mirror of https://github.com/ceph/ceph-ansible.git
Revert "nfs-ganesha support removal"
This reverts commit 675667e1d6
.
Signed-off-by: Guillaume Abrioux <gabrioux@ibm.com>
pull/7571/head
parent
5a44fbeaa6
commit
59198f5bcd
|
@ -62,6 +62,7 @@ It means if you are pushing a patch modifying one of these files:
|
|||
- `./roles/ceph-rbd-mirror/defaults/main.yml`
|
||||
- `./roles/ceph-defaults/defaults/main.yml`
|
||||
- `./roles/ceph-osd/defaults/main.yml`
|
||||
- `./roles/ceph-nfs/defaults/main.yml`
|
||||
- `./roles/ceph-client/defaults/main.yml`
|
||||
- `./roles/ceph-common/defaults/main.yml`
|
||||
- `./roles/ceph-mon/defaults/main.yml`
|
||||
|
|
|
@ -20,6 +20,7 @@ NMONS = settings['mon_vms']
|
|||
NOSDS = settings['osd_vms']
|
||||
NMDSS = settings['mds_vms']
|
||||
NRGWS = settings['rgw_vms']
|
||||
NNFSS = settings['nfs_vms']
|
||||
NRBD_MIRRORS = settings['rbd_mirror_vms']
|
||||
CLIENTS = settings['client_vms']
|
||||
MGRS = settings['mgr_vms']
|
||||
|
@ -61,6 +62,7 @@ ansible_provision = proc do |ansible|
|
|||
'osds' => (0..NOSDS - 1).map { |j| "#{LABEL_PREFIX}osd#{j}" },
|
||||
'mdss' => (0..NMDSS - 1).map { |j| "#{LABEL_PREFIX}mds#{j}" },
|
||||
'rgws' => (0..NRGWS - 1).map { |j| "#{LABEL_PREFIX}rgw#{j}" },
|
||||
'nfss' => (0..NNFSS - 1).map { |j| "#{LABEL_PREFIX}nfs#{j}" },
|
||||
'rbd_mirrors' => (0..NRBD_MIRRORS - 1).map { |j| "#{LABEL_PREFIX}rbd_mirror#{j}" },
|
||||
'clients' => (0..CLIENTS - 1).map { |j| "#{LABEL_PREFIX}client#{j}" },
|
||||
'mgrs' => (0..MGRS - 1).map { |j| "#{LABEL_PREFIX}mgr#{j}" },
|
||||
|
@ -371,6 +373,52 @@ Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|
|
|||
end
|
||||
end
|
||||
|
||||
(0..NNFSS - 1).each do |i|
|
||||
config.vm.define "#{LABEL_PREFIX}nfs#{i}" do |nfs|
|
||||
nfs.vm.hostname = "#{LABEL_PREFIX}nfs#{i}"
|
||||
if ASSIGN_STATIC_IP && !IPV6
|
||||
nfs.vm.network :private_network,
|
||||
:ip => "#{PUBLIC_SUBNET}.#{$last_ip_pub_digit+=1}"
|
||||
end
|
||||
|
||||
# Virtualbox
|
||||
nfs.vm.provider :virtualbox do |vb|
|
||||
vb.customize ['modifyvm', :id, '--memory', "#{MEMORY}"]
|
||||
end
|
||||
|
||||
# VMware
|
||||
nfs.vm.provider :vmware_fusion do |v|
|
||||
v.vmx['memsize'] = "#{MEMORY}"
|
||||
end
|
||||
|
||||
# Libvirt
|
||||
nfs.vm.provider :libvirt do |lv,override|
|
||||
lv.memory = MEMORY
|
||||
lv.random_hostname = true
|
||||
if IPV6 then
|
||||
override.vm.network :private_network,
|
||||
:libvirt__ipv6_address => "#{PUBLIC_SUBNET}",
|
||||
:libvirt__ipv6_prefix => "64",
|
||||
:libvirt__dhcp_enabled => false,
|
||||
:libvirt__forward_mode => "veryisolated",
|
||||
:libvirt__network_name => "ipv6-public-network",
|
||||
:ip => "#{PUBLIC_SUBNET}#{$last_ip_pub_digit+=1}",
|
||||
:netmask => "64"
|
||||
end
|
||||
end
|
||||
|
||||
# Parallels
|
||||
nfs.vm.provider "parallels" do |prl|
|
||||
prl.name = "ceph-nfs#{i}"
|
||||
prl.memory = "#{MEMORY}"
|
||||
end
|
||||
|
||||
nfs.vm.provider :linode do |provider|
|
||||
provider.label = nfs.vm.hostname
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
(0..NMDSS - 1).each do |i|
|
||||
config.vm.define "#{LABEL_PREFIX}mds#{i}" do |mds|
|
||||
mds.vm.hostname = "#{LABEL_PREFIX}mds#{i}"
|
||||
|
|
|
@ -7,6 +7,7 @@ mon_vms: 1
|
|||
osd_vms: 1
|
||||
mds_vms: 0
|
||||
rgw_vms: 0
|
||||
nfs_vms: 0
|
||||
rbd_mirror_vms: 0
|
||||
client_vms: 0
|
||||
mgr_vms: 0
|
||||
|
|
|
@ -24,6 +24,7 @@ mon_vms: 3
|
|||
osd_vms: 3
|
||||
mds_vms: 1
|
||||
rgw_vms: 0
|
||||
nfs_vms: 0
|
||||
rbd_mirror_vms: 0
|
||||
client_vms: 0
|
||||
|
||||
|
|
|
@ -8,6 +8,7 @@ mon_vms: 1
|
|||
osd_vms: 1
|
||||
mds_vms: 0
|
||||
rgw_vms: 0
|
||||
nfs_vms: 0
|
||||
rbd_mirror_vms: 0
|
||||
client_vms: 0
|
||||
|
||||
|
|
|
@ -7,6 +7,7 @@
|
|||
- "{{ rgw_group_name|default('rgws') }}"
|
||||
- "{{ mgr_group_name|default('mgrs') }}"
|
||||
- "{{ rbdmirror_group_name|default('rbdmirrors') }}"
|
||||
- "{{ nfs_group_name|default('nfss') }}"
|
||||
- "{{ monitoring_group_name|default('monitoring') }}"
|
||||
gather_facts: false
|
||||
become: true
|
||||
|
|
|
@ -47,6 +47,7 @@ to follow (most of them are 1 line settings).
|
|||
osd_vms: 0
|
||||
mds_vms: 0
|
||||
rgw_vms: 0
|
||||
nfs_vms: 0
|
||||
rbd_mirror_vms: 0
|
||||
client_vms: 0
|
||||
mgr_vms: 0
|
||||
|
|
|
@ -52,6 +52,7 @@ dummy:
|
|||
#osd_group_name: osds
|
||||
#rgw_group_name: rgws
|
||||
#mds_group_name: mdss
|
||||
#nfs_group_name: nfss
|
||||
#rbdmirror_group_name: rbdmirrors
|
||||
#client_group_name: clients
|
||||
#mgr_group_name: mgrs
|
||||
|
@ -62,6 +63,7 @@ dummy:
|
|||
# - "{{ osd_group_name }}"
|
||||
# - "{{ rgw_group_name }}"
|
||||
# - "{{ mds_group_name }}"
|
||||
# - "{{ nfs_group_name }}"
|
||||
# - "{{ rbdmirror_group_name }}"
|
||||
# - "{{ client_group_name }}"
|
||||
# - "{{ mgr_group_name }}"
|
||||
|
@ -79,6 +81,7 @@ dummy:
|
|||
#ceph_osd_firewall_zone: public
|
||||
#ceph_rgw_firewall_zone: public
|
||||
#ceph_mds_firewall_zone: public
|
||||
#ceph_nfs_firewall_zone: public
|
||||
#ceph_rbdmirror_firewall_zone: public
|
||||
#ceph_dashboard_firewall_zone: public
|
||||
#ceph_rgwloadbalancer_firewall_zone: public
|
||||
|
@ -155,6 +158,13 @@ dummy:
|
|||
#ceph_stable_release: squid
|
||||
#ceph_stable_repo: "{{ ceph_mirror }}/debian-{{ ceph_stable_release }}"
|
||||
|
||||
#nfs_ganesha_stable: true # use stable repos for nfs-ganesha
|
||||
#centos_release_nfs: centos-release-nfs-ganesha4
|
||||
#nfs_ganesha_stable_deb_repo: http://ppa.launchpad.net/nfs-ganesha/nfs-ganesha-4/ubuntu
|
||||
#nfs_ganesha_apt_keyserver: keyserver.ubuntu.com
|
||||
#nfs_ganesha_apt_key_id: EA914D611053D07BD332E18010353E8834DC57CA
|
||||
#libntirpc_stable_deb_repo: http://ppa.launchpad.net/nfs-ganesha/libntirpc-4/ubuntu
|
||||
|
||||
# Use the option below to specify your applicable package tree, eg. when using non-LTS Ubuntu versions
|
||||
# # for a list of available Debian distributions, visit http://download.ceph.com/debian-{{ ceph_stable_release }}/dists/
|
||||
# for more info read: https://github.com/ceph/ceph-ansible/issues/305
|
||||
|
@ -189,6 +199,13 @@ dummy:
|
|||
#ceph_dev_branch: main # development branch you would like to use e.g: main, wip-hack
|
||||
#ceph_dev_sha1: latest # distinct sha1 to use, defaults to 'latest' (as in latest built)
|
||||
|
||||
#nfs_ganesha_dev: false # use development repos for nfs-ganesha
|
||||
|
||||
# Set this to choose the version of ceph dev libraries used in the nfs-ganesha packages from shaman
|
||||
# flavors so far include: ceph_main, ceph_jewel, ceph_kraken, ceph_luminous
|
||||
#nfs_ganesha_flavor: "ceph_main"
|
||||
|
||||
|
||||
# REPOSITORY: CUSTOM
|
||||
#
|
||||
# Enabled when ceph_repository == 'custom'
|
||||
|
@ -404,6 +421,10 @@ dummy:
|
|||
#handler_health_rgw_check_retries: 5
|
||||
#handler_health_rgw_check_delay: 10
|
||||
|
||||
# NFS handler checks
|
||||
#handler_health_nfs_check_retries: 5
|
||||
#handler_health_nfs_check_delay: 10
|
||||
|
||||
# RBD MIRROR handler checks
|
||||
#handler_health_rbd_mirror_check_retries: 5
|
||||
#handler_health_rbd_mirror_check_delay: 10
|
||||
|
@ -425,6 +446,24 @@ dummy:
|
|||
|
||||
#ceph_rbd_mirror_pool: "rbd"
|
||||
|
||||
###############
|
||||
# NFS-GANESHA #
|
||||
###############
|
||||
#
|
||||
# Access type options
|
||||
#
|
||||
# Enable NFS File access
|
||||
# If set to true, then ganesha is set up to export the root of the
|
||||
# Ceph filesystem, and ganesha's attribute and directory caching is disabled
|
||||
# as much as possible since libcephfs clients also caches the same
|
||||
# information.
|
||||
#
|
||||
# Set this to true to enable File access via NFS. Requires an MDS role.
|
||||
#nfs_file_gw: false
|
||||
# Set this to true to enable Object access via NFS. Requires an RGW role.
|
||||
#nfs_obj_gw: "{{ False if groups.get(mon_group_name, []) | length == 0 else True }}"
|
||||
|
||||
|
||||
###################
|
||||
# CONFIG OVERRIDE #
|
||||
###################
|
||||
|
|
|
@ -0,0 +1,131 @@
|
|||
---
|
||||
# Variables here are applicable to all host groups NOT roles
|
||||
|
||||
# This sample file generated by generate_group_vars_sample.sh
|
||||
|
||||
# Dummy variable to avoid error because ansible does not recognize the
|
||||
# file as a good configuration file when no variable in it.
|
||||
dummy:
|
||||
|
||||
# You can override vars by using host or group vars
|
||||
|
||||
###########
|
||||
# GENERAL #
|
||||
###########
|
||||
|
||||
# Even though NFS nodes should not have the admin key
|
||||
# at their disposal, some people might want to have it
|
||||
# distributed on RGW nodes. Setting 'copy_admin_key' to 'true'
|
||||
# will copy the admin key to the /etc/ceph/ directory
|
||||
#copy_admin_key: false
|
||||
|
||||
# Whether docker container or systemd service should be enabled
|
||||
# and started, it's useful to set it to false if nfs-ganesha
|
||||
# service is managed by pacemaker
|
||||
#ceph_nfs_enable_service: true
|
||||
|
||||
# ceph-nfs systemd service uses ansible's hostname as an instance id,
|
||||
# so service name is ceph-nfs@{{ ansible_facts['hostname'] }}, this is not
|
||||
# ideal when ceph-nfs is managed by pacemaker across multiple hosts - in
|
||||
# such case it's better to have constant instance id instead which
|
||||
# can be set by 'ceph_nfs_service_suffix'
|
||||
# ceph_nfs_service_suffix: "{{ ansible_facts['hostname'] }}"
|
||||
|
||||
######################
|
||||
# NFS Ganesha Config #
|
||||
######################
|
||||
#ceph_nfs_log_file: "/var/log/ganesha/ganesha.log"
|
||||
#ceph_nfs_dynamic_exports: false
|
||||
# If set to true then rados is used to store ganesha exports
|
||||
# and client sessions information, this is useful if you
|
||||
# run multiple nfs-ganesha servers in active/passive mode and
|
||||
# want to do failover
|
||||
#ceph_nfs_rados_backend: false
|
||||
# Name of the rados object used to store a list of the export rados
|
||||
# object URLS
|
||||
#ceph_nfs_rados_export_index: "ganesha-export-index"
|
||||
# Address ganesha service should listen on, by default ganesha listens on all
|
||||
# addresses. (Note: ganesha ignores this parameter in current version due to
|
||||
# this bug: https://github.com/nfs-ganesha/nfs-ganesha/issues/217)
|
||||
# ceph_nfs_bind_addr: 0.0.0.0
|
||||
|
||||
# If set to true, then ganesha's attribute and directory caching is disabled
|
||||
# as much as possible. Currently, ganesha caches by default.
|
||||
# When using ganesha as CephFS's gateway, it is recommended to turn off
|
||||
# ganesha's caching as the libcephfs clients also cache the same information.
|
||||
# Note: Irrespective of this option's setting, ganesha's caching is disabled
|
||||
# when setting 'nfs_file_gw' option as true.
|
||||
#ceph_nfs_disable_caching: false
|
||||
|
||||
# This is the file ganesha will use to control NFSv4 ID mapping
|
||||
#ceph_nfs_idmap_conf: "/etc/ganesha/idmap.conf"
|
||||
|
||||
# idmap configuration file override.
|
||||
# This allows you to specify more configuration options
|
||||
# using an INI style format.
|
||||
# Example:
|
||||
# idmap_conf_overrides:
|
||||
# General:
|
||||
# Domain: foo.domain.net
|
||||
#idmap_conf_overrides: {}
|
||||
|
||||
####################
|
||||
# FSAL Ceph Config #
|
||||
####################
|
||||
#ceph_nfs_ceph_export_id: 20133
|
||||
#ceph_nfs_ceph_pseudo_path: "/cephfile"
|
||||
#ceph_nfs_ceph_protocols: "3,4"
|
||||
#ceph_nfs_ceph_access_type: "RW"
|
||||
#ceph_nfs_ceph_user: "admin"
|
||||
#ceph_nfs_ceph_squash: "Root_Squash"
|
||||
#ceph_nfs_ceph_sectype: "sys,krb5,krb5i,krb5p"
|
||||
|
||||
###################
|
||||
# FSAL RGW Config #
|
||||
###################
|
||||
#ceph_nfs_rgw_export_id: 20134
|
||||
#ceph_nfs_rgw_pseudo_path: "/cephobject"
|
||||
#ceph_nfs_rgw_protocols: "3,4"
|
||||
#ceph_nfs_rgw_access_type: "RW"
|
||||
#ceph_nfs_rgw_user: "cephnfs"
|
||||
#ceph_nfs_rgw_squash: "Root_Squash"
|
||||
#ceph_nfs_rgw_sectype: "sys,krb5,krb5i,krb5p"
