With update of ansible-lint to version >=6.0.0 a lot of new
linters were added, that enabled by default. In order to comply
with linter rules we're applying changes to the role.
With that we also update metdata to reflect current state.
Change-Id: I74cefdfa885fa26dd7199fd0798527f511bf329d
If a repo container and its data are deleted and recreated then it is
not currently possible for a loadbalancer healthcheck to differentiate
between an empty repo server and a correctly synchronised one.
This patch creates a file 'repo-sync-complete' as part of the process
of synchronising repo contents from master repo servers to slaves. The
presence of this file on the slave can then be used as the loadbalancer
healthcheck to ensure that repo contents are only served once sync has
completed.
In addition, this patch ensures that synchronisation occurs from the
master to a reprovisioned slave by triggering a master repo server lsyncd
restart handler during the initial setup of the slave repo server.
Currently, a freshly provisioned repo server will remain empty
for an indeterminate amount of time, this patch forces a complete re-sync
to occur.
Change-Id: I6913341674dbde5524c2270e824bda4544211eca
Previously the handler for restarting rsyncd was never called.
Split the config file template task out from the nginx task and
notify the rsyncd handler when the config file is changed.
Change-Id: I47982b5974c686a6dec7bd1a789daa54ea9652c7
This avoids the following warning:
[WARNING]: The value 0 (type int) in a string field was converted to u'0' (type
If this does not look like what you expect, quote the entire value to
ensure it does not change.
Change-Id: Ifaf4035b2101f6921182c3d3275554c7e5f4cfa2
Caching git repositories has been deprecated in Queens, so it's high time
we removed this functionality.
This shouldn't influece OSA deployments in any way.
Change-Id: I35829aa35489f06dbb3b65f522f0a08318eccbfa
It is no longer needed because of how we are using python_venv_build
at the moment, so let's remove it.
Depends-On: https://review.openstack.org/648477
Change-Id: I56531388fb49a8c3d098fd762392299742b0e120
The repo build process does many git clone operations. This patch
ensures that the repo server git configuration allows git to detect
and make use of the number of CPU which are present, which
benefits operations such as check out which are highly threaded.
Change-Id: Ib01fc1c560dcb9261c328841d7472c87434edab0
The ssh service on ubuntu based systems is "ssh" which is established by
the service unit path `/lib/systemd/system/ssh.service`. When running
the service will respond to the name "sshd" however this is just an
alias. This change adds a variable to set the service unit name
based on the distro family which will allow the service to start should
it be masked.
Change-Id: I04b9f5ed761270c0bb76b607a6562b511c6f4773
Signed-off-by: Kevin Carter <kevin.carter@rackspace.com>
The repo server relies on SSHD for the repo synchronisation,
so in this patch we ensure that it is installed, enabled and
running.
Change-Id: I0618e76125fc1489903b3518b9bef3999c8c7347
This patch implements nginx as a reverse proxy for python
packages. The initial query will be to a local deployment
of pypiserver in order to serve any locally built packages,
but if the package is not available locally it will retry
the query against pypi and cache the response.
Depends-On: Id20a43fed833d53ca0f147f517deafba6587352d
Change-Id: Ic4fd64f4dc82121a65088f3d7f4ae53f373df608
Implements: blueprint python-build-install-simplification
Signed-off-by: Jesse Pretorius <jesse.pretorius@rackspace.co.uk>
Several install-time tasks are in the post install
tasks, mixed in with the config tasks.
This patch moves them to the pre_install task set
to make a clean break between pre/install/post
tasks and tidies up the tasks a little.
Change-Id: I12bceda01e747bc1c41925a7d4afeca8f7ce9d8e
All the base directorys for the repo packages are placed
In the /var/www/repo directory
Most of the directorys that are placed here are created during
the task repo_post_install.yml however the venvs directory isnt
created till the repo build stage.
this can create a problem for the synchronisation of the
repository
The proposed change creates the directory during the repo server
creation instead of the repo_build process
Change-Id: If1dd5e568e06715f4321c391727d428e2e0805ea
In order to allow an install and config split, but not
to have ssh keys left inside an pre-installed container,
the two tasks are split and tagged appropriately.
Change-Id: I33f4905363d102f65cda8769d1ff95bbce8f08f8
Add support for SUSE based distributions. We also update the bindep.txt,
run_tests.sh, .gitignore, tests-repo-clone.sh and Vagrantfile files
from the openstack-ansible-tests repository.
Change-Id: I5a2b3cae0ed325abb3920e9a684d25898df6027d
The lsyncd service runs as the 'nginx' user such that files sync'd
from the master node to the backups will have 'nginx' as the owner.
However, the apt-cacher-ng service needs to be the owner to function
properly. This fix consolidates the pre and post sync tasks into
a script that can be called by lsyncd. The script can then change
the file owners as needed before and after the rsync. The owners
need to be 'nginx' before the rsync so that lsyncd can update
files and 'apt-cacher-ng' after the sync so the cacher service works.
Additionally, setup lsyncd to sync each service's directory separately
rather than being rsync'd all together. This avoids lsyncd bouncing
services when their respective files are not being sync'd.
Change-Id: Ifaba17b89035398917f2b3257574e18eb9027c08
Closes-bug: #1649339
This patch removes some extra tasks for detecting systemd and uses
the fact instead.
Partial-Bug: #1640125
Change-Id: I213b38b166de724990958a316e577478d7e4823c
The recursive file change on the OpenStackGit directory can cause
issues with git checkouts should any files contain extra bits within
the the git archive. This change simply removes the find + chmod
commands that were being used as they will likely break an upgrade,
both major and minor.
Change-Id: Ic67501edaaf01de63532fae6b655eff17aeb2556
Signed-off-by: Kevin Carter <kevin.carter@rackspace.com>
This change is simply making sure that the repo server has a valid
log directory at "/var/log/nginx". In some cases, generally when
upgrading, this directory may not exists and because the package
is already installed the directory will not be recreated. This
change simply makes sure the log directory is created regardless.
Closes-Bug: #1623778
Change-Id: I823aff32417804d494c46b0d444a518e2601118d
Signed-off-by: Kevin Carter <kevin.carter@rackspace.com>
When the git repository folder contains symbolic links pointing to non
existant files, the task would fail because of ``follow: true``. We
do not really need to follow multiple levels of symlinks, therefore now
we only follow the base directory symlink if needed.
Change-Id: Id1eca14b0a96e5395d778a0666ece87bde8e6c92
The change removes the constraint that would skip setting the directory
permissions in certain cases. Now permissions will be recursively set
and the task will follow symlinks should it encounter any at the provided
path.
This should solve permission related issues on playbook reruns and the
permissions will always be correctly set by the role.
Change-Id: I3d974d578f3e2323415e36c40efa48036b517468
Signed-off-by: Kevin Carter <kevin.carter@rackspace.com>
The attempt to resolve the issue of a pre-existing
link in the place of the directory
( https://review.openstack.org/367563 ) did not work
as the file module requires a source and dest when
implementing a link.
This patch separates the task and only executes the
directory create if there is no link in place.
As per https://github.com/willthames/ansible-lint/issues/161
the mode for all directories is set to include a leading
zero to ensure that it's enforced as octal.
Change-Id: I27a64e8edaee1f652a4b3a95d05941df34824660
When a git cache is implemented, a symlink is already in place
for the git folder when the repo server is prepared. This causes
the directory setup task to fail because the folder already
exists as a link.
This patch detects the presence of the folder and adjusts the
directory creation task to know that it should be a symlink.
The task is re-organised a bit to make it easier to read.
Change-Id: Idca73d6ac4dc3c668b6991ab2aae4784d1fe059d
In I62321a7b62dabca469eb072ddbf4e8f250ce0fb3, git daemon was added to
support hosting git repos from the repo server over the git protocol.
When the integrated build transitions to using it, fastcgi and all
related configuration can be removed.
Depends-On: I09bc504490d4b5114895f7f646fc8254748a7f41
Change-Id: I7ec8277d3883d1f8891de6ae2b0881fe026a34c8
Separate files have been created for vars and tasks related to a
specific package manager.
The 'repo_apt_packages' variable has been deprecated and renamed to
the more generalized 'repo_server_packages' to better describe its
purpose and to simplify reuse of existing install tasks between multiple
distros.
git daemon is configured to host git repositories from the repo servers
using the git protocol.
Currently, openstack-ansible uses git over http to access repositories
on servers created by this role.
fcgiwrap and its configuration within nginx should be removed in a
follow-up patch after openstack-ansible has been updated to use the git
protocol.
Change-Id: I62321a7b62dabca469eb072ddbf4e8f250ce0fb3
The 'python_packages' and 'reports' directories are unused. This patch removes
them from the list of directories created.
Change-Id: If0635616b31e4fa6fa3b32ff3f335fbe95460856
Dmitriy Rabotyagov