diff --git a/.gitignore b/.gitignore deleted file mode 100644 index 37d0537..0000000 --- a/.gitignore +++ /dev/null @@ -1,2 +0,0 @@ -install/inventories -.vagrant diff --git a/.gitreview b/.gitreview deleted file mode 100644 index 4453a7c..0000000 --- a/.gitreview +++ /dev/null @@ -1,4 +0,0 @@ -[gerrit] -host=review.openstack.org -port=29418 -project=stackforge/compass-install.git diff --git a/README.md b/README.md deleted file mode 100644 index acca6f1..0000000 --- a/README.md +++ /dev/null @@ -1,23 +0,0 @@ -Compass Install -=============== - -How to use examples/compass? ---------------------------------------------- -1. Make sure you have docker installed. -2. Make sure you have working cobbler and chef servers, where all adapter related code has been updated to the latest. -3. Go to your chef server's web UI and create a client with admin privileges, name it as docker-controller. -4. You will have ONE CHANCE to copy the private key, copy it and paste it to replace `conf/chef-client.pem` -5. Go to `examples/compass/conf` directory -6. Edit chef-icehouse.conf, change '10.145.89.140' to your chef server's IP. -7. Edit cobbler.conf and change the IP to your cobbler server's IP. -8. Edit compass.setting - - COMPASS\_SUPPORTED\_PROXY: this is not supported in containerized compass, use the default value - - COMPASS\_SUPPORTED\_DEFAULT_NOPROXY: default value - - COMPASS\_SUPPORTED\_NTP\_SERVER: I am planning to move ntpd to cobbler container, so for now just point this value to any working compass server. - - COMPASS\_DNS\_SERVERS: cobbler server takes care of dns, use cobbler server IP - - COMPASS\_SUPPROTED\_DOMAINS: default - - COMPASS\_SUPPORTED\_DEFAULT_GATEWAY: default - - COMPASS\_SUPPORTED\_LOCAL\_REPO: use `http://$your\_host\_for\_docker:8080` -9. Go to `examples/compass` and run `docker build -t {image_name} .` -10. Once build finishes, run `docker run -d -p 8080:80 -i -t {image_name}` -11. celery log will be displayed on terminal, once the start script finishes running, open your web browser and go to `http://$your\_host\_for\_docker:8080` diff --git a/README.rst b/README.rst new file mode 100644 index 0000000..9006052 --- /dev/null +++ b/README.rst @@ -0,0 +1,7 @@ +This project is no longer maintained. + +The contents of this repository are still available in the Git source code +management system. To see the contents of this repository before it reached +its end of life, please check out the previous commit with +"git checkout HEAD^1". + diff --git a/Vagrantfile b/Vagrantfile deleted file mode 100644 index 4ebd303..0000000 --- a/Vagrantfile +++ /dev/null @@ -1,43 +0,0 @@ -Vagrant.configure("2") do |config| - config.vm.define :compass_vm do |compass_vm| - compass_vm.vm.box = "precise64" - compass_vm.vm.network :private_network, :ip=>"10.1.0.11", :libvirt__dhcp_enabled=>false - compass_vm.vm.provider :libvirt do |domain| - domain.memory = 2048 - domain.cpus =2 - domain.nested =true - domain.graphics_ip="0.0.0.0" - end - compass_vm.vm.provision "ansible" do |ansible| - ansible.playbook="install/allinone_nochef.yml" - end - end - config.vm.define :compass_nodocker do |compass_nodocker| - compass_nodocker.vm.box = "centos65" - compass_nodocker.vm.network :private_network, :ip=>"10.1.0.12", :libvirt__dhcp_enabled=>false - compass_nodocker.vm.provider :libvirt do |domain| - domain.memory = 4096 - domain.cpus =4 - domain.nested =true - domain.graphics_ip="0.0.0.0" - domain.management_network_address="192.168.200.0/24" - end - compass_nodocker.vm.provision "ansible" do |ansible| - ansible.playbook="install/compass_nodocker.yml" -# ansible.tags="debug" - end - end - config.vm.define :regtest_vm do |regtest_vm| - regtest_vm.vm.box = "centos65" - regtest_vm.vm.network :private_network, :ip=>"10.1.0.253", :libvirt__dhcp_enabled=>false - regtest_vm.vm.provider :libvirt do |domain| - domain.memory = 1024 - domain.cpus = 2 - domain.nested = true - domain.graphics_ip="0.0.0.0" - end - regtest_vm.vm.provision "ansible" do |ansible| - ansible.playbook="install/regtest.yml" - end - end -end diff --git a/ci/Vagrantfile b/ci/Vagrantfile deleted file mode 100644 index 4ebd303..0000000 --- a/ci/Vagrantfile +++ /dev/null @@ -1,43 +0,0 @@ -Vagrant.configure("2") do |config| - config.vm.define :compass_vm do |compass_vm| - compass_vm.vm.box = "precise64" - compass_vm.vm.network :private_network, :ip=>"10.1.0.11", :libvirt__dhcp_enabled=>false - compass_vm.vm.provider :libvirt do |domain| - domain.memory = 2048 - domain.cpus =2 - domain.nested =true - domain.graphics_ip="0.0.0.0" - end - compass_vm.vm.provision "ansible" do |ansible| - ansible.playbook="install/allinone_nochef.yml" - end - end - config.vm.define :compass_nodocker do |compass_nodocker| - compass_nodocker.vm.box = "centos65" - compass_nodocker.vm.network :private_network, :ip=>"10.1.0.12", :libvirt__dhcp_enabled=>false - compass_nodocker.vm.provider :libvirt do |domain| - domain.memory = 4096 - domain.cpus =4 - domain.nested =true - domain.graphics_ip="0.0.0.0" - domain.management_network_address="192.168.200.0/24" - end - compass_nodocker.vm.provision "ansible" do |ansible| - ansible.playbook="install/compass_nodocker.yml" -# ansible.tags="debug" - end - end - config.vm.define :regtest_vm do |regtest_vm| - regtest_vm.vm.box = "centos65" - regtest_vm.vm.network :private_network, :ip=>"10.1.0.253", :libvirt__dhcp_enabled=>false - regtest_vm.vm.provider :libvirt do |domain| - domain.memory = 1024 - domain.cpus = 2 - domain.nested = true - domain.graphics_ip="0.0.0.0" - end - regtest_vm.vm.provision "ansible" do |ansible| - ansible.playbook="install/regtest.yml" - end - end -end diff --git a/ci/conf/four-ansible.conf b/ci/conf/four-ansible.conf deleted file mode 100644 index c7b8393..0000000 --- a/ci/conf/four-ansible.conf +++ /dev/null @@ -1,40 +0,0 @@ -export VIRT_NUMBER=4 -export VIRT_CPUS=4 -export VIRT_MEM=4096 -export VIRT_DISK=30G -export COMPASS_SERVER_URL="http://10.1.0.12/api" -export COMPASS_USER_EMAIL="admin@huawei.com" -export COMPASS_USER_PASSWORD="admin" -export CLUSTER_NAME="opnfv" -export LANGUAGE="EN" -export TIMEZONE="America/Los_Angeles" -export HOSTNAMES="host1,host2,host3,host4" -export NTP_SERVER="10.1.0.12" -export NAMESERVERS="10.1.0.12" -export DOMAIN="ods.com" -export PARTITIONS="/home=5%,/tmp=5%,/var=20%" -export SUBNETS="10.1.0.0/24,172.16.2.0/24,172.16.3.0/24,172.16.4.0/24" -export 'ADAPTER_OS_PATTERN=(?i)ubuntu-14\.04.*' -#export 'ADAPTER_OS_PATTERN=(?i)centos-6\.5.*' -export ADAPTER_NAME="openstack_juno" -export ADAPTER_TARGET_SYSTEM_PATTERN="^openstack$" -export ADAPTER_FLAVOR_PATTERN="single-controller" -export HOST_ROLES="host1=controller;host2=network;host3=compute;host4=storage" -export DEFAULT_ROLES="controller" -export PROXY="" -export IGNORE_PROXY="" -export SEARCH_PATH="ods.com" -export GATEWAY="10.1.0.1" -export SERVER_CREDENTIAL="root" -export LOCAL_REPO_URL="" -export OS_CONFIG_FILENAME="" -export SERVICE_CREDENTIALS="service" -export CONSOLE_CREDENTIALS="console" -export HOST_NETWORKS="host1:eth0=10.1.0.100|is_mgmt,eth1=172.16.2.100,eth2=172.16.3.100,eth3=172.16.4.100;host2:eth0=10.1.0.101|is_mgmt,eth1=172.16.2.101,eth2=172.16.3.101,eth3=172.16.4.101;host3:eth0=10.1.0.102|is_mgmt,eth1=172.16.2.102;host4:eth0=10.1.0.103|is_mgmt,eth1=172.16.2.103" -export NETWORK_MAPPING="management=eth0,tenant=eth1,storage=eth3,external=eth2" -export PACKAGE_CONFIG_FILENAME="" -export SWITCH_IPS="1.1.1.1" -export SWITCH_CREDENTIAL="version=2c,community=public" -export DEPLOYMENT_TIMEOUT="90" -export POLL_SWITCHES_FLAG="nopoll_switches" -export DASHBOARD_URL="" diff --git a/ci/conf/two.conf b/ci/conf/two.conf deleted file mode 100644 index b923418..0000000 --- a/ci/conf/two.conf +++ /dev/null @@ -1,40 +0,0 @@ -export VIRT_NUMBER=2 -export VIRT_CPUS=4 -export VIRT_MEM=4096 -export VIRT_DISK=30G -export COMPASS_SERVER_URL="http://10.1.0.12/api" -export COMPASS_USER_EMAIL="admin@huawei.com" -export COMPASS_USER_PASSWORD="admin" -export CLUSTER_NAME="opnfv" -export LANGUAGE="EN" -export TIMEZONE="America/Los_Angeles" -export HOSTNAMES="host1,host2" -export NTP_SERVER="10.1.0.12" -export NAMESERVERS="10.1.0.12" -export DOMAIN="ods.com" -export PARTITIONS="/home=5%,/tmp=5%,/var=20%" -export SUBNETS="10.1.0.0/24,172.16.2.0/24,172.16.3.0/24,172.16.4.0/24" -export 'ADAPTER_OS_PATTERN=(?i)ubuntu-14\.04.*' -#export 'ADAPTER_OS_PATTERN=(?i)centos-6\.5.*' -export ADAPTER_NAME="os_only" -export ADAPTER_TARGET_SYSTEM_PATTERN="" -export ADAPTER_FLAVOR_PATTERN="" -export PROXY="" -export IGNORE_PROXY="" -export SEARCH_PATH="ods.com" -export GATEWAY="10.1.0.1" -export SERVER_CREDENTIAL="root" -export LOCAL_REPO_URL="" -export OS_CONFIG_FILENAME="" -export SERVICE_CREDENTIALS="service" -export CONSOLE_CREDENTIALS="console" -export HOST_NETWORKS="host1:eth0=10.1.0.100|is_mgmt,eth1=172.16.2.100,eth2=172.16.3.100,eth3=172.16.4.100;host2:eth0=10.1.0.101|is_mgmt,eth1=172.16.2.101,eth2=172.16.3.101,eth3=172.16.4.101" -export NETWORK_MAPPING="management=eth0,tenant=eth1,storage=eth3,external=eth2" -export PACKAGE_CONFIG_FILENAME="" -export HOST_ROLES="" -export DEFAULT_ROLES="" -export SWITCH_IPS="1.1.1.1" -export SWITCH_CREDENTIAL="version=2c,community=public" -export DEPLOYMENT_TIMEOUT="90" -export POLL_SWITCHES_FLAG="nopoll_switches" -export DASHBOARD_URL="" diff --git a/ci/deploy-vm.sh b/ci/deploy-vm.sh deleted file mode 100644 index be536b5..0000000 --- a/ci/deploy-vm.sh +++ /dev/null @@ -1,44 +0,0 @@ -cd .. -rm -rf compass-core -git clone http://git.openstack.org/stackforge/compass-core -b dev/experimental -cd compass-core -virtualenv venv -source venv/bin/activate -pip install -e . -if [[ ! -f /var/log/compass ]]; then - sudo mkdir /var/log/compass - sudo chown -R 777 /var/log/compass -fi -if [[ ! -f /etc/compass ]]; then - sudo mkdir /etc/compass - sudo cp -rf conf/setting /etc/compass/. -fi -cp bin/switch_virtualenv.py.template bin/switch_virtualenv.py -sed -i "s|\$PythonHome|$VIRTUAL_ENV|g" bin/switch_virtualenv.py -#source ../compass-install/ci/allinone.conf -bin/client.py --logfile= --loglevel=debug --logdir= --compass_server="${COMPASS_SERVER_URL}" \ ---compass_user_email="${COMPASS_USER_EMAIL}" --compass_user_password="${COMPASS_USER_PASSWORD}" \ ---cluster_name="${CLUSTER_NAME}" --language="${LANGUAGE}" --timezone="${TIMEZONE}" \ ---hostnames="${HOSTNAMES}" --partitions="${PARTITIONS}" --subnets="${SUBNETS}" \ ---adapter_os_pattern="${ADAPTER_OS_PATTERN}" --adapter_name="${ADAPTER_NAME}" \ ---adapter_target_system_pattern="${ADAPTER_TARGET_SYSTEM_PATTERN}" \ ---adapter_flavor_pattern="${ADAPTER_FLAVOR_PATTERN}" \ ---http_proxy="${PROXY}" --https_proxy="${PROXY}" --no_proxy="${IGNORE_PROXY}" \ ---ntp_server="${NTP_SERVER}" --dns_servers="${NAMESERVERS}" --domain="${DOMAIN}" \ ---search_path="${SEARCH_PATH}" --default_gateway="${GATEWAY}" \ ---server_credential="${SERVER_CREDENTIAL}" --local_repo_url="${LOCAL_REPO_URL}" \ ---os_config_json_file="${OS_CONFIG_FILENAME}" --service_credentials="${SERVICE_CREDENTIALS}" \ ---console_credentials="${CONSOLE_CREDENTIALS}" --host_networks="${HOST_NETWORKS}" \ ---network_mapping="${NETWORK_MAPPING}" --package_config_json_file="${PACKAGE_CONFIG_FILENAME}" \ ---host_roles="${HOST_ROLES}" --default_roles="${DEFAULT_ROLES}" --switch_ips="${SWITCH_IPS}" \ ---machines=${machines//\'} --switch_credential="${SWITCH_CREDENTIAL}" \ ---deployment_timeout="${DEPLOYMENT_TIMEOUT}" --${POLL_SWITCHES_FLAG} --dashboard_url="${DASHBOARD_URL}" -tear_down_machines -#cd ../compass-install -#sudo vagrant destroy compass_nodocker -if [[ $? != 0 ]]; then - echo "deployment failed" - exit 1 -else - echo "deployment complete" -fi diff --git a/ci/deploy.sh b/ci/deploy.sh deleted file mode 100755 index 38498e7..0000000 --- a/ci/deploy.sh +++ /dev/null @@ -1,4 +0,0 @@ -SCRIPT_DIR=$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd ) -source ${SCRIPT_DIR}/prepare.sh || exit $? -source ${SCRIPT_DIR}/setup-env.sh || exit $? -source ${SCRIPT_DIR}/deploy-vm.sh || exit $? diff --git a/ci/func.sh b/ci/func.sh deleted file mode 100644 index 29c2c23..0000000 --- a/ci/func.sh +++ /dev/null @@ -1,20 +0,0 @@ -function tear_down_machines() { - virtmachines=$(virsh list --name |grep pxe) - for virtmachine in $virtmachines; do - echo "destroy $virtmachine" - virsh destroy $virtmachine - if [[ "$?" != "0" ]]; then - echo "destroy instance $virtmachine failed" - exit 1 - fi - done - virtmachines=$(virsh list --all --name |grep pxe) - for virtmachine in $virtmachines; do - echo "undefine $virtmachine" - virsh undefine $virtmachine - if [[ "$?" != "0" ]]; then - echo "undefine instance $virtmachine failed" - exit 1 - fi - done -} diff --git a/ci/mac_generator.sh b/ci/mac_generator.sh deleted file mode 100755 index 1ee5ebf..0000000 --- a/ci/mac_generator.sh +++ /dev/null @@ -1,23 +0,0 @@ -#!/bin/bash -function mac_address_part() { - hex_number=$(printf '%02x' $RANDOM) - number_length=${#hex_number} - number_start=$(expr $number_length - 2) - echo ${hex_number:$number_start:2} -} - -function mac_address() { - echo "'00:00:$(mac_address_part):$(mac_address_part):$(mac_address_part):$(mac_address_part)'" -} - -machines='' -for i in `seq $1`; do - mac=$(mac_address) - - if [[ -z $machines ]]; then - machines="${mac}" - else - machines="${machines} ${mac}" - fi -done -echo ${machines} diff --git a/ci/prepare.sh b/ci/prepare.sh deleted file mode 100644 index 9f87812..0000000 --- a/ci/prepare.sh +++ /dev/null @@ -1,35 +0,0 @@ -sudo apt-get update -y -sudo apt-get install git python-pip python-dev -y -vagrant --version -if [[ $? != 0 ]]; then - vagrant_pkg_url=https://dl.bintray.com/mitchellh/vagrant/vagrant_1.7.2_x86_64.deb - wget ${vagrant_pkg_url} - sudo dpkg -i $(basename ${vagrant_pkg_url}) -else - echo "vagrant is already installed" -fi -sudo apt-get install libxslt-dev libxml2-dev libvirt-dev build-essential qemu-utils qemu-kvm libvirt-bin virtinst libmysqld-dev -y -sudo service libvirt-bin restart - -for plugin in vagrant-libvirt vagrant-mutate; do - vagrant plugin list |grep $plugin - if [[ $? != 0 ]]; then - vagrant plugin install $plugin - else - echo "$plugin plugin is already installed" - fi -done - -#precise_box_vb_url=https://cloud-images.ubuntu.com/vagrant/precise/current/precise-server-cloudimg-amd64-vagrant-disk1.box -#precise_box_vb_filename=$(basename ${precise_box_vb_url}) -centos65_box_vb_url=https://developer.nrel.gov/downloads/vagrant-boxes/CentOS-6.5-x86_64-v20140504.box -centos65_box_vb_filename=$(basename ${centos65_box_vb_url}) -#wget ${precise_box_vb_url} -vagrant box list |grep centos65 -if [[ $? != 0 ]]; then - wget ${centos65_box_vb_url} - mv ${centos65_box_vb_filename} centos65.box - vagrant mutate centos65.box libvirt -else - echo "centos65 box already exists" -fi diff --git a/ci/setup-env.sh b/ci/setup-env.sh deleted file mode 100644 index d3613b8..0000000 --- a/ci/setup-env.sh +++ /dev/null @@ -1,60 +0,0 @@ -#rm -rf compass-install -#git clone http://git.openstack.org/stackforge/compass-install -#cd compass-install - -function join { local IFS="$1"; shift; echo "$*"; } -source ${SCRIPT_DIR}/conf/two.conf -source ${SCRIPT_DIR}/func.sh -if [[ ! -z $VIRT_NUMBER ]]; then - mac_array=$(${SCRIPT_DIR}/mac_generator.sh $VIRT_NUMBER) - mac_list=$(join , $mac_array) - echo "pxe_boot_macs: [${mac_list}]" >> ${SCRIPT_DIR}/../install/group_vars/all - echo "test: true" >> ${SCRIPT_DIR}/../install/group_vars/all -fi -virsh list |grep compass_nodocker -if [[ $? != 0 ]]; then - sudo vagrant up compass_nodocker -else - sudo vagrant provision compass_nodocker -fi -if [[ $? != 0 ]]; then - echo "installation of compass failed" - sudo vagrant destroy compass_nodocker - exit 1 -fi -echo "compass is up" - -tear_down_machines -if [[ -n $mac_array ]]; then - echo "bringing up pxe boot vms" - i=0 - for mac in $mac_array; do - echo "creating vm disk for instance pxe${i}" - sudo qemu-img create -f raw /home/pxe${i}.raw ${VIRT_DISK} - sudo virt-install --accelerate --hvm --connect qemu:///system \ - --name pxe$i --ram=$VIRT_MEM --pxe --disk /home/pxe$i.raw,format=raw \ - --vcpus=$VIRT_CPUS --graphics vnc,listen=0.0.0.0 \ - --network=bridge:virbr2,mac=$mac \ - --network=bridge:virbr2 \ - --network=bridge:virbr2 \ - --network=bridge:virbr2 \ - --noautoconsole --autostart --os-type=linux --os-variant=rhel6 - if [[ $? != 0 ]]; then - echo "launching pxe${i} failed" - exit 1 - fi - echo "checking pxe${i} state" - state=$(virsh domstate pxe${i}) - if [[ "$state" == "running" ]]; then - echo "pxe${i} is running" - sudo virsh destroy pxe${i} - fi - echo "add network boot option and make pxe${i} reboot if failing" - sudo sed -i "// a\ " /etc/libvirt/qemu/pxe${i}.xml - sudo sed -i "// a\ " /etc/libvirt/qemu/pxe${i}.xml - sudo virsh define /etc/libvirt/qemu/pxe${i}.xml - sudo virsh start pxe${i} - let i=i+1 - done -fi -machines=${mac_list} diff --git a/ci/test.sh b/ci/test.sh deleted file mode 100644 index 71c2fde..0000000 --- a/ci/test.sh +++ /dev/null @@ -1,127 +0,0 @@ -sudo apt-get update -y -sudo apt-get install git python-pip python-dev -y -vagrant_pkg_url=https://dl.bintray.com/mitchellh/vagrant/vagrant_1.7.2_x86_64.deb -wget ${vagrant_pkg_url} -sudo dpkg -i $(basename ${vagrant_pkg_url}) -sudo apt-get install libxslt-dev libxml2-dev libvirt-dev build-essential qemu-utils qemu-kvm libvirt-bin virtinst -y -sudo service libvirt-bin restart -vagrant plugin install vagrant-libvirt -vagrant plugin install vagrant-mutate -precise_box_vb_url=https://cloud-images.ubuntu.com/vagrant/precise/current/precise-server-cloudimg-amd64-vagrant-disk1.box -precise_box_vb_filename=$(basename ${precise_box_vb_url}) -centos65_box_vb_url=https://developer.nrel.gov/downloads/vagrant-boxes/CentOS-6.5-x86_64-v20140504.box -centos65_box_vb_filename=$(basename ${centos65_box_vb_url}) -wget ${precise_box_vb_url} -wget ${centos65_box_vb_url} -mv ${precise_box_vb_filename} precise64.box -mv ${centos65_box_vb_filename} centos65.box -vagrant mutate precise64.box libvirt -vagrant mutate centos65.box libvirt -sudo pip install ansible -git clone http://git.openstack.org/stackforge/compass-install -cd compass-install - -function join { local IFS="$1"; shift; echo "$*"; } - -if [[ ! -z $VIRT_NUMBER ]]; then - mac_array=$(ci/mac_generator.sh $VIRT_NUMBER) - mac_list=$(join , $mac_array) - echo "pxe_boot_macs: [${mac_list}]" >> install/group_vars/all - echo "test: true" >> install/group_vars/all -fi -sudo vagrant up compass_vm -if [[ $? != 0 ]]; then - sudo vagrant provision compass_vm - if [[ $? != 0 ]]; then - echo "provisioning of compass failed" - exit 1 - fi -fi -echo "compass is up" - -if [[ -n $mac_array ]] - echo "bringing up pxe boot vms" - i=0 - for mac in "$mac_array"; do - virsh list |grep pxe${i} - if [[ $? == 0 ]]; then - virsh destroy pxe${i} - virsh undefine pxe${i} - fi - virsh list --all |grep pxe${i} - if [[ $? == 0 ]]; then - virsh undefine pxe${i} - fi - echo "creating vm disk for instance pxe${i}" - sudo qemu-img create -f raw /home/pxe${i}.raw ${VIRT_DISK} - sudo virt-install --accelerate --hvm --connect qemu:///system \ - --name pxe$i --ram=$VIRT_MEM --pxe --disk /home/pxe$i.raw,format=raw \ - --vcpus=$VIRT_CPUS --graphics vnc,listen=0.0.0.0 \ - --network=bridge:virbr2,mac=$mac \ - --network=bridge:virbr2 - --network=bridge:virbr2 - --network=bridge:virbr2 - --noautoconsole --autostart --os-type=linux --os-variant=rhel6 - if [[ $? != 0 ]]; then - echo "launching pxe${i} failed" - exit 1 - fi - echo "checking pxe${i} state" - state=$(virsh domstate pxe${i}) - if [[ "$state" == "running" ]]; then - echo "pxe${i} is running" - sudo virsh destroy pxe${i} - fi - echo "add network boot option and make pxe${i} reboot if failing" - sudo sed -i "// a\ " /etc/libvirt/qemu/pxe${i}.xml - sudo sed -i "// a\ " /etc/libvirt/qemu/pxe${i}.xml - sudo virsh define /etc/libvirt/qemu/pxe${i}.xml - sudo virsh start pxe${i} - let i=i+1 - done -fi - -rm -rf compass-core -git clone http://git.openstack.org/stackforge/compass-core -b dev/experimental -cd compass-core -virtualenv venv -source venv/bin/activate -pip install -e . -if [[ ! -f /var/log/compass ]]; then - sudo mkdir /var/log/compass - sudo chown -R 777 /var/log/compass -fi -if [[ ! -f /etc/compass ]]; then - sudo mkdir /etc/compass - sudo cp -rf conf/setting /etc/compass/. -fi -cp bin/switch_virtualenv.py.template bin/switch_virtualenv.py -sed -i "s|\$PythonHome|$VIRTUAL_ENV|g" /opt/compass/bin/switch_virtualenv.py -source ../compass-install/ci/allinone.conf -bin/client.py --logfile= --loglevel=debug --logdir= --compass_server="${COMPASS_SERVER_URL}" \ ---compass_user_email="${COMPASS_USER_EMAIL}" --compass_user_password="${COMPASS_USER_PASSWORD}" \ ---cluster_name="${CLUSTER_NAME}" --language="${LANGUAGE}" --timezone="${TIMEZONE}" \ ---hostnames="${HOSTNAMES}" --partitions="${PARTITIONS}" --subnets="${SUBNETS}" \ ---adapter_os_pattern="${ADAPTER_OS_PATTERN}" --adapter_name="${ADAPTER_NAME}" \ ---adapter_target_system_pattern="${ADAPTER_TARGET_SYSTEM_PATTERN}" \ ---adapter_flavor_pattern="${ADAPTER_FLAVOR_PATTERN}" \ ---http_proxy="${PROXY}" --https_proxy="${PROXY}" --no_proxy="${IGNORE_PROXY}" \ ---ntp_server="${NTP_SERVER}" --dns_servers="${NAMESERVERS}" --domain="${DOMAIN}" \ ---search_path="${SEARCH_PATH}" --default_gateway="${GATEWAY}" \ ---server_credential="${SERVER_CREDENTIAL}" --local_repo_url="${LOCAL_REPO_URL}" \ ---os_config_json_file="${OS_CONFIG_FILENAME}" --service_credentials="${SERVICE_CREDENTIALS}" \ ---console_credentials="${CONSOLE_CREDENTIALS}" --host_networks="${HOST_NETWORKS}" \ ---network_mapping="${NETWORK_MAPPING}" --package_config_json_file="${PACKAGE_CONFIG_FILENAME}" \ ---host_roles="${HOST_ROLES}" --default_roles="${DEFAULT_ROLES}" --switch_ips="${SWITCH_IPS}" \ ---machines="${machines}" --switch_credential="${SWITCH_CREDENTIAL}" \ ---deployment_timeout="${DEPLOYMENT_TIMEOUT}" --${POLL_SWITCHES_FLAG} --dashboard_url="${DASHBOARD_URL}" -#sudo vagrant up regtest_vm -#if [[ $? != 0 ]]; then -# sudo vagrant provision regtest_vm -# if [[ $? != 0 ]]; then -# echo "deployment of cluster failed" -# exit 1 -# fi -#fi -#echo "deployment of cluster complete" - diff --git a/docker/build/cobbler/Dockerfile b/docker/build/cobbler/Dockerfile deleted file mode 100644 index 20e2be7..0000000 --- a/docker/build/cobbler/Dockerfile +++ /dev/null @@ -1,150 +0,0 @@ -FROM centos:centos6 - -ADD conf/setup.conf /tmp/setup.conf -ADD conf/cobbler_web.conf /etc/httpd/conf.d/cobbler_web.conf -ADD conf/ssl.conf /etc/httpd/conf.d/ssl.conf -ADD conf/tftpd.template /etc/cobbler/tftpd.template -ADD conf/modules.conf /etc/cobbler/modules.conf -ADD conf/distributions /tmp/distributions -ADD conf/dhcp.template /etc/cobbler/dhcp.template -RUN chmod +x /tmp/setup.conf - -# add epel repo and atomic(for installing reprepro: a command tool to build debian repos) repo -RUN source /tmp/setup.conf && \ - rpm -Uvh $EPEL7 && \ - sed -i 's/^mirrorlist=https/mirrorlist=http/g' /etc/yum.repos.d/epel.repo && \ - rpm -Uvh $ATOMIC && \ - sed -i 's/^mirrorlist=https/mirrorlist=http/g' /etc/yum.repos.d/atomic.repo - -RUN yum clean all && \ - yum update -y --skip-broken && \ - yum install -y syslinux bind rsync dhcp xinetd tftp-server gcc httpd cobbler cobbler-web createrepo mkisofs python-cheetah python-simplejson python-urlgrabber PyYAML PyYAML Django cman pykickstart reprepro git wget debmirror cman openssl openssl098e - -# configure cobbler web and ssl -RUN mkdir -p /root/backup/cobbler && \ - cp -rn /etc/httpd/conf.d /root/backup/cobbler && \ - chmod 644 /etc/httpd/conf.d/cobbler_web.conf && \ - chmod 644 /etc/httpd/conf.d/ssl.conf - -# update tftpd template -RUN chmod 644 /etc/cobbler/tftpd.template - -# update modules conf -RUN chmod 644 /etc/cobbler/modules.conf - -# setup cobbler default web username password: cobbler/cobbler -RUN (echo -n "cobbler:Cobbler:" && echo -n "cobbler:Cobbler:cobbler" | md5sum - | cut -d' ' -f1) > /etc/cobbler/users.digest - - -# get adapters code -WORKDIR /root/ -RUN git clone -b dev/experimental https://git.openstack.org/stackforge/compass-adapters.git && \ - cp -rn /var/lib/cobbler/snippets /root/backup/cobbler/ && \ - cp -rn /var/lib/cobbler/scripts /root/backup/cobbler && \ - cp -rn /var/lib/cobbler/kickstarts/ /root/backup/cobbler/ && \ - cp -rn /var/lib/cobbler/triggers /root/backup/cobbler/ && \ - rm -rf /var/lib/cobbler/snippets/* && \ - cp -rf compass-adapters/cobbler/snippets/* /var/lib/cobbler/snippets/ && \ - cp -rf compass-adapters/cobbler/scripts/* /var/lib/cobbler/scripts/ && \ - cp -rf compass-adapters/cobbler/triggers/* /var/lib/cobbler/triggers/ && \ - chmod 777 /var/lib/cobbler/snippets && \ - chmod 777 /var/lib/cobbler/scripts && \ - chmod -R 666 /var/lib/cobbler/snippets/* && \ - chmod -R 666 /var/lib/cobbler/scripts/* && \ - chmod -R 755 /var/lib/cobbler/triggers && \ - rm -f /var/lib/cobbler/kickstarts/default.ks && \ - rm -f /var/lib/cobbler/kickstarts/default.seed && \ - cp -rf compass-adapters/cobbler/kickstarts/default.ks /var/lib/cobbler/kickstarts/ && \ - cp -rf compass-adapters//cobbler/kickstarts/default.seed /var/lib/cobbler/kickstarts/ && \ - chmod 666 /var/lib/cobbler/kickstarts/default.ks && \ - chmod 666 /var/lib/cobbler/kickstarts/default.seed && \ - mkdir -p /var/www/cblr_ks && \ - chmod 755 /var/www/cblr_ks && \ - cp -rf compass-adapters/cobbler/conf/cobbler.conf /etc/httpd/conf.d/ && \ - chmod 644 /etc/httpd/conf.d/cobbler.conf && \ - export passwd=$(openssl passwd -1 -salt 'huawei' '123456') && \ - sed -i "s,^default_password_crypted:[ \t]\+\"\(.