4da8f6c3a7
Open the iptables ports in the same way there are opened in the production opendev configuration. Do that in a pre-playbook and move some tasks into it for retryability. Change-Id: I992174aa3c7e47f9d2f70605172cd8b9460c53eb
48 lines
1.3 KiB
YAML
48 lines
1.3 KiB
YAML
# This happens in the pre-playbook of the opendev-buildset-registry
|
|
# job. Since we're testing these roles in opendev, we need to do the
|
|
# same here for the builder (and also the intermediate registry,
|
|
# though that obviously happens in configuration management rather
|
|
# than a job).
|
|
- hosts: builder:intermediate-registry
|
|
name: Set up docker and iptables configuration for registry hosts
|
|
roles:
|
|
- install-docker
|
|
tasks:
|
|
- name: Open the IPv4 port for the buildset registry
|
|
become: true
|
|
iptables:
|
|
action: insert
|
|
chain: openstack-INPUT
|
|
destination_port: '5000:5001'
|
|
jump: ACCEPT
|
|
match: tcp
|
|
ctstate: NEW
|
|
protocol: tcp
|
|
ip_version: ipv4
|
|
- name: Open the IPv6 port for the buildset registry
|
|
become: true
|
|
iptables:
|
|
action: insert
|
|
chain: openstack-INPUT
|
|
destination_port: '5000:5001'
|
|
jump: ACCEPT
|
|
match: tcp
|
|
ctstate: NEW
|
|
protocol: tcp
|
|
ip_version: ipv6
|
|
|
|
- hosts: executor
|
|
name: Set up a simulated executor
|
|
tasks:
|
|
- name: Add project atomic PPA
|
|
become: true
|
|
apt_repository:
|
|
repo: ppa:projectatomic/ppa
|
|
- name: Install packages
|
|
become: true
|
|
package:
|
|
name:
|
|
- socat
|
|
- skopeo
|
|
state: present
|