{"id":698,"sha1":"786afb8266b52cfaf3008623cca06f453971376a","playbook":{"id":4,"items":{"plays":32,"tasks":1505,"results":1497,"hosts":12,"files":487,"records":0},"arguments":{"version":null,"verbosity":0,"private_key_file":null,"remote_user":null,"connection":"openstack.osa.ssh","timeout":null,"ssh_common_args":null,"sftp_extra_args":null,"scp_extra_args":null,"ssh_extra_args":null,"ask_pass":false,"connection_password_file":null,"force_handlers":true,"flush_cache":false,"become":false,"become_method":"sudo","become_user":null,"become_ask_pass":false,"become_password_file":null,"tags":["all"],"skip_tags":[],"check":false,"diff":false,"inventory":["/home/zuul/src/opendev.org/openstack/openstack-ansible/inventory/dynamic_inventory.py","/home/zuul/src/opendev.org/openstack/openstack-ansible/inventory/inventory.ini","/etc/openstack_deploy/inventory.ini"],"listhosts":false,"subset":null,"extra_vars":"Not saved by ARA as configured by 'ignored_arguments'","vault_ids":[],"ask_vault_pass":false,"vault_password_files":[],"forks":4,"module_path":null,"syntax":false,"listtasks":false,"listtags":false,"step":false,"start_at_task":null,"args":["setup-openstack.yml"]},"labels":[{"id":1,"name":"check:False"},{"id":2,"name":"tags:all"}],"started":"2025-12-08T13:57:07.871967Z","ended":"2025-12-08T14:21:54.049657Z","duration":"00:24:46.177690","name":null,"ansible_version":"2.18.6","client_version":"1.7.4","python_version":"3.12.11","server_version":"1.7.4","status":"failed","path":"/home/zuul/src/opendev.org/openstack/openstack-ansible/playbooks/setup-openstack.yml","controller":"aio1.openstack.local","user":"root"},"content":"---\n# You can override vars by using host or group vars\n\n###########\n# GENERAL #\n###########\n\n######################################\n# Releases name to number dictionary #\n######################################\nceph_release_num:\n  dumpling: 0.67\n  emperor: 0.72\n  firefly: 0.80\n  giant: 0.87\n  hammer: 0.94\n  infernalis: 9\n  jewel: 10\n  kraken: 11\n  luminous: 12\n  mimic: 13\n  nautilus: 14\n  octopus: 15\n  pacific: 16\n  quincy: 17\n  reef: 18\n  squid: 19\n  dev: 99\n\n\n# The 'cluster' variable determines the name of the cluster.\n# Changing the default value to something else means that you will\n# need to change all the command line calls as well, for example if\n# your cluster name is 'foo':\n# \"ceph health\" will become \"ceph --cluster foo health\"\n#\n# An easier way to handle this is to use the environment variable CEPH_ARGS\n# So run: \"export CEPH_ARGS=\"--cluster foo\"\n# With that you will be able to run \"ceph health\" normally\ncluster: ceph\n\n# Inventory host group variables\nmon_group_name: mons\nosd_group_name: osds\nrgw_group_name: rgws\nmds_group_name: mdss\nnfs_group_name: nfss\nrbdmirror_group_name: rbdmirrors\nclient_group_name: clients\nmgr_group_name: mgrs\nrgwloadbalancer_group_name: rgwloadbalancers\nmonitoring_group_name: monitoring\nadopt_label_group_names:\n  - \"{{ mon_group_name }}\"\n  - \"{{ osd_group_name }}\"\n  - \"{{ rgw_group_name }}\"\n  - \"{{ mds_group_name }}\"\n  - \"{{ nfs_group_name }}\"\n  - \"{{ rbdmirror_group_name }}\"\n  - \"{{ client_group_name }}\"\n  - \"{{ mgr_group_name }}\"\n  - \"{{ rgwloadbalancer_group_name }}\"\n  - \"{{ monitoring_group_name }}\"\n\n# If configure_firewall is true, then ansible will try to configure the\n# appropriate firewalling rules so that Ceph daemons can communicate\n# with each others.