Commit Graph

697 Commits (test-draft-label)

Author SHA1 Message Date
Seena Fallah 4fa9057a3e ceph-handler: use haproxy maintenance for rgw restarts
RGW currently restarts without waiting for existing connections to
close. By adjusting the HAProxy weight before the restart, we can
ensure that no active connections are disrupted during the restart
process.

Signed-off-by: Seena Fallah <seenafallah@gmail.com>
2024-06-27 09:42:39 +02:00
Guillaume Abrioux 59198f5bcd Revert "nfs-ganesha support removal"
This reverts commit 675667e1d6.

Signed-off-by: Guillaume Abrioux <gabrioux@ibm.com>
2024-06-20 11:54:36 +02:00
Seena Fallah 7016c6df3c ceph-container: use ceph user and group
Use --setuser and --setgroup to ceph to run daemons with ceph user.

Signed-off-by: Seena Fallah <seenafallah@gmail.com>
2024-05-17 08:32:08 +02:00
Seena Fallah 65c84a3583 ceph-container: keep run dir permission consistent
Make it the same as "Create ceph initial directories" task
and make owner and group 167 for containers so they can write
with ceph user.

Signed-off-by: Seena Fallah <seenafallah@gmail.com>
2024-05-17 08:32:08 +02:00
Seena Fallah 1121e6d98a ceph-rgw: introduce rgw zone to the name schema
This is needed by ceph-exporter as it is parsing the socket by the number of dots.
Although the rgw_zone variable is only using for constructing the client name
and has nothing to do with multisiting.

Signed-off-by: Seena Fallah <seenafallah@gmail.com>
2024-05-13 13:26:02 +02:00
Guillaume Abrioux 675667e1d6 nfs-ganesha support removal
nfs-ganesha support will be implemented in a separate playbook.

Signed-off-by: Guillaume Abrioux <gabrioux@ibm.com>
2024-03-20 20:22:34 +01:00
Seena Fallah bbc1ba5c05 ceph-osd: introduce ec profile creation
RGW Pools can now use the existing ec profiles and rules created by ceph-osd role.

Signed-off-by: Seena Fallah <seenafallah@gmail.com>
2024-03-16 20:17:45 +01:00
Guillaume Abrioux 9c467e41b3 osd: drop openstack related tasks
All of this should be addressed in custom separate playbooks if needed.

Signed-off-by: Guillaume Abrioux <gabrioux@ibm.com>
2024-03-09 17:56:31 +01:00
Guillaume Abrioux aeba99107e group_vars: resync samples with default values
2b72ea991d and
c8eeae243e have missed the resync.

This addresses that.

Signed-off-by: Guillaume Abrioux <gabrioux@ibm.com>
2024-03-08 13:02:44 +01:00
Guillaume Abrioux 8871de6d99 simplify monitor address setting
this drops the following parameters:

- monitor_address_block
- monitor_interface
- monitor_address

The monitor address will be automatically set from `public_network` parameter.

Signed-off-by: Guillaume Abrioux <gabrioux@ibm.com>
2024-03-08 13:02:44 +01:00
Seena Fallah 2b72ea991d ceph-exporter: add installation role
Signed-off-by: Seena Fallah <seenafallah@gmail.com>
2024-03-07 20:22:44 +01:00
Seena Fallah 92d1c81173 systemd: export params as a varaible
This can help to have extra params or modify the existing ones via group vars.

Signed-off-by: Seena Fallah <seenafallah@gmail.com>
2024-03-07 20:21:47 +01:00
Seena Fallah 07bf577051 ceph-volume: disable dmcrypt by default
regression by dcdb1710cbaf7946cf8161b4395697d4898680d3

Signed-off-by: Seena Fallah <seenafallah@gmail.com>
2024-03-07 20:15:27 +01:00
Seena Fallah 84e10bfd03 container: cleanup container systemd units
* Make common params of container args in a var to avoid duplication
* The /var/lib/ceph/crash mount was missing after 637ca81c9c
* Add CEPH_USE_RANDOM_NONCE as it's needed when running inside container (can be removed for squid later)
* Add NODE_NAME as some part of ceph code relies on this var
* add default logging opts for

