openstack/openstack-ansible
Code Issues Proposed changes

Skip host pip installs for ansible bootstrap

Browse Source 
The requirements.txt contents do not need to be
installed on to the host. The majority of the
requirements are for ansible, or for release
and management tooling which needs to use the
Ansible runtime venv.

Rather than forcing the installation of pip on
the host, we only install virtualenv via distro
packages (where possible). With virtualenv in
place we can create the runtime venv and install
pip, etc and all requirements into there.

Doing this keeps the system python libraries as
clean as possible, preventing clashes with other
packages (eg: ceph) which try to install other
python libraries which conflict on CentOS.

Change-Id: I0db786645c11649764680697518c97ddf9610cfa
This commit is contained in:
Jesse Pretorius
2017-09-12 07:18:27 -06:00
parent 9b9dde4745
commit b95eafb0ee
4 changed files with 39 additions and 23 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
deploy-guide/source/configure.rst
View File

@@ -183,8 +183,8 @@ values for the variables in each file that contains service credentials:
.. code-block:: shell-session .. code-block:: shell-session
# cd /opt/openstack-ansible/scripts # cd /opt/openstack-ansible
# python pw-token-gen.py --file /etc/openstack_deploy/user_secrets.yml # ./scripts/pw-token-gen.py --file /etc/openstack_deploy/user_secrets.yml
To regenerate existing passwords, add the ``--regen`` flag. To regenerate existing passwords, add the ``--regen`` flag.

2
osa_toolkit/manage.py
View File

@@ -1,4 +1,4 @@
#!/usr/bin/env python #!/opt/ansible-runtime/bin/python
# #
# Copyright 2014, Rackspace US, Inc. # Copyright 2014, Rackspace US, Inc.
# #

34
scripts/bootstrap-ansible.sh
View File

@@ -67,6 +67,10 @@ case ${DISTRO_ID} in
python2 python2-devel \ python2 python2-devel \
openssl-devel libffi-devel \ openssl-devel libffi-devel \
libselinux-python libselinux-python
# CentOS base does not include a recent
# enough version of virtualenv or pip,
# so we do not bother trying to install
# them.
;; ;;
ubuntu) ubuntu)
apt-get update apt-get update
@@ -75,12 +79,14 @@ case ${DISTRO_ID} in
python-minimal python-dev \ python-minimal python-dev \
python3 python3-dev \ python3 python3-dev \
libssl-dev libffi-dev \ libssl-dev libffi-dev \
python-apt python3-apt python-apt python3-apt \
python-virtualenv
;; ;;
opensuse) opensuse)
zypper -n install -l git-core curl autoconf gcc gcc-c++ \ zypper -n install -l git-core curl autoconf gcc gcc-c++ \
netcat-openbsd python python-xml python-devel gcc \ netcat-openbsd python python-xml python-devel gcc \
libffi-devel libopenssl-devel python-pip libffi-devel libopenssl-devel \
python-virtualenv
# Leap ships with python3.4 which is not supported by ansible and as # Leap ships with python3.4 which is not supported by ansible and as
# such we are using python2 # such we are using python2
# See https://github.com/ansible/ansible/issues/24180 # See https://github.com/ansible/ansible/issues/24180
@@ -108,24 +114,34 @@ UPPER_CONSTRAINTS_PROTO=$([ "$PYTHON_VERSION" == $(echo -e "$PYTHON_VERSION\n2.7
# Set the location of the constraints to use for all pip installations # Set the location of the constraints to use for all pip installations
export UPPER_CONSTRAINTS_FILE=${UPPER_CONSTRAINTS_FILE:-"$UPPER_CONSTRAINTS_PROTO://git.openstack.org/cgit/openstack/requirements/plain/upper-constraints.txt?id=$(awk '/requirements_git_install_branch:/ {print $2}' playbooks/defaults/repo_packages/openstack_services.yml)"} export UPPER_CONSTRAINTS_FILE=${UPPER_CONSTRAINTS_FILE:-"$UPPER_CONSTRAINTS_PROTO://git.openstack.org/cgit/openstack/requirements/plain/upper-constraints.txt?id=$(awk '/requirements_git_install_branch:/ {print $2}' playbooks/defaults/repo_packages/openstack_services.yml)"}
# Install virtualenv if it is not already installed,
# but also make sure it is at least version 13.x or above
# so that it supports using the no-pip, no-setuptools
# and no-wheels options (the last one was added in v13.0.0).
VIRTUALENV_VERSION=$(virtualenv --version 2>/dev/null | cut -d. -f1)
if [[ "${VIRTUALENV_VERSION}" -lt "13" ]]; then
# Install pip on the host if it is not already installed, # Install pip on the host if it is not already installed,
# but also make sure that it is at least version 9.x or above. # but also make sure that it is at least version 7.x or above
# so that it supports the use of the constraint option which
# was added in pip 7.1.
PIP_VERSION=$(pip --version 2>/dev/null | awk '{print $2}' | cut -d. -f1) PIP_VERSION=$(pip --version 2>/dev/null | awk '{print $2}' | cut -d. -f1)
if [[ "${PIP_VERSION}" -lt "9" ]]; then if [[ "${PIP_VERSION}" -lt "7" ]]; then
get_pip ${PYTHON_EXEC_PATH} get_pip ${PYTHON_EXEC_PATH}
# Ensure that our shell knows about the new pip # Ensure that our shell knows about the new pip
hash -r pip hash -r pip
fi fi
# Install the requirements for the various python scripts
# on to the host, including virtualenv.
pip install ${PIP_OPTS} \ pip install ${PIP_OPTS} \
--requirement requirements.txt \
--constraint ${UPPER_CONSTRAINTS_FILE} \ --constraint ${UPPER_CONSTRAINTS_FILE} \
virtualenv \
|| pip install ${PIP_OPTS} \ || pip install ${PIP_OPTS} \
--requirement requirements.txt \
--constraint ${UPPER_CONSTRAINTS_FILE} \ --constraint ${UPPER_CONSTRAINTS_FILE} \
--isolated --isolated \
virtualenv
# Ensure that our shell knows about the new pip
hash -r virtualenv
fi
# Create a Virtualenv for the Ansible runtime # Create a Virtualenv for the Ansible runtime
if [ -f "/opt/ansible-runtime/bin/python" ]; then if [ -f "/opt/ansible-runtime/bin/python" ]; then

2
scripts/pw-token-gen.py
View File

@@ -1,4 +1,4 @@
#!/usr/bin/env python #!/opt/ansible-runtime/bin/python
# Copyright 2014, Rackspace US, Inc. # Copyright 2014, Rackspace US, Inc.
# #
# Licensed under the Apache License, Version 2.0 (the "License"); # Licensed under the Apache License, Version 2.0 (the "License");