Add option to use s3fs with role

Change-Id: I5cf6353a30190aa0a2f0856530a65c48437ed5ea

defaults/main.yml

@@ -13,6 +13,10 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
+# EPEL repo is required for s3fs package. It won't be added in case s3fs is not required.
+systemd_centos_epel_mirror: "{{ centos_epel_mirror | default('http://download.fedoraproject.org/pub/epel') }}"
+systemd_centos_epel_key: "{{ centos_epel_key | default('http://download.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-' ~ ansible_distribution_major_version) }}"
+
 # Any optioned required to make the mount point work. If no options are
 #  provided the default will be used. This list is comma separted.
 #  https://www.freedesktop.org/software/systemd/man/systemd.mount.html#Options=
@@ -43,7 +47,6 @@ systemd_default_mount_options: 'defaults'
 #     where: '/var/lib/machines'
 #     type: 'btrfs'
 #     options: 'loop'
-
 #     state: 'started'
 #     enabled: true
 #   - config_overrides: {}
@@ -51,12 +54,16 @@ systemd_default_mount_options: 'defaults'
 #     Where: "/var/lib/glance/images"
 #     type: "nfs"
 #     options: "_netdev,auto"
-
 #   - what: "/openstack/swap.img"
 #     priority: "0"
 #     options: "%%"
 #     type: "swap"
 #     state: 'started'
 #     enabled: true
+#   - what: bucket
+#     where: "/mnt/shared_storage"
+#     type: "fuse.s3fs"
+#     options: "url=https://s3-{{aws_region}}.amazonaws.com,_netdev,allow_other,use_path_request_style"
+#     credentials: "ACCESS_KEY_ID:SECRET_ACCESS_KEY"
 
 systemd_mounts: []

releasenotes/notes/s3fs_mount-0577dac1881afdfd.yaml

@@ -0,0 +1,8 @@
+---
+features:
+  - |
+    Added option to be able to mount s3fs with systemd as shared filesystem.
+    Type should be stated as 'fuse.s3fs', and extra key 'credentials' should
+    be set for systemd_mounts. S3 url should be placed in the options. Please
+    follow https://github.com/s3fs-fuse/s3fs-fuse#examples for docs regarding
+    s3fs.

tasks/main.yml

@@ -25,10 +25,7 @@
   tags:
     - always
 
-- name: Install required distro packages for mounts
-  package:
-    name: "{{ systemd_mount_packages }}"
-    state: present
+- include_tasks: systemd_install.yml
 
 - include_tasks: systemd_mounts.yml
   with_items: "{{ systemd_mounts }}"

tasks/systemd_install.yml

@@ -0,0 +1,52 @@
+---
+# Copyright 2020, City Network International AB.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+- name: Install EPEL
+  when:
+    - "'s3fs' in systemd_mount_types"
+    - ansible_os_family | lower == 'redhat'
+  block:
+    - name: Download EPEL gpg keys
+      get_url:
+        url: "{{ systemd_centos_epel_key }}"
+        dest: /etc/pki/rpm-gpg
+      register: _get_yum_keys
+      until: _get_yum_keys is success
+      retries: 5
+      delay: 2
+
+    - name: Install EPEL gpg keys
+      rpm_key:
+        key: "/etc/pki/rpm-gpg/{{ systemd_centos_epel_key.split('/')[-1] }}"
+        state: present
+
+    - name: Install the EPEL repository
+      yum_repository:
+        name: epel-systemd_mounts
+        baseurl: "{{ systemd_centos_epel_mirror ~ '/' ~ ansible_distribution_major_version ~ (ansible_distribution_major_version is version('8', '>=')) | ternary('/Everything/', '/') ~ ansible_architecture }}"
+        description: 'Extra Packages for Enterprise Linux {{ ansible_distribution_major_version }} - $basearch'
+        gpgcheck: yes
+        enabled: yes
+        state: present
+        includepkgs: "s3fs-fuse"
+      register: install_epel_repo
+      until: install_epel_repo is success
+      retries: 5
+      delay: 2
+
+- name: Install required distro packages for mounts
+  package:
+    name: "{{ systemd_mount_packages }}"
+    state: present

tasks/systemd_mounts.yml

@@ -23,6 +23,7 @@
   changed_when: false
   register: mount_service_name
 
+# NOTE(noonedeadpunk): with s3fs IO error would raise on attempt to change permissions.
 - name: Create mount target(s)
   file:
     path: "{{ item.where }}"
@@ -30,6 +31,7 @@
     owner: "{{ item.owner | default(omit) }}"
     group: "{{ item.group | default(omit) }}"
     mode: "0755"
+  failed_when: false
   when:
     - item.where is defined
     - item.state | default('unknown') != 'absent'
@@ -37,6 +39,17 @@
   tags:
     - systemd-mount
 
+- name: Place mount credentials when required
+  copy:
+    dest: "/etc/passwd-{{ mount_service_name.stdout }}"
+    content: "{{ item.credentials }}"
+    owner: "root"
+    group: "root"
+    mode: "0600"
+  when:
+    - item.type == "fuse.s3fs"
+    - "'credentials' in item"
+
 - name: Create systemd mount services(s)
   config_template:
     src: "systemd-mount.j2"

templates/systemd-mount.j2

@@ -15,7 +15,7 @@ Priority={{ item.priority | default(0) }}
 Where={{ item.where }}
 Type={{ item.type }}
 {% endif %}
-Options={{ item.options | default(systemd_default_mount_options) }}
+Options={{ item.options | default(systemd_default_mount_options) }}{% if 'credentials' in item and item.type == 'fuse.s3fs' %},passwd_file=/etc/passwd-{{ mount_service_name.stdout }}{% endif %}
 
 [Install]
 WantedBy=multi-user.target

vars/debian.yml

@@ -3,3 +3,6 @@ systemd_nfs_packages:
 
 systemd_ceph_packages:
   - ceph-fuse
+
+systemd_s3_packages:
+  - s3fs

vars/main.yml

@@ -20,6 +20,8 @@ systemd_mount_states:
   stopped: stopped
   absent: stopped
 
+systemd_mount_types: "{{ systemd_mounts | map(attribute='type') | list }}"
+
 systemd_mount_packages: |-
   {% set packages = [] %}
   {% set mount_types = systemd_mounts | map(attribute='type') | list %}
@@ -29,4 +31,7 @@ systemd_mount_packages: |-
   {% if 'ceph' in mount_types %}
   {%   set _ = packages.extend(systemd_ceph_packages) %}
   {% endif %}
+  {% if 'fuse.s3fs' in mount_types %}
+  {%   set _ = packages.extend(systemd_s3_packages) %}
+  {% endif %}
   {{ packages }}

vars/redhat.yml

@@ -3,3 +3,6 @@ systemd_nfs_packages:
 
 systemd_ceph_packages:
   - ceph-fuse
+
+systemd_s3_packages:
+  - s3fs-fuse