openstack-ansible-tests/test-prepare-host.yml
Markos Chandras 1f2ab67987 test-prepare-host: Switch package state to 'present' on openSUSE
Similar to the CentOS case, we should use 'present' instead of 'latest'
for the package state so we don't spend time resolving dependencies,
querying repos etc. The 'present' state can be further improved either
in the zypper itself or in the Ansible module.

Change-Id: I44fae44030af1c9ee88dcc26c6b55c91a2531926
Link: https://github.com/ansible/ansible/pull/37191
Link: https://bugzilla.opensuse.org/show_bug.cgi?id=1084525
2018-03-08 16:18:19 +00:00

224 lines
8.5 KiB
YAML

---
# Copyright 2015, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- include: test-repo-setup.yml
- name: Playbook for configuring hosts
hosts: localhost
become: true
pre_tasks:
- include: "common-tasks/test-set-nodepool-vars.yml"
- name: Clear iptables rules
shell: "{{ playbook_dir }}/iptables-clear.sh"
tags:
- skip_ansible_lint
- name: Set ssh key fact
set_fact:
lxc_container_ssh_key: "{{ hostvars['localhost']['lxc_container_ssh_key'] }}"
- name: Ensure roots new public ssh key is in authorized_keys
authorized_key:
user: root
key: "{{ hostvars['localhost']['lxc_container_ssh_key'] }}"
manage_dir: no
# This is a very dirty hack due to images.linuxcontainers.org
# constantly failing to resolve in openstack-infra.
- name: Implement hard-coded hosts entries for consistently failing name
lineinfile:
path: "/etc/hosts"
line: "{{ item }}"
state: present
with_items:
- "91.189.91.21 images.linuxcontainers.org us.images.linuxcontainers.org"
- "91.189.88.37 images.linuxcontainers.org uk.images.linuxcontainers.org"
# NOTE(mhayden): Using package_state=present on CentOS or openSUSE should allow for
# more gate jobs to complete properly and expose more problems that can
# be fixed (instead of timeouts).
- name: Use present for package_state on CentOS and openSUSE
set_fact:
package_state: "{{ (ansible_pkg_mgr in ['dnf', 'yum', 'zypper']) | ternary('present', 'latest') }}"
- include: test-install-openstack-hosts.yml
- name: Playbook for configuring the LXC host
hosts: localhost
become: true
roles:
- role: "lxc_hosts"
lxc_net_address: 10.100.100.1
lxc_net_dhcp_range: 10.100.100.8,10.100.100.253
lxc_net_bridge: lxcbr0
post_tasks:
- name: Ensure that /etc/network/interfaces.d/ exists (Debian)
file:
path: /etc/network/interfaces.d/
state: directory
tags:
- networking-dir-create
when:
- ansible_pkg_mgr == 'apt'
- name: Copy network configuration (Debian)
template:
src: "network_interfaces/debian_interface_{{ item.type | default('default') }}.cfg.j2"
dest: "/etc/network/interfaces.d/{{ item.name | default('br-mgmt') }}.cfg"
with_items: "{{ bridges }}"
register: network_interfaces_deb
when:
- ansible_pkg_mgr == 'apt'
- name: Copy network configuration (RedHat)
template:
src: "network_interfaces/redhat_interface_{{ item.type | default('default') }}.cfg.j2"
dest: "/etc/sysconfig/network-scripts/ifcfg-{{ item.name | default('br-mgmt') }}"
with_items: "{{ bridges }}"
register: network_interfaces_rhel
when:
- ansible_pkg_mgr in ['yum', 'dnf']
- name: Copy network configuration (SUSE)
template:
src: "network_interfaces/suse_interface_{{ item.type | default('default') }}.cfg.j2"
dest: "/etc/sysconfig/network/ifcfg-{{ item.name | default('br-mgmt') }}"
with_items: "{{ bridges }}"
register: network_interfaces_suse
when:
- ansible_pkg_mgr == 'zypper'
- name: Create alias file when required
template:
src: "network_interfaces/redhat_interface_alias.cfg.j2"
dest: "/etc/sysconfig/network-scripts/ifcfg-{{ item.name | default('br-mgmt')}}:0"
with_items: "{{ bridges }}"
when:
- ansible_pkg_mgr in ['yum', 'dnf']
- item.alias is defined
- name: Put down post-up script for veth-peer interfaces (RedHat)
template:
src: "network_interfaces/rpm_interface_{{ item[0] }}.cfg.j2"
