98 lines
2.9 KiB
YAML
98 lines
2.9 KiB
YAML
- name: Add the nodepool group
|
|
group:
|
|
name: '{{ nodepool_group }}'
|
|
state: present
|
|
gid: '{{ nodepool_gid }}'
|
|
|
|
- name: Add the nodepool user
|
|
user:
|
|
name: '{{ nodepool_user }}'
|
|
group: '{{ nodepool_group }}'
|
|
uid: '{{ nodepool_uid }}'
|
|
home: '/home/{{ nodepool_user }}'
|
|
create_home: yes
|
|
shell: /bin/bash
|
|
system: yes
|
|
|
|
- name: Sync project-config
|
|
include_role:
|
|
name: sync-project-config
|
|
|
|
- name: Create nodepool config dir
|
|
file:
|
|
name: /etc/nodepool
|
|
state: directory
|
|
owner: '{{ nodepool_user }}'
|
|
group: '{{ nodepool_group }}'
|
|
mode: 0755
|
|
|
|
- name: Generate ZooKeeper TLS cert
|
|
include_role:
|
|
name: opendev-ca
|
|
vars:
|
|
opendev_ca_name: zk
|
|
opendev_ca_cert_dir: /etc/nodepool
|
|
opendev_ca_cert_dir_owner: '{{ nodepool_user }}'
|
|
opendev_ca_cert_dir_group: '{{ nodepool_group }}'
|
|
|
|
- name: Create nodepool log dir
|
|
file:
|
|
name: /var/log/nodepool
|
|
state: directory
|
|
owner: '{{ nodepool_user }}'
|
|
group: '{{ nodepool_group }}'
|
|
mode: 0755
|
|
|
|
- name: Look for a host specific config file
|
|
stat:
|
|
path: /opt/project-config/nodepool/{{ inventory_hostname }}.yaml
|
|
register: host_config_file
|
|
|
|
- name: Load host specific config file
|
|
slurp:
|
|
path: '{{ host_config_file.stat.exists | ternary(host_config_file.stat.path, "/opt/project-config/nodepool/nodepool.yaml") }}'
|
|
register: nodepool_config_content
|
|
|
|
- name: Parse nodepool config
|
|
set_fact:
|
|
nodepool_config: "{{ nodepool_config_content.content | b64decode | from_yaml }}"
|
|
|
|
# NOTE(ianw) : 2023-10-12 some nodes, e.g. osuosl, do not have ipv6.
|
|
# This determines if we should use the ipv4 or ipv6 address of the ZK
|
|
# hosts.
|
|
- name: Determine if we should use ipv4 or ipv6 for ZK servers
|
|
set_fact:
|
|
_public_addr: '{{ "public_v6" if hostvars[inventory_hostname]["public_v6"] is defined else "public_v4" }}'
|
|
|
|
# Have to run service-zookeeper before service-nodepool
|
|
# because we need top populate the fact cache.
|
|
# Also, we need IP addresses here because in the gate
|
|
# hostnames do not resolve.
|
|
- name: Get zk config
|
|
set_fact:
|
|
zk_hosts:
|
|
hosts: "{{ (zk_hosts['hosts']|default([])) + [{'port': '2281', 'host': hostvars[item][_public_addr] | default(hostvars[item]['ansible_host']) }] }}"
|
|
with_items: '{{ groups["zookeeper"] }}'
|
|
|
|
- name: Overwrite zookeeper-servers
|
|
vars:
|
|
new_config:
|
|
zookeeper-servers: '{{ zk_hosts.hosts }}'
|
|
zookeeper-tls:
|
|
cert: "/etc/nodepool/certs/cert.pem"
|
|
key: "/etc/nodepool/keys/key.pem"
|
|
ca: "/etc/nodepool/certs/cacert.pem"
|
|
set_fact:
|
|
nodepool_config: "{{ nodepool_config | combine(new_config) }}"
|
|
|
|
- name: Write nodepool config
|
|
copy:
|
|
content: "{{ nodepool_config | to_nice_yaml(indent=2) }}"
|
|
dest: /etc/nodepool/nodepool.yaml
|
|
|
|
- name: Symlink in elements from project-config repo
|
|
file:
|
|
state: link
|
|
src: /opt/project-config/nodepool/elements
|
|
dest: /etc/nodepool/elements
|