Signed-off-by: Seena Fallah <seenafallah@gmail.com>
2024-02-19 23:14:26 +01:00
Seena Fallah c6d3bb5e92 refactor: remove multisite leftovers
Signed-off-by: Seena Fallah <seenafallah@gmail.com>
2024-02-19 21:35:02 +01:00
Seena Fallah 4df1c1a09c ceph-config: introduce dedicated cluster config flow
Signed-off-by: Seena Fallah <seenafallah@gmail.com>
2024-02-16 16:06:07 +01:00
Guillaume Abrioux ebd0c6fce3 kickoff squid
This adds the few required changes in order to fully support
Ceph Squid.

Signed-off-by: Guillaume Abrioux <gabrioux@ibm.com>
2024-02-16 13:17:44 +01:00
Guillaume Abrioux 1af387621d drop rhcs references
RHCS moved away from ceph-ansible. All RHCS references should be
removed.

Signed-off-by: Guillaume Abrioux <gabrioux@ibm.com>
2024-02-16 11:12:01 +01:00
Guillaume Abrioux 03f1e3f48e drop iscsigw support
This service is no longer maintained.
Let's drop its support within ceph-ansible.

Signed-off-by: Guillaume Abrioux <gabrioux@ibm.com>
2024-02-16 08:59:05 +01:00
Guillaume Abrioux 18da10bb7a address Ansible linter errors
This addresses all errors reported by the Ansible linter.

Signed-off-by: Guillaume Abrioux <gabrioux@ibm.com>
2024-02-16 00:38:19 +01:00
Guillaume Abrioux 7d25a5d565 drop rgw multisite deployment support
The current approach is extremely complex and introduced a lot
of spaghetti code. This doesn't offer a good user experience at all.

It's time to think to another approach (dedicated playbook) and drop
the current implementation in order to clean up the code.

Signed-off-by: Guillaume Abrioux <gabrioux@ibm.com>
2024-02-16 00:38:19 +01:00
Guillaume Abrioux 14b4abf7c0 migrate from ceph.conf to ceph config
keep the ceph.conf very simple.
manage the common options such as `public_network` with `ceph_config`
module.

Signed-off-by: Guillaume Abrioux <gabrioux@ibm.com>
2024-02-14 09:54:13 +01:00
Guillaume Abrioux 42f6bdb849 tests: updates functional tests with new image
let's use quay.io/ceph/daemon-base in every tests instead of
`ceph/daemon` since it's not supposed to be built anymore soon.

Signed-off-by: Guillaume Abrioux <gabrioux@ibm.com>
2023-06-02 14:22:20 +02:00
Guillaume Abrioux 896d82877f osd: drop filestore support
filestore objectstore will be gone in the next Ceph release.the
This drops the filestore support in ceph-ansible.

Signed-off-by: Guillaume Abrioux <gabrioux@redhat.com>
2023-05-31 23:07:13 +02:00
Lorenz Bausch 2f5e21b631 mgr: fix a typo
This commit fixes a typo in `roles/ceph-mgr/defaults/main.yml`
(s/mpdules/modules)

Signed-off-by: Lorenz Bausch <info@lorenzbausch.de>
2023-03-15 16:14:44 +01:00
Guillaume Abrioux 15b91cef90 osd: drop filestore support
filestore is about to be removed. This commit removes the filestore
support in ceph-ansible.

Signed-off-by: Guillaume Abrioux <gabrioux@redhat.com>
2023-03-03 15:00:29 +01:00
Guillaume Abrioux 371592a8fb common: v18/reef kickoff
align with ceph/ceph/pull/47458 since it has been merged.

Signed-off-by: Guillaume Abrioux <gabrioux@redhat.com>
2022-10-07 16:39:56 +02:00
Teoman ONAY 0c50bfac98 Set ceph_rbd_mirror_pool default value
Signed-off-by: Teoman ONAY <tonay@redhat.com>
2022-08-02 10:35:33 +02:00
Guillaume Abrioux b74ff6e22c rbd-mirror: major refactor
- Use config-key store to add cluster peer.
- Support multiple pools mirroring.

Signed-off-by: Guillaume Abrioux <gabrioux@redhat.com>
2022-07-29 17:33:25 +02:00
Guillaume Abrioux 8a5628b516 config/osd: various fixes
- sets `osd_memory_target` per osd host.
- ceph.conf refactor (osd)

Closes: https://bugzilla.redhat.com/show_bug.cgi?id=2056675

Signed-off-by: Guillaume Abrioux <gabrioux@redhat.com>
2022-07-11 13:57:32 +02:00
Guillaume Abrioux 19fedfbac5 nfs: use repo from SIG
RPMs for nfs-ganesha aren't hosted anymore at https://download.ceph.com

Signed-off-by: Guillaume Abrioux <gabrioux@redhat.com>
2022-06-22 01:17:20 +02:00
David Galloway bcedff95bd master->main
Signed-off-by: David Galloway <dgallowa@redhat.com>
2022-05-30 15:15:15 +02:00
Guillaume Abrioux c1649862a9 common: move to `ansible.utils.ipwrap`
ipwrap has moved to ansible.utils

see
db4920ebf6

Signed-off-by: Guillaume Abrioux <gabrioux@redhat.com>
2022-05-12 22:51:31 +02:00
Guillaume Abrioux 266b6e739c adopt: fix node labelling
When using group of group, the playbook will apply undesired
labels on nodes.
This commit fixes it by applying only the expected labels.

Closes: https://bugzilla.redhat.com/show_bug.cgi?id=2057528

Signed-off-by: Guillaume Abrioux <gabrioux@redhat.com>
2022-03-03 15:52:00 +01:00
Teoman ONAY da42f3d139 Enable user to change the account used for ssh connection
By default cephadm uses root account to connect remotely
to other nodes in the cluster. This change allows to choose
another account.
This commit also allows to use a dedicated subnet for cephadm mgmt.

Signed-off-by: Teoman ONAY <tonay@redhat.com>
2022-03-03 15:52:00 +01:00
Guillaume Abrioux c491e67486 nfs-ganesha: fix debian based OS deployments
Let's use ppa repositories in order to deploy nfs-ganesha on Debian based OS.

Fixes: #7031

Signed-off-by: Guillaume Abrioux <gabrioux@redhat.com>
2022-01-19 13:42:10 +01:00
Danny Webb 189ff93372 make grafana network a configurable option
Signed-off-by: Danny Webb <danny.webb@thehutgroup.com>
2021-12-02 08:53:58 +01:00
Seena Fallah fb99626987 ceph-defaults: set ceph_stable_release default to the stable branch release
ceph_stable_release is a legacy from the time where a single branch of ceph-ansible supported more than one release of ceph

Signed-off-by: Seena Fallah <seenafallah@gmail.com>
2021-09-30 16:13:55 +02:00
Alex Lambert a9680ab17f dashboard: allow disabling of unused features
Unconfigured dashboard features can lead to empty tabs in the dashboard
containing no meaningful content. Allow users to disable dashboard features
they know will not be used.

A list of features to be disabled allows the user to define a streamlined
dashboard as standard across deployments. Defaults to disabling no features,
ensuring that users are sure they do not need the dashboard feature before
disabling it.

Signed-off-by: Alex Lambert <lamberta@microsoft.com>
2021-09-29 12:02:16 +02:00
Dimitri Savineau e7b43c1fc6 ceph-defaults: set quay.io as the default registry
Because the ceph container images are now only pushed to the quay.io
registry then this updates the default registry value.
The docker.io registry can still be used but doesn't receive updated
container images.

Signed-off-by: Dimitri Savineau <dsavinea@redhat.com>
2021-09-09 10:56:09 +02:00
Guillaume Abrioux 6802b8dddd iscsi: don't set default value for trusted_ip_list
It restricts access to the iSCSI API.
It can be left empty if the API isn't going to be access from outside the
gateway node

Even though this seems to be a limited use case, it's better to leave it
empty by default than having a meaningless default value.

We could make this variable mandatory but that would be a breaking
change. Let's just add a logic in the template in order to set this
variable in the configuration file only if it was specified by users.

