From dfa29695e911d0fa1464e54c90a6a5d997a5bf86 Mon Sep 17 00:00:00 2001 From: Jonathan Davies Date: Wed, 1 Nov 2017 10:03:40 +0000 Subject: [PATCH 01/24] roles/node-exporter: Fixed surplus command option. --- ansible/roles/node-exporter/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ansible/roles/node-exporter/defaults/main.yml b/ansible/roles/node-exporter/defaults/main.yml index f3f8279b2..9db979725 100644 --- a/ansible/roles/node-exporter/defaults/main.yml +++ b/ansible/roles/node-exporter/defaults/main.yml @@ -10,7 +10,7 @@ nodeexporter_services: container_name: nodeexporter enabled: "{{ nodeexporter_enabled }}" image: "{{ nodeexporter_image_full }}" - command: /bin/node_exporter --collector.procfs=/host/proc --collector.sysfs=/host/sys --collector.filesystem.ignored-mount-points "^/(sys|proc|dev|host|etc)($|/)" + command: --collector.procfs=/host/proc --collector.sysfs=/host/sys --collector.filesystem.ignored-mount-points "^/(sys|proc|dev|host|etc)($|/)" privileged: True read_only: True volumes: From 0b8bd70a5bd27911e6ae9f253cf3c039a26952c5 Mon Sep 17 00:00:00 2001 From: Jonathan Davies Date: Wed, 1 Nov 2017 10:42:00 +0000 Subject: [PATCH 02/24] roles/yum: Added base YUM repo configuration for local mirror. --- ansible/roles/yum/defaults/main.yml | 5 +++ ansible/roles/yum/tasks/main.yml | 42 ++++++++++++++++++ .../roles/yum/templates/CentOS-Base.repo.j2 | 43 +++++++++++++++++++ ansible/roles/yum/templates/epel.repo.j2 | 26 +++++++++++ 4 files changed, 116 insertions(+) create mode 100644 ansible/roles/yum/defaults/main.yml create mode 100644 ansible/roles/yum/tasks/main.yml create mode 100644 ansible/roles/yum/templates/CentOS-Base.repo.j2 create mode 100644 ansible/roles/yum/templates/epel.repo.j2 diff --git a/ansible/roles/yum/defaults/main.yml b/ansible/roles/yum/defaults/main.yml new file mode 100644 index 000000000..455bdd6c1 --- /dev/null +++ b/ansible/roles/yum/defaults/main.yml @@ -0,0 +1,5 @@ +--- + +centos_mirror_host: 'mirror.centos.org' +epel_mirror_host: 'download.fedoraproject.org' +epel_mirror_directory: 'pub/epel' diff --git a/ansible/roles/yum/tasks/main.yml b/ansible/roles/yum/tasks/main.yml new file mode 100644 index 000000000..db609b62c --- /dev/null +++ b/ansible/roles/yum/tasks/main.yml @@ -0,0 +1,42 @@ +--- + +- name: Replace | Disable YUM fastestmirror plugin (CentOS) + replace: + dest: /etc/yum/pluginconf.d/fastestmirror.conf + regexp: "enabled=1" + replace: "enabled=0" + when: ansible_os_family == 'RedHat' + +- name: Template | Copy CentOS repo templates (CentOS) + template: + src: CentOS-Base.repo.j2 + dest: /etc/yum.repos.d/CentOS-Base.repo + owner: root + group: root + mode: 0664 + when: ansible_os_family == 'RedHat' + +- name: Yum | Update cache (CentOS) + yum: + update_cache=yes + when: ansible_os_family == 'RedHat' + +- name: Yum | Install epel-release (CentOS) + yum: + name: epel-release + state: installed + when: ansible_os_family == 'RedHat' + +- name: Template | Copy EPEL repo templates (CentOS) + template: + src: epel.repo.j2 + dest: /etc/yum.repos.d/epel.repo + owner: root + group: root + mode: 0664 + when: ansible_os_family == 'RedHat' + +- name: Yum | Update cache (CentOS) + update_cache=yes + when: ansible_os_family == 'RedHat' + diff --git a/ansible/roles/yum/templates/CentOS-Base.repo.j2 b/ansible/roles/yum/templates/CentOS-Base.repo.j2 new file mode 100644 index 000000000..2c00ceada --- /dev/null +++ b/ansible/roles/yum/templates/CentOS-Base.repo.j2 @@ -0,0 +1,43 @@ +# CentOS-Base.repo +# +# The mirror system uses the connecting IP address of the client and the +# update status of each mirror to pick mirrors that are updated to and +# geographically close to the client. You should use this for CentOS updates +# unless you are manually picking other mirrors. +# +# If the mirrorlist= does not work for you, as a fall back you can try the +# remarked out baseurl= line instead. +# +# + +[base] +name=CentOS-$releasever - Base +#mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=os&infra=$infra +baseurl=http://{{ centos_mirror_host }}/centos/$releasever/os/$basearch/ +gpgcheck=1 +gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7 + +#released updates +[updates] +name=CentOS-$releasever - Updates +#mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=updates&infra=$infra +baseurl=http://{{ centos_mirror_host }}/centos/$releasever/updates/$basearch/ +gpgcheck=1 +gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7 + +#additional packages that may be useful +[extras] +name=CentOS-$releasever - Extras +#mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=extras&infra=$infra +baseurl=http://{{ centos_mirror_host }}/centos/$releasever/extras/$basearch/ +gpgcheck=1 +gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7 + +#additional packages that extend functionality of existing packages +[centosplus] +name=CentOS-$releasever - Plus +#mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=centosplus&infra=$infra +baseurl=http://{{ centos_mirror_host }}/centos/$releasever/centosplus/$basearch/ +gpgcheck=1 +enabled=0 +gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7 diff --git a/ansible/roles/yum/templates/epel.repo.j2 b/ansible/roles/yum/templates/epel.repo.j2 new file mode 100644 index 000000000..7cbe42f2c --- /dev/null +++ b/ansible/roles/yum/templates/epel.repo.j2 @@ -0,0 +1,26 @@ +[epel] +name=Extra Packages for Enterprise Linux 7 - $basearch +baseurl=http://{{ epel_mirror_host }}/{{ epel_mirror_directory }}/7/$basearch +#mirrorlist=https://mirrors.fedoraproject.org/metalink?repo=epel-7&arch=$basearch +failovermethod=priority +enabled=1 +gpgcheck=1 +gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7 + +[epel-debuginfo] +name=Extra Packages for Enterprise Linux 7 - $basearch - Debug +baseurl=http://{{ epel_mirror_host }}/{{ epel_mirror_directory }}/7/$basearch/debug +#mirrorlist=https://mirrors.fedoraproject.org/metalink?repo=epel-debug-7&arch=$basearch +failovermethod=priority +enabled=0 +gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7 +gpgcheck=1 + +[epel-source] +name=Extra Packages for Enterprise Linux 7 - $basearch - Source +baseurl=http://{{ epel_mirror_host }}/{{ epel_mirror_directory }}/7/SRPMS +#mirrorlist=https://mirrors.fedoraproject.org/metalink?repo=epel-source-7&arch=$basearch +failovermethod=priority +enabled=0 +gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7 +gpgcheck=1 From 1a73fca04c4b2565f84f612b00966600ca761352 Mon Sep 17 00:00:00 2001 From: Jonathan Davies Date: Wed, 1 Nov 2017 10:42:27 +0000 Subject: [PATCH 03/24] commands.py: Added yum role to host configure. --- kayobe/cli/commands.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/kayobe/cli/commands.py b/kayobe/cli/commands.py index e83be4fd0..15950590e 100644 --- a/kayobe/cli/commands.py +++ b/kayobe/cli/commands.py @@ -559,6 +559,7 @@ class OvercloudHostConfigure(KollaAnsibleMixin, KayobeAnsibleMixin, VaultMixin, * Configure the host's network interfaces. * Set sysctl parameters. * Disable bootstrap interface configuration. + * Configure YUM repos. * Configure NTP. * Configure LVM volumes. * Configure a user account for kolla-ansible. @@ -589,7 +590,7 @@ class OvercloudHostConfigure(KollaAnsibleMixin, KayobeAnsibleMixin, VaultMixin, playbooks += _build_playbook_list("wipe-disks") playbooks += _build_playbook_list( "users", "dev-tools", "disable-selinux", "network", "sysctl", - "disable-glean", "ntp", "lvm") + "disable-glean", "yum", "ntp", "lvm") self.run_kayobe_playbooks(parsed_args, playbooks, limit="overcloud") playbooks = _build_playbook_list("kolla-ansible") self.run_kayobe_playbooks(parsed_args, playbooks, tags="config") From b4b501a046b32e050e4dc79420dc46d8acef86e6 Mon Sep 17 00:00:00 2001 From: Jonathan Davies Date: Wed, 1 Nov 2017 10:49:18 +0000 Subject: [PATCH 04/24] roles/yum: Added yum-cron configuration. --- ansible/roles/yum/handlers/main.yml | 6 ++++++ ansible/roles/yum/tasks/main.yml | 16 ++++++++++++++++ 2 files changed, 22 insertions(+) create mode 100644 ansible/roles/yum/handlers/main.yml diff --git a/ansible/roles/yum/handlers/main.yml b/ansible/roles/yum/handlers/main.yml new file mode 100644 index 000000000..2104dd2a6 --- /dev/null +++ b/ansible/roles/yum/handlers/main.yml @@ -0,0 +1,6 @@ +--- + +- name: Restart yum-cron + service: + name=yum-cron + state=restarted diff --git a/ansible/roles/yum/tasks/main.yml b/ansible/roles/yum/tasks/main.yml index db609b62c..c5da243a2 100644 --- a/ansible/roles/yum/tasks/main.yml +++ b/ansible/roles/yum/tasks/main.yml @@ -40,3 +40,19 @@ update_cache=yes when: ansible_os_family == 'RedHat' +- name: Yum | Install yum-cron (CentOS) + package: name=yum-cron state=present + when: ansible_os_family == 'RedHat' + +- name: Replace | Enable update applying for yum-cron (CentOS) + replace: + dest: /etc/yum/yum-cron.conf + regexp: "^apply_updates = no" + replace: "apply_updates = yes" + when: ansible_os_family == 'RedHat' + notify: + - Restart yum-cron + +- name: Service | Enable yum-cron (CentOS) + service: name=yum-cron state=started enabled=yes + when: ansible_os_family == 'RedHat' From 01684d8f4998cf836b35d5b9081d1e1cbb0f024f Mon Sep 17 00:00:00 2001 From: Jonathan Davies Date: Wed, 1 Nov 2017 10:55:41 +0000 Subject: [PATCH 05/24] roles/yum: Fixed update_cache options. --- ansible/roles/yum/tasks/main.yml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/ansible/roles/yum/tasks/main.yml b/ansible/roles/yum/tasks/main.yml index c5da243a2..2fba11c54 100644 --- a/ansible/roles/yum/tasks/main.yml +++ b/ansible/roles/yum/tasks/main.yml @@ -18,7 +18,7 @@ - name: Yum | Update cache (CentOS) yum: - update_cache=yes + update_cache: yes when: ansible_os_family == 'RedHat' - name: Yum | Install epel-release (CentOS) @@ -37,7 +37,8 @@ when: ansible_os_family == 'RedHat' - name: Yum | Update cache (CentOS) - update_cache=yes + yum: + update_cache: yes when: ansible_os_family == 'RedHat' - name: Yum | Install yum-cron (CentOS) From 2aa5008787a39334ef262ebe5a6b717d5a8eef38 Mon Sep 17 00:00:00 2001 From: Jonathan Davies Date: Wed, 1 Nov 2017 10:57:26 +0000 Subject: [PATCH 06/24] roles/yum: Use yum instead of package. --- ansible/roles/yum/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ansible/roles/yum/tasks/main.yml b/ansible/roles/yum/tasks/main.yml index 2fba11c54..cf82a7967 100644 --- a/ansible/roles/yum/tasks/main.yml +++ b/ansible/roles/yum/tasks/main.yml @@ -42,7 +42,7 @@ when: ansible_os_family == 'RedHat' - name: Yum | Install yum-cron (CentOS) - package: name=yum-cron state=present + yum: name=yum-cron state=present when: ansible_os_family == 'RedHat' - name: Replace | Enable update applying for yum-cron (CentOS) From 38001e5be7fb7d3a53c421c9915eb7f3dbfc1a68 Mon Sep 17 00:00:00 2001 From: Jonathan Davies Date: Wed, 1 Nov 2017 11:13:27 +0000 Subject: [PATCH 07/24] roles/yum: Added use_local_mirror. --- ansible/roles/yum/defaults/main.yml | 1 + ansible/roles/yum/tasks/main.yml | 59 +---------------------------- ansible/roles/yum/tasks/redhat.yml | 59 +++++++++++++++++++++++++++++ 3 files changed, 62 insertions(+), 57 deletions(-) create mode 100644 ansible/roles/yum/tasks/redhat.yml diff --git a/ansible/roles/yum/defaults/main.yml b/ansible/roles/yum/defaults/main.yml index 455bdd6c1..6594cab68 100644 --- a/ansible/roles/yum/defaults/main.yml +++ b/ansible/roles/yum/defaults/main.yml @@ -1,5 +1,6 @@ --- +use_local_mirror: false centos_mirror_host: 'mirror.centos.org' epel_mirror_host: 'download.fedoraproject.org' epel_mirror_directory: 'pub/epel' diff --git a/ansible/roles/yum/tasks/main.yml b/ansible/roles/yum/tasks/main.yml index cf82a7967..91f31ef28 100644 --- a/ansible/roles/yum/tasks/main.yml +++ b/ansible/roles/yum/tasks/main.yml @@ -1,59 +1,4 @@ --- -- name: Replace | Disable YUM fastestmirror plugin (CentOS) - replace: - dest: /etc/yum/pluginconf.d/fastestmirror.conf - regexp: "enabled=1" - replace: "enabled=0" - when: ansible_os_family == 'RedHat' - -- name: Template | Copy CentOS repo templates (CentOS) - template: - src: CentOS-Base.repo.j2 - dest: /etc/yum.repos.d/CentOS-Base.repo - owner: root - group: root - mode: 0664 - when: ansible_os_family == 'RedHat' - -- name: Yum | Update cache (CentOS) - yum: - update_cache: yes - when: ansible_os_family == 'RedHat' - -- name: Yum | Install epel-release (CentOS) - yum: - name: epel-release - state: installed - when: ansible_os_family == 'RedHat' - -- name: Template | Copy EPEL repo templates (CentOS) - template: - src: epel.repo.j2 - dest: /etc/yum.repos.d/epel.repo - owner: root - group: root - mode: 0664 - when: ansible_os_family == 'RedHat' - -- name: Yum | Update cache (CentOS) - yum: - update_cache: yes - when: ansible_os_family == 'RedHat' - -- name: Yum | Install yum-cron (CentOS) - yum: name=yum-cron state=present - when: ansible_os_family == 'RedHat' - -- name: Replace | Enable update applying for yum-cron (CentOS) - replace: - dest: /etc/yum/yum-cron.conf - regexp: "^apply_updates = no" - replace: "apply_updates = yes" - when: ansible_os_family == 'RedHat' - notify: - - Restart yum-cron - -- name: Service | Enable yum-cron (CentOS) - service: name=yum-cron state=started enabled=yes - when: ansible_os_family == 'RedHat' +- include: redhat.yml + when: (ansible_os_family == "RedHat" and use_local_mirror == true) diff --git a/ansible/roles/yum/tasks/redhat.yml b/ansible/roles/yum/tasks/redhat.yml new file mode 100644 index 000000000..cf82a7967 --- /dev/null +++ b/ansible/roles/yum/tasks/redhat.yml @@ -0,0 +1,59 @@ +--- + +- name: Replace | Disable YUM fastestmirror plugin (CentOS) + replace: + dest: /etc/yum/pluginconf.d/fastestmirror.conf + regexp: "enabled=1" + replace: "enabled=0" + when: ansible_os_family == 'RedHat' + +- name: Template | Copy CentOS repo templates (CentOS) + template: + src: CentOS-Base.repo.j2 + dest: /etc/yum.repos.d/CentOS-Base.repo + owner: root + group: root + mode: 0664 + when: ansible_os_family == 'RedHat' + +- name: Yum | Update cache (CentOS) + yum: + update_cache: yes + when: ansible_os_family == 'RedHat' + +- name: Yum | Install epel-release (CentOS) + yum: + name: epel-release + state: installed + when: ansible_os_family == 'RedHat' + +- name: Template | Copy EPEL repo templates (CentOS) + template: + src: epel.repo.j2 + dest: /etc/yum.repos.d/epel.repo + owner: root + group: root + mode: 0664 + when: ansible_os_family == 'RedHat' + +- name: Yum | Update cache (CentOS) + yum: + update_cache: yes + when: ansible_os_family == 'RedHat' + +- name: Yum | Install yum-cron (CentOS) + yum: name=yum-cron state=present + when: ansible_os_family == 'RedHat' + +- name: Replace | Enable update applying for yum-cron (CentOS) + replace: + dest: /etc/yum/yum-cron.conf + regexp: "^apply_updates = no" + replace: "apply_updates = yes" + when: ansible_os_family == 'RedHat' + notify: + - Restart yum-cron + +- name: Service | Enable yum-cron (CentOS) + service: name=yum-cron state=started enabled=yes + when: ansible_os_family == 'RedHat' From 42e22437ed410c4bace0b8034d712267ac0b8270 Mon Sep 17 00:00:00 2001 From: Jonathan Davies Date: Wed, 1 Nov 2017 11:55:48 +0000 Subject: [PATCH 08/24] roles/yum: Use YAML styled options. --- ansible/roles/yum/handlers/main.yml | 4 ++-- ansible/roles/yum/tasks/redhat.yml | 9 +++++++-- 2 files changed, 9 insertions(+), 4 deletions(-) diff --git a/ansible/roles/yum/handlers/main.yml b/ansible/roles/yum/handlers/main.yml index 2104dd2a6..e55f9eaff 100644 --- a/ansible/roles/yum/handlers/main.yml +++ b/ansible/roles/yum/handlers/main.yml @@ -2,5 +2,5 @@ - name: Restart yum-cron service: - name=yum-cron - state=restarted + name: yum-cron + state: restarted diff --git a/ansible/roles/yum/tasks/redhat.yml b/ansible/roles/yum/tasks/redhat.yml index cf82a7967..2b2b1c529 100644 --- a/ansible/roles/yum/tasks/redhat.yml +++ b/ansible/roles/yum/tasks/redhat.yml @@ -42,7 +42,9 @@ when: ansible_os_family == 'RedHat' - name: Yum | Install yum-cron (CentOS) - yum: name=yum-cron state=present + yum: + name: yum-cron + state: present when: ansible_os_family == 'RedHat' - name: Replace | Enable update applying for yum-cron (CentOS) @@ -55,5 +57,8 @@ - Restart yum-cron - name: Service | Enable yum-cron (CentOS) - service: name=yum-cron state=started enabled=yes + service: + name: yum-cron + state: started + enabled: yes when: ansible_os_family == 'RedHat' From 237c94b7c969eb20c99f52fc3e8b23f551a227ad Mon Sep 17 00:00:00 2001 From: Jonathan Davies Date: Wed, 1 Nov 2017 12:04:40 +0000 Subject: [PATCH 09/24] roles/yum: Prefix all options with yum_ --- ansible/roles/yum/defaults/main.yml | 14 ++++++++++---- ansible/roles/yum/templates/CentOS-Base.repo.j2 | 8 ++++---- ansible/roles/yum/templates/epel.repo.j2 | 6 +++--- 3 files changed, 17 insertions(+), 11 deletions(-) diff --git a/ansible/roles/yum/defaults/main.yml b/ansible/roles/yum/defaults/main.yml index 6594cab68..e9e4c8611 100644 --- a/ansible/roles/yum/defaults/main.yml +++ b/ansible/roles/yum/defaults/main.yml @@ -1,6 +1,12 @@ --- -use_local_mirror: false -centos_mirror_host: 'mirror.centos.org' -epel_mirror_host: 'download.fedoraproject.org' -epel_mirror_directory: 'pub/epel' +# Whether or not to use a local Yum mirror. +yum_use_local_mirror: false +# Mirror FQDN for Yum repos. +yum_centos_mirror_host: 'mirror.centos.org' +# Mirror directory for Yum CentOS repos. +yum_centos_mirror_directory: 'centos' +# Mirror FQDN for Yum EPEL repos. +yum_epel_mirror_host: 'download.fedoraproject.org' +# Mirror directory for Yum EPEL repos. +yum_epel_mirror_directory: 'pub/epel' diff --git a/ansible/roles/yum/templates/CentOS-Base.repo.j2 b/ansible/roles/yum/templates/CentOS-Base.repo.j2 index 2c00ceada..361e19ff0 100644 --- a/ansible/roles/yum/templates/CentOS-Base.repo.j2 +++ b/ansible/roles/yum/templates/CentOS-Base.repo.j2 @@ -13,7 +13,7 @@ [base] name=CentOS-$releasever - Base #mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=os&infra=$infra -baseurl=http://{{ centos_mirror_host }}/centos/$releasever/os/$basearch/ +baseurl=http://{{ yum_centos_mirror_host }}/{{ yum_centos_mirror_directory }}/$releasever/os/$basearch/ gpgcheck=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7 @@ -21,7 +21,7 @@ gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7 [updates] name=CentOS-$releasever - Updates #mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=updates&infra=$infra -baseurl=http://{{ centos_mirror_host }}/centos/$releasever/updates/$basearch/ +baseurl=http://{{ yum_centos_mirror_host }}/{{ yum_centos_mirror_directory }}/$releasever/updates/$basearch/ gpgcheck=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7 @@ -29,7 +29,7 @@ gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7 [extras] name=CentOS-$releasever - Extras #mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=extras&infra=$infra -baseurl=http://{{ centos_mirror_host }}/centos/$releasever/extras/$basearch/ +baseurl=http://{{ yum_centos_mirror_host }}/{{ yum_centos_mirror_directory }}/$releasever/extras/$basearch/ gpgcheck=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7 @@ -37,7 +37,7 @@ gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7 [centosplus] name=CentOS-$releasever - Plus #mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=centosplus&infra=$infra -baseurl=http://{{ centos_mirror_host }}/centos/$releasever/centosplus/$basearch/ +baseurl=http://{{ yum_centos_mirror_host }}/{{ yum_centos_mirror_directory }}/$releasever/centosplus/$basearch/ gpgcheck=1 enabled=0 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7 diff --git a/ansible/roles/yum/templates/epel.repo.j2 b/ansible/roles/yum/templates/epel.repo.j2 index 7cbe42f2c..0dbf48aaf 100644 --- a/ansible/roles/yum/templates/epel.repo.j2 +++ b/ansible/roles/yum/templates/epel.repo.j2 @@ -1,6 +1,6 @@ [epel] name=Extra Packages for Enterprise Linux 7 - $basearch -baseurl=http://{{ epel_mirror_host }}/{{ epel_mirror_directory }}/7/$basearch +baseurl=http://{{ yum_epel_mirror_host }}/{{ yum_epel_mirror_directory }}/7/$basearch #mirrorlist=https://mirrors.fedoraproject.org/metalink?repo=epel-7&arch=$basearch failovermethod=priority enabled=1 @@ -9,7 +9,7 @@ gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7 [epel-debuginfo] name=Extra Packages for Enterprise Linux 7 - $basearch - Debug -baseurl=http://{{ epel_mirror_host }}/{{ epel_mirror_directory }}/7/$basearch/debug +baseurl=http://{{ yum_epel_mirror_host }}/{{ yum_epel_mirror_directory }}/7/$basearch/debug #mirrorlist=https://mirrors.fedoraproject.org/metalink?repo=epel-debug-7&arch=$basearch failovermethod=priority enabled=0 @@ -18,7 +18,7 @@ gpgcheck=1 [epel-source] name=Extra Packages for Enterprise Linux 7 - $basearch - Source -baseurl=http://{{ epel_mirror_host }}/{{ epel_mirror_directory }}/7/SRPMS +baseurl=http://{{ yum_epel_mirror_host }}/{{ yum_epel_mirror_directory }}/7/SRPMS #mirrorlist=https://mirrors.fedoraproject.org/metalink?repo=epel-source-7&arch=$basearch failovermethod=priority enabled=0 From afa33580347796a3521e2e204cb769810fdc0560 Mon Sep 17 00:00:00 2001 From: Jonathan Davies Date: Wed, 1 Nov 2017 12:17:56 +0000 Subject: [PATCH 10/24] ansible/yum.yml: Added playbook. --- ansible/yum.yml | 6 ++++++ 1 file changed, 6 insertions(+) create mode 100644 ansible/yum.yml diff --git a/ansible/yum.yml b/ansible/yum.yml new file mode 100644 index 000000000..4cb36d3c7 --- /dev/null +++ b/ansible/yum.yml @@ -0,0 +1,6 @@ +--- + +- name: Ensure Yum repos are configured + hosts: seed:overcloud + roles: + - role: yum From f90cb504afe20f0af10dd430f9fab0c0c5ac8ec8 Mon Sep 17 00:00:00 2001 From: Jonathan Davies Date: Wed, 1 Nov 2017 12:19:56 +0000 Subject: [PATCH 11/24] roles/yum: Added yum_cron_enabled option. --- ansible/roles/yum/defaults/main.yml | 2 ++ ansible/roles/yum/tasks/redhat.yml | 6 +++--- 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/ansible/roles/yum/defaults/main.yml b/ansible/roles/yum/defaults/main.yml index e9e4c8611..7a8bf2de0 100644 --- a/ansible/roles/yum/defaults/main.yml +++ b/ansible/roles/yum/defaults/main.yml @@ -2,6 +2,8 @@ # Whether or not to use a local Yum mirror. yum_use_local_mirror: false +# Whether or not yum-cron is enabled. +yum_cron_enabled: false # Mirror FQDN for Yum