Added restapi and base for index sharding

metadata.rb

@@ -4,7 +4,7 @@
 license 'Apache v2.0'
 description 'Installs/Configures Ceph (Hammer and above)'
 long_description IO.read(File.join(File.dirname(__FILE__), 'README.md'))
-version '0.9.2'
+version '0.9.3'
 
 depends	'apache2', '>= 1.1.12'
 depends 'apt'

recipes/admin_client.rb

@@ -17,17 +17,22 @@
 # limitations under the License.
 #
 
+keyring = "/etc/ceph/#{node['ceph']['cluster']}.client.admin.keyring"
+
 # This will execute on other nodes besides the first mon node.
 execute 'format ceph-admin-secret as keyring' do
-  command lazy { "ceph-authtool --create-keyring /etc/ceph/#{node['ceph']['cluster']}.client.admin.keyring --name=client.admin --add-key='#{node['ceph']['admin-secret']}' --cap mon 'allow *' --cap osd 'allow *' --cap mds 'allow *'" }
+  command lazy { "ceph-authtool --create-keyring #{keyring} --name=client.admin --add-key='#{node['ceph']['admin-secret']}' --cap mon 'allow *' --cap osd 'allow *' --cap mds 'allow *'" }
+  creates keyring
   only_if { ceph_chef_admin_secret }
   sensitive true if Chef::Resource::Execute.method_defined? :sensitive
 end
 
 execute 'gen ceph-admin-secret' do
-  command lazy { "ceph-authtool --create-keyring /etc/ceph/#{node['ceph']['cluster']}.client.admin.keyring --gen-key -n client.admin --cap mon 'allow *' --cap osd 'allow *' --cap mds 'allow *'" }
+  command lazy { "ceph-authtool --create-keyring #{keyring} --gen-key -n client.admin --cap mon 'allow *' --cap osd 'allow *' --cap mds 'allow *'" }
+  creates keyring
   not_if { ceph_chef_admin_secret }
   notifies :create, 'ruby_block[save ceph_chef_admin_secret]', :immediately
+  sensitive true if Chef::Resource::Execute.method_defined? :sensitive
 end
 
 ruby_block 'save ceph_chef_admin_secret' do

recipes/conf.rb

@@ -48,7 +48,7 @@
       :mon_addresses => ceph_chef_mon_addresses,
       :is_rbd => node['ceph']['is_rbd'],
       :is_rgw => ceph_chef_is_radosgw_node,
-      :is_rest_api => ceph_is_rest_api_node
+      :is_rest_api => ceph_chef_is_restapi_node
     }
   }
   mode '0644'

recipes/default.rb

@@ -27,8 +27,10 @@
 
 # Can't put compile_time false because of templates
 # Since the cookbook will run where no net access exists then you should pre-install netaddr so check to see if it exists.
-netadd = Mixlib::ShellOut.new('gem list | grep netaddr')
-netadd.run_command
-if !netadd.stdout
-  chef_gem 'netaddr'
-end
+#netadd = Mixlib::ShellOut.new('gem list | grep netaddr')
+#netadd.run_command
+#if !netadd.stdout
+#  chef_gem 'netaddr'
+#end
+
+chef_gem 'netaddr'

recipes/mon_start.rb

@@ -38,11 +38,9 @@
       command 'systemctl start ceph.target'
     end
   else
-    # execute 'raw mon start' do
-    #   command 'service ceph start mon'
-    # end
-    service 'ceph mon start' do
-      service_name 'ceph mon start'
+    service 'ceph_mon' do
+      service_name 'ceph'
+      supports :restart => true, :status => true
       action [:enable, :start]
     end
   end

recipes/mon_stop.rb

@@ -32,11 +32,7 @@
     action [:stop]
   end
 else
-  # execute 'raw mon start' do
-  #   command 'service ceph stop mon'
-  # end
-  service 'ceph mon stop' do
-    service_name 'ceph stop mon'
-    action :stop
+  execute 'raw mon start' do
+    command 'service ceph stop mon'
   end
 end

recipes/osd_start_all.rb

@@ -35,8 +35,9 @@
   # execute 'raw osd start' do
   #   command 'service ceph start osd'
   # end
-  service 'ceph osd start' do
-    service_name 'ceph osd start'
+  service 'ceph_osd' do
+    service_name 'ceph'
+    supports :restart => true, :status => true
     action [:enable, :start]
   end
 end

recipes/osd_stop_all.rb

@@ -31,11 +31,7 @@
     action [:stop]
   end
 else
-  # execute 'raw osd stop all' do
-  #   command 'service ceph stop osd'
-  # end
-  service 'ceph stop osd' do
-    service_name 'ceph stop osd'
-    action :stop
+  execute 'raw osd stop all' do
+    command 'service ceph stop osd'
   end
 end

recipes/radosgw.rb

@@ -66,33 +66,36 @@
 
 # NOTE: This base_key can also be the bootstrap-rgw key (ceph.keyring) if desired. Just change it here.
 base_key = "/etc/ceph/#{node['ceph']['cluster']}.client.admin.keyring"
+keyring = "/etc/ceph/#{node['ceph']['cluster']}.client.radosgw.keyring"
 
