diff options
Diffstat (limited to 'deploy/adapters/ansible/roles/ceph-openstack')
7 files changed, 164 insertions, 0 deletions
diff --git a/deploy/adapters/ansible/roles/ceph-openstack/tasks/ceph_openstack_conf.yml b/deploy/adapters/ansible/roles/ceph-openstack/tasks/ceph_openstack_conf.yml new file mode 100755 index 00000000..ebe54fe9 --- /dev/null +++ b/deploy/adapters/ansible/roles/ceph-openstack/tasks/ceph_openstack_conf.yml @@ -0,0 +1,32 @@ +--- +- name: chown of glance/api.log + shell: chown -R glance:glance /var/log/glance + when: inventory_hostname in groups['controller'] + tags: + - ceph_conf_glance + ignore_errors: True + +- name: modify glance-api.conf for ceph + shell: sed -i 's/^\(default_store\).*/\1 = rbd/g' /etc/glance/glance-api.conf && sed -i '/^\[glance_store/a rbd_store_pool = images\nrbd_store_user = glance\nrbd_store_ceph_conf = /etc/ceph/ceph.conf\nrbd_store_chunk_size = 8\nshow_image_direct_url=True' /etc/glance/glance-api.conf + when: inventory_hostname in groups['controller'] + tags: + - ceph_conf_glance + +- name: restart glance + shell: rm -f /var/log/glance/api.log && chown -R glance:glance /var/log/glance && service {{ glance_service }} restart + when: inventory_hostname in groups['controller'] + tags: + - ceph_conf_glance + ignore_errors: True + +- name: modify cinder.conf for ceph + shell: sed -i 's/^\(volume_driver\).*/\1 = cinder.volume.drivers.rbd.RBDDriver/g' /etc/cinder/cinder.conf && sed -i 's/^\(rbd_secret_uuid\).*/\1 = {{ ceph_uuid.stdout_lines[0] }}/g' /etc/cinder/cinder.conf && sed -i '/^\[DEFAULT/a rbd_pool = volumes\nrbd_ceph_conf = /etc/ceph/ceph.conf\nrbd_flatten_volume_from_snapshot = false\nrbd_max_clone_depth = 5\nrbd_store_chunk_size = 4\nrados_connect_timeout = -1\nglance_api_version = 2\nrbd_user = cinder\nrbd_secret_uuid = {{ ceph_uuid.stdout_lines[0] }}' /etc/cinder/cinder.conf && service {{ cinder_service }} restart + when: inventory_hostname in groups['compute'] + tags: + - ceph_conf_cinder + +- name: modify nova.conf for ceph + shell: sed -i 's/^\(images_type\).*/\1 = rbd/g' /etc/nova/nova-compute.conf && sed -i 's/^\(rbd_secret_uuid\).*/\1 = {{ ceph_uuid.stdout_lines[0] }}/g' /etc/nova/nova-compute.conf && sed -i '/^\[libvirt/a images_rbd_pool = vms\nimages_rbd_ceph_conf = /etc/ceph/ceph.conf\nrbd_user = cinder\nrbd_secret_uuid = {{ ceph_uuid.stdout_lines[0] }}\ndisk_cachemodes=\"network=writeback\"\nlive_migration_flag=\"VIR_MIGRATE_UNDEFINE_SOURCE,VIR_MIGRATE_PEER2PEER,VIR_MIGRATE_LIVE,VIR_MIGRATE_PERSIST_DEST,VIR_MIGRATE_TUNNELLED\"' /etc/nova/nova-compute.conf && service {{ nova_service }} restart + when: inventory_hostname in groups['compute'] + tags: + - ceph_conf_nova diff --git a/deploy/adapters/ansible/roles/ceph-openstack/tasks/ceph_openstack_pre.yml b/deploy/adapters/ansible/roles/ceph-openstack/tasks/ceph_openstack_pre.yml new file mode 100755 index 00000000..8433d7cb --- /dev/null +++ b/deploy/adapters/ansible/roles/ceph-openstack/tasks/ceph_openstack_pre.yml @@ -0,0 +1,69 @@ +--- +- name: gen ceph uuid + shell: uuidgen + register: ceph_uuid + run_once: True + tags: + - ceph_copy_secret + +- name: gen template secret.xml + local_action: + module: "template" + src: "secret.j2" + dest: "/tmp/secret.xml" + mode: "0777" + run_once: True + tags: + - ceph_copy_secret + +- name: create pool + shell: ceph osd pool create {{ item }} 50 + with_items: + - volumes + - images + - backups + - vms + run_once: True + +- name: create ceph users for openstack + shell: ceph auth get-or-create client.cinder mon 'allow r' osd 'allow class-read object_prefix rbd_children, allow rwx pool=volumes, allow rwx pool=vms, allow rx pool=images' && ceph auth get-or-create client.glance mon 'allow r' osd 'allow class-read object_prefix rbd_children, allow rwx pool=images' + run_once: True + +- name: send glance key to controller nodes + shell: ceph auth get-or-create client.glance | tee /etc/ceph/ceph.client.glance.keyring && chown glance:glance /etc/ceph/ceph.client.glance.keyring + when: inventory_hostname in groups['controller'] + +- name: send cinder key to compute nodes + shell: ceph auth get-or-create client.cinder | tee /etc/ceph/ceph.client.cinder.keyring && chown cinder:cinder /etc/ceph/ceph.client.cinder.keyring + when: inventory_hostname in groups['compute'] + tags: + - ceph_send_key + +- name: copy cinder key to compute node + shell: ceph auth get-key client.cinder | tee client.cinder.key + when: inventory_hostname in groups['compute'] + tags: + - ceph_copy_secret + +- name: copy secret.xml to compute nodes + copy: src="/tmp/secret.xml" dest="~/secret.xml" + when: inventory_hostname in groups['compute'] + tags: + - ceph_copy_secret + +- name: undefine libvirt secret in case of repeatedly execute ceph_deploy + shell: "virsh secret-list | awk '$1 ~ /[0-9]+/ {print $1}' | xargs virsh secret-undefine" + when: inventory_hostname in groups['compute'] + tags: + - ceph_copy_secret + ignore_errors: True + + +- name: create key for libvirt on compute nodes + shell: "virsh secret-define --file ~/secret.xml && virsh secret-set-value --secret {{ ceph_uuid.stdout_lines[0] }} --base64 $(cat client.cinder.key)" + when: inventory_hostname in groups['compute'] + tags: + - ceph_copy_secret + ignore_errors: True + + diff --git a/deploy/adapters/ansible/roles/ceph-openstack/tasks/main.yml b/deploy/adapters/ansible/roles/ceph-openstack/tasks/main.yml new file mode 100644 index 00000000..1f295028 --- /dev/null +++ b/deploy/adapters/ansible/roles/ceph-openstack/tasks/main.yml @@ -0,0 +1,18 @@ +- include_vars: "{{ ansible_os_family }}.yml" + tags: + - ceph_deploy + - ceph_openstack_pre + - ceph_openstack_conf + - ceph_openstack + +- include: ceph_openstack_pre.yml + tags: + - ceph_deploy + - ceph_openstack_pre + - ceph_openstack + +- include: ceph_openstack_conf.yml + tags: + - ceph_deploy + - ceph_openstack_conf + - ceph_openstack diff --git a/deploy/adapters/ansible/roles/ceph-openstack/templates/secret.j2 b/deploy/adapters/ansible/roles/ceph-openstack/templates/secret.j2 new file mode 100644 index 00000000..a0ffc6e3 --- /dev/null +++ b/deploy/adapters/ansible/roles/ceph-openstack/templates/secret.j2 @@ -0,0 +1,6 @@ +<secret ephemeral='no' private='no'> + <uuid>{{ ceph_uuid.stdout_lines[0] }}</uuid> + <usage type='ceph'> + <name>client.cinder secret</name> + </usage> +</secret> diff --git a/deploy/adapters/ansible/roles/ceph-openstack/vars/Debian.yml b/deploy/adapters/ansible/roles/ceph-openstack/vars/Debian.yml new file mode 100755 index 00000000..86fecb79 --- /dev/null +++ b/deploy/adapters/ansible/roles/ceph-openstack/vars/Debian.yml @@ -0,0 +1,22 @@ +--- +packages: + - ceph-deploy + - python-flask + - libgoogle-perftools4 + - libleveldb1 + - liblttng-ust0 + - libsnappy1 + - librbd1 + - librados2 + - python-ceph + - ceph + - ceph-mds + - ceph-common + - ceph-fs-common + - gdisk + +services: [] + +cinder_service: cinder-volume +nova_service: nova-compute +glance_service: glance-api diff --git a/deploy/adapters/ansible/roles/ceph-openstack/vars/RedHat.yml b/deploy/adapters/ansible/roles/ceph-openstack/vars/RedHat.yml new file mode 100755 index 00000000..a2c18ba6 --- /dev/null +++ b/deploy/adapters/ansible/roles/ceph-openstack/vars/RedHat.yml @@ -0,0 +1,12 @@ +--- +packages: + - ceph-radosgw + - fcgi + - ceph-deploy + - ceph + +services: [] + +cinder_service: openstack-cinder-volume +nova_service: openstack-nova-compute +glance_service: openstack-glance-api diff --git a/deploy/adapters/ansible/roles/ceph-openstack/vars/main.yml b/deploy/adapters/ansible/roles/ceph-openstack/vars/main.yml new file mode 100755 index 00000000..71ace4a5 --- /dev/null +++ b/deploy/adapters/ansible/roles/ceph-openstack/vars/main.yml @@ -0,0 +1,5 @@ +--- +packages_noarch: [] + +ceph_cluster_dir: + - /root/ceph-cluster |