repos. yum_centos_mirror_host: 'mirror.centos.org' # Mirror directory for Yum CentOS repos. diff --git a/ansible/roles/yum/tasks/redhat.yml b/ansible/roles/yum/tasks/redhat.yml index 2b2b1c529..aba0c96a5 100644 --- a/ansible/roles/yum/tasks/redhat.yml +++ b/ansible/roles/yum/tasks/redhat.yml @@ -45,14 +45,14 @@ yum: name: yum-cron state: present - when: ansible_os_family == 'RedHat' + when: yum_cron_enabled - name: Replace | Enable update applying for yum-cron (CentOS) replace: dest: /etc/yum/yum-cron.conf regexp: "^apply_updates = no" replace: "apply_updates = yes" - when: ansible_os_family == 'RedHat' + when: yum_cron_enabled notify: - Restart yum-cron @@ -61,4 +61,4 @@ name: yum-cron state: started enabled: yes - when: ansible_os_family == 'RedHat' + when: yum_cron_enabled From 790b5e45ccee26ded1add93998390e9a990392cc Mon Sep 17 00:00:00 2001 From: Jonathan Davies Date: Wed, 1 Nov 2017 12:21:59 +0000 Subject: [PATCH 12/24] roles/yum: redhat.yml: Removed surplus when statements. --- ansible/roles/yum/tasks/redhat.yml | 4 ---- 1 file changed, 4 deletions(-) diff --git a/ansible/roles/yum/tasks/redhat.yml b/ansible/roles/yum/tasks/redhat.yml index aba0c96a5..4206a6daa 100644 --- a/ansible/roles/yum/tasks/redhat.yml +++ b/ansible/roles/yum/tasks/redhat.yml @@ -5,7 +5,6 @@ dest: /etc/yum/pluginconf.d/fastestmirror.conf regexp: "enabled=1" replace: "enabled=0" - when: ansible_os_family == 'RedHat' - name: Template | Copy CentOS repo templates (CentOS) template: @@ -14,12 +13,10 @@ owner: root group: root mode: 0664 - when: ansible_os_family == 'RedHat' - name: Yum | Update cache (CentOS) yum: update_cache: yes - when: ansible_os_family == 'RedHat' - name: Yum | Install epel-release (CentOS) yum: @@ -34,7 +31,6 @@ owner: root group: root mode: 0664 - when: ansible_os_family == 'RedHat' - name: Yum | Update cache (CentOS) yum: From a663f2eee41af8c882409a4703c9abec934be4d2 Mon Sep 17 00:00:00 2001 From: Jonathan Davies Date: Wed, 1 Nov 2017 12:27:42 +0000 Subject: [PATCH 13/24] commands.py: Move yum playbook up. --- kayobe/cli/commands.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/kayobe/cli/commands.py b/kayobe/cli/commands.py index 15950590e..019856b7c 100644 --- a/kayobe/cli/commands.py +++ b/kayobe/cli/commands.py @@ -589,8 +589,8 @@ class OvercloudHostConfigure(KollaAnsibleMixin, KayobeAnsibleMixin, VaultMixin, if parsed_args.wipe_disks: playbooks += _build_playbook_list("wipe-disks") playbooks += _build_playbook_list( - "users", "dev-tools", "disable-selinux", "network", "sysctl", - "disable-glean", "yum", "ntp", "lvm") + "users", "yum", "dev-tools", "disable-selinux", "network", "sysctl", + "disable-glean", "ntp", "lvm") self.run_kayobe_playbooks(parsed_args, playbooks, limit="overcloud") playbooks = _build_playbook_list("kolla-ansible") self.run_kayobe_playbooks(parsed_args, playbooks, tags="config") From a00e9785052e7fcf523a2c559f83fd063b2fd467 Mon Sep 17 00:00:00 2001 From: Jonathan Davies Date: Wed, 1 Nov 2017 12:32:00 +0000 Subject: [PATCH 14/24] Added default config file for yum role variables. --- etc/kayobe/yum.yml | 14 ++++++++++++++ 1 file changed, 14 insertions(+) create mode 100644 etc/kayobe/yum.yml diff --git a/etc/kayobe/yum.yml b/etc/kayobe/yum.yml new file mode 100644 index 000000000..dfb37d57c --- /dev/null +++ b/etc/kayobe/yum.yml @@ -0,0 +1,14 @@ +--- + +# Whether or not to use a local Yum mirror. +#yum_use_local_mirror: false +# Whether or not yum-cron is enabled. +#yum_cron_enabled: false +# Mirror FQDN for Yum repos. +#yum_centos_mirror_host: 'mirror.centos.org' +# Mirror directory for Yum CentOS repos. +#yum_centos_mirror_directory: 'centos' +# Mirror FQDN for Yum EPEL repos. +#yum_epel_mirror_host: 'download.fedoraproject.org' +# Mirror directory for Yum EPEL repos. +#yum_epel_mirror_directory: 'pub/epel' From 2757c67c23bdf43b8ebbddc10962edefbb78360c Mon Sep 17 00:00:00 2001 From: Jonathan Davies Date: Wed, 1 Nov 2017 13:12:52 +0000 Subject: [PATCH 15/24] roles/yum-cron: Split from yum role. --- ansible/roles/yum-cron/defaults/main.yml | 3 +++ .../roles/{yum => yum-cron}/handlers/main.yml | 0 ansible/roles/yum-cron/tasks/main.yml | 23 +++++++++++++++++++ ansible/roles/yum/defaults/main.yml | 2 -- ansible/roles/yum/tasks/redhat.yml | 22 ------------------ 5 files changed, 26 insertions(+), 24 deletions(-) create mode 100644 ansible/roles/yum-cron/defaults/main.yml rename ansible/roles/{yum => yum-cron}/handlers/main.yml (100%) create mode 100644 ansible/roles/yum-cron/tasks/main.yml diff --git a/ansible/roles/yum-cron/defaults/main.yml b/ansible/roles/yum-cron/defaults/main.yml new file mode 100644 index 000000000..ff3c1b530 --- /dev/null +++ b/ansible/roles/yum-cron/defaults/main.yml @@ -0,0 +1,3 @@ +--- + +yum_cron_enabled: false diff --git a/ansible/roles/yum/handlers/main.yml b/ansible/roles/yum-cron/handlers/main.yml similarity index 100% rename from ansible/roles/yum/handlers/main.yml rename to ansible/roles/yum-cron/handlers/main.yml diff --git a/ansible/roles/yum-cron/tasks/main.yml b/ansible/roles/yum-cron/tasks/main.yml new file mode 100644 index 000000000..922950ba5 --- /dev/null +++ b/ansible/roles/yum-cron/tasks/main.yml @@ -0,0 +1,23 @@ +--- + +- name: Yum | Install yum-cron (CentOS) + yum: + name: yum-cron + state: present + when: yum_cron_enabled + +- name: Replace | Enable update applying for yum-cron (CentOS) + replace: + dest: /etc/yum/yum-cron.conf + regexp: "^apply_updates = no" + replace: "apply_updates = yes" + when: yum_cron_enabled + notify: + - Restart yum-cron + +- name: Service | Enable yum-cron (CentOS) + service: + name: yum-cron + state: started + enabled: yes + when: yum_cron_enabled diff --git a/ansible/roles/yum/defaults/main.yml b/ansible/roles/yum/defaults/main.yml index 7a8bf2de0..e9e4c8611 100644 --- a/ansible/roles/yum/defaults/main.yml +++ b/ansible/roles/yum/defaults/main.yml @@ -2,8 +2,6 @@ # Whether or not to use a local Yum mirror. yum_use_local_mirror: false -# Whether or not yum-cron is enabled. -yum_cron_enabled: false # Mirror FQDN for Yum repos. yum_centos_mirror_host: 'mirror.centos.org' # Mirror directory for Yum CentOS repos. diff --git a/ansible/roles/yum/tasks/redhat.yml b/ansible/roles/yum/tasks/redhat.yml index 4206a6daa..750fbce30 100644 --- a/ansible/roles/yum/tasks/redhat.yml +++ b/ansible/roles/yum/tasks/redhat.yml @@ -36,25 +36,3 @@ yum: update_cache: yes when: ansible_os_family == 'RedHat' - -- name: Yum | Install yum-cron (CentOS) - yum: - name: yum-cron - state: present - when: yum_cron_enabled - -- name: Replace | Enable update applying for yum-cron (CentOS) - replace: - dest: /etc/yum/yum-cron.conf - regexp: "^apply_updates = no" - replace: "apply_updates = yes" - when: yum_cron_enabled - notify: - - Restart yum-cron - -- name: Service | Enable yum-cron (CentOS) - service: - name: yum-cron - state: started - enabled: yes - when: yum_cron_enabled From 4b9f939e35e5181b65632029e806c5308792a85b Mon Sep 17 00:00:00 2001 From: Jonathan Davies Date: Wed, 1 Nov 2017 13:20:15 +0000 Subject: [PATCH 16/24] Added yum-cron update_cmd option. --- ansible/roles/yum-cron/defaults/main.yml | 1 + ansible/roles/yum-cron/tasks/main.yml | 9 +++++++++ ansible/yum.yml | 1 + etc/kayobe/yum-cron.yml | 4 ++++ 4 files changed, 15 insertions(+) create mode 100644 etc/kayobe/yum-cron.yml diff --git a/ansible/roles/yum-cron/defaults/main.yml b/ansible/roles/yum-cron/defaults/main.yml index ff3c1b530..cd510fd9c 100644 --- a/ansible/roles/yum-cron/defaults/main.yml +++ b/ansible/roles/yum-cron/defaults/main.yml @@ -1,3 +1,4 @@ --- yum_cron_enabled: false +yum_cron_update_cmd: 'security' diff --git a/ansible/roles/yum-cron/tasks/main.yml b/ansible/roles/yum-cron/tasks/main.yml index 922950ba5..4424c4314 100644 --- a/ansible/roles/yum-cron/tasks/main.yml +++ b/ansible/roles/yum-cron/tasks/main.yml @@ -15,6 +15,15 @@ notify: - Restart yum-cron +- name: Replace | Enable update applying for yum-cron (CentOS) + replace: + dest: /etc/yum/yum-cron.conf + regexp: "^update_cmd = default" + replace: "update_cmd = {{ yum_cron_update_cmd }}" + when: yum_cron_enabled + notify: + - Restart yum-cron + - name: Service | Enable yum-cron (CentOS) service: name: yum-cron diff --git a/ansible/yum.yml b/ansible/yum.yml index 4cb36d3c7..92eca14cd 100644 --- a/ansible/yum.yml +++ b/ansible/yum.yml @@ -4,3 +4,4 @@ hosts: seed:overcloud roles: - role: yum + - role: yum-cron diff --git a/etc/kayobe/yum-cron.yml b/etc/kayobe/yum-cron.yml new file mode 100644 index 000000000..26edba590 --- /dev/null +++ b/etc/kayobe/yum-cron.yml @@ -0,0 +1,4 @@ +--- + +#yum_cron_enabled: false +#yum_cron_update_cmd: 'security' From 1106ed5b4a2288bb73ee951c948d83e695874900 Mon Sep 17 00:00:00 2001 From: Jonathan Davies Date: Wed, 1 Nov 2017 13:22:44 +0000 Subject: [PATCH 17/24] group_vars: yum: Disable use of local mirror by default. --- ansible/group_vars/all/yum | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 ansible/group_vars/all/yum diff --git a/ansible/group_vars/all/yum b/ansible/group_vars/all/yum new file mode 100644 index 000000000..c600eaf28 --- /dev/null +++ b/ansible/group_vars/all/yum @@ -0,0 +1,3 @@ +--- + +yum_use_local_mirror: false From a3bb4e17e7206ab660d3b19fe19d03c3e3d74c20 Mon Sep 17 00:00:00 2001 From: Jonathan Davies Date: Wed, 1 Nov 2017 14:00:17 +0000 Subject: [PATCH 18/24] commands.py: Wrapped line to make Travis happy. --- kayobe/cli/commands.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/kayobe/cli/commands.py b/kayobe/cli/commands.py index 019856b7c..184e0ff80 100644 --- a/kayobe/cli/commands.py +++ b/kayobe/cli/commands.py @@ -589,8 +589,8 @@ class OvercloudHostConfigure(KollaAnsibleMixin, KayobeAnsibleMixin, VaultMixin, if parsed_args.wipe_disks: playbooks += _build_playbook_list("wipe-disks") playbooks += _build_playbook_list( - "users", "yum", "dev-tools", "disable-selinux", "network", "sysctl", - "disable-glean", "ntp", "lvm") + "users", "yum", "dev-tools", "disable-selinux", "network", + "sysctl", "disable-glean", "ntp", "lvm") self.run_kayobe_playbooks(parsed_args, playbooks, limit="overcloud") playbooks = _build_playbook_list("kolla-ansible") self.run_kayobe_playbooks(parsed_args, playbooks, tags="config") From 4823db15636c485ebfaf382ba03eebc6701cf887 Mon Sep 17 00:00:00 2001 From: Jonathan Davies Date: Wed, 1 Nov 2017 14:49:28 +0000 Subject: [PATCH 19/24] Updated Yum roles with review comments. --- ansible/roles/yum-cron/handlers/main.yml | 1 + ansible/roles/yum-cron/tasks/main.yml | 6 +++++- ansible/roles/yum/tasks/main.yml | 4 +++- ansible/roles/yum/tasks/redhat.yml | 8 ++++++-- doc/source/release-notes.rst | 1 + etc/kayobe/yum-cron.yml | 2 ++ etc/kayobe/yum.yml | 2 -- kayobe/cli/commands.py | 2 +- 8 files changed, 19 insertions(+), 7 deletions(-) diff --git a/ansible/roles/yum-cron/handlers/main.yml b/ansible/roles/yum-cron/handlers/main.yml index e55f9eaff..fc26c999e 100644 --- a/ansible/roles/yum-cron/handlers/main.yml +++ b/ansible/roles/yum-cron/handlers/main.yml @@ -4,3 +4,4 @@ service: name: yum-cron state: restarted + become: True diff --git a/ansible/roles/yum-cron/tasks/main.yml b/ansible/roles/yum-cron/tasks/main.yml index 4424c4314..3a6e63bfc 100644 --- a/ansible/roles/yum-cron/tasks/main.yml +++ b/ansible/roles/yum-cron/tasks/main.yml @@ -5,6 +5,7 @@ name: yum-cron state: present when: yum_cron_enabled + become: True - name: Replace | Enable update applying for yum-cron (CentOS) replace: @@ -14,15 +15,17 @@ when: yum_cron_enabled notify: - Restart yum-cron + become: True - name: Replace | Enable update applying for yum-cron (CentOS) replace: dest: /etc/yum/yum-cron.conf - regexp: "^update_cmd = default" + regexp: "^update_cmd = .