Commit Graph

19 Commits

Author SHA1 Message Date
Dmitriy Rabotyagov 8ae6540d0b Fix linters and metadata
With update of ansible-lint to version >=6.0.0 a lot of new
linters were added, that enabled by default. In order to comply
with linter rules we're applying changes to the role.

With that we also update metdata to reflect current state.

Change-Id: I74cefdfa885fa26dd7199fd0798527f511bf329d
2023-07-12 16:07:09 +02:00
Damian Dabrowski 2d0e465fd3 Add TLS support to repo_server backends
By overriding the variable `repo_backend_ssl: True` HTTPS will
be enabled, disabling HTTP support on the repo_server backend.

The ansible-role-pki is used to generate the required TLS
certificates if this functionality is enabled.

Depends-On: https://review.opendev.org/c/openstack/openstack-ansible/+/879085
Change-Id: I5c5d3dd5689ac122781303ad21dacc8a1fa746eb
2023-04-28 11:27:09 +02:00
Jonathan Rosser 03b55edaae Remove all code for lsync, rsync and ssh
Depends-On: https://review.opendev.org/c/openstack/openstack-ansible/+/842571
Change-Id: I4f32c03179a1d8814548a92fc714a5fd9dd3f433
2022-05-19 16:33:18 +00:00
Jonathan Rosser aab7090e4d Use ansible_facts[] instead of fact variables
See https://github.com/ansible/ansible/issues/73654

Change-Id: I3e48000a4685d4df46cd60113ce4c0c02b63dc0c
2021-02-23 09:24:07 +00:00
Georgina 7132acbd3b Allow remote detection of repo sync status
If a repo container and its data are deleted and recreated then it is
not currently possible for a loadbalancer healthcheck to differentiate
between an empty repo server and a correctly synchronised one.

This patch creates a file 'repo-sync-complete' as part of the process
of synchronising repo contents from master repo servers to slaves. The
presence of this file on the slave can then be used as the loadbalancer
healthcheck to ensure that repo contents are only served once sync has
completed.

In addition, this patch ensures that synchronisation occurs from the
master to a reprovisioned slave by triggering a master repo server lsyncd
restart handler during the initial setup of the slave repo server.
Currently, a freshly provisioned repo server will remain empty
for an indeterminate amount of time, this patch forces a complete re-sync
to occur.

Change-Id: I6913341674dbde5524c2270e824bda4544211eca
2020-10-27 13:37:21 +02:00
Jonathan Rosser cf53ebacbd Remove apt-cacher-ng cleanup tasks
The apt-cache was removed a long time ago and these tasks should
already have been removed in the Train release. Remove them now.
There is no change for existing deployments as these tasks are no
longer required as the apt-cache component of the repo server is already
retired.

Change-Id: I42785ee153955eb6e72bef01c26791ae8eec2087
2020-05-02 18:48:59 +00:00
Dmitriy Rabotyagov 748d86411b Remove git deamon functionality
Caching git repositories has been deprecated in Queens, so it's high time
we removed this functionality.
This shouldn't influece OSA deployments in any way.

Change-Id: I35829aa35489f06dbb3b65f522f0a08318eccbfa
2020-05-02 16:53:16 +01:00
Mohammed Naser 44547c7b7b pypiserver: drop pypi server
It is no longer needed because of how we are using python_venv_build
at the moment, so let's remove it.

Depends-On: https://review.openstack.org/648477
Change-Id: I56531388fb49a8c3d098fd762392299742b0e120
2019-03-29 10:02:36 +00:00
Jesse Pretorius 6663637374 Remove apt-cacher-ng
The repo container's package cache causes quite a bit of confusion
given that it's a 'hidden' feature which catches deployers off-guard
when they already have their own cache configured. This is really
the kind of service which people should manage outside of OSA. It
also makes no sense if the deployer is using their own local mirror
which is a fairly common practise. Adding to that, it seems that it
is broken in bionic, causing massive delays in package installs.
Finally, it also adds to quite a bit of complexity due to the fact
that it's in a container - so in the playbooks prior to the container's
existence we have to detect whether it's there and add/remove the config
accordingly.

Let's just remove it and let deployers managing their own caching
infrastructure if they want it.

