- 17 Jun, 2021 3 commits
-
-
Guillaume Abrioux authored
There's no need to copy this keyring when using nfs with mds Signed-off-by:
Guillaume Abrioux <gabrioux@redhat.com> (cherry picked from commit 8dbee998)
-
VasishtaShastry authored
Playbook failing saying: msg: 'Could not find the requested service lvmetad: host' Closes: https://bugzilla.redhat.com/show_bug.cgi?id=1955040 Signed-off-by:
VasishtaShastry <vipin.indiasmg@gmail.com> (cherry picked from commit e49c38f8)
-
Guillaume Abrioux authored
When running the switch-to-containers playbook with multisite enabled, the fact "rgw_instances" is only set for the node being processed (serial: 1), the consequence of that is that the set_fact of 'rgw_instances_all' can't iterate over all rgw node in order to look up each 'rgw_instances_host'. Adding a condition checking whether hostvars[item]["rgw_instances_host"] is defined fixes this issue. Closes: https://bugzilla.redhat.com/show_bug.cgi?id=1967926 Signed-off-by:
Guillaume Abrioux <gabrioux@redhat.com> (cherry picked from commit 8279d14d)
-
- 14 Jun, 2021 1 commit
-
-
Guillaume Abrioux authored
When monitors and rgw are collocated with multisite enabled, the rolling_update playbook fails because during the workflow, we run some radosgw-admin commands very early on the first mon even though this is the monitor being upgraded, it means the container doesn't exist since it was stopped. This block is relevant only for scaling out rgw daemons or initial deployment. In rolling_update workflow, it is not needed so let's skip it. Closes: https://bugzilla.redhat.com/show_bug.cgi?id=1970232 Signed-off-by:
Guillaume Abrioux <gabrioux@redhat.com> (cherry picked from commit f7166ccc)
-
- 07 Jun, 2021 2 commits
-
-
Guillaume Abrioux authored
Due to a recent commit that has introduced a regression in ceph, this test is failing. Temporarily disabling it to unblock the CI. Signed-off-by:
Guillaume Abrioux <gabrioux@redhat.com> (cherry picked from commit 2e19d170)
-
Guillaume Abrioux authored
When using grafana behind https `cookie_secure` should be set to `true`. Closes: https://bugzilla.redhat.com/show_bug.cgi?id=1966880 Signed-off-by:
Guillaume Abrioux <gabrioux@redhat.com> (cherry picked from commit 4daed1f1)
-
- 03 Jun, 2021 1 commit
-
-
Guillaume Abrioux authored
When deploying dashboard in a cluster with rgw multisite deployed. Due to the last rgw multisite refactor, we now expect the variable `rgw_zonemaster` to be defined in the dict `rgw_instances`. The idea here is to create that user on the cluster as soon as we have 1 `rgw_zonemaster` set to `true` in `rgw_instances`. Closes: https://bugzilla.redhat.com/show_bug.cgi?id=1964995 Signed-off-by:
Guillaume Abrioux <gabrioux@redhat.com>
-
- 26 May, 2021 5 commits
-
-
Guillaume Abrioux authored
ceph-crash deployments is broken when ceph-ansible playbook is called with --limit in containerized contexts since we don't set `container_exec_cmd` on the first monitor. Closes: https://bugzilla.redhat.com/show_bug.cgi?id=1964835 Signed-off-by:
Guillaume Abrioux <gabrioux@redhat.com> (cherry picked from commit 10ed26f1)
-
Guillaume Abrioux authored
during backport of c8b92deba10c0b6e0ebcb0e31315b1e6174fdc0c the pattern should have been s/monitoring_group_name/grafana_server_group_name/ Closes: https://bugzilla.redhat.com/show_bug.cgi?id=1964907 Signed-off-by:
Guillaume Abrioux <gabrioux@redhat.com> (cherry picked from commit ac0a5c1e)
-
Guillaume Abrioux authored
When osd nodes are collocated in the clients group (HCI context for instance), the current logic will exclude osd nodes since they are present in the client group. The best fix would be to exclude clients node only when they are not member of another group but for now, as a workaround, we can enforce the addition of osd nodes to fix this specific case. Closes: https://bugzilla.redhat.com/show_bug.cgi?id=1947695 Signed-off-by:
Guillaume Abrioux <gabrioux@redhat.com> (cherry picked from commit 664dae05)
-
Guillaume Abrioux authored
