mirror of https://github.com/ceph/ceph-ansible.git
Fix autogen UUID and add auto gen monitor key
This fixes the UUID auto generation and introduces the monitor key auto generation. Signed-off-by: Sébastien Han <sebastien.han@enovance.com>pull/149/head
parent
4d138c4ebb
commit
a7bba85027
|
@ -1,4 +1,4 @@
|
||||||
.vagrant
|
.vagrant
|
||||||
*.vdi
|
*.vdi
|
||||||
*.keyring
|
*.keyring
|
||||||
fetch/4a158d27-f750-41d5-9e7f-26ce4c9d2d45
|
fetch/*
|
||||||
|
|
|
@ -21,11 +21,6 @@ ansible_provision = proc do |ansible|
|
||||||
'rgws' => (0..NRGWS - 1).map { |j| "rgw#{j}" }
|
'rgws' => (0..NRGWS - 1).map { |j| "rgw#{j}" }
|
||||||
}
|
}
|
||||||
|
|
||||||
# In a production deployment, these should be secret
|
|
||||||
ansible.extra_vars = {
|
|
||||||
fsid: '4a158d27-f750-41d5-9e7f-26ce4c9d2d45',
|
|
||||||
monitor_secret: 'AQAWqilTCDh7CBAAawXt6kyTgLFCxSvJhTEmuw=='
|
|
||||||
}
|
|
||||||
ansible.limit = 'all'
|
ansible.limit = 'all'
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|
|
@ -23,11 +23,15 @@
|
||||||
register: socket
|
register: socket
|
||||||
|
|
||||||
- name: Generate cluster UUID
|
- name: Generate cluster UUID
|
||||||
shell: "uuidgen | tee /etc/ceph/ceph_cluster_uuid.conf" creates=/etc/ceph/ceph_cluster_uuid.conf
|
shell: uuidgen | tee fetch/ceph_cluster_uuid.conf creates=fetch/ceph_cluster_uuid.conf
|
||||||
|
connection: local
|
||||||
|
sudo: false
|
||||||
register: cluster_uuid
|
register: cluster_uuid
|
||||||
|
|
||||||
- name: Read cluster UUID if it already exists
|
- name: Read cluster UUID if it already exists
|
||||||
command: cat /etc/ceph/ceph_cluster_uuid.conf removes=/etc/ceph/ceph_cluster_uuid.conf
|
command: cat fetch/ceph_cluster_uuid.conf removes=fetch/ceph_cluster_uuid.conf
|
||||||
|
connection: local
|
||||||
|
sudo: false
|
||||||
register: cluster_uuid
|
register: cluster_uuid
|
||||||
|
|
||||||
- name: Generate Ceph configuration file
|
- name: Generate Ceph configuration file
|
||||||
|
|
|
@ -1,13 +1,24 @@
|
||||||
---
|
---
|
||||||
|
- name: Create monitor secret
|
||||||
|
shell: ceph-authtool --gen-print-key | tee /etc/ceph/ceph_monitor_secret.conf creates=/etc/ceph/ceph_monitor_secret.conf
|
||||||
|
register: monitor_secret
|
||||||
|
|
||||||
|
- name: Read monitor secret if it already exists
|
||||||
|
command: cat /etc/ceph/ceph_monitor_secret.conf removes=/etc/ceph/ceph_monitor_secret.conf
|
||||||
|
register: monitor_secret
|
||||||
|
|
||||||
- name: Create monitor initial keyring
|
- name: Create monitor initial keyring
|
||||||
command: "ceph-authtool /var/lib/ceph/tmp/keyring.mon.{{ ansible_hostname }} --create-keyring --name=mon. --add-key={{ monitor_secret }} --cap mon 'allow *' creates=/var/lib/ceph/tmp/keyring.mon.{{ ansible_hostname }}"
|
command: "ceph-authtool /var/lib/ceph/tmp/keyring.mon.{{ ansible_hostname }} --create-keyring --name=mon. --add-key={{ monitor_secret.stdout }} --cap mon 'allow *' creates=/var/lib/ceph/tmp/keyring.mon.{{ ansible_hostname }}"
|
||||||
|
|
||||||
- name: Set initial monitor key permissions
|
- name: Set initial monitor key permissions
|
||||||
file: >
|
file: >
|
||||||
path=/var/lib/ceph/tmp/keyring.mon.{{ ansible_hostname }}
|
path={{ item }}
|
||||||
mode=0600
|
mode=0400
|
||||||
owner=root
|
owner=root
|
||||||
group=root
|
group=root
|
||||||
|
with_items:
|
||||||
|
- /etc/ceph/ceph_monitor_secret.conf
|
||||||
|
- /var/lib/ceph/tmp/keyring.mon.{{ ansible_hostname }}
|
||||||
|
|
||||||
- name: Create monitor directory
|
- name: Create monitor directory
|
||||||
file: >
|
file: >
|
||||||
|
|
Loading…
Reference in New Issue