From c163108c0c0c7b7a4f05da411e98ac0f503e31e0 Mon Sep 17 00:00:00 2001 From: "Suren A. Chilingaryan" Date: Fri, 23 Mar 2018 06:51:23 +0100 Subject: Fix critical bug in docker provisioner, improve mysql performance, provision system users/groups to enable NFS group mapping, various minor fixes --- roles/ands_kaas/tasks/do_storage.yml | 6 ++++-- roles/ands_kaas/tasks/do_sysgroups.yml | 12 ++++++++++++ roles/ands_kaas/tasks/sysgroup.yml | 14 ++++++++++++++ roles/ands_kaas/tasks/sysuser.yml | 15 +++++++++++++++ 4 files changed, 45 insertions(+), 2 deletions(-) create mode 100644 roles/ands_kaas/tasks/do_sysgroups.yml create mode 100644 roles/ands_kaas/tasks/sysgroup.yml create mode 100644 roles/ands_kaas/tasks/sysuser.yml (limited to 'roles/ands_kaas/tasks') diff --git a/roles/ands_kaas/tasks/do_storage.yml b/roles/ands_kaas/tasks/do_storage.yml index 8a6a880..d6f1cc5 100644 --- a/roles/ands_kaas/tasks/do_storage.yml +++ b/roles/ands_kaas/tasks/do_storage.yml @@ -5,7 +5,8 @@ loop_var: osv vars: vt_query: "[*].volumes.{{osv.value.volume}}.type" - voltype: "{{ (kaas_storage_domains | json_query(vt_query)) }}" + voltypes: "{{ (kaas_storage_domains | json_query(vt_query)) }}" + voltype: "{{ voltypes[0] | default(ands_none) }}" mp_query: "[*].volumes.{{osv.value.volume}}.mount" mntpath: "{{ (kaas_storage_domains | json_query(mp_query)) }}" rp_query: "[*].volumes.{{osv.value.volume}}.path" @@ -39,7 +40,8 @@ vars: osv: "{{ kaas_project_volumes[file.osv] }}" vt_query: "[*].volumes.{{osv.volume}}.type" - voltype: "{{ (kaas_storage_domains | json_query(vt_query)) }}" + voltypes: "{{ (kaas_storage_domains | json_query(vt_query)) }}" + voltype: "{{ voltypes[0] | default(ands_none) }}" mp_query: "[*].volumes.{{osv.volume}}.mount" mntpath: "{{ (kaas_storage_domains | json_query(mp_query)) }}" rp_query: "[*].volumes.{{osv.volume}}.path" diff --git a/roles/ands_kaas/tasks/do_sysgroups.yml b/roles/ands_kaas/tasks/do_sysgroups.yml new file mode 100644 index 0000000..3ed03b9 --- /dev/null +++ b/roles/ands_kaas/tasks/do_sysgroups.yml @@ -0,0 +1,12 @@ +- name: Populate system users and groups + include_tasks: sysgroup.yml + with_dict: "{{ kaas_project_gids }}" + loop_control: + loop_var: group + when: + - group.value.users is defined + - (gid | int) >= 2000 + vars: + gid: "{{ group.value.id }}" + users: "{{ group.value.users }}" + name: "{{ group.value.name | default('kaas_' ~ group.key) }}" diff --git a/roles/ands_kaas/tasks/sysgroup.yml b/roles/ands_kaas/tasks/sysgroup.yml new file mode 100644 index 0000000..18bd9a6 --- /dev/null +++ b/roles/ands_kaas/tasks/sysgroup.yml @@ -0,0 +1,14 @@ +- name: "Ensure system group {{ name }} with gid {{ gid }} is existing" + group: name="{{ name }}" gid="{{ gid }}" state="present" + +- name: "Process users registered for group {{ name }}" + include_tasks: sysuser.yml + with_list: "{{ users }}" + when: + - ands_openshift_users[user] is defined + - spec.name is defined + vars: + spec: "{{ ands_openshift_users[user] | default({}) }}" + new_group: "{{ name }}" + loop_control: + loop_var: user diff --git a/roles/ands_kaas/tasks/sysuser.yml b/roles/ands_kaas/tasks/sysuser.yml new file mode 100644 index 0000000..4e213fe --- /dev/null +++ b/roles/ands_kaas/tasks/sysuser.yml @@ -0,0 +1,15 @@ +- name: Ensure user is existing on the system + user: + name: "{{ user }}" + uid: "{{ spec.uid | default(omit) }}" + group: "{{ spec.group | default(omit) }}" + comment: "{{ spec.name | default(omit) }}" + password: "{{ spec.password | default(omit) }}" + shell: "{{ spec.shell | default('/bin/false') }}" + home: "{{ spec.home | default(omit) }}" + state: present + +# Configure ssh keys if specified + +- name: Add group + user: name="{{ user }}" groups="{{ new_group }}" append="yes" -- cgit v1.2.3