CORD-396 CORD-383 CORD-362 CORD-309 significant rework on networking configuration
Change-Id: Icb3cbac66b33265486ac236572874052fc643b8a
diff --git a/build.gradle b/build.gradle
index 55f7664..aa37a17 100644
--- a/build.gradle
+++ b/build.gradle
@@ -49,8 +49,6 @@
// using the -PdeployConfig=<file-path> syntax.
deployConfig = project.hasProperty('deployConfig') ? project.getProperty('deployConfig') : './config/default.yml'
- dockerPath = project.hasProperty('dockerPath') ? project.getProperty('dockerPath') : '/usr/bin'
-
comps = [
'consul': [
'type': 'image',
@@ -68,113 +66,113 @@
// Switch Configuration Image
task buildSwitchqImage(type: Exec) {
- commandLine "$dockerPath/docker", 'build', '-t', 'cord-maas-switchq', './switchq'
+ commandLine "docker", 'build', '-t', 'cord-maas-switchq', './switchq'
}
task tagSwitchqImage(type: Exec) {
dependsOn buildSwitchqImage
- commandLine "$dockerPath/docker", 'tag', 'cord-maas-switchq', "$targetReg/cord-maas-switchq:$targetTag"
+ commandLine "docker", 'tag', 'cord-maas-switchq', "$targetReg/cord-maas-switchq:$targetTag"
}
task publishSwitchqImage(type: Exec) {
dependsOn tagSwitchqImage
- commandLine "$dockerPath/docker", 'push', "$targetReg/cord-maas-switchq:$targetTag"
+ commandLine "docker", 'push', "$targetReg/cord-maas-switchq:$targetTag"
}
// Bootstrap Image
task buildBootstrapImage(type: Exec) {
- commandLine "$dockerPath/docker", 'build', '-t', 'cord-maas-bootstrap', './bootstrap'
+ commandLine "docker", 'build', '-t', 'cord-maas-bootstrap', './bootstrap'
}
task tagBootstrapImage(type: Exec) {
dependsOn buildBootstrapImage
- commandLine "$dockerPath/docker", 'tag', 'cord-maas-bootstrap', "$targetReg/cord-maas-bootstrap:$targetTag"
+ commandLine "docker", 'tag', 'cord-maas-bootstrap', "$targetReg/cord-maas-bootstrap:$targetTag"
}
task publishBootstrapImage(type: Exec) {
dependsOn tagBootstrapImage
- commandLine "$dockerPath/docker", 'push', "$targetReg/cord-maas-bootstrap:$targetTag"
+ commandLine "docker", 'push', "$targetReg/cord-maas-bootstrap:$targetTag"
}
// IP Allocator Image
task buildAllocationImage(type: Exec) {
- commandLine "$dockerPath/docker", 'build', '-t', 'cord-ip-allocator', './ip-allocator'
+ commandLine "docker", 'build', '-t', 'cord-ip-allocator', './ip-allocator'
}
task tagAllocationImage(type: Exec) {
dependsOn buildAllocationImage
- commandLine "$dockerPath/docker", 'tag', 'cord-ip-allocator', "$targetReg/cord-ip-allocator:$targetTag"
+ commandLine "docker", 'tag', 'cord-ip-allocator', "$targetReg/cord-ip-allocator:$targetTag"
}
task publishAllocationImage(type: Exec) {
dependsOn tagAllocationImage
- commandLine "$dockerPath/docker", 'push', "$targetReg/cord-ip-allocator:$targetTag"
+ commandLine "docker", 'push', "$targetReg/cord-ip-allocator:$targetTag"
}
// Provisioner Image
task buildProvisionerImage(type: Exec) {
- commandLine "$dockerPath/docker", 'build', '-t', 'cord-provisioner', './provisioner'
+ commandLine "docker", 'build', '-t', 'cord-provisioner', './provisioner'
}
task tagProvisionerImage(type: Exec) {
dependsOn buildProvisionerImage
- commandLine "$dockerPath/docker", 'tag', 'cord-provisioner', "$targetReg/cord-provisioner:$targetTag"
+ commandLine "docker", 'tag', 'cord-provisioner', "$targetReg/cord-provisioner:$targetTag"
}
task publishProvisionerImage(type: Exec) {
dependsOn tagProvisionerImage
- commandLine "$dockerPath/docker", 'push', "$targetReg/cord-provisioner:$targetTag"
+ commandLine "docker", 'push', "$targetReg/cord-provisioner:$targetTag"
}
// Config Generator Image
task buildConfigGeneratorImage(type: Exec) {
- commandLine "$dockerPath/docker", 'build', '-t', 'config-generator', './config-generator'
+ commandLine "docker", 'build', '-t', 'config-generator', './config-generator'
}
task tagConfigGeneratorImage(type: Exec) {
dependsOn buildConfigGeneratorImage
- commandLine "$dockerPath/docker", 'tag', 'config-generator', "$targetReg/config-generator:$targetTag"
+ commandLine "docker", 'tag', 'config-generator', "$targetReg/config-generator:$targetTag"
}
task publishConfigGeneratorImage(type: Exec) {
dependsOn tagConfigGeneratorImage
- commandLine "$dockerPath/docker", 'push', "$targetReg/config-generator:$targetTag"
+ commandLine "docker", 'push', "$targetReg/config-generator:$targetTag"
}
// Automation Image
task buildAutomationImage(type: Exec) {
- commandLine "$dockerPath/docker", 'build', '-t', "cord-maas-automation", "-f", "./automation/Dockerfile", "./automation"
+ commandLine "docker", 'build', '-t', "cord-maas-automation", "-f", "./automation/Dockerfile", "./automation"
}
task tagAutomationImage(type: Exec) {
dependsOn buildAutomationImage
- commandLine "$dockerPath/docker", 'tag', 'cord-maas-automation', "$targetReg/cord-maas-automation:$targetTag"
+ commandLine "docker", 'tag', 'cord-maas-automation', "$targetReg/cord-maas-automation:$targetTag"
}
task publishAutomationImage(type: Exec) {
dependsOn tagAutomationImage
- commandLine "$dockerPath/docker", 'push', "$targetReg/cord-maas-automation:$targetTag"
+ commandLine "docker", 'push', "$targetReg/cord-maas-automation:$targetTag"
}
// DHCP Harvester Images
task buildHarvesterImage(type: Exec) {
- commandLine "$dockerPath/docker", 'build', '-t', "cord-dhcp-harvester", "./harvester"
+ commandLine "docker", 'build', '-t', "cord-dhcp-harvester", "./harvester"
}
task tagHarvesterImage(type: Exec) {
dependsOn buildHarvesterImage
- commandLine "$dockerPath/docker", 'tag', 'cord-dhcp-harvester', "$targetReg/cord-dhcp-harvester:$targetTag"
+ commandLine "docker", 'tag', 'cord-dhcp-harvester', "$targetReg/cord-dhcp-harvester:$targetTag"
}
task publishHarvesterImage(type: Exec) {
dependsOn tagHarvesterImage
- commandLine "$dockerPath/docker", 'push', "$targetReg/cord-dhcp-harvester:$targetTag"
+ commandLine "docker", 'push', "$targetReg/cord-dhcp-harvester:$targetTag"
}
// ~~~~~~~~~~~~~~~~~~~ Global tasks ~~~~~~~~~~~~~~~~~~~~~~~
@@ -188,8 +186,8 @@
// this is where we fetch upstream artifacts that we do not need internet for the build phase"
// Placeholdr example:
dependsOn fetchUpstreamImages
- commandLine "$dockerPath/docker", "pull", "golang:alpine"
- commandLine "$dockerPath/docker", "pull", "python:2.7-alpine"
+ commandLine "docker", "pull", "golang:alpine"
+ commandLine "docker", "pull", "python:2.7-alpine"
}
// To be used to generate all needed binaries that need to be present on the target
@@ -283,10 +281,12 @@
.p(config.seedServer.fabric_ip, "fabric_ip")
.p(config.seedServer.management_ip, "management_ip")
.p(config.seedServer.management_gw, "management_gw")
+ .p(config.seedServer.management_bc, "management_bc")
.p(config.seedServer.management_network, "management_network")
.p(config.seedServer.management_iface, "management_iface")
.p(config.seedServer.external_ip, "external_ip")
