Skip to content
Snippets Groups Projects
Commit 5291e795 authored by Andreas Hamacher's avatar Andreas Hamacher
Browse files

Merge remote-tracking branch 'origin/pamExcludeUbuntu' into centos76

parents 61e7f395 848fad4a
No related branches found
No related tags found
1 merge request!335Version pinning and enableing the upgrade role to run at all times
...@@ -7,7 +7,6 @@ variables: ...@@ -7,7 +7,6 @@ variables:
stages: stages:
- lint - lint
- testlustre
- extended - extended
#- heat_test #- heat_test
- heat - heat
...@@ -16,6 +15,7 @@ stages: ...@@ -16,6 +15,7 @@ stages:
- tests - tests
- integration_test #https://docs.gitlab.com/ee/ci/triggers/ - integration_test #https://docs.gitlab.com/ee/ci/triggers/
- clean - clean
- testlustre
trigger_pipeline_in_Clusterbuild: trigger_pipeline_in_Clusterbuild:
...@@ -146,7 +146,7 @@ ansible_create_cluster_stage: ...@@ -146,7 +146,7 @@ ansible_create_cluster_stage:
- ansible-playbook -i files/inventory.$STACKNAME --key-file ../../gc_key.pem --skip-tags monitoring computenodes.yml | tee nochange.log - ansible-playbook -i files/inventory.$STACKNAME --key-file ../../gc_key.pem --skip-tags monitoring computenodes.yml | tee nochange.log
- echo [ `grep changed= ./nochange.log -c` = `grep changed=0 ./nochange.log -c` ] > bashtest.sh # a crude way to make sure all changed lines are equal to changed=0 - echo [ `grep changed= ./nochange.log -c` = `grep changed=0 ./nochange.log -c` ] > bashtest.sh # a crude way to make sure all changed lines are equal to changed=0
- bash ./bashtest.sh - bash ./bashtest.sh
- ansible-playbook -i files/inventory.$STACKNAME --key-file ../../gc_key.pem --skip-tags monitoring --check computenodes.yml - ansible-playbook -i files/inventory.$STACKNAME --key-file ../../gc_key.pem --skip-tags monitoring --check computenodes.yml
tests: tests:
stage: tests stage: tests
...@@ -173,7 +173,7 @@ tests: ...@@ -173,7 +173,7 @@ tests:
- ansible -B 30 -i files/inventory.$STACKNAME --key-file ../gc_key.pem -a "systemctl is-active --quiet mariadb" SQLNodes - ansible -B 30 -i files/inventory.$STACKNAME --key-file ../gc_key.pem -a "systemctl is-active --quiet mariadb" SQLNodes
- ansible -B 30 -i files/inventory.$STACKNAME --key-file ../gc_key.pem -a "systemctl is-active --quiet slurmctld" ManagementNodes - ansible -B 30 -i files/inventory.$STACKNAME --key-file ../gc_key.pem -a "systemctl is-active --quiet slurmctld" ManagementNodes
- ansible -B 30 -i files/inventory.$STACKNAME --key-file ../gc_key.pem -a "systemctl is-active --quiet slurmdbd" ManagementNodes - ansible -B 30 -i files/inventory.$STACKNAME --key-file ../gc_key.pem -a "systemctl is-active --quiet slurmdbd" ManagementNodes
- bash -e ./tests/run_tests.sh all "files/inventory.$STACKNAME" "../gc_key.pem" - bash -e ./tests/run_tests.sh all "files/inventory.$STACKNAME" "../gc_key.pem"
- bash -e ./tests/run_tests.sh ComputeNodes "files/inventory.$STACKNAME" "../gc_key.pem" - bash -e ./tests/run_tests.sh ComputeNodes "files/inventory.$STACKNAME" "../gc_key.pem"
...@@ -184,7 +184,7 @@ tests: ...@@ -184,7 +184,7 @@ tests:
- bash -e ./tests/run_tests.sh slurm "files/inventory.$STACKNAME" "../gc_key.pem" - bash -e ./tests/run_tests.sh slurm "files/inventory.$STACKNAME" "../gc_key.pem"
- ansible -i files/inventory.$STACKNAME --key-file ../gc_key.pem -a 'sudo su - user1 -c whoami' LoginNodes,ComputeNodes # to test ldap - ansible -i files/inventory.$STACKNAME --key-file ../gc_key.pem -a 'sudo su - user1 -c whoami' LoginNodes,ComputeNodes # to test ldap
#- sshpass -p 'redhat' ssh -o StrictHostKeyChecking=no user1@server.example.com #- sshpass -p 'redhat' ssh -o StrictHostKeyChecking=no user1@server.example.com
extended: extended:
stage: extended stage: extended
tags: tags:
......
...@@ -30,7 +30,7 @@ ...@@ -30,7 +30,7 @@
- vars/vars.yml - vars/vars.yml
strategy: free strategy: free
roles: roles:
- { role: move_homedir, tags: [ authentication, filesystems ] } - { role: move_homedir, tags: [ authentication, filesystems,narf ] }
- { role: nfs-client, nfsMounts: "{{ computeNfsMounts }}", tags: [ filesystems ] } - { role: nfs-client, nfsMounts: "{{ computeNfsMounts }}", tags: [ filesystems ] }
- { role: slurm-common, tags: [ slurm, slurm-common ] } - { role: slurm-common, tags: [ slurm, slurm-common ] }
#- { role: lmod, tags: [ other ] } # actually preffered on ubuntu but mutually exclusive with environment-modules #- { role: lmod, tags: [ other ] } # actually preffered on ubuntu but mutually exclusive with environment-modules
...@@ -39,7 +39,7 @@ ...@@ -39,7 +39,7 @@
- { role: set_semaphore_count, tags: [ semaphore ] } - { role: set_semaphore_count, tags: [ semaphore ] }
- { role: ldapclient, ssl: false, tags: [ ldapclient ] } - { role: ldapclient, ssl: false, tags: [ ldapclient ] }
- { role: ssh-keepalive, tags: [ ssh ] } - { role: ssh-keepalive, tags: [ ssh ] }
- { role: enable_sudo_group, tags: [ authentication ] } - { role: enable_sudo_group, tags: [ authentication,zort ] }
- hosts: 'VisNodes' - hosts: 'VisNodes'
gather_facts: False gather_facts: False
...@@ -94,4 +94,5 @@ ...@@ -94,4 +94,5 @@
- hosts: 'LoginNodes' - hosts: 'LoginNodes'
roles: roles:
- { role: pam_sshd, computenodepam: false, tags: [ authentication, pamd ] } - { role: pam_sshd, tags: [ authentication, pamd ], when: ansible_os_family == 'RedHat' }
...@@ -4,14 +4,14 @@ ...@@ -4,14 +4,14 @@
become: true become: true
become_user: root become_user: root
- name: "Copy password sshd pam config" - name: "Copy loginnode password sshd pam config"
template: src=loginnodes_sshd.j2 dest=/etc/pam.d/sshd template: src=loginnodes_sshd.j2 dest=/etc/pam.d/sshd
become: true become: true
become_user: root become_user: root
when: computenodepam is undefined or not computenodepam when: computenodepam is undefined or not computenodepam
- name: "Copy password sshd pam config" - name: "Copy computenode password sshd pam config"
template: src=computenodes_sshd.j2 dest=/etc/pam.d/sshd template: src=computenodes_sshd.j2 dest=/etc/pam.d/sshd
become: true become: true
become_user: root become_user: root
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment