From c163108c0c0c7b7a4f05da411e98ac0f503e31e0 Mon Sep 17 00:00:00 2001
From: "Suren A. Chilingaryan" <csa@suren.me>
Date: Fri, 23 Mar 2018 06:51:23 +0100
Subject: Fix critical bug in docker provisioner, improve mysql performance,
provision system users/groups to enable NFS group mapping, various minor
fixes
---
roles/ands_kaas/tasks/do_storage.yml | 6 ++++--
roles/ands_kaas/tasks/do_sysgroups.yml | 12 ++++++++++++
roles/ands_kaas/tasks/sysgroup.yml | 14 ++++++++++++++
roles/ands_kaas/tasks/sysuser.yml | 15 +++++++++++++++
4 files changed, 45 insertions(+), 2 deletions(-)
create mode 100644 roles/ands_kaas/tasks/do_sysgroups.yml
create mode 100644 roles/ands_kaas/tasks/sysgroup.yml
create mode 100644 roles/ands_kaas/tasks/sysuser.yml
(limited to 'roles/ands_kaas')
diff --git a/roles/ands_kaas/tasks/do_storage.yml b/roles/ands_kaas/tasks/do_storage.yml
index 8a6a880..d6f1cc5 100644
--- a/roles/ands_kaas/tasks/do_storage.yml
+++ b/roles/ands_kaas/tasks/do_storage.yml
@@ -5,7 +5,8 @@
loop_var: osv
vars:
vt_query: "[*].volumes.{{osv.value.volume}}.type"
- voltype: "{{ (kaas_storage_domains | json_query(vt_query)) }}"
+ voltypes: "{{ (kaas_storage_domains | json_query(vt_query)) }}"
+ voltype: "{{ voltypes[0] | default(ands_none) }}"
mp_query: "[*].volumes.{{osv.value.volume}}.mount"
mntpath: "{{ (kaas_storage_domains | json_query(mp_query)) }}"
rp_query: "[*].volumes.{{osv.value.volume}}.path"
@@ -39,7 +40,8 @@
vars:
osv: "{{ kaas_project_volumes[file.osv] }}"
vt_query: "[*].volumes.{{osv.volume}}.type"
- voltype: "{{ (kaas_storage_domains | json_query(vt_query)) }}"
+ voltypes: "{{ (kaas_storage_domains | json_query(vt_query)) }}"
+ voltype: "{{ voltypes[0] | default(ands_none) }}"
mp_query: "[*].volumes.{{osv.volume}}.mount"
mntpath: "{{ (kaas_storage_domains | json_query(mp_query)) }}"
rp_query: "[*].volumes.{{osv.volume}}.path"
diff --git a/roles/ands_kaas/tasks/do_sysgroups.yml b/roles/ands_kaas/tasks/do_sysgroups.yml
new file mode 100644
index 0000000..3ed03b9
--- /dev/null
+++ b/roles/ands_kaas/tasks/do_sysgroups.yml
@@ -0,0 +1,12 @@
+- name: Populate system users and groups
+ include_tasks: sysgroup.yml
+ with_dict: "{{ kaas_project_gids }}"
+ loop_control:
+ loop_var: group
+ when:
+ - group.value.users is defined
+ - (gid | int) >= 2000
+ vars:
+ gid: "{{ group.value.id }}"
+ users: "{{ group.value.users }}"
+ name: "{{ group.value.name | default('kaas_' ~ group.key) }}"
diff --git a/roles/ands_kaas/tasks/sysgroup.yml b/roles/ands_kaas/tasks/sysgroup.yml
new file mode 100644
index 0000000..18bd9a6
--- /dev/null
+++ b/roles/ands_kaas/tasks/sysgroup.yml
@@ -0,0 +1,14 @@
+- name: "Ensure system group {{ name }} with gid {{ gid }} is existing"
+ group: name="{{ name }}" gid="{{ gid }}" state="present"
+
+- name: "Process users registered for group {{ name }}"
+ include_tasks: sysuser.yml
+ with_list: "{{ users }}"
+ when:
+ - ands_openshift_users[user] is defined
+ - spec.name is defined
+ vars:
+ spec: "{{ ands_openshift_users[user] | default({}) }}"
+ new_group: "{{ name }}"
+ loop_control:
+ loop_var: user
diff --git a/roles/ands_kaas/tasks/sysuser.yml b/roles/ands_kaas/tasks/sysuser.yml
new file mode 100644
index 0000000..4e213fe
--- /dev/null
+++ b/roles/ands_kaas/tasks/sysuser.yml
@@ -0,0 +1,15 @@
+- name: Ensure user is existing on the system
+ user:
+ name: "{{ user }}"
+ uid: "{{ spec.uid | default(omit) }}"
+ group: "{{ spec.group | default(omit) }}"
+ comment: "{{ spec.name | default(omit) }}"
+ password: "{{ spec.password | default(omit) }}"
+ shell: "{{ spec.shell | default('/bin/false') }}"
+ home: "{{ spec.home | default(omit) }}"
+ state: present
+
+# Configure ssh keys if specified
+
+- name: Add group
+ user: name="{{ user }}" groups="{{ new_group }}" append="yes"
--
cgit v1.2.3