Role - edpm_ceph_hci_pre

osp.edpm.edpm_ceph_hci_pre role – The main entry point for the edpm_ceph_hci_pre role.

Entry point main – The main entry point for the edpm_ceph_hci_pre role.

Synopsis

Parameters

Parameter	Comments
edpm_ceph_hci_pre_configure_firewall boolean	Whether or not firewall ports should be opened to allow access to Ceph services hosted on the node being configured. No firewall configurations are made when `false`. Choices: false true ← (default)
edpm_ceph_hci_pre_enabled_services list / elements=string	List of names matching each `name` in the `edpm_ceph_hci_pre_firewall_services` which should have their firewall ports opened. By default only the Ceph RBD (block) service is configured with it’s supporting services. If EDPM nodes will host a Ceph cluster with more than just block service, then extend this list. If this list is empty, then no firewall ports for Ceph will be opened. Default: ["ceph_mon", "ceph_mgr", "ceph_osd"]
edpm_ceph_hci_pre_firewall_services list / elements=string	List of dictionaries describing each Ceph service name (`name`), firewall rule order number (`num`), ranges based on the different ranges defined above (for all variables above matching `edpm_ceph_hci_pre_*_ranges`), and destination port list (`dport`). If the `dport` list contains an interval, e.g. `mix:max`, then all ports between (and including) `min` and `max` will be opened. Default: [{"dport": [6789, 3300], "name": "ceph_mon", "num": 110, "ranges": "{{ edpm_ceph_hci_pre_storage_ranges | list }}"}, {"dport": ["6800:7300"], "name": "ceph_osd", "num": 111, "ranges": "{{ edpm_ceph_hci_pre_storage_ranges | list }}"}, {"dport": ["6800:7300"], "name": "ceph_mgr", "num": 113, "ranges": "{{ edpm_ceph_hci_pre_storage_ranges | list }}"}, {"dport": ["6800:7300"], "name": "ceph_mds", "num": 112, "ranges": "{{ edpm_ceph_hci_pre_storage_ranges | list }}"}, {"dport": [2049], "name": "ceph_nfs", "num": 120, "ranges": "{{ edpm_ceph_hci_pre_storage_ranges | list }}"}, {"dport": [8080, 13808], "name": "ceph_rgw", "num": 122, "ranges": "{{ edpm_ceph_hci_pre_storage_ranges | list }}"}, {"dport": [8080], "name": "ceph_rgw_frontend", "num": 100, "ranges": "{{ edpm_ceph_hci_pre_rgw_frontend_ranges | list }}"}, {"dport": [13808], "name": "ceph_ssl_rgw_frontend", "num": 100, "ranges": "{{ edpm_ceph_hci_pre_rgw_frontend_ranges | list }}"}, {"dport": ["6800:7300"], "name": "ceph_rbdmirror", "num": 114, "ranges": "{{ edpm_ceph_hci_pre_rbd_mirror_ranges | list }}"}, {"dport": [3100, 9100, 9090, 9092, 9093, 9094, 9100, 9283], "name": "ceph_grafana", "num": 123, "ranges": "{{ edpm_ceph_hci_pre_storage_ranges | list }}"}, {"dport": [3100], "name": "ceph_grafana_frontend", "num": 100, "ranges": "{{ edpm_ceph_hci_pre_grafana_frontend_ranges | list }}"}, {"dport": [9092], "name": "ceph_prometheus", "num": 100, "ranges": "{{ edpm_ceph_hci_pre_storage_ranges | list }}"}, {"dport": [9093], "name": "ceph_alertmanager", "num": 100, "ranges": "{{ edpm_ceph_hci_pre_storage_ranges | list }}"}]
edpm_ceph_hci_pre_firewall_yaml_file string	The absolute path to a YAML file on the EDPM node which will be created by the role. The file will be parsed by the edpm_nftables role which creates the actual firewall rule. Default: "/var/lib/edpm-config/firewall/ceph-networks.yaml"
edpm_ceph_hci_pre_grafana_frontend_ranges list / elements=string	List of IP address ranges in CIDR notation which can access the frontend Ceph Grafana firewall ports to be opened. If the list is empty, the firewall rule will not specify a source address. Default: []
edpm_ceph_hci_pre_rbd_mirror_ranges list / elements=string	List of IP address ranges in CIDR notation which can access the frontend Ceph RBD mirror firewall ports to be opened. If the list is empty, the firewall rule will not specify a source address. Default: []
edpm_ceph_hci_pre_rgw_frontend_ranges list / elements=string	List of IP address ranges in CIDR notation which can access the frontend Ceph RGW firewall ports to be opened. If the list is empty, the firewall rule will not specify a source address. Default: []
edpm_ceph_hci_pre_storage_ranges list / elements=string	List of IP address ranges in CIDR notation which can access the Ceph services on the Ceph `public_network` and `cluster_network`. When the firewall ports are opened, if the list is non-empty, then when the firewall rule is created, it will specify the source addresses. If the list is empty, then the firewall rule will not specify a source address. Default: []

Collection links

• Issue Tracker
• Repository (Sources)