openstack/openstack-ansible
Code Issues Proposed changes

Merge "Changed the container interaction process"

Browse Source
This commit is contained in:
Jenkins 2014-12-10 18:18:41 +00:00 committed by Gerrit Code Review
commit a89bd2c471
9 changed files with 60 additions and 123 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
rpc_deployment/library/lxc
View File

@ -965,7 +965,7 @@ class LxcManagement(object):
self.module.get_bin_path('lxc-stop', True), self.module.get_bin_path('lxc-stop', True),
'--logfile /tmp/lxc-ansible-%s-stop.log' % name, '--logfile /tmp/lxc-ansible-%s-stop.log' % name,
'--logpriority INFO', '--logpriority INFO',
'--timeout 10', '--timeout 120',
'--name %s' % name '--name %s' % name
] ]

10
rpc_deployment/playbooks/setup/containers-setup.yml
View File

@ -13,16 +13,10 @@
# See the License for the specific language governing permissions and # See the License for the specific language governing permissions and
# limitations under the License. # limitations under the License.
- hosts: "{{ host_group|default('hosts') }}" - hosts: "{{ host_group|default('all_containers') }}"
user: root user: root
gather_facts: false
roles: roles:
- container_setup - container_setup
vars_files: vars_files:
- vars/config_vars/container_interfaces.yml - vars/config_vars/container_interfaces.yml
vars:
default_container_groups: "{{ hostvars[inventory_hostname]['container_types'] }}"
container_groups: "{{ groups[container_group|default(default_container_groups)] | default('') }}"
required_container_config_options:
- "lxc.mount.entry=/openstack/log/{{ hostvars[item]['container_name'] }} var/log/{{ hostvars[item]['service_name'] }} none defaults,bind,rw 0 0"
- "lxc.mount.entry=/openstack/backup/{{ hostvars[item]['container_name'] }} var/backup none defaults,bind,rw 0 0"
- "lxc.mount.entry=/openstack/monitoring monitoring none defaults,bind,rw 0 0"

6
rpc_deployment/playbooks/setup/destroy-containers.yml
View File

@ -14,10 +14,8 @@
# limitations under the License. # limitations under the License.
# This playbook destroys all known containers. # This playbook destroys all known containers.
- hosts: "{{ host_group|default('hosts') }}" - hosts: "{{ host_group|default('all_containers') }}"
user: root user: root
gather_facts: false
roles: roles:
- container_destroy - container_destroy
vars:
default_container_groups: "{{ hostvars[inventory_hostname]['container_types'] }}"
container_groups: "{{ groups[container_group|default(default_container_groups)] }}"

2
rpc_deployment/roles/container_create/tasks/main.yml
View File

@ -14,4 +14,4 @@
# limitations under the License. # limitations under the License.
- include: container_create.yml - include: container_create.yml
when: container_groups|length > 0

5
rpc_deployment/roles/container_destroy/tasks/main.yml
View File

@ -17,6 +17,7 @@
- name: Destroy Containers - name: Destroy Containers
lxc: lxc:
name: "{{ hostvars[item]['container_name'] }}" name: "{{ container_name }}"
command: "destroy" command: "destroy"
with_items: container_groups delegate_to: "{{ physical_host }}"

2
rpc_deployment/roles/container_restart/tasks/main.yml
View File

@ -14,4 +14,4 @@
# limitations under the License. # limitations under the License.
- include: container_restart.yml - include: container_restart.yml
when: container_groups|length > 0

139
rpc_deployment/roles/container_setup/tasks/container_setup.yml
View File

@ -16,109 +16,54 @@
- name: Obtain the Systems SSH-Key - name: Obtain the Systems SSH-Key
set_fact: set_fact:
container_ssh_key: "{{ lookup('file', '~/.ssh/id_rsa.pub') }}" container_ssh_key: "{{ lookup('file', '~/.ssh/id_rsa.pub') }}"
delegate_to: "{{ physical_host }}"
- name: Fail when empty or non-existent SSH pub key - name: Fail when empty or non-existent SSH pub key
fail: > fail: msg="Failing - ~/.ssh/id_rsa.pub file doesn't exist or is empty"
msg="Failing - ~/.ssh/id_rsa.pub file doesn't exist or is empty"
when: container_ssh_key == "" when: container_ssh_key == ""
delegate_to: "{{ physical_host }}"
- name: Set the SSH key in place
lxc: >
name={{ hostvars[item]['container_name'] }}
command=attach
container_command="
mkdir -p ~/.ssh/;
if [ ! -f \"~/.ssh/authorized_keys\" ];then
touch ~/.ssh/authorized_keys;
fi;
grep '{{ container_ssh_key }}' ~/.ssh/authorized_keys ||
echo '{{ container_ssh_key }}' | tee -a ~/.ssh/authorized_keys;
"
with_items: container_groups
- name: Set base network interface
lxc: >
name={{ hostvars[item]['container_name'] }}
command=attach
container_command="
echo -e '{{ container_interface }}' | tee /etc/network/interfaces;
"
with_items: container_groups
- name: Set management network interface
lxc: >
name={{ hostvars[item]['container_name'] }}
command=attach
container_command="
echo -e '{{ management_interface }}' | tee /etc/network/interfaces.d/management.cfg;
"
with_items: container_groups
- name: Ensure SSH is avail at boot
lxc: >
name={{ hostvars[item]['container_name'] }}
command=attach
container_command="update-rc.d ssh defaults"
with_items: container_groups
- name: Ensure SSH is available for root
lxc: >
name={{ hostvars[item]['container_name'] }}
command=attach
container_command="sed -i 's/PermitRootLogin.*/PermitRootLogin\ yes/g' /etc/ssh/sshd_config"
with_items: container_groups
- name: Ensure SSH started
lxc: >
name={{ hostvars[item]['container_name'] }}
command=attach
container_command="service ssh restart"
with_items: container_groups
- name: Ensure required inner directories
lxc: >
name={{ hostvars[item.1]['container_name'] }}
command=attach
container_command="mkdir -p {{ item.0 }}"
with_nested:
- [ "/monitoring", "/etc/network/interfaces.d", "/var/backup" ]
- container_groups
- name: Create Required local log directories
file: >
path="{{ item.0 }}/{{ hostvars[item.1]['container_name'] }}"
state=directory
with_nested:
- [ "/openstack/backup", "/openstack/log" ]
- container_groups
- name: Create Required local monitoring directories - name: Create Required local monitoring directories
file: > file:
path={{ item }} path: "{{ item }}"
state=directory state: "directory"
with_items: with_items:
- "/openstack/monitoring" - "/openstack/backup/{{ container_name }}"
- "/openstack/log/{{ container_name }}"
delegate_to: "{{ physical_host }}"
- name: Ensure required inner service directories - name: Basic Inner Container Setup
lxc: > lxc:
name={{ hostvars[item.1]['container_name'] }} name: "{{ container_name }}"
command=attach command: "attach"
container_command="mkdir -p {{ item.0 }}/{{ hostvars[item.1]['service_name'] }}" container_command: |
with_nested: mkdir -p ~/.ssh/
- [ "/etc", "/var/log" ] if [ ! -f "~/.ssh/authorized_keys" ];then
- container_groups touch ~/.ssh/authorized_keys
fi
- name: Ensure python2.7 installed grep '{{ container_ssh_key }}' ~/.ssh/authorized_keys || echo '{{ container_ssh_key }}' | tee -a ~/.ssh/authorized_keys
lxc: > # Create internal directories
name={{ hostvars[item]['container_name'] }} mkdir -p /monitoring
command=attach mkdir -p /etc/network/interfaces.d
container_command="apt-get -y install python2.7; rm /usr/bin/python; ln -s /usr/bin/python2.7 /usr/bin/python" mkdir -p /var/backup
with_items: container_groups mkdir -p '/var/log/{{ service_name }}'
mkdir -p '/etc/{{ service_name }}'
sed -i 's/PermitRootLogin.*/PermitRootLogin\ yes/g' /etc/ssh/sshd_config
service ssh restart
apt-get update
apt-get -y install python2.7
rm /usr/bin/python
ln -s /usr/bin/python2.7 /usr/bin/python
echo -e '{{ default_interfaces }}' | tee /etc/network/interfaces
echo -e '{{ management_interface }}' | tee /etc/network/interfaces.d/management.cfg
delegate_to: "{{ physical_host }}"
- name: Ensure Required container config options - name: Ensure Required container config options
lxc: > lxc:
name={{ hostvars[item]['container_name'] }} name: "{{ container_name }}"
command=config command: config
options="{{ required_container_config_options }}" options:
state=running - "lxc.mount.entry=/openstack/log/{{ container_name }} var/log/{{ service_name }} none defaults,bind,rw 0 0"
with_items: container_groups - "lxc.mount.entry=/openstack/backup/{{ container_name }} var/backup none defaults,bind,rw 0 0"
state: running
delegate_to: "{{ physical_host }}"

2
rpc_deployment/roles/container_setup/tasks/main.yml
View File

@ -14,4 +14,4 @@
# limitations under the License. # limitations under the License.
- include: container_setup.yml - include: container_setup.yml
when: container_groups|length > 0

15
rpc_deployment/vars/config_vars/container_interfaces.yml
View File

@ -13,19 +13,18 @@
# See the License for the specific language governing permissions and # See the License for the specific language governing permissions and
# limitations under the License. # limitations under the License.
container_interface: | default_interfaces: |
# The loopback network interface # The loopback network interface
auto lo auto lo
iface lo inet loopback iface lo inet loopback
# LXC interface
auto eth0 auto eth0
iface eth0 inet dhcp iface eth0 inet dhcp
# Load any additional configs
source /etc/network/interfaces.d/*.cfg source /etc/network/interfaces.d/*.cfg
management_interface: | management_interface: |
auto {{ hostvars[item]['container_network']['container_interface'] }} auto {{ container_network['container_interface'] }}
iface {{ hostvars[item]['container_network']['container_interface'] }} inet static iface {{ container_network['container_interface'] }} inet static
address {{ hostvars[item]['container_address'] }} address {{ container_address }}
netmask {{ hostvars[item]['container_network']['container_netmask']|default(hostvars[item]['container_netmask']) }} netmask {{ container_network['container_netmask']|default(container_netmask) }}