diff --git a/defaults/main.yml b/defaults/main.yml new file mode 100644 index 00000000..22e2a6dc --- /dev/null +++ b/defaults/main.yml @@ -0,0 +1,98 @@ +--- +# defaults file for os_ironic + +# Verbosity Options +debug: False +verbose: True + +# Name of the virtual env to deploy into +ironic_venv_tag: untagged +ironic_venv_bin: "/openstack/venvs/ironic-{{ ironic_venv_tag }}/bin" + +# Set this to enable or disable installing in a venv +ironic_venv_enabled: True + +# System info +ironic_system_user_name: ironic +ironic_system_group_name: ironic +ironic_system_shell: /bin/bash +ironic_system_comment: ironic system user +ironic_system_home_folder: "/var/lib/{{ ironic_system_user_name }}" +ironic_system_log_folder: "/var/log/{{ ironic_system_user_name }}" + +# Ironic API +ironic_api_program_name: ironic-api + + +# Ironic Conductor +ironic_conductor_program_name: ironic-conductor + + + +# Python Ironic Client +python_ironic_client_program_name: ironic + + +ironic_service_names: + - "{{ ironic_api_program_name }}" + - "{{ ironic_conductor_program_name }}" + +# Database +ironic_database_user: ironic +ironic_database_database: ironic +ironic_database_address: localhost +ironic_database_password: gu1d0 + +# TBD(mrda): need to handle this a little better :) +database_root_user: root +database_root_password: sp4m3ggs + +# If you want to regenerate the ironic users SSH keys, on each run, set this var to True +# Otherwise keys will be generated on the first run and not regenerated each run. +ironic_recreate_keys: False + +ironic_bin: "{{ ironic_venv_bin }}" + +ironic_service_name: ironic + +ironic_common_apt_packages: + - python-dev + - python-pip + - git + +ironic_conductor_apt_packages: + - libmysqlclient-dev + - libxml2-dev + - rabbitmq-server + - mysql-server + - isc-dhcp-server + - tftpd-hpa + - syslinux + - syslinux-common + - libxslt1-dev + - qemu-utils + - libpq-dev + - python-yaml + - open-iscsi + - ipmitool + +ironic_pip_packages: + - virtualenvwrapper + - six + - tox + - mysql-python + - python_ironicclient + +ironicclient_pip_packages: + - python_ironicclient + +## Ironic service +ironic_git_repo: https://git.openstack.org/openstack/ironic +ironic_git_install_branch: c6e8e2a33c65b6269a0b1b4f5e63620c68bdc3fb # HEAD sha as of 13 Nov 2015 +ironic_git_dest: "/opt/ironic_{{ ironic_git_install_branch | replace('/', '_') }}" + +## python-ironicclient +python_ironicclient_git_repo: https://git.openstack.org/openstack/python-ironicclient +python_ironicclient_git_install_branch: b66f5e8dd60c023d6d216c3bbc5ec22d837623c3 # HEAD sha as of 13 Nov 2015 +python_ironicclient_git_dest: "/opt/python-ironicclient_{{ python_ironicclient_git_install_branch | replace('/', '_') }}" + diff --git a/files/map-file b/files/map-file new file mode 100644 index 00000000..812abe0c --- /dev/null +++ b/files/map-file @@ -0,0 +1,4 @@ +re ^(/tftpboot/) /tftpboot/\2 +re ^/tftpboot/ /tftpboot/ +re ^(^/) /tftpboot/\1 +re ^([^/]) /tftpboot/\1 diff --git a/files/tftpd-hpa b/files/tftpd-hpa new file mode 100644 index 00000000..37b94c86 --- /dev/null +++ b/files/tftpd-hpa @@ -0,0 +1,4 @@ +TFTP_USERNAME="tftp" +TFTP_DIRECTORY="/tftpboot" +TFTP_ADDRESS="[::]:69" +TFTP_OPTIONS="-vvvv --map-file /tftpboot/map-file" diff --git a/handlers/main.yml b/handlers/main.yml new file mode 100644 index 00000000..797046bd --- /dev/null +++ b/handlers/main.yml @@ -0,0 +1,23 @@ +--- +# Copyright 2015, Rackspace US, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +- name: Restart ironic services + service: + name: "{{ item }}" + state: restarted + pattern: "{{ item }}" + with_items: ironic_service_names + failed_when: false + diff --git a/local_install.sh b/local_install.sh new file mode 100755 index 00000000..d0c467ab --- /dev/null +++ b/local_install.sh @@ -0,0 +1,21 @@ +#!/bin/bash +# Copyright 2015, Rackspace US, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +ROLE_NAME=$(basename $(pwd)) + +pushd tests + ansible-playbook -i inventory local_install.yml -e rolename=${ROLE_NAME} +popd + diff --git a/meta/main.yml b/meta/main.yml new file mode 100644 index 00000000..f30d0223 --- /dev/null +++ b/meta/main.yml @@ -0,0 +1,16 @@ +--- +galaxy_info: + author: OpenStack + description: Baremetal provisioning for Openstack + company: OpenStack + license: Apache + min_ansible_version: 1.8 + platforms: + - name: Ubuntu + versions: + - trusty + categories: + - cloud + - baremetal + - system +dependencies: [] diff --git a/run_tests.sh b/run_tests.sh new file mode 100755 index 00000000..fae9af06 --- /dev/null +++ b/run_tests.sh @@ -0,0 +1,22 @@ +#!/bin/bash +# Copyright 2015, Rackspace US, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +ROLE_NAME=$(basename $(pwd)) + +pushd tests + ansible-playbook -i inventory --syntax-check --list-tasks test.yml -e rolename=${ROLE_NAME} +popd + +ansible-lint */*yml diff --git a/tasks/ironic_conductor_post_install.yml b/tasks/ironic_conductor_post_install.yml new file mode 100644 index 00000000..fc927750 --- /dev/null +++ b/tasks/ironic_conductor_post_install.yml @@ -0,0 +1,89 @@ +--- +# Copyright 2015, Rackspace US, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +- name: Install apt packages + apt: + pkg: "{{ item }}" + state: latest + register: install_packages + until: install_packages|success + retries: 5 + delay: 2 + with_items: ironic_conductor_apt_packages + tags: + - ironic-install + - ironic-apt-packages + +- name: Create /tftpboot + file: + path: "/tftpboot" + state: directory + owner: "{{ ironic_system_user_name }}" + group: "{{ ironic_system_group_name }}" + mode: "0755" + tags: + - tftpd-hpa + +- name: Copy in tftpd-hpa config file + copy: + src: tftpd-hpa + dest: /etc/default/tftpd-hpa + notify: + - Restart tftpd-hpa + tags: + - tftpd-hpa + +- name: Copy in tftpd-hpa map file + copy: + src: map-file + dest: /tftpboot/map-file + notify: + - Restart tftpd-hpa + tags: + - tftpd-hpa + +- name: Check to see if pxlinux.0 is required + stat: path=/tftpboot/pxelinux.0 + register: pxelinux_exists + tags: + - tftpd-hpa + +- name: Check to see if chain.c32 is required + stat: path=/tftpboot/chain.c32 + register: chain32_exists + tags: + - tftpd-hpa + +- name: Check pxlinux.0 exists + stat: path=/usr/lib/syslinux/pxelinux.0 + register: pxelinux_stat + when: not pxelinux_exists + tags: + - tftpd-hpa + +- name: Copy syslinux pxlinux.0 + command: cp /usr/lib/syslinux/pxelinux.0 /tftpboot/pxelinux.0 + when: not pxelinux_exists and pxelinux_stat.stat.exists + tags: + - tftpd-hpa + +- name: Copy syslinux chain.c32 + command: cp /usr/lib/syslinux/chain.c32 /tftpboot/chain.c32 + when: not chain32_exists and chain32_stat.stat.exists + tags: + - tftpd-hpa + + + diff --git a/tasks/ironic_db_setup.yml b/tasks/ironic_db_setup.yml new file mode 100644 index 00000000..64e7e0d8 --- /dev/null +++ b/tasks/ironic_db_setup.yml @@ -0,0 +1,52 @@ +--- +# Copyright 2015, Rackspace US, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +- name: Create database for ironic + mysql_db: + #login_user: "{{ database_root_user }}" + #login_password: "{{ database_root_password }}" + #login_host: "{{ ironic_database_address }}" + name: "{{ ironic_database_database }}" + state: "present" + tags: + - ironic-db-setup + +- name: Grant access to the DB + mysql_user: + #login_user: "{{ database_root_user }}" + #login_password: "{{ database_root_password }}" + #login_host: "{{ ironic_database_address }}" + name: "{{ ironic_database_user }}" + password: "{{ ironic_database_password }}" + host: "{{ item }}" + state: "present" + priv: "{{ ironic_database_database }}.*:ALL" + with_items: + - "localhost" + - "%" + tags: + - ironic-db-setup + +- name: Synchronize database schema + command: "{{ ironic_bin }}/ironic-dbsync upgrade" + sudo: yes + sudo_user: "{{ ironic_system_user_name }}" + notify: + - restart ironic-conductor + when: ironic_checkout.changed + tags: + - ironic-db-setup + - ironic-conductor + diff --git a/tasks/ironic_get_source.yml b/tasks/ironic_get_source.yml new file mode 100644 index 00000000..8109a517 --- /dev/null +++ b/tasks/ironic_get_source.yml @@ -0,0 +1,33 @@ +--- +# Copyright 2014, Rackspace US, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +- name: git clone ironic source code + git: repo=https://github.com/openstack/ironic.git + dest={{ ironic_git_dest }} + version={{ ironic_git_install_branch }} + update=no + register: ironic_checkout + tags: + - ironic-api + - ironic-conductor + +- name: git clone python-ironicclient source code + git: repo=https://github.com/openstack/python-ironicclient.git + dest={{ python_ironicclient_git_dest }} + version={{ python_ironicclient_git_install_branch }} + update=no + register: python_ironicclient_checkout + tags: + - ironic-client diff --git a/tasks/ironic_install.yml b/tasks/ironic_install.yml new file mode 100644 index 00000000..0f5ea832 --- /dev/null +++ b/tasks/ironic_install.yml @@ -0,0 +1,29 @@ +--- +# Copyright 2014, Rackspace US, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +- name: Install Ironic (python system library) + when: ironic_checkout.changed and not ironic_venv_enabled + pip: name="file://{{ ironic_git_dest }}" + tags: + - ironic-api + - ironic-conductor + +- name: Install Ironic (openstack venv) + when: ironic_checkout.changed and ironic_venv_enabled + pip: name="file://{{ ironic_git_dest }}" virtualenv="/openstack/venvs/ironic-{{ ironic_venv_tag }}" + tags: + - ironic-api + - ironic-conductor + diff --git a/tasks/ironic_pre_install.yml b/tasks/ironic_pre_install.yml new file mode 100644 index 00000000..6c40786d --- /dev/null +++ b/tasks/ironic_pre_install.yml @@ -0,0 +1,125 @@ +--- +# Copyright 2014, Rackspace US, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +- name: create the system group + group: + name: "{{ ironic_system_group_name }}" + state: "present" + system: "yes" + tags: + - ironic-api + - ironic-conductor + +- name: Remove old key file(s) if found + file: + path: "{{ item }}" + state: "absent" + with_items: + - "{{ ironic_system_home_folder }}/.ssh/authorized_keys" + - "{{ ironic_system_home_folder }}/.ssh/id_rsa" + - "{{ ironic_system_home_folder }}/.ssh/id_rsa.pub" + when: ironic_recreate_keys | bool + tags: + - ironic-api + - ironic-conductor + +- name: Create the ironic system user + user: + name: "{{ ironic_system_user_name }}" + group: "{{ ironic_system_group_name }}" + comment: "{{ ironic_system_comment }}" + shell: "{{ ironic_system_shell }}" + system: "yes" + createhome: "yes" + home: "{{ ironic_system_home_folder }}" + generate_ssh_key: "yes" + tags: + - ironic-api + - ironic-conductor + +- name: Create ironic dir + file: + path: "{{ item.path }}" + state: directory + owner: "{{ item.owner|default(ironic_system_user_name) }}" + group: "{{ item.group|default(ironic_system_group_name) }}" + mode: "{{ item.mode|default('0755') }}" + with_items: + - { path: "/openstack", mode: "0755", owner: "root", group: "root" } + - { path: "/etc/ironic" } + - { path: "/etc/ironic/rootwrap.d" } + - { path: "/etc/sudoers.d", mode: "0750", owner: "root", group: "root" } + - { path: "/var/cache/ironic" } + - { path: "{{ ironic_system_home_folder }}" } + - { path: "{{ ironic_system_home_folder }}/.ssh", mode: "0700" } + - { path: "{{ ironic_system_home_folder }}/images" } + - { path: "{{ ironic_system_home_folder }}/master_images" } + - { path: "/var/lock/ironic" } + - { path: "/var/run/ironic" } + tags: + - ironic-api + - ironic-conductor + +- name: Create ironic venv dir + file: + path: "{{ item.path }}" + state: directory + with_items: + - { path: "/openstack/venvs" } + - { path: "{{ ironic_venv_bin }}" } + when: ironic_venv_enabled | bool + tags: + - ironic-api + - ironic-conductor + +- name: Test for log directory or link + shell: | + if [ -h "{{ ironic_system_log_folder }}" ]; then + chown -h {{ ironic_system_user_name }}:{{ ironic_system_group_name }} "{{ ironic_system_log_folder }}" + chown -R {{ ironic_system_user_name }}:{{ ironic_system_group_name }} "$(readlink {{ ironic_system_log_folder }} )" + else + exit 1 + fi + register: log_dir + failed_when: false + changed_when: log_dir.rc != 0 + tags: + - ironic-api + - ironic-conductor + +- name: Create ironic log dir + file: + path: "{{ item.path }}" + state: directory + owner: "{{ item.owner|default(ironic_system_user_name) }}" + group: "{{ item.group|default(ironic_system_group_name) }}" + mode: "{{ item.mode|default('0755') }}" + with_items: + - { path: "{{ ironic_system_log_folder }}" } + when: log_dir.rc != 0 + tags: + - ironic-api + - ironic-conductor + +- name: Include sudoers file + template: + src: "sudoers.j2" + dest: "/etc/sudoers.d/{{ ironic_system_user_name }}_sudoers" + mode: "0440" + owner: "root" + group: "root" + tags: + - ironic-api + - ironic-conductor diff --git a/tasks/ironic_upstart_common_init.yml b/tasks/ironic_upstart_common_init.yml new file mode 100644 index 00000000..a586c203 --- /dev/null +++ b/tasks/ironic_upstart_common_init.yml @@ -0,0 +1,46 @@ +--- +# Copyright 2014, Rackspace US, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +- name: Place the init script + template: + src: "ironic-upstart-init.j2" + dest: "/etc/init/{{ program_name }}.conf" + mode: "0644" + owner: "root" + group: "root" + notify: + - Restart ironic services + tags: + - upstart-init + - ironic-init + +- name: Reload init scripts + shell: | + initctl reload-configuration + notify: + - Restart ironic services + tags: + - upstart-init + - ironic-init + +- name: Load service + service: + name: "{{ program_name }}" + enabled: "yes" + notify: + - Restart ironic services + tags: + - upstart-init + - ironic-init diff --git a/tasks/ironic_upstart_init.yml b/tasks/ironic_upstart_init.yml new file mode 100644 index 00000000..4cf7ca5e --- /dev/null +++ b/tasks/ironic_upstart_init.yml @@ -0,0 +1,35 @@ +--- +# Copyright 2014, Rackspace US, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +- include: ironic_upstart_common_init.yml + vars: + program_name: "{{ ironic_api_program_name }}" + service_name: "{{ ironic_service_name }}" + system_user: "{{ ironic_system_user_name }}" + system_group: "{{ ironic_system_group_name }}" + service_home: "{{ ironic_system_home_folder }}" +# TODO(mrda): define groups +# when: inventory_hostname in groups['ironic_api_metadata'] + +- include: ironic_upstart_common_init.yml + vars: + program_name: "{{ ironic_conductor_program_name }}" + service_name: "{{ ironic_service_name }}" + system_user: "{{ ironic_system_user_name }}" + system_group: "{{ ironic_system_group_name }}" + service_home: "{{ ironic_system_home_folder }}" +# TODO(mrda): define groups +# when: inventory_hostname in groups['ironic_cert'] + diff --git a/tasks/main.yml b/tasks/main.yml new file mode 100644 index 00000000..59197a34 --- /dev/null +++ b/tasks/main.yml @@ -0,0 +1,23 @@ +--- +# Copyright 2015, Rackspace US, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + + - include: ironic_pre_install.yml + - include: ironic_get_source.yml + - include: ironic_install.yml + - include: python_ironicclient_install.yml + - include: ironic_conductor_post_install.yml + - include: ironic_db_setup.yml + - include: ironic_upstart_init.yml + diff --git a/tasks/python_ironicclient_install.yml b/tasks/python_ironicclient_install.yml new file mode 100644 index 00000000..10df330d --- /dev/null +++ b/tasks/python_ironicclient_install.yml @@ -0,0 +1,26 @@ +--- +# Copyright 2014, Rackspace US, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +- name: Install Python-Ironicclient (python system library) + when: python_ironicclient_checkout.changed and not ironic_venv_enabled + pip: name="file://{{ python_ironicclient_git_dest }}" + tags: + - ironic-client + +- name: Install Python-Ironicclient (openstack venv) + when: python_ironicclient_checkout.changed and ironic_venv_enabled + pip: name="file://{{ python_ironicclient_git_dest }}" virtualenv="/openstack/venvs/ironic-{{ ironic_venv_tag }}" + tags: + - ironic-client diff --git a/templates/ironic-upstart-init.j2 b/templates/ironic-upstart-init.j2 new file mode 100644 index 00000000..156c0bc6 --- /dev/null +++ b/templates/ironic-upstart-init.j2 @@ -0,0 +1,46 @@ +# {{ ansible_managed }} + +# vim:set ft=upstart ts=2 et: + +description "{{ program_name }}" +author "Michael Davies " + +start on runlevel [2345] +stop on runlevel [016] + +respawn +respawn limit 10 5 + +# Set the RUNBIN environment variable +env RUNBIN="{{ ironic_bin }}/{{ program_name }}" + +# Change directory to service users home +chdir "{{ service_home }}" + +# Pre start actions +pre-start script + mkdir -p "/var/run/{{ program_name }}" + chown {{ system_user }}:{{ system_group }} "/var/run/{{ program_name }}" + + mkdir -p "/var/lock/{{ program_name }}" + chown {{ system_user }}:{{ system_group }} "/var/lock/{{ program_name }}" + + {% if ironic_venv_enabled | bool -%} + . {{ ironic_venv_bin }}/activate + {%- endif %} + +end script + +# Post stop actions +post-stop script + rm "/var/run/{{ program_name }}/{{ program_name }}.pid" +end script + +# Run the start up job +exec start-stop-daemon --start \ + --chuid {{ system_user }} \ + --make-pidfile \ + --pidfile /var/run/{{ program_name }}/{{ program_name }}.pid \ + --exec "{{ program_override|default('$RUNBIN') }}" \ + -- {{ program_config_options|default('') }} \ + --log-file={{ ironic_system_log_folder }}/{{ program_name }}.log diff --git a/templates/sudoers.j2 b/templates/sudoers.j2 new file mode 100644 index 00000000..497f3892 --- /dev/null +++ b/templates/sudoers.j2 @@ -0,0 +1,6 @@ +# {{ ansible_managed }} + +Defaults:{{ ironic_system_user_name }} !requiretty +Defaults:{{ ironic_system_user_name }} secure_path="{{ ironic_bin }}:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" + +{{ ironic_system_user_name }} ALL = (root) NOPASSWD: {{ ironic_bin }}/{{ ironic_service_name }}-rootwrap diff --git a/tests/ansible.cfg b/tests/ansible.cfg new file mode 100644 index 00000000..6c8a3443 --- /dev/null +++ b/tests/ansible.cfg @@ -0,0 +1,2 @@ +[defaults] +roles_path = ../.. diff --git a/tests/inventory b/tests/inventory new file mode 100644 index 00000000..d0e07048 --- /dev/null +++ b/tests/inventory @@ -0,0 +1,5 @@ +[all] +localhost ansible_connection=local ansible_user=root + +[installhost] +installhost ansible_user=root ansible_ssh_port=22 ansible_ssh_host=192.168.1.21 diff --git a/tests/local_install.yml b/tests/local_install.yml new file mode 100644 index 00000000..e5aa3468 --- /dev/null +++ b/tests/local_install.yml @@ -0,0 +1,5 @@ +- name: Do things with the openstack-ironic-role role + remote_user: root + hosts: installhost + roles: + - role: openstack-ansible-ironic diff --git a/tests/test.yml b/tests/test.yml new file mode 100644 index 00000000..0c16ed34 --- /dev/null +++ b/tests/test.yml @@ -0,0 +1,20 @@ +--- +# Copyright 2015, Rackspace US, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +- name: Playbook for role testing + hosts: localhost + remote_user: root + roles: + - role: "{{ rolename }}"