From: Sage Weil Date: Mon, 12 Apr 2021 17:50:12 +0000 (-0400) Subject: cephadm: make keepalived unit fiddle sysctl settings X-Git-Tag: v16.2.2~1^2~46 X-Git-Url: http://git-server-git.apps.pok.os.sepia.ceph.com/?a=commitdiff_plain;h=28dd3a17444a7fefae4438017c87762fc081d7a9;p=ceph.git cephadm: make keepalived unit fiddle sysctl settings No need to make the user adjust these manually. Signed-off-by: Sage Weil (cherry picked from commit 2f33c6ebbc8e2a6c3844a6921c857fb0796a1552) --- diff --git a/doc/cephadm/rgw.rst b/doc/cephadm/rgw.rst index ecf62135ec68..0593a1334452 100644 --- a/doc/cephadm/rgw.rst +++ b/doc/cephadm/rgw.rst @@ -114,23 +114,8 @@ between all the RGW daemons available. **Prerequisites:** -* An existing RGW service. -* In order for the Keepalived service to forward network packets properly to the - real servers, each ingress node must have IP forwarding turned on in the kernel:: - - net.ipv4.ip_forward=1 - -* Load balancing in HAProxy and Keepalived at the same time also requires the - ability to bind to an IP address that are nonlocal, meaning that it is not - assigned to a device on the local system. This allows a running load balancer - instance to bind to an IP that is not local for failover.:: - - net.ipv4.ip_nonlocal_bind=1 - -* Be sure to set properly these two options in the file ``/etc/sysctl.conf`` in - order to persist this values even if the hosts are restarted. - These configuration changes must be applied in all the hosts where the ingress service is going to be deployed. - +* An existing RGW service, without SSL. (If you want SSL service, the certificate + should be configured on the ingress service, not the RGW service.) **Deploy of the high availability service for RGW** diff --git a/src/cephadm/cephadm b/src/cephadm/cephadm index eff5dbbc43b8..4bd39a2a8039 100755 --- a/src/cephadm/cephadm +++ b/src/cephadm/cephadm @@ -810,6 +810,14 @@ class Keepalived(object): ] return envs + @staticmethod + def get_prestart(): + return ( + '# keepalived needs IP forwarding and non-local bind\n' + 'sysctl net.ipv4.ip_forward=1\n' + 'sysctl net.ipv4.ip_nonlocal_bind=1\n' + ) + def extract_uid_gid_keepalived(self): # better directory for this? return extract_uid_gid(self.ctx, file_path='/var/lib') @@ -2712,6 +2720,8 @@ def deploy_daemon_units( ceph_iscsi = CephIscsi.init(ctx, fsid, daemon_id) tcmu_container = ceph_iscsi.get_tcmu_runner_container() _write_container_cmd_to_bash(ctx, f, tcmu_container, 'iscsi tcmu-runnter container', background=True) + elif daemon_type == Keepalived.daemon_type: + f.write(Keepalived.get_prestart()) _write_container_cmd_to_bash(ctx, f, c, '%s.%s' % (daemon_type, str(daemon_id)))