CORD-912
OpenCloud support
Change-Id: I170597cacd76c84c795a7bf4c8e77e068ebcd72a
diff --git a/roles/compute-prep/tasks/main.yml b/roles/compute-prep/tasks/main.yml
index 1607e5f..0a5274b 100644
--- a/roles/compute-prep/tasks/main.yml
+++ b/roles/compute-prep/tasks/main.yml
@@ -1,62 +1,52 @@
---
-# file: roles/compute-prep/tasks/main.yml
+# file: compute-prep/tasks/main.yml
- name: Install packages
apt:
name: "{{ item }}"
- state: present
update_cache: yes
cache_valid_time: 3600
with_items:
- python-yaml
+ - python-pip
- name: Add ubuntu user
user:
name: ubuntu
groups: adm
-- name: Copy over CA certs
+- name: Add pod public key to user accounts
+ when: not on_maas
+ authorized_key:
+ user: "{{ item }}"
+ key: "{{ lookup('file', '{{ ssh_pki_dir }}/client_certs/{{ pod_sshkey_name }}_sshkey.pub') }}"
+ with_items:
+ - root
+ - ubuntu
+
+- name: Add pod public key to user accounts (MaaS)
+ when: on_maas
+ authorized_key:
+ user: "{{ item }}"
+ key: "{{ lookup('file', '/opt/cord_profile/node_key.pub') }}"
+ with_items:
+ - root
+ - ubuntu
+
+- name: Copy over CA certs from head node (MaaS)
+ when: on_maas
synchronize:
src: "/usr/local/share/ca-certificates/"
dest: "/usr/local/share/ca-certificates/"
notify:
- - update-ca-certifictes on compute node
-
-- name: List certs in /usr/local/share/ca-certificates/
- command: "ls -la /usr/local/share/ca-certificates/"
- register: certs_on_compute
- tags:
- - skip_ansible_lint # diagnostics
-
-- name: Output from listing certs
- debug: var=certs_on_compute
-
-- name: Add head node ubuntu user key
- authorized_key:
- user: ubuntu
- key: "{{ hostvars[groups['head'][0]]['sshkey']['stdout'] }}"
-
-- name: Add head node root user key
- authorized_key:
- user: root
- key: "{{ hostvars[groups['head'][0]]['sshkey']['stdout'] }}"
-
-- name: Add route via /etc/rc.local
- when: not on_maas
- template:
- src=rc.local.j2
- dest=/etc/rc.local
- mode=0755
- notify:
- - run rc.local
+ - update-ca-certificates
- name: Create /var/lib/nova dir
file:
- path=/var/lib/nova
- state=directory
+ path: /var/lib/nova
+ state: directory
-- name: Remove superfluous requests package
+- name: Remove requests package which causes SSL errors
pip:
- name=requests
- state=absent
-
+ name: "requests"
+ state: absent