IRR - Implemented for setup-hosts

The change removes and points our role requirements to use
the independent repos that are now online. Updates to the
Ansible bootstrap script here remove the forced "updated"
that was happening on every bootstrap so that we're ensuring
a stable build based on a described version.

Change-Id: If7f83d0875a5b074f506235d650be48a6e461e56
Implements: blueprint independent-role-repositories
Signed-off-by: Kevin Carter <kevin.carter@rackspace.com>
This commit is contained in:
Kevin Carter 2015-11-02 13:41:51 -06:00
parent 15ddfe8fcb
commit 2f42424cf3
No known key found for this signature in database
GPG Key ID: 69FEFFC5E2D9273F
89 changed files with 21 additions and 5059 deletions

View File

@ -1,9 +1,24 @@
# Use this file to fill in your third party roles that you'd like to have added to the list of available roles.
# Example:
# - github_api: https://api.github.com/repos/os-cloud/opc_role-galera_client
# name: galera_client
# src: https://github.com/os-cloud/opc_role-galera_client
# version: master
- src: evrardjp.keepalived
name: keepalived
version: '1.3'
- name: apt_package_pinning
src: https://github.com/openstack/openstack-ansible-apt_package_pinning
version: master
- name: lxc_container_create
src: https://github.com/openstack/openstack-ansible-lxc_container_create
version: master
- name: lxc_hosts
src: https://github.com/openstack/openstack-ansible-lxc_hosts
version: master
- name: openstack_hosts
src: https://github.com/openstack/openstack-ansible-openstack_hosts
version: master
- name: pip_install
src: https://github.com/openstack/openstack-ansible-pip_install
version: master
- name: py_from_git
src: https://github.com/openstack/openstack-ansible-py_from_git
version: master
- name: rsyslog_client
src: https://github.com/openstack/openstack-ansible-rsyslog_client
version: master

View File

@ -1,202 +0,0 @@
Apache License
Version 2.0, January 2004
http://www.apache.org/licenses/
TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
1. Definitions.
"License" shall mean the terms and conditions for use, reproduction,
and distribution as defined by Sections 1 through 9 of this document.
"Licensor" shall mean the copyright owner or entity authorized by
the copyright owner that is granting the License.
"Legal Entity" shall mean the union of the acting entity and all
other entities that control, are controlled by, or are under common
control with that entity. For the purposes of this definition,
"control" means (i) the power, direct or indirect, to cause the
direction or management of such entity, whether by contract or
otherwise, or (ii) ownership of fifty percent (50%) or more of the
outstanding shares, or (iii) beneficial ownership of such entity.
"You" (or "Your") shall mean an individual or Legal Entity
exercising permissions granted by this License.
"Source" form shall mean the preferred form for making modifications,
including but not limited to software source code, documentation
source, and configuration files.
"Object" form shall mean any form resulting from mechanical
transformation or translation of a Source form, including but
not limited to compiled object code, generated documentation,
and conversions to other media types.
"Work" shall mean the work of authorship, whether in Source or
Object form, made available under the License, as indicated by a
copyright notice that is included in or attached to the work
(an example is provided in the Appendix below).
"Derivative Works" shall mean any work, whether in Source or Object
form, that is based on (or derived from) the Work and for which the
editorial revisions, annotations, elaborations, or other modifications
represent, as a whole, an original work of authorship. For the purposes
of this License, Derivative Works shall not include works that remain
separable from, or merely link (or bind by name) to the interfaces of,
the Work and Derivative Works thereof.
"Contribution" shall mean any work of authorship, including
the original version of the Work and any modifications or additions
to that Work or Derivative Works thereof, that is intentionally
submitted to Licensor for inclusion in the Work by the copyright owner
or by an individual or Legal Entity authorized to submit on behalf of
the copyright owner. For the purposes of this definition, "submitted"
means any form of electronic, verbal, or written communication sent
to the Licensor or its representatives, including but not limited to
communication on electronic mailing lists, source code control systems,
and issue tracking systems that are managed by, or on behalf of, the
Licensor for the purpose of discussing and improving the Work, but
excluding communication that is conspicuously marked or otherwise
designated in writing by the copyright owner as "Not a Contribution."
"Contributor" shall mean Licensor and any individual or Legal Entity
on behalf of whom a Contribution has been received by Licensor and
subsequently incorporated within the Work.
2. Grant of Copyright License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
copyright license to reproduce, prepare Derivative Works of,
publicly display, publicly perform, sublicense, and distribute the
Work and such Derivative Works in Source or Object form.
3. Grant of Patent License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
(except as stated in this section) patent license to make, have made,
use, offer to sell, sell, import, and otherwise transfer the Work,
where such license applies only to those patent claims licensable
by such Contributor that are necessarily infringed by their
Contribution(s) alone or by combination of their Contribution(s)
with the Work to which such Contribution(s) was submitted. If You
institute patent litigation against any entity (including a
cross-claim or counterclaim in a lawsuit) alleging that the Work
or a Contribution incorporated within the Work constitutes direct
or contributory patent infringement, then any patent licenses
granted to You under this License for that Work shall terminate
as of the date such litigation is filed.
4. Redistribution. You may reproduce and distribute copies of the
Work or Derivative Works thereof in any medium, with or without
modifications, and in Source or Object form, provided that You
meet the following conditions:
(a) You must give any other recipients of the Work or
Derivative Works a copy of this License; and
(b) You must cause any modified files to carry prominent notices
stating that You changed the files; and
(c) You must retain, in the Source form of any Derivative Works
that You distribute, all copyright, patent, trademark, and
attribution notices from the Source form of the Work,
excluding those notices that do not pertain to any part of
the Derivative Works; and
(d) If the Work includes a "NOTICE" text file as part of its
distribution, then any Derivative Works that You distribute must
include a readable copy of the attribution notices contained
within such NOTICE file, excluding those notices that do not
pertain to any part of the Derivative Works, in at least one
of the following places: within a NOTICE text file distributed
as part of the Derivative Works; within the Source form or
documentation, if provided along with the Derivative Works; or,
within a display generated by the Derivative Works, if and
wherever such third-party notices normally appear. The contents
of the NOTICE file are for informational purposes only and
do not modify the License. You may add Your own attribution
notices within Derivative Works that You distribute, alongside
or as an addendum to the NOTICE text from the Work, provided
that such additional attribution notices cannot be construed
as modifying the License.
You may add Your own copyright statement to Your modifications and
may provide additional or different license terms and conditions
for use, reproduction, or distribution of Your modifications, or
for any such Derivative Works as a whole, provided Your use,
reproduction, and distribution of the Work otherwise complies with
the conditions stated in this License.
5. Submission of Contributions. Unless You explicitly state otherwise,
any Contribution intentionally submitted for inclusion in the Work
by You to the Licensor shall be under the terms and conditions of
this License, without any additional terms or conditions.
Notwithstanding the above, nothing herein shall supersede or modify
the terms of any separate license agreement you may have executed
with Licensor regarding such Contributions.
6. Trademarks. This License does not grant permission to use the trade
names, trademarks, service marks, or product names of the Licensor,
except as required for reasonable and customary use in describing the
origin of the Work and reproducing the content of the NOTICE file.
7. Disclaimer of Warranty. Unless required by applicable law or
agreed to in writing, Licensor provides the Work (and each
Contributor provides its Contributions) on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
implied, including, without limitation, any warranties or conditions
of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
PARTICULAR PURPOSE. You are solely responsible for determining the
appropriateness of using or redistributing the Work and assume any
risks associated with Your exercise of permissions under this License.
8. Limitation of Liability. In no event and under no legal theory,
whether in tort (including negligence), contract, or otherwise,
unless required by applicable law (such as deliberate and grossly
negligent acts) or agreed to in writing, shall any Contributor be
liable to You for damages, including any direct, indirect, special,
incidental, or consequential damages of any character arising as a
result of this License or out of the use or inability to use the
Work (including but not limited to damages for loss of goodwill,
work stoppage, computer failure or malfunction, or any and all
other commercial damages or losses), even if such Contributor
has been advised of the possibility of such damages.
9. Accepting Warranty or Additional Liability. While redistributing
the Work or Derivative Works thereof, You may choose to offer,
and charge a fee for, acceptance of support, warranty, indemnity,
or other liability obligations and/or rights consistent with this
License. However, in accepting such obligations, You may act only
on Your own behalf and on Your sole responsibility, not on behalf
of any other Contributor, and only if You agree to indemnify,
defend, and hold each Contributor harmless for any liability
incurred by, or claims asserted against, such Contributor by reason
of your accepting any such warranty or additional liability.
END OF TERMS AND CONDITIONS
APPENDIX: How to apply the Apache License to your work.
To apply the Apache License to your work, attach the following
boilerplate notice, with the fields enclosed by brackets "{}"
replaced with your own identifying information. (Don't include
the brackets!) The text should be enclosed in the appropriate
comment syntax for the file format. We also recommend that a
file or class name and description of purpose be included on the
same "printed page" as the copyright notice for easier
identification within third-party archives.
Copyright {yyyy} {name of copyright owner}
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.

View File

@ -1,22 +0,0 @@
Pin apt packages
################
:tags: openstack, apt, pinning, cloud, ansible
:category: \*nix
Role for pinning apt packages.
Example Ansible play
.. code-block:: yaml
- name: Pin packages on all "hosts"
hosts: hosts
user: root
roles:
- { role: "apt_package_pinning", tags: [ "apt-package-pinning" ] }
vars:
apt_pinned_packages:
- { package: "lxc", version: "1.0.7-0ubuntu0.1" }
- { package: "libvirt-bin", version: "1.2.2-0ubuntu13.1.9" }
- { package: "rabbitmq-server", origin: "www.rabbitmq.com" }
- { package: "*", release: "MariaDB" }

View File

@ -1,16 +0,0 @@
---
# Copyright 2014, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
apt_package_pinning_priority: 900

View File

@ -1,32 +0,0 @@
---
# Copyright 2014, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
galaxy_info:
author: rcbops
description: Pinning of apt packages
company: Rackspace
license: Apache2
min_ansible_version: 1.6.6
platforms:
- name: Ubuntu
versions:
- trusty
categories:
- cloud
- apt
- pinning
- development
- openstack
dependencies: []

View File

@ -1,20 +0,0 @@
---
# Copyright 2014, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Add apt pin preferences
template:
src: apt_pinned_packages.perf.j2
dest: /etc/apt/preferences.d/openstack_pinned_packages.pref
when: apt_pinned_packages is defined

View File

@ -1,23 +0,0 @@
# {{ ansible_managed }}
{% for item in apt_pinned_packages %}
{% if item.version is defined %}
Package: {{ item.package }}
Pin: version {{ item.version }}
Pin-Priority: {{ item.priority | default(apt_package_pinning_priority) }}
{% endif %}
{% if item.origin is defined %}
Package: {{ item.package }}
Pin: origin {{ item.origin }}
Pin-Priority: {{ item.priority | default(apt_package_pinning_priority) }}
{% endif %}
{% if item.release is defined %}
Package: {{ item.package }}
Pin: release o={{ item.release }}
Pin-Priority: {{ item.priority | default(apt_package_pinning_priority) }}
{% endif %}
{% endfor %}

View File

@ -1,85 +0,0 @@
OpenStack LXC container create
##############################
:tags: openstack, lxc, container, cloud, ansible
:category: \*nix
contributor guidelines
^^^^^^^^^^^^^^^^^^^^^^
Filing Bugs
-----------
Bugs should be filed on Launchpad, not GitHub: "https://bugs.launchpad.net/openstack-ansible"
When submitting a bug, or working on a bug, please ensure the following criteria are met:
* The description clearly states or describes the original problem or root cause of the problem.
* Include historical information on how the problem was identified.
* Any relevant logs are included.
* The provided information should be totally self-contained. External access to web services/sites should not be needed.
* Steps to reproduce the problem if possible.
Submitting Code
---------------
Changes to the project should be submitted for review via the Gerrit tool, following
the workflow documented at: "http://docs.openstack.org/infra/manual/developers.html#development-workflow"
Pull requests submitted through GitHub will be ignored and closed without regard.
Extra
-----
Tags:
If it's a bug that needs fixing in a branch in addition to Master, add a '\<release\>-backport-potential' tag (eg ``juno-backport-potential``). There are predefined tags that will autocomplete.
Status:
Please leave this alone, it should be New till someone triages the issue.
Importance:
Should only be touched if it is a Blocker/Gating issue. If it is, please set to High, and only use Critical if you have found a bug that can take down whole infrastructures.
Style guide
-----------
When creating tasks and other roles for use in Ansible please create then using the YAML dictionary format.
Example YAML dictionary format:
.. code-block:: yaml
- name: The name of the tasks
module_name:
thing1: "some-stuff"
thing2: "some-other-stuff"
tags:
- some-tag
- some-other-tag
Example **NOT** in YAML dictionary format:
.. code-block:: yaml
- name: The name of the tasks
module_name: thing1="some-stuff" thing2="some-other-stuff"
tags:
- some-tag
- some-other-tag
Usage of the ">" and "|" operators should be limited to Ansible conditionals and command modules such as the ansible ``shell`` module.
Issues
------
When submitting an issue, or working on an issue please ensure the following criteria are met:
* The description clearly states or describes the original problem or root cause of the problem.
* Include historical information on how the problem was identified.
* Any relevant logs are included.
* If the issue is a bug that needs fixing in a branch other than Master, add the backport potential tag TO THE ISSUE (not the PR).
* The provided information should be totally self-contained. External access to web services/sites should not be needed.
* If the issue is needed for a hotfix release, add the 'expedite' label.
* Steps to reproduce the problem if possible.

View File

@ -1,202 +0,0 @@
Apache License
Version 2.0, January 2004
http://www.apache.org/licenses/
TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
1. Definitions.
"License" shall mean the terms and conditions for use, reproduction,
and distribution as defined by Sections 1 through 9 of this document.
"Licensor" shall mean the copyright owner or entity authorized by
the copyright owner that is granting the License.
"Legal Entity" shall mean the union of the acting entity and all
other entities that control, are controlled by, or are under common
control with that entity. For the purposes of this definition,
"control" means (i) the power, direct or indirect, to cause the
direction or management of such entity, whether by contract or
otherwise, or (ii) ownership of fifty percent (50%) or more of the
outstanding shares, or (iii) beneficial ownership of such entity.
"You" (or "Your") shall mean an individual or Legal Entity
exercising permissions granted by this License.
"Source" form shall mean the preferred form for making modifications,
including but not limited to software source code, documentation
source, and configuration files.
"Object" form shall mean any form resulting from mechanical
transformation or translation of a Source form, including but
not limited to compiled object code, generated documentation,
and conversions to other media types.
"Work" shall mean the work of authorship, whether in Source or
Object form, made available under the License, as indicated by a
copyright notice that is included in or attached to the work
(an example is provided in the Appendix below).
"Derivative Works" shall mean any work, whether in Source or Object
form, that is based on (or derived from) the Work and for which the
editorial revisions, annotations, elaborations, or other modifications
represent, as a whole, an original work of authorship. For the purposes
of this License, Derivative Works shall not include works that remain
separable from, or merely link (or bind by name) to the interfaces of,
the Work and Derivative Works thereof.
"Contribution" shall mean any work of authorship, including
the original version of the Work and any modifications or additions
to that Work or Derivative Works thereof, that is intentionally
submitted to Licensor for inclusion in the Work by the copyright owner
or by an individual or Legal Entity authorized to submit on behalf of
the copyright owner. For the purposes of this definition, "submitted"
means any form of electronic, verbal, or written communication sent
to the Licensor or its representatives, including but not limited to
communication on electronic mailing lists, source code control systems,
and issue tracking systems that are managed by, or on behalf of, the
Licensor for the purpose of discussing and improving the Work, but
excluding communication that is conspicuously marked or otherwise
designated in writing by the copyright owner as "Not a Contribution."
"Contributor" shall mean Licensor and any individual or Legal Entity
on behalf of whom a Contribution has been received by Licensor and
subsequently incorporated within the Work.
2. Grant of Copyright License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
copyright license to reproduce, prepare Derivative Works of,
publicly display, publicly perform, sublicense, and distribute the
Work and such Derivative Works in Source or Object form.
3. Grant of Patent License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
(except as stated in this section) patent license to make, have made,
use, offer to sell, sell, import, and otherwise transfer the Work,
where such license applies only to those patent claims licensable
by such Contributor that are necessarily infringed by their
Contribution(s) alone or by combination of their Contribution(s)
with the Work to which such Contribution(s) was submitted. If You
institute patent litigation against any entity (including a
cross-claim or counterclaim in a lawsuit) alleging that the Work
or a Contribution incorporated within the Work constitutes direct
or contributory patent infringement, then any patent licenses
granted to You under this License for that Work shall terminate
as of the date such litigation is filed.
4. Redistribution. You may reproduce and distribute copies of the
Work or Derivative Works thereof in any medium, with or without
modifications, and in Source or Object form, provided that You
meet the following conditions:
(a) You must give any other recipients of the Work or
Derivative Works a copy of this License; and
(b) You must cause any modified files to carry prominent notices
stating that You changed the files; and
(c) You must retain, in the Source form of any Derivative Works
that You distribute, all copyright, patent, trademark, and
attribution notices from the Source form of the Work,
excluding those notices that do not pertain to any part of
the Derivative Works; and
(d) If the Work includes a "NOTICE" text file as part of its
distribution, then any Derivative Works that You distribute must
include a readable copy of the attribution notices contained
within such NOTICE file, excluding those notices that do not
pertain to any part of the Derivative Works, in at least one
of the following places: within a NOTICE text file distributed
as part of the Derivative Works; within the Source form or
documentation, if provided along with the Derivative Works; or,
within a display generated by the Derivative Works, if and
wherever such third-party notices normally appear. The contents
of the NOTICE file are for informational purposes only and
do not modify the License. You may add Your own attribution
notices within Derivative Works that You distribute, alongside
or as an addendum to the NOTICE text from the Work, provided
that such additional attribution notices cannot be construed
as modifying the License.
You may add Your own copyright statement to Your modifications and
may provide additional or different license terms and conditions
for use, reproduction, or distribution of Your modifications, or
for any such Derivative Works as a whole, provided Your use,
reproduction, and distribution of the Work otherwise complies with
the conditions stated in this License.
5. Submission of Contributions. Unless You explicitly state otherwise,
any Contribution intentionally submitted for inclusion in the Work
by You to the Licensor shall be under the terms and conditions of
this License, without any additional terms or conditions.
Notwithstanding the above, nothing herein shall supersede or modify
the terms of any separate license agreement you may have executed
with Licensor regarding such Contributions.
6. Trademarks. This License does not grant permission to use the trade
names, trademarks, service marks, or product names of the Licensor,
except as required for reasonable and customary use in describing the
origin of the Work and reproducing the content of the NOTICE file.
7. Disclaimer of Warranty. Unless required by applicable law or
agreed to in writing, Licensor provides the Work (and each
Contributor provides its Contributions) on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
implied, including, without limitation, any warranties or conditions
of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
PARTICULAR PURPOSE. You are solely responsible for determining the
appropriateness of using or redistributing the Work and assume any
risks associated with Your exercise of permissions under this License.
8. Limitation of Liability. In no event and under no legal theory,
whether in tort (including negligence), contract, or otherwise,
unless required by applicable law (such as deliberate and grossly
negligent acts) or agreed to in writing, shall any Contributor be
liable to You for damages, including any direct, indirect, special,
incidental, or consequential damages of any character arising as a
result of this License or out of the use or inability to use the
Work (including but not limited to damages for loss of goodwill,
work stoppage, computer failure or malfunction, or any and all
other commercial damages or losses), even if such Contributor
has been advised of the possibility of such damages.
9. Accepting Warranty or Additional Liability. While redistributing
the Work or Derivative Works thereof, You may choose to offer,
and charge a fee for, acceptance of support, warranty, indemnity,
or other liability obligations and/or rights consistent with this
License. However, in accepting such obligations, You may act only
on Your own behalf and on Your sole responsibility, not on behalf
of any other Contributor, and only if You agree to indemnify,
defend, and hold each Contributor harmless for any liability
incurred by, or claims asserted against, such Contributor by reason
of your accepting any such warranty or additional liability.
END OF TERMS AND CONDITIONS
APPENDIX: How to apply the Apache License to your work.
To apply the Apache License to your work, attach the following
boilerplate notice, with the fields enclosed by brackets "{}"
replaced with your own identifying information. (Don't include
the brackets!) The text should be enclosed in the appropriate
comment syntax for the file format. We also recommend that a
file or class name and description of purpose be included on the
same "printed page" as the copyright notice for easier
identification within third-party archives.
Copyright {yyyy} {name of copyright owner}
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.

