Commit Graph

27 Commits

Author SHA1 Message Date
Dmitriy Rabotyagov eea1a4853f Fix linters and metadata
With update of ansible-lint to version >=6.0.0 a lot of new
linters were added, that enabled by default. In order to comply
with linter rules we're applying changes to the role.

With that we also update metdata to reflect current state.

Depends-On: https://review.opendev.org/c/openstack/ansible-role-systemd_service/+/888223
Change-Id: Id92330b3c709201a74612c8353cefa75778eac0c
2023-07-14 20:44:53 +02:00
Jonathan Rosser 0f2b8e16c9 Remove references to unsupported operating systems
All references to Gentoo, SUSE, Debian stretch and Centos-7  are removed.
Conditional tasks, ternary operators and variables are simplified where possible
OS specific variables files are generalised where possible

Change-Id: I1624730385a7b54cf36a94d313cc298430129736
2021-03-10 12:16:38 +00:00
Jonathan Rosser 489c169874 Use ansible_facts[] instead of fact variables
See https://github.com/ansible/ansible/issues/73654

Change-Id: I8721b4fa97b41fb0c92f9eb99b61d31634e9aac6
2021-02-23 18:06:10 +00:00
Jean-Philippe Evrard dfdb540804 Clarify supported SUSE versions
This role only support openSUSE Leap 15, not 42.3, not tumbleweed.
Saying all is confusing and a bad practice. This fixes it, while
ensuring the job is properly defined to test that assertion.

Change-Id: I8d4bccbe283a0b09f42e2d2419612b3a4a1c6a0d
2019-05-27 07:15:23 +00:00
Mohammed Naser ba254f8c8a debian: add ci and update meta
This patch adds the Debian jobs for this role to make sure
it's always passing as well as updates the meta to reflect
it's support of Debian accordingly.

Depends-On: I9a92b73c419a0dc1cca40dacfef75de61a61db94
Change-Id: Idf1d86b24196a9613b7e953de1628df2eb482cce
2019-04-06 18:53:33 -04:00
Markos Chandras ab71dd914c SUSE: Add support for openSUSE Leap 15
Depends-On: https://review.openstack.org/603078
Change-Id: I6b57618fa75e23bdd775d94dc3de563e8de8c805
2018-09-18 17:45:55 +01:00
Jesse Pretorius d47e318bc1 Remove galera_client meta-dependency
Given that pymysql is pure python and has no C binding
dependencies, we no longer need the role to install the
MariaDB client libraries.

Change-Id: I309022aa53b8878a167d09d6288678eee5ca0159
2018-09-15 19:13:24 -06:00
Jonathan Rosser 8af0c1edc5 Add bionic to galaxy_info metadata
Change-Id: Iec8cb4bf0154e2472c3b3cf8a38d57f267ebab3c
2018-08-02 15:02:36 +01:00
Major Hayden b7b9db7bb4
Change include: to include_tasks:
This removes warnings in Ansible 2.4+.

The patch also removes "static:" from the playbooks since that
argument is no longer used by Ansible.

Change-Id: I6e5fcbccd4239db73de20e640a3423d1a2333bbe
2018-02-15 10:24:39 -06:00
Zuul 712d9174a4 Merge "Remove pip_install dependency" 2017-12-05 15:26:06 +00:00
Jean-Philippe Evrard 271a668f18 Remove pip_install dependency
With addition of pip_install on every node, we don't
need to have pip_install as a meta dependency.

Depends-On: If3412bb888ebb854874bbc43eb76bfcb3e4a7868
Depends-On: I79ff70c438b44753be2a93f004ebbc46de0a963d
Change-Id: Ie72283fc39355bb798a90ce3347a197d1b8e5e37
2017-12-05 11:52:30 +00:00
Jimmy McCrory 8019b5c190 Remove keystone_token_driver variable
The memcache token driver was removed in Ocata and the only valid option
is sql, which is only used when keystone_token_provider is uuid.

