Commit Graph

32 Commits

Author SHA1 Message Date
Jonathan Rosser 1beb241764 Remove conditions on systemd version
All the supported platforms are now using more modern systemd versions
than detected with the logic in this role, so remove
the redundant tasks and conditions.

Change-Id: I0ddaefc575f1b0cbf85696cde25aa69907fede9f
2023-10-10 14:42:46 +01:00
Dmitriy Rabotyagov b763b73ffc Fix linters and metadata
With update of ansible-lint to version >=6.0.0 a lot of new
linters were added, that enabled by default. In order to comply
with linter rules we're applying changes to the role.

With that we also update metdata to reflect current state.

Change-Id: I4aab8ba621228d3fbf79b1da8227be41f3258b5f
2023-07-12 11:58:33 +00:00
Dmitriy Rabotyagov 62bd24859e Allow to define pre-start and post-stop tasks
WHile you can leverage config_overrides for that, it might become
tricky if you need to define more then 1 pre/post exec tasks.

Change-Id: I3d8b36f5e9f4be89eaff848d8ba88a38ce5285e4
2022-10-14 12:11:06 +02:00
Jonathan Rosser 1013a1526e Allow StandardOutput to be set for a systemd service
See https://www.freedesktop.org/software/systemd/man/systemd.exec.html

Change-Id: I64470b53f5177e9a4e450beaa474036e44705349
2022-01-27 12:13:05 +00:00
Jonathan Rosser abbc5c8ab8 Suppress 'Service' directive if ListenStream is specified
This is mutually exclusive configuration

Change-Id: Icf43a8421f4d52570ea89f5db0722c0d99bafd85
2022-01-11 03:25:53 -05:00
Dmitriy Rabotyagov fc698fb11a Use slice name for lock/run by default
Change-Id: I883d6520e7da4491929252677193f733808da6a3
2021-11-30 12:39:38 +00:00
Dmitriy Rabotyagov a3800b6368 Deprecate systemd_lock_path variable
To remove complexity from the code we remove variable systemd_lock_path
since variable systemd_lock_dir with common functionality has been
introduced.

Change-Id: I61bb44450a7fb1cface2b93302e02c8fd358a034
2021-11-04 20:41:24 +02:00
Dmitriy Rabotyagov 46185f389e Update run and lock path for systemd
Since /var/run is a symlink to /run and /var/lock is a symlink to
/run/lock for all modern operationg systems, it makes sense to
change default paths that are used.

To make such changes more flexible, ``systemd_run_dir`` and
``systemd_lock_dir`` are introduced.

Change-Id: I60d321fcdce3d3a94233cc25c92898d9e9f2a9b8
2021-11-04 20:30:47 +02:00
Erik Berg 1cc15d7923 Make systemd.service more consistent
This file doesn't need to change based on the whims of which order
the after_targets decide to jumble themselves into. By sorting the
after_targets we get less changes.

Change-Id: I7cba791c6d6d90390e5adaf63a4797cbc320cbc5
2021-01-21 18:52:50 +01:00
Andrew Bonney 3c924d2531 templates: fix typo in string/mapping check
A small typo that appears to have been missed during review,
which can cause strings (for example) to be iterated over rather
than included directly.

Change-Id: Id1a9d7088f97b709c46d5f4563c0c498604f999e
2021-01-18 13:01:29 +00:00
Dmitriy Rabotyagov 6bebc97d86 Add option to create systemd native service overrides
Since there might be a necessity to override already existing in the
system services, like provided ones by system packages, which we
just want to adjust, we need option to create service overrides in
systemd.servce.d directory.

Change-Id: Ic7488edbc0487fe932c706dc26f2f8adb36cb427
2021-01-06 10:53:22 +00:00
Dmitriy Rabotyagov 763eb7638f Add possibility to configure systemd sockets
We need to be able to configure systemd-sockets. Since they are attached
to the service it make sense to make it as an element to the service.

Change-Id: Ic481921151fc8d7af7f1ca9b003adb8e3c967e16
2021-01-06 10:53:07 +00:00
Georgina 18a05c1a0d Greater flexibility to timer templating
Allows for the combining of multiple directives of the same type as
the spec allows. An options value can now be specified as a list.
Particularly useful for specifying multiple onCalendar directives.

Change-Id: I2f0408a47861560b7813eeba7b3f2ce682823e1e
2020-10-15 12:05:45 +00:00
Jonathan Rosser 9924a05f97 Revert "Build out the PrivateNetwork function for services"
This reverts commit 6285b6c638.

There is no use made of this functionality anywhere outside the tests
for this role, so revert the code. The intention is to reduce general
overhead in systemd_service and reduce the number of skipped tasks
in an OSA deployment.

Conflicts: tests/test.yml
Change-Id: I3d28967a64ea9d91219294bdc30d337c9c6d2e50
2020-06-10 08:18:26 +01:00
Kevin Carter 6285b6c638 Build out the PrivateNetwork function for services
This change adds the ability to effectively use the PrivateNetwork
functionality systemd provides for services. Now, if enabled, services
can be created in a network namespace which isolates it from the reset
of the host. Additional options have been added allowing access into the
network namespace over ephemeral devices as needed.

Highlights:
* Isolated private networking for services will sandbox using a stand
  alone namespace which has no access to anything via the network.
* Access into a private namespace can be provided over a single network
  interface which can be IP'd via local DHCP + NAT or using an upstream
  DHCP server.
* Tests have been added to exercise the new functionality.

All of the funcality has been documented in the defaults of this role.

Change-Id: I6751765131f32393a1605eb2100bec46199d980a
Signed-off-by: Kevin Carter <kevin@cloudnull.com>
2019-02-09 04:06:44 +00:00
James Denton 6907b0c9f2 Allow PartOf to be defined in unit section
This patch allows PartOf to be defined in the [Unit] section of
a given systemd service. Doing so creates a one-way dependency
on the given service that is limited to stopping and restarting of units.

Change-Id: I2b802d868ba0c8b085379daae8a9fa4f36281eea
2019-01-26 00:02:17 -06:00
Benoît Knecht d11744b1ef Add options to set DynamicUser and StateDirectory
Make sure those options are only set if systemd >= 235, since they were
introduced in that version.

Change-Id: I51f133931a73d648604b5166a7c09da6ffd4c178
Related-Bug: 1805847
2019-01-14 14:13:48 +01:00
Kevin Carter 79e6cdb138 Add docs and tests to the environment capabilities
Systemd service units may require additional environment settings to
be effective. This patch adds two new variables to the systemd_service
role which will allow operators to add environment variables to a
given service as needed. These options be be supplied globally or
from within a service definition.

Documentation on how these options are used has been added to the
defaults file.

A test has been added to ensure we're exercising the new capability.

Change-Id: If4ea993b7173ac3218f051a1d4f0fba9aeb838ea
Signed-off-by: Kevin Carter <kevin@cloudnull.com>
2019-01-11 13:26:30 -06:00
Jakob Englisch b2063bb703 Add an option to configure a service environment
Usecase:

neutron-l3-agent ships a helper script within it's
deployment [1]. neutron-l3-agent expects the script
in it's current path, which may be not always the case [2].
This addition provides OSA the possibility to customize the
path.

[1] a388701ddf/neutron/agent/l3/ha.py (L68)
[2] https://bugs.launchpad.net/openstack-ansible/+bug/1782195

Change-Id: I504a8270be1ddf2f24ab3ad3b4f2f4ca9c990470
2019-01-11 20:04:23 +01:00
Kevin Carter 86ad639f41 Fix global lock path usage
The option `systemd_lock_path` is intended to be set globally
and locally however the global implementation has never been
implemented.

  * The global option will ensure the run and lock path is setup
    for all services within the `systemd_services` array.
  * The local option provices a way to override a global lock path
    based on specific service needs.

Change-Id: I373b8905c01ff666b5705bd3bb3c76c3e74a64ab
2018-12-27 17:52:57 -06:00
Kevin Carter f79988efca Allow user/group to be overriden in unit section
The unit section allows for user/group to be set via global variable
however in some cases a specific unit may need to have a different
user/group setup. This change allows for the users to be defined in the
service definition and falls back to the global default.

Change-Id: I69540efd2c993912b042a1b6b6a1dc279542f325
Signed-off-by: Kevin Carter <kevin.carter@rackspace.com>
2018-11-27 09:53:33 +00:00
Jimmy McCrory a5e3dee6fa Allow services to provide after_targets directly
Add 'after_targets' as its own key inside a systemd services dictionary
instead of using config_template overrides.

Change-Id: I8d2ae74010c040544b8099f596678acd71e727e9
2018-11-02 06:28:24 -07:00
Kevin Carter 94ff90157a
Correct log warning for unknown lvalue
The default systemd service template was using the PrivateUsers
directive by default which was only implemented in systemd version 232.
Because we're running on older versions of systemd in a lot of cases the
this option was creating a log of journal spam. To correct the issue the
version of systemd is now detected and this default option will only be
used when the version of systemd is greater than or equal to version
232.

Change-Id: Ief1a2e155892ab7df821fbf049787e705da91b40
Closes-Bug: #1776818
Signed-off-by: Kevin Carter <kevin.carter@rackspace.com>
2018-07-16 11:21:06 -05:00
Kevin Carter d1472289c2
Add timer services
Systemd provides for "timers" which is replacing cron. This change
implements timers as an option to any created service.

Change-Id: I8fdca58fcb43726560521c7c25f7e57cfb61353b
Signed-off-by: Kevin Carter <kevin.carter@rackspace.com>
2018-05-02 11:19:50 -05:00
Kevin Carter 1c580bbdbc
Add a documentation list default
This change adds the documentation list default to our systemd service
files when populated. This is feature will provide us the ability to
link services to specific documentation which operators will be able to
see when querying a service.

Change-Id: I514d907ccbb52cc6010a29c4c3e10eb2cf558dfa
Signed-off-by: Kevin Carter <kevin.carter@rackspace.com>
2018-04-03 11:17:41 -05:00
Kevin Carter 7745439f35
Add tests to the service role
* Document the optionality in the defaults
* validate the input in the tasks before it's templated
* Standardize on the exec(starts,stops,reloads} interface
* Update the readme
* Add functional test

Change-Id: Icae36f970178b1cc79d069a94321afb1732a8c5c
Signed-off-by: Kevin Carter <kevin.carter@rackspace.com>
2018-03-21 17:47:22 -05:00
Logan V 134c6f7f24 Simplify unit file
Combine the flow for simple and oneshot services into one set of
execstart/execreload/execstop loops.

Change-Id: I2c250f7d0d14747b50fd77f54d3777c28f11e957
2018-03-20 23:35:40 -05:00
Kevin Carter f97125c39e
update service for oneshot
Signed-off-by: Kevin Carter <kevin.carter@rackspace.com>
2018-03-13 23:21:43 -05:00
Kevin Carter f944450f9e
add conditions when running in oneshot mode
Signed-off-by: Kevin Carter <kevin.carter@rackspace.com>
2018-03-13 09:47:35 -05:00
Kevin Carter 00fd8cfc70
add more options
Signed-off-by: Kevin Carter <kevin.carter@rackspace.com>
2018-03-08 20:32:52 -06:00
Kevin Carter 9a4ed2d7bc
updated things so this role is usable
Signed-off-by: Kevin Carter <kevin.carter@rackspace.com>
2018-03-08 17:54:13 -06:00
Kevin Carter 3287637b2d
Initial Commit
Signed-off-by: Kevin Carter <kevin.carter@rackspace.com>
2017-05-19 10:24:55 -05:00