Refactor keys creation and fetching

We isolated the key operations into a file and modified the fetch
function to collect all the new keys.
In the mean time fixed the pool creation since the command is not
indempotent.
Renamed the rgw key to work with the key collection.

Signed-off-by: Sébastien Han <sebastien.han@enovance.com>

roles/ceph-common/templates/ceph.conf.j2

@@ -139,7 +139,7 @@
     rgw dns name = {{ radosgw_dns_name }}
   {% endif %}
   host = {{ hostvars[host]['ansible_hostname'] }}
-  keyring = /etc/ceph/keyring.radosgw.gateway
+  keyring = /etc/ceph/radosgw.gateway.keyring
   rgw socket path = /tmp/radosgw.sock
   log file = /var/log/ceph/radosgw.log
   rgw data = /var/lib/ceph/radosgw/{{ hostvars[host]['ansible_hostname'] }}

roles/ceph-mon/tasks/ceph_keys.yml

@@ -0,0 +1,39 @@
+---
+# Wait for mon discovery and quorum resolution
+# the admin key is not instantanely created so we have to wait a bit
+
+- name: wait for client.admin key exists
+  wait_for: path=/etc/ceph/ceph.client.admin.keyring
+
+- name: Create RGW keyring
+  command: ceph auth get-or-create client.radosgw.gateway osd 'allow rwx' mon 'allow rw' -o /etc/ceph/radosgw.gateway.keyring creates=/etc/ceph/radosgw.gateway.keyring
+  when: cephx and radosgw
+  changed_when: False
+
+- include: openstack_config.yml
+  when: openstack_config and cephx
+
+- name: Find Ceph keys
+  shell: ls -1 /etc/ceph/*.keyring
+  register: ceph_keys
+  when: cephx
+
+- name: Copy keys to the ansible server
+  fetch: >
+    src={{ item }}
+    dest=fetch/{{ fsid }}/{{ item }}
+    flat=yes
+  when: cephx
+  with_items:
+    - "{{ ceph_keys.stdout_lines }}"
+    - /var/lib/ceph/bootstrap-osd/ceph.keyring
+    - /var/lib/ceph/bootstrap-mds/ceph.keyring
+
+- name: Drop in a motd script to report status when logging in
+  copy: >
+    src=precise/92-ceph
+    dest=/etc/update-motd.d/92-ceph
+    owner=root
+    group=root
+    mode=0755
+  when: ansible_distribution_release == 'precise'

roles/ceph-mon/tasks/main.yml

@@ -1,37 +1,3 @@
 ---
 - include: deploy_monitors.yml
-
-# Wait for mon discovery and quorum resolution
-# the admin key is not instantanely created so we have to wait a bit
-
-- name: wait for client.admin key exists
-  wait_for: path=/etc/ceph/ceph.client.admin.keyring
-
-- name: Create RGW keyring
-  command: ceph auth get-or-create client.radosgw.gateway osd 'allow rwx' mon 'allow rw' -o /etc/ceph/keyring.radosgw.gateway creates=/etc/ceph/keyring.radosgw.gateway
-  when: cephx and radosgw
-  changed_when: False
-
-- include: openstack_config.yml
-  when: openstack_config
-
-- name: Copy keys to the ansible server
-  fetch: >
-    src={{ item }}
-    dest=fetch/{{ fsid }}/{{ item }}
-    flat=yes
-  when: cephx
-  with_items:
-    - /etc/ceph/ceph.client.admin.keyring # just in case another application needs it
-    - /var/lib/ceph/bootstrap-osd/ceph.keyring # this handles the non-colocation case
-    - /var/lib/ceph/bootstrap-mds/ceph.keyring
-    - /etc/ceph/keyring.radosgw.gateway
-
-- name: Drop in a motd script to report status when logging in
-  copy: >
-    src=precise/92-ceph
-    dest=/etc/update-motd.d/92-ceph
-    owner=root
-    group=root
-    mode=0755
-  when: ansible_distribution_release == 'precise'
+- include: ceph_keys.yml

roles/ceph-mon/tasks/openstack_config.yml

@@ -7,7 +7,8 @@
     - "{{ openstack_cinder_pool }}"
     - "{{ openstack_nova_pool }}"
     - "{{ openstack_cinder_backup_pool }}"
+  ignore_errors: True
 
 - name: Create OpenStack keys
-  command: ceph auth get-or-create {{ item.name }} {{ item.value }} -o /etc/ceph/ceph.client.{{ item.name }}.keyring creates=/etc/ceph/ceph.client.{{ item.name }}.keyring
+  command: ceph auth get-or-create {{ item.name }} {{ item.value }} -o /etc/ceph/ceph.{{ item.name }}.keyring creates=/etc/ceph/ceph.{{ item.name }}.keyring
   with_items: openstack_keys