From 6bfc6d4f3ac15269830b820e3a3223c0b506ca2a Mon Sep 17 00:00:00 2001 From: wangwei Date: Wed, 4 Apr 2018 17:49:41 +0900 Subject: [PATCH] Add task to create volumes path in cephfs If using the cephfs native backend, when container start the manila-share process with the manila user, no permissions are prompted when creating the volume. One way to solve the problem is to create the volumes folder in advance in cephfs and modify the owner and group to 42429:42429, which is manila's uid and gid. Change-Id: I1ad63e1c4698ec8ee83461aafefa63041cfeb387 Closes-Bug: #1761108 --- ansible/roles/manila/tasks/deploy.yml | 7 +++ .../roles/manila/tasks/fix_cephfs_owner.yml | 62 +++++++++++++++++++ 2 files changed, 69 insertions(+) create mode 100644 ansible/roles/manila/tasks/fix_cephfs_owner.yml diff --git a/ansible/roles/manila/tasks/deploy.yml b/ansible/roles/manila/tasks/deploy.yml index cb21c0812a..1ac2dcda74 100644 --- a/ansible/roles/manila/tasks/deploy.yml +++ b/ansible/roles/manila/tasks/deploy.yml @@ -28,3 +28,10 @@ - name: Flush handlers meta: flush_handlers + +- include: fix_cephfs_owner.yml + when: + - enable_ceph | bool + - enable_ceph_mds | bool + - enable_manila_backend_cephfs_native | bool + - inventory_hostname in groups['manila-share'] diff --git a/ansible/roles/manila/tasks/fix_cephfs_owner.yml b/ansible/roles/manila/tasks/fix_cephfs_owner.yml new file mode 100644 index 0000000000..4c58c12bdc --- /dev/null +++ b/ansible/roles/manila/tasks/fix_cephfs_owner.yml @@ -0,0 +1,62 @@ +--- +- name: Check /tmp/cephfs path + command: "docker exec -u 0 manila_share ls /tmp/cephfs/" + register: check_cephfs + changed_when: False + failed_when: check_cephfs.rc != 0 and check_cephfs.stderr.find('No such file or directory') == -1 + run_once: True + +- name: Create /tmp/cephfs path + command: "docker exec -u 0 manila_share mkdir -p /tmp/cephfs" + run_once: True + when: check_cephfs.rc != 0 + +- name: Get cephfs addr + set_fact: cephfs_addr={% for host in groups['ceph-mon'] %}{{ hostvars[host]['ansible_' + hostvars[host]['storage_interface']]['ipv4']['address'] }}{% if loop.last %}:6789:/{% else %},{% endif %}{% endfor %} + run_once: True + +- name: Pulling cephx keyring for manila + command: docker exec ceph_mon ceph auth get-key client.manila + register: manila_keyring + delegate_to: "{{ groups['ceph-mon'][0] }}" + changed_when: False + run_once: True + +- name: Umount cephfs + command: "docker exec -u 0 manila_share umount /tmp/cephfs/" + register: umount_cephfs + changed_when: False + failed_when: False + run_once: True + +- name: Mount cephfs + command: "docker exec -u 0 manila_share mount -t ceph {{cephfs_addr}} /tmp/cephfs -o name=manila,secret={{ manila_keyring.stdout }}" + register: mount_cephfs + changed_when: False + run_once: True + +- name: Check volumes path + command: "docker exec -u 0 manila_share ls /tmp/cephfs/volumes" + register: check_volume + changed_when: False + failed_when: False + run_once: True + +- name: Create /tmp/cephfs/volumes path + command: "docker exec -u 0 manila_share mkdir /tmp/cephfs/volumes" + register: create_volume + run_once: True + when: check_volume.rc != 0 + +- name: Change the owner and group of /tmp/cephfs/volumes + command: "docker exec -u 0 manila_share chown manila:manila /tmp/cephfs/volumes" + register: chown_volume + run_once: True + when: check_volume.rc != 0 and create_volume.rc == 0 + +- name: Umount cephfs + command: "docker exec -u 0 manila_share umount /tmp/cephfs" + changed_when: False + register: umount_cephfs + run_once: True + when: mount_cephfs.rc == 0