from . import remotes
from . import utils
from .services.cephadmservice import MonService, MgrService, MdsService, RgwService, \
- RbdMirrorService, CrashService
+ RbdMirrorService, CrashService, IscsiService
from .services.nfs import NFSService
from .services.osd import RemoveUtil, OSDRemoval, OSDService
from .services.monitoring import GrafanaService, AlertmanagerService, PrometheusService, \
self.prometheus_service = PrometheusService(self)
self.node_exporter_service = NodeExporterService(self)
self.crash_service = CrashService(self)
+ self.iscsi_servcie = IscsiService(self)
def shutdown(self):
self.log.debug('shutdown')
'prometheus': self.prometheus_service.create,
'node-exporter': self.node_exporter_service.create,
'crash': self.crash_service.create,
- 'iscsi': self._create_iscsi,
+ 'iscsi': self.iscsi_servcie.create,
}
config_fns = {
'mds': self.mds_service.config,
'rgw': self.rgw_service.config,
'nfs': self.nfs_service.config,
- 'iscsi': self._config_iscsi,
+ 'iscsi': self.iscsi_servcie.config,
}
create_func = create_fns.get(daemon_type, None)
if not create_func:
def add_iscsi(self, spec):
# type: (ServiceSpec) -> orchestrator.Completion
- return self._add_daemon('iscsi', spec, self._create_iscsi, self._config_iscsi)
-
- def _config_iscsi(self, spec):
- self._check_pool_exists(spec.pool, spec.service_name())
-
- logger.info('Saving service %s spec with placement %s' % (
- spec.service_name(), spec.placement.pretty_str()))
- self.spec_store.save(spec)
-
- def _create_iscsi(self, igw_id, host, spec):
- ret, keyring, err = self.check_mon_command({
- 'prefix': 'auth get-or-create',
- 'entity': utils.name_to_config_section('iscsi') + '.' + igw_id,
- 'caps': ['mon', 'profile rbd, '
- 'allow command "osd blacklist", '
- 'allow command "config-key get" with "key" prefix "iscsi/"',
- 'osd', f'allow rwx pool={spec.pool}'],
- })
-
- if spec.ssl_cert:
- if isinstance(spec.ssl_cert, list):
- cert_data = '\n'.join(spec.ssl_cert)
- else:
- cert_data = spec.ssl_cert
- ret, out, err = self.mon_command({
- 'prefix': 'config-key set',
- 'key': f'iscsi/{utils.name_to_config_section("iscsi")}.{igw_id}/iscsi-gateway.crt',
- 'val': cert_data,
- })
-
- if spec.ssl_key:
- if isinstance(spec.ssl_key, list):
- key_data = '\n'.join(spec.ssl_key)
- else:
- key_data = spec.ssl_key
- ret, out, err = self.mon_command({
- 'prefix': 'config-key set',
- 'key': f'iscsi/{utils.name_to_config_section("iscsi")}.{igw_id}/iscsi-gateway.key',
- 'val': key_data,
- })
-
- api_secure = 'false' if spec.api_secure is None else spec.api_secure
- igw_conf = f"""
-# generated by cephadm
-[config]
-cluster_client_name = {utils.name_to_config_section('iscsi')}.{igw_id}
-pool = {spec.pool}
-trusted_ip_list = {spec.trusted_ip_list or ''}
-minimum_gateways = 1
-api_port = {spec.api_port or ''}
-api_user = {spec.api_user or ''}
-api_password = {spec.api_password or ''}
-api_secure = {api_secure}
-"""
- extra_config = {'iscsi-gateway.cfg': igw_conf}
- return self._create_daemon('iscsi', igw_id, host, keyring=keyring,
- extra_config=extra_config)
+ return self._add_daemon('iscsi', spec, self.iscsi_servcie.create, self.iscsi_servcie.config)
@trivial_completion
def apply_iscsi(self, spec):
import logging
from typing import TYPE_CHECKING
-from ceph.deployment.service_spec import ServiceSpec, RGWSpec
+from ceph.deployment.service_spec import ServiceSpec, RGWSpec, IscsiServiceSpec
from orchestrator import OrchestratorError
from cephadm import utils
'mgr', 'profile crash'],
})
return self.mgr._create_daemon('crash', daemon_id, host, keyring=keyring)
+
+
+class IscsiService(CephadmService):
+ def config(self, spec: IscsiServiceSpec):
+ self.mgr._check_pool_exists(spec.pool, spec.service_name())
+
+ logger.info('Saving service %s spec with placement %s' % (
+ spec.service_name(), spec.placement.pretty_str()))
+ self.mgr.spec_store.save(spec)
+
+ def create(self, igw_id, host, spec) -> str:
+ ret, keyring, err = self.mgr.check_mon_command({
+ 'prefix': 'auth get-or-create',
+ 'entity': utils.name_to_config_section('iscsi') + '.' + igw_id,
+ 'caps': ['mon', 'profile rbd, '
+ 'allow command "osd blacklist", '
+ 'allow command "config-key get" with "key" prefix "iscsi/"',
+ 'osd', f'allow rwx pool={spec.pool}'],
+ })
+
+ if spec.ssl_cert:
+ if isinstance(spec.ssl_cert, list):
+ cert_data = '\n'.join(spec.ssl_cert)
+ else:
+ cert_data = spec.ssl_cert
+ ret, out, err = self.mgr.mon_command({
+ 'prefix': 'config-key set',
+ 'key': f'iscsi/{utils.name_to_config_section("iscsi")}.{igw_id}/iscsi-gateway.crt',
+ 'val': cert_data,
+ })
+
+ if spec.ssl_key:
+ if isinstance(spec.ssl_key, list):
+ key_data = '\n'.join(spec.ssl_key)
+ else:
+ key_data = spec.ssl_key
+ ret, out, err = self.mgr.mon_command({
+ 'prefix': 'config-key set',
+ 'key': f'iscsi/{utils.name_to_config_section("iscsi")}.{igw_id}/iscsi-gateway.key',
+ 'val': key_data,
+ })
+
+ api_secure = 'false' if spec.api_secure is None else spec.api_secure
+ igw_conf = f"""
+ # generated by cephadm
+ [config]
+ cluster_client_name = {utils.name_to_config_section('iscsi')}.{igw_id}
+ pool = {spec.pool}
+ trusted_ip_list = {spec.trusted_ip_list or ''}
+ minimum_gateways = 1
+ api_port = {spec.api_port or ''}
+ api_user = {spec.api_user or ''}
+ api_password = {spec.api_password or ''}
+ api_secure = {api_secure}
+ """
+ extra_config = {'iscsi-gateway.cfg': igw_conf}
+ return self.mgr._create_daemon('iscsi', igw_id, host, keyring=keyring,
+ extra_config=extra_config)
projects / ceph.git / commitdiff