2603e8de6a
This change makes is intended to simplify the the ironic.conf file so that we only carry what is needed. In the file we're setting the swift configuration section when not in stand alone mode and the keystone_auth section has been updated for the options that ironic requires. URI testing for ironic's rest API has been updated to run the tests using a header for the authentication token. This is required now that the keystone_auth section is filled in. Co-Authored-By: Michael Davies <michael@the-davies.net> Change-Id: Ic6bd466e6fa03c2382424666588c306bad473e99 Partially-implements: blueprint role-ironic Signed-off-by: Kevin Carter <kevin.carter@rackspace.com>
118 lines
3.6 KiB
YAML
118 lines
3.6 KiB
YAML
---
|
|
# Copyright 2014, Rackspace US, Inc.
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
# you may not use this file except in compliance with the License.
|
|
# You may obtain a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
# See the License for the specific language governing permissions and
|
|
# limitations under the License.
|
|
|
|
- name: Create the system group
|
|
group:
|
|
name: "{{ ironic_system_group_name }}"
|
|
state: "present"
|
|
system: "yes"
|
|
tags:
|
|
- ironic-api
|
|
- ironic-conductor
|
|
|
|
- name: Remove old key file(s) if found
|
|
file:
|
|
path: "{{ item }}"
|
|
state: "absent"
|
|
with_items:
|
|
- "{{ ironic_system_home_folder }}/.ssh/authorized_keys"
|
|
- "{{ ironic_system_home_folder }}/.ssh/id_rsa"
|
|
- "{{ ironic_system_home_folder }}/.ssh/id_rsa.pub"
|
|
when: ironic_recreate_keys | bool
|
|
tags:
|
|
- ironic-api
|
|
- ironic-conductor
|
|
|
|
- name: Create the ironic system user
|
|
user:
|
|
name: "{{ ironic_system_user_name }}"
|
|
group: "{{ ironic_system_group_name }}"
|
|
comment: "{{ ironic_system_comment }}"
|
|
shell: "{{ ironic_system_shell }}"
|
|
system: "yes"
|
|
createhome: "yes"
|
|
home: "{{ ironic_system_home_folder }}"
|
|
generate_ssh_key: "yes"
|
|
tags:
|
|
- ironic-api
|
|
- ironic-conductor
|
|
|
|
- name: Create ironic dir
|
|
file:
|
|
path: "{{ item.path }}"
|
|
state: directory
|
|
owner: "{{ item.owner|default(ironic_system_user_name) }}"
|
|
group: "{{ item.group|default(ironic_system_group_name) }}"
|
|
mode: "{{ item.mode|default('0755') }}"
|
|
with_items:
|
|
- { path: "/openstack", mode: "0755", owner: "root", group: "root" }
|
|
- { path: "/etc/ironic" }
|
|
- { path: "/etc/ironic/rootwrap.d" }
|
|
- { path: "/etc/sudoers.d", mode: "0750", owner: "root", group: "root" }
|
|
- { path: "/var/cache/ironic" }
|
|
- { path: "{{ ironic_system_home_folder }}" }
|
|
- { path: "{{ ironic_system_home_folder }}/.ssh", mode: "0700" }
|
|
- { path: "{{ ironic_system_home_folder }}/images" }
|
|
- { path: "{{ ironic_system_home_folder }}/master_images" }
|
|
- { path: "{{ ironic_system_home_folder }}/cache/api", mode: "0700" }
|
|
- { path: "/var/lock/ironic" }
|
|
- { path: "/var/run/ironic" }
|
|
- { path: "/var/www/cgi-bin", owner: root, group: root }
|
|
- { path: "/var/www/cgi-bin/ironic" }
|
|
tags:
|
|
- ironic-api
|
|
- ironic-conductor
|
|
|
|
- name: Create ironic venv dir
|
|
file:
|
|
path: "{{ item.path }}"
|
|
state: directory
|
|
with_items:
|
|
- { path: "/openstack/venvs" }
|
|
- { path: "{{ ironic_venv_bin }}" }
|
|
when: ironic_venv_enabled | bool
|
|
tags:
|
|
- ironic-api
|
|
- ironic-conductor
|
|
|
|
- name: Test for log directory or link
|
|
shell: |
|
|
if [ -h "{{ ironic_system_log_folder }}" ]; then
|
|
chown -h {{ ironic_system_user_name }}:{{ ironic_system_group_name }} "{{ ironic_system_log_folder }}"
|
|
chown -R {{ ironic_system_user_name }}:{{ ironic_system_group_name }} "$(readlink {{ ironic_system_log_folder }} )"
|
|
else
|
|
exit 1
|
|
fi
|
|
register: log_dir
|
|
failed_when: false
|
|
changed_when: log_dir.rc != 0
|
|
tags:
|
|
- ironic-api
|
|
- ironic-conductor
|
|
|
|
- name: Create ironic log dir
|
|
file:
|
|
path: "{{ item.path }}"
|
|
state: directory
|
|
owner: "{{ item.owner|default(ironic_system_user_name) }}"
|
|
group: "{{ item.group|default(ironic_system_group_name) }}"
|
|
mode: "{{ item.mode|default('0755') }}"
|
|
with_items:
|
|
- { path: "{{ ironic_system_log_folder }}" }
|
|
when: log_dir.rc != 0
|
|
tags:
|
|
- ironic-api
|
|
- ironic-conductor
|