Merge branch 'master' into net-connectivity

This commit is contained in:
Mark Goddard 2017-11-03 11:35:59 +00:00 committed by GitHub
commit 76ece0ee65
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
17 changed files with 223 additions and 10 deletions

View File

@ -0,0 +1,3 @@
---
yum_use_local_mirror: false

View File

@ -78,7 +78,9 @@
- "{{ find_src_result.results }}" - "{{ find_src_result.results }}"
- files - files
- skip_missing: True - skip_missing: True
when: item.0.item.enabled | bool when:
- item.0.item.enabled | bool
- item.1.path | basename not in item.0.item.ignore | default([])
- name: Ensure unnecessary extra configuration files are absent - name: Ensure unnecessary extra configuration files are absent
file: file:

View File

@ -5,8 +5,9 @@
# dest: Path to directory in which generated files will be created. # dest: Path to directory in which generated files will be created.
# patterns: One or more file name patterns to match. # patterns: One or more file name patterns to match.
# enabled: Whether these files should be templated. # enabled: Whether these files should be templated.
# ignore: Optional list of files to leave in the destination, even if disabled # ignore: Optional list of files to ignore. These files will not be copied to
# or unexpected. # the destination, and will not be removed from the destination, even
# if disabled or unexpected.
kolla_openstack_custom_config: kolla_openstack_custom_config:
# Ceph. # Ceph.
- src: "{{ kolla_extra_config_path }}/ceph" - src: "{{ kolla_extra_config_path }}/ceph"

View File

@ -10,7 +10,7 @@ nodeexporter_services:
container_name: nodeexporter container_name: nodeexporter
enabled: "{{ nodeexporter_enabled }}" enabled: "{{ nodeexporter_enabled }}"
image: "{{ nodeexporter_image_full }}" image: "{{ nodeexporter_image_full }}"
command: /bin/node_exporter --collector.procfs=/host/proc --collector.sysfs=/host/sys --collector.filesystem.ignored-mount-points "^/(sys|proc|dev|host|etc)($|/)" command: --collector.procfs=/host/proc --collector.sysfs=/host/sys --collector.filesystem.ignored-mount-points "^/(sys|proc|dev|host|etc)($|/)"
privileged: True privileged: True
read_only: True read_only: True
volumes: volumes:

View File

@ -0,0 +1,4 @@
---
yum_cron_enabled: false
yum_cron_update_cmd: 'security'

View File

@ -0,0 +1,7 @@
---
- name: Restart yum-cron
service:
name: yum-cron
state: restarted
become: True

View File

@ -0,0 +1,36 @@
---
- name: Yum | Install yum-cron (CentOS)
yum:
name: yum-cron
state: present
when: yum_cron_enabled
become: True
- name: Replace | Enable update applying for yum-cron (CentOS)
replace:
dest: /etc/yum/yum-cron.conf
regexp: "^apply_updates = no"
replace: "apply_updates = yes"
when: yum_cron_enabled
notify:
- Restart yum-cron
become: True
- name: Replace | Enable update applying for yum-cron (CentOS)
replace:
dest: /etc/yum/yum-cron.conf
regexp: "^update_cmd = .*$"
replace: "update_cmd = {{ yum_cron_update_cmd }}"
when: yum_cron_enabled
notify:
- Restart yum-cron
become: True
- name: Service | Enable yum-cron (CentOS)
service:
name: yum-cron
state: started
enabled: yes
when: yum_cron_enabled
become: True

View File

@ -0,0 +1,12 @@
---
# Whether or not to use a local Yum mirror.
yum_use_local_mirror: false
# Mirror FQDN for Yum repos.
yum_centos_mirror_host: 'mirror.centos.org'
# Mirror directory for Yum CentOS repos.
yum_centos_mirror_directory: 'centos'
# Mirror FQDN for Yum EPEL repos.
yum_epel_mirror_host: 'download.fedoraproject.org'
# Mirror directory for Yum EPEL repos.
yum_epel_mirror_directory: 'pub/epel'

View File

@ -0,0 +1,6 @@
---
- include: redhat.yml
when:
- ansible_os_family == "RedHat"
- yum_use_local_mirror

View File

@ -0,0 +1,44 @@
---
- name: Replace | Disable YUM fastestmirror plugin (CentOS)
replace:
dest: /etc/yum/pluginconf.d/fastestmirror.conf
regexp: "enabled=1"
replace: "enabled=0"
become: True
- name: Template | Copy CentOS repo templates (CentOS)
template:
src: CentOS-Base.repo.j2
dest: /etc/yum.repos.d/CentOS-Base.repo
owner: root
group: root
mode: 0664
become: True
- name: Yum | Update cache (CentOS)
yum:
name: '*'
update_cache: yes
become: True
- name: Yum | Install epel-release (CentOS)
yum:
name: epel-release
state: installed
become: True
- name: Template | Copy EPEL repo templates (CentOS)
template:
src: epel.repo.j2
dest: /etc/yum.repos.d/epel.repo
owner: root
group: root
mode: 0664
become: True
- name: Yum | Update cache (CentOS)
yum:
name: '*'
update_cache: yes
become: True

View File

@ -0,0 +1,43 @@
# CentOS-Base.repo
#
# The mirror system uses the connecting IP address of the client and the
# update status of each mirror to pick mirrors that are updated to and
# geographically close to the client. You should use this for CentOS updates
# unless you are manually picking other mirrors.
#
# If the mirrorlist= does not work for you, as a fall back you can try the
# remarked out baseurl= line instead.
#
#
[base]
name=CentOS-$releasever - Base
#mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=os&infra=$infra
baseurl=http://{{ yum_centos_mirror_host }}/{{ yum_centos_mirror_directory }}/$releasever/os/$basearch/
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
#released updates
[updates]
name=CentOS-$releasever - Updates
#mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=updates&infra=$infra
baseurl=http://{{ yum_centos_mirror_host }}/{{ yum_centos_mirror_directory }}/$releasever/updates/$basearch/
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
#additional packages that may be useful
[extras]
name=CentOS-$releasever - Extras
#mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=extras&infra=$infra
baseurl=http://{{ yum_centos_mirror_host }}/{{ yum_centos_mirror_directory }}/$releasever/extras/$basearch/
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
#additional packages that extend functionality of existing packages
[centosplus]
name=CentOS-$releasever - Plus
#mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=centosplus&infra=$infra
baseurl=http://{{ yum_centos_mirror_host }}/{{ yum_centos_mirror_directory }}/$releasever/centosplus/$basearch/
gpgcheck=1
enabled=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7

View File

@ -0,0 +1,26 @@
[epel]
name=Extra Packages for Enterprise Linux 7 - $basearch
baseurl=http://{{ yum_epel_mirror_host }}/{{ yum_epel_mirror_directory }}/7/$basearch
#mirrorlist=https://mirrors.fedoraproject.org/metalink?repo=epel-7&arch=$basearch
failovermethod=priority
enabled=1
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7
[epel-debuginfo]
name=Extra Packages for Enterprise Linux 7 - $basearch - Debug
baseurl=http://{{ yum_epel_mirror_host }}/{{ yum_epel_mirror_directory }}/7/$basearch/debug
#mirrorlist=https://mirrors.fedoraproject.org/metalink?repo=epel-debug-7&arch=$basearch
failovermethod=priority
enabled=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7
gpgcheck=1
[epel-source]
name=Extra Packages for Enterprise Linux 7 - $basearch - Source
baseurl=http://{{ yum_epel_mirror_host }}/{{ yum_epel_mirror_directory }}/7/SRPMS
#mirrorlist=https://mirrors.fedoraproject.org/metalink?repo=epel-source-7&arch=$basearch
failovermethod=priority
enabled=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7
gpgcheck=1

7
ansible/yum.yml Normal file
View File

@ -0,0 +1,7 @@
---
- name: Ensure Yum repos are configured
hosts: seed-hypervisor:seed:overcloud
roles:
- role: yum
- role: yum-cron

View File

@ -17,6 +17,7 @@ Features
* Adds support for configuration of custom fluentd filters, and additional * Adds support for configuration of custom fluentd filters, and additional
config file templates for heat, ironic, keystone, magnum, murano, sahara, and config file templates for heat, ironic, keystone, magnum, murano, sahara, and
swift in ``$KAYOBE_CONFIG_PATH/kolla/config/<component>/``. swift in ``$KAYOBE_CONFIG_PATH/kolla/config/<component>/``.
* Adds support for specifying a local Yum mirror for package installation.
* Adds the command ``kayobe network connectivity check`` which can be used to * Adds the command ``kayobe network connectivity check`` which can be used to
verify network connectivity in the cloud hosts. verify network connectivity in the cloud hosts.

6
etc/kayobe/yum-cron.yml Normal file
View File

@ -0,0 +1,6 @@
---
# Whether to enable Yum automatic updates.
#yum_cron_enabled: false
# Command to use for Yum automatic updates.
#yum_cron_update_cmd: 'security'

12
etc/kayobe/yum.yml Normal file
View File

@ -0,0 +1,12 @@
---
# Whether or not to use a local Yum mirror.
#yum_use_local_mirror: false
# Mirror FQDN for Yum repos.
#yum_centos_mirror_host: 'mirror.centos.org'
# Mirror directory for Yum CentOS repos.
#yum_centos_mirror_directory: 'centos'
# Mirror FQDN for Yum EPEL repos.
#yum_epel_mirror_host: 'download.fedoraproject.org'
# Mirror directory for Yum EPEL repos.
#yum_epel_mirror_directory: 'pub/epel'

