Remove the ansible.cfg file
The ansible.cfg file has been removed to allow a deployer to specify their own configurations without having to modify the ansible.cfg file within the playbooks directory. Change-Id: I94a8647edd04c21c34f7892f3179a8aa66548ed3 Signed-off-by: Kevin Carter <kevin.carter@rackspace.com>
This commit is contained in:
parent
cebce0c020
commit
423c409a67
|
@ -1,31 +0,0 @@
|
||||||
[defaults]
|
|
||||||
# Set the role path
|
|
||||||
roles_path = /etc/ansible/roles:roles
|
|
||||||
retry_files_enabled = False
|
|
||||||
|
|
||||||
# Additional plugins
|
|
||||||
lookup_plugins = /etc/ansible/roles/plugins/lookup
|
|
||||||
filter_plugins = /etc/ansible/roles/plugins/filter
|
|
||||||
action_plugins = /etc/ansible/roles/plugins/action
|
|
||||||
|
|
||||||
library = /etc/ansible/roles/plugins/library
|
|
||||||
|
|
||||||
# Fact caching
|
|
||||||
gathering = smart
|
|
||||||
gather_subset = !facter,!ohai
|
|
||||||
fact_caching = jsonfile
|
|
||||||
fact_caching_connection = /etc/openstack_deploy/ansible_facts
|
|
||||||
fact_caching_timeout = 86400
|
|
||||||
|
|
||||||
inventory = inventory
|
|
||||||
host_key_checking = False
|
|
||||||
|
|
||||||
# Set color options
|
|
||||||
nocolor = 0
|
|
||||||
|
|
||||||
# SSH timeout
|
|
||||||
timeout = 6
|
|
||||||
transport = ssh
|
|
||||||
|
|
||||||
[ssh_connection]
|
|
||||||
pipelining = True
|
|
|
@ -244,8 +244,10 @@ openrc_region_name: "{{ service_region }}"
|
||||||
# Docs: http://docs.openstack.org/developer/openstack-ansible-security/
|
# Docs: http://docs.openstack.org/developer/openstack-ansible-security/
|
||||||
apply_security_hardening: true
|
apply_security_hardening: true
|
||||||
|
|
||||||
|
## Ansible ssh configuration
|
||||||
ansible_ssh_extra_args: >
|
ansible_ssh_extra_args: >
|
||||||
-o UserKnownHostsFile=/dev/null
|
-o UserKnownHostsFile=/dev/null
|
||||||
|
-o StrictHostKeyChecking=no
|
||||||
-o ServerAliveInterval=64
|
-o ServerAliveInterval=64
|
||||||
-o ServerAliveCountMax=1024
|
-o ServerAliveCountMax=1024
|
||||||
-o Compression=no
|
-o Compression=no
|
||||||
|
|
|
@ -0,0 +1,17 @@
|
||||||
|
---
|
||||||
|
features:
|
||||||
|
- Our general config options are now stored in an
|
||||||
|
"/usr/local/bin/openstack-ansible.rc" file and will
|
||||||
|
be sourced when the "openstack-ansible" wrapper is
|
||||||
|
invoked. The RC file will read in BASH environment
|
||||||
|
variables and should any Ansible option be set that
|
||||||
|
overlaps with our defaults the provided value will
|
||||||
|
be used.
|
||||||
|
other:
|
||||||
|
- The in tree "ansible.cfg" file in the playbooks
|
||||||
|
directory has been removed. This file was making
|
||||||
|
compatibility difficult for deployers who need to
|
||||||
|
change these values. Additionally this files very
|
||||||
|
existance forced Ansible to ignore any other config
|
||||||
|
file in either a users home directory or in the
|
||||||
|
default "/etc/ansible" directory.
|
|
@ -11,5 +11,6 @@ ndg-httpsclient>=0.4.2;python_version<'3.0' # BSD
|
||||||
netaddr!=0.7.16,>=0.7.12 # BSD
|
netaddr!=0.7.16,>=0.7.12 # BSD
|
||||||
PrettyTable<0.8,>=0.7 # BSD
|
PrettyTable<0.8,>=0.7 # BSD
|
||||||
pycrypto>=2.6 # Public Domain
|
pycrypto>=2.6 # Public Domain
|
||||||
|
python-memcached>=1.56 # PSF
|
||||||
PyYAML>=3.1.0 # MIT
|
PyYAML>=3.1.0 # MIT
|
||||||
virtualenv # MIT
|
virtualenv # MIT
|
||||||
|
|
|
@ -53,7 +53,7 @@ case ${DISTRO_ID} in
|
||||||
centos|rhel)
|
centos|rhel)
|
||||||
yum check-update
|
yum check-update
|
||||||
yum -y install git python2 curl autoconf gcc-c++ \
|
yum -y install git python2 curl autoconf gcc-c++ \
|
||||||
python2-devel gcc libffi-devel openssl-devel python-requests \
|
python2-devel gcc libffi-devel nc openssl-devel python-requests \
|
||||||
python-pyasn1 pyOpenSSL python-ndg_httpsclient \
|
python-pyasn1 pyOpenSSL python-ndg_httpsclient \
|
||||||
python-netaddr python-prettytable python-crypto PyYAML \
|
python-netaddr python-prettytable python-crypto PyYAML \
|
||||||
python-virtualenv
|
python-virtualenv
|
||||||
|
@ -62,7 +62,7 @@ case ${DISTRO_ID} in
|
||||||
apt-get update
|
apt-get update
|
||||||
DEBIAN_FRONTEND=noninteractive apt-get -y install \
|
DEBIAN_FRONTEND=noninteractive apt-get -y install \
|
||||||
git python-all python-dev curl python2.7-dev build-essential \
|
git python-all python-dev curl python2.7-dev build-essential \
|
||||||
libssl-dev libffi-dev python-requests python-openssl python-pyasn1 \
|
libssl-dev libffi-dev netcat python-requests python-openssl python-pyasn1 \
|
||||||
python-netaddr python-prettytable python-crypto python-yaml \
|
python-netaddr python-prettytable python-crypto python-yaml \
|
||||||
python-virtualenv
|
python-virtualenv
|
||||||
;;
|
;;
|
||||||
|
@ -130,6 +130,11 @@ if [ -f "${ANSIBLE_ROLE_FILE}" ]; then
|
||||||
fi
|
fi
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
# Copy the OSA Ansible rc file into place
|
||||||
|
if [[ ! -f "/usr/local/bin/openstack-ansible.rc" ]]; then
|
||||||
|
cp scripts/openstack-ansible.rc /usr/local/bin/openstack-ansible.rc
|
||||||
|
fi
|
||||||
|
|
||||||
# Create openstack ansible wrapper tool
|
# Create openstack ansible wrapper tool
|
||||||
cat > /usr/local/bin/openstack-ansible <<EOF
|
cat > /usr/local/bin/openstack-ansible <<EOF
|
||||||
#!/usr/bin/env bash
|
#!/usr/bin/env bash
|
||||||
|
@ -164,7 +169,7 @@ VAR1="\$(for i in \$(ls /etc/openstack_deploy/user_*.yml); do echo -ne "-e @\$i
|
||||||
info "Variable files: \"\${VAR1}\""
|
info "Variable files: \"\${VAR1}\""
|
||||||
|
|
||||||
# Run the ansible playbook command.
|
# Run the ansible playbook command.
|
||||||
\$(which ansible-playbook) \${VAR1} \$@
|
. /usr/local/bin/openstack-ansible.rc && \$(which ansible-playbook) \${VAR1} \$@
|
||||||
EOF
|
EOF
|
||||||
|
|
||||||
# Ensure wrapper tool is executable
|
# Ensure wrapper tool is executable
|
||||||
|
|
|
@ -70,7 +70,6 @@ iptables -P OUTPUT ACCEPT
|
||||||
|
|
||||||
# Bootstrap an AIO
|
# Bootstrap an AIO
|
||||||
pushd "$(dirname "${0}")/../tests"
|
pushd "$(dirname "${0}")/../tests"
|
||||||
sed -i '/\[defaults\]/a nocolor = 1/' ansible.cfg
|
|
||||||
ansible-playbook -i test-inventory.ini \
|
ansible-playbook -i test-inventory.ini \
|
||||||
-e "${BOOTSTRAP_OPTS}" \
|
-e "${BOOTSTRAP_OPTS}" \
|
||||||
${ANSIBLE_PARAMETERS} \
|
${ANSIBLE_PARAMETERS} \
|
||||||
|
@ -85,14 +84,11 @@ ln -sf /openstack/log "$(dirname "${0}")/../logs"
|
||||||
|
|
||||||
pushd "$(dirname "${0}")/../playbooks"
|
pushd "$(dirname "${0}")/../playbooks"
|
||||||
# Disable Ansible color output
|
# Disable Ansible color output
|
||||||
sed -i 's/nocolor.*/nocolor = 1/' ansible.cfg
|
export ANSIBLE_NOCOLOR=1
|
||||||
|
|
||||||
# Create ansible logging directory and add in a log file entry into ansible.cfg
|
# Create ansible logging directory and add in a log file export
|
||||||
mkdir -p /openstack/log/ansible-logging
|
mkdir -p /openstack/log/ansible-logging
|
||||||
sed -i '/\[defaults\]/a log_path = /openstack/log/ansible-logging/ansible.log' ansible.cfg
|
export ANSIBLE_LOG_PATH="/openstack/log/ansible-logging/ansible.log"
|
||||||
|
|
||||||
# Enable callback plugins
|
|
||||||
sed -i 's/^callback_whitelist.*/callback_whitelist = "profile_tasks,human_log"/g' ansible.cfg
|
|
||||||
popd
|
popd
|
||||||
|
|
||||||
# Log some data about the instance and the rest of the system
|
# Log some data about the instance and the rest of the system
|
||||||
|
|
|
@ -0,0 +1,42 @@
|
||||||
|
# Copyright 2016, Rackspace US, Inc.
|
||||||
|
#
|
||||||
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
# you may not use this file except in compliance with the License.
|
||||||
|
# You may obtain a copy of the License at
|
||||||
|
#
|
||||||
|
# http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
#
|
||||||
|
# Unless required by applicable law or agreed to in writing, software
|
||||||
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
# See the License for the specific language governing permissions and
|
||||||
|
# limitations under the License.
|
||||||
|
|
||||||
|
export ANSIBLE_RETRY_FILES_ENABLED="${ANSIBLE_RETRY_FILES_ENABLED:-False}"
|
||||||
|
|
||||||
|
export ANSIBLE_INVENTORY="${ANSIBLE_INVENTORY:-inventory}"
|
||||||
|
|
||||||
|
export ANSIBLE_LOG_PATH="${ANSIBLE_LOG_PATH:-/openstack/log/ansible-logging/ansible.log}"
|
||||||
|
export ANSIBLE_ROLES_PATH="${ANSIBLE_ROLES_PATH:-/etc/ansible/roles:roles}"
|
||||||
|
|
||||||
|
export ANSIBLE_LIBRARY="${ANSIBLE_LIBRARY:-/etc/ansible/roles/plugins/library}"
|
||||||
|
export ANSIBLE_LOOKUP_PLUGINS="${ANSIBLE_LOOKUP_PLUGINS:-/etc/ansible/roles/plugins/lookup}"
|
||||||
|
export ANSIBLE_FILTER_PLUGINS="${ANSIBLE_FILTER_PLUGINS:-/etc/ansible/roles/plugins/filter}"
|
||||||
|
export ANSIBLE_ACTION_PLUGINS="${ANSIBLE_ACTION_PLUGINS:-/etc/ansible/roles/plugins/action}"
|
||||||
|
export ANSIBLE_CALLBACK_PLUGINS="${ANSIBLE_CALLBACK_PLUGINS:-/etc/ansible/roles/plugins/callback}"
|
||||||
|
|
||||||
|
export ANSIBLE_GATHERING="${ANSIBLE_GATHERING:-smart}"
|
||||||
|
export ANSIBLE_CACHE_PLUGIN="${ANSIBLE_CACHE_PLUGIN:-jsonfile}"
|
||||||
|
export ANSIBLE_CACHE_PLUGIN_CONNECTION="${ANSIBLE_CACHE_PLUGIN_CONNECTION:-/etc/openstack_deploy/ansible_facts}"
|
||||||
|
export ANSIBLE_CACHE_PLUGIN_TIMEOUT="${ANSIBLE_CACHE_PLUGIN_TIMEOUT:-86400}"
|
||||||
|
|
||||||
|
if [[ "${ANSIBLE_CACHE_PLUGIN}" == "memcached" ]];then
|
||||||
|
if ! echo stats | nc -w 1 $(echo ${ANSIBLE_CACHE_PLUGIN_CONNECTION}|awk -F',' '{print $1}'|sed 's/:/ /') > /dev/null; then
|
||||||
|
export ANSIBLE_CACHE_PLUGIN="memory"
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
|
export ANSIBLE_HOST_KEY_CHECKING="${ANSIBLE_HOST_KEY_CHECKING:-False}"
|
||||||
|
export ANSIBLE_TIMEOUT="${ANSIBLE_TIMEOUT:-5}"
|
||||||
|
export ANSIBLE_TRANSPORT="${ANSIBLE_TRANSPORT:-ssh}"
|
||||||
|
export ANSIBLE_SSH_PIPELINING="${ANSIBLE_SSH_PIPELINING:-True}"
|
Loading…
Reference in New Issue