---
# defaults file for cifmw_cephadm
cifmw_cephadm_basedir: "{{ cifmw_basedir }}"
cifmw_cephadm_spec_on_bootstrap: false  # not recommended due to https://tracker.ceph.com/issues/49277
cifmw_cephadm_ssh_user: ceph-admin
cifmw_cephadm_bin: /usr/sbin/cephadm
cifmw_cephadm_cluster: ceph
cifmw_cephadm_config_home: /etc/ceph
cifmw_cephadm_config_home_container: "/var/lib/ceph/{{ cifmw_cephadm_fsid }}/config/"
cifmw_cephadm_verbose: false
cifmw_cephadm_container_ns: "quay.io/ceph"
cifmw_cephadm_container_image: "ceph"
cifmw_cephadm_container_tag: "v18"  # this tag always points to latest-reef
cifmw_cephadm_container_cli: "podman"
cifmw_cephadm_container_options: "--net=host --ipc=host"
cifmw_cephadm_registry_password: ''
cifmw_cephadm_registry_username: ''
cifmw_cephadm_registry_url: ''
cifmw_cephadm_keyring_prefix: "{{ cifmw_cephadm_config_home }}/{{ cifmw_cephadm_cluster }}.client"
cifmw_cephadm_admin_keyring: "{{ cifmw_cephadm_keyring_prefix }}.admin.keyring"
cifmw_cephadm_conf: "{{ cifmw_cephadm_config_home }}/{{ cifmw_cephadm_cluster }}.conf"
cifmw_cephadm_assimilate_conf: "/home/{{ cifmw_cephadm_ssh_user }}/assimilate_{{ cifmw_cephadm_cluster }}.conf"
cifmw_cephadm_assimilate_conf_container: "/home/assimilate_{{ cifmw_cephadm_cluster }}.conf"
# path on ansible host (i.e. undercloud) of the ceph spec
cifmw_cephadm_spec_ansible_host: "{{ playbook_dir }}/ceph_spec.yaml"
# path on bootstrap node of ceph spec (scp'd from above var)
cifmw_cephadm_spec: "/home/{{ cifmw_cephadm_ssh_user }}/specs/ceph_spec.yaml"
# path in container on bootstrap node of spec (podman -v'd from above var)
cifmw_cephadm_container_spec: /home/ceph_spec.yaml
# path of other ceph specs podman -v mounted into running container
cifmw_cephadm_spec_home: "/home/{{ cifmw_cephadm_ssh_user }}/specs"
cifmw_cephadm_bootstrap_files:
  - "/home/{{ cifmw_cephadm_ssh_user }}/.ssh/id_rsa"
  - "/home/{{ cifmw_cephadm_ssh_user }}/.ssh/id_rsa.pub"
cifmw_cephadm_uid: "167"
cifmw_cephadm_mode: "0755"
cifmw_cephadm_keyring_permissions: "0644"
cifmw_ceph_client_config_home: "/etc/ceph"
cifmw_cephadm_wait_for_mons: true
cifmw_cephadm_wait_for_mons_retries: 10
cifmw_cephadm_wait_for_mons_delay: 20
cifmw_cephadm_wait_for_mons_ignore_errors: false
cifmw_cephadm_wait_for_osds: true
cifmw_cephadm_wait_for_osds_retries: 40
cifmw_cephadm_wait_for_osds_delay: 30
cifmw_cephadm_wait_for_osds_ignore_errors: false
cifmw_cephadm_num_osd_expected: 1
cifmw_cephadm_predeployed: true
cifmw_cephadm_conf_overrides: {}
cifmw_cephadm_fsid_list: []
cifmw_cephadm_fqdn: false
cifmw_cephadm_internal_tls_enabled: false
cifmw_cephadm_certs: /etc/pki/tls
cifmw_cephadm_debug: false
cifmw_cephadm_min_compat_client: "mimic"
cifmw_cephadm_auth_allowed_ciphers: ""
cifmw_cephadm_deployed_ceph: false
cifmw_cephadm_backend: ''
cifmw_cephadm_action: disable
cifmw_cephadm_rbd_trash_interval: 15
cifmw_cephadm_enable_trash_scheduler: false
cifmw_cephadm_apply_ceph_conf_overrides_on_update: false
cifmw_cephadm_standalone: false
cifmw_cephadm_default_container: false
cifmw_cephadm_single_host_defaults: false
cifmw_cephadm_extra_args: ""
cifmw_cephadm_pacific_filter: "16.*"
# The path of the rendered rgw spec file
cifmw_ceph_rgw_spec_path: /tmp/ceph_rgw.yml
cifmw_ceph_mds_spec_path: /tmp/ceph_mds.yml
cifmw_ceph_rbd_mirror_spec_path: /tmp/ceph_rbd_mirror.yml
cifmw_ceph_rgw_keystone_ep: "https://keystone-internal.openstack.svc:5000"
cifmw_ceph_rgw_keystone_psw: 12345678
cifmw_ceph_rgw_keystone_user: "swift"
cifmw_ceph_rgw_config:
  rgw_keystone_url: "{{ cifmw_ceph_rgw_keystone_ep }}"
  rgw_keystone_verify_ssl: false
  rgw_keystone_api_version: 3
  rgw_keystone_accepted_roles: "\"member, Member, admin\""
