Commit d22641d3 authored by Guillaume Abrioux's avatar Guillaume Abrioux Committed by Dimitri Savineau
Browse files

nfs: fix nfs with external ceph cluster support

This commit refact and fix the nfs deployment with external ceph cluster
support.

Closes: https://bugzilla.redhat.com/show_bug.cgi?id=1814942

Signed-off-by: default avatarGuillaume Abrioux <gabrioux@redhat.com>
(cherry picked from commit cc28d9ec)
parent 55c222d0
......@@ -75,4 +75,3 @@ dummy:
# - { name: client.test, caps: { mon: "profile rbd", osd: "allow class-read object_prefix rbd_children, profile rbd pool=test" }, mode: "{{ ceph_keyring_permissions }}" }
# - { name: client.test2, caps: { mon: "profile rbd", osd: "allow class-read object_prefix rbd_children, profile rbd pool=test2" }, mode: "{{ ceph_keyring_permissions }}" }
#ceph_nfs_ceph_user: { name: client.rgw.nfs0, key: 'SECRET==', caps: { mon: "allow rw", osd: "allow rwx" }, mode: "{{ ceph_keyring_permissions }}" }
......@@ -66,5 +66,3 @@ pools:
keys:
- { name: client.test, caps: { mon: "profile rbd", osd: "allow class-read object_prefix rbd_children, profile rbd pool=test" }, mode: "{{ ceph_keyring_permissions }}" }
- { name: client.test2, caps: { mon: "profile rbd", osd: "allow class-read object_prefix rbd_children, profile rbd pool=test2" }, mode: "{{ ceph_keyring_permissions }}" }
#ceph_nfs_ceph_user: { name: client.rgw.nfs0, key: 'SECRET==', caps: { mon: "allow rw", osd: "allow rwx" }, mode: "{{ ceph_keyring_permissions }}" }
\ No newline at end of file
......@@ -47,7 +47,6 @@
CEPH_CONTAINER_BINARY: "{{ container_binary }}"
with_items:
- "{{ keys }}"
- "{{ ceph_nfs_ceph_user | default([]) }}"
delegate_to: "{{ delegated_node }}"
when:
- cephx | bool
......
......@@ -26,17 +26,31 @@
- not containerized_deployment | bool
- ansible_os_family == 'RedHat'
- name: copy rgw keyring when deploying internal ganesha with external ceph cluster
copy:
src: "/etc/ceph/{{ cluster }}.{{ ceph_nfs_ceph_user }}.keyring"
dest: "/var/lib/ceph/radosgw/{{ cluster }}-rgw.{{ ansible_hostname }}/keyring"
mode: '0600'
owner: "{{ ceph_uid if containerized_deployment else 'ceph' }}"
group: "{{ ceph_uid if containerized_deployment else 'ceph' }}"
remote_src: true
- name: nfs with external ceph cluster task related
when:
- groups.get(mon_group_name, []) | length == 0
- ceph_nfs_ceph_user is defined
block:
- name: create keyring directory
file:
path: "/var/lib/ceph/radosgw/{{ cluster }}-rgw.{{ ansible_hostname }}"
state: directory
owner: "{{ ceph_uid if containerized_deployment else 'ceph' }}"
group: "{{ ceph_uid if containerized_deployment else 'ceph' }}"
mode: "0755"
when:
- name: get client cephx keys
copy:
dest: "/var/lib/ceph/radosgw/{{ cluster }}-rgw.{{ ansible_hostname }}/keyring"
content: "{{ item.content | b64decode }}"
mode: "{{ item.item.get('mode', '0600') }}"
owner: "{{ ceph_uid if containerized_deployment else 'ceph' }}"
group: "{{ ceph_uid if containerized_deployment else 'ceph' }}"
with_items: "{{ hostvars[groups['_filtered_clients'][0]]['slurp_client_keys']['results'] | default([]) }}"
when:
- not item.get('skipped', False)
- item.item.name == 'client.' + ceph_nfs_ceph_user
- name: include start_nfs.yml
import_tasks: start_nfs.yml
......@@ -258,17 +258,17 @@
status: "Complete"
end: "{{ lookup('pipe', 'date +%Y%m%d%H%M%SZ') }}"
- hosts: nfss
- hosts: clients
become: True
gather_facts: false
any_errors_fatal: true
tasks:
# pre-tasks for following imports -
- name: set ceph nfs install 'In Progress'
- name: set ceph client install 'In Progress'
run_once: true
set_stats:
data:
installer_phase_ceph_nfs:
installer_phase_ceph_client:
status: "In Progress"
start: "{{ lookup('pipe', 'date +%Y%m%d%H%M%SZ') }}"
......@@ -285,28 +285,28 @@
name: ceph-config
tags: ['ceph_update_config']
- import_role:
name: ceph-nfs
name: ceph-client
# post-tasks for following imports -
- name: set ceph nfs install 'Complete'
# post-tasks for preceding imports -
- name: set ceph client install 'Complete'
run_once: true
set_stats:
data:
installer_phase_ceph_nfs:
installer_phase_ceph_client:
status: "Complete"
end: "{{ lookup('pipe', 'date +%Y%m%d%H%M%SZ') }}"
- hosts: rbdmirrors
- hosts: nfss
become: True
gather_facts: false
any_errors_fatal: true
tasks:
# pre-tasks for following imports -
- name: set ceph rbd mirror install 'In Progress'
- name: set ceph nfs install 'In Progress'
run_once: true
set_stats:
data:
installer_phase_ceph_rbdmirror:
installer_phase_ceph_nfs:
status: "In Progress"
start: "{{ lookup('pipe', 'date +%Y%m%d%H%M%SZ') }}"
......@@ -323,28 +323,28 @@
name: ceph-config
tags: ['ceph_update_config']
- import_role:
name: ceph-rbd-mirror
name: ceph-nfs
# post-tasks for preceding imports -
- name: set ceph rbd mirror install 'Complete'
# post-tasks for following imports -
- name: set ceph nfs install 'Complete'
run_once: true
set_stats:
data:
installer_phase_ceph_rbdmirror:
installer_phase_ceph_nfs:
status: "Complete"
end: "{{ lookup('pipe', 'date +%Y%m%d%H%M%SZ') }}"
- hosts: clients
- hosts: rbdmirrors
become: True
gather_facts: false
any_errors_fatal: true
tasks:
# pre-tasks for following imports -
- name: set ceph client install 'In Progress'
- name: set ceph rbd mirror install 'In Progress'
run_once: true
set_stats:
data:
installer_phase_ceph_client:
installer_phase_ceph_rbdmirror:
status: "In Progress"
start: "{{ lookup('pipe', 'date +%Y%m%d%H%M%SZ') }}"
......@@ -361,14 +361,14 @@
name: ceph-config
tags: ['ceph_update_config']
- import_role:
name: ceph-client
name: ceph-rbd-mirror
# post-tasks for preceding imports -
- name: set ceph client install 'Complete'
- name: set ceph rbd mirror install 'Complete'
run_once: true
set_stats:
data:
installer_phase_ceph_client:
installer_phase_ceph_rbdmirror:
status: "Complete"
end: "{{ lookup('pipe', 'date +%Y%m%d%H%M%SZ') }}"
......
......@@ -248,16 +248,16 @@
status: "Complete"
end: "{{ lookup('pipe', 'date +%Y%m%d%H%M%SZ') }}"
- hosts: nfss
- hosts: clients
gather_facts: false
become: True
any_errors_fatal: true
pre_tasks:
- name: set ceph nfs install 'In Progress'
- name: set ceph client install 'In Progress'
run_once: true
set_stats:
data:
installer_phase_ceph_nfs:
installer_phase_ceph_client:
status: "In Progress"
start: "{{ lookup('pipe', 'date +%Y%m%d%H%M%SZ') }}"
......@@ -275,27 +275,27 @@
name: ceph-config
tags: ['ceph_update_config']
- import_role:
name: ceph-nfs
name: ceph-client
post_tasks:
- name: set ceph nfs install 'Complete'
- name: set ceph client install 'Complete'
run_once: true
set_stats:
data:
installer_phase_ceph_nfs:
installer_phase_ceph_client:
status: "Complete"
end: "{{ lookup('pipe', 'date +%Y%m%d%H%M%SZ') }}"
- hosts: rbdmirrors
- hosts: nfss
gather_facts: false
become: True
any_errors_fatal: true
pre_tasks:
- name: set ceph rbd mirror install 'In Progress'
- name: set ceph nfs install 'In Progress'
run_once: true
set_stats:
data:
installer_phase_ceph_rbdmirror:
installer_phase_ceph_nfs:
status: "In Progress"
start: "{{ lookup('pipe', 'date +%Y%m%d%H%M%SZ') }}"
......@@ -313,27 +313,27 @@
name: ceph-config
tags: ['ceph_update_config']
- import_role:
name: ceph-rbd-mirror
name: ceph-nfs
post_tasks:
- name: set ceph rbd mirror install 'Complete'
- name: set ceph nfs install 'Complete'
run_once: true
set_stats:
data:
installer_phase_ceph_rbdmirror:
installer_phase_ceph_nfs:
status: "Complete"
end: "{{ lookup('pipe', 'date +%Y%m%d%H%M%SZ') }}"
- hosts: clients
- hosts: rbdmirrors
gather_facts: false
become: True
any_errors_fatal: true
pre_tasks:
- name: set ceph client install 'In Progress'
- name: set ceph rbd mirror install 'In Progress'
run_once: true
set_stats:
data:
installer_phase_ceph_client:
installer_phase_ceph_rbdmirror:
status: "In Progress"
start: "{{ lookup('pipe', 'date +%Y%m%d%H%M%SZ') }}"
......@@ -351,14 +351,14 @@
name: ceph-config
tags: ['ceph_update_config']
- import_role:
name: ceph-client
name: ceph-rbd-mirror
post_tasks:
- name: set ceph client install 'Complete'
- name: set ceph rbd mirror install 'Complete'
run_once: true
set_stats:
data:
installer_phase_ceph_client:
installer_phase_ceph_rbdmirror:
status: "Complete"
end: "{{ lookup('pipe', 'date +%Y%m%d%H%M%SZ') }}"
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment