Joshua Boniface
f79fb605de
Support using existing SSL certs on system
...
Add the additional pvc_api_ssl_cert_path and pvc_api_ssl_key_path
group_vars options, which can be used to set the SSL details to existing
files on the filesystem if desired. If these are empty (or nonexistent),
the original pvc_api_ssl_cert and pvc_api_ssl_key raw format options
will be used as they were.
Allows the administrator to use outside methods (such as Let's Encrypt)
to obtain the certs locally on the system, avoiding changes to the
group_vars and redeployment to manage SSL keys.
2023-09-01 15:42:24 -04:00
Joshua Boniface
2caed2ae12
Rename remaining "pvc_prov" items to pvc_api
2023-09-01 15:42:24 -04:00
Joshua Boniface
fbbf5ffe09
Use cluster_group variable for paths
...
Instead of trying to automagic this group out of the Ansible hostvars,
just make it explicitly defined in the group_vars to avoid any
confusion.
2023-09-01 15:42:23 -04:00
Joshua Boniface
a925e4bd40
Ignore errors in bringing up bootstrap interfaces
2023-09-01 15:42:23 -04:00
Joshua Boniface
12d50cfca6
Use correct syntax for init command
2023-09-01 15:42:23 -04:00
Joshua Boniface
6a3c32f306
Use local CLI command instead of API to init
2023-09-01 15:42:23 -04:00
Joshua Boniface
c71415317a
Use only short names in Ceph MON config
2023-09-01 15:42:23 -04:00
Joshua Boniface
91313e848e
Handle bridge creation more sensibly
2023-09-01 15:42:23 -04:00
Joshua Boniface
0d9e209b45
Allow deb migrations to be installed
2023-09-01 15:42:23 -04:00
Joshua Boniface
8c15edd75c
Handle creation and collection on bootstrap better
2023-09-01 15:42:23 -04:00
Joshua Boniface
b4079cae88
Use new in-built database migrations in API
2023-09-01 15:42:23 -04:00
Joshua Boniface
0e5cb688dc
Use new package and file names
...
References parallelvirtualclient/pvc#79
2023-09-01 15:42:23 -04:00
Joshua Boniface
999e50a68f
Don't mess with upstream at all during bootstrap
...
This caused some major breakage and is not required.
2023-09-01 15:42:23 -04:00
Joshua Boniface
42d76618e3
Modify add_cluster_ips to support new bridges
2023-09-01 15:42:22 -04:00
Joshua Boniface
32b719cb4a
Enable and start vhostmd service
2023-09-01 15:42:22 -04:00
Joshua Boniface
bc1d9cd33b
Set msgr2 mode on Ceph monitors
2023-09-01 15:42:22 -04:00
Joshua Boniface
ba7270ab23
Add and remove floating IP during cluster bootstrap
2023-09-01 15:42:22 -04:00
Joshua Boniface
9546f34c34
Move netmask to separate config part 3
2023-09-01 15:42:22 -04:00
Joshua Boniface
211f83995b
Ensure the Patroni ZK is clean for bootstrap
2023-09-01 15:42:22 -04:00
Joshua Boniface
c27244f72d
Move netmask to separate config part 2
2023-09-01 15:42:22 -04:00
Joshua Boniface
e76dc2b796
Use API endpoint to bootstrap PVC cluster
2023-09-01 15:42:22 -04:00
Joshua Boniface
da24aaf5ff
Install Provisioner schema to database
2023-09-01 15:42:22 -04:00
Joshua Boniface
f76802be6d
Remove invalid flag to ceph-authtool
2023-09-01 15:42:22 -04:00
Joshua Boniface
4b488a56ea
Don't become for uuidgen
2023-09-01 15:42:22 -04:00
Joshua Boniface
ff68f8a2a5
Move Ceph access to storage network
2023-09-01 15:42:22 -04:00
Joshua Boniface
9448cf3d90
Add jq dependency
2023-09-01 15:42:21 -04:00
Joshua Boniface
7689e659fe
Make vacuum script more comprehensive
2023-09-01 15:42:21 -04:00
Joshua Boniface
94ef3490ab
Add daily Zookeeper data cleanup
2023-09-01 15:42:21 -04:00
Joshua Boniface
15a2bf1418
Add custom systemd unit for Zookeeper
...
We're 100% systemd here, and the lack of control/information that the
old-school ZK initscript provides is frustrating. Replace it with our
own simple unit file.
2023-09-01 15:42:21 -04:00
Joshua Boniface
f98a2ee433
Add logrotate configuration
2023-09-01 15:42:21 -04:00
Joshua Boniface
c0acd3e994
Add daily Postgres vacuum script
2023-09-01 15:42:21 -04:00
Joshua Boniface
823310e8a3
Limit database tasks to coordinators only
...
Non-coordinators don't need these configurations as they shouldn't run
there.
2023-09-01 15:42:21 -04:00
Joshua Boniface
db3198aadc
Bring up underlying interfaces
2023-09-01 15:42:21 -04:00
Joshua Boniface
5d3de3ece2
Complete configuration of API via Ansible
2023-09-01 15:42:21 -04:00
Joshua Boniface
d5516d891c
Add client API to configuration
2023-09-01 15:42:21 -04:00
Joshua Boniface
cfbe724458
Install ethtool
2023-09-01 15:42:21 -04:00
Joshua Boniface
f82bb6a414
Add debootstrap to package list
2023-09-01 15:42:20 -04:00
Joshua Boniface
d8e9b5353f
Don't try to set pool limits on libvirt key
...
I figured a * wildcard would work, but no it doesn't. Libvirt needs
the ability to talk to any pool arbitrarily since PVC can create and
remove them at will.
2023-09-01 15:42:20 -04:00
Joshua Boniface
0352dd7f8f
Create mgr after starting monitors
2023-09-01 15:42:20 -04:00
Joshua Boniface
dbf6e52f3c
Split PVC bootstrap into separate task
2023-09-01 15:42:20 -04:00
Joshua Boniface
935b4c48ae
Correct bug with libvirt permissions
2023-09-01 15:42:20 -04:00
Joshua Boniface
958d2525da
Handle restarting ceph-mon/mgr sequentially
2023-09-01 15:42:20 -04:00
Joshua Boniface
596ce789b1
Enable pool deletion in ceph.conf
2023-09-01 15:42:20 -04:00
Joshua Boniface
e9303c1ad1
Create manager auth keyring
2023-09-01 15:42:20 -04:00
Joshua Boniface
bcce7f5445
Remove per-host pvc.yml for good
2023-09-01 15:42:20 -04:00
Joshua Boniface
aef72555c1
Consistent newhost format between roles
2023-09-01 15:42:20 -04:00
Joshua Boniface
9b457890d5
Use separate bootstrap files for base and pvc roles
2023-09-01 15:42:20 -04:00
Joshua Boniface
6dc57f374b
Revert "Keep zookeeper enabled"
...
This reverts commit 5554418210
.
This is not needed
2023-09-01 15:42:20 -04:00
Joshua Boniface
ebcd281490
Keep zookeeper enabled
...
Without this, the service seems to just loop failing to start
indefinitely even though PVC attempts to start the daemon itself.
Reenabling seems to work. Likely a bug due to Zookeeper not being
a proper systemd unit.
2023-09-01 15:42:20 -04:00
Joshua Boniface
a01720a09d
Ensure Ceph daemons are disabled (managed by PVC)
2023-09-01 15:42:20 -04:00