---
-- name: create pools
- command: "ceph --cluster {{ cluster }} osd pool create {{ item.name }} {{ item.pgs }}"
- with_items: "{{ pools }}"
- changed_when: false
- failed_when: false
- when:
- - pools | length > 0
- - copy_admin_key
+- name: set docker_exec_client_cmd_binary to ceph-authtool
+ set_fact:
+ docker_exec_client_cmd_binary: ceph-authtool
+ when: containerized_deployment
+
+- name: set docker_exec_client_cmd for containers
+ set_fact:
+ docker_exec_client_cmd: docker run -v /etc/ceph:/etc/ceph --entrypoint /usr/bin/{{ docker_exec_client_cmd_binary }} {{ ceph_docker_registry}}/{{ ceph_docker_image }}:{{ ceph_docker_image_tag }}
+ when: containerized_deployment
+
+- name: set docker_exec_client_cmd for non-containers
+ set_fact:
+ docker_exec_client_cmd: ceph-authtool
+ when: not containerized_deployment
- name: create key(s)
- shell: "ceph-authtool -C /etc/ceph/{{ cluster }}.{{ item.name }}.keyring --name {{ item.name }} --add-key {{ item.key }} --cap mon \"{{ item.mon_cap|default('') }}\" --cap osd \"{{ item.osd_cap|default('') }}\" --cap mds \"{{ item.mds_cap|default('') }}\""
+ shell: "{{ docker_exec_client_cmd }} -C /etc/ceph/{{ cluster }}.{{ item.name }}.keyring --name {{ item.name }} --add-key {{ item.key }} --cap mon \"{{ item.mon_cap|default('') }}\" --cap osd \"{{ item.osd_cap|default('') }}\" --cap mds \"{{ item.mds_cap|default('') }}\""
args:
creates: /etc/ceph/{{ cluster }}.{{ item.name }}.keyring
with_items: "{{ keys }}"
- cephx
- keys | length > 0
+- name: set docker_exec_client_cmd_binary to ceph
+ set_fact:
+ docker_exec_client_cmd_binary: ceph
+ when: containerized_deployment
+
+- name: replace docker_exec_client_cmd by ceph
+ set_fact:
+ docker_exec_client_cmd: ceph
+ when:
+ - not containerized_deployment
+ - docker_exec_client_cmd == 'ceph-authtool'
+
- name: check if key(s) already exist(s)
- command: "ceph --cluster {{ cluster }} auth get {{ item.name }}"
+ command: "{{ docker_exec_client_cmd }} --cluster {{ cluster }} auth get {{ item.name }}"
changed_when: false
failed_when: false
with_items: "{{ keys }}"
when:
- copy_admin_key
+- name: create pools
+ command: "{{ docker_exec_client_cmd }} --cluster {{ cluster }} osd pool create {{ item.name }} {{ item.pgs }}"
+ with_items: "{{ pools }}"
+ changed_when: false
+ failed_when: false
+ when:
+ - pools | length > 0
+ - copy_admin_key
+
- name: add key(s) to ceph
- command: "ceph --cluster {{ cluster }} auth import -i /etc/ceph/{{ cluster }}.{{ item.0.name }}.keyring"
+ command: "{{ docker_exec_client_cmd }} --cluster {{ cluster }} auth import -i /etc/ceph/{{ cluster }}.{{ item.0.name }}.keyring"
changed_when: false
with_together:
- "{{ keys }}"
- "{{ keys_exist.results | default([]) }}"
when:
- - not item.1.get("skipped")
+ - not item.1.get("skipped")
- copy_admin_key
- item.1.rc != 0
+- name: put docker_exec_client_cmd back to normal with a none value
+ set_fact:
+ docker_exec_client_cmd:
+ when: docker_exec_client_cmd == 'ceph'
+
- name: setfacl for key(s)
acl:
path: "/etc/ceph/{{ cluster }}.{{ item.0.name }}.keyring"
global:
osd_pool_default_pg_num: 8
osd_pool_default_size: 1
+user_config: True
+keys:
+ - { name: client.test, key: "AQAin8tUoMPDGRAACcfAQHbq4eTuUoTCZdW1Uw==", mon_cap: "allow r", osd_cap: "allow class-read object_prefix rbd_children, allow rwx pool=test", mode: "0600", acls: [] }
+ - { name: client.test2, key: "AQAin8tUAJkGGhAA8WZ8Lz5c7IkT8QZ5s7bI1A==", mon_cap: "allow r", osd_cap: "allow class-read object_prefix rbd_children, allow rwx pool=test2", mode: "0600", acls: [] }
projects / ceph-ansible.git / commitdiff