Add ansible-lint job
Sem-Ver: feature
Change-Id: I58c32382b8122c8e56e71c601c64dad411dbb687
diff --git a/roles/ceph_mon/tasks/bootstrap-ceph.yml b/roles/ceph_mon/tasks/bootstrap-ceph.yml
index 15c81cc..19ab74a 100644
--- a/roles/ceph_mon/tasks/bootstrap-ceph.yml
+++ b/roles/ceph_mon/tasks/bootstrap-ceph.yml
@@ -12,45 +12,68 @@
# License for the specific language governing permissions and limitations
# under the License.
+# TODO(mnaser): Move to using vexxhost.atmosphere.ceph_key
- name: create monitor keyring
- ansible.builtin.shell: |
- ceph-authtool --create-keyring /tmp/ceph.mon.keyring --gen-key -n mon. --cap mon 'allow *'
+ ansible.builtin.command:
+ ceph-authtool --gen-key --create-keyring
+ --name mon.
+ --cap mon 'allow *'
+ /tmp/ceph.mon.keyring
args:
creates: /tmp/ceph.mon.keyring
when:
- inventory_hostname == groups[ceph_mon_group][0]
+# TODO(mnaser): Move to using vexxhost.atmosphere.ceph_key
- name: create admin keyring
- ansible.builtin.shell: |
- ceph-authtool --create-keyring /etc/ceph/ceph.client.admin.keyring --gen-key -n client.admin --cap mon 'allow *' --cap osd 'allow *' --cap mds 'allow *' --cap mgr 'allow *'
+ ansible.builtin.command:
+ ceph-authtool --gen-key --create-keyring
+ --name client.admin
+ --cap mon 'allow *'
+ --cap osd 'allow *'
+ --cap mds 'allow *'
+ --cap mgr 'allow *'
+ /etc/ceph/ceph.client.admin.keyring
args:
creates: /etc/ceph/ceph.client.admin.keyring
when:
- inventory_hostname == groups[ceph_mon_group][0]
+# TODO(mnaser): Move to using vexxhost.atmosphere.ceph_key
- name: create bootstrap-osd keyring
- ansible.builtin.shell: |
- ceph-authtool --create-keyring /var/lib/ceph/bootstrap-osd/ceph.keyring --gen-key -n client.bootstrap-osd --cap mon 'profile bootstrap-osd' --cap mgr 'allow r'
+ ansible.builtin.command:
+ ceph-authtool --gen-key --create-keyring
+ --name client.bootstrap-osd
+ --cap mon 'profile bootstrap-osd'
+ --cap mgr 'allow r'
+ /var/lib/ceph/bootstrap-osd/ceph.keyring
args:
creates: /var/lib/ceph/bootstrap-osd/ceph.keyring
when:
- inventory_hostname == groups[ceph_mon_group][0]
+# TODO(mnaser): Move to using vexxhost.atmosphere.ceph_key
- name: add admin keyring to monitor
- ansible.builtin.shell: |
- ceph-authtool /tmp/ceph.mon.keyring --import-keyring /etc/ceph/ceph.client.admin.keyring
+ ansible.builtin.command:
+ ceph-authtool --import-keyring /etc/ceph/ceph.client.admin.keyring
+ /tmp/ceph.mon.keyring
when:
- inventory_hostname == groups[ceph_mon_group][0]
+# TODO(mnaser): Move to using vexxhost.atmosphere.ceph_key
- name: add bootstrap-osd keyring to monitor
- ansible.builtin.shell: |
- ceph-authtool /tmp/ceph.mon.keyring --import-keyring /var/lib/ceph/bootstrap-osd/ceph.keyring
+ ansible.builtin.command:
+ ceph-authtool --import-keyring /var/lib/ceph/bootstrap-osd/ceph.keyring
+ /tmp/ceph.mon.keyring
when:
- inventory_hostname == groups[ceph_mon_group][0]
- name: create monmap
- ansible.builtin.shell: |