*\)\",default_password_crypted: \"$cobbler_passwd\",g" /etc/cobbler/settings && \ - chmod 644 /etc/cobbler/settings - - -# disable selinux -RUN echo 0 > /selinux/enforce - -# create log dirs -RUN mkdir -p /var/log/cobbler && \ - mkdir -p /var/log/cobbler/tasks && \ - mkdir -p /var/log/cobbler/anamon && \ - chmod -R 777 /var/log/cobbler - -# create centos ppa repo dir -RUN rm -rf /var/lib/cobbler/repo_mirror/centos_ppa_repo && \ - mkdir -p /var/lib/cobbler/repo_mirror/centos_ppa_repo - -# download centos repo pkgs -WORKDIR /var/lib/cobbler/repo_mirror/centos_ppa_repo -ADD conf/setup.conf /tmp/setup.conf -RUN source /tmp/setup.conf && \ - wget $NTP && \ - wget $SSH_CLIENTS && \ - wget $OPENSSH && \ - wget $IPROUTE && \ - wget $WGET && \ - wget $NTPDATE && \ - wget $YUM_PRIORITIES && \ - wget $JSONC && \ - wget $LIBESTR && \ - wget $LIBGT && \ - wget $LIBLOGGING && \ - wget $RSYSLOG && \ - wget $CHEF_CLIENT_CENTOS - -# creating ubuntu repo -RUN rm -rf /var/lib/cobbler/repo_mirror/ubuntu_ppa_repo && \ - mkdir -p /var/lib/cobbler/repo_mirror/ubuntu_ppa_repo/conf && \ - mv /tmp/distributions /var/lib/cobbler/repo_mirror/ubuntu_ppa_repo/conf/distributions && \ - chmod 644 /var/lib/cobbler/repo_mirror/ubuntu_ppa_repo/conf/distributions && \ - wget -O /var/lib/cobbler/repo_mirror/ubuntu_ppa_repo/chef_11.8.0-1.ubuntu.12.04_amd64.deb http://opscode-omnibus-packages.s3.amazonaws.com/ubuntu/12.04/x86_64/chef_11.8.0-1.ubuntu.12.04_amd64.deb - -ADD conf/1404_distributions /tmp/1404_distributions - -RUN rm -rf /var/lib/cobbler/repo_mirror/ubuntu_14_04_ppa_repo && \ - mkdir -p /var/lib/cobbler/repo_mirror/ubuntu_14_04_ppa_repo/conf && \ - mv /tmp/1404_distributions /var/lib/cobbler/repo_mirror/ubuntu_14_04_ppa_repo/conf/distributions && \ - chmod 644 /var/lib/cobbler/repo_mirror/ubuntu_14_04_ppa_repo/conf/distributions && \ - wget -O /var/lib/cobbler/repo_mirror/ubuntu_14_04_ppa_repo/chef_12.1.1-1_amd64.deb https://opscode-omnibus-packages.s3.amazonaws.com/ubuntu/13.04/x86_64/chef_12.1.1-1_amd64.deb - - -# create repos -WORKDIR /var/lib/cobbler/repo_mirror -RUN createrepo centos_ppa_repo && \ - find ubuntu_ppa_repo -name \*.deb -exec reprepro -Vb ubuntu_ppa_repo includedeb ppa {} \; && \ - find ubuntu_14_04_ppa_repo -name \*.deb -exec reprepro -Vb ubuntu_14_04_ppa_repo includedeb ppa {} \; - -# add repos to cobbler repo and get loaders -RUN /usr/sbin/apachectl -k start && \ - /usr/bin/cobblerd start \& && \ - cobbler repo add --mirror=/var/lib/cobbler/repo_mirror/centos_ppa_repo --name=centos_ppa_repo --mirror-locally=Y --arch=x86_64 && \ - cobbler repo add --mirror=/var/lib/cobbler/repo_mirror/ubuntu_ppa_repo --name=ubuntu_ppa_repo --mirror-locally=Y --arch=x86_64 && \ - cobbler repo add --mirror=/var/lib/cobbler/repo_mirror/ubuntu_14_04_ppa_repo --name=ubuntu_14_04_ppa_repo --mirror-locally=Y --arch=x86_64 && \ - cobbler reposync && \ - cobbler get-loaders - -ADD conf/cobbler.settings /etc/cobbler/settings -RUN sed -i 's/disable\([ \t]\+\)=\([ \t]\+\)yes/disable\1=\2no/g' /etc/xinetd.d/rsync && \ - sed -i 's/^@dists=/# @dists=/g' /etc/debmirror.conf && \ - sed -i 's/^@arches=/# @arches=/g' /etc/debmirror.conf - -# create mount points -RUN mkdir -p /var/lib/cobbler/mount_point -VOLUME ["/var/lib/cobbler/mount_point"] -ADD scripts/start /root/start -RUN chmod +x /root/start -CMD ["/root/start"] - - -EXPOSE 80 -EXPOSE 69 69/udp -EXPOSE 53 53/udp -EXPOSE 25151 -EXPOSE 443 -EXPOSE 873 diff --git a/docker/build/cobbler/conf/1404_distributions b/docker/build/cobbler/conf/1404_distributions deleted file mode 100644 index 7f61215..0000000 --- a/docker/build/cobbler/conf/1404_distributions +++ /dev/null @@ -1,8 +0,0 @@ -Origin: ppa -Label: ppa_repo -Suite: stable -Codename: ppa -Version: 0.1 -Architectures: i386 amd64 source -Components: main -Description: ppa repo diff --git a/docker/build/cobbler/conf/cobbler.settings b/docker/build/cobbler/conf/cobbler.settings deleted file mode 100644 index eb965d2..0000000 --- a/docker/build/cobbler/conf/cobbler.settings +++ /dev/null @@ -1,450 +0,0 @@ ---- -# cobbler settings file -# restart cobblerd and run "cobbler sync" after making changes -# This config file is in YAML 1.0 format -# see http://yaml.org -# ========================================================== -# if 1, cobbler will allow insertions of system records that duplicate -# the --dns-name information of other system records. In general, -# this is undesirable and should be left 0. -allow_duplicate_hostnames: 0 - -# if 1, cobbler will allow insertions of system records that duplicate -# the ip address information of other system records. In general, -# this is undesirable and should be left 0. -allow_duplicate_ips: 0 - -# if 1, cobbler will allow insertions of system records that duplicate -# the mac address information of other system records. In general, -# this is undesirable. -allow_duplicate_macs: 0 - -# if 1, cobbler will allow settings to be changed dynamically without -# a restart of the cobblerd daemon. You can only change this variable -# by manually editing the settings file, and you MUST restart cobblerd -# after changing it. -allow_dynamic_settings: 0 - -# by default, installs are *not* set to send installation logs to the cobbler -# # # server. With 'anamon_enabled', kickstart templates may use the pre_anamon -# # # snippet to allow remote live monitoring of their installations from the -# # # cobbler server. Installation logs will be stored under -# # # /var/log/cobbler/anamon/. NOTE: This does allow an xmlrpc call to send logs -# # # to this directory, without authentication, so enable only if you are -# # # ok with this limitation. -anamon_enabled: 1 - -# If using authn_pam in the modules.conf, this can be configured -# to change the PAM service authentication will be tested against. -# The default value is "login". -authn_pam_service: "login" - -# Email out a report when cobbler finishes installing a system. -# enabled: set to 1 to turn this feature on -# sender: optional -# email: which addresses to email -# smtp_server: used to specify another server for an MTA -# subject: use the default subject unless overridden -build_reporting_enabled: 0 -build_reporting_sender: "" -build_reporting_email: [ 'root@localhost' ] -build_reporting_smtp_server: "localhost" -build_reporting_subject: "" - -# Cheetah-language kickstart templates can import Python modules. -# while this is a useful feature, it is not safe to allow them to -# import anything they want. This whitelists which modules can be -# imported through Cheetah. Users can expand this as needed but -# should never allow modules such as subprocess or those that -# allow access to the filesystem as Cheetah templates are evaluated -# by cobblerd as code. -cheetah_import_whitelist: - - "random" - - "re" - - "time" - -# Default createrepo_flags to use for new repositories. If you have -# createrepo >= 0.4.10, consider "-c cache --update -C", which can -# dramatically improve your "cobbler reposync" time. "-s sha" -# enables working with Fedora repos from F11/F12 from EL-4 or -# EL-5 without python-hashlib installed (which is not available -# on EL-4) -createrepo_flags: "-c cache -s sha" - -# if no kickstart is specified to profile add, use this template -default_kickstart: /var/lib/cobbler/kickstarts/default.ks - -# configure all installed systems to use these nameservers by default -# unless defined differently in the profile. For DHCP configurations -# you probably do /not/ want to supply this. -default_name_servers: ['10.145.89.100'] - -# if using the authz_ownership module (see the Wiki), objects -# created without specifying an owner are assigned to this -# owner and/or group. Can be a comma seperated list. -default_ownership: - - "admin" - -# cobbler has various sample kickstart templates stored -# in /var/lib/cobbler/kickstarts/. This controls -# what install (root) password is set up for those -# systems that reference this variable. The factory -# default is "cobbler" and cobbler check will warn if -# this is not changed. -# The simplest way to change the password is to run -# openssl passwd -1 -# and put the output between the "" below. -default_password_crypted: "$1$huawei$9OkoVJwO4W8vavlXd1bUS/" - -# the default template type to use in the absence of any -# other detected template. If you do not specify the template -# with '#template=' on the first line of your -# templates/snippets, cobbler will assume try to use the -# following template engine to parse the templates. -# -# Current valid values are: cheetah, jinja2 -default_template_type: "cheetah" - -# for libvirt based installs in koan, if no virt bridge -# is specified, which bridge do we try? For EL 4/5 hosts -# this should be xenbr0, for all versions of Fedora, try -# "virbr0". This can be overriden on a per-profile -# basis or at the koan command line though this saves -# typing to just set it here to the most common option. -default_virt_bridge: xenbr0 - -# use this as the default disk size for virt guests (GB) -default_virt_file_size: 5 - -# use this as the default memory size for virt guests (MB) -default_virt_ram: 512 - -# if koan is invoked without --virt-type and no virt-type -# is set on the profile/system, what virtualization type -# should be assumed? Values: xenpv, xenfv, qemu, vmware -# (NOTE: this does not change what virt_type is chosen by import) -default_virt_type: xenpv - -# enable gPXE booting? Enabling this option will cause cobbler -# to copy the undionly.kpxe file to the tftp root directory, -# and if a profile/system is configured to boot via gpxe it will -# chain load off pxelinux.0. -# Default: 0 -enable_gpxe: 0 - -# controls whether cobbler will add each new profile entry to the default -# PXE boot menu. This can be over-ridden on a per-profile -# basis when adding/editing profiles with --enable-menu=0/1. Users -# should ordinarily leave this setting enabled unless they are concerned -# with accidental reinstalls from users who select an entry at the PXE -# boot menu. Adding a password to the boot menus templates -# may also be a good solution to prevent unwanted reinstallations -enable_menu: 0 - -# enable Func-integration? This makes sure each installed machine is set up -# to use func out of the box, which is a powerful way to script and control -# remote machines. -# Func lives at http://fedorahosted.org/func -# read more at https://github.com/cobbler/cobbler/wiki/Func-integration -# you will need to mirror Fedora/EPEL packages for this feature, so see -# https://github.com/cobbler/cobbler/wiki/Manage-yum-repos if you want cobbler -# to help you with this -func_auto_setup: 0 -func_master: overlord.example.org - -# change this port if Apache is not running plaintext on port -# 80. Most people can leave this alone. -http_port: 80 - -# kernel options that should be present in every cobbler installation. -# kernel options can also be applied at the distro/profile/system -# level. -kernel_options: - ksdevice: bootif - lang: ' ' - text: ~ - -# s390 systems require additional kernel options in addition to the -# above defaults -kernel_options_s390x: - RUNKS: 1 - ramdisk_size: 40000 - root: /dev/ram0 - ro: ~ - ip: off - vnc: ~ - -# configuration options if using the authn_ldap module. See the -# the Wiki for details. This can be ignored if you are not using -# LDAP for WebUI/XMLRPC authentication. -ldap_server: "ldap.example.com" -ldap_base_dn: "DC=example,DC=com" -ldap_port: 389 -ldap_tls: 1 -ldap_anonymous_bind: 1 -ldap_search_bind_dn: '' -ldap_search_passwd: '' -ldap_search_prefix: 'uid=' -ldap_tls_cacertfile: '' -ldap_tls_keyfile: '' -ldap_tls_certfile: '' - -# cobbler has a feature that allows for integration with config management -# systems such as Puppet. The following parameters work in conjunction with -# --mgmt-classes and are described in furhter detail at: -# https://github.com/cobbler/cobbler/wiki/Using-cobbler-with-a-configuration-management-system -mgmt_classes: [] -mgmt_parameters: - from_cobbler: 1 - -# if enabled, this setting ensures that puppet is installed during -# machine provision, a client certificate is generated and a -# certificate signing request is made with the puppet master server -puppet_auto_setup: 0 - -# when puppet starts on a system after installation it needs to have -# its certificate signed by the puppet master server. Enabling the -# following feature will ensure that the puppet server signs the -# certificate after installation if the puppet master server is -# running on the same machine as cobbler. This requires -# puppet_auto_setup above to be enabled -sign_puppet_certs_automatically: 0 - -# location of the puppet executable, used for revoking certificates -puppetca_path: "/usr/bin/puppet" - -# when a puppet managed machine is reinstalled it is necessary to -# remove the puppet certificate from the puppet master server before a -# new certificate is signed (see above). Enabling the following -# feature will ensure that the certificate for the machine to be -# installed is removed from the puppet master server if the puppet -# master server is running on the same machine as cobbler. This -# requires puppet_auto_setup above to be enabled -remove_old_puppet_certs_automatically: 0 - -# choose a --server argument when running puppetd/puppet agent during kickstart -#puppet_server: 'puppet' - -# let cobbler know that you're using a newer version of puppet -# choose version 3 to use: 'puppet agent'; version 2 uses status quo: 'puppetd' -#puppet_version: 2 - -# choose whether to enable puppet parameterized classes or not. -# puppet versions prior to 2.6.5 do not support parameters -#puppet_parameterized_classes: 1 - -# set to 1 to enable Cobbler's DHCP management features. -# the choice of DHCP management engine is in /etc/cobbler/modules.conf -manage_dhcp: 1 - -# set to 1 to enable Cobbler's DNS management features. -# the choice of DNS mangement engine is in /etc/cobbler/modules.conf -manage_dns: 1 - -# set to path of bind chroot to create bind-chroot compatible bind -# configuration files. This should be automatically detected. -bind_chroot_path: "" - -# set to the ip address of the master bind DNS server for creating secondary -# bind configuration files -bind_master: 127.0.0.1 - -# set to 1 to enable Cobbler's TFTP management features. -# the choice of TFTP mangement engine is in /etc/cobbler/modules.conf -manage_tftpd: 1 - -# set to 1 to enable Cobbler's RSYNC management features. -manage_rsync: 0 - -# if using BIND (named) for DNS management in /etc/cobbler/modules.conf -# and manage_dns is enabled (above), this lists which zones are managed -# See the Wiki (https://github.com/cobbler/cobbler/wiki/Dns-management) for more info -manage_forward_zones: ['ods.com'] -manage_reverse_zones: ['10','172.16'] - -# if using cobbler with manage_dhcp, put the IP address -# of the cobbler server here so that PXE booting guests can find it -# if you do not set this correctly, this will be manifested in TFTP open timeouts. -next_server: 192.168.100.1 - -# settings for power management features. optional. -# see https://github.com/cobbler/cobbler/wiki/Power-management to learn more -# choices (refer to codes.py): -# apc_snmp bladecenter bullpap drac ether_wake ilo integrity -# ipmilan ipmitool lpar rsa virsh wti -power_management_default_type: 'ipmitool' - -# the commands used by the power management module are sourced -# from what directory? -power_template_dir: "/etc/cobbler/power" - -# if this setting is set to 1, cobbler systems that pxe boot -# will request at the end of their installation to toggle the -# --netboot-enabled record in the cobbler system record. This eliminates -# the potential for a PXE boot loop if the system is set to PXE -# first in it's BIOS order. Enable this if PXE is first in your BIOS -# boot order, otherwise leave this disabled. See the manpage -# for --netboot-enabled. -pxe_just_once: 1 - -# the templates used for PXE config generation are sourced -# from what directory? -pxe_template_dir: "/etc/cobbler/pxe" - -# Path to where system consoles are -consoles: "/var/consoles" - -# Are you using a Red Hat management platform in addition to Cobbler? -# Cobbler can help you register to it. Choose one of the following: -# "off" : I'm not using Red Hat Network, Satellite, or Spacewalk -# "hosted" : I'm using Red Hat Network -# "site" : I'm using Red Hat Satellite Server or Spacewalk -# You will also want to read: https://github.com/cobbler/cobbler/wiki/Tips-for-RHN -redhat_management_type: "off" - -# if redhat_management_type is enabled, choose your server -# "management.example.org" : For Satellite or Spacewalk -# "xmlrpc.rhn.redhat.com" : For Red Hat Network -# This setting is also used by the code that supports using Spacewalk/Satellite users/passwords -# within Cobbler Web and Cobbler XMLRPC. Using RHN Hosted for this is not supported. -# This feature can be used even if redhat_management_type is off, you just have -# to have authn_spacewalk selected in modules.conf -redhat_management_server: "xmlrpc.rhn.redhat.com" - -# specify the default Red Hat authorization key to use to register -# system. If left blank, no registration will be attempted. Similarly -# you can set the --redhat-management-key to blank on any system to -# keep it from trying to register. -redhat_management_key: "" - -# if using authn_spacewalk in modules.conf to let cobbler authenticate -# against Satellite/Spacewalk's auth system, by default it will not allow per user -# access into Cobbler Web and Cobbler XMLRPC. -# in order to permit this, the following setting must be enabled HOWEVER -# doing so will permit all Spacewalk/Satellite users of certain types to edit all -# of cobbler's configuration. -# these roles are: config_admin and org_admin -# users should turn this on only if they want this behavior and -# do not have a cross-multi-org seperation concern. If you have -# a single org in your satellite, it's probably safe to turn this -# on and then you can use CobblerWeb alongside a Satellite install. -redhat_management_permissive: 0 - -# if set to 1, allows /usr/bin/cobbler-register (part of the koan package) -# to be used to remotely add new cobbler system records to cobbler. -# this effectively allows for registration of new hardware from system -# records. -register_new_installs: 0 - -# Flags to use for yum's reposync. If your version of yum reposync -# does not support -l, you may need to remove that option. -reposync_flags: "-l -n -d" - -# These options will be used for an rsync initiated by cobbler replicate -replicate_rsync_options: "-avzH" - -# when DHCP and DNS management are enabled, cobbler sync can automatically -# restart those services to apply changes. The exception for this is -# if using ISC for DHCP, then omapi eliminates the need for a restart. -# omapi, however, is experimental and not recommended for most configurations. -# If DHCP and DNS are going to be managed, but hosted on a box that -# is not on this server, disable restarts here and write some other -# script to ensure that the config files get copied/rsynced to the destination -# box. This can be done by modifying the restart services trigger. -# Note that if manage_dhcp and manage_dns are disabled, the respective -# parameter will have no effect. Most users should not need to change -# this. -restart_dns: 1 -restart_dhcp: 1 - -# install triggers are scripts in /var/lib/cobbler/triggers/install -# that are triggered in kickstart pre and post sections. Any -# executable script in those directories is run. They can be used -# to send email or perform other actions. They are currently -# run as root so if you do not need this functionality you can -# disable it, though this will also disable "cobbler status" which -# uses a logging trigger to audit install progress. -run_install_triggers: 1 - -# enables a trigger which version controls all changes to /var/lib/cobbler -# when add, edit, or sync events are performed. This can be used -# to revert to previous database versions, generate RSS feeds, or for -# other auditing or backup purposes. "git" and "hg" are currently suported, -# but git is the recommend SCM for use with this feature. -scm_track_enabled: 0 -scm_track_mode: "git" - -# this is the address of the cobbler server -- as it is used -# by systems during the install process, it must be the address -# or hostname of the system as those systems can see the server. -# if you have a server that appears differently to different subnets -# (dual homed, etc), you need to read the --server-override section -# of the manpage for how that works. -server: 192.168.100.1 - -# If set to 1, all commands will be forced to use the localhost address -# instead of using the above value which can force commands like -# cobbler sync to open a connection to a remote address if one is in the -# configuration and would traceback. -client_use_localhost: 0 - -# If set to 1, all commands to the API (not directly to the XMLRPC -# server) will go over HTTPS instead of plaintext. Be sure to change -# the http_port setting to the correct value for the web server -client_use_https: 0 - -# this is a directory of files that cobbler uses to make -# templating easier. See the Wiki for more information. Changing -# this directory should not be required. -snippetsdir: /var/lib/cobbler/snippets - -# Normally if a kickstart is specified at a remote location, this -# URL will be passed directly to the kickstarting system, thus bypassing -# the usual snippet templating Cobbler does for local kickstart files. If -# this option is enabled, Cobbler will fetch the file contents internally -# and serve a templated version of the file to the client. -template_remote_kickstarts: 0 - -# should new profiles for virtual machines default to auto booting with the physical host when the physical host reboots? -# this can be overridden on each profile or system object. -virt_auto_boot: 1 - -# cobbler's web directory. Don't change this setting -- see the -# Wiki on "relocating your cobbler install" if your /var partition -# is not large enough. -webdir: /var/www/cobbler - -# cobbler's public XMLRPC listens on this port. Change this only -# if absolutely needed, as you'll have to start supplying a new -# port option to koan if it is not the default. -xmlrpc_port: 25151 - -# "cobbler repo add" commands set cobbler up with repository -# information that can be used during kickstart and is automatically -# set up in the cobbler kickstart templates. By default, these -# are only available at install time. To make these repositories -# usable on installed systems (since cobbler makes a very convient) -# mirror, set this to 1. Most users can safely set this to 1. Users -# who have a dual homed cobbler server, or are installing laptops that -# will not always have access to the cobbler server may wish to leave -# this as 0. In that case, the cobbler mirrored yum repos are still -# accessable at http://cobbler.example.org/cblr/repo_mirror and yum -# configuration can still be done manually. This is just a shortcut. -yum_post_install_mirror: 1 - -# the default yum priority for all the distros. This is only used -# if yum-priorities plugin is used. 1=maximum. Tweak with caution. -yum_distro_priority: 1 - -# Flags to use for yumdownloader. Not all versions may support -# --resolve. -yumdownloader_flags: "--resolve" - -# sort and indent JSON output to make it more human-readable -serializer_pretty_json: 0 - -# replication rsync options for distros, kickstarts, snippets set to override default value of "-avzH" -replicate_rsync_options: "-avzH" - -# replication rsync options for repos set to override default value of "-avzH" -replicate_repo_rsync_options: "-avzH" diff --git a/docker/build/cobbler/conf/cobbler_web.conf b/docker/build/cobbler/conf/cobbler_web.conf deleted file mode 100644 index f03d4fe..0000000 --- a/docker/build/cobbler/conf/cobbler_web.conf +++ /dev/null @@ -1,10 +0,0 @@ -# This configuration file enables the cobbler web -# interface (django version) - -# Force everything to go to https -RewriteEngine on -RewriteCond %{HTTPS} off -RewriteCond %{REQUEST_URI} ^/cobbler_web -# RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} - -WSGIScriptAlias /cobbler_web /usr/share/cobbler/web/cobbler.wsgi diff --git a/docker/build/cobbler/conf/dhcp.template b/docker/build/cobbler/conf/dhcp.template deleted file mode 100644 index f18ec37..0000000 --- a/docker/build/cobbler/conf/dhcp.template +++ /dev/null @@ -1,98 +0,0 @@ -# ****************************************************************** -# Cobbler managed dhcpd.conf file -# -# generated from cobbler dhcp.conf template ($date) -# Do NOT make changes to /etc/dhcpd.conf. Instead, make your changes -# in /etc/cobbler/dhcp.template, as /etc/dhcpd.conf will be -# overwritten. -# -# ****************************************************************** - -ddns-update-style interim; - -allow booting; -allow bootp; -deny unknown-clients; -local-address 192.168.100.100; -log-facility local6; - -ignore client-updates; -set vendorclass = option vendor-class-identifier; - -option pxe-system-type code 93 = unsigned integer 16; -option space pxelinux; -option pxelinux.magic code 208 = string; -option pxelinux.configfile code 209 = text; -option pxelinux.pathprefix code 210 = text; -option pxelinux.reboottime code 211 = unsigned integer 32; - -subnet 192.168.100.0 netmask 255.255.254.0 { - option routers 192.168.100.1; - option domain-name-servers 192.168.100.1; - option subnet-mask 255.255.254.0; - range dynamic-bootp 192.168.100.10 192.168.101.250; - default-lease-time 21600; - max-lease-time 43200; - next-server $next_server; - class "pxeclients" { - match if substring (option vendor-class-identifier, 0, 9) = "PXEClient"; - if option pxe-system-type = 00:02 { - filename "ia64/elilo.efi"; - } else if option pxe-system-type = 00:06 { - filename "grub/grub-x86.efi"; - } else if option pxe-system-type = 00:07 { - filename "grub/grub-x86_64.efi"; - } else { - filename "pxelinux.0"; - } - } - -} - -#for dhcp_tag in $dhcp_tags.keys(): - ## group could be subnet if your dhcp tags line up with your subnets - ## or really any valid dhcpd.conf construct ... if you only use the - ## default dhcp tag in cobbler, the group block can be deleted for a - ## flat configuration -# group for Cobbler DHCP tag: $dhcp_tag -group { - #for mac in $dhcp_tags[$dhcp_tag].keys(): - #set iface = $dhcp_tags[$dhcp_tag][$mac] - host $iface.name { - hardware ethernet $mac; - site-option-space "pxelinux"; - option pxelinux.magic f1:00:74:7e; - if exists dhcp-parameter-request-list { - # Always send the PXELINUX options (specified in hexadecimal) - option dhcp-parameter-request-list = concat(option dhcp-parameter-request-list,d0,d1,d2,d3); - } - option pxelinux.reboottime 30; - #if $iface.hostname: - option host-name "$iface.hostname"; - #end if - #if $iface.netmask: - option subnet-mask $iface.netmask; - #end if - #if $iface.gateway: - option routers $iface.gateway; - #end if - #if $iface.enable_gpxe: - if exists user-class and option user-class = "gPXE" { - filename "http://$cobbler_server/cblr/svc/op/gpxe/system/$iface.owner"; - } else if exists user-class and option user-class = "iPXE" { - filename "http://$cobbler_server/cblr/svc/op/gpxe/system/$iface.owner"; - } else { - filename "undionly.kpxe"; - } - #else - filename "$iface.filename"; - #end if - ## Cobbler defaults to $next_server, but some users - ## may like to use $iface.system.server for proxied setups - next-server $next_server; - ## next-server $iface.next_server; - } - #end for -} -#end for - diff --git a/docker/build/cobbler/conf/distributions b/docker/build/cobbler/conf/distributions deleted file mode 100644 index 7f61215..0000000 --- a/docker/build/cobbler/conf/distributions +++ /dev/null @@ -1,8 +0,0 @@ -Origin: ppa -Label: ppa_repo -Suite: stable -Codename: ppa -Version: 0.1 -Architectures: i386 amd64 source -Components: main -Description: ppa repo diff --git a/docker/build/cobbler/conf/modules.conf b/docker/build/cobbler/conf/modules.conf deleted file mode 100644 index 5c3b941..0000000 --- a/docker/build/cobbler/conf/modules.conf +++ /dev/null @@ -1,84 +0,0 @@ -# cobbler module configuration file -# ================================= - -# authentication: -# what users can log into the WebUI and Read-Write XMLRPC? -# choices: -# authn_denyall -- no one (default) -# authn_configfile -- use /etc/cobbler/users.digest (for basic setups) -# authn_passthru -- ask Apache to handle it (used for kerberos) -# authn_ldap -- authenticate against LDAP -# authn_spacewalk -- ask Spacewalk/Satellite (experimental) -# authn_pam -- use PAM facilities -# authn_testing -- username/password is always testing/testing (debug) -# (user supplied) -- you may write your own module -# WARNING: this is a security setting, do not choose an option blindly. -# for more information: -# https://github.com/cobbler/cobbler/wiki/Cobbler-web-interface -# https://github.com/cobbler/cobbler/wiki/Security-overview -# https://github.com/cobbler/cobbler/wiki/Kerberos -# https://github.com/cobbler/cobbler/wiki/Ldap - -[authentication] -module = authn_configfile - -# authorization: -# once a user has been cleared by the WebUI/XMLRPC, what can they do? -# choices: -# authz_allowall -- full access for all authneticated users (default) -# authz_ownership -- use users.conf, but add object ownership semantics -# (user supplied) -- you may write your own module -# WARNING: this is a security setting, do not choose an option blindly. -# If you want to further restrict cobbler with ACLs for various groups, -# pick authz_ownership. authz_allowall does not support ACLs. configfile -# does but does not support object ownership which is useful as an additional -# layer of control. - -# for more information: -# https://github.com/cobbler/cobbler/wiki/Cobbler-web-interface -# https://github.com/cobbler/cobbler/wiki/Security-overview -# https://github.com/cobbler/cobbler/wiki/Web-authorization - -[authorization] -module = authz_allowall - -# dns: -# chooses the DNS management engine if manage_dns is enabled -# in /etc/cobbler/settings, which is off by default. -# choices: -# manage_bind -- default, uses BIND/named -# manage_dnsmasq -- uses dnsmasq, also must select dnsmasq for dhcp below -# NOTE: more configuration is still required in /etc/cobbler -# for more information: -# https://github.com/cobbler/cobbler/wiki/Dns-management - -[dns] -module = manage_bind - -# dhcp: -# chooses the DHCP management engine if manage_dhcp is enabled -# in /etc/cobbler/settings, which is off by default. -# choices: -# manage_isc -- default, uses ISC dhcpd -# manage_dnsmasq -- uses dnsmasq, also must select dnsmasq for dns above -# NOTE: more configuration is still required in /etc/cobbler -# for more information: -# https://github.com/cobbler/cobbler/wiki/Dhcp-management - -[dhcp] -module = manage_isc - -# tftpd: -# chooses the TFTP management engine if manage_tftp is enabled -# in /etc/cobbler/settings, which is ON by default. -# -# choices: -# manage_in_tftpd -- default, uses the system's tftp server -# manage_tftpd_py -- uses cobbler's tftp server -# - -[tftpd] -module = manage_in_tftpd - -#-------------------------------------------------- - diff --git a/docker/build/cobbler/conf/setup.conf b/docker/build/cobbler/conf/setup.conf deleted file mode 100755 index db6e4b6..0000000 --- a/docker/build/cobbler/conf/setup.conf +++ /dev/null @@ -1,25 +0,0 @@ -#centos6.5 -NTP=http://mirror.centos.org/centos/6.6/os/x86_64/Packages/ntp-4.2.6p5-1.el6.centos.x86_64.rpm -SSH_CLIENTS=ftp://mirror.switch.ch/pool/4/mirror/scientificlinux/6.5/x86_64/os/Packages/openssh-clients-5.3p1-94.el6.x86_64.rpm -OPENSSH=ftp://mirror.switch.ch/pool/4/mirror/scientificlinux/6.3/x86_64/updates/security/openssh-5.3p1-94.el6.x86_64.rpm -IPROUTE=ftp://mirror.switch.ch/pool/4/mirror/scientificlinux/6.5/x86_64/os/Packages/iproute-2.6.32-31.el6.x86_64.rpm -WGET=ftp://mirror.switch.ch/pool/4/mirror/scientificlinux/6.5/x86_64/os/Packages/wget-1.12-1.8.el6.x86_64.rpm -NTPDATE=http://mirror.centos.org/centos/6.6/os/x86_64/Packages/ntpdate-4.2.6p5-1.el6.centos.x86_64.rpm -YUM_PRIORITIES=ftp://mirror.switch.ch/pool/4/mirror/scientificlinux/6.3/i386/os/Packages/yum-plugin-priorities-1.1.30-14.el6.noarch.rpm -JSONC=http://rpms.adiscon.com/v7-stable/epel-6/x86_64/RPMS/json-c-0.9-4.el6.x86_64.rpm -LIBESTR=http://rpms.adiscon.com/v7-stable/epel-6/x86_64/RPMS/libestr-0.1.9-1.el6.x86_64.rpm -LIBGT=http://rpms.adiscon.com/v7-stable/epel-6/x86_64/RPMS/libgt-0.3.11-1.el6.x86_64.rpm -LIBLOGGING=http://rpms.adiscon.com/v7-stable/epel-6/x86_64/RPMS/liblogging-1.0.4-1.el6.x86_64.rpm -RSYSLOG=http://rpms.adiscon.com/v7-stable/epel-6/x86_64/RPMS/rsyslog-7.6.3-1.el6.src.rpm -CHEF_CLIENT_CENTOS=http://opscode-omnibus-packages.s3.amazonaws.com/el/6/x86_64/chef-11.8.0-1.el6.x86_64.rpm - -#ubuntu12.04 -CHEF_CLIENT_UBUNTU=http://opscode-omnibus-packages.s3.amazonaws.com/ubuntu/12.04/x86_64/chef_11.8.0-1.ubuntu.12.04_amd64.deb - -#iso -CENTOS_ISO=https://s3-us-west-1.amazonaws.com/compass-local-repo/centos/6.5/CentOS-6.5-x86_64.iso -UBUNTU_ISO=http://releases.ubuntu.com/12.04/ubuntu-12.04.4-server-amd64.iso - -#repos -EPEL7=http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm -ATOMIC=http://www6.atomicorp.com/channels/atomic/centos/7/x86_64/RPMS/atomic-release-1.0-19.el7.art.noarch.rpm diff --git a/docker/build/cobbler/conf/ssl.conf b/docker/build/cobbler/conf/ssl.conf deleted file mode 100644 index 07f1e22..0000000 --- a/docker/build/cobbler/conf/ssl.conf +++ /dev/null @@ -1,221 +0,0 @@ -# -# This is the Apache server configuration file providing SSL support. -# It contains the configuration directives to instruct the server how to -# serve pages over an https connection. For detailing information about these -# directives see -# -# Do NOT simply read the instructions in here without understanding -# what they do. They're here only as hints or reminders. If you are unsure -# consult the online docs. You have been warned. -# - -LoadModule ssl_module modules/mod_ssl.so - -# -# When we also provide SSL we have to listen to the -# the HTTPS port in addition. -# -Listen 443 - -## -## SSL Global Context -## -## All SSL configuration in this context applies both to -## the main server and all SSL-enabled virtual hosts. -## - -# Pass Phrase Dialog: -# Configure the pass phrase gathering process. -# The filtering dialog program (`builtin' is a internal -# terminal dialog) has to provide the pass phrase on stdout. -SSLPassPhraseDialog builtin - -# Inter-Process Session Cache: -# Configure the SSL Session Cache: First the mechanism -# to use and second the expiring timeout (in seconds). -SSLSessionCache shmcb:/var/cache/mod_ssl/scache(512000) -SSLSessionCacheTimeout 300 - -# Semaphore: -# Configure the path to the mutual exclusion semaphore the -# SSL engine uses internally for inter-process synchronization. -# SSLMutex default - -# Pseudo Random Number Generator (PRNG): -# Configure one or more sources to seed the PRNG of the -# SSL library. The seed data should be of good random quality. -# WARNING! On some platforms /dev/random blocks if not enough entropy -# is available. This means you then cannot use the /dev/random device -# because it would lead to very long connection times (as long as -# it requires to make more entropy available). But usually those -# platforms additionally provide a /dev/urandom device which doesn't -# block. So, if available, use this one instead. Read the mod_ssl User -# Manual for more details. -SSLRandomSeed startup file:/dev/urandom 256 -SSLRandomSeed connect builtin -#SSLRandomSeed startup file:/dev/random 512 -#SSLRandomSeed connect file:/dev/random 512 -#SSLRandomSeed connect file:/dev/urandom 512 - -# -# Use "SSLCryptoDevice" to enable any supported hardware -# accelerators. Use "openssl engine -v" to list supported -# engine names. NOTE: If you enable an accelerator and the -# server does not start, consult the error logs and ensure -# your accelerator is functioning properly. -# -SSLCryptoDevice builtin -#SSLCryptoDevice ubsec - -## -## SSL Virtual Host Context -## - - - -# General setup for the virtual host, inherited from global configuration -#DocumentRoot "/var/www/html" -#ServerName www.example.com:443 - -# Use separate log files for the SSL virtual host; note that LogLevel -# is not inherited from httpd.conf. -ErrorLog logs/ssl_error_log -TransferLog logs/ssl_access_log -LogLevel warn - -# SSL Engine Switch: -# Enable/Disable SSL for this virtual host. -SSLEngine on - -# SSL Protocol support: -# List the enable protocol levels with which clients will be able to -# connect. Disable SSLv2 access by default: -SSLProtocol all -SSLv2 - -# SSL Cipher Suite: -# List the ciphers that the client is permitted to negotiate. -# See the mod_ssl documentation for a complete list. -SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW - -# Server Certificate: -# Point SSLCertificateFile at a PEM encoded certificate. If -# the certificate is encrypted, then you will be prompted for a -# pass phrase. Note that a kill -HUP will prompt again. A new -# certificate can be generated using the genkey(1) command. -SSLCertificateFile /etc/pki/tls/certs/localhost.crt - -# Server Private Key: -# If the key is not combined with the certificate, use this -# directive to point at the key file. Keep in mind that if -# you've both a RSA and a DSA private key you can configure -# both in parallel (to also allow the use of DSA ciphers, etc.) -SSLCertificateKeyFile /etc/pki/tls/private/localhost.key - -# Server Certificate Chain: -# Point SSLCertificateChainFile at a file containing the -# concatenation of PEM encoded CA certificates which form the -# certificate chain for the server certificate. Alternatively -# the referenced file can be the same as SSLCertificateFile -# when the CA certificates are directly appended to the server -# certificate for convinience. -#SSLCertificateChainFile /etc/pki/tls/certs/server-chain.crt - -# Certificate Authority (CA): -# Set the CA certificate verification path where to find CA -# certificates for client authentication or alternatively one -# huge file containing all of them (file must be PEM encoded) -#SSLCACertificateFile /etc/pki/tls/certs/ca-bundle.crt - -# Client Authentication (Type): -# Client certificate verification type and depth. Types are -# none, optional, require and optional_no_ca. Depth is a -# number which specifies how deeply to verify the certificate -# issuer chain before deciding the certificate is not valid. -#SSLVerifyClient require -#SSLVerifyDepth 10 - -# Access Control: -# With SSLRequire you can do per-directory access control based -# on arbitrary complex boolean expressions containing server -# variable checks and other lookup directives. The syntax is a -# mixture between C and Perl. See the mod_ssl documentation -# for more details. -# -#SSLRequire ( %{SSL_CIPHER} !~ m/^(EXP|NULL)/ \ -# and %{SSL_CLIENT_S_DN_O} eq "Snake Oil, Ltd." \ -# and %{SSL_CLIENT_S_DN_OU} in {"Staff", "CA", "Dev"} \ -# and %{TIME_WDAY} >= 1 and %{TIME_WDAY} <= 5 \ -# and %{TIME_HOUR} >= 8 and %{TIME_HOUR} <= 20 ) \ -# or %{REMOTE_ADDR} =~ m/^192\.76\.162\.[0-9]+$/ -# - -# SSL Engine Options: -# Set various options for the SSL engine. -# o FakeBasicAuth: -# Translate the client X.509 into a Basic Authorisation. This means that -# the standard Auth/DBMAuth methods can be used for access control. The -# user name is the `one line' version of the client's X.509 certificate. -# Note that no password is obtained from the user. Every entry in the user -# file needs this password: `xxj31ZMTZzkVA'. -# o ExportCertData: -# This exports two additional environment variables: SSL_CLIENT_CERT and -# SSL_SERVER_CERT. These contain the PEM-encoded certificates of the -# server (always existing) and the client (only existing when client -# authentication is used). This can be used to import the certificates -# into CGI scripts. -# o StdEnvVars: -# This exports the standard SSL/TLS related `SSL_*' environment variables. -# Per default this exportation is switched off for performance reasons, -# because the extraction step is an expensive operation and is usually -# useless for serving static content. So one usually enables the -# exportation for CGI and SSI requests only. -# o StrictRequire: -# This denies access when "SSLRequireSSL" or "SSLRequire" applied even -# under a "Satisfy any" situation, i.e. when it applies access is denied -# and no other module can change it. -# o OptRenegotiate: -# This enables optimized SSL connection renegotiation handling when SSL -# directives are used in per-directory context. -#SSLOptions +FakeBasicAuth +ExportCertData +StrictRequire - - SSLOptions +StdEnvVars - - - SSLOptions +StdEnvVars - - -# SSL Protocol Adjustments: -# The safe and default but still SSL/TLS standard compliant shutdown -# approach is that mod_ssl sends the close notify alert but doesn't wait for -# the close notify alert from client. When you need a different shutdown -# approach you can use one of the following variables: -# o ssl-unclean-shutdown: -# This forces an unclean shutdown when the connection is closed, i.e. no -# SSL close notify alert is send or allowed to received. This violates -# the SSL/TLS standard but is needed for some brain-dead browsers. Use -# this when you receive I/O errors because of the standard approach where -# mod_ssl sends the close notify alert. -# o ssl-accurate-shutdown: -# This forces an accurate shutdown when the connection is closed, i.e. a -# SSL close notify alert is send and mod_ssl waits for the close notify -# alert of the client. This is 100% SSL/TLS standard compliant, but in -# practice often causes hanging connections with brain-dead browsers. Use -# this only for browsers where you know that their SSL implementation -# works correctly. -# Notice: Most problems of broken clients are also related to the HTTP -# keep-alive facility, so you usually additionally want to disable -# keep-alive for those clients, too. Use variable "nokeepalive" for this. -# Similarly, one has to force some clients to use HTTP/1.0 to workaround -# their broken HTTP/1.1 implementation. Use variables "downgrade-1.0" and -# "force-response-1.0" for this. -SetEnvIf User-Agent ".*MSIE.*" \ - nokeepalive ssl-unclean-shutdown \ - downgrade-1.0 force-response-1.0 - -# Per-Server Logging: -# The home of a custom SSL log file. Use this when you want a -# compact non-error SSL logfile on a virtual host basis. -CustomLog logs/ssl_request_log \ - "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b" - - diff --git a/docker/build/cobbler/conf/tftpd.template b/docker/build/cobbler/conf/tftpd.template deleted file mode 100644 index 31f4d36..0000000 --- a/docker/build/cobbler/conf/tftpd.template +++ /dev/null @@ -1,21 +0,0 @@ -# default: off -# description: The tftp server serves files using the trivial file transfer \ -# protocol. The tftp protocol is often used to boot diskless \ -# workstations, download configuration files to network-aware printers, \ -# and to start the installation process for some operating systems. -service tftp -{ - disable = no - log_type = SYSLOG local5 info - socket_type = dgram - protocol = udp - wait = yes - user = $user - server = $binary - server_args = -B 1380 -v -s $args - instances = 1000 - per_source = 1000 - cps = 1000 2 - flags = IPv4 -} - diff --git a/docker/build/cobbler/scripts/start b/docker/build/cobbler/scripts/start deleted file mode 100644 index 055ffe6..0000000 --- a/docker/build/cobbler/scripts/start +++ /dev/null @@ -1,17 +0,0 @@ -#!/bin/bash - -service httpd start -service cobblerd start - -# import distros -cobbler import --path=/var/lib/cobbler/mount_point/CentOS-6.5-x86_64 --name=CentOS-6.5-x86_64 --arch=x86_64 --kickstart=/var/lib/cobbler/kickstarts/default.ks --breed=redhat -cobbler import --path=/var/lib/cobbler/mount_point/Ubuntu-12.04-x86_64 --name=Ubuntu-12.04-x86_64 --arch=x86_64 --kickstart=/var/lib/cobbler/kickstarts/default.seed --breed=ubuntu - -# add profiles -cobbler profile add --name=CentOS-6.5-x86_64 --repo=centos_ppa_repo --distro=CentOS-6.5-x86_64 --ksmeta="tree=http://10.145.89.200:8080/cobbler/ks_mirror/CentOS-6.5-x86_64 compass_server=10.145.89.200" --kickstart=/var/lib/cobbler/kickstarts/default.ks -cobbler profile add --name=Ubuntu-12.04-x86_64 --repo=ubuntu_ppa_repo --distro=Ubuntu-12.04-x86_64 --ksmeta="tree=http://10.145.89.200:8080/cobbler/ks_mirror/Ubuntu-12.04-x86_64 compass_server=10.145.89.200" --kickstart=/var/lib/cobbler/kickstarts/default.seed --kopts="netcfg/choose_interface=auto" - - -cobbler reposync -cobbler sync -cobbler check diff --git a/docker/build/compass/Dockerfile b/docker/build/compass/Dockerfile deleted file mode 100644 index d31f11d..0000000 --- a/docker/build/compass/Dockerfile +++ /dev/null @@ -1,137 +0,0 @@ -FROM centos:centos7 - -ADD conf/setup.conf /root/setup.conf -RUN chmod +x /root/setup.conf -## install yum repos and then packages -RUN source /root/setup.conf && \ - rpm -Uvh $EPEL7 >& /dev/null && \ - sed -i 's/^mirrorlist=https/mirrorlist=http/g' /etc/yum.repos.d/epel.repo && \ - rpm -Uvh $ATOMIC >& /dev/null && \ - sed -i 's/^mirrorlist=https/mirrorlist=http/g' /etc/yum.repos.d/atomic.repo -RUN yum clean all >& /dev/null && \ - yum update -y --skip-broken >&/dev/null && \ - yum install -y rsyslog logrotate ntp iproute openssh-clients python python-devel git wget rabbitmq-server mod_wsgi httpd squid yum-utils gcc net-snmp-utils net-snmp net-snmp-python openssl openssl098e ca-certificates redis mariadb mariadb-server mariadb-devel python-virtualenv python-setuptools MySQL-python - -# set up pip and install python virtual environment -RUN easy_install --upgrade pip -RUN pip install virtualenvwrapper - -# get compass-core code -WORKDIR /root -RUN source /root/setup.conf && \ - git clone $COMPASS_CORE -WORKDIR /root/compass-core -RUN mkdir /root/backup - -# update rsyslog conf -RUN cp -rn /etc/rsyslog.conf /root/backup -RUN rm -rf /etc/rsyslog.conf -RUN cp -rf misc/rsyslog/rsyslog.conf /etc/rsyslog.conf -RUN chmod 644 /etc/rsyslog.conf - -# update logrotate.d -RUN cp -rn /etc/logrotate.d /root/backup -RUN rm -rf /etc/logrotate.d/* -RUN cp -rf misc/logrotate.d/* /etc/logrotate.d/ -RUN chmod 644 /etc/logrotate.d/* - -# grant permission to httpd and mysqld log dirs -RUN mkdir /var/log/mysql -RUN chmod 777 /var/log/httpd -RUN chmod 777 /var/log/mysql - -# clone compass web -WORKDIR /root -RUN source /root/setup.conf && \ - git clone $COMPASS_WEB - -# setup python requirements -# remove 'mysql-python' from requirements as centos 7 supports the yum package -WORKDIR /root/compass-core -RUN sed -i 's/MySQL-python/#MySQL-python/g' requirements.txt -RUN source `which virtualenvwrapper.sh` && \ - mkvirtualenv --system-site-packages compass-core && \ - workon compass-core && \ - pip install -U -r requirements.txt - -# download local repo -WORKDIR /tmp -RUN source /root/setup.conf && \ - wget $LOCAL_REPO - -# snmp -# instead of moving mibs to /usr/local/share/snmp/mibs, centos7 puts mibs file at /usr/share/snmp/mibs/ - -WORKDIR /root/compass-core -RUN yes|cp -rf mibs/* /usr/share/snmp/mibs/ -RUN cp -rf misc/snmp/snmp.conf /etc/snmp/snmp.conf -RUN chmod 644 /etc/snmp/snmp.conf -RUN mkdir -p /var/lib/net-snmp/mib_indexes -RUN chmod 755 /var/lib/net-snmp/mib_indexes - -# install compass-core -WORKDIR /root/compass-core -RUN mkdir -p /etc/compass -RUN mkdir -p /opt/compass/bin -RUN mkdir -p /var/log/compass -RUN mkdir -p /var/log/chef -RUN mkdir -p /var/www/compass - -RUN cp -rf misc/apache/ods-server.conf /etc/httpd/conf.d/ods-server.conf -RUN cp -rf conf/* /etc/compass/ -RUN cp -rf bin/*.py /opt/compass/bin/ -RUN cp -rf bin/*.sh /opt/compass/bin/ -RUN cp -rf bin/compassd /usr/bin/ -RUN cp -rf bin/switch_virtualenv.py.template /opt/compass/bin/switch_virtualenv.py -RUN ln -s -f /opt/compass/bin/compass_check.py /usr/bin/compass -RUN ln -s -f /opt/compass/bin/compass_wsgi.py /var/www/compass/compass.wsgi -RUN cp -rf bin/chef/* /opt/compass/bin/ -RUN cp -rf bin/cobbler/* /opt/compass/bin/ -RUN cp -rf /usr/lib64/libcrypto.so.10 /usr/lib64/libcrypto.so - -# setup compass-core and related confs -RUN mkdir -p /opt/compass/db && \ - chmod -R 777 /opt/compass/db -RUN chmod -R 777 /var/log/compass -RUN chmod -R 777 /var/log/chef -RUN echo "export C_FORCE_ROOT=1" > /etc/profile.d/celery_env.sh -RUN chmod +x /etc/profile.d/celery_env.sh -WORKDIR /root/compass-core -RUN source `which virtualenvwrapper.sh` && \ - workon compass-core && \ - python setup.py install - -# compass web -WORKDIR /root/compass-web -RUN yum -y install tar -RUN mkdir -p /var/www/compass_web -RUN cp -rf v2 /var/www/compass_web/ -WORKDIR /tmp -RUN tar -xzvf local_repo.tar.gz -RUN mv -f local_repo/* /var/www/compass_web/v2/ - -# enable start-up script -ADD scripts/sample_start /root/sample_start -RUN chmod +x /root/sample_start - -# start: perform some post-installation tasks -# modify compass refresh to make it work in containers -ADD scripts/refresh.sh /opt/compass/bin/refresh.sh -RUN chmod +x /opt/compass/bin/refresh.sh - -# set python home for virtualenv -RUN sed -i "s|\$PythonHome|\/root\/\.virtualenvs\/compass-core|g" /opt/compass/bin/switch_virtualenv.py - -# add apache to root group -RUN usermod -a -G `groups root|awk '{print$3}'` apache - -# configure mysql -RUN /usr/bin/mysql_install_db && \ - chown -R mysql:mysql /var/lib/mysql - -# CMD ["/root/sample_start"] - -EXPOSE 80 -EXPOSE 22 -EXPOSE 123 -EXPOSE 3306 diff --git a/docker/build/compass/conf/setup.conf b/docker/build/compass/conf/setup.conf deleted file mode 100644 index 429eaab..0000000 --- a/docker/build/compass/conf/setup.conf +++ /dev/null @@ -1,5 +0,0 @@ -LOCAL_REPO="https://s3-us-west-1.amazonaws.com/compass-local-repo/local_repo.tar.gz" -EPEL7="http://dl.fedoraproject.org/pub/epel/7/x86_64/e/epel-release-7-5.noarch.rpm" -ATOMIC="http://www6.atomicorp.com/channels/atomic/centos/7/x86_64/RPMS/atomic-release-1.0-19.el7.art.noarch.rpm" -COMPASS_CORE="https://git.openstack.org/stackforge/compass-core.git" -COMPASS_WEB="https://git.openstack.org/stackforge/compass-web.git" diff --git a/docker/build/compass/scripts/refresh.sh b/docker/build/compass/scripts/refresh.sh deleted file mode 100644 index 8da8788..0000000 --- a/docker/build/compass/scripts/refresh.sh +++ /dev/null @@ -1,9 +0,0 @@ -#/bin/bash -set -e -/opt/compass/bin/manage_db.py createdb -# /opt/compass/bin/clean_installers.py -# /opt/compass/bin/clean_installation_logs.py -/usr/sbin/apachectl -D NO_DETACH -D FOREGROUND -/usr/bin/redis-server & -CELERY_CONFIG_MODULE=compass.utils.celeryconfig_wrapper C_FORCE_ROOT=1 /opt/compass/bin/celery worker &> /tmp/celery-worker.log & -/opt/compass/bin/progress_update.py &> /tmp/progress_update.log diff --git a/docker/build/compass/scripts/sample_start b/docker/build/compass/scripts/sample_start deleted file mode 100644 index 71d0159..0000000 --- a/docker/build/compass/scripts/sample_start +++ /dev/null @@ -1,56 +0,0 @@ -#!/bin/bash - -# set python home -# sed -i "s|\$PythonHome|\/root\/\.virtualenvs\/compass-core|g" /opt/compass/bin/switch_virtualenv.py - -# add apache to root user group -# usermod -a -G `groups root|awk '{print$3}'` apache - -# activate virtualenv -source `which virtualenvwrapper.sh` -workon compass-core - -## mysql -# install db -# grant permission to mysql data dir -# /usr/bin/mysql_install_db -# chown mysql:mysql /var/lib/mysql -# chown mysql:mysql /var/lib/mysql/* -# chown mysql:mysql /var/lib/mysql/mysql/* -# chown mysql:mysql /var/lib/mysql/performance_schema/* - -# start mysqld service, push it to bg -/usr/bin/mysqld_safe > /dev/null 2>&1 & - -RET=1 -while [[ RET -ne 0 ]]; do - echo "waiting for mariadb to startup" - sleep 5 - mysql -uroot -e "status" > /dev/null 2>&1 - RET=$? -done - -echo "mariadb started" - -# set mysql with default username and password -mysqladmin -h127.0.0.1 --port=3306 -u root password root - -# create db 'compass' -mysql -h127.0.0.1 --port=3306 -uroot -proot -e "create database compass" - -## virtualenv -# create virtualenv -# source `which virtualenvwrapper.sh` -# mkvirtualenv --system-site-packages compass-core - -# install compass requirements - -# start compass services -/opt/compass/bin/manage_db.py createdb -/usr/sbin/apachectl -k start -/usr/sbin/rabbitmq-server & -/usr/bin/redis-server & -ln -s /root/.virtualenvs/compass-core/bin/celery /opt/compass/bin/celery -CELERY_CONFIG_MODULE=compass.utils.celeryconfig_wrapper C_FORCE_ROOT=1 /opt/compass/bin/celery worker &> /tmp/celery-worker.log & -/opt/compass/bin/progress_update.py &> /tmp/progress_update.log & -tail -f /dev/null diff --git a/examples/Dockerfile b/examples/Dockerfile deleted file mode 100644 index d13c631..0000000 --- a/examples/Dockerfile +++ /dev/null @@ -1,13 +0,0 @@ -FROM compassindocker/compass:test - -ADD scripts/start /root/start -ADD conf/compass.setting /etc/compass/setting -ADD conf/cobbler.conf /etc/compass/os_installer/cobbler.conf -ADD conf/chef-icehouse.conf /etc/compass/package_installer/chef-icehouse.conf -ADD conf/chef-client.pem /etc/chef-client.pem - -RUN chmod +x /root/start - -CMD ["/root/start"] -EXPOSE 80 -EXPOSE 123 diff --git a/examples/conf/chef-client.pem b/examples/conf/chef-client.pem deleted file mode 100644 index aaf83ec..0000000 --- a/examples/conf/chef-client.pem +++ /dev/null @@ -1,28 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -MIIEpAIBAAKCAQEA16JNckh4jk4B/yuw42OkHTix7cFWr7DLvpUOFHecmw6IcfP2 -mLvY2FI+RFFtM91/hWy648TtNzK5/iUJeTNLjGAuthzGeTfGS9SR8rSfVjDd6zHt -gbHBTPPCeAydy9TfJpOhXWy8DHNiGjQKQd/RM8Sgzbp0JW1yMqSg+o64MgR8VFLL -VMG6kA1VFzLs+/3W14vaHZqF0y8N0ZQeAXnsx51zNQL2rlEpF3PMMAhgyJIZ+UZk -vDPu+i6wcabrq7yfmYg5B9OzAHkccAacCLjMz/2KCxHysuxkiElZ5g6qpHAlBQCw -yt/GY6+UYBWtKd7UrHCN9+k5a4hXom1VbSYmGQIDAQABAoIBAQDQtT7QhmRpGAfG -ursS27ZUsjNFNAR7OFt7szlVhhAF5CMcaE0dt3NCrReneEiCErkCoyKgolIXQvnS -inaI4KUW0WFk0qUnXlyHuM8qYrh17AZfRovjI/E8UhK/rzZruzXhWLKugjfgtS0W -v5fN+pu5x278sKMKNsx5R+6nlMujW/ztk6zFh4XQPH4WjbpEwNbGWtwktUu1ogTu -AKLUZUvjNej+qBo/rxaTvKnUw9YW7KRNmD97CJwiyATEMW3uCs/K+S1gMIW/pkOt -Nl3cokF94FwPxcSuJZMc6ZuGJrdjuUiwExO5Q9x5pxskbwYfK6Sq/cLy9ssqV8aL -Mam7xkKBAoGBAPR2Q+br5TXZHYv3y4FCKo6tcALloIdHAoVLrfSXeKe81b70j/Za -hGE9Wm5F0hbMK70l+NgDJnSbUUKmwDeU4eJbhrW68xuu8XP1jblwWLZ/RrqX4w8F -WqNbN4LokEu285xTZc2/MGyI4E7IB0LzCh7YvNyD8Mw5hoQeZqne76yNAoGBAOHP -uHOgu2lFokW8hvYg1tG1WqDAxNEThz+F6K1AhCh/rrKFqsns5baAr0A0nBOzfF52 -hnuQwjivoQ4LxapwDyYmbs0qmPSgOnKUAKuAlGYgiPzoqqAu7rPU6IsmbIa6Jex0 -JgbNNlFflvogQ7Ws1MJkVflBXtCRmIEC+dUeX0q9AoGBAM1H1oM+Sc6rEDWuEnTr -lAMVvz6fhuqyBXrbbys6WvY4CyF8CrvrjMh/FcYN2XqNXplKHql+E7fNiTI4Bqdl -3T0QcJGAeI8hm94tMCKtJcGyJTmhO+ksLM2KVpYWJr191xnJqm5YgxhQ5FMjg32D -y1bV19ow7W8BS2T8hmdVLtwtAoGAdf/9THcW2EkqJjUBdcbtWwLhDBYQA42n5HsO -ftKy/RLT8LhG6mQgGkGe0vdrBCSL/jUDy7h2tfaZO+TM82bBk9cLma0D5vl/8XYD -75sucTvZOgg/eZts446DwotetPy7ape7c1xzYQyJscWAfISHXdnez3TonicnQWuT -sFnBxCUCgYAmFe++2rfIDyTn/gYcZcTQeF9Ei9jAo8fGXuS/mqBNBwRLuctqoWsX -Qw4XZ+sMZQ2nQED9mC5skEpSKdetXZ0eMLd/JfnJhyqSlGqEbauD01mEdV/POYxG -oxpSg7bPw05mpaIzUCXw1mQpq7bZ/dQRArNs0wJwFi7sL1Pkf+/AHg== ------END RSA PRIVATE KEY----- - diff --git a/examples/conf/chef-icehouse.conf b/examples/conf/chef-icehouse.conf deleted file mode 100644 index 8cb6e85..0000000 --- a/examples/conf/chef-icehouse.conf +++ /dev/null @@ -1,11 +0,0 @@ -NAME = 'chef_installer' -INSTANCE_NAME = 'chef_installer' -SETTINGS = { - 'chef_url': 'https://10.145.89.140', - 'chef_server_ip': '10.145.89.140', - 'chef_server_dns': 'compass', - 'key_dir': '/etc/chef-client.pem', - 'client_name': 'docker-controller', - 'databags': [] -} - diff --git a/examples/conf/cobbler.conf b/examples/conf/cobbler.conf deleted file mode 100644 index 3928d6b..0000000 --- a/examples/conf/cobbler.conf +++ /dev/null @@ -1,9 +0,0 @@ -NAME = 'cobbler' -INSTANCE_NAME = 'cobbler' -SETTINGS = { - 'cobbler_url': 'http://10.145.89.140/cobbler_api', - 'credentials': { - 'username': 'cobbler', - 'password': 'cobbler' - } -} diff --git a/examples/conf/compass.setting b/examples/conf/compass.setting deleted file mode 100644 index e4b2aaa..0000000 --- a/examples/conf/compass.setting +++ /dev/null @@ -1,33 +0,0 @@ -CONFIG_DIR = '/etc/compass' -DATABASE_TYPE = 'mysql' -DATABASE_USER = 'root' -DATABASE_PASSWORD = 'root' -DATABASE_SERVER = '127.0.0.1:3306' -DATABASE_NAME = 'compass' -SQLALCHEMY_DATABASE_URI = '%s://%s:%s@%s/%s' % (DATABASE_TYPE, DATABASE_USER, DATABASE_PASSWORD, DATABASE_SERVER, DATABASE_NAME) -SQLALCHEMY_DATABASE_POOL_TYPE = 'instant' -INSTALLATION_LOGDIR = { - 'CobblerInstaller': '/var/log/cobbler/anamon', - 'ChefInstaller': '/var/log/chef' -} -DEFAULT_LOGLEVEL = 'info' -DEFAULT_LOGDIR = '/var/log/compass' -DEFAULT_LOGINTERVAL = 6 -DEFAULT_LOGINTERVAL_UNIT = 'h' -DEFAULT_LOGFORMAT = '%(asctime)s - %(filename)s - %(lineno)d - %(levelname)s - %(message)s' -WEB_LOGFILE = 'compass.log' -CELERY_LOGFILE = 'celery.log' -CELERYCONFIG_DIR = '/etc/compass' -CELERYCONFIG_FILE = 'celeryconfig' -PROGRESS_UPDATE_INTERVAL=30 -POLLSWITCH_INTERVAL=60 -SWITCHES = [ -] -TMPL_DIR = '/etc/compass/templates' -COMPASS_SUPPORTED_PROXY = 'http://10.145.89.140:3128' -COMPASS_SUPPORTED_DEFAULT_NOPROXY = ['127.0.0.1','10.145.89.140','comapss'] -COMPASS_SUPPORTED_NTP_SERVER = '10.145.89.140' -COMPASS_SUPPORTED_DNS_SERVERS = ['10.145.89.140'] -COMPASS_SUPPORTED_DOMAINS = ['ods.com'] -COMPASS_SUPPORTED_DEFAULT_GATEWAY = '10.145.88.1' -COMPASS_SUPPORTED_LOCAL_REPO = 'http://10.145.89.140' diff --git a/examples/scripts/start b/examples/scripts/start deleted file mode 100644 index 767b1ec..0000000 --- a/examples/scripts/start +++ /dev/null @@ -1,36 +0,0 @@ -#!/bin/bash - -# activate virtualenv -source `which virtualenvwrapper.sh` -workon compass-core - -# start mysqld service, push it to bg -/usr/bin/mysqld_safe > /dev/null 2>&1 & - -RET=1 -while [[ RET -ne 0 ]]; do - echo "waiting for mariadb to startup" - sleep 5 - mysql -uroot -e "status" > /dev/null 2>&1 - RET=$? -done - -echo "mariadb started" - -# set mysql with default username and password -mysqladmin -h127.0.0.1 --port=3306 -u root password root - -# create db 'compass' -mysql -h127.0.0.1 --port=3306 -uroot -proot -e "create database compass" - -# start compass services -/opt/compass/bin/manage_db.py createdb -/usr/sbin/apachectl -k start -/usr/sbin/rabbitmq-server & -/usr/bin/redis-server & -/usr/sbin/ntpd & -ln -s /root/.virtualenvs/compass-core/bin/celery /opt/compass/bin/celery -CELERY_CONFIG_MODULE=compass.utils.celeryconfig_wrapper C_FORCE_ROOT=1 /opt/compass/bin/celery worker &> /tmp/celery-worker.log & -/opt/compass/bin/progress_update.py &> /tmp/progress_update.log & -touch /var/log/compass/celery.log -tail -f /var/log/compass/celery.log diff --git a/install/allinone.yml b/install/allinone.yml deleted file mode 100644 index 3da3c93..0000000 --- a/install/allinone.yml +++ /dev/null @@ -1,9 +0,0 @@ ---- - -- hosts: allinone - sudo: True - roles: - - common - - chef - - cobbler - - compass diff --git a/install/allinone_nochef.yml b/install/allinone_nochef.yml deleted file mode 100644 index 3ad8e08..0000000 --- a/install/allinone_nochef.yml +++ /dev/null @@ -1,8 +0,0 @@ ---- - -- hosts: compass_vm - sudo: True - roles: - - common - - cobbler - - compass diff --git a/install/cobbler_nodocker.yml b/install/cobbler_nodocker.yml deleted file mode 100644 index 110b374..0000000 --- a/install/cobbler_nodocker.yml +++ /dev/null @@ -1,7 +0,0 @@ ---- - -- hosts: cobbler_ansible_test - sudo: True - roles: - - common - - cobbler diff --git a/install/compass_nodocker.yml b/install/compass_nodocker.yml deleted file mode 100644 index 9f59262..0000000 --- a/install/compass_nodocker.yml +++ /dev/null @@ -1,10 +0,0 @@ ---- - -- hosts: compass_nodocker - sudo: True - roles: - - common - - cobbler - - compass - vars: - - dockerized: False diff --git a/install/group_vars/all b/install/group_vars/all deleted file mode 100644 index 47eea89..0000000 --- a/install/group_vars/all +++ /dev/null @@ -1,225 +0,0 @@ ---- - -# Once rebuild is marked as True, all docker images and/or packages will be destroyed and re-established -rebuild: True - -# Auto-generated IP values -chef_server: "10.145.89.139" -cobbler_server: "{{ mgmt_next_ip }}" -compass-server: "{{ mgmt_next_ip }}" - -internal_nic: eth1 -internal_interface: "ansible_{{ internal_nic }}" -internal_ip: "{{ hostvars[inventory_hostname][internal_interface]['ipv4']['address'] }}" - -# Auto-generated -dockerized_cobbler: True -dockerized_chef: False - -# shared_dir on local machine -shared_dir: "~/compass/shared" - -# pkg installer -pkg_installer: ['ansible'] - -## default urls - -# centos -epel_6: "https://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm" - -# compass adapters -compass_adapters: "git://git.openstack.org/stackforge/compass-adapters.git" - -## cobbler -# cidr for docker bridge: compass0 -compass0_subnet: "192.168.100.1/24" - -# subnet ip for docker bridge: compass0 -compass0_subnet_ip: "192.168.100.0" - -# subnet mask for docker bridge: compass0 -compass0_subnet_mask: "255.255.255.0" - -# router ip for docker bridge: compass0 -compass0_router: "192.168.100.1" - -# dhcp range for docker bridge: compass0 -compass0_dhcp_range: "192.168.100.150 192.168.100.160" - -# management nic -mgmt_nic: "eth1" -mgmt_nic_ip: "hostvars[inventory_hostname][ansible_{{ mgmt_nic }}]['ipv4']['address']" -# management pxe server -mgmt_next_ip: "10.1.0.12" - -# management subnet ip of the cluster you want to deploy -mgmt_subnet_ip: "10.1.0.0" - -# mangement cidr of the cluster you want to deploy -mgmt_subnet: "10.1.0.0/24" - -# management subnet router ip -mgmt_router: "10.1.0.1" - -# management subnet subnet mask -mgmt_subnet_mask: "255.255.255.0" - -# management subnet dhcp range -mgmt_dhcp_range: "10.1.0.100 10.1.0.150" - - - -## ports for cobbler ## - -# http port on host that maps to the cobbler container -cobbler_mapped_http_port_on_host: "8080" - -# rsyslog port on host that maps to the compass container -rsyslog_port_mapped_on_host: "12514" - -# tftp port on host that maps to the cobbler container -tftp_port: "69" - -# xmlrpc port on host that maps to the cobbler container -xmlrpc_port: "25151" - -# dns port on host that maps to the cobbler container -dns_port: "53" - -# mysql port -mysql_port: "3306" - -# port mapping as a paramter for running cobbler container -cobbler_port_mapping: -p {{ cobbler_mapped_http_port_on_host }}:80 -p {{ tftp_port }}:69/udp -p {{ dns_port }}:53/udp -p {{ xmlrpc_port }}:25151 -p {{ rsyslog_port_mapped_on_host }}:514 - - - -## ports for compass ## - -# http port on host that maps to the compass container -compass_mapped_http_port_on_host: "5000" - -# ntp port on host that maps to the compass container -ntp_port: "123" - -# squid proxy port on host that maps to the compass container -proxy_port: "3128" - -# port mapping as a parameter for running compass container -compass_port_mapping: -p {{ compass_mapped_http_port_on_host }}:80 -p {{ ntp_port }}:123 -p {{ proxy_port }}:3128 -p {{ mysql_port }}:3306 - - -## isos -# centos iso url -centos_url: "{{ centos_65_url }}" - -# ubuntu iso url -ubuntu_url: "{{ ubuntu_1204_url }}" - -# centos 6.5 url -centos_65_url: "https://s3-us-west-1.amazonaws.com/compass-local-repo/centos/6.5/CentOS-6.5-x86_64.iso" - -# ubuntu 12.04 url -ubuntu_1204_url: "https://s3-us-west-1.amazonaws.com/compass-local-repo/ubuntu/12.04/Ubuntu-12.04-x86_64.iso" - -# os name of centos -centos: "{{ centos_65 }}" - -# os name of ubuntu -ubuntu: "{{ ubuntu_1204 }}" - -# centos 6.5 os name -centos_65: "CentOS-6.5-x86_64" - -# ubuntu 12.04 os name -ubuntu_1204: "Ubuntu-12.04-x86_64" - -# ubuntu 14.04 url -ubuntu_1404_url: "https://s3-us-west-1.amazonaws.com/compass-local-repo/ubuntu/14.04/Ubuntu-14.04-x86_64.iso" - -# ubuntu 14.04 os name -ubuntu_1404: "Ubuntu-14.04-x86_64" - -region: "lab" - -distros: - - { - name: "Ubuntu-14.04-x86_64", - iso_us_url: "https://s3-us-west-1.amazonaws.com/compass-local-repo/ubuntu/14.04/Ubuntu-14.04-x86_64.iso", - ppa_us_url: "https://s3-us-west-1.amazonaws.com/compass-local-repo/ubuntu/14.04/ubuntu_14_04_ppa_repo.tar.gz", - iso_lab_url: "http://192.168.120.2/cobbler/iso/ubuntu/Ubuntu-14.04-x86_64.iso", - ppa_lab_url: "http://192.168.120.2/cobbler/ppa_repo/ubuntu_14_04_ppa_repo.tar.gz", - ppa_repo_name: "ubuntu_14_04_ppa_repo", - breed: "ubuntu", - kickstart: "default.seed", - kopts: "netcfg/choose_interface=auto" - } - - - { - name: "CentOS-6.5-x86_64", - iso_us_url: "https://s3-us-west-1.amazonaws.com/compass-local-repo/centos/6.5/CentOS-6.5-x86_64.iso", - ppa_us_url: "https://s3-us-west-1.amazonaws.com/compass-local-repo/centos/6.5/centos_6_5_ppa_repo.tar.gz", - iso_lab_url: "http://192.168.120.2/cobbler/iso/centos/CentOS-6.5-x86_64.iso", - ppa_lab_url: "http://192.168.120.2/cobbler/ppa_repo/centos_6_5_ppa_repo.tar.gz", - ppa_repo_name: "centos_6_5_ppa_repo", - breed: "redhat", - kickstart: "default.ks", - kopts: "" - } - -## volume mapping for cobbler ## - -# mount point for isos on cobbler host -host_mount_point: "/root/docker-cobbler/images" - -# mount point inside cobbler container -container_mount_point: "/var/lib/cobbler/mount_point" - -# combined mount syntax for docker run -image_volume_mapping: "-v {{ host_mount_point }}:{{ container_mount_point }}" - -# log dir on cobbler host -cobbler_host_log_dir: "/var/log/cobbler" - -# log dir inside cobbler container -cobbler_container_log_dir: "/var/log/cobbler" - -# log the logs from container into host for future use -log_volume_mapping: "-v {{ cobbler_host_log_dir }}:{{ cobbler_container_log_dir }}" - - - -## volume mapping for compass ## - -# log dir on compass host -compass_host_log_dir: "/var/log/compass" - -# log dir on inside compass container -compass_container_log_dir: "/var/log/cobbler" - -# sync logs inside out of the container -compass_volume_mapping: "-v {{ compass_host_log_dir }}:{{ compass_container_log_dir }}" - - - -## docker ## - -# install docker on ubuntu -docker_apt_key_server: hkp://keyserver.ubuntu.com:80 -docker_apt_key: 36A1D7869245C8950F966E92D8576A8BA88D21E9 - -# epel version -epel_file_name: epel-release-6-8.noarch.rpm -epel_base_url: http://download.fedoraproject.org/pub/epel/6/x86_64/ - -# atomic version -atomic_file_name: atomic-release-1.0-19.el6.art.noarch.rpm -atomic_base_url: http://www6.atomicorp.com/channels/atomic/centos/6/x86_64/RPMS/ - -# pxe boot macs -#pxe_boot_macs: ['00:00:37:ed:95:4e', '00:00:79:ad:ce:6b', '00:00:0a:f6:6e:d7'] -#test: true - -# the key to be authorized on pxe boot machines so passwordless login can be -# done from the machine where you grab the key. -#push_ssh_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDUuKnIXwxS9w+Rxb4+CL3iqNQXB+kriQyr89YeLg5X7B0h+r91okw2bgodVvoynH8n7d7afHYew4KH7pMc5a3QMf/gwhhnlfoeyimQg0IOTQ6pvNxifRi5IN9xa3mB3kL9/xVmfo9rUE6ZZ4dNQ91As706SLBzEJWUuICT7fFJqCqHbxNT9aO//TWcoJJH+d+GLfLagyfVxBHb8DcoNSKTq1rFjZCFVs9pg6aO0d6Z3FcyICxOaacsAoRZOsx8+2WsHaZRk6udbqZJHt7LBs9Bc38+YCRhc31Q2jyrm37xT3QchRl4sihqq38N03cTYBksuRfV1dJaso9MUQapa/Lv root@host-1" diff --git a/install/inventories/allinone b/install/inventories/allinone deleted file mode 100644 index ea3dcbf..0000000 --- a/install/inventories/allinone +++ /dev/null @@ -1,2 +0,0 @@ -[allinone] -xc-ansible-test1 ansible_ssh_host=10.145.89.128 ansible_ssh_user=root ansible_ssh_pass=root type=allinone diff --git a/install/inventories/chef b/install/inventories/chef deleted file mode 100644 index 1f866bc..0000000 --- a/install/inventories/chef +++ /dev/null @@ -1,2 +0,0 @@ -[chefnodes] -xc-ansible-test1 ansible_ssh_host=10.145.89.128 ansible_ssh_user=root ansible_ssh_pass=root dockerized=False type=chef diff --git a/install/inventories/cobbler b/install/inventories/cobbler deleted file mode 100644 index e739247..0000000 --- a/install/inventories/cobbler +++ /dev/null @@ -1,2 +0,0 @@ -[cobblernodes] -docker-base ansible_ssh_host=10.145.89.139 ansible_ssh_user=root ansible_ssh_pass=root dockerized=True container_name=cobbler-dev type=cobbler diff --git a/install/inventories/compass b/install/inventories/compass deleted file mode 100644 index 9fa8fa4..0000000 --- a/install/inventories/compass +++ /dev/null @@ -1,2 +0,0 @@ -[compassnodes] -xc-ansible-test1 ansible_ssh_host=10.145.89.128 ansible_ssh_user=root ansible_ssh_pass=root dockerized=True container_name=compass-dev type=compass diff --git a/install/inventories/hosts_test b/install/inventories/hosts_test deleted file mode 100644 index 9bacea2..0000000 --- a/install/inventories/hosts_test +++ /dev/null @@ -1,6 +0,0 @@ -[chefnodes] -xc-precise-server ansible_ssh_host=10.145.89.133 ansible_ssh_user=root ansible_ssh_pass=root type=chef -[cobblernodes] -xc-ansible-test1 ansible_ssh_host=10.145.89.128 ansible_ssh_user=root ansible_ssh_pass=root type=cobbler -[compassnodes] -xc-precise-server ansible_ssh_host=10.145.89.133 ansible_ssh_user=root ansible_ssh_pass=root type=compass diff --git a/install/inventories/ubuntu_test b/install/inventories/ubuntu_test deleted file mode 100644 index 3a5953a..0000000 --- a/install/inventories/ubuntu_test +++ /dev/null @@ -1,6 +0,0 @@ -# [chefnodes] -# xc-precise-server ansible_ssh_host=10.145.89.133 ansible_ssh_user=root ansible_ssh_pass=root type=chef -[cobblernodes] -xc-precise-server ansible_ssh_host=10.145.89.133 ansible_ssh_user=root ansible_ssh_pass=root type=cobbler -[compassnodes] -xc-precise-server ansible_ssh_host=10.145.89.133 ansible_ssh_user=root ansible_ssh_pass=root type=compass diff --git a/install/precheck.yml b/install/precheck.yml deleted file mode 100644 index 939fb81..0000000 --- a/install/precheck.yml +++ /dev/null @@ -1,16 +0,0 @@ ---- - -- hosts: chefnodes - sudo: True - roles: - - precheck - -- hosts: cobblernodes - sudo: True - roles: - - precheck - -- hosts: compassnodes - sudo: True - roles: - - precheck diff --git a/install/regtest.yml b/install/regtest.yml deleted file mode 100644 index 4d88328..0000000 --- a/install/regtest.yml +++ /dev/null @@ -1,45 +0,0 @@ ---- - -- hosts: regtest_vm - sudo: True - roles: - - regtest-compass -# - regtest-ansible-openstack - vars: - - COMPASS_PATH: "/opt/compass-core" - - COMPASS_SERVER_URL: "http://10.1.0.11:5000/api" - - COMPASS_USER_EMAIL: "admin@huawei.com" - - COMPASS_USER_PASSWORD: "admin" - - CLUSTER_NAME: "opnfv" - - LANGUAGE: "EN" - - TIMEZONE: "America/Los_Angeles" - - HOSTNAMES: "allinone" - - NTP_SERVER: "10.1.0.11" - - NAMESERVERS: "10.1.0.11" - - DOMAIN: "ods.com" - - PARTITIONS: "/home=5%,/tmp=5%,/var=20%" - - SUBNETS: "10.1.0.0/24,172.16.2.0/24,172.16.3.0/24,172.16.4.0/24" - - ADAPTER_OS_PATTERN: '"(?i)ubuntu-14\.04.*"' - - ADAPTER_NAME: "os_only" - - ADAPTER_TARGET_SYSTEM_PATTERN: "" - - ADAPTER_FLAVOR_PATTERN: "" - - PROXY: "" - - IGNORE_PROXY: "" - - SEARCH_PATH: "ods.com" - - GATEWAY: "10.1.0.1" - - SERVER_CREDENTIAL: "root" - - LOCAL_REPO_URL: "" - - OS_CONFIG_FILENAME: "" - - SERVICE_CREDENTIALS: "service" - - CONSOLE_CREDENTIALS: "console" - - HOST_NETWORKS: "allinone:eth0=10.1.0.100|is_mgmt,eth1=172.16.2.100,eth2=172.16.3.100,eth3=172.16.4.100" - - NETWORK_MAPPING: "management=eth0,tenant=eth1,storage=eth3,external=eth2" - - PACKAGE_CONFIG_FILENAME: "" - - HOST_ROLES: "" - - DEFAULT_ROLES: "" - - SWITCH_IPS: "1.1.1.1" - - MACHINES: "" - - SWITCH_CREDENTIAL: "version=2c,community=public" - - DEPLOYMENT_TIMEOUT: "90" - - POLL_SWITCHES_FLAG: "nopoll_switches" - - DASHBOARD_URL: "" diff --git a/install/roles/chef/files/chef-server.rb b/install/roles/chef/files/chef-server.rb deleted file mode 100644 index b0f1851..0000000 --- a/install/roles/chef/files/chef-server.rb +++ /dev/null @@ -1,4 +0,0 @@ -nginx['non_ssl_port'] = 80 -nginx['enable_non_ssl'] = true -nginx['ssl_port'] = 443 -nginx['url'] = "https://#{node['fqdn']}" diff --git a/install/roles/chef/files/compass.json b/install/roles/chef/files/compass.json deleted file mode 100644 index 9eeba78..0000000 --- a/install/roles/chef/files/compass.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "name": "compass", - "public_key": null, - "validator": false, - "admin": true, - "json_class": "Chef::ApiClient", - "chef_type": "client" -} diff --git a/install/roles/chef/files/knife.rb b/install/roles/chef/files/knife.rb deleted file mode 100644 index 834e4a1..0000000 --- a/install/roles/chef/files/knife.rb +++ /dev/null @@ -1,9 +0,0 @@ -log_level :info -log_location STDOUT -node_name 'admin' -client_key '/etc/chef-server/admin.pem' -validation_client_name 'chef-validator' -validation_key '/etc/chef-server/chef-validator.pem' -chef_server_url 'https://localhost:443' -syntax_check_cache_path '/root/.chef/syntax_check_cache' -cookbook_path [ '/root/chef-repo/cookbooks' ] diff --git a/install/roles/chef/files/knife.sh b/install/roles/chef/files/knife.sh deleted file mode 100644 index 8e3145a..0000000 --- a/install/roles/chef/files/knife.sh +++ /dev/null @@ -1,5 +0,0 @@ -#!/bin/bash - -knife configure -y -i --defaults -r ~/chef-repo -s https://localhost:443 -u root --admin-client-name admin --admin-client-key /etc/chef-server/admin.pem --validation-client-name chef-validator --validation-key /etc/chef-server/chef-validator.pem<> knife.txt chdir=/tmp/ - when: result.stdout.find('root') == -1 - -- name: replace knife config file - copy: src=knife.rb dest=/root/.chef/knife.rb mode=0644 diff --git a/install/roles/chef/tasks/main.yml b/install/roles/chef/tasks/main.yml deleted file mode 100644 index 3e3ff04..0000000 --- a/install/roles/chef/tasks/main.yml +++ /dev/null @@ -1,22 +0,0 @@ ---- - -- include: RedHat.yml - when: ansible_os_family == 'RedHat' and not dockerized - -- include: Debian.yml - when: ansible_os_family == 'Debian' and not dockerized - -- include: docker-redhat.yml - when: ansible_os_family == 'Redhat' and dockerized - -- include: docker-debian.yml - when: ansible_os_family == 'Debian' and dockerized - -- include: chef-server.yml - when: not dockerized - -- include: knife.yml - when: not dockerized - -- include: compass.yml - when: not dockerized diff --git a/install/roles/chef/vars/main.yml b/install/roles/chef/vars/main.yml deleted file mode 100644 index 2ae4e12..0000000 --- a/install/roles/chef/vars/main.yml +++ /dev/null @@ -1,16 +0,0 @@ ---- - -# chef server specific environment variables - -chef_server_el6_rpm: "https://opscode-omnibus-packages.s3.amazonaws.com/el/6/x86_64/chef-server-11.0.8-1.el6.x86_64.rpm" -# open source chef server does not support centos7/el7 yet -chef_server_el7_rpm: "" -chef_server_precise: "https://opscode-omnibus-packages.s3.amazonaws.com/ubuntu/12.04/x86_64/chef-server_11.0.8-1.ubuntu.12.04_amd64.deb" -chef_server_trusty: "" - -# chef client rpm -chef_client_el6_rpm: "https://opscode-omnibus-packages.s3.amazonaws.com/el/6/x86_64/chef-11.8.0-1.el6.x86_64.rpm" - -dockerized: False - - diff --git a/install/roles/cobbler/files/cobbler_web.conf b/install/roles/cobbler/files/cobbler_web.conf deleted file mode 100644 index f03d4fe..0000000 --- a/install/roles/cobbler/files/cobbler_web.conf +++ /dev/null @@ -1,10 +0,0 @@ -# This configuration file enables the cobbler web -# interface (django version) - -# Force everything to go to https -RewriteEngine on -RewriteCond %{HTTPS} off -RewriteCond %{REQUEST_URI} ^/cobbler_web -# RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} - -WSGIScriptAlias /cobbler_web /usr/share/cobbler/web/cobbler.wsgi diff --git a/install/roles/cobbler/files/debmirror.conf b/install/roles/cobbler/files/debmirror.conf deleted file mode 100644 index dbd187f..0000000 --- a/install/roles/cobbler/files/debmirror.conf +++ /dev/null @@ -1,79 +0,0 @@ -# Default config for debmirror - -# The config file is a perl script so take care to follow perl syntax. -# Any setting in /etc/debmirror.conf overrides these defaults and -# ~/.debmirror.conf overrides those again. Take only what you need. -# -# The syntax is the same as on the command line and variable names -# loosely match option names. If you don't recognize something here -# then just stick to the command line. -# -# Options specified on the command line override settings in the config -# files. - -# Location of the local mirror (use with care) -# $mirrordir="/path/to/mirrordir" - -# Output options -$verbose=0; -$progress=0; -$debug=0; - -# Download options -$host="ftp.debian.org"; -$user="anonymous"; -$passwd="anonymous@"; -$remoteroot="debian"; -$download_method="ftp"; -# @dists="sid"; -@sections="main,main/debian-installer,contrib,non-free"; -# @arches="i386"; -# @ignores=""; -# @excludes=""; -# @includes=""; -# @excludes_deb_section=""; -# @limit_priority=""; -$omit_suite_symlinks=0; -$skippackages=0; -# @rsync_extra="doc,tools"; -$i18n=0; -$getcontents=0; -$do_source=1; -$max_batch=0; - -# @di_dists="dists"; -# @di_archs="arches"; - -# Save mirror state between runs; value sets validity of cache in days -$state_cache_days=0; - -# Security/Sanity options -$ignore_release_gpg=0; -$ignore_release=0; -$check_md5sums=0; -$ignore_small_errors=0; - -# Cleanup -$cleanup=0; -$post_cleanup=1; - -# Locking options -$timeout=300; - -# Rsync options -$rsync_batch=200; -$rsync_options="-aIL --partial"; - -# FTP/HTTP options -$passive=0; -# $proxy="http://proxy:port/"; - -# Dry run -$dry_run=0; - -# Don't keep diff files but use them -$diff_mode="use"; - -# The config file must return true or perl complains. -# Always copy this. -1; diff --git a/install/roles/cobbler/files/distributions b/install/roles/cobbler/files/distributions deleted file mode 100644 index 7f61215..0000000 --- a/install/roles/cobbler/files/distributions +++ /dev/null @@ -1,8 +0,0 @@ -Origin: ppa -Label: ppa_repo -Suite: stable -Codename: ppa -Version: 0.1 -Architectures: i386 amd64 source -Components: main -Description: ppa repo diff --git a/install/roles/cobbler/files/rsync b/install/roles/cobbler/files/rsync deleted file mode 100644 index 1f8b9b1..0000000 --- a/install/roles/cobbler/files/rsync +++ /dev/null @@ -1,14 +0,0 @@ -# default: off -# description: The rsync server is a good addition to an ftp server, as it \ -# allows crc checksumming etc. -service rsync -{ - disable = no - flags = IPv6 - socket_type = stream - wait = no - user = root - server = /usr/bin/rsync - server_args = --daemon - log_on_failure += USERID -} diff --git a/install/roles/cobbler/files/ssl.conf b/install/roles/cobbler/files/ssl.conf deleted file mode 100644 index 73220d3..0000000 --- a/install/roles/cobbler/files/ssl.conf +++ /dev/null @@ -1,221 +0,0 @@ -# -# This is the Apache server configuration file providing SSL support. -# It contains the configuration directives to instruct the server how to -# serve pages over an https connection. For detailing information about these -# directives see -# -# Do NOT simply read the instructions in here without understanding -# what they do. They're here only as hints or reminders. If you are unsure -# consult the online docs. You have been warned. -# - -LoadModule ssl_module modules/mod_ssl.so - -# -# When we also provide SSL we have to listen to the -# the HTTPS port in addition. -# -Listen 443 - -## -## SSL Global Context -## -## All SSL configuration in this context applies both to -## the main server and all SSL-enabled virtual hosts. -## - -# Pass Phrase Dialog: -# Configure the pass phrase gathering process. -# The filtering dialog program (`builtin' is a internal -# terminal dialog) has to provide the pass phrase on stdout. -SSLPassPhraseDialog builtin - -# Inter-Process Session Cache: -# Configure the SSL Session Cache: First the mechanism -# to use and second the expiring timeout (in seconds). -SSLSessionCache shmcb:/var/cache/mod_ssl/scache(512000) -SSLSessionCacheTimeout 300 - -# Semaphore: -# Configure the path to the mutual exclusion semaphore the -# SSL engine uses internally for inter-process synchronization. -# SSLMutex default - -# Pseudo Random Number Generator (PRNG): -# Configure one or more sources to seed the PRNG of the -# SSL library. The seed data should be of good random quality. -# WARNING! On some platforms /dev/random blocks if not enough entropy -# is available. This means you then cannot use the /dev/random device -# because it would lead to very long connection times (as long as -# it requires to make more entropy available). But usually those -# platforms additionally provide a /dev/urandom device which doesn't -# block. So, if available, use this one instead. Read the mod_ssl User -# Manual for more details. -SSLRandomSeed startup file:/dev/urandom 256 -SSLRandomSeed connect builtin -#SSLRandomSeed startup file:/dev/random 512 -#SSLRandomSeed connect file:/dev/random 512 -#SSLRandomSeed connect file:/dev/urandom 512 - -# -# Use "SSLCryptoDevice" to enable any supported hardware -# accelerators. Use "openssl engine -v" to list supported -# engine names. NOTE: If you enable an accelerator and the -# server does not start, consult the error logs and ensure -# your accelerator is functioning properly. -# -SSLCryptoDevice builtin -#SSLCryptoDevice ubsec - -## -## SSL Virtual Host Context -## - - - -# General setup for the virtual host, inherited from global configuration -#DocumentRoot "/var/www/html" -#ServerName www.example.com:443 - -# Use separate log files for the SSL virtual host; note that LogLevel -# is not inherited from httpd.conf. -ErrorLog logs/ssl_error_log -TransferLog logs/ssl_access_log -LogLevel warn - -# SSL Engine Switch: -# Enable/Disable SSL for this virtual host. -SSLEngine on - -# SSL Protocol support: -# List the enable protocol levels with which clients will be able to -# connect. Disable SSLv2 access by default: -SSLProtocol all -SSLv2 - -# SSL Cipher Suite: -# List the ciphers that the client is permitted to negotiate. -# See the mod_ssl documentation for a complete list. -SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW - -# Server Certificate: -# Point SSLCertificateFile at a PEM encoded certificate. If -# the certificate is encrypted, then you will be prompted for a -# pass phrase. Note that a kill -HUP will prompt again. A new -# certificate can be generated using the genkey(1) command. -SSLCertificateFile /etc/pki/tls/certs/localhost.crt - -# Server Private Key: -# If the key is not combined with the certificate, use this -# directive to point at the key file. Keep in mind that if -# you've both a RSA and a DSA private key you can configure -# both in parallel (to also allow the use of DSA ciphers, etc.) -SSLCertificateKeyFile /etc/pki/tls/private/localhost.key - -# Server Certificate Chain: -# Point SSLCertificateChainFile at a file containing the -# concatenation of PEM encoded CA certificates which form the -# certificate chain for the server certificate. Alternatively -# the referenced file can be the same as SSLCertificateFile -# when the CA certificates are directly appended to the server -# certificate for convinience. -#SSLCertificateChainFile /etc/pki/tls/certs/server-chain.crt - -# Certificate Authority (CA): -# Set the CA certificate verification path where to find CA -# certificates for client authentication or alternatively one -# huge file containing all of them (file must be PEM encoded) -#SSLCACertificateFile /etc/pki/tls/certs/ca-bundle.crt - -# Client Authentication (Type): -# Client certificate verification type and depth. Types are -# none, optional, require and optional_no_ca. Depth is a -# number which specifies how deeply to verify the certificate -# issuer chain before deciding the certificate is not valid. -#SSLVerifyClient require -#SSLVerifyDepth 10 - -# Access Control: -# With SSLRequire you can do per-directory access control based -# on arbitrary complex boolean expressions containing server -# variable checks and other lookup directives. The syntax is a -# mixture between C and Perl. See the mod_ssl documentation -# for more details. -# -#SSLRequire ( %{SSL_CIPHER} !~ m/^(EXP|NULL)/ \ -# and %{SSL_CLIENT_S_DN_O} eq "Snake Oil, Ltd." \ -# and %{SSL_CLIENT_S_DN_OU} in {"Staff", "CA", "Dev"} \ -# and %{TIME_WDAY} >= 1 and %{TIME_WDAY} <= 5 \ -# and %{TIME_HOUR} >= 8 and %{TIME_HOUR} <= 20 ) \ -# or %{REMOTE_ADDR} =~ m/^192\.76\.162\.[0-9]+$/ -# - -# SSL Engine Options: -# Set various options for the SSL engine. -# o FakeBasicAuth: -# Translate the client X.509 into a Basic Authorisation. This means that -# the standard Auth/DBMAuth methods can be used for access control. The -# user name is the `one line' version of the client's X.509 certificate. -# Note that no password is obtained from the user. Every entry in the user -# file needs this password: `xxj31ZMTZzkVA'. -# o ExportCertData: -# This exports two additional environment variables: SSL_CLIENT_CERT and -# SSL_SERVER_CERT. These contain the PEM-encoded certificates of the -# server (always existing) and the client (only existing when client -# authentication is used). This can be used to import the certificates -# into CGI scripts. -# o StdEnvVars: -# This exports the standard SSL/TLS related `SSL_*' environment variables. -# Per default this exportation is switched off for performance reasons, -# because the extraction step is an expensive operation and is usually -# useless for serving static content. So one usually enables the -# exportation for CGI and SSI requests only. -# o StrictRequire: -# This denies access when "SSLRequireSSL" or "SSLRequire" applied even -# under a "Satisfy any" situation, i.e. when it applies access is denied -# and no other module can change it. -# o OptRenegotiate: -# This enables optimized SSL connection renegotiation handling when SSL -# directives are used in per-directory context. -#SSLOptions +FakeBasicAuth +ExportCertData +StrictRequire - - SSLOptions +StdEnvVars - - - SSLOptions +StdEnvVars - - -# SSL Protocol Adjustments: -# The safe and default but still SSL/TLS standard compliant shutdown -# approach is that mod_ssl sends the close notify alert but doesn't wait for -# the close notify alert from client. When you need a different shutdown -# approach you can use one of the following variables: -# o ssl-unclean-shutdown: -# This forces an unclean shutdown when the connection is closed, i.e. no -# SSL close notify alert is send or allowed to received. This violates -# the SSL/TLS standard but is needed for some brain-dead browsers. Use -# this when you receive I/O errors because of the standard approach where -# mod_ssl sends the close notify alert. -# o ssl-accurate-shutdown: -# This forces an accurate shutdown when the connection is closed, i.e. a -# SSL close notify alert is send and mod_ssl waits for the close notify -# alert of the client. This is 100% SSL/TLS standard compliant, but in -# practice often causes hanging connections with brain-dead browsers. Use -# this only for browsers where you know that their SSL implementation -# works correctly. -# Notice: Most problems of broken clients are also related to the HTTP -# keep-alive facility, so you usually additionally want to disable -# keep-alive for those clients, too. Use variable "nokeepalive" for this. -# Similarly, one has to force some clients to use HTTP/1.0 to workaround -# their broken HTTP/1.1 implementation. Use variables "downgrade-1.0" and -# "force-response-1.0" for this. -SetEnvIf User-Agent ".*MSIE.*" \ - nokeepalive ssl-unclean-shutdown \ - downgrade-1.0 force-response-1.0 - -# Per-Server Logging: -# The home of a custom SSL log file. Use this when you want a -# compact non-error SSL logfile on a virtual host basis. -CustomLog logs/ssl_request_log \ - "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b" - - diff --git a/install/roles/cobbler/handlers/main.yml b/install/roles/cobbler/handlers/main.yml deleted file mode 100644 index a382468..0000000 --- a/install/roles/cobbler/handlers/main.yml +++ /dev/null @@ -1,12 +0,0 @@ ---- -- name: restart dhcp-relay - shell: service isc-dhcp-relay restart - -- name: restart httpd - service: name=httpd state=restarted enabled=yes - -- name: restart cobbler - service: name=cobblerd state=restarted enabled=yes - -- name: cobbler sync - command: cobbler sync diff --git a/install/roles/cobbler/tasks/Debian.yml b/install/roles/cobbler/tasks/Debian.yml deleted file mode 100644 index e69de29..0000000 diff --git a/install/roles/cobbler/tasks/RedHat.yml b/install/roles/cobbler/tasks/RedHat.yml deleted file mode 100644 index ef7ad39..0000000 --- a/install/roles/cobbler/tasks/RedHat.yml +++ /dev/null @@ -1,321 +0,0 @@ ---- - -- name: install base packages - yum: name={{ item }} state=present - with_items: - - wget - - git - -- name: check epel presence - command: rpm -q epel-release - register: epel_presence - ignore_errors: yes - -- name: check atomic repo presence - command: rpm -q atomic-release - register: atomic_presence - ignore_errors: yes - -#- name: get epel version -# command: > -# wget -q {{ epel_base_url }} -O - | grep -oE "(href=\"epel-release-6-[0-9,.].*)" | cut -d\" -f2 -# register: epel_file_name -# when: epel_presence.rc != 0 - -- name: install epel - yum: name={{ epel_base_url }}/{{ epel_file_name }} state=present - when: epel_presence.rc != 0 - -- name: install atomic repo - yum: name={{ atomic_base_url }}/{{ atomic_file_name }} state=present - when: atomic_presence.rc != 0 - -- name: yum update - yum: name=* state=latest update_cache=yes - -- name: install related packages - yum: name={{ item }} state=present - with_items: - - cobbler - - cobbler-web - - createrepo - - mkisofs - - syslinux - - debmirror - - pykickstart - - cman - - bind - - rsync - - dhcp - - xinetd - - tftp-server - - gcc - - httpd - - libselinux-python - -- name: turn off iptables - service: name=iptables state=stopped enabled=no - -- name: replace config files - copy: src={{ item.name }} dest={{ item.dest }} - with_items: - - { name: rsync, dest: /etc/xinetd.d/rsync } - - { name: debmirror.conf, dest: /etc/debmirror.conf } - -- name: restart xinetd service - service: name=xinetd state=restarted enabled=yes - -- name: configure interface for dhcp - command: ifconfig {{ mgmt_nic }}:1 {{ mgmt_next_ip }} netmask {{ mgmt_subnet_mask }} - when: not mgmt_ip_same - -- name: copy httpd configuration files - file: src={{ item }} dest=/etc/httpd/conf.d/{{ item }} mode=0644 - with_items: - - cobbler_web.conf - - ssl.conf - notify: - restart httpd - -- name: disable selinux - selinux: state=disabled - -- name: disable selinux real time - shell: echo 0 > /selinux/enforce - -- name: copy cobbler configuration files - template: src={{ item.name }} dest=/etc/cobbler/{{ item.file_name }} mode=0644 - with_items: - - { name: tftpd.template, file_name: tftpd.template } - - { name: modules.conf, file_name: modules.conf } - - { name: dhcp.template.nodocker.j2, file_name: dhcp.template } - - { name: named.template.nodocker.j2, file_name: named.template } - - { name: settings.j2, file_name: settings } - notify: - - restart cobbler - - cobbler sync - -- meta: flush_handlers - -- name: clone snippets - git: repo={{ compass_adapter_source }} - dest=/opt/compass-adapters - version={{ compass_adapter_version }} - update=yes - force=yes - -- name: remove old cobbler folders - shell: rm -rf path=/var/lib/cobbler/{{ item }} - with_items: - - snippets - - scripts - - triggers - - kickstarts - -- name: create cobbler folders - file: path=/var/lib/cobbler/{{ item }} state=directory mode=0755 - with_items: - - snippets - - scripts - - triggers - - kickstarts - -- name: copy snippets to cobbler folder - shell: cp -rf /opt/compass-adapters/cobbler/{{ item }}/* /var/lib/cobbler/{{ item }}/ - with_items: - - snippets - - scripts - - triggers - - kickstarts - notify: - cobbler sync - -- name: change snippets mode - file: path=/var/lib/cobbler mode=0755 recurse=yes - -- name: create cblr_ks folder - file: path=/var/www/cblr_ks mode=0755 state=directory - -- name: change kickstart mode - file: path=/var/lib/cobbler/kickstarts mode=0666 recurse=yes - -- name: disable selinux - selinux: state=disabled - -- name: disable selinux real time - command: echo 0 > /selinux/enforce - -- name: clean cobbler log folder - file: path=/var/log/cobbler state=absent - -- name: create cobbler log directories - file: path={{ item }} mode=0777 state=directory recurse=yes - with_items: - - /var/log/cobbler - - /var/log/cobbler/anamon - - /var/log/cobbler/tasks - -- name: create cobbler ppa repo dir - file: path=/var/lib/cobbler/repo_mirror/{{ item.ppa_repo_name }}/conf - state=directory - mode=0644 - recurse=yes - with_items: distros - -- name: copy distributions to ubuntu ppa repo - template: src=distributions - dest=/var/lib/cobbler/repo_mirror/ubuntu_12_04_ppa_repo/conf/distributions - mode=0644 - when: ubuntu_1204 in distros - -- name: copy distribution to ubuntu 14.04 ppa repo - template: src=distributions - dest=/var/lib/cobbler/repo_mirror/ubuntu_14_04_ppa_repo/conf/distributions - mode=0644 - when: ubuntu_1404 in distros - -- name: start cobbler and httpd services - service: name={{ item }} state=restarted enabled=yes - with_items: - - httpd - - cobblerd - -- name: download ppa repo images - get_url: url={{ item.ppa_lab_url }} dest=/var/lib/cobbler/repo_mirror/{{ item.ppa_repo_name }}.tar.gz - with_items: distros - when: region == "lab" - -- name: download ppa repo images - get_url: url={{ item.ppa_us_url }} dest=/var/lib/cobbler/repo_mirror/{{ item.ppa_repo_name }}.tar.gz - with_items: distros - when: region == "us" - -- name: untar ppa repo images - unarchive: src=/var/lib/cobbler/repo_mirror/{{ item.ppa_repo_name }}.tar.gz - dest=/var/lib/cobbler/repo_mirror/ - copy=no - with_items: distros - -- name: add repos - command: cobbler repo add --name {{ item.ppa_repo_name }} --mirror=/var/lib/cobbler/repo_mirror/{{ item.ppa_repo_name }} --mirror-locally=Y --arch=x86_64 - with_items: distros - args: - creates: /opt/repo_added.txt - ignore_errors: yes - run_once: True - -- name: remove ubuntu default repo - command: cobbler repo remove --name {{ item }} - with_items: - - "{{ ubuntu }}" - - "{{ ubuntu_1404 }}" - ignore_errors: yes - -- name: cobbler repo sync - command: cobbler reposync - -- name: download loader files - get_url: url={{ cobbler_loaders_url }} dest=/var/lib/cobbler/ - -- name: untar loaders file - unarchive: src=/var/lib/cobbler/loaders.tar.gz dest=/var/lib/cobbler/ - copy=no - -- name: cobbler get loaders - command: cobbler get-loaders - -- name: create directory for images - file: path=/var/lib/cobbler/iso state=directory - -- name: download images - get_url: url={{ item.iso_lab_url }} dest=/var/lib/cobbler/iso/{{ item.name }}.iso mode=0644 - with_items: distros - when: region == "lab" - -- name: download images - get_url: url={{ item.iso_us_url }} dest=/var/lib/cobbler/iso/{{ item.name }}.iso mode=0644 - with_items: distros - when: region == "us" - -- name: mount_info - command: mount - register: mount_info - -- name: create mount point - file: name=/mnt/{{ item.name }} state=directory - with_items: distros - when: mount_info.stdout.find('CentOS') == -1 and mount_info.stdout.find('Ubuntu') == -1 - ignore_errors: yes - -- name: mount images - shell: mount -o loop /var/lib/cobbler/iso/{{ item.name }}.iso /mnt/{{ item.name }} - with_items: distros - when: mount_info.stdout.find('CentOS') == -1 and mount_info.stdout.find('Ubuntu') == -1 - args: - creates: /opt/image_mounted.txt - ignore_errors: yes - run_once: True - -- name: import distros - command: cobbler import --path=/mnt/{{ item.name }} --name {{ item.name }} --arch=x86_64 --kickstart=/var/lib/cobbler/kickstarts/default.ks --breed={{ item.breed }} - with_items: distros - args: - creates: /opt/distro_imported.txt - ignore_errors: yes - run_once: True - -#- name: add profiles -# command: cobbler profile add --name={{ item.name }} --repo={{ item.ppa_repo_name }} --distro={{ item.name }} --ksmeta="tree=http://{{ mgmt_next_ip }}/cobbler/ks_mirror/{{ item.name }}" --kickstart=/var/lib/cobbler/kickstarts/{{ item.kickstart }} --kopts="{{ item.kopts }}" -# with_items: distros -# args: -# creates: /opt/profile_added.txt -# ignore_errors: yes -# run_once: True - -- name: generate public key file for ssh - template: src=id_rsa.pub.j2 dest=/var/lib/cobbler/id_rsa.pub - when: push_ssh_key is defined - -- name: generate ssh key for root - user: name=root generate_ssh_key=yes ssh_key_bits=2048 ssh_key_file=.ssh/id_rsa - when: push_ssh_key is not defined - -- name: edit profiles - shell: cobbler profile edit --name={{ item.name }} --repo={{ item.ppa_repo_name }} --distro={{ item.name }} --ksmeta="tree=http://{{ mgmt_next_ip }}/cobbler/ks_mirror/{{ item.name }}" --kickstart=/var/lib/cobbler/kickstarts/{{ item.kickstart }} --kopts="{{ item.kopts }}" - with_items: distros - -- name: edit profiles with push ssh key option - shell: cobbler profile edit --name={{ item.name }} --repo={{ item.ppa_repo_name }} --distro={{ item.name }} --ksmeta="tree=http://{{ mgmt_next_ip }}/cobbler/ks_mirror/{{ item.name }} push_ssh_keys=/var/lib/cobbler/id_rsa.pub" --kickstart=/var/lib/cobbler/kickstarts/{{ item.kickstart }} --kopts="{{ item.kopts }}" - with_items: distros - when: push_ssh_key is defined - -- name: remove ubuntu default repo - command: cobbler repo remove --name {{ item }} - with_items: - - "{{ ubuntu }}" - - "{{ ubuntu_1404 }}" - ignore_errors: yes - -- name: cobbler repo sync again - shell: cobbler reposync - -- name: cobbler sync - shell: cobbler sync - -- name: restart xinetd - service: name=xinetd state=restarted - -- name: restart dhcpd - service: name=dhcpd state=restarted enabled=yes - -- name: cobbler check - shell: cobbler check - -- name: get all systems - shell: cobbler system list - register: cobbler_systems - -- name: remove all systems - shell: cobbler system remove --name {{ item }} - with_items: cobbler_systems.stdout_lines - when: cobbler_systems and test is defined and test == True diff --git a/install/roles/cobbler/tasks/dhcp-relay-debian.yml b/install/roles/cobbler/tasks/dhcp-relay-debian.yml deleted file mode 100644 index 6467a91..0000000 --- a/install/roles/cobbler/tasks/dhcp-relay-debian.yml +++ /dev/null @@ -1,11 +0,0 @@ ---- - -- name: get isc-dhcp-relay agent - apt: pkg=isc-dhcp-relay state=installed - -- name: make dhcp-relay agent listen to cobbler - lineinfile: dest=/etc/default/isc-dhcp-relay - regexp='^SERVERS' - line='SERVERS="{{ cobbler_docker_ip }}"' - notify: - restart dhcp-relay diff --git a/install/roles/cobbler/tasks/dhcp-relay-redhat.yml b/install/roles/cobbler/tasks/dhcp-relay-redhat.yml deleted file mode 100644 index d3d0ce5..0000000 --- a/install/roles/cobbler/tasks/dhcp-relay-redhat.yml +++ /dev/null @@ -1,6 +0,0 @@ -- name: install dhcp on cobbler host for relay - yum: pkg=dhcp state=installed - when: ansible_os_family == "RedHat" - -- name: configure dhcprelay - shell: dhcrelay {{ cobbler_docker_ip }} diff --git a/install/roles/cobbler/tasks/docker.yml b/install/roles/cobbler/tasks/docker.yml deleted file mode 100644 index be94503..0000000 --- a/install/roles/cobbler/tasks/docker.yml +++ /dev/null @@ -1,133 +0,0 @@ ---- - -- name: install mkisofs - yum: pkg=mkisofs state=installed - when: ansible_os_family == "Redhat" - -- name: install mkisofs in debian - apt: pkg=mkisofs state=installed - when: ansible_os_family == "Debian" - -- name: clean up docker directory - file: path=~/docker-cobbler/{{ item }} state=absent - with_items: - - Dockerfile - - files - -- name: clean up log directory - file: path=/var/log/cobbler state=absent - -- name: create directory for docker and files - file: path=~/docker-cobbler/files state=directory - -- name: create directories for images - file: path=~/docker-cobbler/images/{{ item }} state=directory - with_items: - - "{{ centos }}" - - "{{ ubuntu }}" - - "{{ ubuntu_1404 }}" - -- name: download images - get_url: url={{ item.name }} dest=/tmp/{{ item.filename }} mode=0644 - with_items: - - { name: "{{ centos_url }}", filename: "{{ centos }}.iso" } - - { name: "{{ ubuntu_url }}", filename: "{{ ubuntu }}.iso" } - - { name: "{{ ubuntu_1404_url }}", filename: "{{ ubuntu_1404 }}.iso" } - -- name: mount info - command: mount - register: mount_info - -- name: mount images - shell: mount -o loop /tmp/{{ item }}.iso ~/docker-cobbler/images/{{ item }} -# mount: name=~/docker-cobbler/images/{{ item }} src=/tmp/{{ item }}.iso opts=loop fstype=iso9660 state=mounted - with_items: - - "{{ centos }}" - - "{{ ubuntu }}" - - "{{ ubuntu_1404 }}" - when: mount_info.stdout.find('CentOS') == -1 - -- name: copy Dockerfile to ~/docker-cobbler - template: src=Dockerfile.j2 dest=~/docker-cobbler/Dockerfile mode=0644 - -- name: copy dhcp.template - template: src=dhcp.template.j2 - dest=~/docker-cobbler/files/dhcp.template - mode=0644 - -- name: copy named.template - template: src=named.template.j2 - dest=~/docker-cobbler/files/named.template - mode=0644 - -- name: copy start script - template: src=start.sh.j2 - dest=~/docker-cobbler/files/start.sh - mode=0755 - -- name: copy post sync script - template: src=fix_ks_server.py.j2 - dest=~/docker-cobbler/files/fix_ks_server.py - mode=0755 - -- name: copy admin key - copy: src={{ shared_dir }}/keys/admin.pem - dest=~/docker-cobbler/files/admin.pem - mode=0644 - when: "'chef' in {{ pkg_installer }}" - -- name: copy chef validator key - copy: src={{ shared_dir }}/keys/chef-validator.pem - dest=~/docker-cobbler/files/chef-validator.pem - mode=0644 - when: "'chef' in {{ pkg_installer }}" - -- name: cobbler container? - command: docker ps -a - register: containers - -- name: remove cobbler container if any - shell: docker rm -f cobbler-dev - when: containers.stdout.find('cobbler-dev') != -1 - -- name: check if 'cobbler' image already exists - command: docker images cobbler - register: image - -- name: remove image 'cobbler' if it exists and --rebuild is specified - shell: docker rmi -f cobbler - when: image.stdout.find('cobbler') != -1 and rebuild - -- name: restart docker daemon if debian - service: name=docker state=restarted - when: ansible_os_family == "Debian" - -- name: build a docker image for cobbler - shell: docker build -t cobbler ~/docker-cobbler - when: image.stdout.find('cobbler') == -1 or rebuild - -- name: fork image and run a new cobbler container - shell: docker run --name=cobbler-dev -d {{ cobbler_port_mapping }} {{ image_volume_mapping }} -i -t cobbler - notify: - restart dhcp-relay - -- name: extract cobbler ip info - shell: echo `docker inspect cobbler-dev | awk -F '"' '/IPAdd/ {print $4}'` > /tmp/ip - -- name: quote the ip first - shell: echo `sed 's/\(.*\)/"\1"/g' /tmp/ip` > /tmp/dynamic.yml - -- name: add cobbler_docker_ip before cobbler ip - shell: "echo `sed '/^/ s/^/cobbler_docker_ip: /' /tmp/dynamic.yml` > /tmp/dynamic.yml" - -- name: write cobbler_ip to local var - fetch: src=/tmp/dynamic.yml dest={{ shared_dir }}/dynamic.yml mode=0644 flat=yes - -- name: include cobbler dynamic vars - include_vars: "{{ shared_dir }}/dynamic.yml" - -- include: dhcp-relay-redhat.yml - when: ansible_os_family == "Redhat" - -- include: dhcp-relay-debian.yml - when: ansible_os_family == "Debian" diff --git a/install/roles/cobbler/tasks/main.yml b/install/roles/cobbler/tasks/main.yml deleted file mode 100644 index 0e2c0a8..0000000 --- a/install/roles/cobbler/tasks/main.yml +++ /dev/null @@ -1,10 +0,0 @@ ---- - -- include: RedHat.yml - when: ansible_os_family == 'RedHat' and not dockerized - -- include: Debian.yml - when: ansible_os_family == 'Debian' and not dockerized - -- include: docker.yml - when: dockerized diff --git a/install/roles/cobbler/templates/Dockerfile.j2 b/install/roles/cobbler/templates/Dockerfile.j2 deleted file mode 100644 index 8c32ca5..0000000 --- a/install/roles/cobbler/templates/Dockerfile.j2 +++ /dev/null @@ -1,21 +0,0 @@ -FROM compassindocker/cobbler - -ADD files/dhcp.template /etc/cobbler/dhcp.template -ADD files/named.template /etc/cobbler/named.template -ADD files/start.sh /root/start.sh -{% if 'chef' in pkg_installer %} -ADD files/admin.pem /etc/cobbler/admin.pem -ADD files/chef-validator.pem /etc/cobbler/chef-validator.pem -{% endif %} -ADD files/fix_ks_server.py /var/lib/cobbler/triggers/sync/post/fix_ks_server.py - -RUN chmod +x /root/start.sh -CMD ["/root/start.sh"] - -EXPOSE 80 -EXPOSE 67 67/udp -EXPOSE 69 69/udp -EXPOSE 53 53/udp -EXPOSE 25151 -EXPOSE 443 -EXPOSE 873 diff --git a/install/roles/cobbler/templates/dhcp.template.j2 b/install/roles/cobbler/templates/dhcp.template.j2 deleted file mode 100644 index 3e899d6..0000000 --- a/install/roles/cobbler/templates/dhcp.template.j2 +++ /dev/null @@ -1,121 +0,0 @@ -# ****************************************************************** -# Cobbler managed dhcpd.conf file -# -# generated from cobbler dhcp.conf template ($date) -# Do NOT make changes to /etc/dhcpd.conf. Instead, make your changes -# in /etc/cobbler/dhcp.template, as /etc/dhcpd.conf will be -# overwritten. -# -# ****************************************************************** - -ddns-update-style interim; - -allow booting; -allow bootp; -deny unknown-clients; -local-address 192.168.100.100; -log-facility local6; - -ignore client-updates; -set vendorclass = option vendor-class-identifier; - -option pxe-system-type code 93 = unsigned integer 16; -option space pxelinux; -option pxelinux.magic code 208 = string; -option pxelinux.configfile code 209 = text; -option pxelinux.pathprefix code 210 = text; -option pxelinux.reboottime code 211 = unsigned integer 32; - -subnet {{ compass0_subnet_ip }} netmask {{ compass0_subnet_mask }} { - option routers {{ compass0_router }}; - option domain-name-servers {{ compass0_router }}; - option subnet-mask {{ compass0_subnet_mask }}; - range dynamic-bootp {{ compass0_dhcp_range }}; - default-lease-time 21600; - max-lease-time 43200; - next-server $next_server; - class "pxeclients" { - match if substring (option vendor-class-identifier, 0, 9) = "PXEClient"; - if option pxe-system-type = 00:02 { - filename "ia64/elilo.efi"; - } else if option pxe-system-type = 00:06 { - filename "grub/grub-x86.efi"; - } else if option pxe-system-type = 00:07 { - filename "grub/grub-x86_64.efi"; - } else { - filename "pxelinux.0"; - } - } - -} - -subnet {{ mgmt_subnet_ip }} netmask {{ mgmt_subnet_mask }} { - option routers {{ mgmt_router }}; - option domain-name-servers {{ mgmt_router }}; - option subnet-mask {{ mgmt_subnet_mask }}; - range dynamic-bootp {{ mgmt_dhcp_range }}; - default-lease-time 21600; - max-lease-time 43200; - next-server $next_server; - class "pxeclients" { - match if substring (option vendor-class-identifier, 0, 9) = "PXEClient"; - if option pxe-system-type = 00:02 { - filename "ia64/elilo.efi"; - } else if option pxe-system-type = 00:06 { - filename "grub/grub-x86.efi"; - } else if option pxe-system-type = 00:07 { - filename "grub/grub-x86_64.efi"; - } else { - filename "pxelinux.0"; - } - } - -} - -#for dhcp_tag in $dhcp_tags.keys(): - ## group could be subnet if your dhcp tags line up with your subnets - ## or really any valid dhcpd.conf construct ... if you only use the - ## default dhcp tag in cobbler, the group block can be deleted for a - ## flat configuration -# group for Cobbler DHCP tag: $dhcp_tag -group { - #for mac in $dhcp_tags[$dhcp_tag].keys(): - #set iface = $dhcp_tags[$dhcp_tag][$mac] - host $iface.name { - hardware ethernet $mac; - site-option-space "pxelinux"; - option pxelinux.magic f1:00:74:7e; - if exists dhcp-parameter-request-list { - # Always send the PXELINUX options (specified in hexadecimal) - option dhcp-parameter-request-list = concat(option dhcp-parameter-request-list,d0,d1,d2,d3); - } - option pxelinux.reboottime 30; - #if $iface.hostname: - option host-name "$iface.hostname"; - #end if - #if $iface.netmask: - option subnet-mask $iface.netmask; - #end if - #if $iface.gateway: - option routers $iface.gateway; - #end if - #if $iface.enable_gpxe: - if exists user-class and option user-class = "gPXE" { - filename "http://$cobbler_server/cblr/svc/op/gpxe/system/$iface.owner"; - } else if exists user-class and option user-class = "iPXE" { - filename "http://$cobbler_server/cblr/svc/op/gpxe/system/$iface.owner"; - } else { - filename "undionly.kpxe"; - } - #else - filename "$iface.filename"; - #end if - ## Cobbler defaults to $next_server, but some users - ## may like to use $iface.system.server for proxied setups - next-server $next_server; - ## next-server $iface.next_server; - } - #end for -} -#end for - diff --git a/install/roles/cobbler/templates/dhcp.template.nodocker.j2 b/install/roles/cobbler/templates/dhcp.template.nodocker.j2 deleted file mode 100644 index ef90eb3..0000000 --- a/install/roles/cobbler/templates/dhcp.template.nodocker.j2 +++ /dev/null @@ -1,123 +0,0 @@ -# ****************************************************************** -# Cobbler managed dhcpd.conf file -# -# generated from cobbler dhcp.conf template ($date) -# Do NOT make changes to /etc/dhcpd.conf. Instead, make your changes -# in /etc/cobbler/dhcp.template, as /etc/dhcpd.conf will be -# overwritten. -# -# ****************************************************************** - -ddns-update-style interim; - -allow booting; -allow bootp; -deny unknown-clients; -local-address {{ cobbler_server }}; -log-facility local6; - -ignore client-updates; -set vendorclass = option vendor-class-identifier; - -option pxe-system-type code 93 = unsigned integer 16; -option space pxelinux; -option pxelinux.magic code 208 = string; -option pxelinux.configfile code 209 = text; -option pxelinux.pathprefix code 210 = text; -option pxelinux.reboottime code 211 = unsigned integer 32; - -{% if dockerized %} -subnet {{ compass0_subnet_ip }} netmask {{ compass0_subnet_mask }} { - option routers {{ compass0_router }}; - option domain-name-servers {{ compass0_router }}; - option subnet-mask {{ compass0_subnet_mask }}; - range dynamic-bootp {{ compass0_dhcp_range }}; - default-lease-time 21600; - max-lease-time 43200; - next-server $next_server; - class "pxeclients" { - match if substring (option vendor-class-identifier, 0, 9) = "PXEClient"; - if option pxe-system-type = 00:02 { - filename "ia64/elilo.efi"; - } else if option pxe-system-type = 00:06 { - filename "grub/grub-x86.efi"; - } else if option pxe-system-type = 00:07 { - filename "grub/grub-x86_64.efi"; - } else { - filename "pxelinux.0"; - } - } - -} -{% endif %} - -subnet {{ mgmt_subnet_ip }} netmask {{ mgmt_subnet_mask }} { - option routers {{ mgmt_router }}; - option domain-name-servers {{ mgmt_router }}; - option subnet-mask {{ mgmt_subnet_mask }}; - range dynamic-bootp {{ mgmt_dhcp_range }}; - default-lease-time 21600; - max-lease-time 43200; - next-server {{ mgmt_next_ip }}; - class "pxeclients" { - match if substring (option vendor-class-identifier, 0, 9) = "PXEClient"; - if option pxe-system-type = 00:02 { - filename "ia64/elilo.efi"; - } else if option pxe-system-type = 00:06 { - filename "grub/grub-x86.efi"; - } else if option pxe-system-type = 00:07 { - filename "grub/grub-x86_64.efi"; - } else { - filename "pxelinux.0"; - } - } - -} - -#for dhcp_tag in $dhcp_tags.keys(): - ## group could be subnet if your dhcp tags line up with your subnets - ## or really any valid dhcpd.conf construct ... if you only use the - ## default dhcp tag in cobbler, the group block can be deleted for a - ## flat configuration -# group for Cobbler DHCP tag: $dhcp_tag -group { - #for mac in $dhcp_tags[$dhcp_tag].keys(): - #set iface = $dhcp_tags[$dhcp_tag][$mac] - host $iface.name { - hardware ethernet $mac; - site-option-space "pxelinux"; - option pxelinux.magic f1:00:74:7e; - if exists dhcp-parameter-request-list { - # Always send the PXELINUX options (specified in hexadecimal) - option dhcp-parameter-request-list = concat(option dhcp-parameter-request-list,d0,d1,d2,d3); - } - option pxelinux.reboottime 30; - #if $iface.hostname: - option host-name "$iface.hostname"; - #end if - #if $iface.netmask: - option subnet-mask $iface.netmask; - #end if - #if $iface.gateway: - option routers $iface.gateway; - #end if - #if $iface.enable_gpxe: - if exists user-class and option user-class = "gPXE" { - filename "http://$cobbler_server/cblr/svc/op/gpxe/system/$iface.owner"; - } else if exists user-class and option user-class = "iPXE" { - filename "http://$cobbler_server/cblr/svc/op/gpxe/system/$iface.owner"; - } else { - filename "undionly.kpxe"; - } - #else - filename "$iface.filename"; - #end if - ## Cobbler defaults to $next_server, but some users - ## may like to use $iface.system.server for proxied setups - next-server $next_server; - ## next-server $iface.next_server; - } - #end for -} -#end for - diff --git a/install/roles/cobbler/templates/distributions b/install/roles/cobbler/templates/distributions deleted file mode 100644 index 7f61215..0000000 --- a/install/roles/cobbler/templates/distributions +++ /dev/null @@ -1,8 +0,0 @@ -Origin: ppa -Label: ppa_repo -Suite: stable -Codename: ppa -Version: 0.1 -Architectures: i386 amd64 source -Components: main -Description: ppa repo diff --git a/install/roles/cobbler/templates/fix_ks_server.py.j2 b/install/roles/cobbler/templates/fix_ks_server.py.j2 deleted file mode 100644 index e893ead..0000000 --- a/install/roles/cobbler/templates/fix_ks_server.py.j2 +++ /dev/null @@ -1,18 +0,0 @@ -#!/usr/bin/python -import logging - -from cobbler import api -from subprocess import call - -SERVER='{{ cobbler_server }}:{{ cobbler_mapped_http_port_on_host }}' - -def main(): - """main entry""" - cobbler_api = api.BootAPI() - for system in cobbler_api.systems(): - sys_name = system.name - call(["cobbler", "system", "edit", "--name=%s" % sys_name, "--server=%s" % SERVER]) - return - -if __name__ == '__main__': - main() diff --git a/install/roles/cobbler/templates/id_rsa.pub.j2 b/install/roles/cobbler/templates/id_rsa.pub.j2 deleted file mode 100644 index 1aac40e..0000000 --- a/install/roles/cobbler/templates/id_rsa.pub.j2 +++ /dev/null @@ -1 +0,0 @@ -{{ push_ssh_key }} diff --git a/install/roles/cobbler/templates/modules.conf b/install/roles/cobbler/templates/modules.conf deleted file mode 100644 index 8087910..0000000 --- a/install/roles/cobbler/templates/modules.conf +++ /dev/null @@ -1,83 +0,0 @@ -# cobbler module configuration file -# ================================= - -# authentication: -# what users can log into the WebUI and Read-Write XMLRPC? -# choices: -# authn_denyall -- no one (default) -# authn_configfile -- use /etc/cobbler/users.digest (for basic setups) -# authn_passthru -- ask Apache to handle it (used for kerberos) -# authn_ldap -- authenticate against LDAP -# authn_spacewalk -- ask Spacewalk/Satellite (experimental) -# authn_pam -- use PAM facilities -# authn_testing -- username/password is always testing/testing (debug) -# (user supplied) -- you may write your own module -# WARNING: this is a security setting, do not choose an option blindly. -# for more information: -# https://github.com/cobbler/cobbler/wiki/Cobbler-web-interface -# https://github.com/cobbler/cobbler/wiki/Security-overview -# https://github.com/cobbler/cobbler/wiki/Kerberos -# https://github.com/cobbler/cobbler/wiki/Ldap - -[authentication] -module = authn_configfile - -# authorization: -# once a user has been cleared by the WebUI/XMLRPC, what can they do? -# choices: -# authz_allowall -- full access for all authneticated users (default) -# authz_ownership -- use users.conf, but add object ownership semantics -# (user supplied) -- you may write your own module -# WARNING: this is a security setting, do not choose an option blindly. -# If you want to further restrict cobbler with ACLs for various groups, -# pick authz_ownership. authz_allowall does not support ACLs. configfile -# does but does not support object ownership which is useful as an additional -# layer of control. - -# for more information: -# https://github.com/cobbler/cobbler/wiki/Cobbler-web-interface -# https://github.com/cobbler/cobbler/wiki/Security-overview -# https://github.com/cobbler/cobbler/wiki/Web-authorization - -[authorization] -module = authz_allowall - -# dns: -# chooses the DNS management engine if manage_dns is enabled -# in /etc/cobbler/settings, which is off by default. -# choices: -# manage_bind -- default, uses BIND/named -# manage_dnsmasq -- uses dnsmasq, also must select dnsmasq for dhcp below -# NOTE: more configuration is still required in /etc/cobbler -# for more information: -# https://github.com/cobbler/cobbler/wiki/Dns-management - -[dns] -module = manage_bind - -# dhcp: -# chooses the DHCP management engine if manage_dhcp is enabled -# in /etc/cobbler/settings, which is off by default. -# choices: -# manage_isc -- default, uses ISC dhcpd -# manage_dnsmasq -- uses dnsmasq, also must select dnsmasq for dns above -# NOTE: more configuration is still required in /etc/cobbler -# for more information: -# https://github.com/cobbler/cobbler/wiki/Dhcp-management - -[dhcp] -module = manage_isc - -# tftpd: -# chooses the TFTP management engine if manage_tftp is enabled -# in /etc/cobbler/settings, which is ON by default. -# -# choices: -# manage_in_tftpd -- default, uses the system's tftp server -# manage_tftpd_py -- uses cobbler's tftp server -# - -[tftpd] -module = manage_in_tftpd - -#-------------------------------------------------- diff --git a/install/roles/cobbler/templates/named.template.j2 b/install/roles/cobbler/templates/named.template.j2 deleted file mode 100644 index 6ddb30c..0000000 --- a/install/roles/cobbler/templates/named.template.j2 +++ /dev/null @@ -1,31 +0,0 @@ -options { - listen-on port 53 { $listen_ip; }; - directory "/var/named"; - dump-file "/var/named/data/cache_dump.db"; - statistics-file "/var/named/data/named_stats.txt"; - memstatistics-file "/var/named/data/named_mem_stats.txt"; - allow-query { 127.0.0.0/8; {{ compass0_subnet }}; }; - recursion yes; -}; - -logging { - channel default_debug { - file "data/named.run"; - severity dynamic; - }; -}; - -#for $zone in $forward_zones -zone "${zone}." { - type master; - file "$zone"; -}; - -#end for -#for $zone, $arpa in $reverse_zones -zone "${arpa}." { - type master; - file "$zone"; -}; - -#end for diff --git a/install/roles/cobbler/templates/named.template.nodocker.j2 b/install/roles/cobbler/templates/named.template.nodocker.j2 deleted file mode 100644 index 74344fd..0000000 --- a/install/roles/cobbler/templates/named.template.nodocker.j2 +++ /dev/null @@ -1,31 +0,0 @@ -options { - listen-on port 53 { {{ cobbler_server }}; }; - directory "/var/named"; - dump-file "/var/named/data/cache_dump.db"; - statistics-file "/var/named/data/named_stats.txt"; - memstatistics-file "/var/named/data/named_mem_stats.txt"; - allow-query { 127.0.0.0/8; {{ mgmt_subnet }}; }; - recursion yes; -}; - -logging { - channel default_debug { - file "data/named.run"; - severity dynamic; - }; -}; - -#for $zone in $forward_zones -zone "${zone}." { - type master; - file "$zone"; -}; - -#end for -#for $zone, $arpa in $reverse_zones -zone "${arpa}." { - type master; - file "$zone"; -}; - -#end for diff --git a/install/roles/cobbler/templates/settings.j2 b/install/roles/cobbler/templates/settings.j2 deleted file mode 100644 index bd3201c..0000000 --- a/install/roles/cobbler/templates/settings.j2 +++ /dev/null @@ -1,450 +0,0 @@ ---- -# cobbler settings file -# restart cobblerd and run "cobbler sync" after making changes -# This config file is in YAML 1.0 format -# see http://yaml.org -# ========================================================== -# if 1, cobbler will allow insertions of system records that duplicate -# the --dns-name information of other system records. In general, -# this is undesirable and should be left 0. -allow_duplicate_hostnames: 0 - -# if 1, cobbler will allow insertions of system records that duplicate -# the ip address information of other system records. In general, -# this is undesirable and should be left 0. -allow_duplicate_ips: 0 - -# if 1, cobbler will allow insertions of system records that duplicate -# the mac address information of other system records. In general, -# this is undesirable. -allow_duplicate_macs: 0 - -# if 1, cobbler will allow settings to be changed dynamically without -# a restart of the cobblerd daemon. You can only change this variable -# by manually editing the settings file, and you MUST restart cobblerd -# after changing it. -allow_dynamic_settings: 0 - -# by default, installs are *not* set to send installation logs to the cobbler -# # # server. With 'anamon_enabled', kickstart templates may use the pre_anamon -# # # snippet to allow remote live monitoring of their installations from the -# # # cobbler server. Installation logs will be stored under -# # # /var/log/cobbler/anamon/. NOTE: This does allow an xmlrpc call to send logs -# # # to this directory, without authentication, so enable only if you are -# # # ok with this limitation. -anamon_enabled: 1 - -# If using authn_pam in the modules.conf, this can be configured -# to change the PAM service authentication will be tested against. -# The default value is "login". -authn_pam_service: "login" - -# Email out a report when cobbler finishes installing a system. -# enabled: set to 1 to turn this feature on -# sender: optional -# email: which addresses to email -# smtp_server: used to specify another server for an MTA -# subject: use the default subject unless overridden -build_reporting_enabled: 0 -build_reporting_sender: "" -build_reporting_email: [ 'root@localhost' ] -build_reporting_smtp_server: "localhost" -build_reporting_subject: "" - -# Cheetah-language kickstart templates can import Python modules. -# while this is a useful feature, it is not safe to allow them to -# import anything they want. This whitelists which modules can be -# imported through Cheetah. Users can expand this as needed but -# should never allow modules such as subprocess or those that -# allow access to the filesystem as Cheetah templates are evaluated -# by cobblerd as code. -cheetah_import_whitelist: - - "random" - - "re" - - "time" - -# Default createrepo_flags to use for new repositories. If you have -# createrepo >= 0.4.10, consider "-c cache --update -C", which can -# dramatically improve your "cobbler reposync" time. "-s sha" -# enables working with Fedora repos from F11/F12 from EL-4 or -# EL-5 without python-hashlib installed (which is not available -# on EL-4) -createrepo_flags: "-c cache -s sha" - -# if no kickstart is specified to profile add, use this template -default_kickstart: /var/lib/cobbler/kickstarts/default.ks - -# configure all installed systems to use these nameservers by default -# unless defined differently in the profile. For DHCP configurations -# you probably do /not/ want to supply this. -default_name_servers: ['10.145.89.100'] - -# if using the authz_ownership module (see the Wiki), objects -# created without specifying an owner are assigned to this -# owner and/or group. Can be a comma seperated list. -default_ownership: - - "admin" - -# cobbler has various sample kickstart templates stored -# in /var/lib/cobbler/kickstarts/. This controls -# what install (root) password is set up for those -# systems that reference this variable. The factory -# default is "cobbler" and cobbler check will warn if -# this is not changed. -# The simplest way to change the password is to run -# openssl passwd -1 -# and put the output between the "" below. -default_password_crypted: "$1$huawei$9OkoVJwO4W8vavlXd1bUS/" - -# the default template type to use in the absence of any -# other detected template. If you do not specify the template -# with '#template=' on the first line of your -# templates/snippets, cobbler will assume try to use the -# following template engine to parse the templates. -# -# Current valid values are: cheetah, jinja2 -default_template_type: "cheetah" - -# for libvirt based installs in koan, if no virt bridge -# is specified, which bridge do we try? For EL 4/5 hosts -# this should be xenbr0, for all versions of Fedora, try -# "virbr0". This can be overriden on a per-profile -# basis or at the koan command line though this saves -# typing to just set it here to the most common option. -default_virt_bridge: xenbr0 - -# use this as the default disk size for virt guests (GB) -default_virt_file_size: 5 - -# use this as the default memory size for virt guests (MB) -default_virt_ram: 512 - -# if koan is invoked without --virt-type and no virt-type -# is set on the profile/system, what virtualization type -# should be assumed? Values: xenpv, xenfv, qemu, vmware -# (NOTE: this does not change what virt_type is chosen by import) -default_virt_type: xenpv - -# enable gPXE booting? Enabling this option will cause cobbler -# to copy the undionly.kpxe file to the tftp root directory, -# and if a profile/system is configured to boot via gpxe it will -# chain load off pxelinux.0. -# Default: 0 -enable_gpxe: 0 - -# controls whether cobbler will add each new profile entry to the default -# PXE boot menu. This can be over-ridden on a per-profile -# basis when adding/editing profiles with --enable-menu=0/1. Users -# should ordinarily leave this setting enabled unless they are concerned -# with accidental reinstalls from users who select an entry at the PXE -# boot menu. Adding a password to the boot menus templates -# may also be a good solution to prevent unwanted reinstallations -enable_menu: 0 - -# enable Func-integration? This makes sure each installed machine is set up -# to use func out of the box, which is a powerful way to script and control -# remote machines. -# Func lives at http://fedorahosted.org/func -# read more at https://github.com/cobbler/cobbler/wiki/Func-integration -# you will need to mirror Fedora/EPEL packages for this feature, so see -# https://github.com/cobbler/cobbler/wiki/Manage-yum-repos if you want cobbler -# to help you with this -func_auto_setup: 0 -func_master: overlord.example.org - -# change this port if Apache is not running plaintext on port -# 80. Most people can leave this alone. -http_port: 80 - -# kernel options that should be present in every cobbler installation. -# kernel options can also be applied at the distro/profile/system -# level. -kernel_options: - ksdevice: bootif - lang: ' ' - text: ~ - -# s390 systems require additional kernel options in addition to the -# above defaults -kernel_options_s390x: - RUNKS: 1 - ramdisk_size: 40000 - root: /dev/ram0 - ro: ~ - ip: off - vnc: ~ - -# configuration options if using the authn_ldap module. See the -# the Wiki for details. This can be ignored if you are not using -# LDAP for WebUI/XMLRPC authentication. -ldap_server: "ldap.example.com" -ldap_base_dn: "DC=example,DC=com" -ldap_port: 389 -ldap_tls: 1 -ldap_anonymous_bind: 1 -ldap_search_bind_dn: '' -ldap_search_passwd: '' -ldap_search_prefix: 'uid=' -ldap_tls_cacertfile: '' -ldap_tls_keyfile: '' -ldap_tls_certfile: '' - -# cobbler has a feature that allows for integration with config management -# systems such as Puppet. The following parameters work in conjunction with -# --mgmt-classes and are described in furhter detail at: -# https://github.com/cobbler/cobbler/wiki/Using-cobbler-with-a-configuration-management-system -mgmt_classes: [] -mgmt_parameters: - from_cobbler: 1 - -# if enabled, this setting ensures that puppet is installed during -# machine provision, a client certificate is generated and a -# certificate signing request is made with the puppet master server -puppet_auto_setup: 0 - -# when puppet starts on a system after installation it needs to have -# its certificate signed by the puppet master server. Enabling the -# following feature will ensure that the puppet server signs the -# certificate after installation if the puppet master server is -# running on the same machine as cobbler. This requires -# puppet_auto_setup above to be enabled -sign_puppet_certs_automatically: 0 - -# location of the puppet executable, used for revoking certificates -puppetca_path: "/usr/bin/puppet" - -# when a puppet managed machine is reinstalled it is necessary to -# remove the puppet certificate from the puppet master server before a -# new certificate is signed (see above). Enabling the following -# feature will ensure that the certificate for the machine to be -# installed is removed from the puppet master server if the puppet -# master server is running on the same machine as cobbler. This -# requires puppet_auto_setup above to be enabled -remove_old_puppet_certs_automatically: 0 - -# choose a --server argument when running puppetd/puppet agent during kickstart -#puppet_server: 'puppet' - -# let cobbler know that you're using a newer version of puppet -# choose version 3 to use: 'puppet agent'; version 2 uses status quo: 'puppetd' -#puppet_version: 2 - -# choose whether to enable puppet parameterized classes or not. -# puppet versions prior to 2.6.5 do not support parameters -#puppet_parameterized_classes: 1 - -# set to 1 to enable Cobbler's DHCP management features. -# the choice of DHCP management engine is in /etc/cobbler/modules.conf -manage_dhcp: 1 - -# set to 1 to enable Cobbler's DNS management features. -# the choice of DNS mangement engine is in /etc/cobbler/modules.conf -manage_dns: 1 - -# set to path of bind chroot to create bind-chroot compatible bind -# configuration files. This should be automatically detected. -bind_chroot_path: "" - -# set to the ip address of the master bind DNS server for creating secondary -# bind configuration files -bind_master: 127.0.0.1 - -# set to 1 to enable Cobbler's TFTP management features. -# the choice of TFTP mangement engine is in /etc/cobbler/modules.conf -manage_tftpd: 1 - -# set to 1 to enable Cobbler's RSYNC management features. -manage_rsync: 0 - -# if using BIND (named) for DNS management in /etc/cobbler/modules.conf -# and manage_dns is enabled (above), this lists which zones are managed -# See the Wiki (https://github.com/cobbler/cobbler/wiki/Dns-management) for more info -manage_forward_zones: ['ods.com'] -manage_reverse_zones: ['10','172.16'] - -# if using cobbler with manage_dhcp, put the IP address -# of the cobbler server here so that PXE booting guests can find it -# if you do not set this correctly, this will be manifested in TFTP open timeouts. -next_server: {{ cobbler_server }} - -# settings for power management features. optional. -# see https://github.com/cobbler/cobbler/wiki/Power-management to learn more -# choices (refer to codes.py): -# apc_snmp bladecenter bullpap drac ether_wake ilo integrity -# ipmilan ipmitool lpar rsa virsh wti -power_management_default_type: 'ipmitool' - -# the commands used by the power management module are sourced -# from what directory? -power_template_dir: "/etc/cobbler/power" - -# if this setting is set to 1, cobbler systems that pxe boot -# will request at the end of their installation to toggle the -# --netboot-enabled record in the cobbler system record. This eliminates -# the potential for a PXE boot loop if the system is set to PXE -# first in it's BIOS order. Enable this if PXE is first in your BIOS -# boot order, otherwise leave this disabled. See the manpage -# for --netboot-enabled. -pxe_just_once: 1 - -# the templates used for PXE config generation are sourced -# from what directory? -pxe_template_dir: "/etc/cobbler/pxe" - -# Path to where system consoles are -consoles: "/var/consoles" - -# Are you using a Red Hat management platform in addition to Cobbler? -# Cobbler can help you register to it. Choose one of the following: -# "off" : I'm not using Red Hat Network, Satellite, or Spacewalk -# "hosted" : I'm using Red Hat Network -# "site" : I'm using Red Hat Satellite Server or Spacewalk -# You will also want to read: https://github.com/cobbler/cobbler/wiki/Tips-for-RHN -redhat_management_type: "off" - -# if redhat_management_type is enabled, choose your server -# "management.example.org" : For Satellite or Spacewalk -# "xmlrpc.rhn.redhat.com" : For Red Hat Network -# This setting is also used by the code that supports using Spacewalk/Satellite users/passwords -# within Cobbler Web and Cobbler XMLRPC. Using RHN Hosted for this is not supported. -# This feature can be used even if redhat_management_type is off, you just have -# to have authn_spacewalk selected in modules.conf -redhat_management_server: "xmlrpc.rhn.redhat.com" - -# specify the default Red Hat authorization key to use to register -# system. If left blank, no registration will be attempted. Similarly -# you can set the --redhat-management-key to blank on any system to -# keep it from trying to register. -redhat_management_key: "" - -# if using authn_spacewalk in modules.conf to let cobbler authenticate -# against Satellite/Spacewalk's auth system, by default it will not allow per user -# access into Cobbler Web and Cobbler XMLRPC. -# in order to permit this, the following setting must be enabled HOWEVER -# doing so will permit all Spacewalk/Satellite users of certain types to edit all -# of cobbler's configuration. -# these roles are: config_admin and org_admin -# users should turn this on only if they want this behavior and -# do not have a cross-multi-org seperation concern. If you have -# a single org in your satellite, it's probably safe to turn this -# on and then you can use CobblerWeb alongside a Satellite install. -redhat_management_permissive: 0 - -# if set to 1, allows /usr/bin/cobbler-register (part of the koan package) -# to be used to remotely add new cobbler system records to cobbler. -# this effectively allows for registration of new hardware from system -# records. -register_new_installs: 0 - -# Flags to use for yum's reposync. If your version of yum reposync -# does not support -l, you may need to remove that option. -reposync_flags: "-l -n -d" - -# These options will be used for an rsync initiated by cobbler replicate -replicate_rsync_options: "-avzH" - -# when DHCP and DNS management are enabled, cobbler sync can automatically -# restart those services to apply changes. The exception for this is -# if using ISC for DHCP, then omapi eliminates the need for a restart. -# omapi, however, is experimental and not recommended for most configurations. -# If DHCP and DNS are going to be managed, but hosted on a box that -# is not on this server, disable restarts here and write some other -# script to ensure that the config files get copied/rsynced to the destination -# box. This can be done by modifying the restart services trigger. -# Note that if manage_dhcp and manage_dns are disabled, the respective -# parameter will have no effect. Most users should not need to change -# this. -restart_dns: 1 -restart_dhcp: 1 - -# install triggers are scripts in /var/lib/cobbler/triggers/install -# that are triggered in kickstart pre and post sections. Any -# executable script in those directories is run. They can be used -# to send email or perform other actions. They are currently -# run as root so if you do not need this functionality you can -# disable it, though this will also disable "cobbler status" which -# uses a logging trigger to audit install progress. -run_install_triggers: 1 - -# enables a trigger which version controls all changes to /var/lib/cobbler -# when add, edit, or sync events are performed. This can be used -# to revert to previous database versions, generate RSS feeds, or for -# other auditing or backup purposes. "git" and "hg" are currently suported, -# but git is the recommend SCM for use with this feature. -scm_track_enabled: 0 -scm_track_mode: "git" - -# this is the address of the cobbler server -- as it is used -# by systems during the install process, it must be the address -# or hostname of the system as those systems can see the server. -# if you have a server that appears differently to different subnets -# (dual homed, etc), you need to read the --server-override section -# of the manpage for how that works. -server: {{ cobbler_server }} - -# If set to 1, all commands will be forced to use the localhost address -# instead of using the above value which can force commands like -# cobbler sync to open a connection to a remote address if one is in the -# configuration and would traceback. -client_use_localhost: 0 - -# If set to 1, all commands to the API (not directly to the XMLRPC -# server) will go over HTTPS instead of plaintext. Be sure to change -# the http_port setting to the correct value for the web server -client_use_https: 0 - -# this is a directory of files that cobbler uses to make -# templating easier. See the Wiki for more information. Changing -# this directory should not be required. -snippetsdir: /var/lib/cobbler/snippets - -# Normally if a kickstart is specified at a remote location, this -# URL will be passed directly to the kickstarting system, thus bypassing -# the usual snippet templating Cobbler does for local kickstart files. If -# this option is enabled, Cobbler will fetch the file contents internally -# and serve a templated version of the file to the client. -template_remote_kickstarts: 0 - -# should new profiles for virtual machines default to auto booting with the physical host when the physical host reboots? -# this can be overridden on each profile or system object. -virt_auto_boot: 1 - -# cobbler's web directory. Don't change this setting -- see the -# Wiki on "relocating your cobbler install" if your /var partition -# is not large enough. -webdir: /var/www/cobbler - -# cobbler's public XMLRPC listens on this port. Change this only -# if absolutely needed, as you'll have to start supplying a new -# port option to koan if it is not the default. -xmlrpc_port: 25151 - -# "cobbler repo add" commands set cobbler up with repository -# information that can be used during kickstart and is automatically -# set up in the cobbler kickstart templates. By default, these -# are only available at install time. To make these repositories -# usable on installed systems (since cobbler makes a very convient) -# mirror, set this to 1. Most users can safely set this to 1. Users -# who have a dual homed cobbler server, or are installing laptops that -# will not always have access to the cobbler server may wish to leave -# this as 0. In that case, the cobbler mirrored yum repos are still -# accessable at http://cobbler.example.org/cblr/repo_mirror and yum -# configuration can still be done manually. This is just a shortcut. -yum_post_install_mirror: 1 - -# the default yum priority for all the distros. This is only used -# if yum-priorities plugin is used. 1=maximum. Tweak with caution. -yum_distro_priority: 1 - -# Flags to use for yumdownloader. Not all versions may support -# --resolve. -yumdownloader_flags: "--resolve" - -# sort and indent JSON output to make it more human-readable -serializer_pretty_json: 0 - -# replication rsync options for distros, kickstarts, snippets set to override default value of "-avzH" -replicate_rsync_options: "-avzH" - -# replication rsync options for repos set to override default value of "-avzH" -replicate_repo_rsync_options: "-avzH" diff --git a/install/roles/cobbler/templates/start.sh.j2 b/install/roles/cobbler/templates/start.sh.j2 deleted file mode 100644 index 023a479..0000000 --- a/install/roles/cobbler/templates/start.sh.j2 +++ /dev/null @@ -1,34 +0,0 @@ -#!/bin/bash - -export ipaddr=$(ip addr show eth0 | grep 'inet ' | awk '{ print $2}'|cut -d/ -f1) -sed -i "/^local-address/c\local-address $ipaddr;" /etc/cobbler/dhcp.template -sed -i "s/listen-on port 53 { \$listen_ip; }/listen-on port 53 \{ $ipaddr; \}/g" /etc/cobbler/named.template -sed -i "/^server/c\server: $ipaddr" /etc/cobbler/settings -sed -i "/^next_server/c\next_server: {{ cobbler_server }}" /etc/cobbler/settings -sed -i "s/http_server/server/g" /var/lib/cobbler/snippets/preseed_apt_repo_config -sed -i "/^manage_dhcp/c\manage_dhcp: 1" /etc/cobbler/settings - -service httpd restart -service cobblerd restart - -# import distros -cobbler import --path=/var/lib/cobbler/mount_point/CentOS-6.5-x86_64 --name=CentOS-6.5-x86_64 --arch=x86_64 --kickstart=/var/lib/cobbler/kickstarts/default.ks --breed=redhat -cobbler import --path=/var/lib/cobbler/mount_point/Ubuntu-12.04-x86_64 --name=Ubuntu-12.04-x86_64 --arch=x86_64 --kickstart=/var/lib/cobbler/kickstarts/default.seed --breed=ubuntu -cobbler import --path=/var/lib/cobbler/mount_point/Ubuntu-14.04-x86_64 --name=Ubuntu-14.04-x86_64 --arch=x86_64 --kickstart=/var/lib/cobbler/kickstarts/default.seed --breed=ubuntu - -# add profiles -cobbler profile edit --name=CentOS-6.5-x86_64 --repo=centos_ppa_repo --distro=CentOS-6.5-x86_64 --ksmeta="tree=http://{{ cobbler_server }}:{{ cobbler_mapped_http_port_on_host }}/cobbler/ks_mirror/CentOS-6.5-x86_64 http_port={{ cobbler_mapped_http_port_on_host }} cblr_server={{ cobbler_server }} rsyslog_port={{ rsyslog_port_mapped_on_host }} chef_validation_file=/etc/cobbler/chef-validator.pem chef_admin_file=/etc/cobbler/admin.pem" --kickstart=/var/lib/cobbler/kickstarts/default.ks -cobbler profile edit --name=Ubuntu-12.04-x86_64 --repo=ubuntu_ppa_repo --distro=Ubuntu-12.04-x86_64 --ksmeta="tree=http://{{ cobbler_server }}:{{ cobbler_mapped_http_port_on_host }}/cobbler/ks_mirror/Ubuntu-12.04-x86_64 http_port={{ cobbler_mapped_http_port_on_host }} cblr_server={{ cobbler_server }} rsyslog_port={{ rsyslog_port_mapped_on_host }} chef_validation_file=/etc/cobbler/chef-validator.pem chef_admin_file=/etc/cobbler/admin.pem" --kickstart=/var/lib/cobbler/kickstarts/default.seed --kopts="netcfg/choose_interface=auto" -cobbler profile edit --name=Ubuntu-14.04-x86_64 --repo=ubuntu_14_04_ppa_repo --distro=Ubuntu-14.04-x86_64 --ksmeta="tree=http://{{ cobbler_server }}:{{ cobbler_mapped_http_port_on_host }}/cobbler/ks_mirror/Ubuntu-14.04-x86_64 http_port={{ cobbler_mapped_http_port_on_host }} cblr_server={{ cobbler_server }} rsyslog_port={{ rsyslog_port_mapped_on_host }} chef_validation_file=/etc/cobbler/chef-validator.pem chef_admin_file=/etc/cobbler/admin.pem" --kickstart=/var/lib/cobbler/kickstarts/default.seed --kopts="netcfg/choose_interface=auto" - - -cobbler sync -cobbler check -service xinetd restart - -if [ ! -e /root/.ssh/id_rsa.pub ]; then - rm -rf /root/.ssh/id_rsa - ssh-keygen -t rsa -f /root/.ssh/id_rsa -q -N '' -fi - -tail -f /var/log/cobbler/cobbler.log diff --git a/install/roles/cobbler/templates/tftpd.template b/install/roles/cobbler/templates/tftpd.template deleted file mode 100644 index 0651a4f..0000000 --- a/install/roles/cobbler/templates/tftpd.template +++ /dev/null @@ -1,20 +0,0 @@ -# default: off -# description: The tftp server serves files using the trivial file transfer \ -# protocol. The tftp protocol is often used to boot diskless \ -# workstations, download configuration files to network-aware printers, \ -# and to start the installation process for some operating systems. -service tftp -{ - disable = no - log_type = SYSLOG local5 info - socket_type = dgram - protocol = udp - wait = yes - user = $user - server = $binary - server_args = -B 1380 -v -s $args - instances = 1000 - per_source = 1000 - cps = 1000 2 - flags = IPv4 -} diff --git a/install/roles/cobbler/vars/main.yml b/install/roles/cobbler/vars/main.yml deleted file mode 100644 index d25e134..0000000 --- a/install/roles/cobbler/vars/main.yml +++ /dev/null @@ -1,15 +0,0 @@ -#dockerized: True -compass_adapter_source: http://git.openstack.org/stackforge/compass-adapters -compass_adapter_version: dev/experimental -epel_file_name: epel-release-6-8.noarch.rpm -epel_base_url: http://download.fedoraproject.org/pub/epel/6/x86_64/ -epel7_base_url: http://download.fedoraproject.org/pub/epel/7/x86_64/e/ -cobbler_loaders_url: http://192.168.120.2/cobbler/loaders/loaders.tar.gz -ubuntu_14_04_ppa_repo_url: https://s3-us-west-1.amazonaws.com/compass-local-repo/ubuntu/14.04/ubuntu_14_04_ppa_repo.tar.gz -ubuntu_12_04_ppa_repo_url: https://s3-us-west-1.amazonaws.com/compass-local-repo/ubuntu/12.04/ubuntu_12_04_ppa_repo.tar.gz -centos_6_5_ppa_repo_url: https://s3-us-west-1.amazonaws.com/compass-local-repo/centos/6.5/centos_6_5_ppa_repo.tar.gz -mgmt_nic_ip: "{{ hostvars[inventory_hostname][mgmt_ansible_interface]['ipv4']['address'] }}" -mgmt_ansible_interface: "ansible_{{ mgmt_nic }}" -mgmt_ip_same: "{{ mgmt_nic_ip == mgmt_next_ip }}" -ppa_repo_url: "ppa_repo_{{ region }}_url" -iso_url: "iso_{{ region }}_url" diff --git a/install/roles/common/files/docker.list b/install/roles/common/files/docker.list deleted file mode 100644 index 0ee9ae0..0000000 --- a/install/roles/common/files/docker.list +++ /dev/null @@ -1 +0,0 @@ -deb https://get.docker.com/ubuntu docker main diff --git a/install/roles/common/tasks/Debian.yml b/install/roles/common/tasks/Debian.yml deleted file mode 100644 index e69de29..0000000 diff --git a/install/roles/common/tasks/RedHat.yml b/install/roles/common/tasks/RedHat.yml deleted file mode 100644 index e69de29..0000000 diff --git a/install/roles/common/tasks/docker-common.yml b/install/roles/common/tasks/docker-common.yml deleted file mode 100644 index 9043763..0000000 --- a/install/roles/common/tasks/docker-common.yml +++ /dev/null @@ -1,48 +0,0 @@ -- name: get all bridges - command: brctl show - register: bridges - -- name: bring down docker0 if found - shell: ip link set dev docker0 down - when: bridges.stdout.find('docker0') != -1 - -- name: remove docker0 if found - shell: brctl delbr docker0 - when: bridges.stdout.find('docker0') != -1 - -- name: bring down compass0 if found - shell: ip link set dev compass0 down - when: bridges.stdout.find('compass0') != -1 - -- name: remove compass0 if found - shell: brctl delbr compass0 - when: bridges.stdout.find('compass0') != -1 - -- name: add bridge compass0 - shell: brctl addbr compass0 - -- name: get compass0 info - command: ip addr - register: compass0_info - -- name: add ip addr to compass0 - shell: ip addr add {{ compass0_subnet }} dev compass0 - when: compass0_info.stdout.find("{{ compass0_subnet }}") == -1 - -- name: bring up compass0 - shell: ip link set dev compass0 up - -- name: register compass0 to docker daemon - lineinfile: dest=/etc/sysconfig/docker regexp=^other_args line=other_args=-b=compass0 - when: ansible_os_family == 'RedHat' - -- name: register compass0 when it's debian - lineinfile: dest=/etc/default/docker line=DOCKER_OPTS=-b=compass0 - when: ansible_os_family == 'Debian' - -- name: start docker daemon - service: name=docker state=started - -- name: remove all containers - shell: docker rm -f $(docker ps -aq) - ignore_errors: yes diff --git a/install/roles/common/tasks/docker-debian-precise.yml b/install/roles/common/tasks/docker-debian-precise.yml deleted file mode 100644 index fb56f93..0000000 --- a/install/roles/common/tasks/docker-debian-precise.yml +++ /dev/null @@ -1,28 +0,0 @@ -- name: apt-get update - apt: update_cache=yes - -- name: find out if https exists in apt methods - stat: path=/usr/lib/apt/methods/https - register: existence - -- name: install apt-transport-https if https not in methods - apt: name=apt-transport-https - state=present - when: not existence.stat.exists - -- name: add docker repository key - shell: apt-key adv --keyserver {{ docker_apt_key_server }} --recv-keys {{ docker_apt_key }} - -- name: add a docker.list file to apt source list - copy: src=docker.list dest=/etc/apt/sources.list.d/docker.list - mode=0644 - -- name: update again - apt: update_cache=yes - -- name: get docker and brctl - apt: name={{ item }} - state=installed - with_items: - - lxc-docker - - bridge-utils diff --git a/install/roles/common/tasks/docker-debian-trusty.yml b/install/roles/common/tasks/docker-debian-trusty.yml deleted file mode 100644 index e69de29..0000000 diff --git a/install/roles/common/tasks/docker-debian.yml b/install/roles/common/tasks/docker-debian.yml deleted file mode 100644 index b93cf62..0000000 --- a/install/roles/common/tasks/docker-debian.yml +++ /dev/null @@ -1,5 +0,0 @@ -- include: docker-debian-precise.yml - when: ansible_distribution_major_version == '12' - -- include: docker-debian-trusty.yml - when: ansible_distribution_major_version == '14' diff --git a/install/roles/common/tasks/docker-prepare.yml b/install/roles/common/tasks/docker-prepare.yml deleted file mode 100644 index e69de29..0000000 diff --git a/install/roles/common/tasks/docker-redhat.yml b/install/roles/common/tasks/docker-redhat.yml deleted file mode 100644 index 0e51bda..0000000 --- a/install/roles/common/tasks/docker-redhat.yml +++ /dev/null @@ -1,31 +0,0 @@ ---- - -- name: get epel 6 - yum: name={{ epel_6 }} state=present - when: ansible_distribution_major_version == '6' - -# I've tried to do a "variable in variable" to dynamically load -# major version, so that getting the correct epel url is way easier. -# but ansible is not friendly with it, will need to dive more into -# it to see if there is a way. -- name: get epel 7 - yum: name={{ epel_7 }} state=present - when: ansible_distribution_major_version == '7' - -- name: get docker - yum: pkg=docker-io state=installed - when: ansible_distribution_major_version == '6' - -- name: get docker if el7 - yum: pkg=docker state=installed - when: ansible_distribution_major_version == '7' - -# install bridge util/python-pip package -- name: install brctl - yum: pkg={{ item }} state=installed - with_items: - - bridge-utils - - python-pip - -- name: pip install dockerpy - pip: name=docker-py diff --git a/install/roles/common/tasks/main.yml b/install/roles/common/tasks/main.yml deleted file mode 100644 index a31e387..0000000 --- a/install/roles/common/tasks/main.yml +++ /dev/null @@ -1,16 +0,0 @@ ---- - -- include: RedHat.yml - when: ansible_os_family == 'RedHat' and not dockerized - -- include: Debian.yml - when: ansible_os_family == 'Debian' and not dockerized - -- include: docker-redhat.yml - when: ansible_os_family == 'RedHat' and dockerized - -- include: docker-debian.yml - when: ansible_os_family == 'Debian' and dockerized - -- include: docker-common.yml - when: dockerized diff --git a/install/roles/compass/files/ods-server.conf b/install/roles/compass/files/ods-server.conf deleted file mode 100644 index a313dd8..0000000 --- a/install/roles/compass/files/ods-server.conf +++ /dev/null @@ -1,18 +0,0 @@ -# Apache config for ods server -# -# Specify python path if you use virtualenv - -WSGIDaemonProcess compass threads=4 display-name=%{GROUP} -WSGIProcessGroup compass -WSGIScriptAlias /api /var/www/compass/compass.wsgi -WSGISocketPrefix /var/run/wsgi - - - DocumentRoot /var/www/compass_web/v2 - - - Options Indexes FollowSymLinks - Order allow,deny - Allow from all - - diff --git a/install/roles/compass/files/start.sh b/install/roles/compass/files/start.sh deleted file mode 100644 index 767b1ec..0000000 --- a/install/roles/compass/files/start.sh +++ /dev/null @@ -1,36 +0,0 @@ -#!/bin/bash - -# activate virtualenv -source `which virtualenvwrapper.sh` -workon compass-core - -# start mysqld service, push it to bg -/usr/bin/mysqld_safe > /dev/null 2>&1 & - -RET=1 -while [[ RET -ne 0 ]]; do - echo "waiting for mariadb to startup" - sleep 5 - mysql -uroot -e "status" > /dev/null 2>&1 - RET=$? -done - -echo "mariadb started" - -# set mysql with default username and password -mysqladmin -h127.0.0.1 --port=3306 -u root password root - -# create db 'compass' -mysql -h127.0.0.1 --port=3306 -uroot -proot -e "create database compass" - -# start compass services -/opt/compass/bin/manage_db.py createdb -/usr/sbin/apachectl -k start -/usr/sbin/rabbitmq-server & -/usr/bin/redis-server & -/usr/sbin/ntpd & -ln -s /root/.virtualenvs/compass-core/bin/celery /opt/compass/bin/celery -CELERY_CONFIG_MODULE=compass.utils.celeryconfig_wrapper C_FORCE_ROOT=1 /opt/compass/bin/celery worker &> /tmp/celery-worker.log & -/opt/compass/bin/progress_update.py &> /tmp/progress_update.log & -touch /var/log/compass/celery.log -tail -f /var/log/compass/celery.log diff --git a/install/roles/compass/handlers/main.yml b/install/roles/compass/handlers/main.yml deleted file mode 100644 index 77340d6..0000000 --- a/install/roles/compass/handlers/main.yml +++ /dev/null @@ -1,10 +0,0 @@ ---- - -- name: restart compass service - service: name={{ item }} state=restarted enabled=yes - with_items: - - compass-celeryd - - compass-progress-updated - -- name: restart http service - service: name=httpd state=restarted enabled=yes diff --git a/install/roles/compass/tasks/Debian.yml b/install/roles/compass/tasks/Debian.yml deleted file mode 100644 index e69de29..0000000 diff --git a/install/roles/compass/tasks/RedHat.yml b/install/roles/compass/tasks/RedHat.yml deleted file mode 100644 index 2ebffe9..0000000 --- a/install/roles/compass/tasks/RedHat.yml +++ /dev/null @@ -1,231 +0,0 @@ ---- - -- name: install base packages - yum: name={{ item }} state=present - with_items: - - wget - - git - -- name: check epel presence - command: rpm -q epel-release - register: epel_presence - ignore_errors: yes - -- name: check atomic repo presence - command: rpm -q atomic-release - register: atomic_presence - ignore_errors: yes - -#- name: get epel version -# command: 'wget -q {{ epel_base_url }} -O - |grep -oE "(href=\"epel-release-6-[0-9,.].*)" | cut -d'"' -f2' -# register: epel_file_name -# when: epel_presence.rc != 0 - -- name: install epel - yum: name={{ epel_base_url }}/{{ epel_file_name }} state=present - when: epel_presence.rc != 0 - -- name: install atomic repo - yum: name={{ atomic_base_url }}/{{ atomic_file_name }} state=present - when: atomic_presence.rc != 0 - -- name: yum update - yum: name=* state=latest - -- name: install essentials - yum: name={{ item }} state=present - with_items: - - git - - python-setuptools - - python-devel - - mysql-devel - - httpd - - mysql-server - - mysql - - MySQL-python - - redis - - mod_wsgi - - rabbitmq-server - -- name: stop iptables - service: name=iptables state=stopped enabled=no - -- name: disable selinux - selinux: state=disabled - -- name: disable selinux real time - shell: echo 0 > /selinux/enforce - -# TODO: currently compass use root user and group, apache has to -# be in root group to write wsgi logs in /var/log/compass/, need -# to run compass as its own user in the future. -# - name: append compass group to apache user groups -# user: name=apache groups=root append=yes - -- name: start mysqld - service: name=mysqld state=started enabled=yes - -- name: start rabbitmq server - service: name=rabbitmq-server state=started enabled=yes - -- name: initialize mysql password - mysql_user: user={{ compass_db_user }} password={{ compass_db_pass }} - priv=compass.*:ALL,GRANT state=present - -- name: create compass database - mysql_db: name=compass state=present - -- name: install pip - easy_install: name=pip - -- name: install virtualenv - pip: name=virtualenv extra_args='-i http://pypi.douban.com/simple/' - -- name: cloning compass-core - git: repo=http://git.openstack.org/stackforge/compass-core.git - dest={{ COMPASS_PATH }} - version=dev/experimental - force=yes - -- name: pip install compass into virtualenv - pip: name={{ COMPASS_PATH }} virtualenv={{ COMPASS_PATH }}/venv - extra_args='-i http://pypi.douban.com/simple/' - -- name: pip install latest setuptools - pip: name=setuptools - extra_args='-i http://pypi.douban.com/simple/' - state=latest - -- name: pip install latest setuptools2 - pip: name=setuptools - extra_args='-i http://pypi.douban.com/simple/' - state=latest - -- name: pip install ansible - pip: name=ansible - extra_args='-i http://pypi.douban.com/simple/' - state=latest - -- name: create compass directories - file: path={{ item }} state=directory - with_items: - - /etc/compass - - /opt/compass/bin - - /var/www/compass - - /var/www/compass_web - -- name: create /var/log/compass - file: path=/var/log/compass mode=0777 state=directory - -- name: create ansible folder - file: path=/var/ansible/run state=directory - when: "'ansible' in {{ pkg_installer }}" - -- name: clone recipes - git: repo={{ compass_adapter_source }} - dest=/opt/compass-adapters - version={{ compass_adapter_version }} - update=yes - force=yes - -- name: copy ansible scripts into ansible folder - shell: cp -rf /opt/compass-adapters/ansible/openstack_juno /var/ansible/. - when: "'ansible' in {{ pkg_installer }}" - -- name: write python home into switch virtualenv - lineinfile: dest={{ COMPASS_PATH }}/bin/switch_virtualenv.py.template - regexp="^virtual\_env\ \=\ \'\$PythonHome\'" - line="virtual_env = '/opt/compass-core/venv'" - -- name: rename switch_virtualenv template - command: cp {{ COMPASS_PATH }}/bin/switch_virtualenv.py.template {{ COMPASS_PATH }}/bin/switch_virtualenv.py - -- name: copy compass config files - shell: cp -rf {{ COMPASS_PATH }}/conf/* /etc/compass/ - -- name: copy service init file - shell: cp -rf {{ COMPASS_PATH }}/service/* /etc/init.d/ - -- name: copy compass bin file - shell: cp -rf {{ COMPASS_PATH }}/bin/*.py /opt/compass/bin/ - -- name: copy compass shell script - shell: cp -rf {{ COMPASS_PATH }}/bin/*.sh /opt/compass/bin/ - -- name: copy compass ansible callback - shell: cp -rf {{ COMPASS_PATH }}/bin/ansible_callbacks /opt/compass/bin/ - -- name: copy compass executable - shell: cp {{ COMPASS_PATH }}/bin/compassd /usr/bin/ - -- name: link compass check - file: src=/opt/compass/bin/compass_check.py dest=/usr/bin/compass state=link - -- name: link compass wsgi - file: src=/opt/compass/bin/compass_wsgi.py dest=/var/www/compass/compass.wsgi state=link - -- name: change celery env - shell: echo "export C_FORCE_ROOT=1" > /etc/profile.d/celery_env.sh - -- name: change file mode - file: path=/etc/profile.d/celery_env.sh mode=0755 - -- name: add compass setting - template: src=compass.setting.j2 dest=/etc/compass/setting - notify: - - restart compass service - - restart http service - -- name: add cobbler setting - template: src=cobbler.conf.nodocker.j2 dest=/etc/compass/os_installer/cobbler.conf - notify: - - restart compass service - - restart http service - -- name: link celery bin file - file: src={{ COMPASS_PATH }}/venv/bin/celery dest=/opt/compass/bin/celery state=link - notify: - - restart compass service - - restart http service - -- name: create redis folders - file: path={{ item }} state=directory owner=redis group=root - with_items: - - /var/log/redis - - /var/lib/redis - - /var/run/redis - -- name: make sure redis service not running - command: killall -9 redis-server - ignore_errors: yes - -- name: restart redis service - service: name=redis state=restarted enabled=yes - -- name: initialize db for compass - shell: /opt/compass/bin/manage_db.py createdb - run_once: True - -- name: copy ods-server httpd config - copy: src=ods-server.conf dest=/etc/httpd/conf.d/ods-server.conf - notify: - restart http service - -- name: clone compass web - git: repo=http://git.openstack.org/stackforge/compass-web.git - dest=/opt/compass-web - force=yes - -- name: copy web ui files - shell: cp -rf /opt/compass-web/v2 /var/www/compass_web/ - -- name: create switch file if test mode enabled - template: src=switch_machines_file.j2 - dest=/etc/compass/switch_machines_file - when: test is defined and test == True - -- name: inject switches and mac addresses - shell: /opt/compass/bin/manage_db.py set_switch_machines --switch_machines_file /etc/compass/switch_machines_file - when: test is defined and test == True -#- name: run compass check -# command: compass check diff --git a/install/roles/compass/tasks/docker.yml b/install/roles/compass/tasks/docker.yml deleted file mode 100644 index 672fadd..0000000 --- a/install/roles/compass/tasks/docker.yml +++ /dev/null @@ -1,72 +0,0 @@ ---- - -# - name: load dynamic variable -# include_vars: "{{ shared_dir }}/dynamic.yml" - -- name: clean up docker directory - file: path=~/docker-compass state=absent - -- name: clean up log directory - file: path=/var/log/compass state=absent - -- name: create directory for docker and files - file: path=~/docker-compass/files state=directory - -- name: copy Dockerfile - template: src=Dockerfile.j2 dest=~/docker-compass/Dockerfile mode=0644 - -- name: copy switch machines file - template: src=switch_machines_file.j2 dest=~/docker-compass/files/switch_machines_file mode=0644 - when: test - -- name: copy start script - template: src=start.sh.j2 - dest=~/docker-compass/files/start.sh - mode=0755 - -- name: copy compass.pem - copy: src={{ shared_dir }}/keys/compass.pem - dest=~/docker-compass/files/compass.pem - mode=0644 - when: "'chef' in {{ pkg_installer }}" - -- name: copy chef config - template: src=chef-icehouse.conf.j2 dest=~/docker-compass/files/chef-icehouse.conf - mode=0644 - -- name: copy cobber conf - template: src=cobbler.conf.j2 dest=~/docker-compass/files/cobbler.conf - mode=0644 - -- name: copy compass setting - template: src=compass.setting.j2 dest=~/docker-compass/files/compass.setting - mode=0644 - -- name: get containers - command: docker ps -a - register: containers - -- name: remove compass container if any - shell: docker rm compass-dev - when: containers.stdout.find('compass-dev') != -1 - -- name: check if compass image already exists - command: docker images compass - register: image - -- name: remove image 'compass' if it exists and --rebuild is specified - shell: docker rmi -f compass - when: image.stdout.find('compass') != -1 and rebuild - -- name: build a docker image for compass - shell: docker build -t compass ~/docker-compass - when: image.stdout.find('compass') == -1 or rebuild - -- name: fork image and run a new compass container - shell: docker run --name=compass-dev -d {{ compass_port_mapping }} -i -t compass - -- name: remove dynamic generated vars - local_action: file path={{ shared_dir }}/{{ item }} state=absent - with_items: - - dynamic.yml - - keys diff --git a/install/roles/compass/tasks/main.yml b/install/roles/compass/tasks/main.yml deleted file mode 100644 index 0e2c0a8..0000000 --- a/install/roles/compass/tasks/main.yml +++ /dev/null @@ -1,10 +0,0 @@ ---- - -- include: RedHat.yml - when: ansible_os_family == 'RedHat' and not dockerized - -- include: Debian.yml - when: ansible_os_family == 'Debian' and not dockerized - -- include: docker.yml - when: dockerized diff --git a/install/roles/compass/templates/Dockerfile.j2 b/install/roles/compass/templates/Dockerfile.j2 deleted file mode 100644 index 1188823..0000000 --- a/install/roles/compass/templates/Dockerfile.j2 +++ /dev/null @@ -1,17 +0,0 @@ -FROM compassindocker/compass - -ADD files/start.sh /root/start.sh -ADD files/compass.setting /etc/compass/setting -ADD files/cobbler.conf /etc/compass/os_installer/cobbler.conf -{% if test%} -ADD files/switch_machines_file /etc/compass/switch_machines_file -{% endif %} -{% if 'chef' in pkg_installer %} -ADD files/chef-icehouse.conf /etc/compass/package_installer/chef-icehouse.conf -ADD files/compass.pem /etc/compass.pem -{% endif %} - -CMD ["/root/start.sh"] -EXPOSE 80 -EXPOSE 123 -EXPOSE 3128 diff --git a/install/roles/compass/templates/chef-icehouse.conf.j2 b/install/roles/compass/templates/chef-icehouse.conf.j2 deleted file mode 100644 index eeab424..0000000 --- a/install/roles/compass/templates/chef-icehouse.conf.j2 +++ /dev/null @@ -1,10 +0,0 @@ -NAME = 'chef_installer' -INSTANCE_NAME = 'chef_installer' -SETTINGS = { - 'chef_url': 'https://{{ chef_server }}', - 'chef_server_ip': '{{ chef_server }}', - 'chef_server_dns': 'compass', - 'key_dir': '/etc/compass.pem', - 'client_name': 'compass', - 'databags': [] -} diff --git a/install/roles/compass/templates/cobbler.conf.j2 b/install/roles/compass/templates/cobbler.conf.j2 deleted file mode 100644 index 36002c4..0000000 --- a/install/roles/compass/templates/cobbler.conf.j2 +++ /dev/null @@ -1,9 +0,0 @@ -NAME = 'cobbler' -INSTANCE_NAME = 'cobbler' -SETTINGS = { - 'cobbler_url': 'http://{{ cobbler_server }}:{{ cobbler_mapped_http_port_on_host }}/cobbler_api', - 'credentials': { - 'username': 'cobbler', - 'password': 'cobbler' - } -} diff --git a/install/roles/compass/templates/cobbler.conf.nodocker.j2 b/install/roles/compass/templates/cobbler.conf.nodocker.j2 deleted file mode 100644 index ee6cfc2..0000000 --- a/install/roles/compass/templates/cobbler.conf.nodocker.j2 +++ /dev/null @@ -1,9 +0,0 @@ -NAME = 'cobbler' -INSTANCE_NAME = 'cobbler' -SETTINGS = { - 'cobbler_url': 'http://{{ cobbler_server }}/cobbler_api', - 'credentials': { - 'username': 'cobbler', - 'password': 'cobbler' - } -} diff --git a/install/roles/compass/templates/compass.setting.j2 b/install/roles/compass/templates/compass.setting.j2 deleted file mode 100644 index a8d79c6..0000000 --- a/install/roles/compass/templates/compass.setting.j2 +++ /dev/null @@ -1,33 +0,0 @@ -CONFIG_DIR = '/etc/compass' -DATABASE_TYPE = 'mysql' -DATABASE_USER = '{{ compass_db_user }}' -DATABASE_PASSWORD = '{{ compass_db_pass }}' -DATABASE_SERVER = '127.0.0.1:3306' -DATABASE_NAME = 'compass' -SQLALCHEMY_DATABASE_URI = '%s://%s:%s@%s/%s' % (DATABASE_TYPE, DATABASE_USER, DATABASE_PASSWORD, DATABASE_SERVER, DATABASE_NAME) -SQLALCHEMY_DATABASE_POOL_TYPE = 'instant' -INSTALLATION_LOGDIR = { - 'CobblerInstaller': '/var/log/cobbler/anamon', - 'ChefInstaller': '/var/log/chef' -} -DEFAULT_LOGLEVEL = 'debug' -DEFAULT_LOGDIR = '/var/log/compass' -DEFAULT_LOGINTERVAL = 6 -DEFAULT_LOGINTERVAL_UNIT = 'h' -DEFAULT_LOGFORMAT = '%(asctime)s - %(filename)s - %(lineno)d - %(levelname)s - %(message)s' -WEB_LOGFILE = 'compass.log' -CELERY_LOGFILE = 'celery.log' -CELERYCONFIG_DIR = '/etc/compass' -CELERYCONFIG_FILE = 'celeryconfig' -PROGRESS_UPDATE_INTERVAL=30 -POLLSWITCH_INTERVAL=60 -SWITCHES = [ -] -TMPL_DIR = '/etc/compass/templates' -#COMPASS_SUPPORTED_PROXY = 'http://{{ ansible_ssh_host }}:3128' -#COMPASS_SUPPORTED_DEFAULT_NOPROXY = ['127.0.0.1','{{ ansible_ssh_host }}','compass'] -#COMPASS_SUPPORTED_NTP_SERVER = '{{ ansible_ssh_host }}' -#COMPASS_SUPPORTED_DNS_SERVERS = ['{{ ansible_ssh_host }}'] -#COMPASS_SUPPORTED_DOMAINS = ['ods.com'] -#COMPASS_SUPPORTED_DEFAULT_GATEWAY = '{{ mgmt_router }}' -#COMPASS_SUPPORTED_LOCAL_REPO = 'http://{{ ansible_ssh_host }}' diff --git a/install/roles/compass/templates/start.sh.j2 b/install/roles/compass/templates/start.sh.j2 deleted file mode 100644 index 87dc01f..0000000 --- a/install/roles/compass/templates/start.sh.j2 +++ /dev/null @@ -1,42 +0,0 @@ -#!/bin/bash - -# activate virtualenv -source `which virtualenvwrapper.sh` -workon compass-core - -# start mysqld service, push it to bg -/usr/bin/mysqld_safe > /dev/null 2>&1 & - -RET=1 -while [[ RET -ne 0 ]]; do - echo "waiting for mariadb to startup" - sleep 5 - mysql -uroot -e "status" > /dev/null 2>&1 - RET=$? -done - -echo "mariadb started" - -# set mysql with default username and password -mysqladmin -h127.0.0.1 --port=3306 -u root password root - -# create db 'compass' -mysql -h127.0.0.1 --port=3306 -uroot -proot -e "create database compass" - -# start compass services -/opt/compass/bin/manage_db.py createdb - -# insert pxe boot machines for test -{% if test %} -/opt/compass/bin/manage_db.py set_switch_machines --switch_machines_file /etc/compass/switch_machines_file -{% endif %} - -/usr/sbin/apachectl -k start -/usr/sbin/rabbitmq-server & -/usr/bin/redis-server & -/usr/sbin/ntpd & -ln -s /root/.virtualenvs/compass-core/bin/celery /opt/compass/bin/celery -CELERY_CONFIG_MODULE=compass.utils.celeryconfig_wrapper C_FORCE_ROOT=1 /opt/compass/bin/celery worker &> /tmp/celery-worker.log & -/opt/compass/bin/progress_update.py &> /tmp/progress_update.log & -touch /var/log/compass/celery.log -tail -f /var/log/compass/celery.log diff --git a/install/roles/compass/templates/switch_machines_file.j2 b/install/roles/compass/templates/switch_machines_file.j2 deleted file mode 100644 index 489befc..0000000 --- a/install/roles/compass/templates/switch_machines_file.j2 +++ /dev/null @@ -1,4 +0,0 @@ -switch,1.1.1.1,huawei,2c,public,under_monitoring -{% for mac in pxe_boot_macs %} -machine,1.1.1.1,8,{{ mac }} -{% endfor %} diff --git a/install/roles/compass/vars/main.yml b/install/roles/compass/vars/main.yml deleted file mode 100644 index 17cee8f..0000000 --- a/install/roles/compass/vars/main.yml +++ /dev/null @@ -1,4 +0,0 @@ -dockerized: False -compass_db_user: compass -compass_db_pass: compass -COMPASS_PATH: /opt/compass-core diff --git a/install/roles/precheck/tasks/chef.yml b/install/roles/precheck/tasks/chef.yml deleted file mode 100644 index ed97d53..0000000 --- a/install/roles/precheck/tasks/chef.yml +++ /dev/null @@ -1 +0,0 @@ ---- diff --git a/install/roles/precheck/tasks/cobbler.yml b/install/roles/precheck/tasks/cobbler.yml deleted file mode 100644 index e69de29..0000000 diff --git a/install/roles/precheck/tasks/compass.yml b/install/roles/precheck/tasks/compass.yml deleted file mode 100644 index e69de29..0000000 diff --git a/install/roles/precheck/tasks/docker.yml b/install/roles/precheck/tasks/docker.yml deleted file mode 100644 index 1201483..0000000 --- a/install/roles/precheck/tasks/docker.yml +++ /dev/null @@ -1,14 +0,0 @@ ---- - -- name: check if docker is running - command: ps -ef - register: processes - -- name: check if there is containers if docker is running - command: docker ps -a - register: containers - when: processes.stdout.find("docker") != -1 - -- name: write files if container exists - local_action: file path="/tmp/{{ container_name }}" mode=0644 state=touch - when: processes.stdout.find("docker") != -1 and containers.stdout.find("{{ container_name }}") != -1 diff --git a/install/roles/precheck/tasks/main.yml b/install/roles/precheck/tasks/main.yml deleted file mode 100644 index 90ee914..0000000 --- a/install/roles/precheck/tasks/main.yml +++ /dev/null @@ -1,7 +0,0 @@ ---- - -- include: no-docker.yml - when: not dockerized - -- include: docker.yml - when: dockerized diff --git a/install/roles/precheck/tasks/no-docker.yml b/install/roles/precheck/tasks/no-docker.yml deleted file mode 100644 index 1181fa2..0000000 --- a/install/roles/precheck/tasks/no-docker.yml +++ /dev/null @@ -1,10 +0,0 @@ ---- - -- include: chef.yml - when: type == "chef" - -- include: cobbler.yml - when: type == "cobbler" - -- include: compass.yml - when: type == "compass" diff --git a/install/roles/regtest-compass/files/setting b/install/roles/regtest-compass/files/setting deleted file mode 100644 index 1ac04da..0000000 --- a/install/roles/regtest-compass/files/setting +++ /dev/null @@ -1,5 +0,0 @@ -DEFAULT_LOGLEVEL = 'info' -DEFAULT_LOGDIR = '/var/log/compass' -DEFAULT_LOGINTERVAL = 6 -DEFAULT_LOGINTERVAL_UNIT = 'h' -DEFAULT_LOGFORMAT = '%(asctime)s - %(filename)s - %(lineno)d - %(levelname)s - %(message)s' diff --git a/install/roles/regtest-compass/tasks/main.yml b/install/roles/regtest-compass/tasks/main.yml deleted file mode 100644 index f5812e8..0000000 --- a/install/roles/regtest-compass/tasks/main.yml +++ /dev/null @@ -1,45 +0,0 @@ ---- - -- name: install essentials - yum: name={{ item }} state=present - with_items: - - git - - python-setuptools - - python-devel - - mysql-devel - -- name: install pip - easy_install: name=pip - -- name: install virtualenv - pip: name=virtualenv - -- name: cloning compass-core - git: repo=http://git.openstack.org/stackforge/compass-core.git - dest={{ COMPASS_PATH }} - version=dev/experimental - -- name: pip install compass into virtualenv - pip: name={{ COMPASS_PATH }} virtualenv={{ COMPASS_PATH }}/venv - -- name: write compass setting file - copy: src=setting dest=/etc/compass/setting - -- name: create log dir - file: path=/var/log/compass state=directory - -- name: write python home into switch virtualenv - lineinfile: dest={{ COMPASS_PATH }}/bin/switch_virtualenv.py.template - regexp="^virtual\_env\ \=\ \'\$PythonHome\'" - line="virtual_env = '/opt/compass-core/venv'" - -- name: rename switch_virtualenv template - command: mv {{ COMPASS_PATH }}/bin/switch_virtualenv.py.template {{ COMPASS_PATH }}/bin/switch_virtualenv.py - -- name: copy client script - template: src=client.sh.j2 dest=/opt/client.sh mode=0755 - -- name: initiate deployment - shell: /opt/client.sh > /var/log/regtest.log - async: 360 - poll: 60 diff --git a/install/roles/regtest-compass/templates/client.sh.j2 b/install/roles/regtest-compass/templates/client.sh.j2 deleted file mode 100644 index 2aebccd..0000000 --- a/install/roles/regtest-compass/templates/client.sh.j2 +++ /dev/null @@ -1,17 +0,0 @@ -{{ COMPASS_PATH }}/bin/client.py --logfile= --loglevel=debug --logdir= --compass_server={{ COMPASS_SERVER_URL }} \ ---compass_user_email={{ COMPASS_USER_EMAIL }} --compass_user_password={{ COMPASS_USER_PASSWORD }} \ ---cluster_name={{ CLUSTER_NAME }} --language={{ LANGUAGE }} --timezone={{ TIMEZONE }} \ ---hostnames={{ HOSTNAMES }} --partitions={{ PARTITIONS }} --subnets={{ SUBNETS }} \ ---adapter_os_pattern={{ ADAPTER_OS_PATTERN }} --adapter_name={{ ADAPTER_NAME }} \ ---adapter_target_system_pattern={{ ADAPTER_TARGET_SYSTEM_PATTERN }} \ ---adapter_flavor_pattern={{ ADAPTER_FLAVOR_PATTERN }} \ ---http_proxy={{ PROXY }} --https_proxy={{ PROXY }} --no_proxy={{ IGNORE_PROXY }} \ ---ntp_server={{ NTP_SERVER }} --dns_servers={{ NAMESERVERS }} --domain={{ DOMAIN }} \ ---search_path={{ SEARCH_PATH }} --default_gateway={{ GATEWAY }} \ ---server_credential={{ SERVER_CREDENTIAL }} --local_repo_url={{ LOCAL_REPO_URL }} \ ---os_config_json_file={{ OS_CONFIG_FILENAME }} --service_credentials={{ SERVICE_CREDENTIALS }} \ ---console_credentials={{ CONSOLE_CREDENTIALS }} --host_networks={{ HOST_NETWORKS }} \ ---network_mapping={{ NETWORK_MAPPING }} --package_config_json_file={{ PACKAGE_CONFIG_FILENAME }} \ ---host_roles={{ HOST_ROLES }} --default_roles={{ DEFAULT_ROLES }} --switch_ips={{ SWITCH_IPS }} \ ---machines={{ pxe_boot_macs |join(',') }} --switch_credential={{ SWITCH_CREDENTIAL }} \ ---deployment_timeout={{ DEPLOYMENT_TIMEOUT }} --${POLL_SWITCHES_FLAG} --dashboard_url={{ DASHBOARD_URL }} diff --git a/install/site.yml b/install/site.yml deleted file mode 100644 index 389987d..0000000 --- a/install/site.yml +++ /dev/null @@ -1,18 +0,0 @@ ---- - -- hosts: chefnodes - sudo: True - roles: - - chef - -- hosts: cobblernodes - sudo: True - roles: - - common - - cobbler - -- hosts: compassnodes - sudo: True - roles: - - common - - compass