Skip to content
Snippets Groups Projects
Commit 40069775 authored by Andreas Hamacher's avatar Andreas Hamacher
Browse files

resolved merge conflicts

Former-commit-id: 840ccd6e
parents 35536d15 1ea564f6
No related branches found
No related tags found
No related merge requests found
......@@ -100,6 +100,8 @@ ansible_create_cluster_stage:
- echo do it again
- ansible-playbook -i files/inventory.$STACKNAME --key-file ../gc_key.pem master_playbook.yml
=======
>>>>>>> origin/master
#after_script:
#- rm ./files/inventory.$STACKNAME
#only:
......@@ -194,8 +196,59 @@ clean:
script:
- source ./$NECTAR_ALLOCATION-openrc.sh
- bash -x ./CICD/heat/heatcicdwrapper.sh delete_if_exists $STACKNAME
#when: manual
manual_cluster_spawn:
stage: push_button_spawn_cluster
tags:
- heat
- ansible
before_script:
- echo "press button spawn cluster."
- echo "for this to work you have to provide a variable called manual stackname"
- echo I still need to handle os password
- echo $MANUAL_STACKNAME
- echo "$GC_KEY" > gc_key.pem
- chmod 400 gc_key.pem
- echo "$HPCCICD_openrc" > ./$NECTAR_ALLOCATION-openrc.sh
script:
- source ./$NECTAR_ALLOCATION-openrc.sh
- bash -x ./CICD/heat/heatcicdwrapper.sh create $MANUAL_STACKNAME
- openstack stack list
- export STACKNAME=$MANUAL_STACKNAME
- sleep 25
- bash -x CICD/ansible_create_cluster_script.sh
when: manual
only:
refs:
- "cicd"
extended:
stage: extended
tags:
- heat
- ansible
before_script:
- echo "cleanup stack"
- sleep 30
- echo "$HPCCICD_openrc" > ./$NECTAR_ALLOCATION-openrc.sh
script:
- source ./$NECTAR_ALLOCATION-openrc.sh
- bash -x ./CICD/heat/heatcicdwrapper.sh delete_if_exists $STACKNAME
only:
variables:
- $EXTENDED != null
clean:
stage: clean
tags:
- heat
before_script:
- echo "cleanup stack"
- sleep 30
- echo "$HPCCICD_openrc" > ./$NECTAR_ALLOCATION-openrc.sh
script:
- source ./$NECTAR_ALLOCATION-openrc.sh
- bash -x ./CICD/heat/heatcicdwrapper.sh delete_if_exists $STACKNAME
#trigger_pipeline_in_B:
# stage: integration_test_downstream
......@@ -228,4 +281,13 @@ clean:
# - openstack stack list
# after_script:
# - sleep 20 # artifically wait a bit to make sure it is really dead
# when: manual
\ No newline at end of file
- echo "cleanup stack"
- sleep 30
- echo "$HPCCICD_openrc" > ./$NECTAR_ALLOCATION-openrc.sh
script:
- source ./$NECTAR_ALLOCATION-openrc.sh
- bash -x ./CICD/heat/heatcicdwrapper.sh delete_if_exists $STACKNAME
only:
variables:
- $EXTENDED != null
......@@ -13,7 +13,7 @@ parameters:
type: string
label: Image ID
description: Centos Image
default: c47c3acb-9657-4243-9e14-e6c676157e3b
default: c47c3acb-9657-4243-9e14-e6c676157e3b #with Networkmanager
ssh_key:
type: string
default: gc_key
......
- name: Adding pamd access for users who can run cron jobs
lineinfile:
path: /etc/security/access.conf
state: present
insertbefore: '^-:ALL EXCEPT root systems ec2-user debian ubuntu admin :ALL'
line: '+: cron-users : cron crond :0'
become: true
become_user: root
......@@ -10,12 +10,20 @@
with_items: "{{ server_packages }}"
become: true
when: ansible_os_family == "RedHat"
- name: make sure mysql conf directory exists
file: dest=/etc/mysql/conf.d state=directory
become: true
register: mysqldb_confdir_create
<<<<<<< HEAD
- name: make sure mysql conf directory exists
file: dest=/etc/mysql/conf.d state=directory
become: true
register: mysqldb_confdir_create
=======
>>>>>>> origin/master
- name: "Starting MySQL"
service: name={{ sqlServiceName }} state=started enabled=true
become: true
......
This role sets the timezone on the desired server.
- installs a templated file into /etc/ntp.conf. The variable NTP_SERVER sets the ntp server
- NTP_SERVER defaults to ntp.monash.edu.au
- starts and enables the ntpd process
- Makes a link from /etc/localtime state=link to path defined by Variable TIMEZONE_PATH
- TIMEZONE_PATH defaults to /usr/share/zoneinfo/Australia/Melbourne
Example of use
- { role: set_timezone } #sets to Melbourne time
- { role: set_timezone, TIMEZONE_PATH: "/usr/share/zoneinfo/Australia/Perth" } #sets to Perth time
- { role: set_timezone, TIMEZONE_PATH: "/usr/share/zoneinfo/Australia/Perth", NTP_SERVER: "time.google.com" } #sets to Perth time and using google ntp server
---
- name: install ntp.conf
template: src=ntp.conf.j2 dest=/etc/ntp.conf mode=644 owner=root group=root
become: true
become_user: root
- name: restart ntpd
service: name=ntpd state=restarted
become: true
become_user: root
- name: ensure ntpd is enabled and started
service: name=ntpd state=started enabled=yes
become: true
become_user: root
- name: set local timezone
file: path=/etc/localtime state=link src={{ TIMEZONE_PATH }}
become: true
become_user: root
# For more information about this file, see the man pages
# ntp.conf(5), ntp_acc(5), ntp_auth(5), ntp_clock(5), ntp_misc(5), ntp_mon(5).
driftfile /var/lib/ntp/drift
# Permit time synchronization with our time source, but do not
# permit the source to query or modify the service on this system.
restrict default nomodify notrap nopeer noquery
# Permit all access over the loopback interface. This could
# be tightened as well, but to do so would effect some of
# the administrative functions.
restrict 127.0.0.1
restrict ::1
# Hosts on local network are less restricted.
#restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap
# Use public servers from the pool.ntp.org project.
# Please consider joining the pool (http://www.pool.ntp.org/join.html).
server {{ NTP_SERVER }}
#broadcast 192.168.1.255 autokey # broadcast server
#broadcastclient # broadcast client
#broadcast 224.0.1.1 autokey # multicast server
#multicastclient 224.0.1.1 # multicast client
#manycastserver 239.255.254.254 # manycast server
#manycastclient 239.255.254.254 autokey # manycast client
# Enable public key cryptography.
#crypto
includefile /etc/ntp/crypto/pw
# Key file containing the keys and key identifiers used when operating
# with symmetric key cryptography.
keys /etc/ntp/keys
# Specify the key identifiers which are trusted.
#trustedkey 4 8 42
# Specify the key identifier to use with the ntpdc utility.
#requestkey 8
# Specify the key identifier to use with the ntpq utility.
#controlkey 8
# Enable writing of statistics records.
#statistics clockstats cryptostats loopstats peerstats
# Disable the monitoring facility to prevent amplification attacks using ntpdc
# monlist command when default restrict does not include the noquery flag. See
# CVE-2013-5211 for more details.
# Note: Monitoring will not be disabled with the limited restriction flag.
disable monitor
---
TIMEZONE_PATH: "/usr/share/zoneinfo/Australia/Melbourne"
NTP_SERVER: "ntp.monash.edu.au"
......@@ -34,9 +34,11 @@ def gatherInfo(md_key,md_value,authDict,project_id,inventory):
if groupName not in inventory: inventory[groupName] = []
inventory[groupName].append(hostname)
# Add other metadata
if not hostname in inventory['_meta']['hostvars']:
inventory['_meta']['hostvars'][hostname] = {}
for md in server.metadata.items():
if md[0] not in (md_key,'ansible_host_groups'):
inventory['_meta']['hostvars'][hostname] = { md[0]:md[1] }
inventory['_meta']['hostvars'][hostname].update({ md[0]:md[1] })
if novaVolumes:
volDict = {}
for volume in novaVolumes:
......@@ -51,6 +53,8 @@ def gatherInfo(md_key,md_value,authDict,project_id,inventory):
for nn in server.networks.keys():
if 'internal' in nn:
network_name = nn
else:
inventory['_meta']['hostvars'][hostname]['public_host'] = server.networks[nn][0]
if network_name == None:
network_name = list(server.networks.keys())[0]
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment