openstack/kolla-ansible
Code Issues Proposed changes
6b4e370c1f
kolla-ansible/ansible/roles/bifrost/tasks/bootstrap.yml
Mark Goddard 746a2e0900 Fix rabbitmq-env.conf ownership in bifrost 
The permissions of rabbitmq-env.conf for bifrost were changed in
I6e32d94d4172dd96d09d8609e8a5221ab5586a31 to 0660. This breaks bifrost
deployment, as the rabbitmq user is no longer able to read the
root-owned file on startup.

This commit changes the ownership of the file in the container to
rabbitmq:rabbitmq after it has been copied.

Change-Id: I53418f5d4e40b7ca57e546e2e92a57f613fd381e
Closes-Bug: #1766196
2018-04-23 09:59:54 +01:00

58 lines
2.5 KiB
YAML
Raw Blame History

---
- name: Ensure log directories exist
vars:
nginx_user: "{{ 'www-data' if is_debian else 'nginx' }}"
is_debian: "{{ kolla_base_distro in ['debian', 'ubuntu'] }}"
command: >
docker exec bifrost_deploy
bash -c 'mkdir -p /var/log/kolla/ironic &&
chown ironic:ironic /var/log/kolla/ironic &&
mkdir -p /var/log/kolla/ironic-inspector &&
chown ironic:ironic /var/log/kolla/ironic-inspector &&
mkdir -p /var/log/kolla/nginx &&
chown {{ nginx_user }}:{{ nginx_user }} /var/log/kolla/nginx'
- name: Bootstrap bifrost (this may take several minutes)
command: >
docker exec bifrost_deploy
bash -c '/bifrost/scripts/env-setup.sh && source /bifrost/env-vars
&& cp /etc/bifrost/rabbitmq-env.conf /etc/rabbitmq/rabbitmq-env.conf &&
chown rabbitmq:rabbitmq /etc/rabbitmq/rabbitmq-env.conf &&
ansible-playbook -vvvv -i /bifrost/playbooks/inventory/target
/bifrost/playbooks/install.yaml -e @/etc/bifrost/bifrost.yml
-e @/etc/bifrost/dib.yml -e skip_package_install=true'
- name: Installing ssh keys
command: >
docker exec bifrost_deploy
bash -c 'mkdir /root/.ssh ; mkdir /home/ironic/.ssh;
cp -f /etc/bifrost/id_rsa /root/.ssh/id_rsa &&
cp -f /etc/bifrost/id_rsa.pub /root/.ssh/id_rsa.pub &&
cp -f /etc/bifrost/ssh_config /root/.ssh/config &&
cp -f /etc/bifrost/id_rsa /home/ironic/.ssh/id_rsa &&
cp -f /etc/bifrost/id_rsa.pub /home/ironic/.ssh/id_rsa.pub &&
cp -f /etc/bifrost/ssh_config /home/ironic/.ssh/config &&
chmod 600 /root/.ssh/id_rsa &&
chmod 600 /root/.ssh/id_rsa.pub &&
chmod 600 /root/.ssh/config &&
chmod 600 /home/ironic/.ssh/id_rsa &&
chmod 600 /home/ironic/.ssh/id_rsa.pub &&
chmod 600 /home/ironic/.ssh/config &&
chown ironic:ironic /home/ironic/.ssh/id_rsa &&
chown ironic:ironic /home/ironic/.ssh/id_rsa.pub &&
chown ironic:ironic /home/ironic/.ssh/config'
# Ironic creates hardlinks between the TFTP master image store and the
# HTTP root path when iPXE is enabled. With Docker volumes used for these
# locations we run into https://bugs.launchpad.net/ironic/+bug/1507894
# during deployment. If we use a directory under /httpboot to store the
# master images this issue is avoided.
- name: Configuring TFTP master image path
command: |
docker exec bifrost_deploy
bash -c 'cat >> /etc/ironic/ironic.conf << EOF
[pxe]
tftp_master_path = /httpboot/master_images
EOF
systemctl restart ironic-conductor'
View Git Blame Copy Permalink