commit 563085c395223e73d363736177bbdd167ad6e0bf
Author: Nicolas Chauvet <kwizart(a)gmail.com>
Date: Thu Mar 2 16:25:32 2017 +0100
Update tasks
tasks/cloud_setup_basic.yml | 38 ++++++++++++++++++++++++++++++--------
tasks/growroot_cloud.yml | 6 +++---
tasks/growroot_cloud_el7.yml | 6 +++---
tasks/persistent_cloud.yml | 28 +++++++++++++++++++++++-----
4 files changed, 59 insertions(+), 19 deletions(-)
---
diff --git a/tasks/cloud_setup_basic.yml b/tasks/cloud_setup_basic.yml
index 1e5db4e..6fddfd3 100644
--- a/tasks/cloud_setup_basic.yml
+++ b/tasks/cloud_setup_basic.yml
@@ -1,5 +1,5 @@
---
-- name: ntp pkgs
+- name: Install desired extra packages (yum)
yum: state=present pkg={{ item }}
with_items:
- ntpdate
@@ -10,12 +10,33 @@
tags:
- packages
-- name: ntp pkgs
- command: dnf install -y ntpdate ntp libsemanage-python libselinux-python
+- name: Install desired extra packages (dnf)
+ dnf: state=present pkg={{ item }}
+ with_items:
+ - ntpdate
+ - ntp
+ - libsemanage-python
+ - libselinux-python
when: ansible_distribution_major_version|int > 21 and ansible_cmdline.ostree is not
defined
tags:
- packages
+- name: remove some packages (yum)
+ yum: state=absent pkg={{ item }}
+ with_items:
+ - chrony
+ tags:
+ - packages
+ when: ansible_distribution_major_version|int < 22
+
+- name: remove some packages (dnf)
+ dnf: state=absent pkg={{ item }}
+ with_items:
+ - chrony
+ tags:
+ - packages
+ when: ansible_distribution_major_version|int > 21 and ansible_cmdline.ostree is not
defined
+
- name: put step-tickers in place
copy: src="{{ files }}/common/step-tickers" dest=/etc/ntp/step-tickers
when: ansible_cmdline.ostree is not defined
@@ -32,17 +53,18 @@
# tags:
# - config
-- name: add ansible root key
+- name: add ansible root key
authorized_key: user=root key="{{ item }}"
with_file:
- /srv/web/infra/ansible/roles/base/files/ansible-pub-key
tags:
- config
- sshkeys
-
+
- name: add root keys for sysadmin-main and other allowed users
authorized_key: user=root key="{{ item }}"
- with_lines: "/srv/web/infra/ansible/scripts/auth-keys-from-fas @sysadmin-main {{
root_auth_users }}"
+ with_lines:
+ - "/srv/web/infra/ansible/scripts/auth-keys-from-fas @sysadmin-main {{
root_auth_users }}"
tags:
- config
- sshkeys
@@ -54,7 +76,7 @@
# note - kinda should be a handler - but handlers need args
- name: restorecon
- command: restorecon -R /root/.ssh
+ file: path=/root/.ssh setype=ssh_home_t recurse=yes
tags:
- config
@@ -73,7 +95,7 @@
- packages
- name: write out global-update-applied file if we updated
- copy: content="updated" dest=/etc/sysconfig/global-update-applied
+ copy: content="updated" dest=/etc/sysconfig/global-update-applied
when: updated is defined
tags:
- packages
diff --git a/tasks/growroot_cloud.yml b/tasks/growroot_cloud.yml
index 6388736..630c919 100644
--- a/tasks/growroot_cloud.yml
+++ b/tasks/growroot_cloud.yml
@@ -1,4 +1,4 @@
-- name: add infra repo
+- name: add infra repo
get_url:
url=http://infrastructure.fedoraproject.org/el/infrastructure.repo
dest=/etc/yum.repos.d/
when: is_rhel is defined
tags:
@@ -12,11 +12,11 @@
- name: growpart the second partition (/) to full size
command: growpart /dev/vda 2
register: growpart
- always_run: true
+ check_mode: no
changed_when: "growpart.rc != 1"
#failed_when: growpart.rc == 2
ignore_errors: true
-
+
- name: reboot the box
command: /sbin/reboot
when: growpart.rc == 0
diff --git a/tasks/growroot_cloud_el7.yml b/tasks/growroot_cloud_el7.yml
index b8ae7b1..0803064 100644
--- a/tasks/growroot_cloud_el7.yml
+++ b/tasks/growroot_cloud_el7.yml
@@ -1,4 +1,4 @@
-- name: add infra repo
+- name: add infra repo
get_url:
url=http://infrastructure.fedoraproject.org/el/infrastructure.repo
dest=/etc/yum.repos.d/
when: is_rhel is defined
tags:
@@ -12,10 +12,10 @@
- name: growpart the first partition (/) to full size
command: growpart /dev/vda 1
register: growpart
- always_run: true
+ check_mode: no
changed_when: "growpart.rc != 1"
failed_when: growpart.rc == 2
-
+
- name: reboot the box
command: /sbin/reboot
when: growpart.rc == 0
diff --git a/tasks/persistent_cloud.yml b/tasks/persistent_cloud.yml
index c4ae2f1..11a16dc 100644
--- a/tasks/persistent_cloud.yml
+++ b/tasks/persistent_cloud.yml
@@ -4,6 +4,8 @@
local_action: shell nc -w 5 {{ inventory_hostname }} 22 < /dev/null
register: host_is_up
ignore_errors: true
+ changed_when: false
+ check_mode: no
- name: clean out old known_hosts (name based entries)
local_action: known_hosts path={{item}} host={{inventory_hostname}} state=absent
@@ -44,10 +46,26 @@
# instance can be both id and name, volume must be id
# volume must be id
-- local_action: shell nova --os-auth-url="{{os_auth_url}}"
--os-username="admin" --os-password="{{ADMIN_PASS}}"
--os-tenant-name={{inventory_tenant}} volume-list | grep ' {{item.volume_id}} ' |
grep 'available' && nova --os-auth-url="{{os_auth_url}}"
--os-username="admin" --os-password="{{ADMIN_PASS}}"
--os-tenant-name={{inventory_tenant}} volume-attach
"{{inventory_instance_name}}" "{{item.volume_id}}"
"{{item.device}}"
- with_items: volumes
- ignore_errors: yes
+#
+# Check that the volume is available
+#
+- local_action: shell nova --os-auth-url="{{os_auth_url}}"
--os-username="admin" --os-password="{{ADMIN_PASS}}"
--os-tenant-name={{inventory_tenant}} volume-list | grep ' {{item.volume_id}} ' |
grep 'available'
+ with_items: "{{ volumes|default([]) }}"
+ register: volume_available
+ failed_when: volume_available.rc == 2
+ changed_when: volume_available.rc == 0
+ ignore_errors: True
when: volumes is defined
+ check_mode: no
+
+#
+# If it is attach it.
+#
+- local_action: shell nova --os-auth-url="{{os_auth_url}}"
--os-username="admin" --os-password="{{ADMIN_PASS}}"
--os-tenant-name={{inventory_tenant}} volume-attach
"{{inventory_instance_name}}" "{{item.volume_id}}"
"{{item.device}}"
+ with_items: "{{ volumes|default([]) }}"
+ ignore_errors: True
+ failed_when: False
+ when: volumes is defined and volume_available is defined and volume_available
- name: wait for he host to be hot
local_action: wait_for host={{ public_ip }} port=22 delay=1 timeout=600
@@ -60,7 +78,7 @@
when: host_is_up|failed
- name: add new ssh host key (you still need to add it to official ssh_host_keys later)
- local_action: known_hosts path={{item}} key="{{ hostkey.stdout }}" host={{
inventory_hostname }} state=present
+ local_action: known_hosts path={{ item }} key={{ hostkey.stdout }} host={{
inventory_hostname }} state=present
ignore_errors: True
with_items:
- /root/.ssh/known_hosts
@@ -80,7 +98,7 @@
- name: gather facts
setup:
- always_run: True
+ check_mode: no
ignore_errors: True
register: facts