From b28d6d787fbdc6f242aff77830a85693c148faa7 Mon Sep 17 00:00:00 2001
From: Bogdan Dobrelya <bdobreli@redhat.com>
Date: Thu, 29 Jun 2017 17:59:22 +0200
Subject: Manage packages to install/update for openstack provider

Allow required packages and yum update all steps to be optionally
disabled.

Signed-off-by: Bogdan Dobrelya <bdobreli@redhat.com>
---
 playbooks/provisioning/openstack/README.md   | 10 ++++++++++
 roles/openshift-prep/defaults/main.yml       | 11 +++++++++++
 roles/openshift-prep/tasks/prerequisites.yml | 13 ++++---------
 3 files changed, 25 insertions(+), 9 deletions(-)
 create mode 100644 roles/openshift-prep/defaults/main.yml

diff --git a/playbooks/provisioning/openstack/README.md b/playbooks/provisioning/openstack/README.md
index 57b72c7f3..43e5e4878 100644
--- a/playbooks/provisioning/openstack/README.md
+++ b/playbooks/provisioning/openstack/README.md
@@ -76,6 +76,10 @@ stacks. Set it to true, if you experience issues with sec group rules
 quotas. It trades security for number of rules, by sharing the same set
 of firewall rules for master, node, etcd and infra nodes.
 
+The `required_packages` variable also provides a list of the additional
+prerequisite packages to be installed before to deploy an OpenShift cluster.
+Those are ignored though, if the `manage_packages: False`.
+
 #### Security notes
 
 Configure required `*_ingress_cidr` variables to restrict public access
@@ -87,6 +91,12 @@ nodes' ephemeral ports range.
 Note, the command ``curl https://api.ipify.org`` helps fiding an external
 IP address of your box (the ansible admin node).
 
+There is also the `manage_packages` variable (defaults to True) you
+may want to turn off in order to speed up the provisioning tasks. This may
+be the case for development environments. When turned off, the servers will
+be provisioned omitting the ``yum update`` command. This brings security
+implications though, and is not recommended for production deployments.
+
 ### Update the DNS names in `inventory/hosts`
 
 The different server groups are currently grouped by the domain name,
diff --git a/roles/openshift-prep/defaults/main.yml b/roles/openshift-prep/defaults/main.yml
new file mode 100644
index 000000000..fac25dcc1
--- /dev/null
+++ b/roles/openshift-prep/defaults/main.yml
@@ -0,0 +1,11 @@
+---
+# Defines either to install required packages and update all
+manage_packages: true
+required_packages:
+  - wget
+  - git
+  - net-tools
+  - bind-utils
+  - bridge-utils
+  - bash-completion
+  - vim-enhanced
diff --git a/roles/openshift-prep/tasks/prerequisites.yml b/roles/openshift-prep/tasks/prerequisites.yml
index 60507636f..433c1c4e3 100644
--- a/roles/openshift-prep/tasks/prerequisites.yml
+++ b/roles/openshift-prep/tasks/prerequisites.yml
@@ -6,19 +6,14 @@
   yum:
     name: "{{ item }}"
     state: latest
-  with_items:
-    - wget
-    - git
-    - net-tools
-    - bind-utils
-    - bridge-utils
-    - bash-completion
-    - vim-enhanced
+  with_items: "{{ required_packages }}"
+  when: manage_packages|bool
 
 - name: "Update all packages (this can take a very long time)"
   yum:
-    name: "*"
+    name: '*'
     state: latest
+  when: manage_packages|bool
 
 - name: "Verify hostname"
   shell: hostnamectl status | awk "/Static hostname/"'{ print $3 }'
-- 
cgit v1.2.3