pvc-ansible/roles/pvc/tasks/ceph/main.yml

---
- name: install packages
  apt:
    name:
      - ceph-osd
      - ceph-mds
      - ceph-mon
      - ceph-mgr
      - radosgw
    state: latest

- name: install sysctl tweaks
  template:
    src: ceph/sysctl.conf.j2
    dest: /etc/sysctl.d/pvc-ceph.conf

- name: activate sysctl tweaks
  command: sysctl -p /etc/sysctl.d/pvc-ceph.conf

- name: install user limits overrides
  template:
    src: ceph/limits.conf.j2
    dest: /etc/security/limits.d/99-pvc-ceph.conf

- name: install ceph default config
  template:
    src: ceph/default.conf.j2
    dest: /etc/default/ceph

- name: create ceph configuration directory
  file:
    dest: /etc/ceph
    state: directory

- include: ceph/bootstrap.yml
  when: bootstrap is defined and bootstrap
  run_once: yes

- name: install configurations
  copy:
    src: ceph/{{ cluster_group }}/ceph/{{ item }}
    dest: /etc/ceph/{{ item }}
    owner: ceph
    group: ceph
    mode: 0640
  notify:
    - restart ceph-mon
    - restart ceph-mgr
  with_items:
    - ceph.conf
    - ceph.mon.keyring
    - ceph.client.admin.keyring
    - ceph.osd.bootstrap.keyring
    - monmap

- name: create monitor and manager data directories
  file:
    dest: /var/lib/ceph/{{ item }}/ceph-{{ ansible_hostname }}
    state: directory
    owner: ceph
    group: ceph
    mode: 0750
  with_items:
    - mon
    - mgr
  when: newhost is defined and newhost

- name: populate monitor with map and keys
  command: ceph-mon --cluster ceph --mkfs -i {{ ansible_hostname }} --monmap /etc/ceph/monmap --keyring /etc/ceph/ceph.mon.keyring
  become_user: ceph
  when: newhost is defined and newhost

- name: touch monitor and manager done files
  file:
    dest: /var/lib/ceph/{{ item }}/ceph-{{ ansible_hostname }}/done
    state: touch
  become_user: ceph
  with_items:
    - mon
    - mgr
  when: newhost is defined and newhost

- name: start monitor daemon
  service:
    name: "{{ item }}"
    state: started
  with_items:
    - ceph-mon@{{ ansible_hostname }}
  when: newhost is defined and newhost

- name: set msgr2 enabled
  command: ceph mon enable-msgr2
  run_once: yes
  retries: 6
  delay: 5
  register: result
  until: result.rc == 0

- name: set insecure_global_id_reclaim disabled
  command: ceph config set mon auth_allow_insecure_global_id_reclaim false 
  run_once: yes
  ignore_errors: yes

- name: create mgr auth keyring
  command: ceph auth get-or-create mgr.{{ ansible_hostname }} mon 'allow profile mgr' osd 'allow *' mds 'allow *' --out-file /var/lib/ceph/mgr/ceph-{{ ansible_hostname }}/keyring
  become_user: ceph
  args:
    creates: /var/lib/ceph/mgr/ceph-{{ ansible_hostname }}/keyring

- name: install OSD bootstrap keyring
  file:
    dest: /var/lib/ceph/bootstrap-osd/ceph.keyring
    src: /etc/ceph/ceph.osd.bootstrap.keyring
    state: link

- name: start but disable daemons
  service:
    name: "{{ item }}"
    state: started
    enabled: no
  with_items:
    - ceph-mon@{{ ansible_hostname }}
    - ceph-mgr@{{ ansible_hostname }}

# System OSD CPU shielding activation
- block:
    - name: install packages
      apt:
        name:
          - cpuset
          - numactl
        state: latest

    - name: install ceph-osd-cpuset controller config
      template:
        src: ceph/ceph-osd-cpuset-enable.j2
        dest: /etc/default/ceph-osd-cpuset

