#raw_multi_journal: False
#osd_directory: False
#bluestore: False
+#dmcrypt_journal_collocation: False
+#dmcrypt_dedicated_journal: False
#osd_auto_discovery: False
# Keys are stored into the monitors k/v store
# Use 'true' to enable this scenario
# Both journal and data are stored on the same dm-crypt encrypted device
-#dmcrypt_journal_colocation: false
+#dmcrypt_journal_collocation: false
# VI. Encrypt osd data and/or journal devices with dm-crypt.
raw_multi_journal: False
osd_directory: False
bluestore: False
+dmcrypt_journal_collocation: False
+dmcrypt_dedicated_journal: False
osd_auto_discovery: False
- not raw_multi_journal
- not osd_directory
- not bluestore
- - not dmcrypt_journal_colocation
+ - not dmcrypt_journal_collocation
- not dmcrypt_dedicated_journal
- name: verify only one osd scenario was chosen
or (raw_multi_journal and osd_directory)
or (raw_multi_journal and bluestore)
or (osd_directory and bluestore)
- or (dmcrypt_journal_colocation and journal_collocation)
- or (dmcrypt_journal_colocation and raw_multi_journal)
- or (dmcrypt_journal_colocation and osd_directory)
- or (dmcrypt_journal_colocation and bluestore)
+ or (dmcrypt_journal_collocation and journal_collocation)
+ or (dmcrypt_journal_collocation and raw_multi_journal)
+ or (dmcrypt_journal_collocation and osd_directory)
+ or (dmcrypt_journal_collocation and bluestore)
or (dmcrypt_dedicated_journal and journal_collocation)
or (dmcrypt_dedicated_journal and raw_multi_journal)
or (dmcrypt_dedicated_journal and osd_directory)
or (dmcrypt_dedicated_journal and bluestore)
+ or (dmcrypt_dedicated_journal and dmcrypt_journal_collocation)
- name: verify devices have been provided
fail:
# Keys are stored into the monitors k/v store
# Use 'true' to enable this scenario
# Both journal and data are stored on the same dm-crypt encrypted device
-dmcrypt_journal_colocation: false
+dmcrypt_journal_collocation: false
# VI. Encrypt osd data and/or journal devices with dm-crypt.
- item.value.removable == "0"
- item.value.partitions|count == 0
- osd_auto_discovery
- - dmcrypt_journal_colocation
+ - dmcrypt_journal_collocation
- name: activate osd(s) when device is a disk (dmcrypt)
command: ceph-disk activate --dmcrypt {{ item.1 | regex_replace('^(\/dev\/cciss\/c[0-9]{1}d[0-9]{1})$', '\\1p') }}1
# https://github.com/ansible/ansible/issues/4297
- name: combine ispartition results
set_fact:
- combined_activate_osd_disk_results: "{{ activate_osd_disk if not dmcrypt_journal_colocation else activate_osd_disk_dmcrypt }}"
+ combined_activate_osd_disk_results: "{{ activate_osd_disk if not dmcrypt_journal_collocation else activate_osd_disk_dmcrypt }}"
- name: fail if ceph-disk cannot create an OSD
fail:
- osd_objectstore == 'bluestore'
- not osd_containerized_deployment
-- include: ./scenarios/dmcrypt-journal-colocation.yml
+- include: ./scenarios/dmcrypt-journal-collocation.yml
when:
- - dmcrypt_journal_colocation
+ - dmcrypt_journal_collocation
- not osd_containerized_deployment
- include: ./scenarios/dmcrypt-dedicated-journal.yml
set_fact:
copy_admin_key: true
when:
- - dmcrypt_journal_colocation or dmcrypt_dedicated_journal
+ - dmcrypt_journal_collocation or dmcrypt_dedicated_journal
- name: copy osd bootstrap key
copy:
--- /dev/null
+---
+## SCENARIO 5: DMCRYPT
+
+- include: ../check_devices.yml
+
+# NOTE (leseb): the prepare process must be parallelized somehow...
+# if you have 64 disks with 4TB each, this will take a while
+# since Ansible will sequential process the loop
+
+# NOTE (alahouze): if the device is a partition, the parted command below has
+# failed, this is why we check if the device is a partition too.
+- name: automatic prepare osd disk(s) without partitions (dmcrypt)
+ command: ceph-disk prepare --dmcrypt --cluster "{{ cluster }}" "/dev/{{ item.key }}"
+ with_dict: ansible_devices
+ when:
+ - ansible_devices is defined
+ - item.value.removable == "0"
+ - item.value.partitions|count == 0
+ - dmcrypt_journal_collocation
+ - osd_auto_discovery
+
+- name: manually prepare osd disk(s) (dmcrypt)
+ command: ceph-disk prepare --dmcrypt --cluster "{{ cluster }}" "{{ item.2 }}"
+ with_together:
+ - combined_parted_results.results
+ - combined_ispartition_results.results
+ - devices
+ when:
+ - not item.0.get("skipped")
+ - not item.1.get("skipped")
+ - item.0.get("rc", 0) != 0
+ - item.1.get("rc", 0) != 0
+ - dmcrypt_journal_collocation
+ - not osd_auto_discovery
+
+- include: ../activate_osds.yml
+++ /dev/null
----
-## SCENARIO 5: DMCRYPT
-
-- include: ../check_devices.yml
-
-# NOTE (leseb): the prepare process must be parallelized somehow...
-# if you have 64 disks with 4TB each, this will take a while
-# since Ansible will sequential process the loop
-
-# NOTE (alahouze): if the device is a partition, the parted command below has
-# failed, this is why we check if the device is a partition too.
-- name: automatic prepare osd disk(s) without partitions (dmcrypt)
- command: ceph-disk prepare --dmcrypt --cluster "{{ cluster }}" "/dev/{{ item.key }}"
- with_dict: ansible_devices
- when:
- - ansible_devices is defined
- - item.value.removable == "0"
- - item.value.partitions|count == 0
- - dmcrypt_journal_colocation
- - osd_auto_discovery
-
-- name: manually prepare osd disk(s) (dmcrypt)
- command: ceph-disk prepare --dmcrypt --cluster "{{ cluster }}" "{{ item.2 }}"
- with_together:
- - combined_parted_results.results
- - combined_ispartition_results.results
- - devices
- when:
- - not item.0.get("skipped")
- - not item.1.get("skipped")
- - item.0.get("rc", 0) != 0
- - item.1.get("rc", 0) != 0
- - dmcrypt_journal_colocation
- - not osd_auto_discovery
-
-- include: ../activate_osds.yml
projects / ceph-ansible.git / commitdiff