diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 74e7db73fcf3ff66364516aa55ac525bb00215e1..ade27fd5879e59dfa38d667c9206fcfb3bf35280 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -100,6 +100,8 @@ ansible_create_cluster_stage:
- echo do it again
- ansible-playbook -i files/inventory.$STACKNAME --key-file ../gc_key.pem master_playbook.yml
+=======
+>>>>>>> origin/master
#after_script:
#- rm ./files/inventory.$STACKNAME
#only:
@@ -194,8 +196,59 @@ clean:
script:
- source ./$NECTAR_ALLOCATION-openrc.sh
- bash -x ./CICD/heat/heatcicdwrapper.sh delete_if_exists $STACKNAME
- #when: manual
+manual_cluster_spawn:
+ stage: push_button_spawn_cluster
+ tags:
+ - heat
+ - ansible
+ before_script:
+ - echo "press button spawn cluster."
+ - echo "for this to work you have to provide a variable called manual stackname"
+ - echo I still need to handle os password
+ - echo $MANUAL_STACKNAME
+ - echo "$GC_KEY" > gc_key.pem
+ - chmod 400 gc_key.pem
+ - echo "$HPCCICD_openrc" > ./$NECTAR_ALLOCATION-openrc.sh
+ script:
+ - source ./$NECTAR_ALLOCATION-openrc.sh
+ - bash -x ./CICD/heat/heatcicdwrapper.sh create $MANUAL_STACKNAME
+ - openstack stack list
+ - export STACKNAME=$MANUAL_STACKNAME
+ - sleep 25
+ - bash -x CICD/ansible_create_cluster_script.sh
+ when: manual
+ only:
+ refs:
+ - "cicd"
+
+extended:
+ stage: extended
+ tags:
+ - heat
+ - ansible
+ before_script:
+ - echo "cleanup stack"
+ - sleep 30
+ - echo "$HPCCICD_openrc" > ./$NECTAR_ALLOCATION-openrc.sh
+ script:
+ - source ./$NECTAR_ALLOCATION-openrc.sh
+ - bash -x ./CICD/heat/heatcicdwrapper.sh delete_if_exists $STACKNAME
+ only:
+ variables:
+ - $EXTENDED != null
+clean:
+ stage: clean
+ tags:
+ - heat
+ before_script:
+ - echo "cleanup stack"
+ - sleep 30
+ - echo "$HPCCICD_openrc" > ./$NECTAR_ALLOCATION-openrc.sh
+ script:
+ - source ./$NECTAR_ALLOCATION-openrc.sh
+ - bash -x ./CICD/heat/heatcicdwrapper.sh delete_if_exists $STACKNAME
+
#trigger_pipeline_in_B:
# stage: integration_test_downstream
@@ -228,4 +281,13 @@ clean:
# - openstack stack list
# after_script:
# - sleep 20 # artifically wait a bit to make sure it is really dead
-# when: manual
\ No newline at end of file
+ - echo "cleanup stack"
+ - sleep 30
+ - echo "$HPCCICD_openrc" > ./$NECTAR_ALLOCATION-openrc.sh
+ script:
+ - source ./$NECTAR_ALLOCATION-openrc.sh
+ - bash -x ./CICD/heat/heatcicdwrapper.sh delete_if_exists $STACKNAME
+ only:
+ variables:
+ - $EXTENDED != null
+
diff --git a/CICD/heat/gc_HOT.yaml b/CICD/heat/gc_HOT.yaml
index 4adac0f00869db8c5b2181f75cab74446053c205..d9a91e1bb1ed7f5c1cbf1616e0dbd0908409fc89 100644
--- a/CICD/heat/gc_HOT.yaml
+++ b/CICD/heat/gc_HOT.yaml
@@ -13,7 +13,7 @@ parameters:
type: string
label: Image ID
description: Centos Image
- default: c47c3acb-9657-4243-9e14-e6c676157e3b
+ default: c47c3acb-9657-4243-9e14-e6c676157e3b #with Networkmanager
ssh_key:
type: string
default: gc_key
diff --git a/roles/cron-access/tasks/main.yml b/roles/cron-access/tasks/main.yml
new file mode 100644
index 0000000000000000000000000000000000000000..09e97aea34682a7e66782f3f2e98389ffa3f892a
--- /dev/null
+++ b/roles/cron-access/tasks/main.yml
@@ -0,0 +1,8 @@
+- name: Adding pamd access for users who can run cron jobs
+ lineinfile:
+ path: /etc/security/access.conf
+ state: present
+ insertbefore: '^-:ALL EXCEPT root systems ec2-user debian ubuntu admin :ALL'
+ line: '+: cron-users : cron crond :0'
+ become: true
+ become_user: root
diff --git a/roles/mysql/tasks/mysql_server.yml b/roles/mysql/tasks/mysql_server.yml
index 63d528e8499cedff90500d4fc715dffdf26befc2..48185732b1a8ddae86342632531da100c520d3d3 100644
--- a/roles/mysql/tasks/mysql_server.yml
+++ b/roles/mysql/tasks/mysql_server.yml
@@ -10,12 +10,20 @@
with_items: "{{ server_packages }}"
become: true
when: ansible_os_family == "RedHat"
+
+- name: make sure mysql conf directory exists
+ file: dest=/etc/mysql/conf.d state=directory
+ become: true
+ register: mysqldb_confdir_create
+<<<<<<< HEAD
- name: make sure mysql conf directory exists
file: dest=/etc/mysql/conf.d state=directory
become: true
register: mysqldb_confdir_create
+=======
+>>>>>>> origin/master
- name: "Starting MySQL"
service: name={{ sqlServiceName }} state=started enabled=true
become: true
diff --git a/roles/set_timezone/README.md b/roles/set_timezone/README.md
new file mode 100644
index 0000000000000000000000000000000000000000..43cb094b917b7d2cab5ec357b4de67fa9496ba7c
--- /dev/null
+++ b/roles/set_timezone/README.md
@@ -0,0 +1,13 @@
+This role sets the timezone on the desired server.
+- installs a templated file into /etc/ntp.conf. The variable NTP_SERVER sets the ntp server
+ - NTP_SERVER defaults to ntp.monash.edu.au
+- starts and enables the ntpd process
+- Makes a link from /etc/localtime state=link to path defined by Variable TIMEZONE_PATH
+ - TIMEZONE_PATH defaults to /usr/share/zoneinfo/Australia/Melbourne
+
+
+Example of use
+- { role: set_timezone } #sets to Melbourne time
+- { role: set_timezone, TIMEZONE_PATH: "/usr/share/zoneinfo/Australia/Perth" } #sets to Perth time
+- { role: set_timezone, TIMEZONE_PATH: "/usr/share/zoneinfo/Australia/Perth", NTP_SERVER: "time.google.com" } #sets to Perth time and using google ntp server
+
diff --git a/roles/set_timezone/tasks/main.yml b/roles/set_timezone/tasks/main.yml
new file mode 100644
index 0000000000000000000000000000000000000000..177969103af146ee970584e774bf2d4731209e77
--- /dev/null
+++ b/roles/set_timezone/tasks/main.yml
@@ -0,0 +1,20 @@
+---
+- name: install ntp.conf
+ template: src=ntp.conf.j2 dest=/etc/ntp.conf mode=644 owner=root group=root
+ become: true
+ become_user: root
+
+- name: restart ntpd
+ service: name=ntpd state=restarted
+ become: true
+ become_user: root
+
+- name: ensure ntpd is enabled and started
+ service: name=ntpd state=started enabled=yes
+ become: true
+ become_user: root
+
+- name: set local timezone
+ file: path=/etc/localtime state=link src={{ TIMEZONE_PATH }}
+ become: true
+ become_user: root
diff --git a/roles/set_timezone/templates/ntp.conf.j2 b/roles/set_timezone/templates/ntp.conf.j2
new file mode 100644
index 0000000000000000000000000000000000000000..2717f9824e405f016299c2c292aeafd6dfe1cccb
--- /dev/null
+++ b/roles/set_timezone/templates/ntp.conf.j2
@@ -0,0 +1,55 @@
+# For more information about this file, see the man pages
+# ntp.conf(5), ntp_acc(5), ntp_auth(5), ntp_clock(5), ntp_misc(5), ntp_mon(5).
+
+driftfile /var/lib/ntp/drift
+
+# Permit time synchronization with our time source, but do not
+# permit the source to query or modify the service on this system.
+restrict default nomodify notrap nopeer noquery
+
+# Permit all access over the loopback interface. This could
+# be tightened as well, but to do so would effect some of
+# the administrative functions.
+restrict 127.0.0.1
+restrict ::1
+
+# Hosts on local network are less restricted.
+#restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap
+
+# Use public servers from the pool.ntp.org project.
+# Please consider joining the pool (http://www.pool.ntp.org/join.html).
+server {{ NTP_SERVER }}
+
+#broadcast 192.168.1.255 autokey # broadcast server
+#broadcastclient # broadcast client
+#broadcast 224.0.1.1 autokey # multicast server
+#multicastclient 224.0.1.1 # multicast client
+#manycastserver 239.255.254.254 # manycast server
+#manycastclient 239.255.254.254 autokey # manycast client
+
+# Enable public key cryptography.
+#crypto
+
+includefile /etc/ntp/crypto/pw
+
+# Key file containing the keys and key identifiers used when operating
+# with symmetric key cryptography.
+keys /etc/ntp/keys
+
+# Specify the key identifiers which are trusted.
+#trustedkey 4 8 42
+
+# Specify the key identifier to use with the ntpdc utility.
+#requestkey 8
+
+# Specify the key identifier to use with the ntpq utility.
+#controlkey 8
+
+# Enable writing of statistics records.
+#statistics clockstats cryptostats loopstats peerstats
+
+# Disable the monitoring facility to prevent amplification attacks using ntpdc
+# monlist command when default restrict does not include the noquery flag. See
+# CVE-2013-5211 for more details.
+# Note: Monitoring will not be disabled with the limited restriction flag.
+disable monitor
diff --git a/roles/set_timezone/vars/main.yml b/roles/set_timezone/vars/main.yml
new file mode 100644
index 0000000000000000000000000000000000000000..65f16b25f13e746fe3185f2f9789cf09367b79ae
--- /dev/null
+++ b/roles/set_timezone/vars/main.yml
@@ -0,0 +1,3 @@
+---
+TIMEZONE_PATH: "/usr/share/zoneinfo/Australia/Melbourne"
+NTP_SERVER: "ntp.monash.edu.au"
diff --git a/scripts/make_inventory.py b/scripts/make_inventory.py
index 9e7997bcf72dc43b633fa3ae53d979bdea2acd06..48bd21d85e1a7314d0982d062227c33ac2b87783 100755
--- a/scripts/make_inventory.py
+++ b/scripts/make_inventory.py
@@ -34,9 +34,11 @@ def gatherInfo(md_key,md_value,authDict,project_id,inventory):
if groupName not in inventory: inventory[groupName] = []
inventory[groupName].append(hostname)
# Add other metadata
+ if not hostname in inventory['_meta']['hostvars']:
+ inventory['_meta']['hostvars'][hostname] = {}
for md in server.metadata.items():
if md[0] not in (md_key,'ansible_host_groups'):
- inventory['_meta']['hostvars'][hostname] = { md[0]:md[1] }
+ inventory['_meta']['hostvars'][hostname].update({ md[0]:md[1] })
if novaVolumes:
volDict = {}
for volume in novaVolumes:
@@ -51,6 +53,8 @@ def gatherInfo(md_key,md_value,authDict,project_id,inventory):
for nn in server.networks.keys():
if 'internal' in nn:
network_name = nn
+ else:
+ inventory['_meta']['hostvars'][hostname]['public_host'] = server.networks[nn][0]
if network_name == None:
network_name = list(server.networks.keys())[0]