{"id":306,"sha1":"760f4699475fd1be2b485783a9af5105bb24b374","playbook":{"id":3,"items":{"plays":37,"tasks":567,"results":554,"hosts":7,"files":221,"records":0},"arguments":{"version":null,"verbosity":0,"private_key_file":null,"remote_user":null,"connection":"openstack.osa.ssh","timeout":null,"ssh_common_args":null,"sftp_extra_args":null,"scp_extra_args":null,"ssh_extra_args":null,"ask_pass":false,"connection_password_file":null,"force_handlers":true,"flush_cache":false,"become":false,"become_method":"sudo","become_user":null,"become_ask_pass":false,"become_password_file":null,"tags":["all"],"skip_tags":[],"check":false,"diff":false,"inventory":["/home/zuul/src/opendev.org/openstack/openstack-ansible/inventory/dynamic_inventory.py","/home/zuul/src/opendev.org/openstack/openstack-ansible/inventory/inventory.ini","/etc/openstack_deploy/inventory.ini"],"listhosts":false,"subset":null,"extra_vars":"Not saved by ARA as configured by 'ignored_arguments'","vault_ids":[],"ask_vault_pass":false,"vault_password_files":[],"forks":4,"module_path":null,"syntax":false,"listtasks":false,"listtags":false,"step":false,"start_at_task":null,"args":["setup-infrastructure.yml"]},"labels":[{"id":1,"name":"check:False"},{"id":2,"name":"tags:all"}],"started":"2025-12-14T10:15:01.440414Z","ended":"2025-12-14T10:21:34.655502Z","duration":"00:06:33.215088","name":null,"ansible_version":"2.18.6","client_version":"1.7.4","python_version":"3.13.5","server_version":"1.7.4","status":"completed","path":"/home/zuul/src/opendev.org/openstack/openstack-ansible/playbooks/setup-infrastructure.yml","controller":"aio1.openstack.local","user":"root"},"content":"---\n# global/common requirement\n- name: Stop nfs server service\n  ansible.builtin.systemd:\n    name: \"{{ 'nfs-server' if ansible_facts['os_family'] == 'RedHat' else 'nfsserver' if ansible_facts['os_family'] == 'Suse' else 'nfs-kernel-server' if ansible_facts['os_family'] == 'Debian' }}\"\n    state: stopped\n    enabled: false\n  failed_when: false\n\n- name: Include pre_requisite_non_container.yml\n  ansible.builtin.include_tasks: pre_requisite_non_container.yml\n  when: not containerized_deployment | bool\n\n- name: Include pre_requisite_container.yml\n  ansible.builtin.include_tasks: pre_requisite_container.yml\n  when: containerized_deployment | bool\n\n- name: Set_fact _rgw_hostname\n  ansible.builtin.set_fact:\n    _rgw_hostname: \"{{ hostvars[inventory_hostname]['ansible_facts']['hostname'] }}\"\n\n- name: Set rgw parameter (log file)\n  ceph_config:\n    action: set\n    who: \"client.rgw.{{ _rgw_hostname }}\"\n    option: \"log file\"\n    value: \"/var/log/ceph/{{ cluster }}-rgw-{{ hostvars[inventory_hostname]['ansible_facts']['hostname'] }}.log\"\n  environment:\n    CEPH_CONTAINER_IMAGE: \"{{ ceph_docker_registry + '/' + ceph_docker_image + ':' + ceph_docker_image_tag if containerized_deployment | bool else None }}\"\n    CEPH_CONTAINER_BINARY: \"{{ container_binary }}\"\n  loop: \"{{ groups.get('nfss', []) }}\"\n\n- name: Include create_rgw_nfs_user.yml\n  ansible.builtin.import_tasks: create_rgw_nfs_user.yml\n  when: groups.get(mon_group_name, []) | length > 0\n\n- name: Install nfs-ganesha-selinux on RHEL 8\n  ansible.builtin.package:\n    name: nfs-ganesha-selinux\n    state: present\n  register: result\n  until: result is succeeded\n  when:\n    - not containerized_deployment | bool\n    - inventory_hostname in groups.get(nfs_group_name, [])\n    - ansible_facts['os_family'] == 'RedHat'\n    - ansible_facts['distribution_major_version'] == '8'\n\n# NOTE (leseb): workaround for issues with ganesha and librgw\n- name: Add ganesha_t to permissive domain\n  community.general.selinux_permissive:\n    name: ganesha_t\n    permissive: true\n  failed_when: false\n  when:\n    - not containerized_deployment | bool\n    - ansible_facts['os_family'] == 'RedHat'\n    - ansible_facts['selinux']['status'] == 'enabled'\n\n- name: Nfs with external ceph cluster task related\n  when:\n    - groups.get(mon_group_name, []) | length == 0\n    - ceph_nfs_ceph_user is defined\n  block:\n    - name: Create keyring directory\n      ansible.builtin.file:\n        path: \"/var/lib/ceph/radosgw/{{ cluster }}-rgw.{{ item }}\"\n        state: directory\n        owner: \"{{ ceph_uid if containerized_deployment | bool else 'ceph' }}\"\n        group: \"{{ ceph_uid if containerized_deployment | bool else 'ceph' }}\"\n        mode: \"0755\"\n      with_items:\n        - \"{{ ceph_nfs_ceph_user }}\"\n        - \"{{ ansible_facts['hostname'] }}\"\n\n    - name: Set_fact rgw_client_name\n      ansible.builtin.set_fact:\n        rgw_client_name: \"client.rgw.{{ ceph_nfs_ceph_user }}\"\n\n    - name: Get client cephx keys\n      ansible.builtin.copy:\n        dest: \"{{ item.1 }}\"\n        content: \"{{ item.0.content | b64decode }}\"\n        mode: \"{{ item.0.item.get('mode', '0600') }}\"\n        owner: \"{{ ceph_uid if containerized_deployment | bool else 'ceph' }}\"\n        group: \"{{ ceph_uid if containerized_deployment | bool else 'ceph' }}\"\n      with_nested:\n        - \"{{ hostvars[groups['_filtered_clients'][0]]['slurp_client_keys']['results'] | default([]) }}\"\n        - ['/var/lib/ceph/radosgw/{{ cluster }}-rgw.{{ ceph_nfs_ceph_user }}/keyring', \"/var/lib/ceph/radosgw/{{ cluster }}-rgw.{{ ansible_facts['hostname'] }}/keyring\"]\n      when:\n        - not item.0.get('skipped', False)\n        - item.0.item.name == 'client.' + ceph_nfs_ceph_user or item.0.item.name == rgw_client_name\n      no_log: \"{{ no_log_on_ceph_key_tasks }}\"\n\n- name: Include start_nfs.yml\n  ansible.builtin.import_tasks: start_nfs.yml\n","created":"2025-12-14T10:15:07.559773Z","updated":"2025-12-14T10:15:07.559784Z","path":"/etc/ansible/roles/ceph-ansible/roles/ceph-nfs/tasks/main.yml"}