Commit Graph

48 Commits (cb35cac92662de35d2dafe8c103996d750d76778)

Author SHA1 Message Date
Guillaume Abrioux 40b7747af7 remove jewel support
As of now, we should no longer support Jewel in ceph-ansible.
The latest ceph-ansible release supporting Jewel is `stable-3.1`.

Signed-off-by: Guillaume Abrioux <gabrioux@redhat.com>
2018-10-12 23:38:17 +00:00
Guillaume Abrioux f8a7ffb085 infra: add firewall configuration for containerized deployment
firewalld is available on atomic so there is no reason to not apply
firewall configuration.

Signed-off-by: Guillaume Abrioux <gabrioux@redhat.com>
2018-10-10 15:44:33 +00:00
Sébastien Han 82ec5a29f2 site: use default value for 'cluster' variable
If someone's cluster name is 'ceph' then the playbook will fail (with no
errors because of ignore_errors) saying it can not find the variable. So
let's declare the default. If the cluster name is different then it'll
be in group_vars and thus there won't be any failre.

Closes: https://bugzilla.redhat.com/show_bug.cgi?id=1636962
Signed-off-by: Sébastien Han <seb@redhat.com>
2018-10-08 20:31:32 +00:00
Sébastien Han 4db6a213f7 add ceph-handler role
The role contains all the handlers for Ceph services. We decided to
leave ceph-defaults role with variables and a few facts only. This is
useful when organizing the site.yml files and also adding the known
variables to infrastructure-playbooks.

Signed-off-by: Sébastien Han <seb@redhat.com>
2018-09-28 15:15:49 +00:00
Guillaume Abrioux 98c210d757 site-docker: fix undefined variable error
`mon_group_name` isn't defined here, we must hardcode it.

Typical error:

```
The task includes an option with an undefined variable. The error was: 'mon_group_name' is undefined
```

Signed-off-by: Guillaume Abrioux <gabrioux@redhat.com>
2018-09-18 07:27:41 +00:00
Sébastien Han ae5ebeeb00 sites: fix conditonnal
Same problem again... ceph_release_num[ceph_release] is only set in
ceph-docker-common/common roles so putting the condition on that role
will never work. Removing the condition.

The downside of this is we will be installing packages and then skip the
role on the node.

Closes: https://bugzilla.redhat.com/show_bug.cgi?id=1622210
Signed-off-by: Sébastien Han <seb@redhat.com>
2018-08-27 22:11:15 +02:00
Sébastien Han 30cfeb5427 site-docker.yml: remove useless condition
If we play site-docker.yml, we are already in a
containerized_deployment. So the condition is not needed.

Signed-off-by: Sébastien Han <seb@redhat.com>
2018-08-23 16:13:54 +02:00
Sébastien Han 77a3a682f3 iscsi group name preserve backward compatibility
Recently we renamed the group_name for iscsi iscsigws where previously
it was named iscsi-gws. Existing deployments with a host file section
with iscsi-gws must continue to work.

This commit adds the old group name as a backoward compatility, no error
from Ansible should be expected, if the hostgroup is not found nothing
is played.

Close: https://bugzilla.redhat.com/show_bug.cgi?id=1619167
Signed-off-by: Sébastien Han <seb@redhat.com>
2018-08-20 23:52:19 +02:00
Sébastien Han b334cdcbe5 restapi: disable it when ceph version > luminous
ceph-rest-api binary has been removed in mimic so we cannot deploy it
anymore. We just keep the role and the compability for existing users.

Signed-off-by: Sébastien Han <seb@redhat.com>
2018-07-30 13:18:30 +00:00
Sébastien Han 1f341e69d1 site: report ceph -s status at the end of the deployment
We now show the output of 'ceph -s'. Example output below:

TASK [display post install message] **********************************************************************************************************************************************************************************************************
ok: [localhost] => {
    "msg": [
        "  cluster:",
        "    id:     753212df-f32a-4cc9-a097-2db6fe89a251",
        "    health: HEALTH_OK",
        " ",
        "  services:",
        "    mon: 1 daemons, quorum ceph-nano-lul-faa32aebf00b",
        "    mgr: ceph-nano-lul-faa32aebf00b(active)",
        "    osd: 1 osds: 1 up, 1 in",
        " ",
        "  data:",
        "    pools:   4 pools, 32 pgs",
        "    objects: 224 objects, 2546 bytes",
        "    usage:   1027 MB used, 9212 MB / 10240 MB avail",
        "    pgs:     32 active+clean",
        " "
    ]
}

Closes: https://bugzilla.redhat.com/show_bug.cgi?id=1602910
Signed-off-by: Sébastien Han <seb@redhat.com>
2018-07-27 14:49:42 +00:00
Guillaume Abrioux a1ca2c8fd3 iscsigw: do not run common roles when deploying jewel
Let's not deploy common roles when iscsigw nodes for jewel deployment.

