Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Configure Manila with a Storage NFS network #2273

Closed
wants to merge 1 commit into from
Closed
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
48 changes: 48 additions & 0 deletions hooks/playbooks/manila_create_default_resources.yml
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,55 @@
extra_specs:
snapshot_support: "True"
create_share_from_snapshot_support: "True"
manila_provider_network_name: storage
manila_provider_network_vlan: "21"
manila_provider_network_start: 172.18.0.150
manila_provider_network_end: 172.18.0.200
manila_provider_network_range: 172.18.0.0/24
tasks:
- name: Override manila_provider_network_ if cifmw_cephadm_nfs_network is set
when:
- cifmw_cephadm_nfs_network is defined
- cifmw_cephadm_nfs_network == "172.21.0.0/24"
ansible.builtin.set_fact:
manila_provider_network_name: nfs
manila_provider_network_vlan: "24"
manila_provider_network_start: 172.21.0.150
manila_provider_network_end: 172.21.0.200
manila_provider_network_range: 172.21.0.0/24

- name: Check if Manila provider network was already created
when:
- manila_provider_network_name | length > 0
environment:
KUBECONFIG: "{{ cifmw_openshift_kubeconfig }}"
PATH: "{{ cifmw_path }}"
ansible.builtin.command: |
oc -n {{ namespace }} exec -it pod/openstackclient \
-- openstack network show {{ manila_provider_network_name }}
register: _existing_provider_network
ignore_errors: true

- name: Create Manila provider network with Neutron for instance to access Manila
when:
fultonj marked this conversation as resolved.
Show resolved Hide resolved
- _existing_provider_network.rc | int > 0
- manila_provider_network_name | length > 0
- (manila_provider_network_vlan | string) | length > 0
- manila_provider_network_start | length > 0
- manila_provider_network_end | length > 0
- manila_provider_network_range | length > 0
register: _manila_provider_network_creation
failed_when: >-
( _manila_provider_network_creation.rc | int ) != 0
environment:
KUBECONFIG: "{{ cifmw_openshift_kubeconfig }}"
PATH: "{{ cifmw_path }}"
loop:
- "openstack network create {{ manila_provider_network_name }} --share --provider-network-type vlan --provider-physical-network datacentre --provider-segment {{ manila_provider_network_vlan }}"
- "openstack subnet create --allocation-pool start={{ manila_provider_network_start }},end={{ manila_provider_network_end }} --dhcp --network {{ manila_provider_network_name }} --subnet-range {{ manila_provider_network_range }} --gateway none {{ manila_provider_network_name }}-subnet"
ansible.builtin.command: |
oc -n {{ namespace }} exec -it pod/openstackclient -- {{ item }}

- name: Create share type default for manila tempest plugin tests
environment:
KUBECONFIG: "{{ cifmw_openshift_kubeconfig }}"
Expand Down
71 changes: 50 additions & 21 deletions playbooks/ceph.yml
Original file line number Diff line number Diff line change
Expand Up @@ -344,36 +344,67 @@
# public network always exist because is provided by the ceph_spec role
- name: Get Storage network range
ansible.builtin.set_fact:
cifmw_cephadm_rgw_network: "{{ lookup('ansible.builtin.ini', 'public_network section=global file=' ~ cifmw_cephadm_bootstrap_conf) }}"
cifmw_cephadm_storage_network: "{{ lookup('ansible.builtin.ini', 'public_network section=global file=' ~ cifmw_cephadm_bootstrap_conf) }}"

- name: Set IP address of first monitor
ansible.builtin.set_fact:
cifmw_cephadm_first_mon_ip: "{{ hostvars[this_host][all_addresses] | ansible.utils.ipaddr(cifmw_cephadm_rgw_network) | first }}"
cifmw_cephadm_first_mon_ip: "{{ hostvars[this_host][all_addresses] | ansible.utils.ipaddr(cifmw_cephadm_storage_network) | first }}"
vars:
this_host: "{{ _target_hosts | first }}"

- name: Assert if any EDPM nodes n/w interface is missing in storage network
ansible.builtin.assert:
that:
- hostvars[item][all_addresses] | ansible.utils.ipaddr(cifmw_cephadm_rgw_network) | length > 0
fail_msg: "node {{ item }} doesn't have any interface connected to network {{ cifmw_cephadm_rgw_network }}"
- hostvars[item][all_addresses] | ansible.utils.ipaddr(cifmw_cephadm_storage_network) | length > 0
fail_msg: "node {{ item }} doesn't have any interface connected to network {{ cifmw_cephadm_storage_network }}"
loop: "{{ _target_hosts }}"

- name: Get already assigned IP addresses
ansible.builtin.set_fact:
ips: "{{ ips | default([]) + [ hostvars[item][all_addresses] | ansible.utils.ipaddr(cifmw_cephadm_rgw_network) | first ] }}"
loop: "{{ _target_hosts }}"
- name: Set NFS Network Properties
when:
- cifmw_ceph_daemons_layout.ceph_nfs_enabled | default(false) | bool
block:
- name: Set NFS network range to storage network only if it was not provided
ansible.builtin.set_fact:
cifmw_cephadm_nfs_network: "{{ cifmw_cephadm_storage_network }}"
when:
- cifmw_cephadm_nfs_network is not defined or
cifmw_cephadm_nfs_network | length == 0

- name: Assert if any EDPM nodes n/w interface is missing in NFS network
ansible.builtin.assert:
that:
- hostvars[item][all_addresses] | ansible.utils.ipaddr(cifmw_cephadm_nfs_network) | length > 0
fail_msg: "node {{ item }} doesn't have any interface connected to network {{ cifmw_cephadm_nfs_network }}"
loop: "{{ _target_hosts }}"
when:
- cifmw_cephadm_nfs_network != cifmw_cephadm_storage_network

# cifmw_cephadm_vip is the VIP reserved in the Storage network
- name: Set VIP var as empty string
ansible.builtin.set_fact:
cifmw_cephadm_vip: ""
- name: Get already assigned NFS IP addresses
ansible.builtin.set_fact:
ips: "{{ ips | default([]) + [ hostvars[item][all_addresses] | ansible.utils.ipaddr(cifmw_cephadm_nfs_network) | first ] }}"
loop: "{{ _target_hosts }}"

- name: Process VIP
ansible.builtin.include_role:
name: cifmw_cephadm
tasks_from: check_vip
loop: "{{ range(1, (ips | length) + 1) | list }}"
- name: Set VIP var as empty string
ansible.builtin.set_fact:
cifmw_cephadm_vip: ""
when:
- cifmw_cephadm_nfs_vip is undefined

- name: Get NFS VIP
ansible.builtin.include_role:
name: cifmw_cephadm
tasks_from: check_vip
loop: "{{ range(1, (ips | length) + 1) | list }}"
vars:
cifmw_cephadm_vip_network: "{{ cifmw_cephadm_nfs_network | default(storage_network_range, true) | default(ssh_network_range, true) }}"
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I assume that by default we pass cifmw_cephadm_vip_network in our jobs to point to the NFS network instead of storage network, right?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

yes, something like this.

cifmw_cephadm_nfs_network: 172.21.0.0/24

# override variables in hooks/playbooks/manila_create_default_resources.yml
manila_provider_network_name: nfs
manila_provider_network_vlan: 24
manila_provider_network_start: 172.21.0.150
manila_provider_network_end: 172.21.0.200
manila_provider_network_range: 172.21.0.0/24

# Attach test pod to nfs network (Kind: Tempest spec/networkAttachments: [nfs])
cifmw_test_operator_tempest_network_attachments:
  - ctlplane
  - nfs

when:
- cifmw_cephadm_nfs_vip is undefined

- name: Set NFS VIP
ansible.builtin.set_fact:
cifmw_cephadm_nfs_vip: "{{ cifmw_cephadm_vip }}"
when:
- cifmw_cephadm_nfs_vip is undefined

tasks:
- name: Satisfy Ceph prerequisites
Expand Down Expand Up @@ -407,8 +438,9 @@
name: cifmw_cephadm
tasks_from: rgw
vars:
# cifmw_cephadm_vip is computed or passed as an override via -e @extra.yml
# cifmw_cephadm_vip may be passed as an override via -e @extra.yml
cifmw_cephadm_rgw_vip: "{{ cifmw_cephadm_vip }}"
cifmw_cephadm_rgw_network: "{{ lookup('ansible.builtin.ini', 'public_network section=global file=' ~ cifmw_cephadm_bootstrap_conf) }}"

