common: do not regenerate initial mon keyring if cluster exists

author Guillaume Abrioux <gabrioux@redhat.com>

Thu, 8 Dec 2016 15:58:22 +0000 (16:58 +0100)

committer Guillaume Abrioux <gabrioux@redhat.com>

Thu, 15 Dec 2016 13:39:56 +0000 (14:39 +0100)
author Guillaume Abrioux <gabrioux@redhat.com>
Thu, 8 Dec 2016 15:58:22 +0000 (16:58 +0100)
committer Guillaume Abrioux <gabrioux@redhat.com>
Thu, 15 Dec 2016 13:39:56 +0000 (14:39 +0100)
diff --git a/roles/ceph-common/tasks/facts.yml b/roles/ceph-common/tasks/facts.yml

index 85cccfc3f25e2494a57740a8c9183271cf53104e..77d58df7362e0bffca6806f04eebb6ac3bcd6154 100644 (file)
--- a/roles/ceph-common/tasks/facts.yml
+++ b/roles/ceph-common/tasks/facts.yml
@@ -13,10 +13,76 @@
    register: ceph_current_fsid
    delegate_to: "{{ groups[mon_group_name][0] }}"
  
+- name: create a local fetch directory if it does not exist
+  local_action: file path={{ fetch_directory }} state=directory
+  changed_when: false
+  become: false
+  run_once: true
+  when: cephx or generate_fsid
+
  - set_fact:
      fsid: "{{ ceph_current_fsid.stdout }}"
    when: ceph_current_fsid.rc == 0
  
+- set_fact:
+    monitor_name: "{{ ansible_hostname }}"
+  when: not mon_use_fqdn
+
+- set_fact:
+    monitor_name: "{{ ansible_fqdn }}"
+  when: mon_use_fqdn
+
+# We want this check to be run only on one mon
+- name: check if {{ fetch_directory }} directory exists
+  local_action: stat path="{{ fetch_directory }}/monitor_keyring.conf"
+  register: monitor_keyring_conf
+  run_once: true
+
+- block:
+  - name: check if /var/lib/ceph/mon/{{ cluster }}-{{ monitor_name }}/keyring already exists
+    stat:
+      path: /var/lib/ceph/mon/{{ cluster }}-{{ monitor_name }}/keyring
+    register: initial_mon_keyring
+
+  - name: fail if /var/lib/ceph/mon/{{ cluster }}-{{ monitor_name }}/keyring doesn't exist
+    fail:
+      msg: "/var/lib/ceph/mon/{{ cluster }}-{{ monitor_name }}/keyring not found"
+    when:
+      - not initial_mon_keyring.stat.exists
+      - ceph_current_fsid.rc == 0
+
+  - name: get existing initial mon keyring if it already exists but not monitor_keyring.conf in {{ fetch_directory }}
+    shell: |
+      grep key /var/lib/ceph/mon/{{ cluster }}-{{ monitor_name }}/keyring | sed 's/^.*= //'
+    register: monitor_keyring
+    when:
+      - not monitor_keyring_conf.stat.exists
+      - ceph_current_fsid.rc == 0
+
+  - name: test existing initial mon keyring
+    command: ceph --connect-timeout 3 --cluster {{ cluster }} --keyring /var/lib/ceph/mon/{{ cluster }}-{{ monitor_name }}/keyring -n mon. fsid
+    register: test_initial_monitor_keyring
+    ignore_errors: true
+
+  - name: fail if initial mon keyring found doesn't work
+    fail:
+      msg: "Initial mon keyring found doesn't work."
+    when: test_initial_monitor_keyring.rc != 0
+
+  - name: write initial mon keyring in {{ fetch_directory }}/monitor_keyring.conf if it doesn't exist
+    local_action: shell echo {{ monitor_keyring.stdout }} | tee {{ fetch_directory }}/monitor_keyring.conf
+    when:
+      - test_initial_monitor_keyring.rc == 0
+
+  - name: put initial mon keyring in mon kv store
+    command: ceph --cluster {{ cluster }} config-key put initial_mon_keyring {{ monitor_keyring.stdout }}
+    when: test_initial_monitor_keyring.rc == 0
+  run_once: true
+  when:
+    - not monitor_keyring_conf.stat.exists
+    - ceph_current_fsid.rc == 0
+    - mon_group_name in group_names
+
  - set_fact:
      ceph_version: "{{ ceph_version.stdout.split(' ')[2] }}"
  
diff --git a/roles/ceph-common/tasks/generate_cluster_fsid.yml b/roles/ceph-common/tasks/generate_cluster_fsid.yml

index 10d2ad7a113fc7fd451578b3447de7378813ed99..bd4d2abe5375eb75c642c663fe2b5d546e8786c0 100644 (file)
--- a/roles/ceph-common/tasks/generate_cluster_fsid.yml
+++ b/roles/ceph-common/tasks/generate_cluster_fsid.yml
@@ -1,11 +1,4 @@
  ---
-- name: create a local fetch directory if it does not exist
-  local_action: file path={{ fetch_directory }} state=directory
-  changed_when: false
-  become: false
-  run_once: true
-  when: cephx or generate_fsid
-
  - name: generate cluster fsid
    local_action: shell python -c 'import uuid; print(str(uuid.uuid4()))' | tee {{ fetch_directory }}/ceph_cluster_uuid.conf
      creates="{{ fetch_directory }}/ceph_cluster_uuid.conf"
diff --git a/roles/ceph-mon/tasks/deploy_monitors.yml b/roles/ceph-mon/tasks/deploy_monitors.yml

index 740ae4eba9c126a679feace9a8ba22a6b79401de..8a858c1956daddd565cc66f4d82aea515c6647c3 100644 (file)
--- a/roles/ceph-mon/tasks/deploy_monitors.yml
+++ b/roles/ceph-mon/tasks/deploy_monitors.yml
@@ -15,14 +15,6 @@
    always_run: true
    when: cephx
  
-- set_fact:
-    monitor_name: "{{ ansible_hostname }}"
-  when: not mon_use_fqdn
-
-- set_fact:
-    monitor_name: "{{ ansible_fqdn }}"
-  when: mon_use_fqdn
-
  - name: create monitor initial keyring
    command: ceph-authtool /var/lib/ceph/tmp/keyring.mon.{{ monitor_name }} --create-keyring --name=mon. --add-key={{ monitor_secret }} --cap mon 'allow *'
    args:
author	Guillaume Abrioux <gabrioux@redhat.com>
	Thu, 8 Dec 2016 15:58:22 +0000 (16:58 +0100)
committer	Guillaume Abrioux <gabrioux@redhat.com>
	Thu, 15 Dec 2016 13:39:56 +0000 (14:39 +0100)
roles/ceph-common/tasks/facts.yml		patch \| blob \| history
roles/ceph-common/tasks/generate_cluster_fsid.yml		patch \| blob \| history
roles/ceph-mon/tasks/deploy_monitors.yml		patch \| blob \| history