From: Sébastien Han <seb@redhat.com>
Date: Tue, 19 Jul 2016 15:53:21 +0000 (+0200)
Subject: ceph-osd: add dmcrypt scenario
X-Git-Tag: ceph-ansible-1.0.5-39~5
X-Git-Url: http://git-server-git.apps.pok.os.sepia.ceph.com/?a=commitdiff_plain;h=d0a51551b484d8ff3c9ae1b7a0ccaa3e00435fc7;p=ceph-ansible.git

ceph-osd: add dmcrypt scenario

add the ability to encrypt osd data store using dm-crypt

Signed-off-by: Sébastien Han <seb@redhat.com>
(cherry picked from commit 5978d55d221f435e052514dc328fb701783b2f18)

Resolves: rhbz#1373736 and rhbz#1366808
---

diff --git a/roles/ceph-osd/tasks/scenarios/dmcrypt.yml b/roles/ceph-osd/tasks/scenarios/dmcrypt.yml
new file mode 100644
index 000000000..835b7e4f5
--- /dev/null
+++ b/roles/ceph-osd/tasks/scenarios/dmcrypt.yml
@@ -0,0 +1,37 @@
+---
+## SCENARIO 5: DMCRYPT
+
+- include: ../check_devices.yml
+
+# NOTE (leseb): the prepare process must be parallelized somehow...
+# if you have 64 disks with 4TB each, this will take a while
+# since Ansible will sequential process the loop
+
+# NOTE (alahouze): if the device is a partition, the parted command below has
+# failed, this is why we check if the device is a partition too.
+- name: automatic prepare osd disk(s) without partitions
+  command: ceph-disk prepare --dmcrypt --cluster "{{ cluster }}" "/dev/{{ item.key }}"
+  register: prepared_osds
+  with_dict: ansible_devices
+  when:
+    - ansible_devices is defined
+    - item.value.removable == "0"
+    - item.value.partitions|count == 0
+    - bluestore
+    - osd_auto_discovery
+
+- name: manually prepare osd disk(s)
+  command: ceph-disk prepare --dmcrypt --cluster "{{ cluster }}" "{{ item.2 }}"
+  with_together:
+    - combined_parted_results.results
+    - combined_ispartition_results.results
+    - devices
+  when:
+    - not item.0.get("skipped")
+    - not item.1.get("skipped")
+    - item.0.get("rc", 0) != 0
+    - item.1.get("rc", 0) != 0
+    - bluestore
+    - not osd_auto_discovery
+
+- include: ../activate_osds.yml