Andrew Schoen [Thu, 26 Jan 2017 18:07:42 +0000 (12:07 -0600)]
purge-cluster: fix failure when raw_multi_journal is not defined
Because the purge-cluster.yml playbook does not have access to the roles
default vars then we can be sure that raw_multi_journal is defined. For
example, if this was purging a dmcrypt journal then raw_multi_journal
might not be defined at all in group_vars/all.yml or
group_vars/osds.yml.
Sébastien Han [Tue, 3 Jan 2017 12:48:59 +0000 (13:48 +0100)]
mon: make sure osd_pool_default_size is honoured
This patch makes sure we set the proper pool size on the rbd pool.
Usually during bootstrap the rbd pool size is not honoured so we need to
add this workaround.
Sébastien Han [Thu, 19 Jan 2017 14:28:44 +0000 (15:28 +0100)]
purge: remove dm-crypt devices
When running encrypted OSDs, an encrypted device mapper is used (because
created by the crypsetup tool). So before attempting to remove all the
partitions on a device we must delete all the encrypted device mappers,
then we can delete all the partitions.
Signed-off-by: Sébastien Han <seb@redhat.com>
Please enter the commit message for your changes. Lines starting
Andrew Schoen [Tue, 24 Jan 2017 15:06:10 +0000 (09:06 -0600)]
Adds ip_version configuration option
This allows the user to set ip_version to either ipv4 or ipv6. This
resolves a bug where monitor_address is set to an ipv6 address, but the
template fails to render because it's hardcoded to look for an 'ipv4'
key in the ansible facts.
Logan V [Mon, 16 Jan 2017 14:14:02 +0000 (08:14 -0600)]
RGW: Allow configurable rgw frontends setting
Allow for more operator flexibility in the `rgw frontends` setting
while maintaining backwards compatibility with the old vars. This
allows an operator to, for example, use the civetweb settings for
implementing SSL ports.
For available civetweb configuration parameters, see:
https://github.com/civetweb/civetweb/blob/master/docs/UserManual.md
Sébastien Han [Thu, 19 Jan 2017 13:35:00 +0000 (14:35 +0100)]
mon: fix mds pool creation
It is not enough to check for the mds to exists, it actually always does
because we declare the variable. So we need to make sure that there is a
mds host.
Sébastien Han [Mon, 19 Dec 2016 09:05:44 +0000 (10:05 +0100)]
contrib: use prune to fetch
Sometimes git keeps data from remotes that are not up-to-date, i.e:
remote branches.
Using `--prune` will delete non-existing remote branches from git's caches.
Sébastien Han [Fri, 16 Dec 2016 22:27:33 +0000 (23:27 +0100)]
contrib: push all new stable branches to the galaxy
Prior to this patch we were only pushing 'master' and 'ansible-1.9'
branches. Each new release also introduces a new branch so we want to
push it as well.
Yes the 'grep' is a bit ugly, feel free to come up with something nicer :)
Sébastien Han [Mon, 5 Dec 2016 13:21:54 +0000 (14:21 +0100)]
mon: pool creation and pgs
Since we introduced config_overrides we removed a lot of options from
the default template. In some cases, like mds pool, openstack pools etc
we need to know the amount of PGs required. The idea here is to skip the
task if ceph_conf_overrides.global.osd_pool_default_pg_num is not define
in your `group_vars/all.yml`.
Closes: #1145 Signed-off-by: Sébastien Han <seb@redhat.com> Co-Authored-By: Guillaume Abrioux <gabrioux@redhat.com>
Sébastien Han [Wed, 18 Jan 2017 09:55:01 +0000 (10:55 +0100)]
purge: remove zap_block_devs variable
The name of this variable was a bit confusing since its activation will
zap all the block devices no matter which osd scenario we are using.
Removing this variable and applying a condition on the OSD scenario is
now feasible and easier since we import group_vars variable files for
OSDs.
Logan V [Mon, 16 Jan 2017 14:12:15 +0000 (08:12 -0600)]
Remove libcephfs1 from group_vars sample
The libcephfs1 package was removed from ceph-common in cb1c06901e02a9f44c24a5d20737a9f33ac8ab2b, however it was not synced
to group_vars/all.yml.sample using the `generate_group_vars_sample.sh`
script. This fixes up the comment formatting in the ceph-common
defaults and brings the group_vars sample back into sync.
Andrew Schoen [Tue, 10 Jan 2017 22:57:58 +0000 (16:57 -0600)]
purge-cluster: do not include ceph-osd and ceph-common defaults for osds
When purging OSDs we do not need to include these defaults as nothing in
the following tasks uses them. Also, it has the side effect of
overwriting any variables defined in group_vars files that are relative
to the inventory you are using with the default values. That behavior
was causing the CI tests to fail.
Andrew Schoen [Tue, 10 Jan 2017 22:56:07 +0000 (16:56 -0600)]
tests: copy purge-cluster.yml to root of ceph-ansible
There is an Ansible bug which makes the playbook fail when we are
running a playbook from the non-git root directory. The real problem is
that the ansible.cfg is not honoured and we are including variable from
roles/<role>/defaults/main.yml
The fix is too copy the purge cluster playbook on the git root directory
and execute it.
Ken Dreyer [Thu, 5 Jan 2017 21:29:53 +0000 (14:29 -0700)]
ceph-common: always include release.yml
Prior to this change, a playbook run with '--tags' or '--skip-tags'
would fail, because the ceph-common role would not include the
release.yml task, and this file defines critical things like
ceph_release.
Thanks Andrew Schoen <aschoen@redhat.com> for help with the fix.
Andrew Schoen [Thu, 22 Dec 2016 19:47:22 +0000 (13:47 -0600)]
purge-cluster: get journal partitions after zapping osd disks
In my testing zapping the osd disks deleted the journal
partitions, making the 'zap ceph journal partitions' task fail because
the partitions it found previously do not exist anymore.
This moves the task that finds the journal partitions after 'zap osd disks'
to catch any partitions ceph-disk might have missed.
Sébastien Han [Mon, 2 Jan 2017 10:16:03 +0000 (11:16 +0100)]
mon: only put mon initial key in mon kv when cephx is enabled
Task put initial mon keyring in mon kv store from
ceph-mon/tasks/ceph_keys.yml is failing when cephx is disabled. The root
cause is that variable monitor_keyring is not populated by any task from
deploy_monitors.yml.
Fixes: #1211 Signed-off-by: Sébastien Han <seb@redhat.com>
Sébastien Han [Fri, 16 Dec 2016 13:53:14 +0000 (14:53 +0100)]
docker: only use systemd to manage containers
Prior to this patch we had several ways to runs containers, we could use
ansible's docker module on some distro and on containers distros we were
using systemd. We strongly believe threating containers as services with
systemd is the right approach so this patch generalizes to all the
distros. These days most of the distros are running systemd so it's fair
assumption.
Sébastien Han [Fri, 16 Dec 2016 10:42:17 +0000 (11:42 +0100)]
mon: add the initial mon keyring to the mon store
Once we have our first monitor up and running we need to add it to the
monitor store as a safety measure. Just in case the local file gets
deleted and you need to add a new monitor. Now you can retrieve this key
like this:
ceph config-key get initial_mon_keyring > initial_mon_keyring.txt
Sébastien Han [Fri, 16 Dec 2016 10:36:42 +0000 (11:36 +0100)]
common: do not become root on local task
There is no need to become root on local_action. This will event trigger
an error on some systems as it will try to run a sudo command. If the
current user does not have passwordless sudo, Ansible will fail. Anyway
using the current user is perfectly fine and no elevation privilege is
needed.
Logan V [Thu, 14 Jul 2016 19:27:03 +0000 (14:27 -0500)]
Add support for Keystone v3 API
The Keystone v2 APIs are deprecated and scheduled to be removed in
Q release of Openstack. This adds support for configuring RGW to
use the current Keystone v3 API.
Logan V [Thu, 14 Jul 2016 19:09:31 +0000 (14:09 -0500)]
Add a switch to disable nss PKI database initialization
The PKI keys are used to decrypt the Keystone revocation list when
PKI tokens are used. When UUID or Fernet token providers are used in
Keystone, PKI certs may not exist, so we now accommodate this scenario
by allowing the operator to disable the PKI tasks.
Logan V [Mon, 11 Jul 2016 12:52:11 +0000 (07:52 -0500)]
Add support for Keystone user authentication with RGW
Jewel added support for user/pass authentication with Keystone,
allowing deployers to disable Keystone admin token as required
for production deployments.
This implements configuration for the new RGW Keystone user/pass
authentication feature added in Jewel.
See docs here: http://docs.ceph.com/docs/master/radosgw/keystone/
Sébastien Han [Tue, 6 Dec 2016 10:20:23 +0000 (11:20 +0100)]
test: add cluster name support test scenario
We need to test the cluster name support in this CI as well. This
commit might be prone to debate because it tests 2 things in a single
scenario. We first test our ability to deploy a cluster AND the cluster
name support. However it's easier to do it this way and will reduce the
amount of time for testingg. If we don't do this we will have a
duplicate those 2 existing tests into new ones 'only' to test the
cluster name support.
projects / ceph-ansible.git / log