View File

@ -1,81 +0,0 @@
OpenStack LXC container create
##############################
:tags: openstack, lxc, container, cloud, ansible
:category: \*nix
Role for creating LXC containers. This role has been setup for use in OpenStack. This role will create several directories on the LXC host for use in bind mounted storage within the container.
Example Play:
.. code-block:: yaml
- name: Create container(s)
hosts: all_containers
gather_facts: false
user: root
roles:
- { role: "lxc_container_create", tags: [ "lxc-container-create" ] }
Example Inventory:
.. code-block:: json
{
"all_containers": {
"children": [
"group_of_containers"
],
"hosts": []
},
"lxc_hosts": {
"children": [],
"hosts": [
"infra1"
]
},
"group_of_containers": {
"children": [],
"hosts": [
"container1"
]
},
"_meta": {
"hostvars": {
"infra1": {
"ansible_ssh_host": "192.168.0.1",
"container_address": "192.168.0.1",
"container_name": "infra1",
"container_networks": {
"management_address": {
"bridge": "br-mgmt",
"interface": "eth1",
"netmask": "255.255.252.0",
"type": "veth"
}
},
"properties": {
"container_release": "trusty",
"is_metal": true
}
},
"container1": {
"ansible_ssh_host": "10.0.0.1",
"container_address": "10.0.0.1",
"container_name": "container1",
"container_networks": {
"management_address": {
"address": "10.0.0.1",
"bridge": "br-mgmt",
"interface": "eth1",
"netmask": "255.255.252.0",
"type": "veth"
}
},
"physical_host": "infra1",
"physical_host_group": "lxc_hosts",
"properties": {
"container_release": "trusty",
}
}
}
}
}

View File

@ -1,81 +0,0 @@
---
# Copyright 2014, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
lxc_container_config: /etc/lxc/lxc-openstack.conf
# Default container template to build from
lxc_container_template: ubuntu
# lxc container rootfs directory and cache path
lxc_container_directory: "/var/lib/lxc"
lxc_container_cache_path: "/var/cache/lxc"
lxc_container_rootfs_directory: "{{ lxc_container_directory }}/{{ container_name }}/rootfs"
# container_fs.* is only used with building on an LVM backend
lxc_container_fs_size: 5G
lxc_container_fs_type: ext4
# Default store is lvm, however will fall back to dir if the
# container_volume_group is not found.
lxc_container_backing_store: lvm
lxc_container_vg_name: lxc
# Default image to build from
lxc_container_release: trusty
lxc_container_user_name: ubuntu
lxc_container_user_password: "{{ lookup('pipe', 'date --rfc-3339=ns | sha512sum | base64 | head -c 32') }}"
lxc_container_template_options: >
--release {{ lxc_container_release }}
--user {{ lxc_container_user_name }}
--password {{ lxc_container_user_password }}
lxc_container_template_main_apt_repo: "https://mirror.rackspace.com/ubuntu"
lxc_container_template_security_apt_repo: "https://mirror.rackspace.com/ubuntu"
lxc_container_default_interfaces: |
# The loopback network interface
auto lo
iface lo inet loopback
# LXC interface, this is ALWAYS assumed to be DHCP.
auto eth0
iface eth0 inet dhcp
# Load any additional configs
source /etc/network/interfaces.d/*.cfg
# The container interface variable is a a default object that assume the
# Ansible iterator type is `with_dict`.
lxc_container_interface: |
### start generated network for [ {{ item.value.interface }} ] ###
auto {{ item.value.interface }}
{% if item.value.address is defined %}
iface {{ item.value.interface }} inet static
address {{ item.value.address }}
netmask {{ item.value.netmask }}
# needed to enable gratuitous arps on interface events
post-up sysctl -w net.ipv4.conf.$IFACE.arp_notify=1
# needed to force an interface event (setting mac to what it already is)
post-up ip link set $IFACE address $(cat /sys/class/net/$IFACE/address)
{% if item.value.gateway is defined %}
gateway {{ item.value.gateway }}
{% endif %}
{% if item.value.static_routes is defined %}
{% for route in item.value.static_routes %}
post-up ip route add {{ route['cidr'] }} via {{ route['gateway'] }} || true
{% endfor %}
{% endif %}
{% else %}
iface {{ item.value.interface }} inet manual
{% endif %}
### end generated network for [ {{ item.value.interface }} ] ###

View File

@ -1,28 +0,0 @@
---
# Copyright 2014, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Lxc container restart
lxc_container:
name: "{{ inventory_hostname }}"
state: "stopped"
notify:
- Start Container
delegate_to: "{{ physical_host }}"
- name: Start Container
lxc_container:
name: "{{ inventory_hostname }}"
state: "started"
delegate_to: "{{ physical_host }}"

View File

@ -1,33 +0,0 @@
---
# Copyright 2014, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
galaxy_info:
author: rcbops
description: Create an LXC container
company: Rackspace
license: Apache2
min_ansible_version: 1.6.6
platforms:
- name: Ubuntu
versions:
- trusty
categories:
- cloud
- lxc
- container
- python
- development
- openstack
dependencies: []

View File

@ -1,214 +0,0 @@
---
# Copyright 2014, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Check for lxc volume group
shell: "(which vgs > /dev/null && vgs | grep -o '{{ lxc_container_vg_name }}') || false"
register: vg_result
failed_when: false
changed_when: vg_result.rc != 0
delegate_to: "{{ physical_host }}"
tags:
- lxc-container-vg-detect
- name: Set container backend "dir" if "lvm" not found
set_fact:
lxc_container_backing_store: dir
when: vg_result.rc != 0
delegate_to: "{{ physical_host }}"
tags:
- lxc-container-vg-detect
- name: Container service directories
file:
path: "{{ item }}"
state: "directory"
with_items:
- "/openstack/{{ inventory_hostname }}"
- "/openstack/backup/{{ inventory_hostname }}"
- "/openstack/log/{{ inventory_hostname }}"
- "{{ lxc_container_directory }}/{{ inventory_hostname }}"
delegate_to: "{{ physical_host }}"
tags:
- lxc-container-directories
- name: LXC autodev setup
template:
src: "autodev.j2"
dest: "/var/lib/lxc/{{ inventory_hostname }}/autodev"
owner: "root"
group: "root"
mode: "0755"
delegate_to: "{{ physical_host }}"
tags:
- lxc-container-autodev
- name: Create container
lxc_container:
name: "{{ inventory_hostname }}"
container_log: "true"
config: "{{ properties.container_config|default(lxc_container_config) }}"
template: "{{ properties.container_template|default(lxc_container_template) }}"
state: started
backing_store: "{{ properties.container_backing_store|default(lxc_container_backing_store) }}"
directory: "{{ lxc_container_rootfs_directory }}"
fs_size: "{{ properties.container_fs_size|default(lxc_container_fs_size) }}"
fs_type: "{{ properties.container_fs_type|default(lxc_container_fs_type) }}"
vg_name: "{{ properties.container_vg_name|default(lxc_container_vg_name) }}"
template_options: "{{ lxc_container_template_options }}"
container_command: |
if [ -f "/usr/lib/systemd/system/poweroff.target" ];then
ln -sf /usr/lib/systemd/system/poweroff.target /etc/systemd/system/sigpwr.target || true
fi
ln -s /dev/null /etc/systemd/system/systemd-udevd.service || true
ln -s /dev/null /etc/systemd/system/systemd-udevd-control.socket || true
ln -s /dev/null /etc/systemd/system/systemd-udevd-kernel.socket || true
ln -s /dev/null /etc/systemd/system/proc-sys-fs-binfmt_misc.automount || true
echo -e '{{ lxc_container_default_interfaces }}' | tee /etc/network/interfaces
container_config:
- "lxc.autodev=1"
- "lxc.pts=1024"
- "lxc.kmsg=0"
- "lxc.hook.autodev=/var/lib/lxc/{{ inventory_hostname }}/autodev"
delegate_to: "{{ physical_host }}"
tags:
- lxc-container-create
- name: Load container service mounts and profile
lxc_container:
name: "{{ inventory_hostname }}"
container_command: |
mkdir -p /var/backup
mkdir -p /var/log/{{ properties.log_directory | default(properties.service_name) }}
container_config:
- "lxc.mount.entry=/openstack/backup/{{ inventory_hostname }} var/backup none defaults,bind,rw 0 0"
- "lxc.mount.entry=/openstack/log/{{ inventory_hostname }} var/log/{{ properties.log_directory | default(properties.service_name) }} none defaults,bind,rw 0 0"
when: properties.service_name is defined
delegate_to: "{{ physical_host }}"
tags:
- lxc-container-service-config
- name: Container network interfaces
lxc_container:
name: "{{ inventory_hostname }}"
container_command: |
if [ ! -d "/etc/network/interfaces.d" ];then
mkdir -p /etc/network/interfaces.d
fi
echo -e '{{ lxc_container_interface }}' | tee /etc/network/interfaces.d/{{ item.value.interface }}.cfg
with_dict: container_networks|default({})
delegate_to: "{{ physical_host }}"
tags:
- lxc-container-networks
- name: LXC host config for container networks
template:
src: "container-interface.ini.j2"
dest: "/var/lib/lxc/{{ inventory_hostname }}/{{ item.value.interface }}.ini"
owner: "root"
group: "root"
mode: "0644"
with_dict: container_networks|default({})
notify:
- Lxc container restart
delegate_to: "{{ physical_host }}"
tags:
- lxc-container-networks
# NOTE(major): the lxc.network.veth.pair line must appear *immediately* after
# the lxc.network.name congfiguration line or it will be ignored. That's why
# you'll find a "insertafter" in this YAML block.
- name: Add veth pair name to match container name
lineinfile:
dest: "/var/lib/lxc/{{ inventory_hostname }}/config"
line: "lxc.network.veth.pair = {{ inventory_hostname[-8:].replace('-', '').replace('_', '') }}_eth0"
insertafter: "^lxc.network.name"
backup: "true"
delegate_to: "{{ physical_host }}"
tags:
- lxc-container-networks
- name: Container network includes
lineinfile:
dest: "/var/lib/lxc/{{ inventory_hostname }}/config"
line: "lxc.include = /var/lib/lxc/{{ inventory_hostname }}/{{ item.value.interface }}.ini"
backup: "true"
with_dict: container_networks|default({})
when: >
item.value.interface is defined
notify:
- Lxc container restart
delegate_to: "{{ physical_host }}"
tags:
- lxc-container-networks
# Adds post-down and pre-start hooks
- name: Drop veth cleanup script
template:
src: "veth-cleanup.sh.j2"
dest: "/var/lib/lxc/{{ inventory_hostname }}/veth-cleanup.sh"
owner: "root"
group: "root"
mode: "0755"
delegate_to: "{{ physical_host }}"
tags:
- lxc-container-networks
# This is being defined due to an issue with dangling veth pairs.
# TODO(someone) This should be removed once an upstream patch has
# been submitted to either the kernel or LXC to fix the veth issues.
# Container restart is not happening here because it's not needed.
- name: Defines a pre and post hook script
lineinfile:
dest: "/var/lib/lxc/{{ inventory_hostname }}/config"
line: "{{ item }}"
backup: "true"
with_items:
- "lxc.hook.pre-start = /var/lib/lxc/{{ inventory_hostname }}/veth-cleanup.sh"
- "lxc.hook.post-stop = /var/lib/lxc/{{ inventory_hostname }}/veth-cleanup.sh"
delegate_to: "{{ physical_host }}"
tags:
- lxc-container-networks
# Flush the handlers to ensure the container and networking is online.
- meta: flush_handlers
# Resets the container user's password using lxc_container because Python2.7
# may not be installed at this point.
- name: Force container user password set
lxc_container:
name: "{{ inventory_hostname }}"
container_command: |
getent passwd "{{ lxc_container_user_name }}" &&
echo "{{ lxc_container_user_name }}:{{ lxc_container_user_password }}" | chpasswd
delegate_to: "{{ physical_host }}"
no_log: True
tags:
- lxc-container-user-password-regen
# Setup proxy configs, this is done here to ensure that we have our container proxy setup
# prior to running online commands. This is using lxc_container because python2.7 may not be
# installed at this point.
- name: Run proxy config
lxc_container:
name: "{{ inventory_hostname }}"
container_command: |
if ! grep '{{ item.key }}={{ item.value }}' /etc/environment; then
echo '{{ item.key }}={{ item.value }}' | tee -a /etc/environment
fi
with_dict: global_environment_variables | default({})
when: global_environment_variables is defined
delegate_to: "{{ physical_host }}"
tags:
- lxc-container-proxy

View File

@ -1,22 +0,0 @@
---
# Copyright 2014, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- include: container_create.yml
when: >
physical_host is defined and
inventory_hostname is defined and
physical_host != inventory_hostname
tags:
- lxc-container

View File

@ -1,5 +0,0 @@
#!/usr/bin/env bash
cd ${LXC_ROOTFS_MOUNT}/dev
mkdir net
mknod net/tun c 10 200
chmod 0666 net/tun

View File

@ -1,18 +0,0 @@
# {{ ansible_managed }}
# Create a veth pair within the container
lxc.network.type = {{ item.value.type|default('veth') }}
# Network device within the container
lxc.network.name = {{ item.value.interface }}
# Name the veth after the container
# NOTE(major): The lxc.network.veth.pair line must appear right after
# lxc.network.name or it will be ignored.
lxc.network.veth.pair = {{ inventory_hostname[-8:].replace('-', '').replace('_', '') }}_{{ item.value.interface }}
# Host link to attach to, this should be a bridge
lxc.network.link = {{ item.value.bridge }}
# Hardware Address
lxc.network.hwaddr = 00:16:3e:xx:xx:xx
# enable the device on boot
lxc.network.flags = up
# Set the container network MTU
lxc.network.mtu = {{ item.value.mtu|default('1500') }}

View File

@ -1,14 +0,0 @@
#!/usr/bin/env bash
export PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
# LXC eth0 is considered special and not managed by the base container_networks
# data structure. This is being added outside of the loop for this reason.
ip link del {{ inventory_hostname[-8:].replace('-', '').replace('_', '') }}_eth0 || true
logger "LXC container {{ inventory_hostname }} removing veth {{ inventory_hostname[-8:].replace('-', '').replace('_', '') }}_eth0"
# Veth cleanup for items in the container_networks data structure
{% for key, value in container_networks.items() %}
ip link del {{ inventory_hostname[-8:].replace('-', '').replace('_', '') }}_{{ value.interface }} || true
logger "LXC container {{ inventory_hostname }} removing veth {{ inventory_hostname[-8:].replace('-', '').replace('_', '') }}_{{ value.interface }}"
{% endfor %}

View File

@ -1,85 +0,0 @@
OpenStack LXC host setup
########################
:tags: openstack, lxc, host, cloud, ansible
:category: \*nix
contributor guidelines
^^^^^^^^^^^^^^^^^^^^^^
Filing Bugs
-----------
Bugs should be filed on Launchpad, not GitHub: "https://bugs.launchpad.net/openstack-ansible"
When submitting a bug, or working on a bug, please ensure the following criteria are met:
* The description clearly states or describes the original problem or root cause of the problem.
* Include historical information on how the problem was identified.
* Any relevant logs are included.
* The provided information should be totally self-contained. External access to web services/sites should not be needed.
* Steps to reproduce the problem if possible.
Submitting Code
---------------
Changes to the project should be submitted for review via the Gerrit tool, following
the workflow documented at: "http://docs.openstack.org/infra/manual/developers.html#development-workflow"
Pull requests submitted through GitHub will be ignored and closed without regard.
Extra
-----
Tags:
If it's a bug that needs fixing in a branch in addition to Master, add a '\<release\>-backport-potential' tag (eg ``juno-backport-potential``). There are predefined tags that will autocomplete.
Status:
Please leave this alone, it should be New till someone triages the issue.
Importance:
Should only be touched if it is a Blocker/Gating issue. If it is, please set to High, and only use Critical if you have found a bug that can take down whole infrastructures.
Style guide
-----------
When creating tasks and other roles for use in Ansible please create then using the YAML dictionary format.
Example YAML dictionary format:
.. code-block:: yaml
- name: The name of the tasks
module_name:
thing1: "some-stuff"
thing2: "some-other-stuff"
tags:
- some-tag
- some-other-tag
Example **NOT** in YAML dictionary format:
.. code-block:: yaml
- name: The name of the tasks
module_name: thing1="some-stuff" thing2="some-other-stuff"
tags:
- some-tag
- some-other-tag
Usage of the ">" and "|" operators should be limited to Ansible conditionals and command modules such as the ansible ``shell`` module.
Issues
------
When submitting an issue, or working on an issue please ensure the following criteria are met:
* The description clearly states or describes the original problem or root cause of the problem.
* Include historical information on how the problem was identified.
* Any relevant logs are included.
* If the issue is a bug that needs fixing in a branch other than Master, add the backport potential tag TO THE ISSUE (not the PR).
* The provided information should be totally self-contained. External access to web services/sites should not be needed.
* If the issue is needed for a hotfix release, add the 'expedite' label.
* Steps to reproduce the problem if possible.

View File

@ -1,202 +0,0 @@
Apache License
Version 2.0, January 2004
http://www.apache.org/licenses/
TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
1. Definitions.
"License" shall mean the terms and conditions for use, reproduction,
and distribution as defined by Sections 1 through 9 of this document.
"Licensor" shall mean the copyright owner or entity authorized by
the copyright owner that is granting the License.
"Legal Entity" shall mean the union of the acting entity and all
other entities that control, are controlled by, or are under common
control with that entity. For the purposes of this definition,
"control" means (i) the power, direct or indirect, to cause the
direction or management of such entity, whether by contract or
otherwise, or (ii) ownership of fifty percent (50%) or more of the
outstanding shares, or (iii) beneficial ownership of such entity.
"You" (or "Your") shall mean an individual or Legal Entity
exercising permissions granted by this License.
"Source" form shall mean the preferred form for making modifications,
including but not limited to software source code, documentation
source, and configuration files.
"Object" form shall mean any form resulting from mechanical
transformation or translation of a Source form, including but
not limited to compiled object code, generated documentation,
and conversions to other media types.
"Work" shall mean the work of authorship, whether in Source or
Object form, made available under the License, as indicated by a
copyright notice that is included in or attached to the work
(an example is provided in the Appendix below).
"Derivative Works" shall mean any work, whether in Source or Object
form, that is based on (or derived from) the Work and for which the
editorial revisions, annotations, elaborations, or other modifications
represent, as a whole, an original work of authorship. For the purposes
of this License, Derivative Works shall not include works that remain
separable from, or merely link (or bind by name) to the interfaces of,
the Work and Derivative Works thereof.
"Contribution" shall mean any work of authorship, including
the original version of the Work and any modifications or additions
to that Work or Derivative Works thereof, that is intentionally
submitted to Licensor for inclusion in the Work by the copyright owner
or by an individual or Legal Entity authorized to submit on behalf of
the copyright owner. For the purposes of this definition, "submitted"
means any form of electronic, verbal, or written communication sent
to the Licensor or its representatives, including but not limited to
communication on electronic mailing lists, source code control systems,
and issue tracking systems that are managed by, or on behalf of, the
Licensor for the purpose of discussing and improving the Work, but
excluding communication that is conspicuously marked or otherwise
designated in writing by the copyright owner as "Not a Contribution."
"Contributor" shall mean Licensor and any individual or Legal Entity
on behalf of whom a Contribution has been received by Licensor and
subsequently incorporated within the Work.
2. Grant of Copyright License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
copyright license to reproduce, prepare Derivative Works of,
publicly display, publicly perform, sublicense, and distribute the
Work and such Derivative Works in Source or Object form.
3. Grant of Patent License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
(except as stated in this section) patent license to make, have made,
use, offer to sell, sell, import, and otherwise transfer the Work,
where such license applies only to those patent claims licensable
by such Contributor that are necessarily infringed by their
Contribution(s) alone or by combination of their Contribution(s)
with the Work to which such Contribution(s) was submitted. If You
institute patent litigation against any entity (including a
cross-claim or counterclaim in a lawsuit) alleging that the Work
or a Contribution incorporated within the Work constitutes direct
or contributory patent infringement, then any patent licenses
granted to You under this License for that Work shall terminate
as of the date such litigation is filed.
4. Redistribution. You may reproduce and distribute copies of the
Work or Derivative Works thereof in any medium, with or without
modifications, and in Source or Object form, provided that You
meet the following conditions:
(a) You must give any other recipients of the Work or
Derivative Works a copy of this License; and
(b) You must cause any modified files to carry prominent notices
stating that You changed the files; and
(c) You must retain, in the Source form of any Derivative Works
that You distribute, all copyright, patent, trademark, and
attribution notices from the Source form of the Work,
excluding those notices that do not pertain to any part of
the Derivative Works; and
(d) If the Work includes a "NOTICE" text file as part of its
distribution, then any Derivative Works that You distribute must
include a readable copy of the attribution notices contained
within such NOTICE file, excluding those notices that do not
pertain to any part of the Derivative Works, in at least one
of the following places: within a NOTICE text file distributed
as part of the Derivative Works; within the Source form or
documentation, if provided along with the Derivative Works; or,
within a display generated by the Derivative Works, if and
wherever such third-party notices normally appear. The contents
of the NOTICE file are for informational purposes only and
do not modify the License. You may add Your own attribution
notices within Derivative Works that You distribute, alongside
or as an addendum to the NOTICE text from the Work, provided
that such additional attribution notices cannot be construed
as modifying the License.
You may add Your own copyright statement to Your modifications and
may provide additional or different license terms and conditions
for use, reproduction, or distribution of Your modifications, or
for any such Derivative Works as a whole, provided Your use,
reproduction, and distribution of the Work otherwise complies with
the conditions stated in this License.
5. Submission of Contributions. Unless You explicitly state otherwise,
any Contribution intentionally submitted for inclusion in the Work
by You to the Licensor shall be under the terms and conditions of
this License, without any additional terms or conditions.
Notwithstanding the above, nothing herein shall supersede or modify
the terms of any separate license agreement you may have executed
with Licensor regarding such Contributions.
6. Trademarks. This License does not grant permission to use the trade
names, trademarks, service marks, or product names of the Licensor,
except as required for reasonable and customary use in describing the
origin of the Work and reproducing the content of the NOTICE file.
7. Disclaimer of Warranty. Unless required by applicable law or
agreed to in writing, Licensor provides the Work (and each
Contributor provides its Contributions) on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
implied, including, without limitation, any warranties or conditions
of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
PARTICULAR PURPOSE. You are solely responsible for determining the
appropriateness of using or redistributing the Work and assume any
risks associated with Your exercise of permissions under this License.
8. Limitation of Liability. In no event and under no legal theory,
whether in tort (including negligence), contract, or otherwise,
unless required by applicable law (such as deliberate and grossly
negligent acts) or agreed to in writing, shall any Contributor be
liable to You for damages, including any direct, indirect, special,
incidental, or consequential damages of any character arising as a
result of this License or out of the use or inability to use the
Work (including but not limited to damages for loss of goodwill,
work stoppage, computer failure or malfunction, or any and all
other commercial damages or losses), even if such Contributor
has been advised of the possibility of such damages.
9. Accepting Warranty or Additional Liability. While redistributing
the Work or Derivative Works thereof, You may choose to offer,
and charge a fee for, acceptance of support, warranty, indemnity,
or other liability obligations and/or rights consistent with this
License. However, in accepting such obligations, You may act only
on Your own behalf and on Your sole responsibility, not on behalf
of any other Contributor, and only if You agree to indemnify,
defend, and hold each Contributor harmless for any liability
incurred by, or claims asserted against, such Contributor by reason
of your accepting any such warranty or additional liability.
END OF TERMS AND CONDITIONS
APPENDIX: How to apply the Apache License to your work.
To apply the Apache License to your work, attach the following
boilerplate notice, with the fields enclosed by brackets "{}"
replaced with your own identifying information. (Don't include
the brackets!) The text should be enclosed in the appropriate
comment syntax for the file format. We also recommend that a
file or class name and description of purpose be included on the
same "printed page" as the copyright notice for easier
identification within third-party archives.
Copyright {yyyy} {name of copyright owner}
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.

View File

@ -1,14 +0,0 @@
OpenStack LXC host setup
########################
:tags: openstack, lxc, host, cloud, ansible
:category: \*nix
Role for deployment and setup of an LXC host.
.. code-block:: yaml
- name: Basic lxc host setup
hosts: "hosts"
user: root
roles:
- { role: "lxc_hosts", tags: [ "lxc-host", "host-setup" ] }

View File

@ -1,100 +0,0 @@
---
# Copyright 2014, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# lxc container rootfs directory and cache path
lxc_container_directory: "/var/lib/lxc"
lxc_container_cache_path: "/var/cache/lxc"
# lxc container net network
lxc_net_bridge: lxcbr0
lxc_net_bridge_port: none
lxc_net_address: 10.0.3.1
lxc_net_netmask: 255.255.255.0
lxc_net_gateway: none ## if "none" no gateway will on the LXC bridge, nat must be "false" to use a gateway.
# lxc container nat enabled
lxc_net_nat: true ## If "true" nat rules will be created with the lxc network.
# lxc container dhcp settings
lxc_net_dhcp_range: 10.0.3.2,10.0.3.253
lxc_net_dhcp_max: 253
lxc_net_dhcp_config: ''
lxc_net_dnsmasq_user: lxc-dnsmasq
lxc_net_domain: ''
# lxc_container_net_link variable should be set to the lxc-net bridge.
lxc_container_net_link: "{{ lxc_net_bridge }}" ## name of the host bridge to attach to
lxc_container_net_type: veth ## lxc network interface type (veth, phys, vlan, macvlan, empty)
lxc_container_net_name: eth0 ## name of the interface inside the container.
# System control kernel tuning
lxc_kernel_options:
- { key: 'fs.inotify.max_user_instances', value: 1024 }
- { key: 'vm.swappiness', value: 10 }
# Default image to build from
lxc_container_release: trusty
lxc_container_user_name: ubuntu
lxc_container_user_password: "{{ lookup('pipe', 'date --rfc-3339=ns | sha512sum | base64 | head -c 32') }}"
lxc_container_template_options: >
--release {{ lxc_container_release }}
--user {{ lxc_container_user_name }}
--password {{ lxc_container_user_password }}
lxc_container_template_main_apt_repo: "https://mirror.rackspace.com/ubuntu"
lxc_container_template_security_apt_repo: "https://mirror.rackspace.com/ubuntu"
# Required apt packages.
lxc_apt_packages:
- apparmor-utils
- bridge-utils
- cgmanager
- cgroup-lite
- debootstrap
- dnsmasq
- git
- liblxc1
- lxc
- lxc-dev
- lxc-templates
- python-dev
- python3-lxc
# Commands to run against cached LXC image
lxc_cache_commands:
- apt-get update
- apt-get -y upgrade
- apt-get -y install python2.7
- rm -f /usr/bin/python
- ln -s /usr/bin/python2.7 /usr/bin/python
lxc_cache_resolvers:
- 'nameserver 8.8.8.8'
- 'nameserver 8.8.4.4'
lxc_cache_sshd_configuration:
- { regexp: "^PermitRootLogin", line: "PermitRootLogin yes" }
- { regexp: "^TCPKeepAlive", line: "TCPKeepAlive yes" }
- { regexp: "^UseDNS", line: "UseDNS no" }
- { regexp: "^X11Forwarding", line: "X11Forwarding no" }
- { regexp: "^PasswordAuthentication", line: "PasswordAuthentication no" }
# Prebuilt images to deploy onto hosts for use in containers.
# lxc_container_caches:
# - url: "https://rpc-repo.rackspace.com/container_images/rpc-trusty-container.tgz"
# name: "trusty.tgz"
# sha256sum: "56c6a6e132ea7d10be2f3e8104f47136ccf408b30e362133f0dc4a0a9adb4d0c"
# chroot_path: trusty/rootfs-amd64

View File

@ -1,35 +0,0 @@
---
# Copyright 2014, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Load lxc-openstack apparmor profile
command: apparmor_parser -Kr /etc/apparmor.d/lxc-containers
- name: Restart apparmor
service:
name: "apparmor"
state: "restarted"
- name: Init reload
command: "initctl reload-configuration"
- name: Restart irqbalance
service:
name: "irqbalance"
state: "restarted"
pattern: "irqbalance"
enabled: "yes"
- name: Bring bridge up
command: "ifup {{ lxc_net_bridge }}"

View File

@ -1,33 +0,0 @@
---
# Copyright 2014, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
galaxy_info:
author: rcbops
description: Deployment of LXC hosts for use in Rackspace Private Cloud
company: Rackspace
license: Apache2
min_ansible_version: 1.6.6
platforms:
- name: Ubuntu
versions:
- trusty
categories:
- cloud
- lxc
- development
- openstack
dependencies:
- apt_package_pinning
- pip_install

View File

@ -1,52 +0,0 @@
---
# Copyright 2014, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Download lxc cache(s)
get_url:
url: "{{ item.url }}"
dest: "/var/cache/lxc_{{ item.name }}"
mode: "0644"
force: no
sha256sum: "{{ item.sha256sum }}"
register: cache_download
retries: 3
delay: 10
until: cache_download|success
with_items: lxc_container_caches
tags:
- lxc-cache
- lxc-cache-download
# Bug in Ansible causes this to fail with UTF-8 characters
# See: https://bugs.launchpad.net/openstack-ansible/+bug/1512736
# - name: Move lxc cached image into place
# unarchive:
# src: "/var/cache/lxc_{{ item.name }}"
# dest: "{{ lxc_container_cache_path }}/"
# copy: "no"
# with_items: lxc_container_caches
# when: cache_download|changed
# tags:
# - lxc-cache
# - lxc-cache-unarchive
- name: Move lxc cached image into place
command: "tar xf /var/cache/lxc_{{ item.name }} -C {{ lxc_container_cache_path }}/"
with_items: lxc_container_caches
when: cache_download|changed
tags:
- lxc-cache
- lxc-cache-unarchive
- skip_ansible_lint

View File

@ -1,102 +0,0 @@
---
# Copyright 2015, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Create apt repos in the cached container
template:
src: sources.list.j2
dest: "{{ lxc_container_cache_path }}/{{ item.chroot_path }}/etc/apt/sources.list"
with_items: lxc_container_caches
tags:
- lxc-cache
- lxc-cache-update
- name: Update container resolvers
template:
src: lxc-resolve-base.j2
dest: "{{ lxc_container_cache_path }}/{{ item.chroot_path }}/run/resolvconf/resolv.conf"
with_items: lxc_container_caches
tags:
- lxc-cache
- lxc-cache-update
- name: Update container resolvconf base
template:
src: lxc-resolve-base.j2
dest: "{{ lxc_container_cache_path }}/{{ item.chroot_path }}/etc/resolvconf/resolv.conf.d/base"
with_items: lxc_container_caches
tags:
- lxc-cache
- lxc-cache-update
- name: Update container resolvconf tail
copy:
content: "# Null Tail"
dest: "{{ lxc_container_cache_path }}/{{ item.chroot_path }}/etc/resolvconf/resolv.conf.d/tail"
with_items: lxc_container_caches
tags:
- lxc-cache
- lxc-cache-update
- name: Update container resolvconf original
copy:
content: "# Null original"
dest: "{{ lxc_container_cache_path }}/{{ item.chroot_path }}/etc/resolvconf/resolv.conf.d/original"
with_items: lxc_container_caches
tags:
- lxc-cache
- lxc-cache-update
# This task runs several commands against the cached image to speed up the
# lxc_container_create playbook.
- name: Prepare cached image
command: "chroot {{ lxc_container_cache_path }}/{{ item[0].chroot_path }} {{ item[1] }}"
with_nested:
- lxc_container_caches
- lxc_cache_commands
when: cache_download|changed
tags:
- lxc-cache
- lxc-cache-update
- name: Adjust sshd configuration in container
lineinfile:
dest: "{{ lxc_container_cache_path }}/{{ item[0].chroot_path }}/etc/ssh/sshd_config"
regexp: "{{ item[1].regexp }}"
line: "{{ item[1].line }}"
state: present
with_nested:
- lxc_container_caches
- lxc_cache_sshd_configuration
tags:
- lxc-cache
- lxc-cache-update
- name: Obtain the system's ssh public key
set_fact:
lxc_container_ssh_key: "{{ lookup('file', '/root/.ssh/id_rsa.pub') }}"
when: lxc_container_ssh_key is not defined
delegate_to: "{{ physical_host }}"
tags:
- lxc-cache
- lxc-cache-update
- name: Deploy ssh public key into the cached image
lineinfile:
dest: "{{ lxc_container_cache_path }}/{{ item.chroot_path }}/root/.ssh/authorized_keys"
line: "{{ lxc_container_ssh_key }}"
with_items: lxc_container_caches
tags:
- lxc-cache
- lxc-cache-update

View File

@ -1,28 +0,0 @@
---
# Copyright 2014, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Ensure dnsmasq stopped
service:
name: "dnsmasq"
state: "stopped"
enabled: "no"
- name: Remove dnsmasq file(s)
file:
path: "{{ item }}"
state: "absent"
with_items:
- /var/run/dnsmasq/resolv.conf
- /etc/dnsmasq.conf

View File

@ -1,50 +0,0 @@
---
# Copyright 2014, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Update apt sources
apt:
update_cache: yes
cache_valid_time: 600
register: apt_update
until: apt_update|success
retries: 5
delay: 2
tags:
- lxc-apt-packages
- name: Install apt packages
apt:
pkg: "{{ item }}"
state: present
register: install_packages
until: install_packages|success
retries: 5
delay: 2
with_items: lxc_apt_packages
tags:
- lxc-apt-packages
# The functionality with changing the container cache has been added into the
# upstream LXC templates with patch [ https://github.com/lxc/lxc/pull/558 ]
# TODO: remove the below patch and pass lxc_container_cache_path to lxc
# templates as appropriate once the lxc update goes mainstream
- name: Patch lxc-ubuntu cache path
replace:
dest: /usr/share/lxc/templates/lxc-ubuntu
regexp: '\$LOCALSTATEDIR/cache/lxc'
replace: "{{ lxc_container_cache_path }}"
backup: yes
tags:
- lxc-cache-path

View File

@ -1,24 +0,0 @@
---
# Copyright 2014, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Tuning kernel for lxc
sysctl:
name: "{{ item.key }}"
value: "{{ item.value }}"
sysctl_set: "{{ item.set|default('yes') }}"
state: "{{ item.state|default('present') }}"
reload: "{{ item.reload|default('yes') }}"
ignore_errors: true
with_items: lxc_kernel_options

View File

@ -1,50 +0,0 @@
---
# Copyright 2014, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Ensure networking includes interfaces.d
lineinfile:
dest: "/etc/network/interfaces"
line: "source /etc/network/interfaces.d/*.cfg"
backup: "yes"
tags:
- lxc-net
- lxc-interfaces
- name: Check Container Bridge exists
file:
state: "file"
path: "/sys/class/net/{{ lxc_net_bridge }}/bridge/bridge_id"
register: bridge_check
failed_when: false
changed_when: bridge_check.state == 'absent'
notify:
- Bring bridge up
tags:
- lxc-net
- lxc-bridge
- name: Drop lxc net bridge
template:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
owner: "{{ item.owner|default('root') }}"
group: "{{ item.group|default('root') }}"
mode: "{{ item.mode|default('0644') }}"
with_items:
- { src: lxc-net-bridge.cfg.j2, dest: "/etc/network/interfaces.d/lxc-net-bridge.cfg" }
tags:
- lxc-files
- lxc-net
- lxc-bridge

View File

@ -1,93 +0,0 @@
---
# Copyright 2014, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Create base directories
file:
path: "{{ item }}"
state: "directory"
owner: "root"
group: "root"
with_items:
- /etc/lxc
- /usr/local/bin
- /etc/network/interfaces.d
- /etc/apparmor.d/lxc
- /usr/share/lxc/templates
- /openstack
- /openstack/backup
- "{{ lxc_container_directory }}"
- "{{ lxc_container_cache_path }}"
tags:
- lxc-directories
- name: Ensure the lxc dnsmasq user exists
user:
name: "{{ lxc_net_dnsmasq_user }}"
comment: "LXC dnsmasq"
system: "yes"
shell: "/bin/false"
home: "/var/lib/lxc"
tags:
- lxc-dnsmasq-user
- name: Drop base config file(s)
template:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
owner: "{{ item.owner|default('root') }}"
group: "{{ item.group|default('root') }}"
mode: "{{ item.mode|default('0644') }}"
with_items:
- { src: lxc-openstack.conf.j2, dest: "/etc/lxc/lxc-openstack.conf" }
- { src: lxc.default.j2, dest: "/etc/default/lxc-net", mode: "0644" }
- { src: lxc-system-manage.j2, dest: "/usr/local/bin/lxc-system-manage", mode: "0755" }
- { src: manual-init.override.j2, dest: "/etc/init/lxc-net.override" }
tags:
- lxc-files
- lxc-config
- name: Drop irqbalance config
template:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
owner: "{{ item.owner|default('root') }}"
group: "{{ item.group|default('root') }}"
mode: "{{ item.mode|default('0644') }}"
with_items:
- { src: irqbalance.j2, dest: "/etc/default/irqbalance" }
notify:
- Restart irqbalance
tags:
- lxc-files
- lxc-irqbalance
- name: Drop lxc-openstack app armor profile
template:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
owner: "{{ item.owner|default('root') }}"
group: "{{ item.group|default('root') }}"
mode: "{{ item.mode|default('0644') }}"
with_items:
- { src: lxc-openstack.apparmor.j2, dest: "/etc/apparmor.d/lxc/lxc-openstack" }
notify:
- Load lxc-openstack apparmor profile
- Restart apparmor
tags:
- lxc-files
- lxc-apparmor
# Ensure apparmor reindex runs before other things that may fail
- meta: flush_handlers

View File

@ -1,25 +0,0 @@
---
# Copyright 2014, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- include: lxc_pre_install.yml
- include: lxc_kernel_tuning.yml
- include: lxc_net.yml
- include: lxc_install.yml
- include: lxc_dnsmasq_cleanup.yml
- include: lxc_cache.yml
- include: lxc_cache_preparation.yml
when: lxc_container_caches is defined
- name: Flush handlers
meta: flush_handlers

View File

@ -1,12 +0,0 @@
# {{ ansible_managed }}
#Configuration for the irqbalance daemon
#Should irqbalance be enabled?
ENABLED="1"
#Balance the IRQs only once?
ONESHOT="0"
# Ignore hints
OPTIONS="--hintpolicy=ignore"

View File

@ -1,25 +0,0 @@
# {{ ansible_managed }}
auto {{ lxc_net_bridge }}
iface {{ lxc_net_bridge }} inet static
address {{ lxc_net_address }}
netmask {{ lxc_net_netmask }}
{% if lxc_net_nat == "true" %}
{% if lxc_net_gateway != "none" %}
gateway {{ lxc_net_gateway }}
{% endif %}
# nat rules start and stop
post-up /usr/local/bin/lxc-system-manage iptables-create
post-down /usr/local/bin/lxc-system-manage iptables-remove
{% endif %}
# dnsmasq start and stop
post-up /usr/local/bin/lxc-system-manage dnsmasq-start || true
post-up /usr/local/bin/lxc-system-manage iptables-create
post-down /usr/local/bin/lxc-system-manage dnsmasq-stop
post-down /usr/local/bin/lxc-system-manage iptables-remove
bridge_fd 0
bridge_maxwait 0
bridge_ports {{ lxc_net_bridge_port }}
bridge_hello 2
bridge_maxage 12
bridge_stp off

View File

@ -1,26 +0,0 @@
# Do not load this file. Rather, load /etc/apparmor.d/lxc-containers, which
# will source all profiles under /etc/apparmor.d/lxc
profile lxc-openstack flags=(attach_disconnected,mediate_deleted) {
#include <abstractions/lxc/container-base>
# allow standard blockdevtypes.
# The concern here is in-kernel superblock parsers bringing down the
# host with bad data. However, we continue to disallow proc, sys, securityfs,
# etc to nonstandard locations.
mount fstype=ext* -> /**,
mount fstype=nbd* -> /**,
mount fstype=xfs -> /**,
mount fstype=btrfs -> /**,
mount fstype=vfat* -> /**,
mount fstype=fuseblk -> /**,
mount fstype=nbd* -> /**,
mount fstype=nfs* -> /**,
mount fstype=devpts,
# allow System access.
mount fstype=cgroup -> /sys/fs/cgroup/**,
mount fstype=proc -> {{ lxc_container_cache_path }}/**,
mount fstype=sysfs -> {{ lxc_container_cache_path }}/**,
mount options=(rw,bind) {{ lxc_container_cache_path }}/**/dev/shm/ -> {{ lxc_container_cache_path }}/**/run/shm/,
}

View File

@ -1,13 +0,0 @@
# {{ ansible_managed }}
lxc.start.auto = 1
lxc.start.delay = 15
lxc.group = onboot
lxc.group = openstack
# Default LXC network
lxc.network.type = {{ lxc_container_net_type }}
lxc.network.name = {{ lxc_container_net_name }}
lxc.network.link = {{ lxc_container_net_link }}
lxc.network.flags = up
lxc.network.hwaddr = 00:16:3e:xx:xx:xx

View File

@ -1,3 +0,0 @@
{% for item in lxc_cache_resolvers %}
{{ item }}
{% endfor %}

View File

@ -1,371 +0,0 @@
#!/usr/bin/env bash
# Copyright 2014, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# This script was built for the express purpose of managing LXC on a
# host. The functions within this script provide for common operations
# that may be required when working with LXC in production.
# {{ ansible_managed }}
export USE_LXC_BRIDGE="true"
export LXC_BRIDGE="{{ lxc_net_bridge }}"
export LXC_ADDR="{{ lxc_net_address }}"
export LXC_NETMASK="{{ lxc_net_netmask }}"
export LXC_NETWORK="${LXC_ADDR}/${LXC_NETMASK}"
export LXC_DHCP_RANGE="{{ lxc_net_dhcp_range }}"
export LXC_DHCP_MAX="{{ lxc_net_dhcp_max }}"
export LXC_DHCP_CONFILE="{{ lxc_net_dhcp_config }}"
export LXC_DNSMASQ_USER="{{ lxc_net_dnsmasq_user }}"
export VARRUN="/run/lxc"
export LXC_DOMAIN="{{ lxc_net_domain }}"
function warn {
echo -e "\e[0;35m${@}\e[0m"
}
function info {
echo -e "\e[0;33m${@}\e[0m"
}
function success {
echo -e "\e[0;32m${@}\e[0m"
}
function remove_rules {
info "Removing LXC IPtables rules."
# Remove rules from the INPUT chain
iptables ${USE_IPTABLES_LOCK} -D INPUT -i "${LXC_BRIDGE}" -p udp --dport 67 -j ACCEPT
iptables ${USE_IPTABLES_LOCK} -D INPUT -i "${LXC_BRIDGE}" -p tcp --dport 67 -j ACCEPT
iptables ${USE_IPTABLES_LOCK} -D INPUT -i "${LXC_BRIDGE}" -p udp --dport 53 -j ACCEPT
iptables ${USE_IPTABLES_LOCK} -D INPUT -i "${LXC_BRIDGE}" -p tcp --dport 53 -j ACCEPT
# Remove rules from the FORWARDING chain
iptables ${USE_IPTABLES_LOCK} -D FORWARD -i "${LXC_BRIDGE}" -j ACCEPT
iptables ${USE_IPTABLES_LOCK} -D FORWARD -o "${LXC_BRIDGE}" -j ACCEPT
# Remove rules from the nat POSTROUTING chain
iptables ${USE_IPTABLES_LOCK} -t nat \
-D POSTROUTING \
-s "${LXC_NETWORK}" ! \
-d "${LXC_NETWORK}" \
-j MASQUERADE || true
# Remove rules from the mangle POSTROUTING chain
iptables ${USE_IPTABLES_LOCK} -t mangle \
-D POSTROUTING \
-s "${LXC_NETWORK}" \
-o "${LXC_BRIDGE}" \
-p udp \
-m udp \
--dport 68 \
-j CHECKSUM \
--checksum-fill
success "IPtables rules removed."
}
function add_rules {
info "Creating LXC IPtables rules."
set -e
# Set ip_prwarding
sysctl -w net.ipv4.ip_forward=1 > /dev/null 2>&1
# Add rules from the INPUT chain
iptables ${USE_IPTABLES_LOCK} -I INPUT -i "${LXC_BRIDGE}" -p udp --dport 67 -j ACCEPT
iptables ${USE_IPTABLES_LOCK} -I INPUT -i "${LXC_BRIDGE}" -p tcp --dport 67 -j ACCEPT
iptables ${USE_IPTABLES_LOCK} -I INPUT -i "${LXC_BRIDGE}" -p udp --dport 53 -j ACCEPT
iptables ${USE_IPTABLES_LOCK} -I INPUT -i "${LXC_BRIDGE}" -p tcp --dport 53 -j ACCEPT
# Add rules from the FORWARDING chain
iptables ${USE_IPTABLES_LOCK} -I FORWARD -i "${LXC_BRIDGE}" -j ACCEPT
iptables ${USE_IPTABLES_LOCK} -I FORWARD -o "${LXC_BRIDGE}" -j ACCEPT
# Add rules from the nat POSTROUTING chain
iptables ${USE_IPTABLES_LOCK} -t nat \
-A POSTROUTING \
-s "${LXC_NETWORK}" ! \
-d "${LXC_NETWORK}" \
-j MASQUERADE
# Add rules from the mangle POSTROUTING chain
iptables ${USE_IPTABLES_LOCK} -t mangle \
-A POSTROUTING \
-s "${LXC_NETWORK}" \
-o "${LXC_BRIDGE}" \
-p udp \
-m udp \
--dport 68 \
-j CHECKSUM \
--checksum-fill
success "IPtables rules created."
}
function cleanup {
# Clean up everything
remove_rules
# Set the lxc bridge interface down
ip link set "${LXC_BRIDGE}" down || true
# Remove the lxc bridge interface
brctl delbr "${LXC_BRIDGE}" || true
}
function pre_up {
# Create the run directory if needed.
if [[ ! -d "${VARRUN}" ]];then
mkdir -p "${VARRUN}"
fi
# Source the lxc defaults
if [[ -f "/etc/default/lxc" ]]; then
source "/etc/default/lxc"
fi
# Set the lock type where applicable
use_iptables_lock="-w"
iptables -w -L -n > /dev/null 2>&1 || use_iptables_lock=""
}
function start_dnsmasq {
set -e
info "Starting LXC dnsmasq."
dnsmasq "${LXC_DOMAIN_ARG}" --user="${LXC_DNSMASQ_USER}" \
--pid-file="${VARRUN}/dnsmasq.pid" \
--conf-file="${LXC_DHCP_CONFILE}" \
--listen-address="${LXC_ADDR}" \
--dhcp-range="${LXC_DHCP_RANGE}" \
--dhcp-lease-max="${LXC_DHCP_MAX}" \
--except-interface="lo" \
--interface="${LXC_BRIDGE}" \
--dhcp-leasefile="${DHCP_LEASE_FILE}" \
--dhcp-no-override \
--strict-order \
--bind-interfaces \
--dhcp-authoritative
success "dnsmasq started."
}
function start_containers_nicely {
set -e
# Stop all containers on a host
success "Starting all containers."
for container in $(lxc-ls); do
lxc-start -d -n "${container}"
done
}
function stop_containers_nicely {
# Stop all containers on a host
warn "Stopping all containers."
for container in $(lxc-ls); do
lxc-stop -n "${container}"
done
}
function stop_containers_with_fire {
# Stop all containers on a host
warn "Stopping all containers with fire."
for container in $(lxc-ls); do
lxc-stop -k -n "${container}"
done
}
function start_networks {
set -e
if [ -f "/sys/class/net/${LXC_BRIDGE}/bridge/bridge_id" ];then
success "LXC container network is already online."
else
if [ ! "$(ifup ${LXC_BRIDGE})" ];then
info "Building the LXC container network."
# Create lxc bridge
brctl addbr "${LXC_BRIDGE}" || true
# Set the lxc bridge up
ip link set "${LXC_BRIDGE}" up || true
# Assign an address to the lxc bridge
ip addr add "${LXC_ADDR}"/"${LXC_NETMASK}" dev "${LXC_BRIDGE}"
add_rules
LXC_DOMAIN_ARG=""
if [ -n "$LXC_DOMAIN" ]; then
LXC_DOMAIN_ARG="-s $LXC_DOMAIN -S /$LXC_DOMAIN/"
fi
# Start DNS mask
DHCP_LEASE_FILE="/var/lib/misc/dnsmasq.${LXC_BRIDGE}.leases"
start_dnsmasq
success "LXC container network has been created."
fi
fi
}
function stop_dnsmasq {
if [[ -f "${VARRUN}/dnsmasq.pid" ]];then
PID="$(cat ${VARRUN}/dnsmasq.pid)"
if [[ "${PID}" ]];then
warn "Stopping LXC dnsmasq."
kill -9 "${PID}" || true
fi
rm -f "${VARRUN}/dnsmasq.pid"
fi
}
function stop_networks {
warn "Destroying the LXC container network."
cleanup
stop_dnsmasq
}
function remove_down_veth {
info "Getting a list of all DOWN veth interfaces"
VETHPAIRS="$(ip link list | grep veth | grep "state DOWN" | awk '/veth/ {print $2}' | sed 's/\://g')"
if [[ "$VETHPAIRS" ]];then
warn "Removing all DOWN veth interfaces"
for veth in $VETHPAIRS; do
ip link delete dev "${veth}"
done
else
success "No DOWN veth interfaces to remove"
fi
}
function flush_cache {
warn "Flushing network cache"
ip -s -s neigh flush all
}
# Run through the base app setup
pre_up
# Check function
case "$1" in
containers-start)
start_containers_nicely
;;
containers-stop)
stop_containers_nicely
;;
containers-force-stop)
stop_containers_with_fire
;;
containers-restart)
stop_containers_nicely
start_containers_nicely
;;
containers-force-restart)
stop_containers_with_fire
start_containers_nicely
;;
system-tear-down)
stop_containers_nicely
remove_down_veth
stop_networks
flush_cache
;;
system-force-tear-down)
stop_containers_with_fire
remove_down_veth
stop_networks
flush_cache
;;
system-start-up)
start_networks
start_containers_nicely
;;
system-rebuild)
stop_containers_nicely
remove_down_veth
stop_networks
flush_cache
start_networks
start_containers_nicely
;;
system-force-rebuild)
stop_containers_with_fire
remove_down_veth
stop_networks
flush_cache
start_networks
start_containers_nicely
;;
dnsmasq-start)
start_dnsmasq
;;
dnsmasq-stop)
stop_dnsmasq
;;
dnsmasq-restart)
stop_dnsmasq
start_dnsmasq
;;
iptables-create)
add_rules
;;
iptables-remove)
remove_rules
;;
iptables-recreate)
remove_rules
add_rules
;;
veth-cleanup)
remove_down_veth
;;
flush-net-cache)
flush_cache
;;
*)
info 'Management of internal LXC systems and processes:'
echo '
containers-start Start all containers.
containers-stop Stop all containers.
containers-restart Stop all containers and then Start them.
containers-force-stop Force Stop all containers.
containers-force-restart Force Stop all containers and then Start them.
system-start-up Start up everything that LXC needs to
operate, including the containers, dnsmasq,
LXC bridge, and IPtables.
system-tear-down Tear down everything LXC on this system.
This will remove all all IPtables rules, kill
dnsmasq, remove the LXC bridge, stops all
containers, removes DOWN veth interfaces,
and flushes the net cache.
system-force-tear-down Force tear down everything LXC on this system.
This will remove all all IPtables rules, kill
dnsmasq, remove the LXC bridge, stops all
containers, removes DOWN veth interfaces,
and flushes the net cache.
system-rebuild Rebuild the LXC network, IPtables, dnsmasq,
removes DOWN veth interfaces, flushes the
net cache, and restarts all conatiners.
system-force-rebuild Force rebuild the LXC network, IPtables, dnsmasq,
removes DOWN veth interfaces, flushes the
net cache, and restarts all conatiners.
dnsmasq-start Start the LXC dnsmasq process.
dnsmasq-stop Stop the LXC dnsmasq process.
dnsmasq-restart Restart the LXC dnsmasq process.
iptables-create Create the LXC IPtables rules for NAT.
iptables-remove Remove the LXC IPtables rules for NAT.
iptables-recreate Recreate the LXC IPtables rules for NAT.
veth-cleanup Remove all DOWN veth interfaces from a system.
flush-net-cache Flush the hosts network cache. This is useful if
IP addresses are being recycled on to containers
from other hosts.
'
;;
esac

