191e0b8660
None of the hosts need pip installed any more. Everything installed on the host is now a distribution package, and all pip packages are inside a virtualenv. As such, we make the final changes to eliminate the installation of pip on the host. 1. We change the pip_install role settings to only put pip.conf down, and not bother installing pip. The pip.conf remains necessary to provide any pip installs done in venvs with the details of the repo server. 2. We update the utility container playbook so that it installs everything into a venv, then symlinks the appropriate openstack client binaries to /usr/local/bin for convenient access. This is only done for source based installs. 3. We update the ceph radosgw keystone setup to make it use the appropriate service host, and to make use of the correct runtime venv. It also now makes use of native ansible modules instead of our own. Depends-On: https://review.openstack.org/587840 Depends-On: https://review.openstack.org/587849 Depends-On: https://review.openstack.org/589643 Depends-On: https://review.openstack.org/590011 Depends-On: https://review.openstack.org/590178 Change-Id: Iac018386e98d1531b605c66bccf3bcce10226e19
81 lines
2.9 KiB
YAML
81 lines
2.9 KiB
YAML
---
|
|
# Copyright 2015, Rackspace US, Inc.
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
# you may not use this file except in compliance with the License.
|
|
# You may obtain a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
# See the License for the specific language governing permissions and
|
|
# limitations under the License.
|
|
|
|
- name: Bootstrap the All-In-One (AIO)
|
|
hosts: localhost
|
|
gather_facts: True
|
|
user: root
|
|
roles:
|
|
- role: "sshd"
|
|
- role: "bootstrap-host"
|
|
vars:
|
|
ansible_python_interpreter: "/usr/bin/python"
|
|
bootstrap_host_scenario: "{{ lookup('env','SCENARIO') | default('aio_lxc', true) }}"
|
|
install_method: "{{ lookup('env', 'INSTALL_METHOD') | default('source', true) }}"
|
|
openstack_confd_entries: "{{ confd_overrides[bootstrap_host_scenario] }}"
|
|
pip_install_upper_constraints_proto: "{{ ansible_python_version | version_compare('2.7.9', '>=') | ternary('https','http') }}"
|
|
pip_install_upper_constraints: >-
|
|
{{ (playbook_dir ~ '/../global-requirement-pins.txt') | realpath }}
|
|
--constraint {{ pip_install_upper_constraints_proto }}://git.openstack.org/cgit/openstack/requirements/plain/upper-constraints.txt?id={{ requirements_git_install_branch | regex_replace(' #.*$','') }}
|
|
sftp_subsystem:
|
|
'apt': 'sftp /usr/lib/openssh/sftp-server'
|
|
'yum': 'sftp /usr/libexec/openssh/sftp-server'
|
|
'zypper': 'sftp /usr/lib/ssh/sftp-server'
|
|
sshd:
|
|
ListenAddress:
|
|
- 0.0.0.0
|
|
- '::'
|
|
Port: 22
|
|
Protocol: 2
|
|
HostKey:
|
|
- "/etc/ssh/ssh_host_rsa_key"
|
|
- "/etc/ssh/ssh_host_ecdsa_key"
|
|
- "/etc/ssh/ssh_host_ed25519_key"
|
|
UsePrivilegeSeparation: yes
|
|
KeyRegenerationInterval: 3600
|
|
ServerKeyBits: 1024
|
|
SyslogFacility: "AUTH"
|
|
LogLevel: "INFO"
|
|
LoginGraceTime: 120
|
|
StrictModes: yes
|
|
RSAAuthentication: yes
|
|
PubkeyAuthentication: yes
|
|
IgnoreRhosts: yes
|
|
RhostsRSAAuthentication: no
|
|
HostbasedAuthentication: no
|
|
PermitEmptyPasswords: no
|
|
PermitRootLogin: yes
|
|
ChallengeResponseAuthentication: no
|
|
PasswordAuthentication: no
|
|
X11DisplayOffset: 10
|
|
PrintMotd: no
|
|
PrintLastLog: no
|
|
TCPKeepAlive: yes
|
|
AcceptEnv: "LANG LC_*"
|
|
Subsystem: "{{ sftp_subsystem[ansible_pkg_mgr] }}"
|
|
UsePAM: yes
|
|
UseDNS: no
|
|
X11Forwarding: no
|
|
Compression: yes
|
|
CompressionLevel: 6
|
|
MaxSessions: 100
|
|
MaxStartups: "100:100:100"
|
|
GSSAPIAuthentication: no
|
|
GSSAPICleanupCredentials: no
|
|
vars_files:
|
|
- "{{ playbook_dir }}/../playbooks/defaults/repo_packages/openstack_services.yml"
|
|
- vars/bootstrap-aio-vars.yml
|
|
environment: "{{ deployment_environment_variables | default({}) }}"
|