ceph
/
ceph-ansible
mirror of https://github.com/ceph/ceph-ansible.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
ceph-ansible/roles/ceph-client/tasks/create_users_keys.yml

127 lines
4.9 KiB
YAML
Raw Blame History

This file contains invisible Unicode characters!

This file contains invisible Unicode characters that may be processed differently from what appears below. If your use case is intentional and legitimate, you can safely ignore this warning. Use the Escape button to reveal hidden characters.

---
- name: set_fact keys_tmp - preserve backward compatibility after the introduction of the ceph_keys module
set_fact:
keys_tmp: "{{ keys_tmp|default([]) + [ { 'key': item.key, 'name': item.name, 'caps': { 'mon': item.mon_cap, 'osd': item.osd_cap|default(''), 'mds': item.mds_cap|default(''), 'mgr': item.mgr_cap|default('') } , 'mode': item.mode } ] }}"
when:
- item.get('mon_cap', None) # it's enough to assume we are running an old-fashionned syntax simply by checking the presence of mon_cap since every key needs this cap
with_items: "{{ keys }}"
- name: set_fact keys - override keys_tmp with keys
set_fact:
keys: "{{ keys_tmp }}"
when:
- keys_tmp is defined
# dummy container setup is only supported on x86_64
# when running with containerized_deployment: true this task
# creates a group that contains only x86_64 hosts.
# when running with containerized_deployment: false this task
# will add all client hosts to the group (and not filter).
- name: create filtered clients group
add_host:
name: "{{ item }}"
groups: _filtered_clients
with_items: "{{ groups[client_group_name] }}"
when:
- (hostvars[item]['ansible_architecture'] == 'x86_64') or (not containerized_deployment)
- name: set_fact delegated_node
set_fact:
delegated_node: "{{ groups[mon_group_name][0] if groups.get(mon_group_name, []) | length > 0 else inventory_hostname }}"
- name: set_fact condition_copy_admin_key
set_fact:
condition_copy_admin_key: "{{ True if groups.get(mon_group_name, []) | length > 0 else copy_admin_key }}"
- name: create cephx key(s)
ceph_key:
state: present
name: "{{ item.name }}"
caps: "{{ item.caps }}"
secret: "{{ item.key | default('') }}"
cluster: "{{ cluster }}"
dest: "{{ ceph_conf_key_directory }}"
import_key: "{{ condition_copy_admin_key }}"
mode: "{{ item.mode|default(omit) }}"
owner: "{{ ceph_uid if containerized_deployment else 'ceph' }}"
group: "{{ ceph_uid if containerized_deployment else 'ceph' }}"
environment:
CEPH_CONTAINER_IMAGE: "{{ ceph_docker_registry + '/' + ceph_docker_image + ':' + ceph_docker_image_tag if containerized_deployment else None }}"
CEPH_CONTAINER_BINARY: "{{ container_binary }}"
with_items: "{{ keys }}"
delegate_to: "{{ delegated_node }}"
when:
- cephx
- keys | length > 0
- inventory_hostname == groups.get('_filtered_clients') | first
- name: slurp client cephx key(s)
slurp:
src: "{{ ceph_conf_key_directory }}/{{ cluster }}.{{ item.name }}.keyring"
with_items:
- "{{ keys }}"
register: slurp_client_keys
delegate_to: "{{ delegated_node }}"
when:
- cephx
- keys | length > 0
- inventory_hostname == groups.get('_filtered_clients') | first
- name: pool related tasks
when:
- condition_copy_admin_key
- inventory_hostname == groups.get('_filtered_clients', []) | first
block:
- name: list existing pool(s)
command: >
{{ docker_exec_cmd | default('') }} ceph --cluster {{ cluster }}
osd pool get {{ item.name }} size
with_items: "{{ pools }}"
register: created_pools
failed_when: false
delegate_to: "{{ delegated_node }}"
- name: create ceph pool(s)
command: >
{{ docker_exec_cmd | default('') }} ceph --cluster {{ cluster }}
osd pool create {{ item.0.name }}
{{ item.0.pg_num | default(osd_pool_default_pg_num) }}
{{ item.0.pgp_num | default(item.0.pg_num) | default(osd_pool_default_pg_num) }}
{{ 'replicated_rule' if not item.0.rule_name | default('replicated_rule') else item.0.rule_name | default('replicated_rule') }}
{{ 1 if item.0.type|default(1) == 'replicated' else 3 if item.0.type|default(1) == 'erasure' else item.0.type|default(1) }}
{%- if (item.0.type | default("1") == '3' or item.0.type | default("1") == 'erasure') and item.0.erasure_profile %}
{{ item.0.erasure_profile }}
{%- endif %}
{{ item.0.expected_num_objects | default('') }}
with_together:
- "{{ pools }}"
- "{{ created_pools.results }}"
changed_when: false
delegate_to: "{{ delegated_node }}"
when:
- pools | length > 0
- item.1.rc != 0
- name: customize pool size
command: >
{{ docker_exec_cmd | default('') }} ceph --cluster {{ cluster }}
osd pool set {{ item.name }} size {{ item.size | default(osd_pool_default_size) }}
with_items: "{{ pools | unique }}"
delegate_to: "{{ delegated_node }}"
changed_when: false
when:
- pools | length > 0
- item.size | default(osd_pool_default_size) != ceph_osd_pool_default_size
- name: get client cephx keys
copy:
dest: "{{ item.source }}"
content: "{{ item.content | b64decode }}"
mode: "{{ item.item.get('mode', '0600') }}"
owner: "{{ ceph_uid }}"
group: "{{ ceph_uid }}"
with_items:
- "{{ hostvars[groups['_filtered_clients'][0]]['slurp_client_keys']['results'] }}"
when:
- not item.get('skipped', False)
Reference in New Issue View Git Blame Copy Permalink