0990ae41 changed the filter in selectattr() from 'match' to 'equalto' but due to an incompatibility with the Jinja2 version for python 2.7 on el7 we must stick to using 'match' filter. Signed-off-by:
Guillaume Abrioux <gabrioux@redhat.com> (cherry picked from commit d6745e9c)
-
Guillaume Abrioux authored
using 'match' filter in that task will lead to bad behavior if I have the following node names for instance: - node1 - node11 - node111 with `selectattr('name', 'match', inventory_hostname)` it will match 'node1' along with 'node11' and 'node111'. using 'equalto' filter will make sure we only match the target node. Closes: https://bugzilla.redhat.com/show_bug.cgi?id=1963066 Signed-off-by:
Guillaume Abrioux <gabrioux@redhat.com> (cherry picked from commit 0990ae41)
-
- 25 May, 2021 1 commit
-
-
Guillaume Abrioux authored
Enabling lvmetad in containerized deployments on el7 based OS might cause issues. This commit make it possible to disable this service if needed. Closes: https://bugzilla.redhat.com/show_bug.cgi?id=1955040 Signed-off-by:
Guillaume Abrioux <gabrioux@redhat.com>
-
- 17 May, 2021 1 commit
-
-
Brad Hubbard authored
We can end up with an arm only repo unless we are specific about the architecture we require. Brings the deb code in line with the rpm equivalent. Signed-off-by:
Brad Hubbard <bhubbard@redhat.com> (cherry picked from commit 267cce9e8360fc8cb9c192fde2406e5dca724610)
-
- 05 May, 2021 3 commits
-
-
Guillaume Abrioux authored
This commit checks the length of `virtual_ips` doesn't exceed the length of `groups[rgwloadbalancer_group_name]`. It also ensure this variable is defined when `groups[rgwloadbalancer_group_name]` contains at least one node. Signed-off-by:
Guillaume Abrioux <gabrioux@redhat.com> (cherry picked from commit 3b63e0649cdaf322af1ad5a5b5b276ec9085d2d5)
-
Benoît Knecht authored
While 2ca33641 fixed a bug in the way the `keepalived.conf.j2` template matched hostnames to set the VRRP `MASTER`/`BACKUP` states, it also introduced a regression in the case where `virtual_ips` is a list of more than one IP address. The previous behavior would result in each host in the `rgwloadbalancers` group to be `MASTER` for one of the `virtual_ips`, but the new behavior caused the first host to be `MASTER` for all the IP address in `virtual_ips`. This commit restores the original behavior. Signed-off-by:
Benoît Knecht <bknecht@protonmail.ch> (cherry picked from commit 2bede4762efaf566a7da689dd1021ee66c0c94eb)
-
Guillaume Abrioux authored
This is a workaround for an issue in ansible. When trying to stop/mask/disable this service in one task, the stop didn't actually happen, the task doesn't fail but for some reason the container is still present and running. Then the task starting the service in the role ceph-crash fails because it can't start the container since it's already running with the same name. Closes: https://bugzilla.redhat.com/show_bug.cgi?id=1955393 Signed-off-by:
Guillaume Abrioux <gabrioux@redhat.com> (cherry picked from commit 3db1ea7e)
-
- 29 Apr, 2021 1 commit
-
-
Seena Fallah authored
TCMALLOC_MAX_TOTAL_THREAD_CACHE_BYTES is for both bluestore and filestore Signed-off-by:
Seena Fallah <seenafallah@gmail.com> (cherry picked from commit 41295f0e)
-
- 28 Apr, 2021 3 commits
-
-
Benoît Knecht authored
Skip the `get initial keyring when it already exists` task when both commands whose `stdout` output it requires have been skipped (e.g. when running in check mode). Signed-off-by:
Benoît Knecht <bknecht@protonmail.ch> (cherry picked from commit e98d9b70bd2d272385519efdefe776c4abc00f0a)
-
Guillaume Abrioux authored
This removes the fact `skipped_nodes` which is useless when we run with `--limit` since it gets reset when a new iteration is made. Instead, let's print within a final play which node has been skipped reusing the `skip_this_node` fact. Signed-off-by:
Guillaume Abrioux <gabrioux@redhat.com> (cherry picked from commit 3d426705)
-
Francesco Pantano authored
When dashboard_frontend_vip is provided, all the services should be configured using the related VIP. A new VIP variable is added for both prometheus and alertmanager: we're already able to properly config the grafana vip using dashboard_frontend_vip variable. This change adds the same variable for both prometheus and alertmanager. Signed-off-by:
Francesco Pantano <fpantano@redhat.com> (cherry picked from commit 44165163)
-
- 15 Apr, 2021 3 commits
-
-
Guillaume Abrioux authored
We shouldn't prevent from setting target_size_ratio when the autoscaler is set to 'warn'. Closes: https://bugzilla.redhat.com/show_bug.cgi?id=1906305 Signed-off-by:
Guillaume Abrioux <gabrioux@redhat.com>
-
Benoît Knecht authored
The `set_fact rgw_ports` task was failing due to a templating error, because `hostvars[item].rgw_instances` is a list, but it was treated as if it was a dictionary. Another issue was the fact that the `unique` filter only applied to the list being appended to `rgw_ports` instead of the entire list, which means it was possible to have duplicate items. Lastly, `rgw_ports` would have been a list of integers, but the `seport` module expects a list of strings. This commit fixes all of the issues above, allowing the `ceph-rgw-loadbalancer` role to work on systems with SELinux enabled. Signed-off-by:
Benoît Knecht <bknecht@protonmail.ch> (cherry picked from commit c0785134)
-
Guillaume Abrioux authored
When collocating daemons, if we chown all files under `/var/lib/ceph` it can cause issues for the collocated daemons that wouldn't have been migrated yet. This commit makes the playbook chown only the files corresponding to the daemon being migrated. Signed-off-by:
Guillaume Abrioux <gabrioux@redhat.com> (cherry picked from commit ddbc11c4)
-
- 14 Apr, 2021 2 commits
-
-
Guillaume Abrioux authored
This adds a `ExecStartPre=-/usr/bin/mkdir -p /var/log/ceph` in all systemd service templates for all ceph daemon. This is specific to RHCS after a Leapp upgrade is done. Indeed, the `/var/log/ceph` seems to be removed after the upgrade. In order to work around this issue let's ensure the directory is present before trying to start the containers with podman. Closes: https://bugzilla.redhat.com/show_bug.cgi?id=1949489 Signed-off-by:
Guillaume Abrioux <gabrioux@redhat.com> (cherry picked from commit bab403b6)
-
Guillaume Abrioux authored
`configure_mirroring.yml` is called right after the daemon is started. Sometimes, it can happen the first task in `configure_mirroring.yml` is run while the daemon isn't yet ready, adding a retries/until on that task should help to avoid causing the playbook to fail. Closes: https://bugzilla.redhat.com/show_bug.cgi?id=1944996 Signed-off-by:
Guillaume Abrioux <gabrioux@redhat.com> (cherry picked from commit b1e7e1ad)
-
- 12 Apr, 2021 2 commits
-
-
Guillaume Abrioux authored
when running docker-to-podman playbook, there's no need to call `ceph-config` and `ceph-rgw` from the role `ceph-handler`. It can even have side effects when coming from a baremetal cluster that was previously migrated using the switch-to-containers playbook. Indeed it might complain about missing .target systemd unit since they are removed during that migration. Closes: https://bugzilla.redhat.com/show_bug.cgi?id=1944999 Signed-off-by:
Guillaume Abrioux <gabrioux@redhat.com> (cherry picked from commit 70f19be3)
-
Guillaume Abrioux authored
this adds a small documentation in the header of the playbook in order to explain what is the goal of this playbook. Signed-off-by:
Guillaume Abrioux <gabrioux@redhat.com> (cherry picked from commit 36b4227d)
-
- 09 Apr, 2021 1 commit
-
-
Guillaume Abrioux authored
This adds the iscsigws migration to containers. Closes: https://bugzilla.redhat.com/show_bug.cgi?id=<bz-number > Signed-off-by:
Guillaume Abrioux <gabrioux@redhat.com> (cherry picked from commit 2c74c273)
-
- 06 Apr, 2021 3 commits
-
-
Guillaume Abrioux authored
This moves some task from the `ceph-nfs` role in `ceph-common` since some of them are needed in `ceph-rgwloadbalancer` role. This avoids duplicated tasks. Signed-off-by:
Guillaume Abrioux <gabrioux@redhat.com> (cherry picked from commit d0442d81)
-
Guillaume Abrioux authored
