Description of problem: when running /usr/share/ceph-ansible/site-docker.yml.sample playbook to do containerized Ceph deployment, the deploy fails because none of the tasks to open up firewall ports are run. This is because of a faulty when clause in my opinion. Version-Release number of selected component (if applicable): group_vars/all.yml: containerized_deployment: True ceph_docker_image: rhceph/rhceph-3-rhel7 ceph_docker_registry: registry.access.redhat.com ceph_docker_image_tag: "3-23" # ceph version 12.2.8-89.el7cp How reproducible: every time Steps to Reproduce: 1. run containerized ceph deploy using site-docker.yml.sample 2. where firewalld is present on the target systems Actual results: No firewalld ports opened, OSDs can't come up cleanly Expected results: firewalld is configured such that ceph ports are open for business. Additional info: Here's the patch I did to the task named "check firewalld installation on redhat or suse" So that it is not inhibited by a when clause from running in a containerized deployment - they too have firewalld to deal with. [root@c07-h30-6018r ceph-ansible]# diff -u roles/ceph-infra/tasks/configure_firewall.ym{l.orig,l} --- roles/ceph-infra/tasks/configure_firewall.yml.orig 2019-03-19 18:23:47.995250124 +0000 +++ roles/ceph-infra/tasks/configure_firewall.yml 2019-03-19 18:24:24.581323469 +0000 @@ -9,8 +9,8 @@ changed_when: false tags: - firewall - when: - - not containerized_deployment
Observed with ceph-ansible.noarch 3.2.8-1.el7cp and using group_vars/all.yml (containerized) containerized_deployment: True ceph_docker_image: rhceph/rhceph-3-rhel7 # explicitly set the version (by default the 'latest' tag is used) ceph_docker_image_tag: “3-23” (ceph version 12.2.8-89.el7cp) ceph_docker_registry: registry.access.redhat.com
Updating the QA Contact to a Hemant. Hemant will be rerouting them to the appropriate QE Associate. Regards, Giri
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2019:3173