]> git.apps.os.sepia.ceph.com Git - ceph-ansible.git/log
ceph-ansible.git
6 years agoosd: remove legacy task
Guillaume Abrioux [Tue, 11 Jun 2019 09:16:51 +0000 (11:16 +0200)]
osd: remove legacy task

`parted_results` isn't used anymore in the playbook.

By the way, `parted` seems to cause issue because it changes the
ownership on devices:

```
root@osd0 ~]# ls -l /dev/sdc*
brw-rw----. 1 root disk 8, 32 Jun 11 08:53 /dev/sdc
brw-rw----. 1 ceph ceph 8, 33 Jun 11 08:53 /dev/sdc1
brw-rw----. 1 ceph ceph 8, 34 Jun 11 08:53 /dev/sdc2

[root@osd0 ~]# parted -s /dev/sdc print
Model: ATA QEMU HARDDISK (scsi)
Disk /dev/sdc: 53.7GB
Sector size (logical/physical): 512B/512B
Partition Table: gpt
Disk Flags:

Number  Start   End     Size    File system  Name           Flags
 1      1049kB  1075MB  1074MB               ceph block.db
 2      1075MB  2149MB  1074MB               ceph block.db

[root@osd0 ~]# #We can see ownerships have changed from ceph:ceph to root:disk:
[root@osd0 ~]# ls -l /dev/sdc*
brw-rw----. 1 root disk 8, 32 Jun 11 08:57 /dev/sdc
brw-rw----. 1 root disk 8, 33 Jun 11 08:57 /dev/sdc1
brw-rw----. 1 root disk 8, 34 Jun 11 08:57 /dev/sdc2
[root@osd0 ~]#
```

Signed-off-by: Guillaume Abrioux <gabrioux@redhat.com>
(cherry picked from commit eece362b38e246a0e6f5f4a487d33409657c2fe8)

6 years agorolling_update: fail early if cluster state is not OK
Guillaume Abrioux [Mon, 10 Jun 2019 14:26:18 +0000 (16:26 +0200)]
rolling_update: fail early if cluster state is not OK

starting an upgrade if the cluster isn't HEALTH_OK isn't a good idea.
Let's check for the cluster status before trying to upgrade.

Signed-off-by: Guillaume Abrioux <gabrioux@redhat.com>
(cherry picked from commit 3a100cfa5265b3a5327ef6a8d382a8059391b903)

6 years agorolling_update: only mask and stop unit in mgr part
Guillaume Abrioux [Mon, 10 Jun 2019 13:18:43 +0000 (15:18 +0200)]
rolling_update: only mask and stop unit in mgr part

Otherwise it fails like following:

```
fatal: [mon0]: FAILED! => changed=false
  msg: |-
    Unable to enable service ceph-mgr@mon0: Failed to execute operation: Cannot send after transport endpoint shutdown
```

Signed-off-by: Guillaume Abrioux <gabrioux@redhat.com>
(cherry picked from commit 51b2813e0483b042fb52dd3056464eaa4a4b1a3c)

6 years agoAdd installer phase for dashboard roles
Dimitri Savineau [Mon, 17 Jun 2019 19:52:04 +0000 (15:52 -0400)]
Add installer phase for dashboard roles

This commits adds the support of the installer phase for dashboard,
grafana and node-exporter roles.

Signed-off-by: Dimitri Savineau <dsavinea@redhat.com>
(cherry picked from commit c7a5967a6fa60e3f0d81a03bc148834c3d4f9b59)

6 years agoalign cephfs pool creation
Rishabh Dave [Tue, 10 Apr 2018 09:32:58 +0000 (11:32 +0200)]
align cephfs pool creation

The definitions of cephfs pools should match openstack pools.

Signed-off-by: Rishabh Dave <ridave@redhat.com>
Co-Authored-by: Simone Caronni <simone.caronni@teralytics.net>
(cherry picked from commit 67071c3169f40621baec2aa51504e9f361eaf890)

6 years agoremove ceph-agent role and references
Dimitri Savineau [Tue, 28 May 2019 14:55:03 +0000 (10:55 -0400)]
remove ceph-agent role and references

The ceph-agent role was used only for RHCS 2 (jewel) so it's not
usefull anymore.
The current code will fail on CentOS distribution because the rhscon
package is only avaible on Red Hat with the RHCS 2 repository and
this ceph release is supported on stable-3.0 branch.

Resolves: #4020

Signed-off-by: Dimitri Savineau <dsavinea@redhat.com>
(cherry picked from commit 7503098ca079b200b3adcb1faf2e255d9c74a581)

6 years agodashboard: fix hosts sections in main playbook
Guillaume Abrioux [Fri, 14 Jun 2019 13:27:11 +0000 (15:27 +0200)]
dashboard: fix hosts sections in main playbook

ceph-dashboard should be deployed on either a dedicated mgr node or a
mon if they are collocated.

Signed-off-by: Guillaume Abrioux <gabrioux@redhat.com>
(cherry picked from commit bdc870cbf5771f2f56ec4b0d64eb702b23f9969a)

6 years agotests: Update ansible ssh_args variable
Dimitri Savineau [Fri, 14 Jun 2019 21:31:39 +0000 (17:31 -0400)]
tests: Update ansible ssh_args variable

Because we're using vagrant, a ssh config file will be created for
each nodes with options like user, host, port, identity, etc...
But via tox we're override ANSIBLE_SSH_ARGS to use this file. This
remove the default value set in ansible.cfg.

Also adding PreferredAuthentications=publickey because CentOS/RHEL
servers are configured with GSSAPIAuthenticationis enabled for ssh
server forcing the client to make a PTR DNS query.

Signed-off-by: Dimitri Savineau <dsavinea@redhat.com>
(cherry picked from commit 34f9d51178f4cd37a7df1bb74897dff7eb5c065f)

6 years agotests: increase docker pull timeout
Guillaume Abrioux [Fri, 14 Jun 2019 09:45:29 +0000 (11:45 +0200)]
tests: increase docker pull timeout

CI is facing issues where docker pull reach the timeout, let's increase
this to avoid CI failures.

Signed-off-by: Guillaume Abrioux <gabrioux@redhat.com>
(cherry picked from commit 1019e3b3dce971cd81bcea854022fc929d42c139)

6 years agoceph-infra: make chronyd default NTP daemon
Rishabh Dave [Wed, 12 Jun 2019 09:09:44 +0000 (14:39 +0530)]
ceph-infra: make chronyd default NTP daemon

Since timesyncd is not available on RHEL-based OSs, change the default
to chronyd for RHEL-based OSs. Also, chronyd is chrony on Ubuntu, so
set the Ansible fact accordingly.

Fixes: https://github.com/ceph/ceph-ansible/issues/3628
Signed-off-by: Rishabh Dave <ridave@redhat.com>
(cherry picked from commit 9d88d3199fd8c6548a56bf9e95cd9239481baa39)

6 years agoiscsi: assign application (rbd) to pool 'rbd'
Guillaume Abrioux [Tue, 11 Jun 2019 20:03:59 +0000 (22:03 +0200)]
iscsi: assign application (rbd) to pool 'rbd'

if we don't assign the rbd application tag on this pool,
the cluster will get `HEALTH_WARN` state like following:

```
HEALTH_WARN application not enabled on 1 pool(s)
POOL_APP_NOT_ENABLED application not enabled on 1 pool(s)
    application not enabled on pool 'rbd'
```

Signed-off-by: Guillaume Abrioux <gabrioux@redhat.com>
(cherry picked from commit 4cf17a6fddc052c944026ae1d138263131e677f8)

6 years agoceph-infra: update cache for Ubuntu
Rishabh Dave [Thu, 13 Jun 2019 08:06:00 +0000 (13:36 +0530)]
ceph-infra: update cache for Ubuntu

Ubuntu-based CI jobs often fail with error code 404 while installing
NTP daemons. Updating cache beforehand should fix the issue.

Signed-off-by: Rishabh Dave <ridave@redhat.com>
(cherry picked from commit d1c266e6c7f9906f6455e71583496c4d902b8565)

6 years agomon: enforce mon0 delegation for initial_mon_key register v4.0.0rc9
Guillaume Abrioux [Wed, 12 Jun 2019 09:38:49 +0000 (11:38 +0200)]
mon: enforce mon0 delegation for initial_mon_key register

since this task is designed to be always run on the first monitor, let's
enforce the container name accordingly otherwise it could fail like
following:

```
fatal: [mon1 -> mon0]: FAILED! => changed=true
  cmd:
  - docker
  - exec
  - ceph-mon-mon1
  - ceph
  - --cluster
  - ceph
  - --name
  - mon.
  - -k
  - /var/lib/ceph/mon/ceph-mon0/keyring
  - auth
  - get-key
  - mon.
  delta: '0:00:00.085025'
  end: '2019-06-12 06:12:27.677936'
  msg: non-zero return code
  rc: 1
  start: '2019-06-12 06:12:27.592911'
  stderr: 'Error response from daemon: No such container: ceph-mon-mon1'
  stderr_lines: <omitted>
  stdout: ''
  stdout_lines: <omitted>
```

Signed-off-by: Guillaume Abrioux <gabrioux@redhat.com>
(cherry picked from commit 905c2256bdf16fe19aa6e5ead641a30ee559f27d)

6 years agoceph-node-exporter: Fix systemd template
Dimitri Savineau [Tue, 11 Jun 2019 14:46:35 +0000 (10:46 -0400)]
ceph-node-exporter: Fix systemd template

069076b introduced a bug in the systemd unit script template. This
commit fixes the options used by the node-exporter container.

Signed-off-by: Dimitri Savineau <dsavinea@redhat.com>
(cherry picked from commit d0840217f3e8ffd3fe9d45fbd41b60444b70a290)

6 years agodashboard: add allow_embedding support
Guillaume Abrioux [Wed, 12 Jun 2019 06:01:06 +0000 (08:01 +0200)]
dashboard: add allow_embedding support

Add a variable to support the allow_embedding support.

See ceph/ceph-ansible/issues/4084 for details.

Fixes: #4084
Signed-off-by: Guillaume Abrioux <gabrioux@redhat.com>
(cherry picked from commit 27856cc49959de0f7cfaef63f4a674fb3264a232)

6 years agodashboard: fix dashboard_url setting
Guillaume Abrioux [Wed, 12 Jun 2019 06:31:47 +0000 (08:31 +0200)]
dashboard: fix dashboard_url setting

This setting must be set to something resolvable.

See: ceph/ceph-ansible/issues/4085 for details

Fixes: #4085
Signed-off-by: Guillaume Abrioux <gabrioux@redhat.com>
(cherry picked from commit 2c9cd9d9e758f7ed2525643f33fe1427d1a857cd)

6 years agoceph-handler: replace fuser by /proc/net/unix
Dimitri Savineau [Thu, 6 Jun 2019 18:08:18 +0000 (14:08 -0400)]
ceph-handler: replace fuser by /proc/net/unix

We're using fuser command to see if a process is using a ceph unix
socket file. But the fuser command runs through every PID present in
/proc/<PID> to see if one of them is using the file.
On a system running thousands processes, the fuser command can take
a long time to finish.

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1717011

Signed-off-by: Dimitri Savineau <dsavinea@redhat.com>
(cherry picked from commit da9891da1e8b9a8c91077c74e54a9df8ebb7070d)

6 years agotox-dashboard: update for nautilus
Dimitri Savineau [Wed, 12 Jun 2019 17:36:48 +0000 (13:36 -0400)]
tox-dashboard: update for nautilus

We don't need to use dev_setup playbook on stable branch. We also
need to remove the dev container image variables and update the
value to match nautilus.

Signed-off-by: Dimitri Savineau <dsavinea@redhat.com>
6 years agoceph-node-exporter: use modprobe ansible module
Dimitri Savineau [Tue, 11 Jun 2019 13:35:28 +0000 (09:35 -0400)]
ceph-node-exporter: use modprobe ansible module

Instead of using the modprobe command from the path in the systemd
unit script, we can use the modprobe ansible module.
That way we don't have to manage the binary path based on the linux
distribution.

Resolves: #4072

Signed-off-by: Dimitri Savineau <dsavinea@redhat.com>
(cherry picked from commit dbf81b6b5bd6d7e977706a93f9e75b38efe32305)

6 years agoFix units and add ability to have a dedicated instance
fmount [Thu, 23 May 2019 14:21:08 +0000 (16:21 +0200)]
Fix units and add ability to have a dedicated instance

Few fixes on systemd unit templates for node_exporter and
alertmanager container parameters.
Added the ability to use a dedicated instance to deploy the
dashboard components (prometheus and grafana).
This commit also introduces the grafana_group_name variable
to refer grafana group and keep consistency with the other
groups.
During the integration with TripleO some grafana/prometheus
template variables resulted undefined. This commit adds the
ability to check if the group exist and create, accordingly,
different job groups in prometheus template.

Signed-off-by: fmount <fpantano@redhat.com>
(cherry picked from commit 069076bbfdef30c64b33dfcdd063b1e31d65d617)

6 years agovalidate: fail in check_devices at the right task
Guillaume Abrioux [Fri, 7 Jun 2019 08:50:28 +0000 (10:50 +0200)]
validate: fail in check_devices at the right task

see https://bugzilla.redhat.com/show_bug.cgi?id=1648168#c17 for details.

Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1648168#c17
Signed-off-by: Guillaume Abrioux <gabrioux@redhat.com>
(cherry picked from commit 771648304d7d867e053f8b8fe3ce5b36e061f100)

6 years agospec: bring back possibility to install ceph with custom repo
Guillaume Abrioux [Fri, 7 Jun 2019 08:16:16 +0000 (10:16 +0200)]
spec: bring back possibility to install ceph with custom repo

This can be seen as a regression for customers who were used to deploy
in offline environment with custom repositories.

Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1673254
Signed-off-by: Guillaume Abrioux <gabrioux@redhat.com>
(cherry picked from commit c933645bf7015e08c97058186954483c40ecbfbd)

6 years agocontainer-common: support podman on Ubuntu
Dimitri Savineau [Fri, 17 May 2019 21:10:34 +0000 (17:10 -0400)]
container-common: support podman on Ubuntu

Currently we're only able to use podman on ubuntu if podman's
installation is done manually before the ceph-ansible execution
because the deb package is present in an external repository.
We already manage the docker-ce installation via an external
repository so we should be able to allow the podman installation
with the same mechanism too.

https://github.com/containers/libpod/blob/master/install.md#ubuntu

Resolves: #3947

Signed-off-by: Dimitri Savineau <dsavinea@redhat.com>
(cherry picked from commit 518ab794fb0965c6ca8af56f18e0c54529eca8d5)

6 years agopodman: Add systemd dependency on network.target
Dimitri Savineau [Thu, 6 Jun 2019 19:41:35 +0000 (15:41 -0400)]
podman: Add systemd dependency on network.target

When using podman, the systemd unit scripts don't have a dependency
on the network. So we're not sure that the network is up and running
when the containers are starting.
With docker this behaviour is already handled because the systemd
unit scripts depend on docker service which is started after the
network.

Signed-off-by: Dimitri Savineau <dsavinea@redhat.com>
(cherry picked from commit f49090df7ef82419c69dfd7a22250a79c17de42f)

6 years agoansible: use 'bool' filter on boolean conditionals
L3D [Wed, 22 May 2019 08:02:42 +0000 (10:02 +0200)]
ansible: use 'bool' filter on boolean conditionals

By running ceph-ansible there are a lot ``[DEPRECATION WARNING]`` like these:
```
[DEPRECATION WARNING]: evaluating containerized_deployment as a bare variable,
this behaviour will go away and you might need to add |bool to the expression
in the future. Also see CONDITIONAL_BARE_VARS configuration toggle.. This
feature will be removed in version 2.12. Deprecation warnings can be disabled
by setting deprecation_warnings=False in ansible.cfg.
```

Now appended ``| bool`` on a lot of the affected variables.

Sometimes the coding style from ``variable|bool`` changed to ``variable | bool`` *(with spaces at the pipe)*.

Closes: #4022
Signed-off-by: L3D <l3d@c3woc.de>
(cherry picked from commit ab54fe20ec2e3bf16e4544c39548d1e21dacf0d5)

6 years agopurge-cluster: clean all ceph repo files
Dimitri Savineau [Thu, 6 Jun 2019 17:51:16 +0000 (13:51 -0400)]
purge-cluster: clean all ceph repo files

We currently only purge rh_storage yum repository file but depending
on the ceph_repository value we are using, the ceph repository file
could have a different name.

Resolves: #4056

Signed-off-by: Dimitri Savineau <dsavinea@redhat.com>
(cherry picked from commit 44c63903cacb06fd6a32fcc591d31b2be3c7e82a)

6 years agoAdd section for purging rgw loadbalancer in purge-cluster.yml
guihecheng [Fri, 1 Mar 2019 07:51:43 +0000 (15:51 +0800)]
Add section for purging rgw loadbalancer in purge-cluster.yml

Signed-off-by: guihecheng <guihecheng@cmiot.chinamobile.com>
(cherry picked from commit 59e702ec39f5b6b109138f30aa6c45b56b544554)

6 years agoAdd section for rgw loadbalancer in site.yml
guihecheng [Thu, 4 Apr 2019 03:33:15 +0000 (11:33 +0800)]
Add section for rgw loadbalancer in site.yml

This drives ceph rgw loadbalancer stuff to run.

Signed-off-by: guihecheng <guihecheng@cmiot.chinamobile.com>
(cherry picked from commit 96c346743ba7cff2e737f13b8b442f14c54a9a55)

6 years agoAdd role definitions of ceph-rgw-loadbalancer
guihecheng [Thu, 4 Apr 2019 02:54:41 +0000 (10:54 +0800)]
Add role definitions of ceph-rgw-loadbalancer

This add support for rgw loadbalancer based on HAProxy and Keepalived.
We define a single role ceph-rgw-loadbalancer and include HAProxy and
Keepalived configurations all in this.

A single haproxy backend is used to balance all RGW instances and
a single frontend is exported via a single port, default 80.

Keepalived is used to maintain the high availability of all haproxy
instances. You are free to use any number of VIPs. A single VIP is
shared across all keepalived instances and there will be one
master for one VIP, selected sequentially, and others serve as
backups.
This assumes that each keepalived instance is on the same node as
one haproxy instance and we use a simple check script to detect
the state of each haproxy instance and trigger the VIP failover
upon its failure.

Signed-off-by: guihecheng <guihecheng@cmiot.chinamobile.com>
(cherry picked from commit 35d40c65f8c7f785a53978210c54f642e1384feb)

6 years agovalidate: add a check for nfs standalone
Guillaume Abrioux [Mon, 20 May 2019 14:28:42 +0000 (16:28 +0200)]
validate: add a check for nfs standalone

if `nfs_obj_gw` is True when deploying an internal ganesha with an
external ceph cluster, `ceph_nfs_rgw_access_key` and
`ceph_nfs_rgw_secret_key` must be provided so the
ganesha configuration file can be generated.

Signed-off-by: Guillaume Abrioux <gabrioux@redhat.com>
(cherry picked from commit 003aeea45a8e232d2bd592c0dc866eb768e9d812)

6 years agonfs: support internal Ganesha with external ceph cluster
Guillaume Abrioux [Mon, 20 May 2019 13:58:10 +0000 (15:58 +0200)]
nfs: support internal Ganesha with external ceph cluster

This commits allows to deploy an internal ganesha with an external ceph
cluster.

This requires to define `external_cluster_mon_ips` with a comma
separated list of external monitors.

Closes: https://bugzilla.redhat.com/show_bug.cgi?id=1710358
Signed-off-by: Guillaume Abrioux <gabrioux@redhat.com>
(cherry picked from commit 6a6785b719d126cf54ebad8b2a22c97d90afd05e)

6 years agoceph-osd: do not relabel /run/udev in containerized context
Guillaume Abrioux [Mon, 3 Jun 2019 17:15:30 +0000 (19:15 +0200)]
ceph-osd: do not relabel /run/udev in containerized context

Otherwise content in /run/udev is mislabeled and prevent some services
like NetworkManager from starting.

Signed-off-by: Guillaume Abrioux <gabrioux@redhat.com>
(cherry picked from commit 80875adba791b732713f686a4e4eba182758dc9d)

6 years agotests: test podman against atomic os instead rhel8
Guillaume Abrioux [Thu, 23 May 2019 08:49:54 +0000 (10:49 +0200)]
tests: test podman against atomic os instead rhel8

the rhel8 image used is an outdated beta version, it is not worth it to
maintain this image upstream, since it's possible to test podman with a
newer version of centos/atomic-host image.

Signed-off-by: Guillaume Abrioux <gabrioux@redhat.com>
(cherry picked from commit a78fb209b18e4f8e4f60c92e6f62520446eda486)

6 years agosite-container: update container-engine role
Dimitri Savineau [Tue, 28 May 2019 20:43:48 +0000 (16:43 -0400)]
site-container: update container-engine role

Since the split between container-engine and container-common roles,
the tags and condition were not updated to reflect the change.

- ceph-container-engine needs with_pkg tag
- ceph-container-common needs fetch_container_images
- we don't need to pull the container image in a dedicated task for
atomic host. We can now use the ceph-container-common role.

Signed-off-by: Dimitri Savineau <dsavinea@redhat.com>
(cherry picked from commit 2d375e1aa779e19a39ac435d7064133add07c3ce)

6 years agoceph-nfs: use template module for configuration
Dimitri Savineau [Mon, 3 Jun 2019 19:28:39 +0000 (15:28 -0400)]
ceph-nfs: use template module for configuration

789cef7 introduces a regression in the ganesha configuration file
generation. The new config_template module version broke it.
But the ganesha.conf file isn't an ini file and doesn't really
need to use the config_template module. Instead we can use the
classic template module.

Resolves: #4045

Signed-off-by: Dimitri Savineau <dsavinea@redhat.com>
(cherry picked from commit 616c4846980bc01144417416d60fd9bb46aa14a9)

6 years agoceph-facts: generate fsid on mon node
Dimitri Savineau [Fri, 31 May 2019 17:26:30 +0000 (13:26 -0400)]
ceph-facts: generate fsid on mon node

The fsid generation is done via a python command. When the ansible
controller node only have python3 available (like RHEL 8) then the
python command isn't necessarily present causing the fsid generation
to fail.
We already do some resource creation (like ceph keyring secret) with
the python command too but from the mon node so we should do the same
for fsid.

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1714631

Signed-off-by: Dimitri Savineau <dsavinea@redhat.com>
(cherry picked from commit daf92a9e1f8ed14e03e20a4d908f49c411eb8887)

6 years agovagrant: Default box to centos/7
Dimitri Savineau [Fri, 31 May 2019 14:22:15 +0000 (10:22 -0400)]
vagrant: Default box to centos/7

We don't use ceph/ubuntu-xenial anymore but only centos/7 and
centos/atomic-host.
Changing the default to centos/7.

Resolves: #4036

Signed-off-by: Dimitri Savineau <dsavinea@redhat.com>
(cherry picked from commit 24d0fd70030e3014405bf3bf2d628ede4cee6466)

6 years agoSync config_template from upstream
Kevin Carter [Wed, 22 May 2019 18:08:10 +0000 (13:08 -0500)]
Sync config_template from upstream

This change pulls in the most recent release of the config_template module
into the ceph_ansible action plugins.

Signed-off-by: Kevin Carter <kecarter@redhat.com>
(cherry picked from commit 789cef7621a3869fb42d4b2749f22d11ff08f6e0)

6 years agotests: add retries on failing tests in testinfra
Guillaume Abrioux [Wed, 22 May 2019 08:42:33 +0000 (10:42 +0200)]
tests: add retries on failing tests in testinfra

This commit adds `pytest-rerunfailures` in requirements.txt so we can
retry failing test in testinfra to avoid false positive. (eg: sometimes it
can happen for some reason a service takes too much time to start)

Signed-off-by: Guillaume Abrioux <gabrioux@redhat.com>
(cherry picked from commit 4708b7615f6acab9fe9f251eaf2a6da2e1f859ab)

6 years agoroles: introduce `ceph-container-engine` role
Guillaume Abrioux [Mon, 20 May 2019 07:46:10 +0000 (09:46 +0200)]
roles: introduce `ceph-container-engine` role

This commit splits the current `ceph-container-common` role.

This introduces a new role `ceph-container-engine` which handles the
tasks specific to the installation of containers tools (docker/podman).

This is needed for the ceph-dashboard implementation for 2 main reasons:

1/ Since the ceph-dashboard stack is only containerized, we must install
everything needed to run containers even in non containerized
deployments. Splitting this role allows us to not have to call the full
`ceph-container-common` role which would run a bunch of unneeded tasks
that would have been skipped anyway.

2/ The current implementation would have required to run
`ceph-container-common` on all ceph-clients nodes which would have been
conflicting with 9d3517c670ea2e944565e1a3e150a966b2d399de (we don't want
to run ceph-container-common on all client nodes, see mentioned commit
for more details)

Signed-off-by: Guillaume Abrioux <gabrioux@redhat.com>
(cherry picked from commit 55420d6253bc6605738fe3f4745e2ba08a6ea5b8)

6 years agoceph-mgr: install python-routes for dashboard
Dimitri Savineau [Fri, 17 May 2019 15:24:00 +0000 (11:24 -0400)]
ceph-mgr: install python-routes for dashboard

The ceph mgr dashboard requires routes python library to be installed
on the system.

Resolves: #3995

Signed-off-by: Dimitri Savineau <dsavinea@redhat.com>
(cherry picked from commit f37edfa113cc16844b5b76cb218f180124acb283)

6 years agoceph-prometheus: fix error in templates
Dimitri Savineau [Tue, 21 May 2019 14:29:16 +0000 (10:29 -0400)]
ceph-prometheus: fix error in templates

- remove trailing double quotes in jinja templates
- add jinja filename without .j2 suffix

Resolves: #4011

Signed-off-by: Dimitri Savineau <dsavinea@redhat.com>
(cherry picked from commit 29b0d47c8cc3943ee89aaa660455616f87f90caa)

6 years agocommon: use gnupg instead of gpg
Dimitri Savineau [Tue, 21 May 2019 13:21:16 +0000 (09:21 -0400)]
common: use gnupg instead of gpg

gpg package isn't available for all Debian/Ubuntu distribution but
gnupg is.

Signed-off-by: Dimitri Savineau <dsavinea@redhat.com>
(cherry picked from commit 622d9feae924b216d02fc10a90c5a2089ab98794)

6 years agoconfig: fix ipv6
Guillaume Abrioux [Tue, 21 May 2019 13:48:34 +0000 (15:48 +0200)]
config: fix ipv6

As of nautilus, if you set `ms bind ipv6 = True` you must explicitly set
`ms bind ipv4 = False` too, otherwise OSDs will still try to pick up an
IPv4 address.

Closes: https://bugzilla.redhat.com/show_bug.cgi?id=1710319
Signed-off-by: Guillaume Abrioux <gabrioux@redhat.com>
(cherry picked from commit 6ca7372a2df1cb1ad7ef56b121ebfc94afc24ec7)

6 years agotests: update testinfra release
Dimitri Savineau [Tue, 30 Apr 2019 14:24:25 +0000 (10:24 -0400)]
tests: update testinfra release

In order to support ansible 2.8 with testinfra we need to use the
latest release (3.0.x).
Adding ssh-config option to py.test.
Also bumping the pytest and xdist version.

Signed-off-by: Dimitri Savineau <dsavinea@redhat.com>
(cherry picked from commit de147469d7e78be51874575602226a684280ef4a)

6 years agoceph-nfs: apply selinux fix anyway
Dimitri Savineau [Thu, 18 Apr 2019 14:02:12 +0000 (10:02 -0400)]
ceph-nfs: apply selinux fix anyway

Because ansible_distribution_version doesn't return minor version on
CentOS with ansible 2.8 we can apply the selinux anyway but only for
CentOS/RHEL 7.
Starting RHEL 8, there's a dedicated package for selinux called
nfs-ganesha-selinux [1].

Also replace the command module + semanage by the selinux_permissive
module.

[1] https://github.com/nfs-ganesha/nfs-ganesha/commit/a7911f

Signed-off-by: Dimitri Savineau <dsavinea@redhat.com>
(cherry picked from commit 0ee833432eb5d2b4998002c495ff08a65a3b26c6)

6 years agoceph-validate: use kernel validation for iscsi
Dimitri Savineau [Thu, 18 Apr 2019 13:37:07 +0000 (09:37 -0400)]
ceph-validate: use kernel validation for iscsi

Ceph iSCSI gateway requires Red Hat Enterprise Linux or CentOS 7.5
or later.
Because we can not check the ansible_distribution_version fact for
CentOS with ansible 2.8 (returns only the major version) we can
fallback by checking the kernel option.

  - CONFIG_TARGET_CORE=m
  - CONFIG_TCM_USER2=m
  - CONFIG_ISCSI_TARGET=m

http://docs.ceph.com/docs/master/rbd/iscsi-target-cli-manual-install/

Signed-off-by: Dimitri Savineau <dsavinea@redhat.com>
(cherry picked from commit 0c7fd79865d216d1caa1228bbbc9c021551ab12c)

6 years agoswitch to ansible 2.8
Guillaume Abrioux [Tue, 9 Apr 2019 07:22:06 +0000 (09:22 +0200)]
switch to ansible 2.8

- remove private attribute with import_role.
- update documentation.
- update rpm spec requirement.
- fix MagicMock python import in unit tests.

Closes: #3765
Signed-off-by: Guillaume Abrioux <gabrioux@redhat.com>
(cherry picked from commit 72d8315299aa56889d8c680269fdf5da57f9654e)

6 years agodashboard: move the call to ceph-node-exporter
Guillaume Abrioux [Fri, 17 May 2019 15:34:09 +0000 (17:34 +0200)]
dashboard: move the call to ceph-node-exporter

This moves the call to ceph-node-exporter role after
ceph-container-common, otherwise it will try to run container before
docker or podman are installed.

Signed-off-by: Guillaume Abrioux <gabrioux@redhat.com>
(cherry picked from commit 7c6a3bf825cfd94aad98734ec1d00109189d005b)

6 years agocommon: install dependencies for apt modules
Dimitri Savineau [Fri, 17 May 2019 14:31:46 +0000 (10:31 -0400)]
common: install dependencies for apt modules

When using a minimal Debian/Ubuntu distribution there's no
ca-certificates and gpg packages installed so the apt modules will
fail:

Failed to find required executable gpg in paths:
/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin

apt.cache.FetchFailedException:
W:https://download.ceph.com/debian-luminous/dists/bionic/InRelease:
No system certificates available. Try installing ca-certificates.

Resolves: #3994

Signed-off-by: Dimitri Savineau <dsavinea@redhat.com>
(cherry picked from commit 494746b7a661efcf99addd20cfe2ec7b34c4f490)

6 years agotox: Don't copy infrastructure playbook
Dimitri Savineau [Tue, 23 Apr 2019 14:40:09 +0000 (10:40 -0400)]
tox: Don't copy infrastructure playbook

Since a1a871c we don't need to copy the infrastructure playbooks
under the ceph-ansible root directory.

Signed-off-by: Dimitri Savineau <dsavinea@redhat.com>
(cherry picked from commit 0f89a3f7a5924802d32d57bd8a4510a025f5b07e)

6 years agopurge-docker-cluster: don't remove data on atomic
Dimitri Savineau [Thu, 16 May 2019 14:00:58 +0000 (10:00 -0400)]
purge-docker-cluster: don't remove data on atomic

Because we don't manage the docker service on atomic (yet) via the
ceph-container-common role then we can't stop docker dans remove
the data.
For now let's do that only for non atomic hosts.

Signed-off-by: Dimitri Savineau <dsavinea@redhat.com>
(cherry picked from commit 638604929b2105c1c224a2858df90d976f91761e)

6 years agodashboard: move defaults variables to ceph-defaults v4.0.0rc8
Guillaume Abrioux [Thu, 16 May 2019 13:58:20 +0000 (15:58 +0200)]
dashboard: move defaults variables to ceph-defaults

There is no need to have default values for these variables in each roles
since there is no corresponding host groups

Signed-off-by: Guillaume Abrioux <gabrioux@redhat.com>
(cherry picked from commit 9f0d4d6847c6edff6804969ab4fdd34451a5d2cc)

6 years agorename docker_exec_cmd variable
Guillaume Abrioux [Tue, 14 May 2019 12:51:32 +0000 (14:51 +0200)]
rename docker_exec_cmd variable

This commit renames the `docker_exec_cmd` variable to
`container_exec_cmd` so it's more generic.

Signed-off-by: Guillaume Abrioux <gabrioux@redhat.com>
(cherry picked from commit e74d80e72fa5044569d30d5185fd16b7debf1dea)

6 years agodashboard: fix a typo
Guillaume Abrioux [Thu, 16 May 2019 12:36:53 +0000 (14:36 +0200)]
dashboard: fix a typo

6f0643c8e introduced a typo, the role that should be run is
ceph-container-common, not ceph-common

Signed-off-by: Guillaume Abrioux <gabrioux@redhat.com>
(cherry picked from commit acac24d9847b7708a27bfdea36ee73625440720a)

6 years agotests: add dashboard scenario testing
Guillaume Abrioux [Thu, 16 May 2019 09:19:11 +0000 (11:19 +0200)]
tests: add dashboard scenario testing

This commit add a new scenario to test the dashboard deployment via
ceph-ansible.

Signed-off-by: Guillaume Abrioux <gabrioux@redhat.com>
(cherry picked from commit 17634fc3df5adf3b5eca70c42eeb5dd5c235aaae)

6 years agodashboard: align the way containers are managed
Guillaume Abrioux [Thu, 16 May 2019 08:56:06 +0000 (10:56 +0200)]
dashboard: align the way containers are managed

This commit aligns the way the different containers are managed with how
it's currently done with the other ceph daemon.

Signed-off-by: Guillaume Abrioux <gabrioux@redhat.com>
(cherry picked from commit cc285c417ab42fa8c3d1bc08bdb95e981ba9444f)

6 years agodashboard: convert dashboard_rgw_api_no_ssl_verify to a bool
Guillaume Abrioux [Wed, 15 May 2019 14:16:55 +0000 (16:16 +0200)]
dashboard: convert dashboard_rgw_api_no_ssl_verify to a bool

make `dashboard_rgw_api_no_ssl_verify` a bool variable since it seems to
be used as it.

Signed-off-by: Guillaume Abrioux <gabrioux@redhat.com>
(cherry picked from commit cd5f3fca649ad823247f96e4060456ca44b1415e)

6 years agodashboard: generate group_vars sample files
Guillaume Abrioux [Wed, 15 May 2019 14:15:48 +0000 (16:15 +0200)]
dashboard: generate group_vars sample files

generate all group_vars sample files corresponding to new roles added
for ceph-dashboard implementation.

Signed-off-by: Guillaume Abrioux <gabrioux@redhat.com>
(cherry picked from commit 50672c65a6ab87e7536764f43666998301330f53)

6 years agodashboard: remove legacy file
Guillaume Abrioux [Wed, 15 May 2019 13:00:26 +0000 (15:00 +0200)]
dashboard: remove legacy file

this file seems to be no longer used, let's remove it.

Signed-off-by: Guillaume Abrioux <gabrioux@redhat.com>
(cherry picked from commit 8bbcc46ae4f78c477d041082706f1ddf34c85dee)

6 years agodashboard: set less permissive permissions on dashboard certificate/key
Guillaume Abrioux [Wed, 15 May 2019 12:38:46 +0000 (14:38 +0200)]
dashboard: set less permissive permissions on dashboard certificate/key

use `0440` instead of `0644` is enough

Signed-off-by: Guillaume Abrioux <gabrioux@redhat.com>
(cherry picked from commit 14f381200d7341ff5c5ce19e8768da8e97f43fcd)

6 years agodashboard: simplify config-key command
Guillaume Abrioux [Wed, 15 May 2019 12:35:24 +0000 (14:35 +0200)]
dashboard: simplify config-key command

since stable-4.0 isn't to deploy ceph releases prior to nautilus,
there's no need to add this complexity here.

Signed-off-by: Guillaume Abrioux <gabrioux@redhat.com>
(cherry picked from commit 4405f50c85720ff9d0cee78eb784621b527b28cc)

6 years agoplaybook: use blocks for grafana-server section
Guillaume Abrioux [Wed, 15 May 2019 12:11:00 +0000 (14:11 +0200)]
playbook: use blocks for grafana-server section

use a block in grafana-server section to avoid duplicate condition.

Signed-off-by: Guillaume Abrioux <gabrioux@redhat.com>
(cherry picked from commit be4a5656125cb26589564e5b8b15829da3db414d)

6 years agodashboard: do not call ceph-container-common from other role
Guillaume Abrioux [Tue, 14 May 2019 14:34:50 +0000 (16:34 +0200)]
dashboard: do not call ceph-container-common from other role

use site.yml to deploy ceph-container-common in order to install docker
even in non-containerized deployments since there's no RPM available to
deploy the differents applications needed for ceph-dashboard.

Signed-off-by: Guillaume Abrioux <gabrioux@redhat.com>
(cherry picked from commit cdff0da7d421b6761842d2d6195f33a4e1030541)

6 years agodashboard: use existing variable to detect containerized deployment
Guillaume Abrioux [Tue, 14 May 2019 12:46:25 +0000 (14:46 +0200)]
dashboard: use existing variable to detect containerized deployment

there is no need to add more complexity for this, let's use
`containerized_deployment` in order to detect if we are running a
containerized deployment.
The idea is to use `container_exec_cmd` the same way we do in the rest of
the playbook to run the different ceph commands needed to deploy the
ceph-dashboard role.

Signed-off-by: Guillaume Abrioux <gabrioux@redhat.com>
(cherry picked from commit 742bb6214c806cb7db1f1ea54276aecf0bf22049)

6 years agofacts: set container_binary fact in non-containerized deployment
Guillaume Abrioux [Mon, 13 May 2019 14:34:53 +0000 (16:34 +0200)]
facts: set container_binary fact in non-containerized deployment

This is needed for the ceph-dashboard implementation since it requires
to run containerized application which aren't packaged as RPMs.

Signed-off-by: Guillaume Abrioux <gabrioux@redhat.com>
(cherry picked from commit 6d9dbb1d3908507763c9f07609d7fe192ec51f5e)

6 years agodashboard: rename template files
Guillaume Abrioux [Mon, 13 May 2019 14:21:16 +0000 (16:21 +0200)]
dashboard: rename template files

add .j2 to all templates file related to dashboard roles.

Signed-off-by: Guillaume Abrioux <gabrioux@redhat.com>
(cherry picked from commit 3578d576a4c16b9be68c403addf07d3c30c67117)

6 years agodashboard: Support podman
Boris Ranto [Mon, 8 Apr 2019 13:40:25 +0000 (15:40 +0200)]
dashboard: Support podman

This adds support for podman in dashboard-related roles. It also drops
the creation of custom network for the dashboard-related roles as this
functionality works in a different way with podman.

Signed-off-by: Boris Ranto <branto@redhat.com>
(cherry picked from commit b4d1c3693bba386f73c9bc1bedf772d07827ecb1)

6 years agodashboard: Set ssl_server_port if it is supported
Boris Ranto [Thu, 4 Apr 2019 17:51:16 +0000 (19:51 +0200)]
dashboard: Set ssl_server_port if it is supported

We cannot use the old fashioned config-key way, here. It was not
supported when the option was introduced (post 14.2.0). Since the option
is not always supported we can simply ignore the potential failure on
ceph clusters that do not support it.

Signed-off-by: Boris Ranto <branto@redhat.com>
(cherry picked from commit e737a1f83edbdda09663f18c55841befb21ffdfd)

6 years agodashboard: Add and copy alerting rules
Boris Ranto [Fri, 15 Feb 2019 19:27:15 +0000 (20:27 +0100)]
dashboard: Add and copy alerting rules

This commit adds a list of alerting rules for ceph-dashboard from the
old cephmetrics project. It also installs the configuration file so that
the rules get recognized by the prometheus server.

Signed-off-by: Boris Ranto <branto@redhat.com>
(cherry picked from commit 8f77caa932f80e03e9f978855d22e8b40d240933)

6 years agopurge-docker-cluster.yml: Default lvm_volumes
Zack Cerza [Fri, 4 Jan 2019 20:26:59 +0000 (13:26 -0700)]
purge-docker-cluster.yml: Default lvm_volumes

We were failing when that variable is unset; purge-cluster.yml contains
this workaround.

Signed-off-by: Zack Cerza <zack@redhat.com>
(cherry picked from commit 9b4339a2baf3f42fbeb0fce76af31a6b6d87c3b6)

6 years agoMerge cephmetrics/dashboard-ansible repo
Boris Ranto [Wed, 5 Dec 2018 18:59:47 +0000 (19:59 +0100)]
Merge cephmetrics/dashboard-ansible repo

This commit will merge dashboard-ansible installation scripts with
ceph-ansible. This includes several new roles to setup ceph-dashboard
and the underlying technologies like prometheus and grafana server.

Signed-off-by: Boris Ranto & Zack Cerza <team-gmeno@redhat.com>
Co-authored-by: Zack Cerza <zcerza@redhat.com>
Co-authored-by: Guillaume Abrioux <gabrioux@redhat.com>
(cherry picked from commit 2f141a6e808766bb6cd406ccc67ba0353b46e780)

6 years agoshrink_osd: mark all osd(s) out in one command v4.0.0rc7
wumingqiao [Wed, 15 May 2019 07:27:21 +0000 (15:27 +0800)]
shrink_osd: mark all osd(s) out in one command

Signed-off-by: wumingqiao <wumingqiao@beyondcent.com>
(cherry picked from commit 5320aa11c4fdd568fe4d123907633696412a080a)

6 years agotests: fix a typo in dev_setup.yml
Guillaume Abrioux [Tue, 14 May 2019 12:27:19 +0000 (14:27 +0200)]
tests: fix a typo in dev_setup.yml

c907ec41ae0698b7627ebcbe97f1c293611d41d7 introduced a typo.
This commit fixes it.

```
[WARNING]: While constructing a mapping from /home/guits/ceph-ansible/tests/functional/dev_setup.yml, line 21, column 9, found a duplicate dict key (replace).
```

Signed-off-by: Guillaume Abrioux <gabrioux@redhat.com>
(cherry picked from commit 2798774e965a045787ce9d05fd82e63d8329bffb)

6 years agopurge-docker-cluster: remove docker data
Dimitri Savineau [Mon, 13 May 2019 21:03:55 +0000 (17:03 -0400)]
purge-docker-cluster: remove docker data

We never clean the content of /var/lib/docker so we can still have
some data present in this directory after run the purge playbook.
Pip isn't used anymore.
Also update the docker package name (especially the python binding
one).

Signed-off-by: Dimitri Savineau <dsavinea@redhat.com>
(cherry picked from commit 168d7cd016a9aa3f771df0e805b5a35f137a9e41)

6 years agocontainer-common: allow podman for other distros
Dimitri Savineau [Fri, 10 May 2019 19:35:17 +0000 (15:35 -0400)]
container-common: allow podman for other distros

Currently podman installation is very tied to RHEL 8 even if we're
able to install it on Debian/Ubuntu distribution.
This patch changes the way we are starting or not the (fat) container
daemon. Before the condition was based on the distribution release
and now on the container_service_name variable.

Signed-off-by: Dimitri Savineau <dsavinea@redhat.com>
(cherry picked from commit d2ad191eca015ba3a6a66b4bc16f5c19cf7053ed)

6 years agoceph-nfs: fixed with_items
Bruceforce [Sun, 12 May 2019 11:10:30 +0000 (13:10 +0200)]
ceph-nfs: fixed with_items

If we do this in one line we get the error described in #3968

fixes #3968

Signed-off-by: Bruceforce <markus.greis@gmx.de>
(cherry picked from commit c3b0ee30a1d4d30f4775b149f65ed735a3c79c9a)

6 years agogather-ceph-logs: fix logs list generation
Dimitri Savineau [Mon, 13 May 2019 14:12:42 +0000 (10:12 -0400)]
gather-ceph-logs: fix logs list generation

The shell module doesn't have a stdout_lines attributes. Instead of
using the shell module, we can use the find modules.

Also adding `become: false` to the local tmp directory creation
otherwise we won't have enough right to fetch the files into this
directory.

Resolves: #3966

Signed-off-by: Dimitri Savineau <dsavinea@redhat.com>
(cherry picked from commit ea1f8f551cafd3dcd23435630d231811d8cb0e15)

6 years agoUpdate RHCS version with Nautilus
Dimitri Savineau [Fri, 10 May 2019 19:28:18 +0000 (15:28 -0400)]
Update RHCS version with Nautilus

RHCS 4 will be based on Nautilus and only usable on RHEL 8.
Updated the default ceph_rhcs_version to 4 and update the rhcs
repositories to rhcs 4 with RHEL 8.

Signed-off-by: Dimitri Savineau <dsavinea@redhat.com>
(cherry picked from commit ba49225eabadb4fac6cc7cf5eb56a8ffe64ad47c)

6 years agoceph-nfs: fixed condition for "stable repos specific tasks"
Bruceforce [Sun, 12 May 2019 09:40:05 +0000 (11:40 +0200)]
ceph-nfs: fixed condition for "stable repos specific tasks"

The old condition would resolve to
"when": "nfs_ganesha_stable - ceph_repository == 'community'"

now it is
"when": [
          "nfs_ganesha_stable",
          "ceph_repository == 'community'"
        ]

Please backport to stable-4.0

Signed-off-by: Bruceforce <markus.greis@gmx.de>
(cherry picked from commit 29f2c953b44041d0fe2119d3433b0e8cdcbe6470)

6 years agoSet the rgw_create_pools pools application to rgw
Kevin Coakley [Fri, 10 May 2019 13:32:00 +0000 (06:32 -0700)]
Set the rgw_create_pools pools application to rgw

Set the application to rgw for pools created from rgw_create_pools. On Ceph Nautilus the heath is set to HEALTH_WARN with the message "application not enabled on X pool(s)" if an application isn't specified for a pool.

Signed-off-by: Kevin Coakley <kcoakley@sdsc.edu>
(cherry picked from commit 381c58ca3e860ec8f0b3641e76035c55d5e0732f)

6 years agoceph-mds: group similar tasks in create_mds_filesystem.yml
Rishabh Dave [Wed, 24 Apr 2019 09:08:15 +0000 (14:38 +0530)]
ceph-mds: group similar tasks in create_mds_filesystem.yml

Group similar tasks together using block keyword.

Signed-off-by: Rishabh Dave <ridave@redhat.com>
(cherry picked from commit 1a4dccdbb9266cc1e86b3d302aa8b00bfb3cd4e2)

6 years agoceph-rbd-mirror: refactor tasks/main.yml
Rishabh Dave [Wed, 24 Apr 2019 09:19:04 +0000 (14:49 +0530)]
ceph-rbd-mirror: refactor tasks/main.yml

Use blocks for similar tasks in main.yml. And move when keywords before
block keywords.

Signed-off-by: Rishabh Dave <ridave@redhat.com>
(cherry picked from commit 121b5e4184a24bc5e862dd515cd2678590881c1f)

6 years agoigw: Fix rolling update service ordering
Mike Christie [Thu, 9 May 2019 19:52:08 +0000 (14:52 -0500)]
igw: Fix rolling update service ordering

We must stop tcmu-runner after the other rbd-target-* services
because they may need to interact with tcmu-runner during shutdown.
There is also a bug in some kernels where IO can get stuck in the
kernel and by stopping rbd-target-* first we can make sure all IO is
flushed.

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1659611

Signed-off-by: Mike Christie <mchristi@redhat.com>
(cherry picked from commit d7ef12910e7b583fa42f84a7173a87e7c679e79e)

6 years agotox: Refact lvm_osds scenario v4.0.0rc6
Dimitri Savineau [Wed, 3 Apr 2019 20:22:47 +0000 (16:22 -0400)]
tox: Refact lvm_osds scenario

The current lvm_osds only tests filestore on one OSD node.
We also have bs_lvm_osds to test bluestore and encryption.
Let's use only one scenario to test filestore/bluestore and with or
without dmcrypt on four OSD nodes.
Also use validate_dmcrypt_bool_value instead of types.boolean on
dmcrypt validation via notario.

Signed-off-by: Dimitri Savineau <dsavinea@redhat.com>
(cherry picked from commit 52b9f3fb2886d703b25f650221ea973147c68ed6)

6 years agofacts: fix external cluster bug
Guillaume Abrioux [Tue, 7 May 2019 14:42:49 +0000 (16:42 +0200)]
facts: fix external cluster bug

running an external ceph cluster deployment with (obviously) no
monitors defined in inventory breaks with an undefined error because
`_monitor_addresses` never get defined.

Closes: https://bugzilla.redhat.com/show_bug.cgi?id=1707460
Signed-off-by: Guillaume Abrioux <gabrioux@redhat.com>
(cherry picked from commit 936c6fca7851287e03e687c2386bd1f3cb785505)

6 years agodon't access other node's docker_exec_cmd variable
Rishabh Dave [Sun, 28 Apr 2019 16:42:45 +0000 (22:12 +0530)]
don't access other node's docker_exec_cmd variable

Except for some corner case, it's not correct to access some other
node's copy of variable docker_exec_cmd. Therefore replace
"hostvars[groups[mon_group_name][0]]['docker_exec_cmd']" by
"docker_exec_cmd".

Signed-off-by: Rishabh Dave <ridave@redhat.com>
(cherry picked from commit 89748d579af9e5fb16aa4443198a4de0cf9cd39c)

6 years agoceph-mgr: create keys for MGRs
Rishabh Dave [Thu, 2 May 2019 12:48:00 +0000 (08:48 -0400)]
ceph-mgr: create keys for MGRs

Add code in ceph-mgr for creating a keyring for manager in so that
managers can be deployed on a separate node too.

Signed-off-by: Rishabh Dave <ridave@redhat.com>
(cherry picked from commit 56bfec7c58407e269f6e6fa7b4c8a5928953dc6f)

6 years agoallow adding a manager to a deployed cluster
Rishabh Dave [Sat, 9 Feb 2019 07:46:12 +0000 (13:16 +0530)]
allow adding a manager to a deployed cluster

Add a playbook that deploys manager on a new node and adds that node to
the already deployed Ceph cluster.

Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1677431
Signed-off-by: Rishabh Dave <ridave@redhat.com>
(cherry picked from commit d2cfd8b780e78c18148b47a1b512ed996b8ef8b1)

6 years agoallow adding a RGW to already deployed cluster
Rishabh Dave [Sun, 7 Apr 2019 06:36:31 +0000 (02:36 -0400)]
allow adding a RGW to already deployed cluster

Add a tox scenario that adds a new RGW node as a part of already
deployed Ceph cluster and deploys RGW there.

Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1677431
Signed-off-by: Rishabh Dave <ridave@redhat.com>
(cherry picked from commit f2012224475dc7b8352ed4b179c1d5f1aac55a50)

Conflicts:
tox.ini
replaced "dev" and "nautilus" during cherry-pick.

6 years agoremove infrastructure-playbooks/rgw-standalone.yml
Rishabh Dave [Tue, 7 May 2019 10:58:36 +0000 (16:28 +0530)]
remove infrastructure-playbooks/rgw-standalone.yml

We don't need infrastructure-playbooks/rgw-standalone.yml since
site.yml.sample and site-cotainer.yml.sample can add a new RGW node to
an already deployed Ceph cluster.

Signed-off-by: Rishabh Dave <ridave@redhat.com>
(cherry picked from commit 6e8fb2b3ea87f03ef6389a05c63f541aef51f162)

6 years agoFix check mode support
Gaudenz Steinlin [Mon, 6 May 2019 08:14:36 +0000 (10:14 +0200)]
Fix check mode support

Adds "check_mode: no" to commands which register cluster state in a
variable and don't modify anything. These commands have to run in order
to support running the playbook in check mode.

Signed-off-by: Gaudenz Steinlin <gaudenz.steinlin@cloudscale.ch>
(cherry picked from commit 3c8987c7a549b63b2e615c6daa4a3a93f5049967)

6 years agoallow adding a RBD mirror to already deployed cluster
Rishabh Dave [Sun, 7 Apr 2019 06:14:05 +0000 (02:14 -0400)]
allow adding a RBD mirror to already deployed cluster

Add a tox scenario that adds a new RBD mirror node as a part of already
deployed Ceph cluster and deploys RBD mirror there.

Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1677431
Signed-off-by: Rishabh Dave <ridave@redhat.com>
(cherry picked from commit 221b2b4988a735a3ebe08f227b5fa85352022e05)

Conflicts:
tox.ini
"dev" was to replaced by "nautilus" in "envlist"

6 years agoFix comment content
letterwuyu [Sun, 28 Apr 2019 09:56:29 +0000 (17:56 +0800)]
Fix comment content

Signed-off-by: lishuhao letterwuyu@gmail.com
(cherry picked from commit d57f6fcdc601e04239c59344c2bab7f05dc1f87f)

6 years agoimprove coding style
Rishabh Dave [Mon, 1 Apr 2019 15:46:15 +0000 (21:16 +0530)]
improve coding style

Keywords requiring only one item shouldn't express it by creating a
list with single item.

Signed-off-by: Rishabh Dave <ridave@redhat.com>
(cherry picked from commit 739a662c8084a80cf5565640556389d2b59c7daa)

Conflicts:
roles/ceph-mon/tasks/ceph_keys.yml
roles/ceph-validate/tasks/check_devices.yml

6 years agoansible: remove private and static attribute v4.0.0rc5
Dimitri Savineau [Thu, 2 May 2019 13:57:19 +0000 (09:57 -0400)]
ansible: remove private and static attribute

This will be removed in ansible 2.8 and breaks the playbook execution
with this release.

Signed-off-by: Dimitri Savineau <dsavinea@redhat.com>
(cherry picked from commit ae266c6f2b9eca06dc1083331d49ea68a4b60562)

6 years agoceph-mds: Increase cpu limit to 4
Dimitri Savineau [Tue, 23 Apr 2019 19:54:38 +0000 (15:54 -0400)]
ceph-mds: Increase cpu limit to 4

In containerized deployment the default mds cpu quota is too low
for production environment.
This is causing performance degradation compared to bare-metal.

Closes: https://bugzilla.redhat.com/show_bug.cgi?id=1695850
Signed-off-by: Dimitri Savineau <dsavinea@redhat.com>
(cherry picked from commit 1999cf3d1902456aa123ed3c96116c21e88799bb)

6 years agoceph-osd: Increase cpu limit to 4
Dimitri Savineau [Fri, 5 Apr 2019 13:45:28 +0000 (09:45 -0400)]
ceph-osd: Increase cpu limit to 4

In containerized deployment the default osd cpu quota is too low
for production environment using NVMe devices.
This is causing performance degradation compared to bare-metal.

Closes: https://bugzilla.redhat.com/show_bug.cgi?id=1695880
Signed-off-by: Dimitri Savineau <dsavinea@redhat.com>
(cherry picked from commit c17106874c29f3eafb196a30b97fd1f8fd52e768)

6 years agorolling_update: restart all ceph-iscsi services
Dimitri Savineau [Tue, 23 Apr 2019 18:58:37 +0000 (14:58 -0400)]
rolling_update: restart all ceph-iscsi services

Currently only rbd-target-gw service is restarted during an update.
We also need to restart tcmu-runner and rbd-target-api services
during the ceph iscsi upgrade.

Closes: https://bugzilla.redhat.com/show_bug.cgi?id=1659611
Signed-off-by: Dimitri Savineau <dsavinea@redhat.com>
(cherry picked from commit f1048627eaab27563511011fa3cc31b525e2f4c9)

6 years agoceph-iscsi: start tcmu-runner for non-container
Dimitri Savineau [Tue, 23 Apr 2019 14:08:30 +0000 (10:08 -0400)]
ceph-iscsi: start tcmu-runner for non-container

Only rbd-target-api and rbd-target-gw were started/enabled for non
containerized deployment.
The issue doesn't happen with containerized setup.

Signed-off-by: Dimitri Savineau <dsavinea@redhat.com>
(cherry picked from commit 4ae5ce399be740a71699ac55c719b97aa1522df6)