This adds all rgw ports to the http_port_t selinux type so it allows haproxy to connect to those ports in order to avoid AVC. Closes: https://bugzilla.redhat.com/show_bug.cgi?id=1923890 Signed-off-by:
Guillaume Abrioux <gabrioux@redhat.com> (cherry picked from commit 6bbb9019)
-
kalebskeithley authored
haproxy gets an AVC when configured to connect to port 8081 This commit adds a snippet regarding haproxy in a selinux environment Closes: https://bugzilla.redhat.com/show_bug.cgi?id=1923890 Signed-off-by:
Kaleb S KEITHLEY <kkeithle@redhat.com> (cherry picked from commit 9e7f22a0)
-
- 02 Apr, 2021 2 commits
-
-
Guillaume Abrioux authored
Currently NFS Ganesha (ceph-nfs) consumes /etc/idmapd.conf, which controls mapping of user/owner identities under NFSv4+. With containerized service deployment, this file is an immutable part of the container image and cannot be modified. Here we provide group variables, and a taskk and templates for the ceph-nfs role, to set the path of the idmap configuration file and to make the most common adjustment to the contents of that file -- namely to set the 'Domain'. We default the path to /etc/ganesha/idmap.conf so that we will not conflict with /etc/idmapd.conf on the controller nodes where ganesha runs. NFSv4 clients, as used for example by the Cinder NFS driver, consume /etc/idmapd.conf and may require different settings than what is wanted for NFS Ganesha. Additionally, because we already bind /etc/ganesha from the host into the ceph-nfs container, the file NFS Ganesha consumes will no longer be an immutable part of the container. Closes: https://bugzilla.redhat.com/show_bug.cgi?id=1925646 Signed-off-by: Tom Barron tpb@dyncloud.net Co-Authored-by:
Guillaume Abrioux <gabrioux@redhat.com> (cherry picked from commit 2db2208e)
-
Guillaume Abrioux authored
This commit adds the parameter `--storage.tsdb.retention.time` to the prometheus systemd unit template. Closes: https://bugzilla.redhat.com/show_bug.cgi?id=1928000 Signed-off-by:
Guillaume Abrioux <gabrioux@redhat.com> (cherry picked from commit b60c61ce)
-
- 29 Mar, 2021 3 commits
-
-
Guillaume Abrioux authored
Playbook must fail anyway, the `rescue` block has been introduced for unmasking the unit after the playbook has failed. Signed-off-by:
Guillaume Abrioux <gabrioux@redhat.com> (cherry picked from commit e9ddb972)
-
Guillaume Abrioux authored
if for some reason the playbook fails after the service was stopped, disabled and masked and before it got restarted, enabled and unmasked, the playbook leaves the service masked and which can make users confused and forces them to unmask the unit manually. Closes: https://bugzilla.redhat.com/show_bug.cgi?id=1917680 Signed-off-by:
Guillaume Abrioux <gabrioux@redhat.com> (cherry picked from commit 07029e1b)
-
Guillaume Abrioux authored
This add a quick documentation in ceph-defaults about `igw_network` Signed-off-by:
Guillaume Abrioux <gabrioux@redhat.com> (cherry picked from commit c5728bdc)
-
- 26 Mar, 2021 3 commits
-
-
Guillaume Abrioux authored
This adds the possibility to deploy the dashboard with igw nodes using a dedicated subnet. Closes: https://bugzilla.redhat.com/show_bug.cgi?id=1926170 Signed-off-by:
Guillaume Abrioux <gabrioux@redhat.com> (cherry picked from commit c33de174)
-
VasishtaShastry authored
rbd-mirroring is not configured as adding peer is getting skipped. Peer addition should not get skipped if its not added already Closes - https://bugzilla.redhat.com/show_bug.cgi?id=1942444 Signed-off-by:
VasishtaShastry <vipin.indiasmg@gmail.com> (cherry picked from commit 006998e8)
-
Guillaume Abrioux authored
This adds the missing service stop task for ceph-crash upgrade workflow. It should have been added through commit `15872e3d` in stable-4.0 but at the time we backported this patch ceph-crash wasn't implemented yet so the ceph-crash related content in this patch was removed. Then, ceph-crash has been implemented later so we are still missing this part of the patch in stable-4.0. Closes: https://bugzilla.redhat.com/show_bug.cgi?id=1943471 Signed-off-by:
Guillaume Abrioux <gabrioux@redhat.com>
-