- monmaptool --create --add {{ inventory_hostname_short }} {{ ceph_mon_ip_address }} --fsid {{ ceph_mon_fsid }} /tmp/monmap
+ ansible.builtin.command:
+ monmaptool --create
+ --fsid {{ ceph_mon_fsid }}
+ --add {{ inventory_hostname_short }} {{ ceph_mon_ip_address }}
+ /tmp/monmap
args:
creates: /tmp/monmap
when:
@@ -60,6 +83,9 @@
ansible.builtin.file:
path: "/var/lib/ceph/mon/ceph-{{ inventory_hostname_short }}"
state: directory
+ owner: ceph
+ group: ceph
+ mode: 0700
when:
- inventory_hostname == groups[ceph_mon_group][0]
@@ -69,6 +95,9 @@
section: global
option: mon initial members
value: "{{ inventory_hostname_short }}"
+ owner: ceph
+ group: ceph
+ mode: 0640
- name: start monitor
ansible.builtin.include_tasks: start-monitor.yml
diff --git a/roles/ceph_mon/tasks/main.yml b/roles/ceph_mon/tasks/main.yml
index d4117a0..c6d64b5 100644
--- a/roles/ceph_mon/tasks/main.yml
+++ b/roles/ceph_mon/tasks/main.yml
@@ -18,7 +18,7 @@
install_recommends: false
- name: set ceph monitor ip address
- set_fact:
+ ansible.builtin.set_fact:
ceph_mon_ip_address: "{{ ansible_default_ipv4.address }}"
- name: generate basic configuration file
@@ -27,6 +27,9 @@
section: global
option: "{{ item.option }}"
value: "{{ item.value }}"
+ owner: ceph
+ group: ceph
+ mode: 0640
loop:
- option: fsid
value: "{{ ceph_mon_fsid }}"
@@ -70,12 +73,12 @@
when: inventory_hostname != _ceph_mon_bootstrap_node
- name: get monitor keyring
- ansible.builtin.shell: ceph auth get mon. -o /tmp/ceph.mon.keyring
+ ansible.builtin.command: ceph auth get mon. -o /tmp/ceph.mon.keyring
changed_when: false
when: inventory_hostname != _ceph_mon_bootstrap_node
- name: get monmap keyring
- ansible.builtin.shell: ceph mon getmap -o /tmp/monmap
+ ansible.builtin.command: ceph mon getmap -o /tmp/monmap
changed_when: false
when: inventory_hostname != _ceph_mon_bootstrap_node
@@ -84,6 +87,6 @@
when: inventory_hostname != _ceph_mon_bootstrap_node
- name: enable msgr2
- ansible.builtin.shell: ceph mon enable-msgr2
+ ansible.builtin.command: ceph mon enable-msgr2
changed_when: false
when: inventory_hostname == _ceph_mon_bootstrap_node
diff --git a/roles/ceph_mon/tasks/start-monitor.yml b/roles/ceph_mon/tasks/start-monitor.yml
index c25b9da..d2f46a0 100644
--- a/roles/ceph_mon/tasks/start-monitor.yml
+++ b/roles/ceph_mon/tasks/start-monitor.yml
@@ -23,7 +23,7 @@
path: "/var/lib/ceph/mon/ceph-{{ inventory_hostname_short }}"
owner: ceph
group: ceph
- recurse: yes
+ recurse: true
# NOTE(mnaser): https://bugs.launchpad.net/ubuntu/+source/ceph/+bug/1917414/comments/30
- name: workaround for aarch64 systems
@@ -32,6 +32,9 @@
section: Service
option: MemoryDenyWriteExecute
value: false
+ owner: ceph
+ group: ceph
+ mode: 0644
register: _ceph_aarch64_fix
when: ansible_architecture == 'aarch64'
@@ -39,5 +42,5 @@
ansible.builtin.service:
name: "ceph-mon@{{ inventory_hostname_short }}"
state: started
- enabled: yes
+ enabled: true
daemon_reload: "{{ _ceph_aarch64_fix.changed }}"