ceph_cmd: "{{ container_binary + ' run --rm --net=host -v /etc/ceph:/etc/ceph:z -v /var/lib/ceph:/var/lib/ceph:z -v /var/run/ceph:/var/run/ceph:z --entrypoint=ceph ' + ceph_docker_registry + '/' + ceph_docker_image + ':' + ceph_docker_image_tag if containerized_deployment | bool else 'ceph' }}"
- name: get the client.admin keyring
- command: "{{ ceph_cmd }} --cluster {{ cluster }} auth get client.admin"
- changed_when: false
+ ceph_key:
+ name: client.admin
+ cluster: "{{ cluster }}"
+ output_format: plain
+ state: info
+ environment:
+ CEPH_CONTAINER_IMAGE: "{{ ceph_docker_registry + '/' + ceph_docker_image + ':' + ceph_docker_image_tag if containerized_deployment | bool else None }}"
+ CEPH_CONTAINER_BINARY: "{{ container_binary }}"
run_once: true
delegate_to: '{{ groups[mon_group_name][0] }}'
register: client_admin_keyring
- name: copy ceph admin keyring
block:
- name: get keys from monitors
- command: "{{ container_exec_cmd }} ceph --cluster {{ cluster }} auth get {{ item.name }}"
- register: _client_keys
- with_items:
- - { name: "client.admin", path: "/etc/ceph/{{ cluster }}.client.admin.keyring", copy_key: "{{ copy_admin_key }}" }
+ ceph_key:
+ name: client.admin
+ cluster: "{{ cluster }}"
+ output_format: plain
+ state: info
+ environment:
+ CEPH_CONTAINER_IMAGE: "{{ ceph_docker_registry + '/' + ceph_docker_image + ':' + ceph_docker_image_tag if containerized_deployment | bool else None }}"
+ CEPH_CONTAINER_BINARY: "{{ container_binary }}"
+ register: _admin_key
delegate_to: "{{ groups.get(mon_group_name)[0] }}"
run_once: true
- when:
- - cephx | bool
- - item.copy_key | bool
- name: copy ceph key(s) if needed
copy:
- dest: "{{ item.item.path }}"
- content: "{{ item.stdout + '\n' }}"
+ dest: "/etc/ceph/{{ cluster }}.client.admin.keyring"
+ content: "{{ _admin_key.stdout + '\n' }}"
owner: "{{ ceph_uid if containerized_deployment | bool else 'ceph' }}"
group: "{{ ceph_uid if containerized_deployment | bool else 'ceph' }}"
mode: "{{ ceph_keyring_permissions }}"
- with_items: "{{ _client_keys.results }}"
- when:
- - item.item.copy_key | bool
- when: cephx | bool
+ when:
+ - cephx | bool
+ - copy_admin_key | bool
run_once: True
- name: get keys from monitors
- command: "{{ hostvars[groups[mon_group_name][0]]['container_exec_cmd'] | default('') }} ceph --cluster {{ cluster }} auth get client.crash"
+ ceph_key:
+ name: client.crash
+ cluster: "{{ cluster }}"
+ output_format: plain
+ state: info
+ environment:
+ CEPH_CONTAINER_IMAGE: "{{ ceph_docker_registry + '/' + ceph_docker_image + ':' + ceph_docker_image_tag if containerized_deployment | bool else None }}"
+ CEPH_CONTAINER_BINARY: "{{ container_binary }}"
register: _crash_keys
delegate_to: "{{ groups.get(mon_group_name)[0] }}"
- check_mode: False
- changed_when: False
run_once: true
- name: copy ceph key(s) if needed
---
- name: get keys from monitors
- command: "{{ container_exec_cmd }} ceph --cluster {{ cluster }} auth get {{ item.name }}"
- register: _iscsi_keys
- with_items:
- - { name: "client.admin", path: "/etc/ceph/{{ cluster }}.client.admin.keyring", copy_key: "{{ copy_admin_key }}" }
+ ceph_key:
+ name: client.admin
+ cluster: "{{ cluster }}"
+ output_format: plain
+ state: info
+ environment:
+ CEPH_CONTAINER_IMAGE: "{{ ceph_docker_registry + '/' + ceph_docker_image + ':' + ceph_docker_image_tag if containerized_deployment | bool else None }}"
+ CEPH_CONTAINER_BINARY: "{{ container_binary }}"
+ register: _admin_key
delegate_to: "{{ groups.get(mon_group_name)[0] }}"
run_once: true
when:
- cephx | bool
- - item.copy_key | bool
