Commit Graph

228 Commits (213d8acedf927f5bbd161bb6a47876df41dd90f9)

Author SHA1 Message Date
Sébastien Han 2d8ac4a586 docker: only use systemd to manage containers
Prior to this patch we had several ways to runs containers, we could use
ansible's docker module on some distro and on containers distros we were
using systemd. We strongly believe threating containers as services with
systemd is the right approach so this patch generalizes to all the
distros. These days most of the distros are running systemd so it's fair
assumption.

Signed-off-by: Sébastien Han <seb@redhat.com>
2016-12-16 19:37:05 +01:00
Sébastien Han 608b008a95 mon: add the initial mon keyring to the mon store
Once we have our first monitor up and running we need to add it to the
monitor store as a safety measure. Just in case the local file gets
deleted and you need to add a new monitor. Now you can retrieve this key
like this:

ceph config-key get initial_mon_keyring > initial_mon_keyring.txt

Signed-off-by: Sébastien Han <seb@redhat.com>
2016-12-16 11:54:02 +01:00
Sébastien Han f0687995e1 common: add the name of the ceph conf file in the play
Just for clarity and because we can we now show the name of the
ceph configuration file that is generated.

Signed-off-by: Sébastien Han <seb@redhat.com>
2016-12-15 15:26:01 +01:00
Guillaume Abrioux 471be5e629 common: do not regenerate initial mon keyring if cluster exists
This commit solves the situation where you lost your fetch directory and
you are running ansible against an existing cluster. Since no fetch
directory is present the file containing the initial mon keyring
doesn't exist so we are generating a new one.

Signed-off-by: Guillaume Abrioux <gabrioux@redhat.com>
2016-12-15 14:39:56 +01:00
Sébastien Han f6736e5420 common: show which file we are waiting for
We can now see the name of the file we are waiting for, depending on the
cluster name this will change.

Signed-off-by: Sébastien Han <seb@redhat.com>
2016-12-14 21:08:18 +01:00
tynorth-cisco 3c6e156d08 Change attribute call to .get call in ceph keys
If previous check was not run, .stdout_lines is not a valid key on the dictionary.
To get around this, use .get("stdout_lines") instead.

Also add in a default empty list
2016-12-13 16:48:14 -08:00
Sébastien Han 189f4fee47 common: do not run tasks in main.yml, use include
For readibility and clarity we do not run any tasks directly in the
main.yml file. This file should only contain include, which helps us
later to apply conditionnals if we want to.

Signed-off-by: Sébastien Han <seb@redhat.com>
2016-12-09 16:00:46 +01:00
Sébastien Han 93c3988bfe mon: remove collect keys
Once the monitor process starts it will also trigger `ceph-create-keys`
which will collect the admin key and bootstrap keys. We used to force
this command because we were having issues on some distros like centos
7.0 and 7.1 not triggering this. This is fixed on centos 7.2 and not an
issue on ubuntu 14.04 or 16.04 so we can remove this task. If the
monitor hangs or fails to start the playbook will fail right after at
the "wait for client.admin key exists" task after 300sec.

Closes: #1161

Signed-off-by: Sébastien Han <seb@redhat.com>
2016-12-07 14:38:39 +01:00
Andrew Schoen aeab09938a ceph-mon: no need to include playbook_dir when fetching configs
This causes a bug when fetch_directory is not a relative path to the
playbook location.

Signed-off-by: Andrew Schoen <aschoen@redhat.com>
2016-12-01 10:28:54 -06:00
Andrew Schoen 1e64eb7111 ceph-mon: adds static: no to an include to avoid an ansible bug
Adding that avoids this bug:

https://github.com/ansible/ansible/issues/18206

Without that you'll get failures like:

TASK [ceph-mon : set keys permissions]
*****************************************
task path:
/home/andrewschoen/ceph-ansible/roles/ceph-mon/tasks/ceph_keys.yml:31
fatal: [mon0]: FAILED! => {"failed": true, "msg": "'dict object' has no attribute 'stdout_lines'"}

Signed-off-by: Andrew Schoen <aschoen@redhat.com>
2016-12-01 10:28:54 -06:00
Guillaume Abrioux 76220ed719 Use 'package' module instead of yum, apt and dnf
Refactor the code using 'package' module

Fix Issue #520

(However it doesn't cover all cases because some cases are not refactorable.
Ex: because of diverging packages name between distribution)
2016-11-29 17:29:11 +01:00
Daniel Marks 9337b19ac0 Better --check compatibility for ceph-mon role
Carefully chosen "always_run: true" parameters for read-only tasks that
register variables. This enables --check runs (at least on deployed
clusters).
2016-11-26 21:05:32 +01:00
Daniel Marks 320dba7490 Better --check compatibility for ceph-mon role
Carefully chosen "always_run: true" parameters for read-only tasks that
register variables. This enables --check runs (at least on deployed
clusters).
2016-11-24 11:54:10 +01:00
Ivan Font 3ff17f1c8f Support containerized rolling update
- Update rolling update playbook to support containerized deployments
  for mons, osds, mdss, and rgws
- Skip checking if existing cluster is running when performing a rolling
  update
- Fixed bug where we were failing to start the mds container because it
  was missing the admin keyring. The admin keyring was missing because
  it was not being pushed from the mon host to the ansible host due to
  the keyring not being available before running the copy_configs.yml
  task include file. Now we forcefully wait for the admin keyring to be
  generated before continuing with the copy_configs.yml task include file
- Skip pre_requisite.yml when running on atomic host. This technically
  no longer requires specifying to skip tasks containing the with_pkg tag
- Add missing variables to all.docker.sample
- Misc. cleanup

Signed-off-by: Ivan Font <ifont@redhat.com>
2016-11-17 11:25:25 -08:00
Sébastien Han a2fcd222d2 moving to ansible v2.2 compatibility
Signed-off-by: Sébastien Han <seb@redhat.com>
Co-Authored-By: Julien Francoz julien@francoz.net
2016-11-04 10:09:38 +01:00
Adam Huffman 3b9f4f7de3 Revert "Change enabling of extras repo for CentOS to use ini_file" 2016-10-26 10:04:59 +02:00
Leseb 4883fa6161 Merge pull request #1042 from verdurin/centos-extras-ini_file
Change enabling of extras repo for CentOS to use ini_file
2016-10-25 09:50:52 +02:00
Sébastien Han 1e6c418a65 mon: destroy and recreate rbd pool if necessary
Users reported that pool_default_pg_num is not honoured for the default
pool 'rbd'. So now we check the pg num value for the RBD pool and if it
does not match pool_default_pg_num then we delete and recreate it.
We also make sure the pool is empty first, just in case someone changed
the value manually and didn't reflect the change in ceph-ansible.

The only issue with this patch is that the pool ID will not be 0 anymore
but more likely 1.

Signed-off-by: Sébastien Han <seb@redhat.com>
2016-10-22 01:31:15 +02:00
Adam Huffman 68bafc1fd0 Change enabling of extras repo for CentOS to use ini_file
Signed-off-by: Adam Huffman <bloch@verdurin.com>
2016-10-19 22:15:14 +01:00
Adam Huffman 4315166e91 Remove superfluous distro family check
Signed-off-by: Adam Huffman <bloch@verdurin.com>
2016-10-17 10:39:06 +01:00
Adam Huffman f3dea0d40a Ensure extras repo enabled on CentOS 2016-10-16 23:23:43 +01:00
Patrick Donnelly 4127828094
multimds: add commands to enable and set max_mds
Also regenerated group_vars.

Fixes #986.

Signed-off-by: Patrick Donnelly <pdonnell@redhat.com>
2016-10-04 09:40:20 -06:00
Patrick Donnelly c5d2170d96
secure_cluster: fix leftover version check
Missed by #953.

Signed-off-by: Patrick Donnelly <pdonnell@redhat.com>
2016-10-04 09:39:44 -06:00
James Saint-Rossy 9c7dac6b94 Updated release version check 2016-09-30 11:43:53 -04:00
James Saint-Rossy d36a99e41b Used list style ands for better readibility and fixed legacy debian checks 2016-09-26 09:19:15 -04:00
James Saint-Rossy 982c44d41c Rebased with upstream master 2016-09-25 23:22:16 -04:00
Paulo Matias a13094b888 Allow deployer to customize openstack pools
By overriding the openstack_pools variable introduced by this commit, the
deployer may choose not to create some of the openstack pools, or to add
new pools which were not foreseen by ceph-ansible, e.g. for a gnocchi
storage backend.

For backwards compatibility, we keep the openstack_glance_pool,
openstack_cinder_pool, openstack_nova_pool and
openstack_cinder_backup_pool variables, although the user may now choose
to specify the pools directly as dictionary literals inside the
openstack_pools list.
2016-09-21 14:49:42 -03:00
Patrick Donnelly 35c64f91f4
deploy_monitors: use python2 for v2 code
Signed-off-by: Patrick Donnelly <pdonnell@redhat.com>
2016-09-18 20:42:14 -04:00
James Saint-Rossy d4a60a9394 Added ceph_release generation and fixed missing whitespace in ceph_release checks 2016-09-09 18:16:41 -04:00
James Saint-Rossy 666637f715 Replaced is_before is_after is_ booleans with numerical version dictionary 2016-09-09 17:34:26 -04:00
James Saint-Rossy f52be23770 Prevent local_action from requiring root 2016-09-02 19:31:59 -04:00
James Saint-Rossy 9d97ffed30 Rebasing with upstream 2016-08-31 17:13:09 -04:00
Sébastien Han a4dbe49f7f docker: fix more than one monitor deployment
There is no need to run the actions from
roles/ceph-mon/tasks/docker/create_configs.yml
on the first monitor only since the monitor deployment happens
**serially**.
Moreover with Vagrant it's useful to allow the auto creation of the
cluster fsid, so enabling the option. If this is not desired you can
still set `fsid: 9c9c0448-0551-401d-b55b-e5b3a42bae42` for example.

Signed-off-by: Sébastien Han <seb@redhat.com>
2016-08-24 09:05:14 +02:00
Sébastien Han f351329897 docker: use cluster name
Fix cluster name for docker scenario and other playbooks.

Signed-off-by: Sébastien Han <seb@redhat.com>
2016-08-24 09:04:49 +02:00
James Saint-Rossy 7e284920d1 Fixes for Hammer install and added numerical release checks 2016-08-24 00:23:47 -04:00
Daniel Lin 08766a243a Allow ceph-ansible to be run on a locally built/installed Ceph
-First install ceph into a directory with CMake
	cmake -DCMAKE_INSTALL_LIBEXECDIR=/usr/lib -DWITH_SYSTEMD=ON -DCMAKE_INSTALL_PREFIX:PATH:=/usr <ceph_src_dir> && make DESTDIR=<install_dir> install/strip

-Ceph-ansible copies over the install_dir

-User can use rundep_installer.sh to install any runtime dependencies that ceph needs onto the machine from rundep
2016-08-12 10:02:15 -04:00
Ivan Font 8c67689d08 Add option to enable ntp
This fixes #845 for containerized deployments. We now also mount the
/etc/localtime volume in the containers in order to synchronize the host
timezone with the container timezone.

Signed-off-by: Ivan Font <ivan.font@redhat.com>
2016-08-08 10:16:48 -07:00
Alexey Sheplyakov 76a3d876ee ceph-mon: fix the loop in `secure the cluster' task
Deployment fails when the ``secure_cluster`` is false:

TASK [ceph-mon : secure the cluster]
*******************************************
fatal: [saceph-mon.vm.ceph.asheplyakov]: FAILED! => {"failed": true, "msg": "'dict object' has no attribute 'stdout_lines'"}
fatal: [saceph-mon2.vm.ceph.asheplyakov]: FAILED! => {"failed": true, "msg": "'dict object' has no attribute 'stdout_lines'"}
fatal: [saceph-mon3.vm.ceph.asheplyakov]: FAILED! => {"failed": true, "msg": "'dict object' has no attribute 'stdout_lines'"}

A conditional include evaluates all included tasks with the (additional)
conditional applied to every task [1]. Thus all tasks from `secure_cluster.yml'
are always evaluated (with an additional 'when: secure_cluster' condition).
The `secure the cluster' task iterates over ``ceph_pools.stdout_lines``
even if ``secure_cluster`` is false: in loops ansible applies conditional
to every item (by design) [2]. However the `collect all the pools' task
is skipped if the very same condition evaluates to false, which leaves
the ``ceph_pools`` undefined, so the `secure the cluster' task fails:

Provide the default (empty) list to avoid the problem.

