diff --git a/group_vars/all.yml.sample b/group_vars/all.yml.sample index e9c9000d5..e7b021609 100644 --- a/group_vars/all.yml.sample +++ b/group_vars/all.yml.sample @@ -800,7 +800,7 @@ dummy: #client_connections: {} - +#no_log_on_ceph_key_tasks: True ############### # DEPRECATION # diff --git a/group_vars/rhcs.yml.sample b/group_vars/rhcs.yml.sample index 06ef04731..758dfac4c 100644 --- a/group_vars/rhcs.yml.sample +++ b/group_vars/rhcs.yml.sample @@ -800,7 +800,7 @@ alertmanager_container_image: registry.redhat.io/openshift4/ose-prometheus-alert #client_connections: {} - +#no_log_on_ceph_key_tasks: True ############### # DEPRECATION # diff --git a/roles/ceph-client/tasks/create_users_keys.yml b/roles/ceph-client/tasks/create_users_keys.yml index 047246ae1..f5be1a2ad 100644 --- a/roles/ceph-client/tasks/create_users_keys.yml +++ b/roles/ceph-client/tasks/create_users_keys.yml @@ -28,7 +28,7 @@ - cephx | bool - keys | length > 0 - inventory_hostname == groups.get('_filtered_clients') | first - no_log: true + no_log: "{{ no_log_on_ceph_key_tasks }}" - name: slurp client cephx key(s) slurp: @@ -40,7 +40,7 @@ - cephx | bool - keys | length > 0 - inventory_hostname == groups.get('_filtered_clients') | first - no_log: true + no_log: "{{ no_log_on_ceph_key_tasks }}" - name: pool related tasks when: @@ -81,5 +81,5 @@ group: "{{ ceph_uid }}" with_items: "{{ hostvars[groups['_filtered_clients'][0]]['slurp_client_keys']['results'] }}" when: not item.get('skipped', False) - no_log: true + no_log: "{{ no_log_on_ceph_key_tasks }}" diff --git a/roles/ceph-client/tasks/pre_requisite.yml b/roles/ceph-client/tasks/pre_requisite.yml index 1f144f776..46cbcc05a 100644 --- a/roles/ceph-client/tasks/pre_requisite.yml +++ b/roles/ceph-client/tasks/pre_requisite.yml @@ -11,6 +11,7 @@ when: - cephx | bool - item.copy_key | bool + no_log: "{{ no_log_on_ceph_key_tasks }}" - name: copy ceph key(s) if needed copy: @@ -22,5 +23,5 @@ with_items: "{{ _client_keys.results }}" when: - item.item.copy_key | bool - no_log: true + no_log: "{{ no_log_on_ceph_key_tasks }}" when: cephx | bool diff --git a/roles/ceph-crash/tasks/main.yml b/roles/ceph-crash/tasks/main.yml index 89536f4d5..6db902886 100644 --- a/roles/ceph-crash/tasks/main.yml +++ b/roles/ceph-crash/tasks/main.yml @@ -19,6 +19,7 @@ CEPH_CONTAINER_BINARY: "{{ container_binary }}" delegate_to: "{{ groups.get(mon_group_name, [])[0] }}" run_once: True + no_log: "{{ no_log_on_ceph_key_tasks }}" - name: enforce container_binary on first monitor import_role: @@ -42,6 +43,7 @@ check_mode: False changed_when: False run_once: true + no_log: "{{ no_log_on_ceph_key_tasks }}" - name: copy ceph key(s) if needed copy: @@ -50,7 +52,7 @@ owner: "{{ ceph_uid if containerized_deployment else 'ceph' }}" group: "{{ ceph_uid if containerized_deployment else 'ceph' }}" mode: "{{ ceph_keyring_permissions }}" - no_log: true + no_log: "{{ no_log_on_ceph_key_tasks }}" - name: start ceph-crash daemon when: containerized_deployment | bool diff --git a/roles/ceph-defaults/defaults/main.yml b/roles/ceph-defaults/defaults/main.yml index c38bb9c80..5dd478ea7 100644 --- a/roles/ceph-defaults/defaults/main.yml +++ b/roles/ceph-defaults/defaults/main.yml @@ -792,7 +792,7 @@ rbd_devices: {} client_connections: {} - +no_log_on_ceph_key_tasks: True ############### # DEPRECATION # diff --git a/roles/ceph-iscsi-gw/tasks/common.yml b/roles/ceph-iscsi-gw/tasks/common.yml index ceafd0466..600a80950 100644 --- a/roles/ceph-iscsi-gw/tasks/common.yml +++ b/roles/ceph-iscsi-gw/tasks/common.yml @@ -9,6 +9,7 @@ when: - cephx | bool - item.copy_key | bool + no_log: "{{ no_log_on_ceph_key_tasks }}" - name: copy ceph key(s) if needed copy: @@ -21,7 +22,7 @@ when: - cephx | bool - item.item.copy_key | bool - no_log: true + no_log: "{{ no_log_on_ceph_key_tasks }}" - name: add mgr ip address to trusted list with dashboard - ipv4 set_fact: diff --git a/roles/ceph-mds/tasks/common.yml b/roles/ceph-mds/tasks/common.yml index 48d90d279..01b94b871 100644 --- a/roles/ceph-mds/tasks/common.yml +++ b/roles/ceph-mds/tasks/common.yml @@ -21,6 +21,7 @@ when: - cephx | bool - item.copy_key | bool + no_log: "{{ no_log_on_ceph_key_tasks }}" - name: copy ceph key(s) if needed copy: @@ -33,5 +34,5 @@ when: - cephx | bool - item.item.copy_key | bool - no_log: true + no_log: "{{ no_log_on_ceph_key_tasks }}" diff --git a/roles/ceph-mds/tasks/non_containerized.yml b/roles/ceph-mds/tasks/non_containerized.yml index 55d0521df..7aaf15423 100644 --- a/roles/ceph-mds/tasks/non_containerized.yml +++ b/roles/ceph-mds/tasks/non_containerized.yml @@ -25,6 +25,7 @@ args: creates: /var/lib/ceph/mds/{{ cluster }}-{{ ansible_facts['hostname'] }}/keyring changed_when: false + no_log: "{{ no_log_on_ceph_key_tasks }}" when: cephx - name: set mds key permissions diff --git a/roles/ceph-mgr/tasks/common.yml b/roles/ceph-mgr/tasks/common.yml index 87f8f7c9a..c9a92927a 100644 --- a/roles/ceph-mgr/tasks/common.yml +++ b/roles/ceph-mgr/tasks/common.yml @@ -24,6 +24,7 @@ CEPH_CONTAINER_IMAGE: "{{ ceph_docker_registry + '/' + ceph_docker_image + ':' + ceph_docker_image_tag if containerized_deployment else None }}" CEPH_CONTAINER_BINARY: "{{ container_binary }}" when: groups.get(mgr_group_name, []) | length == 0 # the key is present already since one of the mons created it in "create ceph mgr keyring(s)" + no_log: "{{ no_log_on_ceph_key_tasks }}" - name: create and copy keyrings when: groups.get(mgr_group_name, []) | length > 0 @@ -46,6 +47,7 @@ with_items: "{{ groups.get(mgr_group_name, []) }}" run_once: True delegate_to: "{{ groups[mon_group_name][0] }}" + no_log: "{{ no_log_on_ceph_key_tasks }}" - name: set_fact _mgr_keys set_fact: @@ -61,6 +63,7 @@ when: - cephx | bool - item.copy_key | bool + no_log: "{{ no_log_on_ceph_key_tasks }}" - name: copy ceph key(s) if needed copy: @@ -74,7 +77,7 @@ - cephx | bool - item is not skipped - item.item.copy_key | bool - no_log: true + no_log: "{{ no_log_on_ceph_key_tasks }}" - name: set mgr key permissions file: diff --git a/roles/ceph-mon/tasks/ceph_keys.yml b/roles/ceph-mon/tasks/ceph_keys.yml index ff4640b1f..102d35b8a 100644 --- a/roles/ceph-mon/tasks/ceph_keys.yml +++ b/roles/ceph-mon/tasks/ceph_keys.yml @@ -27,5 +27,6 @@ CEPH_CONTAINER_IMAGE: "{{ ceph_docker_registry + '/' + ceph_docker_image + ':' + ceph_docker_image_tag if containerized_deployment else None }}" CEPH_CONTAINER_BINARY: "{{ container_binary }}" CEPH_ROLLING_UPDATE: "{{ rolling_update }}" + no_log: "{{ no_log_on_ceph_key_tasks }}" when: - cephx | bool diff --git a/roles/ceph-mon/tasks/deploy_monitors.yml