Add DIB element for ansible-deploy driver ramdisk
Based on: - `ironic-agent` element and uses IPA for lookup/heartbeats - `devuser` element to set user name, permissions and SSH keys. Additionally: - ensures OpenSSH is installed and configured properly - correctly sets hostname to avoid some Ansible problems with elevation - overrides DIB_DEV_USER_PWDLESS_SUDO to always be "yes" Ironic callback functionality requires Ironic API >= 1.22. Change-Id: I3f6c3baf0197d27f2d423f52611666ca186cd0a4 Related-Bug: #1526308
This commit is contained in:
parent
a634d43e8c
commit
6aae875ed4
|
@ -0,0 +1,22 @@
|
|||
==============
|
||||
ironic-ansible
|
||||
==============
|
||||
|
||||
Builds a ramdisk for Ironic Ansible deploy driver.
|
||||
|
||||
This element is based on the following elements:
|
||||
|
||||
- ``devuser`` to create and configure a user for Ansible to access the node
|
||||
- ``ironic-agent`` to provide Ironic API lookup and heartbeats via IPA
|
||||
|
||||
Consult docs for those elements for available options.
|
||||
|
||||
Additionally this element:
|
||||
|
||||
- ensures OpenSSH is installed and configured properly
|
||||
- correctly sets hostname to avoid some Ansible problems with elevation
|
||||
|
||||
Note: compared to ``devuser`` element, this element **always** gives
|
||||
the configured user password-less sudo permissions (*unconfigurable*).
|
||||
|
||||
Requires Ironic API >= 1.22.
|
|
@ -0,0 +1,2 @@
|
|||
ironic-agent
|
||||
devuser
|
|
@ -0,0 +1 @@
|
|||
ironic-ansible-deploy
|
|
@ -0,0 +1 @@
|
|||
export DIB_DEV_USER_PWDLESS_SUDO="yes"
|
|
@ -0,0 +1 @@
|
|||
openssh-server:
|
|
@ -0,0 +1,29 @@
|
|||
#!/bin/bash
|
||||
|
||||
if [ "${DIB_DEBUG_TRACE:-0}" -gt 0 ]; then
|
||||
set -x
|
||||
fi
|
||||
set -eu
|
||||
set -o pipefail
|
||||
|
||||
ANSIBLE_DEPLOY_HOSTAME="ironic-ansible-deploy"
|
||||
|
||||
echo $ANSIBLE_DEPLOY_HOSTAME > /etc/hostname
|
||||
|
||||
# not having a hostname in hosts produces an extra output
|
||||
# on every "sudo" command like the following:
|
||||
#
|
||||
# sudo: unable to resolve host <HOSTNAME>\r\n
|
||||
#
|
||||
# which as of Ansible 2.0.1.0 fails JSON parsing
|
||||
# in case of tasks using become+async.
|
||||
# Ansible issues #13965 (fixed in 2.0.1.0), #14568, #14714
|
||||
|
||||
# ensure /etc/hosts has hostname in it
|
||||
sed -i "s/127.0.0.1\s*localhost/127.0.0.1 localhost $ANSIBLE_DEPLOY_HOSTAME/g" /etc/hosts
|
||||
|
||||
# ensure SSH host keys exist
|
||||
ssh-keygen -f /etc/ssh/ssh_host_rsa_key -N '' -t rsa
|
||||
ssh-keygen -f /etc/ssh/ssh_host_dsa_key -N '' -t dsa
|
||||
ssh-keygen -f /etc/ssh/ssh_host_ecdsa_key -N '' -t ecdsa
|
||||
ssh-keygen -f /etc/ssh/ssh_host_ed25519_key -N '' -t ed25519
|
|
@ -0,0 +1 @@
|
|||
fedora
|
|
@ -0,0 +1 @@
|
|||
ramdisk
|
|
@ -0,0 +1,2 @@
|
|||
# Pin to this mirror because the roundrobin is fairly unreliable
|
||||
export DIB_DISTRIBUTION_MIRROR=http://dl.fedoraproject.org/pub/fedora/linux
|
Loading…
Reference in New Issue