mirror of https://github.com/ceph/ceph-ansible.git
171 lines
7.0 KiB
YAML
171 lines
7.0 KiB
YAML
---
|
|
- name: Cephx tasks
|
|
when:
|
|
- cephx | bool
|
|
block:
|
|
- name: Get client.bootstrap-rbd-mirror from ceph monitor
|
|
ceph_key:
|
|
name: client.bootstrap-rbd-mirror
|
|
cluster: "{{ cluster }}"
|
|
output_format: plain
|
|
state: info
|
|
environment:
|
|
CEPH_CONTAINER_IMAGE: "{{ ceph_docker_registry + '/' + ceph_docker_image + ':' + ceph_docker_image_tag if containerized_deployment | bool else None }}"
|
|
CEPH_CONTAINER_BINARY: "{{ container_binary }}"
|
|
register: _bootstrap_rbd_mirror_key
|
|
delegate_to: "{{ groups.get(mon_group_name)[0] }}"
|
|
run_once: true
|
|
no_log: "{{ no_log_on_ceph_key_tasks }}"
|
|
|
|
- name: Ensure /var/lib/ceph/bootstrap-rbd-mirror exists
|
|
ansible.builtin.file:
|
|
path: /var/lib/ceph/bootstrap-rbd-mirror
|
|
state: directory
|
|
owner: "{{ ceph_uid if containerized_deployment | bool else 'ceph' }}"
|
|
group: "{{ ceph_uid if containerized_deployment | bool else 'ceph' }}"
|
|
mode: "0750"
|
|
|
|
- name: Copy ceph key(s)
|
|
ansible.builtin.copy:
|
|
dest: "/var/lib/ceph/bootstrap-rbd-mirror/{{ cluster }}.keyring"
|
|
content: "{{ _bootstrap_rbd_mirror_key.stdout + '\n' }}"
|
|
owner: "{{ ceph_uid if containerized_deployment | bool else 'ceph' }}"
|
|
group: "{{ ceph_uid if containerized_deployment | bool else 'ceph' }}"
|
|
mode: "{{ ceph_keyring_permissions }}"
|
|
no_log: "{{ no_log_on_ceph_key_tasks }}"
|
|
|
|
- name: Create rbd-mirror keyrings
|
|
ceph_key:
|
|
name: "{{ item.name }}"
|
|
cluster: "{{ cluster }}"
|
|
user: client.admin
|
|
user_key: "/etc/ceph/{{ cluster }}.client.admin.keyring"
|
|
caps:
|
|
mon: "profile rbd-mirror"
|
|
osd: "profile rbd"
|
|
dest: "{{ item.dest }}"
|
|
secret: "{{ item.secret | default(omit) }}"
|
|
import_key: true
|
|
owner: "{{ ceph_uid if containerized_deployment | bool else 'ceph' }}"
|
|
group: "{{ ceph_uid if containerized_deployment | bool else 'ceph' }}"
|
|
mode: "{{ ceph_keyring_permissions }}"
|
|
no_log: "{{ no_log_on_ceph_key_tasks }}"
|
|
environment:
|
|
CEPH_CONTAINER_IMAGE: "{{ ceph_docker_registry + '/' + ceph_docker_image + ':' + ceph_docker_image_tag if containerized_deployment | bool else None }}"
|
|
CEPH_CONTAINER_BINARY: "{{ container_binary }}"
|
|
delegate_to: "{{ groups.get(mon_group_name)[0] }}"
|
|
loop:
|
|
- { name: "client.rbd-mirror.{{ ansible_facts['hostname'] }}",
|
|
dest: "/etc/ceph/{{ cluster }}.client.rbd-mirror.{{ ansible_facts['hostname'] }}.keyring" }
|
|
- { name: "{{ ceph_rbd_mirror_local_user }}",
|
|
dest: "/etc/ceph/{{ cluster }}.{{ ceph_rbd_mirror_local_user }}.keyring",
|
|
secret: "{{ ceph_rbd_mirror_local_user_secret | default('') }}" }
|
|
|
|
- name: Get client.rbd-mirror keyring from ceph monitor
|
|
ceph_key:
|
|
name: "client.rbd-mirror.{{ ansible_facts['hostname'] }}"
|
|
cluster: "{{ cluster }}"
|
|
output_format: plain
|
|
state: info
|
|
environment:
|
|
CEPH_CONTAINER_IMAGE: "{{ ceph_docker_registry + '/' + ceph_docker_image + ':' + ceph_docker_image_tag if containerized_deployment | bool else None }}"
|
|
CEPH_CONTAINER_BINARY: "{{ container_binary }}"
|
|
register: _rbd_mirror_key
|
|
delegate_to: "{{ groups.get(mon_group_name)[0] }}"
|
|
no_log: "{{ no_log_on_ceph_key_tasks }}"
|
|
|
|
- name: Copy ceph key
|
|
ansible.builtin.copy:
|
|
dest: "/etc/ceph/{{ cluster }}.client.rbd-mirror.{{ ansible_facts['hostname'] }}.keyring"
|
|
content: "{{ _rbd_mirror_key.stdout + '\n' }}"
|
|
owner: "{{ ceph_uid if containerized_deployment | bool else 'ceph' }}"
|
|
group: "{{ ceph_uid if containerized_deployment | bool else 'ceph' }}"
|
|
mode: "{{ ceph_keyring_permissions }}"
|
|
no_log: false
|
|
|
|
- name: Start and add the rbd-mirror service instance
|
|
ansible.builtin.service:
|
|
name: "ceph-rbd-mirror@rbd-mirror.{{ ansible_facts['hostname'] }}"
|
|
state: started
|
|
enabled: true
|
|
masked: false
|
|
changed_when: false
|
|
when:
|
|
- not containerized_deployment | bool
|
|
- ceph_rbd_mirror_remote_user is defined
|
|
|
|
- name: Set_fact ceph_rbd_mirror_pools
|
|
ansible.builtin.set_fact:
|
|
ceph_rbd_mirror_pools:
|
|
- name: "{{ ceph_rbd_mirror_pool }}"
|
|
when: ceph_rbd_mirror_pools is undefined
|
|
|
|
- name: Create pool if it doesn't exist
|
|
ceph_pool:
|
|
name: "{{ item.name }}"
|
|
cluster: "{{ cluster }}"
|
|
pg_num: "{{ item.pg_num | default(omit) }}"
|
|
pgp_num: "{{ item.pgp_num | default(omit) }}"
|
|
size: "{{ item.size | default(omit) }}"
|
|
min_size: "{{ item.min_size | default(omit) }}"
|
|
pool_type: "{{ item.type | default('replicated') }}"
|
|
rule_name: "{{ item.rule_name | default(omit) }}"
|
|
erasure_profile: "{{ item.erasure_profile | default(omit) }}"
|
|
pg_autoscale_mode: "{{ item.pg_autoscale_mode | default(omit) }}"
|
|
target_size_ratio: "{{ item.target_size_ratio | default(omit) }}"
|
|
application: "{{ item.application | default('rbd') }}"
|
|
delegate_to: "{{ groups[mon_group_name][0] }}"
|
|
loop: "{{ ceph_rbd_mirror_pools }}"
|
|
environment:
|
|
CEPH_CONTAINER_IMAGE: "{{ ceph_docker_registry + '/' + ceph_docker_image + ':' + ceph_docker_image_tag if containerized_deployment | bool else None }}"
|
|
CEPH_CONTAINER_BINARY: "{{ container_binary }}"
|
|
|
|
- name: Enable mirroring on the pool
|
|
ansible.builtin.command: "{{ rbd_cmd }} --cluster {{ cluster }} mirror pool enable {{ item.name }} {{ ceph_rbd_mirror_mode }}"
|
|
register: result
|
|
changed_when: false
|
|
retries: 60
|
|
delay: 1
|
|
until: result is succeeded
|
|
loop: "{{ ceph_rbd_mirror_pools }}"
|
|
delegate_to: "{{ groups[mon_group_name][0] }}"
|
|
|
|
- name: Add mirroring peer
|
|
when: ceph_rbd_mirror_remote_user is defined
|
|
block:
|
|
- name: List mirroring peer
|
|
ansible.builtin.command: "{{ rbd_cmd }} --cluster {{ cluster }} mirror pool info {{ item.name }}"
|
|
changed_when: false
|
|
register: mirror_peer
|
|
loop: "{{ ceph_rbd_mirror_pools }}"
|
|
delegate_to: "{{ groups[mon_group_name][0] }}"
|
|
|
|
- name: Create a temporary file
|
|
ansible.builtin.tempfile:
|
|
path: /etc/ceph
|
|
state: file
|
|
suffix: _ceph-ansible
|
|
register: tmp_file
|
|
delegate_to: "{{ groups[mon_group_name][0] }}"
|
|
|
|
- name: Write secret to temporary file
|
|
ansible.builtin.copy:
|
|
dest: "{{ tmp_file.path }}"
|
|
content: "{{ ceph_rbd_mirror_remote_key }}"
|
|
mode: "0644"
|
|
delegate_to: "{{ groups[mon_group_name][0] }}"
|
|
|
|
- name: Add a mirroring peer
|
|
ansible.builtin.command: "{{ rbd_cmd }} --cluster {{ cluster }} mirror pool peer add {{ item.item.name }} {{ ceph_rbd_mirror_remote_user }}@{{ ceph_rbd_mirror_remote_cluster }} --remote-mon-host {{ ceph_rbd_mirror_remote_mon_hosts }} --remote-key-file {{ tmp_file.path }}"
|
|
changed_when: false
|
|
delegate_to: "{{ groups[mon_group_name][0] }}"
|
|
loop: "{{ mirror_peer.results }}"
|
|
run_once: true
|
|
when: ceph_rbd_mirror_remote_user not in item.stdout
|
|
|
|
- name: Rm temporary file
|
|
ansible.builtin.file:
|
|
path: "{{ tmp_file.path }}"
|
|
state: absent
|
|
delegate_to: "{{ groups[mon_group_name][0] }}"
|