*$" replace: "update_cmd = {{ yum_cron_update_cmd }}" when: yum_cron_enabled notify: - Restart yum-cron + become: True - name: Service | Enable yum-cron (CentOS) service: @@ -30,3 +33,4 @@ state: started enabled: yes when: yum_cron_enabled + become: True diff --git a/ansible/roles/yum/tasks/main.yml b/ansible/roles/yum/tasks/main.yml index 91f31ef28..6f96f909c 100644 --- a/ansible/roles/yum/tasks/main.yml +++ b/ansible/roles/yum/tasks/main.yml @@ -1,4 +1,6 @@ --- - include: redhat.yml - when: (ansible_os_family == "RedHat" and use_local_mirror == true) + when: + - ansible_os_family == "RedHat" + - yum_use_local_mirror diff --git a/ansible/roles/yum/tasks/redhat.yml b/ansible/roles/yum/tasks/redhat.yml index 750fbce30..d3425fdbc 100644 --- a/ansible/roles/yum/tasks/redhat.yml +++ b/ansible/roles/yum/tasks/redhat.yml @@ -5,6 +5,7 @@ dest: /etc/yum/pluginconf.d/fastestmirror.conf regexp: "enabled=1" replace: "enabled=0" + become: True - name: Template | Copy CentOS repo templates (CentOS) template: @@ -13,16 +14,18 @@ owner: root group: root mode: 0664 + become: True - name: Yum | Update cache (CentOS) yum: update_cache: yes + become: True - name: Yum | Install epel-release (CentOS) yum: name: epel-release state: installed - when: ansible_os_family == 'RedHat' + become: True - name: Template | Copy EPEL repo templates (CentOS) template: @@ -31,8 +34,9 @@ owner: root group: root mode: 0664 + become: True - name: Yum | Update cache (CentOS) yum: update_cache: yes - when: ansible_os_family == 'RedHat' + become: True diff --git a/doc/source/release-notes.rst b/doc/source/release-notes.rst index c05c2345a..40287ec92 100644 --- a/doc/source/release-notes.rst +++ b/doc/source/release-notes.rst @@ -17,6 +17,7 @@ Features * Adds support for configuration of custom fluentd filters, and additional config file templates for heat, ironic, keystone, magnum, murano, sahara, and swift in ``$KAYOBE_CONFIG_PATH/kolla/config//``. +* Adds support for specifing a local Yum mirror for package installation. Upgrade Notes ------------- diff --git a/etc/kayobe/yum-cron.yml b/etc/kayobe/yum-cron.yml index 26edba590..d237eb52d 100644 --- a/etc/kayobe/yum-cron.yml +++ b/etc/kayobe/yum-cron.yml @@ -1,4 +1,6 @@ --- +# Whether to enable Yum automatic updates. #yum_cron_enabled: false +# Command to use for Yum automatic updates. #yum_cron_update_cmd: 'security' diff --git a/etc/kayobe/yum.yml b/etc/kayobe/yum.yml index dfb37d57c..40224969c 100644 --- a/etc/kayobe/yum.yml +++ b/etc/kayobe/yum.yml @@ -2,8 +2,6 @@ # Whether or not to use a local Yum mirror. #yum_use_local_mirror: false -# Whether or not yum-cron is enabled. -#yum_cron_enabled: false # Mirror FQDN for Yum repos. #yum_centos_mirror_host: 'mirror.centos.org' # Mirror directory for Yum CentOS repos. diff --git a/kayobe/cli/commands.py b/kayobe/cli/commands.py index 184e0ff80..c8af215a3 100644 --- a/kayobe/cli/commands.py +++ b/kayobe/cli/commands.py @@ -555,11 +555,11 @@ class OvercloudHostConfigure(KollaAnsibleMixin, KayobeAnsibleMixin, VaultMixin, * Configure a user account for use by kayobe for SSH access. * Optionally, wipe unmounted disk partitions (--wipe-disks). * Configure user accounts, group associations, and authorised SSH keys. + * Configure YUM repos. * Disable SELinux. * Configure the host's network interfaces. * Set sysctl parameters. * Disable bootstrap interface configuration. - * Configure YUM repos. * Configure NTP. * Configure LVM volumes. * Configure a user account for kolla-ansible. From e297ef10c64bfb7a2589052d3328c83bc32a8466 Mon Sep 17 00:00:00 2001 From: Jonathan Davies Date: Wed, 1 Nov 2017 14:51:07 +0000 Subject: [PATCH 20/24] ansible/yum.yml: Added seed-hypervisor to yum playbook. --- ansible/yum.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ansible/yum.yml b/ansible/yum.yml index 92eca14cd..d2acc726d 100644 --- a/ansible/yum.yml +++ b/ansible/yum.yml @@ -1,7 +1,7 @@ --- - name: Ensure Yum repos are configured - hosts: seed:overcloud + hosts: seed-hypervisor:seed:overcloud roles: - role: yum - role: yum-cron From f91b985f17b162f06ca3532303906ae7dd3ed1db Mon Sep 17 00:00:00 2001 From: Jonathan Davies Date: Thu, 2 Nov 2017 16:03:05 +0000 Subject: [PATCH 21/24] commands.py: Added Yum configuration to seed VM and hypervisor sections. --- kayobe/cli/commands.py | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/kayobe/cli/commands.py b/kayobe/cli/commands.py index c8af215a3..342529a09 100644 --- a/kayobe/cli/commands.py +++ b/kayobe/cli/commands.py @@ -264,6 +264,7 @@ class SeedHypervisorHostConfigure(KollaAnsibleMixin, KayobeAnsibleMixin, * Allocate IP addresses for all configured networks. * Add the host to SSH known hosts. * Configure user accounts, group associations, and authorised SSH keys. + * Configure Yum repos. * Configure the host's network interfaces. * Set sysctl parameters. * Configure NTP. @@ -273,8 +274,8 @@ class SeedHypervisorHostConfigure(KollaAnsibleMixin, KayobeAnsibleMixin, def take_action(self, parsed_args): self.app.LOG.debug("Configuring seed hypervisor host OS") playbooks = _build_playbook_list( - "ip-allocation", "ssh-known-host", "users", "dev-tools", "network", - "sysctl", "ntp", "seed-hypervisor-libvirt-host") + "ip-allocation", "ssh-known-host", "users", "yum", "dev-tools", + "network", "sysctl", "ntp", "seed-hypervisor-libvirt-host") self.run_kayobe_playbooks(parsed_args, playbooks, limit="seed-hypervisor") @@ -320,6 +321,7 @@ class SeedHostConfigure(KollaAnsibleMixin, KayobeAnsibleMixin, VaultMixin, * Configure a user account for use by kayobe for SSH access. * Optionally, wipe unmounted disk partitions (--wipe-disks). * Configure user accounts, group associations, and authorised SSH keys. + * Configure Yum repos. * Disable SELinux. * Configure the host's network interfaces. * Set sysctl parameters. @@ -353,8 +355,8 @@ class SeedHostConfigure(KollaAnsibleMixin, KayobeAnsibleMixin, VaultMixin, if parsed_args.wipe_disks: playbooks += _build_playbook_list("wipe-disks") playbooks += _build_playbook_list( - "users", "dev-tools", "disable-selinux", "network", "sysctl", - "ip-routing", "snat", "disable-glean", "ntp", "lvm") + "users", "yum", "dev-tools", "disable-selinux", "network", + "sysctl", "ip-routing", "snat", "disable-glean", "ntp", "lvm") self.run_kayobe_playbooks(parsed_args, playbooks, limit="seed") playbooks = _build_playbook_list("kolla-ansible") self.run_kayobe_playbooks(parsed_args, playbooks, tags="config") @@ -555,7 +557,7 @@ class OvercloudHostConfigure(KollaAnsibleMixin, KayobeAnsibleMixin, VaultMixin, * Configure a user account for use by kayobe for SSH access. * Optionally, wipe unmounted disk partitions (--wipe-disks). * Configure user accounts, group associations, and authorised SSH keys. - * Configure YUM repos. + * Configure Yum repos. * Disable SELinux. * Configure the host's network interfaces. * Set sysctl parameters. From 1243f3e07195f20463e624886a20b0d46f12cd12 Mon Sep 17 00:00:00 2001 From: Mark Goddard Date: Thu, 2 Nov 2017 16:31:23 +0000 Subject: [PATCH 22/24] Fix typo in release notes --- doc/source/release-notes.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/doc/source/release-notes.rst b/doc/source/release-notes.rst index 40287ec92..3bab3dd17 100644 --- a/doc/source/release-notes.rst +++ b/doc/source/release-notes.rst @@ -17,7 +17,7 @@ Features * Adds support for configuration of custom fluentd filters, and additional config file templates for heat, ironic, keystone, magnum, murano, sahara, and swift in ``$KAYOBE_CONFIG_PATH/kolla/config//``. -* Adds support for specifing a local Yum mirror for package installation. +* Adds support for specifying a local Yum mirror for package installation. Upgrade Notes ------------- From 5563c665c060c6702a2e6429e1233b6242444110 Mon Sep 17 00:00:00 2001 From: Mark Goddard Date: Thu, 2 Nov 2017 16:39:24 +0000 Subject: [PATCH 23/24] Don't overwrite custom kolla-ansible configuration files, merge them Previously, if a user provided a custom neutron ML2 configuration file in /home/stackhpc-mark/kayobe/src/kayobe-config/etc/kayobe/neutron/ml2_conf.ini, it would overwrite the options set by kayobe. This change applies the 'ignore' rule when copying custom config files, as well as when deleting them. This works because we read in the contents of these files and append it to kayobe's own configuration. --- ansible/roles/kolla-openstack/tasks/config.yml | 4 +++- ansible/roles/kolla-openstack/vars/main.yml | 5 +++-- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/ansible/roles/kolla-openstack/tasks/config.yml b/ansible/roles/kolla-openstack/tasks/config.yml index 14a87f637..bdb9934ca 100644 --- a/ansible/roles/kolla-openstack/tasks/config.yml +++ b/ansible/roles/kolla-openstack/tasks/config.yml @@ -78,7 +78,9 @@ - "{{ find_src_result.results }}" - files - skip_missing: True - when: item.0.item.enabled | bool + when: + - item.0.item.enabled | bool + - item.1.path | basename not in item.0.item.ignore | default([]) - name: Ensure unnecessary extra configuration files are absent file: diff --git a/ansible/roles/kolla-openstack/vars/main.yml b/ansible/roles/kolla-openstack/vars/main.yml index 2652f3d74..f00a3d739 100644 --- a/ansible/roles/kolla-openstack/vars/main.yml +++ b/ansible/roles/kolla-openstack/vars/main.yml @@ -5,8 +5,9 @@ # dest: Path to directory in which generated files will be created. # patterns: One or more file name patterns to match. # enabled: Whether these files should be templated. -# ignore: Optional list of files to leave in the destination, even if disabled -# or unexpected. +# ignore: Optional list of files to ignore. These files will not be copied to +# the destination, and will not be removed from the destination, even +# if disabled or unexpected. kolla_openstack_custom_config: # Ceph. - src: "{{ kolla_extra_config_path }}/ceph" From 33fc66dc1d659e56d85ac116a3d8fadb2f8862d7 Mon Sep 17 00:00:00 2001 From: Jonathan Davies Date: Thu, 2 Nov 2017 17:14:22 +0000 Subject: [PATCH 24/24] redhat.yml: Added wildcard name to make update cache work. --- ansible/roles/yum/tasks/redhat.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/ansible/roles/yum/tasks/redhat.yml b/ansible/roles/yum/tasks/redhat.yml index d3425fdbc..0b8f16967 100644 --- a/ansible/roles/yum/tasks/redhat.yml +++ b/ansible/roles/yum/tasks/redhat.yml @@ -18,6 +18,7 @@ - name: Yum | Update cache (CentOS) yum: + name: '*' update_cache: yes become: True @@ -38,5 +39,6 @@ - name: Yum | Update cache (CentOS) yum: + name: '*' update_cache: yes become: True