View File

@ -264,6 +264,7 @@ class SeedHypervisorHostConfigure(KollaAnsibleMixin, KayobeAnsibleMixin,
* Allocate IP addresses for all configured networks. * Allocate IP addresses for all configured networks.
* Add the host to SSH known hosts. * Add the host to SSH known hosts.
* Configure user accounts, group associations, and authorised SSH keys. * Configure user accounts, group associations, and authorised SSH keys.
* Configure Yum repos.
* Configure the host's network interfaces. * Configure the host's network interfaces.
* Set sysctl parameters. * Set sysctl parameters.
* Configure NTP. * Configure NTP.
@ -273,8 +274,8 @@ class SeedHypervisorHostConfigure(KollaAnsibleMixin, KayobeAnsibleMixin,
def take_action(self, parsed_args): def take_action(self, parsed_args):
self.app.LOG.debug("Configuring seed hypervisor host OS") self.app.LOG.debug("Configuring seed hypervisor host OS")
playbooks = _build_playbook_list( playbooks = _build_playbook_list(
"ip-allocation", "ssh-known-host", "users", "dev-tools", "network", "ip-allocation", "ssh-known-host", "users", "yum", "dev-tools",
"sysctl", "ntp", "seed-hypervisor-libvirt-host") "network", "sysctl", "ntp", "seed-hypervisor-libvirt-host")
self.run_kayobe_playbooks(parsed_args, playbooks, self.run_kayobe_playbooks(parsed_args, playbooks,
limit="seed-hypervisor") limit="seed-hypervisor")
@ -320,6 +321,7 @@ class SeedHostConfigure(KollaAnsibleMixin, KayobeAnsibleMixin, VaultMixin,
* Configure a user account for use by kayobe for SSH access. * Configure a user account for use by kayobe for SSH access.
* Optionally, wipe unmounted disk partitions (--wipe-disks). * Optionally, wipe unmounted disk partitions (--wipe-disks).
* Configure user accounts, group associations, and authorised SSH keys. * Configure user accounts, group associations, and authorised SSH keys.
* Configure Yum repos.
* Disable SELinux. * Disable SELinux.
* Configure the host's network interfaces. * Configure the host's network interfaces.
* Set sysctl parameters. * Set sysctl parameters.
@ -353,8 +355,8 @@ class SeedHostConfigure(KollaAnsibleMixin, KayobeAnsibleMixin, VaultMixin,
if parsed_args.wipe_disks: if parsed_args.wipe_disks:
playbooks += _build_playbook_list("wipe-disks") playbooks += _build_playbook_list("wipe-disks")
playbooks += _build_playbook_list( playbooks += _build_playbook_list(
"users", "dev-tools", "disable-selinux", "network", "sysctl", "users", "yum", "dev-tools", "disable-selinux", "network",
"ip-routing", "snat", "disable-glean", "ntp", "lvm") "sysctl", "ip-routing", "snat", "disable-glean", "ntp", "lvm")
self.run_kayobe_playbooks(parsed_args, playbooks, limit="seed") self.run_kayobe_playbooks(parsed_args, playbooks, limit="seed")
playbooks = _build_playbook_list("kolla-ansible") playbooks = _build_playbook_list("kolla-ansible")
self.run_kayobe_playbooks(parsed_args, playbooks, tags="config") self.run_kayobe_playbooks(parsed_args, playbooks, tags="config")
@ -555,6 +557,7 @@ class OvercloudHostConfigure(KollaAnsibleMixin, KayobeAnsibleMixin, VaultMixin,
* Configure a user account for use by kayobe for SSH access. * Configure a user account for use by kayobe for SSH access.
* Optionally, wipe unmounted disk partitions (--wipe-disks). * Optionally, wipe unmounted disk partitions (--wipe-disks).
* Configure user accounts, group associations, and authorised SSH keys. * Configure user accounts, group associations, and authorised SSH keys.
* Configure Yum repos.
* Disable SELinux. * Disable SELinux.
* Configure the host's network interfaces. * Configure the host's network interfaces.
* Set sysctl parameters. * Set sysctl parameters.
@ -588,8 +591,8 @@ class OvercloudHostConfigure(KollaAnsibleMixin, KayobeAnsibleMixin, VaultMixin,
if parsed_args.wipe_disks: if parsed_args.wipe_disks:
playbooks += _build_playbook_list("wipe-disks") playbooks += _build_playbook_list("wipe-disks")
playbooks += _build_playbook_list( playbooks += _build_playbook_list(
"users", "dev-tools", "disable-selinux", "network", "sysctl", "users", "yum", "dev-tools", "disable-selinux", "network",
"disable-glean", "ntp", "lvm") "sysctl", "disable-glean", "ntp", "lvm")
self.run_kayobe_playbooks(parsed_args, playbooks, limit="overcloud") self.run_kayobe_playbooks(parsed_args, playbooks, limit="overcloud")
playbooks = _build_playbook_list("kolla-ansible") playbooks = _build_playbook_list("kolla-ansible")
self.run_kayobe_playbooks(parsed_args, playbooks, tags="config") self.run_kayobe_playbooks(parsed_args, playbooks, tags="config")