openstack/openstack-ansible
Code Issues Proposed changes
Files
0cdaa5c039c67dd59243e16f0a7a0ca76aef15f8
openstack-ansible/scripts/bootstrap-ansible.sh
git-harry 6be15b8ddd Isolate Ansible bootstrap from repo servers 
On first deployment bootstrap-ansible.sh pulls its packages from PyPI.
On upgrade, when the deployment host is shared with a controller, a
pip.conf file exists to restrict pip to the packages hosted by the repo
containers. This causes bootstrap-ansible.sh to fail when the repo
server created by the previous version does not contain a compatible
version.

This commit adds the flag '--isolated' to allow the bootstrap process to
bypass the repo server.

To allow the pip command to fall back on using the isolated flag the
code is refactored to determine the version of pip prior to its use.

Change-Id: Ie9834eb55a689d6f74441cc78e34b62be5d82141
2016-05-09 15:17:07 +01:00

143 lines
5.2 KiB
Bash
Executable File
Raw Blame History

#!/usr/bin/env bash
# Copyright 2014, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
# (c) 2014, Kevin Carter <kevin.carter@rackspace.com>
## Shell Opts ----------------------------------------------------------------
set -e -u -x
## Vars ----------------------------------------------------------------------
export HTTP_PROXY=${HTTP_PROXY:-""}
export HTTPS_PROXY=${HTTPS_PROXY:-""}
export ANSIBLE_GIT_RELEASE=${ANSIBLE_GIT_RELEASE:-"v1.9.4-1"}
export ANSIBLE_GIT_REPO=${ANSIBLE_GIT_REPO:-"https://github.com/ansible/ansible"}
export ANSIBLE_ROLE_FILE=${ANSIBLE_ROLE_FILE:-"ansible-role-requirements.yml"}
export ANSIBLE_WORKING_DIR=${ANSIBLE_WORKING_DIR:-/opt/ansible_${ANSIBLE_GIT_RELEASE}}
export SSH_DIR=${SSH_DIR:-"/root/.ssh"}
export DEBIAN_FRONTEND=${DEBIAN_FRONTEND:-"noninteractive"}
## Functions -----------------------------------------------------------------
info_block "Checking for required libraries." 2> /dev/null ||
source $(dirname ${0})/scripts-library.sh ||
source scripts/scripts-library.sh
## Main ----------------------------------------------------------------------
info_block "Bootstrapping System with Ansible"
# Create the ssh dir if needed
ssh_key_create
# Install the base packages
if [[ $HOST_DISTRO =~ ^(Ubuntu|Debian) ]]; then
apt-get update && apt-get -y install git python-all python-dev curl python2.7-dev build-essential libssl-dev libffi-dev < /dev/null
elif [[ $HOST_DISTRO =~ ^(CentOS|Red Hat) ]]; then
yum check-update && yum -y install git python2 curl autoconf gcc-c++ python2-devel gcc libffi-devel openssl-devel
elif [[ $HOST_DISTRO =~ ^Fedora ]]; then
dnf -y install git python curl autoconf gcc-c++ python-devel gcc libffi-devel openssl-devel
fi
# If the working directory exists remove it
if [ -d "${ANSIBLE_WORKING_DIR}" ];then
rm -rf "${ANSIBLE_WORKING_DIR}"
fi
# Clone down the base ansible source
git clone "${ANSIBLE_GIT_REPO}" "${ANSIBLE_WORKING_DIR}"
pushd "${ANSIBLE_WORKING_DIR}"
git checkout "${ANSIBLE_GIT_RELEASE}"
git submodule update --init --recursive
popd
# Install pip
get_pip
# Ensure we use the HTTPS/HTTP proxy with pip if it is specified
PIP_OPTS=""
if [ -n "$HTTPS_PROXY" ]; then
PIP_OPTS="--proxy $HTTPS_PROXY"
elif [ -n "$HTTP_PROXY" ]; then
PIP_OPTS="--proxy $HTTP_PROXY"
fi
PIP_COMMAND=pip2
if [ ! $(which "$PIP_COMMAND") ]; then
PIP_COMMAND=pip
fi
# Install requirements if there are any
if [ -f "requirements.txt" ];then
# When upgrading there will already be a pip.conf file locking pip down to the repo server, in such cases it may be
# necessary to use --isolated because the repo server does not meet the specified requirements.
$PIP_COMMAND install $PIP_OPTS -r requirements.txt || $PIP_COMMAND install --isolated $PIP_OPTS -r requirements.txt
fi
# Install ansible
# When upgrading there will already be a pip.conf file locking pip down to the repo server, in such cases it may be
# necessary to use --isolated because the repo server does not meet the specified requirements.
$PIP_COMMAND install $PIP_OPTS "${ANSIBLE_WORKING_DIR}" || $PIP_COMMAND install --isolated $PIP_OPTS "${ANSIBLE_WORKING_DIR}"
# Update dependent roles
if [ -f "${ANSIBLE_ROLE_FILE}" ];then
# Pull all required roles.
ansible-galaxy install --role-file=${ANSIBLE_ROLE_FILE} \
--force
fi
# Create openstack ansible wrapper tool
cat > /usr/local/bin/openstack-ansible <<EOF
#!/usr/bin/env bash
# Copyright 2014, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
# (c) 2014, Kevin Carter <kevin.carter@rackspace.com>
# OpenStack wrapper tool to ease the use of ansible with multiple variable files.
export PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:${PATH}"
function info() {
echo -e "\e[0;35m\${@}\e[0m"
}
# Discover the variable files.
VAR1="\$(for i in \$(ls /etc/openstack_deploy/user_*.yml); do echo -ne "-e @\$i "; done)"
# Provide information on the discovered variables.
info "Variable files: \"\${VAR1}\""
# Run the ansible playbook command.
\$(which ansible-playbook) \${VAR1} \$@
EOF
# Ensure wrapper tool is executable
chmod +x /usr/local/bin/openstack-ansible
echo "openstack-ansible script created."
echo "System is bootstrapped and ready for use."
View Git Blame Copy Permalink