Ceph: Update to Nautilus on CentOS and OracleLinux

The CentOS Stein OpenStack distribution depends on the Ceph Nautilus release, while Kolla currently deploys Luminous on CentOS. This change switches CentOS and OracleLinux builds to use Ceph Nautilus. Support for auth UID has been removed in the Nautilus release [1][2], so we have removed the --set-uid argument from calls to ceph-authtool. Also ceph-osd bootstrap mode fails when no mon config is provided, so we added --no-mon-config (mon config is injected later after bootstrap). Due to ceph-nfs build issues (ceph upstream nfs-ganesha rpms relied on older version of userspace-rcu, than CentOS Storage SIG packages) we need to move to ceph upstream rpm repos. [1] d6def8ba11 [2] http://docs.ceph.com/docs/master/releases/nautilus/ Co-Authored-By: Michal Nasiadka <michal.nasiadka@nokia.com> Change-Id: I000398f587c5f4d6cc8995e34e162eebc77bc3e3 Implements: blueprint centos-ceph-nautilus
2019-05-09 11:47:33 +01:00 · 2019-05-09 11:47:33 +01:00 · e0cae62c4a
commit e0cae62c4a
parent 3e9cf08ac5
5 changed files with 51 additions and 9 deletions
--- a/docker/base/Dockerfile.j2
+++ b/docker/base/Dockerfile.j2
@ -79,11 +79,11 @@ COPY gpg-keys/PERCONA-PACKAGING-KEY /etc/pki/rpm-gpg/PERCONA-PACKAGING-KEY

 {% if base_arch == 'x86_64' %}
    {% set base_yum_repo_files = [
+        'ceph.repo',
        'crane.repo',
        'elasticsearch.repo',
        'grafana.repo',
        'influxdb.repo',
-        'nfs_ganesha.repo',
        'opendaylight.repo',
        'percona-release.repo',
        'rabbitmq_rabbitmq-server.repo',
@ -99,6 +99,10 @@ COPY gpg-keys/PERCONA-PACKAGING-KEY /etc/pki/rpm-gpg/PERCONA-PACKAGING-KEY
        '/etc/pki/rpm-gpg/PERCONA-PACKAGING-KEY',
        'https://packages.treasuredata.com/GPG-KEY-td-agent'
    ] %}
+{% elif base_arch == 'aarch64' %}
+    {% set base_yum_repo_files = [
+        'ceph.repo',
+    ] %}
 {% endif %}

 {%- for repo_file in base_yum_repo_files | customizable('yum_repo_files') %}
@ -140,12 +144,10 @@ RUN rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7

 {% set base_centos_yum_repo_keys = [
    '/etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-SIG-OpsTools',
-    '/etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-SIG-Storage',
    '/etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-SIG-Virtualization'
 ] %}

 {% set base_centos_yum_repo_packages = [
-    'centos-release-ceph-luminous',
    'centos-release-opstools',
    'centos-release-qemu-ev',
    'epel-release',
@ -189,7 +191,6 @@ RUN yum-config-manager --enable rhel-7-server-optional-rpms \
 COPY oraclelinux-extras.repo /etc/yum.repos.d/oraclelinux-extras.repo
 RUN {{ macros.install_packages( ['tar', 'yum-utils', 'https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm' ], chain=True, clean=False) }} \
    && rpm -Uvh --nodeps \
-        http://mirror.centos.org/centos-7/7/extras/x86_64/Packages/centos-release-ceph-luminous-1.1-2.el7.centos.noarch.rpm \
        http://mirror.centos.org/centos-7/7/extras/x86_64/Packages/centos-release-opstools-1-8.el7.noarch.rpm \
        http://mirror.centos.org/centos-7/7/extras/x86_64/Packages/centos-release-qemu-ev-1.0-3.el7.centos.noarch.rpm \
        http://mirror.centos.org/centos-7/7/extras/x86_64/Packages/centos-release-virt-common-1-1.el7.centos.noarch.rpm \
--- a/docker/base/ceph.repo
+++ b/docker/base/ceph.repo
@ -0,0 +1,21 @@
+[ceph]
+name=ceph
+baseurl=https://download.ceph.com/rpm-nautilus/el7/$basearch
+enabled=1
+gpgcheck=1
+gpgkey=https://download.ceph.com/keys/release.asc
+
+[ceph-noarch]
+name=Ceph noarch packages
+baseurl=https://download.ceph.com/rpm-nautilus/el7/noarch
+enabled=1
+priority=2
+gpgcheck=1
+gpgkey=https://download.ceph.com/keys/release.asc
+
+[nfs_ganesha]
+baseurl = http://download.ceph.com/nfs-ganesha/rpm-V2.7-stable/nautilus/$basearch
+gpgcheck = 1
+gpgkey = https://download.ceph.com/keys/release.asc
+name = nfs-ganesha stable repo
+skip_if_unavailable = 1
--- a/docker/ceph/ceph-base/Dockerfile.j2
+++ b/docker/ceph/ceph-base/Dockerfile.j2
@ -12,10 +12,13 @@ LABEL maintainer="{{ maintainer }}" name="{{ image_name }}" build-date="{{ build
   {% set ceph_base_packages = [
        'btrfs-progs',
        'ceph',
+        'ceph-mgr-dashboard',
        'ceph-radosgw',
        'e2fsprogs',
+        'gdisk',
        'hdparm',
        'parted',
+        'smartmontools',
        'xfsprogs'
    ] %}

--- a/docker/ceph/ceph-mon/extend_start.sh
+++ b/docker/ceph/ceph-mon/extend_start.sh
@ -22,8 +22,8 @@ if [[ "${!KOLLA_BOOTSTRAP[@]}" ]]; then

    # Generating initial keyrings and monmap
    ceph-authtool --create-keyring "${KEYRING_MON}" --gen-key -n mon. --cap mon 'allow *'
-    ceph-authtool --create-keyring "${KEYRING_ADMIN}" --gen-key -n client.admin --set-uid=0 --cap mon 'allow *' --cap osd 'allow *' --cap mds 'allow' --cap mgr 'allow *'
-    ceph-authtool --create-keyring "${KEYRING_RGW}" --gen-key -n client.radosgw.gateway --set-uid=0 --cap osd 'allow rwx' --cap mon 'allow rwx'
+    ceph-authtool --create-keyring "${KEYRING_ADMIN}" --gen-key -n client.admin --cap mon 'allow *' --cap osd 'allow *' --cap mds 'allow' --cap mgr 'allow *'
+    ceph-authtool --create-keyring "${KEYRING_RGW}" --gen-key -n client.radosgw.gateway --cap osd 'allow rwx' --cap mon 'allow rwx'
    ceph-authtool "${KEYRING_MON}" --import-keyring "${KEYRING_ADMIN}"
    ceph-authtool "${KEYRING_MON}" --import-keyring "${KEYRING_RGW}"
    monmaptool --create --add "${HOSTNAME}" "${MON_IP}" --fsid "${FSID}" "${MONMAP}"
--- a/docker/ceph/ceph-osd/extend_start.sh
+++ b/docker/ceph/ceph-osd/extend_start.sh
@ -83,8 +83,14 @@ if [[ "${!KOLLA_BOOTSTRAP[@]}" ]]; then

        # This will through an error about no key existing. That is normal. It then
        # creates the key in the next step.
-        ceph-osd -i "${OSD_ID}" --mkkey
        echo "bluestore" > "${OSD_DIR}"/type
+
+        if [[ "$(ceph --version)" =~ (luminous|mimic) ]]; then
+            ceph-osd -i "${OSD_ID}" --mkkey
+        else
+            ceph-osd -i "${OSD_ID}" --mkkey --no-mon-config
+        fi
+
        if [ -n "${OSD_BS_BLK_DEV}" ] && [ "${OSD_BS_BLK_DEV}" != "${OSD_BS_DEV}" ] && [ -n "${OSD_BS_BLK_PARTNUM}" ]; then
            sgdisk "--change-name="${OSD_BS_BLK_PARTNUM}":KOLLA_CEPH_DATA_BS_${OSD_ID}_B" "--typecode="${OSD_BS_BLK_PARTNUM}":${CEPH_OSD_TYPE_CODE}" -- "${OSD_BS_BLK_DEV}"
        else
@ -111,8 +117,14 @@ if [[ "${!KOLLA_BOOTSTRAP[@]}" ]]; then
            ln -sf /dev/disk/by-partlabel/KOLLA_CEPH_DATA_BS_"${OSD_ID}"_D "${OSD_DIR}"/block.db
        fi

-        ceph-osd -i "${OSD_ID}" --mkfs -k "${OSD_DIR}"/keyring --osd-uuid "${OSD_UUID}"
+        if [[ "$(ceph --version)" =~ (luminous|mimic) ]]; then
+            ceph-osd -i "${OSD_ID}" --mkfs -k "${OSD_DIR}"/keyring --osd-uuid "${OSD_UUID}"
+        else
+            ceph-osd -i "${OSD_ID}" --mkfs -k "${OSD_DIR}"/keyring --osd-uuid "${OSD_UUID}" --no-mon-config
+        fi
+
        ceph auth add "osd.${OSD_ID}" osd 'allow *' mon 'allow profile osd' -i "${OSD_DIR}/keyring"
+
        if [[ "${OSD_BS_DEV}" =~ "/dev/loop" ]]; then
            umount "${OSD_BS_DEV}""p${OSD_BS_PARTNUM}"
        else
@ -134,7 +146,12 @@ if [[ "${!KOLLA_BOOTSTRAP[@]}" ]]; then

        # This will through an error about no key existing. That is normal. It then
        # creates the key in the next step.
-        ceph-osd -i "${OSD_ID}" --mkfs --osd-journal="${JOURNAL_PARTITION}" --mkkey
+        if [[ "$(ceph --version)" =~ (luminous|mimic) ]]; then
+            ceph-osd -i "${OSD_ID}" --mkfs --osd-journal="${JOURNAL_PARTITION}" --mkkey
+        else
+            ceph-osd -i "${OSD_ID}" --mkfs --osd-journal="${JOURNAL_PARTITION}" --mkkey --no-mon-config
+        fi
+
        ceph auth add "osd.${OSD_ID}" osd 'allow *' mon 'allow profile osd' -i "${OSD_DIR}/keyring"
        umount "${OSD_PARTITION}"
    fi