    - name: install ceph-osd-cpuset script
      template:
        src: ceph/ceph-osd-cpuset.j2
        dest: /usr/local/sbin/ceph-osd-cpuset
        mode: 0755

    - name: install ceph-osd-cpuset service unit
      template:
        src: ceph/ceph-osd-cpuset.service.j2
        dest: /etc/systemd/system/ceph-osd-cpuset.service
      register: systemd_file_cpuset

    - name: create ceph-osd override dropin directory
      file:
        dest: /etc/systemd/system/ceph-osd@.service.d
        state: directory

    - name: install ceph-osd override dropin
      template:
        src: ceph/ceph-osd-cpuset.conf.j2
        dest: /etc/systemd/system/ceph-osd@.service.d/cpuset.conf
      register: systemd_file_osd

    - name: reload systemd to apply previous changes
      command: "systemctl daemon-reload"
      when: systemd_file_cpuset.changed or systemd_file_osd.changed

    - name: enable ceph-osd-cpuset service
      service:
        name: ceph-osd-cpuset
        enabled: yes

    - debug:
        msg: "NOTICE: Any cpuset configs have NOT been applied to the running system. This node must be rebooted to apply these changes."
  tags: pvc-ceph-cpuset
  when:
    - pvc_shield_osds_enable is defined

- meta: flush_handlers
Reorganize and rejigger 2023-09-01 15:42:19 -04:00			`---`
			`- name: install packages`
			`apt:`
			`name:`
			`- ceph-osd`
			`- ceph-mds`
			`- ceph-mon`
			`- ceph-mgr`
			`- radosgw`
			`state: latest`

			`- name: install sysctl tweaks`
			`template:`
			`src: ceph/sysctl.conf.j2`
			`dest: /etc/sysctl.d/pvc-ceph.conf`

			`- name: activate sysctl tweaks`
			`command: sysctl -p /etc/sysctl.d/pvc-ceph.conf`

			`- name: install user limits overrides`
			`template:`
			`src: ceph/limits.conf.j2`
			`dest: /etc/security/limits.d/99-pvc-ceph.conf`

			`- name: install ceph default config`
			`template:`
			`src: ceph/default.conf.j2`
			`dest: /etc/default/ceph`

			`- name: create ceph configuration directory`
			`file:`
			`dest: /etc/ceph`
			`state: directory`

			`- include: ceph/bootstrap.yml`
			`when: bootstrap is defined and bootstrap`
			`run_once: yes`

			`- name: install configurations`
			`copy:`
Use cluster_group variable for paths Instead of trying to automagic this group out of the Ansible hostvars, just make it explicitly defined in the group_vars to avoid any confusion. 2023-09-01 15:42:23 -04:00			`src: ceph/{{ cluster_group }}/ceph/{{ item }}`
Reorganize and rejigger 2023-09-01 15:42:19 -04:00			`dest: /etc/ceph/{{ item }}`
			`owner: ceph`
			`group: ceph`
			`mode: 0640`
Handle restarting ceph-mon/mgr sequentially 2023-09-01 15:42:20 -04:00			`notify:`
			`- restart ceph-mon`
			`- restart ceph-mgr`
Reorganize and rejigger 2023-09-01 15:42:19 -04:00			`with_items:`
			`- ceph.conf`
			`- ceph.mon.keyring`
			`- ceph.client.admin.keyring`
			`- ceph.osd.bootstrap.keyring`
			`- monmap`