View File

@ -1,12 +0,0 @@
# {{ ansible_managed }}
USE_LXC_BRIDGE="true"
LXC_BRIDGE="{{ lxc_net_bridge }}"
LXC_ADDR="{{ lxc_net_address }}"
LXC_NETMASK="{{ lxc_net_netmask }}"
LXC_NETWORK="${LXC_ADDR}/${LXC_NETMASK}"
LXC_DHCP_RANGE="{{ lxc_net_dhcp_range }}"
LXC_DHCP_MAX="{{ lxc_net_dhcp_max }}"
LXC_DNSMASQ_USER="{{ lxc_net_dnsmasq_user }}"
LXC_DHCP_CONFILE="{{ lxc_net_dhcp_config }}"
LXC_DOMAIN="{{ lxc_net_domain }}"

View File

@ -1,9 +0,0 @@
# {{ ansible_managed }}
pre-start script
echo "pass"
end script
post-stop script
echo "pass"
end script

View File

@ -1,5 +0,0 @@
# Sources created by the ansible
deb {{ lxc_container_template_main_apt_repo }} {{ lxc_container_release }} main restricted universe multiverse
deb {{ lxc_container_template_main_apt_repo }} {{ lxc_container_release }}-updates main restricted universe multiverse
deb {{ lxc_container_template_main_apt_repo }} {{ lxc_container_release }}-backports main restricted universe multiverse
deb {{ lxc_container_template_security_apt_repo }} {{ lxc_container_release }}-security main restricted universe multiverse

View File

@ -1,85 +0,0 @@
OpenStack host setup
####################
:tags: openstack, host, cloud, ansible
:category: \*nix
contributor guidelines
^^^^^^^^^^^^^^^^^^^^^^
Filing Bugs
-----------
Bugs should be filed on Launchpad, not GitHub: "https://bugs.launchpad.net/openstack-ansible"
When submitting a bug, or working on a bug, please ensure the following criteria are met:
* The description clearly states or describes the original problem or root cause of the problem.
* Include historical information on how the problem was identified.
* Any relevant logs are included.
* The provided information should be totally self-contained. External access to web services/sites should not be needed.
* Steps to reproduce the problem if possible.
Submitting Code
---------------
Changes to the project should be submitted for review via the Gerrit tool, following
the workflow documented at: "http://docs.openstack.org/infra/manual/developers.html#development-workflow"
Pull requests submitted through GitHub will be ignored and closed without regard.
Extra
-----
Tags:
If it's a bug that needs fixing in a branch in addition to Master, add a '\<release\>-backport-potential' tag (eg ``juno-backport-potential``). There are predefined tags that will autocomplete.
Status:
Please leave this alone, it should be New till someone triages the issue.
Importance:
Should only be touched if it is a Blocker/Gating issue. If it is, please set to High, and only use Critical if you have found a bug that can take down whole infrastructures.
Style guide
-----------
When creating tasks and other roles for use in Ansible please create then using the YAML dictionary format.
Example YAML dictionary format:
.. code-block:: yaml
- name: The name of the tasks
module_name:
thing1: "some-stuff"
thing2: "some-other-stuff"
tags:
- some-tag
- some-other-tag
Example **NOT** in YAML dictionary format:
.. code-block:: yaml
- name: The name of the tasks
module_name: thing1="some-stuff" thing2="some-other-stuff"
tags:
- some-tag
- some-other-tag
Usage of the ">" and "|" operators should be limited to Ansible conditionals and command modules such as the ansible ``shell`` module.
Issues
------
When submitting an issue, or working on an issue please ensure the following criteria are met:
* The description clearly states or describes the original problem or root cause of the problem.
* Include historical information on how the problem was identified.
* Any relevant logs are included.
* If the issue is a bug that needs fixing in a branch other than Master, add the backport potential tag TO THE ISSUE (not the PR).
* The provided information should be totally self-contained. External access to web services/sites should not be needed.
* If the issue is needed for a hotfix release, add the 'expedite' label.
* Steps to reproduce the problem if possible.

View File

@ -1,202 +0,0 @@
Apache License
Version 2.0, January 2004
http://www.apache.org/licenses/
TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
1. Definitions.
"License" shall mean the terms and conditions for use, reproduction,
and distribution as defined by Sections 1 through 9 of this document.
"Licensor" shall mean the copyright owner or entity authorized by
the copyright owner that is granting the License.
"Legal Entity" shall mean the union of the acting entity and all
other entities that control, are controlled by, or are under common
control with that entity. For the purposes of this definition,
"control" means (i) the power, direct or indirect, to cause the
direction or management of such entity, whether by contract or
otherwise, or (ii) ownership of fifty percent (50%) or more of the
outstanding shares, or (iii) beneficial ownership of such entity.
"You" (or "Your") shall mean an individual or Legal Entity
exercising permissions granted by this License.
"Source" form shall mean the preferred form for making modifications,
including but not limited to software source code, documentation
source, and configuration files.
"Object" form shall mean any form resulting from mechanical
transformation or translation of a Source form, including but
not limited to compiled object code, generated documentation,
and conversions to other media types.
"Work" shall mean the work of authorship, whether in Source or
Object form, made available under the License, as indicated by a
copyright notice that is included in or attached to the work
(an example is provided in the Appendix below).
"Derivative Works" shall mean any work, whether in Source or Object
form, that is based on (or derived from) the Work and for which the
editorial revisions, annotations, elaborations, or other modifications
represent, as a whole, an original work of authorship. For the purposes
of this License, Derivative Works shall not include works that remain
separable from, or merely link (or bind by name) to the interfaces of,
the Work and Derivative Works thereof.
"Contribution" shall mean any work of authorship, including
the original version of the Work and any modifications or additions
to that Work or Derivative Works thereof, that is intentionally
submitted to Licensor for inclusion in the Work by the copyright owner
or by an individual or Legal Entity authorized to submit on behalf of
the copyright owner. For the purposes of this definition, "submitted"
means any form of electronic, verbal, or written communication sent
to the Licensor or its representatives, including but not limited to
communication on electronic mailing lists, source code control systems,
and issue tracking systems that are managed by, or on behalf of, the
Licensor for the purpose of discussing and improving the Work, but
excluding communication that is conspicuously marked or otherwise
designated in writing by the copyright owner as "Not a Contribution."
"Contributor" shall mean Licensor and any individual or Legal Entity
on behalf of whom a Contribution has been received by Licensor and
subsequently incorporated within the Work.
2. Grant of Copyright License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
copyright license to reproduce, prepare Derivative Works of,
publicly display, publicly perform, sublicense, and distribute the
Work and such Derivative Works in Source or Object form.
3. Grant of Patent License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
(except as stated in this section) patent license to make, have made,
use, offer to sell, sell, import, and otherwise transfer the Work,
where such license applies only to those patent claims licensable
by such Contributor that are necessarily infringed by their
Contribution(s) alone or by combination of their Contribution(s)
with the Work to which such Contribution(s) was submitted. If You
institute patent litigation against any entity (including a
cross-claim or counterclaim in a lawsuit) alleging that the Work
or a Contribution incorporated within the Work constitutes direct
or contributory patent infringement, then any patent licenses
granted to You under this License for that Work shall terminate
as of the date such litigation is filed.
4. Redistribution. You may reproduce and distribute copies of the
Work or Derivative Works thereof in any medium, with or without
modifications, and in Source or Object form, provided that You
meet the following conditions:
(a) You must give any other recipients of the Work or
Derivative Works a copy of this License; and
(b) You must cause any modified files to carry prominent notices
stating that You changed the files; and
(c) You must retain, in the Source form of any Derivative Works
that You distribute, all copyright, patent, trademark, and
attribution notices from the Source form of the Work,
excluding those notices that do not pertain to any part of
the Derivative Works; and
(d) If the Work includes a "NOTICE" text file as part of its
distribution, then any Derivative Works that You distribute must
include a readable copy of the attribution notices contained
within such NOTICE file, excluding those notices that do not
pertain to any part of the Derivative Works, in at least one
of the following places: within a NOTICE text file distributed
as part of the Derivative Works; within the Source form or
documentation, if provided along with the Derivative Works; or,
within a display generated by the Derivative Works, if and
wherever such third-party notices normally appear. The contents
of the NOTICE file are for informational purposes only and
do not modify the License. You may add Your own attribution
notices within Derivative Works that You distribute, alongside
or as an addendum to the NOTICE text from the Work, provided
that such additional attribution notices cannot be construed
as modifying the License.
You may add Your own copyright statement to Your modifications and
may provide additional or different license terms and conditions
for use, reproduction, or distribution of Your modifications, or
for any such Derivative Works as a whole, provided Your use,
reproduction, and distribution of the Work otherwise complies with
the conditions stated in this License.
5. Submission of Contributions. Unless You explicitly state otherwise,
any Contribution intentionally submitted for inclusion in the Work
by You to the Licensor shall be under the terms and conditions of
this License, without any additional terms or conditions.
Notwithstanding the above, nothing herein shall supersede or modify
the terms of any separate license agreement you may have executed
with Licensor regarding such Contributions.
6. Trademarks. This License does not grant permission to use the trade
names, trademarks, service marks, or product names of the Licensor,
except as required for reasonable and customary use in describing the
origin of the Work and reproducing the content of the NOTICE file.
7. Disclaimer of Warranty. Unless required by applicable law or
agreed to in writing, Licensor provides the Work (and each
Contributor provides its Contributions) on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
implied, including, without limitation, any warranties or conditions
of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
PARTICULAR PURPOSE. You are solely responsible for determining the
appropriateness of using or redistributing the Work and assume any
risks associated with Your exercise of permissions under this License.
8. Limitation of Liability. In no event and under no legal theory,
whether in tort (including negligence), contract, or otherwise,
unless required by applicable law (such as deliberate and grossly
negligent acts) or agreed to in writing, shall any Contributor be
liable to You for damages, including any direct, indirect, special,
incidental, or consequential damages of any character arising as a
result of this License or out of the use or inability to use the
Work (including but not limited to damages for loss of goodwill,
work stoppage, computer failure or malfunction, or any and all
other commercial damages or losses), even if such Contributor
has been advised of the possibility of such damages.
9. Accepting Warranty or Additional Liability. While redistributing
the Work or Derivative Works thereof, You may choose to offer,
and charge a fee for, acceptance of support, warranty, indemnity,
or other liability obligations and/or rights consistent with this
License. However, in accepting such obligations, You may act only
on Your own behalf and on Your sole responsibility, not on behalf
of any other Contributor, and only if You agree to indemnify,
defend, and hold each Contributor harmless for any liability
incurred by, or claims asserted against, such Contributor by reason
of your accepting any such warranty or additional liability.
END OF TERMS AND CONDITIONS
APPENDIX: How to apply the Apache License to your work.
To apply the Apache License to your work, attach the following
boilerplate notice, with the fields enclosed by brackets "{}"
replaced with your own identifying information. (Don't include
the brackets!) The text should be enclosed in the appropriate
comment syntax for the file format. We also recommend that a
file or class name and description of purpose be included on the
same "printed page" as the copyright notice for easier
identification within third-party archives.
Copyright {yyyy} {name of copyright owner}
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.

View File

@ -1,14 +0,0 @@
OpenStack host setup
####################
:tags: openstack, host, cloud, ansible
:category: \*nix
Role for basic setup and configuration of a host machine for the intended purpose of use within OpenStack.
.. code-block:: yaml
- name: Basic host setup
hosts: "hosts"
user: root
roles:
- { role: "openstack_hosts", tags: [ "openstack-hosts-setup" ] }

View File

@ -1,110 +0,0 @@
---
# Copyright 2014, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
openstack_code_name: Mitaka
openstack_release: master
openstack_host_systat_enabled: true
openstack_host_systat_interval: 1
openstack_host_systat_statistics_hour: 23
openstack_host_disbale_auto_updates: true
## Defined required kernel. presently 3.13.0-32-generic
openstack_host_required_kernel: 3.13.0-34-generic
## Kernel modules loaded on hosts
openstack_host_kernel_modules:
- 8021q
- dm_multipath
- dm_snapshot
- ip6table_filter
- ip6_tables
- ip_tables
- ipt_MASQUERADE
- ipt_REJECT
- iptable_filter
- iptable_mangle
- iptable_nat
- iscsi_tcp
- nbd
- nf_conntrack
- nf_conntrack_ipv4
- nf_defrag_ipv4
- nf_nat
- nf_nat_ipv4
- scsi_dh
- vhost_net
- x_tables
## Base packages
openstack_host_apt_packages:
- apparmor-utils
- apt-transport-https
- bridge-utils
- build-essential
- cgroup-lite
- curl
- dmeventd
- dstat
- htop
- iptables
- irqbalance
- libkmod-dev
- libkmod2
- lvm2
- python-software-properties
- python-dev
- rsync
- rsyslog
- sshpass
- sysstat
- time
- vlan
- wget
# The following garbage collection values are set to better support lots of neutron networks/routers.
# Used for setting the net.ipv4/6.neigh.default.gc_thresh* values. This assumes that facts were
# gathered to obtain the total amount of memory available on a given host. If no facts are gathered
# the default set will be 1024 unless its defined by the user.
gc_val: "{{ ansible_memtotal_mb | default(1024) | bit_length_power_of_2 }}"
# The ste value has a Max allowable value of 8192 unless set by the user.
set_gc_val: "{{ gc_val if (gc_val | int <= 8192) else 8192 }}"
# System control kernel tuning
openstack_kernel_options:
- { key: 'fs.inotify.max_user_watches', value: 36864 }
- { key: 'net.ipv4.conf.all.rp_filter', value: 0 }
- { key: 'net.ipv4.conf.default.rp_filter', value: 0 }
- { key: 'net.ipv4.ip_forward', value: 1 }
- { key: 'net.netfilter.nf_conntrack_max', value: 262144 }
- { key: 'vm.dirty_background_ratio', value: 5 }
- { key: 'vm.dirty_ratio', value: 10 }
- { key: 'vm.swappiness', value: 5 }
- { key: 'net.bridge.bridge-nf-call-ip6tables', value: 0 }
- { key: 'net.bridge.bridge-nf-call-iptables', value: 0 }
- { key: 'net.bridge.bridge-nf-call-arptables', value: 0 }
- { key: 'net.ipv4.neigh.default.gc_thresh1', value: "{{ set_gc_val | int // 2 }}" }
- { key: 'net.ipv4.neigh.default.gc_thresh2', value: "{{ set_gc_val | int }}" }
- { key: 'net.ipv4.neigh.default.gc_thresh3', value: "{{ set_gc_val | int * 2 }}" }
- { key: 'net.ipv4.route.gc_thresh', value: "{{ set_gc_val | int * 2 }}" }
- { key: 'net.ipv4.neigh.default.gc_interval', value: 60 }
- { key: 'net.ipv4.neigh.default.gc_stale_time', value: 120 }
- { key: 'net.ipv6.neigh.default.gc_thresh1', value: "{{ set_gc_val | int // 2 }}" }
- { key: 'net.ipv6.neigh.default.gc_thresh2', value: "{{ set_gc_val | int }}" }
- { key: 'net.ipv6.neigh.default.gc_thresh3', value: "{{ set_gc_val | int * 2 }}" }
- { key: 'net.ipv6.route.gc_thresh', value: "{{ set_gc_val | int * 2 }}" }
- { key: 'net.ipv6.neigh.default.gc_interval', value: 60 }
- { key: 'net.ipv6.neigh.default.gc_stale_time', value: 120 }

View File

@ -1,21 +0,0 @@
---
# Copyright 2014, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Restart sysstat
service:
name: "sysstat"
state: "restarted"
pattern: "sysstat"
enabled: "yes"

View File

@ -1,32 +0,0 @@
---
# Copyright 2014, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
galaxy_info:
author: rcbops
description: Base host setup for a OpenStack Private Cloud host
company: Rackspace
license: Apache2
min_ansible_version: 1.6.6
platforms:
- name: Ubuntu
versions:
- trusty
categories:
- cloud
- host
- development
- openstack
dependencies:
- apt_package_pinning

View File

@ -1,26 +0,0 @@
---
# Copyright 2014, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- include: openstack_dirs.yml
- include: openstack_proxy_settings.yml
- include: openstack_host_packages.yml
- include: openstack_sysstat.yml
- include: openstack_update_hosts_file.yml
- include: openstack_lvm_config.yml
- include: openstack_kernel_check.yml
- include: openstack_kernel_modules.yml
- include: openstack_kernel_tuning.yml
- include: openstack_authorized_keys.yml
- include: openstack_release.yml

View File

@ -1,44 +0,0 @@
---
# Copyright 2014, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Ensure ssh directory
file:
path: "{{ ansible_env.HOME }}/.ssh"
state: "directory"
group: "{{ ansible_user_id }}"
owner: "{{ ansible_user_id }}"
mode: "0755"
tags:
- openstack-host-keys
- name: Update SSH keys
get_url:
url: "{{ ssh_key_url }}"
dest: "{{ ansible_env.HOME }}/.ssh/remotekeys"
mode: "0640"
when: ssh_key_url is defined
tags:
- openstack-host-keys
- name: Ensure all keys in authorized_keys
shell: |
while read key; do
if [[ ! "$(grep "$key" {{ ansible_env.HOME }}/.ssh/authorized_keys)" ]];then
echo "$key" | tee -a {{ ansible_env.HOME }}/.ssh/authorized_keys
fi
done < /root/.ssh/remotekeys
when: ssh_key_url is defined
tags:
- openstack-host-keys

View File

@ -1,28 +0,0 @@
---
# Copyright 2015, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Ensure OpenStack directories
file:
path: "{{ item }}"
state: "directory"
mode: "0755"
with_items:
- /openstack
- /openstack/backup
- /openstack/instances
- /openstack/log
- /openstack/venvs
tags:
- openstack-dirs

View File

@ -1,37 +0,0 @@
---
# Copyright 2014, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Update apt sources
apt:
update_cache: yes
cache_valid_time: 600
register: apt_update
until: apt_update|success
retries: 5
delay: 2
tags:
- openstack-apt-packages
- name: Install host packages
apt:
pkg: "{{ item }}"
state: present
register: install_packages
until: install_packages|success
retries: 5
delay: 2
with_items: openstack_host_apt_packages
tags:
- openstack-apt-packages

View File

@ -1,34 +0,0 @@
---
# Copyright 2014, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Check Kernel Variant
fail:
msg: >
Wrong kernel Variant found
[ {{ ansible_kernel.split('-')[2] }} != generic ]
Resolve this issue before continuing.
when: ansible_kernel.split('-')[2] != 'generic'
tags:
- openstack-host-kernel-check
- name: Check Kernel Version
fail:
msg: >
Wrong kernel Version found
[ {{ ansible_kernel }} < {{ openstack_host_required_kernel }} ]
Resolve this issue before continuing.
when: ansible_kernel | version_compare(openstack_host_required_kernel, '<')
tags:
- openstack-host-kernel-check

View File

@ -1,31 +0,0 @@
---
# Copyright 2014, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: "Ensure kernel module(s)"
modprobe:
name: "{{ item }}"
with_items: openstack_host_kernel_modules
when: openstack_host_kernel_modules is defined
tags:
- openstack-host-kernel-modules
- name: "Ensure kernel module(s) loaded at boot"
lineinfile:
dest: /etc/modules
line: "{{ item }}"
with_items: openstack_host_kernel_modules
when: openstack_host_kernel_modules is defined
tags:
- openstack-host-kernel-modules

View File

@ -1,26 +0,0 @@
---
# Copyright 2014, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Adding new system tuning
sysctl:
name: "{{ item.key }}"
value: "{{ item.value }}"
sysctl_set: "{{ item.set|default('yes') }}"
state: "{{ item.state|default('present') }}"
reload: "{{ item.reload|default('yes') }}"
with_items: openstack_kernel_options
ignore_errors: true
tags:
- openstack-host-kernel-tuning

View File

@ -1,42 +0,0 @@
---
# Copyright 2014, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Discover lvm devices
shell: |
/sbin/pvdisplay | awk '/PV\ Name/ {print $3}' | sed 's/\/dev\///g'
register: lvm_devices
changed_when: lvm_devices.rc != 0
failed_when: false
tags:
- openstack-host-lvm-config
- name: Ensure "/etc/lvm" directory
file:
state: "directory"
path: "/etc/lvm"
when: lvm_devices.rc == 0
tags:
- openstack-host-lvm-config
- name: Drop lvm Config
template:
src: "lvm.conf.j2"
dest: "/etc/lvm/lvm.conf"
owner: "root"
group: "root"
backup: "yes"
when: lvm_devices.rc == 0
tags:
- openstack-host-lvm-config

View File

@ -1,23 +0,0 @@
---
# Copyright 2015, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Install host proxy settings
lineinfile:
dest: /etc/environment
state: present
line: "{% if item.value %}{{ item.key }}={{ item.value }}{% endif %}"
with_dict: global_environment_variables |default({})
tags:
- openstack-host-proxies

View File

@ -1,23 +0,0 @@
---
# Copyright 2014, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Drop openstack release file
template:
src: "openstack-release.j2"
dest: "/etc/openstack-release"
owner: "root"
group: "root"
tags:
- openstack-release

View File

@ -1,26 +0,0 @@
---
# Copyright 2014, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Enable sysstat
template:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
mode: "{{ item.mode|default('0644')}}"
with_items:
- { src: "sysstat.default.j2", dest: "/etc/default/sysstat" }
- { src: "sysstat.cron.j2", dest: "/etc/cron.d/sysstat", mode: "0755" }
notify: Restart sysstat
tags:
- openstack-host-sysstat

View File

@ -1,47 +0,0 @@
---
# Copyright 2014, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Update hosts file remove stale IP entries
lineinfile:
dest: /etc/hosts
regexp: "^{{ hostvars[item]['ansible_ssh_host'] }} (?!{{ item }}$)"
state: absent
with_items:
- "{{ groups['all_containers'] }}"
- "{{ groups['hosts'] }}"
tags:
- openstack-host-hostfile
- name: Update hosts file remove stale Host entries
lineinfile:
dest: /etc/hosts
regexp: "(?<!^{{ hostvars[item]['ansible_ssh_host'] }}) {{ item }}$"
state: absent
with_items:
- "{{ groups['all_containers'] }}"
- "{{ groups['hosts'] }}"
tags:
- openstack-host-hostfile
- name: Update hosts file from ansible inventory
lineinfile:
dest: /etc/hosts
line: "{{ hostvars[item]['ansible_ssh_host'] }} {{ item }}"
state: present
with_items:
- "{{ groups['all_containers'] }}"
- "{{ groups['hosts'] }}"
tags:
- openstack-host-hostfile

View File

@ -1,125 +0,0 @@
# {{ ansible_managed }}
{% set used_lvm_devices = [] %}
{% set lv_devices = lvm_devices.stdout.split('\n') %}
{% if lv_devices|length > 0 %}
{% for net in lv_devices %}
{% if net != '' %}
{% set lv_device = '"a/' + net + '/"' %}
{% if used_lvm_devices.append(lv_device) %}{% endif %}
{% endif %}
{% endfor %}
{% endif %}
# Ansible Discovered LVM Devices {{ lv_devices }}
{% if used_lvm_devices|length <= 0 %}
{% if used_lvm_devices.append('"a/.*/"') %}{% endif %}
{% else %}
{% if used_lvm_devices.append('"r/.*/"') %}{% endif %}
{% endif %}
{% if is_metal == false or is_metal == "False" %}
{% set use_udev = 0 %}
{% else %}
{% set use_udev = 1 %}
{% endif %}
devices {
dir = "/dev"
scan = [ "/dev" ]
obtain_device_list_from_udev = {{ use_udev }}
preferred_names = [ ]
filter = [ {{ used_lvm_devices|join(', ') }} ]
cache_dir = "/run/lvm"
cache_file_prefix = ""
write_cache_state = 1
sysfs_scan = 1
multipath_component_detection = 1
md_component_detection = 1
md_chunk_alignment = 1
data_alignment_detection = 1
data_alignment = 0
data_alignment_offset_detection = 1
ignore_suspended_devices = 0
disable_after_error_count = 0
require_restorefile_with_uuid = 1
pv_min_size = 2048
issue_discards = 1
}
allocation {
maximise_cling = 1
mirror_logs_require_separate_pvs = 0
thin_pool_metadata_require_separate_pvs = 0
}
log {
verbose = 0
silent = 0
syslog = 1
overwrite = 0
level = 0
indent = 1
command_names = 0
prefix = " "
}
backup {
backup = 1
backup_dir = "/etc/lvm/backup"
archive = 1
archive_dir = "/etc/lvm/archive"
retain_min = 10
retain_days = 30
}
shell {
history_size = 100
}
global {
umask = 077
test = 0
units = "h"
si_unit_consistency = 1
activation = 1
proc = "/proc"
locking_type = 1
wait_for_locks = 1
fallback_to_clustered_locking = 1
fallback_to_local_locking = 1
locking_dir = "/run/lock/lvm"
prioritise_write_locks = 1
abort_on_internal_errors = 0
detect_internal_vg_cache_corruption = 0
metadata_read_only = 0
mirror_segtype_default = "mirror"
use_lvmetad = 0
thin_check_executable = "/usr/sbin/thin_check"
thin_check_options = [ "-q" ]
}
activation {
checks = 0
udev_sync = {{ use_udev }}
udev_rules = {{ use_udev }}
verify_udev_operations = 0
retry_deactivation = 1
missing_stripe_filler = "error"
use_linear_target = 1
reserved_stack = 64
reserved_memory = 8192
process_priority = -18
mirror_region_size = 512
readahead = "auto"
raid_fault_policy = "warn"
mirror_log_fault_policy = "allocate"
mirror_image_fault_policy = "remove"
snapshot_autoextend_threshold = 100
snapshot_autoextend_percent = 20
thin_pool_autoextend_threshold = 100
thin_pool_autoextend_percent = 20
use_mlockall = 0
monitoring = 0
polling_interval = 15
}
dmeventd {
mirror_library = "libdevmapper-event-lvm2mirror.so"
snapshot_library = "libdevmapper-event-lvm2snapshot.so"
thin_library = "libdevmapper-event-lvm2thin.so"
}

View File

@ -1,6 +0,0 @@
# {{ ansible_managed }}
DISTRIB_ID="OASD"
DISTRIB_RELEASE="{{ openstack_release }}"
DISTRIB_CODENAME="{{ openstack_code_name }}"
DISTRIB_DESCRIPTION="OpenStack Cloud"

View File

@ -1,10 +0,0 @@
# {{ ansible_managed }}
# The first element of the path is a directory where the debian-sa1 script is located
PATH=/usr/lib/sysstat:/usr/sbin:/usr/sbin:/usr/bin:/sbin:/bin
# Activity reports every 10 minutes everyday
*/{{ openstack_host_systat_interval }} * * * * root command -v debian-sa1 > /dev/null && debian-sa1 1 1
# Additional run at 23:59 to rotate the statistics file
59 {{ openstack_host_systat_statistics_hour }} * * * root command -v debian-sa1 > /dev/null && debian-sa1 60 2

View File

@ -1,11 +0,0 @@
# {{ ansible_managed }}
#
# Default settings for /etc/init.d/sysstat, /etc/cron.d/sysstat
# and /etc/cron.daily/sysstat files
#
# Should sadc collect system activity informations? Valid values
# are "true" and "false". Please do not put other values, they
# will be overwritten by debconf!
ENABLED="{{ openstack_host_systat_enabled }}"

View File

@ -1,103 +0,0 @@
OpenStack pip
#############
:tags: openstack, pip, cloud, ansible
:category: \*nix
contributor guidelines
^^^^^^^^^^^^^^^^^^^^^^
Filing Bugs
-----------
Bugs should be filed on Launchpad, not GitHub:
"https://bugs.launchpad.net/openstack-ansible"
When submitting a bug, or working on a bug, please ensure the following
criteria are met:
* The description clearly states or describes the original problem or root
cause of the problem.
* Include historical information on how the problem was identified.
* Any relevant logs are included.
* The provided information should be totally self-contained. External access to
web services/sites should not be needed.
* Steps to reproduce the problem if possible.
Submitting Code
---------------
Changes to the project should be submitted for review via the Gerrit tool,
following the workflow documented at:
"http://docs.openstack.org/infra/manual/developers.html#development-workflow"
Pull requests submitted through GitHub will be ignored and closed without
regard.
Extra
-----
Tags:
If it's a bug that needs fixing in a branch in addition to Master, add a
'\<release\>-backport-potential' tag (eg ``juno-backport-potential``).
There are predefined tags that will autocomplete.
Status:
Please leave this alone, it should be New till someone triages the issue.
Importance:
Should only be touched if it is a Blocker/Gating issue. If it is, please
set to High, and only use Critical if you have found a bug that can take
down whole infrastructures.
Style guide
-----------
When creating tasks and other roles for use in Ansible please create then using
the YAML dictionary format.
Example YAML dictionary format:
.. code-block:: yaml
- name: The name of the tasks
module_name:
thing1: "some-stuff"
thing2: "some-other-stuff"
tags:
- some-tag
- some-other-tag
Example **NOT** in YAML dictionary format:
.. code-block:: yaml
- name: The name of the tasks
module_name: thing1="some-stuff" thing2="some-other-stuff"
tags:
- some-tag
- some-other-tag
Usage of the ">" and "|" operators should be limited to Ansible conditionals
and command modules such as the ansible ``shell`` module.
Issues
------
When submitting an issue, or working on an issue please ensure the following
criteria are met:
* The description clearly states or describes the original problem or root
cause of the problem.
* Include historical information on how the problem was identified.
* Any relevant logs are included.
* If the issue is a bug that needs fixing in a branch other than Master, add
the backport potential tag TO THE ISSUE (not the PR).
* The provided information should be totally self-contained. External access to
web services/sites should not be needed.
* If the issue is needed for a hotfix release, add the 'expedite' label.
* Steps to reproduce the problem if possible.

View File

@ -1,202 +0,0 @@
Apache License
Version 2.0, January 2004
http://www.apache.org/licenses/
TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
1. Definitions.
"License" shall mean the terms and conditions for use, reproduction,
and distribution as defined by Sections 1 through 9 of this document.
"Licensor" shall mean the copyright owner or entity authorized by
the copyright owner that is granting the License.
"Legal Entity" shall mean the union of the acting entity and all
other entities that control, are controlled by, or are under common
control with that entity. For the purposes of this definition,
"control" means (i) the power, direct or indirect, to cause the
direction or management of such entity, whether by contract or
otherwise, or (ii) ownership of fifty percent (50%) or more of the
outstanding shares, or (iii) beneficial ownership of such entity.
"You" (or "Your") shall mean an individual or Legal Entity
exercising permissions granted by this License.
"Source" form shall mean the preferred form for making modifications,
including but not limited to software source code, documentation
source, and configuration files.
"Object" form shall mean any form resulting from mechanical
transformation or translation of a Source form, including but
not limited to compiled object code, generated documentation,
and conversions to other media types.
"Work" shall mean the work of authorship, whether in Source or
Object form, made available under the License, as indicated by a
copyright notice that is included in or attached to the work
(an example is provided in the Appendix below).
"Derivative Works" shall mean any work, whether in Source or Object
form, that is based on (or derived from) the Work and for which the
editorial revisions, annotations, elaborations, or other modifications
represent, as a whole, an original work of authorship. For the purposes
of this License, Derivative Works shall not include works that remain
separable from, or merely link (or bind by name) to the interfaces of,
the Work and Derivative Works thereof.
"Contribution" shall mean any work of authorship, including
the original version of the Work and any modifications or additions
to that Work or Derivative Works thereof, that is intentionally
submitted to Licensor for inclusion in the Work by the copyright owner
or by an individual or Legal Entity authorized to submit on behalf of
the copyright owner. For the purposes of this definition, "submitted"
means any form of electronic, verbal, or written communication sent
to the Licensor or its representatives, including but not limited to
communication on electronic mailing lists, source code control systems,
and issue tracking systems that are managed by, or on behalf of, the
Licensor for the purpose of discussing and improving the Work, but
excluding communication that is conspicuously marked or otherwise
designated in writing by the copyright owner as "Not a Contribution."
"Contributor" shall mean Licensor and any individual or Legal Entity
on behalf of whom a Contribution has been received by Licensor and
subsequently incorporated within the Work.
2. Grant of Copyright License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
copyright license to reproduce, prepare Derivative Works of,
publicly display, publicly perform, sublicense, and distribute the
Work and such Derivative Works in Source or Object form.
3. Grant of Patent License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
(except as stated in this section) patent license to make, have made,
use, offer to sell, sell, import, and otherwise transfer the Work,
where such license applies only to those patent claims licensable
by such Contributor that are necessarily infringed by their
Contribution(s) alone or by combination of their Contribution(s)
with the Work to which such Contribution(s) was submitted. If You
institute patent litigation against any entity (including a
cross-claim or counterclaim in a lawsuit) alleging that the Work
or a Contribution incorporated within the Work constitutes direct
or contributory patent infringement, then any patent licenses
granted to You under this License for that Work shall terminate
as of the date such litigation is filed.
4. Redistribution. You may reproduce and distribute copies of the
Work or Derivative Works thereof in any medium, with or without
modifications, and in Source or Object form, provided that You
meet the following conditions:
(a) You must give any other recipients of the Work or
Derivative Works a copy of this License; and
(b) You must cause any modified files to carry prominent notices
stating that You changed the files; and
(c) You must retain, in the Source form of any Derivative Works
that You distribute, all copyright, patent, trademark, and
attribution notices from the Source form of the Work,
excluding those notices that do not pertain to any part of
the Derivative Works; and
(d) If the Work includes a "NOTICE" text file as part of its
distribution, then any Derivative Works that You distribute must
include a readable copy of the attribution notices contained
within such NOTICE file, excluding those notices that do not
pertain to any part of the Derivative Works, in at least one
of the following places: within a NOTICE text file distributed
as part of the Derivative Works; within the Source form or
documentation, if provided along with the Derivative Works; or,
within a display generated by the Derivative Works, if and
wherever such third-party notices normally appear. The contents
of the NOTICE file are for informational purposes only and
do not modify the License. You may add Your own attribution
notices within Derivative Works that You distribute, alongside
or as an addendum to the NOTICE text from the Work, provided
that such additional attribution notices cannot be construed
as modifying the License.
You may add Your own copyright statement to Your modifications and
may provide additional or different license terms and conditions
for use, reproduction, or distribution of Your modifications, or
for any such Derivative Works as a whole, provided Your use,
reproduction, and distribution of the Work otherwise complies with
the conditions stated in this License.
5. Submission of Contributions. Unless You explicitly state otherwise,
any Contribution intentionally submitted for inclusion in the Work
by You to the Licensor shall be under the terms and conditions of
this License, without any additional terms or conditions.
Notwithstanding the above, nothing herein shall supersede or modify
the terms of any separate license agreement you may have executed
with Licensor regarding such Contributions.
6. Trademarks. This License does not grant permission to use the trade
names, trademarks, service marks, or product names of the Licensor,
except as required for reasonable and customary use in describing the
origin of the Work and reproducing the content of the NOTICE file.
7. Disclaimer of Warranty. Unless required by applicable law or
agreed to in writing, Licensor provides the Work (and each
Contributor provides its Contributions) on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
implied, including, without limitation, any warranties or conditions
of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
PARTICULAR PURPOSE. You are solely responsible for determining the
appropriateness of using or redistributing the Work and assume any
risks associated with Your exercise of permissions under this License.
8. Limitation of Liability. In no event and under no legal theory,
whether in tort (including negligence), contract, or otherwise,
unless required by applicable law (such as deliberate and grossly
negligent acts) or agreed to in writing, shall any Contributor be
liable to You for damages, including any direct, indirect, special,
incidental, or consequential damages of any character arising as a
result of this License or out of the use or inability to use the
Work (including but not limited to damages for loss of goodwill,
work stoppage, computer failure or malfunction, or any and all
other commercial damages or losses), even if such Contributor
has been advised of the possibility of such damages.
9. Accepting Warranty or Additional Liability. While redistributing
the Work or Derivative Works thereof, You may choose to offer,
and charge a fee for, acceptance of support, warranty, indemnity,
or other liability obligations and/or rights consistent with this
License. However, in accepting such obligations, You may act only
on Your own behalf and on Your sole responsibility, not on behalf
of any other Contributor, and only if You agree to indemnify,
defend, and hold each Contributor harmless for any liability
incurred by, or claims asserted against, such Contributor by reason
of your accepting any such warranty or additional liability.
END OF TERMS AND CONDITIONS
APPENDIX: How to apply the Apache License to your work.
To apply the Apache License to your work, attach the following
boilerplate notice, with the fields enclosed by brackets "{}"
replaced with your own identifying information. (Don't include
the brackets!) The text should be enclosed in the appropriate
comment syntax for the file format. We also recommend that a
file or class name and description of purpose be included on the
same "printed page" as the copyright notice for easier
identification within third-party archives.
Copyright {yyyy} {name of copyright owner}
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.

View File

@ -1,16 +0,0 @@
OpenStack pip
#############
:tags: openstack, pip, cloud, ansible
:category: \*nix
This role will install pip using the upstream pip.
.. code-block:: yaml
- name: Install pip and lock it down
hosts: host_name
user: root
roles:
- { role: "pip_lock_down", tags: [ "pip-lock-down" ] }
vars:
pip_get_pip_url: https://bootstrap.pypa.io/get-pip.py

View File

@ -1,23 +0,0 @@
---
# Copyright 2014, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
## Path to pip download/installation script.
pip_upstream_repo_url: https://bootstrap.pypa.io
pip_get_pip_url: "{{ pip_upstream_repo_url }}/get-pip.py"
pip_get_pip_fallback_url: https://raw.github.com/pypa/pip/master/contrib/get-pip.py
# Additional options that you might want to pass to "get-pip.py" when installing pip.
# Default `pip_get_pip_options` is an empty string.
pip_get_pip_options: ""

View File

@ -1,31 +0,0 @@
---
# Copyright 2014, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
galaxy_info:
author: rcbops
description: Installation and setup of HAProxy
company: Rackspace
license: Apache2
min_ansible_version: 1.6.6
platforms:
- name: Ubuntu
versions:
- trusty
categories:
- cloud
- python
- development
- openstack
dependencies: []

View File

@ -1,89 +0,0 @@
---
# Copyright 2014, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Create pip config directory
file:
path: "{{ item }}"
state: "directory"
group: "{{ ansible_user_id }}"
owner: "{{ ansible_user_id }}"
with_items:
- "/opt"
- "{{ ansible_env.HOME }}/.cache"
- "{{ ansible_env.HOME }}/.cache/pip"
tags:
- pip-directories
- name: Drop pip file(s)
copy:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
owner: "{{ ansible_user_id }}"
group: "{{ ansible_user_id }}"
mode: "{{ item.mode|default('0644') }}"
with_items:
- { src: "selfcheck.json", dest: "{{ ansible_env.HOME }}/.cache/pip/selfcheck.json" }
tags:
- pip-files
- name: Get Modern PIP
get_url:
url: "{{ pip_get_pip_url }}"
dest: "/opt/get-pip.py"
force: "yes"
validate_certs: "yes"
register: get_pip
until: get_pip | success
ignore_errors: True
retries: 5
delay: 2
tags:
- pip-install-script
- pip-install
- name: Get Modern PIP using fallback URL
get_url:
url: "{{ pip_get_pip_fallback_url }}"
dest: "/opt/get-pip.py"
force: "yes"
validate_certs: "yes"
when: get_pip | failed
register: get_pip_fallback
until: get_pip_fallback | success
retries: 5
delay: 2
tags:
- pip-install-script
- pip-install
- name: Install PIP
shell: "python /opt/get-pip.py {{ pip_get_pip_options }}"
ignore_errors: true
register: pip_install
until: pip_install | success
retries: 3
delay: 2
tags:
- pip-install
- name: Install PIP (fall back mode)
shell: "python /opt/get-pip.py --isolated"
when: pip_install.rc != 0
register: pip_install_fall_back
until: pip_install_fall_back | success
retries: 3
delay: 2
tags:
- pip-install

View File

@ -1,103 +0,0 @@
OpenStack install python from git
#################################
:tags: openstack, pip, git, cloud, ansible
:category: \*nix
contributor guidelines
^^^^^^^^^^^^^^^^^^^^^^
Filing Bugs
-----------
Bugs should be filed on Launchpad, not GitHub:
"https://bugs.launchpad.net/openstack-ansible"
When submitting a bug, or working on a bug, please ensure the following
criteria are met:
* The description clearly states or describes the original problem or root
cause of the problem.
* Include historical information on how the problem was identified.
* Any relevant logs are included.
* The provided information should be totally self-contained. External access to
web services/sites should not be needed.
* Steps to reproduce the problem if possible.
Submitting Code
---------------
Changes to the project should be submitted for review via the Gerrit tool,
following the workflow documented at:
"http://docs.openstack.org/infra/manual/developers.html#development-workflow"
Pull requests submitted through GitHub will be ignored and closed without
regard.
Extra
-----
Tags:
If it's a bug that needs fixing in a branch in addition to Master, add a
'\<release\>-backport-potential' tag (eg ``juno-backport-potential``).
There are predefined tags that will autocomplete.
Status:
Please leave this alone, it should be New till someone triages the issue.
Importance:
Should only be touched if it is a Blocker/Gating issue. If it is, please
set to High, and only use Critical if you have found a bug that can take
down whole infrastructures.
Style guide
-----------
When creating tasks and other roles for use in Ansible please create then using
the YAML dictionary format.
Example YAML dictionary format:
.. code-block:: yaml
- name: The name of the tasks
module_name:
thing1: "some-stuff"
thing2: "some-other-stuff"
tags:
- some-tag
- some-other-tag
Example **NOT** in YAML dictionary format:
.. code-block:: yaml
- name: The name of the tasks
module_name: thing1="some-stuff" thing2="some-other-stuff"
tags:
- some-tag
- some-other-tag
Usage of the ">" and "|" operators should be limited to Ansible conditionals
and command modules such as the ansible ``shell`` module.
Issues
------
When submitting an issue, or working on an issue please ensure the following
criteria are met:
* The description clearly states or describes the original problem or root
cause of the problem.
* Include historical information on how the problem was identified.
* Any relevant logs are included.
* If the issue is a bug that needs fixing in a branch other than Master, add
the backport potential tag TO THE ISSUE (not the PR).
* The provided information should be totally self-contained. External access to
web services/sites should not be needed.
* If the issue is needed for a hotfix release, add the 'expedite' label.
* Steps to reproduce the problem if possible.

View File

@ -1,202 +0,0 @@
Apache License
Version 2.0, January 2004
http://www.apache.org/licenses/
TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
1. Definitions.
"License" shall mean the terms and conditions for use, reproduction,
and distribution as defined by Sections 1 through 9 of this document.
"Licensor" shall mean the copyright owner or entity authorized by
the copyright owner that is granting the License.
"Legal Entity" shall mean the union of the acting entity and all
other entities that control, are controlled by, or are under common
control with that entity. For the purposes of this definition,
"control" means (i) the power, direct or indirect, to cause the
direction or management of such entity, whether by contract or
otherwise, or (ii) ownership of fifty percent (50%) or more of the
outstanding shares, or (iii) beneficial ownership of such entity.
"You" (or "Your") shall mean an individual or Legal Entity
exercising permissions granted by this License.
"Source" form shall mean the preferred form for making modifications,
including but not limited to software source code, documentation
source, and configuration files.
"Object" form shall mean any form resulting from mechanical
transformation or translation of a Source form, including but
not limited to compiled object code, generated documentation,
and conversions to other media types.
"Work" shall mean the work of authorship, whether in Source or
Object form, made available under the License, as indicated by a
copyright notice that is included in or attached to the work
(an example is provided in the Appendix below).
"Derivative Works" shall mean any work, whether in Source or Object
form, that is based on (or derived from) the Work and for which the
editorial revisions, annotations, elaborations, or other modifications
represent, as a whole, an original work of authorship. For the purposes
of this License, Derivative Works shall not include works that remain
separable from, or merely link (or bind by name) to the interfaces of,
the Work and Derivative Works thereof.
"Contribution" shall mean any work of authorship, including
the original version of the Work and any modifications or additions
to that Work or Derivative Works thereof, that is intentionally
submitted to Licensor for inclusion in the Work by the copyright owner
or by an individual or Legal Entity authorized to submit on behalf of
the copyright owner. For the purposes of this definition, "submitted"
means any form of electronic, verbal, or written communication sent
to the Licensor or its representatives, including but not limited to
communication on electronic mailing lists, source code control systems,
and issue tracking systems that are managed by, or on behalf of, the
Licensor for the purpose of discussing and improving the Work, but
excluding communication that is conspicuously marked or otherwise
designated in writing by the copyright owner as "Not a Contribution."
"Contributor" shall mean Licensor and any individual or Legal Entity
on behalf of whom a Contribution has been received by Licensor and
subsequently incorporated within the Work.
2. Grant of Copyright License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
copyright license to reproduce, prepare Derivative Works of,
publicly display, publicly perform, sublicense, and distribute the
Work and such Derivative Works in Source or Object form.
3. Grant of Patent License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
(except as stated in this section) patent license to make, have made,
use, offer to sell, sell, import, and otherwise transfer the Work,
where such license applies only to those patent claims licensable
by such Contributor that are necessarily infringed by their
Contribution(s) alone or by combination of their Contribution(s)
with the Work to which such Contribution(s) was submitted. If You
institute patent litigation against any entity (including a
cross-claim or counterclaim in a lawsuit) alleging that the Work
or a Contribution incorporated within the Work constitutes direct
or contributory patent infringement, then any patent licenses
granted to You under this License for that Work shall terminate
as of the date such litigation is filed.
4. Redistribution. You may reproduce and distribute copies of the
Work or Derivative Works thereof in any medium, with or without
modifications, and in Source or Object form, provided that You
meet the following conditions:
(a) You must give any other recipients of the Work or
Derivative Works a copy of this License; and
(b) You must cause any modified files to carry prominent notices
stating that You changed the files; and
(c) You must retain, in the Source form of any Derivative Works
that You distribute, all copyright, patent, trademark, and
attribution notices from the Source form of the Work,
excluding those notices that do not pertain to any part of
the Derivative Works; and
(d) If the Work includes a "NOTICE" text file as part of its
distribution, then any Derivative Works that You distribute must
include a readable copy of the attribution notices contained
within such NOTICE file, excluding those notices that do not
pertain to any part of the Derivative Works, in at least one
of the following places: within a NOTICE text file distributed
as part of the Derivative Works; within the Source form or
documentation, if provided along with the Derivative Works; or,
within a display generated by the Derivative Works, if and
wherever such third-party notices normally appear. The contents
of the NOTICE file are for informational purposes only and
do not modify the License. You may add Your own attribution
notices within Derivative Works that You distribute, alongside
or as an addendum to the NOTICE text from the Work, provided
that such additional attribution notices cannot be construed
as modifying the License.
You may add Your own copyright statement to Your modifications and
may provide additional or different license terms and conditions
for use, reproduction, or distribution of Your modifications, or
for any such Derivative Works as a whole, provided Your use,
reproduction, and distribution of the Work otherwise complies with
the conditions stated in this License.
5. Submission of Contributions. Unless You explicitly state otherwise,
any Contribution intentionally submitted for inclusion in the Work
by You to the Licensor shall be under the terms and conditions of
this License, without any additional terms or conditions.
Notwithstanding the above, nothing herein shall supersede or modify
the terms of any separate license agreement you may have executed
with Licensor regarding such Contributions.
6. Trademarks. This License does not grant permission to use the trade
names, trademarks, service marks, or product names of the Licensor,
except as required for reasonable and customary use in describing the
origin of the Work and reproducing the content of the NOTICE file.
7. Disclaimer of Warranty. Unless required by applicable law or
agreed to in writing, Licensor provides the Work (and each
Contributor provides its Contributions) on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
implied, including, without limitation, any warranties or conditions
of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
PARTICULAR PURPOSE. You are solely responsible for determining the
appropriateness of using or redistributing the Work and assume any
risks associated with Your exercise of permissions under this License.
8. Limitation of Liability. In no event and under no legal theory,
whether in tort (including negligence), contract, or otherwise,
unless required by applicable law (such as deliberate and grossly
negligent acts) or agreed to in writing, shall any Contributor be
liable to You for damages, including any direct, indirect, special,
incidental, or consequential damages of any character arising as a
result of this License or out of the use or inability to use the
Work (including but not limited to damages for loss of goodwill,
work stoppage, computer failure or malfunction, or any and all
other commercial damages or losses), even if such Contributor
has been advised of the possibility of such damages.
9. Accepting Warranty or Additional Liability. While redistributing
the Work or Derivative Works thereof, You may choose to offer,
and charge a fee for, acceptance of support, warranty, indemnity,
or other liability obligations and/or rights consistent with this
License. However, in accepting such obligations, You may act only
on Your own behalf and on Your sole responsibility, not on behalf
of any other Contributor, and only if You agree to indemnify,
defend, and hold each Contributor harmless for any liability
incurred by, or claims asserted against, such Contributor by reason
of your accepting any such warranty or additional liability.
END OF TERMS AND CONDITIONS
APPENDIX: How to apply the Apache License to your work.
To apply the Apache License to your work, attach the following
boilerplate notice, with the fields enclosed by brackets "{}"
replaced with your own identifying information. (Don't include
the brackets!) The text should be enclosed in the appropriate
comment syntax for the file format. We also recommend that a
file or class name and description of purpose be included on the
same "printed page" as the copyright notice for easier
identification within third-party archives.
Copyright {yyyy} {name of copyright owner}
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.

View File

@ -1,18 +0,0 @@
OpenStack install python package from git
#########################################
:tags: openstack, pip, git, cloud, ansible
:category: \*nix
Role for installing a python package from a git repository.
.. code-block:: yaml
- name: Install python2 lxc
hosts: hosts
user: root
roles:
- { role: "py_from_git", tags: [ "lxc-libs" ] }
vars:
git_repo: "https://github.com/lxc/python2-lxc"
git_dest: "/opt/lxc_python2_{{ git_install_branch|replace('/', '_') }}"
git_install_branch: master

View File

@ -1,32 +0,0 @@
---
# Copyright 2014, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
galaxy_info:
author: rcbops
description: Install a python package from a git source
company: Rackspace
license: Apache2
min_ansible_version: 1.6.6
platforms:
- name: Ubuntu
versions:
- trusty
categories:
- cloud
- python
- development
- openstack
dependencies:
- pip_install

View File

@ -1,39 +0,0 @@
---
# Copyright 2014, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Get package from git
git:
repo: "{{ git_repo }}"
dest: "{{ git_dest }}"
version: "{{ git_install_branch }}"
force: yes
register: git_clone
until: git_clone|success
retries: 5
delay: 2
tags:
- git-clone
- name: Install pip packages
pip:
name: "{{ git_dest }}"
state: present
extra_args: "{{ pip_install_options|default('') }}"
register: install_packages
until: install_packages|success
retries: 5
delay: 2
tags:
- pip-install

View File

@ -1,103 +0,0 @@
OpenStack rsyslog server
########################
:tags: openstack, rsyslog, server, cloud, ansible
:category: \*nix
contributor guidelines
^^^^^^^^^^^^^^^^^^^^^^
Filing Bugs
-----------
Bugs should be filed on Launchpad, not GitHub:
"https://bugs.launchpad.net/openstack-ansible"
When submitting a bug, or working on a bug, please ensure the following
criteria are met:
* The description clearly states or describes the original problem or root
cause of the problem.
* Include historical information on how the problem was identified.
* Any relevant logs are included.
* The provided information should be totally self-contained. External access
to web services/sites should not be needed.
* Steps to reproduce the problem if possible.
Submitting Code
---------------
Changes to the project should be submitted for review via the Gerrit tool,
following the workflow documented at:
"http://docs.openstack.org/infra/manual/developers.html#development-workflow"
Pull requests submitted through GitHub will be ignored and closed without
regard.
Extra
-----
Tags:
If it's a bug that needs fixing in a branch in addition to Master, add a
'\<release\>-backport-potential' tag (eg ``juno-backport-potential``).
There are predefined tags that will autocomplete.
Status:
Please leave this alone, it should be New till someone triages the issue.
Importance:
Should only be touched if it is a Blocker/Gating issue. If it is, please
set to High, and only use Critical if you have found a bug that can take
down whole infrastructures.
Style guide
-----------
When creating tasks and other roles for use in Ansible please create then
using the YAML dictionary format.
Example YAML dictionary format:
.. code-block:: yaml
- name: The name of the tasks
module_name:
thing1: "some-stuff"
thing2: "some-other-stuff"
tags:
- some-tag
- some-other-tag
Example **NOT** in YAML dictionary format:
.. code-block:: yaml
- name: The name of the tasks
module_name: thing1="some-stuff" thing2="some-other-stuff"
tags:
- some-tag
- some-other-tag
Usage of the ">" and "|" operators should be limited to Ansible conditionals
and command modules such as the ansible ``shell`` module.
Issues
------
When submitting an issue, or working on an issue please ensure the following
criteria are met:
* The description clearly states or describes the original problem or root
cause of the problem.
* Include historical information on how the problem was identified.
* Any relevant logs are included.
* If the issue is a bug that needs fixing in a branch other than Master, add
the backport potential tag TO THE ISSUE (not the PR).
* The provided information should be totally self-contained. External access
to web services/sites should not be needed.
* If the issue is needed for a hotfix release, add the 'expedite' label.
* Steps to reproduce the problem if possible.

View File

@ -1,202 +0,0 @@
Apache License
Version 2.0, January 2004
http://www.apache.org/licenses/
TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
1. Definitions.
"License" shall mean the terms and conditions for use, reproduction,
and distribution as defined by Sections 1 through 9 of this document.
"Licensor" shall mean the copyright owner or entity authorized by
the copyright owner that is granting the License.
"Legal Entity" shall mean the union of the acting entity and all
other entities that control, are controlled by, or are under common
control with that entity. For the purposes of this definition,
"control" means (i) the power, direct or indirect, to cause the
direction or management of such entity, whether by contract or
otherwise, or (ii) ownership of fifty percent (50%) or more of the
outstanding shares, or (iii) beneficial ownership of such entity.
"You" (or "Your") shall mean an individual or Legal Entity
exercising permissions granted by this License.
"Source" form shall mean the preferred form for making modifications,
including but not limited to software source code, documentation
source, and configuration files.
"Object" form shall mean any form resulting from mechanical
transformation or translation of a Source form, including but
not limited to compiled object code, generated documentation,
and conversions to other media types.
"Work" shall mean the work of authorship, whether in Source or
Object form, made available under the License, as indicated by a
copyright notice that is included in or attached to the work
(an example is provided in the Appendix below).
"Derivative Works" shall mean any work, whether in Source or Object
form, that is based on (or derived from) the Work and for which the
editorial revisions, annotations, elaborations, or other modifications
represent, as a whole, an original work of authorship. For the purposes
of this License, Derivative Works shall not include works that remain
separable from, or merely link (or bind by name) to the interfaces of,
the Work and Derivative Works thereof.
"Contribution" shall mean any work of authorship, including
the original version of the Work and any modifications or additions
to that Work or Derivative Works thereof, that is intentionally
submitted to Licensor for inclusion in the Work by the copyright owner
or by an individual or Legal Entity authorized to submit on behalf of
the copyright owner. For the purposes of this definition, "submitted"
means any form of electronic, verbal, or written communication sent
to the Licensor or its representatives, including but not limited to
communication on electronic mailing lists, source code control systems,
and issue tracking systems that are managed by, or on behalf of, the
Licensor for the purpose of discussing and improving the Work, but
excluding communication that is conspicuously marked or otherwise
designated in writing by the copyright owner as "Not a Contribution."
"Contributor" shall mean Licensor and any individual or Legal Entity
on behalf of whom a Contribution has been received by Licensor and
subsequently incorporated within the Work.
2. Grant of Copyright License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
copyright license to reproduce, prepare Derivative Works of,
publicly display, publicly perform, sublicense, and distribute the
Work and such Derivative Works in Source or Object form.
3. Grant of Patent License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
(except as stated in this section) patent license to make, have made,
use, offer to sell, sell, import, and otherwise transfer the Work,
where such license applies only to those patent claims licensable
by such Contributor that are necessarily infringed by their
Contribution(s) alone or by combination of their Contribution(s)
with the Work to which such Contribution(s) was submitted. If You
institute patent litigation against any entity (including a
cross-claim or counterclaim in a lawsuit) alleging that the Work
or a Contribution incorporated within the Work constitutes direct
or contributory patent infringement, then any patent licenses
granted to You under this License for that Work shall terminate
as of the date such litigation is filed.
4. Redistribution. You may reproduce and distribute copies of the
Work or Derivative Works thereof in any medium, with or without
modifications, and in Source or Object form, provided that You
meet the following conditions:
(a) You must give any other recipients of the Work or
Derivative Works a copy of this License; and
(b) You must cause any modified files to carry prominent notices
stating that You changed the files; and
(c) You must retain, in the Source form of any Derivative Works
that You distribute, all copyright, patent, trademark, and
attribution notices from the Source form of the Work,
excluding those notices that do not pertain to any part of
the Derivative Works; and
(d) If the Work includes a "NOTICE" text file as part of its
distribution, then any Derivative Works that You distribute must
include a readable copy of the attribution notices contained
within such NOTICE file, excluding those notices that do not
pertain to any part of the Derivative Works, in at least one
of the following places: within a NOTICE text file distributed
as part of the Derivative Works; within the Source form or
documentation, if provided along with the Derivative Works; or,
within a display generated by the Derivative Works, if and
wherever such third-party notices normally appear. The contents
of the NOTICE file are for informational purposes only and
do not modify the License. You may add Your own attribution
notices within Derivative Works that You distribute, alongside
or as an addendum to the NOTICE text from the Work, provided
that such additional attribution notices cannot be construed
as modifying the License.
You may add Your own copyright statement to Your modifications and
may provide additional or different license terms and conditions
for use, reproduction, or distribution of Your modifications, or
for any such Derivative Works as a whole, provided Your use,
reproduction, and distribution of the Work otherwise complies with
the conditions stated in this License.
5. Submission of Contributions. Unless You explicitly state otherwise,
any Contribution intentionally submitted for inclusion in the Work
by You to the Licensor shall be under the terms and conditions of
this License, without any additional terms or conditions.
Notwithstanding the above, nothing herein shall supersede or modify
the terms of any separate license agreement you may have executed
with Licensor regarding such Contributions.
6. Trademarks. This License does not grant permission to use the trade
names, trademarks, service marks, or product names of the Licensor,
except as required for reasonable and customary use in describing the
origin of the Work and reproducing the content of the NOTICE file.
7. Disclaimer of Warranty. Unless required by applicable law or
agreed to in writing, Licensor provides the Work (and each
Contributor provides its Contributions) on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
implied, including, without limitation, any warranties or conditions
of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
PARTICULAR PURPOSE. You are solely responsible for determining the
appropriateness of using or redistributing the Work and assume any
risks associated with Your exercise of permissions under this License.
8. Limitation of Liability. In no event and under no legal theory,
whether in tort (including negligence), contract, or otherwise,
unless required by applicable law (such as deliberate and grossly
negligent acts) or agreed to in writing, shall any Contributor be
liable to You for damages, including any direct, indirect, special,
incidental, or consequential damages of any character arising as a
result of this License or out of the use or inability to use the
Work (including but not limited to damages for loss of goodwill,
work stoppage, computer failure or malfunction, or any and all
other commercial damages or losses), even if such Contributor
has been advised of the possibility of such damages.
9. Accepting Warranty or Additional Liability. While redistributing
the Work or Derivative Works thereof, You may choose to offer,
and charge a fee for, acceptance of support, warranty, indemnity,
or other liability obligations and/or rights consistent with this
License. However, in accepting such obligations, You may act only
on Your own behalf and on Your sole responsibility, not on behalf
of any other Contributor, and only if You agree to indemnify,
defend, and hold each Contributor harmless for any liability
incurred by, or claims asserted against, such Contributor by reason
of your accepting any such warranty or additional liability.
END OF TERMS AND CONDITIONS
APPENDIX: How to apply the Apache License to your work.
To apply the Apache License to your work, attach the following
boilerplate notice, with the fields enclosed by brackets "{}"
replaced with your own identifying information. (Don't include
the brackets!) The text should be enclosed in the appropriate
comment syntax for the file format. We also recommend that a
file or class name and description of purpose be included on the
same "printed page" as the copyright notice for easier
identification within third-party archives.
Copyright {yyyy} {name of copyright owner}
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.

View File

@ -1,14 +0,0 @@
OpenStack rsyslog client
########################
:tags: openstack, rsyslog, server, cloud, ansible
:category: \*nix
Role to deploy rsyslog for use within OpenStack.
.. code-block:: yaml
- name: Install rsyslog
hosts: rsyslog
user: root
roles:
- { role: "rsyslog_client", tags: [ "rsyslog-client" ] }

View File

@ -1,70 +0,0 @@
---
# Copyright 2014, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# rsyslog_client_apt_repos:
# - { repo: "ppa:adiscon/v8-stable", state: "present" }
rsyslog_client_apt_packages:
- rsyslog
- logrotate
rsyslog_client_spool_directory: /var/spool/rsyslog
# Set the `rsyslog_client_log_dir` variable in to override log file
# discovery process. This will force the logs from a given directory
# to be shipped using rsyslog.
# rsyslog_client_log_dir: /var/log/project
# Set the `rsyslog_client_log_files` variable in list format to skip
# log discovery all together and ship only log files that are explicitly
# stated.
# rsyslog_client_log_files:
# - /var/log/project/logfile1.log
# - /var/log/project/logfile2.log
# Name of the configuration file that will be used client side.
rsyslog_client_config_name: 99-rsyslog-client.conf
# provides UDP syslog reception
rsyslog_client_udp_reception: true
rsyslog_client_udp_port: 514
# provides TCP syslog reception
rsyslog_client_tcp_reception: false
rsyslog_client_tcp_port: 514
# Define the log files list as empty
rsyslog_client_log_files: []
rsyslog_client_log_rotate_file: os_aggregate_storage
# Set the `rsyslog_client_user_defined_targets` to define specific log targets.
# This option will allow you to define multiple log targets with different templates
# and options. The value of this variable is a list of hashes with the following
# required options: name, proto, port, hostname. This variable also has the following
# optional options: template, action_options. If you set `action_options` make sure you
# separate options inline with a ";".
## Example
# rsyslog_client_user_defined_targets:
# - name: "splunk1"
# proto: "tcp"
# port: "20000"
# hostname: "tcp.hostname.data.splunkstorm.com"
# - name: "loggly1"
# proto: "udp"
# port: "514"
# hostname: "logs-01.loggly.com"
# template: '$template LogglyFormat,"<%pri%>%protocol-version% %timestamp:::date-rfc3339% %HOSTNAME% %app-name% %procid% %msgid% [TOKEN@41058 tag=\"TAG\"] %msg%\n"'
# action_options: 'LogglyFormat'

View File

@ -1,16 +0,0 @@
auth,authpriv.* /var/log/auth.log
*.*;auth,authpriv.none -/var/log/syslog
cron.* /var/log/cron.log
daemon.* -/var/log/daemon.log
kern.* -/var/log/kern.log
lpr.* -/var/log/lpr.log
mail.* -/var/log/mail.log
user.* -/var/log/user.log
mail.err /var/log/mail.err
news.crit /var/log/news/news.crit
news.err /var/log/news/news.err
news.notice -/var/log/news/news.notice
*.emerg :omusrmsg:*

View File

@ -1,31 +0,0 @@
---
# Copyright 2014, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
galaxy_info:
author: rcbops
description: Rsyslog log client setup
company: Rackspace
license: Apache2
min_ansible_version: 1.6.6
platforms:
- name: Ubuntu
versions:
- trusty
categories:
- client
- rsyslog
- development
- openstack
dependencies: []

View File

@ -1,18 +0,0 @@
---
# Copyright 2014, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- include: rsyslog_client_pre_install.yml
- include: rsyslog_client_install.yml
- include: rsyslog_client_post_install.yml

View File

@ -1,50 +0,0 @@
---
# Copyright 2014, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Rsyslog apt repository
apt_repository:
repo: "{{ item.repo }}"
state: "{{ item.state }}"
with_items: rsyslog_client_apt_repos
when: rsyslog_client_apt_repos is defined
register: add_repos
until: add_repos|success
retries: 5
delay: 2
tags:
- rsyslog-client-apt-repositories
- name: Update apt sources
apt:
update_cache: yes
cache_valid_time: 600
register: apt_update
until: apt_update|success
retries: 5
delay: 2
tags:
- rsyslog-client-apt-packages
- name: Install rsyslog packages
apt:
pkg: "{{ item }}"
state: latest
register: install_packages
until: install_packages|success
retries: 5
delay: 2
with_items: rsyslog_client_apt_packages
tags:
- rsyslog-client-apt-packages

View File

@ -1,71 +0,0 @@
---
# Copyright 2014, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Stop rsyslog
service:
name: "rsyslog"
state: "stopped"
failed_when: false
tags:
- rsyslog-client-config
- name: Rsyslog Setup
copy:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
owner: "root"
group: "root"
with_items:
- { src: "50-default.conf", dest: "/etc/rsyslog.d/50-default.conf" }
tags:
- rsyslog-client-config
- name: Find all log files
shell: |
find -L '{{ rsyslog_client_log_dir }}' -type f -name '*.log'
register: log_files
when: >
rsyslog_client_log_dir is defined
tags:
- rsyslog-client-config
- name: Write rsyslog config for found log files
template:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
owner: "root"
group: "root"
with_items:
- { src: "99-rsyslog.conf.j2", dest: "/etc/rsyslog.d/{{ rsyslog_client_config_name }}" }
- { src: "os_aggregate_storage.j2", dest: "/etc/logrotate.d/{{ rsyslog_client_log_rotate_file }}" }
- { src: "rsyslog.conf.j2", dest: "/etc/rsyslog.conf" }
tags:
- rsyslog-client-config
- name: Configure logrotate to compress logs by default
lineinfile:
dest: /etc/logrotate.conf
regexp: "^#compress"
line: "compress"
backrefs: yes
tags:
- rsyslog-client-config
- name: Start rsyslog
service:
name: "rsyslog"
state: "started"
tags:
- rsyslog-client-config

View File

@ -1,23 +0,0 @@
---
# Copyright 2014, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Ensure ownership on working directory is correct
file:
path: "{{ rsyslog_client_spool_directory }}"
state: "directory"
owner: "syslog"
group: "adm"
tags:
- rsyslog-client-dirs

View File

@ -1,61 +0,0 @@
# {{ ansible_managed }}
{% if log_files is defined %}
{% set rsyslog_client_log_files = log_files.stdout_lines | union(rsyslog_client_log_files) %}
{% endif %}
$WorkDirectory {{ rsyslog_client_spool_directory }}
$template RFC3164fmt,"<%PRI%>%TIMESTAMP% %HOSTNAME% %syslogtag%%msg%"
{% if groups['rsyslog_all'] is defined and groups['rsyslog_all'] %}
# Log shipment rsyslog target servers
{% for server in groups['rsyslog_all'] %}
$ActionQueueFileName {{ server }}
$ActionQueueSaveOnShutdown on
$ActionQueueType LinkedList
$ActionResumeRetryCount 250
{% if rsyslog_client_tcp_reception == true %}
*.* @@{{ hostvars[server]['ansible_ssh_host'] }}:{{ rsyslog_client_tcp_port }};RFC3164fmt
{% endif %}
{% if rsyslog_client_udp_reception == true %}
*.* @{{ hostvars[server]['ansible_ssh_host'] }}:{{ rsyslog_client_udp_port }};RFC3164fmt
{% endif %}
{% endfor %}
{% endif %}
{% if rsyslog_client_user_defined_targets is defined %}
# Log shipment user defined target servers
{% for target in rsyslog_client_user_defined_targets %}
$ActionQueueFileName {{ target.name }}
$ActionQueueSaveOnShutdown on
$ActionQueueType LinkedList
$ActionResumeRetryCount 250
{% if target.template is defined %}
{{ target.template }}
{% endif %}
{% if target.proto == "udp" %}
{% set action_sting = '*.* @' %}
{% elif target.proto == "tcp" %}
{% set action_sting = '*.* @@' %}
{% endif %}
{% if target.action_options is defined %}
{{ action_sting }}{{ target.hostname }}:{{ target.port }};{{ target.action_options }}
{% else %}
{{ action_sting }}{{ target.hostname }}:{{ target.port }}
{% endif %}
{% endfor %}
{% endif %}
# Log files
{% for log_file in rsyslog_client_log_files %}
$InputFileName {{ log_file }}
$InputFileTag {{ log_file.split('.log')[0] | basename }}:
$InputFileStateFile state-{{ log_file.split('.log')[0] | basename }}
$InputFileFacility local7
$InputFilePollInterval 1
$InputFilePersistStateInterval 1
$InputRunFileMonitor
{% endfor %}

View File

@ -1,17 +0,0 @@
{% if log_files is defined %}
{% set rsyslog_client_log_files = log_files.stdout_lines | union(rsyslog_client_log_files) %}
{% endif %}
{% for log_file in rsyslog_client_log_files %}
{{ log_file }}
{% endfor %}
{
copytruncate
weekly
missingok
rotate 14
compress
dateext
maxage 60
notifempty
nocreate
}

View File

@ -1,43 +0,0 @@
#################
#### MODULES ####
#################
$ModLoad imuxsock # provides support for local system logging
$ModLoad imklog # provides kernel logging support
$ModLoad imfile
# Enable non-kernel facility klog messages
$KLogPermitNonKernelFacility on
###########################
#### GLOBAL DIRECTIVES ####
###########################
#
# Use traditional timestamp format.
# To enable high precision timestamps, comment out the following line.
#
$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat
# Filter duplicated messages
$RepeatedMsgReduction on
#
# Set the default permissions for all log files.
#
$FileOwner syslog
$FileGroup adm
$FileCreateMode 0640
$DirCreateMode 0755
$Umask 0022
$PrivDropToUser syslog
$PrivDropToGroup syslog
#
# Where to place spool and state files
#
$WorkDirectory {{ rsyslog_client_spool_directory }}
#
# Include all config files in /etc/rsyslog.d/
#
$IncludeConfig /etc/rsyslog.d/*.conf

View File

@ -27,7 +27,6 @@ export ANSIBLE_GIT_REPO=${ANSIBLE_GIT_REPO:-"https://github.com/ansible/ansible"
export ANSIBLE_ROLE_FILE=${ANSIBLE_ROLE_FILE:-"ansible-role-requirements.yml"}
export ANSIBLE_WORKING_DIR=${ANSIBLE_WORKING_DIR:-/opt/ansible_${ANSIBLE_GIT_RELEASE}}
export SSH_DIR=${SSH_DIR:-"/root/.ssh"}
export UPDATE_ANSIBLE_REQUIREMENTS=${UPDATE_ANSIBLE_REQUIREMENTS:-"yes"}
export DEBIAN_FRONTEND=${DEBIAN_FRONTEND:-"noninteractive"}
@ -85,10 +84,6 @@ pip2 install $PIP_OPTS "${ANSIBLE_WORKING_DIR}" || pip install $PIP_OPTS "${ANSI
# Update dependent roles
if [ -f "${ANSIBLE_ROLE_FILE}" ];then
# Update or create the roles manifest
if [ "${UPDATE_ANSIBLE_REQUIREMENTS}" == "yes" ];then
scripts/openstack-ansible-role-requirements.py --requirement-file ${ANSIBLE_ROLE_FILE} update
fi
# Pull all required roles.
ansible-galaxy install --role-file=${ANSIBLE_ROLE_FILE} \
--ignore-errors \