b/roles/ceph-mon/tasks/deploy_monitors.yml index c76a64625..1a8031203 100644 --- a/roles/ceph-mon/tasks/deploy_monitors.yml +++ b/roles/ceph-mon/tasks/deploy_monitors.yml @@ -16,6 +16,7 @@ run_once: True delegate_to: "{{ running_mon }}" failed_when: initial_mon_key.rc not in [0, 2] + no_log: "{{ no_log_on_ceph_key_tasks }}" when: running_mon is defined - name: generate monitor initial keyring @@ -25,6 +26,7 @@ delegate_to: localhost become: false run_once: true + no_log: "{{ no_log_on_ceph_key_tasks }}" when: - initial_mon_key is skipped or @@ -51,6 +53,7 @@ owner: "{{ ceph_uid if containerized_deployment else 'ceph' }}" group: "{{ ceph_uid if containerized_deployment else 'ceph' }}" mode: "0400" + no_log: "{{ no_log_on_ceph_key_tasks }}" environment: CEPH_CONTAINER_IMAGE: "{{ ceph_docker_registry + '/' + ceph_docker_image + ':' + ceph_docker_image_tag if containerized_deployment else None }}" CEPH_CONTAINER_BINARY: "{{ container_binary }}" @@ -97,6 +100,7 @@ CEPH_CONTAINER_IMAGE: "{{ ceph_docker_registry + '/' + ceph_docker_image + ':' + ceph_docker_image_tag if containerized_deployment else None }}" CEPH_CONTAINER_BINARY: "{{ container_binary }}" register: create_custom_admin_secret + no_log: "{{ no_log_on_ceph_key_tasks }}" when: - cephx | bool - admin_secret != 'admin_secret' diff --git a/roles/ceph-nfs/tasks/main.yml b/roles/ceph-nfs/tasks/main.yml index 186fb0f52..164414c4c 100644 --- a/roles/ceph-nfs/tasks/main.yml +++ b/roles/ceph-nfs/tasks/main.yml @@ -75,7 +75,7 @@ when: - not item.0.get('skipped', False) - item.0.item.name == 'client.' + ceph_nfs_ceph_user or item.0.item.name == rgw_client_name - no_log: true + no_log: "{{ no_log_on_ceph_key_tasks }}" - name: include start_nfs.yml import_tasks: start_nfs.yml diff --git a/roles/ceph-nfs/tasks/pre_requisite_container.yml b/roles/ceph-nfs/tasks/pre_requisite_container.yml index b64301e53..4e349fa37 100644 --- a/roles/ceph-nfs/tasks/pre_requisite_container.yml +++ b/roles/ceph-nfs/tasks/pre_requisite_container.yml @@ -20,6 +20,7 @@ when: - cephx | bool - item.copy_key | bool + no_log: "{{ no_log_on_ceph_key_tasks }}" - name: copy ceph key(s) if needed copy: @@ -32,7 +33,7 @@ when: - cephx | bool - item.item.copy_key | bool - no_log: true + no_log: "{{ no_log_on_ceph_key_tasks }}" when: groups.get(mon_group_name, []) | length > 0 - name: dbus related tasks diff --git a/roles/ceph-nfs/tasks/pre_requisite_non_container.yml b/roles/ceph-nfs/tasks/pre_requisite_non_container.yml index 1856ce321..1118c6f44 100644 --- a/roles/ceph-nfs/tasks/pre_requisite_non_container.yml +++ b/roles/ceph-nfs/tasks/pre_requisite_non_container.yml @@ -58,6 +58,7 @@ when: - cephx | bool - item.copy_key | bool + no_log: "{{ no_log_on_ceph_key_tasks }}" - name: copy ceph key(s) if needed copy: @@ -70,7 +71,7 @@ when: - cephx | bool - item.item.copy_key | bool - no_log: true + no_log: "{{ no_log_on_ceph_key_tasks }}" - name: nfs object gateway related tasks when: nfs_obj_gw | bool @@ -80,6 +81,7 @@ args: creates: /var/lib/ceph/radosgw/{{ cluster }}-rgw.