paddles: cope with undefined paddles_address

Signed-off-by: Thierry Delamare <t.delamare@laposte.net>
Signed-off-by: Loic Dachary <loic@dachary.org>

paddles: do not fail to disable if apache2 if not there

If apache2 is not installed no need to disable it.

Signed-off-by: Thierry Delamare <t.delamare@laposte.net>
Signed-off-by: Loic Dachary <loic@dachary.org>

Merge pull request #218 from ceph/wip-auth-openvpn

gateway: modify auth-openvpn script to ignore comments and blank lines

Reviewed-by: Dan Mick <dmick@redhat.com>

gateway: modify auth-openvpn script to ignore comments and blank lines

Signed-off-by: David Galloway <dgallowa@redhat.com>

Merge pull request #217 from ceph/wip-gw-tweaks

gateway: Add logrotate to to-do

gateway: Add logrotate to to-do

Signed-off-by: David Galloway <dgallowa@redhat.com>

Merge pull request #216 from ceph/wip-gw-tweaks

gateway: Adding additional functionality and some missing files

Reviewed-by: Dan Mick <dmick@redhat.com>

gateway: Add defaults for vars in secrets repo

Signed-off-by: David Galloway <dgallowa@redhat.com>

gateway: Renaming 'copy secrets' task

Signed-off-by: David Galloway <dgallowa@redhat.com>

gateway: Write universal 'auth-openvpn' user auth script

Signed-off-by: David Galloway <dgallowa@redhat.com>

gateway: Manage service state based on openvpn_server_name

Also updated list of secrets we maintain

Signed-off-by: David Galloway <dgallowa@redhat.com>

gateway: Create openvpn_data_dir if it doesn't exist

Signed-off-by: David Galloway <dgallowa@redhat.com>

gateway: Add common role

Configures epel repo and grants ssh access to admin_users

Signed-off-by: David Galloway <dgallowa@redhat.com>

Merge pull request #215 from ceph/wip-gw

New role to manage OpenVPN gateway

Reviewed-by: Dan Mick <dmick@redhat.com>

gateway: Final documentation update for initial PR

Signed-off-by: David Galloway <dgallowa@redhat.com>

gateway: add openvpn_users list from secrets repo

Signed-off-by: David Galloway <dgallowa@redhat.com>

gateway: Add task to write CA, key, and cert

Signed-off-by: David Galloway <dgallowa@redhat.com>

gateway: Add check to ensure service is running

Signed-off-by: David Galloway <dgallowa@redhat.com>

gateway: Users task

Takes 'ovpn' variable from secrets repo users and write to openvpn server

Signed-off-by: David Galloway <dgallowa@redhat.com>

gateway: Set packages needed for gateway role

Signed-off-by: David Galloway <dgallowa@redhat.com>

Create initial files for new 'gateway' role

Signed-off-by: David Galloway <dgallowa@redhat.com>

Merge pull request #213 from ceph/wip-nrpe-user

testnodes: Configure per-OS nrpe user and group name

testnodes: Configure per-OS nrpe user and group name

NRPE on CentOS/RHEL ignore the nrpe_user variable in nrpe.cfg due to the
systemd init file.  See https://github.com/NagiosEnterprises/nrpe/issues/28

The 'nagios' user is created by default on *.deb
The 'nrpe' user is created by default on *.rpm

Further reading: https://www.mooash.me/2014/10/24/nagios-nrpe-ansible-role/

Signed-off-by: David Galloway <dgallowa@redhat.com>

Merge pull request #212 from ceph/wip-nrpe-selinux

testnodes: configure selinux for nagios monitoring

testnodes: configure selinux for nagios monitoring

Signed-off-by: David Galloway <dgallowa@redhat.com>

Merge pull request #210 from ceph/wip-cobbler-tz

cobbler: set testnodes timezone during kickstart

Reviewed-by: Dan Mick <dmick@redhat.com>

Merge pull request #211 from ceph/wip-nrpe-service

testnode: add check to make sure NRPE service is running

Reviewed-by: Dan Mick<dmick@redhat.com>

Updating documentation to reflect NRPE support on CentOS and RHEL now

Signed-off-by: David Galloway <dgallowa@redhat.com>

testnode: add check to make sure NRPE service is running

Signed-off-by: David Galloway <dgallowa@redhat.com>

Merge pull request #209 from ceph/wip-nrpe-ssl

testnodes: Disable ssl requirement for nrpe on rpm-based distros

Reviewed-by: Dan Mick<dmick@redhat.com>

testnodes: Disable ssl requirement for nrpe on rpm-based distros

Signed-off-by: David Galloway <dgallowa@redhat.com>

cobbler: set testnodes timezone during kickstart

Signed-off-by: David Galloway <dgallowa@redhat.com>

Merge pull request #208 from ceph/wip-rhel6-8

Prep for RHEL6.8

Prep for RHEL6.8

http://tracker.ceph.com/issues/14982

Signed-off-by: David Galloway <dgallowa@redhat.com>

Merge pull request #207 from ceph/wip-rhel6-8

Prep for RHEL6.8

Prep for RHEL6.8

http://tracker.ceph.com/issues/14982

Signed-off-by: David Galloway <dgallowa@redhat.com>

Merge pull request #206 from ceph/wip-cobbler-noansible

cobbler: enable stock OS provisioning

cobbler: enable stock OS provisioning

http://tracker.ceph.com/issues/14725

Signed-off-by: David Galloway <dgallowa@redhat.com>

Merge pull request #205 from ceph/wip-plugin

Adapt failure_log plugin to work with ansible 2.0

Reviewed-by: Dan Mick <dmick@redhat.com>

Adapt failure_log plugin to work with ansible 2.0

This commit maintains backward compatibility

Signed-off-by: Zack Cerza <zack@redhat.com>

Merge pull request #204 from ceph/revert-203-wip-14914-defaults

Revert "ansible.cfg: do not set vault_password_file"

Revert "ansible.cfg: do not set vault_password_file"

Merge pull request #203 from dachary/wip-14914-defaults

ansible.cfg: do not set vault_password_file

ansible.cfg: do not set vault_password_file

So that ansible-playbook can run from the root of the repository and not
pick up this value which is unlikely to be correct.

http://tracker.ceph.com/issues/14914 Fixes: #14914

Signed-off-by: Loic Dachary <loic@dachary.org>

Merge pull request #202 from yuriw/wip-14848-master

Added "- ncurses-devel" for xfstests to run and pass

Reviewed-by: Dan Mick <dmick@redhat.com>

Added "- ncurses-devel" for xfstests to run and pass

Fixes: #14848
Signed-off-by: Yuri Weinstein <yweinste@redhat.com>

Merge pull request #201 from dmick/master

common/tasks/kerberos.yml: Test ansible_os_family for packaging type

common/tasks/kerberos.yml: Test ansible_os_family for packaging type

...rather than ansible_distribution

Fixes: #14751
Signed-off-by: Dan Mick <dan.mick@redhat.com>

Merge pull request #200 from ceph/wip-f22-int

Reviewed-by: Dan Mick <dmick@redhat.com>

Fixes http://tracker.ceph.com/issues/14790

Cobbler would fail to create kickstart because non-Fedora distros would return 7.X, for example, as the integer resulting in CentOS and RHEL kickstarts to fail

Fixes: #14790
Signed-off-by: David Galloway <dgallowa@redhat.com>

Merge pull request #198 from ceph/wip-ansible-2-prep

Preparation for ansible 2.x

Reviewed-by: <dan.mick@redhat.com>

Merge pull request #199 from ceph/wip-f22-gpg

Install yum on Fedora 22 and higher

yum package is not available from dvd image repo

Signed-off-by: David Galloway <dgallowa@redhat.com>

Install yum on Fedora 22 and higher

Existing tasks like gpg_keys.yml rely on the yum module

This is temporary until we can move to ansible v2.0's package module

Signed-off-by: David Galloway <dgallowa@redhat.com>

Rename ansible_user to cm_user

ansible_user is now used by ansible itself.

Signed-off-by: Zack Cerza <zack@redhat.com>

Merge pull request #197 from ceph/wip-14729

Enable Fedora 22 installation in labs

cobbler: Modify postinstall trigger script to work with Fedora 22

Signed-off-by: David Galloway <dgallowa@redhat.com>

Install pip on Fedora 22

Signed-off-by: David Galloway <dgallowa@redhat.com>

cobbler: Modify Fedora 22 packages installed during kickstart

The @base group no longer exists in Fedora 22 and causes anaconda to
halt during install.  Using @^infrastructure-server-environment in its place

The gpg_keys ansible task requires yum to be installed prior to first boot

Signed-off-by: David Galloway <dgallowa@redhat.com>

Install nrpe daemon for Fedora 22

Signed-off-by: David Galloway <dgallowa@redhat.com>

Rename Fedora 20 sshd config to Fedora 22 since F20 no longer supported

Signed-off-by: David Galloway <dgallowa@redhat.com>

Update package location and requirements for F22

Signed-off-by: David Galloway <dgallowa@redhat.com>

Use ansible's new '*become*' options

The old '*sudo*' options are deprecated.

Signed-off-by: Zack Cerza <zack@redhat.com>

Renaming and repurposing file since we no longer support F20

Signed-off-by: David Galloway <dgallowa@redhat.com>

Adding Fedora22 to labs http://tracker.ceph.com/issues/14729

Signed-off-by: David Galloway <dgallowa@redhat.com>

Merge pull request #196 from dmick/master

Include /keys in path to key files, and document what's expected

Include /keys in path to key files, and document what's expected

Signed-off-by: Dan Mick <dan.mick@redhat.com>

Merge pull request #195 from dmick/master

Stop looking for keys on git.ceph.com

Stop looking for keys on git.ceph.com

Signed-off-by: Dan Mick <dan.mick@redhat.com>

Merge pull request #193 from ceph/wip-libvirtpool-check

Fixing srv_libvirtpool check syntax

Fixing srv_libvirtpool check syntax

Signed-off-by: David Galloway <dgallowa@redhat.com>

Merge pull request #192 from dmick/wip-vpshost

Add vmhost role, supporting tasks, to provision VPS hosts

Add vmhost role, supporting tasks, to provision VPS hosts

Note: this expects some setup on the host; see README.rst

Merge pull request #191 from ceph/wip-timezone

common: Set timezone (defaults to UTC)

Reviewed-by: Dan Mick <dmick@redhat.com>

Handle timedatectl output format change

timedatectl in 7.2 helpfully changes 'Timezone' to 'Time zone'. Use a
regexp to handle both formats.

Signed-off-by: Zack Cerza <zack@redhat.com>

On CentOS 6, set the hardware clock

/etc/localtime on its own doesn't cause the hardware clock to be reset
(at least immediately). So, do that.

Signed-off-by: Zack Cerza <zack@redhat.com>

Use separate codepaths for CentOS 6 vs. 7

Signed-off-by: Zack Cerza <zack@redhat.com>

Set timezone for apt systems

Signed-off-by: Zack Cerza <zack@redhat.com>

Set timezone for yum systems

Signed-off-by: Zack Cerza <zack@redhat.com>

Add default timezone (UTC)

Signed-off-by: Zack Cerza <zack@redhat.com>

common: Split out tasks into yum_systems.yml

Similar to how the testnodes role works. apt_systems.yml will be added
when it's needed.

Signed-off-by: Zack Cerza <zack@redhat.com>

Merge pull request #190 from ceph/wip-puddle-updates

puddle: fixes for ceph-1.3-async and distill

puddle: add SCL to ceph-1.3-async configuration

In RHCeph 1.3.1, we introduced Foreman, which has a dependency on the
SCL product. All async updates after this must use the SCL repo for
repoclosure.

puddle/ceph-distill: rm unused variable

This would cause `ceph-distill` to fail when the file did not exist for
`cat` to find.

Merge pull request #188 from ceph/wip-cobbler-centos7

cobbler_profile: Add CentOS 7.1 and 7.2

Merge pull request #189 from dmick/master

Add 'nokeymap' to inktank-rescue cobbler profile's kernel options

Add 'nokeymap' to inktank-rescue cobbler profile's kernel options

This stops it prompting for a keymap on boot.

Signed-off-by: Dan Mick <dan.mick@redhat.com>

cobbler_profile: Add CentOS 7.1 and 7.2

Also rename the old CentOS 7 profile to reflect that it is for 7.0

Signed-off-by: Zack Cerza <zack@redhat.com>

Merge pull request #186 from ceph/revert-166-wip-rm-fastcgi-rhel

Revert "testnode: do not install fastcgi on RHEL"

use gitbuilder_host variable instead of hardcoded url name

Signed-off-by: Vasu Kulkarni <vasu@redhat.com>

Merge pull request #167 from ceph/wip-rhel-pkg

rhel package changes required for ceph

Merge pull request #187 from dmick/master

users: filter userlists against 'users' later

users: filter userlists against 'users' later

Filter the user lists after the other list-modifying
operations.  This way, the user-requested 'users' variable
filter has final say over which users are considered.

Signed-off-by: Dan Mick <dan.mick@redhat.com>

Revert "testnode: do not install fastcgi on RHEL"

Remove ceph dependency packages

Remove the additional ceph dependency packages and let the installer install them
during install task.

Signed-off-by: Vasu Kulkarni <vasu@redhat.com>

add leveldb and xmlstartlet from epel

leveldb and xmlstartlet are required for rhel to satisfy dependency

Signed-off-by: Vasu Kulkarni vasu@redhat.com

Merge pull request #185 from ceph/wip-nrpe-reload

testnodes: fixing nrpe service configuration setup order

Reviewed-by: Dan Mick <dmick@redhat.com>

testnodes: fixing nrpe service configuration setup order

- Undo commit 2f28215cf79e596142986c8835040e5b1676849b
  - Service should be restarted after nrpe.cfg is modified; not after the /etc/default/{{ nrpe_service_name }} file is modified
  - /etc/default/{{ nrpe_service_name }} gets read anytime service is restarted

Signed-off-by: David Galloway <dgallowa@redhat.com>

Merge pull request #184 from ceph/wip-nagios-clients

testnodes: updates nagios clients for lab move and yum systems

Reviewed-by: Dan Mick <dmick@redhat.com>

testnodes: Service should be restarted after all configuring is done

Signed-off-by: David Galloway <dgallowa@redhat.com>