|
||||
# Note: keys are optional and can be generated, but not on containerized, where
|
||||
# they must be configered.
|
||||
# ceph_nfs_rgw_access_key: "QFAMEDSJP5DEKJO0DDXY"
|
||||
# ceph_nfs_rgw_secret_key: "iaSFLDVvDdQt6lkNzHyW4fPLZugBAI1g17LO0+87[MAC[M#C"
|
||||
#rgw_client_name: client.rgw.{{ ansible_facts['hostname'] }}
|
||||
|
||||
###################
|
||||
# CONFIG OVERRIDE #
|
||||
###################
|
||||
|
||||
# Ganesha configuration file override.
|
||||
# These multiline strings will be appended to the contents of the blocks in ganesha.conf and
|
||||
# must be in the correct ganesha.conf format seen here:
|
||||
# https://github.com/nfs-ganesha/nfs-ganesha/blob/next/src/config_samples/ganesha.conf.example
|
||||
#
|
||||
# Example:
|
||||
# CACHEINODE {
|
||||
# # Entries_HWMark = 100000;
|
||||
# }
|
||||
#
|
||||
# ganesha_core_param_overrides:
|
||||
# ganesha_ceph_export_overrides:
|
||||
# ganesha_rgw_export_overrides:
|
||||
# ganesha_rgw_section_overrides:
|
||||
# ganesha_log_overrides:
|
||||
# ganesha_conf_overrides: |
|
||||
# CACHEINODE {
|
||||
# # Entries_HWMark = 100000;
|
||||
# }
|
||||
|
||||
##########
|
||||
# DOCKER #
|
||||
##########
|
||||
|
||||
#ceph_docker_image: "ceph/daemon"
|
||||
#ceph_docker_image_tag: latest
|
||||
#ceph_nfs_docker_extra_env:
|
||||
#ceph_config_keys: [] # DON'T TOUCH ME
|
||||
|
|
@ -35,6 +35,7 @@
|
|||
- "{{ rgw_group_name|default('rgws') }}"
|
||||
- "{{ mgr_group_name|default('mgrs') }}"
|
||||
- "{{ rbdmirror_group_name|default('rbdmirrors') }}"
|
||||
- "{{ nfs_group_name|default('nfss') }}"
|
||||
- "{{ monitoring_group_name|default('monitoring') }}"
|
||||
become: true
|
||||
any_errors_fatal: true
|
||||
|
@ -143,7 +144,8 @@
|
|||
inventory_hostname in groups.get(mds_group_name, []) or
|
||||
inventory_hostname in groups.get(rgw_group_name, []) or
|
||||
inventory_hostname in groups.get(mgr_group_name, []) or
|
||||
inventory_hostname in groups.get(rbdmirror_group_name, [])
|
||||
inventory_hostname in groups.get(rbdmirror_group_name, []) or
|
||||
inventory_hostname in groups.get(nfs_group_name, [])
|
||||
|
||||
- name: Configure repository for installing cephadm
|
||||
when: containerized_deployment | bool
|
||||
|
@ -1009,6 +1011,82 @@
|
|||
path: "/var/lib/ceph/radosgw/{{ cluster }}-rgw.{{ rgw_zone }}.{{ ansible_facts['hostname'] }}"
|
||||
state: absent
|
||||
|
||||
- name: Stop and remove legacy ceph nfs daemons
|
||||
hosts: "{{ nfs_group_name|default('nfss') }}"
|
||||
tags: 'ceph_nfs_adopt'
|
||||
serial: 1
|
||||
become: true
|
||||
gather_facts: false
|
||||
any_errors_fatal: true
|
||||
tasks:
|
||||
- name: Import ceph-defaults role
|
||||
ansible.builtin.import_role:
|
||||
name: ceph-defaults
|
||||
|
||||
- name: Import ceph-nfs role
|
||||
ansible.builtin.import_role:
|
||||
name: ceph-nfs
|
||||
tasks_from: create_rgw_nfs_user.yml
|
||||
|
||||
- name: Enable ceph mgr nfs module
|
||||
ceph_mgr_module:
|
||||
name: "nfs"
|
||||
cluster: "{{ cluster }}"
|
||||
state: enable
|
||||
environment:
|
||||
CEPH_CONTAINER_IMAGE: "{{ ceph_docker_registry + '/' + ceph_docker_image + ':' + ceph_docker_image_tag if containerized_deployment | bool else None }}"
|
||||
CEPH_CONTAINER_BINARY: "{{ container_binary }}"
|
||||
delegate_to: "{{ groups[mon_group_name][0] }}"
|
||||
|
||||
- name: Stop and disable ceph-nfs systemd service
|
||||
ansible.builtin.service:
|
||||
name: "ceph-nfs@{{ ansible_facts['hostname'] }}"
|
||||
state: stopped
|
||||
enabled: false
|
||||
failed_when: false
|
||||
|
||||
- name: Reset failed ceph-nfs systemd unit
|
||||
ansible.builtin.command: "systemctl reset-failed ceph-nfs@{{ ansible_facts['hostname'] }}" # noqa command-instead-of-module
|
||||
changed_when: false
|
||||
failed_when: false
|
||||
when: containerized_deployment | bool
|
||||
|
||||
- name: Remove ceph-nfs systemd unit files
|
||||
ansible.builtin.file:
|
||||
path: "{{ item }}"
|
||||
state: absent
|
||||
loop:
|
||||
- /etc/systemd/system/ceph-nfs@.service
|
||||
- /etc/systemd/system/ceph-nfs@.service.d
|
||||
|
||||
- name: Remove legacy ceph radosgw directory
|
||||
ansible.builtin.file:
|
||||
path: "/var/lib/ceph/radosgw/{{ cluster }}-rgw.{{ ansible_facts['hostname'] }}"
|
||||
state: absent
|
||||
|
||||
- name: Create nfs ganesha cluster
|
||||
ansible.builtin.command: "{{ cephadm_cmd }} shell -k /etc/ceph/{{ cluster }}.client.admin.keyring --fsid {{ fsid }} -- ceph nfs cluster create {{ ansible_facts['hostname'] }} {{ ansible_facts['hostname'] }}"
|
||||
changed_when: false
|
||||
delegate_to: "{{ groups[mon_group_name][0] }}"
|
||||
environment:
|
||||
CEPHADM_IMAGE: '{{ ceph_docker_registry }}/{{ ceph_docker_image }}:{{ ceph_docker_image_tag }}'
|
||||
|
||||
- name: Create cephfs export
|
||||
ansible.builtin.command: "{{ cephadm_cmd }} shell -k /etc/ceph/{{ cluster }}.client.admin.keyring --fsid {{ fsid }} -- ceph nfs export create cephfs {{ cephfs }} {{ ansible_facts['hostname'] }} {{ ceph_nfs_ceph_pseudo_path }} --squash {{ ceph_nfs_ceph_squash }}"
|
||||
changed_when: false
|
||||
delegate_to: "{{ groups[mon_group_name][0] }}"
|
||||
environment:
|
||||
CEPHADM_IMAGE: '{{ ceph_docker_registry }}/{{ ceph_docker_image }}:{{ ceph_docker_image_tag }}'
|
||||
when: nfs_file_gw | bool
|
||||
|
||||
- name: Create rgw export
|
||||
ansible.builtin.command: "{{ cephadm_cmd }} shell -k /etc/ceph/{{ cluster }}.client.admin.keyring --fsid {{ fsid }} -- ceph nfs export create rgw --cluster-id {{ ansible_facts['hostname'] }} --pseudo-path {{ ceph_nfs_rgw_pseudo_path }} --user-id {{ ceph_nfs_rgw_user }} --squash {{ ceph_nfs_rgw_squash }}"
|
||||
changed_when: false
|
||||
delegate_to: "{{ groups[mon_group_name][0] }}"
|
||||
environment:
|
||||
CEPHADM_IMAGE: '{{ ceph_docker_registry }}/{{ ceph_docker_image }}:{{ ceph_docker_image_tag }}'
|
||||
when: nfs_obj_gw | bool
|
||||
|
||||
- name: Redeploy rbd-mirror daemons
|
||||
hosts: "{{ rbdmirror_group_name|default('rbdmirrors') }}"
|
||||
become: true
|
||||
|
@ -1321,6 +1399,7 @@
|
|||
- "{{ rgw_group_name|default('rgws') }}"
|
||||
- "{{ mgr_group_name|default('mgrs') }}"
|
||||
- "{{ rbdmirror_group_name|default('rbdmirrors') }}"
|
||||
- "{{ nfs_group_name|default('nfss') }}"
|
||||
- "{{ monitoring_group_name|default('monitoring') }}"
|
||||
become: true
|
||||
gather_facts: false
|
||||
|
|
|
@ -7,6 +7,7 @@
|
|||
- "{{ rgw_group_name|default('rgws') }}"
|
||||
- "{{ mgr_group_name|default('mgrs') }}"
|
||||
- "{{ rbdmirror_group_name|default('rbdmirrors') }}"
|
||||
- "{{ nfs_group_name|default('nfss') }}"
|
||||
- "{{ monitoring_group_name|default('monitoring') }}"
|
||||
become: true
|
||||
gather_facts: false
|
||||
|
@ -207,6 +208,7 @@
|
|||
- "{{ rgw_group_name|default('rgws') }}"
|
||||
- "{{ mgr_group_name|default('mgrs') }}"
|
||||
- "{{ rbdmirror_group_name|default('rbdmirrors') }}"
|
||||
- "{{ nfs_group_name|default('nfss') }}"
|
||||
- "{{ monitoring_group_name|default('monitoring') }}"
|
||||
become: true
|
||||
gather_facts: false
|
||||
|
|
|
@ -11,6 +11,7 @@
|
|||
- osds
|
||||
- mdss
|
||||
- rgws
|
||||
- nfss
|
||||
- rbdmirrors
|
||||
- clients
|
||||
- mgrs
|
||||
|
@ -59,6 +60,7 @@
|
|||
- "{{ osd_group_name | default('osds') }}"
|
||||
- "{{ mds_group_name | default('mdss') }}"
|
||||
- "{{ rgw_group_name | default('rgws') }}"
|
||||
- "{{ nfs_group_name | default('nfss') }}"
|
||||
- "{{ mgr_group_name | default('mgrs') }}"
|
||||
- "{{ rbdmirror_group_name | default('rbdmirrors') }}"
|
||||
- "{{ monitoring_group_name | default('monitoring') }}"
|
||||
|
@ -112,7 +114,8 @@
|
|||
inventory_hostname in groups.get(mds_group_name, []) or
|
||||
inventory_hostname in groups.get(rgw_group_name, []) or
|
||||
inventory_hostname in groups.get(mgr_group_name, []) or
|
||||
inventory_hostname in groups.get(rbdmirror_group_name, [])
|
||||
inventory_hostname in groups.get(rbdmirror_group_name, []) or
|
||||
inventory_hostname in groups.get(nfs_group_name, [])
|
||||
|
||||
- name: Pulling alertmanager/grafana/prometheus images from docker daemon
|
||||
ansible.builtin.command: "{{ timeout_command }} {{ container_binary }} pull docker-daemon:{{ item }}"
|
||||
|
@ -156,6 +159,12 @@
|
|||
tasks_from: systemd.yml
|
||||
when: inventory_hostname in groups.get(mgr_group_name, [])
|
||||
|
||||
- name: Import ceph-nfs role
|
||||
ansible.builtin.import_role:
|
||||
name: ceph-nfs
|
||||
tasks_from: systemd.yml
|
||||
when: inventory_hostname in groups.get(nfs_group_name, [])
|
||||
|
||||
- name: Import ceph-osd role
|
||||
ansible.builtin.import_role:
|
||||
name: ceph-osd
|
||||
|
|
|
@ -5,6 +5,7 @@
|
|||
- osds
|
||||
- mdss
|
||||
- rgws
|
||||
- nfss
|
||||
- rbdmirrors
|
||||
- clients
|
||||
- mgrs
|
||||
|
|
|
@ -37,6 +37,7 @@
|
|||
- mdss
|
||||
- rgws
|
||||
- rbdmirrors
|
||||
- nfss
|
||||
- clients
|
||||
- mgrs
|
||||
- monitoring
|
||||
|
@ -57,6 +58,35 @@
|
|||
ansible.builtin.import_role:
|
||||
name: ceph-defaults
|
||||
|
||||
- name: Nfs related tasks
|
||||
when: groups[nfs_group_name] | default([]) | length > 0
|
||||
block:
|
||||
- name: Get nfs nodes ansible facts
|
||||
ansible.builtin.setup:
|
||||
gather_subset:
|
||||
- 'all'
|
||||
- '!facter'
|
||||
- '!ohai'
|
||||
delegate_to: "{{ item }}"
|
||||
delegate_facts: true
|
||||
with_items: "{{ groups[nfs_group_name] }}"
|
||||
run_once: true
|
||||
|
||||
- name: Get all nfs-ganesha mount points
|
||||
ansible.builtin.command: grep "{{ hostvars[item]['ansible_facts']['all_ipv4_addresses'] | ips_in_ranges(public_network.split(',')) | first }}" /proc/mounts
|
||||
register: nfs_ganesha_mount_points
|
||||
failed_when: false
|
||||
changed_when: false
|
||||
with_items: "{{ groups[nfs_group_name] }}"
|
||||
|
||||
- name: Ensure nfs-ganesha mountpoint(s) are unmounted
|
||||
ansible.posix.mount:
|
||||
path: "{{ item.split(' ')[1] }}"
|
||||
state: unmounted
|
||||
with_items:
|
||||
- "{{ nfs_ganesha_mount_points.results | map(attribute='stdout_lines') | list }}"
|
||||
when: item | length > 0
|
||||
|
||||
- name: Ensure cephfs mountpoint(s) are unmounted
|
||||
ansible.builtin.command: umount -a -t ceph
|
||||
changed_when: false
|
||||
|
@ -81,6 +111,33 @@
|
|||
- ceph
|
||||
- libceph
|
||||
|
||||
|
||||
- name: Purge ceph nfs cluster
|
||||
hosts: nfss
|
||||
gather_facts: false # Already gathered previously
|
||||
become: true
|
||||
tasks:
|
||||
- name: Import ceph-defaults role
|
||||
ansible.builtin.import_role:
|
||||
name: ceph-defaults
|
||||
|
||||
- name: Stop ceph nfss with systemd
|
||||
ansible.builtin.service:
|
||||
name: "{{ 'ceph-nfs@' + ansible_facts['hostname'] if containerized_deployment | bool else 'nfs-ganesha' }}"
|
||||
state: stopped
|
||||
failed_when: false
|
||||
|
||||
- name: Remove ceph nfs directories for "{{ ansible_facts['hostname'] }}"
|
||||
ansible.builtin.file:
|
||||
path: "{{ item }}"
|
||||
state: absent
|
||||
with_items:
|
||||
- /etc/ganesha
|
||||
- /var/lib/nfs/ganesha
|
||||
- /var/run/ganesha
|
||||
- /etc/systemd/system/ceph-nfs@.service
|
||||
|
||||
|
||||
- name: Purge node-exporter
|
||||
hosts:
|
||||
- mons
|
||||
|
@ -88,6 +145,7 @@
|
|||
- mdss
|
||||
- rgws
|
||||
- rbdmirrors
|
||||
- nfss
|
||||
- clients
|
||||
- mgrs
|
||||
- monitoring
|
||||
|
@ -709,6 +767,7 @@
|
|||
- mdss
|
||||
- rgws
|
||||
- rbdmirrors
|
||||
- nfss
|
||||
- mgrs
|
||||
become: true
|
||||
tasks:
|
||||
|
@ -787,6 +846,7 @@
|
|||
- mdss
|
||||
- rgws
|
||||
- rbdmirrors
|
||||
- nfss
|
||||
- clients
|
||||
- mgrs
|
||||
- monitoring
|
||||
|
@ -1058,6 +1118,7 @@
|
|||
- mdss
|
||||
- rgws
|
||||
- rbdmirrors
|
||||
- nfss
|
||||
- mgrs
|
||||
- clients
|
||||
gather_facts: false # Already gathered previously
|
||||
|
|
|
@ -42,6 +42,7 @@
|
|||
- "{{ mds_group_name|default('mdss') }}"
|
||||
- "{{ rgw_group_name|default('rgws') }}"
|
||||
- "{{ rbdmirror_group_name|default('rbdmirrors') }}"
|
||||
- "{{ nfs_group_name|default('nfss') }}"
|
||||
- "{{ client_group_name|default('clients') }}"
|
||||
- "{{ mgr_group_name|default('mgrs') }}"
|
||||
- "{{ monitoring_group_name | default('monitoring') }}"
|
||||
|
@ -58,6 +59,7 @@
|
|||
- "{{ mds_group_name|default('mdss') }}"
|
||||
- "{{ rgw_group_name|default('rgws') }}"
|
||||
- "{{ rbdmirror_group_name|default('rbdmirrors') }}"
|
||||
- "{{ nfs_group_name|default('nfss') }}"
|
||||
- "{{ client_group_name|default('clients') }}"
|
||||
- "{{ mgr_group_name|default('mgrs') }}"
|
||||
- "{{ monitoring_group_name | default('monitoring') }}"
|
||||
|
|
|
@ -46,6 +46,7 @@
|
|||
- "{{ rgw_group_name|default('rgws') }}"
|
||||
- "{{ mgr_group_name|default('mgrs') }}"
|
||||
- "{{ rbdmirror_group_name|default('rbdmirrors') }}"
|
||||
- "{{ nfs_group_name|default('nfss') }}"
|
||||
- "{{ client_group_name|default('clients') }}"
|
||||
- "{{ monitoring_group_name|default('monitoring') }}"
|
||||
tags: always
|
||||
|
@ -1002,6 +1003,68 @@
|
|||
name: ceph-rbd-mirror
|
||||
|
||||
|
||||
- name: Upgrade ceph nfs node
|
||||
vars:
|
||||
upgrade_ceph_packages: true
|
||||
hosts: "{{ nfs_group_name|default('nfss') }}"
|
||||
tags: nfss
|
||||
serial: 1
|
||||
become: true
|
||||
gather_facts: false
|
||||
tasks:
|
||||
# failed_when: false is here so that if we upgrade
|
||||
# from a version of ceph that does not have nfs-ganesha
|
||||
# then this task will not fail
|
||||
- name: Stop ceph nfs
|
||||
ansible.builtin.systemd:
|
||||
name: nfs-ganesha
|
||||
state: stopped
|
||||
enabled: false
|
||||
masked: true
|
||||
failed_when: false
|
||||
when: not containerized_deployment | bool
|
||||
|
||||
- name: Systemd stop nfs container
|
||||
ansible.builtin.systemd:
|
||||
name: ceph-nfs@{{ ceph_nfs_service_suffix | default(ansible_facts['hostname']) }}
|
||||
state: stopped
|
||||
enabled: false
|
||||
masked: true
|
||||
failed_when: false
|
||||
when:
|
||||
- ceph_nfs_enable_service | bool
|
||||
- containerized_deployment | bool
|
||||
|
||||
- name: Import ceph-defaults role
|
||||
ansible.builtin.import_role:
|
||||
name: ceph-defaults
|
||||
|
||||
- name: Import ceph-facts role
|
||||
ansible.builtin.import_role:
|
||||
name: ceph-facts
|
||||
|
||||
- name: Import ceph-handler role
|
||||
ansible.builtin.import_role:
|
||||
name: ceph-handler
|
||||
|
||||
- name: Import ceph-common role
|
||||
ansible.builtin.import_role:
|
||||
name: ceph-common
|
||||
when: not containerized_deployment | bool
|
||||
|
||||
- name: Import ceph-container-common role
|
||||
ansible.builtin.import_role:
|
||||
name: ceph-container-common
|
||||
when: containerized_deployment | bool
|
||||
|
||||
- name: Import ceph-config role
|
||||
ansible.builtin.import_role:
|
||||
name: ceph-config
|
||||
|
||||
- name: Import ceph-nfs role
|
||||
ansible.builtin.import_role:
|
||||
name: ceph-nfs
|
||||
|
||||
- name: Upgrade ceph client node
|
||||
vars:
|
||||
upgrade_ceph_packages: true
|
||||
|
@ -1159,6 +1222,7 @@
|
|||
- "{{ rgw_group_name|default('rgws') }}"
|
||||
- "{{ mgr_group_name|default('mgrs') }}"
|
||||
- "{{ rbdmirror_group_name|default('rbdmirrors') }}"
|
||||
- "{{ nfs_group_name|default('nfss') }}"
|
||||
- "{{ monitoring_group_name|default('monitoring') }}"
|
||||
tags: monitoring
|
||||
gather_facts: false
|
||||
|
|
|
@ -43,6 +43,7 @@
|
|||
- "{{ mds_group_name|default('mdss') }}"
|
||||
- "{{ rgw_group_name|default('rgws') }}"
|
||||
- "{{ rbdmirror_group_name|default('rbdmirrors') }}"
|
||||
- "{{ nfs_group_name|default('nfss') }}"
|
||||
|
||||
become: true
|
||||
|
||||
|
@ -663,6 +664,60 @@
|
|||
name: ceph-rbd-mirror
|
||||
|
||||
|
||||
- name: Switching from non-containerized to containerized ceph nfs
|
||||
|
||||
hosts: "{{ nfs_group_name|default('nfss') }}"
|
||||
|
||||
vars:
|
||||
containerized_deployment: true
|
||||
nfs_group_name: nfss
|
||||
|
||||
serial: 1
|
||||
become: true
|
||||
pre_tasks:
|
||||
|
||||
# failed_when: false is here because if we're
|
||||
# working with a jewel cluster then ceph nfs
|
||||
# will not exist
|
||||
- name: Stop non-containerized ceph nfs(s)
|
||||
ansible.builtin.service:
|
||||
name: nfs-ganesha
|
||||
state: stopped
|
||||
enabled: false
|
||||
failed_when: false
|
||||
|
||||
- name: Import ceph-defaults role
|
||||
ansible.builtin.import_role:
|
||||
name: ceph-defaults
|
||||
|
||||
- name: Import ceph-facts role
|
||||
ansible.builtin.import_role:
|
||||
name: ceph-facts
|
||||
|
||||
# NOTE: changed from file module to raw find command for performance reasons
|
||||
# The file module has to run checks on current ownership of all directories and files. This is unnecessary
|
||||
# as in this case we know we want all owned by ceph user
|
||||
- name: Set proper ownership on ceph directories
|
||||
ansible.builtin.command: "find /var/lib/ceph /etc/ceph -not -( -user {{ ceph_uid }} -or -group {{ ceph_uid }} -) -execdir chown {{ ceph_uid }}:{{ ceph_uid }} {} +"
|
||||
changed_when: false
|
||||
|
||||
tasks:
|
||||
- name: Import ceph-handler role
|
||||
ansible.builtin.import_role:
|
||||
name: ceph-handler
|
||||
|
||||
- name: Import ceph-container-engine role
|
||||
ansible.builtin.import_role:
|
||||
name: ceph-container-engine
|
||||
|
||||
- name: Import ceph-container-common role
|
||||
ansible.builtin.import_role:
|
||||
name: ceph-container-common
|
||||
|
||||
- name: Import ceph-nfs role
|
||||
ansible.builtin.import_role:
|
||||
name: ceph-nfs
|
||||
|
||||
- name: Switching from non-containerized to containerized ceph-crash
|
||||
|
||||
hosts:
|
||||
|
|
|
@ -29,6 +29,7 @@
|
|||
- osds
|
||||
- mdss
|
||||
- rgws
|
||||
- nfss
|
||||
- rbdmirrors
|
||||
- clients
|
||||
- mgrs
|
||||
|
|
|
@ -26,6 +26,7 @@ class CallbackModule(CallbackBase):
|
|||
'installer_phase_ceph_osd',
|
||||
'installer_phase_ceph_mds',
|
||||
'installer_phase_ceph_rgw',
|
||||
'installer_phase_ceph_nfs',
|
||||
'installer_phase_ceph_rbdmirror',
|
||||
'installer_phase_ceph_client',
|
||||
'installer_phase_ceph_rgw_loadbalancer',
|
||||
|
@ -58,6 +59,10 @@ class CallbackModule(CallbackBase):
|
|||
'title': 'Install Ceph RGW',
|
||||
'playbook': 'roles/ceph-rgw/tasks/main.yml'
|
||||
},
|
||||
'installer_phase_ceph_nfs': {
|
||||
'title': 'Install Ceph NFS',
|
||||
'playbook': 'roles/ceph-nfs/tasks/main.yml'
|
||||
},
|
||||
'installer_phase_ceph_rbdmirror': {
|
||||
'title': 'Install Ceph RBD Mirror',
|
||||
'playbook': 'roles/ceph-rbd-mirror/tasks/main.yml'
|
||||
|
|
|
@ -59,4 +59,5 @@
|
|||
ansible.builtin.include_tasks: selinux.yml
|
||||
when:
|
||||
- ansible_facts['os_family'] == 'RedHat'
|
||||
- inventory_hostname in groups.get(rgwloadbalancer_group_name, [])
|
||||
- inventory_hostname in groups.get(nfs_group_name, [])
|
||||
or inventory_hostname in groups.get(rgwloadbalancer_group_name, [])
|
||||
|
|
|
@ -17,5 +17,6 @@
|
|||
register: result
|
||||
until: result is succeeded
|
||||
when:
|
||||
- inventory_hostname in groups.get(rgwloadbalancer_group_name, [])
|
||||
- inventory_hostname in groups.get(nfs_group_name, [])
|
||||
or inventory_hostname in groups.get(rgwloadbalancer_group_name, [])
|
||||
- ansible_facts['distribution_major_version'] == '8'
|
||||
|
|
|
@ -46,6 +46,7 @@
|
|||
inventory_hostname in groups.get(rgw_group_name, []) or
|
||||
inventory_hostname in groups.get(mgr_group_name, []) or
|
||||
inventory_hostname in groups.get(rbdmirror_group_name, []) or
|
||||
inventory_hostname in groups.get(nfs_group_name, []) or
|
||||
inventory_hostname in groups.get(monitoring_group_name, [])
|
||||
environment:
|
||||
HTTP_PROXY: "{{ ceph_docker_http_proxy | default('') }}"
|
||||
|
|
|
@ -44,6 +44,7 @@ mon_group_name: mons
|
|||
osd_group_name: osds
|
||||
rgw_group_name: rgws
|
||||
mds_group_name: mdss
|
||||
nfs_group_name: nfss
|
||||
rbdmirror_group_name: rbdmirrors
|
||||
client_group_name: clients
|
||||
mgr_group_name: mgrs
|
||||
|
@ -54,6 +55,7 @@ adopt_label_group_names:
|
|||
- "{{ osd_group_name }}"
|
||||
- "{{ rgw_group_name }}"
|
||||
- "{{ mds_group_name }}"
|
||||
- "{{ nfs_group_name }}"
|
||||
- "{{ rbdmirror_group_name }}"
|
||||
- "{{ client_group_name }}"
|
||||
- "{{ mgr_group_name }}"
|
||||
|
@ -71,6 +73,7 @@ ceph_mgr_firewall_zone: public
|
|||
ceph_osd_firewall_zone: public
|
||||
ceph_rgw_firewall_zone: public
|
||||
ceph_mds_firewall_zone: public
|
||||
ceph_nfs_firewall_zone: public
|
||||
ceph_rbdmirror_firewall_zone: public
|
||||
ceph_dashboard_firewall_zone: public
|
||||
ceph_rgwloadbalancer_firewall_zone: public
|
||||
|
@ -147,6 +150,13 @@ ceph_stable_key: https://download.ceph.com/keys/release.asc
|
|||
ceph_stable_release: squid
|
||||
ceph_stable_repo: "{{ ceph_mirror }}/debian-{{ ceph_stable_release }}"
|
||||
|
||||
nfs_ganesha_stable: true # use stable repos for nfs-ganesha
|
||||
centos_release_nfs: centos-release-nfs-ganesha4
|
||||
nfs_ganesha_stable_deb_repo: http://ppa.launchpad.net/nfs-ganesha/nfs-ganesha-4/ubuntu
|
||||
nfs_ganesha_apt_keyserver: keyserver.ubuntu.com
|
||||
nfs_ganesha_apt_key_id: EA914D611053D07BD332E18010353E8834DC57CA
|
||||
libntirpc_stable_deb_repo: http://ppa.launchpad.net/nfs-ganesha/libntirpc-4/ubuntu
|
||||
|
||||
# Use the option below to specify your applicable package tree, eg. when using non-LTS Ubuntu versions
|
||||
# # for a list of available Debian distributions, visit http://download.ceph.com/debian-{{ ceph_stable_release }}/dists/
|
||||
# for more info read: https://github.com/ceph/ceph-ansible/issues/305
|
||||
|
@ -181,6 +191,13 @@ ceph_obs_repo: "https://download.opensuse.org/repositories/filesystems:/ceph:/{{
|
|||
ceph_dev_branch: main # development branch you would like to use e.g: main, wip-hack
|
||||
ceph_dev_sha1: latest # distinct sha1 to use, defaults to 'latest' (as in latest built)
|
||||
|
||||
nfs_ganesha_dev: false # use development repos for nfs-ganesha
|
||||
|
||||
# Set this to choose the version of ceph dev libraries used in the nfs-ganesha packages from shaman
|
||||
# flavors so far include: ceph_main, ceph_jewel, ceph_kraken, ceph_luminous
|
||||
nfs_ganesha_flavor: "ceph_main"
|
||||
|
||||
|
||||
# REPOSITORY: CUSTOM
|
||||
#
|
||||
# Enabled when ceph_repository == 'custom'
|
||||
|
@ -396,6 +413,10 @@ handler_health_mds_check_delay: 10
|
|||
handler_health_rgw_check_retries: 5
|
||||
handler_health_rgw_check_delay: 10
|
||||
|
||||
# NFS handler checks
|
||||
handler_health_nfs_check_retries: 5
|
||||
handler_health_nfs_check_delay: 10
|
||||
|
||||
# RBD MIRROR handler checks
|
||||
handler_health_rbd_mirror_check_retries: 5
|
||||
handler_health_rbd_mirror_check_delay: 10
|
||||
|
@ -417,6 +438,24 @@ health_osd_check_delay: 10
|
|||
|
||||
ceph_rbd_mirror_pool: "rbd"
|
||||
|
||||
###############
|
||||
# NFS-GANESHA #
|
||||
###############
|
||||
#
|
||||
# Access type options
|
||||
#
|
||||
# Enable NFS File access
|
||||
# If set to true, then ganesha is set up to export the root of the
|
||||
# Ceph filesystem, and ganesha's attribute and directory caching is disabled
|
||||
# as much as possible since libcephfs clients also caches the same
|
||||
# information.
|
||||
#
|
||||
# Set this to true to enable File access via NFS. Requires an MDS role.
|
||||
nfs_file_gw: false
|
||||
# Set this to true to enable Object access via NFS. Requires an RGW role.
|
||||
nfs_obj_gw: "{{ False if groups.get(mon_group_name, []) | length == 0 else True }}"
|
||||
|
||||
|
||||
###################
|
||||
# CONFIG OVERRIDE #
|
||||
###################
|
||||
|
|
|
@ -13,6 +13,7 @@
|
|||
- "Restart ceph osds"
|
||||
- "Restart ceph mdss"
|
||||
- "Restart ceph rgws"
|
||||
- "Restart ceph nfss"
|
||||
- "Restart ceph rbdmirrors"
|
||||
- "Restart ceph mgrs"
|
||||
register: tmpdirpath
|
||||
|
@ -38,6 +39,11 @@
|
|||
when: rgw_group_name in group_names
|
||||
listen: "Restart ceph rgws"
|
||||
|
||||
- name: Nfss handler
|
||||
ansible.builtin.include_tasks: handler_nfss.yml
|
||||
when: nfs_group_name in group_names
|
||||
listen: "Restart ceph nfss"
|
||||
|
||||
- name: Rbdmirrors handler
|
||||
ansible.builtin.include_tasks: handler_rbdmirrors.yml
|
||||
when: rbdmirror_group_name in group_names
|
||||
|
|
|
@ -47,6 +47,14 @@
|
|||
check_mode: false
|
||||
when: inventory_hostname in groups.get(rbdmirror_group_name, [])
|
||||
|
||||
- name: Check for a nfs container
|
||||
ansible.builtin.command: "{{ container_binary }} ps -q --filter='name=ceph-nfs-{{ ceph_nfs_service_suffix | default(ansible_facts['hostname']) }}'"
|
||||
register: ceph_nfs_container_stat
|
||||
changed_when: false
|
||||
failed_when: false
|
||||
check_mode: false
|
||||
when: inventory_hostname in groups.get(nfs_group_name, [])
|
||||
|
||||
- name: Check for a ceph-crash container
|
||||
ansible.builtin.command: "{{ container_binary }} ps -q --filter='name=ceph-crash-{{ ansible_facts['hostname'] }}'"
|
||||
register: ceph_crash_container_stat
|
||||
|
|
|
@ -197,6 +197,14 @@
|
|||
- rbd_mirror_socket_stat.files | length > 0
|
||||
- item.1.rc == 1
|
||||
|
||||
- name: Check for a nfs ganesha pid
|
||||
ansible.builtin.command: "pgrep ganesha.nfsd"
|
||||
register: nfs_process
|
||||
changed_when: false
|
||||
failed_when: false
|
||||
check_mode: false
|
||||
when: inventory_hostname in groups.get(nfs_group_name, [])
|
||||
|
||||
- name: Check for a ceph-crash process
|
||||
ansible.builtin.command: pgrep ceph-crash
|
||||
changed_when: false
|
||||
|
|
|
@ -0,0 +1,28 @@
|
|||
---
|
||||
- name: Set _nfs_handler_called before restart
|
||||
ansible.builtin.set_fact:
|
||||
_nfs_handler_called: true
|
||||
|
||||
- name: Copy nfs restart script
|
||||
ansible.builtin.template:
|
||||
src: restart_nfs_daemon.sh.j2
|
||||
dest: "{{ tmpdirpath.path }}/restart_nfs_daemon.sh"
|
||||
owner: root
|
||||
group: root
|
||||
mode: "0750"
|
||||
when: tmpdirpath.path is defined
|
||||
|
||||
- name: Restart ceph nfs daemon(s)
|
||||
ansible.builtin.command: /usr/bin/env bash {{ hostvars[item]['tmpdirpath']['path'] }}/restart_nfs_daemon.sh
|
||||
when:
|
||||
- hostvars[item]['handler_nfs_status'] | default(False) | bool
|
||||
- hostvars[item]['_nfs_handler_called'] | default(False) | bool
|
||||
- hostvars[item].tmpdirpath.path is defined
|
||||
with_items: "{{ groups[nfs_group_name] }}"
|
||||
delegate_to: "{{ item }}"
|
||||
changed_when: false
|
||||
run_once: true
|
||||
|
||||
- name: Set _nfs_handler_called after restart
|
||||
ansible.builtin.set_fact:
|
||||
_nfs_handler_called: false
|
|
@ -23,6 +23,11 @@
|
|||
handler_rgw_status: "{{ 0 in (rgw_socket.results | map(attribute='rc') | list) if not containerized_deployment | bool else (ceph_rgw_container_stat.get('rc') == 0 and ceph_rgw_container_stat.get('stdout_lines', []) | length != 0) }}"
|
||||
when: inventory_hostname in groups.get(rgw_group_name, [])
|
||||
|
||||
- name: Set_fact handler_nfs_status
|
||||
ansible.builtin.set_fact:
|
||||
handler_nfs_status: "{{ (nfs_process.get('rc') == 0) if not containerized_deployment | bool else (ceph_nfs_container_stat.get('rc') == 0 and ceph_nfs_container_stat.get('stdout_lines', []) | length != 0) }}"
|
||||
when: inventory_hostname in groups.get(nfs_group_name, [])
|
||||
|
||||
- name: Set_fact handler_rbd_status
|
||||
ansible.builtin.set_fact:
|
||||
handler_rbd_mirror_status: "{{ 0 in (rbd_mirror_socket.results | map(attribute='rc') | list) if not containerized_deployment | bool else (ceph_rbd_mirror_container_stat.get('rc') == 0 and ceph_rbd_mirror_container_stat.get('stdout_lines', []) | length != 0) }}"
|
||||
|
|
|
@ -0,0 +1,26 @@
|
|||
#!/bin/bash
|
||||
|
||||
RETRIES="{{ handler_health_nfs_check_retries }}"
|
||||
DELAY="{{ handler_health_nfs_check_delay }}"
|
||||
NFS_NAME="ceph-nfs@{{ ceph_nfs_service_suffix | default(ansible_facts['hostname']) }}"
|
||||
PID=/var/run/ganesha/ganesha.pid
|
||||
{% if containerized_deployment | bool %}
|
||||
DOCKER_EXEC="{{ container_binary }} exec ceph-nfs-{{ ceph_nfs_service_suffix | default(ansible_facts['hostname']) }}"
|
||||
{% endif %}
|
||||
|
||||
# First, restart the daemon
|
||||
{% if containerized_deployment | bool -%}
|
||||
systemctl restart $NFS_NAME
|
||||
# Wait and ensure the pid exists after restarting the daemon
|
||||
while [ $RETRIES -ne 0 ]; do
|
||||
$DOCKER_EXEC test -f $PID && exit 0
|
||||
sleep $DELAY
|
||||
let RETRIES=RETRIES-1
|
||||
done
|
||||
# If we reach this point, it means the pid is not present.
|
||||
echo "PID file ${PID} could not be found, which means Ganesha is not running. Showing $NFS_NAME unit logs now:"
|
||||
journalctl -u $NFS_NAME
|
||||
exit 1
|
||||
{% else %}
|
||||
systemctl restart nfs-ganesha
|
||||
{% endif %}
|
|
@ -162,6 +162,40 @@
|
|||
- mds_group_name is defined
|
||||
- mds_group_name in group_names
|
||||
|
||||
- name: Open ceph networks on nfs
|
||||
ansible.posix.firewalld:
|
||||
zone: "{{ ceph_nfs_firewall_zone }}"
|
||||
source: "{{ item }}"
|
||||
permanent: true
|
||||
immediate: true
|
||||
state: enabled
|
||||
with_items: "{{ public_network.split(',') }}"
|
||||
when:
|
||||
- nfs_group_name is defined
|
||||
- nfs_group_name in group_names
|
||||
|
||||
- name: Open nfs ports
|
||||
ansible.posix.firewalld:
|
||||
service: nfs
|
||||
zone: "{{ ceph_nfs_firewall_zone }}"
|
||||
permanent: true
|
||||
immediate: true
|
||||
state: enabled
|
||||
when:
|
||||
- nfs_group_name is defined
|
||||
- nfs_group_name in group_names
|
||||
|
||||
- name: Open nfs ports (portmapper)
|
||||
ansible.posix.firewalld:
|
||||
port: "111/tcp"
|
||||
zone: "{{ ceph_nfs_firewall_zone }}"
|
||||
permanent: true
|
||||
immediate: true
|
||||
state: enabled
|
||||
when:
|
||||
- nfs_group_name is defined
|
||||
- nfs_group_name in group_names
|
||||
|
||||
- name: Open ceph networks on rbdmirror
|
||||
ansible.posix.firewalld:
|
||||
zone: "{{ ceph_rbdmirror_firewall_zone }}"
|
||||
|
|
|
@ -0,0 +1,201 @@
|
|||
Apache License
|
||||
Version 2.0, January 2004
|
||||
http://www.apache.org/licenses/
|
||||
|
||||
TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
|
||||
|
||||
1. Definitions.
|
||||
|
||||
"License" shall mean the terms and conditions for use, reproduction,
|
||||
and distribution as defined by Sections 1 through 9 of this document.
