summaryrefslogtreecommitdiffstats
path: root/ansible/roles
diff options
context:
space:
mode:
Diffstat (limited to 'ansible/roles')
-rw-r--r--ansible/roles/dns/defaults/main.yml3
-rw-r--r--ansible/roles/dns/handlers/main.yml6
-rw-r--r--ansible/roles/dns/tasks/main.yml16
-rw-r--r--ansible/roles/nexus/defaults/main.yml2
-rw-r--r--ansible/roles/nexus/tasks/install.yml8
-rw-r--r--ansible/roles/nfs/.yamllint11
-rw-r--r--ansible/roles/nfs/handlers/main.yml3
-rw-r--r--ansible/roles/nfs/molecule/default/molecule.yml44
-rw-r--r--ansible/roles/nfs/molecule/default/playbook.yml5
-rw-r--r--ansible/roles/nfs/molecule/default/tests/test_default.py16
-rw-r--r--ansible/roles/nfs/molecule/default/tests/test_kubernetes-server.py15
-rw-r--r--ansible/roles/nfs/molecule/default/tests/test_nfs-server.py25
-rw-r--r--ansible/roles/nfs/tasks/main.yml15
-rw-r--r--ansible/roles/nfs/templates/exports.j24
-rw-r--r--ansible/roles/nginx/defaults/main.yml2
-rw-r--r--ansible/roles/nginx/tasks/main.yml12
-rw-r--r--ansible/roles/rancher/tasks/rancher_server.yml4
-rw-r--r--ansible/roles/vncserver/defaults/main.yml3
-rw-r--r--ansible/roles/vncserver/tasks/main.yml10
19 files changed, 168 insertions, 36 deletions
diff --git a/ansible/roles/dns/defaults/main.yml b/ansible/roles/dns/defaults/main.yml
new file mode 100644
index 00000000..f69d965d
--- /dev/null
+++ b/ansible/roles/dns/defaults/main.yml
@@ -0,0 +1,3 @@
+---
+# Default rule for tarball naming translation
+dns_server_image_tar: "{{ dns_server_image | regex_replace('(\\/|\\:)', '_') }}.tar"
diff --git a/ansible/roles/dns/handlers/main.yml b/ansible/roles/dns/handlers/main.yml
index ac3209dc..9d77893a 100644
--- a/ansible/roles/dns/handlers/main.yml
+++ b/ansible/roles/dns/handlers/main.yml
@@ -1,8 +1,8 @@
---
-- name: Restart dnsmasq container
+- name: Restart dns server container
docker_container:
- name: dnsmasq
- image: andyshinn/dnsmasq:2.76
+ name: dns-server
+ image: "{{ dns_server_image }}"
command: -H /simulated_hosts --log-facility=-
capabilities: NET_ADMIN
volumes:
diff --git a/ansible/roles/dns/tasks/main.yml b/ansible/roles/dns/tasks/main.yml
index 2bc05648..3eba9fdb 100644
--- a/ansible/roles/dns/tasks/main.yml
+++ b/ansible/roles/dns/tasks/main.yml
@@ -8,21 +8,21 @@
template:
src: simulated_hosts.j2
dest: "{{ app_data_path }}/cfg/simulated_hosts"
- notify: Restart dnsmasq container
+ notify: Restart dns server container
-- name: Load dnsmasq container
+- name: Load dns server container
docker_image:
- name: andyshinn/dnsmasq:2.76
- load_path: "{{ app_data_path }}/offline_data/docker_images_infra/andyshinn_dnsmasq_2.76.tar"
+ name: "{{ dns_server_image }}"
+ load_path: "{{ infra_images_path }}/{{ dns_server_image_tar }}"
state: present
timeout: 120
- notify: Restart dnsmasq container
+ notify: Restart dns server container
-- name: Start dnsmasq container
+- name: Start dns server container
docker_container:
- name: dnsmasq
+ name: dns-server
network_mode: host
- image: andyshinn/dnsmasq:2.76
+ image: "{{ dns_server_image }}"
command: -H /simulated_hosts --log-facility=-
capabilities: NET_ADMIN
dns_servers:
diff --git a/ansible/roles/nexus/defaults/main.yml b/ansible/roles/nexus/defaults/main.yml
index 3776f44e..92089e9a 100644
--- a/ansible/roles/nexus/defaults/main.yml
+++ b/ansible/roles/nexus/defaults/main.yml
@@ -4,3 +4,5 @@ populate_nexus: false
# By dafault no additional docker images pushed to nexus at runtime
# but all images are pre-populated either at buildtime or at install time (populate_nexus).
runtime_images: {}
+# Default rule for tarball naming translation
+nexus3_image_tar: "{{ nexus3_image | regex_replace('(\\/|\\:)', '_') }}.tar"
diff --git a/ansible/roles/nexus/tasks/install.yml b/ansible/roles/nexus/tasks/install.yml
index 99d73dce..f8de5e95 100644
--- a/ansible/roles/nexus/tasks/install.yml
+++ b/ansible/roles/nexus/tasks/install.yml
@@ -8,8 +8,8 @@
- name: Load nexus image
docker_image:
- name: sonatype/nexus3
- load_path: "{{ app_data_path }}/offline_data/docker_images_infra/sonatype_nexus3_latest.tar"
+ name: "{{ nexus3_image }}"
+ load_path: "{{ infra_images_path }}/{{ nexus3_image_tar }}"
state: present
timeout: 120
@@ -18,10 +18,10 @@
name: nexus_network
state: present
-- name: Run nexus container
+- name: Start nexus server container
docker_container:
name: nexus
- image: sonatype/nexus3
+ image: "{{ nexus3_image }}"
networks:
- name: nexus_network
volumes:
diff --git a/ansible/roles/nfs/.yamllint b/ansible/roles/nfs/.yamllint
new file mode 100644
index 00000000..ad0be760
--- /dev/null
+++ b/ansible/roles/nfs/.yamllint
@@ -0,0 +1,11 @@
+extends: default
+
+rules:
+ braces:
+ max-spaces-inside: 1
+ level: error
+ brackets:
+ max-spaces-inside: 1
+ level: error
+ line-length: disable
+ truthy: disable
diff --git a/ansible/roles/nfs/handlers/main.yml b/ansible/roles/nfs/handlers/main.yml
new file mode 100644
index 00000000..4b8deaeb
--- /dev/null
+++ b/ansible/roles/nfs/handlers/main.yml
@@ -0,0 +1,3 @@
+---
+- name: reload nfs
+ command: exportfs -ra
diff --git a/ansible/roles/nfs/molecule/default/molecule.yml b/ansible/roles/nfs/molecule/default/molecule.yml
new file mode 100644
index 00000000..71e08d03
--- /dev/null
+++ b/ansible/roles/nfs/molecule/default/molecule.yml
@@ -0,0 +1,44 @@
+---
+dependency:
+ name: galaxy
+driver:
+ name: docker
+lint:
+ name: yamllint
+platforms:
+ - name: kubernetes-node-1
+ image: molecule-${PREBUILD_PLATFORM_DISTRO:-centos}:${PREBUILD_DISTRO_VERSION:-centos7.6}
+ pre_build_image: true
+ privileged: true
+ command: ${MOLECULE_DOCKER_COMMAND:-""}
+ groups:
+ - kubernetes
+ - nfs-server
+ networks:
+ - name: nfs-net
+ volumes:
+ - /sys/fs/cgroup:/sys/fs/cgroup:ro
+ - ${HOME}/data:/dockerdata-nfs:rw
+
+ - name: kubernetes-node-2
+ image: molecule-${PREBUILD_PLATFORM_DISTRO:-centos}:${PREBUILD_DISTRO_VERSION:-centos7.6}
+ pre_build_image: true
+ privileged: true
+ command: ${MOLECULE_DOCKER_COMMAND:-""}
+ groups:
+ - kubernetes
+ networks:
+ - name: nfs-net
+ volumes:
+ - /sys/fs/cgroup:/sys/fs/cgroup:ro
+provisioner:
+ name: ansible
+ inventory:
+ links:
+ group_vars: ../../../../group_vars
+ lint:
+ name: ansible-lint
+verifier:
+ name: testinfra
+ lint:
+ name: flake8
diff --git a/ansible/roles/nfs/molecule/default/playbook.yml b/ansible/roles/nfs/molecule/default/playbook.yml
new file mode 100644
index 00000000..37aad5b9
--- /dev/null
+++ b/ansible/roles/nfs/molecule/default/playbook.yml
@@ -0,0 +1,5 @@
+---
+- name: Converge
+ hosts: all
+ roles:
+ - role: nfs
diff --git a/ansible/roles/nfs/molecule/default/tests/test_default.py b/ansible/roles/nfs/molecule/default/tests/test_default.py
new file mode 100644
index 00000000..48139898
--- /dev/null
+++ b/ansible/roles/nfs/molecule/default/tests/test_default.py
@@ -0,0 +1,16 @@
+import os
+import pytest
+
+import testinfra.utils.ansible_runner
+
+testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
+ os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('all')
+
+
+@pytest.mark.parametrize('pkg', [
+ 'nfs-utils'
+])
+def test_pkg(host, pkg):
+ package = host.package(pkg)
+
+ assert package.is_installed
diff --git a/ansible/roles/nfs/molecule/default/tests/test_kubernetes-server.py b/ansible/roles/nfs/molecule/default/tests/test_kubernetes-server.py
new file mode 100644
index 00000000..b702a73d
--- /dev/null
+++ b/ansible/roles/nfs/molecule/default/tests/test_kubernetes-server.py
@@ -0,0 +1,15 @@
+import os
+
+import testinfra.utils.ansible_runner
+
+testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
+ os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('kubernetes-node-2')
+
+
+def test_nfs_mount(host):
+ mp = host.mount_point("/dockerdata-nfs")
+ assert mp.exists
+ assert mp.filesystem == "nfs"
+ assert mp.device == "kubernetes-node-1:/dockerdata-nfs"
+ assert host.file("/etc/fstab").\
+ contains("kubernetes-node-1:/dockerdata-nfs /dockerdata-nfs nfs")
diff --git a/ansible/roles/nfs/molecule/default/tests/test_nfs-server.py b/ansible/roles/nfs/molecule/default/tests/test_nfs-server.py
new file mode 100644
index 00000000..078c653e
--- /dev/null
+++ b/ansible/roles/nfs/molecule/default/tests/test_nfs-server.py
@@ -0,0 +1,25 @@
+import os
+import pytest
+
+import testinfra.utils.ansible_runner
+
+testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
+ os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('nfs-server')
+
+
+@pytest.mark.parametrize('svc', [
+ 'rpcbind',
+ 'nfs-server'
+])
+def test_svc(host, svc):
+ service = host.service(svc)
+
+ assert service.is_running
+ assert service.is_enabled
+
+
+def test_exports(host):
+ f = host.file("/etc/exports")
+ assert f.exists
+ assert f.content_string == \
+ """/dockerdata-nfs kubernetes-node-2(rw,sync,no_root_squash,no_subtree_check)""" # noqa: E501
diff --git a/ansible/roles/nfs/tasks/main.yml b/ansible/roles/nfs/tasks/main.yml
index aca1771f..e7580b66 100644
--- a/ansible/roles/nfs/tasks/main.yml
+++ b/ansible/roles/nfs/tasks/main.yml
@@ -9,7 +9,7 @@
package:
name: "{{ item }}"
state: present
- with_items: "{{ nfs_packages[ansible_os_family] }}"
+ loop: "{{ nfs_packages[ansible_os_family] }}"
- name: Setup nfs server
block:
@@ -17,22 +17,25 @@
systemd:
name: "{{ item }}"
state: started
- with_items: "{{ nfs_services[ansible_os_family] }}"
+ enabled: true
+ loop: "{{ nfs_services[ansible_os_family] }}"
- name: Add hosts to exports
template:
src: exports.j2
dest: /etc/exports
-
- - name: Export nfs
- command: exportfs -ar
+ notify:
+ - reload nfs
when:
- "'nfs-server' in group_names"
+- name: Force notified handlers to run at this point
+ meta: flush_handlers
+
- name: Mount dockerdata-nfs
mount:
path: "{{ nfs_mount_path }}"
- src: "{{ hostvars[groups['nfs-server'].0].ansible_host }}:{{ nfs_mount_path }}"
+ src: "{{ hostvars[groups['nfs-server'].0].ansible_host | default(hostvars[groups['nfs-server'].0].inventory_hostname) }}:{{ nfs_mount_path }}"
fstype: nfs
state: mounted
when:
diff --git a/ansible/roles/nfs/templates/exports.j2 b/ansible/roles/nfs/templates/exports.j2
index 1f6956c2..465c9d21 100644
--- a/ansible/roles/nfs/templates/exports.j2
+++ b/ansible/roles/nfs/templates/exports.j2
@@ -1,3 +1,3 @@
-{% for host in groups.kubernetes[1:] -%}
- {{ nfs_mount_path }} {{ hostvars[host].ansible_host }}(rw,sync,no_root_squash,no_subtree_check)
+{% for host in groups.kubernetes | difference(groups['nfs-server']) -%}
+ {{ nfs_mount_path }} {{ hostvars[host].ansible_host | default(hostvars[host].inventory_hostname) }}(rw,sync,no_root_squash,no_subtree_check)
{% endfor %}
diff --git a/ansible/roles/nginx/defaults/main.yml b/ansible/roles/nginx/defaults/main.yml
index 7c9fa0be..260de9bf 100644
--- a/ansible/roles/nginx/defaults/main.yml
+++ b/ansible/roles/nginx/defaults/main.yml
@@ -19,3 +19,5 @@ nginx:
- "{{ app_data_path }}/pkg/rhel:/srv/http/repo.infra-server/rhel:rw"
- "{{ app_data_path }}/pkg/ubuntu/xenial:/srv/http/repo.infra-server/ubuntu/xenial:rw"
- /var/log/nginx:/var/log/nginx:rw
+# Default rule for tarball naming translation
+nginx_server_image_tar: "{{ nginx_server_image | regex_replace('(\\/|\\:)', '_') }}.tar"
diff --git a/ansible/roles/nginx/tasks/main.yml b/ansible/roles/nginx/tasks/main.yml
index 1ec0adbc..54a0c818 100644
--- a/ansible/roles/nginx/tasks/main.yml
+++ b/ansible/roles/nginx/tasks/main.yml
@@ -9,10 +9,10 @@
src: nginx.conf.j2
dest: "{{ app_data_path }}/cfg/nginx.conf"
-- name: Load nginx image
+- name: Load nginx server image
docker_image:
- name: own_nginx
- load_path: "{{ app_data_path }}/offline_data/docker_images_infra/own_nginx_latest.tar"
+ name: "{{ nginx_server_image }}"
+ load_path: "{{ infra_images_path }}/{{ nginx_server_image_tar }}"
state: present
timeout: 120
@@ -21,10 +21,10 @@
name: nexus_network
state: present
-- name: Start nginx
+- name: Start nginx server container
docker_container:
- name: own_nginx
- image: own_nginx
+ name: nginx-server
+ image: "{{ nginx_server_image }}"
networks:
- name: nexus_network
ports: "{{ nginx.ports }}"
diff --git a/ansible/roles/rancher/tasks/rancher_server.yml b/ansible/roles/rancher/tasks/rancher_server.yml
index ebee6cc7..e1eb5a5d 100644
--- a/ansible/roles/rancher/tasks/rancher_server.yml
+++ b/ansible/roles/rancher/tasks/rancher_server.yml
@@ -1,9 +1,9 @@
---
# DO NOT ADD SPACE AROUND ';'
-- name: Start rancher/server:{{ rancher_server_version }}
+- name: Start rancher server container
docker_container:
name: rancher-server
- image: rancher/server:{{ rancher_server_version }}
+ image: "{{ rancher_server_image }}"
command: ["sh", "-c", "/usr/sbin/update-ca-certificates;/usr/bin/entry /usr/bin/s6-svscan /service"]
ports: 8080:8080
state: started
diff --git a/ansible/roles/vncserver/defaults/main.yml b/ansible/roles/vncserver/defaults/main.yml
new file mode 100644
index 00000000..e74ccb7c
--- /dev/null
+++ b/ansible/roles/vncserver/defaults/main.yml
@@ -0,0 +1,3 @@
+---
+# Default rule for tarball naming translation
+vnc_server_image_tar: "{{ vnc_server_image | regex_replace('(\\/|\\:)', '_') }}.tar"
diff --git a/ansible/roles/vncserver/tasks/main.yml b/ansible/roles/vncserver/tasks/main.yml
index 56ae707b..b1aaed9e 100644
--- a/ansible/roles/vncserver/tasks/main.yml
+++ b/ansible/roles/vncserver/tasks/main.yml
@@ -1,15 +1,15 @@
---
- name: Load VNC server image
docker_image:
- name: consol/centos-icewm-vnc:latest
- load_path: '{{ app_data_path }}/offline_data/docker_images_infra/consol_centos_icewm_vnc_latest.tar'
+ name: "{{ vnc_server_image }}"
+ load_path: "{{ infra_images_path }}/{{ vnc_server_image_tar }}"
state: present
timeout: 120
-- name: Run VNC server
+- name: Start VNC server container
docker_container:
- name: vnc_server
- image: consol/centos-icewm-vnc
+ name: vnc-server
+ image: "{{ vnc_server_image }}"
state: started
restart_policy: unless-stopped
ports: