Retire Tripleo: remove repo content
TripleO project is retiring - https://review.opendev.org/c/openstack/governance/+/905145 this commit remove the content of this project repo Change-Id: I2fcd63ee46cf8e3651fb997e414a1a556f2b2455
This commit is contained in:
parent
9fca209d49
commit
120bd48006
@ -1,7 +0,0 @@
|
||||
[run]
|
||||
branch = True
|
||||
source = tripleo_common
|
||||
omit = tripleo_common/tests/*
|
||||
|
||||
[report]
|
||||
ignore_errors = True
|
58
.gitignore
vendored
58
.gitignore
vendored
@ -1,58 +0,0 @@
|
||||
*.py[cod]
|
||||
|
||||
# C extensions
|
||||
*.so
|
||||
|
||||
# Packages
|
||||
*.egg*
|
||||
dist
|
||||
build
|
||||
eggs
|
||||
parts
|
||||
bin
|
||||
var
|
||||
sdist
|
||||
develop-eggs
|
||||
.installed.cfg
|
||||
lib
|
||||
lib64
|
||||
|
||||
# Installer logs
|
||||
pip-log.txt
|
||||
|
||||
# Unit test / coverage reports
|
||||
.coverage
|
||||
cover
|
||||
.tox
|
||||
.venv
|
||||
.stestr/*
|
||||
|
||||
# Translations
|
||||
*.mo
|
||||
|
||||
# Mr Developer
|
||||
.mr.developer.cfg
|
||||
.project
|
||||
.pydevproject
|
||||
|
||||
# Complexity
|
||||
output/*.html
|
||||
output/*/index.html
|
||||
|
||||
# Sphinx
|
||||
doc/build
|
||||
|
||||
# pbr generates these
|
||||
AUTHORS
|
||||
ChangeLog
|
||||
|
||||
# Editors
|
||||
*~
|
||||
.*.swp
|
||||
.*sw?
|
||||
|
||||
# Files created by releasenotes build
|
||||
releasenotes/build
|
||||
|
||||
# Playbook retry files
|
||||
*.retry
|
3
.mailmap
3
.mailmap
@ -1,3 +0,0 @@
|
||||
# Format is:
|
||||
# <preferred e-mail> <other e-mail 1>
|
||||
# <preferred e-mail> <other e-mail 2>
|
@ -1,33 +0,0 @@
|
||||
---
|
||||
repos:
|
||||
- repo: https://github.com/pre-commit/pre-commit-hooks
|
||||
rev: v3.4.0
|
||||
hooks:
|
||||
- id: trailing-whitespace
|
||||
- id: mixed-line-ending
|
||||
- id: check-byte-order-marker
|
||||
- id: check-executables-have-shebangs
|
||||
- id: check-merge-conflict
|
||||
- id: debug-statements
|
||||
- id: check-yaml
|
||||
files: .*\.(yaml|yml)$
|
||||
- repo: https://github.com/pycqa/flake8.git
|
||||
rev: 3.9.0
|
||||
hooks:
|
||||
- id: flake8
|
||||
- repo: https://github.com/openstack-dev/bashate.git
|
||||
rev: 2.0.0
|
||||
hooks:
|
||||
- id: bashate
|
||||
entry: bashate --error . --ignore=E006,E040,E042
|
||||
# Run bashate check for all bash scripts
|
||||
# Ignores the following rules:
|
||||
# E006: Line longer than 79 columns (as many scripts use jinja
|
||||
# templating, this is very difficult)
|
||||
# E040: Syntax error determined using `bash -n` (as many scripts
|
||||
# use jinja templating, this will often fail and the syntax
|
||||
# error will be discovered in execution anyway)
|
||||
- repo: https://github.com/PyCQA/pylint
|
||||
rev: pylint-2.7.2
|
||||
hooks:
|
||||
- id: pylint
|
55
.pylintrc
55
.pylintrc
@ -1,55 +0,0 @@
|
||||
[MESSAGES CONTROL]
|
||||
|
||||
disable =
|
||||
# TODO(ssbarnea): remove temporary skips adding during initial adoption:
|
||||
arguments-differ,
|
||||
attribute-defined-outside-init,
|
||||
broad-except,
|
||||
consider-iterating-dictionary,
|
||||
consider-merging-isinstance,
|
||||
consider-using-dict-comprehension,
|
||||
consider-using-in,
|
||||
consider-using-set-comprehension,
|
||||
dangerous-default-value,
|
||||
duplicate-code,
|
||||
fixme,
|
||||
global-statement,
|
||||
import-error,
|
||||
inconsistent-return-statements,
|
||||
invalid-name,
|
||||
missing-class-docstring,
|
||||
missing-function-docstring,
|
||||
missing-module-docstring,
|
||||
no-self-use,
|
||||
no-value-for-parameter,
|
||||
protected-access,
|
||||
raise-missing-from,
|
||||
redefined-argument-from-local,
|
||||
redefined-builtin,
|
||||
redefined-outer-name,
|
||||
super-init-not-called,
|
||||
super-with-arguments,
|
||||
superfluous-parens,
|
||||
too-few-public-methods,
|
||||
too-many-ancestors,
|
||||
too-many-arguments,
|
||||
too-many-branches,
|
||||
too-many-instance-attributes,
|
||||
too-many-lines,
|
||||
too-many-locals,
|
||||
too-many-nested-blocks,
|
||||
too-many-public-methods,
|
||||
too-many-statements,
|
||||
unidiomatic-typecheck,
|
||||
unnecessary-comprehension,
|
||||
unnecessary-pass,
|
||||
unsubscriptable-object,
|
||||
unused-argument,
|
||||
unused-variable,
|
||||
useless-object-inheritance,
|
||||
useless-super-delegation,
|
||||
wrong-import-order,
|
||||
wrong-import-position
|
||||
|
||||
[REPORTS]
|
||||
output-format = colorized
|
@ -1,3 +0,0 @@
|
||||
[DEFAULT]
|
||||
test_path=${TEST_PATH:-./tripleo_common/tests}
|
||||
top_dir=./
|
@ -1,16 +0,0 @@
|
||||
If you would like to contribute to the development of OpenStack,
|
||||
you must follow the steps in this page:
|
||||
|
||||
https://docs.openstack.org/infra/manual/developers.html
|
||||
|
||||
Once those steps have been completed, changes to OpenStack
|
||||
should be submitted for review via the Gerrit tool, following
|
||||
the workflow documented at:
|
||||
|
||||
https://docs.openstack.org/infra/manual/developers.html#development-workflow
|
||||
|
||||
Pull requests submitted through GitHub will be ignored.
|
||||
|
||||
Bugs should be filed on Launchpad, not GitHub:
|
||||
|
||||
https://bugs.launchpad.net/tripleo
|
@ -1,4 +0,0 @@
|
||||
tripleo-common Style Commandments
|
||||
=================================
|
||||
|
||||
Read the OpenStack Style Commandments https://docs.openstack.org/hacking/latest/
|
176
LICENSE
176
LICENSE
@ -1,176 +0,0 @@
|
||||
|
||||
Apache License
|
||||
Version 2.0, January 2004
|
||||
http://www.apache.org/licenses/
|
||||
|
||||
TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
|
||||
|
||||
1. Definitions.
|
||||
|
||||
"License" shall mean the terms and conditions for use, reproduction,
|
||||
and distribution as defined by Sections 1 through 9 of this document.
|
||||
|
||||
"Licensor" shall mean the copyright owner or entity authorized by
|
||||
the copyright owner that is granting the License.
|
||||
|
||||
"Legal Entity" shall mean the union of the acting entity and all
|
||||
other entities that control, are controlled by, or are under common
|
||||
control with that entity. For the purposes of this definition,
|
||||
"control" means (i) the power, direct or indirect, to cause the
|
||||
direction or management of such entity, whether by contract or
|
||||
otherwise, or (ii) ownership of fifty percent (50%) or more of the
|
||||
outstanding shares, or (iii) beneficial ownership of such entity.
|
||||
|
||||
"You" (or "Your") shall mean an individual or Legal Entity
|
||||
exercising permissions granted by this License.
|
||||
|
||||
"Source" form shall mean the preferred form for making modifications,
|
||||
including but not limited to software source code, documentation
|
||||
source, and configuration files.
|
||||
|
||||
"Object" form shall mean any form resulting from mechanical
|
||||
transformation or translation of a Source form, including but
|
||||
not limited to compiled object code, generated documentation,
|
||||
and conversions to other media types.
|
||||
|
||||
"Work" shall mean the work of authorship, whether in Source or
|
||||
Object form, made available under the License, as indicated by a
|
||||
copyright notice that is included in or attached to the work
|
||||
(an example is provided in the Appendix below).
|
||||
|
||||
"Derivative Works" shall mean any work, whether in Source or Object
|
||||
form, that is based on (or derived from) the Work and for which the
|
||||
editorial revisions, annotations, elaborations, or other modifications
|
||||
represent, as a whole, an original work of authorship. For the purposes
|
||||
of this License, Derivative Works shall not include works that remain
|
||||
separable from, or merely link (or bind by name) to the interfaces of,
|
||||
the Work and Derivative Works thereof.
|
||||
|
||||
"Contribution" shall mean any work of authorship, including
|
||||
the original version of the Work and any modifications or additions
|
||||
to that Work or Derivative Works thereof, that is intentionally
|
||||
submitted to Licensor for inclusion in the Work by the copyright owner
|
||||
or by an individual or Legal Entity authorized to submit on behalf of
|
||||
the copyright owner. For the purposes of this definition, "submitted"
|
||||
means any form of electronic, verbal, or written communication sent
|
||||
to the Licensor or its representatives, including but not limited to
|
||||
communication on electronic mailing lists, source code control systems,
|
||||
and issue tracking systems that are managed by, or on behalf of, the
|
||||
Licensor for the purpose of discussing and improving the Work, but
|
||||
excluding communication that is conspicuously marked or otherwise
|
||||
designated in writing by the copyright owner as "Not a Contribution."
|
||||
|
||||
"Contributor" shall mean Licensor and any individual or Legal Entity
|
||||
on behalf of whom a Contribution has been received by Licensor and
|
||||
subsequently incorporated within the Work.
|
||||
|
||||
2. Grant of Copyright License. Subject to the terms and conditions of
|
||||
this License, each Contributor hereby grants to You a perpetual,
|
||||
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
|
||||
copyright license to reproduce, prepare Derivative Works of,
|
||||
publicly display, publicly perform, sublicense, and distribute the
|
||||
Work and such Derivative Works in Source or Object form.
|
||||
|
||||
3. Grant of Patent License. Subject to the terms and conditions of
|
||||
this License, each Contributor hereby grants to You a perpetual,
|
||||
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
|
||||
(except as stated in this section) patent license to make, have made,
|
||||
use, offer to sell, sell, import, and otherwise transfer the Work,
|
||||
where such license applies only to those patent claims licensable
|
||||
by such Contributor that are necessarily infringed by their
|
||||
Contribution(s) alone or by combination of their Contribution(s)
|
||||
with the Work to which such Contribution(s) was submitted. If You
|
||||
institute patent litigation against any entity (including a
|
||||
cross-claim or counterclaim in a lawsuit) alleging that the Work
|
||||
or a Contribution incorporated within the Work constitutes direct
|
||||
or contributory patent infringement, then any patent licenses
|
||||
granted to You under this License for that Work shall terminate
|
||||
as of the date such litigation is filed.
|
||||
|
||||
4. Redistribution. You may reproduce and distribute copies of the
|
||||
Work or Derivative Works thereof in any medium, with or without
|
||||
modifications, and in Source or Object form, provided that You
|
||||
meet the following conditions:
|
||||
|
||||
(a) You must give any other recipients of the Work or
|
||||
Derivative Works a copy of this License; and
|
||||
|
||||
(b) You must cause any modified files to carry prominent notices
|
||||
stating that You changed the files; and
|
||||
|
||||
(c) You must retain, in the Source form of any Derivative Works
|
||||
that You distribute, all copyright, patent, trademark, and
|
||||
attribution notices from the Source form of the Work,
|
||||
excluding those notices that do not pertain to any part of
|
||||
the Derivative Works; and
|
||||
|
||||
(d) If the Work includes a "NOTICE" text file as part of its
|
||||
distribution, then any Derivative Works that You distribute must
|
||||
include a readable copy of the attribution notices contained
|
||||
within such NOTICE file, excluding those notices that do not
|
||||
pertain to any part of the Derivative Works, in at least one
|
||||
of the following places: within a NOTICE text file distributed
|
||||
as part of the Derivative Works; within the Source form or
|
||||
documentation, if provided along with the Derivative Works; or,
|
||||
within a display generated by the Derivative Works, if and
|
||||
wherever such third-party notices normally appear. The contents
|
||||
of the NOTICE file are for informational purposes only and
|
||||
do not modify the License. You may add Your own attribution
|
||||
notices within Derivative Works that You distribute, alongside
|
||||
or as an addendum to the NOTICE text from the Work, provided
|
||||
that such additional attribution notices cannot be construed
|
||||
as modifying the License.
|
||||
|
||||
You may add Your own copyright statement to Your modifications and
|
||||
may provide additional or different license terms and conditions
|
||||
for use, reproduction, or distribution of Your modifications, or
|
||||
for any such Derivative Works as a whole, provided Your use,
|
||||
reproduction, and distribution of the Work otherwise complies with
|
||||
the conditions stated in this License.
|
||||
|
||||
5. Submission of Contributions. Unless You explicitly state otherwise,
|
||||
any Contribution intentionally submitted for inclusion in the Work
|
||||
by You to the Licensor shall be under the terms and conditions of
|
||||
this License, without any additional terms or conditions.
|
||||
Notwithstanding the above, nothing herein shall supersede or modify
|
||||
the terms of any separate license agreement you may have executed
|
||||
with Licensor regarding such Contributions.
|
||||
|
||||
6. Trademarks. This License does not grant permission to use the trade
|
||||
names, trademarks, service marks, or product names of the Licensor,
|
||||
except as required for reasonable and customary use in describing the
|
||||
origin of the Work and reproducing the content of the NOTICE file.
|
||||
|
||||
7. Disclaimer of Warranty. Unless required by applicable law or
|
||||
agreed to in writing, Licensor provides the Work (and each
|
||||
Contributor provides its Contributions) on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
|
||||
implied, including, without limitation, any warranties or conditions
|
||||
of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
|
||||
PARTICULAR PURPOSE. You are solely responsible for determining the
|
||||
appropriateness of using or redistributing the Work and assume any
|
||||
risks associated with Your exercise of permissions under this License.
|
||||
|
||||
8. Limitation of Liability. In no event and under no legal theory,
|
||||
whether in tort (including negligence), contract, or otherwise,
|
||||
unless required by applicable law (such as deliberate and grossly
|
||||
negligent acts) or agreed to in writing, shall any Contributor be
|
||||
liable to You for damages, including any direct, indirect, special,
|
||||
incidental, or consequential damages of any character arising as a
|
||||
result of this License or out of the use or inability to use the
|
||||
Work (including but not limited to damages for loss of goodwill,
|
||||
work stoppage, computer failure or malfunction, or any and all
|
||||
other commercial damages or losses), even if such Contributor
|
||||
has been advised of the possibility of such damages.
|
||||
|
||||
9. Accepting Warranty or Additional Liability. While redistributing
|
||||
the Work or Derivative Works thereof, You may choose to offer,
|
||||
and charge a fee for, acceptance of support, warranty, indemnity,
|
||||
or other liability obligations and/or rights consistent with this
|
||||
License. However, in accepting such obligations, You may act only
|
||||
on Your own behalf and on Your sole responsibility, not on behalf
|
||||
of any other Contributor, and only if You agree to indemnify,
|
||||
defend, and hold each Contributor harmless for any liability
|
||||
incurred by, or claims asserted against, such Contributor by reason
|
||||
of your accepting any such warranty or additional liability.
|
||||
|
26
README.rst
26
README.rst
@ -1,20 +1,10 @@
|
||||
========================
|
||||
Team and repository tags
|
||||
========================
|
||||
This project is no longer maintained.
|
||||
|
||||
.. image:: https://governance.openstack.org/tc/badges/tripleo-common.svg
|
||||
:target: https://governance.openstack.org/tc/reference/tags/index.html
|
||||
The contents of this repository are still available in the Git
|
||||
source code management system. To see the contents of this
|
||||
repository before it reached its end of life, please check out the
|
||||
previous commit with "git checkout HEAD^1".
|
||||
|
||||
.. Change things from this point on
|
||||
|
||||
==============
|
||||
tripleo-common
|
||||
==============
|
||||
|
||||
A common library for TripleO workflows.
|
||||
|
||||
* Free software: Apache license
|
||||
* Documentation: https://docs.openstack.org/tripleo-common/latest/
|
||||
* Source: http://opendev.org/openstack/tripleo-common
|
||||
* Bugs: https://bugs.launchpad.net/tripleo-common
|
||||
* Release notes: https://docs.openstack.org/releasenotes/tripleo-common
|
||||
For any further questions, please email
|
||||
openstack-discuss@lists.openstack.org or join #openstack-dev on
|
||||
OFTC.
|
||||
|
38
bindep.txt
38
bindep.txt
@ -1,38 +0,0 @@
|
||||
# This file facilitates OpenStack-CI package installation
|
||||
# before the execution of any tests.
|
||||
#
|
||||
# See the following for details:
|
||||
# - https://docs.openstack.org/infra/bindep/
|
||||
# - https://opendev.org/opendev/bindep/
|
||||
#
|
||||
# Even if the role does not make use of this facility, it
|
||||
# is better to have this file empty, otherwise OpenStack-CI
|
||||
# will fall back to installing its default packages which
|
||||
# will potentially be detrimental to the tests executed.
|
||||
|
||||
# The gcc compiler
|
||||
gcc
|
||||
|
||||
# Base requirements for RPM distros
|
||||
gcc-c++ [platform:rpm]
|
||||
git [platform:rpm]
|
||||
libffi-devel [platform:rpm]
|
||||
openssl-devel [platform:rpm]
|
||||
python-devel [(platform:rpm platform:base-py2)]
|
||||
python2-dnf [(platform:rpm platform:base-py2)]
|
||||
|
||||
# For SELinux
|
||||
libselinux-python [(platform:rpm platform:base-py2)]
|
||||
python3-libselinux [(platform:rpm platform:base-py3)]
|
||||
libsemanage-python [(platform:rpm platform:base-py2)]
|
||||
python3-libsemanage-python [(platform:rpm platform:base-py3)]
|
||||
|
||||
# Required for compressing collected log files in CI
|
||||
gzip
|
||||
|
||||
# Required to build language docs
|
||||
gettext
|
||||
|
||||
# debian requirements (linters)
|
||||
libffi-dev [platform:dpkg]
|
||||
libssl-dev [platform:dpkg]
|
@ -1,55 +0,0 @@
|
||||
- imagename: "{{ceph_namespace}}/{{ceph_image}}:{{ceph_tag}}"
|
||||
image_source: ceph
|
||||
params:
|
||||
- ContainerCephDaemonImage
|
||||
services:
|
||||
- OS::TripleO::Services::CephClient
|
||||
- OS::TripleO::Services::CephExternal
|
||||
- OS::TripleO::Services::CephMds
|
||||
- OS::TripleO::Services::CephMgr
|
||||
- OS::TripleO::Services::CephMon
|
||||
- OS::TripleO::Services::CephOSD
|
||||
- OS::TripleO::Services::CephRgw
|
||||
- OS::TripleO::Services::CephRbdMirror
|
||||
|
||||
- imagename: "{{ceph_prometheus_namespace}}/{{ceph_prometheus_image}}:{{ceph_prometheus_tag}}"
|
||||
image_source: prom
|
||||
params:
|
||||
- PrometheusContainerImage
|
||||
services:
|
||||
- OS::TripleO::Services::CephGrafana
|
||||
|
||||
- imagename: "{{ceph_alertmanager_namespace}}/{{ceph_alertmanager_image}}:{{ceph_alertmanager_tag}}"
|
||||
image_source: prom
|
||||
params:
|
||||
- AlertManagerContainerImage
|
||||
services:
|
||||
- OS::TripleO::Services::CephGrafana
|
||||
|
||||
- imagename: "{{ceph_node_exporter_namespace}}/{{ceph_node_exporter_image}}:{{ceph_node_exporter_tag}}"
|
||||
image_source: prom
|
||||
params:
|
||||
- NodeExporterContainerImage
|
||||
services:
|
||||
- OS::TripleO::Services::CephGrafana
|
||||
|
||||
- imagename: "{{ceph_grafana_namespace}}/{{ceph_grafana_image}}:{{ceph_grafana_tag}}"
|
||||
image_source: grafana
|
||||
params:
|
||||
- GrafanaContainerImage
|
||||
services:
|
||||
- OS::TripleO::Services::CephGrafana
|
||||
|
||||
- imagename: "{{ceph_keepalived_namespace}}/{{ceph_keepalived_image}}:{{ceph_keepalived_tag}}"
|
||||
image_source: keepalived
|
||||
params:
|
||||
- KeepalivedContainerImage
|
||||
services:
|
||||
- OS::TripleO::Services::CephIngress
|
||||
|
||||
- imagename: "{{ceph_haproxy_namespace}}/{{ceph_haproxy_image}}:{{ceph_haproxy_tag}}"
|
||||
image_source: haproxy
|
||||
params:
|
||||
- HaproxyContainerImage
|
||||
services:
|
||||
- OS::TripleO::Services::CephIngress
|
@ -1,61 +0,0 @@
|
||||
parameter_defaults:
|
||||
ContainerImagePrepare:
|
||||
# Image label which allows the versioned tag to be looked up from the <tag>
|
||||
# image.
|
||||
- tag_from_label: rdo_version
|
||||
# Uncomment to serve images from the undercloud registry. Images will be
|
||||
# copied to the undercloud registry during preparation.
|
||||
# To copy/serve from a different local registry, set the value to
|
||||
# <address>:<port> of the registry service.
|
||||
# push_destination: true
|
||||
|
||||
# Substitutions to be made when processing the template file
|
||||
# <prefix>/share/tripleo-common/container-images/tripleo_containers.yaml.j2
|
||||
set:
|
||||
# Container image name components for OpenStack images.
|
||||
namespace: quay.io/tripleomastercentos9
|
||||
name_prefix: openstack-
|
||||
name_suffix: ''
|
||||
tag: current-tripleo
|
||||
rhel_containers: false
|
||||
|
||||
# Substitute neutron images based on driver. Can be 'other' or 'ovn'.
|
||||
# This is usually set automatically by detecting if ovn services are
|
||||
# deployed.
|
||||
neutron_driver: 'ovn'
|
||||
|
||||
# Container image name components for Ceph images.
|
||||
# Only used if Ceph is deployed.
|
||||
|
||||
# Pass ceph_images: false to avoid pulling the Ceph related images
|
||||
ceph_namespace: quay.rdoproject.org/tripleomastercentos9
|
||||
ceph_image: daemon
|
||||
ceph_tag: current-ceph
|
||||
|
||||
ceph_prometheus_namespace: quay.io/prometheus
|
||||
ceph_prometheus_image: prometheus
|
||||
ceph_prometheus_tag: v2.33.4
|
||||
|
||||
ceph_alertmanager_namespace: quay.io/prometheus
|
||||
ceph_alertmanager_image: alertmanager
|
||||
ceph_alertmanager_tag: v0.23.0
|
||||
|
||||
ceph_node_exporter_namespace: quay.io/prometheus
|
||||
ceph_node_exporter_image: node-exporter
|
||||
ceph_node_exporter_tag: v1.3.1
|
||||
|
||||
ceph_grafana_namespace: quay.io/ceph
|
||||
ceph_grafana_image: ceph-grafana
|
||||
ceph_grafana_tag: 6.7.4
|
||||
|
||||
ceph_haproxy_namespace: quay.io/ceph
|
||||
ceph_haproxy_image: haproxy
|
||||
ceph_haproxy_tag: 2.3
|
||||
|
||||
ceph_keepalived_namespace: quay.io/ceph
|
||||
ceph_keepalived_image: keepalived
|
||||
ceph_keepalived_tag: 2.1.5
|
||||
|
||||
pushgateway_namespace: quay.io/prometheus
|
||||
pushgateway_image: pushgateway
|
||||
pushgateway_tag: v1.4.2
|
@ -1 +0,0 @@
|
||||
%kolla ALL=(root) NOPASSWD: /usr/bin/chown -R barbican /var/lib/barbican/, /bin/chown -R barbican /var/lib/barbican/
|
@ -1,20 +0,0 @@
|
||||
#!/bin/bash
|
||||
|
||||
# This script performs setup necessary to run the Apache httpd web server.
|
||||
# It should be sourced rather than executed as environment variables are set.
|
||||
|
||||
# Assume the service runs on top of Apache httpd when user is root.
|
||||
if [[ "$(whoami)" == 'root' ]]; then
|
||||
# NOTE(pbourke): httpd will not clean up after itself in some cases which
|
||||
# results in the container not being able to restart. (bug #1489676, 1557036)
|
||||
rm -rf /var/run/httpd/* /run/httpd/* /tmp/httpd*
|
||||
|
||||
# CentOS 8 has an issue with mod_ssl which produces an invalid Apache
|
||||
# configuration in /etc/httpd/conf.d/ssl.conf. This causes the following error
|
||||
# on startup:
|
||||
# SSLCertificateFile: file '/etc/pki/tls/certs/localhost.crt' does not exist or is empty
|
||||
# Work around this by generating certificates manually.
|
||||
if [[ ! -e /etc/pki/tls/certs/localhost.crt ]]; then
|
||||
/usr/libexec/httpd-ssl-gencerts
|
||||
fi
|
||||
fi
|
@ -1,434 +0,0 @@
|
||||
#!/usr/bin/env python3
|
||||
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
import argparse
|
||||
import glob
|
||||
import grp
|
||||
import json
|
||||
import logging
|
||||
import os
|
||||
import pwd
|
||||
import shutil
|
||||
import sys
|
||||
|
||||
|
||||
# TODO(rhallisey): add docstring.
|
||||
logging.basicConfig()
|
||||
LOG = logging.getLogger(__name__)
|
||||
LOG.setLevel(logging.INFO)
|
||||
|
||||
|
||||
class ExitingException(Exception):
|
||||
def __init__(self, message, exit_code=1):
|
||||
super(ExitingException, self).__init__(message)
|
||||
self.exit_code = exit_code
|
||||
|
||||
|
||||
class ImmutableConfig(ExitingException):
|
||||
pass
|
||||
|
||||
|
||||
class InvalidConfig(ExitingException):
|
||||
pass
|
||||
|
||||
|
||||
class MissingRequiredSource(ExitingException):
|
||||
pass
|
||||
|
||||
|
||||
class UserNotFound(ExitingException):
|
||||
pass
|
||||
|
||||
|
||||
class ConfigFileBadState(ExitingException):
|
||||
pass
|
||||
|
||||
|
||||
class ConfigFile(object):
|
||||
|
||||
def __init__(self, source, dest, owner=None, perm=None, optional=False,
|
||||
preserve_properties=False, merge=False):
|
||||
self.source = source
|
||||
self.dest = dest
|
||||
self.owner = owner
|
||||
self.perm = perm
|
||||
self.optional = optional
|
||||
self.merge = merge
|
||||
self.preserve_properties = preserve_properties
|
||||
|
||||
def __str__(self):
|
||||
return '<ConfigFile source:"{}" dest:"{}">'.format(self.source,
|
||||
self.dest)
|
||||
|
||||
def _copy_file(self, source, dest):
|
||||
self._delete_path(dest)
|
||||
# dest endswith / means copy the <source> to <dest> folder
|
||||
LOG.info('Copying %s to %s', source, dest)
|
||||
if self.merge and self.preserve_properties and os.path.islink(source):
|
||||
link_target = os.readlink(source)
|
||||
os.symlink(link_target, dest)
|
||||
else:
|
||||
shutil.copy(source, dest)
|
||||
self._set_properties(source, dest)
|
||||
|
||||
def _merge_directories(self, source, dest):
|
||||
if os.path.isdir(source):
|
||||
if os.path.lexists(dest) and not os.path.isdir(dest):
|
||||
self._delete_path(dest)
|
||||
if not os.path.isdir(dest):
|
||||
LOG.info('Creating directory %s', dest)
|
||||
os.makedirs(dest)
|
||||
self._set_properties(source, dest)
|
||||
|
||||
dir_content = os.listdir(source)
|
||||
for to_copy in dir_content:
|
||||
self._merge_directories(os.path.join(source, to_copy),
|
||||
os.path.join(dest, to_copy))
|
||||
else:
|
||||
self._copy_file(source, dest)
|
||||
|
||||
def _delete_path(self, path):
|
||||
if not os.path.lexists(path):
|
||||
return
|
||||
LOG.info('Deleting %s', path)
|
||||
if os.path.isdir(path):
|
||||
shutil.rmtree(path)
|
||||
else:
|
||||
os.remove(path)
|
||||
|
||||
def _create_parent_dirs(self, path):
|
||||
parent_path = os.path.dirname(path)
|
||||
if not os.path.exists(parent_path):
|
||||
os.makedirs(parent_path)
|
||||
|
||||
def _set_properties(self, source, dest):
|
||||
if self.preserve_properties:
|
||||
self._set_properties_from_file(source, dest)
|
||||
else:
|
||||
self._set_properties_from_conf(dest)
|
||||
|
||||
def _set_properties_from_file(self, source, dest):
|
||||
shutil.copystat(source, dest)
|
||||
stat = os.stat(source)
|
||||
os.chown(dest, stat.st_uid, stat.st_gid)
|
||||
|
||||
def _set_properties_from_conf(self, path):
|
||||
config = {'permissions':
|
||||
[{'owner': self.owner, 'path': path, 'perm': self.perm}]}
|
||||
handle_permissions(config)
|
||||
|
||||
def copy(self):
|
||||
|
||||
sources = glob.glob(self.source)
|
||||
|
||||
if not self.optional and not sources:
|
||||
raise MissingRequiredSource('%s file is not found' % self.source)
|
||||
# skip when there is no sources and optional
|
||||
if self.optional and not sources:
|
||||
return
|
||||
|
||||
for source in sources:
|
||||
dest = self.dest
|
||||
# dest endswith / means copy the <source> into <dest> folder,
|
||||
# otherwise means copy the source to dest
|
||||
if dest.endswith(os.sep):
|
||||
dest = os.path.join(dest, os.path.basename(source))
|
||||
if not self.merge:
|
||||
self._delete_path(dest)
|
||||
self._create_parent_dirs(dest)
|
||||
try:
|
||||
self._merge_directories(source, dest)
|
||||
except OSError:
|
||||
# If a source is tried to merge with a read-only mount, it
|
||||
# may throw an OSError. Because we don't print the source or
|
||||
# dest anywhere, let's catch the exception and log a better
|
||||
# message to help with tracking down the issue.
|
||||
LOG.error('Unable to merge %s with %s', source, dest)
|
||||
raise
|
||||
|
||||
def _cmp_file(self, source, dest):
|
||||
# check exsit
|
||||
if (os.path.exists(source) and
|
||||
not self.optional and
|
||||
not os.path.exists(dest)):
|
||||
return False
|
||||
# check content
|
||||
with open(source) as f1, open(dest) as f2:
|
||||
if f1.read() != f2.read():
|
||||
LOG.error('The content of source file(%s) and'
|
||||
' dest file(%s) are not equal.', source, dest)
|
||||
return False
|
||||
# check perm
|
||||
file_stat = os.stat(dest)
|
||||
actual_perm = oct(file_stat.st_mode)[-4:]
|
||||
if self.perm != actual_perm:
|
||||
LOG.error('Dest file does not have expected perm: %s, actual: %s',
|
||||
self.perm, actual_perm)
|
||||
return False
|
||||
# check owner
|
||||
desired_user, desired_group = user_group(self.owner)
|
||||
actual_user = pwd.getpwuid(file_stat.st_uid)
|
||||
if actual_user.pw_name != desired_user:
|
||||
LOG.error('Dest file does not have expected user: %s,'
|
||||
' actual: %s ', desired_user, actual_user.pw_name)
|
||||
return False
|
||||
actual_group = grp.getgrgid(file_stat.st_gid)
|
||||
if actual_group.gr_name != desired_group:
|
||||
LOG.error('Dest file does not have expected group: %s,'
|
||||
' actual: %s ', desired_group, actual_group.gr_name)
|
||||
return False
|
||||
return True
|
||||
|
||||
def _cmp_dir(self, source, dest):
|
||||
for root, dirs, files in os.walk(source):
|
||||
for dir_ in dirs:
|
||||
full_path = os.path.join(root, dir_)
|
||||
dest_full_path = os.path.join(dest, os.path.relpath(source,
|
||||
full_path))
|
||||
dir_stat = os.stat(dest_full_path)
|
||||
actual_perm = oct(dir_stat.st_mode)[-4:]
|
||||
if self.perm != actual_perm:
|
||||
LOG.error('Dest dir does not have expected perm: %s,'
|
||||
' actual %s', self.perm, actual_perm)
|
||||
return False
|
||||
for file_ in files:
|
||||
full_path = os.path.join(root, file_)
|
||||
dest_full_path = os.path.join(dest, os.path.relpath(source,
|
||||
full_path))
|
||||
if not self._cmp_file(full_path, dest_full_path):
|
||||
return False
|
||||
return True
|
||||
|
||||
def check(self):
|
||||
bad_state_files = []
|
||||
sources = glob.glob(self.source)
|
||||
|
||||
if not sources and not self.optional:
|
||||
raise MissingRequiredSource('%s file is not found' % self.source)
|
||||
if self.optional and not sources:
|
||||
return
|
||||
|
||||
for source in sources:
|
||||
dest = self.dest
|
||||
# dest endswith / means copy the <source> into <dest> folder,
|
||||
# otherwise means copy the source to dest
|
||||
if dest.endswith(os.sep):
|
||||
dest = os.path.join(dest, os.path.basename(source))
|
||||
if os.path.isdir(source) and not self._cmp_dir(source, dest):
|
||||
bad_state_files.append(source)
|
||||
elif not self._cmp_file(source, dest):
|
||||
bad_state_files.append(source)
|
||||
if len(bad_state_files) != 0:
|
||||
msg = 'Following files are in bad state: %s' % bad_state_files
|
||||
raise ConfigFileBadState(msg)
|
||||
|
||||
|
||||
def validate_config(config):
|
||||
required_keys = {'source', 'dest'}
|
||||
|
||||
if 'command' not in config:
|
||||
raise InvalidConfig('Config is missing required "command" key')
|
||||
|
||||
# Validate config sections
|
||||
for data in config.get('config_files', list()):
|
||||
# Verify required keys exist.
|
||||
if not set(data.keys()) >= required_keys:
|
||||
message = 'Config is missing required keys: %s' % required_keys
|
||||
raise InvalidConfig(message)
|
||||
if ('owner' not in data or 'perm' not in data) \
|
||||
and not data.get('preserve_properties', False):
|
||||
raise InvalidConfig(
|
||||
'Config needs preserve_properties or owner and perm')
|
||||
|
||||
|
||||
def validate_source(data):
|
||||
source = data.get('source')
|
||||
|
||||
# Only check existence if no wildcard found
|
||||
if '*' not in source:
|
||||
if not os.path.exists(source):
|
||||
if data.get('optional'):
|
||||
LOG.info("%s does not exist, but is not required", source)
|
||||
return False
|
||||
raise MissingRequiredSource(
|
||||
"The source to copy does not exist: %s" % source)
|
||||
|
||||
return True
|
||||
|
||||
|
||||
def load_config():
|
||||
def load_from_env():
|
||||
config_raw = os.environ.get("KOLLA_CONFIG")
|
||||
if config_raw is None:
|
||||
return None
|
||||
|
||||
# Attempt to read config
|
||||
try:
|
||||
return json.loads(config_raw)
|
||||
except ValueError:
|
||||
raise InvalidConfig('Invalid json for Kolla config')
|
||||
|
||||
def load_from_file():
|
||||
config_file = os.environ.get("KOLLA_CONFIG_FILE")
|
||||
if not config_file:
|
||||
config_file = '/var/lib/kolla/config_files/config.json'
|
||||
LOG.info("Loading config file at %s", config_file)
|
||||
|
||||
# Attempt to read config file
|
||||
with open(config_file) as f:
|
||||
try:
|
||||
return json.load(f)
|
||||
except ValueError:
|
||||
raise InvalidConfig(
|
||||
"Invalid json file found at %s" % config_file)
|
||||
except IOError as e:
|
||||
raise InvalidConfig(
|
||||
"Could not read file %s: %r" % (config_file, e))
|
||||
|
||||
config = load_from_env()
|
||||
if config is None:
|
||||
config = load_from_file()
|
||||
|
||||
LOG.info('Validating config file')
|
||||
validate_config(config)
|
||||
return config
|
||||
|
||||
|
||||
def copy_config(config):
|
||||
if 'config_files' in config:
|
||||
LOG.info('Copying service configuration files')
|
||||
for data in config['config_files']:
|
||||
config_file = ConfigFile(**data)
|
||||
config_file.copy()
|
||||
else:
|
||||
LOG.debug('No files to copy found in config')
|
||||
|
||||
LOG.info('Writing out command to execute')
|
||||
LOG.debug("Command is: %s", config['command'])
|
||||
# The value from the 'command' key will be written to '/run_command'
|
||||
cmd = '/run_command'
|
||||
with open(cmd, 'w+') as f:
|
||||
f.write(config['command'])
|
||||
# Make sure the generated file is readable by all users
|
||||
try:
|
||||
os.chmod(cmd, 0o644)
|
||||
except OSError:
|
||||
LOG.exception('Failed to set permission of %s to 0o644', cmd)
|
||||
|
||||
|
||||
def user_group(owner):
|
||||
if ':' in owner:
|
||||
user, group = owner.split(':', 1)
|
||||
if not group:
|
||||
group = user
|
||||
else:
|
||||
user, group = owner, owner
|
||||
return user, group
|
||||
|
||||
|
||||
def handle_permissions(config):
|
||||
for permission in config.get('permissions', list()):
|
||||
path = permission.get('path')
|
||||
owner = permission.get('owner')
|
||||
recurse = permission.get('recurse', False)
|
||||
perm = permission.get('perm')
|
||||
|
||||
desired_user, desired_group = user_group(owner)
|
||||
uid = pwd.getpwnam(desired_user).pw_uid
|
||||
gid = grp.getgrnam(desired_group).gr_gid
|
||||
|
||||
def set_perms(path, uid, gid, perm):
|
||||
LOG.info('Setting permission for %s', path)
|
||||
if not os.path.exists(path):
|
||||
LOG.warning('%s does not exist', path)
|
||||
return
|
||||
|
||||
try:
|
||||
os.chown(path, uid, gid)
|
||||
except OSError:
|
||||
LOG.exception('Failed to change ownership of %s to %s:%s',
|
||||
path, uid, gid)
|
||||
|
||||
if perm:
|
||||
# NOTE(Jeffrey4l): py3 need '0oXXX' format for octal literals,
|
||||
# and py2 support such format too.
|
||||
if len(perm) == 4 and perm[1] != 'o':
|
||||
perm = ''.join([perm[:1], 'o', perm[1:]])
|
||||
perm = int(perm, base=0)
|
||||
|
||||
try:
|
||||
os.chmod(path, perm)
|
||||
except OSError:
|
||||
LOG.exception('Failed to set permission of %s to %s',
|
||||
path, perm)
|
||||
|
||||
for dest in glob.glob(path):
|
||||
set_perms(dest, uid, gid, perm)
|
||||
if recurse and os.path.isdir(dest):
|
||||
for root, dirs, files in os.walk(dest):
|
||||
for dir_ in dirs:
|
||||
set_perms(os.path.join(root, dir_), uid, gid, perm)
|
||||
for file_ in files:
|
||||
set_perms(os.path.join(root, file_), uid, gid, perm)
|
||||
|
||||
|
||||
def execute_config_strategy(config):
|
||||
config_strategy = os.environ.get("KOLLA_CONFIG_STRATEGY")
|
||||
LOG.info("Kolla config strategy set to: %s", config_strategy)
|
||||
if config_strategy == "COPY_ALWAYS":
|
||||
copy_config(config)
|
||||
handle_permissions(config)
|
||||
elif config_strategy == "COPY_ONCE":
|
||||
if os.path.exists('/configured'):
|
||||
raise ImmutableConfig(
|
||||
"The config strategy prevents copying new configs",
|
||||
exit_code=0)
|
||||
copy_config(config)
|
||||
handle_permissions(config)
|
||||
os.mknod('/configured')
|
||||
else:
|
||||
raise InvalidConfig('KOLLA_CONFIG_STRATEGY is not set properly')
|
||||
|
||||
|
||||
def execute_config_check(config):
|
||||
for data in config['config_files']:
|
||||
config_file = ConfigFile(**data)
|
||||
config_file.check()
|
||||
|
||||
|
||||
def main():
|
||||
try:
|
||||
parser = argparse.ArgumentParser()
|
||||
parser.add_argument('--check',
|
||||
action='store_true',
|
||||
required=False,
|
||||
help='Check whether the configs changed')
|
||||
args = parser.parse_args()
|
||||
config = load_config()
|
||||
|
||||
if args.check:
|
||||
execute_config_check(config)
|
||||
else:
|
||||
execute_config_strategy(config)
|
||||
except ExitingException as e:
|
||||
LOG.error("%s: %s", e.__class__.__name__, e)
|
||||
return e.exit_code
|
||||
except Exception:
|
||||
LOG.exception('Unexpected error:')
|
||||
return 2
|
||||
return 0
|
||||
|
||||
|
||||
if __name__ == "__main__":
|
||||
sys.exit(main())
|
@ -1,19 +0,0 @@
|
||||
#!/bin/bash
|
||||
set -o errexit
|
||||
set -o xtrace
|
||||
|
||||
# Processing /var/lib/kolla/config_files/config.json as root. This is necessary
|
||||
# to permit certain files to be controlled by the root user which should
|
||||
# not be writable by the dropped-privileged user, especially /run_command
|
||||
sudo -E kolla_set_configs
|
||||
CMD=$(cat /run_command)
|
||||
ARGS=""
|
||||
|
||||
if [[ ! "${!KOLLA_SKIP_EXTEND_START[@]}" ]]; then
|
||||
# Run additional commands if present
|
||||
. kolla_extend_start
|
||||
fi
|
||||
|
||||
echo "Running command: '${CMD}${ARGS:+ $ARGS}'"
|
||||
umask "${TRIPLEO_KOLLA_UMASK:-0022}"
|
||||
exec ${CMD} ${ARGS}
|
@ -1,18 +0,0 @@
|
||||
# The idea here is a container service adds their UID to the kolla group
|
||||
# via usermod -a -G kolla <uid>. Then the kolla_start may run
|
||||
# kolla_set_configs via sudo as the root user which is necessary to protect
|
||||
# the immutability of the container
|
||||
|
||||
# anyone in the kolla group may sudo -E (set the environment)
|
||||
Defaults: %kolla setenv
|
||||
|
||||
# root may run any commands via sudo as the network seervice user. This is
|
||||
# neededfor database migrations of existing services which have not been
|
||||
# converted to run as a non-root user, but instead do that via sudo -E glance
|
||||
root ALL=(ALL) ALL
|
||||
|
||||
# anyone in the kolla group may run /usr/local/bin/kolla_set_configs as the
|
||||
# root user via sudo without password confirmation
|
||||
%kolla ALL=(root) NOPASSWD: /usr/local/bin/kolla*
|
||||
|
||||
#includedir /etc/sudoers.d
|
@ -1,126 +0,0 @@
|
||||
#!/bin/bash
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
|
||||
# implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
#
|
||||
# This script maintains compatibility when upgrading kolla images to the
|
||||
# TCIB images. To allow containers reading configuration files, we need to
|
||||
# maintain the same UIDs/GIDs for now until we update file permissions during
|
||||
# update/upgrade tasks.
|
||||
#
|
||||
# Usage:
|
||||
# ./uid_gid_manage.sh qemu nova
|
||||
#
|
||||
# Note: order of args is maintained during the creation.
|
||||
#
|
||||
|
||||
set -o errexit
|
||||
set -o xtrace
|
||||
|
||||
[ -z $1 ] && echo "Argument missing: name of user to create" && exit 1
|
||||
_USERS_TO_CREATE=$@
|
||||
|
||||
declare -A _SUPPORTED_USERS
|
||||
# This comes from kolla/common/config.py.
|
||||
# Format: <username> <uid> <gid> <optional homedir> <optional comma-separated list of extra groups>
|
||||
# Note: if homedir isn't specified, extra groups aren't supported
|
||||
_SUPPORTED_USERS['aodh']='aodh 42402 42402 /var/lib/aodh kolla'
|
||||
_SUPPORTED_USERS['barbican']='barbican 42403 42403 /var/lib/barbican kolla,nfast'
|
||||
_SUPPORTED_USERS['ceilometer']='ceilometer 42405 42405 /var/lib/ceilometer kolla'
|
||||
_SUPPORTED_USERS['cinder']='cinder 42407 42407 /var/lib/cinder kolla'
|
||||
_SUPPORTED_USERS['cloud-admin']='cloud-admin 42401 42401 /home/cloud-admin'
|
||||
_SUPPORTED_USERS['collectd']='collectd 42409 42409 /var/lib/collectd kolla'
|
||||
_SUPPORTED_USERS['designate']='designate 42411 42411 /var/lib/designate kolla'
|
||||
_SUPPORTED_USERS['etcd']='etcd 42413 42413 /var/lib/etcd kolla'
|
||||
_SUPPORTED_USERS['frrvty']='frrvty 42483 42483'
|
||||
_SUPPORTED_USERS['frr']='frr 42484 42484 /var/run/frr kolla,frrvty'
|
||||
_SUPPORTED_USERS['glance']='glance 42415 42415 /var/lib/glance kolla'
|
||||
_SUPPORTED_USERS['gnocchi']='gnocchi 42416 42416 /var/lib/gnocchi kolla'
|
||||
_SUPPORTED_USERS['haproxy']='haproxy 42454 42454 /var/lib/haproxy kolla'
|
||||
_SUPPORTED_USERS['heat']='heat 42418 42418 /var/lib/heat kolla'
|
||||
_SUPPORTED_USERS['horizon']='horizon 42420 42420 /var/lib/horizon kolla'
|
||||
_SUPPORTED_USERS['hugetlbfs']='hugetlbfs 42477 42477'
|
||||
_SUPPORTED_USERS['ironic']='ironic 42422 42422 /var/lib/ironic kolla'
|
||||
_SUPPORTED_USERS['ironic-inspector']='ironic-inspector 42461 42461 /var/lib/ironic-inspector kolla'
|
||||
_SUPPORTED_USERS['keystone']='keystone 42425 42425 /var/lib/keystone kolla'
|
||||
_SUPPORTED_USERS['kolla']='kolla 42400 42400'
|
||||
_SUPPORTED_USERS['libvirt']='libvirt 42473 42473'
|
||||
_SUPPORTED_USERS['manila']='manila 42429 42429 /var/lib/manila kolla'
|
||||
_SUPPORTED_USERS['memcached']='memcached 42457 42457 /run/memcache kolla'
|
||||
_SUPPORTED_USERS['mysql']='mysql 42434 42434 /var/lib/mysql kolla'
|
||||
_SUPPORTED_USERS['neutron']='neutron 42435 42435 /var/lib/neutron kolla'
|
||||
_SUPPORTED_USERS['nfast']='nfast 42481 42481'
|
||||
_SUPPORTED_USERS['nova']='nova 42436 42436 /var/lib/nova qemu,libvirt,tss,kolla'
|
||||
_SUPPORTED_USERS['octavia']='octavia 42437 42437 /var/lib/octavia kolla'
|
||||
_SUPPORTED_USERS['openvswitch']='openvswitch 42476 42476'
|
||||
_SUPPORTED_USERS['ovn-bgp']='ovn-bgp 42486 42486 /var/lib/ovn-bgp kolla'
|
||||
_SUPPORTED_USERS['placement']='placement 42482 42482 /var/lib/placement kolla'
|
||||
_SUPPORTED_USERS['qdrouterd']='qdrouterd 42465 42465 /var/lib/qdrouterd kolla'
|
||||
_SUPPORTED_USERS['qemu']='qemu 107 107'
|
||||
_SUPPORTED_USERS['rabbitmq']='rabbitmq 42439 42439 /var/lib/rabbitmq kolla'
|
||||
_SUPPORTED_USERS['redis']='redis 42460 42460 /run/redis kolla'
|
||||
_SUPPORTED_USERS['swift']='swift 42445 42445 /var/lib/swift kolla'
|
||||
_SUPPORTED_USERS['tempest']='tempest 42480 42480 /var/lib/tempest kolla'
|
||||
_SUPPORTED_USERS['tss']='tss 59 59'
|
||||
|
||||
for _USER_TO_CREATE in $_USERS_TO_CREATE; do
|
||||
# Initialize computed args
|
||||
_EXTRA_GROUPS_ARG=
|
||||
_EXTRA_PERMS=
|
||||
_HOME_ARGS=
|
||||
|
||||
_NAME=$(echo ${_SUPPORTED_USERS[$_USER_TO_CREATE]} | awk '{ print $1 }')
|
||||
_UID=$(echo ${_SUPPORTED_USERS[$_USER_TO_CREATE]} | awk '{ print $2 }')
|
||||
_GID=$(echo ${_SUPPORTED_USERS[$_USER_TO_CREATE]} | awk '{ print $3 }')
|
||||
_HOME_DIR=$(echo ${_SUPPORTED_USERS[$_USER_TO_CREATE]} | awk '{ print $4 }')
|
||||
_EXTRA_GROUPS=$(echo ${_SUPPORTED_USERS[$_USER_TO_CREATE]} | awk '{ print $5 }')
|
||||
|
||||
# User was not found, we fail
|
||||
if [[ "$_NAME" != "$_USER_TO_CREATE" ]]; then
|
||||
echo "User ${_USER_TO_CREATE} was not found in the supported list"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
if [[ ! -z $_EXTRA_GROUPS ]]; then
|
||||
_EXTRA_GROUPS_ARG="--groups $_EXTRA_GROUPS"
|
||||
fi
|
||||
|
||||
# Some users don't need a home directory
|
||||
if [[ -z $_HOME_DIR ]]; then
|
||||
_HOME_ARGS="-M"
|
||||
else
|
||||
_HOME_ARGS="-m --home $_HOME_DIR"
|
||||
fi
|
||||
|
||||
if id -g $_NAME 2>/dev/null; then
|
||||
_GROUPADD_CMD="groupmod --gid $_GID $_NAME"
|
||||
else
|
||||
_GROUPADD_CMD="groupadd --gid $_GID $_NAME"
|
||||
fi
|
||||
|
||||
if id $_NAME 2>/dev/null; then
|
||||
# -M argument doesn't exist with usermod
|
||||
if [[ -z $_HOME_DIR ]]; then
|
||||
_HOME_ARGS=
|
||||
# usermod doesn't guaranty the home directory permissions (best effort)
|
||||
else
|
||||
_EXTRA_PERMS="&& mkdir -p $_HOME_DIR && chown -R $_UID:$_GID $_HOME_DIR"
|
||||
fi
|
||||
# --append only exists with usermod
|
||||
[[ ! -z $_EXTRA_GROUPS_ARG ]] && _EXTRA_GROUPS_ARG="--append $_EXTRA_GROUPS_ARG"
|
||||
_USERADD_CMD="usermod ${_HOME_ARGS} --gid $_GID --uid $_UID ${_EXTRA_GROUPS_ARG} $_NAME ${_EXTRA_PERMS}"
|
||||
else
|
||||
_USERADD_CMD="useradd -l ${_HOME_ARGS} --shell /usr/sbin/nologin --uid $_UID --gid $_GID ${_EXTRA_GROUPS_ARG} $_NAME"
|
||||
fi
|
||||
eval $_GROUPADD_CMD
|
||||
eval $_USERADD_CMD
|
||||
done
|
@ -1 +0,0 @@
|
||||
%kolla ALL=(root) NOPASSWD: /bin/chown -R cinder\:kolla /var/lib/cinder
|
@ -1,5 +0,0 @@
|
||||
#!/bin/bash
|
||||
|
||||
if [[ $(stat -c %U:%G /var/lib/cinder) != "cinder:kolla" ]]; then
|
||||
sudo chown -R cinder:kolla /var/lib/cinder
|
||||
fi
|
@ -1 +0,0 @@
|
||||
%kolla ALL=(root) NOPASSWD: /bin/chown -R cinder\:kolla /var/lib/cinder
|
@ -1,5 +0,0 @@
|
||||
#!/bin/bash
|
||||
|
||||
if [[ $(stat -c %U:%G /var/lib/cinder) != "cinder:kolla" ]]; then
|
||||
sudo chown -R cinder:kolla /var/lib/cinder
|
||||
fi
|
@ -1,9 +0,0 @@
|
||||
#!/bin/bash
|
||||
|
||||
# Bootstrap and exit if KOLLA_BOOTSTRAP variable is set. This catches all cases
|
||||
# of the KOLLA_BOOTSTRAP variable being set, including empty.
|
||||
if [[ "${!KOLLA_BOOTSTRAP[@]}" ]]; then
|
||||
glance-manage db_sync
|
||||
glance-manage db_load_metadefs
|
||||
exit 0
|
||||
fi
|
@ -1,119 +0,0 @@
|
||||
#!/bin/bash
|
||||
|
||||
set -o errexit
|
||||
|
||||
FORCE_GENERATE="${FORCE_GENERATE}"
|
||||
HASH_PATH=/var/lib/kolla/.settings.md5sum.txt
|
||||
MANAGE_PY="/usr/bin/python3 /usr/bin/manage.py"
|
||||
PYTHON_VERSION=$(python3 --version | awk '{print $2}' | awk -F'.' '{print $1"."$2}')
|
||||
SITE_PACKAGES="/usr/lib/python${PYTHON_VERSION}/site-packages"
|
||||
|
||||
if [[ -f /etc/openstack-dashboard/custom_local_settings ]]; then
|
||||
CUSTOM_SETTINGS_FILE="${SITE_PACKAGES}/openstack_dashboard/local/custom_local_settings.py"
|
||||
if [[ ! -L ${CUSTOM_SETTINGS_FILE} ]]; then
|
||||
ln -s /etc/openstack-dashboard/custom_local_settings ${CUSTOM_SETTINGS_FILE}
|
||||
fi
|
||||
fi
|
||||
|
||||
# Bootstrap and exit if KOLLA_BOOTSTRAP variable is set. This catches all cases
|
||||
# of the KOLLA_BOOTSTRAP variable being set, including empty.
|
||||
if [[ "${!KOLLA_BOOTSTRAP[@]}" ]]; then
|
||||
$MANAGE_PY migrate --noinput
|
||||
exit 0
|
||||
fi
|
||||
|
||||
function config_dashboard {
|
||||
ENABLE=$1
|
||||
SRC=$2
|
||||
DEST=$3
|
||||
if [[ ! -f ${SRC} ]]; then
|
||||
echo "WARNING: ${SRC} is required"
|
||||
elif [[ "${ENABLE}" == "yes" ]] && [[ ! -f "${DEST}" ]]; then
|
||||
cp -a "${SRC}" "${DEST}"
|
||||
FORCE_GENERATE="yes"
|
||||
elif [[ "${ENABLE}" != "yes" ]] && [[ -f "${DEST}" ]]; then
|
||||
# remove pyc pyo files too
|
||||
rm -f "${DEST}" "${DEST}c" "${DEST}o"
|
||||
FORCE_GENERATE="yes"
|
||||
fi
|
||||
}
|
||||
|
||||
function config_designate_dashboard {
|
||||
for file in ${SITE_PACKAGES}/designatedashboard/enabled/_*[^__].py; do
|
||||
config_dashboard "${ENABLE_DESIGNATE}" \
|
||||
"${SITE_PACKAGES}/designatedashboard/enabled/${file##*/}" \
|
||||
"${SITE_PACKAGES}/openstack_dashboard/local/enabled/${file##*/}"
|
||||
done
|
||||
}
|
||||
|
||||
function config_heat_dashboard {
|
||||
for file in ${SITE_PACKAGES}/heat_dashboard/enabled/_*[^__].py; do
|
||||
config_dashboard "${ENABLE_HEAT}" \
|
||||
"${SITE_PACKAGES}/heat_dashboard/enabled/${file##*/}" \
|
||||
"${SITE_PACKAGES}/openstack_dashboard/local/enabled/${file##*/}"
|
||||
done
|
||||
|
||||
config_dashboard "${ENABLE_HEAT}" \
|
||||
"${SITE_PACKAGES}/heat_dashboard/conf/heat_policy.json" \
|
||||
"/etc/openstack-dashboard/heat_policy.json"
|
||||
}
|
||||
|
||||
function config_ironic_dashboard {
|
||||
for file in ${SITE_PACKAGES}/ironic_ui/enabled/_*[^__].py; do
|
||||
config_dashboard "${ENABLE_IRONIC}" \
|
||||
"${SITE_PACKAGES}/ironic_ui/enabled/${file##*/}" \
|
||||
"${SITE_PACKAGES}/openstack_dashboard/local/enabled/${file##*/}"
|
||||
done
|
||||
}
|
||||
|
||||
function config_manila_ui {
|
||||
for file in ${SITE_PACKAGES}/manila_ui/local/enabled/_*[^__].py; do
|
||||
config_dashboard "${ENABLE_MANILA}" \
|
||||
"${SITE_PACKAGES}/manila_ui/local/enabled/${file##*/}" \
|
||||
"${SITE_PACKAGES}/openstack_dashboard/local/enabled/${file##*/}"
|
||||
done
|
||||
}
|
||||
|
||||
function config_octavia_dashboard {
|
||||
config_dashboard "${ENABLE_OCTAVIA}" \
|
||||
"${SITE_PACKAGES}/octavia_dashboard/enabled/_1482_project_load_balancer_panel.py" \
|
||||
"${SITE_PACKAGES}/openstack_dashboard/local/enabled/_1482_project_load_balancer_panel.py"
|
||||
}
|
||||
|
||||
# Regenerate the compressed javascript and css if any configuration files have
|
||||
# changed. Use a static modification date when generating the tarball
|
||||
# so that we only trigger on content changes.
|
||||
function settings_bundle {
|
||||
tar -cf- --mtime=1970-01-01 \
|
||||
/etc/openstack-dashboard/local_settings \
|
||||
/etc/openstack-dashboard/custom_local_settings \
|
||||
/etc/openstack-dashboard/local_settings.d 2> /dev/null
|
||||
}
|
||||
|
||||
function settings_changed {
|
||||
changed=1
|
||||
|
||||
if [[ ! -f $HASH_PATH ]] || ! settings_bundle | md5sum -c --status $HASH_PATH || [[ $FORCE_GENERATE == yes ]]; then
|
||||
changed=0
|
||||
fi
|
||||
|
||||
return ${changed}
|
||||
}
|
||||
|
||||
config_designate_dashboard
|
||||
config_heat_dashboard
|
||||
config_ironic_dashboard
|
||||
config_manila_ui
|
||||
config_octavia_dashboard
|
||||
|
||||
if settings_changed; then
|
||||
${MANAGE_PY} collectstatic --noinput --clear
|
||||
${MANAGE_PY} compress --force
|
||||
settings_bundle | md5sum > $HASH_PATH
|
||||
fi
|
||||
|
||||
if [[ -f ${SITE_PACKAGES}/openstack_dashboard/local/.secret_key_store ]] && [[ $(stat -c %U ${SITE_PACKAGES}/openstack_dashboard/local/.secret_key_store) != "horizon" ]]; then
|
||||
chown horizon ${SITE_PACKAGES}/openstack_dashboard/local/.secret_key_store
|
||||
fi
|
||||
|
||||
. /usr/local/bin/kolla_httpd_setup
|
@ -1,7 +0,0 @@
|
||||
#!/bin/bash
|
||||
|
||||
# check if unique iSCSI initiator name already exists
|
||||
if [[ ! -f /etc/iscsi/initiatorname.iscsi ]]; then
|
||||
echo "Generating new iSCSI initiator name"
|
||||
echo InitiatorName=$(/sbin/iscsi-iname) > /etc/iscsi/initiatorname.iscsi
|
||||
fi
|
@ -1,31 +0,0 @@
|
||||
#!/bin/bash
|
||||
|
||||
# Create log dir for Keystone logs
|
||||
KEYSTONE_LOG_DIR="/var/log/keystone"
|
||||
if [[ ! -d "${KEYSTONE_LOG_DIR}" ]]; then
|
||||
mkdir -p ${KEYSTONE_LOG_DIR}
|
||||
fi
|
||||
if [[ $(stat -c %U:%G ${KEYSTONE_LOG_DIR}) != "keystone:kolla" ]]; then
|
||||
chown keystone:kolla ${KEYSTONE_LOG_DIR}
|
||||
fi
|
||||
if [ ! -f "${KEYSTONE_LOG_DIR}/keystone.log" ]; then
|
||||
touch ${KEYSTONE_LOG_DIR}/keystone.log
|
||||
fi
|
||||
if [[ $(stat -c %U:%G ${KEYSTONE_LOG_DIR}/keystone.log) != "keystone:keystone" ]]; then
|
||||
chown keystone:keystone ${KEYSTONE_LOG_DIR}/keystone.log
|
||||
fi
|
||||
if [[ $(stat -c %a ${KEYSTONE_LOG_DIR}) != "755" ]]; then
|
||||
chmod 755 ${KEYSTONE_LOG_DIR}
|
||||
fi
|
||||
|
||||
EXTRA_KEYSTONE_MANAGE_ARGS=${EXTRA_KEYSTONE_MANAGE_ARGS-}
|
||||
# Bootstrap and exit if KOLLA_BOOTSTRAP variable is set. This catches all cases
|
||||
# of the KOLLA_BOOTSTRAP variable being set, including empty.
|
||||
if [[ "${!KOLLA_BOOTSTRAP[@]}" ]]; then
|
||||
sudo -H -u keystone keystone-manage ${EXTRA_KEYSTONE_MANAGE_ARGS} db_sync
|
||||
exit 0
|
||||
fi
|
||||
|
||||
. /usr/local/bin/kolla_httpd_setup
|
||||
|
||||
ARGS="-DFOREGROUND"
|
@ -1,35 +0,0 @@
|
||||
#!/bin/bash
|
||||
|
||||
function bootstrap_db {
|
||||
mysqld_safe --wsrep-new-cluster --skip-networking --wsrep-on=OFF --pid-file=/var/lib/mysql/mariadb.pid &
|
||||
# Wait for the mariadb server to be "Ready" before starting the security reset with a max timeout
|
||||
# NOTE(huikang): the location of mysql's socket file varies depending on the OS distributions.
|
||||
# Querying the cluster status has to be executed after the existence of mysql.sock and mariadb.pid.
|
||||
TIMEOUT=${DB_MAX_TIMEOUT:-60}
|
||||
while [[ ! -S /var/lib/mysql/mysql.sock ]] && \
|
||||
[[ ! -S /var/run/mysqld/mysqld.sock ]] || \
|
||||
[[ ! -f /var/lib/mysql/mariadb.pid ]]; do
|
||||
if [[ ${TIMEOUT} -gt 0 ]]; then
|
||||
let TIMEOUT-=1
|
||||
sleep 1
|
||||
else
|
||||
exit 1
|
||||
fi
|
||||
done
|
||||
|
||||
sudo -E kolla_security_reset
|
||||
mysql -u root --password="${DB_ROOT_PASSWORD}" -e "GRANT ALL PRIVILEGES ON *.* TO 'root'@'localhost' IDENTIFIED BY '${DB_ROOT_PASSWORD}' WITH GRANT OPTION;"
|
||||
mysql -u root --password="${DB_ROOT_PASSWORD}" -e "GRANT ALL PRIVILEGES ON *.* TO 'root'@'%' IDENTIFIED BY '${DB_ROOT_PASSWORD}' WITH GRANT OPTION;"
|
||||
mysqladmin -uroot -p"${DB_ROOT_PASSWORD}" shutdown
|
||||
}
|
||||
|
||||
# This catches all cases of the BOOTSTRAP variable being set, including empty
|
||||
if [[ "${!KOLLA_BOOTSTRAP[@]}" ]]; then
|
||||
mysql_install_db
|
||||
bootstrap_db
|
||||
exit 0
|
||||
fi
|
||||
|
||||
if [[ "${!BOOTSTRAP_ARGS[@]}" ]]; then
|
||||
ARGS="${BOOTSTRAP_ARGS}"
|
||||
fi
|
@ -1,58 +0,0 @@
|
||||
#!/usr/bin/expect -f
|
||||
|
||||
if [catch {set timeout $env(DB_MAX_TIMEOUT)}] {set timeout 10}
|
||||
spawn mysql_secure_installation
|
||||
expect {
|
||||
timeout { send_user "\nFailed to get 'Enter current password for root (enter for none):' prompt\n"; exit 1 }
|
||||
eof { send_user "\nFailed to get 'Enter current password for root (enter for none):' prompt\n"; exit 1 }
|
||||
"Enter current password for root (enter for none):"
|
||||
}
|
||||
send "\r"
|
||||
expect {
|
||||
timeout { send_user "\nFailed to get 'Set root password?' prompt\n"; exit 1 }
|
||||
eof { send_user "\nFailed to get 'Set root password?' prompt\n"; exit 1 }
|
||||
"Set root password?"
|
||||
}
|
||||
send "y\r"
|
||||
expect {
|
||||
timeout { send_user "\nFailed to get 'New password:' prompt\n"; exit 1 }
|
||||
eof { send_user "\nFailed to get 'New password:' prompt\n"; exit 1 }
|
||||
"New password:"
|
||||
}
|
||||
send "$env(DB_ROOT_PASSWORD)\r"
|
||||
|
||||
expect {
|
||||
timeout { send_user "\nFailed to get 'Re-enter new password:' prompt\n"; exit 1 }
|
||||
eof { send_user "\nFailed to get 'Re-enter new password:' prompt\n"; exit 1 }
|
||||
"Re-enter new password:"
|
||||
}
|
||||
send "$env(DB_ROOT_PASSWORD)\r"
|
||||
|
||||
expect {
|
||||
timeout { send_user "\nFailed to get 'Remove anonymous users?' prompt\n"; exit 1 }
|
||||
eof { send_user "\nFailed to get 'Remove anonymous users?' prompt\n"; exit 1 }
|
||||
"Remove anonymous users?"
|
||||
}
|
||||
send "y\r"
|
||||
|
||||
expect {
|
||||
timeout { send_user "\nFailed to get 'Disallow root login remotely?' prompt\n"; exit 1 }
|
||||
eof { send_user "\nFailed to get 'Disallow root login remotely?' prompt\n"; exit 1 }
|
||||
"Disallow root login remotely?"
|
||||
}
|
||||
send "n\r"
|
||||
|
||||
expect {
|
||||
timeout { send_user "\nFailed to get 'Remove test database and access to it?' prompt\n"; exit 1 }
|
||||
eof { send_user "\nFailed to get 'Remove test database and access to it?' prompt\n"; exit 1 }
|
||||
"Remove test database and access to it?"
|
||||
}
|
||||
send "y\r"
|
||||
|
||||
expect {
|
||||
timeout { send_user "\nFailed to get 'Reload privilege tables now?' prompt\n"; exit 1 }
|
||||
eof { send_user "\nFailed to get 'Reload privilege tables now?' prompt\n"; exit 1 }
|
||||
"Reload privilege tables now?"
|
||||
}
|
||||
send "y\r"
|
||||
expect eof
|
@ -1,67 +0,0 @@
|
||||
#!/usr/bin/expect -f
|
||||
|
||||
if [catch {set timeout $env(DB_MAX_TIMEOUT)}] {set timeout 10}
|
||||
spawn mysql_secure_installation
|
||||
expect {
|
||||
timeout { send_user "\nFailed to get 'Enter current password for root (enter for none):' prompt\n"; exit 1 }
|
||||
eof { send_user "\nFailed to get 'Enter current password for root (enter for none):' prompt\n"; exit 1 }
|
||||
"Enter current password for root (enter for none):"
|
||||
}
|
||||
send "\r"
|
||||
|
||||
expect {
|
||||
timeout { send_user "\nFailed to get 'Switch to unix_socket authentication [Y/n] ' prompt\n"; exit 1 }
|
||||
eof { send_user "\nFailed to get 'Switch to unix_socket authentication' prompt\n"; exit 1 }
|
||||
"Switch to unix_socket authentication \\\[Y/n\\\] "
|
||||
}
|
||||
send "n\r"
|
||||
|
||||
expect {
|
||||
timeout { send_user "\nFailed to get 'Change the root password? [Y/n]' prompt\n"; exit 1 }
|
||||
eof { send_user "\nFailed to get 'Change the root password?' prompt\n"; exit 1 }
|
||||
"Change the root password? \\\[Y/n\\\] "
|
||||
}
|
||||
send "y\r"
|
||||
|
||||
expect {
|
||||
timeout { send_user "\nFailed to get 'New password:' prompt\n"; exit 1 }
|
||||
eof { send_user "\nFailed to get 'New password:' prompt\n"; exit 1 }
|
||||
"New password:"
|
||||
}
|
||||
send "$env(DB_ROOT_PASSWORD)\r"
|
||||
|
||||
expect {
|
||||
timeout { send_user "\nFailed to get 'Re-enter new password:' prompt\n"; exit 1 }
|
||||
eof { send_user "\nFailed to get 'Re-enter new password:' prompt\n"; exit 1 }
|
||||
"Re-enter new password:"
|
||||
}
|
||||
send "$env(DB_ROOT_PASSWORD)\r"
|
||||
|
||||
expect {
|
||||
timeout { send_user "\nFailed to get 'Remove anonymous users?' prompt\n"; exit 1 }
|
||||
eof { send_user "\nFailed to get 'Remove anonymous users?' prompt\n"; exit 1 }
|
||||
"Remove anonymous users?"
|
||||
}
|
||||
send "y\r"
|
||||
|
||||
expect {
|
||||
timeout { send_user "\nFailed to get 'Disallow root login remotely?' prompt\n"; exit 1 }
|
||||
eof { send_user "\nFailed to get 'Disallow root login remotely?' prompt\n"; exit 1 }
|
||||
"Disallow root login remotely?"
|
||||
}
|
||||
send "n\r"
|
||||
|
||||
expect {
|
||||
timeout { send_user "\nFailed to get 'Remove test database and access to it?' prompt\n"; exit 1 }
|
||||
eof { send_user "\nFailed to get 'Remove test database and access to it?' prompt\n"; exit 1 }
|
||||
"Remove test database and access to it?"
|
||||
}
|
||||
send "y\r"
|
||||
|
||||
expect {
|
||||
timeout { send_user "\nFailed to get 'Reload privilege tables now?' prompt\n"; exit 1 }
|
||||
eof { send_user "\nFailed to get 'Reload privilege tables now?' prompt\n"; exit 1 }
|
||||
"Reload privilege tables now?"
|
||||
}
|
||||
send "y\r"
|
||||
expect eof
|
@ -1,4 +0,0 @@
|
||||
neutron ALL = (root) NOPASSWD: /usr/bin/update-alternatives --set iptables /usr/sbin/iptables-legacy
|
||||
neutron ALL = (root) NOPASSWD: /usr/bin/update-alternatives --set ip6tables /usr/sbin/ip6tables-legacy
|
||||
neutron ALL = (root) NOPASSWD: /usr/bin/update-alternatives --auto iptables
|
||||
neutron ALL = (root) NOPASSWD: /usr/bin/update-alternatives --auto ip6tables
|
@ -1,28 +0,0 @@
|
||||
#!/bin/bash
|
||||
|
||||
# All the option passed to this script will be
|
||||
# passed to the ovn-ctl script. Please see the options
|
||||
# supported by ovn-ctl script -
|
||||
# https://github.com/ovn-org/ovn/blob/master/utilities/ovn-ctl
|
||||
args=$@
|
||||
|
||||
# Use ovn-ctl script to start ovn NB db server as it
|
||||
# takes care of creating the db file from the schema
|
||||
# file if the db file is not present. It also takes care
|
||||
# of updating the db file if the schema file is updated.
|
||||
|
||||
# Check for the presence of ovn-ctl script in two locations.
|
||||
# If latest OVN is used (post split from openvswitch),
|
||||
# then the new location for the ovn-ctl script is
|
||||
# is - /usr/share/ovn/scripts/ovn-ctl. Otherwise it is
|
||||
# /usr/share/openvswitch/scripts/ovn-ctl.
|
||||
|
||||
if [[ -f "/usr/share/openvswitch/scripts/ovn-ctl" ]]; then
|
||||
set /usr/share/openvswitch/scripts/ovn-ctl --no-monitor
|
||||
elif [[ -f "/usr/share/ovn/scripts/ovn-ctl" ]]; then
|
||||
set /usr/share/ovn/scripts/ovn-ctl --no-monitor
|
||||
else
|
||||
exit 1
|
||||
fi
|
||||
|
||||
$@ $args run_nb_ovsdb
|
@ -1,29 +0,0 @@
|
||||
#!/bin/bash
|
||||
|
||||
# All the option passed to this script will be
|
||||
# passed to the ovn-ctl script. Please see the options
|
||||
# supported by ovn-ctl script -
|
||||
# https://github.com/ovn-org/ovn/blob/master/utilities/ovn-ctl
|
||||
args=$@
|
||||
|
||||
# Use ovn-ctl script to start ovn SB db server as it
|
||||
# takes care of creating the db file from the schema
|
||||
# file if the db file is not present. It also takes care
|
||||
# of updating the db file if the schema file is updated.
|
||||
|
||||
# Check for the presence of ovn-ctl script in two locations.
|
||||
# If latest OVN is used (post split from openvswitch),
|
||||
# then the new location for the ovn-ctl script is
|
||||
# is - /usr/share/ovn/scripts/ovn-ctl. Otherwise it is
|
||||
# /usr/share/openvswitch/scripts/ovn-ctl.
|
||||
|
||||
|
||||
if [[ -f "/usr/share/openvswitch/scripts/ovn-ctl" ]]; then
|
||||
set /usr/share/openvswitch/scripts/ovn-ctl --no-monitor
|
||||
elif [[ -f "/usr/share/ovn/scripts/ovn-ctl" ]]; then
|
||||
set /usr/share/ovn/scripts/ovn-ctl --no-monitor
|
||||
else
|
||||
exit 1
|
||||
fi
|
||||
|
||||
$@ $args run_sb_ovsdb
|
@ -1,16 +0,0 @@
|
||||
#!/bin/bash
|
||||
|
||||
# Bootstrap and exit if KOLLA_BOOTSTRAP variable is set. This catches all cases
|
||||
# of the KOLLA_BOOTSTRAP variable being set, including empty.
|
||||
if [[ "${!KOLLA_BOOTSTRAP[@]}" ]]; then
|
||||
|
||||
# NOTE(sbezverk): In kubernetes environment, if this file exists from previous
|
||||
# bootstrap, the system does not allow to overwrite it (it bootstrap files with
|
||||
# permission denied error) but it allows to delete it and then recreate it.
|
||||
if [[ -e "/var/lib/rabbitmq/.erlang.cookie" ]]; then
|
||||
rm -f /var/lib/rabbitmq/.erlang.cookie
|
||||
fi
|
||||
echo "${RABBITMQ_CLUSTER_COOKIE}" > /var/lib/rabbitmq/.erlang.cookie
|
||||
chmod 400 /var/lib/rabbitmq/.erlang.cookie
|
||||
exit 0
|
||||
fi
|
@ -1,10 +0,0 @@
|
||||
#!/usr/bin/python3
|
||||
# PBR Generated from u'console_scripts'
|
||||
|
||||
import sys
|
||||
|
||||
from oslo_rootwrap.cmd import main
|
||||
|
||||
|
||||
if __name__ == "__main__":
|
||||
sys.exit(main())
|
@ -1,2 +0,0 @@
|
||||
swift ALL=(root) NOPASSWD: /bin/find /srv/node/ -maxdepth 1 -type d -execdir chown swift\:swift {} \\+
|
||||
swift ALL=(root) NOPASSWD: /usr/bin/find /srv/node/ -maxdepth 1 -type d -execdir chown swift\:swift {} \\+
|
@ -1,19 +0,0 @@
|
||||
---
|
||||
# Copyright 2021 Red Hat, Inc.
|
||||
# All Rights Reserved.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
# not use this file except in compliance with the License. You may obtain
|
||||
# a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
|
||||
# Custom Roles and collections not shipped as a part of tripleo-ansible
|
||||
collections: []
|
||||
roles: []
|
@ -1,26 +0,0 @@
|
||||
# If no output is detected from ansible in this number of seconds the execution will
|
||||
# be terminated.
|
||||
idle_timeout: ${RUNNER_IDLE_TIMEOUT:-600}
|
||||
# The maximum amount of time to allow the job to run for, exceeding this and the
|
||||
# execution will be terminated.
|
||||
job_timeout: ${RUNNER_JOB_TIMEOUT:-3600}
|
||||
|
||||
# Number of seconds for the internal pexpect command to wait to block on
|
||||
# input before continuing.
|
||||
pexpect_timeout: ${RUNNER_PEXPECT_TIMEOUT:-10}
|
||||
# Use poll() function for communication with child processes instead of select().
|
||||
# select() is used when the value is set to False. select() has a known limitation of
|
||||
# using only up to 1024 file descriptors.
|
||||
pexpect_use_poll: ${RUNNER_PEXPECT_USE_POLL:-True}
|
||||
|
||||
# Allow output from ansible to not be streamed to the stdout or stderr files inside
|
||||
# of the artifacts directory.
|
||||
suppress_output_file: ${RUNNER_SUPPRESS_OUTPUT_FILE:-False}
|
||||
# Allow output from ansible to not be printed to the screen.
|
||||
suppress_ansible_output: ${RUNNER_SUPPRESS_ANSIBLE_OUTPUT:-False}
|
||||
|
||||
# The directory relative to artifacts where jsonfile fact caching will be stored.
|
||||
# Defaults to fact_cache. This is ignored if fact_cache_type is different than jsonfile.
|
||||
fact_cache: ${RUNNER_FACT_CACHE:-'fact_cache'}
|
||||
# The type of fact cache to use. Defaults to jsonfile.
|
||||
fact_cache_type: ${RUNNER_FACT_CACHE_TYPE:-'jsonfile'}
|
@ -1,17 +0,0 @@
|
||||
#!/usr/bin/env bash
|
||||
|
||||
# Adding tripleo ansible-runner specific scripts here
|
||||
# Expand the variables
|
||||
eval "echo \"$(cat /runner/env/settings)\"" > /runner/env/settings
|
||||
|
||||
if [ -n "$RUNNER_INVENTORY" ]; then
|
||||
echo "---" > /runner/inventory/inventory.yaml
|
||||
echo "$RUNNER_INVENTORY" >> /runner/inventory/inventory.yaml
|
||||
fi
|
||||
|
||||
if [ -n "$RUNNER_PLAYBOOK" ]; then
|
||||
echo "---" > /runner/project/playbook.yaml
|
||||
echo "$RUNNER_PLAYBOOK" >> /runner/project/playbook.yaml
|
||||
fi
|
||||
|
||||
# Contents from ansible-runner entrypoint
|
@ -1,18 +0,0 @@
|
||||
#!/bin/bash
|
||||
# This is a useful entrypoint/cmd if you wish to run commands in a container
|
||||
# in an existing users $HOME directory
|
||||
# For example: podman run -ti -e USER=stack -e UID=1000 --privileged=true --volume=/home/stack/:/home/stack/ tripleoclient:latest /usr/local/bin/create_super_user.sh
|
||||
|
||||
if [ -n "$USER" -a -n "$UID" ]; then
|
||||
useradd "$USER" -u "$UID" -M
|
||||
cat >> /etc/sudoers <<EOF_CAT
|
||||
$USER ALL=(ALL) NOPASSWD:ALL
|
||||
EOF_CAT
|
||||
su -l $USER
|
||||
export TERM="xterm"
|
||||
alias ls='ls --color=auto'
|
||||
/bin/bash
|
||||
else
|
||||
echo "Please set valid $USER and $UID env variables."
|
||||
exit 1
|
||||
fi
|
@ -1 +0,0 @@
|
||||
cloud-admin ALL=(ALL) NOPASSWD: ALL
|
@ -1,102 +0,0 @@
|
||||
tcib_actions:
|
||||
- run: if [ -f "/etc/yum.repos.d/ubi.repo" ]; then rm -f /etc/yum.repos.d/ubi.repo && dnf clean all && rm -rf /var/cache/dnf; fi
|
||||
- run: >-
|
||||
dnf install -y crudini &&
|
||||
crudini --del /etc/dnf/dnf.conf main override_install_langs &&
|
||||
crudini --set /etc/dnf/dnf.conf main clean_requirements_on_remove True &&
|
||||
crudini --set /etc/dnf/dnf.conf main exactarch 1 &&
|
||||
crudini --set /etc/dnf/dnf.conf main gpgcheck 1 &&
|
||||
crudini --set /etc/dnf/dnf.conf main install_weak_deps False &&
|
||||
if [ '{{ tcib_distro }}' == 'centos' ];then crudini --set /etc/dnf/dnf.conf main best False; fi &&
|
||||
crudini --set /etc/dnf/dnf.conf main installonly_limit 0 &&
|
||||
crudini --set /etc/dnf/dnf.conf main keepcache 0 &&
|
||||
crudini --set /etc/dnf/dnf.conf main obsoletes 1 &&
|
||||
crudini --set /etc/dnf/dnf.conf main plugins 1 &&
|
||||
crudini --set /etc/dnf/dnf.conf main skip_missing_names_on_install False &&
|
||||
crudini --set /etc/dnf/dnf.conf main tsflags nodocs
|
||||
- run: >-
|
||||
if [ '{{ tcib_distro }}' == 'rhel' ] && [ '{{ tcib_release }}' == '8' ]; then
|
||||
{%- if "el" ~ tcib_release in tcib_packages.modules %}
|
||||
{% for item in tcib_packages.modules["el" ~ tcib_release] %}{% set key, value = (item.items() | list).0 %}dnf module -y {{ key }} {{ value }}; {% endfor %}
|
||||
{%- else %}
|
||||
echo "WARNING: No modules defined for el{{ tcib_release}}";
|
||||
{%- endif %}
|
||||
fi
|
||||
- run: dnf install -y openstack-tripleo-common-containers
|
||||
- run: cp /usr/share/openstack-tripleo-common-containers/container-images/kolla/base/uid_gid_manage.sh /usr/local/bin/uid_gid_manage
|
||||
- run: chmod 755 /usr/local/bin/uid_gid_manage
|
||||
- run: bash /usr/local/bin/uid_gid_manage kolla hugetlbfs libvirt qemu
|
||||
- run: touch /usr/local/bin/kolla_extend_start && chmod 755 /usr/local/bin/kolla_extend_start
|
||||
- run: cp /usr/share/openstack-tripleo-common-containers/container-images/kolla/base/set_configs.py /usr/local/bin/kolla_set_configs
|
||||
- run: chmod 755 /usr/local/bin/kolla_set_configs
|
||||
- run: cp /usr/share/openstack-tripleo-common-containers/container-images/kolla/base/start.sh /usr/local/bin/kolla_start
|
||||
- run: chmod 755 /usr/local/bin/kolla_start
|
||||
- run: cp /usr/share/openstack-tripleo-common-containers/container-images/kolla/base/httpd_setup.sh /usr/local/bin/kolla_httpd_setup
|
||||
- run: chmod 755 /usr/local/bin/kolla_httpd_setup
|
||||
- run: cp /usr/share/openstack-tripleo-common-containers/container-images/kolla/base/sudoers /etc/sudoers
|
||||
- run: chmod 440 /etc/sudoers
|
||||
- run: >-
|
||||
if [ '{{ tcib_release }}' == '8' ];then
|
||||
sed -ri '/-session(\s+)optional(\s+)pam_systemd.so/d' /etc/pam.d/system-auth &&
|
||||
dnf install -y curl; fi
|
||||
- run: sed -ri '/^(passwd:|group:)/ s/systemd//g' /etc/nsswitch.conf
|
||||
- run: dnf install -y {{ tcib_packages['common'] | join(' ') }}
|
||||
- run: >-
|
||||
if [ '{{ tcib_release }}' == '9' ];then
|
||||
dnf -y reinstall which &&
|
||||
rpm -e --nodeps tzdata &&
|
||||
dnf -y install tzdata; fi
|
||||
- run: mkdir -p /openstack
|
||||
- run: >-
|
||||
if [ '{{ tcib_distro }}' == 'centos' ];then
|
||||
if [ -n "$(rpm -qa redhat-release)" ];then rpm -e --nodeps redhat-release; fi ;
|
||||
dnf -y install centos-stream-release; fi
|
||||
# TODO: Temporary pinning nettle to 3.8-3.el9, so it can be reinstalled from centos-9 repos.
|
||||
# nettle-3.8-3 is already installed in ubi9 image, but it conflicts with newer versions on gnutls
|
||||
# installed from centos-9 repos. This workaround can be reverted once ubi9.2 is released, which
|
||||
# should contain a newer version of gnutls with fixes to run under FIPS mode.
|
||||
# See: https://bugzilla.redhat.com/show_bug.cgi?id=2154924 and
|
||||
# https://bugs.launchpad.net/tripleo/+bug/1984237
|
||||
- run: >-
|
||||
if [ '{{ tcib_release }}' == '9' ];then
|
||||
dnf -y install nettle-3.8-3.el9; fi
|
||||
- run: dnf update --excludepkgs redhat-release -y && dnf clean all && rm -rf /var/cache/dnf
|
||||
tcib_cmd: kolla_start
|
||||
tcib_entrypoint: dumb-init --single-child --
|
||||
tcib_envs:
|
||||
LANG: en_US.UTF-8
|
||||
container: oci
|
||||
tcib_labels:
|
||||
maintainer: OpenStack TripleO team
|
||||
tcib_managed: True
|
||||
tcib_packages:
|
||||
common:
|
||||
- ca-certificates
|
||||
- dumb-init
|
||||
- glibc-langpack-en
|
||||
- iscsi-initiator-utils
|
||||
- openstack-tripleo-common-containers
|
||||
- openstack-tripleo-common-container-base
|
||||
- procps-ng
|
||||
- python3
|
||||
- rsync
|
||||
- socat
|
||||
- sudo
|
||||
- tar
|
||||
- util-linux-user
|
||||
- which
|
||||
modules:
|
||||
el8:
|
||||
- disable: container-tools:rhel8
|
||||
- disable: virt:rhel
|
||||
- enable: container-tools:{{ tcib_rhel_modules['container-tools'] | default('3.0') }}
|
||||
- enable: mariadb:{{ tcib_rhel_modules['mariadb'] | default('10.3') }}
|
||||
- enable: virt:{{ tcib_rhel_modules['virt'] | default('av') }}
|
||||
- enable: redis:{{ tcib_rhel_modules['redis'] | default('5') }}
|
||||
- enable: nodejs:{{ tcib_rhel_modules['nodejs'] | default('14') }}
|
||||
el9:
|
||||
- disable: virt:rhel
|
||||
- enable: virt:{{ tcib_rhel_modules['virt'] | default('av') }}
|
||||
- enable: redis:{{ tcib_rhel_modules['redis'] | default('5') }}
|
||||
- enable: mariadb:{{ tcib_rhel_modules['mariadb'] | default('10.5') }}
|
||||
tcib_stopsignal: SIGTERM
|
@ -1,59 +0,0 @@
|
||||
tcib_actions:
|
||||
- run: bash /usr/local/bin/uid_gid_manage collectd
|
||||
- run: if [ "{{ tcib_distro }}" == "rhel" ]; then dnf -y install {{ tcib_packages['rhel'] | join(' ') }}; fi
|
||||
- run: if [ '{{ tcib_release }}' == '8' ];then dnf -y install {{ tcib_packages['el8'] | join(' ') }}; fi
|
||||
- run: if [ "$(uname -m)" == "x86_64" ]; then dnf -y install {{ tcib_packages['x86_64'] | join(' ') }}; fi
|
||||
- run: dnf -y install {{ tcib_packages['common'] | join(' ') }} && dnf clean all && rm -rf /var/cache/dnf
|
||||
- run: chown -R collectd:collectd /etc/collectd* /var/run/
|
||||
- run: ln -s /usr/share/openstack-tripleo-common/healthcheck/collectd /openstack/healthcheck && chmod a+rx /openstack/healthcheck
|
||||
tcib_packages:
|
||||
common:
|
||||
- collectd
|
||||
- collectd-amqp1
|
||||
- collectd-apache
|
||||
- collectd-bind
|
||||
- collectd-ceph
|
||||
- collectd-chrony
|
||||
- collectd-connectivity
|
||||
- collectd-curl
|
||||
- collectd-curl_json
|
||||
- collectd-curl_xml
|
||||
- collectd-disk
|
||||
- collectd-dns
|
||||
- collectd-ipmi
|
||||
- collectd-libpod-stats
|
||||
- collectd-log_logstash
|
||||
- collectd-mcelog
|
||||
- collectd-mysql
|
||||
- collectd-netlink
|
||||
- collectd-openldap
|
||||
- collectd-ovs-events
|
||||
- collectd-ovs-stats
|
||||
- collectd-ping
|
||||
- collectd-pmu
|
||||
- collectd-procevent
|
||||
- collectd-python
|
||||
- collectd-sensors
|
||||
- collectd-sensubility
|
||||
- collectd-smart
|
||||
- collectd-snmp
|
||||
- collectd-snmp-agent
|
||||
- collectd-sysevent
|
||||
- collectd-utils
|
||||
- collectd-virt
|
||||
- collectd-write_http
|
||||
- collectd-write_kafka
|
||||
- collectd-write_prometheus
|
||||
- python3-sqlalchemy-collectd
|
||||
- podman-remote
|
||||
- jq
|
||||
rhel:
|
||||
- python3-collectd-rabbitmq-monitoring
|
||||
x86_64:
|
||||
- collectd-hugepages
|
||||
- collectd-pcie-errors
|
||||
- collectd-rdt
|
||||
- collectd-turbostat
|
||||
el8:
|
||||
- collectd-generic-jmx
|
||||
- collectd-iptables
|
@ -1,6 +0,0 @@
|
||||
tcib_actions:
|
||||
- run: dnf -y install {{ tcib_packages['common'] | join(' ') }} && dnf clean all && rm -rf /var/cache/dnf
|
||||
tcib_packages:
|
||||
common:
|
||||
- cronie
|
||||
- logrotate
|
@ -1,8 +0,0 @@
|
||||
tcib_actions:
|
||||
- run: bash /usr/local/bin/uid_gid_manage {{ tcib_user }}
|
||||
- run: dnf -y install {{ tcib_packages.common | join(' ') }} && dnf clean all && rm -rf /var/cache/dnf
|
||||
- run: ln -s /usr/share/openstack-tripleo-common/healthcheck/etcd /openstack/healthcheck && chmod a+rx /openstack/healthcheck
|
||||
tcib_packages:
|
||||
common:
|
||||
- etcd
|
||||
tcib_user: etcd
|
@ -1,9 +0,0 @@
|
||||
tcib_actions:
|
||||
- run: bash /usr/local/bin/uid_gid_manage frrvty frr
|
||||
- run: dnf install -y {{ tcib_packages['common'] | join(' ') }} && dnf clean all && rm -rf /var/cache/dnf
|
||||
- run: ln -s /usr/share/openstack-tripleo-common/healthcheck/frr /openstack/healthcheck && chmod a+rx /openstack/healthcheck
|
||||
- run: mkdir -p /var/lock/subsys && chown "frr:" /var/lock/subsys
|
||||
tcib_packages:
|
||||
common:
|
||||
- frr
|
||||
tcib_user: frr
|
@ -1,10 +0,0 @@
|
||||
tcib_actions:
|
||||
- run: dnf install -y {{ tcib_packages['common'] | join(' ') }} && dnf clean all && rm -rf /var/cache/dnf
|
||||
tcib_packages:
|
||||
common:
|
||||
- haproxy
|
||||
- libqb
|
||||
- pacemaker
|
||||
- pacemaker-remote
|
||||
- pcs
|
||||
- resource-agents
|
@ -1,31 +0,0 @@
|
||||
tcib_actions:
|
||||
- run: bash /usr/local/bin/uid_gid_manage {{ tcib_user }}
|
||||
- run: dnf -y install {{ tcib_packages['common'] | join(' ') }} && dnf clean all && rm -rf /var/cache/dnf
|
||||
- run: cp /usr/share/openstack-tripleo-common-containers/container-images/kolla/mariadb/extend_start.sh /usr/local/bin/kolla_extend_start
|
||||
- run: chmod 755 /usr/local/bin/kolla_extend_start
|
||||
- run: cp /usr/share/openstack-tripleo-common-containers/container-images/kolla/mariadb/security_reset.expect{{ tcib_release is version('8', '==') | ternary('', '.10.5') }} /usr/local/bin/kolla_security_reset
|
||||
- run: chmod 755 /usr/local/bin/kolla_security_reset
|
||||
- run: rm -rf /var/lib/mysql/* /etc/my.cnf.d/mariadb-server.cnf /etc/my.cnf.d/auth_gssapi.cnf
|
||||
- run: mkdir -p /etc/libqb
|
||||
- run: ln -s /usr/share/openstack-tripleo-common/healthcheck/mariadb /openstack/healthcheck && chmod a+rx /openstack/healthcheck
|
||||
tcib_cmd: kolla_start
|
||||
tcib_entrypoint: dumb-init --
|
||||
tcib_packages:
|
||||
common:
|
||||
- expect
|
||||
- galera
|
||||
- hostname
|
||||
- libqb
|
||||
- mariadb
|
||||
- mariadb-backup
|
||||
- mariadb-server-galera
|
||||
- mariadb-server-utils
|
||||
- pacemaker
|
||||
- pacemaker-remote
|
||||
- pcs
|
||||
- python3-pynacl
|
||||
- resource-agents
|
||||
- rsync
|
||||
- socat
|
||||
- tar
|
||||
tcib_user: mysql
|
@ -1,8 +0,0 @@
|
||||
tcib_actions:
|
||||
- run: bash /usr/local/bin/uid_gid_manage {{ tcib_user }}
|
||||
- run: dnf install -y {{ tcib_packages['common'] | join(' ') }} && dnf clean all && rm -rf /var/cache/dnf
|
||||
- run: ln -s /usr/share/openstack-tripleo-common/healthcheck/memcached /openstack/healthcheck && chmod a+rx /openstack/healthcheck
|
||||
tcib_packages:
|
||||
common:
|
||||
- memcached
|
||||
tcib_user: memcached
|
@ -1,6 +0,0 @@
|
||||
tcib_actions:
|
||||
- run: dnf -y install {{ tcib_packages['common'] | join(' ') }} && dnf clean all && rm -rf /var/cache/dnf
|
||||
- run: ln -s /usr/share/openstack-tripleo-common/healthcheck/multipathd /openstack/healthcheck && chmod a+rx /openstack/healthcheck
|
||||
tcib_packages:
|
||||
common:
|
||||
- device-mapper-multipath
|
@ -1,11 +0,0 @@
|
||||
tcib_actions:
|
||||
- run: dnf -y install {{ tcib_packages.common | join(' ') }} && dnf clean all && rm -rf /var/cache/dnf
|
||||
- run: mkdir -p /var/www/cgi-bin/aodh && chmod 755 /var/www/cgi-bin/aodh && cp -a /usr/bin/aodh-api /var/www/cgi-bin/aodh/ && sed -i -r 's,^(Listen 80),#\1,' /etc/httpd/conf/httpd.conf && sed -i -r 's,^(Listen 443),#\1,' /etc/httpd/conf.d/ssl.conf
|
||||
- run: ln -s /usr/share/openstack-tripleo-common/healthcheck/aodh-api /openstack/healthcheck && chmod a+rx /openstack/healthcheck
|
||||
tcib_packages:
|
||||
common:
|
||||
- httpd
|
||||
- mod_ssl
|
||||
- openstack-aodh-api
|
||||
- python3-ldappool
|
||||
- python3-mod_wsgi
|
@ -1,6 +0,0 @@
|
||||
tcib_actions:
|
||||
- run: bash /usr/local/bin/uid_gid_manage aodh
|
||||
- run: dnf -y install {{ tcib_packages.common | join(' ') }} && dnf clean all && rm -rf /var/cache/dnf
|
||||
tcib_packages:
|
||||
common:
|
||||
- openstack-aodh-common
|
@ -1,7 +0,0 @@
|
||||
tcib_actions:
|
||||
- run: dnf -y install {{ tcib_packages.common | join(' ') }} && dnf clean all && rm -rf /var/cache/dnf
|
||||
- run: ln -s /usr/share/openstack-tripleo-common/healthcheck/aodh-evaluator /openstack/healthcheck && chmod a+rx /openstack/healthcheck
|
||||
tcib_packages:
|
||||
common:
|
||||
- openstack-aodh-evaluator
|
||||
tcib_user: aodh
|
@ -1,7 +0,0 @@
|
||||
tcib_actions:
|
||||
- run: dnf -y install {{ tcib_packages.common | join(' ') }} && dnf clean all && rm -rf /var/cache/dnf
|
||||
- run: ln -s /usr/share/openstack-tripleo-common/healthcheck/aodh-listener /openstack/healthcheck && chmod a+rx /openstack/healthcheck
|
||||
tcib_packages:
|
||||
common:
|
||||
- openstack-aodh-listener
|
||||
tcib_user: aodh
|
@ -1,7 +0,0 @@
|
||||
tcib_actions:
|
||||
- run: dnf -y install {{ tcib_packages.common | join(' ') }} && dnf clean all && rm -rf /var/cache/dnf
|
||||
- run: ln -s /usr/share/openstack-tripleo-common/healthcheck/aodh-notifier /openstack/healthcheck && chmod a+rx /openstack/healthcheck
|
||||
tcib_packages:
|
||||
common:
|
||||
- openstack-aodh-notifier
|
||||
tcib_user: aodh
|
@ -1,11 +0,0 @@
|
||||
tcib_actions:
|
||||
- run: dnf -y install {{ tcib_packages['common'] | join(' ') }} && dnf clean all && rm -rf /var/cache/dnf
|
||||
- run: sed -i -r 's,^(Listen 80),#\1,' /etc/httpd/conf/httpd.conf && sed -i -r 's,^(Listen 443),#\1,' /etc/httpd/conf.d/ssl.conf
|
||||
- run: ln -s /usr/share/openstack-tripleo-common/healthcheck/barbican-api /openstack/healthcheck && chmod a+rx /openstack/healthcheck
|
||||
tcib_packages:
|
||||
common:
|
||||
- httpd
|
||||
- mod_ssl
|
||||
- openstack-barbican-api
|
||||
- python3-mod_wsgi
|
||||
tcib_user: barbican
|
@ -1,8 +0,0 @@
|
||||
tcib_actions:
|
||||
- run: bash /usr/local/bin/uid_gid_manage nfast barbican
|
||||
- run: dnf -y install {{ tcib_packages['common'] | join(' ') }} && dnf clean all && rm -rf /var/cache/dnf
|
||||
- run: cp /usr/share/openstack-tripleo-common-containers/container-images/kolla/barbican-base/sudoers /etc/sudoers.d/barbican_sudoers
|
||||
- run: chmod 640 /etc/sudoers.d/barbican_sudoers
|
||||
tcib_packages:
|
||||
common:
|
||||
- openstack-barbican-common
|
@ -1,7 +0,0 @@
|
||||
tcib_actions:
|
||||
- run: dnf -y install {{ tcib_packages['common'] | join(' ') }} && dnf clean all && rm -rf /var/cache/dnf
|
||||
- run: ln -s /usr/share/openstack-tripleo-common/healthcheck/barbican-keystone-listener /openstack/healthcheck && chmod a+rx /openstack/healthcheck
|
||||
tcib_packages:
|
||||
common:
|
||||
- openstack-barbican-keystone-listener
|
||||
tcib_user: barbican
|
@ -1,7 +0,0 @@
|
||||
tcib_actions:
|
||||
- run: dnf -y install {{ tcib_packages['common'] | join(' ') }} && dnf clean all && rm -rf /var/cache/dnf
|
||||
- run: ln -s /usr/share/openstack-tripleo-common/healthcheck/barbican-worker /openstack/healthcheck && chmod a+rx /openstack/healthcheck
|
||||
tcib_packages:
|
||||
common:
|
||||
- openstack-barbican-worker
|
||||
tcib_user: barbican
|
@ -1,8 +0,0 @@
|
||||
tcib_actions:
|
||||
- run: bash /usr/local/bin/uid_gid_manage ceilometer
|
||||
- run: dnf -y install {{ tcib_packages.common | join(' ') }} && dnf clean all && rm -rf /var/cache/dnf
|
||||
tcib_packages:
|
||||
common:
|
||||
- openstack-ceilometer-common
|
||||
- python3-oslo-db
|
||||
- python3-tooz
|
@ -1,7 +0,0 @@
|
||||
tcib_actions:
|
||||
- run: dnf -y install {{ tcib_packages.common | join(' ') }} && dnf clean all && rm -rf /var/cache/dnf
|
||||
- run: ln -s /usr/share/openstack-tripleo-common/healthcheck/ceilometer-agent-central /openstack/healthcheck && chmod a+rx /openstack/healthcheck
|
||||
tcib_packages:
|
||||
common:
|
||||
- openstack-ceilometer-central
|
||||
tcib_user: ceilometer
|
@ -1,6 +0,0 @@
|
||||
tcib_actions:
|
||||
- run: dnf -y install {{ tcib_packages.common | join(' ') }} && dnf clean all && rm -rf /var/cache/dnf
|
||||
- run: ln -s /usr/share/openstack-tripleo-common/healthcheck/ceilometer-agent-compute /openstack/healthcheck && chmod a+rx /openstack/healthcheck
|
||||
tcib_packages:
|
||||
common:
|
||||
- openstack-ceilometer-compute
|
@ -1,7 +0,0 @@
|
||||
tcib_actions:
|
||||
- run: dnf -y install {{ tcib_packages.common | join(' ') }} && dnf clean all && rm -rf /var/cache/dnf
|
||||
- run: ln -s /usr/share/openstack-tripleo-common/healthcheck/ceilometer-agent-ipmi /openstack/healthcheck && chmod a+rx /openstack/healthcheck
|
||||
tcib_packages:
|
||||
common:
|
||||
- openstack-ceilometer-ipmi
|
||||
tcib_user: ceilometer
|
@ -1,8 +0,0 @@
|
||||
tcib_actions:
|
||||
- run: dnf -y install {{ tcib_packages.common | join(' ') }} && dnf clean all && rm -rf /var/cache/dnf
|
||||
- run: ln -s /usr/share/openstack-tripleo-common/healthcheck/ceilometer-agent-notification /openstack/healthcheck && chmod a+rx /openstack/healthcheck
|
||||
tcib_packages:
|
||||
common:
|
||||
- openstack-ceilometer-notification
|
||||
- python3-pyngus
|
||||
tcib_user: ceilometer
|
@ -1,11 +0,0 @@
|
||||
tcib_actions:
|
||||
- run: dnf -y install {{ tcib_packages.common | join(' ') }} && dnf clean all && rm -rf /var/cache/dnf
|
||||
- run: mkdir -p /var/www/cgi-bin/cinder && cp -a /usr/bin/cinder-wsgi /var/www/cgi-bin/cinder/cinder-wsgi && sed -i -r 's,^(Listen 80),#\1,' /etc/httpd/conf/httpd.conf && sed -i -r 's,^(Listen 443),#\1,' /etc/httpd/conf.d/ssl.conf
|
||||
- run: chown -R cinder /var/www/cgi-bin/cinder && chmod 755 /var/www/cgi-bin/cinder/cinder-wsgi
|
||||
- run: ln -s /usr/share/openstack-tripleo-common/healthcheck/cinder-api /openstack/healthcheck && chmod a+rx /openstack/healthcheck
|
||||
tcib_packages:
|
||||
common:
|
||||
- httpd
|
||||
- mod_ssl
|
||||
- python3-keystone
|
||||
- python3-mod_wsgi
|
@ -1,16 +0,0 @@
|
||||
tcib_envs:
|
||||
MALLOC_ARENA_MAX: 1
|
||||
MALLOC_MMAP_THRESHOLD_: 131072
|
||||
MALLOC_TRIM_THRESHOLD_: 262144
|
||||
tcib_actions:
|
||||
- run: dnf -y install {{ tcib_packages.common | join(' ') }} && dnf clean all && rm -rf /var/cache/dnf
|
||||
- run: cp /usr/share/openstack-tripleo-common-containers/container-images/kolla/cinder-backup/extend_start.sh /usr/local/bin/kolla_extend_start
|
||||
- run: cp /usr/share/openstack-tripleo-common-containers/container-images/kolla/cinder-backup/cinder-backup-sudoers /etc/sudoers.d/cinder-backup-sudoers
|
||||
- run: chmod 755 /usr/local/bin/kolla_extend_start && chmod 440 /etc/sudoers.d/cinder-backup-sudoers && mkdir -p /etc/libqb
|
||||
- run: ln -s /usr/share/openstack-tripleo-common/healthcheck/cinder-backup /openstack/healthcheck && chmod a+rx /openstack/healthcheck
|
||||
tcib_packages:
|
||||
common:
|
||||
- pacemaker
|
||||
- pacemaker-remote
|
||||
- pcs
|
||||
tcib_user: cinder
|
@ -1,7 +0,0 @@
|
||||
tcib_actions:
|
||||
- run: bash /usr/local/bin/uid_gid_manage cinder
|
||||
- run: dnf -y install {{ tcib_packages.common | join(' ') }} && dnf clean all && rm -rf /var/cache/dnf
|
||||
tcib_packages:
|
||||
common:
|
||||
- ceph-common
|
||||
- openstack-cinder
|
@ -1,3 +0,0 @@
|
||||
tcib_actions:
|
||||
- run: ln -s /usr/share/openstack-tripleo-common/healthcheck/cinder-scheduler /openstack/healthcheck && chmod a+rx /openstack/healthcheck
|
||||
tcib_user: cinder
|
@ -1,17 +0,0 @@
|
||||
tcib_envs:
|
||||
MALLOC_ARENA_MAX: 1
|
||||
MALLOC_MMAP_THRESHOLD_: 131072
|
||||
MALLOC_TRIM_THRESHOLD_: 262144
|
||||
tcib_actions:
|
||||
- run: dnf -y install {{ tcib_packages.common | join(' ') }} && dnf clean all && rm -rf /var/cache/dnf
|
||||
- run: cp /usr/share/openstack-tripleo-common-containers/container-images/kolla/cinder-volume/extend_start.sh /usr/local/bin/kolla_extend_start
|
||||
- run: cp /usr/share/openstack-tripleo-common-containers/container-images/kolla/cinder-volume/cinder-volume-sudoers /etc/sudoers.d/cinder-volume-sudoers
|
||||
- run: chmod 755 /usr/local/bin/kolla_extend_start && chmod 440 /etc/sudoers.d/cinder-volume-sudoers && mkdir -p /etc/libqb
|
||||
- run: ln -s /usr/share/openstack-tripleo-common/healthcheck/cinder-volume /openstack/healthcheck && chmod a+rx /openstack/healthcheck
|
||||
tcib_packages:
|
||||
common:
|
||||
- pacemaker
|
||||
- pacemaker-remote
|
||||
- pcs
|
||||
- python3-cinderlib
|
||||
tcib_user: cinder
|
@ -1,9 +0,0 @@
|
||||
tcib_actions:
|
||||
- run: dnf -y install {{ tcib_packages.common | join(' ') }} && dnf clean all && rm -rf /var/cache/dnf
|
||||
tcib_packages:
|
||||
common:
|
||||
- openstack-designate-api
|
||||
- httpd
|
||||
- mod_ssl
|
||||
- python3-mod_wsgi
|
||||
tcib_user: designate
|
@ -1,6 +0,0 @@
|
||||
tcib_actions:
|
||||
- run: dnf -y install {{ tcib_packages.common | join(' ') }} && dnf clean all && rm -rf /var/cache/dnf
|
||||
- run: mkdir -p /var/lib/named/ /run/named && chown -R root /var/lib/named /run/named && chmod 755 /run/named
|
||||
tcib_packages:
|
||||
common:
|
||||
- bind
|
@ -1,9 +0,0 @@
|
||||
tcib_actions:
|
||||
- run: bash /usr/local/bin/uid_gid_manage designate
|
||||
- run: dnf -y install {{ tcib_packages.common | join(' ') }} && dnf clean all && rm -rf /var/cache/dnf
|
||||
tcib_packages:
|
||||
common:
|
||||
- openstack-designate-common
|
||||
- python3-oslo-reports
|
||||
- python3-suds
|
||||
- python3-tooz
|
@ -1,6 +0,0 @@
|
||||
tcib_actions:
|
||||
- run: dnf -y install {{ tcib_packages.common | join(' ') }} && dnf clean all && rm -rf /var/cache/dnf
|
||||
tcib_packages:
|
||||
common:
|
||||
- openstack-designate-central
|
||||
tcib_user: designate
|
@ -1,6 +0,0 @@
|
||||
tcib_actions:
|
||||
- run: dnf -y install {{ tcib_packages.common | join(' ') }} && dnf clean all && rm -rf /var/cache/dnf
|
||||
tcib_packages:
|
||||
common:
|
||||
- openstack-designate-mdns
|
||||
tcib_user: designate
|
@ -1,6 +0,0 @@
|
||||
tcib_actions:
|
||||
- run: dnf -y install {{ tcib_packages.common | join(' ') }} && dnf clean all && rm -rf /var/cache/dnf
|
||||
tcib_packages:
|
||||
common:
|
||||
- openstack-designate-producer
|
||||
tcib_user: designate
|
@ -1,6 +0,0 @@
|
||||
tcib_actions:
|
||||
- run: dnf -y install {{ tcib_packages.common | join(' ') }} && dnf clean all && rm -rf /var/cache/dnf
|
||||
tcib_packages:
|
||||
common:
|
||||
- openstack-designate-sink
|
||||
tcib_user: designate
|
@ -1,7 +0,0 @@
|
||||
tcib_actions:
|
||||
- run: dnf -y install {{ tcib_packages.common | join(' ') }} && dnf clean all && rm -rf /var/cache/dnf
|
||||
tcib_packages:
|
||||
common:
|
||||
- bind
|
||||
- openstack-designate-worker
|
||||
tcib_user: designate
|
@ -1,17 +0,0 @@
|
||||
tcib_actions:
|
||||
- run: bash /usr/local/bin/uid_gid_manage {{ tcib_user }}
|
||||
- run: dnf -y install {{ tcib_packages['common'] | join(' ') }} && dnf clean all && rm -rf /var/cache/dnf
|
||||
- run: cp /usr/share/openstack-tripleo-common-containers/container-images/kolla/glance-api/extend_start.sh /usr/local/bin/kolla_extend_start
|
||||
- run: chmod 755 /usr/local/bin/kolla_extend_start
|
||||
- run: ln -s /usr/share/openstack-tripleo-common/healthcheck/glance-api /openstack/healthcheck && chmod a+rx /openstack/healthcheck
|
||||
- run: sed -i -r 's,^(Listen 80),#\1,' /etc/httpd/conf/httpd.conf && sed -i -r 's,^(Listen 443),#\1,' /etc/httpd/conf.d/ssl.conf
|
||||
tcib_packages:
|
||||
common:
|
||||
- httpd
|
||||
- mod_ssl
|
||||
- openstack-glance
|
||||
- python3-oslo-vmware
|
||||
- python3-rados
|
||||
- python3-rbd
|
||||
- qemu-img
|
||||
tcib_user: glance
|
@ -1,7 +0,0 @@
|
||||
tcib_actions:
|
||||
- run: dnf -y install {{ tcib_packages.common | join(' ') }} && dnf clean all && rm -rf /var/cache/dnf
|
||||
- run: sed -i -r 's,^(Listen 80),#\1,' /etc/httpd/conf/httpd.conf && sed -i -r 's,^(Listen 443),#\1,' /etc/httpd/conf.d/ssl.conf
|
||||
- run: ln -s /usr/share/openstack-tripleo-common/healthcheck/gnocchi-api /openstack/healthcheck && chmod a+rx /openstack/healthcheck
|
||||
tcib_packages:
|
||||
common:
|
||||
- gnocchi-api
|
@ -1,14 +0,0 @@
|
||||
tcib_actions:
|
||||
- run: bash /usr/local/bin/uid_gid_manage gnocchi
|
||||
- run: dnf -y install {{ tcib_packages.common | join(' ') }} && dnf clean all && rm -rf /var/cache/dnf
|
||||
tcib_packages:
|
||||
common:
|
||||
- gnocchi-common
|
||||
- python3-rados
|
||||
- python3-eventlet
|
||||
- httpd
|
||||
- librados2
|
||||
- mod_ssl
|
||||
- python3-boto3
|
||||
- python3-ldappool
|
||||
- python3-mod_wsgi
|
@ -1,7 +0,0 @@
|
||||
tcib_actions:
|
||||
- run: dnf -y install {{ tcib_packages.common | join(' ') }} && dnf clean all && rm -rf /var/cache/dnf
|
||||
- run: ln -s /usr/share/openstack-tripleo-common/healthcheck/gnocchi-metricd /openstack/healthcheck && chmod a+rx /openstack/healthcheck
|
||||
tcib_packages:
|
||||
common:
|
||||
- gnocchi-metricd
|
||||
tcib_user: gnocchi
|
@ -1,7 +0,0 @@
|
||||
tcib_actions:
|
||||
- run: dnf -y install {{ tcib_packages.common | join(' ') }} && dnf clean all && rm -rf /var/cache/dnf
|
||||
- run: ln -s /usr/share/openstack-tripleo-common/healthcheck/gnocchi-statsd /openstack/healthcheck && chmod a+rx /openstack/healthcheck
|
||||
tcib_packages:
|
||||
common:
|
||||
- gnocchi-statsd
|
||||
tcib_user: gnocchi
|
@ -1,8 +0,0 @@
|
||||
tcib_actions:
|
||||
- run: dnf -y install {{ tcib_packages['common'] | join(' ') }} && dnf clean all && rm -rf /var/cache/dnf
|
||||
tcib_packages:
|
||||
common:
|
||||
- openstack-heat-api
|
||||
- openstack-heat-engine
|
||||
- openstack-heat-monolith
|
||||
tcib_user: heat
|
@ -1,7 +0,0 @@
|
||||
tcib_actions:
|
||||
- run: dnf -y install {{ tcib_packages['common'] | join(' ') }} && dnf clean all && rm -rf /var/cache/dnf
|
||||
- run: ln -s /usr/share/openstack-tripleo-common/healthcheck/heat-api-cfn /openstack/healthcheck && chmod a+rx /openstack/healthcheck
|
||||
tcib_packages:
|
||||
common:
|
||||
- openstack-heat-api-cfn
|
||||
tcib_user: heat
|
@ -1,7 +0,0 @@
|
||||
tcib_actions:
|
||||
- run: dnf -y install {{ tcib_packages['common'] | join(' ') }} && dnf clean all && rm -rf /var/cache/dnf
|
||||
- run: ln -s /usr/share/openstack-tripleo-common/healthcheck/heat-api /openstack/healthcheck && chmod a+rx /openstack/healthcheck
|
||||
tcib_packages:
|
||||
common:
|
||||
- openstack-heat-api
|
||||
tcib_user: heat
|
@ -1,10 +0,0 @@
|
||||
tcib_actions:
|
||||
- run: bash /usr/local/bin/uid_gid_manage heat
|
||||
- run: dnf -y install {{ tcib_packages['common'] | join(' ') }} && dnf clean all && rm -rf /var/cache/dnf
|
||||
- run: sed -i -r 's,^(Listen 80),#\1,' /etc/httpd/conf/httpd.conf && sed -i -r 's,^(Listen 443),#\1,' /etc/httpd/conf.d/ssl.conf
|
||||
tcib_packages:
|
||||
common:
|
||||
- httpd
|
||||
- mod_ssl
|
||||
- openstack-heat-common
|
||||
- python3-mod_wsgi
|
@ -1,7 +0,0 @@
|
||||
tcib_actions:
|
||||
- run: dnf -y install {{ tcib_packages['common'] | join(' ') }} && dnf clean all && rm -rf /var/cache/dnf
|
||||
- run: ln -s /usr/share/openstack-tripleo-common/healthcheck/heat-engine /openstack/healthcheck && chmod a+rx /openstack/healthcheck
|
||||
tcib_packages:
|
||||
common:
|
||||
- openstack-heat-engine
|
||||
tcib_user: heat
|
@ -1,20 +0,0 @@
|
||||
tcib_actions:
|
||||
- run: mv /etc/rpm/macros.image-language-conf /tmp && dnf -y install {{ tcib_packages.with_localization | join(' ') }} && mv /tmp/macros.image-language-conf /etc/rpm && dnf -y install {{ tcib_packages.common | join(' ') }} && dnf clean all && rm -rf /var/cache/dnf
|
||||
- run: cp /usr/share/openstack-tripleo-common-containers/container-images/kolla/horizon/extend_start.sh /usr/local/bin/kolla_extend_start
|
||||
- run: chmod 755 /usr/local/bin/kolla_extend_start
|
||||
- run: 'sed -i -r ''s,^(Listen 80),#\1,'' /etc/httpd/conf/httpd.conf && sed -i -r ''s,^(Listen 443),#\1,'' /etc/httpd/conf.d/ssl.conf && ln -s /usr/share/openstack-dashboard/openstack_dashboard /usr/lib/python{{ tcib_python_version | default("3.9" if tcib_release is version("9", "==") else "3.6") }}/site-packages/openstack_dashboard && ln -s /usr/share/openstack-dashboard/static /usr/lib/python{{ tcib_python_version | default("3.9" if tcib_release is version("9", "==") else "3.6") }}/site-packages/static && chown -R apache /etc/openstack-dashboard /usr/share/openstack-dashboard && chown -R apache /usr/share/openstack-dashboard/static && sed -i "s|WEBROOT = ''/dashboard/''|WEBROOT = ''/''|" /etc/openstack-dashboard/local_settings && cp /usr/share/openstack-dashboard/manage.py /usr/bin/manage.py && rm -f /usr/share/openstack-dashboard/openstack_dashboard/local/enabled/?[^_]*.py* && rm -f /usr/lib/python{{ tcib_python_version | default("3.9" if tcib_release is version("9", "==") else "3.6") }}/site-packages/openstack_dashboard/local/enabled/?[^_]*.py* && for locale in /usr/lib/python{{ tcib_python_version | default("3.9" if tcib_release is version("9", "==") else "3.6") }}/site-packages/*/locale; do (cd ${locale%/*} && /usr/bin/django-admin compilemessages) done'
|
||||
- run: ln -s /usr/share/openstack-tripleo-common/healthcheck/horizon /openstack/healthcheck && chmod a+rx /openstack/healthcheck
|
||||
tcib_packages:
|
||||
common:
|
||||
- gettext
|
||||
- httpd
|
||||
- mod_ssl
|
||||
- python3-mod_wsgi
|
||||
- python3-PyMySQL
|
||||
with_localization:
|
||||
- openstack-dashboard
|
||||
- openstack-heat-ui
|
||||
- openstack-ironic-ui
|
||||
- openstack-manila-ui
|
||||
- openstack-octavia-ui
|
||||
- openstack-designate-ui
|
@ -1,12 +0,0 @@
|
||||
tcib_actions:
|
||||
- run: dnf -y install {{ tcib_packages['common'] | join(' ') }} && dnf clean all && rm -rf /var/cache/dnf
|
||||
- run: mkdir -p /var/www/cgi-bin/ironic && cp -a /usr/bin/ironic-api-wsgi /var/www/cgi-bin/ironic/app
|
||||
- run: sed -i -r 's,^(Listen 80),#\1,' /etc/httpd/conf/httpd.conf && sed -i -r 's,^(Listen 443),#\1,' /etc/httpd/conf.d/ssl.conf
|
||||
- run: ln -s /usr/share/openstack-tripleo-common/healthcheck/ironic-api /openstack/healthcheck && chmod a+rx /openstack/healthcheck
|
||||
tcib_packages:
|
||||
common:
|
||||
- httpd
|
||||
- mod_ssl
|
||||
- openstack-ironic-api
|
||||
- python3-mod_wsgi
|
||||
tcib_user: ironic
|
@ -1,6 +0,0 @@
|
||||
tcib_actions:
|
||||
- run: bash /usr/local/bin/uid_gid_manage ironic
|
||||
- run: dnf -y install {{ tcib_packages['common'] | join(' ') }} && dnf clean all && rm -rf /var/cache/dnf
|
||||
tcib_packages:
|
||||
common:
|
||||
- openstack-ironic-common
|
@ -1,26 +0,0 @@
|
||||
tcib_actions:
|
||||
- run: dnf -y install {{ tcib_packages['common'] | join(' ') }} && dnf clean all && rm -rf /var/cache/dnf
|
||||
- run: ln -s /usr/share/openstack-tripleo-common/healthcheck/ironic-conductor /openstack/healthcheck && chmod a+rx /openstack/healthcheck
|
||||
tcib_packages:
|
||||
common:
|
||||
- xorriso
|
||||
- dosfstools
|
||||
- e2fsprogs
|
||||
- gdisk
|
||||
- ipmitool
|
||||
- openssh-clients
|
||||
- openstack-ironic-conductor
|
||||
- openstack-ironic-staging-drivers
|
||||
- parted
|
||||
- psmisc
|
||||
- python3-dracclient
|
||||
- python3-ironic-inspector-client
|
||||
- python3-proliantutils
|
||||
- python3-pysnmp
|
||||
- python3-scciclient
|
||||
- python3-sushy
|
||||
- python3-systemd
|
||||
- qemu-img
|
||||
- util-linux
|
||||
- xfsprogs
|
||||
tcib_user: ironic
|
@ -1,9 +0,0 @@
|
||||
tcib_actions:
|
||||
- run: bash /usr/local/bin/uid_gid_manage {{ tcib_user }}
|
||||
- run: dnf -y install {{ tcib_packages['common'] | join(' ') }} && dnf clean all && rm -rf /var/cache/dnf
|
||||
- run: ln -s /usr/share/openstack-tripleo-common/healthcheck/ironic-inspector /openstack/healthcheck && chmod a+rx /openstack/healthcheck
|
||||
tcib_packages:
|
||||
common:
|
||||
- openstack-ironic-inspector
|
||||
- openstack-ironic-inspector-dnsmasq
|
||||
tcib_user: ironic-inspector
|
@ -1,14 +0,0 @@
|
||||
tcib_actions:
|
||||
- run: dnf -y install {{ tcib_packages['common'] | join(' ') }} && dnf clean all && rm -rf /var/cache/dnf
|
||||
- run: sed -i -r 's,^(Listen 80),#\1,' /etc/httpd/conf/httpd.conf && sed -i -r 's,^(Listen 443),#\1,' /etc/httpd/conf.d/ssl.conf
|
||||
- run: echo ". /usr/local/bin/kolla_httpd_setup"> /usr/local/bin/kolla_extend_start && chmod 755 /usr/local/bin/kolla_extend_start
|
||||
- run: ln -s /usr/share/openstack-tripleo-common/healthcheck/ironic-pxe /openstack/healthcheck && chmod a+rx /openstack/healthcheck
|
||||
tcib_packages:
|
||||
common:
|
||||
- httpd
|
||||
- ipxe-bootimgs
|
||||
- mod_ssl
|
||||
- python3-mod_wsgi
|
||||
- dnsmasq
|
||||
- grub2-efi-x64
|
||||
- shim
|
@ -1,11 +0,0 @@
|
||||
tcib_actions:
|
||||
- run: dnf -y install {{ tcib_packages['common'] | join(' ') }} && dnf clean all && rm -rf /var/cache/dnf
|
||||
- run: cp /usr/share/openstack-tripleo-common-containers/container-images/kolla/iscsid/extend_start.sh /usr/local/bin/kolla_extend_start
|
||||
- run: chmod 755 /usr/local/bin/kolla_extend_start
|
||||
- run: rm -f /etc/iscsi/initiatorname.iscsi
|
||||
- run: ln -s /usr/share/openstack-tripleo-common/healthcheck/iscsid /openstack/healthcheck && chmod a+rx /openstack/healthcheck
|
||||
tcib_packages:
|
||||
common:
|
||||
- iscsi-initiator-utils
|
||||
- python3-rtslib
|
||||
- targetcli
|
@ -1,25 +0,0 @@
|
||||
tcib_actions:
|
||||
- run: bash /usr/local/bin/uid_gid_manage keystone
|
||||
- run: >-
|
||||
if [ '{{ tcib_release }}' == '8' ];then
|
||||
dnf module -y enable mod_auth_openidc; fi
|
||||
- run: dnf -y install {{ tcib_packages['common'] | join(' ') }} && dnf clean all && rm -rf /var/cache/dnf
|
||||
- run: mkdir -p /var/www/cgi-bin/keystone && chown -R keystone /var/www/cgi-bin/keystone
|
||||
- run: cp /usr/share/openstack-tripleo-common-containers/container-images/kolla/keystone/extend_start.sh /usr/local/bin/kolla_extend_start
|
||||
- run: chmod 755 /usr/local/bin/kolla_extend_start
|
||||
- run: cp -a /usr/bin/keystone-wsgi-public /var/www/cgi-bin/keystone/main
|
||||
- run: cp -a /usr/bin/keystone-wsgi-admin /var/www/cgi-bin/keystone/admin
|
||||
- run: sed -i -r 's,^(Listen 80),#\1,' /etc/httpd/conf/httpd.conf
|
||||
- run: sed -i -r 's,^(Listen 443),#\1,' /etc/httpd/conf.d/ssl.conf
|
||||
- run: ln -s /usr/share/openstack-tripleo-common/healthcheck/keystone /openstack/healthcheck && chmod a+rx /openstack/healthcheck
|
||||
tcib_packages:
|
||||
common:
|
||||
- httpd
|
||||
- mod_auth_gssapi
|
||||
- mod_auth_mellon
|
||||
- mod_auth_openidc
|
||||
- mod_ssl
|
||||
- openstack-keystone
|
||||
- python3-ldappool
|
||||
- python3-mod_wsgi
|
||||
- python3-requests-kerberos
|
@ -1,11 +0,0 @@
|
||||
tcib_actions:
|
||||
- run: dnf -y install {{ tcib_packages.common | join(' ') }} && dnf clean all && rm -rf /var/cache/dnf
|
||||
- run: mkdir -p /var/www/cgi-bin/manila && cp -a /usr/bin/manila-wsgi /var/www/cgi-bin/manila/manila-wsgi && sed -i -r 's,^(Listen 80),#\1,' /etc/httpd/conf/httpd.conf && sed -i -r 's,^(Listen 443),#\1,' /etc/httpd/conf.d/ssl.conf
|
||||
- run: chown -R manila /var/www/cgi-bin/manila && chmod 755 /var/www/cgi-bin/manila/manila-wsgi
|
||||
- run: ln -s /usr/share/openstack-tripleo-common/healthcheck/manila-api /openstack/healthcheck && chmod a+rx /openstack/healthcheck
|
||||
tcib_packages:
|
||||
common:
|
||||
- httpd
|
||||
- mod_ssl
|
||||
- python3-mod_wsgi
|
||||
tcib_user: manila
|
@ -1,6 +0,0 @@
|
||||
tcib_actions:
|
||||
- run: bash /usr/local/bin/uid_gid_manage manila
|
||||
- run: dnf -y install {{ tcib_packages.common | join(' ') }} && dnf clean all && rm -rf /var/cache/dnf
|
||||
tcib_packages:
|
||||
common:
|
||||
- openstack-manila
|
@ -1,3 +0,0 @@
|
||||
tcib_actions:
|
||||
- run: ln -s /usr/share/openstack-tripleo-common/healthcheck/manila-scheduler /openstack/healthcheck && chmod a+rx /openstack/healthcheck
|
||||
tcib_user: manila
|
@ -1,16 +0,0 @@
|
||||
tcib_actions:
|
||||
- run: dnf -y install {{ tcib_packages.common | join(' ') }} && dnf clean all && rm -rf /var/cache/dnf
|
||||
- run: mkdir -p /etc/libqb
|
||||
- run: ln -s /usr/share/openstack-tripleo-common/healthcheck/manila-api /openstack/healthcheck && chmod a+rx /openstack/healthcheck
|
||||
tcib_packages:
|
||||
common:
|
||||
- ceph-common
|
||||
- dbus-tools
|
||||
- libqb
|
||||
- openstack-manila-share
|
||||
- pacemaker
|
||||
- pacemaker-remote
|
||||
- pcs
|
||||
- resource-agents
|
||||
- sqlite
|
||||
tcib_user: manila
|
@ -1,8 +0,0 @@
|
||||
tcib_actions:
|
||||
- run: dnf -y install {{ tcib_packages['common'] | join(' ') }} && dnf clean all && rm -rf /var/cache/dnf
|
||||
- run: ln -s /usr/share/openstack-tripleo-common/healthcheck/ironic-neutron-agent /openstack/healthcheck && chmod a+rx /openstack/healthcheck
|
||||
tcib_packages:
|
||||
common:
|
||||
- python3-ironic-neutron-agent
|
||||
- python3-networking-baremetal
|
||||
tcib_user: neutron
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
x
Reference in New Issue
Block a user