Commit Graph

697 Commits (ff3a41330cafbfeee5d9f126eb5da0ae43ba6fed)

Author SHA1 Message Date
Seena Fallah 9737947dde ceph-handler: use haproxy maintenance for rgw restarts
RGW currently restarts without waiting for existing connections to
close. By adjusting the HAProxy weight before the restart, we can
ensure that no active connections are disrupted during the restart
process.

Signed-off-by: Seena Fallah <seenafallah@gmail.com>
(cherry picked from commit 4fa9057a3e)
2024-06-27 14:41:39 +02:00
Guillaume Abrioux 438da91b32 Revert "nfs-ganesha support removal"
This reverts commit 675667e1d6.

Signed-off-by: Guillaume Abrioux <gabrioux@ibm.com>
(cherry picked from commit 59198f5bcd)
2024-06-20 14:22:40 +02:00
Seena Fallah 2485f9f7d5 ceph-container: use ceph user and group
Use --setuser and --setgroup to ceph to run daemons with ceph user.

Signed-off-by: Seena Fallah <seenafallah@gmail.com>
(cherry picked from commit 7016c6df3c)
2024-05-17 13:16:50 +02:00
Seena Fallah 5c0b69af98 ceph-container: keep run dir permission consistent
Make it the same as "Create ceph initial directories" task
and make owner and group 167 for containers so they can write
with ceph user.

Signed-off-by: Seena Fallah <seenafallah@gmail.com>
(cherry picked from commit 65c84a3583)
2024-05-17 13:16:50 +02:00
Seena Fallah faae48d75b ceph-rgw: introduce rgw zone to the name schema
This is needed by ceph-exporter as it is parsing the socket by the number of dots.
Although the rgw_zone variable is only using for constructing the client name
and has nothing to do with multisiting.

Signed-off-by: Seena Fallah <seenafallah@gmail.com>
(cherry picked from commit 1121e6d98a)
2024-05-17 00:42:49 +02:00
Guillaume Abrioux ecea562d1c nfs-ganesha support removal
nfs-ganesha support will be implemented in a separate playbook.

Signed-off-by: Guillaume Abrioux <gabrioux@ibm.com>
(cherry picked from commit 675667e1d6)
2024-03-22 17:32:50 +01:00
Seena Fallah 1b58c3ebac ceph-osd: introduce ec profile creation
RGW Pools can now use the existing ec profiles and rules created by ceph-osd role.

Signed-off-by: Seena Fallah <seenafallah@gmail.com>
(cherry picked from commit bbc1ba5c05)
2024-03-17 00:44:45 +01:00
Guillaume Abrioux 6becd71bfb osd: drop openstack related tasks
All of this should be addressed in custom separate playbooks if needed.

Signed-off-by: Guillaume Abrioux <gabrioux@ibm.com>
(cherry picked from commit 9c467e41b3)
2024-03-16 00:51:52 +01:00
Guillaume Abrioux a41c76f4fe group_vars: resync samples with default values
2b72ea991d and
c8eeae243e have missed the resync.

This addresses that.

Signed-off-by: Guillaume Abrioux <gabrioux@ibm.com>
2024-03-16 00:51:52 +01:00
Guillaume Abrioux 82478091d9 simplify monitor address setting
this drops the following parameters:

- monitor_address_block
- monitor_interface
- monitor_address

The monitor address will be automatically set from `public_network` parameter.

Signed-off-by: Guillaume Abrioux <gabrioux@ibm.com>
2024-03-16 00:51:52 +01:00
Guillaume Abrioux f221efde41 fix upgrade
Signed-off-by: Guillaume Abrioux <gabrioux@ibm.com>
2024-03-16 00:51:52 +01:00
Seena Fallah 2bb96c50b1 ceph-exporter: add installation role
Signed-off-by: Seena Fallah <seenafallah@gmail.com>
2024-03-07 21:03:33 +01:00
Seena Fallah e284a062a0 systemd: export params as a varaible
This can help to have extra params or modify the existing ones via group vars.

Signed-off-by: Seena Fallah <seenafallah@gmail.com>
2024-03-07 21:03:33 +01:00
Seena Fallah d197bcdc2d ceph-volume: disable dmcrypt by default
regression by dcdb1710cbaf7946cf8161b4395697d4898680d3

Signed-off-by: Seena Fallah <seenafallah@gmail.com>
2024-03-07 21:03:33 +01:00
Seena Fallah 71c5e6a816 container: cleanup container systemd units
* Make common params of container args in a var to avoid duplication
* The /var/lib/ceph/crash mount was missing after 637ca81c9c
* Add CEPH_USE_RANDOM_NONCE as it's needed when running inside container (can be removed for squid later)
* Add NODE_NAME as some part of ceph code relies on this var
* add default logging opts for

Signed-off-by: Seena Fallah <seenafallah@gmail.com>
2024-03-07 21:03:33 +01:00
Seena Fallah d81b633c7a refactor: remove multisite leftovers
Signed-off-by: Seena Fallah <seenafallah@gmail.com>
2024-03-07 21:03:33 +01:00
Seena Fallah a7b08fa146 ceph-config: introduce dedicated cluster config flow
Signed-off-by: Seena Fallah <seenafallah@gmail.com>
2024-03-07 21:03:33 +01:00
Guillaume Abrioux 39bb3714c0 drop rhcs references
RHCS moved away from ceph-ansible. All RHCS references should be
removed.

Signed-off-by: Guillaume Abrioux <gabrioux@ibm.com>
2024-03-07 21:03:33 +01:00
Guillaume Abrioux dc75923367 drop iscsigw support
This service is no longer maintained.
Let's drop its support within ceph-ansible.

Signed-off-by: Guillaume Abrioux <gabrioux@ibm.com>
2024-03-07 21:03:33 +01:00
Guillaume Abrioux 05c4d17d9a address Ansible linter errors
This addresses all errors reported by the Ansible linter.

Signed-off-by: Guillaume Abrioux <gabrioux@ibm.com>
2024-03-07 21:03:32 +01:00
Guillaume Abrioux 80ed44c2cb drop rgw multisite deployment support
The current approach is extremely complex and introduced a lot
of spaghetti code. This doesn't offer a good user experience at all.

It's time to think to another approach (dedicated playbook) and drop
the current implementation in order to clean up the code.

Signed-off-by: Guillaume Abrioux <gabrioux@ibm.com>
2024-03-07 21:02:35 +01:00
Guillaume Abrioux 14b4abf7c0 migrate from ceph.conf to ceph config
keep the ceph.conf very simple.
manage the common options such as `public_network` with `ceph_config`
module.

Signed-off-by: Guillaume Abrioux <gabrioux@ibm.com>
2024-02-14 09:54:13 +01:00
Guillaume Abrioux 42f6bdb849 tests: updates functional tests with new image
let's use quay.io/ceph/daemon-base in every tests instead of
`ceph/daemon` since it's not supposed to be built anymore soon.

Signed-off-by: Guillaume Abrioux <gabrioux@ibm.com>
2023-06-02 14:22:20 +02:00
Guillaume Abrioux 896d82877f osd: drop filestore support
filestore objectstore will be gone in the next Ceph release.the
This drops the filestore support in ceph-ansible.

Signed-off-by: Guillaume Abrioux <gabrioux@redhat.com>
2023-05-31 23:07:13 +02:00
Lorenz Bausch 2f5e21b631 mgr: fix a typo
This commit fixes a typo in `roles/ceph-mgr/defaults/main.yml`
(s/mpdules/modules)

Signed-off-by: Lorenz Bausch <info@lorenzbausch.de>
2023-03-15 16:14:44 +01:00
Guillaume Abrioux 15b91cef90 osd: drop filestore support
filestore is about to be removed. This commit removes the filestore
support in ceph-ansible.

Signed-off-by: Guillaume Abrioux <gabrioux@redhat.com>
2023-03-03 15:00:29 +01:00
Guillaume Abrioux 371592a8fb common: v18/reef kickoff
align with ceph/ceph/pull/47458 since it has been merged.

Signed-off-by: Guillaume Abrioux <gabrioux@redhat.com>
2022-10-07 16:39:56 +02:00
Teoman ONAY 0c50bfac98 Set ceph_rbd_mirror_pool default value
Signed-off-by: Teoman ONAY <tonay@redhat.com>
2022-08-02 10:35:33 +02:00
Guillaume Abrioux b74ff6e22c rbd-mirror: major refactor
- Use config-key store to add cluster peer.
- Support multiple pools mirroring.

Signed-off-by: Guillaume Abrioux <gabrioux@redhat.com>
2022-07-29 17:33:25 +02:00
Guillaume Abrioux 8a5628b516 config/osd: various fixes
- sets `osd_memory_target` per osd host.
- ceph.conf refactor (osd)

Closes: https://bugzilla.redhat.com/show_bug.cgi?id=2056675

Signed-off-by: Guillaume Abrioux <gabrioux@redhat.com>
2022-07-11 13:57:32 +02:00
Guillaume Abrioux 19fedfbac5 nfs: use repo from SIG
RPMs for nfs-ganesha aren't hosted anymore at https://download.ceph.com

Signed-off-by: Guillaume Abrioux <gabrioux@redhat.com>
2022-06-22 01:17:20 +02:00
David Galloway bcedff95bd master->main
Signed-off-by: David Galloway <dgallowa@redhat.com>
2022-05-30 15:15:15 +02:00
Guillaume Abrioux c1649862a9 common: move to `ansible.utils.ipwrap`
ipwrap has moved to ansible.utils

see
db4920ebf6

Signed-off-by: Guillaume Abrioux <gabrioux@redhat.com>
2022-05-12 22:51:31 +02:00
Guillaume Abrioux 266b6e739c adopt: fix node labelling
When using group of group, the playbook will apply undesired
labels on nodes.
This commit fixes it by applying only the expected labels.

Closes: https://bugzilla.redhat.com/show_bug.cgi?id=2057528

Signed-off-by: Guillaume Abrioux <gabrioux@redhat.com>
2022-03-03 15:52:00 +01:00
Teoman ONAY da42f3d139 Enable user to change the account used for ssh connection
By default cephadm uses root account to connect remotely
to other nodes in the cluster. This change allows to choose
another account.
This commit also allows to use a dedicated subnet for cephadm mgmt.

Signed-off-by: Teoman ONAY <tonay@redhat.com>
2022-03-03 15:52:00 +01:00
Guillaume Abrioux c491e67486 nfs-ganesha: fix debian based OS deployments
Let's use ppa repositories in order to deploy nfs-ganesha on Debian based OS.

Fixes: #7031

Signed-off-by: Guillaume Abrioux <gabrioux@redhat.com>
2022-01-19 13:42:10 +01:00
Danny Webb 189ff93372 make grafana network a configurable option
Signed-off-by: Danny Webb <danny.webb@thehutgroup.com>
2021-12-02 08:53:58 +01:00
Seena Fallah fb99626987 ceph-defaults: set ceph_stable_release default to the stable branch release
ceph_stable_release is a legacy from the time where a single branch of ceph-ansible supported more than one release of ceph

Signed-off-by: Seena Fallah <seenafallah@gmail.com>
2021-09-30 16:13:55 +02:00
Alex Lambert a9680ab17f dashboard: allow disabling of unused features
Unconfigured dashboard features can lead to empty tabs in the dashboard
containing no meaningful content. Allow users to disable dashboard features
they know will not be used.

A list of features to be disabled allows the user to define a streamlined
dashboard as standard across deployments. Defaults to disabling no features,
ensuring that users are sure they do not need the dashboard feature before
disabling it.

Signed-off-by: Alex Lambert <lamberta@microsoft.com>
2021-09-29 12:02:16 +02:00
Dimitri Savineau e7b43c1fc6 ceph-defaults: set quay.io as the default registry
Because the ceph container images are now only pushed to the quay.io
registry then this updates the default registry value.
The docker.io registry can still be used but doesn't receive updated
container images.

Signed-off-by: Dimitri Savineau <dsavinea@redhat.com>
2021-09-09 10:56:09 +02:00
Guillaume Abrioux 6802b8dddd iscsi: don't set default value for trusted_ip_list
It restricts access to the iSCSI API.
It can be left empty if the API isn't going to be access from outside the
gateway node

Even though this seems to be a limited use case, it's better to leave it
empty by default than having a meaningless default value.

We could make this variable mandatory but that would be a breaking
change. Let's just add a logic in the template in order to set this
variable in the configuration file only if it was specified by users.

Closes: https://bugzilla.redhat.com/show_bug.cgi?id=1994930

Signed-off-by: Guillaume Abrioux <gabrioux@redhat.com>
Co-authored-by: Dimitri Savineau <dsavinea@redhat.com>
2021-08-19 09:28:08 -04:00
Guillaume Abrioux 7511195738 common: do not log keyring secret
let's not display any keyring secret by default in ansible log.

Closes: https://bugzilla.redhat.com/show_bug.cgi?id=1980744

Signed-off-by: Guillaume Abrioux <gabrioux@redhat.com>
2021-08-11 17:33:34 +02:00
Dimitri Savineau b02cc6931f ceph-defaults: remove radosgw_civetweb_ variables
radosgw_civetweb_xxx variables are legacy variables and users should
have switched to radosgw_frontend_xxx variables instead.

Signed-off-by: Dimitri Savineau <dsavinea@redhat.com>
2021-08-04 09:13:08 +02:00
Dimitri Savineau f0ccf3ebf0 ceph-defaults: add missing grafana dashboards
The radosgw-sync-overview and rbd-details grafana dashboars were missing
from the list.

Closes: #6758

Signed-off-by: Dimitri Savineau <dsavinea@redhat.com>
2021-07-27 10:49:05 -04:00
Dimitri Savineau 9f77b929d1 alertmanager: allow disable dashboard tls verify
When using self-signed/untrusted CA certificates, alertmanager displays
an error in logs. With this commit this should make those messages
disappear.

Closes: https://bugzilla.redhat.com/show_bug.cgi?id=1936299

Co-authored-by: Guillaume Abrioux <gabrioux@redhat.com>

Signed-off-by: Dimitri Savineau <dsavinea@redhat.com>
2021-07-25 02:56:18 +02:00
Dimitri Savineau 9817d29543 ceph-nfs: allow overriding NFS_CORE_PARAM
We already have config override variables for existing block (like
ganesha_ceph_export_overrides, ganesha_log_overrides, etc...) or a
global one (ganesha_conf_overrides) but redefining the NFS_CORE_PARAM
block in that variable will erase all previous values (currently only
Bind_Addr).

ganesha_core_param_overrides: |
        Enable_UDP = false;
        NFS_Port = 2050;

Closes: https://bugzilla.redhat.com/show_bug.cgi?id=1941775

Signed-off-by: Dimitri Savineau <dsavinea@redhat.com>
2021-07-19 18:22:14 +02:00
Guillaume Abrioux 72a0336c71 dashboard: remove "certificate is valid for" error
When deploying dashboard with ssl certificates generated by
ceph-ansible, we enforce the CN to 'ceph-dashboard' which can makes
application such alertmanager complain like following:

`err="Post https://mgr0:8443/api/prometheus_receiver: x509: certificate is valid for ceph-dashboard, not mgr0" context_err="context deadline exceeded"`

The idea here is to add alternative names matching all mgr/mon instances
in the certificate so this error won't appear in logs.

Closes: https://bugzilla.redhat.com/show_bug.cgi?id=1978869

Signed-off-by: Guillaume Abrioux <gabrioux@redhat.com>
2021-07-07 09:38:34 -04:00
Guillaume Abrioux f4f73b6197 dashboard: support dedicated network for the dashboard
This introduces a new variable `dashboard_network` in order to support
deploying the dashboard on a different subnet.

Closes: https://bugzilla.redhat.com/show_bug.cgi?id=1927574

Signed-off-by: Guillaume Abrioux <gabrioux@redhat.com>
2021-07-05 21:34:43 +02:00
Dimitri Savineau 9758e3c513 container: set tcmalloc value by default
All ceph daemons need to have the TCMALLOC_MAX_TOTAL_THREAD_CACHE_BYTES
environment variable set to 128MB by default in container setup.

Closes: https://bugzilla.redhat.com/show_bug.cgi?id=1970913

Signed-off-by: Dimitri Savineau <dsavinea@redhat.com>
2021-06-30 20:30:55 +02:00
Dimitri Savineau a05730b38a rhcs: remove ISO install method
Starting RHCS 5, there's no ISO available anymore.
This removes all ISO variables and the ceph_repository_type variable.

Closes: #6626

Signed-off-by: Dimitri Savineau <dsavinea@redhat.com>
2021-06-30 18:03:03 +02:00