|
||||
|
||||
"Licensor" shall mean the copyright owner or entity authorized by
|
||||
the copyright owner that is granting the License.
|
||||
|
||||
"Legal Entity" shall mean the union of the acting entity and all
|
||||
other entities that control, are controlled by, or are under common
|
||||
control with that entity. For the purposes of this definition,
|
||||
"control" means (i) the power, direct or indirect, to cause the
|
||||
direction or management of such entity, whether by contract or
|
||||
otherwise, or (ii) ownership of fifty percent (50%) or more of the
|
||||
outstanding shares, or (iii) beneficial ownership of such entity.
|
||||
|
||||
"You" (or "Your") shall mean an individual or Legal Entity
|
||||
exercising permissions granted by this License.
|
||||
|
||||
"Source" form shall mean the preferred form for making modifications,
|
||||
including but not limited to software source code, documentation
|
||||
source, and configuration files.
|
||||
|
||||
"Object" form shall mean any form resulting from mechanical
|
||||
transformation or translation of a Source form, including but
|
||||
not limited to compiled object code, generated documentation,
|
||||
and conversions to other media types.
|
||||
|
||||
"Work" shall mean the work of authorship, whether in Source or
|
||||
Object form, made available under the License, as indicated by a
|
||||
copyright notice that is included in or attached to the work
|
||||
(an example is provided in the Appendix below).
|
||||
|
||||
"Derivative Works" shall mean any work, whether in Source or Object
|
||||
form, that is based on (or derived from) the Work and for which the
|
||||
editorial revisions, annotations, elaborations, or other modifications
|
||||
represent, as a whole, an original work of authorship. For the purposes
|
||||
of this License, Derivative Works shall not include works that remain
|
||||
separable from, or merely link (or bind by name) to the interfaces of,
|
||||
the Work and Derivative Works thereof.
|
||||
|
||||
"Contribution" shall mean any work of authorship, including
|
||||
the original version of the Work and any modifications or additions
|
||||
to that Work or Derivative Works thereof, that is intentionally
|
||||
submitted to Licensor for inclusion in the Work by the copyright owner
|
||||
or by an individual or Legal Entity authorized to submit on behalf of
|
||||
the copyright owner. For the purposes of this definition, "submitted"
|
||||
means any form of electronic, verbal, or written communication sent
|
||||
to the Licensor or its representatives, including but not limited to
|
||||
communication on electronic mailing lists, source code control systems,
|
||||
and issue tracking systems that are managed by, or on behalf of, the
|
||||
Licensor for the purpose of discussing and improving the Work, but
|
||||
excluding communication that is conspicuously marked or otherwise
|
||||
designated in writing by the copyright owner as "Not a Contribution."
|
||||
|
||||
"Contributor" shall mean Licensor and any individual or Legal Entity
|
||||
on behalf of whom a Contribution has been received by Licensor and
|
||||
subsequently incorporated within the Work.
|
||||
|
||||
2. Grant of Copyright License. Subject to the terms and conditions of
|
||||
this License, each Contributor hereby grants to You a perpetual,
|
||||
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
|
||||
copyright license to reproduce, prepare Derivative Works of,
|
||||
publicly display, publicly perform, sublicense, and distribute the
|
||||
Work and such Derivative Works in Source or Object form.
|
||||
|
||||
3. Grant of Patent License. Subject to the terms and conditions of
|
||||
this License, each Contributor hereby grants to You a perpetual,
|
||||
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
|
||||
(except as stated in this section) patent license to make, have made,
|
||||
use, offer to sell, sell, import, and otherwise transfer the Work,
|
||||
where such license applies only to those patent claims licensable
|
||||
by such Contributor that are necessarily infringed by their
|
||||
Contribution(s) alone or by combination of their Contribution(s)
|
||||
with the Work to which such Contribution(s) was submitted. If You
|
||||
institute patent litigation against any entity (including a
|
||||
cross-claim or counterclaim in a lawsuit) alleging that the Work
|
||||
or a Contribution incorporated within the Work constitutes direct
|
||||
or contributory patent infringement, then any patent licenses
|
||||
granted to You under this License for that Work shall terminate
|
||||
as of the date such litigation is filed.
|
||||
|
||||
4. Redistribution. You may reproduce and distribute copies of the
|
||||
Work or Derivative Works thereof in any medium, with or without
|
||||
modifications, and in Source or Object form, provided that You
|
||||
meet the following conditions:
|
||||
|
||||
(a) You must give any other recipients of the Work or
|
||||
Derivative Works a copy of this License; and
|
||||
|
||||
(b) You must cause any modified files to carry prominent notices
|
||||
stating that You changed the files; and
|
||||
|
||||
(c) You must retain, in the Source form of any Derivative Works
|
||||
that You distribute, all copyright, patent, trademark, and
|
||||
attribution notices from the Source form of the Work,
|
||||
excluding those notices that do not pertain to any part of
|
||||
the Derivative Works; and
|
||||
|
||||
(d) If the Work includes a "NOTICE" text file as part of its
|
||||
distribution, then any Derivative Works that You distribute must
|
||||
include a readable copy of the attribution notices contained
|
||||
within such NOTICE file, excluding those notices that do not
|
||||
pertain to any part of the Derivative Works, in at least one
|
||||
of the following places: within a NOTICE text file distributed
|
||||
as part of the Derivative Works; within the Source form or
|
||||
documentation, if provided along with the Derivative Works; or,
|
||||
within a display generated by the Derivative Works, if and
|
||||
wherever such third-party notices normally appear. The contents
|
||||
of the NOTICE file are for informational purposes only and
|
||||
do not modify the License. You may add Your own attribution
|
||||
notices within Derivative Works that You distribute, alongside
|
||||
or as an addendum to the NOTICE text from the Work, provided
|
||||
that such additional attribution notices cannot be construed
|
||||
as modifying the License.
|
||||
|
||||
You may add Your own copyright statement to Your modifications and
|
||||
may provide additional or different license terms and conditions
|
||||
for use, reproduction, or distribution of Your modifications, or
|
||||
for any such Derivative Works as a whole, provided Your use,
|
||||
reproduction, and distribution of the Work otherwise complies with
|
||||
the conditions stated in this License.
|
||||
|
||||
5. Submission of Contributions. Unless You explicitly state otherwise,
|
||||
any Contribution intentionally submitted for inclusion in the Work
|
||||
by You to the Licensor shall be under the terms and conditions of
|
||||
this License, without any additional terms or conditions.
|
||||
Notwithstanding the above, nothing herein shall supersede or modify
|
||||
the terms of any separate license agreement you may have executed
|
||||
with Licensor regarding such Contributions.
|
||||
|
||||
6. Trademarks. This License does not grant permission to use the trade
|
||||
names, trademarks, service marks, or product names of the Licensor,
|
||||
except as required for reasonable and customary use in describing the
|
||||
origin of the Work and reproducing the content of the NOTICE file.
|
||||
|
||||
7. Disclaimer of Warranty. Unless required by applicable law or
|
||||
agreed to in writing, Licensor provides the Work (and each
|
||||
Contributor provides its Contributions) on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
|
||||
implied, including, without limitation, any warranties or conditions
|
||||
of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
|
||||
PARTICULAR PURPOSE. You are solely responsible for determining the
|
||||
appropriateness of using or redistributing the Work and assume any
|
||||
risks associated with Your exercise of permissions under this License.
|
||||
|
||||
8. Limitation of Liability. In no event and under no legal theory,
|
||||
whether in tort (including negligence), contract, or otherwise,
|
||||
unless required by applicable law (such as deliberate and grossly
|
||||
negligent acts) or agreed to in writing, shall any Contributor be
|
||||
liable to You for damages, including any direct, indirect, special,
|
||||
incidental, or consequential damages of any character arising as a
|
||||
result of this License or out of the use or inability to use the
|
||||
Work (including but not limited to damages for loss of goodwill,
|
||||
work stoppage, computer failure or malfunction, or any and all
|
||||
other commercial damages or losses), even if such Contributor
|
||||
has been advised of the possibility of such damages.
|
||||
|
||||
9. Accepting Warranty or Additional Liability. While redistributing
|
||||
the Work or Derivative Works thereof, You may choose to offer,
|
||||
and charge a fee for, acceptance of support, warranty, indemnity,
|
||||
or other liability obligations and/or rights consistent with this
|
||||
License. However, in accepting such obligations, You may act only
|
||||
on Your own behalf and on Your sole responsibility, not on behalf
|
||||
of any other Contributor, and only if You agree to indemnify,
|
||||
defend, and hold each Contributor harmless for any liability
|
||||
incurred by, or claims asserted against, such Contributor by reason
|
||||
of your accepting any such warranty or additional liability.
|
||||
|
||||
END OF TERMS AND CONDITIONS
|
||||
|
||||
APPENDIX: How to apply the Apache License to your work.
|
||||
|
||||
To apply the Apache License to your work, attach the following
|
||||
boilerplate notice, with the fields enclosed by brackets "[]"
|
||||
replaced with your own identifying information. (Don't include
|
||||
the brackets!) The text should be enclosed in the appropriate
|
||||
comment syntax for the file format. We also recommend that a
|
||||
file or class name and description of purpose be included on the
|
||||
same "printed page" as the copyright notice for easier
|
||||
identification within third-party archives.
|
||||
|
||||
Copyright [2016] [Red Hat, Inc.]
|
||||
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
|
@ -0,0 +1,3 @@
|
|||
# Ansible role: ceph-nfs
|
||||
|
||||
Documentation is available at http://docs.ceph.com/ceph-ansible/.
|
|
@ -0,0 +1,122 @@
|
|||
---
|
||||
# You can override vars by using host or group vars
|
||||
|
||||
###########
|
||||
# GENERAL #
|
||||
###########
|
||||
|
||||
# Even though NFS nodes should not have the admin key
|
||||
# at their disposal, some people might want to have it
|
||||
# distributed on RGW nodes. Setting 'copy_admin_key' to 'true'
|
||||
# will copy the admin key to the /etc/ceph/ directory
|
||||
copy_admin_key: false
|
||||
|
||||
# Whether docker container or systemd service should be enabled
|
||||
# and started, it's useful to set it to false if nfs-ganesha
|
||||
# service is managed by pacemaker
|
||||
ceph_nfs_enable_service: true
|
||||
|
||||
# ceph-nfs systemd service uses ansible's hostname as an instance id,
|
||||
# so service name is ceph-nfs@{{ ansible_facts['hostname'] }}, this is not
|
||||
# ideal when ceph-nfs is managed by pacemaker across multiple hosts - in
|
||||
# such case it's better to have constant instance id instead which
|
||||
# can be set by 'ceph_nfs_service_suffix'
|
||||
# ceph_nfs_service_suffix: "{{ ansible_facts['hostname'] }}"
|
||||
|
||||
######################
|
||||
# NFS Ganesha Config #
|
||||
######################
|
||||
ceph_nfs_log_file: "/var/log/ganesha/ganesha.log"
|
||||
ceph_nfs_dynamic_exports: false
|
||||
# If set to true then rados is used to store ganesha exports
|
||||
# and client sessions information, this is useful if you
|
||||
# run multiple nfs-ganesha servers in active/passive mode and
|
||||
# want to do failover
|
||||
ceph_nfs_rados_backend: false
|
||||
# Name of the rados object used to store a list of the export rados
|
||||
# object URLS
|
||||
ceph_nfs_rados_export_index: "ganesha-export-index"
|
||||
# Address ganesha service should listen on, by default ganesha listens on all
|
||||
# addresses. (Note: ganesha ignores this parameter in current version due to
|
||||
# this bug: https://github.com/nfs-ganesha/nfs-ganesha/issues/217)
|
||||
# ceph_nfs_bind_addr: 0.0.0.0
|
||||
|
||||
# If set to true, then ganesha's attribute and directory caching is disabled
|
||||
# as much as possible. Currently, ganesha caches by default.
|
||||
# When using ganesha as CephFS's gateway, it is recommended to turn off
|
||||
# ganesha's caching as the libcephfs clients also cache the same information.
|
||||
# Note: Irrespective of this option's setting, ganesha's caching is disabled
|
||||
# when setting 'nfs_file_gw' option as true.
|
||||
ceph_nfs_disable_caching: false
|
||||
|
||||
# This is the file ganesha will use to control NFSv4 ID mapping
|
||||
ceph_nfs_idmap_conf: "/etc/ganesha/idmap.conf"
|
||||
|
||||
# idmap configuration file override.
|
||||
# This allows you to specify more configuration options
|
||||
# using an INI style format.
|
||||
# Example:
|
||||
# idmap_conf_overrides:
|
||||
# General:
|
||||
# Domain: foo.domain.net
|
||||
idmap_conf_overrides: {}
|
||||
|
||||
####################
|
||||
# FSAL Ceph Config #
|
||||
####################
|
||||
ceph_nfs_ceph_export_id: 20133
|
||||
ceph_nfs_ceph_pseudo_path: "/cephfile"
|
||||
ceph_nfs_ceph_protocols: "3,4"
|
||||
ceph_nfs_ceph_access_type: "RW"
|
||||
ceph_nfs_ceph_user: "admin"
|
||||
ceph_nfs_ceph_squash: "Root_Squash"
|
||||
ceph_nfs_ceph_sectype: "sys,krb5,krb5i,krb5p"
|
||||
|
||||
###################
|
||||
# FSAL RGW Config #
|
||||
###################
|
||||
ceph_nfs_rgw_export_id: 20134
|
||||
ceph_nfs_rgw_pseudo_path: "/cephobject"
|
||||
ceph_nfs_rgw_protocols: "3,4"
|
||||
ceph_nfs_rgw_access_type: "RW"
|
||||
ceph_nfs_rgw_user: "cephnfs"
|
||||
ceph_nfs_rgw_squash: "Root_Squash"
|
||||
ceph_nfs_rgw_sectype: "sys,krb5,krb5i,krb5p"
