Add DIB element for ansible-deploy driver ramdisk

Based on:
- `ironic-agent` element and uses IPA for lookup/heartbeats
- `devuser` element to set user name, permissions and SSH keys.

Additionally:
- ensures OpenSSH is installed and configured properly
- correctly sets hostname to avoid some Ansible problems with elevation
- overrides DIB_DEV_USER_PWDLESS_SUDO to always be "yes"

Ironic callback functionality requires Ironic API >= 1.22.

Change-Id: I3f6c3baf0197d27f2d423f52611666ca186cd0a4
Related-Bug: #1526308
changes/43/339743/13
Pavlo Shchelokovskyy 7 years ago
parent a634d43e8c
commit 6aae875ed4

@ -0,0 +1,22 @@
==============
ironic-ansible
==============
Builds a ramdisk for Ironic Ansible deploy driver.
This element is based on the following elements:
- ``devuser`` to create and configure a user for Ansible to access the node
- ``ironic-agent`` to provide Ironic API lookup and heartbeats via IPA
Consult docs for those elements for available options.
Additionally this element:
- ensures OpenSSH is installed and configured properly
- correctly sets hostname to avoid some Ansible problems with elevation
Note: compared to ``devuser`` element, this element **always** gives
the configured user password-less sudo permissions (*unconfigurable*).
Requires Ironic API >= 1.22.

@ -0,0 +1,2 @@
ironic-agent
devuser

@ -0,0 +1 @@
export DIB_DEV_USER_PWDLESS_SUDO="yes"

@ -0,0 +1,29 @@
#!/bin/bash
if [ "${DIB_DEBUG_TRACE:-0}" -gt 0 ]; then
set -x
fi
set -eu
set -o pipefail
ANSIBLE_DEPLOY_HOSTAME="ironic-ansible-deploy"
echo $ANSIBLE_DEPLOY_HOSTAME > /etc/hostname
# not having a hostname in hosts produces an extra output
# on every "sudo" command like the following:
#
# sudo: unable to resolve host <HOSTNAME>\r\n
#
# which as of Ansible 2.0.1.0 fails JSON parsing
# in case of tasks using become+async.
# Ansible issues #13965 (fixed in 2.0.1.0), #14568, #14714
# ensure /etc/hosts has hostname in it
sed -i "s/127.0.0.1\s*localhost/127.0.0.1 localhost $ANSIBLE_DEPLOY_HOSTAME/g" /etc/hosts
# ensure SSH host keys exist
ssh-keygen -f /etc/ssh/ssh_host_rsa_key -N '' -t rsa
ssh-keygen -f /etc/ssh/ssh_host_dsa_key -N '' -t dsa
ssh-keygen -f /etc/ssh/ssh_host_ecdsa_key -N '' -t ecdsa
ssh-keygen -f /etc/ssh/ssh_host_ed25519_key -N '' -t ed25519

@ -0,0 +1,2 @@
# Pin to this mirror because the roundrobin is fairly unreliable
export DIB_DISTRIBUTION_MIRROR=http://dl.fedoraproject.org/pub/fedora/linux
Loading…
Cancel
Save