Signed-off-by: Guillaume Abrioux <gabrioux@redhat.com>
2018-07-26 18:47:10 +00:00
Sébastien Han 20c8065e48 ceph-iscsi: rename group iscsi_gws
Let's try to avoid using dashes as testinfra needs to be able to read
the groups.
Typically, with iscsi-gws we can't add a marker for these iscsi nodes,
using an underscore fixes the issue.

Signed-off-by: Sébastien Han <seb@redhat.com>
2018-06-08 10:21:54 +02:00
Sébastien Han fdeee9eb19 site-docker: add iscsi role
Signed-off-by: Sébastien Han <seb@redhat.com>
2018-06-08 10:21:54 +02:00
Guillaume Abrioux 828848017c playbook: follow up on #2553
Since we fixed the `gather and delegate facts` task, this exception is
not needed anymore. It's a leftover that should be removed to save some
time when deploying a cluster with a large client number.

Signed-off-by: Guillaume Abrioux <gabrioux@redhat.com>
2018-05-24 10:09:01 -07:00
Andrew Schoen c65ea7e9d7 site-docker: validate config before pulling container images
Signed-off-by: Andrew Schoen <aschoen@redhat.com>
2018-05-18 17:58:24 +02:00
Andrew Schoen 62d6f2d84a site-docker.yml: add config validation play
Signed-off-by: Andrew Schoen <aschoen@redhat.com>
2018-05-18 17:58:24 +02:00
Guillaume Abrioux 75733daf23 playbook: improve facts gathering
there is no need to gather facts with O(N^2) way.
Only one node should gather facts from other node.

Fixes: #2553

Signed-off-by: Guillaume Abrioux <gabrioux@redhat.com>
2018-05-04 14:28:19 +02:00
Guillaume Abrioux ac41efd3c2 site: make it more readable
These conditions introduced by d981c6bd2 were insane.
This should be a bit easier to read.

Signed-off-by: Guillaume Abrioux <gabrioux@redhat.com>
2018-04-14 00:37:41 +02:00
Guillaume Abrioux d981c6bd20 site-docker: followup on #2487
get a non empty array as default value for `groups.get('clients')`,
otherwise `| first` filter will complain because it can't work with
empty array.

Signed-off-by: Guillaume Abrioux <gabrioux@redhat.com>
2018-04-05 11:18:53 +02:00
Guillaume Abrioux 9d3517c670 container: play docker-common only on first client node
This commit aims to set the default behavior to play
`ceph-docker-common` only on first node in clients group.

Currently, we play docker-common to pull container image so we can run
ceph commands in order to generate keys or create pools.
On a cluster with a large number of client nodes this can be time consuming
to proceed this way. An alternative would be to pull container image
only a first node and then copy keys on other nodes.

Signed-off-by: Guillaume Abrioux <gabrioux@redhat.com>
2018-04-04 10:51:17 +02:00
Guillaume Abrioux 5b73be254d do not delegate facts on client nodes
This commit is a workaround for
https://bugzilla.redhat.com/show_bug.cgi?id=1550977

We iterate over all nodes on each node and we delegate the facts gathering.
This is high memory consuming when having a large number of nodes in the
inventory.
That way of gathering is not necessary for clients node so we can simply
gather local facts for these nodes.

Signed-off-by: Guillaume Abrioux <gabrioux@redhat.com>
2018-04-04 09:23:03 +02:00
Sébastien Han f2e0ceed78 add support for installation checkpoint
This was taken from the openshift ansible repository here:
https://github.com/leseb/openshift-ansible/tree/master/roles/installer_checkpoint

Rationale:

A complete OpenShift cluster installation is comprised of many different
components which can take 30 minutes to several hours to complete. If
the installation should fail, it could be confusing to understand at
which component the failure occurred. Additionally, it may be desired to
re-run only the component which failed instead of starting over from the
beginning. Components which came after the failed component would also
need to be run individually.

Ceph has a similar situation so we can benefit from that
callback_plugin.

Signed-off-by: Sébastien Han <seb@redhat.com>
2018-03-06 15:21:40 +00:00
Paul Bourke 463b5c6b22 Remove redundant task to check if atomic
This fact is already set in site-docker.yml so there's no need to check
it again in ceph-docker-common

Signed-off-by: Paul Bourke <paul.bourke@oracle.com>
2018-02-19 10:10:46 +01:00
Sébastien Han ff90661033 site: ability to only generate a ceph.conf on the machines
Now by running the playbook like this:

ansible-playbook site.yml --tags='ceph_update_config'

You can only generate a ceph configuration file on the nodes.

Closes: https://bugzilla.redhat.com/show_bug.cgi?id=1543434
Signed-off-by: Sébastien Han <seb@redhat.com>
2018-02-09 14:07:58 +01:00
Sébastien Han c315f81dfe site-docker: ability to disable fact sharing
When deploying with Ansible at large scale, the delegate_facts method
consumes a lot of memory on the host that is running Ansible. This can
cause various issues like memory exhaustion on that machine.
You can now run Ansible with "-e delegate_facts_host=False" to disable
the fact sharing.

Signed-off-by: Sébastien Han <seb@redhat.com>
2017-12-19 17:22:11 +01:00
Sébastien Han b34a04ea41 site-docker.yml try to fetch images in //
The container deployment is serialized, adding this task as a best
effort. If docker is already present we pull the image otherwise we wait
for the role to play.

Signed-off-by: Sébastien Han <seb@redhat.com>
2017-10-13 11:24:40 +02:00
Major Hayden c01851325e
Remove jinja2 delimiters from `when` keys
This patch changes the `when:` keys so that they have no jinja2
delimiters. This avoids Ansible warnings which could turn into
errors in a future Ansible release.
2017-10-12 11:27:42 -05:00
Sébastien Han b47c4fd1a0 site: always play ceph-defaults and ceph-docker-common
So we can later evaluate the conditions.
Also fix the variable, we are comparing ceph_release not
ceph_stable_release

Closes: https://bugzilla.redhat.com/show_bug.cgi?id=1486062
Signed-off-by: Sébastien Han <seb@redhat.com>
2017-10-03 15:22:39 +02:00
Sébastien Han ca76c46981 site: only support nfs on luminous and above
Signed-off-by: Sébastien Han <seb@redhat.com>
2017-09-29 02:38:24 +02:00
Sébastien Han b869a7aea5 site: s/ceph_stable_release/ceph_release
Fix typo, ceph_release is used, not ceph_stable_release

Signed-off-by: Sébastien Han <seb@redhat.com>
2017-09-29 02:18:35 +02:00
Sébastien Han 273d26bcd5 site: fix condition
we don't know ceph_stable_release before executing the role so at least
we need to run ceph-defaults and ceph-docker-common or
ceph-common.

Closes: https://bugzilla.redhat.com/show_bug.cgi?id=1486062
Signed-off-by: Sébastien Han <seb@redhat.com>
2017-09-29 01:39:06 +02:00
Sébastien Han d5bfc6f85d mgr: always bootstrap mgr right after the mon
If we don't bootstrap the mgr after the mon and the osds handler are
called, we will never be able to reach a clean state since the pgs
stats are handled by the mgr. This also happens when doing daemon
collocation.

Closes: https://bugzilla.redhat.com/show_bug.cgi?id=1493920
Signed-off-by: Sébastien Han <seb@redhat.com>
2017-09-22 17:26:28 +02:00
Sébastien Han 85d73e3be2 client: ability to create keys and pool with no cpeh binaries
On a container env, machines don't have any ceph binaries so we need to
use a container to run the commands.

Signed-off-by: Sébastien Han <seb@redhat.com>
2017-09-18 14:41:52 +02:00
Sébastien Han 7054615551 ci: deploy rbd mirror
Deploy rbd mirorr in cluster scenario

Signed-off-by: Sébastien Han <seb@redhat.com>
2017-09-09 01:17:10 +02:00
Sébastien Han b7db600caa switch-from-non-containerized-to-containerized: mask unit files
We must mask the image so we are sure that even if the system reboots
then the OSDs won't start.

Also remove Ceph udev rules if found on the system prior to deploy
containers. If we don't do this we are exposed to conflicts between udev
rules and sytemd unit files.

Also add the CI will now test the migration from a non-containerized cluster to a
containerized cluster.

Signed-off-by: Sébastien Han <seb@redhat.com>
2017-09-05 15:20:31 +02:00
Sébastien Han 0de8f534f1 site-docker.yml.sample: delegate facts
Now we can use --limit on the container deployment too. This is useful
while deploying client nodes.
e.g: ansible-playbook -i inventory -l clients site-docker.yml.sample

Signed-off-by: Sébastien Han <seb@redhat.com>
2017-08-30 10:52:34 +02:00
Guillaume Abrioux 539197a2fc Introduce new role ceph-config.
This will give us more flexibility and the possibility to deploy a client node
for an external ceph-cluster.

related BZ:
https://bugzilla.redhat.com/show_bug.cgi?id=1469426

Fixes: #1670

Signed-off-by: Guillaume Abrioux <gabrioux@redhat.com>
2017-08-24 11:33:03 +02:00
Guillaume Abrioux 5adbf0fdaa Move role dependencies in site.yml/site-docker.yml
This will give us more flexibility and avoid a lot of useless when
skipping all tasks from a non-desired role.

Signed-off-by: Guillaume Abrioux <gabrioux@redhat.com>
2017-08-02 17:12:14 +02:00
Sébastien Han 108503da96 site: docker add client role
Signed-off-by: Sébastien Han <seb@redhat.com>
2017-07-07 17:01:58 +02:00
Guillaume Abrioux 48bd807508 Common: Do not install ceph-mgr packages on jewel
ceph-mgr tasks has to be skipped on jewel.

Fix: #1494

Signed-off-by: Guillaume Abrioux <gabrioux@redhat.com>
2017-05-04 18:38:59 +02:00
Sébastien Han dfd8f4d96e test: add mgr section to the host inventory file
Without this, we don't test the mgr role so we need to add it.

Co-Authored-by: Guillaume Abrioux <gabrioux@redhat.com>
Signed-off-by: Sébastien Han <seb@redhat.com>
2017-04-15 00:16:10 +02:00
Sébastien Han 2aa5286544 mgr: add new role for ceph-mgr
The Ceph Manager daemon (ceph-mgr) runs alongside monitor daemons, to
provide additional monitoring and interfaces to external monitoring and
management systems.

Only works as of the Kraken release.

Co-Authored-By: Guillaume Abrioux <gabrioux@redhat.com>
Signed-off-by: Sébastien Han <seb@redhat.com>
2017-04-10 15:13:09 +02:00
Leseb 96f7f8b74e Merge pull request #947 from font/cephconf
Restrict fact gathering to mons and update ceph.conf
2016-08-23 12:01:16 +02:00
Ivan Font 8a5cbdb724 Add ceph-rbd-mirror role to containerized sample playbook
Signed-off-by: Ivan Font <ivan.font@redhat.com>
2016-08-22 11:23:48 -07:00
Ivan Font ef4d0a39f2 Restrict fact gathering to mons and update ceph.conf
- Gather facts only for mons before processing ceph-mon role serially in
  containerized playbook sample
- Updated ceph.conf in order to generate a valid ceph.conf

Signed-off-by: Ivan Font <ivan.font@redhat.com>
2016-08-22 10:42:27 -07:00
Sébastien Han 69cad8ecc1 docker: gather all the fact
If we don't do this we won't be able to get the ip address of the docker
interface.

Signed-off-by: Sébastien Han <seb@redhat.com>
2016-08-22 10:35:24 +02:00
Daniel Gryniewicz 4c2a433acb Add support for Ceph NFS Gateway
Ceph has the ability to export it's filesystem via NFS using Ganesha.
Add a ceph-nfs role that will start Ganesha and export the Ceph
filesystems.

Note that, although support is going in to export RGW via NFS, this is
not working yet.

Signed-off-by: Daniel Gryniewicz <dang@redhat.com>
2016-06-22 13:29:11 -04:00
Sébastien Han fa610cabf7 ceph-ansible: allow to run containerized daemons
run containerized daemons in virtual machines.
to enable it simply do:

`cp site-docker.yml.sample site-docker.yml`

and set `docker: true` in `vagrant_variables.yml`

Signed-off-by: Sébastien Han <seb@redhat.com>
2016-02-07 22:30:32 +01:00