ghp/ansible
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

add csi ceph

Browse Source
This commit is contained in:
ace 2023-06-11 02:50:22 +03:00
parent 73f93631c2
commit b44245392e
Signed by: ace
GPG Key ID: 2C08973DD37A76FD
8 changed files with 121 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
inventory/ghp/sample/group_vars/all/versions.yaml
View File

@ -2,8 +2,14 @@
metallb_version: 0.13.10
# NFS provisioners
nfs_client_provisioner_hdd_version: 4.0.14
nfs_client_provisioner_ssd_version: 4.0.14
nfs_client_provisioner_hdd_version: 4.0.18
nfs_client_provisioner_ssd_version: 4.0.18
# CSI Ceph RBD provisioner
ceph_csi_rbd_version: 3.8.0
# CSI CephFS provisioner
ceph_csi_cephfs_version: 3.8.0
# Cert-manager
cert_manager_version: 1.12.1

12
playbooks/ghp/core-infra.yaml
View File

@ -68,6 +68,18 @@
when: nfs_client_provisioner_enabled | default(true)
tags: nfs-client-provisioner
- name: Deploy CSI Ceph RBD
import_role:
name: ceph-csi-rbd
when: ceph_csi_rbd_enabled | default(false)
tags: ceph-csi-rbd
- name: Deploy CSI CephFS
import_role:
name: ceph-csi-cephfs
when: ceph_csi_cephfs_enabled | default(false)
tags: ceph-csi-cephfs
- name: Deploy Metrics-server
import_role:
name: metrics-server

37
roles/ceph-csi-cephfs/defaults/main.yaml Normal file
View File

@ -0,0 +1,37 @@
ceph_csi_cephfs_namespace: "ceph-csi-cephfs"
ceph_csi_cephfs_chart_ref: "ceph-csi/ceph-csi-cephfs"
ceph_csi_cephfs_default_values:
nodeplugin:
httpMetrics:
# Fix nginx conflict
containerPort: 8083
storageClass:
# Specifies whether the storageclass should be created
create: true
name: csi-cephfs-sc
# Annotations for the storage class
# Example:
# annotations:
# storageclass.kubernetes.io/is-default-class: "true"
annotations: {}
# (required) String representing a Ceph cluster to provision storage from.
# Should be unique across all Ceph clusters in use for provisioning,
# cannot be greater than 36 bytes in length, and should remain immutable for
# the lifetime of the StorageClass in use.
clusterID: ceph
# (required) CephFS filesystem name into which the volume shall be created
# eg: fsName: myfs
fsName: cephfs
secret:
# Specifies whether the secret should be created
create: true
name: csi-cephfs-secret
# Key values correspond to a user name and its key, as defined in the
# ceph cluster. User ID should have required access to the 'pool'
# specified in the storage class
userID: ""
userKey: ""

12
roles/ceph-csi-cephfs/tasks/main.yaml Normal file
View File

@ -0,0 +1,12 @@
- set_fact:
ceph_csi_cephfs_combined_values: "{{ ceph_csi_cephfs_default_values | combine(ceph_csi_cephfs_values, recursive=true) }}"
- name: Deploy CSI CephFS {{ ceph_csi_cephfs_version }}
kubernetes.core.helm:
create_namespace: true
release_namespace: "{{ ceph_csi_cephfs_namespace | default('ceph-csi-cephfs') }}"
release_name: "{{ ceph_csi_cephfs_name | default('ceph-csi-cephfs') }}"
chart_ref: "{{ ceph_csi_cephfs_chart_ref }}"
chart_version: "{{ ceph_csi_cephfs_version | default(omit) }}"
release_values: "{{ ceph_csi_cephfs_combined_values | from_yaml | default(omit) }}"
#wait: true

37
roles/ceph-csi-rbd/defaults/main.yaml Normal file
View File

@ -0,0 +1,37 @@
ceph_csi_rbd_namespace: "ceph-csi-rbd"
ceph_csi_rbd_chart_ref: "ceph-csi/ceph-csi-rbd"
ceph_csi_rbd_default_values:
nodeplugin:
httpMetrics:
# Fix nginx conflict
containerPort: 8082
storageClass:
# Specifies whether the storageclass should be created
create: true
name: csi-rbd-sc
# Annotations for the storage class
# Example:
# annotations:
# storageclass.kubernetes.io/is-default-class: "true"
annotations: {}
# (required) String representing a Ceph cluster to provision storage from.
# Should be unique across all Ceph clusters in use for provisioning,
# cannot be greater than 36 bytes in length, and should remain immutable for
# the lifetime of the StorageClass in use.
clusterID: ceph
# (required) Ceph pool into which the RBD image shall be created
# eg: pool: replicapool
pool: k8s
secret:
# Specifies whether the secret should be created
create: true
name: csi-rbd-secret
# Key values correspond to a user name and its key, as defined in the
# ceph cluster. User ID should have required access to the 'pool'
# specified in the storage class
userID: ""
userKey: ""

12
roles/ceph-csi-rbd/tasks/main.yaml Normal file
View File

@ -0,0 +1,12 @@
- set_fact:
ceph_csi_rbd_combined_values: "{{ ceph_csi_rbd_default_values | combine(ceph_csi_rbd_values, recursive=true) }}"
- name: Deploy CSI Ceph RBD {{ ceph_csi_rbd_version }}
kubernetes.core.helm:
create_namespace: true
release_namespace: "{{ ceph_csi_rbd_namespace | default('ceph-csi-rbd') }}"
release_name: "{{ ceph_csi_rbd_name | default('ceph-csi-rbd') }}"
chart_ref: "{{ ceph_csi_rbd_chart_ref }}"
chart_version: "{{ ceph_csi_rbd_version | default(omit) }}"
release_values: "{{ ceph_csi_rbd_combined_values | from_yaml | default(omit) }}"
#wait: true

2
roles/cert-manager/defaults/main.yaml
View File

@ -1,6 +1,6 @@
cert_manager_chart_ref: "jetstack/cert-manager"
cert_manager_namespace: "cert-manager"
lets_encrypt_mailbox: "admin@{{ domain }}"
ceph_manager_lets_encrypt_mailbox: "admin@{{ domain }}"
cert_manager_base64_tsig_key: "{{ k8s_tsig | b64encode }}"
cert_manager_default_values:
installCRDs: true

4
roles/cert-manager/tasks/main.yaml
View File

@ -37,7 +37,7 @@
# The ACME server URL
server: https://acme-v02.api.letsencrypt.org/directory
# Email address used for ACME registration
email: "{{ lets_encrypt_mailbox }}"
email: "{{ cert_manager_lets_encrypt_mailbox }}"
# Name of a secret used to store the ACME account private key
privateKeySecretRef:
name: letsencrypt-prod
@ -68,7 +68,7 @@
# The ACME server URL
server: https://acme-staging-v02.api.letsencrypt.org/directory
# Email address used for ACME registration
email: "{{ lets_encrypt_mailbox }}"
email: "{{ cert_manager_lets_encrypt_mailbox }}"
# Name of a secret used to store the ACME account private key
privateKeySecretRef:
name: letsencrypt-staging