[1] http://docs.ansible.com/ansible/playbooks_conditionals.html#applying-when-to-roles-and-includes
[2] http://docs.ansible.com/ansible/playbooks_conditionals.html#loops-and-conditionals

Closes: #913

Signed-off-by: Alexey Sheplyakov <asheplyakov@mirantis.com>
2016-07-29 14:08:12 +03:00
Daniel Gryniewicz 352824cee7 Allow generating FSID for docker
The docker case wasn't able to generate an FSID, it required it to be
set.  Allow generating it.

Signed-off-by: Daniel Gryniewicz <dang@redhat.com>
2016-07-13 13:19:22 -04:00
Ivan Font 6f5f6610a8 Support for docker image tags
Signed-off-by: Ivan Font <ivan.font@redhat.com>
2016-07-12 15:49:07 -07:00
KGoreczny 11bed371ac remove trailing spaces
Signed-off-by: KGoreczny <krzysztof.goreczny@intel.com>
2016-07-12 14:50:56 +02:00
KGoreczny 13e0b60cbe Fix for Ansible 2.1: install docker-py in version matched to ansible docker module
Signed-off-by: KGoreczny <krzysztof.goreczny@intel.com>
2016-07-11 11:35:32 +02:00
pprokop 397c3fe4fd Fixing typos 2016-06-29 07:53:37 +02:00
pprokop bae7e5342c Adding option to change kv_port anf docker tag 2016-06-28 14:02:00 +02:00
pprokop 6b9653c897 Removing symblic links and fixing systemctl enable on CoreOS 2016-06-28 13:58:26 +02:00
Daniel Gryniewicz 887baf0cce Put path back to playbook_dir for common template
The config template is in ceph-common, not in the individual roles, so
roles referencing it need to use playbook_dir, not role_path.

Signed-off-by: Daniel Gryniewicz <dang@redhat.com>
2016-06-09 10:59:17 -04:00
Sébastien Han 4219221bf4 ceph-mon: fix wrong indent
Signed-off-by: Sébastien Han <seb@redhat.com>
2016-06-09 15:35:57 +02:00
Leseb d9d1d7856e Merge pull request #812 from rootfs/fix
some fixes for container deployment
2016-06-09 15:33:32 +02:00
Leseb 58f9a6cfe0 Merge pull request #804 from dang/docker-dev
Allow running on local dev docker images
2016-06-06 11:12:43 +02:00
Daniel Gryniewicz 9d08d74385 Allow running on local dev docker images
Docker makes it difficult to use images that are not on signed
registries.  This is a problem for developers, who likely won't have
access to a registry with proper signed certificates.

This allows the ability to use any docker image on the machine running
vagrant/ansible.  The way it works is that the image in question is
exported locally, then sent to each target box and imported there.

Signed-off-by: Daniel Gryniewicz <dang@redhat.com>
2016-06-03 14:52:21 -04:00
Huamin Chen 6b84f5475b fix containerized deployment on centos
Signed-off-by: Huamin Chen <hchen@redhat.com>
2016-06-03 15:24:00 +00:00
Sébastien Han c6232bed21 ceph-common: uniformize template path calls
In order to align all Ansible versions, we now use the full path for the
template. We rely on `role_path` variable. Now all the tasks using
the template module have a uniform syntax.

Might fix issue raised in #483

Signed-off-by: Sébastien Han <seb@redhat.com>
2016-06-02 18:19:03 +02:00
Huamin Chen 7f85c2512f don't recreate /etc/ceph with wrong mode
Signed-off-by: Huamin Chen <hchen@redhat.com>
2016-05-12 13:47:52 +00:00
Sam Yaple 069c93a238 Unify formatting of when conditional
This is purely a refactor. Converts when 'and' conditionals into lists
rather than multiline strings. This does not work for nested
conditionals, but those can be formated with indents.

Moves one line when statements onto the same line as the when command
itself.

A small logic bug was found in ceph-osd/tasks/check_devices.yml which
which was also fixed.

Signed-off-by: Sam Yaple <sam@yaple.net>
2016-05-09 14:08:33 +00:00
Li Peng aaeadcab12 cleanup: fix typos
Signed-off-by: Li Peng <lip@dtdream.com>
2016-05-09 15:12:01 +08:00
Sébastien Han c8e5e49552 ceph-mon: fix monitor startup
Somehow on CentOS 7.2 with Jewel, the service enablement by the Ansible service module
does not seem to work properly.

