openstack/kolla-ansible
Code Issues Proposed changes

Add sudo package for bootstrap-servers

Browse Source 
sudo package is required when we use ubuntu base on centos to deploy.

The following tasks belong to the environment check after
installation of environment-related software packages.
So, move to the post-install module.

    Create kolla user
    Add public key to kolla user authorized keys
    Grant kolla user passwordless sudo
    Ensure node_config_directory directory exists for user kolla
    Ensure node_config_directory directory exists

Change-Id: I86bf5e1df3d6568c4f1ca6f4757f08a3dd22754d
Closes-Bug: #1777571
This commit is contained in:
fan_guiju 2018-06-19 14:26:42 +08:00
parent 29a6a61d97
commit 9ff5d5483e
3 changed files with 53 additions and 45 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
ansible/roles/baremetal/defaults/main.yml
View File

@ -37,6 +37,7 @@ redhat_pkg_install:
- git - git
- python-setuptools - python-setuptools
- ntp - ntp
- sudo
ubuntu_pkg_removals: ubuntu_pkg_removals:
- lxd - lxd

52
ansible/roles/baremetal/tasks/post-install.yml
View File

@ -1,4 +1,56 @@
--- ---
- name: Create kolla user
user:
name: "{{ kolla_user }}"
state: present
group: "{{ kolla_group }}"
groups: "sudo"
become: True
when: create_kolla_user | bool
- name: Add public key to kolla user authorized keys
authorized_key:
user: "{{ kolla_user }}"
key: "{{ kolla_ssh_key.public_key }}"
become: True
when: create_kolla_user | bool
- name: Create sudoers profile for user kolla
file:
path: /etc/sudoers.d/kolla-ansible-users
state: touch
become: True
when: create_kolla_user | bool
- name: Grant kolla user passwordless sudo
lineinfile:
dest: /etc/sudoers.d/kolla-ansible-users
state: present
regexp: '^{{ kolla_group }}'
line: '{{ kolla_group }} ALL=(ALL) NOPASSWD: ALL'
become: True
when: create_kolla_user | bool
- name: Ensure node_config_directory directory exists for user kolla
file:
path: "{{ node_config_directory }}"
state: directory
recurse: yes
owner: "{{ kolla_user }}"
group: "{{ kolla_group }}"
mode: 0755
become: True
when: create_kolla_user | bool
- name: Ensure node_config_directory directory exists
file:
path: "{{ node_config_directory }}"
state: directory
recurse: yes
mode: 0644
become: True
when: not create_kolla_user | bool
- name: Ensure docker service directory exists - name: Ensure docker service directory exists
file: file:
path: /etc/systemd/system/docker.service.d path: /etc/systemd/system/docker.service.d

45
ansible/roles/baremetal/tasks/pre-install.yml
View File

@ -47,31 +47,6 @@
become: True become: True
when: create_kolla_user | bool when: create_kolla_user | bool
- name: Create kolla user
user:
name: "{{ kolla_user }}"
state: present
group: "{{ kolla_group }}"
groups: "sudo"
become: True
when: create_kolla_user | bool
- name: Grant kolla user passwordless sudo
lineinfile:
dest: /etc/sudoers
state: present
regexp: '^{{ kolla_group }}'
line: '{{ kolla_group }} ALL=(ALL) NOPASSWD: ALL'
become: True
when: create_kolla_user | bool
- name: Add public key to kolla user authorized keys
authorized_key:
user: "{{ kolla_user }}"
key: "{{ kolla_ssh_key.public_key }}"
become: True
when: create_kolla_user | bool
- name: Install apt packages - name: Install apt packages
apt: apt:
update_cache: yes update_cache: yes
@ -133,23 +108,3 @@
key: "{{ docker_yum_url }}/gpg" key: "{{ docker_yum_url }}/gpg"
become: True become: True
when: ansible_os_family == 'RedHat' when: ansible_os_family == 'RedHat'
- name: Ensure node_config_directory directory exists
file:
path: "{{ node_config_directory }}"
state: directory
recurse: yes
owner: "{{ kolla_user }}"
group: "{{ kolla_group }}"
mode: 0755
become: True
when: create_kolla_user | bool
- name: Ensure node_config_directory directory exists
file:
path: "{{ node_config_directory }}"
state: directory
recurse: yes
mode: 0644
become: True
when: not create_kolla_user | bool