Add configure tasks for iscsid
Add configure tasks for the iscsid role. This essentially copies the implementation from puppet-tripleo: https://github.com/openstack/puppet-tripleo/blob/master/manifests/profile/base/iscsid.pp Change-Id: Idb57bb5179897ee7b4461f81372e6021b72be4d8
This commit is contained in:
parent
8ae66b4cd8
commit
7c22fe2caa
|
@ -29,6 +29,9 @@ tripleo_iscsid_volumes:
|
|||
- /run:/run
|
||||
- /sys:/sys
|
||||
- /lib/modules:/lib/modules:ro
|
||||
- /var/lib/config-data/puppet-generated/iscsid/etc/iscsi:/var/lib/kolla/config_files/src-iscsid:ro
|
||||
- /var/lib/config-data/ansible-generated/iscsid/etc/iscsi:/var/lib/kolla/config_files/src-iscsid:ro
|
||||
- /etc/target:/etc/target:z
|
||||
- /var/lib/iscsi:/var/lib/iscsi:z
|
||||
- /etc/iscsi:/tmp/iscsi.host:z
|
||||
|
||||
tripleo_iscsid_chap_algs: 'SHA3-256,SHA256,SHA1,MD5'
|
||||
|
|
|
@ -0,0 +1,68 @@
|
|||
---
|
||||
# Copyright 2022 Red Hat, Inc.
|
||||
# All Rights Reserved.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
# not use this file except in compliance with the License. You may obtain
|
||||
# a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
|
||||
- name: Ensure iscsi-initiator-utils
|
||||
ansible.builtin.package:
|
||||
name: iscsi-initiator-utils
|
||||
state: present
|
||||
|
||||
- name: Check if initiator_reset present
|
||||
ansible.builtin.stat:
|
||||
path: /tmp/iscsi.host/.initiator_reset
|
||||
register: initiator_reset_state
|
||||
|
||||
- name: Reset iscsi initiator name
|
||||
block:
|
||||
- name: Sync IQN from Host
|
||||
ansible.builtin.copy:
|
||||
src: /tmp/iscsi.host/.initiator_reset
|
||||
dest: /tmp/iscsi.host/initiator
|
||||
remote_src: True
|
||||
|
||||
- name: Get ISCSI Initiator Name
|
||||
ansible.builtin.command: /usr/sbin/iscsi-name
|
||||
register: iscsi_name
|
||||
|
||||
- name: Reset iscsi initiator name
|
||||
ansible.builtin.copy:
|
||||
dest: /etc/iscsi/initiatorname.iscsi
|
||||
content: "{{ iscsi_name }}"
|
||||
|
||||
- name: Sync IQN to host
|
||||
ansible.builtin.copy:
|
||||
src: /etc/iscsi/initiatorname.iscsi
|
||||
dest: /etc/iscsi/.initiator_reset
|
||||
remote_src: True
|
||||
|
||||
- name: Sync IQN to host /tmp/iscsi.host/
|
||||
ansible.builtin.copy:
|
||||
src: /etc/iscsi/initiatorname.iscsi
|
||||
dest: /tmp/iscsi.host/
|
||||
remote_src: True
|
||||
when: initiator_reset_state.stat.exists
|
||||
|
||||
- name: Copy iscsi dir to container director
|
||||
ansible.builtin.copy:
|
||||
src: /etc/iscsi/
|
||||
dest: /var/lib/config-data/ansible-generated/iscsid/etc/iscsi
|
||||
remote_src: True
|
||||
|
||||
- name: Write CHAP algorithms
|
||||
ansible.builtin.lineinfile:
|
||||
path: /var/lib/config-data/ansible-generated/iscsid/etc/iscsi/iscsid.conf
|
||||
line: "node.session.auth.chap_algs = {{ tripleo_iscsid_chap_algs }}"
|
||||
regexp: "^node.session.auth.chap_algs"
|
||||
insertafter: "^#node.session.auth.chap.algs"
|
|
@ -20,31 +20,44 @@
|
|||
target: "{{ item.path }}(/.*)?"
|
||||
setype: "{{ item.setype }}"
|
||||
state: present
|
||||
with_items:
|
||||
loop:
|
||||
- { 'path': /etc/iscsi, 'setype': container_file_t }
|
||||
- { 'path': /etc/target, 'setype': container_file_t }
|
||||
- { 'path': /var/lib/iscsi, 'setype': container_file_t }
|
||||
|
||||
- name: create persistent directories
|
||||
file:
|
||||
ansible.builtin.file:
|
||||
path: "{{ item.path }}"
|
||||
state: directory
|
||||
setype: "{{ item.setype }}"
|
||||
with_items:
|
||||
loop:
|
||||
- { 'path': /etc/iscsi, 'setype': container_file_t }
|
||||
- { 'path': /etc/target, 'setype': container_file_t }
|
||||
- { 'path': /var/lib/iscsi, 'setype': container_file_t }
|
||||
- { 'path': /var/lib/config-data/ansible-generated/iscsid/etc/iscsi, 'setype': container_file_t }
|
||||
|
||||
- name: stat /lib/systemd/system/iscsid.socket
|
||||
stat: path=/lib/systemd/system/iscsid.socket
|
||||
ansible.builtin.stat:
|
||||
path: /lib/systemd/system/iscsid.socket
|
||||
register: stat_iscsid_socket
|
||||
|
||||
- name: Stop and disable iscsid.socket service
|
||||
service: name=iscsid.socket state=stopped enabled=no
|
||||
ansible.builtin.service:
|
||||
name: iscsid.socket
|
||||
state: stopped
|
||||
enabled: no
|
||||
when: stat_iscsid_socket.stat.exists
|
||||
|
||||
- name: Check if iscsi.service is enabled
|
||||
command: systemctl is-enabled --quiet iscsi.service
|
||||
ansible.builtin.command: systemctl is-enabled --quiet iscsi.service
|
||||
failed_when: false
|
||||
register: iscsi_service_enabled_result
|
||||
|
||||
- name: Stop iscsi.service
|
||||
service: name=iscsi.service state=stopped enabled=no
|
||||
ansible.builtin.service:
|
||||
name: iscsi.service
|
||||
state: stopped
|
||||
enabled: no
|
||||
when:
|
||||
- iscsi_service_enabled_result is changed
|
||||
- iscsi_service_enabled_result.rc == 0
|
||||
|
|
Loading…
Reference in New Issue