Clean up some tasks during bootstrap; parallel PVC 2023-09-01 15:42:20 -04:00			`- name: create monitor and manager data directories`
Reorganize and rejigger 2023-09-01 15:42:19 -04:00			`file:`
Clean up some tasks during bootstrap; parallel PVC 2023-09-01 15:42:20 -04:00			`dest: /var/lib/ceph/{{ item }}/ceph-{{ ansible_hostname }}`
Reorganize and rejigger 2023-09-01 15:42:19 -04:00			`state: directory`
			`owner: ceph`
			`group: ceph`
			`mode: 0750`
Clean up some tasks during bootstrap; parallel PVC 2023-09-01 15:42:20 -04:00			`with_items:`
			`- mon`
			`- mgr`
Reorganize and rejigger 2023-09-01 15:42:19 -04:00			`when: newhost is defined and newhost`

			`- name: populate monitor with map and keys`
Reorganize some elements 2023-09-01 15:42:19 -04:00			`command: ceph-mon --cluster ceph --mkfs -i {{ ansible_hostname }} --monmap /etc/ceph/monmap --keyring /etc/ceph/ceph.mon.keyring`
Reorganize and rejigger 2023-09-01 15:42:19 -04:00			`become_user: ceph`
			`when: newhost is defined and newhost`

Clean up some tasks during bootstrap; parallel PVC 2023-09-01 15:42:20 -04:00			`- name: touch monitor and manager done files`
Reorganize and rejigger 2023-09-01 15:42:19 -04:00			`file:`
Clean up some tasks during bootstrap; parallel PVC 2023-09-01 15:42:20 -04:00			`dest: /var/lib/ceph/{{ item }}/ceph-{{ ansible_hostname }}/done`
Reorganize and rejigger 2023-09-01 15:42:19 -04:00			`state: touch`
			`become_user: ceph`
Clean up some tasks during bootstrap; parallel PVC 2023-09-01 15:42:20 -04:00			`with_items:`
			`- mon`
			`- mgr`
Reorganize and rejigger 2023-09-01 15:42:19 -04:00			`when: newhost is defined and newhost`

Create mgr after starting monitors 2023-09-01 15:42:20 -04:00			`- name: start monitor daemon`
			`service:`
			`name: "{{ item }}"`
			`state: started`
			`with_items:`
			`- ceph-mon@{{ ansible_hostname }}`
			`when: newhost is defined and newhost`

Set msgr2 mode on Ceph monitors 2023-09-01 15:42:22 -04:00			`- name: set msgr2 enabled`
			`command: ceph mon enable-msgr2`
Ensure insecure_global_id_reclaim is false 2023-09-01 15:42:28 -04:00			`run_once: yes`
Retry msgr2 enabling 6 times This will sometimes fail, so retry it several times 2023-09-01 15:42:25 -04:00			`retries: 6`
			`delay: 5`
			`register: result`
			`until: result.rc == 0`
Set msgr2 mode on Ceph monitors 2023-09-01 15:42:22 -04:00
Ensure insecure_global_id_reclaim is false 2023-09-01 15:42:28 -04:00			`- name: set insecure_global_id_reclaim disabled`
			`command: ceph config set mon auth_allow_insecure_global_id_reclaim false`
			`run_once: yes`
			`ignore_errors: yes`

Create mgr after starting monitors 2023-09-01 15:42:20 -04:00			`- name: create mgr auth keyring`
			`command: ceph auth get-or-create mgr.{{ ansible_hostname }} mon 'allow profile mgr' osd 'allow ' mds 'allow ' --out-file /var/lib/ceph/mgr/ceph-{{ ansible_hostname }}/keyring`
			`become_user: ceph`
			`args:`
			`creates: /var/lib/ceph/mgr/ceph-{{ ansible_hostname }}/keyring`

Create manager auth keyring 2023-09-01 15:42:20 -04:00			`- name: install OSD bootstrap keyring`
			`file:`
			`dest: /var/lib/ceph/bootstrap-osd/ceph.keyring`
			`src: /etc/ceph/ceph.osd.bootstrap.keyring`
			`state: link`

