From bf375327a0c39ea2afd4632e8e90666a70177042 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?S=C3=A9bastien=20Han?= <seb@redhat.com>
Date: Mon, 3 Dec 2018 11:15:30 +0100
Subject: [PATCH] ceph-mgr: refact role for containers
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Now we simplify the invocation of start and remove some code and the
directory 'docker'.

Signed-off-by: Sébastien Han <seb@redhat.com>
---
 roles/ceph-mgr/tasks/common.yml               | 24 +++++++++++-
 roles/ceph-mgr/tasks/docker/main.yml          |  3 --
 .../tasks/docker/start_docker_mgr.yml         | 18 ---------
 roles/ceph-mgr/tasks/main.yml                 |  5 +--
 roles/ceph-mgr/tasks/pre_requisite.yml        | 25 ------------
 roles/ceph-mgr/tasks/start_mgr.yml            | 38 +++++++++++++++++++
 6 files changed, 62 insertions(+), 51 deletions(-)
 delete mode 100644 roles/ceph-mgr/tasks/docker/main.yml
 delete mode 100644 roles/ceph-mgr/tasks/docker/start_docker_mgr.yml
 create mode 100644 roles/ceph-mgr/tasks/start_mgr.yml

diff --git a/roles/ceph-mgr/tasks/common.yml b/roles/ceph-mgr/tasks/common.yml
index 20d608436..49907acae 100644
--- a/roles/ceph-mgr/tasks/common.yml
+++ b/roles/ceph-mgr/tasks/common.yml
@@ -7,6 +7,26 @@
     group: "{{ ceph_uid if containerized_deployment else 'ceph' }}"
     mode: "0755"
 
+- name: fetch ceph mgr keyring
+  ceph_key:
+    name: "mgr.{{ ansible_hostname }}"
+    state: present
+    caps:
+      mon: allow profile mgr
+      osd: allow *
+      mds: allow *
+    cluster: "{{ cluster }}"
+    secret: "{{ (mgr_secret != 'mgr_secret') | ternary(mgr_secret, omit) }}"
+    owner: "{{ ceph_uid if containerized_deployment else 'ceph' }}"
+    group: "{{ ceph_uid if containerized_deployment else 'ceph' }}"
+    mode: "0400"
+    dest: "/var/lib/ceph/mgr/{{ cluster }}-{{ ansible_hostname }}/keyring"
+  environment:
+    CEPH_CONTAINER_IMAGE: "{{ ceph_docker_registry + '/' + ceph_docker_image + ':' + ceph_docker_image_tag if containerized_deployment else None }}"
+    CEPH_CONTAINER_BINARY: "{{ container_binary }}"
+  when:
+    - groups.get(mgr_group_name, []) | length == 0 # the key is present already since one of the mons created it in "create ceph mgr keyring(s)"
+
 - name: copy ceph keyring(s) if needed
   copy:
     src: "{{ fetch_directory }}/{{ fsid }}/{{ item.name }}"
@@ -19,6 +39,7 @@
     - { name: "/etc/ceph/{{ cluster }}.client.admin.keyring", dest: "/etc/ceph/{{ cluster }}.client.admin.keyring", copy_key: "{{ copy_admin_key }}" }
   when:
     - cephx
+    - groups.get(mgr_group_name, []) | length > 0
     - item.copy_key|bool
 
 - name: set mgr key permissions
@@ -28,5 +49,4 @@
     group: "{{ ceph_uid if containerized_deployment else 'ceph' }}"
     mode: "{{ ceph_keyring_permissions }}"
   when:
-    - cephx
-    - groups.get(mgr_group_name, []) | length > 0
+    - cephx
\ No newline at end of file
diff --git a/roles/ceph-mgr/tasks/docker/main.yml b/roles/ceph-mgr/tasks/docker/main.yml
deleted file mode 100644
index 1737f1b6f..000000000
--- a/roles/ceph-mgr/tasks/docker/main.yml
+++ /dev/null
@@ -1,3 +0,0 @@
----
-- name: include start_docker_mgr.yml
-  include_tasks: start_docker_mgr.yml
diff --git a/roles/ceph-mgr/tasks/docker/start_docker_mgr.yml b/roles/ceph-mgr/tasks/docker/start_docker_mgr.yml
deleted file mode 100644
index 40e623bf8..000000000
--- a/roles/ceph-mgr/tasks/docker/start_docker_mgr.yml
+++ /dev/null
@@ -1,18 +0,0 @@
----
-- name: generate systemd unit file
-  become: true
-  template:
-    src: "{{ role_path }}/templates/ceph-mgr.service.j2"
-    dest: /etc/systemd/system/ceph-mgr@.service
-    owner: "root"
-    group: "root"
-    mode: "0644"
-  notify:
-    - restart ceph mgrs
-
-- name: systemd start mgr container
-  systemd:
-    name: ceph-mgr@{{ ansible_hostname }}
-    state: started
-    enabled: yes
-    daemon_reload: yes
\ No newline at end of file
diff --git a/roles/ceph-mgr/tasks/main.yml b/roles/ceph-mgr/tasks/main.yml
index 80e269d9e..ff1ac2ea6 100644
--- a/roles/ceph-mgr/tasks/main.yml
+++ b/roles/ceph-mgr/tasks/main.yml
@@ -12,9 +12,8 @@
   include_tasks: pre_requisite.yml
   when: not containerized_deployment
 