\nconfigure_firewall: true\n\n# Open ports on corresponding nodes if firewall is installed on it\nceph_mon_firewall_zone: public\nceph_mgr_firewall_zone: public\nceph_osd_firewall_zone: public\nceph_rgw_firewall_zone: public\nceph_mds_firewall_zone: public\nceph_nfs_firewall_zone: public\nceph_rbdmirror_firewall_zone: public\nceph_dashboard_firewall_zone: public\nceph_rgwloadbalancer_firewall_zone: public\n\n# cephadm account for remote connections\ncephadm_ssh_user: root\ncephadm_ssh_priv_key_path: \"/home/{{ cephadm_ssh_user }}/.ssh/id_rsa\"\ncephadm_ssh_pub_key_path: \"{{ cephadm_ssh_priv_key_path }}.pub\"\ncephadm_mgmt_network: \"{{ public_network }}\"\n\n############\n# PACKAGES #\n############\ndebian_package_dependencies: []\n\ncentos_package_dependencies:\n  - epel-release\n  - \"{{ (ansible_facts['distribution_major_version'] is version('8', '>=')) | ternary('python3-libselinux', 'libselinux-python') }}\"\n\nredhat_package_dependencies: []\n\nsuse_package_dependencies: []\n\n# Whether or not to install the ceph-test package.\nceph_test: false\n\n# Enable the ntp service by default to avoid clock skew on ceph nodes\n# Disable if an appropriate NTP client is already installed and configured\nntp_service_enabled: true\n\n# Set type of NTP client daemon to use, valid entries are chronyd, ntpd or timesyncd\nntp_daemon_type: chronyd\n\n# This variable determines if ceph packages can be updated.  If False, the\n# package resources will use \"state=present\".  If True, they will use\n# \"state=latest\".\nupgrade_ceph_packages: false\n\nceph_use_distro_backports: false # DEBIAN ONLY\nceph_directories_mode: \"0755\"\n\n###########\n# INSTALL #\n###########\n# ORIGIN SOURCE\n#\n# Choose between:\n# - 'repository' means that you will get ceph installed through a new repository. Later below choose between 'community', 'dev' or 'obs'\n# - 'distro' means that no separate repo file will be added\n#  you will get whatever version of Ceph is included in your Linux distro.\n# 'local' means that the ceph binaries will be copied over from the local machine\nceph_origin: dummy\nvalid_ceph_origins:\n  - repository\n  - distro\n  - local\n\n\nceph_repository: dummy\nvalid_ceph_repository:\n  - community\n  - dev\n  - uca\n  - custom\n  - obs\n\n\n# REPOSITORY: COMMUNITY VERSION\n#\n# Enabled when ceph_repository == 'community'\n#\nceph_mirror: https://download.ceph.com\nceph_stable_key: https://download.ceph.com/keys/release.asc\nceph_stable_release: reef\nceph_stable_repo: \"{{ ceph_mirror }}/debian-{{ ceph_stable_release }}\"\n\nnfs_ganesha_stable: true # use stable repos for nfs-ganesha\ncentos_release_nfs: centos-release-nfs-ganesha4\nnfs_ganesha_stable_deb_repo: http://ppa.launchpad.net/nfs-ganesha/nfs-ganesha-4/ubuntu\nnfs_ganesha_apt_keyserver: keyserver.ubuntu.com\nnfs_ganesha_apt_key_id: EA914D611053D07BD332E18010353E8834DC57CA\nlibntirpc_stable_deb_repo: http://ppa.launchpad.net/nfs-ganesha/libntirpc-4/ubuntu\n\n# Use the option below to specify your applicable package tree, eg. when using non-LTS Ubuntu versions\n# # for a list of available Debian distributions, visit http://download.ceph.com/debian-{{ ceph_stable_release }}/dists/\n# for more info read: https://github.com/ceph/ceph-ansible/issues/305\n# ceph_stable_distro_source: \"{{ ansible_facts['distribution_release'] }}\"\n\n# REPOSITORY: UBUNTU CLOUD ARCHIVE\n#\n# Enabled when ceph_repository == 'uca'\n#\n# This allows the install of Ceph from the Ubuntu Cloud Archive.  The Ubuntu Cloud Archive\n# usually has newer Ceph releases than the normal distro repository.