3 +152,4 @@ rgw dns s3website name = {{ radosgw_dns_s3website_name }}
 keyring = /var/lib/ceph/restapi/ceph-restapi/keyring
 log file = /var/log/ceph/ceph-restapi.log
 {% endif %}
+{% endif %}