various fixes for ansible 2.3 compat
update docker role
set default for docker apt repo
fix quote
revert explicit dependencies, use ansible_user_id rather than ansible_user
don't depend on ansible role
force docker version
Change-Id: I0ba24d829db73559d7d4f16ae89a4661215f3842
diff --git a/build.gradle b/build.gradle
index d6bd43b..d6e3479 100644
--- a/build.gradle
+++ b/build.gradle
@@ -315,7 +315,7 @@
task prime (type: Exec) {
executable = "ansible-playbook"
- args = ["-i", config.headnode.ip + ',']
+ args = ["-i", '../genconfig/cord-inv']
if ( config.headnode.ansible_user != null && config.headnode.ansible_user != "" ) {
args = args << "--user=$config.headnode.ansible_user"
@@ -378,7 +378,7 @@
task deployBase(type: Exec) {
executable = "ansible-playbook"
- args = ["-i", config.headnode.ip + ',']
+ args = ["-i", '../genconfig/cord-inv']
if ( config.headnode.ansible_user != null && config.headnode.ansible_user != "" ) {
args = args << "--user=$config.headnode.ansible_user"
diff --git a/head-node.yml b/head-node.yml
index 600d396..707507d 100644
--- a/head-node.yml
+++ b/head-node.yml
@@ -1,5 +1,15 @@
-- hosts: all
- serial: 1
+---
+# install MaaS on head node
+
+- name: run setup to gather facts
+ hosts: all, localhost
+ tasks:
+ - name: run setup
+ setup:
+
+- name: Install MaaS and supporting files on head node
+ hosts: head
roles:
- head-node
- registry
+
diff --git a/prime-node.yml b/prime-node.yml
index 79553a5..7aaa324 100644
--- a/prime-node.yml
+++ b/prime-node.yml
@@ -1,4 +1,14 @@
-- hosts: all
- serial: 1
+---
+# instal docker and docker registry on head node
+
+- name: run setup to gather facts
+ hosts: all, localhost
+ tasks:
+ - name: run setup
+ setup:
+
+- name: install docker registry
+ hosts: head
roles:
- registry
+
diff --git a/roles/compute-node/tasks/i40e_driver.yml b/roles/compute-node/tasks/i40e_driver.yml
index 69c1e96..a178ee1 100644
--- a/roles/compute-node/tasks/i40e_driver.yml
+++ b/roles/compute-node/tasks/i40e_driver.yml
@@ -2,13 +2,13 @@
- name: Copy i40e Interface Driver
unarchive:
src=files/i40e-1.4.25.tar.gz
- dest=/home/{{ ansible_user }}
+ dest=/home/{{ ansible_user_id }}
- name: Build i40e Driver
command: make
args:
chdir: i40e-1.4.25/src
- creates: /home/{{ ansible_user }}/i40e-1.4.25/src/i40e/i40e.ko
+ creates: /home/{{ ansible_user_id }}/i40e-1.4.25/src/i40e/i40e.ko
- name: Unload i40e Driver
become: yes
@@ -35,5 +35,5 @@
- name: Remove Build Files
file:
- path=/home/{{ ansible_user }}/i40e-1.4.25
+ path=/home/{{ ansible_user_id }}/i40e-1.4.25
state=absent
diff --git a/roles/compute-node/tasks/main.yml b/roles/compute-node/tasks/main.yml
index bfafc40..d17945f 100644
--- a/roles/compute-node/tasks/main.yml
+++ b/roles/compute-node/tasks/main.yml
@@ -87,9 +87,9 @@
- name: Set Default Password
become: yes
user:
- name: "{{ansible_user}}"
+ name: "{{ ansible_user_id }}"
password: "{{compute_node.password.split(':',1)[1]}}"
- when: '"{{ ansible_user }}" == "ubuntu"'
+ when: '"{{ ansible_user_id }}" == "ubuntu"'
tags:
- set_compute_node_password
@@ -97,13 +97,13 @@
become: yes
authorized_key:
key: "{{ pub_ssh_key }}"
- user: "{{ ansible_user }}"
+ user: "{{ ansible_user_id }}"
state: present
- name: Verify Private SSH Key
become: yes
stat:
- path=/home/{{ ansible_user }}/.ssh/id_rsa
+ path=/home/{{ ansible_user_id }}/.ssh/id_rsa
register: private_key
- name: Ensure SSH Key Pair
@@ -111,7 +111,7 @@
copy:
src: "/etc/maas/.ssh/{{item.src}}"
dest: "{{ansible_env['PWD']}}/.ssh/{{item.dest}}"
- owner: "{{ansible_user}}"
+ owner: "{{ ansible_user_id }}"
group: "docker"
mode: "0600"
with_items:
@@ -123,7 +123,7 @@
copy:
src: "files/{{item}}"
dest: "{{ansible_env['PWD']}}/.ssh/{{item}}"
- owner: "{{ansible_user}}"
+ owner: "{{ ansible_user_id }}"
mode: "0600"
with_items:
- config
diff --git a/roles/docker/defaults/main.yml b/roles/docker/defaults/main.yml
new file mode 100644
index 0000000..dce0498
--- /dev/null
+++ b/roles/docker/defaults/main.yml
@@ -0,0 +1,4 @@
+---
+
+docker_apt_repo: "deb https://apt.dockerproject.org/repo ubuntu-trusty main"
+
diff --git a/roles/docker/tasks/main.yml b/roles/docker/tasks/main.yml
index 7b6f2e6..ce0e90b 100644
--- a/roles/docker/tasks/main.yml
+++ b/roles/docker/tasks/main.yml
@@ -1,28 +1,33 @@
-- name: Apt Information
+---
+
+- name: Prereqs and SSL support for apt for SSL
become: yes
- apt: name={{ item }} state=present force=yes
+ apt:
+ name: "{{ item }}"
+ update_cache: yes
+ cache_valid_time: 3600
with_items:
- - apt-transport-https=1.0*
- - ca-certificates=20160104*
+ - apt-transport-https
+ - ca-certificates
+ - python-pip
- name: Docker Apt Key
become: yes
apt_key:
- data="{{ lookup('file', 'docker_apt_key.gpg') }}"
+ data: "{{ lookup('file', 'docker_apt_key.gpg') }}"
- name: Docker repository
become: yes
apt_repository:
- repo: "{{ docker_apt_repo | default('deb https://apt.dockerproject.org/repo ubuntu-trusty main') }}"
- update_cache: yes
- state: present
+ repo: "{{ docker_apt_repo }}"
-- name: Docker Engine
+- name: Install docker engine
become: yes
apt:
name: docker-engine=1.12*
- state: present
force: yes
+ update_cache: yes
+ cache_valid_time: 3600
- name: Docker Exposed via TCP
become: yes
@@ -40,19 +45,19 @@
state=restarted
when: docker_config.changed
-- name: Enable Docker for User
+# docker fails without docker-py, docker-compose >1.9 fails with docker-py installed
+- name: Install docker-compose and docker-py
+ become: yes
+ pip:
+ name: "{{ item }}"
+ with_items:
+ - docker-py
+ - docker-compose==1.9
+
+- name: Make current user part of the Docker group
become: yes
user:
- name={{ ansible_user }}
- group=docker
- append=yes
+ name: "{{ ansible_user_id }}"
+ groups: "docker"
+ append: yes
-- name: Docker Compose
- become: yes
- get_url:
- url: https://github.com/docker/compose/releases/download/1.7.1/docker-compose-Linux-x86_64
- checksum: "sha256:3166bb74bc648e68c3154bc704fddf6bccf59f03a0c90fc48aefac034535e4ae"
- dest: /usr/local/bin/docker-compose
- owner: root
- group: root
- mode: "0755"
diff --git a/roles/head-node/meta/main.yml b/roles/head-node/meta/main.yml
index 97b4caa..7d1c04d 100644
--- a/roles/head-node/meta/main.yml
+++ b/roles/head-node/meta/main.yml
@@ -13,4 +13,3 @@
- cord
dependencies:
- { role : maas }
- - { role : ansible }
diff --git a/roles/head-node/tasks/main.yml b/roles/head-node/tasks/main.yml
index 7d59204..2ace0af 100644
--- a/roles/head-node/tasks/main.yml
+++ b/roles/head-node/tasks/main.yml
@@ -1,7 +1,7 @@
# SSH Key access from the current machine to the target node is required for the
# synchronize action to work.
- name: Ensure User SSH Keys
- local_action: user name='{{ansible_user}}' generate_ssh_key=yes ssh_key_bits=2048
+ local_action: user name='{{ ansible_user_id }}' generate_ssh_key=yes ssh_key_bits=2048
tags:
- establish_ssh_keys