Ian Wienand f07bf2a507 Import install-docker role
This is a role for installing docker on our control-plane servers.

It is based on install-docker from zuul-jobs.

Basic testinfra tests are added; because docker fiddles the iptables
rules in magic ways, the firewall testing is moved out of the base
tests and modified to partially match our base firewall configuration.

Change-Id: Ia4de5032789ff0f2b07d4f93c0c52cf94aa9c25c
2018-12-14 11:30:47 -08:00

60 lines
1.6 KiB
YAML

- hosts: "!disabled"
name: "Base: set up users and base package repositories on all hosts"
roles:
- users
- base-repos
# Run base-server seperately so that the update apt cache handler in base-repos
# fires before we run base-server
- hosts: "!disabled"
name: "Base: set up common environment on all hosts"
roles:
- base-server
- timezone
- unbound
- exim
- iptables
- snmpd
- hosts: bridge.openstack.org:!disabled
name: "Base: configure OpenStackSDK on bridge"
tasks:
- include_role:
name: configure-openstacksdk
vars:
openstacksdk_config_file: '{{ openstacksdk_config_dir }}/all-clouds.yaml'
openstacksdk_config_template: clouds/bridge_all_clouds.yaml.j2
- include_role:
name: configure-openstacksdk
vars:
openstacksdk_config_template: clouds/bridge_clouds.yaml.j2
- hosts: nodepool-launcher:nodepool-builder:!disabled
name: "Base: configure OpenStackSDK on nodepool"
strategy: free
roles:
- minimal-nodepool
- configure-openstacksdk
- configure-kubectl
- hosts: "puppet:!disabled"
name: "Base: install and configure puppet on puppet hosts"
roles:
- puppet-install
- disable-puppet-agent
- hosts: "adns1.opendev.org:!disabled"
name: "Base: configure adns1.opendev.org"
roles:
- master-nameserver
- hosts: "ns1.opendev.org:ns2.opendev.org:!disabled"
name: "Base: configure authoritative nameservers"
roles:
- nameserver
- hosts: "docker:!disabled"
name: "Base: install and configure docker on docker hosts"
roles:
- install-docker