From 9f93b66faed25b596378f934a89408f46a56fed8 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?S=C3=A9bastien=20Han?= <sebastien.han@enovance.com>
Date: Fri, 30 Jan 2015 16:16:18 +0100
Subject: [PATCH] Refactor keys creation and fetching
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

We isolated the key operations into a file and modified the fetch
function to collect all the new keys.
In the mean time fixed the pool creation since the command is not
indempotent.
Renamed the rgw key to work with the key collection.

Signed-off-by: Sébastien Han <sebastien.han@enovance.com>
---
 roles/ceph-common/templates/ceph.conf.j2  |  2 +-
 roles/ceph-mon/tasks/ceph_keys.yml        | 39 +++++++++++++++++++++++
 roles/ceph-mon/tasks/main.yml             | 36 +--------------------
 roles/ceph-mon/tasks/openstack_config.yml |  3 +-
 4 files changed, 43 insertions(+), 37 deletions(-)
 create mode 100644 roles/ceph-mon/tasks/ceph_keys.yml

diff --git a/roles/ceph-common/templates/ceph.conf.j2 b/roles/ceph-common/templates/ceph.conf.j2
index 63601ec1b..1b4572823 100644
--- a/roles/ceph-common/templates/ceph.conf.j2
+++ b/roles/ceph-common/templates/ceph.conf.j2
@@ -139,7 +139,7 @@
     rgw dns name = {{ radosgw_dns_name }}
   {% endif %}
   host = {{ hostvars[host]['ansible_hostname'] }}
-  keyring = /etc/ceph/keyring.radosgw.gateway
+  keyring = /etc/ceph/radosgw.gateway.keyring
   rgw socket path = /tmp/radosgw.sock
   log file = /var/log/ceph/radosgw.log
   rgw data = /var/lib/ceph/radosgw/{{ hostvars[host]['ansible_hostname'] }}
diff --git a/roles/ceph-mon/tasks/ceph_keys.yml b/roles/ceph-mon/tasks/ceph_keys.yml
new file mode 100644
index 000000000..060f1aa75
--- /dev/null
+++ b/roles/ceph-mon/tasks/ceph_keys.yml
@@ -0,0 +1,39 @@
+---
+# Wait for mon discovery and quorum resolution
+# the admin key is not instantanely created so we have to wait a bit
+
+- name: wait for client.admin key exists
+  wait_for: path=/etc/ceph/ceph.client.admin.keyring
+
+- name: Create RGW keyring
+  command: ceph auth get-or-create client.radosgw.gateway osd 'allow rwx' mon 'allow rw' -o /etc/ceph/radosgw.gateway.keyring creates=/etc/ceph/radosgw.gateway.keyring
+  when: cephx and radosgw
+  changed_when: False
+
+- include: openstack_config.yml
+  when: openstack_config and cephx
+
+- name: Find Ceph keys
+  shell: ls -1 /etc/ceph/*.keyring
+  register: ceph_keys
+  when: cephx
+
+- name: Copy keys to the ansible server
+  fetch: >
+    src={{ item }}
+    dest=fetch/{{ fsid }}/{{ item }}
+    flat=yes
+  when: cephx
+  with_items:
+    - "{{ ceph_keys.stdout_lines }}"
+    - /var/lib/ceph/bootstrap-osd/ceph.keyring
+    - /var/lib/ceph/bootstrap-mds/ceph.keyring
+
+- name: Drop in a motd script to report status when logging in
+  copy: >
+    src=precise/92-ceph
+    dest=/etc/update-motd.d/92-ceph
+    owner=root
+    group=root
+    mode=0755
+  when: ansible_distribution_release == 'precise'
diff --git a/roles/ceph-mon/tasks/main.yml b/roles/ceph-mon/tasks/main.yml
index 5dfe84c78..7077a7def 100644
--- a/roles/ceph-mon/tasks/main.yml
+++ b/roles/ceph-mon/tasks/main.yml
@@ -1,37 +1,3 @@
 ---
 - include: deploy_monitors.yml
-
-# Wait for mon discovery and quorum resolution
-# the admin key is not instantanely created so we have to wait a bit
-
-- name: wait for client.admin key exists
-  wait_for: path=/etc/ceph/ceph.client.admin.keyring
-
-- name: Create RGW keyring
-  command: ceph auth get-or-create client.radosgw.gateway osd 'allow rwx' mon 'allow rw' -o /etc/ceph/keyring.radosgw.gateway creates=/etc/ceph/keyring.radosgw.gateway
-  when: cephx and radosgw
-  changed_when: False
-
-- include: openstack_config.yml
-  when: openstack_config
-
-- name: Copy keys to the ansible server
-  fetch: >
-    src={{ item }}
-    dest=fetch/{{ fsid }}/{{ item }}
-    flat=yes
-  when: cephx
-  with_items:
-    - /etc/ceph/ceph.client.admin.keyring # just in case another application needs it
-    - /var/lib/ceph/bootstrap-osd/ceph.keyring # this handles the non-colocation case
-    - /var/lib/ceph/bootstrap-mds/ceph.keyring
-    - /etc/ceph/keyring.radosgw.gateway
-
-- name: Drop in a motd script to report status when logging in
-  copy: >
-    src=precise/92-ceph
-    dest=/etc/update-motd.d/92-ceph
-    owner=root
-    group=root
-    mode=0755
-  when: ansible_distribution_release == 'precise'
+- include: ceph_keys.yml
diff --git a/roles/ceph-mon/tasks/openstack_config.yml b/roles/ceph-mon/tasks/openstack_config.yml
index cc6e4b292..8d8566bc3 100644
--- a/roles/ceph-mon/tasks/openstack_config.yml
+++ b/roles/ceph-mon/tasks/openstack_config.yml
@@ -7,7 +7,8 @@
     - "{{ openstack_cinder_pool }}"
     - "{{ openstack_nova_pool }}"
     - "{{ openstack_cinder_backup_pool }}"
+  ignore_errors: True
 
 - name: Create OpenStack keys
-  command: ceph auth get-or-create {{ item.name }} {{ item.value }} -o /etc/ceph/ceph.client.{{ item.name }}.keyring creates=/etc/ceph/ceph.client.{{ item.name }}.keyring
+  command: ceph auth get-or-create {{ item.name }} {{ item.value }} -o /etc/ceph/ceph.{{ item.name }}.keyring creates=/etc/ceph/ceph.{{ item.name }}.keyring
   with_items: openstack_keys