dest: "/etc/sysconfig/network-scripts/{{ item[0] }}-veth-{{ item[1].name | default('br-mgmt') }}-2-{{ item[1].veth_peer | default('eth1') }}"
mode: "0755"
with_nested:
- [ "ifup-post", "ifdown-post" ]
- "{{ bridges }}"
when:
- item[1].veth_peer is defined
- ansible_pkg_mgr in ['yum', 'dnf']
# NOTE(hworang): Nested loops do not work on blocks. See
# https://github.com/ansible/ansible/issues/13262
# As such we need to do that on a per-task basis.
- block:
- name: Put down post-up script for veth-peer interfaces (SUSE)
template:
src: "network_interfaces/rpm_interface_{{ item[0] }}.cfg.j2"
dest: "/etc/sysconfig/network/scripts/{{ item[0] }}-veth-{{ item[1].name | default('br-mgmt') }}-2-{{ item[1].veth_peer | default('eth1') }}"
mode: "0755"
with_nested:
- [ "ifup-post", "ifdown-post" ]
- "{{ bridges }}"
- name: Configure ifcfg files to use the post-up script (SUSE)
lineinfile:
dest: "/etc/sysconfig/network/ifcfg-{{ item[1].name | default('br-mgmt') }}"
line: "POST_UP_SCRIPT=\"compat:suse:{{ item[0] }}-veth-{{ item[1].name | default('br-mgmt') }}-2-{{ item[1].veth_peer | default('eth1') }}\""
with_nested:
- ['ifup-post']
- "{{ bridges }}"
- name: Configure ifcfg files to use the post-down script (SUSE)
lineinfile:
dest: "/etc/sysconfig/network/ifcfg-{{ item[1].name | default('br-mgmt') }}"
line: "POST_DOWN_SCRIPT=\"compat:suse:{{ item[0] }}-veth-{{ item[1].name | default('br-mgmt') }}-2-{{ item[1].veth_peer | default('eth1') }}\""
with_nested:
- ['ifdown-post']
- "{{ bridges }}"
when:
- item[1].veth_peer is defined
- ansible_pkg_mgr == 'zypper'
- name: Ensure our interfaces.d configuration files are loaded automatically
lineinfile:
dest: /etc/network/interfaces
line: "source /etc/network/interfaces.d/*.cfg"
when:
- ansible_pkg_mgr == 'apt'
tags:
- networking-interfaces-load
- name: Ensure the postup/postdown scripts are loaded (RedHat)
lineinfile:
dest: "/etc/sysconfig/network-scripts/{{ item[0] }}"
line: ". /etc/sysconfig/network-scripts/{{ item[0] }}-veth-{{ item[1].name | default('br-mgmt') }}-2-{{ item[1].veth_peer | default('eth1') }}"
insertbefore: "^exit 0"
with_nested:
- [ "ifup-post", "ifdown-post" ]
- "{{ bridges }}"
when:
- item[1].veth_peer is defined
- ansible_pkg_mgr in ['yum', 'dnf']
- name: Shut down the network interfaces
command: "ifdown {{ item.name | default('br-mgmt') }}"
when:
- (network_interfaces_rhel | changed) or (network_interfaces_deb | changed) or
(network_interfaces_suse | changed)
with_items: "{{ bridges }}"
- name: Shut down the alias interface (RedHat)
command: "ifdown {{ item.name | default('br-mgmt') }}:0"
when:
- ansible_pkg_mgr in ['yum', 'dnf']
- network_interfaces_rhel | changed
- item.alias is defined
with_items: "{{ bridges }}"
- name: Start the network interfaces
command: "ifup {{ item.name | default('br-mgmt') }}"
when:
- (network_interfaces_rhel | changed) or (network_interfaces_deb | changed) or
(network_interfaces_suse | changed)
with_items: "{{ bridges }}"
- name: Start the alias interface (RedHat)
command: "ifup {{ item.name | default('br-mgmt') }}:0"
when:
- ansible_pkg_mgr in ['yum', 'dnf']
- network_interfaces_rhel | changed
- item.alias is defined
with_items: "{{ bridges }}"
- name: Determine iptables path
shell: which iptables
register: _iptables_path
tags:
- skip_ansible_lint
- name: Add iptables rule to ensure traffic checksum is correct
command: "{{ _iptables_path.stdout }} -A POSTROUTING -t mangle -p tcp -j CHECKSUM --checksum-fill"
tags:
- skip_ansible_lint
- name: Add iptables rule to provide internet connectivity to instances
command: "{{ _iptables_path.stdout }} -t nat -A POSTROUTING -o eth0 -j MASQUERADE"
tags:
- skip_ansible_lint
- name: Add iptables rules for lxc natting
command: /usr/local/bin/lxc-system-manage iptables-create
tags:
- skip_ansible_lint
vars_files:
- test-vars.yml