\n#\n#\nceph_stable_repo_uca: \"http://ubuntu-cloud.archive.canonical.com/ubuntu\"\nceph_stable_openstack_release_uca: queens\nceph_stable_release_uca: \"{{ ansible_facts['distribution_release'] }}-updates/{{ ceph_stable_openstack_release_uca }}\"\n\n# REPOSITORY: openSUSE OBS\n#\n# Enabled when ceph_repository == 'obs'\n#\n# This allows the install of Ceph from the openSUSE OBS repository. The OBS repository\n# usually has newer Ceph releases than the normal distro repository.\n#\n#\nceph_obs_repo: \"https://download.opensuse.org/repositories/filesystems:/ceph:/{{ ceph_stable_release }}/openSUSE_Leap_{{ ansible_facts['distribution_version'] }}/\"\n\n# REPOSITORY: DEV\n#\n# Enabled when ceph_repository == 'dev'\n#\nceph_dev_branch: main # development branch you would like to use e.g: main, wip-hack\nceph_dev_sha1: latest # distinct sha1 to use, defaults to 'latest' (as in latest built)\n\nnfs_ganesha_dev: false # use development repos for nfs-ganesha\n\n# Set this to choose the version of ceph dev libraries used in the nfs-ganesha packages from shaman\n# flavors so far include: ceph_main, ceph_jewel, ceph_kraken, ceph_luminous\nnfs_ganesha_flavor: \"ceph_main\"\n\n\n# REPOSITORY: CUSTOM\n#\n# Enabled when ceph_repository == 'custom'\n#\n# Use a custom repository to install ceph.  For RPM, ceph_custom_repo should be\n# a URL to the .repo file to be installed on the targets.  For deb,\n# ceph_custom_repo should be the URL to the repo base.\n#\n# ceph_custom_key: https://server.domain.com/ceph-custom-repo/key.asc\nceph_custom_repo: https://server.domain.com/ceph-custom-repo\n\n\n# ORIGIN: LOCAL CEPH INSTALLATION\n#\n# Enabled when ceph_repository == 'local'\n#\n# Path to DESTDIR of the ceph install\n# ceph_installation_dir: \"/path/to/ceph_installation/\"\n# Whether or not to use installer script rundep_installer.sh\n# This script takes in rundep and installs the packages line by line onto the machine\n# If this is set to false then it is assumed that the machine ceph is being copied onto will already have\n# all runtime dependencies installed\n# use_installer: false\n# Root directory for ceph-ansible\n# ansible_dir: \"/path/to/ceph-ansible\"\n\n\n######################\n# CEPH CONFIGURATION #\n######################\n\n## Ceph options\n#\n# Each cluster requires a unique, consistent filesystem ID. By\n# default, the playbook generates one for you.\n# If you want to customize how the fsid is\n# generated, you may find it useful to disable fsid generation to\n# avoid cluttering up your ansible repo. If you set `generate_fsid` to\n# false, you *must* generate `fsid` in another way.\n# ACTIVATE THE FSID VARIABLE FOR NON-VAGRANT DEPLOYMENT\nfsid: \"{{ cluster_uuid.stdout }}\"\ngenerate_fsid: true\n\nceph_conf_key_directory: /etc/ceph\n\nceph_uid: \"{{ '64045' if not containerized_deployment | bool and ansible_facts['os_family'] == 'Debian' else '167' }}\"\n\n# Permissions for keyring files in /etc/ceph\nceph_keyring_permissions: '0600'\n\ncephx: true\n\n# Cluster configuration\nceph_cluster_conf:\n  global:\n    public_network: \"{{ public_network | default(omit) }}\"\n    cluster_network: \"{{ cluster_network | default(omit) }}\"\n    osd_pool_default_crush_rule: \"{{ osd_pool_default_crush_rule }}\"\n    ms_bind_ipv6: \"{{ (ip_version == 'ipv6') | string }}\"\n    ms_bind_ipv4: \"{{ (ip_version == 'ipv4') | string }}\"\n    osd_crush_chooseleaf_type: \"{{ '0' if common_single_host_mode | default(false) else omit }}\"\n\n## Client options\n#\nrbd_cache: \"true\"\nrbd_cache_writethrough_until_flush: \"true\"\nrbd_concurrent_management_ops: 20\n\nrbd_client_directories: true # this will create rbd_client_log_path and rbd_client_admin_socket_path directories with proper permissions\n\n# Permissions for the rbd_client_log_path and\n# rbd_client_admin_socket_path. Depending on your use case for Ceph\n# you may want to change these values. The default, which is used if\n# any of the variables are unset or set to a false value (like `null`\n# or `false`) is to automatically determine what is appropriate for\n# the Ceph version with non-OpenStack workloads -- ceph:ceph and 0770\n# for infernalis releases, and root:root and 1777 for pre-infernalis\n# releases.