[sysadmin-notify] [ansible] Update tasks

Tuesday, 6 February 2018

commit 5cefaad9f176523b96cd626b6b191948b4f16840
Author: Nicolas Chauvet <kwizart(a)gmail.com&gt;
Date:   Tue Feb 6 12:18:19 2018 +0100

    Update tasks

 tasks/2fa_client.yml           |    2 +-
 tasks/cloud_setup_basic.yml    |    9 +++-
 tasks/happy_birthday.yml       |    9 ++++
 tasks/postfix_basic.yml        |   14 +++---
 tasks/reg-server.yml           |   36 ++++++++++++++++
 tasks/virt_instance_create.yml |   91 ++++++++++++++++++++++++++++++++++++----
 6 files changed, 141 insertions(+), 20 deletions(-)
---

diff --git a/tasks/2fa_client.yml b/tasks/2fa_client.yml
index 2e86a85..70e1980 100644
--- a/tasks/2fa_client.yml
+++ b/tasks/2fa_client.yml
@@ -1,6 +1,6 @@
 ---
 - name: install pam_url
-  yum: name=pam_url state=present
+  package: name=pam_url state=present
   tags:
   - packages
   when: ansible_distribution_major_version|int < 22
diff --git a/tasks/cloud_setup_basic.yml b/tasks/cloud_setup_basic.yml
index 6fddfd3..1ff61d5 100644
--- a/tasks/cloud_setup_basic.yml
+++ b/tasks/cloud_setup_basic.yml
@@ -1,6 +1,6 @@
 ---
 - name: Install desired extra packages (yum)
-  yum: state=present pkg={{ item }}
+  package: state=present pkg={{ item }}
   with_items:
   - ntpdate
   - ntp
@@ -22,7 +22,7 @@
   - packages
 
 - name: remove some packages (yum)
-  yum: state=absent pkg={{ item }}
+  package: state=absent pkg={{ item }}
   with_items:
   - chrony
   tags:
@@ -37,6 +37,9 @@
   - packages
   when: ansible_distribution_major_version|int > 21 and ansible_cmdline.ostree is not
defined
 
+- name: Include basessh
+  include_role: name=basessh
+
 - name: put step-tickers in place
   copy: src="{{ files }}/common/step-tickers" dest=/etc/ntp/step-tickers
   when: ansible_cmdline.ostree is not defined
@@ -45,7 +48,7 @@
   - config
 
 - name: enable the service
-  service: name=ntpd state=running enabled=true
+  service: name=ntpd state=started enabled=true
   when: ansible_cmdline.ostree is not defined
 
 #- name: edit hostname to be instance name - prefix hostbase var if it exists
diff --git a/tasks/happy_birthday.yml b/tasks/happy_birthday.yml
new file mode 100644
index 0000000..95d78b1
--- /dev/null
+++ b/tasks/happy_birthday.yml
@@ -0,0 +1,9 @@
+- name: gather ssh host key from new instance
+  local_action: command ssh-keyscan -t rsa {{ inventory_hostname }}
+  ignore_errors: True
+  register: hostkey
+  when: birthday is defined
+
+- name: Include basessh
+  include_role: name=basessh
+  when: birthday is defined
diff --git a/tasks/postfix_basic.yml b/tasks/postfix_basic.yml
index f4fd76b..2688861 100644
--- a/tasks/postfix_basic.yml
+++ b/tasks/postfix_basic.yml
@@ -1,5 +1,5 @@
 - name: install postfix
-  yum: pkg=postfix state=present
+  package: name=postfix state=present
   tags:
   - postfix
   - packages
@@ -8,11 +8,11 @@
   copy: src={{ item }} dest=/etc/postfix/main.cf
   with_first_found:
     - "{{ postfix_maincf }}"
-    - "{{ roles }}/base/files/postfix/main.cf/main.cf.{{ ansible_fqdn }}"
-    - "{{ roles }}/base/files/postfix/main.cf/main.cf.{{ inventory_hostname
}}"
-    - "{{ roles }}/base/files/postfix/main.cf/main.cf.{{ host_group }}"
-    - "{{ roles }}/base/files/postfix/main.cf/main.cf.{{ postfix_group }}"
-    - "{{ roles }}/base/files/postfix/main.cf/main.cf"
+    - "{{ roles_path }}/base/files/postfix/main.cf/main.cf.{{ ansible_fqdn }}"
+    - "{{ roles_path }}/base/files/postfix/main.cf/main.cf.{{ inventory_hostname
}}"
+    - "{{ roles_path }}/base/files/postfix/main.cf/main.cf.{{ host_group }}"
+    - "{{ roles_path }}/base/files/postfix/main.cf/main.cf.{{ postfix_group
}}"
+    - "{{ roles_path }}/base/files/postfix/main.cf/main.cf"
   notify:
   - restart postfix
   tags:
@@ -20,6 +20,6 @@
   - config
 
