Deploy Zun with Cinder Ceph support
Enables zun to access cinder volumes when cinder is configured to use external ceph. Copies ceph config file and ceph cinder keyring to /etc/ceph in zun_compute container. Closes-Bug: 1848934 Change-Id: Ie56868d5e9ed37a9274b8cbe65895f3634b895c8
This commit is contained in:
parent
7f2d203354
commit
eb7e0f6fda
@ -133,6 +133,9 @@ docker_zun_config:
|
||||
# Extra containerd options for Zun
|
||||
containerd_configure_for_zun: "no"
|
||||
|
||||
# Enable Ceph backed Cinder Volumes for zun
|
||||
zun_configure_for_cinder_ceph: "no"
|
||||
|
||||
# 42463 is the static group id of the zun user in the Zun image.
|
||||
# If users customize this value on building the Zun images,
|
||||
# they need to change this config accordingly.
|
||||
|
@ -16,6 +16,25 @@ docker_yum_gpgkey: "{{ docker_yum_url }}/gpg"
|
||||
docker_yum_gpgcheck: true
|
||||
docker_yum_package: "docker-ce"
|
||||
|
||||
ceph_version: "pacific"
|
||||
epel_version: "8"
|
||||
ceph_url: "https://download.ceph.com"
|
||||
|
||||
# Ceph APT repository configuration.
|
||||
ceph_apt_url: "{{ ceph_url }}/debian-{{ ceph_version }}/"
|
||||
ceph_apt_repo: "deb {{ ceph_apt_url }} {{ ansible_facts.distribution_release }} main"
|
||||
ceph_apt_key_file: "{{ ceph_url }}/keys/release.gpg"
|
||||
ceph_apt_key_id: "460F3994"
|
||||
ceph_apt_package: "ceph-common"
|
||||
|
||||
# Ceph Yum repository configuration.
|
||||
ceph_yum_url: "{{ ceph_url }}/rpm-{{ ceph_version }}/"
|
||||
ceph_yum_baseurl: "{{ ceph_yum_url }}el{{ epel_version }}/$basearch/"
|
||||
ceph_yum_gpgkey: "{{ ceph_url }}/keys/release.asc"
|
||||
ceph_yum_gpgcheck: true
|
||||
ceph_yum_package: "ceph-common"
|
||||
epel_yum_package: "epel-release"
|
||||
|
||||
customize_etc_hosts: True
|
||||
|
||||
create_kolla_user: True
|
||||
|
@ -9,3 +9,8 @@
|
||||
when:
|
||||
- containerd_configure_for_zun|bool
|
||||
- "'zun-cni-daemon' in group_names"
|
||||
|
||||
- include_tasks: configure-ceph-for-zun.yml
|
||||
when:
|
||||
- zun_configure_for_cinder_ceph | bool
|
||||
- "'zun-compute' in group_names"
|
||||
|
55
ansible/roles/baremetal/tasks/configure-ceph-for-zun.yml
Normal file
55
ansible/roles/baremetal/tasks/configure-ceph-for-zun.yml
Normal file
@ -0,0 +1,55 @@
|
||||
---
|
||||
- name: Install ceph-common
|
||||
block:
|
||||
- block:
|
||||
- name: Install ceph apt gpg key
|
||||
apt_key:
|
||||
url: "{{ ceph_apt_key_file }}"
|
||||
id: "{{ ceph_apt_key_id }}"
|
||||
state: present
|
||||
become: True
|
||||
|
||||
- name: Enable ceph apt repository
|
||||
apt_repository:
|
||||
repo: "{{ ceph_apt_repo }}"
|
||||
filename: ceph
|
||||
become: True
|
||||
|
||||
- name: Install apt packages
|
||||
package:
|
||||
name: "{{ ceph_apt_package }}"
|
||||
state: present
|
||||
become: True
|
||||
when: ansible_facts.os_family == 'Debian'
|
||||
|
||||
- block:
|
||||
- name: Enable ceph yum repository
|
||||
yum_repository:
|
||||
name: ceph
|
||||
description: Ceph main Repository
|
||||
baseurl: "{{ ceph_yum_baseurl }}"
|
||||
gpgcheck: "{{ ceph_yum_gpgcheck | bool }}"
|
||||
gpgkey: "{{ ceph_yum_gpgkey }}"
|
||||
become: True
|
||||
|
||||
- name: Enable epel yum repository
|
||||
package:
|
||||
name: "{{ epel_yum_package }}"
|
||||
state: present
|
||||
become: True
|
||||
|
||||
- name: Install ceph rpm gpg key
|
||||
rpm_key:
|
||||
state: present
|
||||
key: "{{ ceph_yum_gpgkey }}"
|
||||
become: True
|
||||
when:
|
||||
- ceph_yum_gpgcheck | bool
|
||||
|
||||
- name: Install RPM packages
|
||||
package:
|
||||
name: "{{ ceph_yum_package }}"
|
||||
state: present
|
||||
enablerepo: epel
|
||||
become: True
|
||||
when: ansible_facts.os_family == 'RedHat'
|
@ -169,6 +169,7 @@ zun_compute_default_volumes:
|
||||
- "/lib/modules:/lib/modules:ro"
|
||||
- "/dev:/dev"
|
||||
- "{% if enable_iscsid | bool %}iscsi_info:/etc/iscsi{% endif %}"
|
||||
- "{% if zun_configure_for_cinder_ceph | bool %}/var/lib/zun:/var/lib/zun:shared{% endif %}"
|
||||
zun_cni_daemon_default_volumes:
|
||||
- "{{ node_config_directory }}/zun-cni-daemon/:{{ container_config_directory }}/:ro"
|
||||
- "/etc/localtime:/etc/localtime:ro"
|
||||
|
@ -12,6 +12,11 @@
|
||||
- item.value.enabled | bool
|
||||
with_dict: "{{ zun_services }}"
|
||||
|
||||
- include_tasks: external_ceph.yml
|
||||
when:
|
||||
- zun_configure_for_cinder_ceph | bool
|
||||
- inventory_hostname in groups['zun-compute']
|
||||
|
||||
- name: Check if policies shall be overwritten
|
||||
stat:
|
||||
path: "{{ item }}"
|
||||
|
27
ansible/roles/zun/tasks/external_ceph.yml
Normal file
27
ansible/roles/zun/tasks/external_ceph.yml
Normal file
@ -0,0 +1,27 @@
|
||||
---
|
||||
- name: Copying over ceph.conf for Zun
|
||||
copy:
|
||||
src: "{{ node_custom_config }}/zun/zun-compute/ceph.conf"
|
||||
dest: "{{ node_config_directory }}/zun-compute/"
|
||||
mode: "0660"
|
||||
become: true
|
||||
notify:
|
||||
- Restart zun-compute container
|
||||
|
||||
- name: Copy over Ceph keyring files for zun-compute
|
||||
copy:
|
||||
src: "{{ node_custom_config }}/zun/zun-compute/{{ ceph_cinder_keyring }}"
|
||||
dest: "{{ node_config_directory }}/zun-compute/"
|
||||
mode: "0660"
|
||||
become: true
|
||||
when: external_ceph_cephx_enabled | bool
|
||||
notify:
|
||||
- Restart zun-compute container
|
||||
|
||||
- name: Ensuring config directory has correct owner and permission
|
||||
become: true
|
||||
file:
|
||||
path: "{{ node_config_directory }}/zun-compute"
|
||||
recurse: yes
|
||||
owner: "{{ config_owner_user }}"
|
||||
group: "{{ config_owner_group }}"
|
@ -6,6 +6,20 @@
|
||||
"dest": "/etc/zun/zun.conf",
|
||||
"owner": "zun",
|
||||
"perm": "0600"
|
||||
},
|
||||
{
|
||||
"source": "{{ container_config_directory }}/{{ ceph_cinder_keyring }}",
|
||||
"dest": "/etc/ceph/{{ ceph_cinder_keyring }}",
|
||||
"owner": "zun",
|
||||
"perm": "0600",
|
||||
"optional": {{ (not zun_configure_for_cinder_ceph | bool) | string | lower }}
|
||||
},
|
||||
{
|
||||
"source": "{{ container_config_directory }}/ceph.conf",
|
||||
"dest": "/etc/ceph/ceph.conf",
|
||||
"owner": "zun",
|
||||
"perm": "0600",
|
||||
"optional": {{ (not zun_configure_for_cinder_ceph | bool) | string | lower }}
|
||||
}{% if zun_policy_file is defined %},
|
||||
{
|
||||
"source": "{{ container_config_directory }}/{{ zun_policy_file }}",
|
||||
@ -19,6 +33,10 @@
|
||||
"path": "/var/log/kolla/zun",
|
||||
"owner": "zun:kolla",
|
||||
"recurse": true
|
||||
}
|
||||
}{% if zun_configure_for_cinder_ceph | bool %},
|
||||
{
|
||||
"path": "/var/lib/zun",
|
||||
"owner": "zun:kolla"
|
||||
}{% endif %}
|
||||
]
|
||||
}
|
||||
|
@ -138,6 +138,23 @@ Nova must also be configured to allow access to Cinder volumes:
|
||||
|
||||
* ``/etc/kolla/config/nova/<ceph_cinder_keyring>``
|
||||
|
||||
If ``zun`` is enabled, and you wish to use cinder volumes with zun,
|
||||
it must also be configured to allow access to Cinder volumes:
|
||||
|
||||
#. Enable Cinder Ceph backend for Zun in ``globals.yml``:
|
||||
|
||||
.. code-block:: yaml
|
||||
|
||||
zun_configure_for_cinder_ceph: "yes"
|
||||
|
||||
#. Copy Ceph configuration file to:
|
||||
* ``/etc/kolla/config/zun/zun-compute/ceph.conf``
|
||||
|
||||
#. Copy Ceph keyring file(s) to:
|
||||
|
||||
* ``/etc/kolla/config/zun/zun-compute/<ceph_cinder_keyring>``
|
||||
|
||||
|
||||
Nova
|
||||
----
|
||||
|
||||
@ -303,3 +320,13 @@ HTTPS (443) port will be used. For example:
|
||||
|
||||
The HAProxy frontend port is defined via ``ceph_rgw_port``, and defaults to
|
||||
6780.
|
||||
|
||||
Cephadm and Ceph Client Version
|
||||
===============================
|
||||
When configuring Zun with Cinder volumes, kolla-ansible installs some
|
||||
Ceph client packages on zun-compute hosts. You can set the version
|
||||
of the Ceph packages installed by,
|
||||
|
||||
#. Configuring Ceph version details in ``/etc/kolla/globals.yml``:
|
||||
|
||||
* ``ceph_version`` (default: ``pacific``)
|
||||
|
7
releasenotes/notes/bug-1848934-878a08b490856a53.yaml
Normal file
7
releasenotes/notes/bug-1848934-878a08b490856a53.yaml
Normal file
@ -0,0 +1,7 @@
|
||||
---
|
||||
fixes:
|
||||
- |
|
||||
Fixes deploy Zun with Cinder Ceph support.
|
||||
Adds support for zun to access cinder volumes
|
||||
when external ceph is configured for cinder.
|
||||
`LP#1848934 <https://launchpad.net/bugs/1848934>`__
|
Loading…
x
Reference in New Issue
Block a user