\n#\n# For other use cases, including running Ceph with OpenStack, you'll\n# want to set these differently:\n#\n# For OpenStack on RHEL, you'll want:\n#   rbd_client_directory_owner: \"qemu\"\n#   rbd_client_directory_group: \"libvirtd\" (or \"libvirt\", depending on your version of libvirt)\n#   rbd_client_directory_mode: \"0755\"\n#\n# For OpenStack on Ubuntu or Debian, set:\n#    rbd_client_directory_owner: \"libvirt-qemu\"\n#    rbd_client_directory_group: \"kvm\"\n#    rbd_client_directory_mode: \"0755\"\n#\n# If you set rbd_client_directory_mode, you must use a string (e.g.,\n# 'rbd_client_directory_mode: \"0755\"', *not*\n# 'rbd_client_directory_mode: 0755', or Ansible will complain: mode\n# must be in octal or symbolic form\nrbd_client_directory_owner: ceph\nrbd_client_directory_group: ceph\nrbd_client_directory_mode: \"0755\"\n\nrbd_client_log_path: /var/log/ceph\nrbd_client_log_file: \"{{ rbd_client_log_path }}/qemu-guest-$pid.log\" # must be writable by QEMU and allowed by SELinux or AppArmor\nrbd_client_admin_socket_path: /var/run/ceph # must be writable by QEMU and allowed by SELinux or AppArmor\n\n## Monitor options\n# set to either ipv4 or ipv6, whichever your network is using\nip_version: ipv4\n\nmon_host_v1:\n  enabled: true\n  suffix: ':6789'\nmon_host_v2:\n  suffix: ':3300'\n\nenable_ceph_volume_debug: false\n\n##########\n# CEPHFS #\n##########\n# When pg_autoscale_mode is set to True, you must add the target_size_ratio key with a correct value\n# `pg_num` and `pgp_num` keys will be ignored, even if specified.\n# eg:\n#  cephfs_data_pool:\n#    name: \"{{ cephfs_data if cephfs_data is defined else 'cephfs_data' }}\"\n#    target_size_ratio: 0.2\ncephfs: cephfs # name of the ceph filesystem\ncephfs_data_pool:\n  name: \"{{ cephfs_data if cephfs_data is defined else 'cephfs_data' }}\"\ncephfs_metadata_pool:\n  name: \"{{ cephfs_metadata if cephfs_metadata is defined else 'cephfs_metadata' }}\"\ncephfs_pools:\n  - \"{{ cephfs_data_pool }}\"\n  - \"{{ cephfs_metadata_pool }}\"\n\n## OSD options\n#\nlvmetad_disabled: false\nis_hci: false\nhci_safety_factor: 0.2\nnon_hci_safety_factor: 0.7\nsafety_factor: \"{{ hci_safety_factor if is_hci | bool else non_hci_safety_factor }}\"\nosd_memory_target: 4294967296\njournal_size: 5120 # OSD journal size in MB\nblock_db_size: -1 # block db size in bytes for the ceph-volume lvm batch. -1 means use the default of 'as big as possible'.\npublic_network: 0.0.0.0/0\ncluster_network: \"{{ public_network | regex_replace(' ', '') }}\"\nosd_mkfs_type: xfs\nosd_mkfs_options_xfs: -f -i size=2048\nosd_mount_options_xfs: noatime,largeio,inode64,swalloc\nosd_objectstore: bluestore\n\n# Any device containing these patterns in their path will be excluded.\nosd_auto_discovery_exclude: \"dm-*|loop*|md*|rbd*\"\n\n## MDS options\n#\nmds_max_mds: 1\n\n## Rados Gateway options\n#\nradosgw_frontend_type: beast # For additional frontends see: https://docs.ceph.com/en/latest/radosgw/frontends/\n\nradosgw_frontend_port: 8080\n# The server private key, public certificate and any other CA or intermediate certificates should be in one file, in PEM format.