Update delegated setup hosts to support IP delegation

The option `skydive_service_setup_host` allows a user to define a
setup host target which could, or could not, be in the provided
inventory. Additionally a setup target host could also be simply
an IP reference. This change ensures that the playbooks and roles
respect the different setup host delegation node types by creating
in memory host entries and gathering facts on the dynamic
information when the target is not in inventory, is not in the
skydive_all group, or simply an IP.

Change-Id: I532abd7171ba9077759640e4bf18b9b517264426
Signed-off-by: Kevin Carter <kevin@cloudnull.com>
Signed-off-by: Kevin Carter <kevin.carter@rackspace.com>

skydive/buildSkydive.yml

@@ -22,9 +22,7 @@
 
 - name: Gather facts
   hosts: skydive_all
-  tasks:
+  gather_facts: true
-    - name: Gather facts on all hosts
-      setup: {}
   tags:
     - always
 

skydive/buildTraefik.yml

@@ -22,9 +22,7 @@
 
 - name: Gather facts
   hosts: traefik_all
-  tasks:
+  gather_facts: true
-    - name: Gather facts on all hosts
-      setup: {}
   tags:
     - always
 

skydive/installSkydive.yml

@@ -13,6 +13,42 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
+- name: Setup localhost
+  hosts: localhost
+  connection: local
+  tags:
+    - always
+
+
+- name: Configure skydive-service-setup-host
+  hosts: skydive_all[0]
+  connection: local
+  become: yes
+  tasks:
+    # NOTE(cloudnull): When the host entry is an IP, these tasks will construct a basic
+    #                  host entry for the delegated node, which will ensure facts are
+    #                  available for the deployment host.
+    - name: Add dynamic host entry
+      add_host:
+        name: "{{ skydive_service_setup_host }}"
+        groups: skydive_all
+        ansible_host: "{{ skydive_service_setup_host }}"
+      when:
+        - ((skydive_service_setup_host is defined) and (skydive_service_setup_host | ipaddr)) or
+          (skydive_service_setup_host not in groups['all']) or
+          (skydive_service_setup_host not in groups['skydive_all'])
+  tags:
+    - always
+
+
+- name: Gather all facts
+  hosts: skydive_all
+  become: yes
+  gather_facts: yes
+  tags:
+    - always
+
+
 - name: Deploy skydive binaries
   hosts: skydive_agents:skydive_analyzers
   become: yes
@@ -130,6 +166,8 @@
   become: yes
   roles:
     - role: skydive_analyzer
+  vars:
+    skydive_service_setup_host: "{{ openstack_service_setup_host | default(groups['skydive_analyzers'][0]) }}"
   tags:
     - skydive-analyzer-setup
 
@@ -139,6 +177,7 @@
   become: yes
   roles:
     - role: skydive_agent
-      skydive_service_setup_host: "{{ openstack_service_setup_host | default(groups['skydive_analyzers'][0]) }}"
+  vars:
+    skydive_service_setup_host: "{{ openstack_service_setup_host | default(groups['skydive_analyzers'][0]) }}"
   tags:
     - skydive-agent-setup

skydive/roles/skydive_analyzer/meta/main.yml

@@ -38,7 +38,7 @@ galaxy_info:
 dependencies:
   - role: traefik_common
     traefik_basic_auth_users: "{{ _skydive_basic_auth_users | combine(skydive_basic_auth_users) }}"
-    traffic_dashboard_bind: "{{ skydive_bind_address | default(hostvars[inventory_hostname]['ansible_' ~ (skydive_network_device | replace('-', '_') | string)]['ipv4']['address']) }}"
+    traffic_dashboard_bind: "{{ skydive_bind_address | default(hostvars[inventory_hostname]['ansible_' ~ ((skydive_network_device | default(ansible_default_ipv4['interface'])) | replace('-', '_') | string)]['ipv4']['address']) }}"
     traefik_dashboard_enabled: true
     traefik_destinations:
       elasticsearch:

skydive/roles/skydive_common/defaults/main.yml

@@ -29,7 +29,7 @@ skydive_agent_port: 8081
 skydive_flow_protocol: udp
 
 # Set a particulare network interface used for skydive traffic
-skydive_network_device: "{{ ansible_default_ipv4['interface'] }}"
+# skydive_network_device: "{{ ansible_default_ipv4['interface'] }}"
 
 # The skydive bind address can also be used to set the specific bind address of
 # a given node running the skydive analyzer. By default this variable is undefined

skydive/roles/skydive_common/tasks/main.yml

@@ -112,6 +112,12 @@
   when:
     - clouds_file['content'] is defined
 
+- name: Set network device fact
+  set_fact:
+    skydive_network_device: "{{ ansible_default_ipv4['interface'] }}"
+  when:
+    - skydive_network_device is undefined
+
 - include_tasks: skydive_setup.yml
 
 - include_tasks: skydive_ssl.yml

skydive/roles/skydive_common/tasks/skydive_ssl.yml

@@ -25,6 +25,31 @@
   run_once: true
   delegate_to: "{{ skydive_service_setup_host }}"
   block:
+    - name: create the system group
+      group:
+        name: "skydive"
+        state: "present"
+        system: "yes"
+
+    - name: Create the skydive user
+      user:
+        name: "skydive"
+        group: "skydive"
+        comment: "skydive user"
+        shell: "/bin/false"
+        createhome: "yes"
+        home: "/usr/share/skydive"
+
+    - name: Create skydive ssl path
+      file:
+        path: "{{ item }}"
+        state: directory
+        owner: "skydive"
+        group: "skydive"
+        mode: "0700"
+      with_items:
+        - "/var/lib/skydive/ssl"
+
     - name: Create CNF
       template:
         src: "skydive-openssl.cnf.j2"

skydive/roles/skydive_common/templates/skydive-openssl.cnf.j2

@@ -24,14 +24,16 @@ subjectAltName = @alt_names
 {% set ips = [] %}
 {% set hostnames = [] %}
 {% for node in groups['skydive_all'] %}
-{%   set _ansible_interface_name = hostvars[node]['skydive_network_device'] | default(hostvars[node]['ansible_default_ipv4']['interface']) | replace('-', '_') %}
+{%   if hostvars[node]['ansible_default_ipv4'] is defined %}
-{%   set _skydive_ip = hostvars[node]['skydive_bind_address'] | default(hostvars[node]["ansible_" ~ _ansible_interface_name]['ipv4']['address']) %}
+{%     set _ansible_interface_name = hostvars[node]['skydive_network_device'] | default(hostvars[node]['ansible_default_ipv4']['interface']) | replace('-', '_') %}
-{%   set _skydive_ansible_domain = hostvars[node]['ansible_domain'] | default(hostvars[node]['ansible_hostname'] ) %}
+{%     set _skydive_ip = hostvars[node]['skydive_bind_address'] | default(hostvars[node]["ansible_" ~ _ansible_interface_name]['ipv4']['address']) %}
-{%   set _skydive_dns_name = ((_skydive_ansible_domain | length) > 0) | ternary(_skydive_ansible_domain, hostvars[node]['ansible_hostname']) %}
+{%     set _skydive_ansible_domain = hostvars[node]['ansible_fqdn'] | default(hostvars[node]['ansible_hostname'] ) %}
-{%   set _ = ips.append(_skydive_ip) %}
+{%     set _skydive_dns_name = ((_skydive_ansible_domain | length) > 0) | ternary(_skydive_ansible_domain, hostvars[node]['ansible_hostname']) %}
-{%   set _ = hostnames.append(_skydive_dns_name) %}
+{%     set _ = ips.append(_skydive_ip) %}
+{%     set _ = hostnames.append(_skydive_dns_name) %}
 IP.{{ loop.index }} = {{ _skydive_ip }}
 DNS.{{ loop.index }} = {{ _skydive_dns_name }}
+{%   endif %}
 {% endfor %}
 
 {% set localhost_index = (groups['skydive_all'] | length) + 1 %}

skydive/roles/skydive_common/vars/debian.yml

@@ -18,3 +18,4 @@ sykdive_distro_packages:
   - python3-openssl
   - python-openssl
   - python-passlib
+  - python-virtualenv

skydive/roles/skydive_common/vars/main.yml

@@ -50,7 +50,7 @@ skydive_ssl_cnf: "/var/lib/skydive/ssl/skydive-openssl.cnf"
 skydive_ssl_key: "/var/lib/skydive/ssl/skydive.key"
 skydive_ssl_csr: "/var/lib/skydive/ssl/skydive.csr"
 skydive_ssl_cert: "/var/lib/skydive/ssl/skydive-{{ inventory_hostname | replace('_', '-') | replace(' ', '-') }}.crt"
-skydive_ssl_signed_subject: "/C=XX/L=OpenStack-Cloud/O=OpenStack/OU=IT/CN={{ ((ansible_domain | length) > 0) | ternary(ansible_domain, ansible_hostname) }}"
+skydive_ssl_signed_subject: "/C=XX/L=OpenStack-Cloud/O=OpenStack/OU=IT/CN={{ ((ansible_fqdn | length) > 0) | ternary(ansible_fqdn, ansible_hostname) }}"
 
 skydive_ssl_ca_key: "/var/lib/skydive/ssl/skydive-ca.key"
 skydive_ssl_ca_cert: "/var/lib/skydive/ssl/skydive-ca.crt"

skydive/roles/skydive_common/vars/redhat.yml

@@ -17,3 +17,4 @@ sykdive_distro_packages:
   - openssl
   - python2-passlib
   - pyOpenSSL
+  - python-virtualenv

skydive/roles/skydive_common/vars/suse.yml

@@ -18,3 +18,4 @@ sykdive_distro_packages:
   - python2-pyOpenSSL
   - python3-pyOpenSSL
   - python-passlib
+  - python2-virtualenv

skydive/validateSkydive.yml

@@ -27,4 +27,5 @@
       delay: 10
 
     - name: Show Skydive client
-      debug: var=skydive_client
+      debug:
+        msg: "{{ skydive_client.stdout | from_json }}"