From 84edc361d9bf2e47a69bf68a15765d26485305c8 Mon Sep 17 00:00:00 2001 From: Mohamed Emine IBRAHIM Date: Sat, 17 Feb 2024 23:03:04 +0000 Subject: [PATCH 1/8] [Add] add infrastructure for ceph on vexxhost --- ceph_vexx.sh | 5 ++ infra/ceph_vexx.json | 198 +++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 203 insertions(+) create mode 100755 ceph_vexx.sh create mode 100644 infra/ceph_vexx.json diff --git a/ceph_vexx.sh b/ceph_vexx.sh new file mode 100755 index 0000000..397fd52 --- /dev/null +++ b/ceph_vexx.sh @@ -0,0 +1,5 @@ +#!/bin/bash +export OS_CLOUD="vexxhost_sjc1" +export PULUMI_STACK="staging" +export PULUMI_SUB_STACK="ceph_vexx" +export PULUMI_CONFIG_PASSPHRASE_FILE="/etc/ansible/pulumi_passphrase" diff --git a/infra/ceph_vexx.json b/infra/ceph_vexx.json new file mode 100644 index 0000000..16a677f --- /dev/null +++ b/infra/ceph_vexx.json @@ -0,0 +1,198 @@ +{ + "application_name": "ceph_vexx", + "bastion_access_network_name": "ceph_network", + "bastion_access_network_cidr": "172.39.15.0/24", + "bastion_to_use": "ceph_vexx", + "network": [{ + "name": "ceph_network", + "bastion_access": "yes", + "subnet": { + "name":"ceph_network_subnet", + "ip_version": 4, + "cidr": "172.39.15.0/24", + "dns_servers": ["8.8.8.8"], + "linked_router": [{"router_name": "ceph_router"}] + }, + "port": [ + ] + }], + "router": [{ + "router_name": "ceph_router", + "router_external_gateway": "0048fce6-c715-4106-a810-473620326cb0", + "linked_subnets": [{ + "router_interface_name": "ceph_router_interface", + "subnet_name": "ceph_network_subnet"}] + }], + "security_group":[ + { + "name": "all_open", + "description": "Emine DEV environment is security group", + "rules": [ + { + "name": "Ingress_ssh", + "description": "ssh traffic", + "direction": "ingress", + "port_range_max": 22, + "port_range_min": 22, + "protocol": "tcp", + "remote_ip_prefix": "0.0.0.0/0" + }, + { + "name": "Ingress_http", + "description": "http traffic", + "direction": "ingress", + "port_range_max": 80, + "port_range_min": 80, + "protocol": "tcp", + "remote_ip_prefix": "0.0.0.0/0" + }, + { + "name": "Ingress_https", + "description": "https traffic", + "direction": "ingress", + "port_range_max": 443, + "port_range_min": 443, + "protocol": "tcp", + "remote_ip_prefix": "0.0.0.0/0" + }, + { + "name": "Ingress_squid", + "description": "Squid Proxy traffic", + "direction": "ingress", + "port_range_max": 3128, + "port_range_min": 3128, + "protocol": "tcp", + "remote_ip_prefix": "0.0.0.0/0" + }, + { + "name": "Ingress_ping", + "description": "icmp traffic", + "direction": "ingress", + "port_range_max": 0, + "port_range_min": 0, + "protocol": "icmp", + "remote_ip_prefix": "0.0.0.0/0" + }, + { + "name": "Ingress_nosqlclient", + "description": "nosqlclient traffic", + "direction": "ingress", + "port_range_max": 3000, + "port_range_min": 3000, + "protocol": "tcp", + "remote_ip_prefix": "0.0.0.0/0" + }, + { + "name": "Ingress_nexus", + "description": "nexus repository traffic", + "direction": "ingress", + "port_range_max": 8081, + "port_range_min": 8081, + "protocol": "tcp", + "remote_ip_prefix": "0.0.0.0/0" + }, + { + "name": "Ingress_nexus_docker_registry", + "description": "nexus repository traffic", + "direction": "ingress", + "port_range_max": 8082, + "port_range_min": 8082, + "protocol": "tcp", + "remote_ip_prefix": "0.0.0.0/0" + }, + { + "name": "Ingress_mongodb", + "description": "mongodb traffic", + "direction": "ingress", + "port_range_max": 27017, + "port_range_min": 27017, + "protocol": "tcp", + "remote_ip_prefix": "0.0.0.0/0" + } + ] + } + ], + "instance": [{ + "name": "stg-cephmon-00", + "az": "nova", + "flavor": "v3-starter-1", + "image": "Ubuntu 20.04.3 LTS (x86_64) [2021-10-04]", + "keypair": "dell XPS", + "security_group": ["all_open"], + "inventory_group": "mons", + "network": [{"name": "ceph_network"}] + }, + { + "name": "stg-cephmon-01", + "az": "nova", + "flavor": "v3-starter-1", + "image": "Ubuntu 20.04.3 LTS (x86_64) [2021-10-04]", + "keypair": "dell XPS", + "security_group": ["all_open"], + "inventory_group": "mons", + "network": [{"name": "ceph_network"}] + }, + { + "name": "stg-cephmon-02", + "az": "nova", + "flavor": "v3-starter-1", + "image": "Ubuntu 20.04.3 LTS (x86_64) [2021-10-04]", + "keypair": "dell XPS", + "security_group": ["all_open"], + "inventory_group": "mons", + "network": [{"name": "ceph_network"}] + }, + { + "name": "stg-cephosd-00", + "az": "nova", + "flavor": "v3-starter-1", + "image": "Ubuntu 20.04.3 LTS (x86_64) [2021-10-04]", + "keypair": "dell XPS", + "security_group": ["all_open"], + "inventory_group": "osds", + "network": [{"name": "ceph_network"}], + "volume": ["osd-00"] + }, + { + "name": "stg-cephosd-01", + "az": "nova", + "flavor": "v3-starter-1", + "image": "Ubuntu 20.04.3 LTS (x86_64) [2021-10-04]", + "keypair": "dell XPS", + "security_group": ["all_open"], + "inventory_group": "osds", + "network": [{"name": "ceph_network"}], + "volume": ["osd-01"] + }, + { + "name": "stg-cephosd-02", + "az": "nova", + "flavor": "v3-starter-1", + "image": "Ubuntu 20.04.3 LTS (x86_64) [2021-10-04]", + "keypair": "dell XPS", + "security_group": ["all_open"], + "inventory_group": "osds", + "network": [{"name": "ceph_network"}], + "volume": ["osd-02"] + }, + { + "name": "stg-ceph-bastion-00", + "az": "nova", + "flavor": "v3-starter-1", + "image": "Ubuntu 20.04.3 LTS (x86_64) [2021-10-04]", + "keypair": "dell XPS", + "security_group": ["all_open"], + "inventory_group": "ceph_bastion", + "network": [{"name": "ceph_network"}], + "fip": [{ + "floatingip": "fip_ceph", + "pool": "public" + }] + } + ], + "volume": [ + {"name": "osd-00", "description": "Ceph OSD 0", "size": 50, "availability_zone": "nova", "volume_type": "rbd"}, + {"name": "osd-01", "description": "Ceph OSD 1", "size": 50, "availability_zone": "nova", "volume_type": "rbd"}, + {"name": "osd-02", "description": "Ceph OSD 2", "size": 50, "availability_zone": "nova", "volume_type": "rbd"} + ] +} From a0c9449c7c0fc6ab7aa9e2e20f2a32969006df55 Mon Sep 17 00:00:00 2001 From: Mohamed Emine IBRAHIM Date: Sun, 18 Feb 2024 00:18:37 +0000 Subject: [PATCH 2/8] [Fix] Floating IP creation --- infra/ceph_vexx.json | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/infra/ceph_vexx.json b/infra/ceph_vexx.json index 16a677f..8d8c79c 100644 --- a/infra/ceph_vexx.json +++ b/infra/ceph_vexx.json @@ -1,7 +1,5 @@ { "application_name": "ceph_vexx", - "bastion_access_network_name": "ceph_network", - "bastion_access_network_cidr": "172.39.15.0/24", "bastion_to_use": "ceph_vexx", "network": [{ "name": "ceph_network", @@ -183,10 +181,12 @@ "keypair": "dell XPS", "security_group": ["all_open"], "inventory_group": "ceph_bastion", - "network": [{"name": "ceph_network"}], - "fip": [{ - "floatingip": "fip_ceph", - "pool": "public" + "network": [{ + "name": "ceph_network", + "fip": { + "name": "ceph_bastion", + "pool": "public" + } }] } ], From 8f957566fbbc687b80719c7065405274787837aa Mon Sep 17 00:00:00 2001 From: Mohamed Emine IBRAHIM Date: Thu, 22 Feb 2024 17:05:18 +0100 Subject: [PATCH 3/8] [Fix] fip bastion FIP name for emine ceph env --- infra/ceph_vexx.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/infra/ceph_vexx.json b/infra/ceph_vexx.json index 8d8c79c..b62bbba 100644 --- a/infra/ceph_vexx.json +++ b/infra/ceph_vexx.json @@ -184,7 +184,7 @@ "network": [{ "name": "ceph_network", "fip": { - "name": "ceph_bastion", + "name": "fip_bastion", "pool": "public" } }] From 0083d45fc686864e400c7e12dff2db0291dc0ae2 Mon Sep 17 00:00:00 2001 From: Mohamed Emine IBRAHIM Date: Thu, 22 Feb 2024 17:47:00 +0100 Subject: [PATCH 4/8] [Add] role names --- requirements.yml | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/requirements.yml b/requirements.yml index 25b0875..68be7d6 100644 --- a/requirements.yml +++ b/requirements.yml @@ -4,38 +4,46 @@ version: 0.0.4 scm: git accept_hostkey: yes + name: base - src: git@git.felcloud.io:felcloud/ansible_roles_ssh.git version: 0.0.1 scm: git accept_hostkey: yes + base: ssh - src: git@git.felcloud.io:felcloud/ansible_roles_haproxy.git version: 0.0.1 scm: git accept_hostkey: yes + name: haproxy - src: git@git.felcloud.io:felcloud/ansible_roles_keepalived.git version: 0.0.1 scm: git accept_hostkey: yes + name: keepalived - src: git@git.felcloud.io:felcloud/ansible_roles_docker.git version: 0.0.1 scm: git accept_hostkey: yes + name: docker - src: git@git.felcloud.io:felcloud/ansible_roles_console.git version: 0.0.6 scm: git accept_hostkey: yes + name: console - src: git@git.felcloud.io:felcloud/ansible_roles_mongodb.git version: 0.0.1 scm: git accept_hostkey: yes + name: mongodb - src: git@git.felcloud.io:felcloud/ansible_roles_nexus.git version: 0.0.1 scm: git accept_hostkey: yes + name: nexus From aafcfe629f0f668e103b1cad3fe1c66a0ab29c13 Mon Sep 17 00:00:00 2001 From: Mohamed Emine IBRAHIM Date: Thu, 22 Feb 2024 17:53:15 +0100 Subject: [PATCH 5/8] [fix] typo --- requirements.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.yml b/requirements.yml index 68be7d6..8048527 100644 --- a/requirements.yml +++ b/requirements.yml @@ -10,7 +10,7 @@ version: 0.0.1 scm: git accept_hostkey: yes - base: ssh + name: ssh - src: git@git.felcloud.io:felcloud/ansible_roles_haproxy.git version: 0.0.1 From 0f911d9116cbefed4c5293b9e64df264e447883b Mon Sep 17 00:00:00 2001 From: Mohamed Emine IBRAHIM Date: Fri, 22 Mar 2024 15:42:31 +0100 Subject: [PATCH 6/8] [Add] role ceph-init --- requirements.yml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/requirements.yml b/requirements.yml index 8048527..f891fec 100644 --- a/requirements.yml +++ b/requirements.yml @@ -47,3 +47,9 @@ scm: git accept_hostkey: yes name: nexus + +- src: git@git.felcloud.io:felcloud/ansible_roles_ceph-init.git + version: main + scm: git + accept_hostkey: yes + name: ceph-init From 0da6cfbdb77d304247b4909d01e02d83191a5266 Mon Sep 17 00:00:00 2001 From: Mohamed Emine IBRAHIM Date: Sat, 23 Mar 2024 10:21:20 +0000 Subject: [PATCH 7/8] [Add] update ceph vexx infrastructure --- group_vars/ceph_vexx | 11 +++++++++++ infra/ceph_vexx.json | 43 +++++++++++++++++++++++++++++++++++-------- 2 files changed, 46 insertions(+), 8 deletions(-) create mode 100644 group_vars/ceph_vexx diff --git a/group_vars/ceph_vexx b/group_vars/ceph_vexx new file mode 100644 index 0000000..6a3aa30 --- /dev/null +++ b/group_vars/ceph_vexx @@ -0,0 +1,11 @@ +--- + +# linux users +users: + - name: emine + group: emine + groups: sudo + shell: '/bin/bash' + ssh_pub_keys: + - 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDQx/ruuz9HUmS44qSMckfpO/Gk6HukIEUO1DfxxiynMMPp6wsWSz799AgeIsu19qfG1T42hMBy1OoBKIJ91YCOKD43zHu5XoleHKZo2kXHHFsQdtZAm4WcRDMzDsbz5gNEboqKStD4bJ+74GORpnVTpypVWX8f2yahTheb38qRpAwmYOCviL4cak2d6RgVi5eWyvGsVJmcd//7301Dg2FH8l+CmSuRKRY6f27fwqvZUsWx8ZJI0z18q8IHAdqyt67WmY6dLYV+8vQLGAo50ElKPTxrIUnOUmiZZI9oaoqemH7hdiSYMUnp/26Ob0xPafcHsJT1+mqS8H3DDMJf5jsEPwSdR+3pnIMm8vwKW6PJVRZPO5p/lugza0XbPTwKWlZeb6poVs1I2pwScedPgVnLMRuWA4rtEamarPlQ2QZS04+2J3TvuOMcHI0vM/T269bTEOk7UghKz5Km3YYPrQVi728zitAc4BOzk5cxJ4GnO+ttEIHWnZT9Vn/slEHNy3NYnB1hX5a5++/fE1xC9KIBLWqiXONDHyPdsoYqrmtkc82rxkyMtwppY9vvAbkWwrSGSiGM7t/EceB2ZlC8EmzNc1tvDaYDmgGEFMDtsOBO6qNVKjxvP8fYdQgzaasarwcbCYG9VgwhEyUJVYM7s9I+VPZhkXI5ZEjXJ0uIHcbU+w== dell-xps' + - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINgHtvs8XWPr9T1fjhO633kR9ULro0gpnjBc+gFmrI5I emine@felcloud.io' diff --git a/infra/ceph_vexx.json b/infra/ceph_vexx.json index b62bbba..da1923c 100644 --- a/infra/ceph_vexx.json +++ b/infra/ceph_vexx.json @@ -98,6 +98,33 @@ "protocol": "tcp", "remote_ip_prefix": "0.0.0.0/0" }, + { + "name": "Ingress_ceph_osds", + "description": "Ceph OSDs traffic", + "direction": "ingress", + "port_range_max": 7300, + "port_range_min": 6800, + "protocol": "tcp", + "remote_ip_prefix": "0.0.0.0/0" + }, + { + "name": "Ingress_ceph_mons", + "description": "Ceph Mons and Client traffic", + "direction": "ingress", + "port_range_max": 3300, + "port_range_min": 3300, + "protocol": "tcp", + "remote_ip_prefix": "0.0.0.0/0" + }, + { + "name": "Ingress_ceph_mons_backup", + "description": "Ceph Mons and Client traffic", + "direction": "ingress", + "port_range_max": 6789, + "port_range_min": 6789, + "protocol": "tcp", + "remote_ip_prefix": "0.0.0.0/0" + }, { "name": "Ingress_mongodb", "description": "mongodb traffic", @@ -114,7 +141,7 @@ "name": "stg-cephmon-00", "az": "nova", "flavor": "v3-starter-1", - "image": "Ubuntu 20.04.3 LTS (x86_64) [2021-10-04]", + "image": "Ubuntu 22.04 - Cloud