Infra has adopted the approach of indenting lists an extra level
instead of starting their '-' at the same level as the parent element.
Additionally, Infra uses .yaml extensions instead of .yml extensions.
This role predates Infra having enough ansible to have opinions, so
update it to match current practice.
Also, while we're in there, update when clauses that have an 'and' in
them to just use the list form of when, and change 'include:' to
'include_tasks:'.
Change-Id: Icbeaf99c4d103091ee094e2fa219d7e16229b998
ansible-role-puppet attempts to infer where it should copy hieradata
from based on puppet3 or puppet4. However, for hosts that are not
running puppet themselves this isn't going to work very well. Allow a
user to set mgmt_hieradata explicity.
Change-Id: Ie533da9af71ab84ce6e95dc63ceb8426740f53a3
We are already organizing our hiera content basically the same way as
ansible needs for variables to be provided. If we reorganize the
directories slightly (to be coordinated with dirs on puppetmaster)
then we can have a single directory do double-duty.
Change-Id: I6ac90a7439ed8a5d9433d9526f37e44668b360ff
This requires we get the magical symlink between hieradata in
/opt/system-config to line up with the actual on disk environment
specific hiera location which differs between puppet 3 and 4.
Change-Id: Id4d7a0af72efddb758d94c6437bb1c331d12f406
This patch ensures that hiera data and puppet modules, and puppet config
are copied to the right directory depending on the current puppet
version. Since it's possible for the ansible management server and the
managed nodes to have different puppet versions, we need to account for
the possibility that the source and destination paths might be
different. We also don't need to hardcode the various config paths in
config or manage environments since we're using the defaults and
hardcoding them would make them incorrect for one or the other puppet
versions.
Change-Id: I164f91f9a7942e8c5f059652634ec1078ae41aae
It is possible we want our puppet role to run longer then 30mins,
expose the ability for a user to change it.
Change-Id: Id42ba80a5118a9f93e45619ac6ecc5baa774549a
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
check_mode causes other things that we may want to actually happen
(such as setting up hiera) not to run. This way we can do all of
those but still run puppet in noop.
Change-Id: I32f07a032d28f5c5d04e9eeb50b94f7c0a57ce53
We are running into OOM issues on puppetmaster.o.o and our current
thought process is because we are using connection: local, this is
causing ansible to fork many times over, which is an expensive task.
Change-Id: I3f2646765f0b442f7533aa7be44fc42b1916f172
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
We should always upload to puppetboard (even when puppet fails) if the
puppetboard server is defined. This allows puppetboard to learn of both
successful and failed puppet runs.
Change-Id: I62a78200052443997baf549256c78b38bd37f63e
On first runs, this logfile is not going to be found. This
is causing ansible to crash and stop applying puppet in consecutive
nodes.
Add a condition to safely fail, and abort play if no files can
be found.
Change-Id: I22a5ebbcaa603b25920fd638211f3663e81e09b0
Bare variables are deprecated in Ansible now, we should wrap them
in jinja stuff so that the deprecation warning goes away.
Change-Id: Ib2bd6ae508eacaa274c16e08fe3ef384e4700776
We want to report as the puppetmaster, not as the host in question.
Change-Id: I0462a898502ad709e046be76c19c9e11f4617335
Depends-On: I290ad569283390bac2a74a9991331c9e86821ab7
Previously the puppetmaster was creating reports directories. Now that
ansible is in charge, it must do it.
Change-Id: I26e1e2ebd45f0c7d75652f9acb9999aee8a3e40c
So that we can upstream this, make the log output from the puppet
command configurable with a default value being what it was for us
before. As part of that, restore returning stdout and stderr even though
they'll be empty.
Depends-On: I22b1d0e1fb635f2c626d75a11764725c8753bf24
Change-Id: I245ac8c3533cce4a598909c03e1f2ba0f7b06850
Allows ansible-puppet to configure settings for
puppet when manage_config flag is set.
Co-Authored-By: Yolanda Robla <info@ysoft.biz>
Change-Id: I6cb8dff569f2cca8bca7359412d01cc7ec009c54
We need to copy the puppet modules BEFORE we make a link to the
hieradata into the manifest_base directory. Doh.
Change-Id: Ic62f32f50012b9787773fb436ce50a616adf42f7
Although there is no harm in this case, the task in question has a
with_items on a variable that is not set because the previous task did
not run. In this case, it did not run because it's in a block with a
when that did not match - but in the context of a task, when is applied
after with_items and is applied to each with_item, rather than to the
task as a whole. To make the task complete, add a |default() jinja
filter so that the undefined variable is replaced with a defined but
empty value.
Change-Id: I2029b7cac3634a5fe7232f6f823e803e1f4250e6
Turns out we want module.exit_json, not module_exit_json. Oops. Also,
two other small ansible task cleanups found looking at the runs.
Change-Id: I8737d5b1e675bfb89ee1db2f2c434c601d419f5e
It's actually a puppet environment, not a hiera environment. So let's
call it that, otherwise nibalizer will be sad.
Change-Id: I0175596329e9f7eb7a079513bfa17dd18d53b753
Checking for all of the paths in ansible leads to a TON of skipped lines
in the ansible log. That's not good for anybody, and we're already
processing the paths in python - let's do a quick filter to check for
which ones exist before returning them.
Change-Id: Iddf3c56c802598329a18c374cf667a6f165f78ca
Based on some earlier review feedback, add defaults for copy_puppet and
copy_hieradata so that we don't have to check if they are defined. Also,
split the and condition in when to be a list of conditions.
Change-Id: I68bd332bdfae6880b582203161798f709dc45a45
One of the cool shiny new features from ansible 2.0 are "blocks", which
allow you to group like tasks.
Change-Id: If0a7c07140db15c9ae7c1671e6181ac7a4553f25
When we're using openstack inventory, inventory_hostname is the uuid of
the openstack server, whereas ansible_fqdn is the actual fqdn of the
host. So for things where it's important that the variable resolve to
the hostname (like looking up puppet reports on disk, we need to use
nsible_fqdn). For things like looking up hostvars in the hostvars dict,
we nede to continue using inventory_hostname.
Further, when we _delegate_to_ like we do for the post-to-puppetdb step,
ansible_fqdn is the name of the host delegated to - so it's not needed
to pass in the whoami value.
Change-Id: I420112668a016988ddb397e798f6ba983291d2f8
After we run puppet, we should copy the puppet logs back to the
host so that we can inject them into puppetdb.
Change-Id: I51332b02950d6fb4d4ff0c1edeca774d84df4270
Removing the default value from the variables file, while it allowed us
to set the value in our file, did not let the role run when the value
was not set. Test for being set.
Change-Id: Ibe3ccecdbb5ff31108c4a95c9f9a5ca367663603
ZOMG gathering facts takes FOREVER. Let's use inventory_hostname
instead of ansible_fqdn so that we don't have to gather them.
Change-Id: Ib531804a6c8a78f7a7f7d1b065295db5238912aa
Find any files that match common, $fqdn and $group in the hiera
structure and copy them to the target host's hiera structure so that
the puppet apply command can operate.
Change-Id: I833858e86b9e8fe0750642476f118ca7d0358380
If you're passing in data directly from ansible, you're really passing
in facts. This will be followed by a patch that will copy hiera data
files.
Change-Id: Ib47347d7bbc5b9abeb71183be8e467a62f91d743
When we run puppet on the node, we may want to pass in parameters. There
are two different mechanisms that can be used for this, facter and
hiera. Allow users to pass in dictionaries of data containing key/value
pairs to either set ephemerally via facter environment variables, or
permanently by creating hiera files on disk so that subsequent runs will
keep those values.
Change-Id: Id99c3c2c20764ed4ba4259bd53f8067289374403