Signed-off-by: Sébastien Han <seb@redhat.com>
2016-05-09 00:41:44 +02:00
Andrew Schoen 20d2d52ebd use the use_systemd fact when starting monitors
Signed-off-by: Andrew Schoen <aschoen@redhat.com>
2016-05-05 13:56:32 -05:00
Daniel Gryniewicz 256775cb0f Docker fixes and cleanups
Signed-off-by: Daniel Gryniewicz <dang@redhat.com>
2016-05-02 10:56:52 -04:00
Alfredo Deza 50377e19b4 ceph-mon: port start_monitor task to use new ceph version facts
Signed-off-by: Alfredo Deza <adeza@redhat.com>
2016-04-27 13:46:57 -04:00
Alfredo Deza 8763b98e0a ceph-mon: port deploy_monitors task to use new ceph version facts
Signed-off-by: Alfredo Deza <adeza@redhat.com>
2016-04-27 10:21:16 -04:00
Leseb f950afef92 Merge pull request #664 from jsaintrocc/master
Add infernalis to list of stable releases comment
2016-04-19 10:09:48 +02:00
James Saint-Rossy 67a895159e Updated version compare to 0.84.0 per laseb comment 2016-04-18 10:49:35 -04:00
Huamin Chen 9d81f32538 set path to find mon and osd systemd unit file templates
Signed-off-by: Huamin Chen <hchen@redhat.com>
2016-04-14 21:57:27 +00:00
James Saint-Rossy fc270bb772 fixed handling of new ceph_version 2016-04-12 21:26:59 -04:00
Sébastien Han 7424ad6d68 docker: do not hardcode image and user name
Signed-off-by: Sébastien Han <seb@redhat.com>
2016-04-12 12:01:53 +02:00
Chris St. Pierre 1a73d55bae Fix mis-use of config_template in docker tasks
As written, generating the config file for ceph-mon in Docker yielded:

ERROR: config_template is not a legal parameter in an Ansible task or
handler

This fixes that error condition.
2016-04-05 12:09:09 -05:00
Sébastien Han 2700552186 ceph-mon: fix ceph keys permissions
Certain daemons will not start because of the wrong permissions.

Signed-off-by: Sébastien Han <seb@redhat.com>
2016-04-04 00:36:59 +02:00
Sébastien Han df6c3f4f72 ceph-docker: fix permissions on directories
fixing the can't open /var/lib/ceph/bootstrap-osd/ceph.keyring: can't
open /var/lib/ceph/bootstrap-osd/ceph.keyring: (13) Permission denied

Signed-off-by: Sébastien Han <seb@redhat.com>
2016-04-01 14:43:33 +02:00
Leseb bc2cfc83d5 Merge pull request #666 from PiotrProkop/ceph-mon-fix
Adding support for non atomic and non CoreOS machines for deploying containerized mons with kv backend
2016-04-01 13:16:32 +02:00
pprokop da9b772534 Changed when statements due to review 2016-04-01 13:02:02 +02:00
Leseb 9123c854ae Merge pull request #671 from squizzi/fix-admin-key-wait
Added when: cephx to prevent waiting on keyring with cephx: false
2016-04-01 11:11:43 +02:00
Kyle Squizzato 9d10db21c2 Added when: cephx to prevent waiting on keyring with cephx: false
Signed-off-by: Kyle Squizzato <ksquizz@gmail.com>
2016-03-31 23:30:36 -04:00
Sébastien Han 6c5ac63ecc ceph-mon: docker fix run on atomic host
fix template issues.

Signed-off-by: Sébastien Han <seb@redhat.com>
2016-03-31 16:41:28 +02:00
Leseb 0784b8c5b1 Merge pull request #662 from ceph/follow-up-cluster-name
ceph: implement cluster name support
2016-03-30 18:20:30 +02:00
Sébastien Han 450feaac0a ceph: implement cluster name support
we now have the ability to enable the `cluster` variable with a specific
value that will determine the name of the cluster.