-- name: include docker/main.yml
-  include_tasks: docker/main.yml
-  when: containerized_deployment
+- name: inclide start_mgr.yml
+  include_tasks: start_mgr.yml
 
 - name: get enabled modules from ceph-mgr
   command: "{{ docker_exec_cmd_mgr | default('') }} ceph --cluster {{ cluster }} --format json mgr module ls"
diff --git a/roles/ceph-mgr/tasks/pre_requisite.yml b/roles/ceph-mgr/tasks/pre_requisite.yml
index 21d604897..401e5fd6d 100644
--- a/roles/ceph-mgr/tasks/pre_requisite.yml
+++ b/roles/ceph-mgr/tasks/pre_requisite.yml
@@ -13,28 +13,3 @@
     default_release: "{{ ceph_stable_release_uca | default(omit) }}{{ ansible_distribution_release ~ '-backports' if ceph_origin == 'distro' and ceph_use_distro_backports else '' }}"
   when:
     - ansible_os_family == 'Debian'
-
-- name: ensure systemd service override directory exists
-  file:
-    state: directory
-    path: "/etc/systemd/system/ceph-mgr@.service.d/"
-  when:
-    - ceph_mgr_systemd_overrides is defined
-    - ansible_service_mgr == 'systemd'
-
-- name: add ceph-mgr systemd service overrides
-  config_template:
-    src: "ceph-mgr.service.d-overrides.j2"
-    dest: "/etc/systemd/system/ceph-mgr@.service.d/ceph-mgr-systemd-overrides.conf"
-    config_overrides: "{{ ceph_mgr_systemd_overrides | default({}) }}"
-    config_type: "ini"
-  when:
-    - ceph_mgr_systemd_overrides is defined
-    - ansible_service_mgr == 'systemd'
-
-- name: start and add that the mgr service to the init sequence
-  service:
-    name: "ceph-mgr@{{ ansible_hostname }}"
-    state: started
-    enabled: yes
-  changed_when: false
diff --git a/roles/ceph-mgr/tasks/start_mgr.yml b/roles/ceph-mgr/tasks/start_mgr.yml
new file mode 100644
index 000000000..19c1c8b0c
--- /dev/null
+++ b/roles/ceph-mgr/tasks/start_mgr.yml
@@ -0,0 +1,38 @@
+---
+- name: ensure systemd service override directory exists
+  file:
+    state: directory
+    path: "/etc/systemd/system/ceph-mgr@.service.d/"
+  when:
+    - ceph_mgr_systemd_overrides is defined
+    - ansible_service_mgr == 'systemd'
+
+- name: add ceph-mgr systemd service overrides
+  config_template:
+    src: "ceph-mgr.service.d-overrides.j2"
+    dest: "/etc/systemd/system/ceph-mgr@.service.d/ceph-mgr-systemd-overrides.conf"
+    config_overrides: "{{ ceph_mgr_systemd_overrides | default({}) }}"
+    config_type: "ini"
+  when:
+    - ceph_mgr_systemd_overrides is defined
+    - ansible_service_mgr == 'systemd'
+
+- name: generate systemd unit file
+  become: true
+  template:
+    src: "{{ role_path }}/templates/ceph-mgr.service.j2"
+    dest: /etc/systemd/system/ceph-mgr@.service
+    owner: "root"
+    group: "root"
+    mode: "0644"
+  when:
+    - containerized_deployment
+  notify:
+    - restart ceph mgrs
+
+- name: systemd start mgr
+  systemd:
+    name: ceph-mgr@{{ ansible_hostname }}
+    state: started
+    enabled: yes
+    daemon_reload: yes
\ No newline at end of file