# NOTE (leseb): wait for mon discovery and quorum resolution
# the admin key is not instantanely created so we have to wait a bit
- name: wait for client.admin key exists
- wait_for: path=/etc/ceph/ceph.client.admin.keyring
+ wait_for:
+ path: /etc/ceph/ceph.client.admin.keyring
- name: create ceph rest api keyring
- command: >
- ceph auth get-or-create client.restapi osd 'allow *' mon 'allow *' -o /etc/ceph/ceph.client.restapi.keyring
- creates=/etc/ceph/ceph.client.restapi.keyring
+ command: ceph auth get-or-create client.restapi osd 'allow *' mon 'allow *' -o /etc/ceph/ceph.client.restapi.keyring
+ args:
+ creates: /etc/ceph/ceph.client.restapi.keyring
changed_when: false
when:
cephx and
when: cephx
- name: set keys permissions
- file: >
- path={{ item }}
- mode=0600
- owner=root
- group=root
+ file:
+ path: "{{ item }}"
+ mode: 0600
+ owner: root
+ group: root
with_items:
- "{{ ceph_keys.stdout_lines }}"
- name: copy keys to the ansible server
- fetch: >
- src={{ item }}
- dest={{ fetch_directory }}/{{ fsid }}/{{ item }}
- flat=yes
+ fetch:
+ src: "{{ item }}"
+ dest: "{{ fetch_directory }}/{{ fsid }}/{{ item }}"
+ flat: yes
with_items:
- "{{ ceph_keys.stdout_lines }}"
- /var/lib/ceph/bootstrap-osd/ceph.keyring
when: cephx
- name: drop in a motd script to report status when logging in
- copy: >
- src=precise/92-ceph
- dest=/etc/update-motd.d/92-ceph
- owner=root
- group=root
- mode=0755
+ copy:
+ src: precise/92-ceph
+ dest: /etc/update-motd.d/92-ceph
+ owner: root
+ group: root
+ mode: 0755
when: ansible_distribution_release == 'precise'
---
- name: generate monitor initial keyring
- local_action: >
- shell python -c "import os ; import struct ; import time; import base64 ; key = os.urandom(16) ; header = struct.pack('<hiih',1,int(time.time()),0,len(key)) ; print base64.b64encode(header + key)" | tee {{ fetch_directory }}/monitor_keyring.conf
+ local_action: shell python -c "import os ; import struct ; import time; import base64 ; key = os.urandom(16) ; header = struct.pack('<hiih',1,int(time.time()),0,len(key)) ; print base64.b64encode(header + key)" | tee {{ fetch_directory }}/monitor_keyring.conf
creates={{ fetch_directory }}/monitor_keyring.conf
register: monitor_keyring
sudo: false
when: monitor_secret != 'AQAWqilTCDh7CBAAawXt6kyTgLFCxSvJhTEmuw=='
- name: read monitor initial keyring if it already exists
- local_action: >
- command cat {{ fetch_directory }}/monitor_keyring.conf
+ local_action: command cat {{ fetch_directory }}/monitor_keyring.conf
removes={{ fetch_directory }}/monitor_keyring.conf
changed_when: false
register: monitor_keyring
when: monitor_secret != 'AQAWqilTCDh7CBAAawXt6kyTgLFCxSvJhTEmuw=='
- name: create monitor initial keyring
- command: >
- ceph-authtool /var/lib/ceph/tmp/keyring.mon.{{ ansible_hostname }} --create-keyring --name=mon. --add-key={{ monitor_secret }} --cap mon 'allow *'
- creates=/var/lib/ceph/tmp/keyring.mon.{{ ansible_hostname }}
+ command: ceph-authtool /var/lib/ceph/tmp/keyring.mon.{{ ansible_hostname }} --create-keyring --name=mon. --add-key={{ monitor_secret }} --cap mon 'allow *'
+ args:
+ creates: /var/lib/ceph/tmp/keyring.mon.{{ ansible_hostname }}
- name: set initial monitor key permissions
- file: >
- path=/var/lib/ceph/tmp/keyring.mon.{{ ansible_hostname }}
- mode=0600
- owner=root
- group=root
+ file:
+ path: /var/lib/ceph/tmp/keyring.mon.{{ ansible_hostname }}
+ mode: 0600
+ owner: root
+ group: root
- name: create monitor directory
- file: >
- path=/var/lib/ceph/mon/ceph-{{ ansible_hostname }}
- state=directory
- owner=root
- group=root
- mode=0755
+ file:
+ path: /var/lib/ceph/mon/ceph-{{ ansible_hostname }}
+ state: directory
+ owner: root
+ group: root
+ mode: 0755
- name: ceph monitor mkfs
- command: >
- ceph-mon --mkfs -i {{ ansible_hostname }} --fsid {{ fsid }} --keyring /var/lib/ceph/tmp/keyring.mon.{{ ansible_hostname }}
- creates=/var/lib/ceph/mon/ceph-{{ ansible_hostname }}/keyring
+ command: ceph-mon --mkfs -i {{ ansible_hostname }} --fsid {{ fsid }} --keyring /var/lib/ceph/tmp/keyring.mon.{{ ansible_hostname }}
+ args:
+ creates: /var/lib/ceph/mon/ceph-{{ ansible_hostname }}/keyring
---
- name: push ceph files to the ansible server
- fetch: >
- src={{ item.0 }}
- dest={{ fetch_directory }}/docker_mon_files/{{ item.0 }}
- flat=yes
+ fetch:
+ src: "{{ item.0 }}"
+ dest: "{{ fetch_directory }}/docker_mon_files/{{ item.0 }}"
+ flat: yes
with_together:
- ceph_config_keys
- statconfig.results
register: statconfig
- name: try to fetch ceph config and keys
- copy: >
- src={{ fetch_directory }}/docker_mon_files/{{ item.0 }}
- dest={{ item.0 }}
- owner=root
- group=root
- mode=644
+ copy:
+ src: "{{ fetch_directory }}/docker_mon_files/{{ item.0 }}"
+ dest: "{{ item.0 }}"
+ owner: root
+ group: root
+ mode: 644
changed_when: false
with_together:
- ceph_config_keys
---
- name: create bootstrap directories
- file: >
- path=/var/lib/ceph/bootstrap-{{ item }}
- state=directory
+ file:
+ path: /var/lib/ceph/bootstrap-{{ item }}
+ state: directory
with_items:
- osd
- mds
# NOTE (leseb): for version 1.1.0 because https://github.com/ansible/ansible-modules-core/issues/1227
- name: install docker-py
- pip: >
- name=docker-py
- version=1.1.0
+ pip:
+ name: docker-py
+ version: 1.1.0
---
- name: run the ceph Monitor docker image
- docker: >
- image="{{ ceph_mon_docker_username }}/{{ ceph_mon_docker_imagename }}"
- name="{{ ansible_hostname }}"
- net="host"
- state="running"
- env="MON_IP={{ hostvars[inventory_hostname]['ansible_' + ceph_mon_docker_interface]['ipv4']['address'] }},CEPH_DAEMON=MON,CEPH_PUBLIC_NETWORK={{ ceph_mon_docker_subnet }},{{ ceph_mon_extra_envs }}"
- volumes="/var/lib/ceph:/var/lib/ceph,/etc/ceph:/etc/ceph"
+ docker:
+ image: "{{ ceph_mon_docker_username }}/{{ ceph_mon_docker_imagename }}"
+ name: "{{ ansible_hostname }}"
+ net: "host"
+ state: "running"
+ env: "MON_IP={{ hostvars[inventory_hostname]['ansible_' + ceph_mon_docker_interface]['ipv4']['address'] }},CEPH_DAEMON=MON,CEPH_PUBLIC_NETWORK={{ ceph_mon_docker_subnet }},{{ ceph_mon_extra_envs }}"
+ volumes: "/var/lib/ceph:/var/lib/ceph,/etc/ceph:/etc/ceph"
failed_when: false
- name: create openstack keys
- command: >
- ceph auth get-or-create {{ item.name }} {{ item.value }} -o /etc/ceph/ceph.{{ item.name }}.keyring
- creates=/etc/ceph/ceph.{{ item.name }}.keyring
+ command: ceph auth get-or-create {{ item.name }} {{ item.value }} -o /etc/ceph/ceph.{{ item.name }}.keyring
+ args:
+ creates: /etc/ceph/ceph.{{ item.name }}.keyring
with_items: openstack_keys
changed_when: false
---
- name: activate monitor with upstart
- file: >
- path=/var/lib/ceph/mon/ceph-{{ ansible_hostname }}/{{ item }}
- state=touch
- owner=root
- group=root
- mode=0600
+ file:
+ path: /var/lib/ceph/mon/ceph-{{ ansible_hostname }}/{{ item }}
+ state: touch
+ owner: root
+ group: root
+ mode: 0600
with_items:
- done
- upstart
changed_when: false
- name: start and add that the monitor service to the init sequence (ubuntu)
- service: >
- name=ceph-mon
- state=started
- enabled=yes
- args="id={{ ansible_hostname }}"
+ service:
+ name: ceph-mon
+ state: started
+ enabled: yes
+ args: "id={{ ansible_hostname }}"
when: ansible_distribution == "Ubuntu"
# NOTE (leseb): somehow the service ansible module is messing things up
projects / ceph-ansible.git / commitdiff