Add kayobe user bootstrap support for the seed-hypervisor
This allows kayobe to configure the kayobe ansible user (default stack) on the seed-hypervisor using a bootstrap user account.
This commit is contained in:
parent
e9a444dec1
commit
3a2ba67743
@ -1,4 +1,11 @@
|
|||||||
---
|
---
|
||||||
|
###############################################################################
|
||||||
|
# Seed hypervisor node configuration.
|
||||||
|
|
||||||
|
# User with which to access the seed hypervisor via SSH during bootstrap, in
|
||||||
|
# order to setup the Kayobe user account.
|
||||||
|
seed_hypervisor_bootstrap_user: "{{ lookup('env', 'USER') }}"
|
||||||
|
|
||||||
###############################################################################
|
###############################################################################
|
||||||
# Seed hypervisor network interface configuration.
|
# Seed hypervisor network interface configuration.
|
||||||
|
|
||||||
|
@ -1,3 +1,7 @@
|
|||||||
---
|
---
|
||||||
# User with which to access the seed hypervisor via SSH.
|
# User with which to access the seed hypervisor via SSH.
|
||||||
ansible_user: "{{ kayobe_ansible_user }}"
|
ansible_user: "{{ kayobe_ansible_user }}"
|
||||||
|
|
||||||
|
# User with which to access the seed hypervisor before the kayobe_ansible_user
|
||||||
|
# account has been created.
|
||||||
|
bootstrap_user: "{{ seed_hypervisor_bootstrap_user }}"
|
||||||
|
@ -1,4 +1,11 @@
|
|||||||
---
|
---
|
||||||
|
###############################################################################
|
||||||
|
# Seed hypervisor node configuration.
|
||||||
|
|
||||||
|
# User with which to access the seed hypervisor via SSH during bootstrap, in
|
||||||
|
# order to setup the Kayobe user account.
|
||||||
|
#seed_hypervisor_bootstrap_user:
|
||||||
|
|
||||||
###############################################################################
|
###############################################################################
|
||||||
# Seed hypervisor network interface configuration.
|
# Seed hypervisor network interface configuration.
|
||||||
|
|
||||||
|
@ -263,6 +263,7 @@ class SeedHypervisorHostConfigure(KollaAnsibleMixin, KayobeAnsibleMixin,
|
|||||||
|
|
||||||
* Allocate IP addresses for all configured networks.
|
* Allocate IP addresses for all configured networks.
|
||||||
* Add the host to SSH known hosts.
|
* Add the host to SSH known hosts.
|
||||||
|
* Configure a user account for use by kayobe for SSH access.
|
||||||
* Optionally, create a virtualenv for remote target hosts.
|
* Optionally, create a virtualenv for remote target hosts.
|
||||||
* Configure user accounts, group associations, and authorised SSH keys.
|
* Configure user accounts, group associations, and authorised SSH keys.
|
||||||
* Configure Yum repos.
|
* Configure Yum repos.
|
||||||
@ -274,10 +275,19 @@ class SeedHypervisorHostConfigure(KollaAnsibleMixin, KayobeAnsibleMixin,
|
|||||||
|
|
||||||
def take_action(self, parsed_args):
|
def take_action(self, parsed_args):
|
||||||
self.app.LOG.debug("Configuring seed hypervisor host OS")
|
self.app.LOG.debug("Configuring seed hypervisor host OS")
|
||||||
|
# Explicitly request the dump-config tag to ensure this play runs even
|
||||||
|
# if the user specified tags.
|
||||||
|
ansible_user = self.run_kayobe_config_dump(
|
||||||
|
parsed_args, host="seed-hypervisor",
|
||||||
|
var_name="kayobe_ansible_user", tags="dump-config")
|
||||||
|
if not ansible_user:
|
||||||
|
self.app.LOG.error("Could not determine kayobe_ansible_user "
|
||||||
|
"variable for seed hypervisor host")
|
||||||
|
sys.exit(1)
|
||||||
playbooks = _build_playbook_list(
|
playbooks = _build_playbook_list(
|
||||||
"ip-allocation", "ssh-known-host", "kayobe-target-venv", "users",
|
"ip-allocation", "ssh-known-host", "kayobe-ansible-user",
|
||||||
"yum", "dev-tools", "network", "sysctl", "ntp",
|
"kayobe-target-venv", "users", "yum", "dev-tools", "network",
|
||||||
"seed-hypervisor-libvirt-host")
|
"sysctl", "ntp", "seed-hypervisor-libvirt-host")
|
||||||
self.run_kayobe_playbooks(parsed_args, playbooks,
|
self.run_kayobe_playbooks(parsed_args, playbooks,
|
||||||
limit="seed-hypervisor")
|
limit="seed-hypervisor")
|
||||||
|
|
||||||
|
@ -82,22 +82,32 @@ class TestCase(unittest.TestCase):
|
|||||||
]
|
]
|
||||||
self.assertEqual(expected_calls, mock_run.call_args_list)
|
self.assertEqual(expected_calls, mock_run.call_args_list)
|
||||||
|
|
||||||
|
@mock.patch.object(commands.KayobeAnsibleMixin,
|
||||||
|
"run_kayobe_config_dump")
|
||||||
@mock.patch.object(commands.KayobeAnsibleMixin,
|
@mock.patch.object(commands.KayobeAnsibleMixin,
|
||||||
"run_kayobe_playbooks")
|
"run_kayobe_playbooks")
|
||||||
def test_seed_hypervisor_host_configure(self, mock_run):
|
def test_seed_hypervisor_host_configure(self, mock_run, mock_dump):
|
||||||
command = commands.SeedHypervisorHostConfigure(TestApp(), [])
|
command = commands.SeedHypervisorHostConfigure(TestApp(), [])
|
||||||
parser = command.get_parser("test")
|
parser = command.get_parser("test")
|
||||||
parsed_args = parser.parse_args([])
|
parsed_args = parser.parse_args([])
|
||||||
|
mock_dump.return_value = "stack"
|
||||||
|
|
||||||
result = command.run(parsed_args)
|
result = command.run(parsed_args)
|
||||||
self.assertEqual(0, result)
|
self.assertEqual(0, result)
|
||||||
|
|
||||||
|
expected_calls = [
|
||||||
|
mock.call(mock.ANY, host="seed-hypervisor",
|
||||||
|
var_name="kayobe_ansible_user", tags="dump-config")
|
||||||
|
]
|
||||||
|
self.assertEqual(expected_calls, mock_dump.call_args_list)
|
||||||
|
|
||||||
expected_calls = [
|
expected_calls = [
|
||||||
mock.call(
|
mock.call(
|
||||||
mock.ANY,
|
mock.ANY,
|
||||||
[
|
[
|
||||||
"ansible/ip-allocation.yml",
|
"ansible/ip-allocation.yml",
|
||||||
"ansible/ssh-known-host.yml",
|
"ansible/ssh-known-host.yml",
|
||||||
|
"ansible/kayobe-ansible-user.yml",
|
||||||
"ansible/kayobe-target-venv.yml",
|
"ansible/kayobe-target-venv.yml",
|
||||||
"ansible/users.yml",
|
"ansible/users.yml",
|
||||||
"ansible/yum.yml",
|
"ansible/yum.yml",
|
||||||
|
Loading…
Reference in New Issue
Block a user