From c62acd8f8dbfa73986e89e7107eea4ee23e5bb64 Mon Sep 17 00:00:00 2001 From: Oliver Kelly Date: Thu, 6 Jun 2024 15:17:35 +0100 Subject: [PATCH 1/4] updated prefilight and added debain tasks --- cephadm-preflight.yml | 106 +-------------------------- tasks/debian.yml | 103 ++++++++++++++++++++++++++ tasks/redhat.yml | 166 ++++++++++++++++++++++++++++++++++++++++++ tasks/ubuntu.yml | 103 ++++++++++++++++++++++++++ 4 files changed, 376 insertions(+), 102 deletions(-) create mode 100644 tasks/debian.yml create mode 100644 tasks/redhat.yml create mode 100644 tasks/ubuntu.yml diff --git a/cephadm-preflight.yml b/cephadm-preflight.yml index 88c58e7..cd09496 100644 --- a/cephadm-preflight.yml +++ b/cephadm-preflight.yml @@ -216,109 +216,11 @@ - name: Ubuntu related tasks when: ansible_facts['distribution'] == 'Ubuntu' - block: - - name: enable repo from download.ceph.com - block: - - name: prevent ceph certificate error - apt: - name: ca-certificates - state: latest - update_cache: true - register: result - until: result is succeeded - - - name: configure ceph community repository stable key - apt_key: - url: "{{ ceph_stable_key }}" - state: present - - - name: configure Ceph community repository - when: ceph_origin == 'community' - apt_repository: - repo: "deb https://download.ceph.com/debian-{{ ceph_release }}/ {{ ansible_facts['distribution_release'] }} main" - state: present - filename: ceph - update_cache: false - - - name: configure Ceph testing repository - when: ceph_origin == 'testing' - apt_repository: - repo: "deb https://download.ceph.com/debian-testing/ {{ ansible_facts['distribution_release'] }} main" - state: present - filename: ceph - update_cache: false - - - name: configure Ceph custom repositories - when: ceph_origin == 'custom' - apt_repository: - repo: "deb {{ item.baseurl }}/ {{ ansible_facts['distribution_release'] }} {{ item.components }}" - state: "{{ item.state | default(omit) }}" - filename: ceph_custom - update_cache: false - loop: "{{ ceph_custom_repositories }}" - - - name: install prerequisites packages - apt: - name: "{{ ['python3','chrony'] + ceph_pkgs }}" - state: "{{ (upgrade_ceph_packages | bool) | ternary('latest', 'present') }}" - update_cache: true - register: result - until: result is succeeded - - - name: ensure chronyd is running - service: - name: chronyd - state: started - enabled: true - - - name: install container engine - block: - - name: install podman - when: ansible_facts['distribution_version'] is version('20.10', '>=') - apt: - name: podman - state: present - update_cache: true - register: result - until: result is succeeded - - - name: install docker - when: ansible_facts['distribution_version'] is version('20.10', '<') - block: - - name: uninstall old version packages - apt: - name: "{{ item }}" - state: absent - loop: - - docker - - docker-engine - - docker.io - - containerd - - runc - - - name: configure docker repository key - apt_key: - url: "https://download.docker.com/linux/ubuntu/gpg" - state: present - - - name: setup docker repository - apt_repository: - repo: "deb https://download.docker.com/linux/ubuntu {{ ansible_facts['distribution_release'] }} stable" - state: present - filename: docker - update_cache: false + import_tasks: tasks/ubuntu.yml - - name: install docker - apt: - name: "{{ item }}" - state: present - update_cache: true - register: result - until: result is succeeded - loop: - - docker-ce - - docker-ce-cli - - containerd.io + - name: Debain related tasks + when: ansible_facts['distribution'] == 'Debian' + import_tasks: tasks/debian.yml - name: set insecure container registry in /etc/containers/registries.conf ansible.builtin.import_playbook: cephadm-set-container-insecure-registries.yml diff --git a/tasks/debian.yml b/tasks/debian.yml new file mode 100644 index 0000000..27ad251 --- /dev/null +++ b/tasks/debian.yml @@ -0,0 +1,103 @@ +- name: enable repo from download.ceph.com + block: + - name: prevent ceph certificate error + apt: + name: ca-certificates + state: latest + update_cache: true + register: result + until: result is succeeded + + - name: configure ceph community repository stable key + apt_key: + url: "{{ ceph_stable_key }}" + state: present + + - name: configure Ceph community repository + when: ceph_origin == 'community' + apt_repository: + repo: "deb https://download.ceph.com/debian-{{ ceph_release }}/ {{ ansible_facts['distribution_release'] }} main" + state: present + filename: ceph + update_cache: false + + - name: configure Ceph testing repository + when: ceph_origin == 'testing' + apt_repository: + repo: "deb https://download.ceph.com/debian-testing/ {{ ansible_facts['distribution_release'] }} main" + state: present + filename: ceph + update_cache: false + + - name: configure Ceph custom repositories + when: ceph_origin == 'custom' + apt_repository: + repo: "deb {{ item.baseurl }}/ {{ ansible_facts['distribution_release'] }} {{ item.components }}" + state: "{{ item.state | default(omit) }}" + filename: ceph_custom + update_cache: false + loop: "{{ ceph_custom_repositories }}" + +- name: install prerequisites packages + apt: + name: "{{ ['python3','chrony'] + ceph_pkgs }}" + state: "{{ (upgrade_ceph_packages | bool) | ternary('latest', 'present') }}" + update_cache: true + register: result + until: result is succeeded + +- name: ensure chronyd is running + service: + name: chronyd + state: started + enabled: true + +- name: install container engine + block: + - name: install podman + when: ansible_facts['distribution_version'] is version('11', '>=') + apt: + name: podman + state: present + update_cache: true + register: result + until: result is succeeded + + - name: install docker + when: ansible_facts['distribution_version'] is version('10', '<') + block: + - name: uninstall old version packages + apt: + name: "{{ item }}" + state: absent + loop: + - docker + - docker-engine + - docker.io + - containerd + - runc + + - name: configure docker repository key + apt_key: + url: "https://download.docker.com/linux/debian/gpg" + state: present + + - name: setup docker repository + apt_repository: + repo: "deb https://download.docker.com/linux/debian {{ ansible_facts['distribution_release'] }} stable" + state: present + filename: docker + update_cache: false + + - name: install docker + apt: + name: "{{ item }}" + state: present + update_cache: true + register: result + until: result is succeeded + loop: + - docker-ce + - docker-ce-cli + - containerd.io + diff --git a/tasks/redhat.yml b/tasks/redhat.yml new file mode 100644 index 0000000..3f0921d --- /dev/null +++ b/tasks/redhat.yml @@ -0,0 +1,166 @@ +- name: rhcs related tasks + when: ceph_origin == 'rhcs' + block: + - name: enable red hat ceph storage tools repository + rhsm_repository: + name: "rhceph-{{ ceph_rhcs_version }}-tools-for-rhel-{{ ansible_facts['distribution_major_version'] }}-{{ ansible_facts['architecture'] }}-rpms" + + - name: disable older rhceph repositories if any on RHEL{{ansible_facts['distribution_major_version']}} + when: ansible_facts['distribution_major_version'] == '8' + rhsm_repository: + name: "{{ repos_4_to_disable + repos_5_to_disable }}" + state: absent + + - name: disable older rhceph repositories if any on RHEL{{ansible_facts['distribution_major_version']}} + when: ansible_facts['distribution_major_version'] == '9' + rhsm_repository: + name: "{{ repos_5_to_disable + repos_6_to_disable }}" + state: absent + +- name: enable ceph package repositories + when: ceph_origin in ['community', 'ibm'] + block: + - name: set_fact _ceph_repo + set_fact: + _ceph_repo: + name: ceph_stable + description: "{{ 'Ceph Stable repo' if ceph_origin == 'community' else 'IBM Ceph repo' }}" + rpm_key: "{{ ceph_stable_key if ceph_origin == 'community' else ceph_ibm_key }}" + baseurl: "{{ ceph_community_repo_baseurl if ceph_origin == 'community' else ceph_ibm_repo_baseurl }}" + paths: "{{ [ 'noarch', '$basearch' ] if ceph_origin == 'community' else [ '$basearch' ] }}" + + - name: configure ceph repository key + rpm_key: + key: "{{ _ceph_repo.rpm_key }}" + state: present + register: result + until: result is succeeded + + - name: configure ceph stable repository + yum_repository: + name: "ceph_stable_{{ item }}" + description: "{{ _ceph_repo.description }} - {{ item }}" + gpgcheck: true + state: present + gpgkey: "{{ _ceph_repo.rpm_key }}" + baseurl: "{{ _ceph_repo.baseurl }}/{{ item }}" + file: "ceph_stable_{{ item }}" + priority: '2' + register: result + until: result is succeeded + loop: "{{ _ceph_repo.paths }}" + +- name: enable repo from shaman - dev + when: ceph_origin == 'shaman' + block: + - name: fetch ceph development repository + uri: + url: + "https://shaman.ceph.com/api/repos/ceph/\ + {{ ceph_dev_branch }}/\ + {{ ceph_dev_sha1 }}/\ + centos/{{ ansible_facts['distribution_major_version'] }}/\ + repo?arch={{ ansible_facts['architecture'] }}" + return_content: true + register: ceph_dev_yum_repo + + - name: configure ceph development repository + copy: + content: "{{ ceph_dev_yum_repo.content }}" + dest: /etc/yum.repos.d/ceph-dev.repo + owner: root + group: root + mode: '0644' + backup: true + + - name: remove ceph_stable repositories + yum_repository: + name: '{{ item }}' + file: ceph_stable + state: absent + with_items: + - ceph_stable + - ceph_stable_noarch + +- name: enable custom repo + when: ceph_origin == 'custom' + block: + - name: set_fact ceph_custom_repositories + set_fact: + ceph_custom_repositories: + - name: ceph_custom + description: Ceph custom repo + gpgcheck: "{{ 'yes' if custom_repo_gpgkey is defined else 'no' }}" + state: "{{ custom_repo_state | default('present') }}" + gpgkey: "{{ custom_repo_gpgkey | default(omit) }}" + baseurl: "{{ custom_repo_url }}" + enabled: "{{ custom_repo_enabled | default(1) }}" + file: ceph_custom + priority: '2' + when: ceph_custom_repositories is undefined + + - name: setup custom repositories + yum_repository: + name: "{{ item.name }}" + description: "{{ item.description }}" + state: "{{ item.state | default(omit) }}" + gpgcheck: "{{ item.gpgcheck | default(omit) }}" + gpgkey: "{{ item.gpgkey | default(omit) }}" + baseurl: "{{ item.baseurl }}" + file: "{{ item.ceph_custom | default(omit) }}" + priority: "{{ item.priority | default(omit) }}" + enabled: "{{ item.enabled | default(omit) }}" + register: result + until: result is succeeded + loop: "{{ ceph_custom_repositories }}" + +- name: install epel-release + when: ansible_facts['distribution'] != 'RedHat' + block: + - name: enable required CentOS repository for epel + command: dnf config-manager --set-enabled "{{ 'powertools' if ansible_facts['distribution_major_version'] == '8' else 'crb' }}" + changed_when: false + + - name: install package + package: + name: epel-release + state: present + register: result + until: result is succeeded + +- name: remove remaining local services ceph packages + dnf: + name: "{{ packages_to_uninstall }}" + state: absent + autoremove: false + +- name: install ceph-common on rhel + package: + name: ceph-common + state: "{{ (upgrade_ceph_packages | bool) | ternary('latest', 'present') }}" + register: result + until: result is succeeded + +- name: install prerequisites packages on servers + package: + name: "{{ ceph_pkgs + infra_pkgs }}" + state: "{{ (upgrade_ceph_packages | bool) | ternary('latest', 'present') }}" + register: result + until: result is succeeded + when: group_names != [client_group] + +- name: install prerequisites packages on clients + package: + name: "{{ ceph_client_pkgs }}" + state: "{{ (upgrade_ceph_packages | bool) | ternary('latest', 'present') }}" + register: result + until: result is succeeded + when: group_names == [client_group] + + +- name: ensure chronyd is running + service: + name: chronyd + state: started + enabled: true + diff --git a/tasks/ubuntu.yml b/tasks/ubuntu.yml new file mode 100644 index 0000000..8ee5755 --- /dev/null +++ b/tasks/ubuntu.yml @@ -0,0 +1,103 @@ +- name: enable repo from download.ceph.com + block: + - name: prevent ceph certificate error + apt: + name: ca-certificates + state: latest + update_cache: true + register: result + until: result is succeeded + + - name: configure ceph community repository stable key + apt_key: + url: "{{ ceph_stable_key }}" + state: present + + - name: configure Ceph community repository + when: ceph_origin == 'community' + apt_repository: + repo: "deb https://download.ceph.com/debian-{{ ceph_release }}/ {{ ansible_facts['distribution_release'] }} main" + state: present + filename: ceph + update_cache: false + + - name: configure Ceph testing repository + when: ceph_origin == 'testing' + apt_repository: + repo: "deb https://download.ceph.com/debian-testing/ {{ ansible_facts['distribution_release'] }} main" + state: present + filename: ceph + update_cache: false + + - name: configure Ceph custom repositories + when: ceph_origin == 'custom' + apt_repository: + repo: "deb {{ item.baseurl }}/ {{ ansible_facts['distribution_release'] }} {{ item.components }}" + state: "{{ item.state | default(omit) }}" + filename: ceph_custom + update_cache: false + loop: "{{ ceph_custom_repositories }}" + +- name: install prerequisites packages + apt: + name: "{{ ['python3','chrony'] + ceph_pkgs }}" + state: "{{ (upgrade_ceph_packages | bool) | ternary('latest', 'present') }}" + update_cache: true + register: result + until: result is succeeded + +- name: ensure chronyd is running + service: + name: chronyd + state: started + enabled: true + +- name: install container engine + block: + - name: install podman + when: ansible_facts['distribution_version'] is version('20.10', '>=') + apt: + name: podman + state: present + update_cache: true + register: result + until: result is succeeded + + - name: install docker + when: ansible_facts['distribution_version'] is version('20.10', '<') + block: + - name: uninstall old version packages + apt: + name: "{{ item }}" + state: absent + loop: + - docker + - docker-engine + - docker.io + - containerd + - runc + + - name: configure docker repository key + apt_key: + url: "https://download.docker.com/linux/ubuntu/gpg" + state: present + + - name: setup docker repository + apt_repository: + repo: "deb https://download.docker.com/linux/ubuntu {{ ansible_facts['distribution_release'] }} stable" + state: present + filename: docker + update_cache: false + + - name: install docker + apt: + name: "{{ item }}" + state: present + update_cache: true + register: result + until: result is succeeded + loop: + - docker-ce + - docker-ce-cli + - containerd.io + From 8d544de886235c4f9c317385a6f5e8c8360c4deb Mon Sep 17 00:00:00 2001 From: Oliver Kelly Date: Mon, 10 Jun 2024 10:19:43 +0100 Subject: [PATCH 2/4] changed to include_tasks from import_task for OS specific tasks --- cephadm-preflight.yml | 186 ++----------------------------- tasks/Centos.yml | 1 + tasks/{debian.yml => Debian.yml} | 0 tasks/{redhat.yml => Redhat.yml} | 0 tasks/{ubuntu.yml => Ubuntu.yml} | 0 5 files changed, 11 insertions(+), 176 deletions(-) create mode 120000 tasks/Centos.yml rename tasks/{debian.yml => Debian.yml} (100%) rename tasks/{redhat.yml => Redhat.yml} (100%) rename tasks/{ubuntu.yml => Ubuntu.yml} (100%) diff --git a/cephadm-preflight.yml b/cephadm-preflight.yml index cd09496..324411f 100644 --- a/cephadm-preflight.yml +++ b/cephadm-preflight.yml @@ -41,186 +41,20 @@ - ceph-radosgw - rbd-mirror tasks: - - name: import_role ceph_defaults + - name: Import_role ceph_defaults import_role: name: ceph_defaults - - name: redhat family of OS related tasks - when: ansible_facts['os_family'] == 'RedHat' - block: - - name: rhcs related tasks - when: ceph_origin == 'rhcs' - block: - - name: enable red hat ceph storage tools repository - rhsm_repository: - name: "rhceph-{{ ceph_rhcs_version }}-tools-for-rhel-{{ ansible_facts['distribution_major_version'] }}-{{ ansible_facts['architecture'] }}-rpms" + - name: Import specific OS-related tasks + include_tasks: "{{ lookup('first_found', __OS_distribution) }}" + vars: + __OS_distribution: + files: + - "tasks/{{ ansible_facts['distribution'] }}.yml" + paths: + - "{{ playbook_dir }}" + skip: true - - name: disable older rhceph repositories if any on RHEL{{ansible_facts['distribution_major_version']}} - when: ansible_facts['distribution_major_version'] == '8' - rhsm_repository: - name: "{{ repos_4_to_disable + repos_5_to_disable }}" - state: absent - - - name: disable older rhceph repositories if any on RHEL{{ansible_facts['distribution_major_version']}} - when: ansible_facts['distribution_major_version'] == '9' - rhsm_repository: - name: "{{ repos_5_to_disable + repos_6_to_disable }}" - state: absent - - - name: enable ceph package repositories - when: ceph_origin in ['community', 'ibm'] - block: - - name: set_fact _ceph_repo - set_fact: - _ceph_repo: - name: ceph_stable - description: "{{ 'Ceph Stable repo' if ceph_origin == 'community' else 'IBM Ceph repo' }}" - rpm_key: "{{ ceph_stable_key if ceph_origin == 'community' else ceph_ibm_key }}" - baseurl: "{{ ceph_community_repo_baseurl if ceph_origin == 'community' else ceph_ibm_repo_baseurl }}" - paths: "{{ [ 'noarch', '$basearch' ] if ceph_origin == 'community' else [ '$basearch' ] }}" - - - name: configure ceph repository key - rpm_key: - key: "{{ _ceph_repo.rpm_key }}" - state: present - register: result - until: result is succeeded - - - name: configure ceph stable repository - yum_repository: - name: "ceph_stable_{{ item }}" - description: "{{ _ceph_repo.description }} - {{ item }}" - gpgcheck: true - state: present - gpgkey: "{{ _ceph_repo.rpm_key }}" - baseurl: "{{ _ceph_repo.baseurl }}/{{ item }}" - file: "ceph_stable_{{ item }}" - priority: '2' - register: result - until: result is succeeded - loop: "{{ _ceph_repo.paths }}" - - - name: enable repo from shaman - dev - when: ceph_origin == 'shaman' - block: - - name: fetch ceph development repository - uri: - url: - "https://shaman.ceph.com/api/repos/ceph/\ - {{ ceph_dev_branch }}/\ - {{ ceph_dev_sha1 }}/\ - centos/{{ ansible_facts['distribution_major_version'] }}/\ - repo?arch={{ ansible_facts['architecture'] }}" - return_content: true - register: ceph_dev_yum_repo - - - name: configure ceph development repository - copy: - content: "{{ ceph_dev_yum_repo.content }}" - dest: /etc/yum.repos.d/ceph-dev.repo - owner: root - group: root - mode: '0644' - backup: true - - - name: remove ceph_stable repositories - yum_repository: - name: '{{ item }}' - file: ceph_stable - state: absent - with_items: - - ceph_stable - - ceph_stable_noarch - - - name: enable custom repo - when: ceph_origin == 'custom' - block: - - name: set_fact ceph_custom_repositories - set_fact: - ceph_custom_repositories: - - name: ceph_custom - description: Ceph custom repo - gpgcheck: "{{ 'yes' if custom_repo_gpgkey is defined else 'no' }}" - state: "{{ custom_repo_state | default('present') }}" - gpgkey: "{{ custom_repo_gpgkey | default(omit) }}" - baseurl: "{{ custom_repo_url }}" - enabled: "{{ custom_repo_enabled | default(1) }}" - file: ceph_custom - priority: '2' - when: ceph_custom_repositories is undefined - - - name: setup custom repositories - yum_repository: - name: "{{ item.name }}" - description: "{{ item.description }}" - state: "{{ item.state | default(omit) }}" - gpgcheck: "{{ item.gpgcheck | default(omit) }}" - gpgkey: "{{ item.gpgkey | default(omit) }}" - baseurl: "{{ item.baseurl }}" - file: "{{ item.ceph_custom | default(omit) }}" - priority: "{{ item.priority | default(omit) }}" - enabled: "{{ item.enabled | default(omit) }}" - register: result - until: result is succeeded - loop: "{{ ceph_custom_repositories }}" - - - name: install epel-release - when: ansible_facts['distribution'] != 'RedHat' - block: - - name: enable required CentOS repository for epel - command: dnf config-manager --set-enabled "{{ 'powertools' if ansible_facts['distribution_major_version'] == '8' else 'crb' }}" - changed_when: false - - - name: install epel package - package: - name: epel-release - state: present - register: result - until: result is succeeded - - - name: remove remaining local services ceph packages - dnf: - name: "{{ packages_to_uninstall }}" - state: absent - autoremove: false - - - name: install ceph-common on rhel - package: - name: ceph-common - state: "{{ (upgrade_ceph_packages | bool) | ternary('latest', 'present') }}" - register: result - until: result is succeeded - - - name: install prerequisites packages on servers - package: - name: "{{ ceph_pkgs + infra_pkgs }}" - state: "{{ (upgrade_ceph_packages | bool) | ternary('latest', 'present') }}" - register: result - until: result is succeeded - when: group_names != [client_group] - - - name: install prerequisites packages on clients - package: - name: "{{ ceph_client_pkgs }}" - state: "{{ (upgrade_ceph_packages | bool) | ternary('latest', 'present') }}" - register: result - until: result is succeeded - when: client_group in group_names - - - - name: ensure chronyd is running - service: - name: chronyd - state: started - enabled: true - - - name: Ubuntu related tasks - when: ansible_facts['distribution'] == 'Ubuntu' - import_tasks: tasks/ubuntu.yml - - - name: Debain related tasks - when: ansible_facts['distribution'] == 'Debian' - import_tasks: tasks/debian.yml - name: set insecure container registry in /etc/containers/registries.conf ansible.builtin.import_playbook: cephadm-set-container-insecure-registries.yml diff --git a/tasks/Centos.yml b/tasks/Centos.yml new file mode 120000 index 0000000..c4656fd --- /dev/null +++ b/tasks/Centos.yml @@ -0,0 +1 @@ +Redhat.yml \ No newline at end of file diff --git a/tasks/debian.yml b/tasks/Debian.yml similarity index 100% rename from tasks/debian.yml rename to tasks/Debian.yml diff --git a/tasks/redhat.yml b/tasks/Redhat.yml similarity index 100% rename from tasks/redhat.yml rename to tasks/Redhat.yml diff --git a/tasks/ubuntu.yml b/tasks/Ubuntu.yml similarity index 100% rename from tasks/ubuntu.yml rename to tasks/Ubuntu.yml From 05ced0c52461d6d251c30bd573770fdab7b8029a Mon Sep 17 00:00:00 2001 From: Oliver Kelly Date: Mon, 10 Jun 2024 13:20:48 +0100 Subject: [PATCH 3/4] renamed Redhat.yml to RedHat --- tasks/Centos.yml | 2 +- tasks/{Redhat.yml => RedHat.yml} | 0 2 files changed, 1 insertion(+), 1 deletion(-) rename tasks/{Redhat.yml => RedHat.yml} (100%) diff --git a/tasks/Centos.yml b/tasks/Centos.yml index c4656fd..f802000 120000 --- a/tasks/Centos.yml +++ b/tasks/Centos.yml @@ -1 +1 @@ -Redhat.yml \ No newline at end of file +RedHat.yml \ No newline at end of file diff --git a/tasks/Redhat.yml b/tasks/RedHat.yml similarity index 100% rename from tasks/Redhat.yml rename to tasks/RedHat.yml From 3f9c880b28c40c8a929a9bd6ef461c469e849ba1 Mon Sep 17 00:00:00 2001 From: Oliver Kelly Date: Thu, 11 Jul 2024 15:14:26 +0100 Subject: [PATCH 4/4] simplying include tasks --- cephadm-preflight.yml | 10 +--------- 1 file changed, 1 insertion(+), 9 deletions(-) diff --git a/cephadm-preflight.yml b/cephadm-preflight.yml index 324411f..f82faf3 100644 --- a/cephadm-preflight.yml +++ b/cephadm-preflight.yml @@ -46,15 +46,7 @@ name: ceph_defaults - name: Import specific OS-related tasks - include_tasks: "{{ lookup('first_found', __OS_distribution) }}" - vars: - __OS_distribution: - files: - - "tasks/{{ ansible_facts['distribution'] }}.yml" - paths: - - "{{ playbook_dir }}" - skip: true - + include_tasks: "tasks/{{ ansible_facts['distribution'] }}.yml" - name: set insecure container registry in /etc/containers/registries.conf ansible.builtin.import_playbook: cephadm-set-container-insecure-registries.yml