Commit Graph

19 Commits (872d1008d37de98cdb3b27636ec7f54c6bf2462f)

Author SHA1 Message Date
Shengjing Zhu 93a8b69a57 fix check nmapexist on debian
command is a shell-buitin, so `command -v nmap` must use shell module

Signed-off-by: Shengjing Zhu <zsj950618@gmail.com>
2016-12-28 16:21:23 +08:00
Daniel Marks c561d2635e Better --check compatibility for ceph-common role
Carefully chosen "always_run: true" parameters for read-only tasks that
register variables. This enables --check runs (at least on deployed
clusters).
2016-11-26 20:39:12 +01:00
Daniel Gryniewicz 71e7aa348e Only check ports if NMAP exists
Signed-off-by: Daniel Gryniewicz <dang@redhat.com>
2016-07-13 13:17:49 -04:00
Daniel Gryniewicz 4c2a433acb Add support for Ceph NFS Gateway
Ceph has the ability to export it's filesystem via NFS using Ganesha.
Add a ceph-nfs role that will start Ganesha and export the Ceph
filesystems.

Note that, although support is going in to export RGW via NFS, this is
not working yet.

Signed-off-by: Daniel Gryniewicz <dang@redhat.com>
2016-06-22 13:29:11 -04:00
Matthew Rees 38355f5fa7 Fix typo for ceph monitor port 2016-06-07 16:50:43 +02:00
Matthew Rees 05f5771726 Clean up checks and with_item loops that are no longer needed due to
other fixes in this PR
2016-06-07 16:27:07 +02:00
Matthew Rees f274e142e7 Fix for nmap arguments and grep matching, as well as only running
local_actions once
2016-06-07 13:48:07 +02:00
Matthew Rees 211ba4a3de Fix to reference the monitor_address variable correctly in hostvars 2016-06-06 16:29:59 +02:00
Matthew Rees 9d8ffa5bda Add fix for those who are using monitor_address 2016-06-06 15:57:51 +02:00
Matthew Rees de855fe18a Use the command module in place of the shell module 2016-06-06 15:10:14 +02:00
Matthew Rees 9bb8c85baf Various fixes for check_firewall task:
- Check for nmap being available was not running as a local_action, when the checks using nmap were
- Various fixes on Ansible 2.x now that the above is working
2016-06-06 15:10:14 +02:00
Sam Yaple 069c93a238 Unify formatting of when conditional
This is purely a refactor. Converts when 'and' conditionals into lists
rather than multiline strings. This does not work for nested
conditionals, but those can be formated with indents.

Moves one line when statements onto the same line as the when command
itself.

A small logic bug was found in ceph-osd/tasks/check_devices.yml which
which was also fixed.

Signed-off-by: Sam Yaple <sam@yaple.net>
2016-05-09 14:08:33 +00:00
runsisi a2d1d99ec3 ceph-common: use variable rgw_group_name instead of hard coded group
name 'rgws' when checking rgw port.

Signed-off-by: runsisi <runsisi@hust.edu.cn>
2016-03-28 18:59:09 +08:00
Sébastien Han 1ebb4de7f3 rollback previous change for ceph-common change
changing the name of the directory causes issues with git subtree which
will create new commits. Creating a symlink for vagrant to be happy.

Signed-off-by: Sébastien Han <seb@redhat.com>
2016-03-02 18:44:36 +01:00
Sébastien Han d2359c1445 wip: galaxy roles dependencies
in order to have a build on the galaxy we need to have a proper
dependency set for ceph-common. On the galaxy ceph-common does not
exist, only ceph.ceph-common is available.

Signed-off-by: Sébastien Han <seb@redhat.com>
2016-03-02 13:52:56 +01:00
Chris St. Pierre 53af359c65 Improve firewall checks
The firewall checks can fail for any number of reasons -- e.g., the
ceph cluster hostnames are unresolvable from the ansible host, or the
ports are filtered by some intermediate hop, etc. Make two changes to
make those checks better:

* Set pipefail when running the checks, so if nmap itself fails the
  command will be marked as 'failed'. Specifically, this fixes the
  case where the hostnames cannot be resolved.
* Add a new variable, check_firewall, which can be used to disable
  checks entirely. Specifically, this fixes the case where some
  intermediate firewall filters the ports, so nmap returns "filtered".
2016-02-23 11:38:25 -06:00
Sébastien Han 789834f847 Do not make nmap mandatory
We can not force people to have nmap installed so instead we raise a
warning is not present.

Signed-off-by: Sébastien Han <seb@redhat.com>
2016-01-10 17:22:17 +01:00
Sébastien Han 0a576bebf9 Fix firewall check
Use command module instead of shell since we do not do anything fancy
here. Remove the duplicate register.

Signed-off-by: Sébastien Han <seb@redhat.com>
2016-01-10 16:52:37 +01:00
Sébastien Han 9209f50868 Check for blocked ports
As raised in #466 it is important in order to avoid unnecessary
troubleshooting to check that ceph ports are allowed on the platform.
The check runs a nmap command from the host running Ansible
to all the ceph nodes with their respective ports.

Signed-off-by: Sébastien Han <seb@redhat.com>
2016-01-08 18:57:13 +01:00