From: Sébastien Han Date: Thu, 21 Sep 2017 08:07:37 +0000 (+0200) Subject: iscsi: re-enable the scenario X-Git-Tag: v3.0.0rc13~5^2 X-Git-Url: http://git.apps.os.sepia.ceph.com/?a=commitdiff_plain;h=67c78da05666168a9b0e9f72af9332c92bc74f7e;p=ceph-ansible.git iscsi: re-enable the scenario CentOS 7.4 vagrant box is now available so re-enabling this scenario. For more info: https://seven.centos.org/2017/09/updated-centos-vagrant-images-available-v1708-01/ Signed-off-by: Sébastien Han --- diff --git a/group_vars/iscsi-gws.yml.sample b/group_vars/iscsi-gws.yml.sample index e196e39cd..8751f4215 100644 --- a/group_vars/iscsi-gws.yml.sample +++ b/group_vars/iscsi-gws.yml.sample @@ -17,7 +17,7 @@ dummy: # as an iscsi target portal ip. The list must be comma separated - and the order determines # the sequence of TPG's within the iscsi target across each gateway. Once set, additional # gateways can be added, but the order must *not* be changed. -#gateway_ip_list: "192.168.122.101,192.168.122.102,192.168.122.103" +#gateway_ip_list: 0.0.0.0 # rbd_devices defines the images that should be created and exported from the iscsi gateways. # If the rbd does not exist, it will be created for you. In addition you may increase the @@ -30,11 +30,15 @@ dummy: # to any client, and the remove it from LIO and then delete the rbd image # # NB. this variable definition can be commented out to bypass LUN management +# +# Example: +# #rbd_devices: # - { pool: 'rbd', image: 'ansible1', size: '30G', host: 'ceph-1', state: 'present' } # - { pool: 'rbd', image: 'ansible2', size: '15G', host: 'ceph-1', state: 'present' } # - { pool: 'rbd', image: 'ansible3', size: '30G', host: 'ceph-1', state: 'present' } # - { pool: 'rbd', image: 'ansible4', size: '50G', host: 'ceph-1', state: 'present' } +#rbd_devices: {} # client_connections defines the client ACL's to restrict client access to specific LUNs @@ -45,7 +49,12 @@ dummy: # - status shows the intended state of this client definition - 'present' or 'absent' # # NB. this definition can be commented out to skip client (nodeACL) management +# +# Example: +# #client_connections: # - { client: 'iqn.1994-05.com.redhat:rh7-iscsi-client', image_list: 'rbd.ansible1,rbd.ansible2', chap: 'rh7-iscsi-client/redhat', status: 'present' } # - { client: 'iqn.1991-05.com.microsoft:w2k12r2', image_list: 'rbd.ansible4', chap: 'w2k12r2/microsoft_w2k12', status: 'absent' } +#client_connections: {} + diff --git a/roles/ceph-common/tasks/installs/redhat_dev_repository.yml b/roles/ceph-common/tasks/installs/redhat_dev_repository.yml index 7aa053715..c8fd5bdc9 100644 --- a/roles/ceph-common/tasks/installs/redhat_dev_repository.yml +++ b/roles/ceph-common/tasks/installs/redhat_dev_repository.yml @@ -33,22 +33,35 @@ - nfs_group_name in group_names - nfs_ganesha_dev +- name: set_fact ceph_iscsi_repos + set_fact: + ceph_iscsi_repos: + - ceph-iscsi-config + - tcmu-runner + when: + - ceph_iscsi_config_dev + - iscsi_gw_group_name in group_names + - name: fetch ceph-iscsi-config red hat development repository uri: - url: https://shaman.ceph.com/api/repos/ceph-iscsi-config/{{ ceph_dev_branch }}/{{ ceph_dev_sha1 }}/{{ ansible_distribution | lower }}/{{ ansible_distribution_major_version }}/repo + url: https://shaman.ceph.com/api/repos/{{ item }}/{{ ceph_dev_branch }}/{{ ceph_dev_sha1 }}/{{ ansible_distribution | lower }}/{{ ansible_distribution_major_version }}/repo return_content: yes register: ceph_iscsi_config_dev_yum_repo + with_items: "{{ ceph_iscsi_repos }}" when: - ceph_iscsi_config_dev - iscsi_gw_group_name in group_names - name: configure ceph-iscsi-config red hat development repository copy: - content: "{{ ceph_iscsi_config_dev_yum_repo.content }}" - dest: /etc/yum.repos.d/ceph-iscsi-config-dev.repo + content: "{{ item.0.content }}" + dest: "/etc/yum.repos.d/{{ item.1 }}-dev.repo" owner: root group: root backup: yes + with_together: + - "{{ ceph_iscsi_config_dev_yum_repo.results }}" + - "{{ ceph_iscsi_repos }}" when: - ceph_iscsi_config_dev - iscsi_gw_group_name in group_names diff --git a/roles/ceph-iscsi-gw/defaults/main.yml b/roles/ceph-iscsi-gw/defaults/main.yml index a67d864dd..4d7966aa1 100644 --- a/roles/ceph-iscsi-gw/defaults/main.yml +++ b/roles/ceph-iscsi-gw/defaults/main.yml @@ -9,7 +9,7 @@ gateway_iqn: "iqn.2003-01.com.redhat.iscsi-gw:ceph-igw" # as an iscsi target portal ip. The list must be comma separated - and the order determines # the sequence of TPG's within the iscsi target across each gateway. Once set, additional # gateways can be added, but the order must *not* be changed. -gateway_ip_list: "192.168.122.101,192.168.122.102,192.168.122.103" +gateway_ip_list: 0.0.0.0 # rbd_devices defines the images that should be created and exported from the iscsi gateways. # If the rbd does not exist, it will be created for you. In addition you may increase the @@ -22,11 +22,15 @@ gateway_ip_list: "192.168.122.101,192.168.122.102,192.168.122.103" # to any client, and the remove it from LIO and then delete the rbd image # # NB. this variable definition can be commented out to bypass LUN management -rbd_devices: - - { pool: 'rbd', image: 'ansible1', size: '30G', host: 'ceph-1', state: 'present' } - - { pool: 'rbd', image: 'ansible2', size: '15G', host: 'ceph-1', state: 'present' } - - { pool: 'rbd', image: 'ansible3', size: '30G', host: 'ceph-1', state: 'present' } - - { pool: 'rbd', image: 'ansible4', size: '50G', host: 'ceph-1', state: 'present' } +# +# Example: +# +#rbd_devices: +# - { pool: 'rbd', image: 'ansible1', size: '30G', host: 'ceph-1', state: 'present' } +# - { pool: 'rbd', image: 'ansible2', size: '15G', host: 'ceph-1', state: 'present' } +# - { pool: 'rbd', image: 'ansible3', size: '30G', host: 'ceph-1', state: 'present' } +# - { pool: 'rbd', image: 'ansible4', size: '50G', host: 'ceph-1', state: 'present' } +rbd_devices: {} # client_connections defines the client ACL's to restrict client access to specific LUNs @@ -37,6 +41,11 @@ rbd_devices: # - status shows the intended state of this client definition - 'present' or 'absent' # # NB. this definition can be commented out to skip client (nodeACL) management -client_connections: - - { client: 'iqn.1994-05.com.redhat:rh7-iscsi-client', image_list: 'rbd.ansible1,rbd.ansible2', chap: 'rh7-iscsi-client/redhat', status: 'present' } - - { client: 'iqn.1991-05.com.microsoft:w2k12r2', image_list: 'rbd.ansible4', chap: 'w2k12r2/microsoft_w2k12', status: 'absent' } +# +# Example: +# +#client_connections: +# - { client: 'iqn.1994-05.com.redhat:rh7-iscsi-client', image_list: 'rbd.ansible1,rbd.ansible2', chap: 'rh7-iscsi-client/redhat', status: 'present' } +# - { client: 'iqn.1991-05.com.microsoft:w2k12r2', image_list: 'rbd.ansible4', chap: 'w2k12r2/microsoft_w2k12', status: 'absent' } + +client_connections: {} diff --git a/roles/ceph-iscsi-gw/tasks/check_mandatory_vars.yml b/roles/ceph-iscsi-gw/tasks/check_mandatory_vars.yml new file mode 100644 index 000000000..98b51f869 --- /dev/null +++ b/roles/ceph-iscsi-gw/tasks/check_mandatory_vars.yml @@ -0,0 +1,6 @@ +--- +- name: make sure gateway_ip_list is configured + fail: + msg: "you must set a list of IPs (comma separated) for gateway_ip_list" + when: + - gateway_ip_list == "0.0.0.0" diff --git a/roles/ceph-iscsi-gw/tasks/configure_iscsi.yml b/roles/ceph-iscsi-gw/tasks/configure_iscsi.yml index d270facb5..4138b0c49 100644 --- a/roles/ceph-iscsi-gw/tasks/configure_iscsi.yml +++ b/roles/ceph-iscsi-gw/tasks/configure_iscsi.yml @@ -13,7 +13,7 @@ size: "{{ item.size }}" host: "{{ item.host }}" state: "{{ item.state }}" - with_items: "{{ rbd_devices|default([]) }}" + with_items: "{{ rbd_devices }}" register: images - name: igw_gateway (map) | map luns to the iscsi target @@ -29,5 +29,5 @@ image_list: "{{ item.image_list }}" chap: "{{ item.chap }}" state: "{{ item.status }}" - with_items: "{{ client_connections|default([]) }}" + with_items: "{{ client_connections }}" register: clients diff --git a/roles/ceph-iscsi-gw/tasks/deploy_ssl_keys.yml b/roles/ceph-iscsi-gw/tasks/deploy_ssl_keys.yml index f3d4989a7..1846ee0b1 100644 --- a/roles/ceph-iscsi-gw/tasks/deploy_ssl_keys.yml +++ b/roles/ceph-iscsi-gw/tasks/deploy_ssl_keys.yml @@ -28,9 +28,12 @@ - "{{ crt_files_exist.results }}" when: item.1.stat.exists == true +- name: set_fact generate_crt + set_fact: + generate_crt: true + with_items: "{{ crt_files_exist.results }}" + when: item.stat.exists == false + - name: include generate_crt.yml include: generate_crt.yml - with_together: - - "{{ crt_files }}" - - "{{ crt_files_exist.results }}" - when: item.1.stat.exists == false + when: generate_crt|bool|default(false) diff --git a/roles/ceph-iscsi-gw/tasks/main.yml b/roles/ceph-iscsi-gw/tasks/main.yml index ade5fe2c7..3cde512fb 100644 --- a/roles/ceph-iscsi-gw/tasks/main.yml +++ b/roles/ceph-iscsi-gw/tasks/main.yml @@ -1,4 +1,7 @@ --- +- name: check_mandatory_vars.yml + include: check_mandatory_vars.yml + - name: include prerequisites.yml include: prerequisites.yml diff --git a/roles/ceph-iscsi-gw/tasks/prerequisites.yml b/roles/ceph-iscsi-gw/tasks/prerequisites.yml index 3cc4670bf..6b877100f 100644 --- a/roles/ceph-iscsi-gw/tasks/prerequisites.yml +++ b/roles/ceph-iscsi-gw/tasks/prerequisites.yml @@ -22,8 +22,8 @@ copy: src: "{{ fetch_directory }}/{{ fsid }}/etc/ceph/{{ cluster }}.client.admin.keyring" dest: "/etc/ceph/{{ cluster }}.client.admin.keyring" - owner: "ceph" - group: "ceph" + owner: "root" + group: "root" mode: "0600" when: - cephx diff --git a/roles/ceph-iscsi-gw/templates/iscsi-gateway.cfg.j2 b/roles/ceph-iscsi-gw/templates/iscsi-gateway.cfg.j2 index ce0d859f7..422ebc6ad 100644 --- a/roles/ceph-iscsi-gw/templates/iscsi-gateway.cfg.j2 +++ b/roles/ceph-iscsi-gw/templates/iscsi-gateway.cfg.j2 @@ -5,7 +5,7 @@ [config] cluster_name = {{ cluster }} -gateway_keyring = /etc/ceph/{{ cluster }}.client.admin.keyring +gateway_keyring = {{ cluster }}.client.admin.keyring # Optional settings related to the CLI/API service diff --git a/tests/functional/centos/7/cluster/group_vars/iscsi_gws b/tests/functional/centos/7/cluster/group_vars/iscsi_gws new file mode 100644 index 000000000..f08f50a87 --- /dev/null +++ b/tests/functional/centos/7/cluster/group_vars/iscsi_gws @@ -0,0 +1,2 @@ +--- +gateway_ip_list: 192.168.1.90 diff --git a/tests/functional/centos/7/cluster/hosts b/tests/functional/centos/7/cluster/hosts index bddde7c58..b0bf472bc 100644 --- a/tests/functional/centos/7/cluster/hosts +++ b/tests/functional/centos/7/cluster/hosts @@ -24,5 +24,5 @@ ceph-nfs0 [rbdmirrors] ceph-rbd-mirror0 -#[iscsi_gws] -#ceph-iscsi-gw0 ceph_repository="dev" +[iscsi_gws] +ceph-iscsi-gw0 ceph_repository="dev" diff --git a/tests/functional/centos/7/cluster/vagrant_variables.yml b/tests/functional/centos/7/cluster/vagrant_variables.yml index 5fc482e98..9462f75ae 100644 --- a/tests/functional/centos/7/cluster/vagrant_variables.yml +++ b/tests/functional/centos/7/cluster/vagrant_variables.yml @@ -11,7 +11,7 @@ rgw_vms: 1 nfs_vms: 1 rbd_mirror_vms: 1 client_vms: 1 -iscsi_gw_vms: 0 +iscsi_gw_vms: 1 mgr_vms: 1 # Deploy RESTAPI on each of the Monitors