Ken Dreyer [Mon, 21 Sep 2015 15:52:21 +0000 (09:52 -0600)]
rm ceph-extras repository config
This repository contains packages that we don't have time to continue
maintaining. In particular, the CentOS 6 QEMU packages were vulnerable
to VENOM (CVE-2015-3456) and no users should rely on them. The other
packages in "ceph-extras" will continue to incur security issues over
time.
With the recent migration from "ceph.com" -> "download.ceph.com", we've
chosen not to copy these "ceph-extras" files over to the new locations.
Andrew Schoen [Tue, 8 Sep 2015 20:43:07 +0000 (15:43 -0500)]
testnode: ensure fuse group exists
On debian 8, uploading the fuse.conf file fails because the fuse group
is no longer present by default. The following debian bug suggests that
testing the fuse group might not be the correct thing to do, but it's
probably best just to keep this as close to debian 7 as possible right
now.
Andrew Schoen [Tue, 8 Sep 2015 14:47:30 +0000 (09:47 -0500)]
testnode: always update the apt cache
Updating the apt cache is an idempotent task so I see no problem with
always doing this. Also, debian jessie and ubuntu vivid aren't using the
local apt repos, but still need the apt cache updated.
Ken Dreyer [Tue, 1 Sep 2015 15:18:11 +0000 (09:18 -0600)]
puddle: publish ceph-1.3.z for QE testing
Travis and I think RHCS 1.3.1 looks good enough to give to QE at this
time. Instead of publishing it to the "dev-puddle" website, publish it
to the main puddle site.
Andrew Schoen [Tue, 1 Sep 2015 15:02:19 +0000 (10:02 -0500)]
testnode: retry when updating the apt cache to handle http errors
When updating the apt cache we have to make an http call out to
gitbuilder, if gitbuilder fails for whatever reason we should retry
before failing the playbook.
Also, this removes a 'changed_when: false' on 'Add local apt repos'.
We check it's 'changed' status to know if we need update the cache or
not. We only added that 'changed_when' to avoid seeing this task being
changed each time (because it will always change), but we actually need
that value set correctly because we use it in the 'when' clause of the
updating apt cache stanza.
Andrew Schoen [Mon, 31 Aug 2015 15:56:53 +0000 (10:56 -0500)]
testnode: add a retry when fetching the teuthology_user ssh keys
We keep seeing transient failures when pulling down ssh keys from
github. This will retry for two minutes before failing to hopefully give
github enough time to recover if it's timing out.
Andrew Schoen [Mon, 31 Aug 2015 15:41:37 +0000 (10:41 -0500)]
users: increase the retry count to 24 for fetching ssh keys from github
We were still getting timeouts when requesting keys from github, so
we're gonna try to just simply increase the number of times it retries
to see if that helps things.
Andrew Schoen [Thu, 27 Aug 2015 17:43:49 +0000 (12:43 -0500)]
common: set timeout in /etc/yum.conf
We were getting timeouts when using epel mirrors and the default timeout value
is only 30 seconds which is not long enough for heavily used mirrors to
respond.
Zack Cerza [Fri, 21 Aug 2015 21:13:49 +0000 (15:13 -0600)]
Common: If no entitlements, skip repo replacement
We were seeing "error while evaluating conditional: replace_repos" when
running against RHEL nodes which were missing entitlements. Even though
that won't be a particularly positive scenario, this was a bug that
should be fixed.
Andrew Schoen [Thu, 20 Aug 2015 15:13:12 +0000 (10:13 -0500)]
downstream-setup: separate cleanup and setup tasks into their own files
This is a refactor that makes this role a bit easier to understand and
use. I've simplified main.yml to only include setup.yml and cleanup.yml.
This separation of cleanup and setup related tasks make it a bit easier
to understand.
Also fixes this bug: http://tracker.ceph.com/issues/12693
Ken Dreyer [Tue, 18 Aug 2015 19:40:21 +0000 (13:40 -0600)]
puddle: accept hostkey when cloning distill's rcm-metadata.git
I recently switched rcm-metadata.git to use the git:// protocol instead
of http://. When operating on a repository that uses a
protocol other than HTTP, Ansible's git module unconditionally requires
accept_hostkey to be set.
(See https://github.com/ansible/ansible-modules-core/issues/1931 for the
upstream report.)
Andrew Schoen [Tue, 18 Aug 2015 16:41:22 +0000 (11:41 -0500)]
users: fixes bug related to ssh key update retries
When updating ssh keys for users we implemented a do until loop that
will account for transient issues when downloading the key from github.
The problem was that if the url fails then the var we were registering
was never created and the 'until' block errors out trying to check it.
Ken Dreyer [Fri, 14 Aug 2015 18:55:38 +0000 (12:55 -0600)]
puddle: add "dev-puddle" virtualhost
In DNS, dev-puddle is a CNAME to puddle. Set up Nginx's configuration
file to handle this new name and route the requests to a dedicated
"dev-puddle" htdocs directory.
Update the nginx task to create multiple docroots, and add "dev-puddle"
to be the second one.
Andrew Schoen [Wed, 12 Aug 2015 15:11:03 +0000 (10:11 -0500)]
testnode: fix var file loading order
We want to load distro specific variables before we load major version
specific variables. Loading of vars should happen in this order: package
manager, distro, major version, version.
Andrew Schoen [Thu, 6 Aug 2015 16:11:55 +0000 (11:11 -0500)]
testnode: put epel packages in their own list for rhel 6 and 7
This separates packages we install from epel into their own list for rhel 6 and 7.
We do this so that we can install them with the epel repo explicitly enabled.
Andrew Schoen [Mon, 3 Aug 2015 19:52:49 +0000 (14:52 -0500)]
A callback plugin that logs failure messages
If the environment variable ANSIBLE_FAILURE_LOG is present then a log of
all failures in the playbook will be persisted to the file
path given in the ANSIBLE_FAILURE_LOG.
Ivo Jimenez [Fri, 24 Jul 2015 20:15:56 +0000 (13:15 -0700)]
Adds cgroups packages and net_cls kernel module to ubuntu systems
This commit is part of the work for http://tracker.ceph.com/issues/12424
which enables the ceph task in ceph/ceph-qa-suite to create and place
osd/mon/mds in control groups.
For ubuntu, kernels for precise and up have CONFIG_CGROUP_* enabled, so
the only thing that it's required is to install cgroup-lite which is a
service that mounts the cgroups virtual FS. The cgroup-bin package will
also be used from the ceph task to manipulate (create/modify/delete)
control groups.
The net_cls subsystem is included as a module (cls_cgroup) and is not
enabled by cgroup-lite, i.e. it has to be explicitly loaded. so we add
it to /etc/modules
Ken Dreyer [Thu, 23 Jul 2015 21:23:03 +0000 (15:23 -0600)]
puddle: add ceph-1.2 to async configs
Add the the CEPH-1.2 release to the CEPH-ASYNC config files.
The purpose of this change is to make it easier for QE to consume
the builds in Puddle repos that correspond to ASYNC advisories.
Prior to this change, QE had to make sure to enable the production Ceph
repositories with subscription-manager before using the packages in an
ASYNC advisory's Puddle. With this change, all the latest "1.2.3"
packages will be combined together with the "1.2-async" packages into a
single Puddle.
This has a side-effect advantage in that we can simplify the "externals"
sections of these config files.
projects / ceph-cm-ansible.git / log