Appendix A. Sample iscsigws.yml File

Variables here are applicable to all host groups NOT roles
This sample file generated by generate_group_vars_sample.sh
Dummy variable to avoid error because ansible does not recognize the
file as a good configuration file when no variable in it.
You can override vars by using host or group vars
GENERAL #
Specify the iqn for ALL gateways. This iqn is shared across the gateways, so an iscsi
client sees the gateway group as a single storage subsystem.
gateway_ip_list provides a list of the IP Addrresses - one per gateway - that will be used
as an iscsi target portal ip. The list must be comma separated - and the order determines
the sequence of TPG's within the iscsi target across each gateway. Once set, additional
gateways can be added, but the order must *not* be changed.
rbd_devices defines the images that should be created and exported from the iscsi gateways.
If the rbd does not exist, it will be created for you. In addition you may increase the
size of rbd's by changing the size parameter and rerunning the playbook. A size value lower
than the current size of the rbd is ignored.
the 'host' parameter defines which of the gateway nodes should handle the physical
allocation/expansion or removal of the rbd
to remove an image, simply use a state of 'absent'. This will first check the rbd is not allocated
to any client, and the remove it from LIO and then delete the rbd image
NB. this variable definition can be commented out to bypass LUN management
Example:
 - { pool: 'rbd', image: 'ansible1', size: '30G', host: 'ceph-1', state: 'present' }
 - { pool: 'rbd', image: 'ansible2', size: '15G', host: 'ceph-1', state: 'present' }
 - { pool: 'rbd', image: 'ansible3', size: '30G', host: 'ceph-1', state: 'present' }
 - { pool: 'rbd', image: 'ansible4', size: '50G', host: 'ceph-1', state: 'present' }
client_connections defines the client ACL's to restrict client access to specific LUNs
The settings are as follows;
- image_list is a comma separated list of rbd images of the form <pool name>.<rbd_image_name>
- chap supplies the user and password the client will use for authentication of the
  form <user>/<password>
- status shows the intended state of this client definition - 'present' or 'absent'
NB. this definition can be commented out to skip client (nodeACL) management
Example:
 - { client: 'iqn.1994-05.com.redhat:rh7-iscsi-client', image_list: 'rbd.ansible1,rbd.ansible2', chap: 'rh7-iscsi-client/redhat', status: 'present' }
 - { client: 'iqn.1991-05.com.microsoft:w2k12r2', image_list: 'rbd.ansible4', chap: 'w2k12r2/microsoft_w2k12', status: 'absent' }
Whether or not to generate secure certificate to iSCSI gateway nodes
RBD-TARGET-API #
Optional settings related to the CLI/API service
DOCKER #
Resource limitation
For the whole list of limits you can apply see: docs.docker.com/engine/admin/resource_constraints
Default values are based from: https://access.redhat.com/documentation/en-us/red_hat_ceph_storage/2/html/red_hat_ceph_storage_hardware_guide/minimum_recommendations
These options can be passed using the 'ceph_mds_docker_extra_env' variable.
TCMU_RUNNER resource limitation
RBD_TARGET_GW resource limitation
RBD_TARGET_API resource limitation

# Variables here are applicable to all host groups NOT roles

# This sample file generated by generate_group_vars_sample.sh

# Dummy variable to avoid error because ansible does not recognize the
# file as a good configuration file when no variable in it.
dummy:

# You can override vars by using host or group vars

###########
# GENERAL #
###########
# Specify the iqn for ALL gateways. This iqn is shared across the gateways, so an iscsi
# client sees the gateway group as a single storage subsystem.
#gateway_iqn: "iqn.2003-01.com.redhat.iscsi-gw:ceph-igw"

# gateway_ip_list provides a list of the IP Addrresses - one per gateway - that will be used
# as an iscsi target portal ip. The list must be comma separated - and the order determines
# the sequence of TPG's within the iscsi target across each gateway. Once set, additional
# gateways can be added, but the order must *not* be changed.
#gateway_ip_list: 0.0.0.0

# rbd_devices defines the images that should be created and exported from the iscsi gateways.
# If the rbd does not exist, it will be created for you. In addition you may increase the
# size of rbd's by changing the size parameter and rerunning the playbook. A size value lower
# than the current size of the rbd is ignored.
#
# the 'host' parameter defines which of the gateway nodes should handle the physical
# allocation/expansion or removal of the rbd
# to remove an image, simply use a state of 'absent'. This will first check the rbd is not allocated
# to any client, and the remove it from LIO and then delete the rbd image
#
# NB. this variable definition can be commented out to bypass LUN management
#
# Example:
#
#rbd_devices:
#  - { pool: 'rbd', image: 'ansible1', size: '30G', host: 'ceph-1', state: 'present' }
#  - { pool: 'rbd', image: 'ansible2', size: '15G', host: 'ceph-1', state: 'present' }
#  - { pool: 'rbd', image: 'ansible3', size: '30G', host: 'ceph-1', state: 'present' }
#  - { pool: 'rbd', image: 'ansible4', size: '50G', host: 'ceph-1', state: 'present' }
#rbd_devices: {}

# client_connections defines the client ACL's to restrict client access to specific LUNs
# The settings are as follows;
# - image_list is a comma separated list of rbd images of the form <pool name>.<rbd_image_name>
# - chap supplies the user and password the client will use for authentication of the
#   form <user>/<password>
# - status shows the intended state of this client definition - 'present' or 'absent'
#
# NB. this definition can be commented out to skip client (nodeACL) management
#
# Example:
#
#client_connections:
#  - { client: 'iqn.1994-05.com.redhat:rh7-iscsi-client', image_list: 'rbd.ansible1,rbd.ansible2', chap: 'rh7-iscsi-client/redhat', status: 'present' }
#  - { client: 'iqn.1991-05.com.microsoft:w2k12r2', image_list: 'rbd.ansible4', chap: 'w2k12r2/microsoft_w2k12', status: 'absent' }

#client_connections: {}


# Whether or not to generate secure certificate to iSCSI gateway nodes
#generate_crt: False


##################
# RBD-TARGET-API #
##################
# Optional settings related to the CLI/API service
#api_user: admin
#api_password: admin
#api_port: 5000
#api_secure: false
#loop_delay: 1
#trusted_ip_list: 192.168.122.1


##########
# DOCKER #
##########

# Resource limitation
# For the whole list of limits you can apply see: docs.docker.com/engine/admin/resource_constraints
# Default values are based from: https://access.redhat.com/documentation/en-us/red_hat_ceph_storage/2/html/red_hat_ceph_storage_hardware_guide/minimum_recommendations
# These options can be passed using the 'ceph_mds_docker_extra_env' variable.

# TCMU_RUNNER resource limitation
#ceph_tcmu_runner_docker_memory_limit: 1g
#ceph_tcmu_runner_docker_cpu_limit: 1

# RBD_TARGET_GW resource limitation
#ceph_rbd_target_gw_docker_memory_limit: 1g
#ceph_rbd_target_gw_docker_cpu_limit: 1

# RBD_TARGET_API resource limitation
#ceph_rbd_target_api_docker_memory_limit: 1g
#ceph_rbd_target_api_docker_cpu_limit: 1