+ - copy_admin_key | bool
- name: copy ceph key(s) if needed
copy:
- dest: "{{ item.item.path }}"
- content: "{{ item.stdout + '\n' }}"
+ dest: "/etc/ceph/{{ cluster }}.client.admin.keyring"
+ content: "{{ _admin_key.stdout + '\n' }}"
owner: "{{ ceph_uid if containerized_deployment | bool else 'ceph' }}"
group: "{{ ceph_uid if containerized_deployment | bool else 'ceph' }}"
mode: "{{ ceph_keyring_permissions }}"
- with_items: "{{ _iscsi_keys.results }}"
when:
- cephx | bool
- - item.item.copy_key | bool
+ - copy_admin_key | bool
- name: add mgr ip address to trusted list with dashboard - ipv4
set_fact:
- /var/lib/ceph/mds/{{ cluster }}-{{ ansible_hostname }}
- name: get keys from monitors
- command: "{{ container_exec_cmd | default('') }} ceph --cluster {{ cluster }} auth get {{ item.name }}"
+ ceph_key:
+ name: "{{ item.name }}"
+ cluster: "{{ cluster }}"
+ output_format: plain
+ state: info
+ environment:
+ CEPH_CONTAINER_IMAGE: "{{ ceph_docker_registry + '/' + ceph_docker_image + ':' + ceph_docker_image_tag if containerized_deployment | bool else None }}"
+ CEPH_CONTAINER_BINARY: "{{ container_binary }}"
register: _mds_keys
with_items:
- { name: "client.bootstrap-mds", path: "/var/lib/ceph/bootstrap-mds/{{ cluster }}.keyring", copy_key: true }
- { 'name': "mgr.{{ ansible_hostname }}", 'path': "/var/lib/ceph/mgr/{{ cluster }}-{{ ansible_hostname }}/keyring", 'copy_key': true }
- name: get keys from monitors
- command: "{{ _container_exec_cmd | default('') }} ceph --cluster {{ cluster }} auth get {{ item.name }}"
+ ceph_key:
+ name: "{{ item.name }}"
+ cluster: "{{ cluster }}"
+ output_format: plain
+ state: info
+ environment:
+ CEPH_CONTAINER_IMAGE: "{{ ceph_docker_registry + '/' + ceph_docker_image + ':' + ceph_docker_image_tag if containerized_deployment | bool else None }}"
+ CEPH_CONTAINER_BINARY: "{{ container_binary }}"
register: _mgr_keys
with_items: "{{ _mgr_keys }}"
delegate_to: "{{ groups[mon_group_name][0] if running_mon is undefined else running_mon }}"
---
- name: check if monitor initial keyring already exists
- command: >
- {{ _container_exec_cmd | default('') }} ceph --cluster {{ cluster }} --name mon. -k
- /var/lib/ceph/mon/{{ cluster }}-{{ hostvars[groups[mon_group_name][0] if running_mon is undefined else running_mon]['ansible_hostname'] }}/keyring
- auth get-key mon.
+ ceph_key:
+ name: mon.
+ cluster: "{{ cluster }}"
+ user: mon.
+ user_key: "/var/lib/ceph/mon/{{ cluster }}-{{ hostvars[groups[mon_group_name][0] if running_mon is undefined else running_mon]['ansible_hostname'] }}/keyring"
+ output_format: json
+ state: info
+ environment:
+ CEPH_CONTAINER_IMAGE: "{{ ceph_docker_registry + '/' + ceph_docker_image + ':' + ceph_docker_image_tag if containerized_deployment | bool else None }}"
+ CEPH_CONTAINER_BINARY: "{{ container_binary }}"
register: initial_mon_key
run_once: True
delegate_to: "{{ groups[mon_group_name][0] if running_mon is undefined else running_mon }}"
- name: get initial keyring when it already exists
set_fact:
- monitor_keyring: "{{ initial_mon_key.stdout if monitor_keyring.skipped is defined else monitor_keyring.stdout if initial_mon_key.skipped is defined }}"
+ monitor_keyring: "{{ (initial_mon_key.stdout | from_json)[0].key if monitor_keyring.skipped is defined else monitor_keyring.stdout if initial_mon_key.skipped is defined }}"
when: initial_mon_key is not skipped or monitor_keyring is not skipped
- name: create monitor initial keyring
run_once: true
- name: get keys from monitors
- command: "{{ hostvars[groups.get(mon_group_name)[0]]['container_exec_cmd'] }} ceph --cluster {{ cluster }} auth get {{ item.name }}"
+ ceph_key:
+ name: "{{ item.name }}"
+ cluster: "{{ cluster }}"
+ output_format: plain
+ state: info
+ environment:
+ CEPH_CONTAINER_IMAGE: "{{ ceph_docker_registry + '/' + ceph_docker_image + ':' + ceph_docker_image_tag if containerized_deployment | bool else None }}"
+ CEPH_CONTAINER_BINARY: "{{ container_binary }}"
register: _rgw_keys
with_items:
- { name: "client.bootstrap-rgw", path: "/var/lib/ceph/bootstrap-rgw/{{ cluster }}.keyring", copy_key: true }
- groups.get(mon_group_name, []) | length > 0
block:
- name: get keys from monitors
- command: "ceph --cluster {{ cluster }} auth get {{ item.name }}"
+ ceph_key:
+ name: "{{ item.name }}"
+ cluster: "{{ cluster }}"
+ output_format: plain
+ state: info
register: _rgw_keys
with_items:
- { name: "client.bootstrap-rgw", path: "/var/lib/ceph/bootstrap-rgw/{{ cluster }}.keyring", copy_key: "{{ nfs_obj_gw }}" }
- /var/lib/ceph/osd/
- name: get keys from monitors
- command: "{{ hostvars[groups[mon_group_name][0]]['container_exec_cmd'] | default('') }} ceph --cluster {{ cluster }} auth get {{ item.name }}"
+ ceph_key:
+ name: "{{ item.name }}"
+ cluster: "{{ cluster }}"
+ output_format: plain
+ state: info
+ environment:
+ CEPH_CONTAINER_IMAGE: "{{ ceph_docker_registry + '/' + ceph_docker_image + ':' + ceph_docker_image_tag if containerized_deployment | bool else None }}"
+ CEPH_CONTAINER_BINARY: "{{ container_binary }}"
register: _osd_keys
with_items:
- { name: "client.bootstrap-osd", path: "/var/lib/ceph/bootstrap-osd/{{ cluster }}.keyring", copy_key: true }
delegate_to: "{{ groups[mon_group_name][0] }}"
- name: get keys from monitors
- command: "{{ hostvars[groups[mon_group_name][0]]['container_exec_cmd'] | default('') }} ceph --cluster {{ cluster }} auth get {{ item.name }}"
+ ceph_key:
+ name: "{{ item.name }}"
+ cluster: "{{ cluster }}"
+ output_format: plain
+ state: info
+ environment:
+ CEPH_CONTAINER_IMAGE: "{{ ceph_docker_registry + '/' + ceph_docker_image + ':' + ceph_docker_image_tag if containerized_deployment | bool else None }}"
+ CEPH_CONTAINER_BINARY: "{{ container_binary }}"
register: _osp_keys
with_items: "{{ openstack_keys }}"
- run_once: true
delegate_to: "{{ groups.get(mon_group_name)[0] }}"
- name: copy ceph key(s) if needed
---
- name: get keys from monitors
- command: "{{ container_exec_cmd }} ceph --cluster {{ cluster }} auth get {{ item.name }}"
+ ceph_key:
+ name: "{{ item.name }}"
+ cluster: "{{ cluster }}"
+ output_format: plain
+ state: info
+ environment:
+ CEPH_CONTAINER_IMAGE: "{{ ceph_docker_registry + '/' + ceph_docker_image + ':' + ceph_docker_image_tag if containerized_deployment | bool else None }}"
+ CEPH_CONTAINER_BINARY: "{{ container_binary }}"
register: _rbd_mirror_keys
with_items:
- { name: "client.bootstrap-rbd-mirror", path: "/var/lib/ceph/bootstrap-rbd-mirror/{{ cluster }}.keyring", copy_key: true }
with_items: "{{ rbd_client_admin_socket_path }}"
- name: get keys from monitors
- command: "{{ container_exec_cmd }} ceph --cluster {{ cluster }} auth get {{ item.name }}"
+ ceph_key:
+ name: "{{ item.name }}"
+ cluster: "{{ cluster }}"
+ output_format: plain
+ state: info
+ environment:
+ CEPH_CONTAINER_IMAGE: "{{ ceph_docker_registry + '/' + ceph_docker_image + ':' + ceph_docker_image_tag if containerized_deployment | bool else None }}"
+ CEPH_CONTAINER_BINARY: "{{ container_binary }}"
register: _rgw_keys
with_items:
- { name: "client.bootstrap-rgw", path: "/var/lib/ceph/bootstrap-rgw/{{ cluster }}.keyring", copy_key: true }
projects / ceph-ansible.git / commitdiff