Ensure Ceph daemons are disabled (managed by PVC) 2023-09-01 15:42:20 -04:00			`- name: start but disable daemons`
Reorganize and rejigger 2023-09-01 15:42:19 -04:00			`service:`
			`name: "{{ item }}"`
			`state: started`
Ensure Ceph daemons are disabled (managed by PVC) 2023-09-01 15:42:20 -04:00			`enabled: no`
Reorganize and rejigger 2023-09-01 15:42:19 -04:00			`with_items:`
			`- ceph-mon@{{ ansible_hostname }}`
			`- ceph-mgr@{{ ansible_hostname }}`

Add Ceph OSD cpuset tuning options Allows an administrator to set CPU pinning with the cpuset tool for Ceph OSDs, in situations where CPU contention with VMs or other system tasks may be negatively affecting OSD performance. This is optional, advanced tuning and is disabled by default. 2023-09-01 15:42:27 -04:00			`# System OSD CPU shielding activation`
			`- block:`
			`- name: install packages`
			`apt:`
			`name:`
			`- cpuset`
			`- numactl`
			`state: latest`

Adjust documentation and behaviour of cpuset 1. Detail the caveats and specific situations and ref the documentation which will provide more details. 2. Always install the configs, but use /etc/default/ceph-osd-cpuset to control if the script does anything or not (so, the "osd" cset set is always active just not set in a special way. 2023-09-01 15:42:27 -04:00			`- name: install ceph-osd-cpuset controller config`
			`template:`
			`src: ceph/ceph-osd-cpuset-enable.j2`
			`dest: /etc/default/ceph-osd-cpuset`

Add Ceph OSD cpuset tuning options Allows an administrator to set CPU pinning with the cpuset tool for Ceph OSDs, in situations where CPU contention with VMs or other system tasks may be negatively affecting OSD performance. This is optional, advanced tuning and is disabled by default. 2023-09-01 15:42:27 -04:00			`- name: install ceph-osd-cpuset script`
			`template:`
			`src: ceph/ceph-osd-cpuset.j2`
			`dest: /usr/local/sbin/ceph-osd-cpuset`
			`mode: 0755`

			`- name: install ceph-osd-cpuset service unit`
			`template:`
			`src: ceph/ceph-osd-cpuset.service.j2`
			`dest: /etc/systemd/system/ceph-osd-cpuset.service`
			`register: systemd_file_cpuset`

			`- name: create ceph-osd override dropin directory`
			`file:`
			`dest: /etc/systemd/system/ceph-osd@.service.d`
			`state: directory`

			`- name: install ceph-osd override dropin`
			`template:`
			`src: ceph/ceph-osd-cpuset.conf.j2`
			`dest: /etc/systemd/system/ceph-osd@.service.d/cpuset.conf`
			`register: systemd_file_osd`

			`- name: reload systemd to apply previous changes`
			`command: "systemctl daemon-reload"`
			`when: systemd_file_cpuset.changed or systemd_file_osd.changed`

			`- name: enable ceph-osd-cpuset service`
			`service:`
			`name: ceph-osd-cpuset`
			`enabled: yes`

			`- debug:`
Adjust documentation and behaviour of cpuset 1. Detail the caveats and specific situations and ref the documentation which will provide more details. 2. Always install the configs, but use /etc/default/ceph-osd-cpuset to control if the script does anything or not (so, the "osd" cset set is always active just not set in a special way. 2023-09-01 15:42:27 -04:00			`msg: "NOTICE: Any cpuset configs have NOT been applied to the running system. This node must be rebooted to apply these changes."`
Add Ceph OSD cpuset tuning options Allows an administrator to set CPU pinning with the cpuset tool for Ceph OSDs, in situations where CPU contention with VMs or other system tasks may be negatively affecting OSD performance. This is optional, advanced tuning and is disabled by default. 2023-09-01 15:42:27 -04:00			`tags: pvc-ceph-cpuset`
			`when:`
			`- pvc_shield_osds_enable is defined`

Reorganize and rejigger 2023-09-01 15:42:19 -04:00			`- meta: flush_handlers`