opendev/system-config
Code Issues Proposed changes
system-config/playbooks/roles/install-ansible/tasks/main.yaml
Monty Taylor 4b9d1a88bd Use zuul checkouts of ansible roles from other repos 
We have two standalone roles, puppet and cloud-launcher, but we
currently install them with galaxy so depends-on patches don't
work. We also install them every time we run anything, even if
we don't need them for the playbook in question.

Add two roles, one to install a set of ansible roles needed by
the host in question, and the other to encapsulate the sequence
of running puppet, which now includes installing the puppet
role, installing puppet, disabling the puppet agent and then
running puppet.

As a followup, we'll do the same thing with the puppet modules,
so that we arent' cloning and rsyncing ALL of the puppet modules
all the time no matter what.

Change-Id: I69a2e99e869ee39a3da573af421b18ad93056d5b
2020-04-30 12:39:12 -05:00

163 lines
4.6 KiB
YAML
Raw Blame History

# If ansible_install_version is not defined it should be "latest"
- name: Set ansible default version to latest
set_fact:
install_ansible_version: latest
when: install_ansible_version is not defined
# If a version is not explicitly set we want to make sure to
# completely omit the version argument to pip, as it will be coming
# from the long-form install_ansible_name variable. Additionally, if
# the version is the special value "latest", then we also want to omit
# any version number, but also set the package state to "latest".
- name: Set ansible version for installation
set_fact:
_install_ansible_version: '{{ install_ansible_version }}'
when: install_ansible_version not in ('', 'latest')
- name: Set ansible package state for installation
set_fact:
_install_ansible_state: latest
when: install_ansible_version == 'latest'
- name: Ensure required build packages for non-wheel architectures
apt:
update_cache: yes
name:
- libffi-dev
- libssl-dev
- build-essential
when: ansible_architecture == 'aarch64'
- name: Install ansible
pip:
name: '{{ install_ansible_name | default("ansible") }}'
version: '{{ _install_ansible_version | default(omit) }}'
state: '{{ _install_ansible_state | default(omit) }}'
# For use by k8s_raw ansible module
# - name: Install openshift client
# pip:
# name: 'openshift'
# TODO(corvus): re-add this once kubernetes 9.0.0 is released
# Same version/state default swizzling as described above for
# openstacksdk
- name: Set openstacksdk default version to latest
set_fact:
install_ansible_openstacksdk_version: latest
when: install_ansible_openstacksdk_version is not defined
- name: Set openstacksdk version for installation
set_fact:
_install_ansible_openstacksdk_version: '{{ install_ansible_openstacksdk_version }}'
when: install_ansible_openstacksdk_version not in ('', 'latest')
- name: Set openstacksdk package state for installation
set_fact:
_install_openstacksdk_state: latest
when: install_ansible_openstacksdk_version == 'latest'
- name: Install openstacksdk
pip:
name: '{{ install_ansible_openstacksdk_name | default("openstacksdk") }}'
version: '{{ _install_ansible_openstacksdk_version | default(omit) }}'
state: '{{ _install_openstacksdk_state | default(omit) }}'
- name: Ensure /etc/ansible and /etc/ansible/hosts
file:
state: directory
path: /etc/ansible/hosts
- name: Ensure /etc/ansible/inventory_plugins
file:
state: directory
path: /etc/ansible/inventory_plugins
- name: Ensure /var/cache/ansible
file:
state: directory
path: /var/cache/ansible
owner: root
group: root
mode: 0770
- name: Ensure ansible log dir is writable
file:
path: /var/log/ansible
state: directory
owner: root
group: root
mode: 0775
- name: Set up the ARA callback
include_tasks: install_ara.yaml
when: install_ansible_ara_enable
- name: Copy ansible.cfg in to place
template:
src: ansible.cfg.j2
dest: /etc/ansible/ansible.cfg
- name: Copy static inventory in place
copy:
src: 'inventory/{{ item }}'
dest: '/etc/ansible/hosts/{{ item }}'
loop:
- openstack.yaml
- groups.yaml
- name: Copy system-config roles into place
copy:
src: roles/
dest: /etc/ansible/roles
- name: Make sure k8s-on-openstack repo is up to date
git:
repo: https://github.com/infraly/k8s-on-openstack
dest: /opt/k8s-on-openstack
# HEAD as of 2019-02-08
version: e27a313b1583c377e08385014b9a880da765924b
force: yes
# Yeah. This is install-ansible. But we need to do this and doing it when
# we install the ansible stuff seems like the right time workflow-wise.
- name: Ensure puppet directory
file:
state: directory
path: /etc/puppet
- name: Install puppet module management scripts
copy:
src: '{{ item }}'
dest: '/etc/puppet/{{ item }}'
loop:
- install_modules.sh
- modules.env
- name: Run puppet module install
command:
cmd: bash install_modules.sh
chdir: /etc/puppet
# NOTE(mordred) The copy of the openstack inventory plugin from 2.6 is busted.
# It doesn't proerly deal with caching. A fix has been submitted upstream, but
# for now this is a fixed copy.
- name: Copy fixed openstack inventory in place
copy:
src: inventory_plugins/openstack.py
dest: /etc/ansible/inventory_plugins/openstack.py
- name: Copy yamlgroup inventory in place
copy:
src: inventory_plugins/yamlgroup.py
dest: /etc/ansible/inventory_plugins/yamlgroup.py
- name: Setup log rotation
include_role:
name: logrotate
vars:
logrotate_file_name: /var/log/ansible/ansible.log
- name: Verify ansible install
command: ansible --version
View Git Blame Copy Permalink