openstack/ansible-role-systemd_service
Code Issues Proposed changes

updated things so this role is usable

Browse Source 
Signed-off-by: Kevin Carter <kevin.carter@rackspace.com>
This commit is contained in:
Kevin Carter 2018-03-08 11:42:33 -06:00
parent c302169881
commit 9a4ed2d7bc
No known key found for this signature in database
GPG Key ID: 9443251A787B9FB3
10 changed files with 148 additions and 97 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
README.md
View File

@ -25,10 +25,10 @@ You can also use the ``ansible-galaxy`` command on the ``ansible-role-requiremen
# define "program_override" option in the systemd_services dictionary. # define "program_override" option in the systemd_services dictionary.
systemd_bin_path: /usr/local/bin systemd_bin_path: /usr/local/bin
system_user_name: root systemd_user_name: root
system_group_name: root systemd_group_name: root
system_slice_name: system systemd_slice_name: system
system_lock_path: /var/lock systemd_lock_path: /var/lock
# This is the prefix used for all temp files of a given type. # This is the prefix used for all temp files of a given type.
systemd_tempd_prefix: tempd systemd_tempd_prefix: tempd
@ -38,11 +38,17 @@ systemd_TimeoutSec: 120
systemd_Restart: on-failure systemd_Restart: on-failure
systemd_RestartSec: 2 systemd_RestartSec: 2
# Set accounting on systemd service # Accounting options
system_CPUAccounting: true systemd_CPUAccounting: true
system_BlockIOAccounting: true systemd_BlockIOAccounting: true
system_MemoryAccounting: true systemd_MemoryAccounting: true
system_TasksAccounting: true systemd_TasksAccounting: true
# Sandboxing options
systemd_PrivateTmp: true
systemd_PrivateDevices: false
systemd_PrivateNetwork: true
systemd_PrivateUsers: true
# Start service after a given target. This is here because we want to define common # Start service after a given target. This is here because we want to define common
# after targets used on most services. This can be overridden or agumented using # after targets used on most services. This can be overridden or agumented using
@ -51,16 +57,13 @@ systemd_after_targets:
- syslog.target - syslog.target
- network.target - network.target
# Set the service state. Valid options are: [started, stopped, restarted, reloaded].
systemd_service_state: started
# Set the service enabled state. Valid options are: [yes, no] # Set the service enabled state. Valid options are: [yes, no]
systemd_service_enabled: yes systemd_service_enabled: yes
# Set global service overrides used within the service unit file. # Set global service overrides used within the service unit file.
systemd_service_config_overrides: {} systemd_service_config_overrides: {}
# The systemD services dictionary is a set of services that will be created. The dictionary # The systemd services dictionary is a set of services that will be created. The dictionary
# can contain the following options: # can contain the following options:
# `service_name` -- (required) used to define the name of the service. This is typically the name of the executable. # `service_name` -- (required) used to define the name of the service. This is typically the name of the executable.
# `init_config_overrides` -- (optional) This allows any section or key=value pair to be set within the systemd unit file. # `init_config_overrides` -- (optional) This allows any section or key=value pair to be set within the systemd unit file.

33
defaults/main.yml
View File

@ -17,10 +17,10 @@
# define "program_override" option in the systemd_services dictionary. # define "program_override" option in the systemd_services dictionary.
systemd_bin_path: /usr/local/bin systemd_bin_path: /usr/local/bin
system_user_name: root systemd_user_name: root
system_group_name: root systemd_group_name: root
system_slice_name: system systemd_slice_name: system
system_lock_path: /var/lock systemd_lock_path: /var/lock
# This is the prefix used for all temp files of a given type. # This is the prefix used for all temp files of a given type.
systemd_tempd_prefix: tempd systemd_tempd_prefix: tempd
@ -30,11 +30,17 @@ systemd_TimeoutSec: 120
systemd_Restart: on-failure systemd_Restart: on-failure
systemd_RestartSec: 2 systemd_RestartSec: 2
# Set accounting on systemd service # Accounting options
system_CPUAccounting: true systemd_CPUAccounting: true
system_BlockIOAccounting: true systemd_BlockIOAccounting: true
system_MemoryAccounting: true systemd_MemoryAccounting: true
system_TasksAccounting: true systemd_TasksAccounting: true
# Sandboxing options
systemd_PrivateTmp: true
systemd_PrivateDevices: false
systemd_PrivateNetwork: false
systemd_PrivateUsers: true
# Start service after a given target. This is here because we want to define common # Start service after a given target. This is here because we want to define common
# after targets used on most services. This can be overridden or agumented using # after targets used on most services. This can be overridden or agumented using
@ -43,16 +49,13 @@ systemd_after_targets:
- syslog.target - syslog.target
- network.target - network.target
# Set the service state. Valid options are: [started, stopped, restarted, reloaded].
systemd_service_state: started
# Set the service enabled state. Valid options are: [yes, no] # Set the service enabled state. Valid options are: [yes, no]
systemd_service_enabled: yes systemd_service_enabled: yes
# Set global service overrides used within the service unit file. # Set global service overrides used within the service unit file.
systemd_service_config_overrides: {} systemd_service_config_overrides: {}
# The systemD services dictionary is a set of services that will be created. The dictionary # The systemd services dictionary is a set of services that will be created. The dictionary
# can contain the following options: # can contain the following options:
# `service_name` -- (required) used to define the name of the service. This is typically the name of the executable. # `service_name` -- (required) used to define the name of the service. This is typically the name of the executable.
# `init_config_overrides` -- (optional) This allows any section or key=value pair to be set within the systemd unit file. # `init_config_overrides` -- (optional) This allows any section or key=value pair to be set within the systemd unit file.
@ -70,6 +73,10 @@ systemd_service_config_overrides: {}
# service_name: ServiceX # service_name: ServiceX
# init_config_overrides: {} # This is used to add in arbitratry unit file options # init_config_overrides: {} # This is used to add in arbitratry unit file options
# program_config_options: '--flag1 things --flag2 other' # program_config_options: '--flag1 things --flag2 other'
# program_sandboxing:
# PrivateTmp: true
# program_accounting:
# CPUAccounting: true
# ServiceY: # ServiceY:
# service_name: ServiceY # service_name: ServiceY
# init_config_overrides: {} # This is used to add in arbitratry unit file options # init_config_overrides: {} # This is used to add in arbitratry unit file options

2
html-docs/index.html
View File

@ -264,7 +264,7 @@ ga('send', 'pageview');
<span class="c1"># Set the service enabled state. Valid options are: [yes, no]</span> <span class="c1"># Set the service enabled state. Valid options are: [yes, no]</span>
<span class="l l-Scalar l-Scalar-Plain">systemd_service_enabled</span><span class="p p-Indicator">:</span> <span class="l l-Scalar l-Scalar-Plain">yes</span> <span class="l l-Scalar l-Scalar-Plain">systemd_service_enabled</span><span class="p p-Indicator">:</span> <span class="l l-Scalar l-Scalar-Plain">yes</span>
<span class="c1"># The systemD services dictionary is a set of services that will be created. The dictionary</span> <span class="c1"># The systemd services dictionary is a set of services that will be created. The dictionary</span>
<span class="c1"># can contain the following options:</span> <span class="c1"># can contain the following options:</span>
<span class="c1"># `service_name` -- (required) used to define the name of the service. This is typically the name of the executable.</span> <span class="c1"># `service_name` -- (required) used to define the name of the service. This is typically the name of the executable.</span>
<span class="c1"># `init_config_overrides` -- (optional) This allows any section or key=value pair to be set within the systemd unit file.</span> <span class="c1"># `init_config_overrides` -- (optional) This allows any section or key=value pair to be set within the systemd unit file.</span>

9
meta/main.yml
View File

@ -26,8 +26,13 @@ galaxy_info:
- name: EL - name: EL
versions: versions:
- 7 - 7
- name: opensuse
versions:
- 42.1
- 42.2
- 42.3
categories: categories:
- systemd_init - systemd
- development - development
dependencies: dependencies:
- role: plugins - plugins

