Remove the ansible.cfg file

The ansible.cfg file has been removed to allow a deployer to specify their
own configurations without having to modify the ansible.cfg file within the
playbooks directory.

Change-Id: I94a8647edd04c21c34f7892f3179a8aa66548ed3
Signed-off-by: Kevin Carter <kevin.carter@rackspace.com>
This commit is contained in:
Kevin Carter 2016-07-21 12:31:44 -05:00 committed by Jesse Pretorius (odyssey4me)
parent cebce0c020
commit 423c409a67
7 changed files with 73 additions and 41 deletions

View File

@ -1,31 +0,0 @@
[defaults]
# Set the role path
roles_path = /etc/ansible/roles:roles
retry_files_enabled = False
# Additional plugins
lookup_plugins = /etc/ansible/roles/plugins/lookup
filter_plugins = /etc/ansible/roles/plugins/filter
action_plugins = /etc/ansible/roles/plugins/action
library = /etc/ansible/roles/plugins/library
# Fact caching
gathering = smart
gather_subset = !facter,!ohai
fact_caching = jsonfile
fact_caching_connection = /etc/openstack_deploy/ansible_facts
fact_caching_timeout = 86400
inventory = inventory
host_key_checking = False
# Set color options
nocolor = 0
# SSH timeout
timeout = 6
transport = ssh
[ssh_connection]
pipelining = True

View File

@ -244,8 +244,10 @@ openrc_region_name: "{{ service_region }}"
# Docs: http://docs.openstack.org/developer/openstack-ansible-security/
apply_security_hardening: true
## Ansible ssh configuration
ansible_ssh_extra_args: >
-o UserKnownHostsFile=/dev/null
-o StrictHostKeyChecking=no
-o ServerAliveInterval=64
-o ServerAliveCountMax=1024
-o Compression=no

View File

@ -0,0 +1,17 @@
---
features:
- Our general config options are now stored in an
"/usr/local/bin/openstack-ansible.rc" file and will
be sourced when the "openstack-ansible" wrapper is
invoked. The RC file will read in BASH environment
variables and should any Ansible option be set that
overlaps with our defaults the provided value will
be used.
other:
- The in tree "ansible.cfg" file in the playbooks
directory has been removed. This file was making
compatibility difficult for deployers who need to
change these values. Additionally this files very
existance forced Ansible to ignore any other config
file in either a users home directory or in the
default "/etc/ansible" directory.

View File

@ -11,5 +11,6 @@ ndg-httpsclient>=0.4.2;python_version<'3.0' # BSD
netaddr!=0.7.16,>=0.7.12 # BSD
PrettyTable<0.8,>=0.7 # BSD
pycrypto>=2.6 # Public Domain
python-memcached>=1.56 # PSF
PyYAML>=3.1.0 # MIT
virtualenv # MIT

View File

@ -53,7 +53,7 @@ case ${DISTRO_ID} in
centos|rhel)
yum check-update
yum -y install git python2 curl autoconf gcc-c++ \
python2-devel gcc libffi-devel openssl-devel python-requests \
python2-devel gcc libffi-devel nc openssl-devel python-requests \
python-pyasn1 pyOpenSSL python-ndg_httpsclient \
python-netaddr python-prettytable python-crypto PyYAML \
python-virtualenv
@ -62,7 +62,7 @@ case ${DISTRO_ID} in
apt-get update
DEBIAN_FRONTEND=noninteractive apt-get -y install \
git python-all python-dev curl python2.7-dev build-essential \
libssl-dev libffi-dev python-requests python-openssl python-pyasn1 \
libssl-dev libffi-dev netcat python-requests python-openssl python-pyasn1 \
python-netaddr python-prettytable python-crypto python-yaml \
python-virtualenv
;;
@ -130,6 +130,11 @@ if [ -f "${ANSIBLE_ROLE_FILE}" ]; then
fi
fi
# Copy the OSA Ansible rc file into place
if [[ ! -f "/usr/local/bin/openstack-ansible.rc" ]]; then
cp scripts/openstack-ansible.rc /usr/local/bin/openstack-ansible.rc
fi
# Create openstack ansible wrapper tool
cat > /usr/local/bin/openstack-ansible <<EOF
#!/usr/bin/env bash
@ -164,7 +169,7 @@ VAR1="\$(for i in \$(ls /etc/openstack_deploy/user_*.yml); do echo -ne "-e @\$i
info "Variable files: \"\${VAR1}\""
# Run the ansible playbook command.
\$(which ansible-playbook) \${VAR1} \$@
. /usr/local/bin/openstack-ansible.rc && \$(which ansible-playbook) \${VAR1} \$@
EOF
# Ensure wrapper tool is executable

View File

@ -70,7 +70,6 @@ iptables -P OUTPUT ACCEPT
# Bootstrap an AIO
pushd "$(dirname "${0}")/../tests"
sed -i '/\[defaults\]/a nocolor = 1/' ansible.cfg
ansible-playbook -i test-inventory.ini \
-e "${BOOTSTRAP_OPTS}" \
${ANSIBLE_PARAMETERS} \
@ -85,14 +84,11 @@ ln -sf /openstack/log "$(dirname "${0}")/../logs"
pushd "$(dirname "${0}")/../playbooks"
# Disable Ansible color output
sed -i 's/nocolor.*/nocolor = 1/' ansible.cfg
export ANSIBLE_NOCOLOR=1
# Create ansible logging directory and add in a log file entry into ansible.cfg
# Create ansible logging directory and add in a log file export
mkdir -p /openstack/log/ansible-logging
sed -i '/\[defaults\]/a log_path = /openstack/log/ansible-logging/ansible.log' ansible.cfg
# Enable callback plugins
sed -i 's/^callback_whitelist.*/callback_whitelist = "profile_tasks,human_log"/g' ansible.cfg
export ANSIBLE_LOG_PATH="/openstack/log/ansible-logging/ansible.log"
popd
# Log some data about the instance and the rest of the system

View File

@ -0,0 +1,42 @@
# Copyright 2016, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
export ANSIBLE_RETRY_FILES_ENABLED="${ANSIBLE_RETRY_FILES_ENABLED:-False}"
export ANSIBLE_INVENTORY="${ANSIBLE_INVENTORY:-inventory}"
export ANSIBLE_LOG_PATH="${ANSIBLE_LOG_PATH:-/openstack/log/ansible-logging/ansible.log}"
export ANSIBLE_ROLES_PATH="${ANSIBLE_ROLES_PATH:-/etc/ansible/roles:roles}"
export ANSIBLE_LIBRARY="${ANSIBLE_LIBRARY:-/etc/ansible/roles/plugins/library}"
export ANSIBLE_LOOKUP_PLUGINS="${ANSIBLE_LOOKUP_PLUGINS:-/etc/ansible/roles/plugins/lookup}"
export ANSIBLE_FILTER_PLUGINS="${ANSIBLE_FILTER_PLUGINS:-/etc/ansible/roles/plugins/filter}"
export ANSIBLE_ACTION_PLUGINS="${ANSIBLE_ACTION_PLUGINS:-/etc/ansible/roles/plugins/action}"
export ANSIBLE_CALLBACK_PLUGINS="${ANSIBLE_CALLBACK_PLUGINS:-/etc/ansible/roles/plugins/callback}"
export ANSIBLE_GATHERING="${ANSIBLE_GATHERING:-smart}"
export ANSIBLE_CACHE_PLUGIN="${ANSIBLE_CACHE_PLUGIN:-jsonfile}"
export ANSIBLE_CACHE_PLUGIN_CONNECTION="${ANSIBLE_CACHE_PLUGIN_CONNECTION:-/etc/openstack_deploy/ansible_facts}"
export ANSIBLE_CACHE_PLUGIN_TIMEOUT="${ANSIBLE_CACHE_PLUGIN_TIMEOUT:-86400}"
if [[ "${ANSIBLE_CACHE_PLUGIN}" == "memcached" ]];then
if ! echo stats | nc -w 1 $(echo ${ANSIBLE_CACHE_PLUGIN_CONNECTION}|awk -F',' '{print $1}'|sed 's/:/ /') > /dev/null; then
export ANSIBLE_CACHE_PLUGIN="memory"
fi
fi
export ANSIBLE_HOST_KEY_CHECKING="${ANSIBLE_HOST_KEY_CHECKING:-False}"
export ANSIBLE_TIMEOUT="${ANSIBLE_TIMEOUT:-5}"
export ANSIBLE_TRANSPORT="${ANSIBLE_TRANSPORT:-ssh}"
export ANSIBLE_SSH_PIPELINING="${ANSIBLE_SSH_PIPELINING:-True}"