From: Guillaume Abrioux Date: Mon, 19 Sep 2022 12:49:35 +0000 (+0200) Subject: mds: do not use ceph/daemon entrypoint X-Git-Url: http://git.apps.os.sepia.ceph.com/?a=commitdiff_plain;h=3b36a4e8263f1afaa118315297aafcaf72cb2038;p=ceph-ansible.git mds: do not use ceph/daemon entrypoint This changes the entrypoint used for ceph-mds containerized daemons in the systemd template.not Signed-off-by: Guillaume Abrioux --- diff --git a/roles/ceph-mds/tasks/common.yml b/roles/ceph-mds/tasks/common.yml index 9e837ddce..f41a5fd59 100644 --- a/roles/ceph-mds/tasks/common.yml +++ b/roles/ceph-mds/tasks/common.yml @@ -43,3 +43,23 @@ - item.item.copy_key | bool no_log: "{{ no_log_on_ceph_key_tasks }}" +- name: create mds keyring + ceph_key: + name: "mds.{{ ansible_facts['hostname'] }}" + cluster: "{{ cluster }}" + user: client.bootstrap-mds + user_key: "/var/lib/ceph/bootstrap-mds/{{ cluster }}.keyring" + caps: + mon: "allow profile mds" + mds: "allow" + osd: "allow rwx" + dest: "/var/lib/ceph/mds/{{ cluster }}-{{ ansible_facts['hostname'] }}/keyring" + import_key: false + owner: "{{ ceph_uid if containerized_deployment | bool else 'ceph' }}" + group: "{{ ceph_uid if containerized_deployment | bool else 'ceph' }}" + mode: "{{ ceph_keyring_permissions }}" + no_log: "{{ no_log_on_ceph_key_tasks }}" + environment: + CEPH_CONTAINER_IMAGE: "{{ ceph_docker_registry + '/' + ceph_docker_image + ':' + ceph_docker_image_tag if containerized_deployment | bool else None }}" + CEPH_CONTAINER_BINARY: "{{ container_binary }}" + when: cephx | bool diff --git a/roles/ceph-mds/tasks/non_containerized.yml b/roles/ceph-mds/tasks/non_containerized.yml index cc69f9a57..ab008e4a0 100644 --- a/roles/ceph-mds/tasks/non_containerized.yml +++ b/roles/ceph-mds/tasks/non_containerized.yml @@ -20,24 +20,6 @@ - mds_group_name in group_names - ansible_facts['os_family'] in ['Suse', 'RedHat'] -- name: create mds keyring - ceph_key: - name: "mds.{{ ansible_facts['hostname'] }}" - cluster: "{{ cluster }}" - user: client.bootstrap-mds - user_key: "/var/lib/ceph/bootstrap-mds/{{ cluster }}.keyring" - caps: - mon: "allow profile mds" - mds: "allow" - osd: "allow rwx" - dest: "/var/lib/ceph/mds/{{ cluster }}-{{ ansible_facts['hostname'] }}/keyring" - import_key: false - owner: ceph - group: ceph - mode: "{{ ceph_keyring_permissions }}" - no_log: "{{ no_log_on_ceph_key_tasks }}" - when: cephx | bool - - name: ensure systemd service override directory exists file: state: directory diff --git a/roles/ceph-mds/templates/ceph-mds.service.j2 b/roles/ceph-mds/templates/ceph-mds.service.j2 index 183dbf87e..f57b8098f 100644 --- a/roles/ceph-mds/templates/ceph-mds.service.j2 +++ b/roles/ceph-mds/templates/ceph-mds.service.j2 @@ -28,19 +28,19 @@ ExecStart=/usr/bin/{{ container_binary }} run --rm --net=host \ --security-opt label=disable \ --memory={{ ceph_mds_docker_memory_limit }} \ --cpus={{ cpu_limit }} \ - -v /var/lib/ceph/mds:/var/lib/ceph/mds:z \ -v /var/lib/ceph/bootstrap-mds:/var/lib/ceph/bootstrap-mds:z \ + -v /var/lib/ceph/mds/{{ cluster }}-{{ ansible_facts['hostname'] }}:/var/lib/ceph/mds/{{ cluster }}-{{ ansible_facts['hostname'] }}:z \ -v /etc/ceph:/etc/ceph:z \ -v /var/run/ceph:/var/run/ceph:z \ -v /etc/localtime:/etc/localtime:ro \ -v /var/log/ceph:/var/log/ceph:z \ - -e CLUSTER={{ cluster }} \ - -e CEPH_DAEMON=MDS \ -e CONTAINER_IMAGE={{ ceph_docker_registry }}/{{ ceph_docker_image }}:{{ ceph_docker_image_tag }} \ -e TCMALLOC_MAX_TOTAL_THREAD_CACHE_BYTES={{ ceph_tcmalloc_max_total_thread_cache }} \ {{ ceph_mds_docker_extra_env }} \ --name=ceph-mds-{{ ansible_facts['hostname'] }} \ - {{ ceph_docker_registry }}/{{ ceph_docker_image }}:{{ ceph_docker_image_tag }} + --entrypoint=/usr/bin/ceph-mds \ + {{ ceph_docker_registry }}/{{ ceph_docker_image }}:{{ ceph_docker_image_tag }} \ + -f -i {{ ansible_facts['hostname'] }} {% if container_binary == 'podman' %} ExecStop=-/usr/bin/sh -c "/usr/bin/{{ container_binary }} rm -f `cat /%t/%n-cid`" {% else %}