diff --git a/roles/ceph-common/templates/ceph.conf.j2 b/roles/ceph-common/templates/ceph.conf.j2 index 63601ec1b..1b4572823 100644 --- a/roles/ceph-common/templates/ceph.conf.j2 +++ b/roles/ceph-common/templates/ceph.conf.j2 @@ -139,7 +139,7 @@ rgw dns name = {{ radosgw_dns_name }} {% endif %} host = {{ hostvars[host]['ansible_hostname'] }} - keyring = /etc/ceph/keyring.radosgw.gateway + keyring = /etc/ceph/radosgw.gateway.keyring rgw socket path = /tmp/radosgw.sock log file = /var/log/ceph/radosgw.log rgw data = /var/lib/ceph/radosgw/{{ hostvars[host]['ansible_hostname'] }} diff --git a/roles/ceph-mon/tasks/ceph_keys.yml b/roles/ceph-mon/tasks/ceph_keys.yml new file mode 100644 index 000000000..060f1aa75 --- /dev/null +++ b/roles/ceph-mon/tasks/ceph_keys.yml @@ -0,0 +1,39 @@ +--- +# Wait for mon discovery and quorum resolution +# the admin key is not instantanely created so we have to wait a bit + +- name: wait for client.admin key exists + wait_for: path=/etc/ceph/ceph.client.admin.keyring + +- name: Create RGW keyring + command: ceph auth get-or-create client.radosgw.gateway osd 'allow rwx' mon 'allow rw' -o /etc/ceph/radosgw.gateway.keyring creates=/etc/ceph/radosgw.gateway.keyring + when: cephx and radosgw + changed_when: False + +- include: openstack_config.yml + when: openstack_config and cephx + +- name: Find Ceph keys + shell: ls -1 /etc/ceph/*.keyring + register: ceph_keys + when: cephx + +- name: Copy keys to the ansible server + fetch: > + src={{ item }} + dest=fetch/{{ fsid }}/{{ item }} + flat=yes + when: cephx + with_items: + - "{{ ceph_keys.stdout_lines }}" + - /var/lib/ceph/bootstrap-osd/ceph.keyring + - /var/lib/ceph/bootstrap-mds/ceph.keyring + +- name: Drop in a motd script to report status when logging in + copy: > + src=precise/92-ceph + dest=/etc/update-motd.d/92-ceph + owner=root + group=root + mode=0755 + when: ansible_distribution_release == 'precise' diff --git a/roles/ceph-mon/tasks/main.yml b/roles/ceph-mon/tasks/main.yml index 5dfe84c78..7077a7def 100644 --- a/roles/ceph-mon/tasks/main.yml +++ b/roles/ceph-mon/tasks/main.yml @@ -1,37 +1,3 @@ --- - include: deploy_monitors.yml - -# Wait for mon discovery and quorum resolution -# the admin key is not instantanely created so we have to wait a bit - -- name: wait for client.admin key exists - wait_for: path=/etc/ceph/ceph.client.admin.keyring - -- name: Create RGW keyring - command: ceph auth get-or-create client.radosgw.gateway osd 'allow rwx' mon 'allow rw' -o /etc/ceph/keyring.radosgw.gateway creates=/etc/ceph/keyring.radosgw.gateway - when: cephx and radosgw - changed_when: False - -- include: openstack_config.yml - when: openstack_config - -- name: Copy keys to the ansible server - fetch: > - src={{ item }} - dest=fetch/{{ fsid }}/{{ item }} - flat=yes - when: cephx - with_items: - - /etc/ceph/ceph.client.admin.keyring # just in case another application needs it - - /var/lib/ceph/bootstrap-osd/ceph.keyring # this handles the non-colocation case - - /var/lib/ceph/bootstrap-mds/ceph.keyring - - /etc/ceph/keyring.radosgw.gateway - -- name: Drop in a motd script to report status when logging in - copy: > - src=precise/92-ceph - dest=/etc/update-motd.d/92-ceph - owner=root - group=root - mode=0755 - when: ansible_distribution_release == 'precise' +- include: ceph_keys.yml diff --git a/roles/ceph-mon/tasks/openstack_config.yml b/roles/ceph-mon/tasks/openstack_config.yml index cc6e4b292..8d8566bc3 100644 --- a/roles/ceph-mon/tasks/openstack_config.yml +++ b/roles/ceph-mon/tasks/openstack_config.yml @@ -7,7 +7,8 @@ - "{{ openstack_cinder_pool }}" - "{{ openstack_nova_pool }}" - "{{ openstack_cinder_backup_pool }}" + ignore_errors: True - name: Create OpenStack keys - command: ceph auth get-or-create {{ item.name }} {{ item.value }} -o /etc/ceph/ceph.client.{{ item.name }}.keyring creates=/etc/ceph/ceph.client.{{ item.name }}.keyring + command: ceph auth get-or-create {{ item.name }} {{ item.value }} -o /etc/ceph/ceph.{{ item.name }}.keyring creates=/etc/ceph/ceph.{{ item.name }}.keyring with_items: openstack_keys