.p(config.seedServer.external_gw, "external_gw")
+ .p(config.seedServer.external_bc, "external_bc")
.p(config.seedServer.external_network, "external_network")
.p(config.seedServer.external_iface, "external_iface")
.p(config.seedServer.fabric_ip, "fabric_ip")
diff --git a/library/netfile.py b/library/netfile.py
new file mode 100755
index 0000000..fdf8888
--- /dev/null
+++ b/library/netfile.py
@@ -0,0 +1,306 @@
+#!/usr/bin/env python
+
+import json
+import os
+import re
+import sys
+import shlex
+import string
+import ipaddress
+
+# Regular expressions to identify comments and blank lines
+comment = re.compile("^\s*#")
+blank = re.compile("^\s*$")
+
+#####
+# Parsers
+#
+# Parses are methods that take the form 'parse_<keyword>', where the keyword
+# is the first word on a line in file. The purpose of the parser is to
+# evaluate the line tna update the interface model accordingly.
+####
+
+# Compares the current and desired network configuration to see if there
+# is a change and returns:
+# 0 if no change
+# -1 if the change has no semantic value (i.e. comments differ)
+# 1 if there is a semantic change (i.e. its meaningful)
+# the highest priority of change is returned, i.e. if there is both
+# a semantic and non-semantic change a 1 is returned indicating a
+# semantic change.
+def compare(have, want):
+ result = 0
+ for key in list(set().union(have.keys(), want.keys())):
+ if key in have.keys() and key in want.keys():
+ if have[key] != want[key]:
+ if key in ["description"]:
+ result = -1
+ else:
+ return 1
+ else:
+ if key in ["description"]:
+ result = -1
+ else:
+ return 1
+ return result
+
+# Creates an interface definition in the model and sets the auto
+# configuration to true
+def parse_auto(data, current, words, description):
+ if words[1] in data.keys():
+ iface = data[words[1]]
+ else:
+ iface = {}
+
+ if len(description) > 0:
+ iface["description"] = description
+
+ iface["auto"] = "True"
+ data[words[1]] = iface
+ return words[1]
+
+# Creates an interface definition in the model if one does not exist and
+# sets the type and configuation method
+def parse_iface(data, current, words, description):
+ if words[1] in data.keys():
+ iface = data[words[1]]
+ else:
+ iface = {}
+
+ if len(description) > 0:
+ iface["description"] = description
+
+ iface["type"] = words[2]
+ iface["config"] = words[3]
+ data[words[1]] = iface
+ return words[1]
+
+# Used to evaluate attributes and add a generic name / value pair to the interface
+# model
+def parse_add_attr(data, current, words, description):
+ if current == "":
+ raise SyntaxError("Attempt to add attribute '%s' without an interface" % words[0])
+
+ if current in data.keys():
+ iface = data[current]
+ else:
+ iface = {}
+
+ if len(description) > 0:
+ iface["description"] = description
+
+ iface[words[0]] = " ".join(words[1:])
+ data[current] = iface
+ return current
+
+#####
+# Writers
+#
+# Writers take the form of 'write_<keyword>` where keyword is an interface
+# attribute. The role of the writer is to output the attribute to the
+# output stream, i.e. the new interface file.
+#####
+
+# Writes a generic name / value pair indented
+def write_attr(out, name, value):
+ out.write(" %s %s\n" % (name, value))
+
+# Writes an interface definition to the output stream
+def write_iface(out, name, iface):
+ if "description" in iface.keys():
+ val = iface["description"]
+ if len(val) > 0 and val[0] != "#":
+ val = "# " + val
+ out.write("%s\n" % (val))
+ if "auto" in iface.keys() and iface["auto"] == "True":
+ out.write("auto %s\n" % (name))
+ out.write("iface %s %s %s\n" % (name, iface["type"], iface["config"]))
+ for attr in sorted(iface.keys(), key=lambda x:x in write_sort_order.keys() and write_sort_order[x] or 100):
+ if attr in write_ignore:
+ continue
+ writer = "write_%s" % (attr)
+ if writer in all_methods:
+ globals()[writer](out, attr, iface[attr])
+ else:
+ write_attr(out, attr, iface[attr])
+ out.write("\n")
+
+# Writes the new interface file
+def write(out, data):
+# out.write("# This file describes the network interfaces available on your system\n")
+# out.write("# and how to activate them. For more information, see interfaces(5).\n\n")
+ # First to loopback
+ for name, iface in data.items():
+ if iface["config"] != "loopback":
+ continue
+ write_iface(out, name, iface)
+
+ for iface in sorted(data.keys(), key=lambda x:x in write_iface_sort_order.keys() and write_iface_sort_order[x] or x):
+ if data[iface]["config"] == "loopback":
+ continue
+ write_iface(out, iface, data[iface])
+
+# The defaults for the netfile task
+src_file = "/etc/network/interfaces"
+dest_file = None
+merge_comments = False
+state = "present"
+name = ""
+force = False
+values = {
+ "config": "manual",
+ "type": "inet"
+}
+
+# read the argument string from the arguments file
+args_file = sys.argv[1]
+args_data = file(args_file).read()
+
+# parse the task options
+arguments = shlex.split(args_data)
+for arg in arguments:
+ # ignore any arguments without an equals in it
+ if "=" in arg:
+ (key, value) = arg.split("=")
+ # if setting the time, the key 'time'
+ # will contain the value we want to set the time to
+
+ # Strip off quotes that ansible sometimes adds
+ value = value.strip("\"\' ")
+
+ if key == "src":
+ src_file = value
+ elif key == "dest":
+ dest_file = value
+ elif key == "name":
+ name = value
+ elif key == "state":
+ state = value
+ elif key == "force":
+ force = value.lower() in ['true', 't', 'yes', 'y']
+ elif key == "description":
+ values["description"] = value
+ elif key == "merge-comments":
+ merge_comments = value.lower() in ['true', 't', 'yes', 'y']
+ elif key == "address":
+ if string.find(value, "/") != -1:
+ parts = value.split('/')
+ addr = ipaddress.ip_network(unicode(value, "UTF-8"), strict=False)
+ values["address"] = parts[0]
+ values["network"] = addr.network_address.exploded.encode('ascii','ignore')
+ values["netmask"] = addr.netmask.exploded.encode('ascii','ignore')
+ values["broadcast"] = addr.broadcast_address.exploded.encode('ascii','ignore')
+ values["gateway"] = addr.hosts().next().exploded.encode('ascii','ignore')
+ else:
+ values["address"] = value
+ elif key[0] != '_':
+ values[key] = value
+
+# If no destination file was specified, write it back to the same file
+if not dest_file:
+ dest_file = src_file
+
+# all methods is used to check if parser or writer methods exist
+all_methods = dir()
+
+# which attributes should be ignored and not be written as single
+# attributes values against and interface
+write_ignore = ["auto", "type", "config", "description"]
+
+# specifies the order in which attributes are written against an
+# interface. Any attribute note in this list is sorted by default
+# order after the attributes specified.
+write_sort_order = {
+ "address" : 1,
+ "network" : 2,
+ "netmask" : 3,
+ "broadcast" : 4,
+ "gateway" : 5
+}
+
+write_iface_sort_order = {
+ "fabric" : "y",
+ "mgmtbr" : "z"
+}
+
+# Read and parse the specified interface file
+file = open(src_file, "r")
+ifaces = {}
+current = "" # The current interface being parsed
+description = ""
+for line in file.readlines():
+ line = line.rstrip('\n')
+
+ if comment.match(line):
+ if len(description) > 0:
+ description = description + '\n' + line
+ else:
+ description = line
+
+ if len(description) > 0 and blank.match(line):
+ description = description + '\n'
+
+ # Drop any comment of blank line
+ if comment.match(line) or blank.match(line):
+ continue
+
+ # Parse the line
+ words = line.split()
+ parser = "parse_" + words[0].replace("-", "_")
+ if parser in all_methods:
+ current = globals()[parser](ifaces, current, words, description)
+ else:
+ current = parse_add_attr(ifaces, current, words, description)
+
+ description = ""
+
+file.close()
+
+# Assume no change unless we discover otherwise
+result = {
+ "changed" : False
+}
+change_type = 0
+
+# if the interface specified and state is present then either add
+# it to the model or replace it if it already exists.
+if state == "query":
+ if name in ifaces.keys():
+ result["interface"] = ifaces[name]
+ result["found"] = True
+ else:
+ result["found"] = False
+elif state == "present":
+ if name in ifaces.keys():
+ have = ifaces[name]
+ change_type = compare(have, values)
+ result["change_type"] = change_type
+ if change_type != 0:
+ ifaces[name] = values
+ result["desc"] = ifaces[name]["description"]
+ if merge_comments and "description" in have.keys() and len(have["description"]) > 0:
+ result["merge_comments"] = True
+ if "description" in values.keys() and len(values["description"]) > 0:
+ ifaces[name]["description"] = values["description"] + "\n" + have["description"]
+ else:
+ ifaces[name]["description"] = have["description"]
+ result["changed"] = (change_type == 1)
+ else:
+ ifaces[name] = values
+ result["changed"] = True
+
+
+# if state is absent then remove it from the model
+elif state == "absent" and name in ifaces.keys():
+ del ifaces[name]
+ result["changed"] = True
+
+# Only write the output file if something has changed or if the
+# task requests a forced write.
+if force or result["changed"] or change_type != 0:
+ file = open(dest_file, "w+")
+ write(file, ifaces)
+ file.close()
+
+# Output the task result
+print json.dumps(result)
diff --git a/library/netinfo.py b/library/netinfo.py
new file mode 100644
index 0000000..4811b3b
--- /dev/null
+++ b/library/netinfo.py
@@ -0,0 +1,44 @@
+#!/usr/bin/env python
+
+import sys
+import json
+import ethtool
+import shlex
+
+# read the argument string from the arguments file
+args_file = sys.argv[1]
+args_data = file(args_file).read()
+
+ignore=["tun", "bridge", "bonding", "veth"]
+bus_ignore=["", "N/A", "tap"]
+
+# parse the task options
+arguments = shlex.split(args_data)
+for arg in arguments:
+ # ignore any arguments without an equals in it
+ if "=" in arg:
+ (key, value) = arg.split("=")
+ # if setting the time, the key 'time'
+ # will contain the value we want to set the time to
+
+all = {}
+for i in ethtool.get_devices():
+ o = { "name": i }
+ try:
+ module = ethtool.get_module(i)
+ businfo = ethtool.get_businfo(i)
+ if module in ignore or businfo in bus_ignore:
+ continue
+ all[i] = {
+ "name": i,
+ "module" : module,
+ }
+ except:
+ pass
+
+print json.dumps({
+ "changed" : False,
+ "ansible_facts" : {
+ "netinfo" : all,
+ },
+})
diff --git a/roles/compute-node/files/delete-node-prov-state b/roles/compute-node/files/delete-node-prov-state
index ced8baa..75b2ffa 100755
--- a/roles/compute-node/files/delete-node-prov-state
+++ b/roles/compute-node/files/delete-node-prov-state
@@ -1,6 +1,6 @@
#!/bin/bash
-LIST=$(curl -sS http://$(docker-ip provisioner):4243/provision/ | jq . | grep "node-" | awk '{print $2}' | sed -e 's/"//g')
+LIST=$(curl -sS http://$(docker-ip provisioner):4243/provision/ | jq . | grep "node-" | awk '{print $2}' | sed -e 's/[",]//g')
for i in $LIST; do
echo "DELETE PROV RECORD '$i'"
diff --git a/roles/compute-node/files/get-node-prov-state b/roles/compute-node/files/get-node-prov-state
index 5aa8b29..bb1bc7d 100755
--- a/roles/compute-node/files/get-node-prov-state
+++ b/roles/compute-node/files/get-node-prov-state
@@ -1,3 +1,3 @@
#!/bin/bash
-curl -sS http://$(docker-ip provisioner):4243/provision/ | jq '[.[] | { "id": .request.Info.id, "message": .message, "status": .status, "name": .request.Info.name}]'
+curl -sS http://$(docker-ip provisioner):4243/provision/ | jq '[.[] | { "id": .request.Info.id, "message": .message, "status": .status, "name": .request.Info.name}]' $*
diff --git a/roles/compute-node/files/remove-maas-components b/roles/compute-node/files/remove-maas-components
new file mode 100755
index 0000000..4d85694
--- /dev/null
+++ b/roles/compute-node/files/remove-maas-components
@@ -0,0 +1,31 @@
+#!/bin/bash
+
+docker kill $(docker ps -q)
+docker rm -f $(docker ps -aq)
+docker rmi -f $(docker images -aq)
+
+sudo apt-get remove --purge -y bind9 apache2 docker-engine ansible $(dpkg --get-selections | grep maas | cut -f1)
+
+sudo rm -rf \
+ /etc/maas \
+ /etc/bind \
+ /etc/apache2 \
+ /var/www \
+ /var/log/maas \
+ /var/lib/maas \
+ /etc/apt/apt.conf.d/02apt-cacher-ng \
+ /etc/apt/sources.list.d/apt_dockerproject_org_repo.list \
+ /etc/apt/sources.list.d/ppa_juju_stable_trusty.list \
+ /etc/apt/sources.list.d/docker.list \
+ /etc/apt/sources.list.d/ppa_maas_stable_trusty.list \
+ /etc/apt/sources.list.d/ppa_ansible_ansible_trusty.list \
+ /etc/network/if-pre-up.d/nat \
+ /docker-registry \
+ /docker-registry-mirror
+
+sudo apt-get update -y
+
+# remove NAT rules
+sudo iptables --table nat --delete POSTROUTING --out-interface eth3 -j MASQUERADE
+sudo iptables --delete FORWARD --in-interface mgmtbr -j ACCEPT
+
diff --git a/roles/compute-node/files/rename_ifaces.sh b/roles/compute-node/files/rename_ifaces.sh
deleted file mode 100755
index aa8e07c..0000000
--- a/roles/compute-node/files/rename_ifaces.sh
+++ /dev/null
@@ -1,256 +0,0 @@
-#!/bin/bash
-
-function ip2int {
- local a b c d
- { IFS=. read a b c d; } <<< $1
- echo $(((((((a << 8) | b) << 8) | c) << 8) | d))
-}
-
-function int2ip {
- local ui32=$1; shift
- local ip n
- for n in 1 2 3 4; do
- ip=$((ui32 & 0xff))${ip:+.}$ip
- ui32=$((ui32 >> 8))
- done
- echo $ip
-}
-
-function netmask {
- local mask=$((0xffffffff << (32 - $1))); shift
- int2ip $mask
-}
-
-function broadcast {
- local addr=$(ip2int $1); shift
- local mask=$((0xffffffff << (32 -$1))); shift
- int2ip $((addr | ~mask))
-}
-
-function network {
- local addr=$(ip2int $1); shift
- local mask=$((0xffffffff << (32 -$1))); shift
- int2ip $((addr & mask))
-}
-
-function first {
- local addr=$(ip2int $1)
- addr=`expr $addr + 1`
- int2ip $addr
-}
-
-function guess_type {
- local CNT=$(echo "$1" | sed -e 's/[:.]/ /g' | wc -w)
- if [ $CNT -ne 1 ]; then
- # drop all sub and vlan interfaces
- echo "DNC"
- return
- fi
- local DRIVER=$(ethtool -i $1 2>/dev/null | grep driver | awk '{print $2}')
- local RESULT="DNC"
- MATCH=$(echo "|$FABRIC_IFACE_SPEC|" | grep "|$DRIVER|" | wc -l)
- if [ $MATCH -ne 0 ]; then
- RESULT="FABRIC"
- else
- IS_PHY=$(ls -l /sys/class/net/$1 | grep -v virtual | wc -l)
- if [ $IS_PHY -eq 1 ]; then
- RESULT="ETH"
- fi
- fi
- echo $RESULT
-}
-
-function get_mac {
- echo $(ifconfig $1 | grep HWaddr | awk '{print $5}')
-}
-
-function generate_persistent_names {
- local OUT=$NAMES_FILE
-#"70-persistent-net.rules"
- rm -rf $OUT
-
- IDX=0
- # this will not support more than 10 fabric nics... should be ok. (Famous last words)
- for i in $(cat $1 | sort); do
- echo "SUBSYSTEM==\"net\", ACTION==\"add\", DRIVERS==\"?*\", ATTR{address}==\"$i\", ATTR{dev_id}==\"0x$IDX\", ATTR{type}==\"1\", KERNEL==\"*\", NAME=\"eth$IDX\"" >> $OUT
- IDX=$(expr $IDX + 1)
- done
-
- for i in $(cat $2 | sort); do
- echo "SUBSYSTEM==\"net\", ACTION==\"add\", DRIVERS==\"?*\", ATTR{address}==\"$i\", NAME=\"eth$IDX\"" >> $OUT
- IDX=$(expr $IDX + 1)
- done
-}
-
-# FABRIC_LIST ETH_LIST FAB_IFACE EXT_IFACE MGT_IFACE
-function generate_interfaces {
- OUT=$IFACES_FILE
- rm -rf $OUT
- echo "# This file describes the network interfaces available on your system" >> $OUT
- echo "# and how to activate them. For more information, see interfaces(5)." >> $OUT
- echo "" >> $OUT
- echo "# The loopback network interface" >> $OUT
- echo "auto lo" >> $OUT
- echo "iface lo inet loopback" >> $OUT
- echo "" >> $OUT
-
- IDX=0
- local CNT40=$(cat $1 | wc -w)
- for i in $(cat $1); do
- echo "auto eth$IDX" >> $OUT
- echo "iface eth$IDX inet manual" >> $OUT
- echo " bond-master $3" >> $OUT
- [ -z $FIRST ] && echo " bond-primary eth$IDX" >> $OUT
- FIRST="done"
- echo "" >> $OUT
- IDX=$(expr $IDX + 1)
- done
-
- if [ $CNT40 -ne 0 ]; then
- echo "auto $3" >> $OUT
- echo "iface $3 inet static" >> $OUT
- echo " address $FAB_IP" >> $OUT
- echo " network $FAB_NETWORK" >> $OUT
- echo " netmask $FAB_NETMASK" >> $OUT
- # Make bond-mode configurable
- echo " bond-mode active-backup" >> $OUT
- echo " bond-miimon 100" >> $OUT
- echo " bond-slaves none" >> $OUT
- echo "" >> $OUT
- fi
-
- BRIDGE_PORTS=
- for i in $(cat $2); do
- if [ "eth$IDX" == "$4" ]; then
- echo "auto eth$IDX" >> $OUT
- if [ "$EXT_ADDR" == "dhcp" ]; then
- echo "iface eth$IDX inet dhcp" >> $OUT
- elif [ "$EXT_ADDR" == "manual" ]; then
- echo "iface eth$IDX inet manual" >> $OUT
- else
- echo "iface eth$IDX inet static" >> $OUT
- echo " address $EXT_IP" >> $OUT
- echo " network $EXT_NETWORK" >> $OUT
- echo " netmask $EXT_NETMASK" >> $OUT
- echo " broadcast $EXT_BROADCAST" >> $OUT
- echo " gateway $EXT_GW" >> $OUT
- echo " dns-nameservers 8.8.8.8 8.8.4.4" >> $OUT
- echo " dns-search cord.lab" >> $OUT
- fi
- else
- echo "auto eth$IDX" >> $OUT
- echo "iface eth$IDX inet manual" >> $OUT
- BRIDGE_PORTS="$BRIDGE_PORTS eth$IDX"
- fi
- echo "" >> $OUT
- IDX=$(expr $IDX + 1)
- done
-
- local BRNAME=$5
- local F=$(echo $5 | grep "^eth[0-9]*$" | wc -l)
- if [ $F -ne 0 ]; then
- BRNAME="mgmtbr"
- fi
- local BPCNT=$(echo $BRIDGE_PORTS | wc -w)
- if [ $BPCNT -ne 0 ]; then
- echo "auto $BRNAME" >> $OUT
- if [ "$MGT_ADDR" == "dhcp" ]; then
- echo "iface $BRNAME inet dhcp" >> $OUT
- elif [ "$MGT_ADDR" == "manual" ]; then
- echo "iface $BRNAME inet manual" >> $OUT
- else
- echo "iface $BRNAME inet static" >> $OUT
- echo " address $MGT_IP" >> $OUT
- echo " network $MGT_NETWORK" >> $OUT
- echo " netmask $MGT_NETMASK" >> $OUT
- echo " broadcast $MGT_BROADCAST" >> $OUT
- echo " gateway $MGT_GW" >> $OUT
- fi
- echo " bridge_ports $BRIDGE_PORTS" >> $OUT
- fi
-}
-
-FAB_IFACE=$1
-FAB_ADDR=$2
-FAB_IP=$(echo $FAB_ADDR | cut -d/ -f1)
-FAB_MASKBITS=$(echo $FAB_ADDR | cut -d/ -f2)
-FAB_NETWORK=$(network $FAB_IP $FAB_MASKBITS)
-FAB_NETMASK=$(netmask $FAB_MASKBITS)
-
-EXT_IFACE=$3
-EXT_ADDR=$4
-EXT_GW=$5
-if [ "$EXT_ADDR" != "dhcp" ]; then
- EXT_IP=$(echo $EXT_ADDR | cut -d/ -f1)
- EXT_MASKBITS=$(echo $EXT_ADDR | cut -d/ -f2)
- EXT_NETWORK=$(network $EXT_IP $EXT_MASKBITS)
- EXT_NETMASK=$(netmask $EXT_MASKBITS)
- EXT_BROADCAST=$(broadcast $EXT_IP $EXT_MASKBITS)
- test -z $EXT_GW && EXT_GW=$(first $EXT_ADDR)
-fi
-MGT_IFACE=$6
-MGT_ADDR=$7
-MGT_GW=$8
-if [ "$MGT_ADDR" != "dhcp" ]; then
- MGT_IP=$(echo $MGT_ADDR | cut -d/ -f1)
- MGT_MASKBITS=$(echo $MGT_ADDR | cut -d/ -f2)
- MGT_NETWORK=$(network $MGT_IP $MGT_MASKBITS)
- MGT_NETMASK=$(netmask $MGT_MASKBITS)
- MGT_BROADCAST=$(broadcast $MGT_IP $MGT_MASKBITS)
- test -z $MGT_GW && MGT_GW=$(first $MGT_ADDR)
-fi
-
-FABRIC_IFACE_SPEC=$9
-test -z $FABRIC_IFACE_SPEC && FABRIC_IFACE_SPEC="i40e|mlx4_en"
-
-LIST_ETH=$(mktemp -u)
-LIST_FABRIC=$(mktemp -u)
-IFACES_FILE=$(mktemp -u)
-NAMES_FILE=$(mktemp -u)
-
-IFACES=$(ifconfig -a | grep "^[a-z]" | awk '{print $1}')
-
-for i in $IFACES; do
- TYPE=$(guess_type $i)
- case $TYPE in
- ETH)
- echo "$(get_mac $i)" >> $LIST_ETH
- ;;
- FABRIC)
- echo "$(get_mac $i)" >> $LIST_FABRIC
- ;;
- *) ;;
- esac
-done
-
-CHANGED="false"
-
-generate_interfaces $LIST_FABRIC $LIST_ETH "$FAB_IFACE" "$EXT_IFACE" "$MGT_IFACE"
-
-diff /etc/network/interfaces $IFACES_FILE 2>&1 > /dev/null
-if [ $? -ne 0 ]; then
- CHANGED="true"
- cp /etc/network/interfaces /etc/network/interfaces.1
- cp $IFACES_FILE /etc/network/interfaces
-fi
-
-generate_persistent_names $LIST_FABRIC $LIST_ETH "$FAB_IFACE" "$EXT_IFACE"
-
-if [ -r /etc/udev/rules.d/70-persistent-net.rules ]; then
- diff /etc/udev/rules.d/70-persistent-net.rules $NAMES_FILE 2>&1 > /dev/null
- if [ $? -ne 0 ]; then
- CHANGED="true"
- cp /etc/udev/rules.d/70-persistent-net.rules /etc/udev/rules.d/70-persistent-net.rules.1
- cp $NAMES_FILE /etc/udev/rules.d/70-persistent-net.rules
- fi
-else
- CHANGED="true"
- cp $NAMES_FILE /etc/udev/rules.d/70-persistent-net.rules
-fi
-
-rm -rf $IFACES_FILE
-rm -rf $NAMES_FILE
-rm -rf $LIST_ETH
-rm -rf $LIST_FABRIC
-
-echo -n $CHANGED
diff --git a/roles/compute-node/files/rename_ifaces.sh.back b/roles/compute-node/files/rename_ifaces.sh.back
deleted file mode 100755
index 76056ff..0000000
--- a/roles/compute-node/files/rename_ifaces.sh.back
+++ /dev/null
@@ -1,110 +0,0 @@
-#!/bin/bash
-
-BASE="10.4"
-LEAF="1"
-SERVER="1"
-
-function guess_type {
- local CNT=$(echo "$1" | sed -e 's/[:.]/ /g' | wc -w)
- if [ $CNT -ne 1 ]; then
- # drop all sub and vlan interfaces
- echo "DNC"
- return
- fi
- local DRIVER=$(ethtool -i $1 2>/dev/null | grep driver | awk '{print $2}')
- local RESULT="DNC"
- case $DRIVER in
- i40e)
- RESULT="I40G"
- ;;
- igb)
- RESULT="ETH"
- ;;
- *) ;;
- esac
- echo $RESULT
-}
-
-function get_mac {
- echo $(ifconfig $1 | grep HWaddr | awk '{print $5}')
-}
-
-function generate_persistent_names {
- local OUT="70-persistent-net.rules"
- rm -rf $OUT
-
- IDX=0
- for i in $(cat $1 | sort); do
- echo "SUBSYSTEM==\"net\", ACTION==\"add\", DRIVERS==\"?*\", ATTR{address}==\"$i\", ATTR{dev_id}==\"0x0\", ATTR{type}==\"1\", KERNEL==\"eth*\", NAME=\"eth$IDX\"" >> $OUT
- IDX=$(expr $IDX + 1)
- done
-
- for i in $(cat $2 | sort); do
- echo "SUBSYSTEM==\"net\", ACTION==\"add\", DRIVERS==\"?*\", ATTR{address}==\"$i\", NAME=\"eth$IDX\"" >> $OUT
- IDX=$(expr $IDX + 1)
- done
-}
-
-function generate_interfaces {
- OUT="interfaces"
- rm -rf $OUT
- echo "# This file describes the network interfaces available on your system" >> $OUT
- echo "# and how to activate them. For more information, see interfaces(5)." >> $OUT
- echo "" >> $OUT
- echo "# The loopback network interface" >> $OUT
- echo "auto lo" >> $OUT
- echo "iface lo inet loopback" >> $OUT
- echo "" >> $OUT
-
- IDX=0
- FIRST=1
- for i in $(cat $1); do
- if [ $FIRST -eq 1 ]; then
- echo "auto eth$IDX" >> $OUT
- echo "iface eth$IDX inet static" >> $OUT
- echo " address $BASE.$LEAF.$SERVER" >> $OUT
- echo " network $BASE.$LEAF.0" >> $OUT
- echo " netmask 255.255.255.0" >> $OUT
- FIRST=0
- else
- echo "iface eth$IDX inet manual" >> $OUT
- fi
- echo "" >> $OUT
- IDX=$(expr $IDX + 1)
- done
-
- FIRST=1
- for i in $(cat $2); do
- if [ $FIRST -eq 1 ]; then
- echo "auto eth$IDX" >> $OUT
- echo "iface eth$IDX inet dhcp" >> $OUT
- FIRST=0
- else
- echo "iface eth$IDX inet manual" >> $OUT
- fi
- echo "" >> $OUT
- IDX=$(expr $IDX + 1)
- done
-}
-
-LIST_ETH=$(mktemp -u)
-LIST_40G=$(mktemp -u)
-IFACES=$(ifconfig -a | grep "^[a-z]" | awk '{print $1}')
-
-for i in $IFACES; do
- TYPE=$(guess_type $i)
- case $TYPE in
- ETH)
- echo "$(get_mac $i)" >> $LIST_ETH
- ;;
- I40G)
- echo "$(get_mac $i)" >> $LIST_40G
- ;;
- *) ;;
- esac
-done
-
-generate_persistent_names $LIST_40G $LIST_ETH
-generate_interfaces $LIST_40G $LIST_ETH
-rm -rf $LIST_ETH
-rm -rf $LIST_40G
diff --git a/roles/compute-node/tasks/main.yml b/roles/compute-node/tasks/main.yml
index a61877f..4036daf 100644
--- a/roles/compute-node/tasks/main.yml
+++ b/roles/compute-node/tasks/main.yml
@@ -107,6 +107,7 @@
- get-fabric-config
- get-node-prov-state
- remove-xos-components
+ - remove-maas-components
- post-fabric-config
- pull-latest-docker-images
@@ -150,14 +151,6 @@
tags:
- interface_config
-- name: Consistent Interface Naming
- become: yes
- script: files/rename_ifaces.sh "{{ compute_node.interfaces.fabric }}" "{{ compute_node.addresses.fabric }}" "{{ compute_node.interfaces.external }}" "{{ compute_node.addresses.external }}" "{{ compute_node.gateway.external }}" "{{ compute_node.interfaces.management }}" "{{ compute_node.addresses.management }}" "{{ compute_node.gateway.management }}" "{{ compute_node.fabric_iface_match }}"
- register: ifaces_changed
- changed_when: ifaces_changed.stdout.find("true") != -1
- tags:
- - interface_config
-
- name: Load modules at boot
become: yes
lineinfile:
@@ -169,25 +162,8 @@
- rtc
- bonding
-- name: Reboot Required
+- name: Ensure Network Configuration
become: yes
- command: /sbin/reboot
- async: 0
- poll: 0
- ignore_errors: true
- when: ifaces_changed.stdout.find("true") != -1
+ include: networking.yml
tags:
- interface_config
- - reboot
-
-- name: Ensure Port Defined
- set_fact:
- ansible_ssh_port: 22
- when: ansible_ssh_port is not defined
-
-- name: Wait For Restart
- local_action: wait_for port={{ ansible_ssh_port }} host={{ inventory_hostname }} search_regex=OpenSSH delay=30 timeout=600 connect_timeout=15
- when: ifaces_changed.stdout.find("true") != -1
- tags:
- - interface_config
- - reboot
diff --git a/roles/compute-node/tasks/networking.yml b/roles/compute-node/tasks/networking.yml
new file mode 100644
index 0000000..7586728
--- /dev/null
+++ b/roles/compute-node/tasks/networking.yml
@@ -0,0 +1,213 @@
+---
+- name: Ensure Prerequisites
+ apt:
+ name: "{{ item }}"
+ state: present
+ with_items:
+ - python-ethtool=0.7*
+
+- name: Gather Interface Information
+ netinfo:
+
+- name: Establish Interface Lists
+ set_fact:
+ reboot_required: false
+ fabric_iface_list: []
+ nonfabric_iface_list: []
+ search_list: "|{{ compute_node.fabric_iface_match }}|"
+ changed_when: false
+
+- name: Gather Fabric Interfaces
+ set_fact:
+ fabric_iface_list: "{{ fabric_iface_list + [item] }}"
+ with_items:
+ - "{{ netinfo.keys() | sort }}"
+ when: netinfo[item]['module'] is defined and search_list.find('|' + netinfo[item]['module'] + '|') != -1 and ( not compute_node.interfaces.external or item != compute_node.interfaces.external )
+ changed_when: false
+
+- name: Gather Non-Fabric Interfaces
+ set_fact:
+ nonfabric_iface_list: "{{ nonfabric_iface_list + [item] }}"
+ with_items:
+ - "{{ netinfo.keys() | sort }}"
+ when: netinfo[item]['module'] is defined and search_list.find('|' + netinfo[item]['module'] + '|') == -1 and ( not compute_node.interfaces.external or item != compute_node.interfaces.external )
+ changed_when: false
+
+- name: Ensure Loopback
+ netfile:
+ src: "{{ compute_node.interfaces.file }}"
+ state: present
+ name: lo
+ config: loopback
+ auto: true
+ description: "Loopback interface"
+ register: net_changed
+
+- name: Verify Loopback Change
+ set_fact:
+ reboot_required: "{{ net_changed.changed }}"
+
+- name: Ensure Fabric
+ netfile:
+ src: "{{ compute_node.interfaces.file }}"
+ state: present
+ name: fabric
+ config: static
+ auto: true
+ address: "{{ compute_node.addresses.fabric }}"
+ bond-mode: active-backup
+ bond-miimon: 100
+ bond-slaves: none
+ description: "Leaf - Spine bonded fabric interface"
+ register: net_changed
+
+- name: Verify Network Change
+ set_fact:
+ reboot_required: "{{ reboot_required }} or {{ net_changed.changed }}"
+
+- name: Gather Primary Fabric Interface
+ set_fact:
+ fabric_primary_iface: "{{ fabric_iface_list | sort | first }}"
+ changed_when: false
+ when: fabric_iface_list|length > 0
+
+- name: Ensure Primary Fabric Interface
+ netfile:
+ src: "{{ compute_node.interfaces.file }}"
+ state: present
+ auto: true
+ name: "{{ fabric_primary_iface }}"
+ config: manual
+ bond-master: fabric
+ bond-primary: "{{ fabric_primary_iface }}"
+ description: "Primary fabric interface"
+ register: net_changed
+ when: fabric_iface_list|length > 0
+
+- name: Verify Primary Fabric Interface Changed
+ set_fact:
+ reboot_required: "{{ reboot_required }} or {{ net_changed.changed }}"
+
+- name: Ensure Fabric Interfaces
+ netfile:
+ src: "{{ compute_node.interfaces.file }}"
+ state: present
+ auto: true
+ name: "{{ item }}"
+ config: manual
+ bond-master: fabric
+ description: "Fabric interface"
+ register: net_changed
+ when: fabric_iface_list|length > 1 and item != fabric_primary_iface
+ with_items:
+ - "{{ fabric_iface_list | sort }}"
+
+- name: Verify Fabric Interfaces Changed
+ set_fact:
+ reboot_required: "{{ reboot_required }} or {{ net_changed.changed }}"
+
+- name: Ensure Management Bridge DHCP
+ netfile:
+ src: "{{ compute_node.interfaces.file }}"
+ state: present
+ name: mgmtbr
+ config: "dhcp"
+ auto: true
+ bridge_ports: "{{ nonfabric_iface_list | join(' ') }}"
+ description: "Internal POD management interface"
+ register: net_changed
+ when: compute_node.addresses.management == "dhcp"
+
+- name: Verify Management Bridge DHCP Changed
+ set_fact:
+ reboot_required: "{{ reboot_required }} or {{ net_changed.changed }}"
+
+- name: Ensure Management Bridge STATIC
+ netfile:
+ src: "{{ compute_node.interfaces.file }}"
+ state: present
+ name: mgmtbr
+ config: static
+ auto: true
+ address: "{{ compute_node.addresses.management }}"
+ gateway: "{{ compute_node.gateway.management | default(omit) }}"
+ broadcast: "{{ compute_node.broadcast.management | default(omit) }}"
+ bridge_ports: "{{ nonfabric_iface_list | join(' ') }}"
+ description: "Internal POD management interface"
+ register: net_changed
+ when: compute_node.addresses.management != "dhcp"
+
+- name: Verify Management Bridge STATIC Changed
+ set_fact:
+ reboot_required: "{{ reboot_required }} or {{ net_changed.changed }}"
+
+- name: Ensure Management Bridge Interfaces
+ netfile:
+ src: "{{ compute_node.interfaces.file }}"
+ state: present
+ auto: true
+ name: "{{ item }}"
+ config: manual
+ description: "Management interface"
+ register: net_changed
+ with_items:
+ - "{{ nonfabric_iface_list | sort }}"
+
+- name: Verify Management Bridge Interfaces Changed
+ set_fact:
+ reboot_required: "{{ reboot_required }} or {{ net_changed.changed }}"
+
+- name: Ensure External Interface DHCP
+ netfile:
+ src: "{{ compute_node.interfaces.file }}"
+ state: present
+ auto: true
+ name: "{{ compute_node.interfaces.external }}"
+ config: dhcp
+ description: "External interface from POD to Internet (uplink)"
+ register: net_changed
+ when: compute_node.interfaces.external and compute_node.addresses.external == "dhcp"
+
+- name: Verify External Interface DHCP Changed
+ set_fact:
+ reboot_required: "{{ reboot_required }} or {{ net_changed.changed }}"
+
+- name: Ensure External Interface STATIC
+ netfile:
+ src: "{{ compute_node.interfaces.file }}"
+ state: present
+ auto: true
+ name: "{{ compute_node.interfaces.external }}"
+ config: static
+ address: "{{ compute_node.addresses.external }}"
+ gateway: "{{ compute_node.gateway.external | default(omit) }}"
+ broadcast: "{{ compute_node.broadcast.external | default(omit) }}"
+ description: "External interface from POD to Internet (uplink)"
+ register: net_changed
+ when: compute_node.interfaces.external and compute_node.addresses.external != "dhcp"
+
+- name: Verify External Interface STATIC Changed
+ set_fact:
+ reboot_required: "{{ reboot_required }} or {{ net_changed.changed }}"
+
+- name: Reboot Required
+ command: /sbin/reboot
+ async: 0
+ poll: 0
+ ignore_errors: true
+ when: reboot_required
+ tags:
+ - interface_config
+ - reboot
+
+- name: Ensure Port Defined
+ set_fact:
+ ansible_ssh_port: 22
+ when: ansible_ssh_port is not defined
+
+- name: Wait For Restart
+ local_action: wait_for port={{ ansible_ssh_port }} host={{ inventory_hostname }} search_regex=OpenSSH delay=120 timeout=600 connect_timeout=15
+ when: reboot_required
+ tags:
+ - interface_config
+ - reboot
diff --git a/roles/compute-node/tasks/vars.yml b/roles/compute-node/tasks/vars.yml
new file mode 100644
index 0000000..e0bba8b
--- /dev/null
+++ b/roles/compute-node/tasks/vars.yml
@@ -0,0 +1,19 @@
+pub_ssh_key: "{{ lookup('file', 'files/id_rsa.pub') }}"
+
+compute_node:
+ fabric_iface_match: "{{ fabric_iface_spec | default('i40e|mlx4_en') }}"
+ interfaces:
+ fabric: "{{ fabric_iface | default('fabric') }}"
+ management: "{{ management_iface | default('mgmtbr') }}"
+ external: "{{ external_iface | default(None) }}"
+ file: "{{ iface_file | default('/etc/network/interfaces') }}"
+ addresses:
+ fabric: "{{ fabric_ip | mandatory }}"
+ management: "{{ management_ip | default('dhcp') }}"
+ external: "{{ external_ip | default('manual') }}"
+ gateway:
+ external: "{{ external_gw | default(omit) }}"
+ management: "{{ management_gw | default(omit) }}"
+ broadcast:
+ external: "{{ external_bc | default(omit) }}"
+ management: "{{ management_bc | default(omit) }}"
diff --git a/roles/compute-node/vars/main.yml b/roles/compute-node/vars/main.yml
index 62c9f19..01323a2 100644
--- a/roles/compute-node/vars/main.yml
+++ b/roles/compute-node/vars/main.yml
@@ -5,11 +5,15 @@
interfaces:
fabric: "{{ fabric_iface | default('fabric') }}"
management: "{{ management_iface | default('mgmtbr') }}"
- external: "{{ external_iface | default('') }}"
+ external: "{{ external_iface | default(None) }}"
+ file: "{{ iface_file | default('/etc/network/interfaces') }}"
addresses:
fabric: "{{ fabric_ip | mandatory }}"
management: "{{ management_ip | default('dhcp') }}"
external: "{{ external_ip | default('manual') }}"
gateway:
- external: "{{ external_gw | default('') }}"
- management: "{{ management_gw | default('') }}"
+ external: "{{ external_gw | default(omit) }}"
+ management: "{{ management_gw | default('omit') }}"
+ broadcast:
+ external: "{{ external_bc | default(omit) }}"
+ management: "{{ management_bc | default('omit') }}"
diff --git a/roles/head-node/files/compute-node.yml b/roles/head-node/files/compute-node.yml
index b8eb496..13d71e7 100644
--- a/roles/head-node/files/compute-node.yml
+++ b/roles/head-node/files/compute-node.yml
@@ -4,7 +4,7 @@
remote_user: ubuntu
tasks:
- name: Include variables
- include_vars: vars/compute-node.yml
+ include_vars: vars/compute-node-vars.yml
- name: Configure compute hosts to use DNS server
hosts: all
diff --git a/roles/head-node/files/do-ansible b/roles/head-node/files/do-ansible
index ae2efb9..0d91c31 100755
--- a/roles/head-node/files/do-ansible
+++ b/roles/head-node/files/do-ansible
@@ -22,4 +22,4 @@
fi
echo "ANSIBLE_ROLES_PATH=/etc/maas/ansible/roles ansible-playbook --private-key=/etc/maas/ansible/id_rsa -i $IP, /etc/maas/ansible/compute-node.yml $SKIP_TAGS $EXTRA_VARS" >> $LOG
-ANSIBLE_ROLES_PATH=/etc/maas/ansible/roles ansible-playbook --private-key=/etc/maas/ansible/id_rsa -i $IP, /etc/maas/ansible/compute-node.yml $SKIP_TAGS $EXTRA_VARS >> $LOG
+ANSIBLE_ROLES_PATH=/etc/maas/ansible/roles ansible-playbook --private-key=/etc/maas/ansible/id_rsa -i $IP, /etc/maas/ansible/compute-node.yml $SKIP_TAGS $EXTRA_VARS >> $LOG || exit $?
diff --git a/roles/head-node/tasks/main.yml b/roles/head-node/tasks/main.yml
index 166a328..c3aeb51 100644
--- a/roles/head-node/tasks/main.yml
+++ b/roles/head-node/tasks/main.yml
@@ -10,12 +10,15 @@
- name: Ensure Ansible Roles
become: yes
copy:
- src: roles
+ src: "{{ item }}"
dest: /etc/maas/ansible
owner: maas
group: maas
mode: u=rwX,g=rX,o=rX
force: true
+ with_items:
+ - roles
+ - library
- name: Ensure Role Permissions and Modes
become: yes
@@ -79,7 +82,7 @@
become: yes
template:
src=files/compute-node-vars.yml
- dest=/etc/maas/ansible/vars/compute-node.yml
+ dest=/etc/maas/ansible/vars/compute-node-vars.yml
owner=maas
group=maas
mode=0644
diff --git a/roles/maas/tasks/main.yml b/roles/maas/tasks/main.yml
index 6d6c793..c37c9b6 100644
--- a/roles/maas/tasks/main.yml
+++ b/roles/maas/tasks/main.yml
@@ -49,6 +49,7 @@
repo: ppa:maas/stable
update_cache: yes
state: present
+ validate_certs: no
- name: MAAS
become: yes
@@ -199,7 +200,7 @@
- name: Configure MAAS
become: yes
- command: docker run docker-registry:5000/cord-maas-bootstrap:{{ docker.image_version }} --apikey='{{apikey.stdout}}' --sshkey='{{maas.user_sshkey}}' --url='http://{{mgmt_ip_address.stdout}}/MAAS/api/1.0' --network='{{networks.management}}' --interface='{{interfaces.management}}' --zone='administrative' --cluster='Cluster master' --domain='{{maas.domain}}' --bridge='{{networks.bridge_name}}' --bridge-subnet='{{networks.bridge}}'
+ command: docker run docker-registry:5000/cord-maas-bootstrap:{{ docker.image_version }} --apikey='{{apikey.stdout}}' --sshkey='{{maas.user_sshkey}}' --url='http://{{mgmt_ip_address.stdout}}/MAAS/api/1.0' --network='{{networks.management}}' --interface='{{interfaces.management}}' --zone='administrative' --cluster='Cluster master' --domain='{{maas.domain}}'
register: maas_config_result
changed_when: maas_config_result.stdout.find("CHANGED") != -1
failed_when: "maas_config_result.rc != 0 or 'ERROR' in maas_config_result.stdout"
@@ -230,7 +231,7 @@
line: ' inet 0.0.0.0 port 954'
state: present
-- name: Ensure ENDC Allows Trusted
+- name: Ensure RNDC Allows Trusted
become: yes
lineinfile:
dest: /etc/bind/maas/named.conf.rndc.maas
@@ -292,7 +293,6 @@
service:
name=bind9
state=restarted
- when: ns_nameserver.changed or ns_search.changed
- name: MAAS Accepting API Requests
action: get_url url=http://{{ mgmt_ip_address.stdout }}/MAAS/api/1.0/maas/ dest=/tmp
diff --git a/roles/maas/templates/create_bridge.j2 b/roles/maas/templates/create_bridge.j2
deleted file mode 100755
index 5f12261..0000000
--- a/roles/maas/templates/create_bridge.j2
+++ /dev/null
@@ -1,17 +0,0 @@
-#!/bin/bash
-
-REPORT_CHANGED=0
-if [ $# -gt 0 ]; then
- REPORT_CHANGED=1
-fi
-CHANGED='false'
-
-FOUND=$(brctl show | grep "^{{ networks.bridge_name }}" | wc -l)
-if [ $FOUND -eq 0 ]; then
- CHANGED='true'
- brctl addbr {{ networks.bridge_name }}
-fi
-
-if [ $REPORT_CHANGED -ne 0 ]; then
- echo -n $CHANGED
-fi