Andrew Schoen [Tue, 14 Apr 2015 21:00:17 +0000 (16:00 -0500)]
Removed check for the packages var in yum/packages.yml
I originally added this to remind me to include the 'vars' tag when
using --tags. However, this isn't necessary once we put the 'always'
tag on vars.yml which makes it run everytime --tags is used.
Andrew Schoen [Thu, 9 Apr 2015 21:43:45 +0000 (16:43 -0500)]
Adds a new cobbler role.
All this does currently is upload some of the custom templates we've
built. We should come back later and create the profiles and install
cobbler, etc.
Merge branch 'remove-obsolete-repos' into 'master'
Make rhsm_repos major version specific and delete obsoleted repos.
This should delete all the repos that have been obsoleted by rhel entitlements. @kdreyer please double-check that I've removed the right ones or if there are others that we should remove.
Also, trying to activate rhel 7 repos on a rhel 6 node fails. I've made rhsm_repos major version specific and added the rhel 6 repos we want to enable to fix that.
These are harmless since they simply contain older versions of packages and yum will prefer the CDN repositories since the packages there are newer. Eventually we should figure out a way to remove these, though.
These are harmless since they simply contain older versions of packages.
Yum will prefer the CDN repositories, since the packages there are
newer. Eventually we should figure out a way to remove these, though.
Chef only had minor support for fedora 18 & 19 - which was only changing the version of mod_fastcgi that was installed. I discussed with Ken in irc and we thought it'd be ok to only port for fedora 20 at this point. We could try this playbook out on fedora 21, but I don't believe we build packages for that version anyway.
Andrew Schoen [Thu, 2 Apr 2015 14:29:57 +0000 (10:29 -0400)]
Merge branch 'abstract-subscription-manager' into 'master'
move Red Hat entitlements into "common" role
Prior to this commit, entitling a system with Red Hat was a part of the testnode role.
Move the Red Hat entitlement tasks into a new "common" role so that it can apply to other systems besides testnodes.
This will allow us to register other systems to consume updates from Red Hat's CDN.
Also, switch the "when" clause to evalute "`ansible_distribution`" instead of "`ansible_os_family`". Prior to this change, Ansible would include `setup-redhat.yml` on RHEL, Fedora and CentOS. The `ansible_os_family` fact was overly-broad there, because we do not want to run `subscription-manager` on Fedora and CentOS.
Ken Dreyer [Tue, 31 Mar 2015 00:04:35 +0000 (18:04 -0600)]
move Red Hat entitlements into "common" role
Prior to this commit, entitling a system with Red Hat was a part of the
testnode role.
Move the Red Hat entitlement tasks into a new "common" role so that it
can apply to other systems besides testnodes.
This will allow us to register other systems to consume updates from Red
Hat's CDN.
Also, switch the "when" clause to evalute "ansible_distribution" instead
of "ansible_os_family". Prior to this change, Ansible would include
setup-redhat.yml on RHEL, Fedora and CentOS. The ansible_os_family fact
was overly-broad there, because we do not want to run
subscription-manager on Fedora and CentOS.
I've retested this on rhel 6.5, rhel 7.0, centos 6.5 and centos 7.0.
Centos was able to share a majority of the config with rhel, so I moved what was common into a yum_systems.yml file. I also made a switch to only storing sshd_configs for each distro's major version - it was getting difficult to maintain a sshd_config for each minor version of a distro. Plus, I noticed rhel 6.4 and rhel 6.5 had the same sshd_config anyway.
There are also quite a few file renames from rhel_* to redhat_* so that I can dynamically import based on ansible_distribution. These files are otherwise unchanged.
Andrew Schoen [Tue, 31 Mar 2015 16:48:24 +0000 (11:48 -0500)]
Add sshd_config for centos 6; make sshd_config major version specific.
We used to store sshd_configs for each minor version of a distro, which
was not necessary. This changes those to major version specific
sshd_configs per distro.
Andrew Schoen [Mon, 30 Mar 2015 20:17:27 +0000 (15:17 -0500)]
Rename the common role to testnode
The common role was always wrongly named. Some of the plays in the
testnode role might very well be common with other machines not used for
testing, but we're not sure exactly what those things are just yet.
Andrew Schoen [Thu, 26 Mar 2015 21:22:34 +0000 (14:22 -0700)]
Remove secrets from this repo and create a secrets role
The secrets role provides a var 'secrets_path' we can use to access
secrets stored outside of this repo. We will store the inventory and
secrets in lab specific repos.
Zack Cerza [Tue, 24 Mar 2015 16:55:52 +0000 (12:55 -0400)]
Merge branch 'rhel7' into 'master'
Support for rhel 7 provisioning for lab test nodes
I might end up tweaking this a bit more, but I didn't want to wait to any longer to create this PR.
If you've got any questions about how to run this, let me know. This is the command I've been using though.
ansible-playbook -i octo testnodes.yml -vv --limit magna085*
You can use --limit there to target any specific node or set of nodes (look at the octo file for available nodes). If you want to make sure what nodes or tasks will run for that playbook --list-tasks and --list-hosts are really helpful. I believe you can also just say -i fqdn
You'll need to get the key to unlock the subscription_manager secrets. You can find that at magna002:/etc/ansible/.vault_pass.txt. Move that file to ~/.vault_pass.txt wherever you plan to run ansible from.
Note: I'm unsure how well rhel 7.1 will actually work, so I changed the title.
Andrew Schoen [Thu, 19 Mar 2015 20:02:46 +0000 (15:02 -0500)]
Move packages list into pkg manager specific var file.
We'll need to at least have lists of packages to install for yum vs apt
systems. Maybe even eventually distro / version specific lists.
I also added in a check to make sure the packages list is defined
because it defaults to [] in defaults/main.yml and the template module
that uses this list will just silently be skipped if packages isn't
defined.
Andrew Schoen [Wed, 18 Mar 2015 15:19:03 +0000 (10:19 -0500)]
Added an ansible config file
I did this so that we can always change the value of ansible_managed.
When it included a timestamp templates were reporting changed when they
were not actually changed.
This also stores the vault_password_file setting which will need to be
modified most likely when not running ansible from you own machine.
projects / ceph-cm-ansible.git / log