openstack-ansible/scripts/bootstrap-ansible.sh
Kevin Carter fdcde0dbbb Update ansible to the latest stable release
Change-Id: Ibf5ffc0f43d789a936ffd73d1cf90ea5d81e43f6
Signed-off-by: Kevin Carter <kevin@cloudnull.com>
2019-02-23 06:49:50 +00:00

230 lines
9.1 KiB
Bash
Executable File

#!/usr/bin/env bash
# Copyright 2014, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
# (c) 2014, Kevin Carter <kevin.carter@rackspace.com>
## Shell Opts ----------------------------------------------------------------
set -e -u -x
## Vars ----------------------------------------------------------------------
export HTTP_PROXY=${HTTP_PROXY:-""}
export HTTPS_PROXY=${HTTPS_PROXY:-""}
# The Ansible version used for testing
export ANSIBLE_PACKAGE=${ANSIBLE_PACKAGE:-"ansible==2.7.8"}
export ANSIBLE_ROLE_FILE=${ANSIBLE_ROLE_FILE:-"ansible-role-requirements.yml"}
export SSH_DIR=${SSH_DIR:-"/root/.ssh"}
export DEBIAN_FRONTEND=${DEBIAN_FRONTEND:-"noninteractive"}
# check whether to install the ARA callback plugin
export SETUP_ARA=${SETUP_ARA:-"false"}
# Use pip opts to add options to the pip install command.
# This can be used to tell it which index to use, etc.
export PIP_OPTS=${PIP_OPTS:-""}
export OSA_WRAPPER_BIN="${OSA_WRAPPER_BIN:-scripts/openstack-ansible.sh}"
# This script should be executed from the root directory of the cloned repo
cd "$(dirname "${0}")/.."
## Functions -----------------------------------------------------------------
info_block "Checking for required libraries." 2> /dev/null ||
source scripts/scripts-library.sh
## Main ----------------------------------------------------------------------
info_block "Bootstrapping System with Ansible"
# Store the clone repo root location
export OSA_CLONE_DIR="$(pwd)"
# Set the variable to the role file to be the absolute path
ANSIBLE_ROLE_FILE="$(readlink -f "${ANSIBLE_ROLE_FILE}")"
OSA_INVENTORY_PATH="$(readlink -f inventory)"
OSA_PLAYBOOK_PATH="$(readlink -f playbooks)"
# Create the ssh dir if needed
ssh_key_create
# Determine the distribution which the host is running on
determine_distro
# Prefer dnf over yum for CentOS.
which dnf &>/dev/null && RHT_PKG_MGR='dnf' || RHT_PKG_MGR='yum'
# Install the base packages
case ${DISTRO_ID} in
centos|rhel)
$RHT_PKG_MGR -y install \
git curl autoconf gcc gcc-c++ nc \
python2 python2-devel \
openssl-devel libffi-devel \
libselinux-python python-virtualenv
;;
ubuntu)
apt-get update
DEBIAN_FRONTEND=noninteractive apt-get -y install \
git-core curl gcc netcat \
python-minimal python-dev \
python3 python3-dev \
libssl-dev libffi-dev \
python-apt python3-apt \
python-virtualenv
;;
opensuse*)
zypper -n install -l git-core curl autoconf gcc gcc-c++ \
netcat-openbsd python python-xml python-devel gcc \
libffi-devel libopenssl-devel python-setuptools python-virtualenv
# Leap 42.3 ships with python3.4 which is not supported by ansible and as
# such we are using python2
# See https://github.com/ansible/ansible/issues/24180
source /etc/os-release
[[ ${VERSION} =~ 42 ]] && PYTHON_EXEC_PATH="/usr/bin/python2"
;;
esac
# Ensure that our shell knows about the new virtualenv
hash -r virtualenv
# Ensure we use the HTTPS/HTTP proxy with pip if it is specified
if [ -n "$HTTPS_PROXY" ]; then
PIP_OPTS+="--proxy $HTTPS_PROXY"
elif [ -n "$HTTP_PROXY" ]; then
PIP_OPTS+="--proxy $HTTP_PROXY"
fi
# Force using python2. When python3 and python2 dual stack is supported uncomment the following:
#PYTHON_EXEC_PATH="${PYTHON_EXEC_PATH:-$(which python3 || which python2 || which python)}"
PYTHON_EXEC_PATH="${PYTHON_EXEC_PATH:-$(which python2 || which python)}"
PYTHON_VERSION="$($PYTHON_EXEC_PATH -c 'import sys; print(".".join(map(str, sys.version_info[:3])))')"
# Use https when Python with native SNI support is available
UPPER_CONSTRAINTS_PROTO=$([ "$PYTHON_VERSION" == $(echo -e "$PYTHON_VERSION\n2.7.9" | sort -V | tail -1) ] && echo "https" || echo "http")
# Set the location of the constraints to use for all pip installations
export UPPER_CONSTRAINTS_FILE=${UPPER_CONSTRAINTS_FILE:-"$UPPER_CONSTRAINTS_PROTO://git.openstack.org/cgit/openstack/requirements/plain/upper-constraints.txt?id=$(awk '/requirements_git_install_branch:/ {print $2}' playbooks/defaults/repo_packages/openstack_services.yml)"}
# All distros have a python-virtualenv > 13.
# - Centos 7 has 15.1, which holds pip 9.0.1, setuptools 28.8, wheel 0.29
# See also: http://mirror.centos.org/centos/7/os/x86_64/Packages/
# - openSUSE 42.3 has 13.1.2, which holds pip 7.1.2, setuptools 18.2, wheel 0.24.
# See also: https://build.opensuse.org/package/show/openSUSE%3ALeap%3A42.3/python-virtualenv
# - Ubuntu Xenial has 15.0.1, holding pip 8.1.1, setuptools 20.3, wheel 0.29
# See also: https://packages.ubuntu.com/xenial/python-virtualenv
virtualenv --python=${PYTHON_EXEC_PATH} --never-download --clear /opt/ansible-runtime
# The vars used to prepare the Ansible runtime venv
PIP_OPTS+=" --constraint global-requirement-pins.txt"
PIP_OPTS+=" --constraint ${UPPER_CONSTRAINTS_FILE}"
# When executing the installation, we want to specify all our options on the CLI,
# making sure to completely ignore any config already on the host. This is to
# prevent the repo server's extra constraints being applied, which include
# a different version of Ansible to the one we want to install. As such, we
# use --isolated so that the config file is ignored.
# Upgrade pip setuptools and wheel to the appropriate version
${PIP_COMMAND} install --isolated ${PIP_OPTS} --upgrade pip setuptools wheel
# Get current code version (this runs at the root of OSA clone)
CURRENT_OSA_VERSION=$(cd ${OSA_CLONE_DIR}; /opt/ansible-runtime/bin/python setup.py --version)
# Install ansible and the other required packages
${PIP_COMMAND} install --isolated ${PIP_OPTS} -r requirements.txt ${ANSIBLE_PACKAGE}
# Install our osa_toolkit code from the current checkout
$PIP_COMMAND install -e .
# Add SELinux support to the venv
if [ -d "/usr/lib64/python2.7/site-packages/selinux/" ]; then
rsync -avX /usr/lib64/python2.7/site-packages/selinux/ /opt/ansible-runtime/lib64/python2.7/selinux/
fi
# Ensure that Ansible binaries run from the venv
pushd /opt/ansible-runtime/bin
for ansible_bin in $(ls -1 ansible*); do
if [ "${ansible_bin}" == "ansible" ] || [ "${ansible_bin}" == "ansible-playbook" ]; then
# For the 'ansible' and 'ansible-playbook' commands we want to use our wrapper
ln -sf /usr/local/bin/openstack-ansible /usr/local/bin/${ansible_bin}
else
# For any other commands, we want to link directly to the binary
ln -sf /opt/ansible-runtime/bin/${ansible_bin} /usr/local/bin/${ansible_bin}
fi
done
popd
# Write the OSA Ansible rc file
sed "s|OSA_INVENTORY_PATH|${OSA_INVENTORY_PATH}|g" scripts/openstack-ansible.rc > /usr/local/bin/openstack-ansible.rc
sed -i "s|OSA_PLAYBOOK_PATH|${OSA_PLAYBOOK_PATH}|g" /usr/local/bin/openstack-ansible.rc
# Create openstack ansible wrapper tool
cp -v ${OSA_WRAPPER_BIN} /usr/local/bin/openstack-ansible
sed -i "s|OSA_CLONE_DIR|${OSA_CLONE_DIR}|g" /usr/local/bin/openstack-ansible
# Mark the current OSA version in the wrapper, so we don't need to compute it everytime.
sed -i "s|CURRENT_OSA_VERSION|${CURRENT_OSA_VERSION}|g" /usr/local/bin/openstack-ansible
# Ensure wrapper tool is executable
chmod +x /usr/local/bin/openstack-ansible
echo "openstack-ansible wrapper created."
# If the Ansible plugins are in the old location remove them.
[[ -d "/etc/ansible/plugins" ]] && rm -rf "/etc/ansible/plugins"
# Update dependent roles
if [ -f "${ANSIBLE_ROLE_FILE}" ]; then
# NOTE(cloudnull): When bootstrapping we don't want ansible to interact
# with our plugins by default. This change will force
# ansible to ignore our plugins during this process.
export ANSIBLE_LIBRARY="/dev/null"
export ANSIBLE_LOOKUP_PLUGINS="/dev/null"
export ANSIBLE_FILTER_PLUGINS="/dev/null"
export ANSIBLE_ACTION_PLUGINS="/dev/null"
export ANSIBLE_CALLBACK_PLUGINS="/dev/null"
export ANSIBLE_CALLBACK_WHITELIST="/dev/null"
export ANSIBLE_TEST_PLUGINS="/dev/null"
export ANSIBLE_VARS_PLUGINS="/dev/null"
export ANSIBLE_STRATEGY_PLUGINS="/dev/null"
export ANSIBLE_CONFIG="none-ansible.cfg"
pushd scripts
/opt/ansible-runtime/bin/ansible-playbook get-ansible-role-requirements.yml \
-e role_file="${ANSIBLE_ROLE_FILE}"
popd
unset ANSIBLE_LIBRARY
unset ANSIBLE_LOOKUP_PLUGINS
unset ANSIBLE_FILTER_PLUGINS
unset ANSIBLE_ACTION_PLUGINS
unset ANSIBLE_CALLBACK_PLUGINS
unset ANSIBLE_CALLBACK_WHITELIST
unset ANSIBLE_TEST_PLUGINS
unset ANSIBLE_VARS_PLUGINS
unset ANSIBLE_STRATEGY_PLUGINS
unset ANSIBLE_CONFIG
fi
# Install and export the ARA callback plugin
if [ "${SETUP_ARA}" == "true" ]; then
setup_ara
fi
echo "System is bootstrapped and ready for use."