Signed-off-by: Sébastien Han <seb@redhat.com>
2016-03-30 18:08:38 +02:00
pprokop eb9c3eae13 Changing when statements 2016-03-30 12:38:47 +02:00
pprokop eaa259146e Fixing creating configs when default one is chosen 2016-03-30 12:29:45 +02:00
pprokop 207387d5f9 Adding support for non atomic and non CoreOS machines for deploying containerized mons with kv backend 2016-03-30 12:28:38 +02:00
Jim Curtis 89f2cf6a53 Specify full path to template 2016-03-29 11:30:56 -07:00
Sébastien Han b0f56590e0 docker: fix tons of issues
Signed-off-by: Sébastien Han <seb@redhat.com>
2016-03-24 17:55:21 +01:00
pprokop eef421716d Adding var to choose between custom and default ceph.conf populated into etcd 2016-03-24 16:27:56 +01:00
pprokop 42e748a514 Adding dockerized ceph-mon deployment with kv backend 2016-03-24 16:26:28 +01:00
Jim Curtis dae1bb072e Review feedback fixes from PR #518 2016-03-24 16:19:45 +01:00
Jim Curtis d5f642c206 Changes to allow ceph-ansible and vagrant to work on Openstack VMs 2016-03-24 16:18:46 +01:00
Huamin Chen 04f7b5923f review feedback
Signed-off-by: Huamin Chen <hchen@redhat.com>
2016-03-24 16:16:27 +01:00
Huamin Chen 326db629a0 start osd daemon via systemd if supported
Signed-off-by: Huamin Chen <hchen@redhat.com>
2016-03-24 16:16:27 +01:00
Huamin Chen 6cf3fff436 split osd disk to prepare and activate
Signed-off-by: Huamin Chen <hchen@redhat.com>
2016-03-24 16:16:27 +01:00
Huamin Chen a4b3885ac9 allow multiple mon containers to reach quorum
Signed-off-by: Huamin Chen <hchen@redhat.com>
2016-03-24 16:16:27 +01:00
Huamin Chen e18154fbe5 serialize containerized mon config
Signed-off-by: Huamin Chen <hchen@redhat.com>
2016-03-24 16:16:08 +01:00
Huamin Chen 6bd8d41a39 remove --rm option from docker run, since the image is already removed during pre start
Signed-off-by: Huamin Chen <hchen@redhat.com>
2016-03-24 16:15:41 +01:00
Huamin Chen a3dbfba4c0 use systemd to manage ceph daemons
Signed-off-by: Huamin Chen <hchen@redhat.com>
2016-03-24 16:15:41 +01:00
Huamin Chen 70561b3fc3 add variable to allow containerized mon to run privileged mode.
this is to allow ceph-authtool to read and write to /var/ and /etc on CentOS Atomic.
Add doc on how to run containerized deployment on RHEL/CentOS Atomic

Signed-off-by: Huamin Chen <hchen@redhat.com>
2016-03-24 16:14:58 +01:00
Huamin Chen fd03074cd5 remove unused files
Signed-off-by: Huamin Chen <hchen@redhat.com>
2016-03-24 16:10:42 +01:00
Huamin Chen 29b239a8f8 containerized mon: create restapi keyring
add sample config for containerized deployment
2016-03-24 16:09:02 +01:00
Huamin Chen 0d704b5710 copy bootstrap keyring and conf from mon to ansible server, so osd can get them to bootstrap
Signed-off-by: Huamin Chen <hchen@redhat.com>
2016-03-24 16:09:02 +01:00
Huamin Chen 0647cad7be containerized mon 2016-03-24 16:08:20 +01:00
Alfredo Deza 1dae862911 include calamari when the calamari option is set
Signed-off-by: Alfredo Deza <adeza@redhat.com>
2016-03-09 15:18:40 -05:00
Alfredo Deza b0a3f5b06d create a calamari task in ceph-mon
Signed-off-by: Alfredo Deza <adeza@redhat.com>
2016-03-09 15:18:36 -05:00
Sébastien Han 378aadf3e3 ceph-mon/mds: fix fqdn
closes #596

Signed-off-by: Sébastien Han <seb@redhat.com>
2016-03-03 21:23:14 +01:00
Leseb dbc5704f23 Merge pull request #568 from stpierre/skip-keyring-cephx-disabled
Skip keyring tasks when cephx is disabled
2016-02-27 00:40:58 +01:00