--- - name: set_fact ceph_config_keys set_fact: ceph_config_keys: - /etc/ceph/{{ cluster }}.client.admin.keyring - /etc/ceph/monmap-{{ cluster }} - /etc/ceph/{{ cluster }}.mon.keyring - /var/lib/ceph/bootstrap-osd/{{ cluster }}.keyring - /var/lib/ceph/bootstrap-rgw/{{ cluster }}.keyring - /var/lib/ceph/bootstrap-mds/{{ cluster }}.keyring - name: register rbd bootstrap key set_fact: bootstrap_rbd_keyring: - "/var/lib/ceph/bootstrap-rbd/{{ cluster }}.keyring" when: ceph_release_num[ceph_release] >= ceph_release_num.luminous - name: merge rbd bootstrap key to config and keys paths set_fact: ceph_config_keys: "{{ ceph_config_keys + bootstrap_rbd_keyring }}" when: ceph_release_num[ceph_release] >= ceph_release_num.luminous - name: set_fact tmp_ceph_mgr_keys add mgr keys to config and keys paths set_fact: tmp_ceph_mgr_keys: /etc/ceph/{{ cluster }}.mgr.{{ hostvars[item]['ansible_hostname'] }}.keyring with_items: "{{ groups.get(mgr_group_name, []) }}" register: tmp_ceph_mgr_keys_result when: - groups.get(mgr_group_name, []) | length > 0 - name: set_fact ceph_mgr_keys convert mgr keys to an array set_fact: ceph_mgr_keys: "{{ tmp_ceph_mgr_keys_result.results | map(attribute='ansible_facts.tmp_ceph_mgr_keys') | list }}" when: - groups.get(mgr_group_name, []) | length > 0 - name: set_fact ceph_config_keys merge mgr keys to config and keys paths set_fact: ceph_config_keys: "{{ ceph_config_keys + ceph_mgr_keys }}" when: - groups.get(mgr_group_name, []) | length > 0 - name: stat for ceph config and keys local_action: stat path={{ fetch_directory }}/{{ fsid }}/{{ item }} with_items: "{{ ceph_config_keys }}" changed_when: false become: false failed_when: false register: statconfig check_mode: no - name: try to copy ceph keys copy: src: "{{ fetch_directory }}/{{ fsid }}/{{ item.0 }}" dest: "{{ item.0 }}" owner: "{{ ceph_uid }}" mode: 0600 changed_when: false with_together: - "{{ ceph_config_keys }}" - "{{ statconfig.results }}" when: - item.1.stat.exists == true - item.0 | search("keyring") - name: try to copy ceph config copy: src: "{{ fetch_directory }}/{{ fsid }}/{{ item.0 }}" dest: "{{ item.0 }}" owner: root group: root mode: 0644 changed_when: false with_together: - "{{ ceph_config_keys }}" - "{{ statconfig.results }}" when: - item.1.stat.exists == true - not (item.0 | search("keyring")) - name: set selinux permissions shell: | chcon -Rt svirt_sandbox_file_t {{ item }} with_items: - "{{ ceph_conf_key_directory }}" - /var/lib/ceph changed_when: false when: - ansible_os_family == 'RedHat' - sestatus.stdout != 'Disabled'