diff --git a/README.md b/README.md index 1e2523a..5b71ed7 100644 --- a/README.md +++ b/README.md @@ -19,6 +19,7 @@ Roles: * [exit_maintenance](roles/exit_maintenance/README.md) for removing hosts from maintenance * [keys](roles/keys/README.md) for defining auth keys * [pools](roles/pools/README.md) for defining pools +* [service_spec](roles/service_spec/README.md) for arbitrary service definition ## Using this collection diff --git a/roles/service_spec/README.md b/roles/service_spec/README.md new file mode 100644 index 0000000..27aaa19 --- /dev/null +++ b/roles/service_spec/README.md @@ -0,0 +1,76 @@ +# service_spec + +This role creates and updates arbitrary service specifications. +It is recommended to be used only where a more specific role does not yet +exist. + +## Prerequisites + +### Host prerequisites + +* The role assumes target hosts connection over SSH with user that has passwordless sudo configured. +* Either direct Internet access or private registry with desired Ceph image accessible to all hosts is required. + +### Inventory + +This role assumes the existence of the following groups: + +* `mons` + +All Ceph hosts must be in the `ceph` group. + +This role is executed on `cephadm_bootstrap_host`. This defaults to the +first member of the mon group. + +## Role variables + +* `cephadm_service_spec`: Service spec to apply in YAML (recommended) or dict + format. + Example: + ``` + cephadm_service_spec: | + service_type: nfs + service_id: cephnfs + placement: + count: 1 + hosts: + - host1 + - host2 + - host3 + spec: + port: 2049 + enable_haproxy_protocol: true + --- + service_type: container + service_id: foo + placement: + hosts: + - host1 + - host2 + - host3 + spec: + image: docker.io/library/foo:latest + entrypoint: /usr/bin/foo + uid: 1000 + gid: 1000 + args: + - "--net=host" + - "--cpus=2" + ports: + - 8080 + - 8443 + envs: + - PORT=8080 + - PUID=1000 + - PGID=1000 + volume_mounts: + CONFIG_DIR: /etc/foo + bind_mounts: + - ['type=bind', 'source=lib/modules', 'destination=/lib/modules', 'ro=true'] + dirs: + - CONFIG_DIR + files: + CONFIG_DIR/foo.conf: + - refresh=true + - username=xyz + - "port: 1234" diff --git a/roles/service_spec/defaults/main.yml b/roles/service_spec/defaults/main.yml new file mode 100644 index 0000000..eda6684 --- /dev/null +++ b/roles/service_spec/defaults/main.yml @@ -0,0 +1,2 @@ +cephadm_bootstrap_host: "{{ groups['mons'][0] }}" +cephadm_service_spec: [] diff --git a/roles/service_spec/tasks/main.yml b/roles/service_spec/tasks/main.yml new file mode 100644 index 0000000..07ff88f --- /dev/null +++ b/roles/service_spec/tasks/main.yml @@ -0,0 +1,30 @@ +--- +- name: Get cluster fsid + command: + cmd: "cephadm shell -- ceph fsid" + when: cephadm_fsid | length == 0 + become: true + register: cephadm_fsid_current + changed_when: false + +- name: Template out service_spec.yml + vars: + fsid: "{{ cephadm_fsid if cephadm_fsid | length > 0 else cephadm_fsid_current.stdout }}" + copy: + content: "{{ cephadm_service_spec | to_nice_yaml if cephadm_service_spec is mapping else cephadm_service_spec }}" + dest: "/var/run/ceph/{{ fsid }}/service_spec.yml" + owner: root + group: root + mode: "0644" + become: true + +- name: Apply service spec + command: + cmd: > + cephadm shell -- + ceph orch apply -i /var/run/ceph/service_spec.yml + become: true + changed_when: true + when: + - cephadm_service_spec | length > 0 + - inventory_hostname == cephadm_bootstrap_host