rgw: do not use daemon

This changes the entrypoint used for radosgw containerized daemons
in the systemd template.

Signed-off-by: Guillaume Abrioux <gabrioux@redhat.com>
pull/7431/head
Guillaume Abrioux 2022-09-19 16:10:39 +02:00 committed by Teoman ONAY
parent 3b36a4e826
commit c33cfc000b
4 changed files with 55 additions and 17 deletions

View File

@ -64,7 +64,6 @@
import_role:
name: ceph-rgw
tasks_from: pre_requisite.yml
when: not containerized_deployment | bool
- name: import_role ceph-rgw
import_role:

View File

@ -4,7 +4,6 @@
- name: include_tasks pre_requisite.yml
include_tasks: pre_requisite.yml
when: not containerized_deployment | bool
- name: rgw pool creation tasks
include_tasks: rgw_create_pools.yml

View File

@ -1,4 +1,15 @@
---
- name: create rados gateway directories
file:
path: "/var/lib/ceph/radosgw/{{ cluster }}-rgw.{{ ansible_facts['hostname'] }}.{{ item.instance_name }}"
state: directory
owner: "{{ ceph_uid if containerized_deployment | bool else 'ceph' }}"
group: "{{ ceph_uid if containerized_deployment | bool else 'ceph' }}"
mode: "{{ ceph_directories_mode }}"
delegate_to: "{{ groups.get(mon_group_name, [])[0] }}"
loop: "{{ rgw_instances }}"
when: groups.get(mon_group_name, []) | length > 0
- name: create rgw keyrings
ceph_key:
name: "client.rgw.{{ ansible_facts['hostname'] }}.{{ item.instance_name }}"
@ -9,13 +20,45 @@
caps:
osd: 'allow rwx'
mon: 'allow rw'
import_key: False
owner: "ceph"
group: "ceph"
import_key: "{{ True if groups.get(mon_group_name, []) | length > 0 else False }}"
owner: "{{ ceph_uid if containerized_deployment | bool else 'ceph' }}"
group: "{{ ceph_uid if containerized_deployment | bool else 'ceph' }}"
mode: "0600"
no_log: "{{ no_log_on_ceph_key_tasks }}"
delegate_to: "{{ groups[mon_group_name][0] if groups.get(mon_group_name, []) | length > 0 else 'localhost'}}"
environment:
CEPH_CONTAINER_IMAGE: "{{ ceph_docker_registry + '/' + ceph_docker_image + ':' + ceph_docker_image_tag if containerized_deployment else None }}"
CEPH_CONTAINER_BINARY: "{{ container_binary }}"
with_items: "{{ rgw_instances }}"
when: cephx | bool
when: cephx | bool
- name: get keys from monitors
ceph_key:
name: "client.rgw.{{ ansible_facts['hostname'] }}.{{ item.instance_name }}"
cluster: "{{ cluster }}"
output_format: plain
state: info
environment:
CEPH_CONTAINER_IMAGE: "{{ ceph_docker_registry + '/' + ceph_docker_image + ':' + ceph_docker_image_tag if containerized_deployment | bool else None }}"
CEPH_CONTAINER_BINARY: "{{ container_binary }}"
register: _rgw_keys
loop: "{{ rgw_instances }}"
delegate_to: "{{ groups.get(mon_group_name)[0] }}"
when:
- cephx | bool
- groups.get(mon_group_name, []) | length > 0
no_log: "{{ no_log_on_ceph_key_tasks }}"
- name: copy ceph key(s) if needed
copy:
dest: "/var/lib/ceph/radosgw/{{ cluster }}-rgw.{{ ansible_facts['hostname'] }}.{{ item.item.instance_name }}/keyring"
content: "{{ item.stdout + '\n' }}"
owner: "{{ ceph_uid if containerized_deployment | bool else 'ceph' }}"
group: "{{ ceph_uid if containerized_deployment | bool else 'ceph' }}"
mode: "{{ ceph_keyring_permissions }}"
with_items: "{{ _rgw_keys.results }}"
when:
- cephx | bool
- item is not skipped
- groups.get(mon_group_name, []) | length > 0
no_log: "{{ no_log_on_ceph_key_tasks }}"

View File

@ -34,26 +34,23 @@ ExecStart=/usr/bin/{{ container_binary }} run --rm --net=host \
{% if ceph_rgw_docker_cpuset_mems is defined -%}
--cpuset-mems="{{ ceph_rgw_docker_cpuset_mems }}" \
{% endif -%}
-v /var/lib/ceph/radosgw:/var/lib/ceph/radosgw:z \
-v /var/lib/ceph/bootstrap-rgw:/var/lib/ceph/bootstrap-rgw:z \
-v /etc/ceph:/etc/ceph:z \
-v /var/run/ceph:/var/run/ceph:z \
-v /etc/localtime:/etc/localtime:ro \
-v /var/log/ceph:/var/log/ceph:z \
-v /var/lib/ceph/radosgw/{{ cluster }}-rgw.{{ ansible_facts['hostname'] }}.${INST_NAME}:/var/lib/ceph/radosgw/{{ cluster }}-rgw.{{ ansible_facts['hostname'] }}.${INST_NAME}:z \
-v /etc/ceph:/etc/ceph \
-v /var/run/ceph:/var/run/ceph \
-v /etc/localtime:/etc/localtime \
-v /var/log/ceph:/var/log/ceph \
{% if ansible_facts['os_family'] == 'RedHat' -%}
-v /etc/pki/ca-trust/extracted:/etc/pki/ca-trust/extracted \
{% endif -%}
{% if radosgw_frontend_ssl_certificate -%}
-v {{ radosgw_frontend_ssl_certificate }}:{{ radosgw_frontend_ssl_certificate }} \
{% endif -%}
-e CEPH_DAEMON=RGW \
-e CLUSTER={{ cluster }} \
-e RGW_NAME={{ ansible_facts['hostname'] }}.${INST_NAME} \
-e CONTAINER_IMAGE={{ ceph_docker_registry }}/{{ ceph_docker_image }}:{{ ceph_docker_image_tag }} \
-e TCMALLOC_MAX_TOTAL_THREAD_CACHE_BYTES={{ ceph_tcmalloc_max_total_thread_cache }} \
--name=ceph-rgw-{{ ansible_facts['hostname'] }}-${INST_NAME} \
--entrypoint=/usr/bin/radosgw \
{{ ceph_rgw_docker_extra_env }} \
{{ ceph_docker_registry }}/{{ ceph_docker_image }}:{{ ceph_docker_image_tag }}
{{ ceph_docker_registry }}/{{ ceph_docker_image }}:{{ ceph_docker_image_tag }} \
-f -n client.rgw.{{ ansible_facts['hostname'] }}.${INST_NAME} -k /var/lib/ceph/radosgw/{{ cluster }}-rgw.{{ ansible_facts['hostname'] }}.${INST_NAME}/keyring
{% if container_binary == 'podman' %}
ExecStop=-/usr/bin/sh -c "/usr/bin/{{ container_binary }} rm -f `cat /%t/%n-cid`"
{% else %}