Add configure tasks for iscsid
Add configure tasks for the iscsid role. This essentially copies the implementation from puppet-tripleo: https://github.com/openstack/puppet-tripleo/blob/master/manifests/profile/base/iscsid.pp Change-Id: Idb57bb5179897ee7b4461f81372e6021b72be4d8
This commit is contained in:
parent
8ae66b4cd8
commit
d99ef7eaa0
|
@ -32,3 +32,5 @@ tripleo_iscsid_volumes:
|
||||||
- /var/lib/config-data/puppet-generated/iscsid/etc/iscsi:/var/lib/kolla/config_files/src-iscsid:ro
|
- /var/lib/config-data/puppet-generated/iscsid/etc/iscsi:/var/lib/kolla/config_files/src-iscsid:ro
|
||||||
- /etc/target:/etc/target:z
|
- /etc/target:/etc/target:z
|
||||||
- /var/lib/iscsi:/var/lib/iscsi:z
|
- /var/lib/iscsi:/var/lib/iscsi:z
|
||||||
|
|
||||||
|
tripleo_iscsid_chap_algs: 'SHA3-256,SHA256,SHA1,MD5'
|
||||||
|
|
|
@ -0,0 +1,62 @@
|
||||||
|
---
|
||||||
|
# Copyright 2022 Red Hat, Inc.
|
||||||
|
# All Rights Reserved.
|
||||||
|
#
|
||||||
|
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||||
|
# not use this file except in compliance with the License. You may obtain
|
||||||
|
# a copy of the License at
|
||||||
|
#
|
||||||
|
# http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
#
|
||||||
|
# Unless required by applicable law or agreed to in writing, software
|
||||||
|
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||||
|
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||||
|
# License for the specific language governing permissions and limitations
|
||||||
|
# under the License.
|
||||||
|
|
||||||
|
- name: Ensure iscsi-initiator-utils
|
||||||
|
ansible.builtin.package:
|
||||||
|
name: iscsi-initiator-utils
|
||||||
|
state: present
|
||||||
|
|
||||||
|
- name: Check if initiator_reset present
|
||||||
|
ansible.builtin.stat:
|
||||||
|
path: /tmp/iscsi.host/.initiator_reset
|
||||||
|
register: initiator_reset_state
|
||||||
|
|
||||||
|
- name: Reset iscsi initiator name
|
||||||
|
block:
|
||||||
|
- name: Sync IQN from Host
|
||||||
|
ansible.builtin.copy:
|
||||||
|
src: /tmp/iscsi.host/.initiator_reset
|
||||||
|
dest: /tmp/iscsi.host/initiator
|
||||||
|
remote_src: True
|
||||||
|
|
||||||
|
- name: Get ISCSI Initiator Name
|
||||||
|
ansible.builtin.command: /usr/sbin/iscsi-name
|
||||||
|
register: iscsi_name
|
||||||
|
|
||||||
|
- name: Reset iscsi initiator name
|
||||||
|
ansible.builtin.copy:
|
||||||
|
dest: /etc/iscsi/initiatorname.iscsi
|
||||||
|
content: "{{ iscsi_name }}"
|
||||||
|
|
||||||
|
- name: Sync IQN to host
|
||||||
|
ansible.builtin.copy:
|
||||||
|
src: /etc/iscsi/initiatorname.iscsi
|
||||||
|
dest: /etc/iscsi/.initiator_reset
|
||||||
|
remote_src: True
|
||||||
|
|
||||||
|
- name: Sync IQN to host /tmp/iscsi.host/
|
||||||
|
ansible.builtin.copy:
|
||||||
|
src: /etc/iscsi/initiatorname.iscsi
|
||||||
|
dest: /tmp/iscsi.host/
|
||||||
|
remote_src: True
|
||||||
|
when: initiator_reset_state.stat.exists
|
||||||
|
|
||||||
|
- name: Write CHAP algorithms
|
||||||
|
ansible.builtin.lineinfile:
|
||||||
|
path: /etc/iscsi/iscsid.conf
|
||||||
|
line: "node.session.auth.chap_algs = {{ tripleo_iscsid_chap_algs }}"
|
||||||
|
regexp: "^node.session.auth.chap_algs"
|
||||||
|
insertafter: "^#node.session.auth.chap.algs"
|
|
@ -20,31 +20,43 @@
|
||||||
target: "{{ item.path }}(/.*)?"
|
target: "{{ item.path }}(/.*)?"
|
||||||
setype: "{{ item.setype }}"
|
setype: "{{ item.setype }}"
|
||||||
state: present
|
state: present
|
||||||
with_items:
|
loop:
|
||||||
- { 'path': /etc/iscsi, 'setype': container_file_t }
|
- { 'path': /etc/iscsi, 'setype': container_file_t }
|
||||||
- { 'path': /etc/target, 'setype': container_file_t }
|
- { 'path': /etc/target, 'setype': container_file_t }
|
||||||
- { 'path': /var/lib/iscsi, 'setype': container_file_t }
|
- { 'path': /var/lib/iscsi, 'setype': container_file_t }
|
||||||
|
|
||||||
- name: create persistent directories
|
- name: create persistent directories
|
||||||
file:
|
ansible.builtin.file:
|
||||||
path: "{{ item.path }}"
|
path: "{{ item.path }}"
|
||||||
state: directory
|
state: directory
|
||||||
setype: "{{ item.setype }}"
|
setype: "{{ item.setype }}"
|
||||||
with_items:
|
loop:
|
||||||
- { 'path': /etc/iscsi, 'setype': container_file_t }
|
- { 'path': /etc/iscsi, 'setype': container_file_t }
|
||||||
- { 'path': /etc/target, 'setype': container_file_t }
|
- { 'path': /etc/target, 'setype': container_file_t }
|
||||||
- { 'path': /var/lib/iscsi, 'setype': container_file_t }
|
- { 'path': /var/lib/iscsi, 'setype': container_file_t }
|
||||||
|
|
||||||
- name: stat /lib/systemd/system/iscsid.socket
|
- name: stat /lib/systemd/system/iscsid.socket
|
||||||
stat: path=/lib/systemd/system/iscsid.socket
|
ansible.builtin.stat:
|
||||||
|
path: /lib/systemd/system/iscsid.socket
|
||||||
register: stat_iscsid_socket
|
register: stat_iscsid_socket
|
||||||
|
|
||||||
- name: Stop and disable iscsid.socket service
|
- name: Stop and disable iscsid.socket service
|
||||||
service: name=iscsid.socket state=stopped enabled=no
|
ansible.builtin.service:
|
||||||
|
name: iscsid.socket
|
||||||
|
state: stopped
|
||||||
|
enabled: no
|
||||||
when: stat_iscsid_socket.stat.exists
|
when: stat_iscsid_socket.stat.exists
|
||||||
|
|
||||||
- name: Check if iscsi.service is enabled
|
- name: Check if iscsi.service is enabled
|
||||||
command: systemctl is-enabled --quiet iscsi.service
|
ansible.builtin.command: systemctl is-enabled --quiet iscsi.service
|
||||||
failed_when: false
|
failed_when: false
|
||||||
register: iscsi_service_enabled_result
|
register: iscsi_service_enabled_result
|
||||||
|
|
||||||
- name: Stop iscsi.service
|
- name: Stop iscsi.service
|
||||||
service: name=iscsi.service state=stopped enabled=no
|
ansible.builtin.service:
|
||||||
|
name: iscsi.service
|
||||||
|
state: stopped
|
||||||
|
enabled: no
|
||||||
when:
|
when:
|
||||||
- iscsi_service_enabled_result is changed
|
- iscsi_service_enabled_result is changed
|
||||||
- iscsi_service_enabled_result.rc == 0
|
- iscsi_service_enabled_result.rc == 0
|
||||||
|
|
Loading…
Reference in New Issue