|
||||
# Note: keys are optional and can be generated, but not on containerized, where
|
||||
# they must be configered.
|
||||
# ceph_nfs_rgw_access_key: "QFAMEDSJP5DEKJO0DDXY"
|
||||
# ceph_nfs_rgw_secret_key: "iaSFLDVvDdQt6lkNzHyW4fPLZugBAI1g17LO0+87[MAC[M#C"
|
||||
rgw_client_name: client.rgw.{{ ansible_facts['hostname'] }}
|
||||
|
||||
###################
|
||||
# CONFIG OVERRIDE #
|
||||
###################
|
||||
|
||||
# Ganesha configuration file override.
|
||||
# These multiline strings will be appended to the contents of the blocks in ganesha.conf and
|
||||
# must be in the correct ganesha.conf format seen here:
|
||||
# https://github.com/nfs-ganesha/nfs-ganesha/blob/next/src/config_samples/ganesha.conf.example
|
||||
#
|
||||
# Example:
|
||||
# CACHEINODE {
|
||||
# Entries_HWMark = 100000;
|
||||
# }
|
||||
#
|
||||
# ganesha_core_param_overrides:
|
||||
# ganesha_ceph_export_overrides:
|
||||
# ganesha_rgw_export_overrides:
|
||||
# ganesha_rgw_section_overrides:
|
||||
# ganesha_log_overrides:
|
||||
# ganesha_conf_overrides: |
|
||||
# CACHEINODE {
|
||||
# Entries_HWMark = 100000;
|
||||
# }
|
||||
|
||||
##########
|
||||
# DOCKER #
|
||||
##########
|
||||
|
||||
ceph_docker_image: "ceph/daemon"
|
||||
ceph_docker_image_tag: latest
|
||||
ceph_nfs_docker_extra_env:
|
||||
ceph_config_keys: [] # DON'T TOUCH ME
|
|
@ -0,0 +1,14 @@
|
|||
---
|
||||
galaxy_info:
|
||||
company: Red Hat
|
||||
author: Daniel Gryniewicz
|
||||
description: Installs Ceph NFS Gateway
|
||||
license: Apache
|
||||
min_ansible_version: '2.7'
|
||||
platforms:
|
||||
- name: EL
|
||||
versions:
|
||||
- 'all'
|
||||
galaxy_tags:
|
||||
- system
|
||||
dependencies: []
|
|
@ -0,0 +1,23 @@
|
|||
---
|
||||
- name: Create rgw nfs user "{{ ceph_nfs_rgw_user }}"
|
||||
radosgw_user:
|
||||
name: "{{ ceph_nfs_rgw_user }}"
|
||||
cluster: "{{ cluster }}"
|
||||
display_name: "RGW NFS User"
|
||||
access_key: "{{ ceph_nfs_rgw_access_key | default(omit) }}"
|
||||
secret_key: "{{ ceph_nfs_rgw_secret_key | default(omit) }}"
|
||||
run_once: true
|
||||
register: rgw_nfs_user
|
||||
changed_when: false
|
||||
delegate_to: "{{ groups[mon_group_name][0] }}"
|
||||
when: nfs_obj_gw | bool
|
||||
environment:
|
||||
CEPH_CONTAINER_IMAGE: "{{ ceph_docker_registry + '/' + ceph_docker_image + ':' + ceph_docker_image_tag if containerized_deployment | bool else None }}"
|
||||
CEPH_CONTAINER_BINARY: "{{ container_binary }}"
|
||||
|
||||
- name: Set_fact ceph_nfs_rgw_access_key and ceph_nfs_rgw_secret_key
|
||||
ansible.builtin.set_fact:
|
||||
ceph_nfs_rgw_access_key: "{{ (rgw_nfs_user.stdout | from_json)['keys'][0]['access_key'] }}"
|
||||
ceph_nfs_rgw_secret_key: "{{ (rgw_nfs_user.stdout | from_json)['keys'][0]['secret_key'] }}"
|
||||
delegate_to: "{{ groups[mon_group_name][0] }}"
|
||||
when: nfs_obj_gw | bool
|
|
@ -0,0 +1,96 @@
|
|||
---
|
||||
# global/common requirement
|
||||
- name: Stop nfs server service
|
||||
ansible.builtin.systemd:
|
||||
name: "{{ 'nfs-server' if ansible_facts['os_family'] == 'RedHat' else 'nfsserver' if ansible_facts['os_family'] == 'Suse' else 'nfs-kernel-server' if ansible_facts['os_family'] == 'Debian' }}"
|
||||
state: stopped
|
||||
enabled: false
|
||||
failed_when: false
|
||||
|
||||
- name: Include pre_requisite_non_container.yml
|
||||
ansible.builtin.include_tasks: pre_requisite_non_container.yml
|
||||
when: not containerized_deployment | bool
|
||||
|
||||
- name: Include pre_requisite_container.yml
|
||||
ansible.builtin.include_tasks: pre_requisite_container.yml
|
||||
when: containerized_deployment | bool
|
||||
|
||||
- name: Set_fact _rgw_hostname
|
||||
ansible.builtin.set_fact:
|
||||
_rgw_hostname: "{{ hostvars[inventory_hostname]['ansible_facts']['hostname'] }}"
|
||||
|
||||
- name: Set rgw parameter (log file)
|
||||
ceph_config:
|
||||
action: set
|
||||
who: "client.rgw.{{ _rgw_hostname }}"
|
||||
option: "log file"
|
||||
value: "/var/log/ceph/{{ cluster }}-rgw-{{ hostvars[inventory_hostname]['ansible_facts']['hostname'] }}.log"
|
||||
environment:
|
||||
CEPH_CONTAINER_IMAGE: "{{ ceph_docker_registry + '/' + ceph_docker_image + ':' + ceph_docker_image_tag if containerized_deployment | bool else None }}"
|
||||
CEPH_CONTAINER_BINARY: "{{ container_binary }}"
|
||||
loop: "{{ groups.get('nfss', []) }}"
|
||||
|
||||
- name: Include create_rgw_nfs_user.yml
|
||||
ansible.builtin.import_tasks: create_rgw_nfs_user.yml
|
||||
when: groups.get(mon_group_name, []) | length > 0
|
||||
|
||||
- name: Install nfs-ganesha-selinux on RHEL 8
|
||||
ansible.builtin.package:
|
||||
name: nfs-ganesha-selinux
|
||||
state: present
|
||||
register: result
|
||||
until: result is succeeded
|
||||
when:
|
||||
- not containerized_deployment | bool
|
||||
- inventory_hostname in groups.get(nfs_group_name, [])
|
||||
- ansible_facts['os_family'] == 'RedHat'
|
||||
- ansible_facts['distribution_major_version'] == '8'
|
||||
|
||||
# NOTE (leseb): workaround for issues with ganesha and librgw
|
||||
- name: Add ganesha_t to permissive domain
|
||||
community.general.selinux_permissive:
|
||||
name: ganesha_t
|
||||
permissive: true
|
||||
failed_when: false
|
||||
when:
|
||||
- not containerized_deployment | bool
|
||||
- ansible_facts['os_family'] == 'RedHat'
|
||||
- ansible_facts['selinux']['status'] == 'enabled'
|
||||
|
||||
- name: Nfs with external ceph cluster task related
|
||||
when:
|
||||
- groups.get(mon_group_name, []) | length == 0
|
||||
- ceph_nfs_ceph_user is defined
|
||||
block:
|
||||
- name: Create keyring directory
|
||||
ansible.builtin.file:
|
||||
path: "/var/lib/ceph/radosgw/{{ cluster }}-rgw.{{ item }}"
|
||||
state: directory
|
||||
owner: "{{ ceph_uid if containerized_deployment | bool else 'ceph' }}"
|
||||
group: "{{ ceph_uid if containerized_deployment | bool else 'ceph' }}"
|
||||
mode: "0755"
|
||||
with_items:
|
||||
- "{{ ceph_nfs_ceph_user }}"
|
||||
- "{{ ansible_facts['hostname'] }}"
|
||||
|
||||
- name: Set_fact rgw_client_name
|
||||
ansible.builtin.set_fact:
|
||||
rgw_client_name: "client.rgw.{{ ceph_nfs_ceph_user }}"
|
||||
|
||||
- name: Get client cephx keys
|
||||
ansible.builtin.copy:
|
||||
dest: "{{ item.1 }}"
|
||||
content: "{{ item.0.content | b64decode }}"
|
||||
mode: "{{ item.0.item.get('mode', '0600') }}"
|
||||
owner: "{{ ceph_uid if containerized_deployment | bool else 'ceph' }}"
|
||||
group: "{{ ceph_uid if containerized_deployment | bool else 'ceph' }}"
|
||||
with_nested:
|
||||
- "{{ hostvars[groups['_filtered_clients'][0]]['slurp_client_keys']['results'] | default([]) }}"
|
||||
- ['/var/lib/ceph/radosgw/{{ cluster }}-rgw.{{ ceph_nfs_ceph_user }}/keyring', "/var/lib/ceph/radosgw/{{ cluster }}-rgw.{{ ansible_facts['hostname'] }}/keyring"]
|
||||
when:
|
||||
- not item.0.get('skipped', False)
|
||||
- item.0.item.name == 'client.' + ceph_nfs_ceph_user or item.0.item.name == rgw_client_name
|
||||
no_log: "{{ no_log_on_ceph_key_tasks }}"
|
||||
|
||||
- name: Include start_nfs.yml
|
||||
ansible.builtin.import_tasks: start_nfs.yml
|
|
@ -0,0 +1,108 @@
|
|||
---
|
||||
- name: Keyring related tasks
|
||||
when: groups.get(mon_group_name, []) | length > 0
|
||||
block:
|
||||
- name: Set_fact container_exec_cmd
|
||||
ansible.builtin.set_fact:
|
||||
container_exec_cmd: "{{ container_binary }} exec ceph-mon-{{ hostvars[item]['ansible_facts']['hostname'] }}"
|
||||
with_items: "{{ groups.get(mon_group_name, []) }}"
|
||||
delegate_to: "{{ item }}"
|
||||
delegate_facts: true
|
||||
run_once: true
|
||||
|
||||
- name: Create directories
|
||||
ansible.builtin.file:
|
||||
path: "{{ item.0 }}"
|
||||
state: "directory"
|
||||
owner: "{{ ceph_uid }}"
|
||||
group: "{{ ceph_uid }}"
|
||||
mode: "0755"
|
||||
delegate_to: "{{ item.1 }}"
|
||||
with_nested:
|
||||
- ["/var/lib/ceph/radosgw/{{ cluster }}-rgw.{{ ansible_facts['hostname'] }}",
|
||||
"/var/lib/ceph/radosgw/{{ cluster }}-nfs.{{ ansible_facts['hostname'] }}"]
|
||||
- ["{{ groups.get(mon_group_name)[0] }}", "{{ inventory_hostname }}"]
|
||||
|
||||
- name: Set_fact keyrings_list
|
||||
ansible.builtin.set_fact:
|
||||
keyrings_list:
|
||||
- { name: "client.bootstrap-rgw", path: "/var/lib/ceph/bootstrap-rgw/{{ cluster }}.keyring", copy_key: "{{ nfs_obj_gw }}" }
|
||||
- { name: "client.admin", path: "/etc/ceph/{{ cluster }}.client.admin.keyring", copy_key: "{{ copy_admin_key }}" }
|
||||
- { name: "client.rgw.{{ ansible_facts['hostname'] }}", create: true, path: "/var/lib/ceph/radosgw/{{ cluster }}-rgw.{{ ansible_facts['hostname'] }}/keyring", caps: { "mon": "allow r", "osd": "allow rwx tag rgw *=*"} }
|
||||
- { name: "client.nfs.{{ ansible_facts['hostname'] }}", create: true, path: "/var/lib/ceph/radosgw/{{ cluster }}-nfs.{{ ansible_facts['hostname'] }}/keyring", caps: { "mon": "r", "osd": "allow rw pool=.nfs"} }
|
||||
|
||||
- name: Create keyrings from a monitor
|
||||
ceph_key:
|
||||
name: "{{ item.name }}"
|
||||
cluster: "{{ cluster }}"
|
||||
dest: "{{ item.path }}"
|
||||
caps: "{{ item.caps }}"
|
||||
import_key: true
|
||||
owner: "{{ ceph_uid }}"
|
||||
group: "{{ ceph_uid }}"
|
||||
mode: "0600"
|
||||
no_log: "{{ no_log_on_ceph_key_tasks }}"
|
||||
environment:
|
||||
CEPH_CONTAINER_IMAGE: "{{ ceph_docker_registry + '/' + ceph_docker_image + ':' + ceph_docker_image_tag if containerized_deployment else None }}"
|
||||
CEPH_CONTAINER_BINARY: "{{ container_binary }}"
|
||||
delegate_to: "{{ groups.get(mon_group_name)[0] }}"
|
||||
loop: "{{ keyrings_list }}"
|
||||
when:
|
||||
- cephx | bool
|
||||
- item.create | default(False) | bool
|
||||
|
||||
- name: Get keys from monitors
|
||||
ceph_key:
|
||||
name: "{{ item.name }}"
|
||||
cluster: "{{ cluster }}"
|
||||
output_format: plain
|
||||
state: info
|
||||
environment:
|
||||
CEPH_CONTAINER_IMAGE: "{{ ceph_docker_registry + '/' + ceph_docker_image + ':' + ceph_docker_image_tag if containerized_deployment | bool else None }}"
|
||||
CEPH_CONTAINER_BINARY: "{{ container_binary }}"
|
||||
register: _rgw_keys
|
||||
loop: "{{ keyrings_list }}"
|
||||
delegate_to: "{{ groups.get(mon_group_name)[0] }}"
|
||||
run_once: true
|
||||
when:
|
||||
- cephx | bool
|
||||
- item.copy_key | default(True) | bool
|
||||
no_log: "{{ no_log_on_ceph_key_tasks }}"
|
||||
|
||||
- name: Debug
|
||||
ansible.builtin.debug:
|
||||
msg: "{{ _rgw_keys }}"
|
||||
|
||||
- name: Copy ceph key(s) if needed
|
||||
ansible.builtin.copy:
|
||||
dest: "{{ item.item.path }}"
|
||||
content: "{{ item.stdout + '\n' }}"
|
||||
owner: "{{ ceph_uid if containerized_deployment | bool else 'ceph' }}"
|
||||
group: "{{ ceph_uid if containerized_deployment | bool else 'ceph' }}"
|
||||
mode: "{{ ceph_keyring_permissions }}"
|
||||
with_items: "{{ _rgw_keys.results }}"
|
||||
when:
|
||||
- cephx | bool
|
||||
- item.item.copy_key | default(True) | bool
|
||||
no_log: "{{ no_log_on_ceph_key_tasks }}"
|
||||
|
||||
- name: Dbus related tasks
|
||||
when: ceph_nfs_dynamic_exports | bool
|
||||
block:
|
||||
- name: Get file
|
||||
ansible.builtin.command: "{{ container_binary }} run --rm --entrypoint=cat {{ ceph_docker_registry + '/' + ceph_docker_image + ':' + ceph_docker_image_tag }} /etc/dbus-1/system.d/org.ganesha.nfsd.conf"
|
||||
register: dbus_ganesha_file
|
||||
run_once: true
|
||||
changed_when: false
|
||||
|
||||
- name: Create dbus service file
|
||||
ansible.builtin.copy:
|
||||
content: "{{ dbus_ganesha_file.stdout }}"
|
||||
dest: /etc/dbus-1/system.d/org.ganesha.nfsd.conf
|
||||
owner: "root"
|
||||
group: "root"
|
||||
mode: "0644"
|
||||
|
||||
- name: Reload dbus configuration
|
||||
ansible.builtin.command: "killall -SIGHUP dbus-daemon"
|
||||
changed_when: false
|
|
@ -0,0 +1,96 @@
|
|||
---
|
||||
- name: Include red hat based system related tasks
|
||||
ansible.builtin.include_tasks: pre_requisite_non_container_red_hat.yml
|
||||
when: ansible_facts['os_family'] == 'RedHat'
|
||||
|
||||
- name: Include debian based system related tasks
|
||||
ansible.builtin.include_tasks: pre_requisite_non_container_debian.yml
|
||||
when: ansible_facts['os_family'] == 'Debian'
|
||||
|
||||
- name: Install nfs rgw/cephfs gateway - SUSE/openSUSE
|
||||
community.general.zypper:
|
||||
name: "{{ item.name }}"
|
||||
disable_gpg_check: true
|
||||
with_items:
|
||||
- { name: 'nfs-ganesha-rgw', install: "{{ nfs_obj_gw }}" }
|
||||
- { name: 'radosgw', install: "{{ nfs_obj_gw }}" }
|
||||
- { name: 'nfs-ganesha-ceph', install: "{{ nfs_file_gw }}" }
|
||||
when:
|
||||
- (ceph_origin == 'repository' or ceph_origin == 'distro')
|
||||
- ansible_facts['os_family'] == 'Suse'
