--- # Copyright 2016, Rackspace US, Inc. # Copyright 2017, SUSE LINUX GmbH. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. # We support Leap 42.1 onwards so we pick a rather old 4.1 kernel openstack_host_required_kernel: 4.1.15 openstack_host_sysstat_file: /etc/sysstat/sysstat # NOTE(mhayden): OpenSUSE automatically symlinks /etc/sysstat/sysstat.cron to # /etc/cron.d/sysstat via a systemd unit file. If you write directly to # /etc/cron.d/sysstat in this role, OpenSUSE will overwrite the file and break # the idempotency check. openstack_host_sysstat_cron_file: /etc/sysstat/sysstat.cron openstack_host_cron_template: sysstat.cron.suse.j2 openstack_host_module_file: /etc/modules-load.d/openstack-ansible.conf openstack_host_sysstat_cron_mode: '0644' ## Kernel modules loaded on hosts openstack_host_kernel_modules: - name: 8021q - name: "{{ (hostvars[inventory_hostname]['ansible_kernel'] is version('4.4', '>=')) | ternary('br_netfilter', '') }}" - name: dm_multipath - name: dm_snapshot - name: ebtables - name: ip6table_filter - name: ip6_tables - name: ip_tables - name: ipt_MASQUERADE - name: ipt_REJECT - name: iptable_filter - name: iptable_mangle - name: iptable_nat - name: ip_vs - name: iscsi_tcp - name: nf_conntrack - name: nf_conntrack_ipv4 - name: nf_conntrack_ipv6 - name: nf_defrag_ipv4 - name: nf_nat - name: nf_nat_ipv4 # TODO (odyssey4me): revise the minimum kernel version once this kernel version is commonplace # If we end up with more requirements like this, then we should change the approach. - name: "{{ (hostvars[inventory_hostname]['ansible_kernel'] is version('4.4.0-0', '<')) | ternary('scsi_dh', '') }}" - name: vhost_net - name: x_tables ## Base packages _openstack_host_distro_packages: - python-setuptools # python-virtualenv does not work without this package - python-virtualenv - "{{ (ansible_distribution_version is version ('42', '>=')) | ternary('python-virtualenv', 'system-user-nobody') }}" # system-user-nobody only exists in Leap 15 onwards - python3-systemd # this can be removed once the oslo.log package has a dependency on python3-systemd ## Bare metal base packages _openstack_host_metal_distro_packages: - bridge-utils - "{{ (ansible_distribution_version is version ('42', '>=')) | ternary('patterns-openSUSE-devel_basis', 'patterns-devel-base-devel_basis') }}" - curl - device-mapper - dstat - ebtables - iptables - irqbalance - libkmod2 - kmod - lvm2 - rsync - rsyslog - sysstat - sudo - time - wget _package_repos_keys: [] ## example: # - key: "http://url_to_gpg_key" # validate_certs: # state: # - key: "/tmp/file1" # keyfile: "gpg/file1" # validate_certs: # state: _package_list: - name: systemd-logger state: absent # conflicts with rsyslog ## full example: #_package_repos: # - repo: # state: # name: # enabled: # disable_gpg_check: # description: # autorefresh: # auto_import_keys: _package_repos: - name: "repo-oss" repo: "{{ opensuse_repo_oss_url }}" auto_import_keys: yes autorefresh: no - name: "repo-update" repo: "{{ opensuse_repo_update_url }}" auto_import_keys: yes autorefresh: yes - name: "OBS:Cloud:OpenStack:Master" repo: "{{ opensuse_obs_cloud_repo_url }}" auto_import_keys: yes autorefresh: yes _package_vendors: ## https://en.opensuse.org/SDB:Vendor_change_update#Allowing_Vendor_change_for_selected_repositories # - suse # - opensuse # - obs://build.suse.deb # - Packman # - http://packman.links2linux.de - openSUSE - obs://build.opensuse.org/Cloud:OpenStack _openstack_host_ca_location: /etc/pki/trust/anchors/