mirror of https://github.com/ceph/ceph-ansible.git
Merge pull request #202 from leseb/refactor-mon-keys
Refactor keys creation and fetchingpull/204/head
Leseb
commit
5a0c8469c7
|
|
@ -139,7 +139,7 @@
|
|||
rgw dns name = {{ radosgw_dns_name }}
|
||||
{% endif %}
|
||||
host = {{ hostvars[host]['ansible_hostname'] }}
|
||||
keyring = /etc/ceph/keyring.radosgw.gateway
|
||||
keyring = /etc/ceph/radosgw.gateway.keyring
|
||||
rgw socket path = /tmp/radosgw.sock
|
||||
log file = /var/log/ceph/radosgw.log
|
||||
rgw data = /var/lib/ceph/radosgw/{{ hostvars[host]['ansible_hostname'] }}
|
||||
|
|
|
|||
|
|
@ -0,0 +1,39 @@
|
|||
---
|
||||
# Wait for mon discovery and quorum resolution
|
||||
# the admin key is not instantanely created so we have to wait a bit
|
||||
|
||||
- name: wait for client.admin key exists
|
||||
wait_for: path=/etc/ceph/ceph.client.admin.keyring
|
||||
|
||||
- name: Create RGW keyring
|
||||
command: ceph auth get-or-create client.radosgw.gateway osd 'allow rwx' mon 'allow rw' -o /etc/ceph/radosgw.gateway.keyring creates=/etc/ceph/radosgw.gateway.keyring
|
||||
when: cephx and radosgw
|
||||
changed_when: False
|
||||
|
||||
- include: openstack_config.yml
|
||||
when: openstack_config and cephx
|
||||
|
||||
- name: Find Ceph keys
|
||||
shell: ls -1 /etc/ceph/*.keyring
|
||||
register: ceph_keys
|
||||
when: cephx
|
||||
|
||||
- name: Copy keys to the ansible server
|
||||
fetch: >
|
||||
src={{ item }}
|
||||
dest=fetch/{{ fsid }}/{{ item }}
|
||||
flat=yes
|
||||
when: cephx
|
||||
with_items:
|
||||
- "{{ ceph_keys.stdout_lines }}"
|
||||
- /var/lib/ceph/bootstrap-osd/ceph.keyring
|
||||
- /var/lib/ceph/bootstrap-mds/ceph.keyring
|
||||
|
||||
- name: Drop in a motd script to report status when logging in
|
||||
copy: >
|
||||
src=precise/92-ceph
|
||||
dest=/etc/update-motd.d/92-ceph
|
||||
owner=root
|
||||
group=root
|
||||
mode=0755
|
||||
when: ansible_distribution_release == 'precise'
|
||||
|
|
@ -1,37 +1,3 @@
|
|||
---
|
||||
- include: deploy_monitors.yml
|
||||
|
||||
# Wait for mon discovery and quorum resolution
|
||||
# the admin key is not instantanely created so we have to wait a bit
|
||||
|
||||
- name: wait for client.admin key exists
|
||||
wait_for: path=/etc/ceph/ceph.client.admin.keyring
|
||||
|
||||
- name: Create RGW keyring
|
||||
command: ceph auth get-or-create client.radosgw.gateway osd 'allow rwx' mon 'allow rw' -o /etc/ceph/keyring.radosgw.gateway creates=/etc/ceph/keyring.radosgw.gateway
|
||||
when: cephx and radosgw
|
||||
changed_when: False
|
||||
|
||||
- include: openstack_config.yml
|
||||
when: openstack_config
|
||||
|
||||
- name: Copy keys to the ansible server
|
||||
fetch: >
|
||||
src={{ item }}
|
||||
dest=fetch/{{ fsid }}/{{ item }}
|
||||
flat=yes
|
||||
when: cephx
|
||||
with_items:
|
||||
- /etc/ceph/ceph.client.admin.keyring # just in case another application needs it
|
||||
- /var/lib/ceph/bootstrap-osd/ceph.keyring # this handles the non-colocation case
|
||||
- /var/lib/ceph/bootstrap-mds/ceph.keyring
|
||||
- /etc/ceph/keyring.radosgw.gateway
|
||||
|
||||
- name: Drop in a motd script to report status when logging in
|
||||
copy: >
|
||||
src=precise/92-ceph
|
||||
dest=/etc/update-motd.d/92-ceph
|
||||
owner=root
|
||||
group=root
|
||||
mode=0755
|
||||
when: ansible_distribution_release == 'precise'
|
||||
- include: ceph_keys.yml
|
||||
|
|
|
|||
|
|
@ -7,7 +7,8 @@
|
|||
- "{{ openstack_cinder_pool }}"
|
||||
- "{{ openstack_nova_pool }}"
|
||||
- "{{ openstack_cinder_backup_pool }}"
|
||||
ignore_errors: True
|
||||
|
||||
- name: Create OpenStack keys
|
||||
command: ceph auth get-or-create {{ item.name }} {{ item.value }} -o /etc/ceph/ceph.client.{{ item.name }}.keyring creates=/etc/ceph/ceph.client.{{ item.name }}.keyring
|
||||
command: ceph auth get-or-create {{ item.name }} {{ item.value }} -o /etc/ceph/ceph.{{ item.name }}.keyring creates=/etc/ceph/ceph.{{ item.name }}.keyring
|
||||
with_items: openstack_keys
|
||||
|
|
|
|||
Loading…
Reference in New Issue