Change-Id: I1db15e2553893b74d3f7d57d4d50ca2052be04e4
2017-11-28 10:35:03 -08:00
Jean-Philippe Evrard d17041ca51 Add OpenStack-Ansible metadata
We need to add openstack ansible information in the role
metadata to be able to track role maturity. With it,
we can create a role maturity table and take decisions about
role deprecations.

Change-Id: I00787d4812a9f0ab8ef661c98325327fa581dac3
2017-10-11 09:02:41 +00:00
Markos Chandras 8c1ebb02a9 Add support for the openSUSE Leap distributions
Add support for the openSUSE Leap distributions. Additionally,
for openSUSE, we need to load some extra apache2 modules which are
not there by default.

Change-Id: Iac555cefa0a7a6ecf344761d54644fd3fa2443f9
2017-07-04 16:30:04 +01:00
Jesse Pretorius 0b11c78551 Optimise apt cache update task
The update of the apt cache and the package installation
can all be handled in a single task by providing the
package action plugin with the right parameters. This
removes an extra task to optimise execution.

The minimum Ansible version is raised to 2.2 due to a
known bug [1] in Ansible's apt module which does not
update the cache properly if the cache update and the
install are combined in a single task.

[1] https://github.com/ansible/ansible-modules-core/issues/1497

Change-Id: If6b3261bba643759f12a811d849ce9cb1040497f
2017-04-21 16:44:30 +01:00
Andy McCrae 6a6e377853 Remove Trusty support from os_keystone role
Change-Id: I5ad6944b5e43aa46582acf313ac8793ab4d226f7
Implements: blueprint trusty-removal
2016-12-15 13:18:55 +00:00
Jesse Pretorius bd33f3d412 Use updated get_url module checksum functionality
Starting in Ansible 2.0, the get_url [1] module provides the
ability for a checksum to be provided to the get_url module
which will be verified against the local destination file
and the task skipped if it matches.

[1] http://docs.ansible.com/ansible/get_url_module.html

This patch implements the use of this functionality.

The ability to ignore a venv download failure is also removed
as this is not necessary or desirable. It is better for the
download to fail and the playbook execution to stop immediately
so that the failure point is exposed.

Change-Id: If1dd3fde47871c1201fb50759432a511a6f5fbce
2016-11-07 23:35:33 +00:00
Kevin Carter 0de819e92a Implement CentOS 7 support in os_keystone
This change implements CentOS 7 support within the os_keystone role.

Depends-on: I333fb1887339e8dc9ebf10ff137dda3cff629dc0
Change-Id: Ib339cd0657f7008fa48bf74f8d6ddd4b8add2ea1
Signed-off-by: Kevin Carter <kevin.carter@rackspace.com>
2016-08-29 14:20:48 +00:00
Jimmy McCrory f244e1ce6a Remove pip_lock_down dependency
The pip_install and pip_lock_down roles have been merged.

Remove pip_lock_down from the role's meta dependencies and test
requirements.

Change-Id: Ie421d6614eae5a26d842fea5e4acf42fc3de7669
2016-06-02 17:13:39 -07:00
Kevin Carter ebdcb34c3a Implement 16.04 support in Keystone
This change creates a ubuntu 16.04 variable file that will allow
the role to be executed against a ubuntu 16.04 host.

Change-Id: Ib6d7e68133de8d10b81d9116b74dca1de7568897
Signed-off-by: Kevin Carter <kevin.carter@rackspace.com>
2016-05-23 23:52:49 -05:00
Jesse Pretorius 7b1543d2ef Update min_ansible_version to 1.9
This role makes use of the ternary filter which was only introduced in
Ansible 1.9, this patch updates the min_ansible_version to 1.9.

Change-Id: I8653658c8dcc23b3387834f16f8ed933caa51026
2016-04-11 12:20:20 +01:00
Jesse Pretorius 234d1fd0cc Ensure that pip lock down happens before other dependencies
The pip_install role is depended on by a lot of other roles, and
therefore sometimes gets processed prior to the pip_lock_down
role resulting in the pip, setuptools and wheels packages being
installed from a source other than the repo server once the repo
server is available. This is not the intended behaviour - the
repo server should always be a the primary source once it's
available.

This patch ensures that the pip_lock_down role is applied before
all the other dependent roles to ensure that the expected
behaviour is followed.

Change-Id: Ic283b08a00ac57c854fefd66589a326721fa9d93
2016-03-31 17:05:47 +00:00
Kevin Carter 99b13a14e5 Updated role using the Multi-Distro framework
* A conditional was added to the apt-package-pinning role
  from meta was updated to only be run if the package
  manager is apt

Change-Id: Ia0359872a52de8b1b8aeae9efa64479f9d930068
Signed-off-by: Kevin Carter <kevin.carter@rackspace.com>
2016-03-28 05:04:52 +00:00
Kevin Carter 7d4cc4a217
Updated role to be an independent role
This change makes it so that the OS_keystone role is an independent
role and can be installed / tested stand-alone.

Implements: blueprint independent-role-repositories
Signed-off-by: Kevin Carter <kevin.carter@rackspace.com>
2016-02-26 14:13:43 -06:00
kevin cfde337673 Updated keystone to use fernet as the default
This change simply enables fernet to be the default token backend
and disables the keystone memcached configuration for token storage.

Change-Id: I1037a7fce567e476f07a5d3c220379d656248160
Related-Bug: #1463569
2015-06-24 23:29:57 +00:00
Kevin Carter 5935b3de9c added role to pin packages
This new role is now providing the ability for a user to pin apt
packages as they see fit. The idea is to allow someone to implement
pinning in a generic way that can be represented as a global variable
or as a hostvar. The new role has been added to all install roles as
a dependency which will allow it to ensure that packages are pinned
everywhere as would be expected.

Change-Id: I354e8515570fa7174366ba57d57aece3c304568e
2015-05-08 13:22:42 -05:00
Kevin Carter 9f68cf8781 Convert existing roles into galaxy roles
This change implements the blueprint to convert all roles and plays into
a more generic setup, following upstream ansible best practices.

Items Changed:
* All tasks have tags.
* All roles use namespaced variables.
* All redundant tasks within a given play and role have been removed.
* All of the repetitive plays have been removed in-favor of a more
  simplistic approach. This change duplicates code within the roles but
  ensures that the roles only ever run within their own scope.
* All roles have been built using an ansible galaxy syntax.
* The `*requirement.txt` files have been reformatted follow upstream
  Openstack practices.
* Dynamically generated inventory is now more organized, this should assist
  anyone who may want or need to dive into the JSON blob that is created.
  In the inventory a properties field is used for items that customize containers
  within the inventory.
* The environment map has been modified to support additional host groups to
  enable the seperation of infrastructure pieces. While the old infra_hosts group
  will still work this change allows for groups to be divided up into seperate
  chunks; eg: deployment of a swift only stack.
* The LXC logic now exists within the plays.
* etc/openstack_deploy/user_variables.yml has all password/token
  variables extracted into the separate file
  etc/openstack_deploy/user_secrets.yml in order to allow seperate
  security settings on that file.

Items Excised:
* All of the roles have had the LXC logic removed from within them which
  should allow roles to be consumed outside of the `os-ansible-deployment`
  reference architecture.

Note:
* the directory rpc_deployment still exists and is presently pointed at plays
  containing a deprecation warning instructing the user to move to the standard
  playbooks directory.
* While all of the rackspace specific components and variables have been removed
  and or were refactored the repository still relies on an upstream mirror of
  Openstack built python files and container images. This upstream mirror is hosted
  at rackspace at "http://rpc-repo.rackspace.com" though this is
  not locked to and or tied to rackspace specific installations. This repository
  contains all of the needed code to create and/or clone your own mirror.

DocImpact
Co-Authored-By: Jesse Pretorius <jesse.pretorius@rackspace.co.uk>
Closes-Bug: #1403676
Implements: blueprint galaxy-roles
Change-Id: I03df3328b7655f0cc9e43ba83b02623d038d214e
2015-02-18 10:56:25 +00:00