update: ensure mgrs are upgraded after ALL monitors

As of 1c760904b0bd1b6b0f49d6ac19d87d79f185c18f, ceph-ansible implicitly
bootstrap managers on monitors.
mgrs must be upgraded only after all monitors, therefore, this commit
refact the way mgrs are upgraded to be sure we don't upgrade a mgr
during the monitors upgrade.

This commit also ensure we handle the case were we split managers on
dedicated nodes.

Signed-off-by: Guillaume Abrioux <gabrioux@redhat.com>

diff --git a/infrastructure-playbooks/rolling_update.yml b/infrastructure-playbooks/rolling_update.yml
index bd128de9c4b78678602d23feb9c2b61b34a8a1ed..1b73866e019ccb51ce99247d285358efa579e7e7 100644 (file)
--- a/infrastructure-playbooks/rolling_update.yml
+++ b/infrastructure-playbooks/rolling_update.yml
@@ -146,9 +146,6 @@
         name: ceph-config
     - import_role:
         name: ceph-mon
-    - import_role:
-        name: ceph-mgr
-      when: groups.get(mgr_group_name, []) | length == 0
 
     - name: set osd flags
       command: ceph --cluster {{ cluster }} osd set {{ item }}
@@ -250,11 +247,47 @@
       ignore_errors: True # this might fail for upgrade from J to L on rbd-mirror and also on partially updated clusters
       with_nested:
         - ['bootstrap-rbd', 'bootstrap-rbd-mirror']
-        - "{{ groups[mon_group_name] | difference([mon_host]) }}" # so the key goes on all the nodes
-
-
+        - "{{ groups[mon_group_name] | difference([inventory_hostname]) }}" # so the key goes on all the nodes
 
-- name: upgrade ceph mgr node
+- name: upgrade ceph mgr nodes when implicitly collocated on monitors
+  vars:
+    health_mon_check_retries: 5
+    health_mon_check_delay: 15
+    upgrade_ceph_packages: True
+  hosts:
+    - "{{ mon_group_name|default('mons') }}"
+  serial: 1
+  become: True
+  tasks:
+    - name: upgrade mgrs when no mgr group explicitly defined in inventory
+      when:
+        - groups.get(mgr_group_name, []) | length == 0
+      block:
+        - name: stop ceph mgr
+          systemd:
+            name: ceph-mgr@{{ ansible_hostname }}
+            state: stopped
+            enabled: yes
+            masked: yes
+
+        - import_role:
+            name: ceph-defaults
+        - import_role:
+            name: ceph-facts
+        - import_role:
+            name: ceph-handler
+        - import_role:
+            name: ceph-common
+          when: not containerized_deployment
+        - import_role:
+            name: ceph-container-common
+          when: containerized_deployment
+        - import_role:
+            name: ceph-config
+        - import_role:
+            name: ceph-mgr
+
+- name: upgrade ceph mgr nodes
   vars:
     upgrade_ceph_packages: True
     ceph_release: "{{ ceph_stable_release }}"
@@ -263,76 +296,6 @@
   serial: 1
   become: True
   tasks:
-    - import_role:
-        name: ceph-defaults
-    - import_role:
-        name: ceph-facts
-
-    - name: non container - get current fsid
-      command: "ceph --cluster {{ cluster }} fsid"
-      register: cluster_uuid_non_container
-      delegate_to: "{{ groups[mon_group_name][0] }}"
-      when:
-        - not containerized_deployment
-
-    - name: container - get current fsid
-      command: >
-        {{ container_binary }} exec ceph-mon-{{ hostvars[groups[mon_group_name][0]]['ansible_hostname'] }} ceph --cluster {{ cluster }} fsid
-      register: cluster_uuid_container
-      delegate_to: "{{ groups[mon_group_name][0] }}"
-      when:
-        - containerized_deployment
-
-    - name: set_fact ceph_cluster_fsid
-      set_fact:
-        ceph_cluster_fsid: "{{ cluster_uuid_container.stdout if containerized_deployment else cluster_uuid_non_container.stdout }}"
-
-    - name: create ceph mgr keyring(s) when mon is not containerized
-      ceph_key:
-        name: "mgr.{{ hostvars[item]['ansible_hostname'] }}"
-        state: present
-        caps:
-          mon: allow profile mgr
-          osd: allow *
-          mds: allow *
-        cluster: "{{ cluster }}"
-      when:
-        - not containerized_deployment
-        - cephx
-        - groups.get(mgr_group_name, []) | length > 0
-      delegate_to: "{{ groups[mon_group_name][0] }}"
-      with_items: "{{ groups.get(mgr_group_name, []) }}"
-
-    - name: create ceph mgr keyring(s) when mon is containerized
-      ceph_key:
-        name: "mgr.{{ hostvars[item]['ansible_hostname'] }}"
-        state: present
-        caps:
-          mon: allow profile mgr
-          osd: allow *
-          mds: allow *
-        cluster: "{{ cluster }}"
-      environment:
-        CEPH_CONTAINER_IMAGE: "{{ ceph_docker_registry + '/' + ceph_docker_image + ':' + ceph_docker_image_tag if containerized_deployment else None }}"
-        CEPH_UID: "{{ ceph_uid if containerized_deployment else 'ceph' }}"
-        CEPH_CONTAINER_BINARY: "{{ container_binary }}"
-      when:
-        - containerized_deployment
-        - cephx
-        - groups.get(mgr_group_name, []) | length > 0
-      delegate_to: "{{ groups[mon_group_name][0] }}"
-      with_items: "{{ groups.get(mgr_group_name, []) }}"
-
-    - name: fetch ceph mgr key(s)
-      fetch:
-        src: "{{ ceph_conf_key_directory }}/{{ cluster }}.mgr.{{ hostvars[item]['ansible_hostname'] }}.keyring"
-        dest: "{{ fetch_directory }}/{{ ceph_cluster_fsid }}/{{ ceph_conf_key_directory }}/"
-        flat: yes
-        fail_on_missing: no
-      delegate_to: "{{ groups[mon_group_name][0] }}"
-      with_items:
-        - "{{ groups.get(mgr_group_name, []) }}"
-
     # The following task has a failed_when: false
     # to handle the scenario where no mgr existed before the upgrade
     # or if we run a Ceph cluster before Luminous
@@ -343,8 +306,6 @@
         enabled: no
         masked: yes
       failed_when: false
-      when:
-        - not containerized_deployment
 
     - import_role:
         name: ceph-defaults