pvc-ansible/roles/pvc/tasks/ceph/bootstrap.yml

---
- name: generate cluster FSID
  command: uuidgen
  register: fsid_raw
  delegate_to: localhost
  become: no

- set_fact:
    fsid: "{{ fsid_raw.stdout }}"

- name: create bootstrap ceph.conf
  file:
    dest: /etc/ceph/ceph.conf
    state: touch

- name: initialize bootstrap ceph.conf
  lineinfile:
    dest: /etc/ceph/ceph.conf
    line: "{{ item }}"
    state: present
  with_items:
    - "[global]"
    - "fsid = {{ fsid }}"
    - "mon initial members = {% for node in pvc_nodes if node.is_coordinator %}{{ node.hostname.split('.')[0] }}{% if not loop.last %},{% endif %}{% endfor %}"
    - "mon host = {% for host in pvc_nodes if host.is_coordinator %}{{ host.storage_ip }}{% if not loop.last %},{% endif %}{% endfor %}"

- name: create temporary directory
  file:
    dest: /tmp/ceph-bootstrap
    state: directory

- name: create mon keyring
  command: ceph-authtool --create-keyring /tmp/ceph-bootstrap/ceph.mon.keyring --gen-key -n mon. --cap mon 'allow *'

- name: create client admin keyring
  command: ceph-authtool --create-keyring /tmp/ceph-bootstrap/ceph.client.admin.keyring --gen-key -n client.admin --cap mon 'allow *' --cap osd 'allow *' --cap mds 'allow *' --cap mgr 'allow *'

- name: add client admin keyring to mon keyring
  command: ceph-authtool /tmp/ceph-bootstrap/ceph.mon.keyring --import-keyring /tmp/ceph-bootstrap/ceph.client.admin.keyring

- name: create OSD bootstrap keyring
  command: ceph-authtool --create-keyring /tmp/ceph-bootstrap/ceph.osd.bootstrap.keyring --gen-key -n client.bootstrap-osd --cap mon 'profile bootstrap-osd'

- name: add OSD bootstrap keyring to mon keyring
  command: ceph-authtool /tmp/ceph-bootstrap/ceph.mon.keyring --import-keyring /tmp/ceph-bootstrap/ceph.osd.bootstrap.keyring

- name: create monmap
  command: monmaptool --create --fsid {{ fsid }} {% for node in pvc_nodes if node.is_coordinator %}--add {{ node.hostname.split('.')[0] }} {{ node.storage_ip }} {% endfor %} /tmp/ceph-bootstrap/monmap

- name: copy initial ceph.conf to the boostrap directory
  copy:
    src: /etc/ceph/ceph.conf
    dest: /tmp/ceph-bootstrap/ceph.conf
    remote_src: yes

- name: add additional configuration lines to ceph.conf
  lineinfile:
    dest: /tmp/ceph-bootstrap/ceph.conf
    line: "{{ item }}"
    state: present
  with_items:
    - "public network = {{ pvc_storage_subnet }}/{{ pvc_storage_netmask }}"
    - "cluster network = {{ pvc_storage_subnet }}/{{ pvc_storage_netmask }}"
    - "auth cluster required = cephx"
    - "auth service required = cephx"
    - "auth client required = cephx"
    - "mon allow pool delete = 1"
    - "osd journal size = 2"
    - "osd pool default size = 3"
    - "osd pool default min size = 2"
    - "osd pool default pg num = 512"
    - "osd pool default pgp num = 512"
    - "osd crush chooseleaf type = 1"

- name: collect bootstrapped Ceph files into the role
  fetch:
    src: /tmp/ceph-bootstrap/{{ item }}
    dest: roles/pvc/files/ceph/{{ hostvars[inventory_hostname].group_names[0] }}/ceph/
    flat: yes
  with_items:
    - ceph.conf
    - ceph.mon.keyring
    - ceph.client.admin.keyring
    - ceph.osd.bootstrap.keyring
    - monmap

- name: remove the temporary bootstrap directory
  file:
    dest: /tmp/ceph-bootstrap
    state: absent
    force: yes
Reorganize and rejigger 2023-09-01 15:42:19 -04:00			`---`
			`- name: generate cluster FSID`
			`command: uuidgen`
			`register: fsid_raw`
			`delegate_to: localhost`
Don't become for uuidgen 2023-09-01 15:42:22 -04:00			`become: no`
Reorganize and rejigger 2023-09-01 15:42:19 -04:00
			`- set_fact:`
			`fsid: "{{ fsid_raw.stdout }}"`

Touch the bootstrap ceph.conf 2023-09-01 15:42:20 -04:00			`- name: create bootstrap ceph.conf`
			`file:`
			`dest: /etc/ceph/ceph.conf`
			`state: touch`

Reorganize and rejigger 2023-09-01 15:42:19 -04:00			`- name: initialize bootstrap ceph.conf`
			`lineinfile:`
			`dest: /etc/ceph/ceph.conf`
Simplify and combine 2023-09-01 15:42:20 -04:00			`line: "{{ item }}"`
Reorganize and rejigger 2023-09-01 15:42:19 -04:00			`state: present`
Simplify and combine 2023-09-01 15:42:20 -04:00			`with_items:`
			`- "[global]"`
			`- "fsid = {{ fsid }}"`
Use only short names in Ceph MON config 2023-09-01 15:42:23 -04:00			`- "mon initial members = {% for node in pvc_nodes if node.is_coordinator %}{{ node.hostname.split('.')[0] }}{% if not loop.last %},{% endif %}{% endfor %}"`
Move Ceph access to storage network 2023-09-01 15:42:22 -04:00			`- "mon host = {% for host in pvc_nodes if host.is_coordinator %}{{ host.storage_ip }}{% if not loop.last %},{% endif %}{% endfor %}"`
Reorganize and rejigger 2023-09-01 15:42:19 -04:00
			`- name: create temporary directory`
			`file:`
			`dest: /tmp/ceph-bootstrap`
			`state: directory`

			`- name: create mon keyring`
			`command: ceph-authtool --create-keyring /tmp/ceph-bootstrap/ceph.mon.keyring --gen-key -n mon. --cap mon 'allow *'`

			`- name: create client admin keyring`
Remove invalid flag to ceph-authtool 2023-09-01 15:42:22 -04:00			`command: ceph-authtool --create-keyring /tmp/ceph-bootstrap/ceph.client.admin.keyring --gen-key -n client.admin --cap mon 'allow ' --cap osd 'allow ' --cap mds 'allow ' --cap mgr 'allow '`
Reorganize and rejigger 2023-09-01 15:42:19 -04:00
			`- name: add client admin keyring to mon keyring`
			`command: ceph-authtool /tmp/ceph-bootstrap/ceph.mon.keyring --import-keyring /tmp/ceph-bootstrap/ceph.client.admin.keyring`

			`- name: create OSD bootstrap keyring`
			`command: ceph-authtool --create-keyring /tmp/ceph-bootstrap/ceph.osd.bootstrap.keyring --gen-key -n client.bootstrap-osd --cap mon 'profile bootstrap-osd'`

			`- name: add OSD bootstrap keyring to mon keyring`
			`command: ceph-authtool /tmp/ceph-bootstrap/ceph.mon.keyring --import-keyring /tmp/ceph-bootstrap/ceph.osd.bootstrap.keyring`

			`- name: create monmap`
Use only short names in Ceph MON config 2023-09-01 15:42:23 -04:00			`command: monmaptool --create --fsid {{ fsid }} {% for node in pvc_nodes if node.is_coordinator %}--add {{ node.hostname.split('.')[0] }} {{ node.storage_ip }} {% endfor %} /tmp/ceph-bootstrap/monmap`
Reorganize and rejigger 2023-09-01 15:42:19 -04:00
			`- name: copy initial ceph.conf to the boostrap directory`
			`copy:`
			`src: /etc/ceph/ceph.conf`
			`dest: /tmp/ceph-bootstrap/ceph.conf`
			`remote_src: yes`

			`- name: add additional configuration lines to ceph.conf`
			`lineinfile:`
			`dest: /tmp/ceph-bootstrap/ceph.conf`
			`line: "{{ item }}"`
			`state: present`
			`with_items:`
Move netmask to separate config part 3 2023-09-01 15:42:22 -04:00			`- "public network = {{ pvc_storage_subnet }}/{{ pvc_storage_netmask }}"`
			`- "cluster network = {{ pvc_storage_subnet }}/{{ pvc_storage_netmask }}"`
Reorganize and rejigger 2023-09-01 15:42:19 -04:00			`- "auth cluster required = cephx"`
			`- "auth service required = cephx"`
			`- "auth client required = cephx"`
Enable pool deletion in ceph.conf 2023-09-01 15:42:20 -04:00			`- "mon allow pool delete = 1"`
Reorganize and rejigger 2023-09-01 15:42:19 -04:00			`- "osd journal size = 2"`
			`- "osd pool default size = 3"`
			`- "osd pool default min size = 2"`
			`- "osd pool default pg num = 512"`
			`- "osd pool default pgp num = 512"`
			`- "osd crush chooseleaf type = 1"`

			`- name: collect bootstrapped Ceph files into the role`
			`fetch:`
			`src: /tmp/ceph-bootstrap/{{ item }}`
			`dest: roles/pvc/files/ceph/{{ hostvars[inventory_hostname].group_names[0] }}/ceph/`
			`flat: yes`
			`with_items:`
			`- ceph.conf`
			`- ceph.mon.keyring`
			`- ceph.client.admin.keyring`
			`- ceph.osd.bootstrap.keyring`
			`- monmap`

			`- name: remove the temporary bootstrap directory`
			`file:`
			`dest: /tmp/ceph-bootstrap`
			`state: absent`
			`force: yes`