Browse Source

Make ceph-ansible working dir owned by tripleo-admin

The ceph-ansible tasks are now invoked with the tripleo-admin user,
which doesn't by default have write access to /var/lib/mistral, but it
does have sudo access.

This change makes /var/lib/mistral/overcloud/ceph-ansible be owned by
the tripleo-admin user so that subsequent tasks can write to that
directory.

Related-Bug: #1813832
Change-Id: I98bb38078be84cbda3e9a9e338af0d054dc53420
changes/86/636086/8
Steve Baker 3 years ago
committed by yatin
parent
commit
5ceb3c5ec7
  1. 9
      docker/services/ceph-ansible/ceph-base.yaml
  2. 2
      extraconfig/services/kubernetes-master.yaml
  3. 1
      zuul.d/layout.yaml

9
docker/services/ceph-ansible/ceph-base.yaml

@ -378,10 +378,13 @@ outputs:
set_fact:
blacklisted_hostnames: {get_param: DeploymentServerBlacklist}
- name: create ceph-ansible temp dirs
become: true
file:
path: "{{item}}"
path: "{{ item }}"
state: directory
owner: "{{ ansible_user }}"
with_items:
- "{{playbook_dir}}/ceph-ansible"
- "{{playbook_dir}}/ceph-ansible/group_vars"
- "{{playbook_dir}}/ceph-ansible/host_vars"
- "{{playbook_dir}}/ceph-ansible/fetch_dir"
@ -441,6 +444,7 @@ outputs:
content: |
- hosts: all
gather_facts: no
become: true
tasks:
- name: set nodes data
set_fact:
@ -460,6 +464,7 @@ outputs:
dest: "{{playbook_dir}}/ceph-ansible/host_vars/{% raw %}{{inventory_hostname}}{% endraw %}.yml"
- name: ceph_base_external_deploy_task
when: step == '2'
become: true
tags: ceph
block:
- name: run nodes-uuid
@ -467,6 +472,7 @@ outputs:
list_join:
- ' '
- - ANSIBLE_LOG_PATH="{{playbook_dir}}/ceph-ansible/nodes_uuid_command.log"
- - ANSIBLE_CONTROL_PATH_DIR="{{playbook_dir}}/ceph-ansible/"
- ANSIBLE_CONFIG="{{playbook_dir}}/ansible.cfg"
- ANSIBLE_REMOTE_TEMP=/tmp/nodes_uuid_tmp
- ansible-playbook
@ -500,6 +506,7 @@ outputs:
file:
path: "{{local_ceph_ansible_fetch_directory_backup}}"
state: directory
owner: "{{ ansible_user }}"
mode: 0700
when: local_backup_directory.stat.exists == False
- name: look for tarball of ceph-ansible fetch directory in local backup

2
extraconfig/services/kubernetes-master.yaml

@ -96,9 +96,11 @@ outputs:
when: step|int == 2
block:
- name: create kubespray temp dirs
become: true
file:
path: "{{item}}"
state: directory
owner: "{{ ansible_user }}"
with_items:
- "{{playbook_dir}}/kubespray"
- "{{playbook_dir}}/kubespray/artifacts"

1
zuul.d/layout.yaml

@ -80,6 +80,7 @@
- tripleo-ci-centos-7-scenario010-multinode-oooq-container:
files:
- ^(docker|puppet)/services/.*octavia.*$
- ^docker/services/ceph-ansible.*$
- ci/environments/scenario010-multinode-containers.yaml
- ^environments\/.*.yaml
- ^deployed-server/.*$

Loading…
Cancel
Save