File ardana-osconfig-8.0+git.1530054754.b943409.obscpio of Package ardana-osconfig
0707010019CF56000081A40000000000000000000000015B32C86200000014000000FD0000000200000000000000000000003C00000000ardana-osconfig-8.0+git.1530054754.b943409/.copyrightignorelibrary/hostname.py
0707010019D07E000081A40000000000000000000000015B32C8620000007F000000FD0000000200000000000000000000003600000000ardana-osconfig-8.0+git.1530054754.b943409/.gitreview[gerrit]
host=gerrit.suse.provo.cloud
port=29418
project=ardana/osconfig-ansible.git
defaultremote=ardana
defaultbranch=master
0707010019CF42000081A40000000000000000000000015B32C8620000279F000000FD0000000200000000000000000000003300000000ardana-osconfig-8.0+git.1530054754.b943409/LICENSE
Apache License
Version 2.0, January 2004
http://www.apache.org/licenses/
TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
1. Definitions.
"License" shall mean the terms and conditions for use, reproduction,
and distribution as defined by Sections 1 through 9 of this document.
"Licensor" shall mean the copyright owner or entity authorized by
the copyright owner that is granting the License.
"Legal Entity" shall mean the union of the acting entity and all
other entities that control, are controlled by, or are under common
control with that entity. For the purposes of this definition,
"control" means (i) the power, direct or indirect, to cause the
direction or management of such entity, whether by contract or
otherwise, or (ii) ownership of fifty percent (50%) or more of the
outstanding shares, or (iii) beneficial ownership of such entity.
"You" (or "Your") shall mean an individual or Legal Entity
exercising permissions granted by this License.
"Source" form shall mean the preferred form for making modifications,
including but not limited to software source code, documentation
source, and configuration files.
"Object" form shall mean any form resulting from mechanical
transformation or translation of a Source form, including but
not limited to compiled object code, generated documentation,
and conversions to other media types.
"Work" shall mean the work of authorship, whether in Source or
Object form, made available under the License, as indicated by a
copyright notice that is included in or attached to the work
(an example is provided in the Appendix below).
"Derivative Works" shall mean any work, whether in Source or Object
form, that is based on (or derived from) the Work and for which the
editorial revisions, annotations, elaborations, or other modifications
represent, as a whole, an original work of authorship. For the purposes
of this License, Derivative Works shall not include works that remain
separable from, or merely link (or bind by name) to the interfaces of,
the Work and Derivative Works thereof.
"Contribution" shall mean any work of authorship, including
the original version of the Work and any modifications or additions
to that Work or Derivative Works thereof, that is intentionally
submitted to Licensor for inclusion in the Work by the copyright owner
or by an individual or Legal Entity authorized to submit on behalf of
the copyright owner. For the purposes of this definition, "submitted"
means any form of electronic, verbal, or written communication sent
to the Licensor or its representatives, including but not limited to
communication on electronic mailing lists, source code control systems,
and issue tracking systems that are managed by, or on behalf of, the
Licensor for the purpose of discussing and improving the Work, but
excluding communication that is conspicuously marked or otherwise
designated in writing by the copyright owner as "Not a Contribution."
"Contributor" shall mean Licensor and any individual or Legal Entity
on behalf of whom a Contribution has been received by Licensor and
subsequently incorporated within the Work.
2. Grant of Copyright License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
copyright license to reproduce, prepare Derivative Works of,
publicly display, publicly perform, sublicense, and distribute the
Work and such Derivative Works in Source or Object form.
3. Grant of Patent License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
(except as stated in this section) patent license to make, have made,
use, offer to sell, sell, import, and otherwise transfer the Work,
where such license applies only to those patent claims licensable
by such Contributor that are necessarily infringed by their
Contribution(s) alone or by combination of their Contribution(s)
with the Work to which such Contribution(s) was submitted. If You
institute patent litigation against any entity (including a
cross-claim or counterclaim in a lawsuit) alleging that the Work
or a Contribution incorporated within the Work constitutes direct
or contributory patent infringement, then any patent licenses
granted to You under this License for that Work shall terminate
as of the date such litigation is filed.