Change-Id: I829b9cfa16fbd1f9f4d33b5943f1e46623e1b157
2018-10-08 14:48:32 +01:00
zhulingjie 7c8e10977d Remove the unnecessary space
Change-Id: I4edb409131d122b2e426d115ee94c4a986bd3606
2018-07-11 23:02:53 -04:00
Jean-Philippe Evrard 6802793bb9 Fix usage of "|" for tests
With the more recent versions of ansible, we should now use
"is" instead of the "|" sign for the tests.

This should fix it.

Change-Id: Ib73373d8801c9eedd7c6e92b994a2fba0349ed90
2018-07-12 17:01:52 +02:00
Jesse Pretorius 6320c00217 Implement pypiserver and pypi proxy cache
This patch implements nginx as a reverse proxy for python
packages. The initial query will be to a local deployment
of pypiserver in order to serve any locally built packages,
but if the package is not available locally it will retry
the query against pypi and cache the response.

Depends-On: Id20a43fed833d53ca0f147f517deafba6587352d
Change-Id: Ic4fd64f4dc82121a65088f3d7f4ae53f373df608
Implements: blueprint python-build-install-simplification
Signed-off-by: Jesse Pretorius <jesse.pretorius@rackspace.co.uk>
2017-11-24 11:58:18 +00:00
Jesse Pretorius a8997f8cfd Implement consistent restart handlers
Retries and daemon reloads are added to all the handlers
and the ordering of each task is set out according to
the same pattern as they keystone role.

Change-Id: Icc250e811fb89024f3f3c2f9520d1a6c9c21f0d3
2017-11-21 07:35:00 +00:00
Jesse Pretorius 6eb316499f Remove unused variable and handlers
The variable repo_auto_rebuild appears to have been
introduced in kilo, but never used.

The 'Init reload' handler is no longer required as
all services are now managed via systemd and the
service module.

The 'reload ssh' handler is also unused.

Change-Id: I1078ff7d2bd1acd0d1cea90fb90bc632386f0daf
2017-11-21 07:33:57 +00:00
Andy McCrae 997047b558 Remove Trusty Support from repo_server role
Change-Id: Ib5e24fcc7509a312ca8ee6c5811c3f194f16d662
Implements: blueprint trusty-removal
2016-12-15 15:32:32 +00:00
Jimmy McCrory c87a8c1d4c Remove fastcgi and related configuration
In I62321a7b62dabca469eb072ddbf4e8f250ce0fb3, git daemon was added to
support hosting git repos from the repo server over the git protocol.
When the integrated build transitions to using it, fastcgi and all
related configuration can be removed.

Depends-On: I09bc504490d4b5114895f7f646fc8254748a7f41
Change-Id: I7ec8277d3883d1f8891de6ae2b0881fe026a34c8
2016-07-26 16:15:49 -07:00
Kevin Carter 02e58dfda8 Implemented package caching on the repo server
This change implements package caching on the repo server.
To take advantage of this a deploy will need to do nothing more
than setup an apt-proxy configuration file. This will speed up
package delivery while also providing ha capabilities within the
environment.

Change-Id: I78b2fba6a1f294751bd7098513060015cb41300c
Signed-off-by: Kevin Carter <kevin.carter@rackspace.com>
2016-07-22 10:17:54 +00:00
Jimmy McCrory f59bafd778 Updated role for multi-distro support
Separate files have been created for vars and tasks related to a
specific package manager.

The 'repo_apt_packages' variable has been deprecated and renamed to
the more generalized 'repo_server_packages' to better describe its
purpose and to simplify reuse of existing install tasks between multiple
distros.

git daemon is configured to host git repositories from the repo servers
using the git protocol.

Currently, openstack-ansible uses git over http to access repositories
on servers created by this role.
fcgiwrap and its configuration within nginx should be removed in a
follow-up patch after openstack-ansible has been updated to use the git
protocol.

Change-Id: I62321a7b62dabca469eb072ddbf4e8f250ce0fb3
2016-05-13 10:48:57 +00:00
Kevin Carter 725222afee
first commit
Signed-off-by: Kevin Carter <kevin.carter@rackspace.com>
2015-12-09 09:25:37 -06:00