\nradosgw_frontend_ssl_certificate: \"\"\nradosgw_frontend_ssl_certificate_data: \"\" # certificate contents to be written to path defined by radosgw_frontend_ssl_certificate\nradosgw_frontend_options: \"\"\nradosgw_thread_pool_size: 512\n\n\n# You must define either radosgw_interface, radosgw_address.\n# These variables must be defined at least in all.yml and overrided if needed (inventory host file or group_vars/*.yml).\n# Eg. If you want to specify for each radosgw node which address the radosgw will bind to you can set it in your **inventory host file** by using 'radosgw_address' variable.\n# Preference will go to radosgw_address if both radosgw_address and radosgw_interface are defined.\nradosgw_interface: interface\nradosgw_address: x.x.x.x\nradosgw_address_block: subnet\nradosgw_keystone_ssl: false # activate this when using keystone PKI keys\nradosgw_num_instances: 1\nrgw_zone: default  # This is used for rgw instance client names.\n\n\n## Testing mode\n# enable this mode _only_ when you have a single node\n# if you don't want it keep the option commented\n# common_single_host_mode: true\n\n## Handlers - restarting daemons after a config change\n# if for whatever reasons the content of your ceph configuration changes\n# ceph daemons will be restarted as well. At the moment, we can not detect\n# which config option changed so all the daemons will be restarted. Although\n# this restart will be serialized for each node, in between a health check\n# will be performed so we make sure we don't move to the next node until\n# ceph is not healthy\n# Obviously between the checks (for monitors to be in quorum and for osd's pgs\n# to be clean) we have to wait. These retries and delays can be configurable\n# for both monitors and osds.\n#\n# Monitor handler checks\nhandler_health_mon_check_retries: 10\nhandler_health_mon_check_delay: 20\n#\n# OSD handler checks\nhandler_health_osd_check_retries: 40\nhandler_health_osd_check_delay: 30\nhandler_health_osd_check: true\n#\n# MDS handler checks\nhandler_health_mds_check_retries: 5\nhandler_health_mds_check_delay: 10\n#\n# RGW handler checks\nhandler_health_rgw_check_retries: 5\nhandler_health_rgw_check_delay: 10\nhandler_rgw_use_haproxy_maintenance: false\n\n# NFS handler checks\nhandler_health_nfs_check_retries: 5\nhandler_health_nfs_check_delay: 10\n\n# RBD MIRROR handler checks\nhandler_health_rbd_mirror_check_retries: 5\nhandler_health_rbd_mirror_check_delay: 10\n\n# MGR handler checks\nhandler_health_mgr_check_retries: 5\nhandler_health_mgr_check_delay: 10\n\n## health mon/osds check retries/delay:\n\nhealth_mon_check_retries: 20\nhealth_mon_check_delay: 10\nhealth_osd_check_retries: 20\nhealth_osd_check_delay: 10\n\n##############\n# RBD-MIRROR #\n##############\n\nceph_rbd_mirror_pool: \"rbd\"\n\n###############\n# NFS-GANESHA #\n###############\n#\n# Access type options\n#\n# Enable NFS File access\n# If set to true, then ganesha is set up to export the root of the\n# Ceph filesystem, and ganesha's attribute and directory caching is disabled\n# as much as possible since libcephfs clients also caches the same\n# information.\n#\n# Set this to true to enable File access via NFS.  Requires an MDS role.\nnfs_file_gw: false\n# Set this to true to enable Object access via NFS. Requires an RGW role.\nnfs_obj_gw: \"{{ False if groups.get(mon_group_name, []) | length == 0 else True }}\"\n\n\n###################\n# CONFIG OVERRIDE #\n###################\n\n# Ceph configuration file override.\n# This allows you to specify more configuration options\n# using an INI style format.\n#\n# When configuring RGWs, make sure you use the form [client.rgw.*]\n# instead of [client.radosgw.*].\n# For more examples check the profiles directory of https://github.com/ceph/ceph-ansible.\n#\n# The following sections are supported: [global], [mon], [osd], [mds], [client]\n#\n# Example:\n# ceph_conf_overrides:\n#   global:\n#     foo: 1234\n#     bar: 5678\n#   \"client.rgw.{{ rgw_zone }}.{{ hostvars[groups.get(rgw_group_name)[0]]['ansible_facts']['hostname'] }}\":\n#     rgw_zone: zone1\n#\nceph_conf_overrides: {}\n\n\n#############\n# OS TUNING #\n#############\n\ndisable_transparent_hugepage: \"{{ false if osd_objectstore == 'bluestore' }}\"\nos_tuning_params:\n  - { name: fs.file-max, value: 26234859 }\n  - { name: vm.zone_reclaim_mode, value: 0 }\n  - { name: vm.swappiness, value: 10 }\n  - { name: vm.min_free_kbytes, value: \"{{ vm_min_free_kbytes }}\" }\n\n# For Debian & Red Hat/CentOS installs set TCMALLOC_MAX_TOTAL_THREAD_CACHE_BYTES\n# Set this to a byte value (e.g. 134217728)\n# A value of 0 will leave the package default.\nceph_tcmalloc_max_total_thread_cache: 134217728\n\n\n##########\n# DOCKER #\n##########\nceph_docker_image: \"ceph/daemon-base\"\nceph_docker_image_tag: latest-reef\nceph_docker_registry: quay.io\nceph_docker_registry_auth: false\n# ceph_docker_registry_username:\n# ceph_docker_registry_password:\n# ceph_docker_http_proxy:\n# ceph_docker_https_proxy:\nceph_docker_no_proxy: \"localhost,127.0.0.1\"\n## Client only docker image - defaults to {{ ceph_docker_image }}\nceph_client_docker_image: \"{{ ceph_docker_image }}\"\nceph_client_docker_image_tag: \"{{ ceph_docker_image_tag }}\"\nceph_client_docker_registry: \"{{ ceph_docker_registry }}\"\ncontainerized_deployment: false\ncontainer_binary:\ntimeout_command: \"{{ 'timeout --foreground -s KILL ' ~ docker_pull_timeout if (docker_pull_timeout != '0') and (ceph_docker_dev_image is undefined or not ceph_docker_dev_image) else '' }}\"\nceph_common_container_params:\n  envs:\n    NODE_NAME: \"{{ ansible_facts['hostname'] }}\"\n    CEPH_USE_RANDOM_NONCE: \"1\"\n    CONTAINER_IMAGE: \"{{ ceph_docker_registry }}/{{ ceph_docker_image }}:{{ ceph_docker_image_tag }}\"\n    TCMALLOC_MAX_TOTAL_THREAD_CACHE_BYTES: \"{{ ceph_tcmalloc_max_total_thread_cache }}\"\n  args:\n    - --setuser=ceph\n    - --setgroup=ceph\n    - --default-log-to-file=false\n    - --default-log-to-stderr=true\n    - --default-log-stderr-prefix=\"debug \"\n  volumes:\n    - /var/lib/ceph/crash:/var/lib/ceph/crash:z\n    - /var/run/ceph:/var/run/ceph:z\n    - /var/log/ceph:/var/log/ceph:z\n    - /etc/ceph:/etc/ceph:z\n    - /etc/localtime:/etc/localtime:ro\n\n# this is only here for usage with the rolling_update.yml playbook\n# do not ever change this here\nrolling_update: false\n\n#####################\n# Docker pull retry #\n#####################\ndocker_pull_retry: 3\ndocker_pull_timeout: \"300s\"\n\n\n#############\n# DASHBOARD #\n#############\ndashboard_enabled: true\n# Choose http or https\n# For https, you should set dashboard.crt/key and grafana.crt/key\n# If you define the dashboard_crt and dashboard_key variables, but leave them as '',\n# then we will autogenerate a cert and keyfile\ndashboard_protocol: https\ndashboard_port: 8443\n# set this variable to the network you want the dashboard to listen on. (Default to public_network)\ndashboard_network: \"{{ public_network }}\"\ndashboard_admin_user: admin\ndashboard_admin_user_ro: false\n# This variable must be set with a strong custom password when dashboard_enabled is True\n# dashboard_admin_password: p@ssw0rd\n# We only need this for