--- - include: etc-nodepool.yml become: true - name: Create and enable swap on subnode shell: > dd if=/dev/zero of=/root/swapfile bs=1024 count={{ subnode_swap_size }}; chmod 600 /root/swapfile; mkswap /root/swapfile; swapon /root/swapfile; echo "/root/swapfile swap swap defaults 0 0" >> /etc/fstab; become: true changed_when: true - name: Create /etc/ci directory file: path: /etc/ci state: directory owner: "{{ ansible_user }}" become: true # NOTE: (trown) this is just a place holder, but I am not so sure we # need to create this file. - name: Create /etc/ci/mirror_info.sh template: dest: /etc/ci/mirror_info.sh src: mirror_info.sh.j2 - name: Check for /etc/yum/vars/contentdir stat: path: /etc/yum/vars/contentdir register: yum_contentdir - when: not yum_contentdir.stat.exists and ansible_distribution|lower != 'fedora' block: - name: Discover package architecture command: rpm -q --qf "%{arch}" -f /etc/redhat-release register: rpm_arch changed_when: false - debug: msg: Package architecture is '{{ rpm_arch.stdout }}' - name: Set contentdir to altarch set_fact: yum_contentdir_data: altarch when: rpm_arch.stdout in ['aarch64', 'ppc64le'] - name: Set contentdir to default centos arch set_fact: yum_contentdir_data: centos when: rpm_arch.stdout not in ['aarch64', 'ppc64le'] - name: Populate /etc/yum/vars/contentdir copy: dest: /etc/yum/vars/contentdir content: "{{ yum_contentdir_data }}" become: true - name: Install repos (will be removed by toci_gatetest) package: name: "{{ item }}" with_items: - centos-release-openstack-rocky - epel-release become: true when: ansible_distribution|lower != 'fedora' - name: Install packages # noqa 403 package: name: "{{ packages_list }}" state: latest become: true - include: clone-ci-repos.yml - name: Set primary public key on all hosts command: cat /etc/nodepool/id_rsa.pub register: primary_key when: inventory_hostname == "subnode-0" changed_when: false - name: Add primary key lineinfile: dest: ~/.ssh/authorized_keys state: present line: "{{ hostvars['subnode-0'].primary_key.stdout }}" - name: Scan SSH keys from subnodes shell: | for key in {{ hostvars[item].subnode_public_ip }} {{ hostvars[item].subnode_private_ip }}; do if ! grep -q $key /etc/ssh/ssh_known_hosts ; then ssh-keyscan $key >> /etc/ssh/ssh_known_hosts fi done with_inventory_hostnames: - subnodes become: true changed_when: true - name: start unbound service service: name: unbound state: started enabled: true become: true - name: start iptables service service: name: iptables state: started enabled: true become: true - name: Add iptables rules for subnodes iptables: chain: INPUT source: "{{ hostvars[item].subnode_private_ip }}" jump: ACCEPT action: insert with_inventory_hostnames: - subnodes become: true - name: Save the iptables rules shell: iptables-save > /etc/sysconfig/iptables become: true changed_when: true - name: Set some env vars lineinfile: dest: /etc/environment state: present line: "{{ item }}" with_items: - "WORKSPACE=/tmp" - "DEVSTACK_GATE_TIMEOUT=300" - "REMAINING_TIME=180" # 3 hours for quickstart run # In case of multinode - "EXTRA_VARS=' --extra-vars vxlan_mtu=1400'" become: true - when: update_subnodes|bool block: - name: Update packages # noqa 403 package: name: '*' state: latest become: true - name: Reboot hosts shell: sleep 2 && shutdown -r now async: 1 poll: 0 ignore_errors: true become: true - name: Wait for provisioned hosts to become reachable local_action: module: wait_for host: "{{ hostvars[inventory_hostname].subnode_public_ip }}" port: 22 delay: 35 sleep: 10 state: started connect_timeout: 10 timeout: 180