 - name: enable postfix to start
-  service: name=postfix state=running enabled=true
+  service: name=postfix state=started enabled=true
   tags:
   - service
diff --git a/tasks/reg-server.yml b/tasks/reg-server.yml
new file mode 100644
index 0000000..1173bff
--- /dev/null
+++ b/tasks/reg-server.yml
@@ -0,0 +1,36 @@
+- name: install reg-server
+  package:
+    name: reg-server
+    state: latest
+  tags:
+  - regserver
+
+- name: Copy reg-server repositories html template
+  copy:
+    src: "{{files}}/reg-server/repositories.html"
+    dest: "/var/lib/reg-server/templates/repositories.html"
+  tags:
+  - regserver
+
+- name: Copy reg-server tags html template
+  copy:
+    src: "{{files}}/reg-server/tags.html"
+    dest: "/var/lib/reg-server/templates/tags.html"
+  tags:
+  - regserver
+
+- name: Install cronjob file
+  copy:
+    src: "{{files}}/reg-server/cron-prod"
+    dest: "/etc/cron.d/reg-server"
+  when: env == "production"
+  tags:
+  - regserver
+
+- name: Install cronjob file - stg
+  copy:
+    src: "{{files}}/reg-server/cron-stg"
+    dest: "/etc/cron.d/reg-server"
+  when: env == "staging"
+  tags:
+  - regserver
diff --git a/tasks/virt_instance_create.yml b/tasks/virt_instance_create.yml
index 290d396..695e098 100644
--- a/tasks/virt_instance_create.yml
+++ b/tasks/virt_instance_create.yml
@@ -18,7 +18,7 @@
   delegate_to: "{{ vmhost }}"
   when: inventory_hostname not in result.list_vms
 
-- name: wait for the install to finish
+- name: wait for the install to finish -> {{ inventory_hostname }}
   virt: command=status name={{ inventory_hostname }}
   register: vmstatus
   until: vmstatus.status == 'shutdown'
@@ -27,24 +27,80 @@
   delay: 10
   when: inventory_hostname not in result.list_vms
 
-- name: start the vm up
-  virt: state=running name={{ inventory_hostname }}
+- name: ARMv7 copy the kernel out
+  shell: "virt-builder --get-kernel {{ volgroup }}/{{ inventory_hostname }} --output
/var/lib/libvirt/images/  | awk -F/ '{print $NF}' > /var/lib/libvirt/images/{{
inventory_hostname }}-details.txt"
+  delegate_to: "{{ vmhost}}"
+  when: inventory_hostname.startswith('buildvm-armv7') and ( inventory_hostname
not in result.list_vms or armv7kernelupdate is defined )
+  tags:
+    - armv7-kernel
+
+- name: ARMv7 extract the kernel details
+  command: "head -n1 /var/lib/libvirt/images/{{ inventory_hostname
}}-details.txt"
+  delegate_to: "{{ vmhost}}"
+  register: host_armv7kernel
+  when: inventory_hostname.startswith('buildvm-armv7') and ( inventory_hostname
not in result.list_vms or armv7kernelupdate is defined )
+  tags:
+    - armv7-kernel
+
+- name: ARMv7 extract the initrd details
+  command: "tail -n1 /var/lib/libvirt/images/{{ inventory_hostname
}}-details.txt"
+  delegate_to: "{{ vmhost}}"
+  register: host_armv7initrd
+  when: inventory_hostname.startswith('buildvm-armv7') and ( inventory_hostname
not in result.list_vms or armv7kernelupdate is defined )
+  tags:
+    - armv7-kernel
+
+- name: ARMv7 copy the cmdline out
+  shell: "virt-cat -a {{ volgroup }}/{{ inventory_hostname }}
/boot/extlinux/extlinux.conf | grep -m1 append | sed -e 's/append //'"
+  delegate_to: "{{ vmhost}}"
+  register: host_cmdline
+  when: inventory_hostname.startswith('buildvm-armv7') and ( inventory_hostname
not in result.list_vms or armv7kernelupdate is defined )
+  tags:
+    - armv7-kernel
+
+- name: ARMv7 update the virt parameters
+  virt_boot: domain={{ inventory_hostname }} kernel=/var/lib/libvirt/images/{{
host_armv7kernel.stdout }} initrd=/var/lib/libvirt/images/{{ host_armv7initrd.stdout }}
cmdline={{ host_cmdline.stdout }}
   delegate_to: "{{ vmhost }}"
-  when: inventory_hostname not in result.list_vms
+  when: inventory_hostname.startswith('buildvm-armv7') and ( inventory_hostname
not in result.list_vms or armv7kernelupdate is defined )
+  tags:
+    - armv7-kernel
 
-- name: set it to autostart
-  virt: command=autostart name={{ inventory_hostname }}
+- name: start the vm up and set it to autostart
+  virt: state=running name={{ inventory_hostname }} autostart=True
   delegate_to: "{{ vmhost }}"
   when: inventory_hostname not in result.list_vms
 
+- name: ARMv7 pause while VM updates
+  pause: seconds=5
+  when: inventory_hostname.startswith('buildvm-armv7') and ( inventory_hostname
not in result.list_vms or armv7kernelupdate is defined )
+  tags:
+    - armv7-kernel
+
 - name: make sure there is no old ssh host key for the host still around
   local_action: known_hosts path={{item}} host={{ inventory_hostname }} state=absent
   ignore_errors: True
   with_items:
   - /root/.ssh/known_hosts
-  - /etc/ssh/ssh_known_hosts
   when: inventory_hostname not in result.list_vms
 
+- name: (osbs-control01.stg) make sure there is no old ssh host key for the host still
around
+  known_hosts: path={{item}} host={{ inventory_hostname }} state=absent
+  ignore_errors: True
+  with_items:
+  - /root/.ssh/known_hosts
+  - /etc/ssh/ssh_known_hosts
+  when: inventory_hostname not in result.list_vms and inventory_hostname in
groups['osbs-masters-stg']+groups['osbs-nodes-stg']
+  delegate_to: osbs-control01.stg.phx2.fedoraproject.org
+
+- name: (osbs-control01) make sure there is no old ssh host key for the host still
around
+  known_hosts: path={{item}} host={{ inventory_hostname }} state=absent
+  ignore_errors: True
+  with_items:
+  - /root/.ssh/known_hosts
+  - /etc/ssh/ssh_known_hosts
+  when: inventory_hostname not in result.list_vms and inventory_hostname in
groups['osbs-masters']+groups['osbs-nodes']
+  delegate_to: osbs-control01.phx2.fedoraproject.org
+
 - name: wait for ssh on the vm to start back
   local_action: wait_for delay=10 host={{ inventory_hostname }} port=22 state=started
timeout=1200
   when: inventory_hostname not in result.list_vms
@@ -55,11 +111,28 @@
   register: hostkey
   when: inventory_hostname not in result.list_vms
 
-- name: add new ssh host key (you still need to add it to official ssh_host_keys later)
+- name: add new ssh host key (until we can sign it)
   local_action: known_hosts path={{item}} key="{{ hostkey.stdout }}" host={{
inventory_hostname }} state=present
   ignore_errors: True
   with_items:
   - /root/.ssh/known_hosts
-  - /etc/ssh/ssh_known_hosts
   when: inventory_hostname not in result.list_vms
 
+- name: (osbs-control01.stg) add new ssh host key
+  known_hosts: path={{item}} key="{{ hostkey.stdout }}" host={{
inventory_hostname }} state=present
+  ignore_errors: True
+  with_items:
+  - /root/.ssh/known_hosts
+  - /etc/ssh/ssh_known_hosts
+  when: inventory_hostname not in result.list_vms and inventory_hostname in
groups['osbs-masters-stg']+groups['osbs-nodes-stg']
+  delegate_to: osbs-control01.stg.phx2.fedoraproject.org
+
+- name: (osbs-control01) add new ssh host key
+  known_hosts: path={{item}} key="{{ hostkey.stdout }}" host={{
inventory_hostname }} state=present
+  ignore_errors: True
+  with_items:
+  - /root/.ssh/known_hosts
+  - /etc/ssh/ssh_known_hosts
+  when: inventory_hostname not in result.list_vms and inventory_hostname in
groups['osbs-masters']+groups['osbs-nodes']
+  delegate_to: osbs-control01.phx2.fedoraproject.org
+
    

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

[sysadmin-notify] [ansible] Update tasks