4. Redistribution. You may reproduce and distribute copies of the
Work or Derivative Works thereof in any medium, with or without
modifications, and in Source or Object form, provided that You
meet the following conditions:
(a) You must give any other recipients of the Work or
Derivative Works a copy of this License; and
(b) You must cause any modified files to carry prominent notices
stating that You changed the files; and
(c) You must retain, in the Source form of any Derivative Works
that You distribute, all copyright, patent, trademark, and
attribution notices from the Source form of the Work,
excluding those notices that do not pertain to any part of
the Derivative Works; and
(d) If the Work includes a "NOTICE" text file as part of its
distribution, then any Derivative Works that You distribute must
include a readable copy of the attribution notices contained
within such NOTICE file, excluding those notices that do not
pertain to any part of the Derivative Works, in at least one
of the following places: within a NOTICE text file distributed
as part of the Derivative Works; within the Source form or
documentation, if provided along with the Derivative Works; or,
within a display generated by the Derivative Works, if and
wherever such third-party notices normally appear. The contents
of the NOTICE file are for informational purposes only and
do not modify the License. You may add Your own attribution
notices within Derivative Works that You distribute, alongside
or as an addendum to the NOTICE text from the Work, provided
that such additional attribution notices cannot be construed
as modifying the License.
You may add Your own copyright statement to Your modifications and
may provide additional or different license terms and conditions
for use, reproduction, or distribution of Your modifications, or
for any such Derivative Works as a whole, provided Your use,
reproduction, and distribution of the Work otherwise complies with
the conditions stated in this License.
5. Submission of Contributions. Unless You explicitly state otherwise,
any Contribution intentionally submitted for inclusion in the Work
by You to the Licensor shall be under the terms and conditions of
this License, without any additional terms or conditions.
Notwithstanding the above, nothing herein shall supersede or modify
the terms of any separate license agreement you may have executed
with Licensor regarding such Contributions.
6. Trademarks. This License does not grant permission to use the trade
names, trademarks, service marks, or product names of the Licensor,
except as required for reasonable and customary use in describing the
origin of the Work and reproducing the content of the NOTICE file.
7. Disclaimer of Warranty. Unless required by applicable law or
agreed to in writing, Licensor provides the Work (and each
Contributor provides its Contributions) on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
implied, including, without limitation, any warranties or conditions
of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
PARTICULAR PURPOSE. You are solely responsible for determining the
appropriateness of using or redistributing the Work and assume any
risks associated with Your exercise of permissions under this License.
8. Limitation of Liability. In no event and under no legal theory,
whether in tort (including negligence), contract, or otherwise,
unless required by applicable law (such as deliberate and grossly
negligent acts) or agreed to in writing, shall any Contributor be
liable to You for damages, including any direct, indirect, special,
incidental, or consequential damages of any character arising as a
result of this License or out of the use or inability to use the
Work (including but not limited to damages for loss of goodwill,
work stoppage, computer failure or malfunction, or any and all
other commercial damages or losses), even if such Contributor
has been advised of the possibility of such damages.
9. Accepting Warranty or Additional Liability. While redistributing
the Work or Derivative Works thereof, You may choose to offer,
and charge a fee for, acceptance of support, warranty, indemnity,
or other liability obligations and/or rights consistent with this
License. However, in accepting such obligations, You may act only
on Your own behalf and on Your sole responsibility, not on behalf
of any other Contributor, and only if You agree to indemnify,
defend, and hold each Contributor harmless for any liability
incurred by, or claims asserted against, such Contributor by reason
of your accepting any such warranty or additional liability.
0707010019D0B2000081A40000000000000000000000015B32C862000002C9000000FD0000000200000000000000000000003500000000ardana-osconfig-8.0+git.1530054754.b943409/README.md
(c) Copyright 2015 Hewlett Packard Enterprise Development LP
(c) Copyright 2017 SUSE LLC
Licensed under the Apache License, Version 2.0 (the "License"); you may
not use this file except in compliance with the License. You may obtain
a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
License for the specific language governing permissions and limitations
under the License.
