Merge branch 'develop' into feature/pve7

README.md

@@ -383,6 +383,7 @@ pve_run_system_upgrades: false # Let role perform system upgrades
 pve_run_proxmox_upgrades: true # Let role perform Proxmox VE upgrades
 pve_check_for_kernel_update: true # Runs a script on the host to check kernel versions
 pve_reboot_on_kernel_update: false # If set to true, will automatically reboot the machine on kernel updates
+pve_reboot_on_kernel_update_delay: 60 # Number of seconds to wait before and after a reboot process to proceed with next task in cluster mode
 pve_remove_old_kernels: true # Currently removes kernel from main Debian repository
 pve_watchdog: none # Set this to "ipmi" if you want to configure a hardware watchdog. Proxmox uses a software watchdog (nmi_watchdog) by default.
 pve_watchdog_ipmi_action: power_cycle # Can be one of "reset", "power_cycle", and "power_off".
@@ -394,6 +395,7 @@ pve_ceph_enabled: false # Specifies wheter or not to install and configure Ceph
 pve_ceph_repository_line: "deb http://download.proxmox.com/debian/ceph-pacific bullseye main" # apt-repository configuration. Will be automatically set for 6.x and 7.x (Further information: https://pve.proxmox.com/wiki/Package_Repositories)
 pve_ceph_network: "{{ (ansible_default_ipv4.network +'/'+ ansible_default_ipv4.netmask) | ipaddr('net') }}" # Ceph public network
 # pve_ceph_cluster_network: "" # Optional, if the ceph cluster network is different from the public network (see https://pve.proxmox.com/pve-docs/chapter-pveceph.html#pve_ceph_install_wizard)
+pve_ceph_nodes: "{{ pve_group }}" # Host group containing all Ceph nodes
 pve_ceph_mon_group: "{{ pve_group }}" # Host group containing all Ceph monitor hosts
 pve_ceph_mgr_group: "{{ pve_ceph_mon_group }}" # Host group containing all Ceph manager hosts
 pve_ceph_mds_group: "{{ pve_group }}" # Host group containing all Ceph metadata server hosts
@@ -610,6 +612,7 @@ following definitions show some of the configurations that are possible.
 pve_ceph_enabled: true
 pve_ceph_network: '172.10.0.0/24'
 pve_ceph_cluster_network: '172.10.1.0/24'
+pve_ceph_nodes: "ceph_nodes"
 pve_ceph_osds:
   # OSD with everything on the same device
   - device: /dev/sdc
@@ -672,6 +675,8 @@ pve_ceph_fs:
 `pve_ceph_network` by default uses the `ipaddr` filter, which requires the
 `netaddr` library to be installed and usable by your Ansible controller.
 
+`pve_ceph_nodes` by default uses `pve_group`, this parameter allows to specify on which nodes install Ceph (e.g. if you don't want to install Ceph on all your nodes).
+
 `pve_ceph_osds` by default creates unencrypted ceph volumes. To use encrypted volumes the parameter `encrypted` has to be set per drive to `true`.
 
 ## Contributors

defaults/main.yml

@@ -6,6 +6,7 @@ pve_remove_subscription_warning: true
 pve_extra_packages: []
 pve_check_for_kernel_update: true
 pve_reboot_on_kernel_update: false
+pve_reboot_on_kernel_update_delay: 60
 pve_remove_old_kernels: true
 pve_run_system_upgrades: false
 pve_run_proxmox_upgrades: true
@@ -18,6 +19,7 @@ pve_zfs_enabled: no
 pve_ceph_enabled: false
 pve_ceph_repository_line: "deb http://download.proxmox.com/debian/{% if ansible_distribution_release == 'buster' %}ceph-nautilus buster{% else %}ceph-pacific bullseye{% endif %} main"
 pve_ceph_network: "{{ (ansible_default_ipv4.network +'/'+ ansible_default_ipv4.netmask) | ipaddr('net') }}"
+pve_ceph_nodes: "{{ pve_group }}"
 pve_ceph_mon_group: "{{ pve_group }}"
 pve_ceph_mgr_group: "{{ pve_ceph_mon_group }}"
 pve_ceph_mds_group: "{{ pve_group }}"

tasks/kernel_updates.yml

@@ -1,22 +1,26 @@
 ---
-- name: Check for kernel update
+- name: "Check for kernel update"
   collect_kernel_info:
     lookup_packages: false
   register: _pve_kernel_update
   when: "pve_reboot_on_kernel_update | bool"
 
-- name: Reboot for kernel update
+- name: "Reboot for kernel update"
   reboot:
     msg: "PVE kernel update detected by Ansible"
+    pre_reboot_delay: "{{ pve_reboot_on_kernel_update_delay }}"
+    post_reboot_delay: "{{ pve_reboot_on_kernel_update_delay }}"
+  throttle: "{{ pve_cluster_enabled | bool | ternary(1, omit) }}"
   when:
     - "pve_reboot_on_kernel_update | bool"
     - "_pve_kernel_update.new_kernel_exists"
+    - "pve_cluster_enabled | bool"
 
-- name: Collect kernel package information
+- name: "Collect kernel package information"
   collect_kernel_info:
   register: _pve_kernel
 
-- name: Remove old Debian/PVE kernels
+- name: "Remove old Debian/PVE kernels"
   apt:
     name: "{{ ['linux-image-amd64'] + _pve_kernel.old_packages }}"
     state: absent

tasks/main.yml

@@ -85,16 +85,16 @@
 - name: Define hostname in /etc/hosts for single-host installations
   lineinfile:
     dest: /etc/hosts
-    regexp: |-
-      {# Match an IPv4/v6 address at the start #}
-      ^\\h*[0-9a-f:.]+
-      {# Match at least one whitespace, and any non-hostname names #}
-      (\\h+.*)?\\h
-      {# Match either our fqdn or hostname #}
-      ({{ ansible_fqdn | regex_escape() }}|{{ ansible_hostname | regex_escape() }})
-      {# Require there be a word boundary at the end of the name(s). #}
-      {# This can be any whitespace, or end-of-line. #}
-      (\\h+.*|\\h*)$
+    regexp: "\
+      {# Match an IPv4/v6 address at the start #}\
+      ^\\s*[0-9a-f:.]+\
+      {# Match at least one whitespace, and any non-hostname names #}\
+      (\\s+.*)*\\s\
+      {# Match either our fqdn or hostname #}\
+      ({{ ansible_fqdn | regex_escape() }}|{{ ansible_hostname | regex_escape() }})\
+      {# Require there be a word boundary at the end of the name(s). #}\
+      {# This can be any whitespace, or end-of-line. #}\
+      (\\s+.*|\\s*)$"
     line: "{{ hostvars[inventory_hostname].pve_cluster_addr0 }} {{ ansible_fqdn }} {{ ansible_hostname }}"
     backup: yes
   when: "not pve_cluster_enabled | bool and pve_manage_hosts_enabled | bool"
@@ -204,7 +204,9 @@
   when: "pve_cluster_enabled | bool"
 
 - import_tasks: ceph.yml
-  when: "pve_ceph_enabled | bool"
+  when:
+    - "pve_ceph_enabled | bool"
+    - "inventory_hostname in groups[pve_ceph_nodes]"
 
 - name: Configure Proxmox roles
   proxmox_role: