Merge "Add missing keyrings when ganesha is deployed standalone"

tripleo_ansible/roles/tripleo_cephadm/tasks/ceph_cli.yaml

@@ -25,7 +25,9 @@
       --interactive
       {% endif %}
       --volume {{ tripleo_cephadm_config_home }}:/etc/ceph:z
+      {% if not external_cluster|default(false) -%}
       --volume {{ tripleo_cephadm_assimilate_conf }}:{{ tripleo_cephadm_assimilate_conf_container }}:z
+      {% endif %}
       {% if mount_spec|default(false) %}
       --volume {{ tripleo_cephadm_spec }}:{{ tripleo_cephadm_container_spec }}:z
       {% endif %}
@@ -36,7 +38,7 @@
       {{ tripleo_cephadm_container_ns }}/{{ tripleo_cephadm_container_image }}:{{ tripleo_cephadm_container_tag }}
       {% if ceph_command|default('ceph') == 'ceph' or ceph_command|default('ceph') == 'rados' or ceph_command|default('ceph') == 'rbd' -%}
         {% if not admin_daemon|default(false) -%}
-        --fsid {{ tripleo_cephadm_fsid }} -c {{ tripleo_cephadm_conf }} -k {{ tripleo_cephadm_keyring_prefix }}.{{ select_keyring| default('admin') }}.keyring
+        --fsid {{ tripleo_cephadm_fsid }} -c /etc/ceph/{{ tripleo_cephadm_cluster }}.conf -k /etc/ceph/{{ tripleo_cephadm_cluster }}.client.{{ select_keyring| default('admin') }}.keyring
         {%- endif %}
         {% if external_cluster|default(false) -%}
         -n client.{{ select_keyring }}

tripleo_ansible/roles/tripleo_cephadm/tasks/ganesha/distribute_keys.yaml

@@ -17,20 +17,44 @@
 - name: create keyring directory
   become: true
   file:
-    name: /var/lib/ceph/bootstrap-rgw/
+    name: "{{ item }}"
     state: directory
     owner: "167"
     group: "167"
     mode: "0755"
   delegate_to: "{{ nfs_node }}"
+  with_items:
+    - "/var/log/ceph"
+    - "/var/run/ceph"
+    - "/var/lib/ceph/bootstrap-rgw"
+    - "/var/lib/ceph/radosgw/ceph-rgw.{{ tripleo_cephadm_ceph_nfs_ceph_user }}"
+    - "/var/lib/ceph/radosgw/{{ tripleo_cephadm_cluster }}-rgw.{{ nfs_node }}"
 
-- name: copy ceph key(s) if needed
-  become: true
-  copy:
-    dest: "{{ item.item.path }}"
-    content: "{{ item.stdout + '\n' }}"
-    owner: "167"
-    group: "167"
-    mode: "0755"
-  with_items: "{{ _rgw_keys.results }}"
-  delegate_to: "{{ nfs_node }}"
+- name: copy ceph keys
+  block:
+    - name: copy ceph key(s) if needed - internal
+      become: true
+      copy:
+        dest: "{{ item.item.path }}"
+        content: "{{ item.stdout + '\n' }}"
+        owner: "167"
+        group: "167"
+        mode: "0755"
+      with_items: "{{ _rgw_keys_int.results }}"
+      delegate_to: "{{ nfs_node }}"
+      when: not external_cluster
+
+    - name: copy ceph key(s) if needed - external
+      become: true
+      copy:
+        dest: "{{ item }}"
+        content: "{{ _rgw_keys_ext['content'] | b64decode }}"
+        owner: "167"
+        group: "167"
+        mode: "0755"
+      with_items:
+        - "/var/lib/ceph/bootstrap-rgw/ceph.keyring"
+        - "/var/lib/ceph/radosgw/{{ tripleo_cephadm_cluster }}-rgw.{{ tripleo_cephadm_ceph_nfs_ceph_user }}/keyring"
+        - "/var/lib/ceph/radosgw/{{ tripleo_cephadm_cluster }}-rgw.{{ nfs_node }}/keyring"
+      delegate_to: "{{ nfs_node }}"
+      when: external_cluster

