diff options
Diffstat (limited to 'deploy/adapters/ansible/roles/pre-prepare')
5 files changed, 196 insertions, 59 deletions
diff --git a/deploy/adapters/ansible/roles/pre-prepare/files/centos_base.repo b/deploy/adapters/ansible/roles/pre-prepare/files/centos_base.repo new file mode 100644 index 00000000..ba768e0a --- /dev/null +++ b/deploy/adapters/ansible/roles/pre-prepare/files/centos_base.repo @@ -0,0 +1,31 @@ +[base] +name=CentOS-$releasever - Base +mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=os&infra=$infra +#baseurl=http://mirror.centos.org/centos/$releasever/os/$basearch/ +gpgcheck=1 +gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7 + +#released updates +[updates] +name=CentOS-$releasever - Updates +mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=updates&infra=$infra +#baseurl=http://mirror.centos.org/centos/$releasever/updates/$basearch/ +gpgcheck=1 +gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7 + +#additional packages that may be useful +[extras] +name=CentOS-$releasever - Extras +mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=extras&infra=$infra +#baseurl=http://mirror.centos.org/centos/$releasever/extras/$basearch/ +gpgcheck=1 +gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7 + +#additional packages that extend functionality of existing packages +[centosplus] +name=CentOS-$releasever - Plus +mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=centosplus&infra=$infra +#baseurl=http://mirror.centos.org/centos/$releasever/centosplus/$basearch/ +gpgcheck=1 +enabled=0 +gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7 diff --git a/deploy/adapters/ansible/roles/pre-prepare/tasks/RedHat.yml b/deploy/adapters/ansible/roles/pre-prepare/tasks/RedHat.yml new file mode 100644 index 00000000..5456c9fc --- /dev/null +++ b/deploy/adapters/ansible/roles/pre-prepare/tasks/RedHat.yml @@ -0,0 +1,77 @@ +############################################################################## +# Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others. +# +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +- name: make sure ssh dir exist + file: + path: '{{ item.path }}' + owner: '{{ item.owner }}' + group: '{{ item.group }}' + state: directory + mode: 0755 + with_items: + - path: /root/.ssh + owner: root + group: root + +- name: write ssh config + copy: + content: "UserKnownHostsFile /dev/null\nStrictHostKeyChecking no" + dest: '{{ item.dest }}' + owner: '{{ item.owner }}' + group: '{{ item.group }}' + mode: 0600 + with_items: + - dest: /root/.ssh/config + owner: root + group: root + +- name: generate ssh keys + shell: if [ ! -f ~/.ssh/id_rsa.pub ]; \ + then ssh-keygen -q -t rsa -f ~/.ssh/id_rsa -N ""; \ + else echo "already gen ssh key!"; fi; + +- name: fetch ssh keys + fetch: + src: /root/.ssh/id_rsa.pub + dest: /tmp/ssh-keys-{{ ansible_hostname }} + flat: "yes" + +- authorized_key: + user: root + key: "{{ lookup('file', item) }}" + with_fileglob: + - /tmp/ssh-keys-* + - /root/.ssh/id_rsa.pub + +- name: change sources(yum) list + copy: + src: centos_base.repo + dest: /etc/yum.repos.d/centos_base.repo + +- name: Install yum packages + yum: + pkg: "{{ item }}" + state: "present" + with_items: "{{ yumpackages }}" + +- name: add the appropriate kernel modules + copy: + src: modules + dest: /etc/modules-load.d/openstack-ansible.conf + +- name: restart ntp service + shell: "systemctl enable ntpd.service && systemctl start ntpd.service" + +- name: change the MaxSessions + lineinfile: + dest: /etc/ssh/sshd_config + line: "MaxSessions 500" + +- name: restart ssh service + shell: service sshd restart diff --git a/deploy/adapters/ansible/roles/pre-prepare/tasks/Ubuntu.yml b/deploy/adapters/ansible/roles/pre-prepare/tasks/Ubuntu.yml new file mode 100644 index 00000000..a0f7d015 --- /dev/null +++ b/deploy/adapters/ansible/roles/pre-prepare/tasks/Ubuntu.yml @@ -0,0 +1,76 @@ +############################################################################## +# Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others. +# +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +- name: make sure ssh dir exist + file: + path: '{{ item.path }}' + owner: '{{ item.owner }}' + group: '{{ item.group }}' + state: directory + mode: 0755 + with_items: + - path: /root/.ssh + owner: root + group: root + +- name: write ssh config + copy: + content: "UserKnownHostsFile /dev/null\nStrictHostKeyChecking no" + dest: '{{ item.dest }}' + owner: '{{ item.owner }}' + group: '{{ item.group }}' + mode: 0600 + with_items: + - dest: /root/.ssh/config + owner: root + group: root + +- name: generate ssh keys + shell: if [ ! -f ~/.ssh/id_rsa.pub ]; \ + then ssh-keygen -q -t rsa -f ~/.ssh/id_rsa -N ""; \ + else echo "already gen ssh key!"; fi; + +- name: fetch ssh keys + fetch: + src: /root/.ssh/id_rsa.pub + dest: /tmp/ssh-keys-{{ ansible_hostname }} + flat: "yes" + +- authorized_key: + user: root + key: "{{ lookup('file', item) }}" + with_fileglob: + - /tmp/ssh-keys-* + - /root/.ssh/id_rsa.pub + +- name: change sourcesi(apt) list + template: + src: sources.list + dest: /etc/apt/sources.list + +- name: rm apt.conf + file: + path: /etc/apt/apt.conf + state: absent + +- name: restart ntp service + shell: "service ntp restart" + +- name: add the appropriate kernel modules + copy: + src: modules + dest: /etc/modules + +- name: change the MaxSessions + lineinfile: + dest: /etc/ssh/sshd_config + line: "MaxSessions 500" + +- name: restart ssh service + shell: service ssh restart diff --git a/deploy/adapters/ansible/roles/pre-prepare/tasks/main.yml b/deploy/adapters/ansible/roles/pre-prepare/tasks/main.yml index 747f5eb7..76203440 100644 --- a/deploy/adapters/ansible/roles/pre-prepare/tasks/main.yml +++ b/deploy/adapters/ansible/roles/pre-prepare/tasks/main.yml @@ -7,62 +7,8 @@ # http://www.apache.org/licenses/LICENSE-2.0 ############################################################################## --- -- name: make sure ssh dir exist - file: - path: '{{ item.path }}' - owner: '{{ item.owner }}' - group: '{{ item.group }}' - state: directory - mode: 0755 - with_items: - - path: /root/.ssh - owner: root - group: root +- include: "{{ ansible_distribution }}.yml" + when: ansible_distribution == 'Ubuntu' -- name: write ssh config - copy: - content: "UserKnownHostsFile /dev/null\nStrictHostKeyChecking no" - dest: '{{ item.dest }}' - owner: '{{ item.owner }}' - group: '{{ item.group }}' - mode: 0600 - with_items: - - dest: /root/.ssh/config - owner: root - group: root - -- name: generate ssh keys - shell: if [ ! -f ~/.ssh/id_rsa.pub ]; \ - then ssh-keygen -q -t rsa -f ~/.ssh/id_rsa -N ""; \ - else echo "already gen ssh key!"; fi; - -- name: fetch ssh keys - fetch: - src: /root/.ssh/id_rsa.pub - dest: /tmp/ssh-keys-{{ ansible_hostname }} - flat: "yes" - -- authorized_key: - user: root - key: "{{ lookup('file', item) }}" - with_fileglob: - - /tmp/ssh-keys-* - - /root/.ssh/id_rsa.pub - -- name: change sources list - template: - src: sources.list - dest: /etc/apt/sources.list - -- name: rm apt.conf - file: - path: /etc/apt/apt.conf - state: absent - -- name: restart ntp service - shell: "service ntp restart" - -- name: add the appropriate kernel modules - copy: - src: modules - dest: /etc/modules +- include: "{{ ansible_os_family }}.yml" + when: ansible_os_family == 'RedHat' and ansible_distribution_major_version == '7' diff --git a/deploy/adapters/ansible/roles/pre-prepare/vars/main.yml b/deploy/adapters/ansible/roles/pre-prepare/vars/main.yml index 66cf66bf..f44a9f9f 100644 --- a/deploy/adapters/ansible/roles/pre-prepare/vars/main.yml +++ b/deploy/adapters/ansible/roles/pre-prepare/vars/main.yml @@ -1,5 +1,5 @@ --- -packages: +aptpackages: - bridge-utils - debootstrap - ifenslave @@ -11,3 +11,10 @@ packages: - sudo - vlan - tcpdump + +yumpackages: +- bridge-utils +- iputils +- lvm2 +- ntp +- tcpdump |