openstack
/
tripleo-ansible
Code Issues Proposed changes

Make tripleo_ceph_run_ansible handle change in remote_tmp 

Ansible's remote_tmp module changed in 2.9.10 [1] causing
the reported bug this patch addresses. The error from the
module suggests creating the remote_tmp dir with the correct
permissions. This patch does that within external_deploy_steps
by having tripleo-ansible create the remote_tmp dir accordingly
before running ceph-ansible (which uses that remote_tmp dir).

[1] https://github.com/ansible/ansible/issues/68218

Change-Id: I0350d5253571a2b0d12a0a2f25e5469c9d1fefe0
Closes-Bug: #1884816
This commit is contained in:
John Fulton 2020-06-23 23:54:59 +00:00 committed by Francesco Pantano
parent a8b7f43c3d
commit 1b440db7f6
No known key found for this signature in database
GPG Key ID: 799868C47301D458
2 changed files with 69 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

64
tripleo_ansible/roles/tripleo_ceph_run_ansible/tasks/create_ceph_ansible_remote_tmp.yml Normal file
View File

@ -0,0 +1,64 @@
---
# Copyright 2020 Red Hat, Inc.
# All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
- name: genereate create_ceph_ansible_remote_tmp playbook
copy:
dest: "{{ playbook_dir }}/ceph-ansible/create_ceph_ansible_remote_tmp.yml"
content: |
- hosts: all
gather_facts: no
tasks:
# Avoiding the following by creating directory owned by user who will
# SSH into nodes (not root). When root needs to write to this directory
# it will not have permission problems by definition. As per ansible:
# """
# Module remote_tmp /tmp/ceph_ansible_tmp did not exist and was created
# with a mode of 0700, this may cause issues when running as another user.
# To avoid this, create the remote_tmp dir with the correct permissions
# manually.
# """
- name: create ceph_ansible_remote_tmp on all nodes with necessary ownership
become: true
file:
path: "{{ ceph_ansible_remote_tmp }}"
owner: "{{ lookup('env','ANSIBLE_REMOTE_USER') | default('tripleo-admin', true) }}"
group: "{{ lookup('env','ANSIBLE_REMOTE_USER') | default('tripleo-admin', true) }}"
mode: "700"
state: directory
- name: build create_ceph_ansible_remote_tmp command as list
set_fact:
create_ceph_ansible_remote_tmp_list:
- ANSIBLE_LOG_PATH="{{ playbook_dir }}/ceph-ansible/create_ceph_ansible_remote_tmp.log"
- ANSIBLE_SSH_CONTROL_PATH_DIR="{{ playbook_dir }}/ceph-ansible/"
- ANSIBLE_CONFIG=/usr/share/ceph-ansible/ansible.cfg
- ANSIBLE_REMOTE_TEMP=/tmp/create_ceph_ansible_remote_tmp
- "{{ calling_ansible_environment_variables|join(' ') }}"
- "{{ ceph_ansible_environment_variables|join(' ') }}"
- ansible-playbook
- '{% if ceph_ansible_private_key_file is defined %}--private-key {{ ceph_ansible_private_key_file }}{% endif %}'
- '-i'
- '{{ playbook_dir }}/ceph-ansible/inventory.yml'
- '{% if ansible_python_interpreter is defined %}-e ansible_python_interpreter={{ ansible_python_interpreter }}{% endif %}'
- "{{ playbook_dir }}/ceph-ansible/create_ceph_ansible_remote_tmp.yml"
ceph_ansible_remote_tmp: '/tmp/ceph_ansible_tmp'
- name: run create_ceph_ansible_remote_tmp command
# needs become to be able to read the ssh private key
become: true
shell: "{{ create_ceph_ansible_remote_tmp_list|join(' ') }}"
tags:
- run_ceph_ansible

6
tripleo_ansible/roles/tripleo_ceph_run_ansible/tasks/main.yml
View File

@ -23,6 +23,10 @@
{{ ceph_ansible_playbooks_default|default(['/usr/share/ceph-ansible/site-container.yml.sample']) }} {{ ceph_ansible_playbooks_default|default(['/usr/share/ceph-ansible/site-container.yml.sample']) }}
{%- endif -%} {%- endif -%}
- import_tasks: create_ceph_ansible_remote_tmp.yml
vars:
ceph_ansible_remote_tmp: '/tmp/ceph_ansible_tmp'
- name: set ceph-ansible command list - name: set ceph-ansible command list
set_fact: set_fact:
ceph_ansible_command_list: ceph_ansible_command_list:
@ -33,7 +37,7 @@
- ANSIBLE_LOG_PATH="{{ playbook_dir }}/ceph-ansible/ceph_ansible_command.log" - ANSIBLE_LOG_PATH="{{ playbook_dir }}/ceph-ansible/ceph_ansible_command.log"
- ANSIBLE_LIBRARY=/usr/share/ceph-ansible/library/ - ANSIBLE_LIBRARY=/usr/share/ceph-ansible/library/
- ANSIBLE_CONFIG=/usr/share/ceph-ansible/ansible.cfg - ANSIBLE_CONFIG=/usr/share/ceph-ansible/ansible.cfg
- ANSIBLE_REMOTE_TEMP=/tmp/ceph_ansible_tmp - ANSIBLE_REMOTE_TEMP="{{ ceph_ansible_remote_tmp }}"
- ANSIBLE_FORKS=25 - ANSIBLE_FORKS=25
- ANSIBLE_GATHER_TIMEOUT=60 - ANSIBLE_GATHER_TIMEOUT=60
- ANSIBLE_CALLBACK_WHITELIST=profile_tasks - ANSIBLE_CALLBACK_WHITELIST=profile_tasks