gather_facts: False
vars:
- github: False
+ github: ceph/ansible
roles:
- ceph-common
- ceph-mon
- ceph-osd
- ceph-mds
- - ceph-radosgw
- - haproxy
+ - ceph-rgw
tasks:
- name: check for github prefix option on commandline
tags: split
fail: >
- msg='github prefix missing! e.g: (--extra-vars github=mhubig/ansible).'
+ msg='github prefix missing! e.g: (--extra-vars github=ceph/ansible).'
when: github == False
- name: split the repo in seperate branches
git subtree push --prefix=roles/{{ item }} {{ item }} master
chdir=../
with_items: roles
-
# Rados Gateway options
#
#radosgw_dns_name: your.subdomain.tld # subdomains used by radosgw. See http://ceph.com/docs/master/radosgw/config/#enabling-subdomain-s3-calls
-#radosgw_frontend: civetweb # supported options are 'apache' or 'civetweb', also edit roles/ceph-radosgw/defaults/main.yml
+#radosgw_frontend: civetweb # supported options are 'apache' or 'civetweb', also edit roles/ceph-rgw/defaults/main.yml
#radosgw_civetweb_port: 80
#radosgw_keystone: false # activate OpenStack Keystone options full detail here: http://ceph.com/docs/master/radosgw/keystone/
#radosgw_keystone_url: # url:admin_port ie: http://192.168.0.1:35357
## Rados Gateway options\r
#\r
#radosgw_dns_name: your.subdomain.tld # subdomains used by radosgw. See http://ceph.com/docs/master/radosgw/config/#enabling-subdomain-s3-calls\r
-radosgw_frontend: civetweb # supported options are 'apache' or 'civetweb', also edit roles/ceph-radosgw/defaults/main.yml\r
+radosgw_frontend: civetweb # supported options are 'apache' or 'civetweb', also edit roles/ceph-rgw/defaults/main.yml\r
radosgw_civetweb_port: 80\r
radosgw_keystone: false # activate OpenStack Keystone options full detail here: http://ceph.com/docs/master/radosgw/keystone/\r
#radosgw_keystone_url: # url:admin_port ie: http://192.168.0.1:35357\r
+++ /dev/null
----\r
-# You can override vars by using host or group vars\r
-\r
-## Ceph options\r
-#\r
-cephx: true\r
-\r
-# Used for the sudo exception while starting the radosgw process\r
-# a new entry /etc/sudoers.d/ceph will be created\r
-# allowing root to not require tty\r
-radosgw_user: root\r
-\r
-# Toggle 100-continue support for Apache and FastCGI\r
-# WARNING: Changing this value will cause an outage of Apache while it is reinstalled on RGW nodes\r
-http_100_continue: false\r
-\r
-# Rados Gateway options\r
-redhat_distro_ceph_extra: centos6.4 # supported distros are centos6.3, centos6.4, centos6, fedora18, fedora19, opensuse12.2, rhel6.3, rhel6.4, rhel6.5, rhel6, sles11sp2\r
-email_address: foo@bar.com\r
-radosgw_frontend: civetweb # we currently only support a single backend\r
-\r
-\r
-##########\r
-# DOCKER #\r
-##########\r
-\r
-ceph_containerized_deployment: false\r
-ceph_rgw_civetweb_port: 80\r
-ceph_rgw_docker_username: ceph\r
-ceph_rgw_docker_imagename: daemon\r
+++ /dev/null
------BEGIN PGP PUBLIC KEY BLOCK-----
-Version: GnuPG v1.4.10 (GNU/Linux)
-
-mQGiBE1Rr28RBADCxdpLV3ea9ocpS/1+UCvHqD5xjmlw/9dmji4qrUX0+IhPMNuA
-GBBt2CRaR7ygMF5S0NFXooegph0/+NT0KisLIuhUI3gde4SWb5jsb8hpGUse9MC5
-DN39P46zZSpepIMlQuQUkge8W/H2qBu10RcwQhs7o2fZ1zK9F3MmRCkBqwCggpap
-GsOgE2IlWjcztmE6xcPO0wED/R4BxTaQM+jxIjylnHgn9PYy6795yIc/ZoYjNnIh
-QyjqbLWnyzeTmjPBwcXNljKqzEoA/Cjb2gClxHXrYAw7bGu7wKbnqhzdghSx7ab+
-HwIoy/v6IQqv+EXZgYHonqQwqtgfAHp5ON2gWu03cHoGkXfmA4qZIoowqMolZhGo
-cF30A/9GotDdnMlqh8bFBOCMuxfRow7H8RpfL0fX7VHA0knAZEDk2rNFeebL5QKH
-GNJm9Wa6JSVj1NUIaz4LHyravqXi4MXzlUqauhLHw1iG+qwZlPM04z+1Dj6A+2Hr
-b5UxI/I+EzmO5OYa38YWOqybNVBH0wO+sMCpdBq0LABa8X29LbRPQ2VwaCBhdXRv
-bWF0ZWQgcGFja2FnZSBidWlsZCAoQ2VwaCBhdXRvbWF0ZWQgcGFja2FnZSBidWls
-ZCkgPHNhZ2VAbmV3ZHJlYW0ubmV0PohgBBMRAgAgAhsDBgsJCAcDAgQVAggDBBYC
-AwECHgECF4AFAlEUm1YACgkQbq6uIgPDlRqTUACeMqJ+vwatwb+y/KWeNfmgtQ8+
-kDwAn0MHwY42Wmb7FA891j88enooCdxRuQQNBE1Rr28QEACKG04kxGY1cwGoInHV
-P6z1+8oqGiaiYWFflYRtSiwoUVtl30T1sMOSzoEvmauc+rmBBfsyaBb8DLDUIgGK
-v1FCOY/tfqnOyQXotPjgaLeCtK5A5Z5D212wbskf5fRHAxiychwKURiEeesRa7EW
-rF6ohFxOTy9NOlFi7ctusShw6Q2kUtN7bQCX9hJdYs7PYQXvCXvW8DNt7IitF7Mp
-gMHNcj0wik6p38I4s7pqK6mqP4AXVVSWbJKr/LSz8bI8KhWRAT7erVAZf6FElR2x
-ZVr3c4zsE2HFpnZTsM5y/nj8fUkgKGl8OfBuUoh+MCVfnPmE6sgWfDTKkwWtUcmL
-6V9UQ1INUJ3sk+XBY9SMNbOn04su9FjQyNEMI/3VK7yuyKBRAN7IIVgP2ch499m6
-+YFV9ZkG3JSTovNiqSpQouW7YPkS+8mxlPo03LQcU5bHeacBl0T8Xjlvqu6q279E
-liHul4huKL0+myPN4DtmOTh/kwgSy3BGCBdS+wfAJSZcuKI7pk7pHGCdUjNMHQZm
-PFbwzp33bVLd16gnAx0OW5DOn6l0VfgIQNSJ2rn7WZ5jdyg/Flp2VlWVtAHFLzkC
-a+LvQ5twSuzrV/VipSr3xz3pTDLY+ZxDztvrgA6AST8+sdq6uQTYjwUQV0wzanvp
-9hkC5eqRY6YlzcgMkWFv8DCIEwADBQ//ZQaeVmG6T5vyfXf2JrCipmI4MAdO+ezE
-tWE82wgixlCvvm26UmUejCYgtD6DmwY/7/bIjvJDhUwP0+hAHHOpR62gncoMtbMr
-yHpm3FvYH58JNk5gx8ZA322WEc2GCRCQzrMQoMKBcpZY/703GpQ4l3RZ7/25gq7A
-NohV5zeddFQftc05PMBBJLU3U+lrnahJS1WaOXNQzS6oVj9jNda1jkgcQni6QssS
-IMT6rAPsVbGJhe9mxr2VWdQ90QlubpszIeSJuqqJxLwqH8XHXZmQOYxmyVP9a3pF
