#journal_collocation: false
-# II. Second scenario: single journal device for N OSDs
-# Use 'true' to enable this scenario
-
-# deprecated, please use scenario III with a single raw_journal_device
-
-
-# III. Third scenario: N journal devices for N OSDs
+# II. N journal devices for N OSDs
# Use 'true' to enable this scenario
#
# In the following example:
# - /dev/sdc
-# IV. Fourth scenario: use directory instead of disk for OSDs
+# III. Use directory instead of disk for OSDs
# Use 'true' to enable this scenario
#osd_directory: false
# - /var/lib/ceph/osd/mydir2
-# V. Fith scenario: this will partition disks for BlueStore
+# IV. This will partition disks for BlueStore
# Use 'true' to enable this scenario
#bluestore: false
-# VI. Sixth scenario: encrypt osd data and/or journal devices with dm-crypt.
+# V. Encrypt osd data and/or journal devices with dm-crypt.
+# Keys are stored into the monitors k/v store
+# Use 'true' to enable this scenario
+# Both journal and data are stored on the same dm-crypt encrypted device
+#dmcrypt_journal_colocation: false
+
+
+# VI. Encrypt osd data and/or journal devices with dm-crypt.
# Keys are stored into the monitors k/v store
# Use 'true' to enable this scenario
-#dmcrypt: false
+# Journal and osd data are separated, each with their own dm-crypt device
+# You must use raw_journal_devices and set your journal devices
+#dmcrypt_dedicated_journal: false
##########
- not raw_multi_journal
- not osd_directory
- not bluestore
- - not dmcrypt
+ - not dmcrypt_journal_colocation
+ - not dmcrypt_dedicated_journal
- name: verify only one osd scenario was chosen
fail:
or (raw_multi_journal and osd_directory)
or (raw_multi_journal and bluestore)
or (osd_directory and bluestore)
- or (dmcrypt and journal_collocation)
- or (dmcrypt and raw_multi_journal)
- or (dmcrypt and osd_directory)
- or (dmcrypt and bluestore)
+ or (dmcrypt_journal_colocation and journal_collocation)
+ or (dmcrypt_journal_colocation and raw_multi_journal)
+ or (dmcrypt_journal_colocation and osd_directory)
+ or (dmcrypt_journal_colocation and bluestore)
+ or (dmcrypt_dedicated_journal and journal_collocation)
+ or (dmcrypt_dedicated_journal and raw_multi_journal)
+ or (dmcrypt_dedicated_journal and osd_directory)
+ or (dmcrypt_dedicated_journal and bluestore)
- name: verify devices have been provided
fail:
journal_collocation: false
-# II. Second scenario: single journal device for N OSDs
-# Use 'true' to enable this scenario
-
-# deprecated, please use scenario III with a single raw_journal_device
-
-
-# III. Third scenario: N journal devices for N OSDs
+# II. N journal devices for N OSDs
# Use 'true' to enable this scenario
#
# In the following example:
# - /dev/sdc
-# IV. Fourth scenario: use directory instead of disk for OSDs
+# III. Use directory instead of disk for OSDs
# Use 'true' to enable this scenario
osd_directory: false
# - /var/lib/ceph/osd/mydir2
-# V. Fith scenario: this will partition disks for BlueStore
+# IV. This will partition disks for BlueStore
# Use 'true' to enable this scenario
bluestore: false
-# VI. Sixth scenario: encrypt osd data and/or journal devices with dm-crypt.
+# V. Encrypt osd data and/or journal devices with dm-crypt.
+# Keys are stored into the monitors k/v store
+# Use 'true' to enable this scenario
+# Both journal and data are stored on the same dm-crypt encrypted device
+dmcrypt_journal_colocation: false
+
+
+# VI. Encrypt osd data and/or journal devices with dm-crypt.
# Keys are stored into the monitors k/v store
# Use 'true' to enable this scenario
-dmcrypt: false
+# Journal and osd data are separated, each with their own dm-crypt device
+# You must use raw_journal_devices and set your journal devices
+dmcrypt_dedicated_journal: false
##########
- not item.0.get("skipped")
- item.0.get("rc", 0) != 0
- not osd_auto_discovery
+ - raw_multi_journal
+
+- name: automatically activate osd disk(s) without partitions (dmcrypt)
+ command: ceph-disk activate --dmcrypt "/dev/{{ item.key }}"
+ ignore_errors: true
+ with_dict: ansible_devices
+ when:
+ - ansible_devices is defined
+ - item.value.removable == "0"
+ - item.value.partitions|count == 0
+ - osd_auto_discovery
+ - dmcrypt_journal_colocation
+
+- name: activate osd(s) when device is a disk (dmcrypt)
+ command: ceph-disk activate --dmcrypt {{ item.1 | regex_replace('^(\/dev\/cciss\/c[0-9]{1}d[0-9]{1})$', '\\1p') }}1
+ with_together:
+ - combined_ispartition_results.results
+ - devices
+ changed_when: false
+ failed_when: false
+ register: activate_osd_disk_dmcrypt
+ when:
+ - not item.0.get("skipped")
+ - item.0.get("rc", 0) != 0
+ - not osd_auto_discovery
+ - dmcrypt_dedicated_journal
+
+# NOTE (leseb): we must do this because of
+# https://github.com/ansible/ansible/issues/4297
+- name: combine ispartition results
+ set_fact:
+ combined_activate_osd_disk_results: "{{ activate_osd_disk if not dmcrypt_journal_colocation else activate_osd_disk_dmcrypt }}"
- name: fail if ceph-disk cannot create an OSD
fail:
msg: "ceph-disk failed to create an OSD"
when:
" 'ceph-disk: Error: ceph osd create failed' in item.get('stderr', '') "
- with_items: "{{activate_osd_disk.results}}"
+ with_items: "{{combined_activate_osd_disk_results.results}}"
# NOTE (leseb): this task is for partitions because we don't explicitly use a partition.
- name: activate osd(s) when device is a partition
- osd_objectstore == 'bluestore'
- not osd_containerized_deployment
-- include: ./scenarios/dmcrypt.yml
+- include: ./scenarios/dmcrypt-journal-colocation.yml
when:
- - dmcrypt
+ - dmcrypt_journal_colocation
+ - not osd_containerized_deployment
+
+- include: ./scenarios/dmcrypt-dedicated-journal.yml
+ when:
+ - dmcrypt_dedicated_journal
- not osd_containerized_deployment
- include: ./docker/main.yml
when:
cephx
+- name: copy ceph admin key when using dmcrypt
+ set_fact:
+ copy_admin_key: true
+ when:
+ - dmcrypt_journal_colocation or dmcrypt_dedicated_journal
+
- name: copy osd bootstrap key
copy:
src: "{{ fetch_directory }}/{{ fsid }}{{ item.name }}"
--- /dev/null
+---
+## SCENARIO 6: DMCRYPT N JOURNAL DEVICES FOR N OSDS
+
+- include: ../check_devices.yml
+
+# NOTE (leseb): the prepare process must be parallelized somehow...
+# if you have 64 disks with 4TB each, this will take a while
+# since Ansible will sequential process the loop
+
+# NOTE (alahouze): if the device is a partition, the parted command below has
+# failed, this is why we check if the device is a partition too.
+- name: prepare osd disk(s)
+ command: "ceph-disk prepare --dmcrypt --cluster {{ cluster }} {{ item.2 }} {{ item.3 }}"
+ with_together:
+ - combined_parted_results.results
+ - combined_ispartition_results.results
+ - devices
+ - raw_journal_devices
+ changed_when: false
+ when:
+ - not item.0.get("skipped")
+ - not item.1.get("skipped")
+ - item.0.get("rc", 0) != 0
+ - item.1.get("rc", 0) != 0
+ - raw_multi_journal
+ - not osd_auto_discovery
+ - dmcrypt_dedicated_journal
+
+- include: ../activate_osds.yml
--- /dev/null
+---
+## SCENARIO 5: DMCRYPT
+
+- include: ../check_devices.yml
+
+# NOTE (leseb): the prepare process must be parallelized somehow...
+# if you have 64 disks with 4TB each, this will take a while
+# since Ansible will sequential process the loop
+
+# NOTE (alahouze): if the device is a partition, the parted command below has
+# failed, this is why we check if the device is a partition too.
+- name: automatic prepare osd disk(s) without partitions (dmcrypt)
+ command: ceph-disk prepare --dmcrypt --cluster "{{ cluster }}" "/dev/{{ item.key }}"
+ with_dict: ansible_devices
+ when:
+ - ansible_devices is defined
+ - item.value.removable == "0"
+ - item.value.partitions|count == 0
+ - dmcrypt_journal_colocation
+ - osd_auto_discovery
+
+- name: manually prepare osd disk(s) (dmcrypt)
+ command: ceph-disk prepare --dmcrypt --cluster "{{ cluster }}" "{{ item.2 }}"
+ with_together:
+ - combined_parted_results.results
+ - combined_ispartition_results.results
+ - devices
+ when:
+ - not item.0.get("skipped")
+ - not item.1.get("skipped")
+ - item.0.get("rc", 0) != 0
+ - item.1.get("rc", 0) != 0
+ - dmcrypt_journal_colocation
+ - not osd_auto_discovery
+
+- include: ../activate_osds.yml
+++ /dev/null
----
-## SCENARIO 5: DMCRYPT
-
-- include: ../check_devices.yml
-
-# NOTE (leseb): the prepare process must be parallelized somehow...
-# if you have 64 disks with 4TB each, this will take a while
-# since Ansible will sequential process the loop
-
-# NOTE (alahouze): if the device is a partition, the parted command below has
-# failed, this is why we check if the device is a partition too.
-- name: automatic prepare osd disk(s) without partitions
- command: ceph-disk prepare --dmcrypt --cluster "{{ cluster }}" "/dev/{{ item.key }}"
- register: prepared_osds
- with_dict: ansible_devices
- when:
- - ansible_devices is defined
- - item.value.removable == "0"
- - item.value.partitions|count == 0
- - bluestore
- - osd_auto_discovery
-
-- name: manually prepare osd disk(s)
- command: ceph-disk prepare --dmcrypt --cluster "{{ cluster }}" "{{ item.2 }}"
- with_together:
- - combined_parted_results.results
- - combined_ispartition_results.results
- - devices
- when:
- - not item.0.get("skipped")
- - not item.1.get("skipped")
- - item.0.get("rc", 0) != 0
- - item.1.get("rc", 0) != 0
- - bluestore
- - not osd_auto_discovery
-
-- include: ../activate_osds.yml
projects / ceph-ansible.git / commitdiff