tripleo-ansible/tripleo_ansible/roles/tripleo_cephadm/tasks/dashboard/dashboard.yaml

126 lines
5.3 KiB
YAML

---
# Copyright 2021 Red Hat, Inc.
# All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
- name: Get ceph_cli
include_tasks: ceph_cli.yaml
vars:
mount_spec: true
sensitive_data: true
- name: Configure the Ceph Dashboard port
become: true
block:
- name: "set the dashboard port ({{ tripleo_cephadm_dashboard_port }})"
command: "{{ tripleo_cephadm_ceph_cli }} config set mgr mgr/dashboard/server_port {{ tripleo_cephadm_dashboard_port }}"
changed_when: false
- name: "set the dashboard SSL port ({{ dashboard_port }})"
command: "{{ tripleo_cephadm_ceph_cli }} config set mgr mgr/dashboard/ssl_server_port {{ tripleo_cephadm_dashboard_port }}"
run_once: true
- name: disable SSL for dashboard
become: true
command: "{{ tripleo_cephadm_ceph_cli }} config set mgr mgr/dashboard/ssl false"
when: tripleo_cephadm_dashboard_protocol == "http"
- name: Configure SSL key/cert for the Ceph Dashboard if provided
become: true
block:
- name: enable SSL for dashboard
command: "{{ tripleo_cephadm_ceph_cli }} config set mgr mgr/dashboard/ssl true"
run_once: true
- name: import dashboard certificate file
command: "{{ tripleo_cephadm_ceph_cli }} config-key set mgr/dashboard/crt -i {{ tripleo_cephadm_dashboard_crt }}"
changed_when: false
- name: import dashboard certificate key
command: "{{ tripleo_cephadm_ceph_cli }} config-key set mgr/dashboard/key -i {{ tripleo_cephadm_dashboard_key }}"
changed_when: false
when: tripleo_cephadm_dashboard_protocol == "https" and
tripleo_cephadm_dashboard_crt | length > 0 and
tripleo_cephadm_dashboard_key | length > 0
- include_tasks: configure_dashboard_backends.yml
with_items: "{{ groups['ceph_mgr'] | default(groups['ceph_mon']) }}"
vars:
dashboard_backend: '{{ item }}'
# Restart the dashboard and refresh the config (backends and port)
- name: Restart the Ceph dashboard
become: true
block:
- name: disable mgr dashboard module (restart)
command: "{{ tripleo_cephadm_ceph_cli }} mgr module disable dashboard"
- name: enable mgr dashboard module (restart)
command: "{{ tripleo_cephadm_ceph_cli }} mgr module enable dashboard"
- name: create dashboard admin user
become: true
ceph_dashboard_user:
name: "{{ tripleo_cephadm_dashboard_admin_user }}"
cluster: "{{ tripleo_cephadm_cluster }}"
password: "{{ tripleo_cephadm_dashboard_admin_password }}"
roles: ["{{ 'read-only' if tripleo_cephadm_dashboard_admin_user_ro | bool else 'administrator' }}"]
environment:
CEPH_CONTAINER_IMAGE: "{{ tripleo_cephadm_container_ns + '/' + tripleo_cephadm_container_image + ':' + tripleo_cephadm_container_tag }}"
CEPH_CONTAINER_BINARY: "{{ tripleo_cephadm_container_cli }}"
- name: Configure Monitoring Stack
become: true
block:
- name: get Grafana instance(s) addresses
set_fact:
grafana_server_addrs: "{{ (grafana_server_addr | default([])) | union([hostvars[item][tripleo_ceph_dashboard_net]]) }}"
loop: "{{ groups['ceph_mgr'] | list }}"
vars:
tripleo_ceph_dashboard_net: "{{ service_net_map['ceph_dashboard_network'] + '_ip' }}"
- name: set grafana api user
command: "{{ tripleo_cephadm_ceph_cli }} dashboard set-grafana-api-username {{ tripleo_cephadm_grafana_admin_user }}"
- name: set grafana api password
command: "{{ tripleo_cephadm_ceph_cli }} dashboard set-grafana-api-password -i -"
args:
stdin: "{{ tripleo_cephadm_grafana_admin_password }}"
stdin_add_newline: no
- name: disable ssl verification for grafana
command: "{{ tripleo_cephadm_ceph_cli }} dashboard set-grafana-api-ssl-verify False"
changed_when: false
when:
- tripleo_cephadm_dashboard_protocol == "https"
- name: set alertmanager host
command: |
{{ tripleo_cephadm_ceph_cli }} dashboard set-alertmanager-api-host http://{{ grafana_server_addrs | first }}:9093
- name: set prometheus host
command: |
{{ tripleo_cephadm_ceph_cli }} dashboard set-prometheus-api-host \
http://{{ grafana_server_addrs | first }}:{{ tripleo_cephadm_prometheus_port }}
- name: config grafana api url vip
command: |
{{ tripleo_cephadm_ceph_cli }} dashboard set-grafana-api-url \
{{ tripleo_cephadm_dashboard_protocol }}://{{ tripleo_cephadm_dashboard_frontend_vip }}:{{ tripleo_cephadm_grafana_port }}
changed_when: false
when:
- tripleo_cephadm_dashboard_frontend_vip is defined
- tripleo_cephadm_dashboard_frontend_vip |length > 0
- name: Restart the Ceph dashboard
become: true
block:
- name: disable mgr dashboard module (restart)
command: "{{ tripleo_cephadm_ceph_cli }} mgr module disable dashboard"
- name: enable mgr dashboard module (restart)
command: "{{ tripleo_cephadm_ceph_cli }} mgr module enable dashboard"