Commit Graph

24 Commits (564a662baf10b9085a6da8c9152400914e310d15)

Author SHA1 Message Date
Guillaume Abrioux dd0c98c5a2 common: do not use `shell` module when it is not needed
There is no need here to use `shell` instead of `command`

Signed-off-by: Guillaume Abrioux <gabrioux@redhat.com>
2018-01-31 10:45:34 +01:00
Guillaume Abrioux deaf273b25 syntax: change local_action syntax
Use a nicer syntax for `local_action` tasks.
We used to have oneliner like this:
```
local_action: wait_for port=22 host={{ hostvars[inventory_hostname]['ansible_default_ipv4']['address'] }} state=started delay=10 timeout=500 }}
```

The usual syntax:
```
    local_action:
      module: wait_for
      port: 22
      host: "{{ hostvars[inventory_hostname]['ansible_default_ipv4']['address'] }}"
      state: started
      delay: 10
      timeout: 500
```
is nicer and kind of way to keep consistency regarding the whole
playbook.

This also fix a potential issue about missing quotation :

```
Traceback (most recent call last):
  File "/tmp/ansible_wQtWsi/ansible_module_command.py", line 213, in <module>
    main()
  File "/tmp/ansible_wQtWsi/ansible_module_command.py", line 185, in main
    rc, out, err = module.run_command(args, executable=executable, use_unsafe_shell=shell, encoding=None, data=stdin)
  File "/tmp/ansible_wQtWsi/ansible_modlib.zip/ansible/module_utils/basic.py", line 2710, in run_command
  File "/usr/lib64/python2.7/shlex.py", line 279, in split
    return list(lex)                                                                                                                                                                                                                                                                                                            File "/usr/lib64/python2.7/shlex.py", line 269, in next
    token = self.get_token()
  File "/usr/lib64/python2.7/shlex.py", line 96, in get_token
    raw = self.read_token()
  File "/usr/lib64/python2.7/shlex.py", line 172, in read_token
    raise ValueError, "No closing quotation"
ValueError: No closing quotation
```

writing `local_action: shell echo {{ fsid }} | tee {{ fetch_directory }}/ceph_cluster_uuid.conf`
can cause trouble because it's complaining with missing quotes, this fix solves this issue.

Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1510555

Signed-off-by: Guillaume Abrioux <gabrioux@redhat.com>
2018-01-31 10:45:34 +01:00
Major Hayden f73232caa4
Use check_mode instead of always_run
This patch changes the `always_run: yes` task option to
`check_mode: no` to avoid Ansible warnings.
2017-10-25 09:53:34 -05:00
Major Hayden c2b5118c1b
Revert "Avoid deprecated always_run"
This reverts commit 620fb37dd4.
2017-10-25 09:48:09 -05:00
Major Hayden 620fb37dd4
Avoid deprecated always_run
The `always_run` key is deprecated and being removed in Ansible 2.4.
Using it causes a warning to be displayed:

    [DEPRECATION WARNING]: always_run is deprecated.

This patch changes all instances of `always_run` to use the `always`
tag, which causes the task to run each time the playbook runs.
2017-10-12 08:29:44 -05:00
Shengjing Zhu 93a8b69a57 fix check nmapexist on debian
command is a shell-buitin, so `command -v nmap` must use shell module

Signed-off-by: Shengjing Zhu <zsj950618@gmail.com>
2016-12-28 16:21:23 +08:00
Daniel Marks c561d2635e Better --check compatibility for ceph-common role
Carefully chosen "always_run: true" parameters for read-only tasks that
register variables. This enables --check runs (at least on deployed
clusters).
2016-11-26 20:39:12 +01:00
Daniel Gryniewicz 71e7aa348e Only check ports if NMAP exists
Signed-off-by: Daniel Gryniewicz <dang@redhat.com>
2016-07-13 13:17:49 -04:00
Daniel Gryniewicz 4c2a433acb Add support for Ceph NFS Gateway
Ceph has the ability to export it's filesystem via NFS using Ganesha.
Add a ceph-nfs role that will start Ganesha and export the Ceph
filesystems.

Note that, although support is going in to export RGW via NFS, this is
not working yet.

Signed-off-by: Daniel Gryniewicz <dang@redhat.com>
2016-06-22 13:29:11 -04:00
Matthew Rees 38355f5fa7 Fix typo for ceph monitor port 2016-06-07 16:50:43 +02:00
Matthew Rees 05f5771726 Clean up checks and with_item loops that are no longer needed due to
other fixes in this PR
2016-06-07 16:27:07 +02:00
Matthew Rees f274e142e7 Fix for nmap arguments and grep matching, as well as only running
local_actions once
2016-06-07 13:48:07 +02:00
Matthew Rees 211ba4a3de Fix to reference the monitor_address variable correctly in hostvars 2016-06-06 16:29:59 +02:00
Matthew Rees 9d8ffa5bda Add fix for those who are using monitor_address 2016-06-06 15:57:51 +02:00
Matthew Rees de855fe18a Use the command module in place of the shell module 2016-06-06 15:10:14 +02:00
Matthew Rees 9bb8c85baf Various fixes for check_firewall task:
- Check for nmap being available was not running as a local_action, when the checks using nmap were
- Various fixes on Ansible 2.x now that the above is working
2016-06-06 15:10:14 +02:00
Sam Yaple 069c93a238 Unify formatting of when conditional
This is purely a refactor. Converts when 'and' conditionals into lists
rather than multiline strings. This does not work for nested
conditionals, but those can be formated with indents.

Moves one line when statements onto the same line as the when command
itself.

A small logic bug was found in ceph-osd/tasks/check_devices.yml which
which was also fixed.

Signed-off-by: Sam Yaple <sam@yaple.net>
2016-05-09 14:08:33 +00:00
runsisi a2d1d99ec3 ceph-common: use variable rgw_group_name instead of hard coded group
name 'rgws' when checking rgw port.

Signed-off-by: runsisi <runsisi@hust.edu.cn>
2016-03-28 18:59:09 +08:00
Sébastien Han 1ebb4de7f3 rollback previous change for ceph-common change
changing the name of the directory causes issues with git subtree which
will create new commits. Creating a symlink for vagrant to be happy.

Signed-off-by: Sébastien Han <seb@redhat.com>
2016-03-02 18:44:36 +01:00
Sébastien Han d2359c1445 wip: galaxy roles dependencies
in order to have a build on the galaxy we need to have a proper
dependency set for ceph-common. On the galaxy ceph-common does not
exist, only ceph.ceph-common is available.

Signed-off-by: Sébastien Han <seb@redhat.com>
2016-03-02 13:52:56 +01:00
Chris St. Pierre 53af359c65 Improve firewall checks
The firewall checks can fail for any number of reasons -- e.g., the
ceph cluster hostnames are unresolvable from the ansible host, or the
ports are filtered by some intermediate hop, etc. Make two changes to
make those checks better:

* Set pipefail when running the checks, so if nmap itself fails the
  command will be marked as 'failed'. Specifically, this fixes the
  case where the hostnames cannot be resolved.
* Add a new variable, check_firewall, which can be used to disable
  checks entirely. Specifically, this fixes the case where some
  intermediate firewall filters the ports, so nmap returns "filtered".
2016-02-23 11:38:25 -06:00
Sébastien Han 789834f847 Do not make nmap mandatory
We can not force people to have nmap installed so instead we raise a
warning is not present.

Signed-off-by: Sébastien Han <seb@redhat.com>
2016-01-10 17:22:17 +01:00
Sébastien Han 0a576bebf9 Fix firewall check
Use command module instead of shell since we do not do anything fancy
here. Remove the duplicate register.

Signed-off-by: Sébastien Han <seb@redhat.com>
2016-01-10 16:52:37 +01:00
Sébastien Han 9209f50868 Check for blocked ports
As raised in #466 it is important in order to avoid unnecessary
troubleshooting to check that ceph ports are allowed on the platform.
The check runs a nmap command from the host running Ansible
to all the ceph nodes with their respective ports.

Signed-off-by: Sébastien Han <seb@redhat.com>
2016-01-08 18:57:13 +01:00