|
||||
- item.install | bool
|
||||
register: result
|
||||
until: result is succeeded
|
||||
|
||||
# NOTE (leseb): we use root:ceph for permissions since ganesha
|
||||
# does not have the right selinux context to read ceph directories.
|
||||
- name: Create rados gateway and ganesha directories
|
||||
ansible.builtin.file:
|
||||
path: "{{ item.name }}"
|
||||
state: directory
|
||||
owner: "{{ item.owner | default('ceph') }}"
|
||||
group: "{{ item.group | default('ceph') }}"
|
||||
mode: "{{ ceph_directories_mode }}"
|
||||
with_items:
|
||||
- { name: "/var/lib/ceph/bootstrap-rgw", create: "{{ nfs_obj_gw }}" }
|
||||
- { name: "/var/lib/ceph/radosgw", create: "{{ nfs_obj_gw }}" }
|
||||
- { name: "/var/lib/ceph/radosgw/{{ cluster }}-rgw.{{ ansible_facts['hostname'] }}", create: "{{ nfs_obj_gw }}" }
|
||||
- { name: "{{ rbd_client_admin_socket_path }}", create: "{{ nfs_obj_gw }}" }
|
||||
- { name: "/var/log/ceph", create: true }
|
||||
- { name: "/var/log/ganesha", create: true, owner: root, group: root }
|
||||
- { name: "/var/run/ceph", create: true }
|
||||
when: item.create | bool
|
||||
|
||||
- name: Cephx related tasks
|
||||
when:
|
||||
- cephx | bool
|
||||
- groups.get(mon_group_name, []) | length > 0
|
||||
block:
|
||||
- name: Get keys from monitors
|
||||
ceph_key:
|
||||
name: "{{ item.name }}"
|
||||
cluster: "{{ cluster }}"
|
||||
output_format: plain
|
||||
state: info
|
||||
register: _rgw_keys
|
||||
with_items:
|
||||
- { name: "client.bootstrap-rgw", path: "/var/lib/ceph/bootstrap-rgw/{{ cluster }}.keyring", copy_key: "{{ nfs_obj_gw }}" }
|
||||
- { name: "client.admin", path: "/etc/ceph/{{ cluster }}.client.admin.keyring", copy_key: "{{ copy_admin_key }}" }
|
||||
delegate_to: "{{ groups.get(mon_group_name)[0] }}"
|
||||
run_once: true
|
||||
when:
|
||||
- cephx | bool
|
||||
- item.copy_key | bool
|
||||
no_log: "{{ no_log_on_ceph_key_tasks }}"
|
||||
|
||||
- name: Copy ceph key(s) if needed
|
||||
ansible.builtin.copy:
|
||||
dest: "{{ item.item.path }}"
|
||||
content: "{{ item.stdout + '\n' }}"
|
||||
owner: "{{ ceph_uid if containerized_deployment | bool else 'ceph' }}"
|
||||
group: "{{ ceph_uid if containerized_deployment | bool else 'ceph' }}"
|
||||
mode: "{{ ceph_keyring_permissions }}"
|
||||
with_items: "{{ _rgw_keys.results }}"
|
||||
when:
|
||||
- cephx | bool
|
||||
- item.item.copy_key | bool
|
||||
no_log: "{{ no_log_on_ceph_key_tasks }}"
|
||||
|
||||
- name: Nfs object gateway related tasks
|
||||
when: nfs_obj_gw | bool
|
||||
block:
|
||||
- name: Create rados gateway keyring
|
||||
ceph_key:
|
||||
name: "client.rgw.{{ ansible_facts['hostname'] }}"
|
||||
cluster: "{{ cluster }}"
|
||||
user: client.bootstrap-rgw
|
||||
user_key: "/var/lib/ceph/bootstrap-rgw/{{ cluster }}.keyring"
|
||||
caps:
|
||||
mon: "allow rw"
|
||||
osd: "allow rwx"
|
||||
dest: "/var/lib/ceph/radosgw/{{ cluster }}-rgw.{{ ansible_facts['hostname'] }}/keyring"
|
||||
import_key: false
|
||||
owner: ceph
|
||||
group: ceph
|
||||
mode: "{{ ceph_keyring_permissions }}"
|
||||
no_log: "{{ no_log_on_ceph_key_tasks }}"
|
|
@ -0,0 +1,80 @@
|
|||
---
|
||||
- name: Debian based systems - repo handling
|
||||
when: ceph_origin == 'repository'
|
||||
block:
|
||||
- name: Stable repos specific tasks
|
||||
when:
|
||||
- nfs_ganesha_stable | bool
|
||||
- ceph_repository == 'community'
|
||||
block:
|
||||
- name: Add nfs-ganesha stable repository
|
||||
ansible.builtin.apt_repository:
|
||||
repo: "deb {{ nfs_ganesha_stable_deb_repo }} {{ ceph_stable_distro_source | default(ansible_facts['distribution_release']) }} main"
|
||||
state: present
|
||||
update_cache: false
|
||||
register: add_ganesha_apt_repo
|
||||
|
||||
- name: Add libntirpc stable repository
|
||||
ansible.builtin.apt_repository:
|
||||
repo: "deb {{ libntirpc_stable_deb_repo }} {{ ceph_stable_distro_source | default(ansible_facts['distribution_release']) }} main"
|
||||
state: present
|
||||
update_cache: false
|
||||
register: add_libntirpc_apt_repo
|
||||
when: libntirpc_stable_deb_repo is defined
|
||||
|
||||
- name: Add nfs-ganesha ppa apt key
|
||||
ansible.builtin.apt_key:
|
||||
keyserver: "{{ nfs_ganesha_apt_keyserver }}"
|
||||
id: "{{ nfs_ganesha_apt_key_id }}"
|
||||
when:
|
||||
- nfs_ganesha_apt_key_id is defined
|
||||
- nfs_ganesha_apt_keyserver is defined
|
||||
|
||||
- name: Update apt cache
|
||||
ansible.builtin.apt:
|
||||
update_cache: true
|
||||
register: update_ganesha_apt_cache
|
||||
retries: 5
|
||||
delay: 2
|
||||
until: update_ganesha_apt_cache is success
|
||||
when: add_ganesha_apt_repo is changed or add_libntirpc_apt_repo is changed
|
||||
|
||||
- name: Debian based systems - dev repos specific tasks
|
||||
when:
|
||||
- nfs_ganesha_dev | bool
|
||||
- ceph_repository == 'dev'
|
||||
block:
|
||||
- name: Fetch nfs-ganesha development repository
|
||||
ansible.builtin.uri:
|
||||
url: "https://shaman.ceph.com/api/repos/nfs-ganesha/next/latest/{{ ansible_facts['distribution'] | lower }}/{{ ansible_facts['distribution_release'] }}/flavors/{{ nfs_ganesha_flavor }}/repo?arch={{ ansible_facts['architecture'] }}"
|
||||
return_content: true
|
||||
register: nfs_ganesha_dev_apt_repo
|
||||
|
||||
- name: Add nfs-ganesha development repository
|
||||
ansible.builtin.copy:
|
||||
content: "{{ nfs_ganesha_dev_apt_repo.content }}"
|
||||
dest: /etc/apt/sources.list.d/nfs-ganesha-dev.list
|
||||
owner: root
|
||||
group: root
|
||||
backup: true
|
||||
mode: "0644"
|
||||
|
||||
- name: Debain based systems - install required packages
|
||||
block:
|
||||
- name: Debian based systems
|
||||
when: ceph_origin == 'repository' or ceph_origin == 'distro'
|
||||
block:
|
||||
- name: Install nfs rgw/cephfs gateway - debian
|
||||
ansible.builtin.apt:
|
||||
name: ['nfs-ganesha-rgw', 'radosgw']
|
||||
allow_unauthenticated: true
|
||||
register: result
|
||||
until: result is succeeded
|
||||
when: nfs_obj_gw | bool
|
||||
- name: Install nfs rgw/cephfs gateway - debian
|
||||
ansible.builtin.apt:
|
||||
name: nfs-ganesha-ceph
|
||||
allow_unauthenticated: true
|
||||
register: result
|
||||
until: result is succeeded
|
||||
when: nfs_file_gw | bool
|
|
@ -0,0 +1,43 @@
|
|||
---
|
||||
- name: Red hat based systems - repo handling
|
||||
when: ceph_origin == 'repository'
|
||||
block:
|
||||
- name: Red hat based systems - stable repo related tasks
|
||||
when:
|
||||
- nfs_ganesha_stable | bool
|
||||
- ceph_repository == 'community'
|
||||
block:
|
||||
- name: Add nfs-ganesha stable repository
|
||||
ansible.builtin.package:
|
||||
name: "{{ centos_release_nfs }}"
|
||||
state: present
|
||||
|
||||
- name: Red hat based systems - dev repo related tasks
|
||||
when:
|
||||
- nfs_ganesha_dev | bool
|
||||
- ceph_repository == 'dev'
|
||||
block:
|
||||
- name: Add nfs-ganesha dev repo
|
||||
ansible.builtin.get_url:
|
||||
url: "https://shaman.ceph.com/api/repos/nfs-ganesha/next/latest/{{ ansible_facts['distribution'] | lower }}/{{ ansible_facts['distribution_major_version'] }}/flavors/{{ nfs_ganesha_flavor }}/repo?arch={{ ansible_facts['architecture'] }}"
|
||||
dest: /etc/yum.repos.d/nfs-ganesha-dev.repo
|
||||
mode: "0644"
|
||||
force: true
|
||||
|
||||
- name: Red hat based systems - install nfs packages
|
||||
block:
|
||||
- name: Install nfs cephfs gateway
|
||||
ansible.builtin.package:
|
||||
name: ['nfs-ganesha-ceph', 'nfs-ganesha-rados-grace']
|
||||
state: "{{ (upgrade_ceph_packages | bool) | ternary('latest', 'present') }}"
|
||||
register: result
|
||||
until: result is succeeded
|
||||
when: nfs_file_gw | bool
|
||||
|
||||
- name: Install redhat nfs-ganesha-rgw and ceph-radosgw packages
|
||||
ansible.builtin.package:
|
||||
name: ['nfs-ganesha-rgw', 'nfs-ganesha-rados-grace', 'nfs-ganesha-rados-urls', 'ceph-radosgw']
|
||||
state: "{{ (upgrade_ceph_packages | bool) | ternary('latest', 'present') }}"
|
||||
register: result
|
||||
until: result is succeeded
|
||||
when: nfs_obj_gw | bool
|
|
@ -0,0 +1,105 @@
|
|||
---
|
||||
- name: Nfs various pre-requisites tasks
|
||||
block:
|
||||
- name: Set_fact exec_cmd_nfs - external
|
||||
ansible.builtin.set_fact:
|
||||
exec_cmd_nfs: "{{ container_binary + ' run --rm --net=host -v /etc/ceph:/etc/ceph:z -v /var/lib/ceph/:/var/lib/ceph/:z -v /var/log/ceph/:/var/log/ceph/:z --entrypoint=rados ' + ceph_docker_registry + '/' + ceph_docker_image + ':' + ceph_docker_image_tag if containerized_deployment | bool else 'rados' }} -n client.{{ ceph_nfs_ceph_user }} -k /var/lib/ceph/radosgw/{{ cluster }}-rgw.{{ ceph_nfs_ceph_user }}/keyring"
|
||||
delegate_node: "{{ inventory_hostname }}"
|
||||
when: groups.get(mon_group_name, []) | length == 0
|
||||
|
||||
- name: Set_fact exec_cmd_nfs - internal
|
||||
ansible.builtin.set_fact:
|
||||
exec_cmd_nfs: "{{ container_binary + ' exec ceph-mon-' + hostvars[groups[mon_group_name][0]]['ansible_facts']['hostname'] if containerized_deployment | bool else '' }} rados"
|
||||
delegate_node: "{{ groups[mon_group_name][0] }}"
|
||||
when: groups.get(mon_group_name, []) | length > 0
|
||||
|
||||
- name: Check if rados index object exists
|
||||
ansible.builtin.shell: "set -o pipefail && {{ exec_cmd_nfs | default('') }} -p {{ cephfs_data_pool.name }} --cluster {{ cluster }} ls | grep {{ ceph_nfs_rados_export_index }}"
|
||||
changed_when: false
|
||||
failed_when: false
|
||||
register: rados_index_exists
|
||||
check_mode: false
|
||||
when: ceph_nfs_rados_backend | bool
|
||||
delegate_to: "{{ delegate_node }}"
|
||||
run_once: true
|
||||
|
||||
- name: Create an empty rados index object
|
||||
ansible.builtin.command: "{{ exec_cmd_nfs | default('') }} -p {{ cephfs_data_pool.name }} --cluster {{ cluster }} put {{ ceph_nfs_rados_export_index }} /dev/null"
|
||||
when:
|
||||
- ceph_nfs_rados_backend | bool
|
||||
- rados_index_exists.rc != 0
|
||||
delegate_to: "{{ delegate_node }}"
|
||||
changed_when: false
|
||||
run_once: true
|
||||
|
||||
- name: Create /etc/ganesha
|
||||
ansible.builtin.file:
|
||||
path: /etc/ganesha
|
||||
state: directory
|
||||
owner: root
|
||||
group: root
|
||||
mode: "0755"
|
||||
|
||||
- name: Generate ganesha configuration file
|
||||
ansible.builtin.template:
|
||||
src: "ganesha.conf.j2"
|
||||
dest: /etc/ganesha/ganesha.conf
|
||||
owner: "root"
|
||||
group: "root"
|
||||
mode: "0644"
|
||||
notify: Restart ceph nfss
|
||||
|
||||
- name: Generate ganesha idmap.conf file
|
||||
openstack.config_template.config_template:
|
||||
src: "idmap.conf.j2"
|
||||
dest: "{{ ceph_nfs_idmap_conf }}"
|
||||
owner: "root"
|
||||
group: "root"
|
||||
mode: "0644"
|
||||
config_overrides: "{{ idmap_conf_overrides }}"
|
||||
config_type: ini
|
||||
notify: Restart ceph nfss
|
||||
|
||||
- name: Create exports directory
|
||||
ansible.builtin.file:
|
||||
path: /etc/ganesha/export.d
|
||||
state: directory
|
||||
owner: "root"
|
||||
group: "root"
|
||||
mode: "0755"
|
||||
when: ceph_nfs_dynamic_exports | bool
|
||||
|
||||
- name: Create exports dir index file
|
||||
ansible.builtin.copy:
|
||||
content: ""
|
||||
force: false
|
||||
dest: /etc/ganesha/export.d/INDEX.conf
|
||||
owner: "root"
|
||||
group: "root"
|
||||
mode: "0644"
|
||||
when: ceph_nfs_dynamic_exports | bool
|
||||
|
||||
- name: Include_tasks systemd.yml
|
||||
ansible.builtin.include_tasks: systemd.yml
|
||||
when: containerized_deployment | bool
|
||||
|
||||
- name: Systemd start nfs container
|
||||
ansible.builtin.systemd:
|
||||
name: ceph-nfs@{{ ceph_nfs_service_suffix | default(ansible_facts['hostname']) }}
|
||||
state: started
|
||||
enabled: true
|
||||
masked: false
|
||||
daemon_reload: true
|
||||
when:
|
||||
- containerized_deployment | bool
|
||||
- ceph_nfs_enable_service | bool
|
||||
|
||||
- name: Start nfs gateway service
|
||||
ansible.builtin.systemd:
|
||||
name: nfs-ganesha
|
||||
state: started
|
||||
enabled: true
|
||||
masked: false
|
||||
when:
|
||||
- not containerized_deployment | bool
|
||||
- ceph_nfs_enable_service | bool
|
|
@ -0,0 +1,9 @@
|
|||
---
|
||||
- name: Generate systemd unit file
|
||||
ansible.builtin.template:
|
||||
src: "{{ role_path }}/templates/ceph-nfs.service.j2"
|
||||
dest: /etc/systemd/system/ceph-nfs@.service
|
||||
owner: "root"
|
||||
group: "root"
|
||||
mode: "0644"
|
||||
notify: Restart ceph nfss
|
|
@ -0,0 +1,56 @@
|
|||
[Unit]
|
||||
Description=NFS-Ganesha file server
|
||||
Documentation=http://github.com/nfs-ganesha/nfs-ganesha/wiki
|
||||
{% if container_binary == 'docker' %}
|
||||
After=docker.service network-online.target local-fs.target time-sync.target
|
||||
Requires=docker.service
|
||||
{% else %}
|
||||
After=network-online.target local-fs.target time-sync.target
|
||||
{% endif %}
|
||||
Wants=network-online.target local-fs.target time-sync.target
|
||||
|
||||
[Service]
|
||||
EnvironmentFile=-/etc/environment
|
||||
{% if container_binary == 'podman' %}
|
||||
ExecStartPre=-/usr/bin/rm -f /%t/%n-pid /%t/%n-cid
|
||||
ExecStartPre=-/usr/bin/{{ container_binary }} rm --storage ceph-nfs-%i
|
||||
ExecStartPre=-/usr/bin/mkdir -p /var/log/ceph /var/log/ganesha
|
||||
{% endif %}
|
||||
ExecStartPre=-/usr/bin/{{ container_binary }} rm ceph-nfs-%i
|
||||
ExecStartPre={{ '/bin/mkdir' if ansible_facts['os_family'] == 'Debian' else '/usr/bin/mkdir' }} -p /etc/ceph /etc/ganesha /var/lib/nfs/ganesha /var/log/ganesha
|
||||
ExecStart=/usr/bin/{{ container_binary }} run --rm --net=host \
|
||||
{% if container_binary == 'podman' %}
|
||||
-d --log-driver journald --conmon-pidfile /%t/%n-pid --cidfile /%t/%n-cid \
|
||||
{% endif %}
|
||||
--pids-limit={{ 0 if container_binary == 'podman' else -1 }} \
|
||||
-v /etc/ceph:/etc/ceph:z \
|
||||
-v /var/lib/ceph/radosgw/{{ cluster }}-rgw.{{ ansible_facts['hostname'] }}/keyring:/var/lib/ceph/radosgw/{{ cluster }}-rgw.{{ ansible_facts['hostname'] }}/keyring:z \
|
||||
-v /var/lib/ceph/radosgw/{{ cluster }}-nfs.{{ ansible_facts['hostname'] }}/keyring:/etc/ceph/keyring:z \
|
||||
-v /etc/ganesha:/etc/ganesha:z \
|
||||
-v /var/run/dbus/system_bus_socket:/var/run/dbus/system_bus_socket \
|
||||
-v /var/run/ceph:/var/run/ceph:z \
|
||||
-v /var/log/ceph:/var/log/ceph:z \
|
||||
-v /var/log/ganesha:/var/log/ganesha:z \
|
||||
-v /etc/localtime:/etc/localtime:ro \
|
||||
{{ ceph_nfs_docker_extra_env }} \
|
||||
--entrypoint=/usr/bin/ganesha.nfsd \
|
||||
--name=ceph-nfs-{{ ceph_nfs_service_suffix | default(ansible_facts['hostname']) }} \
|
||||
{{ ceph_docker_registry }}/{{ ceph_docker_image }}:{{ ceph_docker_image_tag }} \
|
||||
-F -L STDOUT
|
||||
{% if container_binary == 'podman' %}
|
||||
ExecStop=-/usr/bin/sh -c "/usr/bin/{{ container_binary }} rm -f `cat /%t/%n-cid`"
|
||||
{% else %}
|
||||
ExecStopPost=-/usr/bin/{{ container_binary }} stop ceph-nfs-%i
|
||||
{% endif %}
|
||||
KillMode=none
|
||||
Restart=always
|
||||
RestartSec=10s
|
||||
TimeoutStartSec=120
|
||||
TimeoutStopSec=15
|
||||
{% if container_binary == 'podman' %}
|
||||
Type=forking
|
||||
PIDFile=/%t/%n-pid
|
||||
{% endif %}
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
|
@ -0,0 +1,124 @@
|
|||
#jinja2: trim_blocks: "true", lstrip_blocks: "true"
|
||||
# {{ ansible_managed }}
|
||||
|
||||
{% if ceph_nfs_dynamic_exports | bool and not ceph_nfs_rados_backend | bool %}
|
||||
%include /etc/ganesha/export.d/INDEX.conf
|
||||
{% endif %}
|
||||
|
||||
NFS_Core_Param
|
||||
{
|
||||
{% if ceph_nfs_bind_addr is defined %}
|
||||
Bind_Addr={{ ceph_nfs_bind_addr }};
|
||||
{% endif %}
|
||||
{{ ganesha_core_param_overrides | default(None) }}
|
||||
}
|
||||
|
||||
{% if ceph_nfs_disable_caching | bool or nfs_file_gw | bool %}
|
||||
EXPORT_DEFAULTS {
|
||||
Attr_Expiration_Time = 0;
|
||||
}
|
||||
|
||||
CACHEINODE {
|
||||
Dir_Chunk = 0;
|
||||
|
||||
NParts = 1;
|
||||
Cache_Size = 1;
|
||||
}
|
||||
{% endif %}
|
||||
|
||||
{% if ceph_nfs_rados_backend | bool %}
|
||||
RADOS_URLS {
|
||||
ceph_conf = '/etc/ceph/{{ cluster }}.conf';
|
||||
userid = "{{ ceph_nfs_ceph_user }}";
|
||||
}
|
||||
%url rados://{{ cephfs_data_pool.name }}/{{ ceph_nfs_rados_export_index }}
|
||||
|
||||
NFSv4 {
|
||||
RecoveryBackend = 'rados_kv';
|
||||
IdmapConf = "{{ ceph_nfs_idmap_conf }}";
|
||||
}
|
||||
RADOS_KV {
|
||||
ceph_conf = '/etc/ceph/{{ cluster }}.conf';
|
||||
userid = "{{ ceph_nfs_ceph_user }}";
|
||||
pool = "{{ cephfs_data_pool.name }}";
|
||||
}
|
||||
{% endif %}
|
||||
|
||||
{% if nfs_file_gw | bool %}
|
||||
EXPORT
|
||||
{
|
||||
Export_id={{ ceph_nfs_ceph_export_id }};
|
||||
|
||||
Path = "/";
|
||||
|
||||
Pseudo = {{ ceph_nfs_ceph_pseudo_path }};
|
||||
|
||||
Access_Type = {{ ceph_nfs_ceph_access_type }};
|
||||
|
||||
Protocols = {{ ceph_nfs_ceph_protocols }};
|
||||
|
||||
Transports = TCP;
|
||||
|
||||
SecType = {{ ceph_nfs_ceph_sectype }};
|
||||
|
||||
Squash = {{ ceph_nfs_ceph_squash }};
|
||||
|
||||
Attr_Expiration_Time = 0;
|
||||
|
||||
FSAL {
|
||||
Name = CEPH;
|
||||
User_Id = "{{ ceph_nfs_ceph_user }}";
|
||||
}
|
||||
|
||||
{{ ganesha_ceph_export_overrides | default(None) }}
|
||||
}
|
||||
{% endif %}
|
||||
{% if nfs_obj_gw | bool %}
|
||||
EXPORT
|
||||
{
|
||||
Export_id={{ ceph_nfs_rgw_export_id }};
|
||||
|
||||
Path = "/";
|
||||
|
||||
Pseudo = {{ ceph_nfs_rgw_pseudo_path }};
|
||||
|
||||
Access_Type = {{ ceph_nfs_rgw_access_type }};
|
||||
|
||||
Protocols = {{ ceph_nfs_rgw_protocols }};
|
||||
|
||||
Transports = TCP;
|
||||
|
||||
SecType = {{ ceph_nfs_rgw_sectype }};
|
||||
|
||||
Squash = {{ ceph_nfs_rgw_squash }};
|
||||
|
||||
FSAL {
|
||||
Name = RGW;
|
||||
User_Id = "{{ ceph_nfs_rgw_user }}";
|
||||
Access_Key_Id ="{{ ceph_nfs_rgw_access_key }}";
|
||||
Secret_Access_Key = "{{ ceph_nfs_rgw_secret_key }}";
|
||||
}
|
||||
|
||||
{{ ganesha_rgw_export_overrides | default(None) }}
|
||||
|
||||
}
|
||||
|
||||
RGW {
|
||||
ceph_conf = "/etc/ceph/{{ cluster }}.conf";
|
||||
cluster = "{{ cluster }}";
|
||||
name = "{{ rgw_client_name }}";
|
||||
{{ ganesha_rgw_section_overrides | default(None) }}
|
||||
}
|
||||
{% endif %}
|
||||
|
||||
LOG {
|
||||
Facility {
|
||||
name = FILE;
|
||||
destination = "{{ ceph_nfs_log_file }}";
|
||||
enable = active;
|
||||
}
|
||||
|
||||
{{ ganesha_log_overrides | default(None) }}
|
||||
}
|
||||
|
||||
{{ ganesha_conf_overrides | default(None) }}
|
|
@ -0,0 +1,137 @@
|
|||
[General]