tripleo_ansible/roles/tripleo_cephadm/tasks/nfs.yaml

@@ -34,32 +34,51 @@
   when: tripleo_cephadm_ceph_nfs_rados_backend | bool
 
 - name: create an empty rados index object
+  become: true
   command: |
     {{ tripleo_cephadm_ceph_cli }} -p {{ cephfs_data_pool.name }} --cluster {{ tripleo_cephadm_cluster }} \
     put {{ tripleo_cephadm_nfs_rados_export_index }} /dev/null
   when:
     - tripleo_cephadm_ceph_nfs_rados_backend | bool
     - rados_index_exists.rc != 0
+  delegate_to: "{{ groups['ceph_nfs'][0] }}"
 
-- name: Extract key
-  ceph_key:
-    name: "{{ item.name }}"
-    cluster: "{{ tripleo_cephadm_cluster }}"
-    output_format: plain
-    state: info
-  environment:
-    CEPH_CONTAINER_IMAGE: "{{ tripleo_cephadm_container_ns + '/' + tripleo_cephadm_container_image + ':' + tripleo_cephadm_container_tag }}"
-    CEPH_CONTAINER_BINARY: "{{ tripleo_cephadm_container_cli }}"
-  register: _rgw_keys
-  become: true
-  with_items:
-    - { name: "client.bootstrap-rgw", path: "/var/lib/ceph/bootstrap-rgw/{{ tripleo_cephadm_cluster }}.keyring", copy_key: true }
+- name: Extract keys
+  block:
+    - name: Extract key - internal
+      ceph_key:
+        name: "{{ item.name }}"
+        cluster: "{{ tripleo_cephadm_cluster }}"
+        output_format: plain
+        state: info
+      environment:
+        CEPH_CONTAINER_IMAGE: "{{ tripleo_cephadm_container_ns + '/' + tripleo_cephadm_container_image + ':' + tripleo_cephadm_container_tag }}"
+        CEPH_CONTAINER_BINARY: "{{ tripleo_cephadm_container_cli }}"
+      register: _rgw_keys_int
+      become: true
+      with_items:
+        - { name: "client.bootstrap-rgw", path: "/var/lib/ceph/bootstrap-rgw/{{ tripleo_cephadm_cluster }}.keyring", copy_key: true }
+      run_once: true
+      delegate_to: "{{ groups['ceph_nfs'][0] }}"
+      when: not external_cluster
+
+    - name: slurp manila key from remote host - external
+      become: true
+      slurp:
+        src: "{{ tripleo_cephadm_config_home }}/{{ tripleo_cephadm_cluster }}.client.{{ tripleo_cephadm_ceph_nfs_ceph_user }}.keyring"
+      register: _rgw_keys_ext
+      delegate_to: "{{ groups['ceph_nfs'][0] }}"
+      when: external_cluster
+  vars:
+    external_cluster: "{{ true if groups['ceph_mon'] | default([]) | length == 0 else false }}"
 
 - name: Distribute Ceph keys to the nfs nodes
   include_tasks: ganesha/distribute_keys.yaml
   vars:
     nfs_node: "{{ node }}"
-    rgw_keys: "{{ _rgw_keys }}"
+    rgw_keys_int: "{{ _rgw_keys_int }}"
+    rgw_keys_ext: "{{ _rgw_keys_ext }}"
+    external_cluster: "{{ true if groups['ceph_mon'] | default([]) | length == 0 else false }}"
   loop: "{{ groups['ceph_nfs'] }}"
   loop_control:
     loop_var: node
@@ -72,6 +91,7 @@
   register: _dbus_ganesha
   run_once: true
   changed_when: false
+  delegate_to: "{{ groups['ceph_nfs'][0] }}"
 
 - name: Render Ganesha templates and files
   include_tasks: ganesha/start_nfs.yaml