Update delegated setup hosts to support IP delegation
The option `skydive_service_setup_host` allows a user to define a setup host target which could, or could not, be in the provided inventory. Additionally a setup target host could also be simply an IP reference. This change ensures that the playbooks and roles respect the different setup host delegation node types by creating in memory host entries and gathering facts on the dynamic information when the target is not in inventory, is not in the skydive_all group, or simply an IP. Change-Id: I532abd7171ba9077759640e4bf18b9b517264426 Signed-off-by: Kevin Carter <kevin@cloudnull.com> Signed-off-by: Kevin Carter <kevin.carter@rackspace.com>
This commit is contained in:
parent
a54602805f
commit
cfa103dab7
@ -22,9 +22,7 @@
|
||||
|
||||
- name: Gather facts
|
||||
hosts: skydive_all
|
||||
tasks:
|
||||
- name: Gather facts on all hosts
|
||||
setup: {}
|
||||
gather_facts: true
|
||||
tags:
|
||||
- always
|
||||
|
||||
|
@ -22,9 +22,7 @@
|
||||
|
||||
- name: Gather facts
|
||||
hosts: traefik_all
|
||||
tasks:
|
||||
- name: Gather facts on all hosts
|
||||
setup: {}
|
||||
gather_facts: true
|
||||
tags:
|
||||
- always
|
||||
|
||||
|
@ -13,6 +13,42 @@
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
- name: Setup localhost
|
||||
hosts: localhost
|
||||
connection: local
|
||||
tags:
|
||||
- always
|
||||
|
||||
|
||||
- name: Configure skydive-service-setup-host
|
||||
hosts: skydive_all[0]
|
||||
connection: local
|
||||
become: yes
|
||||
tasks:
|
||||
# NOTE(cloudnull): When the host entry is an IP, these tasks will construct a basic
|
||||
# host entry for the delegated node, which will ensure facts are
|
||||
# available for the deployment host.
|
||||
- name: Add dynamic host entry
|
||||
add_host:
|
||||
name: "{{ skydive_service_setup_host }}"
|
||||
groups: skydive_all
|
||||
ansible_host: "{{ skydive_service_setup_host }}"
|
||||
when:
|
||||
- ((skydive_service_setup_host is defined) and (skydive_service_setup_host | ipaddr)) or
|
||||
(skydive_service_setup_host not in groups['all']) or
|
||||
(skydive_service_setup_host not in groups['skydive_all'])
|
||||
tags:
|
||||
- always
|
||||
|
||||
|
||||
- name: Gather all facts
|
||||
hosts: skydive_all
|
||||
become: yes
|
||||
gather_facts: yes
|
||||
tags:
|
||||
- always
|
||||
|
||||
|
||||
- name: Deploy skydive binaries
|
||||
hosts: skydive_agents:skydive_analyzers
|
||||
become: yes
|
||||
@ -130,6 +166,8 @@
|
||||
become: yes
|
||||
roles:
|
||||
- role: skydive_analyzer
|
||||
vars:
|
||||
skydive_service_setup_host: "{{ openstack_service_setup_host | default(groups['skydive_analyzers'][0]) }}"
|
||||
tags:
|
||||
- skydive-analyzer-setup
|
||||
|
||||
@ -139,6 +177,7 @@
|
||||
become: yes
|
||||
roles:
|
||||
- role: skydive_agent
|
||||
vars:
|
||||
skydive_service_setup_host: "{{ openstack_service_setup_host | default(groups['skydive_analyzers'][0]) }}"
|
||||
tags:
|
||||
- skydive-agent-setup
|
||||
|
@ -38,7 +38,7 @@ galaxy_info:
|
||||
dependencies:
|
||||
- role: traefik_common
|
||||
traefik_basic_auth_users: "{{ _skydive_basic_auth_users | combine(skydive_basic_auth_users) }}"
|
||||
traffic_dashboard_bind: "{{ skydive_bind_address | default(hostvars[inventory_hostname]['ansible_' ~ (skydive_network_device | replace('-', '_') | string)]['ipv4']['address']) }}"
|
||||
traffic_dashboard_bind: "{{ skydive_bind_address | default(hostvars[inventory_hostname]['ansible_' ~ ((skydive_network_device | default(ansible_default_ipv4['interface'])) | replace('-', '_') | string)]['ipv4']['address']) }}"
|
||||
traefik_dashboard_enabled: true
|
||||
traefik_destinations:
|
||||
elasticsearch:
|
||||
|
@ -29,7 +29,7 @@ skydive_agent_port: 8081
|
||||
skydive_flow_protocol: udp
|
||||
|
||||
# Set a particulare network interface used for skydive traffic
|
||||
skydive_network_device: "{{ ansible_default_ipv4['interface'] }}"
|
||||
# skydive_network_device: "{{ ansible_default_ipv4['interface'] }}"
|
||||
|
||||
# The skydive bind address can also be used to set the specific bind address of
|
||||
# a given node running the skydive analyzer. By default this variable is undefined
|
||||
|
@ -112,6 +112,12 @@
|
||||
when:
|
||||
- clouds_file['content'] is defined
|
||||
|
||||
- name: Set network device fact
|
||||
set_fact:
|
||||
skydive_network_device: "{{ ansible_default_ipv4['interface'] }}"
|
||||
when:
|
||||
- skydive_network_device is undefined
|
||||
|
||||
- include_tasks: skydive_setup.yml
|
||||
|
||||
- include_tasks: skydive_ssl.yml
|
||||
|
@ -25,6 +25,31 @@
|
||||
run_once: true
|
||||
delegate_to: "{{ skydive_service_setup_host }}"
|
||||
block:
|
||||
- name: create the system group
|
||||
group:
|
||||
name: "skydive"
|
||||
state: "present"
|
||||
system: "yes"
|
||||
|
||||
- name: Create the skydive user
|
||||
user:
|
||||
name: "skydive"
|
||||
group: "skydive"
|
||||
comment: "skydive user"
|
||||
shell: "/bin/false"
|
||||
createhome: "yes"
|
||||
home: "/usr/share/skydive"
|
||||
|
||||
- name: Create skydive ssl path
|
||||
file:
|
||||
path: "{{ item }}"
|
||||
state: directory
|
||||
owner: "skydive"
|
||||
group: "skydive"
|
||||
mode: "0700"
|
||||
with_items:
|
||||
- "/var/lib/skydive/ssl"
|
||||
|
||||
- name: Create CNF
|
||||
template:
|
||||
src: "skydive-openssl.cnf.j2"
|
||||
|
@ -24,14 +24,16 @@ subjectAltName = @alt_names
|
||||
{% set ips = [] %}
|
||||
{% set hostnames = [] %}
|
||||
{% for node in groups['skydive_all'] %}
|
||||
{% if hostvars[node]['ansible_default_ipv4'] is defined %}
|
||||
{% set _ansible_interface_name = hostvars[node]['skydive_network_device'] | default(hostvars[node]['ansible_default_ipv4']['interface']) | replace('-', '_') %}
|
||||
{% set _skydive_ip = hostvars[node]['skydive_bind_address'] | default(hostvars[node]["ansible_" ~ _ansible_interface_name]['ipv4']['address']) %}
|
||||
{% set _skydive_ansible_domain = hostvars[node]['ansible_domain'] | default(hostvars[node]['ansible_hostname'] ) %}
|
||||
{% set _skydive_ansible_domain = hostvars[node]['ansible_fqdn'] | default(hostvars[node]['ansible_hostname'] ) %}
|
||||
{% set _skydive_dns_name = ((_skydive_ansible_domain | length) > 0) | ternary(_skydive_ansible_domain, hostvars[node]['ansible_hostname']) %}
|
||||
{% set _ = ips.append(_skydive_ip) %}
|
||||
{% set _ = hostnames.append(_skydive_dns_name) %}
|
||||
IP.{{ loop.index }} = {{ _skydive_ip }}
|
||||
DNS.{{ loop.index }} = {{ _skydive_dns_name }}
|
||||
{% endif %}
|
||||
{% endfor %}
|
||||
|
||||
{% set localhost_index = (groups['skydive_all'] | length) + 1 %}
|
||||
|
@ -18,3 +18,4 @@ sykdive_distro_packages:
|
||||
- python3-openssl
|
||||
- python-openssl
|
||||
- python-passlib
|
||||
- python-virtualenv
|
||||
|
@ -50,7 +50,7 @@ skydive_ssl_cnf: "/var/lib/skydive/ssl/skydive-openssl.cnf"
|
||||
skydive_ssl_key: "/var/lib/skydive/ssl/skydive.key"
|
||||
skydive_ssl_csr: "/var/lib/skydive/ssl/skydive.csr"
|
||||
skydive_ssl_cert: "/var/lib/skydive/ssl/skydive-{{ inventory_hostname | replace('_', '-') | replace(' ', '-') }}.crt"
|
||||
skydive_ssl_signed_subject: "/C=XX/L=OpenStack-Cloud/O=OpenStack/OU=IT/CN={{ ((ansible_domain | length) > 0) | ternary(ansible_domain, ansible_hostname) }}"
|
||||
skydive_ssl_signed_subject: "/C=XX/L=OpenStack-Cloud/O=OpenStack/OU=IT/CN={{ ((ansible_fqdn | length) > 0) | ternary(ansible_fqdn, ansible_hostname) }}"
|
||||
|
||||
skydive_ssl_ca_key: "/var/lib/skydive/ssl/skydive-ca.key"
|
||||
skydive_ssl_ca_cert: "/var/lib/skydive/ssl/skydive-ca.crt"
|
||||
|
@ -17,3 +17,4 @@ sykdive_distro_packages:
|
||||
- openssl
|
||||
- python2-passlib
|
||||
- pyOpenSSL
|
||||
- python-virtualenv
|
||||
|
@ -18,3 +18,4 @@ sykdive_distro_packages:
|
||||
- python2-pyOpenSSL
|
||||
- python3-pyOpenSSL
|
||||
- python-passlib
|
||||
- python2-virtualenv
|
||||
|
@ -27,4 +27,5 @@
|
||||
delay: 10
|
||||
|
||||
- name: Show Skydive client
|
||||
debug: var=skydive_client
|
||||
debug:
|
||||
msg: "{{ skydive_client.stdout | from_json }}"
|
||||
|
Loading…
Reference in New Issue
Block a user