Ken Dreyer [Wed, 20 May 2015 03:25:03 +0000 (21:25 -0600)]
puddle: skip some cleanup in ceph-distill
The ceph-distill script was deleting some files that distill doesn't
create any more (because we now set "skip_phase = createiso"). Stop
attempting to delete these.
Ken Dreyer [Tue, 19 May 2015 23:50:00 +0000 (17:50 -0600)]
puddle: use distill configs from rcm-metadata.git
Originally I thought that we could store each of distill's individual
configuration files in ceph-cm-ansible.git, but this is becoming
untenable because there are too many templated values, and I'm trying to
sync these files closely with the copies from Red Hat's rel-eng team.
This commit uses the git module to clone a rcm-metadata.git repository
to /etc/distill and alters the "ceph-distill" wrapper script to use that
location instead.
Since the individual templated files are no longer needed (the full
versions are in rcm-metadata.git), delete them from the tree here.
Andrew Schoen [Tue, 12 May 2015 20:02:04 +0000 (15:02 -0500)]
Make rhel 7.0 tasks run on any rhel 7.x version.
This shouldn't have been restricted to only 7.0 in the first place. We
noticed this problem while testing rhel 7.1 and noticing that firewalld
was not disabled.
Dan Mick [Fri, 8 May 2015 21:27:33 +0000 (14:27 -0700)]
vmlist.py: treat "-h/--host" case outside the normal flow
Needlessly complex trying to mix the streams, and no reason for
a separate process when doing only one machine; needed to make
outputfile default to None anyway
Ken Dreyer [Tue, 5 May 2015 20:17:51 +0000 (14:17 -0600)]
puddle: add ceph-1.3 tools repo
This repository will be included with RHEL. It is the replacement for
Ceph's use of RH-COMMON, so it will contain the Ceph client bits and
ceph-radosgw package.
See Red Hat rel-eng's RT #344094 (internal ticket).
Andrew Schoen [Mon, 4 May 2015 14:19:36 +0000 (09:19 -0500)]
Add a teuthology_user group and assign it to the teuthology_user.
This fixes a bug when creating a CPAN config directory that belongs to the
group teuthology_user. If this group wasn't created already that play
fails.
Ken Dreyer [Fri, 1 May 2015 21:16:16 +0000 (15:16 -0600)]
puddle: add 1.2 configs for ceph-async
CEPH-ASYNC advisories have a slightly different config than the config
we used for the 1.2.3 release. Here are the changes I made from the
1.2.3 configs:
1. "errata_release" is "CEPH-ASYNC"
2. Packages are not always signed (remove the keys settings)
3. We need to add more repos for repoclosure to succeed (namely, the
production read-only pulp repos)
Andrew Schoen [Fri, 1 May 2015 15:26:36 +0000 (10:26 -0500)]
Set the uid of the ansible user in cephlab_trusty.preseed.
We need to explicitly set this uid here just like we do in the
cephlab_user snippet. I also created a var for the uid because we need it in
multiple places.
Ken Dreyer [Thu, 30 Apr 2015 15:29:49 +0000 (09:29 -0600)]
move default rhsm vars to "common" role
Commit 3d1ecaac01f9ed7a589741700fdb7fc22056218c moved the Red Hat
subscription bits into the "common" role, but I neglected to move the
default variables to "common" as well. Move them here.
Andrew Schoen [Thu, 30 Apr 2015 14:43:40 +0000 (09:43 -0500)]
Add defaults for the puddle and distill hashes.
This is just helpful as a guide to know what vars are being used in the
puddle role. These will actually get their values from a group_vars
file for the puddle node.
Andrew Schoen [Wed, 22 Apr 2015 15:23:27 +0000 (10:23 -0500)]
Adds epel-testing to the list of epel repos we install in common.
This also restructures the task a bit so that we can easily add new
repos as vars. The epel-testing repo is disabled by defaulti and will
be activated by the roles that need it.
Andrew Schoen [Tue, 21 Apr 2015 16:27:31 +0000 (11:27 -0500)]
Make sure yum clean all is ran after repos are changed.
There was a bug here because the repo_file registered variable was being
overwritten causing the yum clean all not to run even though the first
block using repo_file had changed. Not reusing the same var for both the
blocks fixed the issue.
Ken Dreyer [Mon, 20 Apr 2015 20:46:21 +0000 (16:46 -0400)]
Merge branch 'initial-playbook' into 'master'
Create a playbook to run for initial node setup.
This playbook is meant to be pointed at a node after it's been freshly created. It will ensure that the node is setup to be managed by ansible and then provision it according to it's role set in the hosts file.
All I've included now is the testnodes.yml playbook, but we could include cobbler.yml and any future playbook we write here. Playbooks will be skipped that don't match up with the current host being provisioned. For example, if we add cobbler.yml to this playbook and run it against a testnode the cobbler setup would be skipped because it is not in the 'cobbler' group which constrains the plays in cobbler.yml.
Andrew Schoen [Mon, 20 Apr 2015 20:38:50 +0000 (16:38 -0400)]
Merge branch 'wip-kerberos-common' into 'master'
common: add kerberos task
Add a new "kerberos" task to the common role. This will install the kerberos client (kinit) on all hosts and configure /etc/krb5.conf with the appropriate realm.
On our internal lab, ansible will insert our Red Hat kerberos realm into the default_realm. In the community lab, this will use a dummy EXAMPLE.COM realm, similar to what the packages install by default.
Ken Dreyer [Mon, 20 Apr 2015 19:06:55 +0000 (13:06 -0600)]
common: add kerberos task
Add a new "kerberos" task to the common role. This will install the
kerberos client (kinit) on all hosts and configure /etc/krb5.conf with
the appropriate realm.
On our internal lab, ansible will insert our Red Hat kerberos realm into
the default_realm. In the community lab, this will use a dummy
EXAMPLE.COM realm, similar to what the packages install by default.
Andrew Schoen [Mon, 20 Apr 2015 19:46:49 +0000 (14:46 -0500)]
Creates a new playbook to run for initial node setup.
This playbook is meant to be pointed at a freshly reimaged node to
ensure that it's setup to be managed by ansible and provisioned
according to its defined role in the inventory.
I noticed that when running the ansible_managed.yml playbook against a rhel node that had already been provisioned that the cm user did not have sudo privs. This was because there was no #includedir directive in /etc/sudoers to activate anything inside of sudoers.d.
This fixes that in the sudoers template for yum systems as well as ensuring the #includedir is present in ansible_managed.yml.
This is mainly just moving things around so that ubuntu and debian can both use those. Also, a few debian specific things and repos / packages for debian.
projects / ceph-cm-ansible.git / log