 # NOTE: If the rgw keyring exists and you are using the same key on for different nodes (load balancing) then
 # this method will work well. Since the key is already part of the cluster the only thing needed is to copy it
 # to the correct area (where ever the ceph.conf settings are pointing to on the given node). You can keep things
 # simple by keeping the same ceph.conf the same (except for hostname info) for each rgw node.
+
 execute 'write ceph-radosgw-secret' do
-  command lazy { "ceph-authtool /etc/ceph/#{node['ceph']['cluster']}.client.radosgw.keyring --create-keyring --name=client.radosgw.#{node['hostname']} --add-key='#{node['ceph']['radosgw-secret']}'" }
+  command lazy { "ceph-authtool #{keyring} --create-keyring --name=client.radosgw.#{node['hostname']} --add-key='#{node['ceph']['radosgw-secret']}'" }
+  creates keyring
   only_if { ceph_chef_radosgw_secret }
   sensitive true if Chef::Resource::Execute.method_defined? :sensitive
 end
 
-bash 'gen client-radosgw-secret' do
-  code <<-EOH
-    ceph-authtool --create-keyring /etc/ceph/#{node['ceph']['cluster']}.client.radosgw.keyring
-    ceph-authtool /etc/ceph/#{node['ceph']['cluster']}.client.radosgw.keyring -n client.radosgw.#{node['hostname']} --gen-key
-    ceph-authtool -n client.radosgw.#{node['hostname']} --cap osd 'allow rwx' --cap mon 'allow rw' /etc/ceph/#{node['ceph']['cluster']}.client.radosgw.keyring
+execute 'gen client-radosgw-secret' do
+  command <<-EOH
+    ceph-authtool --create-keyring #{keyring} -n client.radosgw.#{node['hostname']} --gen-key --cap osd 'allow rwx' --cap mon 'allow rw'
     ceph -k #{base_key} auth add client.radosgw.#{node['hostname']} -i /etc/ceph/#{node['ceph']['cluster']}.client.radosgw.keyring
   EOH
+  creates keyring
   not_if { ceph_chef_radosgw_secret }
   notifies :create, 'ruby_block[save radosgw_secret]', :immediately
+  sensitive true if Chef::Resource::Execute.method_defined? :sensitive
 end
 
 # This ruby_block saves the key if it is needed at any other point plus this and all node data is saved on the
 # Chef Server for this given node
 ruby_block 'save radosgw_secret' do
   block do
-    fetch = Mixlib::ShellOut.new("ceph-authtool /etc/ceph/#{node['ceph']['cluster']}.client.radosgw.keyring --print-key")
+    fetch = Mixlib::ShellOut.new("ceph-authtool #{keyring} --print-key")
     fetch.run_command
     key = fetch.stdout
     node.set['ceph']['radosgw-secret'] = key.delete!("\n")

recipes/radosgw_users.rb

@@ -23,7 +23,7 @@
 ruby_block 'initialize-radosgw-admin-user' do
   block do
     rgw_admin = JSON.parse(%x[radosgw-admin user create --display-name="#{node['ceph']['radosgw']['user']['admin']['name']}" --uid="#{node['ceph']['radosgw']['user']['admin']['uid']}" --access_key="#{node['ceph']['radosgw']['user']['admin']['access_key']}" --secret="#{node['ceph']['radosgw']['user']['admin']['secret']}"])
-    radosgw-admin caps add --uid="#{node['ceph']['radosgw']['user']['admin']['uid']}" --caps="users=*;buckets=*;metadata=*;usage=*;zone=*"
+    rgw_admin_cap = JSON.parse(%x[radosgw-admin caps add --uid="#{node['ceph']['radosgw']['user']['admin']['uid']}" --caps="users=*;buckets=*;metadata=*;usage=*;zone=*"])
   end
   not_if "radosgw-admin user info --uid='#{node['ceph']['radosgw']['user']['admin']['uid']}'"
 end
@@ -32,7 +32,8 @@
 if node['ceph']['radosgw']['user']['test']['uid']
   ruby_block 'initialize-radosgw-test-user' do
     block do
-      rgw_admin = JSON.parse(%x[radosgw-admin user create --display-name="#{node['ceph']['radosgw']['user']['test']['name']}" --uid="#{node['ceph']['radosgw']['user']['test']['uid']}" --max-buckets=node['ceph']['radosgw']['user']['test']['max_buckets'] --access_key="#{node['ceph']['radosgw']['user']['test']['access_key']}" --secret="#{node['ceph']['radosgw']['user']['test']['secret']}" --caps="#{node['ceph']['radosgw']['user']['test']['caps']}"])
+      rgw_tester = JSON.parse(%x[radosgw-admin user create --display-name="#{node['ceph']['radosgw']['user']['test']['name']}" --uid="#{node['ceph']['radosgw']['user']['test']['uid']}" --max-buckets=node['ceph']['radosgw']['user']['test']['max_buckets'] --access_key="#{node['ceph']['radosgw']['user']['test']['access_key']}" --secret="#{node['ceph']['radosgw']['user']['test']['secret']}" --caps="#{node['ceph']['radosgw']['user']['test']['caps']}"])
+      rgw_tester_cap = JSON.parse(%x[radosgw-admin caps add --uid="#{node['ceph']['radosgw']['user']['test']['uid']}" --caps="#{node['ceph']['radosgw']['user']['test']['caps']}"])
     end
     not_if "radosgw-admin user info --uid='#{node['ceph']['radosgw']['user']['test']['uid']}'"
   end

recipes/restapi.rb

@@ -32,26 +32,25 @@
 end
 
 base_key = "/etc/ceph/#{node['ceph']['cluster']}.client.admin.keyring"
+keyring = "/etc/ceph/#{node['ceph']['cluster']}.client.restapi.keyring"
 
 # NOTE: If the restapi keyring exists and you are using the same key on for different nodes (load balancing) then
 # this method will work well. Since the key is already part of the cluster the only thing needed is to copy it
 # to the correct area (where ever the ceph.conf settings are pointing to on the given node). You can keep things
 # simple by keeping the same ceph.conf the same (except for hostname info) for each restapi node.
 execute 'write ceph-restapi-secret' do
-  command lazy { "ceph-authtool /etc/ceph/#{node['ceph']['cluster']}.client.restapi.keyring --create-keyring --name=client.restapi --add-key='#{node['ceph']['restapi-secret']}'" }
+  command lazy { "ceph-authtool #{keyring} --create-keyring --name=client.restapi --add-key='#{node['ceph']['restapi-secret']}'" }
   only_if { ceph_chef_restapi_secret }
   sensitive true if Chef::Resource::Execute.method_defined? :sensitive
 end
 
-bash 'gen client-restapi-secret' do
-  code <<-EOH
-    ceph-authtool --create-keyring /etc/ceph/#{node['ceph']['cluster']}.client.restapi.keyring
-    ceph-authtool /etc/ceph/#{node['ceph']['cluster']}.client.restapi.keyring -n client.restapi --gen-key
-    ceph-authtool -n client.restapi --cap osd 'allow *' --cap mon '*' /etc/ceph/#{node['ceph']['cluster']}.client.restapi.keyring
-    ceph -k #{base_key} auth add client.radosgw -i /etc/ceph/#{node['ceph']['cluster']}.client.restapi.keyring
-  EOH
+# command lazy { "ceph-authtool --create-keyring #{keyring} -n client.restapi.#{node['hostname']} --gen-key --cap osd 'allow *' --cap mon 'allow *'" }
+execute 'gen client-restapi-secret' do
+  command lazy { "ceph auth get-or-create client.restapi osd 'allow *' mon 'allow *' -o #{keyring}" }
+  creates keyring
   not_if { ceph_chef_restapi_secret }
   notifies :create, 'ruby_block[save restapi_secret]', :immediately
+  sensitive true if Chef::Resource::Execute.method_defined? :sensitive
 end
 
 # This ruby_block saves the key if it is needed at any other point plus this and all node data is saved on the

templates/default/ceph.conf.erb

@@ -135,11 +135,11 @@
 <% end -%>
 
 <% if @is_rest_api -%>
-[client.restapi.<%= node['hostname'] %>]
-  # public addr = <%= node['hostname'] %>
+[client.restapi]
+  public addr = <%= node['ipaddress'] %>:<%= node['ceph']['restapi']['port'] %>
   keyring = /etc/ceph/$cluster.client.restapi.keyring
   restapi base url = <%= node['ceph']['restapi']['base_url'] %>
-  log file = /var/log/ceph/$cluster.client.restapi.<%= node['hostname'] -%>.log
+  log file = /var/log/ceph/$cluster.client.restapi.log
 <% if !node['ceph']['config']['restapi'].nil? -%>
   <% node['ceph']['config']['restapi'].sort.each do |k, v| %>
   <%= k %> = <%= v %>