diff options
| -rw-r--r-- | .gitignore | 1 | ||||
| -rw-r--r-- | README_vagrant.md | 25 | ||||
| -rw-r--r-- | Vagrantfile | 62 | ||||
| -rwxr-xr-x | bin/ohi | 15 | ||||
| -rw-r--r-- | bin/openshift-ansible-bin.spec | 17 | ||||
| -rw-r--r-- | bin/openshift_ansible/utils.py | 30 | ||||
| -rwxr-xr-x | bin/opscp | 133 | ||||
| -rwxr-xr-x | bin/opssh | 277 | ||||
| -rw-r--r-- | playbooks/common/openshift-node/config.yml | 4 | ||||
| -rw-r--r-- | rel-eng/packages/openshift-ansible-bin | 2 | ||||
| -rw-r--r-- | roles/ansible_tower/tasks/main.yaml | 10 | ||||
| -rw-r--r-- | roles/ansible_tower_cli/README.md | 50 | ||||
| -rw-r--r-- | roles/ansible_tower_cli/defaults/main.yml | 2 | ||||
| -rw-r--r-- | roles/ansible_tower_cli/handlers/main.yml | 2 | ||||
| -rw-r--r-- | roles/ansible_tower_cli/meta/main.yml | 9 | ||||
| -rw-r--r-- | roles/ansible_tower_cli/tasks/main.yml | 11 | ||||
| -rw-r--r-- | roles/ansible_tower_cli/templates/tower_cli.cfg.j2 | 5 | ||||
| -rw-r--r-- | roles/ansible_tower_cli/vars/main.yml | 2 | ||||
| -rw-r--r-- | roles/openshift_master/tasks/main.yml | 11 |
19 files changed, 519 insertions, 149 deletions
diff --git a/.gitignore b/.gitignore index e25d99eeb..cacc711a1 100644 --- a/.gitignore +++ b/.gitignore @@ -15,3 +15,4 @@ .DS_Store gce.ini multi_ec2.yaml +.vagrant diff --git a/README_vagrant.md b/README_vagrant.md new file mode 100644 index 000000000..e3b3b5551 --- /dev/null +++ b/README_vagrant.md @@ -0,0 +1,25 @@ +Requirements +------------ +- vagrant (tested against version 1.7.2) +- vagrant-hostmaster plugin (tested against version 1.5.0) +- vagrant-libvirt (tested against version 0.0.26) + - Only required if using libvirt instead of virtualbox + +Usage +----- +``` +vagrant up --no-provision +vagrant provision +``` + +Using libvirt: +``` +vagrant up --provider=libvirt --no-provision +vagrant provision +``` + +Environment Variables +--------------------- +The following environment variables can be overriden: +- OPENSHIFT_DEPLOYMENT_TYPE (defaults to origin, choices: origin, enterprise, online) +- OPENSHIFT_NUM_NODES (the number of nodes to create, defaults to 2) diff --git a/Vagrantfile b/Vagrantfile new file mode 100644 index 000000000..648bc5171 --- /dev/null +++ b/Vagrantfile @@ -0,0 +1,62 @@ +# -*- mode: ruby -*- +# vi: set ft=ruby : +VAGRANTFILE_API_VERSION = "2" + +unless Vagrant.has_plugin?("vagrant-hostmanager") + raise 'vagrant-hostmanager plugin is required' +end + +Vagrant.configure(VAGRANTFILE_API_VERSION) do |config| + + deployment_type = ENV['OPENSHIFT_DEPLOYMENT_TYPE'] || 'origin' + num_nodes = (ENV['OPENSHIFT_NUM_NODES'] || 2).to_i + + config.hostmanager.enabled = true + config.hostmanager.manage_host = true + config.hostmanager.include_offline = true + config.ssh.insert_key = false + config.vm.provider "virtualbox" do |vbox, override| + override.vm.box = "chef/centos-7.1" + vbox.memory = 1024 + vbox.cpus = 2 + + # Enable multiple guest CPUs if available + vbox.customize ["modifyvm", :id, "--ioapic", "on"] + end + + config.vm.provider "libvirt" do |libvirt, override| + libvirt.cpus = 2 + libvirt.memory = 1024 + libvirt.driver = 'kvm' + override.vm.box = "centos-7.1" + override.vm.box_url = "https://download.gluster.org/pub/gluster/purpleidea/vagrant/centos-7.1/centos-7.1.box" + override.vm.box_download_checksum = "b2a9f7421e04e73a5acad6fbaf4e9aba78b5aeabf4230eebacc9942e577c1e05" + override.vm.box_download_checksum_type = "sha256" + end + + num_nodes.times do |n| + node_index = n+1 + config.vm.define "node#{node_index}" do |node| + node.vm.hostname = "ose3-node#{node_index}.example.com" + node.vm.network :private_network, ip: "192.168.100.