SSL (https) connections\ndashboard_crt: ''\ndashboard_key: ''\ndashboard_certificate_cn: ceph-dashboard\ndashboard_tls_external: false\ndashboard_grafana_api_no_ssl_verify: \"{{ true if dashboard_protocol == 'https' and not grafana_crt and not grafana_key else false }}\"\ndashboard_rgw_api_user_id: ceph-dashboard\ndashboard_rgw_api_admin_resource: ''\ndashboard_rgw_api_no_ssl_verify: false\ndashboard_frontend_vip: ''\ndashboard_disabled_features: []\nprometheus_frontend_vip: ''\nalertmanager_frontend_vip: ''\nnode_exporter_container_image: \"docker.io/prom/node-exporter:v0.17.0\"\nnode_exporter_port: 9100\ngrafana_admin_user: admin\n# This variable must be set with a strong custom password when dashboard_enabled is True\n# grafana_admin_password: admin\n# We only need this for SSL (https) connections\ngrafana_crt: ''\ngrafana_key: ''\n# When using https, please fill with a hostname for which grafana_crt is valid.\ngrafana_server_fqdn: ''\ngrafana_container_image: \"docker.io/grafana/grafana:6.7.4\"\ngrafana_container_cpu_period: 100000\ngrafana_container_cpu_cores: 2\n# container_memory is in GB\ngrafana_container_memory: 4\ngrafana_uid: 472\ngrafana_datasource: Dashboard\ngrafana_dashboards_path: \"/etc/grafana/dashboards/ceph-dashboard\"\ngrafana_dashboard_version: main\ngrafana_dashboard_files:\n  - ceph-cluster.json\n  - cephfs-overview.json\n  - host-details.json\n  - hosts-overview.json\n  - osd-device-details.json\n  - osds-overview.json\n  - pool-detail.json\n  - pool-overview.json\n  - radosgw-detail.json\n  - radosgw-overview.json\n  - radosgw-sync-overview.json\n  - rbd-details.json\n  - rbd-overview.json\ngrafana_plugins:\n  - vonage-status-panel\n  - grafana-piechart-panel\ngrafana_allow_embedding: true\ngrafana_port: 3000\ngrafana_network: \"{{ public_network }}\"\ngrafana_conf_overrides: {}\nprometheus_container_image: \"docker.io/prom/prometheus:v2.7.2\"\nprometheus_container_cpu_period: 100000\nprometheus_container_cpu_cores: 2\n# container_memory is in GB\nprometheus_container_memory: 4\nprometheus_data_dir: /var/lib/prometheus\nprometheus_conf_dir: /etc/prometheus\nprometheus_user_id: '65534'  # This is the UID used by the prom/prometheus container image\nprometheus_port: 9092\nprometheus_conf_overrides: {}\n# Uncomment out this variable if you need to customize the retention period for prometheus storage.\n# set it to '30d' if you want to retain 30 days of data.\n# prometheus_storage_tsdb_retention_time: 15d\nalertmanager_container_image: \"docker.io/prom/alertmanager:v0.16.2\"\nalertmanager_container_cpu_period: 100000\nalertmanager_container_cpu_cores: 2\n# container_memory is in GB\nalertmanager_container_memory: 4\nalertmanager_data_dir: /var/lib/alertmanager\nalertmanager_conf_dir: /etc/alertmanager\nalertmanager_port: 9093\nalertmanager_cluster_port: 9094\nalertmanager_conf_overrides: {}\nalertmanager_dashboard_api_no_ssl_verify: \"{{ true if dashboard_protocol == 'https' and not dashboard_crt and not dashboard_key else false }}\"\n\nno_log_on_ceph_key_tasks: true\n\n###############\n# DEPRECATION #\n###############\n\n\n######################################################\n# VARIABLES BELOW SHOULD NOT BE MODIFIED BY THE USER #\n#               *DO NOT* MODIFY THEM                 #\n######################################################\n\ncontainer_exec_cmd:\ndocker: false\nceph_volume_debug: \"{{ enable_ceph_volume_debug | ternary(1, 0) }}\"\n","created":"2025-12-08T13:57:21.838287Z","updated":"2025-12-08T13:57:21.838299Z","path":"/etc/ansible/roles/ceph-ansible/roles/ceph-defaults/defaults/main.yml"}