79 lines
2.6 KiB
YAML
79 lines
2.6 KiB
YAML
---
|
|
# Copyright 2022 Red Hat, Inc.
|
|
# All Rights Reserved.
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
|
# not use this file except in compliance with the License. You may obtain
|
|
# a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
|
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
|
# License for the specific language governing permissions and limitations
|
|
# under the License.
|
|
|
|
|
|
- name: Check if the iSCSI initiator name (IQN) has been reset
|
|
ansible.builtin.stat:
|
|
path: /etc/iscsi/.initiator_reset
|
|
register: initiator_reset_state
|
|
|
|
# NOTE: Each overcloud node must have its own, unique iSCSI Qualified Name
|
|
# (IQN) but it has to be reset once, and only once as all the services on the
|
|
# node must use the same IQN. It is reset based on the existence of
|
|
# .initiator_reset sentinel file.
|
|
|
|
- name: Ensure the system has a unique IQN
|
|
when: initiator_reset_state.stat.exists == False
|
|
block:
|
|
|
|
- name: Generate a unique IQN
|
|
ansible.builtin.command: podman run -ti --rm --name iscsid_config {{ tripleo_iscsid_config_image }} /usr/sbin/iscsi-iname
|
|
register: iscsi_iname
|
|
|
|
- name: Save the new IQN
|
|
ansible.builtin.copy:
|
|
dest: /etc/iscsi/initiatorname.iscsi
|
|
content: "InitiatorName={{ iscsi_iname.stdout }}"
|
|
|
|
- name: Record the IQN has been reset
|
|
ansible.builtin.file:
|
|
path: /etc/iscsi/.initiator_reset
|
|
state: touch
|
|
|
|
- name: Check if /etc/iscsi/iscsid.conf exists
|
|
ansible.builtin.stat:
|
|
path: /etc/iscsi/iscsid.conf
|
|
register: result
|
|
|
|
- name: Create /etc/iscsi/iscsid.conf if necessary
|
|
when: result.stat.exists == False
|
|
block:
|
|
|
|
- name: Fetch iscsid.conf from the iscsid container
|
|
ansible.builtin.command: podman run -ti --rm --name iscsid_config {{ tripleo_iscsid_config_image }} cat /etc/iscsi/iscsid.conf
|
|
register: iscsid_conf
|
|
|
|
- name: Create a local copy of iscsid.conf
|
|
copy:
|
|
dest: /etc/iscsi/iscsid.conf
|
|
content: "{{ iscsid_conf.stdout }}"
|
|
mode: 0600
|
|
check_mode: false
|
|
|
|
- name: Write CHAP algorithms
|
|
ansible.builtin.lineinfile:
|
|
path: "/etc/iscsi/iscsid.conf"
|
|
line: "node.session.auth.chap_algs = {{ tripleo_iscsid_chap_algs }}"
|
|
regexp: "^node.session.auth.chap_algs"
|
|
insertafter: "^#node.session.auth.chap.algs"
|
|
register: modify_stat
|
|
|
|
- name: Record the iscsid container restart is required
|
|
when : modify_stat.changed
|
|
ansible.builtin.file:
|
|
path: /etc/iscsi/.iscsid_restart_required
|
|
state: touch
|