From: Guilhem Lettron Date: Thu, 6 Feb 2014 11:24:21 +0000 (+0100) Subject: All tests ok X-Git-Tag: v0.2.0~7^2~5 X-Git-Url: http://git-server-git.apps.pok.os.sepia.ceph.com/?a=commitdiff_plain;h=aa8e21d6c10f28cf8d9767fe341589cf07f494ba;p=ceph-cookbooks.git All tests ok Simplify client provider. TODO: Must be test in a real system --- diff --git a/libraries/default.rb b/libraries/default.rb index 6312451..860831a 100644 --- a/libraries/default.rb +++ b/libraries/default.rb @@ -83,7 +83,7 @@ def quorum_members_ips end QUORUM_STATES = %w(leader, peon) -def have_quorum? +def quorum? # "ceph auth get-or-create-key" would hang if the monitor wasn't # in quorum yet, which is highly likely on the first run. This # helper lets us delay the key generation into the next diff --git a/providers/client.rb b/providers/client.rb index d01292a..f51e1b6 100644 --- a/providers/client.rb +++ b/providers/client.rb @@ -1,3 +1,5 @@ +use_inline_resources + def whyrun_supported? true end @@ -6,30 +8,18 @@ action :add do filename = @current_resource.filename keyname = @current_resource.keyname caps = @new_resource.caps.map { |k, v| "#{k} '#{v}'" }.join(' ') - if @current_resource.exists - Chef::Log.info "#{ @new_resource} already exists - nothing to do" - else - if @current_resource.caps != @new_resource.caps - converge_by("create ceph auth key #{keyname}") do - auth_set_key(keyname, caps) unless @current_resource.exists - end - end - if @current_resource.as_keyring - get_new_content = method(:get_new_key_file) - else - get_new_content = method(:get_new_key) - end - if get_saved_key_file(@current_resource.filename) != get_new_content.call(keyname) - converge_by("save ceph auth key to #{filename}") do - file filename do - content lazy { get_new_content.call(keyname) } - owner "root" - group "root" - mode "640" - end - end + unless @current_resource.caps_match + converge_by("Set caps for #{@new_resource}") do + auth_set_key(keyname, caps) end end + + file filename do + content file_content + owner "root" + group "root" + mode "640" + end end def load_current_resource @@ -38,42 +28,26 @@ def load_current_resource @current_resource.as_keyring(@new_resource.as_keyring) @current_resource.keyname(@new_resource.keyname || "client.#{current_resource.name}.#{node['hostname']}") @current_resource.caps(get_caps(@current_resource.keyname)) - if @current_resource.as_keyring - get_new_content = method(:get_new_key_file) - @current_resource.filename(@new_resource.filename || "/etc/ceph/ceph.client.#{current_resource.name}.#{node['hostname']}.keyring") - else - get_new_content = method(:get_new_key) - @current_resource.filename(@new_resource.filename || "/etc/ceph/ceph.client.#{current_resource.name}.#{node['hostname']}.secret") - end - if @current_resource.caps == @new_resource.caps && - get_saved_key_file(@current_resource.filename) == get_new_content.call(@current_resource.keyname) - @current_resource.exists = true - end + default_filename = "/etc/ceph/ceph.client.#{@new_resource.name}.#{node['hostname']}.#{@new_resource.as_keyring ? "keyring" : "secret"}" + @current_resource.filename(@new_resource.filename || default_filename) + @current_resource.key(get_new_key(@current_resource.keyname)) + @current_resource.caps_match = true if @current_resource.caps == @new_resource.caps end -def get_new_key(keyname) - cmd = "ceph auth print_key #{keyname}" - key = Mixlib::ShellOut.new(cmd).run_command.stdout - key +def file_content + @current_resource.as_keyring ? "[#{@current_resource.keyname}]\n\tkey = #{@current_resource.key}\n" : @current_resource.key end -def get_new_key_file(keyname) +def get_new_key(keyname) cmd = "ceph auth print_key #{keyname}" - key = Mixlib::ShellOut.new(cmd).run_command.stdout - "[#{keyname}]\n\tkey = #{key}\n" -end - -def get_saved_key_file(filename) - ::IO.read(filename) rescue "" + Mixlib::ShellOut.new(cmd).run_command.stdout end def get_caps(keyname) caps = {} cmd = "ceph auth get #{keyname}" output = Mixlib::ShellOut.new(cmd).run_command.stdout - output.scan(/caps\s*(\S+)\s*=\s*"([^"]*)"/) {|k, v| - caps[k] = v - } + output.scan(/caps\s*(\S+)\s*=\s*"([^"]*)"/) { |k, v| caps[k] = v } caps end diff --git a/recipes/cephfs.rb b/recipes/cephfs.rb index 5ca881a..0e75145 100644 --- a/recipes/cephfs.rb +++ b/recipes/cephfs.rb @@ -25,7 +25,7 @@ filename = "/etc/ceph/ceph.client.#{client_name}.secret" ceph_client name do filename filename - caps({ "mon" => "allow r", "osd" => "allow rw", "mds" => "allow" }) + caps("mon" => "allow r", "osd" => "allow rw", "mds" => "allow") as_keyring false end diff --git a/recipes/osd.rb b/recipes/osd.rb index 6665542..203ceea 100644 --- a/recipes/osd.rb +++ b/recipes/osd.rb @@ -46,109 +46,106 @@ end service_type = node["ceph"]["osd"]["init_style"] mons = node['ceph']['encrypted_data_bags'] ? get_mon_nodes : get_mon_nodes("ceph_bootstrap_osd_key:*") -if mons.empty? - puts "No ceph-mon found." -else +return "No ceph-mon found." if mons.empty? - directory "/var/lib/ceph/bootstrap-osd" do - owner "root" - group "root" - mode "0755" - end +directory "/var/lib/ceph/bootstrap-osd" do + owner "root" + group "root" + mode "0755" +end - # TODO: cluster name - cluster = 'ceph' +# TODO: cluster name +cluster = 'ceph' - if node['ceph']['encrypted_data_bags'] - secret = Chef::EncryptedDataBagItem.load_secret(node["ceph"]["osd"]["secret_file"]) - osd_secret = Chef::EncryptedDataBagItem.load("ceph", "osd", secret)["secret"] - else - osd_secret = mons[0]["ceph"]["bootstrap_osd_key"] - end +if node['ceph']['encrypted_data_bags'] + secret = Chef::EncryptedDataBagItem.load_secret(node["ceph"]["osd"]["secret_file"]) + osd_secret = Chef::EncryptedDataBagItem.load("ceph", "osd", secret)["secret"] +else + osd_secret = mons[0]["ceph"]["bootstrap_osd_key"] +end - execute "format as keyring" do - command "ceph-authtool '/var/lib/ceph/bootstrap-osd/#{cluster}.keyring' --create-keyring --name=client.bootstrap-osd --add-key='#{osd_secret}'" - creates "/var/lib/ceph/bootstrap-osd/#{cluster}.keyring" - end +execute "format as keyring" do + command "ceph-authtool '/var/lib/ceph/bootstrap-osd/#{cluster}.keyring' --create-keyring --name=client.bootstrap-osd --add-key='#{osd_secret}'" + creates "/var/lib/ceph/bootstrap-osd/#{cluster}.keyring" +end - if crowbar? - node["crowbar"]["disks"].each do |disk, data| - execute "ceph-disk-prepare #{disk}" do - command "ceph-disk-prepare /dev/#{disk}" - only_if { node["crowbar"]["disks"][disk]["usage"] == "Storage" } - notifies :run, "execute[udev trigger]", :immediately - end +if crowbar? + node["crowbar"]["disks"].each do |disk, data| + execute "ceph-disk-prepare #{disk}" do + command "ceph-disk-prepare /dev/#{disk}" + only_if { node["crowbar"]["disks"][disk]["usage"] == "Storage" } + notifies :run, "execute[udev trigger]", :immediately + end - ruby_block "set disk usage for #{disk}" do - block do - node.set["crowbar"]["disks"][disk]["usage"] = "ceph-osd" - node.save - end + ruby_block "set disk usage for #{disk}" do + block do + node.set["crowbar"]["disks"][disk]["usage"] = "ceph-osd" + node.save end end + end - execute "udev trigger" do - command "udevadm trigger --subsystem-match=block --action=add" - action :nothing - end - else - # Calling ceph-disk-prepare is sufficient for deploying an OSD - # After ceph-disk-prepare finishes, the new device will be caught - # by udev which will run ceph-disk-activate on it (udev will map - # the devices if dm-crypt is used). - # IMPORTANT: - # - Always use the default path for OSD (i.e. /var/lib/ceph/ - # osd/$cluster-$id) - # - $cluster should always be ceph - # - The --dmcrypt option will be available starting w/ Cuttlefish - if !node["ceph"]["osd_devices"].nil? - node["ceph"]["osd_devices"].each_with_index do |osd_device, index| - unless osd_device["status"].nil? - Log.info("osd: osd_device #{osd_device} has already been setup.") - next - end + execute "udev trigger" do + command "udevadm trigger --subsystem-match=block --action=add" + action :nothing + end +else + # Calling ceph-disk-prepare is sufficient for deploying an OSD + # After ceph-disk-prepare finishes, the new device will be caught + # by udev which will run ceph-disk-activate on it (udev will map + # the devices if dm-crypt is used). + # IMPORTANT: + # - Always use the default path for OSD (i.e. /var/lib/ceph/ + # osd/$cluster-$id) + # - $cluster should always be ceph + # - The --dmcrypt option will be available starting w/ Cuttlefish + if !node["ceph"]["osd_devices"].nil? + node["ceph"]["osd_devices"].each_with_index do |osd_device, index| + unless osd_device["status"].nil? + Log.info("osd: osd_device #{osd_device} has already been setup.") + next + end - dmcrypt = osd_device["encrypted"] == true ? "--dmcrypt" : "" + dmcrypt = osd_device["encrypted"] == true ? "--dmcrypt" : "" - create_cmd = "ceph-disk-prepare #{dmcrypt} #{osd_device['device']} #{osd_device['journal']}" - if osd_device["type"] == "directory" - directory osd_device["device"] do - owner "root" - group "root" - recursive true - end - create_cmd << " && ceph-disk-activate #{osd_device['device']}" - end - execute "Creating Ceph OSD on #{osd_device['device']}" do - command create_cmd - action :run - notifies :create, "ruby_block[save osd_device status #{index}]" - end - # we add this status to the node env - # so that we can implement recreate - # and/or delete functionalities in the - # future. - ruby_block "save osd_device status #{index}" do - block do - node.normal["ceph"]["osd_devices"][index]["status"] = "deployed" - node.save - end - action :nothing + create_cmd = "ceph-disk-prepare #{dmcrypt} #{osd_device['device']} #{osd_device['journal']}" + if osd_device["type"] == "directory" + directory osd_device["device"] do + owner "root" + group "root" + recursive true end + create_cmd << " && ceph-disk-activate #{osd_device['device']}" + end + execute "Creating Ceph OSD on #{osd_device['device']}" do + command create_cmd + action :run + notifies :create, "ruby_block[save osd_device status #{index}]" end - service "ceph_osd" do - case service_type - when "upstart" - service_name "ceph-osd-all-starter" - provider Chef::Provider::Service::Upstart - else - service_name "ceph" + # we add this status to the node env + # so that we can implement recreate + # and/or delete functionalities in the + # future. + ruby_block "save osd_device status #{index}" do + block do + node.normal["ceph"]["osd_devices"][index]["status"] = "deployed" + node.save end - action [:enable, :start] - supports :restart => true + action :nothing end - else - Log.info('node["ceph"]["osd_devices"] empty') end + service "ceph_osd" do + case service_type + when "upstart" + service_name "ceph-osd-all-starter" + provider Chef::Provider::Service::Upstart + else + service_name "ceph" + end + action [:enable, :start] + supports :restart => true + end + else + Log.info('node["ceph"]["osd_devices"] empty') end end diff --git a/recipes/radosgw.rb b/recipes/radosgw.rb index 7dd1745..2d178c0 100644 --- a/recipes/radosgw.rb +++ b/recipes/radosgw.rb @@ -51,7 +51,7 @@ if !::File.exists?("/var/lib/ceph/radosgw/ceph-radosgw.#{node['hostname']}/done" end ceph_client "radosgw" do - caps({ "mon" => "allow rw", "osd" => "allow rwx" }) + caps("mon" => "allow rw", "osd" => "allow rwx") end file "/var/lib/ceph/radosgw/ceph-radosgw.#{node['hostname']}/done" do diff --git a/resources/client.rb b/resources/client.rb index 0ca1436..7ef91c3 100644 --- a/resources/client.rb +++ b/resources/client.rb @@ -16,4 +16,4 @@ attribute :keyname, :kind_of => String # defaults to /etc/ceph/ceph.client.#{name}.#{hostname}.secret if not as_keyring attribute :filename, :kind_of => String -attr_accessor :exists +attr_accessor :key, :caps_match