#{200 + n}" + end + end + + config.vm.define "master" do |master| + master.vm.hostname = "ose3-master.example.com" + master.vm.network :private_network, ip: "192.168.100.100" + master.vm.network :forwarded_port, guest: 8443, host: 8443 + master.vm.provision "ansible" do |ansible| + ansible.limit = 'all' + ansible.sudo = true + ansible.groups = { + "masters" => ["master"], + "nodes" => ["node1", "node2"], + } + ansible.extra_vars = { + openshift_deployment_type: "origin", + } + ansible.playbook = "playbooks/byo/config.yml" + end + end +end @@ -12,12 +12,15 @@ import subprocess import ConfigParser from openshift_ansible import awsutil +from openshift_ansible import utils from openshift_ansible.awsutil import ArgumentError CONFIG_MAIN_SECTION = 'main' CONFIG_HOST_TYPE_ALIAS_SECTION = 'host_type_aliases' CONFIG_INVENTORY_OPTION = 'inventory' + + class Ohi(object): def __init__(self): self.inventory = None @@ -60,8 +63,12 @@ class Ohi(object): # We weren't able to determine what they wanted to do raise ArgumentError("Invalid combination of arguments") - for host in hosts: - print host + for host in sorted(hosts, key=utils.normalize_dnsname): + if self.args.user: + print "%s@%s" % (self.args.user, host) + else: + print host + return 0 def parse_config_file(self): @@ -94,6 +101,10 @@ class Ohi(object): parser.add_argument('-t', '--host-type', action="store", help="Which host type to use") + parser.add_argument('-l', '--user', action='store', default=None, + help='username') + + self.args = parser.parse_args() diff --git a/bin/openshift-ansible-bin.spec b/bin/openshift-ansible-bin.spec index c7db6f684..30c0868c3 100644 --- a/bin/openshift-ansible-bin.spec +++ b/bin/openshift-ansible-bin.spec @@ -1,6 +1,6 @@ Summary: OpenShift Ansible Scripts for working with metadata hosts Name: openshift-ansible-bin -Version: 0.0.8 +Version: 0.0.11 Release: 1%{?dist} License: ASL 2.0 URL: https://github.com/openshift/openshift-ansible @@ -23,7 +23,7 @@ mkdir -p %{buildroot}%{python_sitelib}/openshift_ansible mkdir -p %{buildroot}/etc/bash_completion.d mkdir -p %{buildroot}/etc/openshift_ansible -cp -p ossh oscp opssh ohi %{buildroot}%{_bindir} +cp -p ossh oscp opssh opscp ohi %{buildroot}%{_bindir} cp -p openshift_ansible/* %{buildroot}%{python_sitelib}/openshift_ansible cp -p ossh_bash_completion %{buildroot}/etc/bash_completion.d @@ -36,6 +36,19 @@ cp -p openshift_ansible.conf.example %{buildroot}/etc/openshift_ansible/openshif %config(noreplace) /etc/openshift_ansible/ %changelog +* Mon May 04 2015 Thomas Wiest <twiest@redhat.com> 0.0.11-1 +- changed opssh to a bash script using ohi to make it easier to maintain, and + to expose all of the pssh features directly. (twiest@redhat.com) +- Added --user option to ohi to pre-pend the username in the hostlist output. + (twiest@redhat.com) +- Added utils.py that contains a normalize_dnsname function good for sorting + dns names to a human readable list. (twiest@redhat.com) + +* Thu Apr 30 2015 Thomas Wiest <twiest@redhat.com> 0.0.10-1 +- added --list-host-types option to opscp (twiest@redhat.com) + +* Thu Apr 30 2015 Thomas Wiest <twiest@redhat.com> 0.0.9-1 +- added opscp (twiest@redhat.com) * Mon Apr 13 2015 Thomas Wiest <twiest@redhat.com> 0.0.8-1 - fixed bug in opssh where it wouldn't actually run pssh (twiest@redhat.com) diff --git a/bin/openshift_ansible/utils.py b/bin/openshift_ansible/utils.py new file mode 100644 index 000000000..e6243aa5a --- /dev/null +++ b/bin/openshift_ansible/utils.py @@ -0,0 +1,30 @@ +#!/usr/bin/env python +# vim: expandtab:tabstop=4:shiftwidth=4 + +''' The purpose of this module is to contain small utility functions. +''' + +import re + +def normalize_dnsname(name, padding=10): + ''' The purpose of this function is to return a dns name with zero padding, + so that it sorts properly (as a human would expect). + + Example: name=ex-lrg-node10.prod.rhcloud.com + Returns: ex-lrg-node0000000010.prod.rhcloud.com + + Example Usage: + sorted(['a3.example.com', 'a10.example.com', 'a1.example.com'], + key=normalize_dnsname) + + Returns: ['a1.example.com', 'a3.example.com', 'a10.example.com'] + ''' + parts = re.split(r'(\d+)', name) + retval = [] + for part in parts: + if re.match(r'^\d+$', part): + retval.append(part.zfill(padding)) + else: + retval.append(part) + + return ''.join(retval) diff --git a/bin/opscp b/bin/opscp new file mode 100755 index 000000000..32fd341b9 --- /dev/null +++ b/bin/opscp @@ -0,0 +1,133 @@ +#!/bin/bash +# vim: expandtab:tabstop=4:shiftwidth=4 + + +function usage() { + cat << EOF +Usage: opscp [OPTIONS] local remote + +Options: + --version show program's version number and exit + --help show this help message and exit + -l USER, --user=USER username (OPTIONAL) + -p PAR, --par=PAR max number of parallel threads (OPTIONAL) + --outdir=OUTDIR output directory for stdout files (OPTIONAL) + --errdir=ERRDIR output directory for stderr files (OPTIONAL) + -e ENV, --env ENV which environment to use + -t HOST_TYPE, --host-type HOST_TYPE + which host type to use + --list-host-types list all of the host types + --timeout=TIMEOUT timeout (secs) (0 = no timeout) per host (OPTIONAL) + -O OPTION, --option=OPTION + SSH option (OPTIONAL) + -v, --verbose turn on warning and diagnostic messages (OPTIONAL) + -A, --askpass Ask for a password (OPTIONAL) + -x ARGS, --extra-args=ARGS + Extra command-line arguments, with processing for + spaces, quotes, and backslashes + -X ARG, --extra-arg=ARG + Extra command-line argument + -r, --recursive recusively copy directories (OPTIONAL) + +Example: opscp -t ex-srv -e stg -l irb2 foo.txt /home/irb2/foo.txt + +EOF +} + +if [ $# -eq 0 ] || [ "$1" == "--help" ] +then + usage + exit 1 +fi + +# See if ohi is installed +if ! which ohi &>/dev/null ; then + echo "ERROR: can't find ohi (OpenShift Host Inventory) on your system, please either install the openshift-ansible-bin package, or add openshift-ansible/bin to your path." + + exit 10 +fi + +PAR=200 +USER=root +TIMEOUT=0 +ENV="" +HOST_TYPE="" + +while [ $# -gt 0 ] ; do + case $1 in + -t|--host-type) + shift # get past the option + HOST_TYPE=$1 + shift # get past the value of the option + ;; + + -e) + shift # get past the option + ENV=$1 + shift # get past the value of the option + ;; + + --timeout) + shift # get past the option + TIMEOUT=$1 + shift # get past the value of the option + ;; + + -p|--par) + shift # get past the option + PAR=$1 + shift # get past the value of the option + ;; + + -l|--user) + shift # get past the option + USER=$1 + shift # get past the value of the option + ;; + + --list-host-types) + ohi --list-host-types + exit 0 + ;; + + -h|--hosts|-H|--host|-o) + echo "ERROR: unknown option $1" + exit 20 + ;; + + *) + args+=("$1") + shift + ;; + esac +done + +if [ -z "$ENV" ] +then + echo + echo "-e is a required paramemeter" + echo + exit 10 +fi + +if [ -z "$HOST_TYPE" ] +then + echo + echo "-t is a required paramemeter" + echo + exit 15 +fi + +# See if the ohi options are valid +HOSTS="$(ohi -t "$HOST_TYPE" -e "$ENV" 2>/dev/null)" +ECODE=$? +if [ $ECODE -ne 0 ] ; then + echo + echo "ERROR: ohi failed with exit code $ECODE" + echo + echo "This is usually caused by a bad value passed for host-type or environment." + echo + exit 25 +fi + +exec pscp.pssh -t $TIMEOUT -p $PAR -l $USER -h <(echo "$HOSTS") "${args[@]}" @@ -1,146 +1,137 @@ -#!/usr/bin/env python +#!/bin/bash # vim: expandtab:tabstop=4:shiftwidth=4 -import argparse -import traceback -import sys -import os -import re -import tempfile -import time -import subprocess -import ConfigParser -from openshift_ansible import awsutil -from openshift_ansible.awsutil import ArgumentError - -DEFAULT_PSSH_PAR = 200 -PSSH = '/usr/bin/pssh' -CONFIG_MAIN_SECTION = 'main' -CONFIG_HOST_TYPE_ALIAS_SECTION = 'host_type_aliases' -CONFIG_INVENTORY_OPTION = 'inventory' - -class Opssh(object): - def __init__(self): - self.inventory = None - self.host_type_aliases = {} - self.file_path = os.path.join(os.path.dirname(os.path.realpath(__file__))) - - # Default the config path to /etc - self.config_path = os.path.join(os.path.sep, 'etc', \ - 'openshift_ansible', \ - 'openshift_ansible.conf') - - self.parse_cli_args() - self.parse_config_file() - - self.aws = awsutil.AwsUtil(self.inventory, self.host_type_aliases) - - def run(self): - if self.args.list_host_types: - self.aws.print_host_types() - return 0 - - if self.args.host_type is not None or \ - self.args.env is not None: - return self.run_pssh() - - # We weren't able to determine what they wanted to do - raise ArgumentError("Invalid combination of arguments") - - def run_pssh(self): - """Actually run the pssh command based off of the supplied options - """ - - # Default set of options - pssh_args = [PSSH, '-t', '0', '-p', str(self.args.par), '--user', self.args.user] - - if self.args.inline: - pssh_args.append("--inline") - - if self.args.outdir: - pssh_args.extend(["--outdir", self.args.outdir]) - - if self.args.errdir: - pssh_args.extend(["--errdir", self.args.errdir]) - - hosts = self.aws.get_host_list(host_type=self.args.host_type, - env=self.args.env) - - with tempfile.NamedTemporaryFile(prefix='opssh-', delete=True) as f: - for h in hosts: - f.write(h + os.linesep) - f.flush() - - pssh_args.extend(["-h", f.name]) - pssh_args.append(self.args.command) - - print - print "Running: %s" % ' '.join(pssh_args) - print - return subprocess.call(pssh_args) - - return None - - def parse_config_file(self): - if os.path.isfile(self.config_path): - config = ConfigParser.ConfigParser() - config.read(self.config_path) - - if config.has_section(CONFIG_MAIN_SECTION) and \ - config.has_option(CONFIG_MAIN_SECTION, CONFIG_INVENTORY_OPTION): - self.inventory = config.get(CONFIG_MAIN_SECTION, CONFIG_INVENTORY_OPTION) - - self.host_type_aliases = {} - if config.has_section(CONFIG_HOST_TYPE_ALIAS_SECTION): - for alias in config.options(CONFIG_HOST_TYPE_ALIAS_SECTION): - value = config.get(CONFIG_HOST_TYPE_ALIAS_SECTION, alias).split(',') - self.host_type_aliases[alias] = value - - def parse_cli_args(self): - """Setup the command line parser with the options we want - """ - - parser = argparse.ArgumentParser(description='Openshift Online PSSH Tool.') - - parser.add_argument('--list-host-types', default=False, action='store_true', - help='List all of the host types') - - parser.add_argument('-e', '--env', action="store", - help="Which environment to use") - - parser.add_argument('-t', '--host-type', action="store", default=None, - help="Which host type to use") - - parser.add_argument('-c', '--command', action='store', - help='Command to run on remote host(s)') - - parser.add_argument('--user', action='store', default='root', - help='username') - - parser.add_argument('-i', '--inline', default=False, action='store_true', - help='inline aggregated output and error for each server') - - parser.add_argument('-p', '--par', action='store', default=DEFAULT_PSSH_PAR, - help=('max number of parallel threads (default %s)' % DEFAULT_PSSH_PAR)) - - parser.add_argument('--outdir', action='store', - help='output directory for stdout files') - - parser.add_argument('--errdir', action='store', - help='output directory for stderr files') - - self.args = parser.parse_args() - - -if __name__ == '__main__': - if len(sys.argv) == 1: - print "\nError: No options given. Use --help to see the available options\n" - sys.exit(0) - - try: - opssh = Opssh() - exitcode = opssh.run() - sys.exit(exitcode) - except ArgumentError as e: - print "\nError: %s\n" % e.message +function usage() { + cat << EOF +Usage: opssh [OPTIONS] command [...] + +Options: + --version show program's version number and exit + --help show this help message and exit + -l USER, --user=USER username (OPTIONAL) + -p PAR, --par=PAR max number of parallel threads (OPTIONAL) + --outdir=OUTDIR output directory for stdout files (OPTIONAL) + --errdir=ERRDIR output directory for stderr files (OPTIONAL) + -e ENV, --env ENV which environment to use + -t HOST_TYPE, --host-type HOST_TYPE + which host type to use + --list-host-types list all of the host types + --timeout=TIMEOUT timeout (secs) (0 = no timeout) per host (OPTIONAL) + -O OPTION, --option=OPTION + SSH option (OPTIONAL) + -v, --verbose turn on warning and diagnostic messages (OPTIONAL) + -A, --askpass Ask for a password (OPTIONAL) + -x ARGS, --extra-args=ARGS + Extra command-line arguments, with processing for + spaces, quotes, and backslashes + -X ARG, --extra-arg=ARG + Extra command-line argument + -i, --inline inline aggregated output and error for each server + --inline-stdout inline standard output for each server + -I, --send-input read from standard input and send as input to ssh + -P, --print print output as we get it + +Example: opssh -t ex-srv -e stg -l irb2 --outdir /tmp/foo uptime + +EOF +} + +if [ $# -eq 0 ] || [ "$1" == "--help" ] +then + usage + exit 1 +fi + +# See if ohi is installed +if ! which ohi &>/dev/null ; then + echo "ERROR: can't find ohi (OpenShift Host Inventory) on your system, please either install the openshift-ansible-bin package, or add openshift-ansible/bin to your path." + + exit 10 +fi + +PAR=200 +USER=root +TIMEOUT=0 +ARGS=() +ENV="" +HOST_TYPE="" +while [ $# -gt 0 ] ; do + case $1 in + -t|--host-type) + shift # get past the option + HOST_TYPE=$1 + shift # get past the value of the option + ;; + + -e) + shift # get past the option + ENV=$1 + shift # get past the value of the option + ;; + + --timeout) + shift # get past the option + TIMEOUT=$1 + shift # get past the value of the option + ;; + + -p|--par) + shift # get past the option + PAR=$1 + shift # get past the value of the option + ;; + + -l|--user) + shift # get past the option + USER=$1 + shift # get past the value of the option + ;; + + --list-host-types) + ohi --list-host-types + exit 0 + ;; + + -h|--hosts|-H|--host|-o) + echo "ERROR: unknown option $1" + exit 20 + ;; + + *) + args+=("$1") + shift + ;; + esac +done + +if [ -z "$ENV" ] +then + echo + echo "-e is a required paramemeter" + echo + exit 10 +fi + +if [ -z "$HOST_TYPE" ] +then + echo + echo "-t is a required paramemeter" + echo + exit 15 +fi + +# See if the ohi options are valid +HOSTS="$(ohi -t "$HOST_TYPE" -e "$ENV" 2>/dev/null)" +ECODE=$? + +if [ $ECODE -ne 0 ] ; then + echo + echo "ERROR: ohi failed with exit code $ECODE" + echo + echo "This is usually caused by a bad value passed for host-type or environment." + echo + exit 25 +fi + +exec pssh -t $TIMEOUT -p $PAR -l $USER -h <(echo "$HOSTS") "${args[@]}" diff --git a/playbooks/common/openshift-node/config.yml b/playbooks/common/openshift-node/config.yml index 5a6c89489..433cfeb87 100644 --- a/playbooks/common/openshift-node/config.yml +++ b/playbooks/common/openshift-node/config.yml @@ -28,6 +28,8 @@ - name: Create temp directory for syncing certs hosts: localhost + connection: local + sudo: false gather_facts: no tasks: - name: Create local temp directory for syncing certs @@ -112,6 +114,8 @@ - name: Delete temporary directory on localhost hosts: localhost + connection: local + sudo: false gather_facts: no tasks: - file: name={{ mktemp.stdout }} state=absent diff --git a/rel-eng/packages/openshift-ansible-bin b/rel-eng/packages/openshift-ansible-bin index 500e1f4b1..a114d6ccb 100644 --- a/rel-eng/packages/openshift-ansible-bin +++ b/rel-eng/packages/openshift-ansible-bin @@ -1 +1 @@ -0.0.8-1 bin/ +0.0.11-1 bin/ diff --git a/roles/ansible_tower/tasks/main.yaml b/roles/ansible_tower/tasks/main.yaml index 1d75a95e6..d27c48e6a 100644 --- a/roles/ansible_tower/tasks/main.yaml +++ b/roles/ansible_tower/tasks/main.yaml @@ -9,7 +9,6 @@ - ansible - telnet - ack - - python-ansible-tower-cli - name: download Tower setup get_url: url=http://releases.ansible.com/ansible-tower/setup/ansible-tower-setup-2.1.1.tar.gz dest=/opt/ force=no @@ -32,3 +31,12 @@ - name: Set (httpd_can_network_connect_db) flag on and keep it persistent across reboots seboolean: name=httpd_can_network_connect_db state=yes persistent=yes +- name: Setup proot to allow access to /etc/tower/ + lineinfile: + dest: /etc/tower/settings.py + backrefs: yes + regexp: "^({{ item.option }})( *)=" + line: '\1\2 = {{ item.value }}' + with_items: config_changes | default([]) + + diff --git a/roles/ansible_tower_cli/README.md b/roles/ansible_tower_cli/README.md new file mode 100644 index 000000000..d2d68146f --- /dev/null +++ b/roles/ansible_tower_cli/README.md @@ -0,0 +1,50 @@ +ansible_tower_cli +============== + +Install ansible-tower-cli rpm. + +Requirements +------------ + +None + +Role Variables +-------------- + +None + +Dependencies +------------ + +None + +Example Playbook +---------------- + +Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: + + - hosts: servers + roles: + - roles/ansible_tower_cli + +License +------- + +Copyright 2012-2014 Red Hat, Inc., All rights reserved. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. + +Author Information +------------------ + +openshift operations diff --git a/roles/ansible_tower_cli/defaults/main.yml b/roles/ansible_tower_cli/defaults/main.yml new file mode 100644 index 000000000..bef66bbfd --- /dev/null +++ b/roles/ansible_tower_cli/defaults/main.yml @@ -0,0 +1,2 @@ +--- +# defaults file for ansible_tower_cli diff --git a/roles/ansible_tower_cli/handlers/main.yml b/roles/ansible_tower_cli/handlers/main.yml new file mode 100644 index 000000000..0ce873648 --- /dev/null +++ b/roles/ansible_tower_cli/handlers/main.yml @@ -0,0 +1,2 @@ +--- +# handlers file for ansible_tower_cli diff --git a/roles/ansible_tower_cli/meta/main.yml b/roles/ansible_tower_cli/meta/main.yml new file mode 100644 index 000000000..41dd23720 --- /dev/null +++ b/roles/ansible_tower_cli/meta/main.yml @@ -0,0 +1,9 @@ +--- +galaxy_info: + author: openshift operations name + description: install ansible-tower-cli + company: Red Hat, inc + license: ASL 2.0 + min_ansible_version: 1.2 +dependencies: [] + diff --git a/roles/ansible_tower_cli/tasks/main.yml b/roles/ansible_tower_cli/tasks/main.yml new file mode 100644 index 000000000..65aa6bdf4 --- /dev/null +++ b/roles/ansible_tower_cli/tasks/main.yml @@ -0,0 +1,11 @@ +--- +- name: Install python-ansible-tower-cli + yum: name=python-ansible-tower-cli + +- template: + src: tower_cli.cfg.j2 + dest: /etc/tower/tower_cli.cfg + owner: awx + group: awx + mode: 0640 + diff --git a/roles/ansible_tower_cli/templates/tower_cli.cfg.j2 b/roles/ansible_tower_cli/templates/tower_cli.cfg.j2 new file mode 100644 index 000000000..5a0a275b0 --- /dev/null +++ b/roles/ansible_tower_cli/templates/tower_cli.cfg.j2 @@ -0,0 +1,5 @@ +[general] +host = {{ oo_towercli_host }} +username = {{ oo_towercli_username }} +password = {{ oo_towercli_password }} +verify_ssl = true diff --git a/roles/ansible_tower_cli/vars/main.yml b/roles/ansible_tower_cli/vars/main.yml new file mode 100644 index 000000000..a4c9abfb4 --- /dev/null +++ b/roles/ansible_tower_cli/vars/main.yml @@ -0,0 +1,2 @@ +--- +# vars file for ansible_tower_cli diff --git a/roles/openshift_master/tasks/main.yml b/roles/openshift_master/tasks/main.yml index 28bdda618..f9e6199a5 100644 --- a/roles/openshift_master/tasks/main.yml +++ b/roles/openshift_master/tasks/main.yml @@ -104,3 +104,14 @@ with_items: - root - "{{ ansible_ssh_user }}" + +- name: Update the permissions on the OpenShift client config(s) + file: + path: "~{{ item }}/.config/openshift/.config" + state: file + mode: 0700 + owner: "{{ item }}" + group: "{{ item }}" + with_items: + - root + - "{{ ansible_ssh_user }}" |