46
tasks/main.yml
View File

@ -15,56 +15,66 @@
- name: Create TEMP run dir - name: Create TEMP run dir
file: file:
path: "/var/run/{{ item.value.service_name }}" path: "/var/run/{{ item.service_name }}"
state: directory state: directory
owner: "{{ system_user_name }}" owner: "{{ systemd_user_name }}"
group: "{{ system_group_name }}" group: "{{ systemd_group_name }}"
mode: "02755" mode: "02755"
with_dict: "{{ systemd_services }}" with_items: "{{ systemd_services }}"
tags: tags:
- systemd-init - systemd-init
- name: Create TEMP lock dir - name: Create TEMP lock dir
file: file:
path: "/var/lock/{{ item.value.service_name }}" path: "/var/lock/{{ item.service_name }}"
state: directory state: directory
owner: "{{ system_user_name }}" owner: "{{ systemd_user_name }}"
group: "{{ system_group_name }}" group: "{{ systemd_group_name }}"
mode: "02755" mode: "02755"
with_dict: "{{ systemd_services }}" with_items: "{{ systemd_services }}"
tags: tags:
- systemd-init - systemd-init
- name: Create tmpfiles.d entry - name: Create tmpfiles.d entry
template: template:
src: "systemd-tmpfiles.j2" src: "systemd-tmpfiles.j2"
dest: "/etc/tmpfiles.d/{{ systemd_tempd_prefix }}-{{ item.value.service_name }}.conf" dest: "/etc/tmpfiles.d/{{ systemd_tempd_prefix }}-{{ item.service_name }}.conf"
mode: "0644"
owner: "root"
group: "root"
with_items: "{{ systemd_services }}"
tags:
- systemd-init
- name: Create tmpfiles.d entry
template:
src: "systemd-tmpfiles-lock.j2"
dest: "/etc/tmpfiles.d/{{ systemd_tempd_prefix }}-{{ systemd_lock_path.strip('/') | replace('/', '-') }}-lock.conf"
mode: "0644" mode: "0644"
owner: "root" owner: "root"
group: "root" group: "root"
with_dict: "{{ systemd_services }}"
tags: tags:
- systemd-init - systemd-init
- name: Place the systemd init script - name: Place the systemd init script
config_template: config_template:
src: "systemd-init.j2" src: "systemd-service.j2"
dest: "/etc/systemd/system/{{ item.value.service_name }}.service" dest: "/etc/systemd/system/{{ item.service_name }}.service"
mode: "0644" mode: "0644"
owner: "root" owner: "root"
group: "root" group: "root"
config_overrides: "{{ item.value.init_config_overrides | default(systemd_service_config_overrides) }}" config_overrides: "{{ item.init_config_overrides | default(systemd_service_config_overrides) }}"
config_type: "ini" config_type: "ini"
with_dict: "{{ systemd_services }}" with_items: "{{ systemd_services }}"
tags: tags:
- systemd-init - systemd-init
- name: Load service - name: Load service
systemd: systemd:
name: "{{ item.value.service_name }}" name: "{{ item.service_name }}"
daemon_reload: yes daemon_reload: yes
enabled: "{{ item.value.enabled | default(systemd_service_enabled) }}" enabled: "{{ item.enabled | default(systemd_service_enabled) }}"
state: "{{ item.value.service_state | default(systemd_service_state) }}" state: "{{ item.state | default(omit) }}"
with_dict: "{{ systemd_services }}" with_items: "{{ systemd_services }}"
tags: tags:
- systemd-init - systemd-init

37
templates/systemd-init.j2
View File

@ -1,37 +0,0 @@
# {{ ansible_managed }}
[Unit]
Description={{ item.value.service_name }} service
{% for item in systemd_after_targets %}
After={{ item }}
{% endfor %}
[Service]
Type=simple
User={{ system_user_name }}
Group={{ system_group_name }}
{% if item.value.program_override is defined %}
ExecStart={{ item.value.program_override }} {{ item.value.program_config_options | default('') }}
{% else %}
ExecStart={{ systemd_bin_path }}/{{ item.value.service_name }} {{ item.value.program_config_options | default('') }}
{% endif %}
# Give a reasonable amount of time for the server to start up/shut down
TimeoutSec={{ systemd_TimeoutSec }}
Restart={{ systemd_Restart }}
RestartSec={{ systemd_RestartSec }}
# This creates a specific slice which all services will operate from
# The accounting options give us the ability to see resource usage through
# the `systemd-cgtop` command.
Slice={{ system_slice_name }}.slice
# Set Accounting
CPUAccounting={{ system_CPUAccounting }}
BlockIOAccounting={{ system_BlockIOAccounting }}
MemoryAccounting={{ system_MemoryAccounting }}
TasksAccounting={{ system_TasksAccounting }}
[Install]
WantedBy=multi-user.target

61
templates/systemd-service.j2 Normal file
View File

@ -0,0 +1,61 @@
# {{ ansible_managed }}
[Unit]
Description={{ item.service_name }} service
{% for item in systemd_after_targets %}
After={{ item }}
{% endfor %}
[Service]
Type={{ item.service_type | default('simple') }}
User={{ systemd_user_name }}
Group={{ systemd_group_name }}
{% if item.program_override is defined %}
ExecStart={{ item.program_override }} {{ item.program_config_options | default('') }}
{% else %}
ExecStart={{ systemd_bin_path }}/{{ item.service_name }} {{ item.program_config_options | default('') }}
{% endif %}
{% if item.program_reload is defined %}
ExecReload={{ item.program_reload }}
{% else %}
ExecReload=/bin/kill -HUP $MAINPID
{% endif %}
# Give a reasonable amount of time for the server to start up/shut down
TimeoutSec={{ systemd_TimeoutSec }}
Restart={{ systemd_Restart }}
RestartSec={{ systemd_RestartSec }}
# This creates a specific slice which all services will operate from
# The accounting options give us the ability to see resource usage through
# the `systemd-cgtop` command.
Slice={{ systemd_slice_name }}.slice
# Set Accounting
{% if item.program_accounting is defined %}
{% for key, value in item.program_accounting.items() %}
{{ key }}={{ value }}
{% endfor %}
{% else %}
CPUAccounting={{ systemd_CPUAccounting }}
BlockIOAccounting={{ systemd_BlockIOAccounting }}
MemoryAccounting={{ systemd_MemoryAccounting }}
TasksAccounting={{ systemd_TasksAccounting }}
{% endif %}
# Set Sandboxing
{% if item.program_sandboxing is defined %}
{% for key, value in item.program_sandboxing.items() %}
{{ key }}={{ value }}
{% endfor %}
{% else %}
PrivateTmp={{ systemd_PrivateTmp }}
PrivateDevices={{ systemd_PrivateDevices }}
PrivateNetwork={{ systemd_PrivateNetwork }}
PrivateUsers={{ systemd_PrivateUsers }}
{% endif %}
[Install]
WantedBy=multi-user.target

3
templates/systemd-tmpfiles-lock.j2 Normal file
View File

@ -0,0 +1,3 @@
# {{ ansible_managed }}
D {{ systemd_lock_path }} 2755 {{ systemd_user_name }} {{ systemd_group_name }}

5
templates/systemd-tmpfiles.j2
View File

@ -1,5 +1,4 @@
# {{ ansible_managed }} # {{ ansible_managed }}
D /var/lock/{{ item.value.service_name }} 2755 {{ system_user_name }} {{ system_group_name }} D /var/lock/{{ item.service_name }} 2755 {{ systemd_user_name }} {{ systemd_group_name }}
D /var/run/{{ item.value.service_name }} 2755 {{ system_user_name }} {{ system_group_name }} D /var/run/{{ item.service_name }} 2755 {{ systemd_user_name }} {{ systemd_group_name }}
D {{ system_lock_path }} 2755 {{ system_user_name }} {{ system_group_name }}