kolla/ansible/roles/cinder/tasks/ceph.yml
Jeffrey Zhang b90ecae39c Fix the cinder backup permission issue when enable ceph
Closes-Bug: #1587244
Change-Id: I22ed3c57e4669c4372daf448da8385729c7cc8d1
2016-05-31 13:04:30 +08:00

58 lines
2.4 KiB
YAML

---
- name: Ensuring config directory exists
file:
path: "{{ node_config_directory }}/{{ item }}"
state: "directory"
with_items:
- "cinder-volume"
- "cinder-backup"
when: inventory_hostname in groups['cinder-volume']
- name: Copying over config(s)
template:
src: roles/ceph/templates/ceph.conf.j2
dest: "{{ node_config_directory }}/{{ item }}/ceph.conf"
with_items:
- "cinder-volume"
- "cinder-backup"
when: inventory_hostname in groups['cinder-volume']
- include: ../../ceph_pools.yml
vars:
pool_name: "{{ cinder_pool_name }}"
pool_type: "{{ cinder_pool_type }}"
cache_mode: "{{ cinder_cache_mode }}"
- include: ../../ceph_pools.yml
vars:
pool_name: "{{ cinder_backup_pool_name }}"
pool_type: "{{ cinder_backup_pool_type }}"
cache_mode: "{{ cinder_backup_cache_mode }}"
# TODO(SamYaple): Improve changed_when tests
- name: Pulling cephx keyring for cinder
command: docker exec ceph_mon ceph auth get-or-create client.cinder mon 'allow r' osd 'allow class-read object_prefix rbd_children, allow rwx pool={{ ceph_cinder_pool_name }}, allow rwx pool={{ ceph_cinder_pool_name }}-cache, allow rwx pool={{ ceph_nova_pool_name }}, allow rwx pool={{ ceph_nova_pool_name }}-cache, allow rx pool={{ ceph_glance_pool_name }}, allow rx pool={{ ceph_glance_pool_name }}-cache'
register: cephx_key_cinder
delegate_to: "{{ groups['ceph-mon'][0] }}"
changed_when: False
run_once: True
# TODO(SamYaple): Improve changed_when tests
- name: Pulling cephx keyring for cinder-backup
command: docker exec ceph_mon ceph auth get-or-create client.cinder-backup mon 'allow r' osd 'allow class-read object_prefix rbd_children, allow rwx pool={{ ceph_cinder_backup_pool_name }}, allow rwx pool={{ ceph_cinder_backup_pool_name }}-cache'
register: cephx_key_cinder_backup
delegate_to: "{{ groups['ceph-mon'][0] }}"
changed_when: False
run_once: True
- name: Pushing cephx keyring
copy:
content: "{{ item.content }}\n\r"
dest: "{{ node_config_directory }}/{{ item.service_name }}/ceph.client.{{ item.key_name }}.keyring"
mode: "0600"
with_items:
- { service_name: "cinder-volume", key_name: "cinder", content: "{{ cephx_key_cinder.stdout }}" }
- { service_name: "cinder-backup", key_name: "cinder", content: "{{ cephx_key_cinder.stdout }}" }
- { service_name: "cinder-backup", key_name: "cinder-backup", content: "{{ cephx_key_cinder_backup.stdout }}" }
when: inventory_hostname in groups['cinder-volume']