  rgw_keystone_accepted_admin_roles: "\"ResellerAdmin, swiftoperator\""
  rgw_keystone_admin_domain: default
  rgw_keystone_admin_project: service
  rgw_keystone_admin_user: "{{ cifmw_ceph_rgw_keystone_user }}"
  rgw_keystone_admin_password: "{{ cifmw_ceph_rgw_keystone_psw }}"
  rgw_keystone_implicit_tenants: "true"
  rgw_s3_auth_use_keystone: true
  rgw_swift_versioning_enabled: true
  rgw_swift_enforce_content_length: true
  rgw_swift_account_in_url: true
  rgw_trust_forwarded_https: true
  rgw_max_attr_name_len: 128
  rgw_max_attrs_num_in_req: 90
  rgw_max_attr_size: 1024
cifmw_cephadm_cephfs_name: "cephfs"
cifmw_ceph_dashboard_spec_path: /tmp/ceph_dashboard.yml
cifmw_cephadm_certificate: ""
cifmw_cephadm_key: ""
cifmw_cephadm_dashboard_port: 8443
cifmw_cephadm_grafana_admin_user: 'admin'
cifmw_cephadm_grafana_admin_password: '/home/grafana_password.yml'
cifmw_cephadm_prometheus_port: 9092
cifmw_cephadm_grafana_port: 3100
cifmw_cephadm_prometheus_container_ns: "quay.io/prometheus"
cifmw_cephadm_alertmanager_container_image: "{{ cifmw_cephadm_prometheus_container_ns }}/alertmanager:v0.25.0"
cifmw_cephadm_grafana_container_image: "{{ cifmw_cephadm_container_ns }}/ceph-grafana:9.4.7"
cifmw_cephadm_node_exporter_container_image: "{{ cifmw_cephadm_prometheus_container_ns }}/node-exporter:v1.5.0"
cifmw_cephadm_prometheus_container_image: "{{ cifmw_cephadm_prometheus_container_ns }}/prometheus:v2.43.0"
cifmw_cephadm_ns: openstack
cifmw_cephadm_urischeme: "http"
cifmw_cephadm_config_key_set_ssl_option: no_sslv2:sslv3:no_tlsv1:no_tlsv1_1
# Deployment logs variables
cifmw_cephadm_log_dump: true
cifmw_cephadm_log_path: "{{ cifmw_basedir | default(ansible_user_dir ~ '/ci-framework-data') }}/logs/ceph"
cifmw_cephadm_log_commands:
  # Get deployed Ceph daemons
  - type: "daemons"
    cmd: "orch ls --export -f json"
  # Get all the Ceph containers
  - type: "processes"
    cmd: "orch ps -f json"
  # Get health status
  - type: "health"
    cmd: "-s -f json"
  # Get Ceph Config stored in the mgr
  - type: "config"
    cmd: "config dump -f json"
  # Get osd min-compat-client
  - type: "min-compat-client"
    cmd: "osd get-require-min-compat-client"
  # Get the version of each component
  - type: "version"
    cmd: "versions -f json"
# Update/Upgrade default variables
cifmw_cephadm_update_container_ns: "{{ cifmw_cephadm_container_ns }}"
cifmw_cephadm_update_container_image: "{{ cifmw_cephadm_container_image }}"
# Applying the same tag might result in a noop
cifmw_cephadm_update_container_tag: "{{ cifmw_cephadm_container_tag }}"
cifmw_cephadm_wait_update_retries: 100
cifmw_cephadm_wait_update_delay: 30
cifmw_cephadm_update_log_commands:
  # Get last cephadm logs in case of failure
  - type: "mod_cephadm"
    cmd: "log last cephadm"
cifmw_cephadm_wait_for_dashboard_retries: 10
cifmw_cephadm_wait_for_dashboard_delay: 20
# Repository parameters
cifmw_cephadm_repository_override: false
# we usually support N+1 Ceph version: Adding Squid here because Reef is the
# default version installed in a greenfield scenario
cifmw_cephadm_version: "squid"
# bug in cephadm: if you skip "prepare host" it will fail
cifmw_cephadm_prepare_host: false
cifmw_cephadm_wait_install_retries: 8
cifmw_cephadm_wait_install_delay: 15
cifmw_cephadm_rgw_ingress_service_name: "ingress.rgw.default"
cifmw_cephadm_rgw_ingress_service_id: "rgw.default"
# set ssl_backward compatibily to False if ceph version is equal or greater
# than Tentacle
cifmw_rgw_ssl_backward_compatibility: true
cifmw_cephadm_rgw_s3_glance: false
# set cephadm_nfsv3 to true when NFS is enabled and the ceph version is
# equal or greater than Tentacle
cifmw_cephadm_nfsv3: false