Created attachment 1334378 [details] File contains terminal log snippet, ansible-playbook log Description of problem: client.admin keyring, mgr keyrings, monitor keyrings are getting copied to all nodes of the cluster. admin keyring is getting copied to all nodes irrespective of value set for copy_admin_key variable in respective yml files. Version-Release number of selected component (if applicable): ceph-ansible-3.0.0-0.1.rc15.el7cp.noarch How reproducible: Always Steps to Reproduce: 1. Configure ceph-ansible to get a cluster up without setting any value for copy_admin_keyring in all yml files in group_vars. 2. Run playbook. Actual results: admin, mon, mgr keyrings being copied to all nodes of the cluster Expected results: Nodes must be having only keyrings needed to run the services running in that particular node. (Attachment contains ansible log of the latest run which had only configured mgrs and terminal log snippet showcasing presence of all keyrings on all nodes irrespective of services running on particular node)
waiting for the PR upstream to be merged.
upstream fix : https://github.com/ceph/ceph-ansible/commit/70e2787fe2970f4e255d013cd51658ebf3125ea3 will be in rc17
Verified on ceph-ansible-3.0.6-1.el7cp.noarch. Looks fine to me.
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2017:3387