From 1aea3a0850ea7fcc12c15b39b4bd9039dab2c594 Mon Sep 17 00:00:00 2001 From: Kiefer Chang Date: Fri, 15 May 2020 17:17:54 +0800 Subject: [PATCH] mgr/cephadm: move iSCSI service class to its own file Signed-off-by: Kiefer Chang --- src/pybind/mgr/cephadm/module.py | 11 +-- .../mgr/cephadm/services/cephadmservice.py | 63 +---------------- src/pybind/mgr/cephadm/services/iscsi.py | 70 +++++++++++++++++++ 3 files changed, 77 insertions(+), 67 deletions(-) create mode 100644 src/pybind/mgr/cephadm/services/iscsi.py diff --git a/src/pybind/mgr/cephadm/module.py b/src/pybind/mgr/cephadm/module.py index ac63bb8ed4f..966d75236a9 100644 --- a/src/pybind/mgr/cephadm/module.py +++ b/src/pybind/mgr/cephadm/module.py @@ -31,7 +31,8 @@ from orchestrator import OrchestratorError, OrchestratorValidationError, HostSpe from . import remotes from . import utils from .services.cephadmservice import MonService, MgrService, MdsService, RgwService, \ - RbdMirrorService, CrashService, IscsiService + RbdMirrorService, CrashService +from .services.iscsi import IscsiService from .services.nfs import NFSService from .services.osd import RemoveUtil, OSDRemoval, OSDService from .services.monitoring import GrafanaService, AlertmanagerService, PrometheusService, \ @@ -313,7 +314,7 @@ class CephadmOrchestrator(orchestrator.Orchestrator, MgrModule): self.prometheus_service = PrometheusService(self) self.node_exporter_service = NodeExporterService(self) self.crash_service = CrashService(self) - self.iscsi_servcie = IscsiService(self) + self.iscsi_service = IscsiService(self) def shutdown(self): self.log.debug('shutdown') @@ -1584,13 +1585,13 @@ you may want to run: 'prometheus': self.prometheus_service.create, 'node-exporter': self.node_exporter_service.create, 'crash': self.crash_service.create, - 'iscsi': self.iscsi_servcie.create, + 'iscsi': self.iscsi_service.create, } config_fns = { 'mds': self.mds_service.config, 'rgw': self.rgw_service.config, 'nfs': self.nfs_service.config, - 'iscsi': self.iscsi_servcie.config, + 'iscsi': self.iscsi_service.config, } create_func = create_fns.get(daemon_type, None) if not create_func: @@ -1895,7 +1896,7 @@ you may want to run: @trivial_completion def add_iscsi(self, spec): # type: (ServiceSpec) -> List[str] - return self._add_daemon('iscsi', spec, self.iscsi_servcie.create, self.iscsi_servcie.config) + return self._add_daemon('iscsi', spec, self.iscsi_service.create, self.iscsi_service.config) @trivial_completion def apply_iscsi(self, spec): diff --git a/src/pybind/mgr/cephadm/services/cephadmservice.py b/src/pybind/mgr/cephadm/services/cephadmservice.py index cd236827691..a810026810a 100644 --- a/src/pybind/mgr/cephadm/services/cephadmservice.py +++ b/src/pybind/mgr/cephadm/services/cephadmservice.py @@ -1,7 +1,7 @@ import logging from typing import TYPE_CHECKING -from ceph.deployment.service_spec import ServiceSpec, RGWSpec, IscsiServiceSpec +from ceph.deployment.service_spec import ServiceSpec, RGWSpec from orchestrator import OrchestratorError from cephadm import utils @@ -180,64 +180,3 @@ class CrashService(CephadmService): 'mgr', 'profile crash'], }) return self.mgr._create_daemon('crash', daemon_id, host, keyring=keyring) - - -class IscsiService(CephadmService): - def config(self, spec: IscsiServiceSpec): - self.mgr._check_pool_exists(spec.pool, spec.service_name()) - - logger.info('Saving service %s spec with placement %s' % ( - spec.service_name(), spec.placement.pretty_str())) - self.mgr.spec_store.save(spec) - - def create(self, igw_id, host, spec) -> str: - ret, keyring, err = self.mgr.check_mon_command({ - 'prefix': 'auth get-or-create', - 'entity': utils.name_to_auth_entity('iscsi') + '.' + igw_id, - 'caps': ['mon', 'profile rbd, ' - 'allow command "osd blacklist", ' - 'allow command "config-key get" with "key" prefix "iscsi/"', - 'osd', f'allow rwx pool={spec.pool}'], - }) - - if spec.ssl_cert: - if isinstance(spec.ssl_cert, list): - cert_data = '\n'.join(spec.ssl_cert) - else: - cert_data = spec.ssl_cert - ret, out, err = self.mgr.mon_command({ - 'prefix': 'config-key set', - 'key': f'iscsi/{utils.name_to_config_section("iscsi")}.{igw_id}/iscsi-gateway.crt', - 'val': cert_data, - }) - - if spec.ssl_key: - if isinstance(spec.ssl_key, list): - key_data = '\n'.join(spec.ssl_key) - else: - key_data = spec.ssl_key - ret, out, err = self.mgr.mon_command({ - 'prefix': 'config-key set', - 'key': f'iscsi/{utils.name_to_config_section("iscsi")}.{igw_id}/iscsi-gateway.key', - 'val': key_data, - }) - - api_secure = 'false' if spec.api_secure is None else spec.api_secure - igw_conf = f""" - # generated by cephadm - [config] - cluster_client_name = {utils.name_to_config_section('iscsi')}.{igw_id} - pool = {spec.pool} - trusted_ip_list = {spec.trusted_ip_list or ''} - minimum_gateways = 1 - api_port = {spec.api_port or ''} - api_user = {spec.api_user or ''} - api_password = {spec.api_password or ''} - api_secure = {api_secure} - log_to_stderr = True - log_to_stderr_prefix = debug - log_to_file = False - """ - extra_config = {'iscsi-gateway.cfg': igw_conf} - return self.mgr._create_daemon('iscsi', igw_id, host, keyring=keyring, - extra_config=extra_config) diff --git a/src/pybind/mgr/cephadm/services/iscsi.py b/src/pybind/mgr/cephadm/services/iscsi.py new file mode 100644 index 00000000000..1739aacfa54 --- /dev/null +++ b/src/pybind/mgr/cephadm/services/iscsi.py @@ -0,0 +1,70 @@ +import json +import logging + +from ceph.deployment.service_spec import IscsiServiceSpec + +from .cephadmservice import CephadmService +from .. import utils + +logger = logging.getLogger(__name__) + + +class IscsiService(CephadmService): + def config(self, spec: IscsiServiceSpec): + self.mgr._check_pool_exists(spec.pool, spec.service_name()) + + logger.info('Saving service %s spec with placement %s' % ( + spec.service_name(), spec.placement.pretty_str())) + self.mgr.spec_store.save(spec) + + def create(self, igw_id, host, spec) -> str: + ret, keyring, err = self.mgr.check_mon_command({ + 'prefix': 'auth get-or-create', + 'entity': utils.name_to_auth_entity('iscsi') + '.' + igw_id, + 'caps': ['mon', 'profile rbd, ' + 'allow command "osd blacklist", ' + 'allow command "config-key get" with "key" prefix "iscsi/"', + 'osd', f'allow rwx pool={spec.pool}'], + }) + + if spec.ssl_cert: + if isinstance(spec.ssl_cert, list): + cert_data = '\n'.join(spec.ssl_cert) + else: + cert_data = spec.ssl_cert + ret, out, err = self.mgr.mon_command({ + 'prefix': 'config-key set', + 'key': f'iscsi/{utils.name_to_config_section("iscsi")}.{igw_id}/iscsi-gateway.crt', + 'val': cert_data, + }) + + if spec.ssl_key: + if isinstance(spec.ssl_key, list): + key_data = '\n'.join(spec.ssl_key) + else: + key_data = spec.ssl_key + ret, out, err = self.mgr.mon_command({ + 'prefix': 'config-key set', + 'key': f'iscsi/{utils.name_to_config_section("iscsi")}.{igw_id}/iscsi-gateway.key', + 'val': key_data, + }) + + api_secure = 'false' if spec.api_secure is None else spec.api_secure + igw_conf = f""" + # generated by cephadm + [config] + cluster_client_name = {utils.name_to_config_section('iscsi')}.{igw_id} + pool = {spec.pool} + trusted_ip_list = {spec.trusted_ip_list or ''} + minimum_gateways = 1 + api_port = {spec.api_port or ''} + api_user = {spec.api_user or ''} + api_password = {spec.api_password or ''} + api_secure = {api_secure} + log_to_stderr = True + log_to_stderr_prefix = debug + log_to_file = False + """ + extra_config = {'iscsi-gateway.cfg': igw_conf} + return self.mgr._create_daemon('iscsi', igw_id, host, keyring=keyring, + extra_config=extra_config) -- 2.39.5