{{ ansible_facts['hostname'] }}/keyring changed_when: false + no_log: "{{ no_log_on_ceph_key_tasks }}" - name: set rados gateway key permissions file: diff --git a/roles/ceph-osd/tasks/common.yml b/roles/ceph-osd/tasks/common.yml index 40f01b6c2..8966645af 100644 --- a/roles/ceph-osd/tasks/common.yml +++ b/roles/ceph-osd/tasks/common.yml @@ -19,6 +19,7 @@ - { name: "client.admin", path: "/etc/ceph/{{ cluster }}.client.admin.keyring", copy_key: "{{ copy_admin_key }}" } delegate_to: "{{ groups.get(mon_group_name)[0] }}" run_once: true + no_log: "{{ no_log_on_ceph_key_tasks }}" when: - cephx | bool - item.copy_key | bool @@ -35,5 +36,5 @@ - cephx | bool - item is not skipped - item.item.copy_key | bool - no_log: true + no_log: "{{ no_log_on_ceph_key_tasks }}" diff --git a/roles/ceph-osd/tasks/openstack_config.yml b/roles/ceph-osd/tasks/openstack_config.yml index 52441cf23..f7e3537f2 100644 --- a/roles/ceph-osd/tasks/openstack_config.yml +++ b/roles/ceph-osd/tasks/openstack_config.yml @@ -35,6 +35,7 @@ CEPH_CONTAINER_BINARY: "{{ container_binary }}" with_items: "{{ openstack_keys }}" delegate_to: "{{ groups[mon_group_name][0] }}" + no_log: "{{ no_log_on_ceph_key_tasks }}" - name: get keys from monitors command: "{{ hostvars[groups[mon_group_name][0]]['container_exec_cmd'] | default('') }} ceph --cluster {{ cluster }} auth get {{ item.name }}" @@ -42,6 +43,7 @@ with_items: "{{ openstack_keys }}" run_once: true delegate_to: "{{ groups.get(mon_group_name)[0] }}" + no_log: "{{ no_log_on_ceph_key_tasks }}" - name: copy ceph key(s) if needed copy: @@ -54,7 +56,7 @@ - "{{ _osp_keys.results }}" - "{{ groups[mon_group_name] }}" delegate_to: "{{ item.1 }}" - no_log: true + no_log: "{{ no_log_on_ceph_key_tasks }}" when: - cephx | bool - openstack_config | bool diff --git a/roles/ceph-rbd-mirror/tasks/common.yml b/roles/ceph-rbd-mirror/tasks/common.yml index 4de1bc7d1..978ccad84 100644 --- a/roles/ceph-rbd-mirror/tasks/common.yml +++ b/roles/ceph-rbd-mirror/tasks/common.yml @@ -10,6 +10,7 @@ when: - cephx | bool - item.copy_key | bool + no_log: "{{ no_log_on_ceph_key_tasks }}" - name: copy ceph key(s) if needed copy: @@ -22,7 +23,7 @@ when: - cephx | bool - item.item.copy_key | bool - no_log: true + no_log: "{{ no_log_on_ceph_key_tasks }}" - name: create rbd-mirror keyring command: > @@ -43,4 +44,5 @@ owner: "ceph" group: "ceph" mode: "{{ ceph_keyring_permissions }}" + no_log: "{{ no_log_on_ceph_key_tasks }}" when: not containerized_deployment | bool diff --git a/roles/ceph-rgw/tasks/common.yml b/roles/ceph-rgw/tasks/common.yml index a85161407..e9ef32de8 100644 --- a/roles/ceph-rgw/tasks/common.yml +++ b/roles/ceph-rgw/tasks/common.yml @@ -19,6 +19,7 @@ when: - cephx | bool - item.copy_key | bool + no_log: "{{ no_log_on_ceph_key_tasks }}" - name: copy ceph key(s) if needed copy: @@ -32,7 +33,7 @@ - cephx | bool - item is not skipped - item.item.copy_key | bool - no_log: true + no_log: "{{ no_log_on_ceph_key_tasks }}" - name: copy SSL certificate & key data to certificate path copy: diff --git a/roles/ceph-rgw/tasks/pre_requisite.yml b/roles/ceph-rgw/tasks/pre_requisite.yml index c10fbf5e3..af42f688f 100644 --- a/roles/ceph-rgw/tasks/pre_requisite.yml +++ b/roles/ceph-rgw/tasks/pre_requisite.yml @@ -13,6 +13,7 @@ owner: "ceph" group: "ceph" mode: "0600" + no_log: "{{ no_log_on_ceph_key_tasks }}" environment: CEPH_CONTAINER_IMAGE: "{{ ceph_docker_registry + '/' + ceph_docker_image + ':' + ceph_docker_image_tag if containerized_deployment else None }}" CEPH_CONTAINER_BINARY: "{{ container_binary }}"