openstack-ansible-os_ironic/tasks/ironic_pre_install.yml
Kevin Carter 2603e8de6a
Update ironic.conf for swift and keystone compat
This change makes is intended to simplify the the ironic.conf file
so that we only carry what is needed. In the file we're setting the
swift configuration section when not in stand alone mode and the
keystone_auth section has been updated for the options that ironic
requires.

URI testing for ironic's rest API has been updated to run the tests
using a header for the authentication token. This is required now that
the keystone_auth section is filled in.

Co-Authored-By: Michael Davies <michael@the-davies.net>
Change-Id: Ic6bd466e6fa03c2382424666588c306bad473e99
Partially-implements: blueprint role-ironic
Signed-off-by: Kevin Carter <kevin.carter@rackspace.com>
2016-04-12 23:38:08 -05:00

118 lines
3.6 KiB
YAML

---
# Copyright 2014, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Create the system group
group:
name: "{{ ironic_system_group_name }}"
state: "present"
system: "yes"
tags:
- ironic-api
- ironic-conductor
- name: Remove old key file(s) if found
file:
path: "{{ item }}"
state: "absent"
with_items:
- "{{ ironic_system_home_folder }}/.ssh/authorized_keys"
- "{{ ironic_system_home_folder }}/.ssh/id_rsa"
- "{{ ironic_system_home_folder }}/.ssh/id_rsa.pub"
when: ironic_recreate_keys | bool
tags:
- ironic-api
- ironic-conductor
- name: Create the ironic system user
user:
name: "{{ ironic_system_user_name }}"
group: "{{ ironic_system_group_name }}"
comment: "{{ ironic_system_comment }}"
shell: "{{ ironic_system_shell }}"
system: "yes"
createhome: "yes"
home: "{{ ironic_system_home_folder }}"
generate_ssh_key: "yes"
tags:
- ironic-api
- ironic-conductor
- name: Create ironic dir
file:
path: "{{ item.path }}"
state: directory
owner: "{{ item.owner|default(ironic_system_user_name) }}"
group: "{{ item.group|default(ironic_system_group_name) }}"
mode: "{{ item.mode|default('0755') }}"
with_items:
- { path: "/openstack", mode: "0755", owner: "root", group: "root" }
- { path: "/etc/ironic" }
- { path: "/etc/ironic/rootwrap.d" }
- { path: "/etc/sudoers.d", mode: "0750", owner: "root", group: "root" }
- { path: "/var/cache/ironic" }
- { path: "{{ ironic_system_home_folder }}" }
- { path: "{{ ironic_system_home_folder }}/.ssh", mode: "0700" }
- { path: "{{ ironic_system_home_folder }}/images" }
- { path: "{{ ironic_system_home_folder }}/master_images" }
- { path: "{{ ironic_system_home_folder }}/cache/api", mode: "0700" }
- { path: "/var/lock/ironic" }
- { path: "/var/run/ironic" }
- { path: "/var/www/cgi-bin", owner: root, group: root }
- { path: "/var/www/cgi-bin/ironic" }
tags:
- ironic-api
- ironic-conductor
- name: Create ironic venv dir
file:
path: "{{ item.path }}"
state: directory
with_items:
- { path: "/openstack/venvs" }
- { path: "{{ ironic_venv_bin }}" }
when: ironic_venv_enabled | bool
tags:
- ironic-api
- ironic-conductor
- name: Test for log directory or link
shell: |
if [ -h "{{ ironic_system_log_folder }}" ]; then
chown -h {{ ironic_system_user_name }}:{{ ironic_system_group_name }} "{{ ironic_system_log_folder }}"
chown -R {{ ironic_system_user_name }}:{{ ironic_system_group_name }} "$(readlink {{ ironic_system_log_folder }} )"
else
exit 1
fi
register: log_dir
failed_when: false
changed_when: log_dir.rc != 0
tags:
- ironic-api
- ironic-conductor
- name: Create ironic log dir
file:
path: "{{ item.path }}"
state: directory
owner: "{{ item.owner|default(ironic_system_user_name) }}"
group: "{{ item.group|default(ironic_system_group_name) }}"
mode: "{{ item.mode|default('0755') }}"
with_items:
- { path: "{{ ironic_system_log_folder }}" }
when: log_dir.rc != 0
tags:
- ironic-api
- ironic-conductor