Closes: https://bugzilla.redhat.com/show_bug.cgi?id=1994930

Signed-off-by: Guillaume Abrioux <gabrioux@redhat.com>
Co-authored-by: Dimitri Savineau <dsavinea@redhat.com>
2021-08-19 09:28:08 -04:00
Guillaume Abrioux 7511195738 common: do not log keyring secret
let's not display any keyring secret by default in ansible log.

Closes: https://bugzilla.redhat.com/show_bug.cgi?id=1980744

Signed-off-by: Guillaume Abrioux <gabrioux@redhat.com>
2021-08-11 17:33:34 +02:00
Dimitri Savineau b02cc6931f ceph-defaults: remove radosgw_civetweb_ variables
radosgw_civetweb_xxx variables are legacy variables and users should
have switched to radosgw_frontend_xxx variables instead.

Signed-off-by: Dimitri Savineau <dsavinea@redhat.com>
2021-08-04 09:13:08 +02:00
Dimitri Savineau f0ccf3ebf0 ceph-defaults: add missing grafana dashboards
The radosgw-sync-overview and rbd-details grafana dashboars were missing
from the list.

Closes: #6758

Signed-off-by: Dimitri Savineau <dsavinea@redhat.com>
2021-07-27 10:49:05 -04:00
Dimitri Savineau 9f77b929d1 alertmanager: allow disable dashboard tls verify
When using self-signed/untrusted CA certificates, alertmanager displays
an error in logs. With this commit this should make those messages
disappear.

Closes: https://bugzilla.redhat.com/show_bug.cgi?id=1936299

Co-authored-by: Guillaume Abrioux <gabrioux@redhat.com>

Signed-off-by: Dimitri Savineau <dsavinea@redhat.com>
2021-07-25 02:56:18 +02:00
Dimitri Savineau 9817d29543 ceph-nfs: allow overriding NFS_CORE_PARAM
We already have config override variables for existing block (like
ganesha_ceph_export_overrides, ganesha_log_overrides, etc...) or a
global one (ganesha_conf_overrides) but redefining the NFS_CORE_PARAM
block in that variable will erase all previous values (currently only
Bind_Addr).

ganesha_core_param_overrides: |
        Enable_UDP = false;
        NFS_Port = 2050;

Closes: https://bugzilla.redhat.com/show_bug.cgi?id=1941775

Signed-off-by: Dimitri Savineau <dsavinea@redhat.com>
2021-07-19 18:22:14 +02:00
Guillaume Abrioux 72a0336c71 dashboard: remove "certificate is valid for" error
When deploying dashboard with ssl certificates generated by
ceph-ansible, we enforce the CN to 'ceph-dashboard' which can makes
application such alertmanager complain like following:

`err="Post https://mgr0:8443/api/prometheus_receiver: x509: certificate is valid for ceph-dashboard, not mgr0" context_err="context deadline exceeded"`

The idea here is to add alternative names matching all mgr/mon instances
in the certificate so this error won't appear in logs.

Closes: https://bugzilla.redhat.com/show_bug.cgi?id=1978869

Signed-off-by: Guillaume Abrioux <gabrioux@redhat.com>
2021-07-07 09:38:34 -04:00
Guillaume Abrioux f4f73b6197 dashboard: support dedicated network for the dashboard
This introduces a new variable `dashboard_network` in order to support
deploying the dashboard on a different subnet.

Closes: https://bugzilla.redhat.com/show_bug.cgi?id=1927574

Signed-off-by: Guillaume Abrioux <gabrioux@redhat.com>
2021-07-05 21:34:43 +02:00
Dimitri Savineau 9758e3c513 container: set tcmalloc value by default
All ceph daemons need to have the TCMALLOC_MAX_TOTAL_THREAD_CACHE_BYTES
environment variable set to 128MB by default in container setup.

Closes: https://bugzilla.redhat.com/show_bug.cgi?id=1970913

Signed-off-by: Dimitri Savineau <dsavinea@redhat.com>
2021-06-30 20:30:55 +02:00
Dimitri Savineau a05730b38a rhcs: remove ISO install method
Starting RHCS 5, there's no ISO available anymore.
This removes all ISO variables and the ceph_repository_type variable.

Closes: #6626

Signed-off-by: Dimitri Savineau <dsavinea@redhat.com>
2021-06-30 18:03:03 +02:00