126 lines
5.3 KiB
YAML
126 lines
5.3 KiB
YAML
---
|
|
# Copyright 2021 Red Hat, Inc.
|
|
# All Rights Reserved.
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
|
# not use this file except in compliance with the License. You may obtain
|
|
# a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
|
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
|
# License for the specific language governing permissions and limitations
|
|
# under the License.
|
|
|
|
- name: Get ceph_cli
|
|
include_tasks: ceph_cli.yaml
|
|
vars:
|
|
mount_spec: true
|
|
sensitive_data: true
|
|
|
|
- name: Configure the Ceph Dashboard port
|
|
become: true
|
|
block:
|
|
- name: "set the dashboard port ({{ tripleo_cephadm_dashboard_port }})"
|
|
command: "{{ tripleo_cephadm_ceph_cli }} config set mgr mgr/dashboard/server_port {{ tripleo_cephadm_dashboard_port }}"
|
|
changed_when: false
|
|
- name: "set the dashboard SSL port ({{ dashboard_port }})"
|
|
command: "{{ tripleo_cephadm_ceph_cli }} config set mgr mgr/dashboard/ssl_server_port {{ tripleo_cephadm_dashboard_port }}"
|
|
run_once: true
|
|
|
|
- name: disable SSL for dashboard
|
|
become: true
|
|
command: "{{ tripleo_cephadm_ceph_cli }} config set mgr mgr/dashboard/ssl false"
|
|
when: tripleo_cephadm_dashboard_protocol == "http"
|
|
|
|
- name: Configure SSL key/cert for the Ceph Dashboard if provided
|
|
become: true
|
|
block:
|
|
- name: enable SSL for dashboard
|
|
command: "{{ tripleo_cephadm_ceph_cli }} config set mgr mgr/dashboard/ssl true"
|
|
run_once: true
|
|
|
|
- name: import dashboard certificate file
|
|
command: "{{ tripleo_cephadm_ceph_cli }} config-key set mgr/dashboard/crt -i {{ tripleo_cephadm_dashboard_crt }}"
|
|
changed_when: false
|
|
|
|
- name: import dashboard certificate key
|
|
command: "{{ tripleo_cephadm_ceph_cli }} config-key set mgr/dashboard/key -i {{ tripleo_cephadm_dashboard_key }}"
|
|
changed_when: false
|
|
when: tripleo_cephadm_dashboard_protocol == "https" and
|
|
tripleo_cephadm_dashboard_crt | length > 0 and
|
|
tripleo_cephadm_dashboard_key | length > 0
|
|
|
|
- include_tasks: configure_dashboard_backends.yml
|
|
with_items: "{{ groups['ceph_mgr'] | default(groups['ceph_mon']) }}"
|
|
vars:
|
|
dashboard_backend: '{{ item }}'
|
|
|
|
# Restart the dashboard and refresh the config (backends and port)
|
|
- name: Restart the Ceph dashboard
|
|
become: true
|
|
block:
|
|
- name: disable mgr dashboard module (restart)
|
|
command: "{{ tripleo_cephadm_ceph_cli }} mgr module disable dashboard"
|
|
- name: enable mgr dashboard module (restart)
|
|
command: "{{ tripleo_cephadm_ceph_cli }} mgr module enable dashboard"
|
|
|
|
- name: create dashboard admin user
|
|
become: true
|
|
ceph_dashboard_user:
|
|
name: "{{ tripleo_cephadm_dashboard_admin_user }}"
|
|
cluster: "{{ tripleo_cephadm_cluster }}"
|
|
password: "{{ tripleo_cephadm_dashboard_admin_password }}"
|
|
roles: ["{{ 'read-only' if tripleo_cephadm_dashboard_admin_user_ro | bool else 'administrator' }}"]
|
|
environment:
|
|
CEPH_CONTAINER_IMAGE: "{{ tripleo_cephadm_container_ns + '/' + tripleo_cephadm_container_image + ':' + tripleo_cephadm_container_tag }}"
|
|
CEPH_CONTAINER_BINARY: "{{ tripleo_cephadm_container_cli }}"
|
|
|
|
- name: Configure Monitoring Stack
|
|
become: true
|
|
block:
|
|
- name: get Grafana instance(s) addresses
|
|
set_fact:
|
|
grafana_server_addrs: "{{ (grafana_server_addr | default([])) | union([hostvars[item][tripleo_ceph_dashboard_net]]) }}"
|
|
loop: "{{ groups['ceph_mgr'] | list }}"
|
|
vars:
|
|
tripleo_ceph_dashboard_net: "{{ service_net_map['ceph_dashboard_network'] + '_ip' }}"
|
|
- name: set grafana api user
|
|
command: "{{ tripleo_cephadm_ceph_cli }} dashboard set-grafana-api-username {{ tripleo_cephadm_grafana_admin_user }}"
|
|
- name: set grafana api password
|
|
command: "{{ tripleo_cephadm_ceph_cli }} dashboard set-grafana-api-password -i -"
|
|
args:
|
|
stdin: "{{ tripleo_cephadm_grafana_admin_password }}"
|
|
stdin_add_newline: no
|
|
- name: disable ssl verification for grafana
|
|
command: "{{ tripleo_cephadm_ceph_cli }} dashboard set-grafana-api-ssl-verify False"
|
|
changed_when: false
|
|
when:
|
|
- tripleo_cephadm_dashboard_protocol == "https"
|
|
- name: set alertmanager host
|
|
command: |
|
|
{{ tripleo_cephadm_ceph_cli }} dashboard set-alertmanager-api-host http://{{ grafana_server_addrs | first }}:9093
|
|
- name: set prometheus host
|
|
command: |
|
|
{{ tripleo_cephadm_ceph_cli }} dashboard set-prometheus-api-host \
|
|
http://{{ grafana_server_addrs | first }}:{{ tripleo_cephadm_prometheus_port }}
|
|
- name: config grafana api url vip
|
|
command: |
|
|
{{ tripleo_cephadm_ceph_cli }} dashboard set-grafana-api-url \
|
|
{{ tripleo_cephadm_dashboard_protocol }}://{{ tripleo_cephadm_dashboard_frontend_vip }}:{{ tripleo_cephadm_grafana_port }}
|
|
changed_when: false
|
|
when:
|
|
- tripleo_cephadm_dashboard_frontend_vip is defined
|
|
- tripleo_cephadm_dashboard_frontend_vip |length > 0
|
|
|
|
- name: Restart the Ceph dashboard
|
|
become: true
|
|
block:
|
|
- name: disable mgr dashboard module (restart)
|
|
command: "{{ tripleo_cephadm_ceph_cli }} mgr module disable dashboard"
|
|
|
|
- name: enable mgr dashboard module (restart)
|
|
command: "{{ tripleo_cephadm_ceph_cli }} mgr module enable dashboard"
|