- name: Configure Monitoring Stack
when: cifmw_ceph_daemons_layout.dashboard_enabled | default(false) | bool
Expand All @@ -432,9 +464,6 @@
ansible.builtin.import_role:
name: cifmw_cephadm
tasks_from: cephnfs
vars:
# we reuse the same VIP reserved for rgw
cifmw_cephadm_nfs_vip: "{{ cifmw_cephadm_vip }}/{{ cidr }}"

- name: Create Cephx Keys for OpenStack
ansible.builtin.import_role:
Expand Down
10 changes: 4 additions & 6 deletions roles/cifmw_cephadm/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -77,18 +77,16 @@ need to be changed for a typical EDPM deployment.
is gathered from the `cifmw_cephadm_bootstrap_conf` file, which represents
the initial Ceph configuration file passed at bootstrap time.

* `cifmw_cephadm_rgw_network`: the Ceph `public_network` where the `radosgw`
instances should be bound. The network range is gathered from the
`cifmw_cephadm_bootstrap_conf` file, which represents the initial Ceph
configuration file passed at bootstrap time.
* `cifmw_cephadm_nfs_network`: The network for NFS `ganesha`. If this
value is not passed then the Ceph `public_network` which represents
the initial Ceph configuration file passed at bootstrap time.

* `cifmw_cephadm_rgw_vip`: the ingress daemon deployed along with `radosgw`
requires a `VIP` that will be owned by `keepalived`. This IP address will
be used as entry point to reach the `radosgw backends` through `haproxy`.

* `cifmw_cephadm_nfs_vip`: the ingress daemon deployed along with the `nfs`
cluster requires a `VIP` that will be owned by `keepalived`. This IP
address is the same used for rgw unless an override is passed, and it's
cluster requires a `VIP` that will be owned by `keepalived`. This IP is
used as entry point to reach the `ganesha backends` through an `haproxy`
instance where proxy-protocol is enabled.

Expand Down
2 changes: 1 addition & 1 deletion roles/cifmw_cephadm/tasks/check_vip.yml
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@

- name: Get an IP address from the Storage network
ansible.builtin.set_fact:
cur_ip: "{{ cifmw_cephadm_rgw_network | ansible.utils.next_nth_usable(count) }}"
cur_ip: "{{ cifmw_cephadm_vip_network | ansible.utils.next_nth_usable(count) }}"

- name: Reserve VIP if the address is available
ansible.builtin.set_fact:
Expand Down
24 changes: 24 additions & 0 deletions roles/cifmw_cephadm/tasks/rgw.yml
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,30 @@
_hosts: "{{ _hosts|default([]) + [ item ] }}"
loop: "{{ groups[cifmw_ceph_target | default('computes')] | default([]) }}"

- name: Ensure cifmw_cephadm_rgw_vip is set
when:
- cifmw_cephadm_rgw_vip is undefined or cifmw_cephadm_rgw_vip | length == 0
block:
- name: Set VIP var as empty string
ansible.builtin.set_fact:
cifmw_cephadm_vip: ""

- name: Get already assigned RGW IP addresses
ansible.builtin.set_fact:
ips: "{{ ips | default([]) + [ hostvars[item][all_addresses] | ansible.utils.ipaddr(cifmw_cephadm_rgw_network) | first ] }}"
loop: "{{ _target_hosts }}"

- name: Compute RGW VIP
ansible.builtin.include_tasks:
file: check_vip.yml
loop: "{{ range(1, (ips | length) + 1) | list }}"
vars:
cifmw_cephadm_vip_network: "{{ cifmw_cephadm_rgw_network }}"

- name: Set RGW VIP
ansible.builtin.set_fact:
cifmw_cephadm_rgw_vip: "{{ cifmw_cephadm_vip }}"

- name: Create certificate and DNS for RGW if certificate paths are set
when:
- cifmw_cephadm_certificate | length > 0
Expand Down
Loading