Image", "keypair": "dell XPS", "security_group": ["all_open"], "inventory_group": "mons", @@ -124,7 +151,7 @@ "name": "stg-cephmon-01", "az": "nova", "flavor": "v3-starter-1", - "image": "Ubuntu 20.04.3 LTS (x86_64) [2021-10-04]", + "image": "Ubuntu 22.04 - Cloud Image", "keypair": "dell XPS", "security_group": ["all_open"], "inventory_group": "mons", @@ -134,7 +161,7 @@ "name": "stg-cephmon-02", "az": "nova", "flavor": "v3-starter-1", - "image": "Ubuntu 20.04.3 LTS (x86_64) [2021-10-04]", + "image": "Ubuntu 22.04 - Cloud Image", "keypair": "dell XPS", "security_group": ["all_open"], "inventory_group": "mons", @@ -144,7 +171,7 @@ "name": "stg-cephosd-00", "az": "nova", "flavor": "v3-starter-1", - "image": "Ubuntu 20.04.3 LTS (x86_64) [2021-10-04]", + "image": "Ubuntu 22.04 - Cloud Image", "keypair": "dell XPS", "security_group": ["all_open"], "inventory_group": "osds", @@ -155,7 +182,7 @@ "name": "stg-cephosd-01", "az": "nova", "flavor": "v3-starter-1", - "image": "Ubuntu 20.04.3 LTS (x86_64) [2021-10-04]", + "image": "Ubuntu 22.04 - Cloud Image", "keypair": "dell XPS", "security_group": ["all_open"], "inventory_group": "osds", @@ -166,7 +193,7 @@ "name": "stg-cephosd-02", "az": "nova", "flavor": "v3-starter-1", - "image": "Ubuntu 20.04.3 LTS (x86_64) [2021-10-04]", + "image": "Ubuntu 22.04 - Cloud Image", "keypair": "dell XPS", "security_group": ["all_open"], "inventory_group": "osds", @@ -177,10 +204,10 @@ "name": "stg-ceph-bastion-00", "az": "nova", "flavor": "v3-starter-1", - "image": "Ubuntu 20.04.3 LTS (x86_64) [2021-10-04]", + "image": "Ubuntu 22.04 - Cloud Image", "keypair": "dell XPS", "security_group": ["all_open"], - "inventory_group": "ceph_bastion", + "inventory_group": "ceph_vexx_bastion", "network": [{ "name": "ceph_network", "fip": { From b6931523d20f64bd53f4fba4e84854cdc5e8e3a4 Mon Sep 17 00:00:00 2001 From: Mohamed Emine IBRAHIM Date: Sat, 23 Mar 2024 16:18:51 +0000 Subject: [PATCH 8/8] [Add] ceph variables --- group_vars/ceph_vexx | 3 +++ 1 file changed, 3 insertions(+) diff --git a/group_vars/ceph_vexx b/group_vars/ceph_vexx index 6a3aa30..39772c6 100644 --- a/group_vars/ceph_vexx +++ b/group_vars/ceph_vexx @@ -9,3 +9,6 @@ users: ssh_pub_keys: - 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDQx/ruuz9HUmS44qSMckfpO/Gk6HukIEUO1DfxxiynMMPp6wsWSz799AgeIsu19qfG1T42hMBy1OoBKIJ91YCOKD43zHu5XoleHKZo2kXHHFsQdtZAm4WcRDMzDsbz5gNEboqKStD4bJ+74GORpnVTpypVWX8f2yahTheb38qRpAwmYOCviL4cak2d6RgVi5eWyvGsVJmcd//7301Dg2FH8l+CmSuRKRY6f27fwqvZUsWx8ZJI0z18q8IHAdqyt67WmY6dLYV+8vQLGAo50ElKPTxrIUnOUmiZZI9oaoqemH7hdiSYMUnp/26Ob0xPafcHsJT1+mqS8H3DDMJf5jsEPwSdR+3pnIMm8vwKW6PJVRZPO5p/lugza0XbPTwKWlZeb6poVs1I2pwScedPgVnLMRuWA4rtEamarPlQ2QZS04+2J3TvuOMcHI0vM/T269bTEOk7UghKz5Km3YYPrQVi728zitAc4BOzk5cxJ4GnO+ttEIHWnZT9Vn/slEHNy3NYnB1hX5a5++/fE1xC9KIBLWqiXONDHyPdsoYqrmtkc82rxkyMtwppY9vvAbkWwrSGSiGM7t/EceB2ZlC8EmzNc1tvDaYDmgGEFMDtsOBO6qNVKjxvP8fYdQgzaasarwcbCYG9VgwhEyUJVYM7s9I+VPZhkXI5ZEjXJ0uIHcbU+w== dell-xps' - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINgHtvs8XWPr9T1fjhO633kR9ULro0gpnjBc+gFmrI5I emine@felcloud.io' + +# ceph +ceph_public_network: "172.39.15.0/24"