From 2abf573d9b52309cbbb44ca3262ea8fdf7e46c79 Mon Sep 17 00:00:00 2001 From: Alfredo Deza Date: Mon, 28 Nov 2016 09:48:51 -0500 Subject: [PATCH] ansible: forcefully add a slave_libvirt.yml file for prado to work with Signed-off-by: Alfredo Deza --- ansible/slave_libvirt.yml | 237 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 237 insertions(+) create mode 100644 ansible/slave_libvirt.yml diff --git a/ansible/slave_libvirt.yml b/ansible/slave_libvirt.yml new file mode 100644 index 00000000..95139656 --- /dev/null +++ b/ansible/slave_libvirt.yml @@ -0,0 +1,237 @@ +--- + +- hosts: all + sudo: true + user: ubuntu + vars: + - jenkins_user: 'jenkins-build' + # jenkins API credentials: + - api_user: 'ceph-jenkins' + - token: '{{ token }}' + - api_uri: 'https://jenkins.ceph.com' + - nodename: '{{ nodename }}' + - labels: '{{ labels }}' + - use_jnlp: false + + tasks: + + # vagrant doesn't have repositories, this chacra repo will be better to have + # around and can get updates as soon as a new vagrant version is published via + # chacractl + - name: add the vagrant repository + sudo: yes + apt_repository: + repo: "deb [trusted=yes] https://chacra.ceph.com/r/vagrant/latest/HEAD/ubuntu/xenial/flavors/default/ xenial main" + state: present + + # Run the equivalent of "apt-get update" as a separate step + - apt: update_cache=yes + when: ansible_pkg_mgr == "apt" + + - name: Install DEB requirements + sudo: yes + apt: name={{ item }} state=present + with_items: + - git + - python-dev + - python-pip + - python-virtualenv + - libtool + - libssl-dev + - libffi-dev + - debian-archive-keyring + # jenkins-job-builder job: + - libyaml-dev + - qemu-kvm + - libvirt-bin + - libvirt-dev + - vagrant + when: ansible_pkg_mgr == "apt" + + - name: create a {{ jenkins_user }} user + user: + name: "{{ jenkins_user }}" + groups: libvirtd + append: yes + comment: "Jenkins Build Slave User" + + - name: create a {{ jenkins_user }} home directory + file: + path: "/home/{{ jenkins_user }}/" + state: directory + owner: "{{ jenkins_user }}" + + - name: Create .ssh directory + file: + path: "/home/{{ jenkins_user }}/.ssh" + state: directory + owner: "{{ jenkins_user }}" + + - name: install the vagrant-libvirt plugin + shell: vagrant plugin install vagrant-libvirt + become: yes + become_user: "{{ jenkins_user }}" + + - name: set the authorized keys + authorized_key: user={{ jenkins_user }} key="{{ lookup('file', 'playbook/files/ssh/keys/jenkins_build.pub') }}" + + - name: ensure {{ jenkins_user }} can sudo without a prompt + sudo: yes + lineinfile: + dest: /etc/sudoers + regexp: '^{{ jenkins_user }} ALL' + line: '{{ jenkins_user }} ALL=(ALL:ALL) NOPASSWD:ALL' + validate: 'visudo -cf %s' + + - name: set utf-8 for LC_ALL + lineinfile: + dest: "/home/{{ jenkins_user }}/.bashrc" + regexp: '^export LC_ALL=' + line: "export LC_ALL=en_US.UTF-8" + create: true + state: present + + - name: set utf-8 for LANG + lineinfile: + dest: "/home/{{ jenkins_user }}/.bashrc" + regexp: '^export LANG=' + line: "export LANG=en_US.UTF-8" + + - name: set utf-8 for LANGUAGE + lineinfile: + dest: "/home/{{ jenkins_user }}/.bashrc" + regexp: '^export LANGUAGE=' + line: "export LANGUAGE=en_US.UTF-8" + + - name: ensure the build dir exists + file: path=/home/{{ jenkins_user }}/build state=directory owner={{ jenkins_user }} + + - name: ensure the home dir has the right owner permissions + file: path=/home/{{ jenkins_user }} state=directory owner={{ jenkins_user }} group={{ jenkins_user }} recurse=yes + + - name: Add the Debian Jessie Key + sudo: yes + when: ansible_pkg_mgr == "apt" + apt_key: id=2B90D010 url=https://ftp-master.debian.org/keys/archive-key-8.asc keyring=/etc/apt/trusted.gpg state=present + + - name: Add the Debian Security Jessie Key + sudo: yes + when: ansible_pkg_mgr == "apt" + apt_key: id=C857C906 url=https://ftp-master.debian.org/keys/archive-key-8-security.asc keyring=/etc/apt/trusted.gpg state=present + + - name: Add the Debian Jessie Stable Release Key + sudo: yes + when: ansible_pkg_mgr == "apt" + apt_key: keyserver=pgp.mit.edu id=75DDC3C4A499F1A18CB5F3C8CBF8D6FD518E17E1 state=present + + - name: Install openjdk-7-jre + apt: name=openjdk-7-jre state=present + when: + ansible_distribution_release in ['precise', 'trusty', 'wheezy', 'jessie'] + + - name: Install default openjdk for Xenial only + apt: name={{ item }} state=present + with_items: + - default-jdk + - default-jre + when: + ansible_distribution_release == 'xenial' + + - name: correct java version selected + alternatives: name=java path=/usr/lib/jvm/java-7-openjdk-amd64/jre/bin/java + when: + (ansible_distribution == 'Ubuntu' and ansible_distribution_release == 'precise') or + (ansible_distribution == 'Debian' and ansible_distribution_release == 'wheezy') + + - name: ensure the gitconfig file exists + shell: printf "[user]\name=Ceph CI\nemail=ceph-release-team@redhat.com\n" > /home/{{ jenkins_user }}/.gitconfig + + - name: ensure the gitconfig file has right permissions + file: + path: "/home/{{ jenkins_user }}/.gitconfig" + owner: "{{ jenkins_user }}" + + - name: Set Hostname with hostname command + sudo: yes + hostname: + name: "ceph-builders" + + - name: ensure that 127.0.1.1 is present with an actual hostname + sudo: true + lineinfile: + dest: /etc/hosts + line: '127.0.1.1 ceph-builders' + + # we need to update the cloud templates because 'manage_etc_hosts' is + # set to true on the image we use in OVH and some jobs will reboot + # these nodes causing the /etc/hosts file to be replace with these + # templates making jobs fail because the hostname is not resolvable + # not all our images have this setting though, so ignore failures on + # those nodes + - name: update the etc cloud templates for debian /etc/hosts + sudo: true + lineinfile: + dest: /etc/cloud/templates/hosts.debian.tmpl + line: '127.0.1.1 ceph-builders' + failed_when: false + + - name: update the etc cloud templates for debian /etc/hosts + sudo: true + lineinfile: + dest: /etc/cloud/templates/hosts.redhat.tmpl + line: '127.0.1.1 ceph-builders' + failed_when: false + + - name: install six, latest one + sudo: true + pip: name=six state=latest + + - name: install python-jenkins + sudo: true + # https://bugs.launchpad.net/python-jenkins/+bug/1500898 + pip: name=python-jenkins version=0.4.7 + + - name: add github.com host key + sudo: true + known_hosts: + path: '/etc/ssh/ssh_known_hosts' + # we need to use 'host' here because prado currently uses ansible-playbook==1.9.1 + host: 'github.com' + # github.com.pub is the output of `ssh-keyscan github.com` + key: "{{ lookup('file', 'playbook/files/ssh/hostkeys/github.com.pub') }}" + + - name: register the new slave to jenkins master with ssh + jenkins_node: + username: "{{ api_user }}" + uri: "{{ api_uri }}" + password: "{{ token }}" + # relies on a convention to set a unique name that allows a reverse + # mapping from Jenkins back to whatever service created the current + # node + name: "{{ ansible_default_ipv4.address }}+{{ nodename }}" + labels: "{{ labels }}" + host: "{{ ansible_default_ipv4.address }}" + credentialsId: '39fa150b-b2a1-416e-b334-29a9a2c0b32d' + remoteFS: '/home/{{ jenkins_user }}/build' + executors: '{{ executors|default(1) }}' + exclusive: true + when: not use_jnlp + + - name: register the new slave to jenkins master with jnlp + jenkins_node: + username: "{{ api_user }}" + uri: "{{ api_uri }}" + password: "{{ token }}" + # relies on a convention to set a unique name that allows a reverse + # mapping from Jenkins back to whatever service created the current + # node + name: "{{ ansible_default_ipv4.address }}+{{ nodename }}" + labels: "{{ labels }}" + host: "{{ ansible_default_ipv4.address }}" + credentialsId: '39fa150b-b2a1-416e-b334-29a9a2c0b32d' + launcher: 'hudson.slaves.JNLPLauncher' + remoteFS: '/home/{{ jenkins_user }}/build' + # XXX this should be configurable, not all nodes should have one executor + executors: '{{ executors|default(1) }}' + exclusive: true + when: use_jnlp -- 2.39.5