We don't run a cloud anymore and don't use these. With the cfg
management update effort, it's unlikely we'd use them in the form they
are in even if we did get more hardware and decide to run a cloud again.
Remove them for clarity.
Change-Id: I88f58fc7f2768ad60c5387eb775a340cac2c822a
We have an ansible logging location defined in ansible.cfg. We don't
need to override it in run_all.sh.
Change-Id: I7f0a8b70a1ccd7a43ce47a3f452b6d0d5c57e96a
We copied this over from puppetmaster, but let's manage it in ansible.
The key has been renamed in host_vars on bridge.openstack.org already.
Change-Id: Ia102dbe2ae2836880092b8997cb99135f5197b00
The CentOS tasks run inside of a loop in tasks/main.yaml. That means
that item has been defined in the loop there. While it's currently
working, go ahead and add loop_control.loop_var to remove the clash.
Change-Id: I0e8288c35645945aa9b43fb02c29576c1ad31d7e
puppet wants the code to be in /opt/system-config/production because of
the environment config. bridge just wants /opt/system-config because
it's an ansible server.
Rather than relying on inferring things, just be explicit about what we
want where.
Depends-On: https://review.openstack.org/593134
Change-Id: I9e749d2c50f7d8a7b0681fe48f38f4741c8a8d01
This is not a variable describing the system-under-management
bridge.openstack.org - it's a variable that is always true for all
systems in the puppet group.
As a result, update the puppet apply test to figure out which directory
we should be copying modules _from_ - since the puppet4 tests will be
unhappy otherwise.
Change-Id: Iddee83944bd85f69acf4fcfde83dc70304386baf
Ansible handles rsyslog, so rather than having both systems attempting
to manage the service, just let Ansible do it. However, we still install
the haproxy rsyslog config file in Puppet for now. The downside of that
is that an initial server build, or change to the config file, will not
cause rsyslog to reload. That will need to be done manually until the
rest of this is ported to Ansible.
Change-Id: I19060fddf55e7e9f7030e49592f20a4a7faca429
The first entry is where ansible galaxy will install roles. We want that
to be /etc/ansible/roles, not overlaid on the system-config repo.
Pass --roles-path to ansible-galaxy to make sure they go to the right
place.
Change-Id: I109dc004acad32a515c6a1caca50ab38edc62aed
file: state=touch returns changed every time. Instead, put the log files
into a /var/log/ansible directory.
Change-Id: I086d803f0e532b9da41cb01d4e7d2ed66245dfc1
We don't manage the ssl cert (or anything else) on
openstackid-resources.openstack.org. Lets stop checking when its cert
expires as it appears to have auto renewing short term cert validity
(which results in a lot of email).
Change-Id: I9f08a09d76b2862de89a6ee022ade1ac637d9aeb
Replace launch-node.py with launch-node-ansible.py. Update it to
delete the inventory cache correctly.
Also, update the docs to list Bionic by default rather than Trusty.
Change-Id: Iadda897b7e71dc12c8db4ced120894054169bbb8
We have a bunch of this handled now in ansible, so remove the old stuff.
Remove puppetmaster group management files. It's confusing for there to
be two files. Remove the old one.
Remove mqtt config. This isn't really a thing currently, and we're
eyeing running things from zuul anyway, so no need to port to ansible.
Change-Id: I8b64d21eadcc4a08bd5e5440fc5f756ae5bcd46b
restricted is supported software that is non-free.
multiverse is unsupported software that is non-free.
Use of software from either would be unacceptable on any Infra server,
so remove them from the sources.list files.
While we're in there, clean things up a little bit and add an arm file
for bionic.
Change-Id: I55a3b3d411e8a3496a4e6910baaf72f3c192e9d4
This was a setting added for infra cloud that had to do with bootstrap
order. It seems to have been cargo-culted elsewhere. Remove it. Let's be
specific with our sources.list files.
Change-Id: Iefbd59ad20e9fdc450d9a0c4e58b9cf4a89ff5a3
Rather than copying these out of system-config inside of
install-ansible, just point the ansible.cfg to them in the system-config
location. This way as changes come in that have group updates we don't
have to first apply them to the system.
Change-Id: I1cefd7848b7f3f1adc8fbfa080eb9831124a297b
The puppet playbooks were some of the first we wrote, so they're
slightly wonky.
Remove '---' lines that are completely unnecessary.
Fix indentation.
Move some variables that are the same everywhere into
ansible variables.
Put puppet related variables into the puppet group_vars.
Stop running puppet on localhost in the git playbook.
Change-Id: I2d2a4acccd3523f1931ebec5977771d5a310a0c7
The production directory is a relic from the puppet environment concept,
which we do not use. Remove it.
The puppet apply tests run puppet locally, where the production
environment is still needed, so don't update the paths in the
tools/prep-apply.sh.
Depends-On: https://review.openstack.org/592946
Change-Id: I82572cc616e3c994eab38b0de8c3c72cb5ec5413
The mirror that we were using seems to be out of date and not
properly updated, causing jobs to fail.
This fixes this issue by updating from the mirror from Kernel.org
which seems to stable and it has all the needed updated packages.
Change-Id: I079d9dd8a34e24b33ee35d4dad934e8ca4b60cee
We do this for zuul jobs already, so let's do it for our production
runs.
Shift the inventory cache location down a directory so that launch-node
can invalidate the inventory cache.
Change-Id: I52b1c48d091c07e4205c1a7233448925ca26d8d3
Now that we've got base server stuff rewritten in ansible, remove the
old puppet versions.
Depends-On: https://review.openstack.org/588326
Change-Id: I5c82fe6fd25b9ddaa77747db377ffa7e8bf23c7b
