Skip to content

Generalize ceph.pp to allow multiple cephfs mounting #313

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
cmd-ntrf merged 12 commits into from
May 14, 2024
Merged

Generalize ceph.pp to allow multiple cephfs mounting #313

Changes from 9 commits
Commits
Show all changes
12 commits
Select commit Hold shift + click to select a range
4221fc9
Generalize ceph.pp to allow multiple cephfs mounting
cmd-ntrf Jan 25, 2024
5a5742a
Pass mon_host to profile::ceph::client::share
cmd-ntrf Jan 25, 2024
470149b
Add share_name
cmd-ntrf Jan 25, 2024
3ba25d5
Disable binds_fcontext_equivalence by default
cmd-ntrf Jan 25, 2024
668ec4f
Fix previous commit
cmd-ntrf Jan 25, 2024
c7923dc
Set binds_fcontext_equivalence optional
cmd-ntrf Jan 25, 2024
c71259f
Allow mount binds to be files instead of directories
mboisson Jan 25, 2024
ad6dc89
fix previous commit
mboisson Jan 25, 2024
0f04003
Merge pull request #314 from mboisson/patch-1
cmd-ntrf Jan 25, 2024
da95657
Replace Tuple by Struct for BindMount
cmd-ntrf Jan 26, 2024
f43b38a
Fix mon_host
cmd-ntrf Jan 26, 2024
551e5fc
Fix bind_mounts name
cmd-ntrf Jan 26, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
135 changes: 69 additions & 66 deletions site/profile/manifests/ceph.pp
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,62 +1,31 @@
type CephFS = Struct[
{
'share_name' => String,
'access_key' => String,
'export_path' => String,
'mount_binds' => Optional[Array[Variant[Tuple[String, String], Tuple[String,String,String]]]],
'binds_fcontext_equivalence' => Optional[String],
}
]

class profile::ceph::client (
String $share_name,
String $access_key,
String $export_path,
Array[String] $mon_host,
Array[String] $mount_binds = [],
String $mount_name = 'cephfs01',
String $binds_fcontext_equivalence = '/home',
Hash[String, CephFS] $shares,
) {
class { 'profile::ceph::client::config':
share_name => $share_name,
access_key => $access_key,
export_path => $export_path,
mon_host => $mon_host,
}

file { "/mnt/${mount_name}":
ensure => directory,
}
require profile::ceph::client::install

$mon_host_string = join($mon_host, ',')
mount { "/mnt/${mount_name}":
ensure => 'mounted',
fstype => 'ceph',
device => "${mon_host_string}:${export_path}",
options => "name=${share_name},secretfile=/etc/ceph/client.keyonly.${share_name}",
require => Class['profile::ceph::client::config'],
}

$mount_binds.each |$mount| {
file { "/mnt/${mount_name}/${mount}":
ensure => directory,
require => Class['profile::ceph::client::config'],
}
file { "/${mount}":
ensure => directory,
require => Class['profile::ceph::client::config'],
}
mount { "/${mount}":
ensure => 'mounted',
fstype => 'none',
options => 'rw,bind',
device => "/mnt/${mount_name}/${mount}",
require => [
File["/mnt/${mount_name}/${mount}"],
File["/${mount}"],
],
}
$ceph_conf = @("EOT")
[client]
client quota = true
mon host = ${mon_host_string}
| EOT

if ($binds_fcontext_equivalence != '' and "/${mount}" != $binds_fcontext_equivalence) {
selinux::fcontext::equivalence { "/${mount}":
ensure => 'present',
target => $binds_fcontext_equivalence,
require => Mount["/${mount}"],
notify => Selinux::Exec_restorecon["/${mount}"],
}
selinux::exec_restorecon { "/${mount}": }
}
file { '/etc/ceph/ceph.conf':
content => $ceph_conf,
}

ensure_resources(profile::ceph::client::share, $shares, { 'mon_host' => $mon_host, 'mount_binds' => [] })
}

class profile::ceph::client::install {
Expand Down Expand Up @@ -90,41 +59,75 @@
}
}

class profile::ceph::client::config (
define profile::ceph::client::share (
String $share_name,
Array[String] $mon_host,
String $access_key,
String $export_path,
Array[String] $mon_host,
Array[Variant[Tuple[String, String], Tuple[String,String,String]]] $mount_binds,
Optional[String] $binds_fcontext_equivalence = undef,
) {
require profile::ceph::client::install

$client_fullkey = @("EOT")
[client.${share_name}]
[client.${name}]
key = ${access_key}
| EOT

file { "/etc/ceph/client.fullkey.${share_name}":
file { "/etc/ceph/client.fullkey.${name}":
content => $client_fullkey,
mode => '0600',
owner => 'root',
group => 'root',
}

file { "/etc/ceph/client.keyonly.${share_name}":
file { "/etc/ceph/client.keyonly.${name}":
content => Sensitive($access_key),
mode => '0600',
owner => 'root',
group => 'root',
}
file { "/mnt/${name}":
ensure => directory,
}

$mon_host_string = join($mon_host, ',')
$ceph_conf = @("EOT")
[client]
client quota = true
mon host = ${mon_host_string}
| EOT
mount { "/mnt/${name}":
ensure => 'mounted',
fstype => 'ceph',
device => "${mon_host_string}:${export_path}",
options => "name=${share_name},secretfile=/etc/ceph/client.keyonly.${name}",
require => File['/etc/ceph/ceph.conf'],
}

file { '/etc/ceph/ceph.conf':
content => $ceph_conf,
$mount_binds.each |$tuple| {
$src = $tuple[0]
$dst = $tuple[1]
if length($tuple) > 2 {
$mount_type = $tuple[2]
}
else {
$mount_type = directory
}

file { "/${dst}":
ensure => $mount_type,
}
mount { "/${dst}":
ensure => 'mounted',
fstype => 'none',
options => 'rw,bind',
device => "/mnt/${name}/${src}",
require => [
File["/${dst}"],
Mount["/mnt/${name}"]
],
}

if ($binds_fcontext_equivalence and $binds_fcontext_equivalence != "/${dst}") {
selinux::fcontext::equivalence { "/${dst}":
ensure => 'present',
target => $binds_fcontext_equivalence,
require => Mount["/${dst}"],
}
}
}
}