10 Commits

Author SHA1 Message Date
wu.chunyang
195269d758 add octavia openrc file
we use octavia user to upload image currently, so it is better to
create a octavia openrc file for user

Implements: blueprint implement-automatic-deploy-of-octavia

Change-Id: Ib53d00fa4a6ee59b8a0b2245f83786a6af0cbf53
2020-10-08 14:50:52 +00:00
likui
16f97867a3 Fix ownership and permissions of admin-openrc.sh
Previously the post-deploy.yml playbook was executed with become: true,
and the admin-openrc.sh file templated without an owner or mode
specified. This resulted in admin-openrc.sh being owned by root with 644
permissions.

This change creates the file without become: true, and explicitly sets
the owner to the user executing Ansible, and the mode to 600.

Co-Authored-By: Mark Goddard <mark@stackhpc.com>

Closes-Bug: #1891704

Change-Id: Iadf43383a7f2bf377d4666a55a38d92bd70711aa
2020-08-19 07:24:22 +00:00
Radosław Piliszek
137f79e49e Revert "Fix post-deploy mode"
This fix was premature as it completely ignores
the previously-respected umask.

Let's discuss a proper fix and revert this one
since CI is fixed elsewhere [1].

[1] https://review.opendev.org/743502

This reverts commit 87efdce24bc802777d4da58f9f63c8d0838e7120.

Change-Id: If38adbf124e793574a21ae986f9ee146d587f820
2020-08-12 09:00:52 +00:00
Radosław Piliszek
87efdce24b Fix post-deploy mode
Ansible changed the default mode for files, even in stable
releases. [1]

This change restores the previous default (with the common
umask).

[1] https://github.com/ansible/ansible/pull/70221

Change-Id: I0f81214b4f95fe8a378844745ebc77f3c43027ab
Closes-Bug: #1891145
2020-08-11 12:02:29 +00:00
Michal Nasiadka
2128075c6e Ansible lint related fixes
Change-Id: I146ea3d84efb83ec5d7405644ad372e57ecafc1e
2020-05-12 17:39:07 +00:00
caoyuan
9223deeecd Use correct variable for default certificate paths
The variable {{ node_config_directory }} is used for the configuration
directory on the remote hosts, and should not be used for paths on the
deploy host (localhost).

This changes the default value of the TLS certificate and CA file to
reference {{ CONFIG_DIR }}, in line with the directory used for
admin-openrc.sh (as of I0709482ead4b7a67e82796e17f85bde151e71bc0).

This change also introduces a variable, {{ node_config }}, that
references {{ CONFIG_DIR | default('/etc/kolla') }}, to remove
duplication.

Change-Id: Ibd82ac78630ebfff5824c329d7399e1e900c0ee0
Closes-Bug: #1804025
2018-11-19 16:25:28 +00:00
Marcin Juszkiewicz
c207520ca5 post-deploy: honour --config-dir argument
kolla-ansible can take globals.yml from any directory by using
--config-dir argument. So store admin credentials there as well.

Not everyone runs kolla-ansible as a root.

Change-Id: I0709482ead4b7a67e82796e17f85bde151e71bc0
2017-10-12 16:35:56 +02:00
Duong Ha-Quang
26b2c2d9e9 Specify 'become' to necessary tasks (general roles)
Add config_owner_user and config_owner_group to group_vars/all,
which is user and group of Kolla configuration files in /etc/kolla.

Add become to post-deploy playbook.

Add become to only neccesary tasks in roles:
- certificate
- common
- destroy
- haproxy
- mariadb
- memcached
- rabbitmq

Change-Id: I2aba745a6e3928c52642f64551470fd08cbfd058
Partial-Implements: blueprint ansible-specific-task-become
2017-09-25 06:52:04 +00:00
zhuzeyu
473a5e0ca7 Modify the hosts of the post-deploy.yml playbook
The admin-openrc.sh should copy to where the python-openstackclient was installed.
whatever multinode and all-in-one, the place where python-openstackclient was
installed is localhost, So admin-openrc.sh should copy to localhost.
The purpose of "connection: local" in ansible playbook is that make sure this script
can copy to localhost.In all-in-one, Writting as this is ok, it will copy to localhost,
but in multinode, this will make a bug, add ansible_connection=ssh in inventory file
the admin-openrc.sh will not copy to the localhost,the "connection:local" in post-deploy.yml
will be covered by "ansible_connection=ssh" in inventory file, then the script will be copied
to target node. So we should modify the hosts to localhost to avoid this bug.

Change-Id: I054717cc2b4adc600808282034a10a58c1184a38
Closes-Bug: #1666808
2017-03-09 11:14:35 +08:00
Hui Kang
46673b81c1 Create openrc file on the deploy node
This task is run as a post-deploy playbook

Implements: blueprint ansible-task-generate-openrc
Change-Id: I69f4ee895094da5c73494a41dccb2e86eb481656
2015-11-23 17:02:54 -05:00