|
||||
#Verbosity = 0
|
||||
# The following should be set to the local NFSv4 domain name
|
||||
# The default is the host's DNS domain name.
|
||||
#Domain = local.domain.edu
|
||||
|
||||
# In multi-domain environments, some NFS servers will append the identity
|
||||
# management domain to the owner and owner_group in lieu of a true NFSv4
|
||||
# domain. This option can facilitate lookups in such environments. If
|
||||
# set to a value other than "none", the nsswitch plugin will first pass
|
||||
# the name to the password/group lookup function without stripping the
|
||||
# domain off. If that mapping fails then the plugin will try again using
|
||||
# the old method (comparing the domain in the string to the Domain value,
|
||||
# stripping it if it matches, and passing the resulting short name to the
|
||||
# lookup function). Valid values are "user", "group", "both", and
|
||||
# "none". The default is "none".
|
||||
#No-Strip = none
|
||||
|
||||
# Winbind has a quirk whereby doing a group lookup in UPN format
|
||||
# (e.g. staff@americas.example.com) will cause the group to be
|
||||
# displayed prefixed with the full domain in uppercase
|
||||
# (e.g. AMERICAS.EXAMPLE.COM\staff) instead of in the familiar netbios
|
||||
# name format (e.g. AMERICAS\staff). Setting this option to true
|
||||
# causes the name to be reformatted before passing it to the group
|
||||
# lookup function in order to work around this. This setting is
|
||||
# ignored unless No-Strip is set to either "both" or "group".
|
||||
# The default is "false".
|
||||
#Reformat-Group = false
|
||||
|
||||
# The following is a comma-separated list of Kerberos realm
|
||||
# names that should be considered to be equivalent to the
|
||||
# local realm, such that <user>@REALM.A can be assumed to
|
||||
# be the same user as <user>@REALM.B
|
||||
# If not specified, the default local realm is the domain name,
|
||||
# which defaults to the host's DNS domain name,
|
||||
# translated to upper-case.
|
||||
# Note that if this value is specified, the local realm name
|
||||
# must be included in the list!
|
||||
#Local-Realms =
|
||||
|
||||
[Mapping]
|
||||
|
||||
#Nobody-User = nobody
|
||||
#Nobody-Group = nobody
|
||||
|
||||
[Translation]
|
||||
|
||||
# Translation Method is an comma-separated, ordered list of
|
||||
# translation methods that can be used. Distributed methods
|
||||
# include "nsswitch", "umich_ldap", and "static". Each method
|
||||
# is a dynamically loadable plugin library.
|
||||
# New methods may be defined and inserted in the list.
|
||||
# The default is "nsswitch".
|
||||
#Method = nsswitch
|
||||
|
||||
# Optional. This is a comma-separated, ordered list of
|
||||
# translation methods to be used for translating GSS
|
||||
# authenticated names to ids.
|
||||
# If this option is omitted, the same methods as those
|
||||
# specified in "Method" are used.
|
||||
#GSS-Methods = <alternate method list for translating GSS names>
|
||||
|
||||
#-------------------------------------------------------------------#
|
||||
# The following are used only for the "static" Translation Method.
|
||||
#-------------------------------------------------------------------#
|
||||
[Static]
|
||||
|
||||
# A "static" list of GSS-Authenticated names to
|
||||
# local user name mappings
|
||||
|
||||
#someuser@REALM = localuser
|
||||
|
||||
|
||||
#-------------------------------------------------------------------#
|
||||
# The following are used only for the "umich_ldap" Translation Method.
|
||||
#-------------------------------------------------------------------#
|
||||
|
||||
[UMICH_SCHEMA]
|
||||
|
||||
# server information (REQUIRED)
|
||||
LDAP_server = ldap-server.local.domain.edu
|
||||
|
||||
# the default search base (REQUIRED)
|
||||
LDAP_base = dc=local,dc=domain,dc=edu
|
||||
|
||||
#-----------------------------------------------------------#
|
||||
# The remaining options have defaults (as shown)
|
||||
# and are therefore not required.
|
||||
#-----------------------------------------------------------#
|
||||
|
||||
# whether or not to perform canonicalization on the
|
||||
# name given as LDAP_server
|
||||
#LDAP_canonicalize_name = true
|
||||
|
||||
# absolute search base for (people) accounts
|
||||
#LDAP_people_base = <LDAP_base>
|
||||
|
||||
# absolute search base for groups
|
||||
#LDAP_group_base = <LDAP_base>
|
||||
|
||||
# Set to true to enable SSL - anything else is not enabled
|
||||
#LDAP_use_ssl = false
|
||||
|
||||
# You must specify a CA certificate location if you enable SSL
|
||||
#LDAP_ca_cert = /etc/ldapca.cert
|
||||
|
||||
# Objectclass mapping information
|
||||
|
||||
# Mapping for the person (account) object class
|
||||
#NFSv4_person_objectclass = NFSv4RemotePerson
|
||||
|
||||
# Mapping for the nfsv4name attribute the person object
|
||||
#NFSv4_name_attr = NFSv4Name
|
||||
|
||||
# Mapping for the UID number
|
||||
#NFSv4_uid_attr = UIDNumber
|
||||
|
||||
# Mapping for the GSSAPI Principal name
|
||||
#GSS_principal_attr = GSSAuthName
|
||||
|
||||
# Mapping for the account name attribute (usually uid)
|
||||
# The value for this attribute must match the value of
|
||||
# the group member attribute - NFSv4_member_attr
|
||||
#NFSv4_acctname_attr = uid
|
||||
|
||||
# Mapping for the group object class
|
||||
#NFSv4_group_objectclass = NFSv4RemoteGroup
|
||||
|
||||
# Mapping for the GID attribute
|
||||
#NFSv4_gid_attr = GIDNumber
|
||||
|
||||
# Mapping for the Group NFSv4 name
|
||||
#NFSv4_group_attr = NFSv4Name
|
||||
|
||||
# Mapping for the Group member attribute (usually memberUID)
|
||||
# The value of this attribute must match the value of NFSv4_acctname_attr
|
||||
#NFSv4_member_attr = memberUID
|
|
@ -0,0 +1,27 @@
|
|||
#!/bin/sh
|
||||
T=$1
|
||||
N=$2
|
||||
|
||||
# start nfs-ganesha
|
||||
/usr/bin/{{ container_binary }} run --rm --net=host \
|
||||
{% if container_binary == 'podman' %}
|
||||
-d --log-driver journald --conmon-pidfile /%t/%n-pid --cidfile /%t/%n-cid \
|
||||
{% endif %}
|
||||
--pids-limit={{ 0 if container_binary == 'podman' else -1 }} \
|
||||
-v /var/lib/ceph:/var/lib/ceph:z \
|
||||
-v /etc/ceph:/etc/ceph:z \
|
||||
-v /var/lib/nfs/ganesha:/var/lib/nfs/ganesha:z \
|
||||
-v /etc/ganesha:/etc/ganesha:z \
|
||||
-v /var/run/ceph:/var/run/ceph:z \
|
||||
-v /var/log/ceph:/var/log/ceph:z \
|
||||
-v /var/log/ganesha:/var/log/ganesha:z \
|
||||
{% if ceph_nfs_dynamic_exports | bool %}
|
||||
--privileged \
|
||||
-v /var/run/dbus/system_bus_socket:/var/run/dbus/system_bus_socket \
|
||||
{% endif -%}
|
||||
-v /etc/localtime:/etc/localtime:ro \
|
||||
{{ ceph_nfs_docker_extra_env }} \
|
||||
--entrypoint=/usr/bin/ganesha.nfsd \
|
||||
--name=ceph-nfs-{{ ceph_nfs_service_suffix | default(ansible_facts['hostname']) }} \
|
||||
{{ ceph_docker_registry }}/{{ ceph_docker_image }}:{{ ceph_docker_image_tag }}
|
||||
-F -L STDOUT "${GANESHA_EPOCH}"
|
|
@ -0,0 +1,15 @@
|
|||
---
|
||||
- name: Fail if ceph_nfs_rgw_access_key or ceph_nfs_rgw_secret_key are undefined (nfs standalone)
|
||||
ansible.builtin.fail:
|
||||
msg: "ceph_nfs_rgw_access_key and ceph_nfs_rgw_secret_key must be set if nfs_obj_gw is True"
|
||||
when:
|
||||
- nfs_obj_gw | bool
|
||||
- groups.get(mon_group_name, []) | length == 0
|
||||
- (ceph_nfs_rgw_access_key is undefined or ceph_nfs_rgw_secret_key is undefined)
|
||||
|
||||
- name: Fail on openSUSE Leap 15.x using distro packages
|
||||
ansible.builtin.fail:
|
||||
msg: "ceph-nfs packages are not available from openSUSE Leap 15.x repositories (ceph_origin = 'distro')"
|
||||
when:
|
||||
- ceph_origin == 'distro'
|
||||
- ansible_facts['distribution'] == 'openSUSE Leap'
|
|
@ -112,6 +112,10 @@
|
|||
- inventory_hostname in groups.get(rgw_group_name, [])
|
||||
- rgw_create_pools is defined
|
||||
|
||||
- name: Include check_nfs.yml
|
||||
ansible.builtin.include_tasks: check_nfs.yml
|
||||
when: inventory_hostname in groups.get(nfs_group_name, [])
|
||||
|
||||
- name: Include check_rbdmirror.yml
|
||||
ansible.builtin.include_tasks: check_rbdmirror.yml
|
||||
when:
|
||||
|
|
|
@ -15,6 +15,7 @@
|
|||
- osds
|
||||
- mdss
|
||||
- rgws
|
||||
- nfss
|
||||
- rbdmirrors
|
||||
- clients
|
||||
- mgrs
|
||||
|
@ -325,6 +326,44 @@
|
|||
status: "Complete"
|
||||
end: "{{ lookup('pipe', 'date +%Y%m%d%H%M%SZ') }}"
|
||||
|
||||
- hosts: nfss
|
||||
become: True
|
||||
gather_facts: false
|
||||
any_errors_fatal: true
|
||||
tasks:
|
||||
# pre-tasks for following imports -
|
||||
- name: set ceph nfs install 'In Progress'
|
||||
run_once: true
|
||||
set_stats:
|
||||
data:
|
||||
installer_phase_ceph_nfs:
|
||||
status: "In Progress"
|
||||
start: "{{ lookup('pipe', 'date +%Y%m%d%H%M%SZ') }}"
|
||||
|
||||
- import_role:
|
||||
name: ceph-defaults
|
||||
tags: ['ceph_update_config']
|
||||
- import_role:
|
||||
name: ceph-facts
|
||||
tags: ['ceph_update_config']
|
||||
- import_role:
|
||||
name: ceph-handler
|
||||
tags: ['ceph_update_config']
|
||||
- import_role:
|
||||
name: ceph-config
|
||||
tags: ['ceph_update_config']
|
||||
- import_role:
|
||||
name: ceph-nfs
|
||||
|
||||
# post-tasks for following imports -
|
||||
- name: set ceph nfs install 'Complete'
|
||||
run_once: true
|
||||
set_stats:
|
||||
data:
|
||||
installer_phase_ceph_nfs:
|
||||
status: "Complete"
|
||||
end: "{{ lookup('pipe', 'date +%Y%m%d%H%M%SZ') }}"
|
||||
|
||||
- hosts: rbdmirrors
|
||||
become: True
|
||||
gather_facts: false
|
||||
|
|
|
@ -16,6 +16,7 @@
|
|||
- osds
|
||||
- mdss
|
||||
- rgws
|
||||
- nfss
|
||||
- rbdmirrors
|
||||
- clients
|
||||
- mgrs
|
||||
|
@ -317,6 +318,44 @@
|
|||
status: "Complete"
|
||||
end: "{{ lookup('pipe', 'date +%Y%m%d%H%M%SZ') }}"
|
||||
|
||||
- hosts: nfss
|
||||
gather_facts: false
|
||||
become: True
|
||||
any_errors_fatal: true
|
||||
pre_tasks:
|
||||
- name: set ceph nfs install 'In Progress'
|
||||
run_once: true
|
||||
set_stats:
|
||||
data:
|
||||
installer_phase_ceph_nfs:
|
||||
status: "In Progress"
|
||||
start: "{{ lookup('pipe', 'date +%Y%m%d%H%M%SZ') }}"
|
||||
|
||||
tasks:
|
||||
- import_role:
|
||||
name: ceph-defaults
|
||||
tags: ['ceph_update_config']
|
||||
- import_role:
|
||||
name: ceph-facts
|
||||
tags: ['ceph_update_config']
|
||||
- import_role:
|
||||
name: ceph-handler
|
||||
tags: ['ceph_update_config']
|
||||
- import_role:
|
||||
name: ceph-config
|
||||
tags: ['ceph_update_config']
|
||||
- import_role:
|
||||
name: ceph-nfs
|
||||
|
||||
post_tasks:
|
||||
- name: set ceph nfs install 'Complete'
|
||||
run_once: true
|
||||
set_stats:
|
||||
data:
|
||||
installer_phase_ceph_nfs:
|
||||
status: "Complete"
|
||||
end: "{{ lookup('pipe', 'date +%Y%m%d%H%M%SZ') }}"
|
||||
|
||||
- hosts: rbdmirrors
|
||||
gather_facts: false
|
||||
become: True
|
||||
|
|
|
@ -168,11 +168,11 @@ def node(host, request):
|
|||
if request.node.get_closest_marker('rbdmirror_secondary') and not ceph_rbd_mirror_remote_user: # noqa E501
|
||||
pytest.skip('Not a valid test for a non-secondary rbd-mirror node')
|
||||
|
||||
if request.node.get_closest_marker('ceph_crash') and sanitized_group_names in [['clients'], ['monitoring']]:
|
||||
pytest.skip('Not a valid test for client nodes')
|
||||
if request.node.get_closest_marker('ceph_crash') and sanitized_group_names in [['nfss'], ['clients'], ['monitoring']]:
|
||||
pytest.skip('Not a valid test for nfs or client nodes')
|
||||
|
||||
if request.node.get_closest_marker('ceph_exporter') and sanitized_group_names in [['clients'], ['monitoring']]:
|
||||
pytest.skip('Not a valid test for client nodes')
|
||||
if request.node.get_closest_marker('ceph_exporter') and sanitized_group_names in [['nfss'], ['clients'], ['monitoring']]:
|
||||
pytest.skip('Not a valid test for nfs or client nodes')
|
||||
|
||||
if request.node.get_closest_marker("no_docker") and docker:
|
||||
pytest.skip(
|
||||
|
@ -215,6 +215,8 @@ def pytest_collection_modifyitems(session, config, items):
|
|||
item.add_marker(pytest.mark.rbdmirrors)
|
||||
elif "rgw" in test_path:
|
||||
item.add_marker(pytest.mark.rgws)
|
||||
elif "nfs" in test_path:
|
||||
item.add_marker(pytest.mark.nfss)
|
||||
elif "grafana" in test_path:
|
||||
item.add_marker(pytest.mark.grafanas)
|
||||
else:
|
||||
|
|
|
@ -8,6 +8,7 @@ mon_vms: 1
|
|||
osd_vms: 1
|
||||
mds_vms: 1
|
||||
rgw_vms: 0
|
||||
nfs_vms: 0
|
||||
grafana_server_vms: 0
|
||||
rbd_mirror_vms: 0
|
||||
client_vms: 0
|
||||
|
|
|
@ -8,6 +8,7 @@ mon_vms: 1
|
|||
osd_vms: 1
|
||||
mds_vms: 1
|
||||
rgw_vms: 0
|
||||
nfs_vms: 0
|
||||
grafana_server_vms: 0
|
||||
rbd_mirror_vms: 0
|
||||
client_vms: 0
|
||||
|
|
|
@ -8,6 +8,7 @@ mon_vms: 1
|
|||
osd_vms: 1
|
||||
mds_vms: 0
|
||||
rgw_vms: 0
|
||||
nfs_vms: 0
|
||||
grafana_server_vms: 0
|
||||
rbd_mirror_vms: 0
|
||||
client_vms: 0
|
||||
|
|
|
@ -8,6 +8,7 @@ mon_vms: 1
|
|||
osd_vms: 1
|
||||
mds_vms: 0
|
||||
rgw_vms: 0
|
||||
nfs_vms: 0
|
||||
grafana_server_vms: 0
|
||||
rbd_mirror_vms: 0
|
||||
client_vms: 0
|
||||
|
|
|
@ -8,6 +8,7 @@ mon_vms: 2
|
|||
osd_vms: 1
|
||||
mds_vms: 0
|
||||
rgw_vms: 0
|
||||
nfs_vms: 0
|
||||
grafana_server_vms: 0
|
||||
rbd_mirror_vms: 0
|
||||
client_vms: 0
|
||||
|
|
|
@ -8,6 +8,7 @@ mon_vms: 2
|
|||
osd_vms: 1
|
||||
mds_vms: 0
|
||||
rgw_vms: 0
|
||||
nfs_vms: 0
|
||||
grafana_server_vms: 0
|
||||
rbd_mirror_vms: 0
|
||||
client_vms: 0
|
||||
|
|
|
@ -8,6 +8,7 @@ mon_vms: 1
|
|||
osd_vms: 2
|
||||
mds_vms: 0
|
||||
rgw_vms: 0
|
||||
nfs_vms: 0
|
||||
grafana_server_vms: 0
|
||||
rbd_mirror_vms: 0
|
||||
client_vms: 0
|
||||
|
|
|
@ -8,6 +8,7 @@ mon_vms: 1
|
|||
osd_vms: 2
|
||||
mds_vms: 0
|
||||
rgw_vms: 0
|
||||
nfs_vms: 0
|
||||
grafana_server_vms: 0
|
||||
rbd_mirror_vms: 0
|
||||
client_vms: 0
|
||||
|
|
|
@ -8,6 +8,7 @@ mon_vms: 1
|
|||
osd_vms: 1
|
||||
mds_vms: 0
|
||||
rgw_vms: 0
|
||||
nfs_vms: 0
|
||||
grafana_server_vms: 0
|
||||
rbd_mirror_vms: 1
|
||||
client_vms: 0
|
||||
|
|
|
@ -8,6 +8,7 @@ mon_vms: 1
|
|||
osd_vms: 1
|
||||
mds_vms: 0
|
||||
rgw_vms: 0
|
||||
nfs_vms: 0
|
||||
grafana_server_vms: 0
|
||||
rbd_mirror_vms: 1
|
||||
client_vms: 0
|
||||
|
|
|
@ -8,6 +8,7 @@ mon_vms: 1
|
|||
osd_vms: 1
|
||||
mds_vms: 0
|
||||
rgw_vms: 1
|
||||
nfs_vms: 0
|
||||
grafana_server_vms: 0
|
||||
rbd_mirror_vms: 0
|
||||
client_vms: 0
|
||||
|
|
|
@ -8,6 +8,7 @@ mon_vms: 1
|
|||
osd_vms: 1
|
||||
mds_vms: 0
|
||||
rgw_vms: 1
|
||||
nfs_vms: 0
|
||||
grafana_server_vms: 0
|
||||
rbd_mirror_vms: 0
|
||||
client_vms: 0
|
||||
|
|
|
@ -8,6 +8,7 @@ mon_vms: 0
|
|||
osd_vms: 3
|
||||
mds_vms: 0
|
||||
rgw_vms: 0
|
||||
nfs_vms: 0
|
||||
grafana_server_vms: 0
|
||||
rbd_mirror_vms: 0
|
||||
client_vms: 0
|
||||
|
|
|
@ -4,6 +4,7 @@ mon_vms: 0
|
|||
osd_vms: 3
|
||||
mds_vms: 0
|
||||
rgw_vms: 0
|
||||
nfs_vms: 0
|
||||
grafana_server_vms: 0
|
||||
rbd_mirror_vms: 0
|
||||
client_vms: 0
|
||||
|
|
|
@ -19,6 +19,9 @@ mds2
|
|||
[rgws]
|
||||
rgw0
|
||||
|
||||
#[nfss]
|
||||
#nfs0
|
||||
|
||||
[clients]
|
||||
client0
|
||||
client1
|
||||
|
|
|
@ -8,6 +8,7 @@ mon_vms: 3
|
|||
osd_vms: 3
|
||||
mds_vms: 3
|
||||
rgw_vms: 1
|
||||
nfs_vms: 0
|
||||
grafana_server_vms: 0
|
||||
rbd_mirror_vms: 1
|
||||
client_vms: 2
|
||||
|
|
|
@ -0,0 +1,10 @@
|
|||
copy_admin_key: true
|
||||
nfs_file_gw: false
|
||||
nfs_obj_gw: true
|
||||
ganesha_conf_overrides: |
|
||||
CACHEINODE {
|
||||
Entries_HWMark = 100000;
|
||||
}
|
||||
nfs_ganesha_stable: false
|
||||
nfs_ganesha_dev: true
|
||||
nfs_ganesha_flavor: "ceph_main"
|
|
@ -23,6 +23,9 @@ rgw0
|
|||
client0
|
||||
client1
|
||||
|
||||
#[nfss]
|
||||
#nfs0
|
||||
|
||||
[rbdmirrors]
|
||||
rbd-mirror0
|
||||
|
||||
|
|
|
@ -8,6 +8,7 @@ mon_vms: 3
|
|||
osd_vms: 3
|
||||
mds_vms: 3
|
||||
rgw_vms: 1
|
||||
nfs_vms: 0
|
||||
grafana_server_vms: 0
|
||||
rbd_mirror_vms: 1
|
||||
client_vms: 2
|
||||
|
|
|
@ -19,6 +19,9 @@ mds2
|
|||
[rgws]
|
||||
rgw0
|
||||
|
||||
#[nfss]
|
||||
#nfs0
|
||||
|
||||
[clients]
|
||||
client0
|
||||
client1
|
||||
|
|
|
@ -8,6 +8,7 @@ mon_vms: 3
|
|||
osd_vms: 3
|
||||
mds_vms: 3
|
||||
rgw_vms: 1
|
||||
nfs_vms: 0
|
||||
grafana_server_vms: 0
|
||||
rbd_mirror_vms: 1
|
||||
client_vms: 2
|
||||
|
|
|
@ -0,0 +1,10 @@
|
|||
copy_admin_key: true
|
||||
nfs_file_gw: false
|
||||
nfs_obj_gw: true
|
||||
ganesha_conf_overrides: |
|
||||
CACHEINODE {
|
||||
Entries_HWMark = 100000;
|
||||
}
|
||||
nfs_ganesha_stable: true
|
||||
nfs_ganesha_dev: false
|
||||
nfs_ganesha_flavor: "ceph_main"
|
|
@ -23,6 +23,9 @@ rgw0
|
|||
client0
|
||||
client1
|
||||
|
||||
#[nfss]
|
||||
#nfs0
|
||||
|
||||
[rbdmirrors]
|
||||
rbd-mirror0
|
||||
|
||||
|
|
|
@ -8,6 +8,7 @@ mon_vms: 3
|
|||
osd_vms: 3
|
||||
mds_vms: 3
|
||||
rgw_vms: 1
|
||||
nfs_vms: 0
|
||||
grafana_server_vms: 0
|
||||
rbd_mirror_vms: 1
|
||||
client_vms: 2
|
||||
|
|
|
@ -18,6 +18,9 @@ mds0
|
|||
[rgws]
|
||||
rgw0
|
||||
|
||||
[nfss]
|
||||
nfs0
|
||||
|
||||
[rbdmirrors]
|
||||
rbd-mirror0
|
||||
|
||||
|
|
|
@ -8,6 +8,7 @@ mon_vms: 3
|
|||
osd_vms: 2
|
||||
mds_vms: 1
|
||||
rgw_vms: 1
|
||||
nfs_vms: 1
|
||||
grafana_server_vms: 0
|
||||
rbd_mirror_vms: 1
|
||||
client_vms: 0
|
||||
|
|
|
@ -19,5 +19,9 @@ mds0
|
|||
rgw0
|
||||
mds0
|
||||
|
||||
#[nfss]
|
||||
#rgw0
|
||||
#mds0
|
||||
|
||||
[monitoring]
|
||||
mon0
|
||||
mon0
|
|
@ -8,6 +8,7 @@ mon_vms: 3
|
|||
osd_vms: 2
|
||||
mds_vms: 1
|
||||
rgw_vms: 1
|
||||
nfs_vms: 0
|
||||
grafana_server_vms: 0
|
||||
rbd_mirror_vms: 0
|
||||
client_vms: 0
|
||||
|
|
|
@ -20,5 +20,9 @@ mds0
|
|||
rgw0
|
||||
mds0
|
||||
|
||||
#[nfss]
|
||||
#rgw0
|
||||
#mds0
|
||||
|
||||
[monitoring]
|
||||
mon0
|
||||
mon0
|
|
@ -4,6 +4,7 @@ mon_vms: 3
|
|||
osd_vms: 2
|
||||
mds_vms: 1
|
||||
rgw_vms: 1
|
||||
nfs_vms: 0
|
||||
grafana_server_vms: 0
|
||||
rbd_mirror_vms: 0
|
||||
client_vms: 0
|
||||
|
|
|
@ -17,6 +17,20 @@
|
|||
regexp: "ceph_repository:.*"
|
||||
replace: "ceph_repository: dev"
|
||||
dest: "{{ group_vars_path }}/all"
|
||||
|
||||
- block:
|
||||
- name: ensure nfs_ganesha_stable is set to False
|
||||
replace:
|
||||
regexp: "nfs_ganesha_stable:.*"
|
||||
replace: "nfs_ganesha_stable: false"
|
||||
dest: "{{ group_vars_path }}/nfss"
|
||||
|
||||
- name: ensure nfs_ganesha_dev is set to True
|
||||
replace:
|
||||
regexp: "nfs_ganesha_dev:.*"
|
||||
replace: "nfs_ganesha_dev: true"
|
||||
dest: "{{ group_vars_path }}/nfss"
|
||||
when: "'all_daemons' in group_vars_path.split('/')"
|
||||
when: change_dir is defined
|
||||
|
||||
- name: print contents of {{ group_vars_path }}/all
|
||||
|
|
|
@ -8,6 +8,7 @@ mon_vms: 1
|
|||
osd_vms: 1
|
||||
mds_vms: 0
|
||||
rgw_vms: 0
|
||||
nfs_vms: 0
|
||||
grafana_server_vms: 0
|
||||
rbd_mirror_vms: 0
|
||||
client_vms: 0
|
||||
|
|
|
@ -8,6 +8,7 @@ mon_vms: 3
|
|||
osd_vms: 0
|
||||
mds_vms: 0
|
||||
rgw_vms: 0
|
||||
nfs_vms: 0
|
||||
grafana_server_vms: 0
|
||||
rbd_mirror_vms: 0
|
||||
client_vms: 2
|
||||
|
|
|
@ -4,6 +4,7 @@ mon_vms: 3
|
|||
osd_vms: 0
|
||||
mds_vms: 0
|
||||
rgw_vms: 0
|
||||
nfs_vms: 0
|
||||
grafana_server_vms: 0
|
||||
rbd_mirror_vms: 0
|
||||
client_vms: 2
|
||||
|
|
|
@ -8,6 +8,7 @@ mon_vms: 0
|
|||
osd_vms: 1
|
||||
mds_vms: 0
|
||||
rgw_vms: 0
|
||||
nfs_vms: 0
|
||||
grafana_server_vms: 0
|
||||
rbd_mirror_vms: 0
|
||||
client_vms: 0
|
||||
|
|
|
@ -8,6 +8,7 @@ mon_vms: 1
|
|||
osd_vms: 1
|
||||
mds_vms: 0
|
||||
rgw_vms: 0
|
||||
nfs_vms: 0
|
||||
grafana_server_vms: 0
|
||||
rbd_mirror_vms: 0
|
||||
client_vms: 0
|
||||
|
|
|
@ -8,6 +8,7 @@ mon_vms: 1
|
|||
osd_vms: 1
|
||||
mds_vms: 0
|
||||
rgw_vms: 0
|
||||
nfs_vms: 0
|
||||
grafana_server_vms: 0
|
||||
rbd_mirror_vms: 0
|
||||
client_vms: 0
|
||||
|
|
|
@ -8,6 +8,7 @@ mon_vms: 1
|
|||
osd_vms: 1
|
||||
mds_vms: 0
|
||||
rgw_vms: 0
|
||||
nfs_vms: 0
|
||||
grafana_server_vms: 0
|
||||
rbd_mirror_vms: 0
|
||||
client_vms: 0
|
||||
|
|
|
@ -8,6 +8,7 @@ mon_vms: 1
|
|||
osd_vms: 1
|
||||
mds_vms: 0
|
||||
rgw_vms: 0
|
||||
nfs_vms: 0
|
||||
grafana_server_vms: 0
|
||||
rbd_mirror_vms: 0
|
||||
client_vms: 0
|
||||
|
|
|
@ -8,6 +8,7 @@ mon_vms: 1
|
|||
osd_vms: 4
|
||||
mds_vms: 0
|
||||
rgw_vms: 0
|
||||
nfs_vms: 0
|
||||
grafana_server_vms: 0
|
||||
rbd_mirror_vms: 0
|
||||
client_vms: 0
|
||||
|
|
|
@ -8,6 +8,7 @@ mon_vms: 1
|
|||
osd_vms: 4
|
||||
mds_vms: 0
|
||||
rgw_vms: 0
|
||||
nfs_vms: 0
|
||||
grafana_server_vms: 0
|
||||
rbd_mirror_vms: 0
|
||||
client_vms: 0
|
||||
|
|
|
@ -8,6 +8,7 @@ mon_vms: 3
|
|||
osd_vms: 1
|
||||
mds_vms: 0
|
||||
rgw_vms: 0
|
||||
nfs_vms: 0
|
||||
grafana_server_vms: 0
|
||||
rbd_mirror_vms: 0
|
||||
client_vms: 0
|
||||
|
|
|
@ -13,7 +13,10 @@ mds0
|
|||
[rgws]
|
||||
rgw0
|
||||
|
||||
clients]
|
||||
#[nfss]
|
||||
#nfs0
|
||||
|
||||
[clients]
|
||||
client0
|
||||
client1
|
||||
|
||||
|
@ -24,4 +27,4 @@ rbd-mirror0
|
|||
mon0
|
||||
|
||||
#[all:vars]
|
||||
#ansible_python_interpreter=/usr/bin/python3
|
||||
#ansible_python_interpreter=/usr/bin/python3
|
|
@ -8,6 +8,7 @@ mon_vms: 3
|
|||
osd_vms: 2
|
||||
mds_vms: 1
|
||||
rgw_vms: 1
|
||||
nfs_vms: 0
|
||||
grafana_server_vms: 0
|
||||
rbd_mirror_vms: 1
|
||||
client_vms: 2
|
||||
|
|
|
@ -8,6 +8,7 @@ mon_vms: 1
|
|||
osd_vms: 1
|
||||
mds_vms: 0
|
||||
rgw_vms: 0
|
||||
nfs_vms: 0
|
||||
grafana_server_vms: 0
|
||||
rbd_mirror_vms: 0
|
||||
client_vms: 0
|
||||
|
|
|
@ -8,6 +8,7 @@ mon_vms: 1
|
|||
osd_vms: 1
|
||||
mds_vms: 0
|
||||
rgw_vms: 0
|
||||
nfs_vms: 0
|
||||
grafana_server_vms: 0
|
||||
rbd_mirror_vms: 0
|
||||
client_vms: 0
|
||||
|
|
|
@ -8,6 +8,7 @@ mon_vms: 1
|
|||
osd_vms: 1
|
||||
mds_vms: 0
|
||||
rgw_vms: 0
|
||||
nfs_vms: 0
|
||||
grafana_server_vms: 0
|
||||
rbd_mirror_vms: 0
|
||||
client_vms: 0
|
||||
|
|
|
@ -8,6 +8,7 @@ mon_vms: 1
|
|||
osd_vms: 1
|
||||
mds_vms: 0
|
||||
rgw_vms: 0
|
||||
nfs_vms: 0
|
||||
grafana_server_vms: 0
|
||||
rbd_mirror_vms: 0
|
||||
client_vms: 0
|
||||
|
|
|
@ -8,6 +8,7 @@ mon_vms: 1
|
|||
osd_vms: 1
|
||||
mds_vms: 1
|
||||
rgw_vms: 0
|
||||
nfs_vms: 0
|
||||
grafana_server_vms: 0
|
||||
rbd_mirror_vms: 0
|
||||
client_vms: 0
|
||||
|
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue