summaryrefslogtreecommitdiffstats
path: root/roles/ands_kaas
diff options
context:
space:
mode:
authorSuren A. Chilingaryan <csa@suren.me>2018-03-23 06:51:23 +0100
committerSuren A. Chilingaryan <csa@suren.me>2018-03-23 06:51:23 +0100
commitc163108c0c0c7b7a4f05da411e98ac0f503e31e0 (patch)
tree4934d1b2e98b0e8a94816848e44496e009e6755f /roles/ands_kaas
parentcba41110aa086553192ed5a309a6b8031812c221 (diff)
downloadands-c163108c0c0c7b7a4f05da411e98ac0f503e31e0.tar.gz
ands-c163108c0c0c7b7a4f05da411e98ac0f503e31e0.tar.bz2
ands-c163108c0c0c7b7a4f05da411e98ac0f503e31e0.tar.xz
ands-c163108c0c0c7b7a4f05da411e98ac0f503e31e0.zip
Fix critical bug in docker provisioner, improve mysql performance, provision system users/groups to enable NFS group mapping, various minor fixes
Diffstat (limited to 'roles/ands_kaas')
-rw-r--r--roles/ands_kaas/tasks/do_storage.yml6
-rw-r--r--roles/ands_kaas/tasks/do_sysgroups.yml12
-rw-r--r--roles/ands_kaas/tasks/sysgroup.yml14
-rw-r--r--roles/ands_kaas/tasks/sysuser.yml15
4 files changed, 45 insertions, 2 deletions
diff --git a/roles/ands_kaas/tasks/do_storage.yml b/roles/ands_kaas/tasks/do_storage.yml
index 8a6a880..d6f1cc5 100644
--- a/roles/ands_kaas/tasks/do_storage.yml
+++ b/roles/ands_kaas/tasks/do_storage.yml
@@ -5,7 +5,8 @@
loop_var: osv
vars:
vt_query: "[*].volumes.{{osv.value.volume}}.type"
- voltype: "{{ (kaas_storage_domains | json_query(vt_query)) }}"
+ voltypes: "{{ (kaas_storage_domains | json_query(vt_query)) }}"
+ voltype: "{{ voltypes[0] | default(ands_none) }}"
mp_query: "[*].volumes.{{osv.value.volume}}.mount"
mntpath: "{{ (kaas_storage_domains | json_query(mp_query)) }}"
rp_query: "[*].volumes.{{osv.value.volume}}.path"
@@ -39,7 +40,8 @@
vars:
osv: "{{ kaas_project_volumes[file.osv] }}"
vt_query: "[*].volumes.{{osv.volume}}.type"
- voltype: "{{ (kaas_storage_domains | json_query(vt_query)) }}"
+ voltypes: "{{ (kaas_storage_domains | json_query(vt_query)) }}"
+ voltype: "{{ voltypes[0] | default(ands_none) }}"
mp_query: "[*].volumes.{{osv.volume}}.mount"
mntpath: "{{ (kaas_storage_domains | json_query(mp_query)) }}"
rp_query: "[*].volumes.{{osv.volume}}.path"
diff --git a/roles/ands_kaas/tasks/do_sysgroups.yml b/roles/ands_kaas/tasks/do_sysgroups.yml
new file mode 100644
index 0000000..3ed03b9
--- /dev/null
+++ b/roles/ands_kaas/tasks/do_sysgroups.yml
@@ -0,0 +1,12 @@
+- name: Populate system users and groups
+ include_tasks: sysgroup.yml
+ with_dict: "{{ kaas_project_gids }}"
+ loop_control:
+ loop_var: group
+ when:
+ - group.value.users is defined
+ - (gid | int) >= 2000
+ vars:
+ gid: "{{ group.value.id }}"
+ users: "{{ group.value.users }}"
+ name: "{{ group.value.name | default('kaas_' ~ group.key) }}"
diff --git a/roles/ands_kaas/tasks/sysgroup.yml b/roles/ands_kaas/tasks/sysgroup.yml
new file mode 100644
index 0000000..18bd9a6
--- /dev/null
+++ b/roles/ands_kaas/tasks/sysgroup.yml
@@ -0,0 +1,14 @@
+- name: "Ensure system group {{ name }} with gid {{ gid }} is existing"
+ group: name="{{ name }}" gid="{{ gid }}" state="present"
+
+- name: "Process users registered for group {{ name }}"
+ include_tasks: sysuser.yml
+ with_list: "{{ users }}"
+ when:
+ - ands_openshift_users[user] is defined
+ - spec.name is defined
+ vars:
+ spec: "{{ ands_openshift_users[user] | default({}) }}"
+ new_group: "{{ name }}"
+ loop_control:
+ loop_var: user
diff --git a/roles/ands_kaas/tasks/sysuser.yml b/roles/ands_kaas/tasks/sysuser.yml
new file mode 100644
index 0000000..4e213fe
--- /dev/null
+++ b/roles/ands_kaas/tasks/sysuser.yml
@@ -0,0 +1,15 @@
+- name: Ensure user is existing on the system
+ user:
+ name: "{{ user }}"
+ uid: "{{ spec.uid | default(omit) }}"
+ group: "{{ spec.group | default(omit) }}"
+ comment: "{{ spec.name | default(omit) }}"
+ password: "{{ spec.password | default(omit) }}"
+ shell: "{{ spec.shell | default('/bin/false') }}"
+ home: "{{ spec.home | default(omit) }}"
+ state: present
+
+# Configure ssh keys if specified
+
+- name: Add group
+ user: name="{{ user }}" groups="{{ new_group }}" append="yes"