--- # Variables here are applicable to all host groups NOT roles # This sample file generated by generate_group_vars_sample.sh # Dummy variable to avoid error because ansible does not recognize the # file as a good configuration file when no variable in it. dummy: # You can override vars by using host or group vars ########### # GENERAL # ########### ###################################### # Releases name to number dictionary # ###################################### #ceph_release_num: # dumpling: 0.67 # emperor: 0.72 # firefly: 0.80 # giant: 0.87 # hammer: 0.94 # infernalis: 9 # jewel: 10 # kraken: 11 # luminous: 12 # mimic: 13 # nautilus: 14 # dev: 99 # The 'cluster' variable determines the name of the cluster. # Changing the default value to something else means that you will # need to change all the command line calls as well, for example if # your cluster name is 'foo': # "ceph health" will become "ceph --cluster foo health" # # An easier way to handle this is to use the environment variable CEPH_ARGS # So run: "export CEPH_ARGS="--cluster foo" # With that you will be able to run "ceph health" normally #cluster: ceph # Inventory host group variables #mon_group_name: mons #osd_group_name: osds #rgw_group_name: rgws #mds_group_name: mdss #nfs_group_name: nfss #rbdmirror_group_name: rbdmirrors #client_group_name: clients #iscsi_gw_group_name: iscsigws #mgr_group_name: mgrs #rgwloadbalancer_group_name: rgwloadbalancers #grafana_server_group_name: grafana-server # If configure_firewall is true, then ansible will try to configure the # appropriate firewalling rules so that Ceph daemons can communicate # with each others. #configure_firewall: True # Open ports on corresponding nodes if firewall is installed on it #ceph_mon_firewall_zone: public #ceph_mgr_firewall_zone: public #ceph_osd_firewall_zone: public #ceph_rgw_firewall_zone: public #ceph_mds_firewall_zone: public #ceph_nfs_firewall_zone: public #ceph_rbdmirror_firewall_zone: public #ceph_iscsi_firewall_zone: public #ceph_dashboard_firewall_zone: public #ceph_rgwloadbalancer_firewall_zone: public ############ # PACKAGES # ############ #debian_package_dependencies: [] #centos_package_dependencies: # - epel-release # - "{{ (ansible_facts['distribution_major_version'] is version('8', '>=')) | ternary('python3-libselinux', 'libselinux-python') }}" #redhat_package_dependencies: [] #suse_package_dependencies: [] # Whether or not to install the ceph-test package. #ceph_test: false # Enable the ntp service by default to avoid clock skew on ceph nodes # Disable if an appropriate NTP client is already installed and configured #ntp_service_enabled: true # Set type of NTP client daemon to use, valid entries are chronyd, ntpd or timesyncd #ntp_daemon_type: chronyd # This variable determines if ceph packages can be updated. If False, the # package resources will use "state=present". If True, they will use # "state=latest". #upgrade_ceph_packages: False #ceph_use_distro_backports: false # DEBIAN ONLY #ceph_directories_mode: "0755" ########### # INSTALL # ########### #ceph_repository_type: dummy # ORIGIN SOURCE # # Choose between: # - 'repository' means that you will get ceph installed through a new repository. Later below choose between 'community', 'rhcs', 'dev' or 'obs' # - 'distro' means that no separate repo file will be added # you will get whatever version of Ceph is included in your Linux distro. # 'local' means that the ceph binaries will be copied over from the local machine #ceph_origin: dummy #valid_ceph_origins: # - repository # - distro # - local #ceph_repository: dummy #valid_ceph_repository: # - community # - rhcs # - dev # - uca # - custom # - obs # REPOSITORY: COMMUNITY VERSION # # Enabled when ceph_repository == 'community' # #ceph_mirror: http://download.ceph.com #ceph_stable_key: https://download.ceph.com/keys/release.asc #ceph_stable_release: nautilus #ceph_stable_repo: "{{ ceph_mirror }}/debian-{{ ceph_stable_release }}" #nfs_ganesha_stable: true # use stable repos for nfs-ganesha #nfs_ganesha_stable_branch: V2.8-stable #nfs_ganesha_stable_deb_repo: "{{ ceph_mirror }}/nfs-ganesha/deb-{{ nfs_ganesha_stable_branch }}/{{ ceph_stable_release }}" # Use the option below to specify your applicable package tree, eg. when using non-LTS Ubuntu versions # # for a list of available Debian distributions, visit http://download.ceph.com/debian-{{ ceph_stable_release }}/dists/ # for more info read: https://github.com/ceph/ceph-ansible/issues/305 #ceph_stable_distro_source: "{{ ansible_facts['distribution_release'] }}" # REPOSITORY: RHCS VERSION RED HAT STORAGE (from 4.0) # # Enabled when ceph_repository == 'rhcs' # # This version is supported on RHEL 7 and 8 # #ceph_rhcs_version: "{{ ceph_stable_rh_storage_version | default(4) }}" #valid_ceph_repository_type: # - cdn # - iso #ceph_rhcs_iso_path: "{{ ceph_stable_rh_storage_iso_path | default('') }}" #ceph_rhcs_mount_path: "{{ ceph_stable_rh_storage_mount_path | default('/tmp/rh-storage-mount') }}" #ceph_rhcs_repository_path: "{{ ceph_stable_rh_storage_repository_path | default('/tmp/rh-storage-repo') }}" # where to copy iso's content # REPOSITORY: UBUNTU CLOUD ARCHIVE # # Enabled when ceph_repository == 'uca' # # This allows the install of Ceph from the Ubuntu Cloud Archive. The Ubuntu Cloud Archive # usually has newer Ceph releases than the normal distro repository. # # #ceph_stable_repo_uca: "http://ubuntu-cloud.archive.canonical.com/ubuntu" #ceph_stable_openstack_release_uca: queens #ceph_stable_release_uca: "{{ ansible_facts['distribution_release'] }}-updates/{{ ceph_stable_openstack_release_uca }}" # REPOSITORY: openSUSE OBS # # Enabled when ceph_repository == 'obs' # # This allows the install of Ceph from the openSUSE OBS repository. The OBS repository # usually has newer Ceph releases than the normal distro repository. # # #ceph_obs_repo: "https://download.opensuse.org/repositories/filesystems:/ceph:/{{ ceph_stable_release }}/openSUSE_Leap_{{ ansible_facts['distribution_version'] }}/" # REPOSITORY: DEV # # Enabled when ceph_repository == 'dev' # #ceph_dev_branch: master # development branch you would like to use e.g: master, wip-hack #ceph_dev_sha1: latest # distinct sha1 to use, defaults to 'latest' (as in latest built) #nfs_ganesha_dev: false # use development repos for nfs-ganesha # Set this to choose the version of ceph dev libraries used in the nfs-ganesha packages from shaman # flavors so far include: ceph_master, ceph_jewel, ceph_kraken, ceph_luminous #nfs_ganesha_flavor: "ceph_master" #ceph_iscsi_config_dev: true # special repo for deploying iSCSI gateways # REPOSITORY: CUSTOM # # Enabled when ceph_repository == 'custom' # # Use a custom repository to install ceph. For RPM, ceph_custom_repo should be # a URL to the .repo file to be installed on the targets. For deb, # ceph_custom_repo should be the URL to the repo base. # #ceph_custom_key: https://server.domain.com/ceph-custom-repo/key.asc #ceph_custom_repo: https://server.domain.com/ceph-custom-repo # ORIGIN: LOCAL CEPH INSTALLATION # # Enabled when ceph_repository == 'local' # # Path to DESTDIR of the ceph install #ceph_installation_dir: "/path/to/ceph_installation/" # Whether or not to use installer script rundep_installer.sh # This script takes in rundep and installs the packages line by line onto the machine # If this is set to false then it is assumed that the machine ceph is being copied onto will already have # all runtime dependencies installed #use_installer: false # Root directory for ceph-ansible #ansible_dir: "/path/to/ceph-ansible" ###################### # CEPH CONFIGURATION # ###################### ## Ceph options # # Each cluster requires a unique, consistent filesystem ID. By # default, the playbook generates one for you. # If you want to customize how the fsid is # generated, you may find it useful to disable fsid generation to # avoid cluttering up your ansible repo. If you set `generate_fsid` to # false, you *must* generate `fsid` in another way. # ACTIVATE THE FSID VARIABLE FOR NON-VAGRANT DEPLOYMENT #fsid: "{{ cluster_uuid.stdout }}" #generate_fsid: true #ceph_conf_key_directory: /etc/ceph #ceph_uid: "{{ '64045' if not containerized_deployment | bool and ansible_facts['os_family'] == 'Debian' else '167' }}" # Permissions for keyring files in /etc/ceph #ceph_keyring_permissions: '0600' #cephx: true ## Client options # #rbd_cache: "true" #rbd_cache_writethrough_until_flush: "true" #rbd_concurrent_management_ops: 20 #rbd_client_directories: true # this will create rbd_client_log_path and rbd_client_admin_socket_path directories with proper permissions # Permissions for the rbd_client_log_path and # rbd_client_admin_socket_path. Depending on your use case for Ceph # you may want to change these values. The default, which is used if # any of the variables are unset or set to a false value (like `null` # or `false`) is to automatically determine what is appropriate for # the Ceph version with non-OpenStack workloads -- ceph:ceph and 0770 # for infernalis releases, and root:root and 1777 for pre-infernalis # releases. # # For other use cases, including running Ceph with OpenStack, you'll # want to set these differently: # # For OpenStack on RHEL, you'll want: # rbd_client_directory_owner: "qemu" # rbd_client_directory_group: "libvirtd" (or "libvirt", depending on your version of libvirt) # rbd_client_directory_mode: "0755" # # For OpenStack on Ubuntu or Debian, set: # rbd_client_directory_owner: "libvirt-qemu" # rbd_client_directory_group: "kvm" # rbd_client_directory_mode: "0755" # # If you set rbd_client_directory_mode, you must use a string (e.g., # 'rbd_client_directory_mode: "0755"', *not* # 'rbd_client_directory_mode: 0755', or Ansible will complain: mode # must be in octal or symbolic form #rbd_client_directory_owner: ceph #rbd_client_directory_group: ceph #rbd_client_directory_mode: "0770" #rbd_client_log_path: /var/log/ceph #rbd_client_log_file: "{{ rbd_client_log_path }}/qemu-guest-$pid.log" # must be writable by QEMU and allowed by SELinux or AppArmor #rbd_client_admin_socket_path: /var/run/ceph # must be writable by QEMU and allowed by SELinux or AppArmor ## Monitor options # # You must define either monitor_interface, monitor_address or monitor_address_block. # These variables must be defined at least in all.yml and overrided if needed (inventory host file or group_vars/*.yml). # Eg. If you want to specify for each monitor which address the monitor will bind to you can set it in your **inventory host file** by using 'monitor_address' variable. # Preference will go to monitor_address if both monitor_address and monitor_interface are defined. #monitor_interface: interface #monitor_address: x.x.x.x #monitor_address_block: subnet # set to either ipv4 or ipv6, whichever your network is using #ip_version: ipv4 #mon_use_fqdn: false # if set to true, the MON name used will be the fqdn in the ceph.conf #mon_host_v1: # enabled: True # suffix: ':6789' #mon_host_v2: # suffix: ':3300' #enable_ceph_volume_debug: False ########## # CEPHFS # ########## # When pg_autoscale_mode is set to True, you must add the target_size_ratio key with a correct value # `pg_num` and `pgp_num` keys will be ignored, even if specified. # eg: # cephfs_data_pool: # name: "{{ cephfs_data if cephfs_data is defined else 'cephfs_data' }}" # pg_num: "{{ osd_pool_default_pg_num }}" # pgp_num: "{{ osd_pool_default_pg_num }}" # rule_name: "replicated_rule" # type: 1 # erasure_profile: "" # expected_num_objects: "" # size: "{{ osd_pool_default_size }}" # min_size: "{{ osd_pool_default_min_size }}" # pg_autoscale_mode: False # target_size_ratio: 0.2 #cephfs: cephfs # name of the ceph filesystem #cephfs_data_pool: # name: "{{ cephfs_data if cephfs_data is defined else 'cephfs_data' }}" # pg_num: "{{ osd_pool_default_pg_num }}" # pgp_num: "{{ osd_pool_default_pg_num }}" # rule_name: "replicated_rule" # type: 1 # erasure_profile: "" # expected_num_objects: "" # size: "{{ osd_pool_default_size }}" # min_size: "{{ osd_pool_default_min_size }}" # pg_autoscale_mode: False #cephfs_metadata_pool: # name: "{{ cephfs_metadata if cephfs_metadata is defined else 'cephfs_metadata' }}" # pg_num: "{{ osd_pool_default_pg_num }}" # pgp_num: "{{ osd_pool_default_pg_num }}" # rule_name: "replicated_rule" # type: 1 # erasure_profile: "" # expected_num_objects: "" # size: "{{ osd_pool_default_size }}" # min_size: "{{ osd_pool_default_min_size }}" # pg_autoscale_mode: False #cephfs_pools: # - "{{ cephfs_data_pool }}" # - "{{ cephfs_metadata_pool }}" ## OSD options # #lvmetad_disabled: false #is_hci: false #hci_safety_factor: 0.2 #non_hci_safety_factor: 0.7 #osd_memory_target: 4294967296 #journal_size: 5120 # OSD journal size in MB #block_db_size: -1 # block db size in bytes for the ceph-volume lvm batch. -1 means use the default of 'as big as possible'. #public_network: 0.0.0.0/0 #cluster_network: "{{ public_network | regex_replace(' ', '') }}" #osd_mkfs_type: xfs #osd_mkfs_options_xfs: -f -i size=2048 #osd_mount_options_xfs: noatime,largeio,inode64,swalloc #osd_objectstore: bluestore # Any device containing these patterns in their path will be excluded. #osd_auto_discovery_exclude: "dm-*|loop*|md*|rbd*" # xattrs. by default, 'filestore xattr use omap' is set to 'true' if # 'osd_mkfs_type' is set to 'ext4'; otherwise it isn't set. This can # be set to 'true' or 'false' to explicitly override those # defaults. Leave it 'null' to use the default for your chosen mkfs # type. #filestore_xattr_use_omap: null ## MDS options # #mds_use_fqdn: false # if set to true, the MDS name used will be the fqdn in the ceph.conf #mds_max_mds: 1 ## Rados Gateway options # #radosgw_frontend_type: beast # For additional frontends see: https://docs.ceph.com/en/nautilus/radosgw/frontends/ #radosgw_civetweb_port: 8080 #radosgw_civetweb_num_threads: 512 #radosgw_civetweb_options: "num_threads={{ radosgw_civetweb_num_threads }}" # For additional civetweb configuration options available such as logging, # keepalive, and timeout settings, please see the civetweb docs at # https://github.com/civetweb/civetweb/blob/master/docs/UserManual.md #radosgw_frontend_port: "{{ radosgw_civetweb_port if radosgw_frontend_type == 'civetweb' else '8080' }}" # The server private key, public certificate and any other CA or intermediate certificates should be in one file, in PEM format. #radosgw_frontend_ssl_certificate: "" #radosgw_frontend_options: "{{ radosgw_civetweb_options if radosgw_frontend_type == 'civetweb' else '' }}" #radosgw_thread_pool_size: 512 # You must define either radosgw_interface, radosgw_address. # These variables must be defined at least in all.yml and overrided if needed (inventory host file or group_vars/*.yml). # Eg. If you want to specify for each radosgw node which address the radosgw will bind to you can set it in your **inventory host file** by using 'radosgw_address' variable. # Preference will go to radosgw_address if both radosgw_address and radosgw_interface are defined. #radosgw_interface: interface #radosgw_address: x.x.x.x #radosgw_address_block: subnet #radosgw_keystone_ssl: false # activate this when using keystone PKI keys #radosgw_num_instances: 1 # Rados Gateway options #email_address: foo@bar.com ## Testing mode # enable this mode _only_ when you have a single node # if you don't want it keep the option commented #common_single_host_mode: true ## Handlers - restarting daemons after a config change # if for whatever reasons the content of your ceph configuration changes # ceph daemons will be restarted as well. At the moment, we can not detect # which config option changed so all the daemons will be restarted. Although # this restart will be serialized for each node, in between a health check # will be performed so we make sure we don't move to the next node until # ceph is not healthy # Obviously between the checks (for monitors to be in quorum and for osd's pgs # to be clean) we have to wait. These retries and delays can be configurable # for both monitors and osds. # # Monitor handler checks #handler_health_mon_check_retries: 10 #handler_health_mon_check_delay: 20 # # OSD handler checks #handler_health_osd_check_retries: 40 #handler_health_osd_check_delay: 30 #handler_health_osd_check: true # # MDS handler checks #handler_health_mds_check_retries: 5 #handler_health_mds_check_delay: 10 # # RGW handler checks #handler_health_rgw_check_retries: 5 #handler_health_rgw_check_delay: 10 # NFS handler checks #handler_health_nfs_check_retries: 5 #handler_health_nfs_check_delay: 10 # RBD MIRROR handler checks #handler_health_rbd_mirror_check_retries: 5 #handler_health_rbd_mirror_check_delay: 10 # MGR handler checks #handler_health_mgr_check_retries: 5 #handler_health_mgr_check_delay: 10 ## health mon/osds check retries/delay: #health_mon_check_retries: 20 #health_mon_check_delay: 10 #health_osd_check_retries: 20 #health_osd_check_delay: 10 ############### # NFS-GANESHA # ############### # Confiure the type of NFS gatway access. At least one must be enabled for an # NFS role to be useful # # Set this to true to enable File access via NFS. Requires an MDS role. #nfs_file_gw: false # Set this to true to enable Object access via NFS. Requires an RGW role. #nfs_obj_gw: "{{ False if groups.get(mon_group_name, []) | length == 0 else True }}" ############# # MULTISITE # ############# # Changing this value allows multisite code to run #rgw_multisite: false # If the desired multisite configuration involves only one realm, one zone group and one zone (per cluster), then the multisite variables can be set here. # Please see README-MULTISITE.md for more information. # # If multiple realms or multiple zonegroups or multiple zones need to be created on a cluster then, # the multisite config variables should be editted in their respective zone .yaml file and realm .yaml file. # See README-MULTISITE-MULTIREALM.md for more information. # The following Multi-site related variables should be set by the user. # # rgw_zone is set to "default" to enable compression for clusters configured without rgw multi-site # If multisite is configured, rgw_zone should not be set to "default". # #rgw_zone: default #rgw_zonemaster: true #rgw_zonesecondary: false #rgw_zonegroup: solarsystem # should be set by the user #rgw_zonegroupmaster: true #rgw_zone_user: zone.user #rgw_zone_user_display_name: "Zone User" #rgw_realm: milkyway # should be set by the user #rgw_multisite_proto: "http" #system_access_key: 6kWkikvapSnHyE22P7nO # should be re-created by the user #system_secret_key: MGecsMrWtKZgngOHZdrd6d3JxGO5CPWgT2lcnpSt # should be re-created by the user # Multi-site remote pull URL variables #rgw_pull_port: "{{ radosgw_frontend_port }}" #rgw_pull_proto: "http" # should be the same as rgw_multisite_proto for the master zone cluster #rgw_pullhost: localhost # rgw_pullhost only needs to be declared if there is a zone secondary. ################### # CONFIG OVERRIDE # ################### # Ceph configuration file override. # This allows you to specify more configuration options # using an INI style format. # # When configuring RGWs, make sure you use the form [client.rgw.*] # instead of [client.radosgw.*]. # For more examples check the profiles directory of https://github.com/ceph/ceph-ansible. # # The following sections are supported: [global], [mon], [osd], [mds], [client] # # Example: # ceph_conf_overrides: # global: # foo: 1234 # bar: 5678 # "client.rgw.{{ hostvars[groups.get(rgw_group_name)[0]]['ansible_facts']['hostname'] }}": # rgw_zone: zone1 # #ceph_conf_overrides: {} ############# # OS TUNING # ############# #disable_transparent_hugepage: "{{ false if osd_objectstore == 'bluestore' else true }}" #os_tuning_params: # - { name: fs.file-max, value: 26234859 } # - { name: vm.zone_reclaim_mode, value: 0 } # - { name: vm.swappiness, value: 10 } # - { name: vm.min_free_kbytes, value: "{{ vm_min_free_kbytes }}" } # For Debian & Red Hat/CentOS installs set TCMALLOC_MAX_TOTAL_THREAD_CACHE_BYTES # Set this to a byte value (e.g. 134217728) # A value of 0 will leave the package default. #ceph_tcmalloc_max_total_thread_cache: 134217728 ########## # DOCKER # ########## #ceph_docker_image: "ceph/daemon" #ceph_docker_image_tag: latest-nautilus #ceph_docker_registry: quay.io #ceph_docker_registry_auth: false #ceph_docker_registry_username: #ceph_docker_registry_password: #ceph_docker_http_proxy: #ceph_docker_https_proxy: #ceph_docker_no_proxy: "localhost,127.0.0.1" ## Client only docker image - defaults to {{ ceph_docker_image }} #ceph_client_docker_image: "{{ ceph_docker_image }}" #ceph_client_docker_image_tag: "{{ ceph_docker_image_tag }}" #ceph_client_docker_registry: "{{ ceph_docker_registry }}" #ceph_docker_enable_centos_extra_repo: false #ceph_docker_on_openstack: false #containerized_deployment: False #container_binary: #timeout_command: "{{ 'timeout --foreground -s KILL ' ~ docker_pull_timeout if (docker_pull_timeout != '0') and (ceph_docker_dev_image is undefined or not ceph_docker_dev_image) else '' }}" # this is only here for usage with the rolling_update.yml playbook # do not ever change this here #rolling_update: false ##################### # Docker pull retry # ##################### #docker_pull_retry: 3 #docker_pull_timeout: "300s" ############# # OPENSTACK # ############# #openstack_config: false # When pg_autoscale_mode is set to True, you must add the target_size_ratio key with a correct value # `pg_num` and `pgp_num` keys will be ignored, even if specified. # eg: # openstack_glance_pool: # name: "images" # pg_num: "{{ osd_pool_default_pg_num }}" # pgp_num: "{{ osd_pool_default_pg_num }}" # rule_name: "replicated_rule" # type: 1 # erasure_profile: "" # expected_num_objects: "" # application: "rbd" # size: "{{ osd_pool_default_size }}" # min_size: "{{ osd_pool_default_min_size }}" # pg_autoscale_mode: False # target_size_ratio: 0.2 #openstack_glance_pool: # name: "images" # pg_num: "{{ osd_pool_default_pg_num }}" # pgp_num: "{{ osd_pool_default_pg_num }}" # rule_name: "replicated_rule" # type: 1 # erasure_profile: "" # expected_num_objects: "" # application: "rbd" # size: "{{ osd_pool_default_size }}" # min_size: "{{ osd_pool_default_min_size }}" # pg_autoscale_mode: False #openstack_cinder_pool: # name: "volumes" # pg_num: "{{ osd_pool_default_pg_num }}" # pgp_num: "{{ osd_pool_default_pg_num }}" # rule_name: "replicated_rule" # type: 1 # erasure_profile: "" # expected_num_objects: "" # application: "rbd" # size: "{{ osd_pool_default_size }}" # min_size: "{{ osd_pool_default_min_size }}" # pg_autoscale_mode: False #openstack_nova_pool: # name: "vms" # pg_num: "{{ osd_pool_default_pg_num }}" # pgp_num: "{{ osd_pool_default_pg_num }}" # rule_name: "replicated_rule" # type: 1 # erasure_profile: "" # expected_num_objects: "" # application: "rbd" # size: "{{ osd_pool_default_size }}" # min_size: "{{ osd_pool_default_min_size }}" # pg_autoscale_mode: False #openstack_cinder_backup_pool: # name: "backups" # pg_num: "{{ osd_pool_default_pg_num }}" # pgp_num: "{{ osd_pool_default_pg_num }}" # rule_name: "replicated_rule" # type: 1 # erasure_profile: "" # expected_num_objects: "" # application: "rbd" # size: "{{ osd_pool_default_size }}" # min_size: "{{ osd_pool_default_min_size }}" # pg_autoscale_mode: False #openstack_gnocchi_pool: # name: "metrics" # pg_num: "{{ osd_pool_default_pg_num }}" # pgp_num: "{{ osd_pool_default_pg_num }}" # rule_name: "replicated_rule" # type: 1 # erasure_profile: "" # expected_num_objects: "" # application: "rbd" # size: "{{ osd_pool_default_size }}" # min_size: "{{ osd_pool_default_min_size }}" # pg_autoscale_mode: False #openstack_cephfs_data_pool: # name: "manila_data" # pg_num: "{{ osd_pool_default_pg_num }}" # pgp_num: "{{ osd_pool_default_pg_num }}" # rule_name: "replicated_rule" # type: 1 # erasure_profile: "" # expected_num_objects: "" # application: "rbd" # size: "{{ osd_pool_default_size }}" # min_size: "{{ osd_pool_default_min_size }}" # pg_autoscale_mode: False #openstack_cephfs_metadata_pool: # name: "manila_metadata" # pg_num: "{{ osd_pool_default_pg_num }}" # pgp_num: "{{ osd_pool_default_pg_num }}" # rule_name: "replicated_rule" # type: 1 # erasure_profile: "" # expected_num_objects: "" # application: "rbd" # size: "{{ osd_pool_default_size }}" # min_size: "{{ osd_pool_default_min_size }}" # pg_autoscale_mode: False #openstack_pools: # - "{{ openstack_glance_pool }}" # - "{{ openstack_cinder_pool }}" # - "{{ openstack_nova_pool }}" # - "{{ openstack_cinder_backup_pool }}" # - "{{ openstack_gnocchi_pool }}" # - "{{ openstack_cephfs_data_pool }}" # - "{{ openstack_cephfs_metadata_pool }}" # The value for 'key' can be a pre-generated key, # e.g key: "AQDC2UxZH4yeLhAAgTaZb+4wDUlYOsr1OfZSpQ==" # By default, keys will be auto-generated. # #openstack_keys: # - { name: client.glance, caps: { mon: "profile rbd", osd: "profile rbd pool=volumes, profile rbd pool={{ openstack_glance_pool.name }}"}, mode: "0600" } # - { name: client.cinder, caps: { mon: "profile rbd", osd: "profile rbd pool={{ openstack_cinder_pool.name }}, profile rbd pool={{ openstack_nova_pool.name }}, profile rbd pool={{ openstack_glance_pool.name }}"}, mode: "0600" } # - { name: client.cinder-backup, caps: { mon: "profile rbd", osd: "profile rbd pool={{ openstack_cinder_backup_pool.name }}"}, mode: "0600" } # - { name: client.gnocchi, caps: { mon: "profile rbd", osd: "profile rbd pool={{ openstack_gnocchi_pool.name }}"}, mode: "0600", } # - { name: client.openstack, caps: { mon: "profile rbd", osd: "profile rbd pool={{ openstack_glance_pool.name }}, profile rbd pool={{ openstack_nova_pool.name }}, profile rbd pool={{ openstack_cinder_pool.name }}, profile rbd pool={{ openstack_cinder_backup_pool.name }}"}, mode: "0600" } ############# # DASHBOARD # ############# #dashboard_enabled: True # Choose http or https # For https, you should set dashboard.crt/key and grafana.crt/key # If you define the dashboard_crt and dashboard_key variables, but leave them as '', # then we will autogenerate a cert and keyfile #dashboard_protocol: https #dashboard_port: 8443 # set this variable to the network you want the dashboard to listen on. (Default to public_network) #dashboard_network: "{{ public_network }}" #dashboard_admin_user: admin #dashboard_admin_user_ro: false # This variable must be set with a strong custom password when dashboard_enabled is True #dashboard_admin_password: p@ssw0rd # We only need this for SSL (https) connections #dashboard_crt: '' #dashboard_key: '' #dashboard_certificate_cn: ceph-dashboard #dashboard_tls_external: false #dashboard_grafana_api_no_ssl_verify: "{{ true if dashboard_protocol == 'https' and not grafana_crt and not grafana_key else false }}" #dashboard_rgw_api_user_id: ceph-dashboard #dashboard_rgw_api_admin_resource: '' #dashboard_rgw_api_no_ssl_verify: False #dashboard_frontend_vip: '' #node_exporter_container_image: "prom/node-exporter:v0.17.0" #prometheus_frontend_vip: '' #alertmanager_frontend_vip: '' #node_exporter_port: 9100 #grafana_admin_user: admin # This variable must be set with a strong custom password when dashboard_enabled is True #grafana_admin_password: admin # We only need this for SSL (https) connections #grafana_crt: '' #grafana_key: '' #grafana_container_image: "grafana/grafana:5.4.3" # When using https, please fill with a hostname for which grafana_crt is valid. #grafana_server_fqdn: '' #grafana_container_cpu_period: 100000 #grafana_container_cpu_cores: 2 # container_memory is in GB #grafana_container_memory: 4 #grafana_uid: 472 #grafana_datasource: Dashboard #grafana_dashboards_path: "/etc/grafana/dashboards/ceph-dashboard" #grafana_dashboard_version: nautilus #grafana_dashboard_files: # - ceph-cluster.json # - cephfs-overview.json # - host-details.json # - hosts-overview.json # - osd-device-details.json # - osds-overview.json # - pool-detail.json # - pool-overview.json # - radosgw-detail.json # - radosgw-overview.json # - radosgw-sync-overview.json # - rbd-details.json # - rbd-overview.json #grafana_plugins: # - vonage-status-panel # - grafana-piechart-panel #grafana_allow_embedding: True #grafana_port: 3000 #grafana_conf_overrides: {} #prometheus_container_image: "prom/prometheus:v2.7.2" #prometheus_container_cpu_period: 100000 #prometheus_container_cpu_cores: 2 # container_memory is in GB #prometheus_container_memory: 4 #prometheus_data_dir: /var/lib/prometheus #prometheus_conf_dir: /etc/prometheus #prometheus_user_id: '65534' # This is the UID used by the prom/prometheus container image #prometheus_port: 9092 #prometheus_conf_overrides: {} # Uncomment out this variable if you need to customize the retention period for prometheus storage. # set it to '30d' if you want to retain 30 days of data. #prometheus_storage_tsdb_retention_time: 15d #alertmanager_container_image: "prom/alertmanager:v0.16.2" #alertmanager_container_cpu_period: 100000 #alertmanager_container_cpu_cores: 2 # container_memory is in GB #alertmanager_container_memory: 4 #alertmanager_data_dir: /var/lib/alertmanager #alertmanager_conf_dir: /etc/alertmanager #alertmanager_port: 9093 #alertmanager_cluster_port: 9094 #alertmanager_conf_overrides: {} #alertmanager_dashboard_api_no_ssl_verify: "{{ true if dashboard_protocol == 'https' and not dashboard_crt and not dashboard_key else false }}" # igw # # `igw_network` variable is intended for allowing dashboard deployment with iSCSI node not residing in the same subnet than what is defined in `public_network`. # For example: # If the ceph public network is 2a00:8a60:1:c301::/64 and the iSCSI Gateway resides # at a dedicated gateway network (2a00:8a60:1:c300::/64) (With routing between those networks). # It means "{{ hostvars[item]['ansible_facts']['all_ipv4_addresses'] | ips_in_ranges(public_network.split(',')) | last | ipwrap }}" will be empty. # As a consequence, this prevent from deploying dashboard with iSCSI node when it reside in a subnet different than `public_network`. # Using `igw_network` make it possible, set it with the subnet used by your iSCSI node. #igw_network: "{{ public_network }}" ################################## # DEPRECIATED iSCSI TARGET SETUP # ################################## # WARNING # # The following values are depreciated. To setup targets, gateways, LUNs, and # clients you should use gwcli or dashboard. If the following values are set, # the old ceph-iscsi-config/ceph-iscsi-cli packages will be used. # Specify the iqn for ALL gateways. This iqn is shared across the gateways, so an iscsi # client sees the gateway group as a single storage subsystem. #gateway_iqn: "" # gateway_ip_list provides a list of the IP Addrresses - one per gateway - that will be used # as an iscsi target portal ip. The list must be comma separated - and the order determines # the sequence of TPG's within the iscsi target across each gateway. Once set, additional # gateways can be added, but the order must *not* be changed. #gateway_ip_list: 0.0.0.0 # rbd_devices defines the images that should be created and exported from the iscsi gateways. # If the rbd does not exist, it will be created for you. In addition you may increase the # size of rbd's by changing the size parameter and rerunning the playbook. A size value lower # than the current size of the rbd is ignored. # # the 'host' parameter defines which of the gateway nodes should handle the physical # allocation/expansion or removal of the rbd # to remove an image, simply use a state of 'absent'. This will first check the rbd is not allocated # to any client, and the remove it from LIO and then delete the rbd image # # NB. this variable definition can be commented out to bypass LUN management # # Example: # #rbd_devices: # - { pool: 'rbd', image: 'ansible1', size: '30G', host: 'ceph-1', state: 'present' } # - { pool: 'rbd', image: 'ansible2', size: '15G', host: 'ceph-1', state: 'present' } # - { pool: 'rbd', image: 'ansible3', size: '30G', host: 'ceph-1', state: 'present' } # - { pool: 'rbd', image: 'ansible4', size: '50G', host: 'ceph-1', state: 'present' } #rbd_devices: {} # client_connections defines the client ACL's to restrict client access to specific LUNs # The settings are as follows; # - image_list is a comma separated list of rbd images of the form . # - chap supplies the user and password the client will use for authentication of the # form / # - status shows the intended state of this client definition - 'present' or 'absent' # # NB. this definition can be commented out to skip client (nodeACL) management # # Example: # #client_connections: # - { client: 'iqn.1994-05.com.redhat:rh7-iscsi-client', image_list: 'rbd.ansible1,rbd.ansible2', chap: 'rh7-iscsi-client/redhat', status: 'present' } # - { client: 'iqn.1991-05.com.microsoft:w2k12r2', image_list: 'rbd.ansible4', chap: 'w2k12r2/microsoft_w2k12', status: 'absent' } #client_connections: {} #no_log_on_ceph_key_tasks: True ############### # DEPRECATION # ############### #use_fqdn_yes_i_am_sure: false ###################################################### # VARIABLES BELOW SHOULD NOT BE MODIFIED BY THE USER # # *DO NOT* MODIFY THEM # ###################################################### #container_exec_cmd: #docker: false #ceph_volume_debug: "{{ enable_ceph_volume_debug | ternary(1, 0) }}"