-qWDmsNxDA8ttYnMIc+nUAgCDJ84ScwQ1GvoCUD1b1cFNzvvhEHsNb4D/XbdrFcFG
-wEkeyivUsojdq2YnGjYSgauqyNWbeEgBrWzUe5USYysmziL/KAubcUjIbeRGxyPS
-6iQ2kbvfEJJPgocWTfLs5j61FObO+MVlj+PEmxWbcsIRv/pnG2V2FPJ8evhzgvp7
-cG9imZPM6dWHzc/ZFdi3Bcs51RtStsvPqXv4icKIi+01h1MLHNBqwuUkIiiK7ooM
-lvnp+DiEsVSuYYKBdGTi+4+nduuYL2g8CTNJKZuC46dY7EcE3lRYZlxl7dwN3jfL
-PRlnNscs34dwhZa+b70Flia0U1DNF4jrIFFBSHD3TqMg0Z6kxp1TfxpeGOLOqnBW
-rr0GKehu9CGISQQYEQIACQIbDAUCURSbegAKCRBurq4iA8OVGv9TAJ9EeXVrRS3p
-PZkT1R21FszUc9LvmgCeMduh5IPGFWSx9MjUc7/j1QKYm7g=
-=per8
------END PGP PUBLIC KEY BLOCK-----
+++ /dev/null
----
-- name: restart apache2
- service: >
- name=apache2
- state=restarted
- enabled=yes
- when: ansible_os_family == 'Debian'
-
-- name: restart apache2
- service: >
- name=httpd
- state=restarted
- enabled=yes
- when: ansible_os_family == 'RedHat'
+++ /dev/null
----
-galaxy_info:
- author: Sébastien Han
- description: Installs Ceph Rados Gateway
- license: Apache
- min_ansible_version: 1.7
- platforms:
- - name: Ubuntu
- versions:
- - trusty
- categories:
- - system
-dependencies:
- - { role: ceph-common, when: not docker }
+++ /dev/null
----
-- name: set config and keys paths
- set_fact:
- ceph_config_keys:
- - /etc/ceph/ceph.client.admin.keyring
- - /etc/ceph/ceph.conf
- - /etc/ceph/monmap
- - /etc/ceph/ceph.mon.keyring
- - /var/lib/ceph/bootstrap-rgw/ceph.keyring
-
-- name: install docker-py
- pip: >
- name=docker-py
- version=1.1.0 # https://github.com/ansible/ansible-modules-core/issues/1227
-
-- name: stat for ceph config and keys
- stat: >
- path={{ item }}
- with_items: ceph_config_keys
- ignore_errors: true
- register: statconfig
-
-- name: try to fetch ceph config and keys
- copy: >
- src=fetch/docker_mon_files/"{{ item }}"
- dest=/etc/ceph/
- owner=root
- group=root
- mode=600
- with_together:
- - ceph_config_keys
- - statconfig.results
- when: item.1.stat.exists == False
-
-- name: run the rados gateway docker image
- docker: >
- image="{{ ceph_rgw_docker_username }}/{{ ceph_rgw_docker_imagename }}"
- name=ceph-{{ ansible_hostname }}-rgw
- expose={{ ceph_rgw_civetweb_port }}
- state=running
- env="RGW_CIVETWEB_PORT={{ ceph_rgw_civetweb_port }},CEPH_DAEMON=RGW"
- volumes="/var/lib/ceph:/var/lib/ceph,/etc/ceph:/etc/ceph"
-
-- name: ensure ceph_rgw service is running
- docker: >
- image="{{ ceph_rgw_docker_username }}/{{ ceph_rgw_docker_imagename }}"
- name="ceph-{{ ansible_hostname }}-rgw"
- detach=yes
- state=running
+++ /dev/null
----
-- name: add ceph extra
- apt_repository: >
- repo="deb http://ceph.com/packages/ceph-extras/debian {{ ansible_lsb.codename }} main"
- state=present
- when: ansible_lsb.codename in ['natty', 'oneiric', 'precise', 'quantal', 'raring', 'sid', 'squeeze', 'wheezy']
-
-# NOTE (leseb): needed for Ubuntu 12.04 to have access to libapache2-mod-fastcgi if 100-continue isn't being used
-- name: enable multiverse repo for precise
- apt_repository: >
- repo="{{ item }}"
- state=present
- with_items:
- - deb http://archive.ubuntu.com/ubuntu {{ ansible_lsb.codename }} multiverse
- - deb http://archive.ubuntu.com/ubuntu {{ ansible_lsb.codename }}-updates multiverse
- - deb http://security.ubuntu.com/ubuntu {{ ansible_lsb.codename }}-security multiverse
- when:
- ansible_lsb.codename in ['precise'] and not
- http_100_continue
-
-# NOTE (leseb): disable the repo when we are using the Ceph repo for 100-continue packages
-- name: disable multiverse repo for precise
- apt_repository: >
- repo="{{ item }}"
- state=absent
- with_items:
- - deb http://archive.ubuntu.com/ubuntu {{ ansible_lsb.codename }} multiverse
- - deb http://archive.ubuntu.com/ubuntu {{ ansible_lsb.codename }}-updates multiverse
- - deb http://security.ubuntu.com/ubuntu {{ ansible_lsb.codename }}-security multiverse
- when:
- ansible_lsb.codename in ['precise'] and
- http_100_continue
-
-# NOTE (leseb): needed for Ubuntu 14.04 to have access to libapache2-mod-fastcgi if 100-continue isn't being used
-- name: enable multiverse repo for trusty
- command: "apt-add-repository multiverse"
- changed_when: false
- when:
- ansible_lsb.codename in ['trusty'] and not
- http_100_continue
-
-# NOTE (leseb): disable the repo when we are using the Ceph repo for 100-continue packages
-- name: disable multiverse repo for trusty
- command: "apt-add-repository -r multiverse"
- changed_when: false
- when:
- ansible_lsb.codename in ['trusty'] and
- http_100_continue
-
-# NOTE (leseb): if using 100-continue, add Ceph dev key
-- name: install the ceph development repository key
- apt_key: >
- data="{{ lookup('file', 'cephdev.asc') }}"
- state=present
- when: http_100_continue
-
-# NOTE (leseb): if using 100-continue, add Ceph sources and update
-- name: add ceph apache and fastcgi sources
- apt_repository: >
- repo="{{ item }}"
- state=present
- with_items:
- - deb http://gitbuilder.ceph.com/apache2-deb-{{ ansible_lsb.codename }}-x86_64-basic/ref/master {{ ansible_lsb.codename }} main
- - deb http://gitbuilder.ceph.com/libapache-mod-fastcgi-deb-{{ ansible_lsb.codename }}-x86_64-basic/ref/master {{ ansible_lsb.codename }} main
- register: purge_default_apache
- when: http_100_continue
-
-# NOTE (leseb): else remove them to ensure you use the default packages
-- name: remove ceph apache and fastcgi sources
- apt_repository: >
- repo="{{ item }}"
- state=absent
- with_items:
- - deb http://gitbuilder.ceph.com/apache2-deb-{{ ansible_lsb.codename }}-x86_64-basic/ref/master {{ ansible_lsb.codename }} main
- - deb http://gitbuilder.ceph.com/libapache-mod-fastcgi-deb-{{ ansible_lsb.codename }}-x86_64-basic/ref/master {{ ansible_lsb.codename }} main
- register: purge_ceph_apache
- when: not http_100_continue
-
-# NOTE (leseb): purge Ceph Apache and FastCGI packages if needed
-- name: purge ceph apache and fastcgi packages
- apt: >
- pkg="{{ item }}"
- state=absent
- purge=yes
- with_items:
- - apache2
- - apache2-bin
- - apache2-data
- - apache2-mpm-worker
- - apache2-utils
- - apache2.2-bin
- - apache2.2-common
- - libapache2-mod-fastcgi
- when:
- purge_default_apache.changed or
- purge_ceph_apache.changed
-
-- name: install apache and fastcgi
- apt: >
- pkg={{ item }}
- state=present
- update_cache=yes
- with_items:
- - apache2
- - libapache2-mod-fastcgi
-
-- name: install default httpd.conf
- template: >
- src=httpd.conf
- dest=/etc/apache2/httpd.conf
- owner=root
- group=root
-
-- name: enable some apache mod rewrite and fastcgi
- command: "{{ item }}"
- with_items:
- - a2enmod rewrite
- - a2enmod fastcgi
- changed_when: false
-
-- name: install rados gateway vhost
- template: >
- src=rgw.conf
- dest=/etc/apache2/sites-available/rgw.conf
- owner=root
- group=root
-
-- name: enable rados gateway vhost and disable default site
- command: "{{ item }}"
- with_items:
- - a2ensite rgw.conf
- - a2dissite *default
- changed_when: false
- ignore_errors: true
- notify:
- - restart apache2
-
-- name: install s3gw.fcgi script
- template: >
- src=s3gw.fcgi.j2
- dest=/var/www/s3gw.fcgi
- mode=0555
- owner=root
- group=root
+++ /dev/null
----
-- name: add ceph extra
- template: >
- src=ceph-extra.repo
- dest=/etc/yum.repos.d
- owner=root
- group=root
-
-- name: add special fastcgi repository key
- rpm_key: key=http://dag.wieers.com/rpm/packages/RPM-GPG-KEY.dag.txt
-
-- name: add special fastcgi repository
- command: rpm -ivh http://pkgs.repoforge.org/rpmforge-release/rpmforge-release-0.5.3-1.el6.rf.x86_64.rpm
- changed_when: false
-
-- name: install apache and fastcgi
- yum: >
- name={{ item }}
- state=present
- with_items:
- - httpd
- - mod_fastcgi
- - mod_fcgid
-
-- name: install rados gateway vhost
- template: >
- src=rgw.conf
- dest=/etc/httpd/conf.d/rgw.conf
- owner=root
- group=root
-
-- name: install s3gw.fcgi script
- template: >
- src=s3gw.fcgi.j2
- dest=/var/www/s3gw.fcgi
- mode=0555
- owner=root
- group=root
-
-- name: disable default site
- shell: sed -i "s/^[^+#]/#/g" /etc/httpd/conf.d/welcome.conf
- changed_when: false
- notify:
- - restart apache2
+++ /dev/null
----
-- include: pre_requisite.yml
- when: not ceph_containerized_deployment
-
-- include: ./installs/install_redhat.yml
- when:
- ansible_os_family == 'RedHat' and
- radosgw_frontend == 'apache' and not
- ceph_containerized_deployment
-
-- include: ./installs/install_debian.yml
- when:
- ansible_os_family == 'Debian' and
- radosgw_frontend == 'apache' and not
- ceph_containerized_deployment
-
-- name: install rados gateway
- apt: >
- pkg=radosgw
- state=present
- update_cache=yes
- when:
- ansible_os_family == 'Debian' and not
- ceph_containerized_deployment
-
-- name: install rados gateway
- yum: >
- name=ceph-radosgw
- state=present
- when:
- ansible_os_family == 'RedHat' and not
- ceph_containerized_deployment
-
-- include: openstack-keystone.yml
- when: radosgw_keystone
-
-- include: start_radosgw.yml
- when: not ceph_containerized_deployment
-
-- include: docker.yml
- when: ceph_containerized_deployment
+++ /dev/null
----
-- name: create nss directory for keystone certificates
- file: >
- path={{ radosgw_nss_db_path }}
- state=directory
- owner=root
- group=root
- mode=0644
-
-- name: create nss entries for keystone certificates
- shell: "{{ item }}"
- with_items:
- - "openssl x509 -in /etc/keystone/ssl/certs/ca.pem -pubkey |certutil -d {{ radosgw_nss_db_path }} -A -n ca -t 'TCu,Cu,Tuw'"
- - "openssl x509 -in /etc/keystone/ssl/certs/signing_cert.pem -pubkey | certutil -A -d {{ radosgw_nss_db_path }} -n signing_cert -t 'P,P,P'"
+++ /dev/null
----
-- name: create rados gateway directories
- file: >
- path={{ item }}
- state=directory
- owner=root
- group=root
- mode=0644
- with_items:
- - /var/lib/ceph/bootstrap-rgw
- - /var/lib/ceph/radosgw/ceph-rgw.{{ ansible_hostname }}
-
-- name: copy rados gateway bootstrap key
- copy: >
- src=fetch/{{ fsid }}/var/lib/ceph/bootstrap-rgw/ceph.keyring
- dest=/var/lib/ceph/bootstrap-rgw/ceph.keyring
- owner=root
- group=root
- mode=600
- when: cephx
-
-- name: create rados gateway keyring
- command: >
- ceph --cluster ceph --name client.bootstrap-rgw --keyring /var/lib/ceph/bootstrap-rgw/ceph.keyring auth get-or-create client.rgw.{{ ansible_hostname }} osd 'allow rwx' mon 'allow rw' -o /var/lib/ceph/radosgw/ceph-rgw.{{ ansible_hostname }}/keyring
- creates=/var/lib/ceph/radosgw/ceph-rgw.{{ ansible_hostname }}/keyring
- changed_when: false
- when: cephx
-
-- name: set rados gateway key permissions
- file: >
- path=/var/lib/ceph/radosgw/ceph-rgw.{{ ansible_hostname }}/keyring
- mode=0600
- owner=root
- group=root
- when: cephx
-
-- name: activate rados gateway with upstart
- file: >
- path=/var/lib/ceph/radosgw/ceph-rgw.{{ ansible_hostname }}/{{ item }}
- state=touch
- owner=root
- group=root
- mode=0644
- with_items:
- - done
- - upstart
- changed_when: false
- when: ansible_distribution == "Ubuntu"
-
-- name: activate rados gateway with sysvinit
- file: >
- path=/var/lib/ceph/radosgw/ceph-rgw.{{ ansible_hostname }}/{{ item }}
- state=touch
- owner=root
- group=root
- mode=0644
- with_items:
- - done
- - sysvinit
- changed_when: false
- when: ansible_distribution != "Ubuntu"
-
-- name: generate rados gateway sudoers file
- template: >
- src=ceph.j2
- dest=/etc/sudoers.d/ceph
- owner=root
- group=root
- mode=0400
- when: ansible_distribution != "Ubuntu"
+++ /dev/null
----
-- name: check if rgw is started
- command: /etc/init.d/radosgw status
- register: rgwstatus
- ignore_errors: true
-
-- name: start rgw
- command: /etc/init.d/radosgw start
- when:
- rgwstatus.rc != 0 and
- ansible_distribution != "Ubuntu" and
- ansible_os_family != 'RedHat'
-
-- name: start rgw on ubuntu
- service: >
- name=radosgw-all
- state=started
- when: ansible_distribution == 'Ubuntu'
-
-- name: start rgw on red hat
- service: >
- name=ceph-radosgw
- state=started
- enabled=yes
- when: ansible_distribution == 'RedHat'
+++ /dev/null
-# {{ ansible_managed }}
-
-[ceph-extras]
-name=Ceph Extras Packages
-baseurl=http://ceph.com/packages/ceph-extras/rpm/{{ redhat_distro_ceph_extra }}/$basearch
-enabled=1
-priority=2
-gpgcheck=1
-type=rpm-md
-gpgkey=https://ceph.com/git/?p=ceph.git;a=blob_plain;f=keys/release.asc
-
-{% if (redhat_distro_ceph_extra != "centos6.4" and redhat_distro_ceph_extra != "rhel6.4" and redhat_distro_ceph_extra != "rhel6.5") %}
-[ceph-extras-noarch]
-name=Ceph Extras noarch
-baseurl=http://ceph.com/packages/ceph-extras/rpm/{{ redhat_distro_ceph_extra }}/noarch
-enabled=1
-priority=2
-gpgcheck=1
-type=rpm-md
-gpgkey=https://ceph.com/git/?p=ceph.git;a=blob_plain;f=keys/release.asc
-{% endif %}
-
-[ceph-extras-source]
-name=Ceph Extras Sources
-baseurl=http://ceph.com/packages/ceph-extras/rpm/{{ redhat_distro_ceph_extra }}/SRPMS
-enabled=1
-priority=2
-gpgcheck=1
-type=rpm-md
-gpgkey=https://ceph.com/git/?p=ceph.git;a=blob_plain;f=keys/release.asc
+++ /dev/null
-# {{ ansible_managed }}
-Defaults:{{ radosgw_user }} !requiretty
+++ /dev/null
-# {{ ansible_managed }}
-
-ServerName {{ ansible_hostname }}
+++ /dev/null
-# {{ ansible_managed }}
-
-FastCgiExternalServer /var/www/s3gw.fcgi -socket /tmp/radosgw-{{ ansible_hostname }}.sock
-<VirtualHost *:80>
- ServerName {{ ansible_hostname }}
- ServerAdmin {{ email_address }}@{{ ansible_fqdn }}
- DocumentRoot /var/www
-
- <IfModule mod_fastcgi.c>
- <Directory /var/www>
- Options +ExecCGI
- AllowOverride All
- SetHandler fastcgi-script
- Order allow,deny
- Allow from all
- AuthBasicAuthoritative Off
- </Directory>
- </IfModule>
-
- RewriteEngine On
- RewriteRule ^/([a-zA-Z0-9-_.]*)([/]?.*) /s3gw.fcgi?page=$1¶ms=$2&%{QUERY_STRING} [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L]
-
-</VirtualHost>
+++ /dev/null
-# {{ ansible_managed }}
-#!/bin/sh
-exec /usr/bin/radosgw -c /etc/ceph/ceph.conf -n client.radosgw.{{ ansible_hostname }}
--- /dev/null
+---\r
+# You can override vars by using host or group vars\r
+\r
+## Ceph options\r
+#\r
+cephx: true\r
+\r
+# Used for the sudo exception while starting the radosgw process\r
+# a new entry /etc/sudoers.d/ceph will be created\r
+# allowing root to not require tty\r
+radosgw_user: root\r
+\r
+# Toggle 100-continue support for Apache and FastCGI\r
+# WARNING: Changing this value will cause an outage of Apache while it is reinstalled on RGW nodes\r
+http_100_continue: false\r
+\r
+# Rados Gateway options\r
+redhat_distro_ceph_extra: centos6.4 # supported distros are centos6.3, centos6.4, centos6, fedora18, fedora19, opensuse12.2, rhel6.3, rhel6.4, rhel6.5, rhel6, sles11sp2\r
+email_address: foo@bar.com\r
+radosgw_frontend: civetweb # we currently only support a single backend\r
+\r
+\r
+##########\r
+# DOCKER #\r
+##########\r
+\r
+ceph_containerized_deployment: false\r
+ceph_rgw_civetweb_port: 80\r
+ceph_rgw_docker_username: ceph\r
+ceph_rgw_docker_imagename: daemon\r
--- /dev/null
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+Version: GnuPG v1.4.10 (GNU/Linux)
+
+mQGiBE1Rr28RBADCxdpLV3ea9ocpS/1+UCvHqD5xjmlw/9dmji4qrUX0+IhPMNuA
+GBBt2CRaR7ygMF5S0NFXooegph0/+NT0KisLIuhUI3gde4SWb5jsb8hpGUse9MC5
+DN39P46zZSpepIMlQuQUkge8W/H2qBu10RcwQhs7o2fZ1zK9F3MmRCkBqwCggpap
+GsOgE2IlWjcztmE6xcPO0wED/R4BxTaQM+jxIjylnHgn9PYy6795yIc/ZoYjNnIh
+QyjqbLWnyzeTmjPBwcXNljKqzEoA/Cjb2gClxHXrYAw7bGu7wKbnqhzdghSx7ab+
+HwIoy/v6IQqv+EXZgYHonqQwqtgfAHp5ON2gWu03cHoGkXfmA4qZIoowqMolZhGo
+cF30A/9GotDdnMlqh8bFBOCMuxfRow7H8RpfL0fX7VHA0knAZEDk2rNFeebL5QKH
+GNJm9Wa6JSVj1NUIaz4LHyravqXi4MXzlUqauhLHw1iG+qwZlPM04z+1Dj6A+2Hr
+b5UxI/I+EzmO5OYa38YWOqybNVBH0wO+sMCpdBq0LABa8X29LbRPQ2VwaCBhdXRv
+bWF0ZWQgcGFja2FnZSBidWlsZCAoQ2VwaCBhdXRvbWF0ZWQgcGFja2FnZSBidWls
+ZCkgPHNhZ2VAbmV3ZHJlYW0ubmV0PohgBBMRAgAgAhsDBgsJCAcDAgQVAggDBBYC
+AwECHgECF4AFAlEUm1YACgkQbq6uIgPDlRqTUACeMqJ+vwatwb+y/KWeNfmgtQ8+
+kDwAn0MHwY42Wmb7FA891j88enooCdxRuQQNBE1Rr28QEACKG04kxGY1cwGoInHV
+P6z1+8oqGiaiYWFflYRtSiwoUVtl30T1sMOSzoEvmauc+rmBBfsyaBb8DLDUIgGK
+v1FCOY/tfqnOyQXotPjgaLeCtK5A5Z5D212wbskf5fRHAxiychwKURiEeesRa7EW
+rF6ohFxOTy9NOlFi7ctusShw6Q2kUtN7bQCX9hJdYs7PYQXvCXvW8DNt7IitF7Mp
+gMHNcj0wik6p38I4s7pqK6mqP4AXVVSWbJKr/LSz8bI8KhWRAT7erVAZf6FElR2x
+ZVr3c4zsE2HFpnZTsM5y/nj8fUkgKGl8OfBuUoh+MCVfnPmE6sgWfDTKkwWtUcmL
+6V9UQ1INUJ3sk+XBY9SMNbOn04su9FjQyNEMI/3VK7yuyKBRAN7IIVgP2ch499m6
++YFV9ZkG3JSTovNiqSpQouW7YPkS+8mxlPo03LQcU5bHeacBl0T8Xjlvqu6q279E
+liHul4huKL0+myPN4DtmOTh/kwgSy3BGCBdS+wfAJSZcuKI7pk7pHGCdUjNMHQZm
+PFbwzp33bVLd16gnAx0OW5DOn6l0VfgIQNSJ2rn7WZ5jdyg/Flp2VlWVtAHFLzkC
+a+LvQ5twSuzrV/VipSr3xz3pTDLY+ZxDztvrgA6AST8+sdq6uQTYjwUQV0wzanvp
+9hkC5eqRY6YlzcgMkWFv8DCIEwADBQ//ZQaeVmG6T5vyfXf2JrCipmI4MAdO+ezE
+tWE82wgixlCvvm26UmUejCYgtD6DmwY/7/bIjvJDhUwP0+hAHHOpR62gncoMtbMr
+yHpm3FvYH58JNk5gx8ZA322WEc2GCRCQzrMQoMKBcpZY/703GpQ4l3RZ7/25gq7A
+NohV5zeddFQftc05PMBBJLU3U+lrnahJS1WaOXNQzS6oVj9jNda1jkgcQni6QssS
+IMT6rAPsVbGJhe9mxr2VWdQ90QlubpszIeSJuqqJxLwqH8XHXZmQOYxmyVP9a3pF
+qWDmsNxDA8ttYnMIc+nUAgCDJ84ScwQ1GvoCUD1b1cFNzvvhEHsNb4D/XbdrFcFG
+wEkeyivUsojdq2YnGjYSgauqyNWbeEgBrWzUe5USYysmziL/KAubcUjIbeRGxyPS
+6iQ2kbvfEJJPgocWTfLs5j61FObO+MVlj+PEmxWbcsIRv/pnG2V2FPJ8evhzgvp7
+cG9imZPM6dWHzc/ZFdi3Bcs51RtStsvPqXv4icKIi+01h1MLHNBqwuUkIiiK7ooM
+lvnp+DiEsVSuYYKBdGTi+4+nduuYL2g8CTNJKZuC46dY7EcE3lRYZlxl7dwN3jfL
+PRlnNscs34dwhZa+b70Flia0U1DNF4jrIFFBSHD3TqMg0Z6kxp1TfxpeGOLOqnBW
+rr0GKehu9CGISQQYEQIACQIbDAUCURSbegAKCRBurq4iA8OVGv9TAJ9EeXVrRS3p
+PZkT1R21FszUc9LvmgCeMduh5IPGFWSx9MjUc7/j1QKYm7g=
+=per8
+-----END PGP PUBLIC KEY BLOCK-----
--- /dev/null
+---
+- name: restart apache2
+ service: >
+ name=apache2
+ state=restarted
+ enabled=yes
+ when: ansible_os_family == 'Debian'
+
+- name: restart apache2
+ service: >
+ name=httpd
+ state=restarted
+ enabled=yes
+ when: ansible_os_family == 'RedHat'
--- /dev/null
+---
+galaxy_info:
+ author: Sébastien Han
+ description: Installs Ceph Rados Gateway
+ license: Apache
+ min_ansible_version: 1.7
+ platforms:
+ - name: Ubuntu
+ versions:
+ - trusty
+ categories:
+ - system
+dependencies:
+ - { role: ceph-common, when: not docker }
--- /dev/null
+---
+- name: set config and keys paths
+ set_fact:
+ ceph_config_keys:
+ - /etc/ceph/ceph.client.admin.keyring
+ - /etc/ceph/ceph.conf
+ - /etc/ceph/monmap
+ - /etc/ceph/ceph.mon.keyring
+ - /var/lib/ceph/bootstrap-rgw/ceph.keyring
+
+- name: install docker-py
+ pip: >
+ name=docker-py
+ version=1.1.0 # https://github.com/ansible/ansible-modules-core/issues/1227
+
+- name: stat for ceph config and keys
+ stat: >
+ path={{ item }}
+ with_items: ceph_config_keys
+ ignore_errors: true
+ register: statconfig
+
+- name: try to fetch ceph config and keys
+ copy: >
+ src=fetch/docker_mon_files/"{{ item }}"
+ dest=/etc/ceph/
+ owner=root
+ group=root
+ mode=600
+ with_together:
+ - ceph_config_keys
+ - statconfig.results
+ when: item.1.stat.exists == False
+
+- name: run the rados gateway docker image
+ docker: >
+ image="{{ ceph_rgw_docker_username }}/{{ ceph_rgw_docker_imagename }}"
+ name=ceph-{{ ansible_hostname }}-rgw
+ expose={{ ceph_rgw_civetweb_port }}
+ state=running
+ env="RGW_CIVETWEB_PORT={{ ceph_rgw_civetweb_port }},CEPH_DAEMON=RGW"
+ volumes="/var/lib/ceph:/var/lib/ceph,/etc/ceph:/etc/ceph"
+
+- name: ensure ceph_rgw service is running
+ docker: >
+ image="{{ ceph_rgw_docker_username }}/{{ ceph_rgw_docker_imagename }}"
+ name="ceph-{{ ansible_hostname }}-rgw"
+ detach=yes
+ state=running
--- /dev/null
+---
+- name: add ceph extra
+ apt_repository: >
+ repo="deb http://ceph.com/packages/ceph-extras/debian {{ ansible_lsb.codename }} main"
+ state=present
+ when: ansible_lsb.codename in ['natty', 'oneiric', 'precise', 'quantal', 'raring', 'sid', 'squeeze', 'wheezy']
+
+# NOTE (leseb): needed for Ubuntu 12.04 to have access to libapache2-mod-fastcgi if 100-continue isn't being used
+- name: enable multiverse repo for precise
+ apt_repository: >
+ repo="{{ item }}"
+ state=present
+ with_items:
+ - deb http://archive.ubuntu.com/ubuntu {{ ansible_lsb.codename }} multiverse
+ - deb http://archive.ubuntu.com/ubuntu {{ ansible_lsb.codename }}-updates multiverse
+ - deb http://security.ubuntu.com/ubuntu {{ ansible_lsb.codename }}-security multiverse
+ when:
+ ansible_lsb.codename in ['precise'] and not
+ http_100_continue
+
+# NOTE (leseb): disable the repo when we are using the Ceph repo for 100-continue packages
+- name: disable multiverse repo for precise
+ apt_repository: >
+ repo="{{ item }}"
+ state=absent
+ with_items:
+ - deb http://archive.ubuntu.com/ubuntu {{ ansible_lsb.codename }} multiverse
+ - deb http://archive.ubuntu.com/ubuntu {{ ansible_lsb.codename }}-updates multiverse
+ - deb http://security.ubuntu.com/ubuntu {{ ansible_lsb.codename }}-security multiverse
+ when:
+ ansible_lsb.codename in ['precise'] and
+ http_100_continue
+
+# NOTE (leseb): needed for Ubuntu 14.04 to have access to libapache2-mod-fastcgi if 100-continue isn't being used
+- name: enable multiverse repo for trusty
+ command: "apt-add-repository multiverse"
+ changed_when: false
+ when:
+ ansible_lsb.codename in ['trusty'] and not
+ http_100_continue
+
+# NOTE (leseb): disable the repo when we are using the Ceph repo for 100-continue packages
+- name: disable multiverse repo for trusty
+ command: "apt-add-repository -r multiverse"
+ changed_when: false
+ when:
+ ansible_lsb.codename in ['trusty'] and
+ http_100_continue
+
+# NOTE (leseb): if using 100-continue, add Ceph dev key
+- name: install the ceph development repository key
+ apt_key: >
+ data="{{ lookup('file', 'cephdev.asc') }}"
+ state=present
+ when: http_100_continue
+
+# NOTE (leseb): if using 100-continue, add Ceph sources and update
+- name: add ceph apache and fastcgi sources
+ apt_repository: >
+ repo="{{ item }}"
+ state=present
+ with_items:
+ - deb http://gitbuilder.ceph.com/apache2-deb-{{ ansible_lsb.codename }}-x86_64-basic/ref/master {{ ansible_lsb.codename }} main
+ - deb http://gitbuilder.ceph.com/libapache-mod-fastcgi-deb-{{ ansible_lsb.codename }}-x86_64-basic/ref/master {{ ansible_lsb.codename }} main
+ register: purge_default_apache
+ when: http_100_continue
+
+# NOTE (leseb): else remove them to ensure you use the default packages
+- name: remove ceph apache and fastcgi sources
+ apt_repository: >
+ repo="{{ item }}"
+ state=absent
+ with_items:
+ - deb http://gitbuilder.ceph.com/apache2-deb-{{ ansible_lsb.codename }}-x86_64-basic/ref/master {{ ansible_lsb.codename }} main
+ - deb http://gitbuilder.ceph.com/libapache-mod-fastcgi-deb-{{ ansible_lsb.codename }}-x86_64-basic/ref/master {{ ansible_lsb.codename }} main
+ register: purge_ceph_apache
+ when: not http_100_continue
+
+# NOTE (leseb): purge Ceph Apache and FastCGI packages if needed
+- name: purge ceph apache and fastcgi packages
+ apt: >
+ pkg="{{ item }}"
+ state=absent
+ purge=yes
+ with_items:
+ - apache2
+ - apache2-bin
+ - apache2-data
+ - apache2-mpm-worker
+ - apache2-utils
+ - apache2.2-bin
+ - apache2.2-common
+ - libapache2-mod-fastcgi
+ when:
+ purge_default_apache.changed or
+ purge_ceph_apache.changed
+
+- name: install apache and fastcgi
+ apt: >
+ pkg={{ item }}
+ state=present
+ update_cache=yes
+ with_items:
+ - apache2
+ - libapache2-mod-fastcgi
+
+- name: install default httpd.conf
+ template: >
+ src=httpd.conf
+ dest=/etc/apache2/httpd.conf
+ owner=root
+ group=root
+
+- name: enable some apache mod rewrite and fastcgi
+ command: "{{ item }}"
+ with_items:
+ - a2enmod rewrite
+ - a2enmod fastcgi
+ changed_when: false
+
+- name: install rados gateway vhost
+ template: >
+ src=rgw.conf
+ dest=/etc/apache2/sites-available/rgw.conf
+ owner=root
+ group=root
+
+- name: enable rados gateway vhost and disable default site
+ command: "{{ item }}"
+ with_items:
+ - a2ensite rgw.conf
+ - a2dissite *default
+ changed_when: false
+ ignore_errors: true
+ notify:
+ - restart apache2
+
+- name: install s3gw.fcgi script
+ template: >
+ src=s3gw.fcgi.j2
+ dest=/var/www/s3gw.fcgi
+ mode=0555
+ owner=root
+ group=root
--- /dev/null
+---
+- name: add ceph extra
+ template: >
+ src=ceph-extra.repo
+ dest=/etc/yum.repos.d
+ owner=root
+ group=root
+
+- name: add special fastcgi repository key
+ rpm_key: key=http://dag.wieers.com/rpm/packages/RPM-GPG-KEY.dag.txt
+
+- name: add special fastcgi repository
+ command: rpm -ivh http://pkgs.repoforge.org/rpmforge-release/rpmforge-release-0.5.3-1.el6.rf.x86_64.rpm
+ changed_when: false
+
+- name: install apache and fastcgi
+ yum: >
+ name={{ item }}
+ state=present
+ with_items:
+ - httpd
+ - mod_fastcgi
+ - mod_fcgid
+
+- name: install rados gateway vhost
+ template: >
+ src=rgw.conf
+ dest=/etc/httpd/conf.d/rgw.conf
+ owner=root
+ group=root
+
+- name: install s3gw.fcgi script
+ template: >
+ src=s3gw.fcgi.j2
+ dest=/var/www/s3gw.fcgi
+ mode=0555
+ owner=root
+ group=root
+
+- name: disable default site
+ shell: sed -i "s/^[^+#]/#/g" /etc/httpd/conf.d/welcome.conf
+ changed_when: false
+ notify:
+ - restart apache2
--- /dev/null
+---
+- include: pre_requisite.yml
+ when: not ceph_containerized_deployment
+
+- include: ./installs/install_redhat.yml
+ when:
+ ansible_os_family == 'RedHat' and
+ radosgw_frontend == 'apache' and not
+ ceph_containerized_deployment
+
+- include: ./installs/install_debian.yml
+ when:
+ ansible_os_family == 'Debian' and
+ radosgw_frontend == 'apache' and not
+ ceph_containerized_deployment
+
+- name: install rados gateway
+ apt: >
+ pkg=radosgw
+ state=present
+ update_cache=yes
+ when:
+ ansible_os_family == 'Debian' and not
+ ceph_containerized_deployment
+
+- name: install rados gateway
+ yum: >
+ name=ceph-radosgw
+ state=present
+ when:
+ ansible_os_family == 'RedHat' and not
+ ceph_containerized_deployment
+
+- include: openstack-keystone.yml
+ when: radosgw_keystone
+
+- include: start_radosgw.yml
+ when: not ceph_containerized_deployment
+
+- include: docker.yml
+ when: ceph_containerized_deployment
--- /dev/null
+---
+- name: create nss directory for keystone certificates
+ file: >
+ path={{ radosgw_nss_db_path }}
+ state=directory
+ owner=root
+ group=root
+ mode=0644
+
+- name: create nss entries for keystone certificates
+ shell: "{{ item }}"
+ with_items:
+ - "openssl x509 -in /etc/keystone/ssl/certs/ca.pem -pubkey |certutil -d {{ radosgw_nss_db_path }} -A -n ca -t 'TCu,Cu,Tuw'"
+ - "openssl x509 -in /etc/keystone/ssl/certs/signing_cert.pem -pubkey | certutil -A -d {{ radosgw_nss_db_path }} -n signing_cert -t 'P,P,P'"
--- /dev/null
+---
+- name: create rados gateway directories
+ file: >
+ path={{ item }}
+ state=directory
+ owner=root
+ group=root
+ mode=0644
+ with_items:
+ - /var/lib/ceph/bootstrap-rgw
+ - /var/lib/ceph/radosgw/ceph-rgw.{{ ansible_hostname }}
+
+- name: copy rados gateway bootstrap key
+ copy: >
+ src=fetch/{{ fsid }}/var/lib/ceph/bootstrap-rgw/ceph.keyring
+ dest=/var/lib/ceph/bootstrap-rgw/ceph.keyring
+ owner=root
+ group=root
+ mode=600
+ when: cephx
+
+- name: create rados gateway keyring
+ command: >
+ ceph --cluster ceph --name client.bootstrap-rgw --keyring /var/lib/ceph/bootstrap-rgw/ceph.keyring auth get-or-create client.rgw.{{ ansible_hostname }} osd 'allow rwx' mon 'allow rw' -o /var/lib/ceph/radosgw/ceph-rgw.{{ ansible_hostname }}/keyring
+ creates=/var/lib/ceph/radosgw/ceph-rgw.{{ ansible_hostname }}/keyring
+ changed_when: false
+ when: cephx
+
+- name: set rados gateway key permissions
+ file: >
+ path=/var/lib/ceph/radosgw/ceph-rgw.{{ ansible_hostname }}/keyring
+ mode=0600
+ owner=root
+ group=root
+ when: cephx
+
+- name: activate rados gateway with upstart
+ file: >
+ path=/var/lib/ceph/radosgw/ceph-rgw.{{ ansible_hostname }}/{{ item }}
+ state=touch
+ owner=root
+ group=root
+ mode=0644
+ with_items:
+ - done
+ - upstart
+ changed_when: false
+ when: ansible_distribution == "Ubuntu"
+
+- name: activate rados gateway with sysvinit
+ file: >
+ path=/var/lib/ceph/radosgw/ceph-rgw.{{ ansible_hostname }}/{{ item }}
+ state=touch
+ owner=root
+ group=root
+ mode=0644
+ with_items:
+ - done
+ - sysvinit
+ changed_when: false
+ when: ansible_distribution != "Ubuntu"
+
+- name: generate rados gateway sudoers file
+ template: >
+ src=ceph.j2
+ dest=/etc/sudoers.d/ceph
+ owner=root
+ group=root
+ mode=0400
+ when: ansible_distribution != "Ubuntu"
--- /dev/null
+---
+- name: check if rgw is started
+ command: /etc/init.d/radosgw status
+ register: rgwstatus
+ ignore_errors: true
+
+- name: start rgw
+ command: /etc/init.d/radosgw start
+ when:
+ rgwstatus.rc != 0 and
+ ansible_distribution != "Ubuntu" and
+ ansible_os_family != 'RedHat'
+
+- name: start rgw on ubuntu
+ service: >
+ name=radosgw-all
+ state=started
+ when: ansible_distribution == 'Ubuntu'
+
+- name: start rgw on red hat
+ service: >
+ name=ceph-radosgw
+ state=started
+ enabled=yes
+ when: ansible_distribution == 'RedHat'
--- /dev/null
+# {{ ansible_managed }}
+
+[ceph-extras]
+name=Ceph Extras Packages
+baseurl=http://ceph.com/packages/ceph-extras/rpm/{{ redhat_distro_ceph_extra }}/$basearch
+enabled=1
+priority=2
+gpgcheck=1
+type=rpm-md
+gpgkey=https://ceph.com/git/?p=ceph.git;a=blob_plain;f=keys/release.asc
+
+{% if (redhat_distro_ceph_extra != "centos6.4" and redhat_distro_ceph_extra != "rhel6.4" and redhat_distro_ceph_extra != "rhel6.5") %}
+[ceph-extras-noarch]
+name=Ceph Extras noarch
+baseurl=http://ceph.com/packages/ceph-extras/rpm/{{ redhat_distro_ceph_extra }}/noarch
+enabled=1
+priority=2
+gpgcheck=1
+type=rpm-md
+gpgkey=https://ceph.com/git/?p=ceph.git;a=blob_plain;f=keys/release.asc
+{% endif %}
+
+[ceph-extras-source]
+name=Ceph Extras Sources
+baseurl=http://ceph.com/packages/ceph-extras/rpm/{{ redhat_distro_ceph_extra }}/SRPMS
+enabled=1
+priority=2
+gpgcheck=1
+type=rpm-md
+gpgkey=https://ceph.com/git/?p=ceph.git;a=blob_plain;f=keys/release.asc
--- /dev/null
+# {{ ansible_managed }}
+Defaults:{{ radosgw_user }} !requiretty
--- /dev/null
+# {{ ansible_managed }}
+
+ServerName {{ ansible_hostname }}
--- /dev/null
+# {{ ansible_managed }}
+
+FastCgiExternalServer /var/www/s3gw.fcgi -socket /tmp/radosgw-{{ ansible_hostname }}.sock
+<VirtualHost *:80>
+ ServerName {{ ansible_hostname }}
+ ServerAdmin {{ email_address }}@{{ ansible_fqdn }}
+ DocumentRoot /var/www
+
+ <IfModule mod_fastcgi.c>
+ <Directory /var/www>
+ Options +ExecCGI
+ AllowOverride All
+ SetHandler fastcgi-script
+ Order allow,deny
+ Allow from all
+ AuthBasicAuthoritative Off
+ </Directory>
+ </IfModule>
+
+ RewriteEngine On
+ RewriteRule ^/([a-zA-Z0-9-_.]*)([/]?.*) /s3gw.fcgi?page=$1¶ms=$2&%{QUERY_STRING} [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L]
+
+</VirtualHost>
--- /dev/null
+# {{ ansible_managed }}
+#!/bin/sh
+exec /usr/bin/radosgw -c /etc/ceph/ceph.conf -n client.radosgw.{{ ansible_hostname }}
+++ /dev/null
----\r
-# You can override vars by using host or group vars\r
-\r
-rgw_group_name: rgws\r
-\r
-# Rados Gateway options\r
-radosgw_interface: eth1 # the public interface which the radosgw talks to the world with, this variable is used in the haproxy role, this does not need to be set if haproxy is not used.\r
+++ /dev/null
-# Set ENABLED to 1 if you want the init script to start haproxy.
-ENABLED=1
-# Add extra flags here.
-#EXTRAOPTS="-de -m 16"
+++ /dev/null
----
-## Check distribution release
-#
-
-- include: precise.yml
- when: ansible_distribution_release == 'precise'
+++ /dev/null
----
-- name: restart haproxy
- service: >
- name=haproxy
- state=restarted
+++ /dev/null
----
-## Check distribution release
-#
-
-- include: precise.yml
- when: ansible_distribution_release == 'precise'
+++ /dev/null
----
-- name: Add repository
- apt_repository: >
- repo=ppa:vbernat/haproxy-1.5
- state=present
-
-- name: Install haproxy
- apt: >
- name={{ item }}
- state=present
- with_items:
- - haproxy
- - socat
-
-- name: Copy default configuration
- copy: >
- src=precise/haproxy
- dest=/etc/default/haproxy
- notify: restart haproxy
-
-- name: Create configuration
- template: >
- src=precise/haproxy.cfg
- dest=/etc/haproxy/haproxy.cfg
- backup=yes
- notify: restart haproxy
-
-- name: Start and enable haproxy
- service: >
- name=haproxy
- state=started
- enabled=yes
+++ /dev/null
-#
-# {{ ansible_managed }}
-#
-global
- log /dev/log local0
- log /dev/log local1 notice
- chroot /var/lib/haproxy
- user haproxy
- group haproxy
- daemon
- stats socket /var/lib/haproxy/stats level admin
-
-defaults
- log global
- mode http
- option httplog
- option dontlognull
- contimeout 5000
- clitimeout 50000
- srvtimeout 50000
- errorfile 400 /etc/haproxy/errors/400.http
- errorfile 403 /etc/haproxy/errors/403.http
- errorfile 408 /etc/haproxy/errors/408.http
- errorfile 500 /etc/haproxy/errors/500.http
- errorfile 502 /etc/haproxy/errors/502.http
- errorfile 503 /etc/haproxy/errors/503.http
- errorfile 504 /etc/haproxy/errors/504.http
-
-frontend http_frontend
- bind *:80
- mode http
- option httpclose
- option forwardfor
- default_backend rgw
-
-frontend https_frontend
- bind *:443 ssl crt /etc/ceph/radosgw-key-cert.pem
- mode http
- option httpclose
- option forwardfor
- reqadd X-Forwarded-Proto:\ https
- default_backend rgw
-
-backend rgw
- mode http
- balance roundrobin
- cookie RADOSGWLB insert indirect nocache
-{% for host in groups[rgw_group_name] %}
- server {{ hostvars[host].ansible_hostname }} {{ hostvars[host]['ansible_' + radosgw_interface ].ipv4.address }}:80 check cookie {{ hostvars[host].ansible_hostname }}
-{% endfor %}
-
-listen stats :8080
- mode http
- stats enable
- stats hide-version
- stats realm Haproxy\ Statistics
- stats uri /
- #stats auth Username:Password
roles:
- ceph-common
- - ceph-radosgw
+ - ceph-rgw
post_tasks:
- name: restart rados gateway server(s)
- hosts: rgws
sudo: True
roles:
- - ceph-radosgw
+ - ceph-rgw
- ceph-mon
- ceph-osd
- ceph-mds
- - ceph-radosgw
- - haproxy
+ - ceph-rgw
projects / ceph-ansible.git / commitdiff