resolved merge conflicts

Former-commit-id: 840ccd6e

.gitlab-ci.yml

@@ -100,6 +100,8 @@ ansible_create_cluster_stage:
     - echo do it again
     - ansible-playbook -i files/inventory.$STACKNAME --key-file ../gc_key.pem master_playbook.yml
     
+=======
+>>>>>>> origin/master
   #after_script:
     #- rm ./files/inventory.$STACKNAME
   #only:
@@ -194,8 +196,59 @@ clean:
   script:
     - source ./$NECTAR_ALLOCATION-openrc.sh
     - bash -x ./CICD/heat/heatcicdwrapper.sh delete_if_exists $STACKNAME
-  #when: manual
+manual_cluster_spawn:
+  stage: push_button_spawn_cluster
+  tags:
+  - heat
+  - ansible
+  before_script:
+    - echo "press button spawn cluster."
+    - echo "for this to work you have to provide a variable called manual stackname"
+    - echo I still need to handle os password
+    - echo $MANUAL_STACKNAME
+    - echo "$GC_KEY" > gc_key.pem
+    - chmod 400 gc_key.pem
+    - echo "$HPCCICD_openrc" > ./$NECTAR_ALLOCATION-openrc.sh
+  script:
+    - source ./$NECTAR_ALLOCATION-openrc.sh
+    - bash -x ./CICD/heat/heatcicdwrapper.sh create $MANUAL_STACKNAME
+    - openstack stack list
+    - export STACKNAME=$MANUAL_STACKNAME
+    - sleep 25
+    - bash -x CICD/ansible_create_cluster_script.sh
+  when: manual 
+  only:
+    refs:
+      - "cicd"
+
+extended:
+  stage: extended
+  tags:
+  - heat
+  - ansible
+  before_script:
+    - echo "cleanup stack"
+    - sleep 30
+    - echo "$HPCCICD_openrc" > ./$NECTAR_ALLOCATION-openrc.sh
+  script:
+    - source ./$NECTAR_ALLOCATION-openrc.sh
+    - bash -x ./CICD/heat/heatcicdwrapper.sh delete_if_exists $STACKNAME
+  only:
+    variables:
+      - $EXTENDED != null
   
+clean:
+  stage: clean
+  tags:
+  - heat
+  before_script:
+    - echo "cleanup stack"
+    - sleep 30
+    - echo "$HPCCICD_openrc" > ./$NECTAR_ALLOCATION-openrc.sh
+  script:
+    - source ./$NECTAR_ALLOCATION-openrc.sh
+    - bash -x ./CICD/heat/heatcicdwrapper.sh delete_if_exists $STACKNAME
+
   
   #trigger_pipeline_in_B:
 #  stage: integration_test_downstream
@@ -228,4 +281,13 @@ clean:
 #     - openstack stack list
 #   after_script:
 #     - sleep 20 # artifically wait a bit to make sure it is really dead
-#   when: manual
\ No newline at end of file
+    - echo "cleanup stack"
+    - sleep 30
+    - echo "$HPCCICD_openrc" > ./$NECTAR_ALLOCATION-openrc.sh
+  script:
+    - source ./$NECTAR_ALLOCATION-openrc.sh
+    - bash -x ./CICD/heat/heatcicdwrapper.sh delete_if_exists $STACKNAME
+  only:
+    variables:
+      - $EXTENDED != null
+  

CICD/heat/gc_HOT.yaml

@@ -13,7 +13,7 @@ parameters:
     type: string
     label: Image ID
     description: Centos Image
-    default: c47c3acb-9657-4243-9e14-e6c676157e3b
+    default: c47c3acb-9657-4243-9e14-e6c676157e3b #with Networkmanager
   ssh_key:
     type: string
     default: gc_key

roles/cron-access/tasks/main.yml

+- name: Adding pamd access for users who can run cron jobs
+  lineinfile:
+    path: /etc/security/access.conf
+    state: present
+    insertbefore: '^-:ALL EXCEPT root systems ec2-user debian ubuntu admin :ALL'
+    line: '+: cron-users : cron crond :0'
+  become: true
+  become_user: root

roles/mysql/tasks/mysql_server.yml

@@ -10,12 +10,20 @@
   with_items: "{{ server_packages }}"
   become: true
   when: ansible_os_family == "RedHat"
+  
+- name: make sure mysql conf directory exists
+  file: dest=/etc/mysql/conf.d state=directory
+  become: true
+  register: mysqldb_confdir_create
 
+<<<<<<< HEAD
 - name: make sure mysql conf directory exists
   file: dest=/etc/mysql/conf.d state=directory
   become: true
   register: mysqldb_confdir_create
 
+=======
+>>>>>>> origin/master
 - name: "Starting MySQL"
   service: name={{ sqlServiceName }} state=started enabled=true
   become: true

roles/set_timezone/README.md

+This role sets the timezone on the desired server.
+- installs a templated file into /etc/ntp.conf. The variable NTP_SERVER sets the ntp server
+  - NTP_SERVER defaults to ntp.monash.edu.au
+- starts and enables the ntpd process
+- Makes a link from /etc/localtime state=link to path defined by Variable TIMEZONE_PATH
+  - TIMEZONE_PATH  defaults to /usr/share/zoneinfo/Australia/Melbourne
+
+
+Example of use
+- { role: set_timezone } #sets to Melbourne time
+- { role: set_timezone, TIMEZONE_PATH: "/usr/share/zoneinfo/Australia/Perth" } #sets to Perth time
+- { role: set_timezone, TIMEZONE_PATH: "/usr/share/zoneinfo/Australia/Perth", NTP_SERVER: "time.google.com" } #sets to Perth time and using google ntp server
+

roles/set_timezone/tasks/main.yml

+---
+- name: install ntp.conf
+  template: src=ntp.conf.j2 dest=/etc/ntp.conf mode=644 owner=root group=root
+  become: true
+  become_user: root
+
+- name: restart ntpd
+  service: name=ntpd state=restarted 
+  become: true
+  become_user: root
+
+- name: ensure ntpd is enabled and started   
+  service: name=ntpd state=started enabled=yes   
+  become: true   
+  become_user: root
+
+- name: set local timezone
+  file: path=/etc/localtime state=link src={{ TIMEZONE_PATH }}
+  become: true
+  become_user: root

roles/set_timezone/templates/ntp.conf.j2

+# For more information about this file, see the man pages
+# ntp.conf(5), ntp_acc(5), ntp_auth(5), ntp_clock(5), ntp_misc(5), ntp_mon(5).
+
+driftfile /var/lib/ntp/drift
+
+# Permit time synchronization with our time source, but do not
+# permit the source to query or modify the service on this system.
+restrict default nomodify notrap nopeer noquery
+
+# Permit all access over the loopback interface.  This could
+# be tightened as well, but to do so would effect some of
+# the administrative functions.
+restrict 127.0.0.1 
+restrict ::1
+
+# Hosts on local network are less restricted.
+#restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap
+
+# Use public servers from the pool.ntp.org project.
+# Please consider joining the pool (http://www.pool.ntp.org/join.html).
+server {{ NTP_SERVER }}
+
+#broadcast 192.168.1.255 autokey	# broadcast server
+#broadcastclient			# broadcast client
+#broadcast 224.0.1.1 autokey		# multicast server
+#multicastclient 224.0.1.1		# multicast client
+#manycastserver 239.255.254.254		# manycast server
+#manycastclient 239.255.254.254 autokey # manycast client
+
+# Enable public key cryptography.
+#crypto
+
+includefile /etc/ntp/crypto/pw
+
+# Key file containing the keys and key identifiers used when operating
+# with symmetric key cryptography. 
+keys /etc/ntp/keys
+
+# Specify the key identifiers which are trusted.
+#trustedkey 4 8 42
+
+# Specify the key identifier to use with the ntpdc utility.
+#requestkey 8
+
+# Specify the key identifier to use with the ntpq utility.
+#controlkey 8
+
+# Enable writing of statistics records.
+#statistics clockstats cryptostats loopstats peerstats
+
+# Disable the monitoring facility to prevent amplification attacks using ntpdc
+# monlist command when default restrict does not include the noquery flag. See
+# CVE-2013-5211 for more details.
+# Note: Monitoring will not be disabled with the limited restriction flag.
+disable monitor

roles/set_timezone/vars/main.yml

+---
+TIMEZONE_PATH: "/usr/share/zoneinfo/Australia/Melbourne"
+NTP_SERVER: "ntp.monash.edu.au"

scripts/make_inventory.py

@@ -34,9 +34,11 @@ def gatherInfo(md_key,md_value,authDict,project_id,inventory):
                 if groupName not in inventory: inventory[groupName] = []
                 inventory[groupName].append(hostname)
             # Add other metadata
+            if not hostname in inventory['_meta']['hostvars']:
+                inventory['_meta']['hostvars'][hostname] = {}
             for md in server.metadata.items():
                 if md[0] not in (md_key,'ansible_host_groups'):
-                    inventory['_meta']['hostvars'][hostname] = { md[0]:md[1] }
+                    inventory['_meta']['hostvars'][hostname].update({ md[0]:md[1] })
             if novaVolumes:
                 volDict = {}    
                 for volume in novaVolumes:
@@ -51,6 +53,8 @@ def gatherInfo(md_key,md_value,authDict,project_id,inventory):
                     for nn in server.networks.keys():
                         if 'internal' in nn:
                             network_name = nn
+                        else:
+                            inventory['_meta']['hostvars'][hostname]['public_host'] = server.networks[nn][0]
                 if network_name == None:
                     network_name = list(server.networks.keys())[0]