README
======
This repo contains the following roles:
- OSCONFIG: Operating System Configuration
0707010019CF43000081A40000000000000000000000015B32C86200000D22000000FD0000000200000000000000000000003E00000000ardana-osconfig-8.0+git.1530054754.b943409/_osconfig-base.yml#
# (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017-2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# Common osconfig tasks we want to do during deployment and during an upgrade
---
- include: _osconfig-setup-repos.yml
- include: _osconfig-setup-fcoe.yml
- hosts: "{{ osconfig_resources | default('resources') }}:!NOV-ESX:!NEU-OVSVAPP"
become: yes
roles:
- multipath
tasks:
- include: roles/multipath/tasks/install.yml
- hosts: "{{ osconfig_resources | default('resources') }}"
become: yes
tasks:
- name: osconfig | diskconfig | Check if osconfig has run
stat: path=/etc/openstack/osconfig-ran
register: osconfig_ran_result
- hosts: "{{ osconfig_resources | default('resources') }}:!*-HYP"
become: yes
tasks:
- name: osconfig | diskconfig | Check if diskconfig has to be skipped
stat: path=/etc/openstack/skip_disk_config
register: skip_disk_config_result
- hosts: "{{ osconfig_resources | default('resources') }}"
become: yes
roles:
- diskconfig
tasks:
- include: roles/diskconfig/tasks/install.yml
- include: roles/diskconfig/tasks/configure.yml
when: (not osconfig_ran_result.stat.exists and
not (skip_disk_config_result is defined and
skip_disk_config_result.stat.exists))
- hosts: "{{ osconfig_resources | default('resources') }}"
roles:
- osconfig
- cobbler
- deployer-setup
tasks:
- include: roles/osconfig/tasks/marker.yml
- hosts: "{{ osconfig_resources | default('resources') }}:&FND-MDB"
roles:
- diskconfig
tasks:
- include: roles/diskconfig/tasks/write_test.yml
- hosts: "{{ osconfig_resources | default('resources') }}"
roles:
- cobbler
- osconfig
- package-consumer
tasks:
- include: roles/osconfig/tasks/setup-sudo-conf.yml
- include: roles/osconfig/tasks/setup-hosts-file.yml
- include: roles/osconfig/tasks/set-hostname.yml
- include: roles/osconfig/tasks/setup-resolv-conf.yml
- include: roles/osconfig/tasks/set-timezone.yml
- include: roles/package-consumer/tasks/install.yml
- include: roles/package-consumer/tasks/configure.yml
- include: roles/osconfig/tasks/copy-ardana-version-file.yml
- include: roles/osconfig/tasks/setup-systemd.yml
- include: roles/osconfig/tasks/setup-kernel-parameters.yml
- include: roles/osconfig/tasks/setup-hugepages.yml
- include: roles/osconfig/tasks/setup-debug-tools.yml
- include: roles/osconfig/tasks/set-bnx2x-opts.yml
# For now, do not run the configure task
- hosts: "{{ osconfig_resources | default('resources') }}"
roles:
- osconfig-probe
tasks:
- include: roles/osconfig-probe/tasks/install.yml
- hosts: "{{ osconfig_resources | default('resources') }}"
roles:
- osconfig-common
- include: sysctl.yml
- include: udev.yml
0707010019D07D000081A40000000000000000000000015B32C862000005F6000000FD0000000200000000000000000000004600000000ardana-osconfig-8.0+git.1530054754.b943409/_osconfig-post-upgrade.yml#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017-2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# Playbook to carry out post-upgrade actions for each osconfig
# service/component based on the set of package upgrades for this node.
---
- hosts: NEU-OVS
tasks:
- name: osconfig | _osconfig-post-upgrade | Debian - Enable openvswitch service
service_restart:
service: openvswitch-switch
state: enabled
become: yes
when: (ansible_os_family | lower) == 'debian'
- name: osconfig | _osconfig-post-upgrade | SUSE - Enable openvswitch service
become: yes
service:
name: openvswitch
state: started
enabled: yes
when: (ansible_os_family | lower) == 'suse'
- name: osconfig | _osconfig-post-upgrade | RedHat - Enable openvswitch service
become: yes
service:
name: openvswitch
state: started
enabled: yes
when: (ansible_os_family | lower) == 'redhat'
0707010019D075000081A40000000000000000000000015B32C862000005F6000000FD0000000200000000000000000000004500000000ardana-osconfig-8.0+git.1530054754.b943409/_osconfig-pre-upgrade.yml#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017-2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# Playbook to carry out pre-upgrade actions for each osconfig
# service/component based on the set of package upgrades for this node.
---
- hosts: NEU-OVS
tasks:
- name: osconfig | _osconfig-pre-upgrade | Debian - Disable openvswitch service
service_restart:
service: openvswitch-switch
state: disabled
become: yes
when: (ansible_os_family | lower) == 'debian'
- name: osconfig | _osconfig-post-upgrade | SUSE - Disable openvswitch service
become: yes
service:
name: openvswitch
state: started
enabled: no
when: (ansible_os_family | lower) == 'suse'
- name: osconfig | _osconfig-post-upgrade | RedHat - Disable openvswitch service
become: yes
service:
name: openvswitch
state: started
enabled: no
when: (ansible_os_family | lower) == 'redhat'
0707010019CF47000081A40000000000000000000000015B32C862000003CC000000FD0000000200000000000000000000004400000000ardana-osconfig-8.0+git.1530054754.b943409/_osconfig-setup-fcoe.yml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- hosts: "{{ osconfig_resources | default('resources') }}:!NOV-ESX:!NEU-OVSVAPP"
become: yes
roles:
- fcoe
tasks:
- include: roles/fcoe/tasks/check_fcoe_order.yml
when: ansible_os_family == 'Debian'
- include: roles/fcoe/tasks/install.yml
- include: roles/fcoe/tasks/configure.yml
tags: fcoe_enable
0707010019D0B3000081A40000000000000000000000015B32C86200000635000000FD0000000200000000000000000000004500000000ardana-osconfig-8.0+git.1530054754.b943409/_osconfig-setup-repos.yml#
# (c) Copyright 2016-2017 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017-2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- hosts: localhost
roles:
- osconfig
tasks:
- include: roles/osconfig/tasks/setup-resolv-conf.yml
- include: roles/osconfig/tasks/copy-ardana-version-file.yml
- include: roles/osconfig/tasks/get-ptf-signing-key.yml
tags: fcoe_enable
- hosts: "{{ osconfig_resources | default('resources') }}"
roles:
- ssh
- osconfig
- cobbler
- deployer-setup
- thirdparty-repo
tasks:
- include: roles/osconfig/tasks/check-for-apt-repo.yml
- include: roles/osconfig/tasks/check-for-yum-repo.yml
- include: roles/osconfig/tasks/check-for-zypp-repo.yml
- include: roles/cobbler/tasks/set-vars.yml
- include: roles/osconfig/tasks/setup-apt.yml
when: ansible_os_family == 'Debian'
- include: roles/osconfig/tasks/setup-yum.yml
when: ansible_os_family == 'RedHat'
- include: roles/osconfig/tasks/setup-zypp.yml
when: ansible_os_family == 'Suse'
tags: fcoe_enable
0707010019CF4B000081A40000000000000000000000015B32C862000004D6000000FD0000000200000000000000000000004100000000ardana-osconfig-8.0+git.1530054754.b943409/_osconfig-upgrade.yml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# Playbook to carry out upgrade actions for each osconfig
# service/component.
---
# For now osconfig upgrade is just a repeat of a majorify of the osconfig
# deploy actions, apart from some of the network configuration plays.
- include: _osconfig-base.yml
- include: osconfig-iptables-upgrade.yml
- hosts: "{{ osconfig_resources | default('resources') }}"
roles:
- network_interface
tasks:
- include: roles/network_interface/tasks/configure_pci_to_nic_mappings.yml
- include: roles/network_interface/tasks/update_mlx4_raw_udev_rules.yml
when: ansible_os_family == "Debian"
0707010019D074000081A40000000000000000000000015B32C86200000392000000FD0000000200000000000000000000003F00000000ardana-osconfig-8.0+git.1530054754.b943409/_osconfig_probe.yml#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# Top level playbook to run probe. Mostly exists for testing.
- hosts: "{{ osconfig_resources | default('resources') }}"
roles:
- osconfig-probe
tasks:
- include: roles/osconfig-probe/tasks/install.yml
- include: roles/osconfig-probe/tasks/configure.yml
0707010019D076000041ED0000000000000000000000025B32C86200000000000000FD0000000200000000000000000000003200000000ardana-osconfig-8.0+git.1530054754.b943409/config0707010019D077000081A40000000000000000000000015B32C862000003C9000000FD0000000200000000000000000000004400000000ardana-osconfig-8.0+git.1530054754.b943409/config/dpdk-symlinks.yml# (c) Copyright 2016-2017 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# The following relative symlinks are created under the
# my_cloud/config directory.
---
symlinks:
"osconfig/debian_dpdk.yml": "roles/network_interface/vars/debian_dpdk.yml"
"osconfig/redhat_dpdk.yml": "roles/network_interface/vars/redhat_dpdk.yml"
"osconfig/suse_dpdk.yml": "roles/network_interface/vars/suse_dpdk.yml"
0707010019D07A000081A40000000000000000000000015B32C86200000331000000FD0000000200000000000000000000004900000000ardana-osconfig-8.0+git.1530054754.b943409/config/multipath-symlinks.yml# (c) Copyright 2015 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# The following relative symlinks are created under the
# my_cloud/config directory.
---
symlinks:
"multipath/multipath_settings.yml": "roles/multipath/vars/multipath_vars.yml"
0707010019D078000081A40000000000000000000000015B32C8620000032F000000FD0000000200000000000000000000004300000000ardana-osconfig-8.0+git.1530054754.b943409/config/pci-symlinks.yml# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# The following relative symlinks are created under the
# my_cloud/config directory.
---
symlinks:
"osconfig/pci_debian.yml": "roles/osconfig-network-pci/vars/pci_debian.yml"
0707010019D079000081A40000000000000000000000015B32C8620000038A000000FD0000000200000000000000000000004600000000ardana-osconfig-8.0+git.1530054754.b943409/config/sysctl-symlinks.yml# (c) Copyright 2015 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# The following relative symlinks are created under the
# my_cloud/config directory.
---
symlinks:
"osconfig/ardana_sysctl.conf.j2": "roles/sysctl/templates/ardana_sysctl.conf.j2"
"osconfig/ardana_kernel_modules.yml": "roles/sysctl/vars/ardana_kernel_modules.yml"
0707010019CF40000081A40000000000000000000000015B32C862000002CD000000FD0000000200000000000000000000003B00000000ardana-osconfig-8.0+git.1530054754.b943409/fcoe-enable.yml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- include: _osconfig-setup-repos.yml
- include: _osconfig-setup-fcoe.yml
0707010019CF4D000041ED0000000000000000000000025B32C86200000000000000FD0000000200000000000000000000003A00000000ardana-osconfig-8.0+git.1530054754.b943409/filter_plugins0707010019CF54000081A40000000000000000000000015B32C86200000367000000FD0000000200000000000000000000004300000000ardana-osconfig-8.0+git.1530054754.b943409/filter_plugins/chain.py#
# (c) Copyright 2015 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# Jinja2 filter to flatten (chain) lists together
import itertools
def chain(lists):
return itertools.chain(*lists)
class FilterModule(object):
def filters(self):
return {
'chain': chain,
}
0707010019CF53000081A40000000000000000000000015B32C8620000064C000000FD0000000200000000000000000000004A00000000ardana-osconfig-8.0+git.1530054754.b943409/filter_plugins/device_group.py#
# (c) Copyright 2015 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# Usage :
# {device_groups:[{name:N1, consumer:C1, ...},
# {name:N2, consumer:C2, ...},
# ...]} | device_group(N2, C2)
# => {name:N2, consumer:C2, ...}
def device_group(data, dg_name, dg_consumer):
output = None
for dg in data.get("device_groups", []):
# skip if doesn't match require name
name = dg.get("name")
if not name or name != dg_name:
continue
# skip if doesn't have a consumer entry
consumer = dg.get("consumer")
if not consumer:
continue
# skip if consumer name doesn't match required consumer
consumer_name = consumer.get("name")
if not consumer_name or consumer_name != dg_consumer:
continue
# found a matching device group, so return it
output = dg
break
return output
class FilterModule(object):
def filters(self):
return {'device_group': device_group}
0707010019CF50000081A40000000000000000000000015B32C86200000558000000FD0000000200000000000000000000004C00000000ardana-osconfig-8.0+git.1530054754.b943409/filter_plugins/fcoe_boot_args.py#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# return kernel boot arguments for given fcoe interface
from ansible.errors import AnsibleFilterError
def fcoe_boot_args(host_info, iface):
ret = ""
iface_entry = 'ansible_%s' % iface
iface_info = host_info.get(iface_entry)
if iface_info is None:
raise AnsibleFilterError("Interface not found: '%s'" % iface)
iface_mac = iface_info.get('macaddress')
if iface_mac is None:
raise AnsibleFilterError("No MAC address available for interface: "
"'%s'" % iface)
return "fcoe=%s:nodcb iface=%s:%s" % (iface, iface, iface_mac)
class FilterModule(object):
def filters(self):
return {
'fcoe_boot_args': fcoe_boot_args,
}
0707010019CF4F000081A40000000000000000000000015B32C8620000052D000000FD0000000200000000000000000000004400000000ardana-osconfig-8.0+git.1530054754.b943409/filter_plugins/isatty.py#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# return list of devices that are ttys
import os
import subprocess
from ansible import errors
def isatty(devices):
ret_list=[]
for device in devices:
devpath = "/dev/tty" + device
if not os.path.exists(devpath):
return None
try:
output = subprocess.check_output(['/sbin/udevadm', 'info', '-x', devpath])
except Exception as e:
raise errors.AnsibleFilterError("Failed to open device %s, %s" % (devpath, str(e)))
if "/devices/pnp" in output:
ret_list.append(device)
return ret_list
class FilterModule(object):
def filters(self):
return {
'isatty': isatty,
}
0707010019CF52000081A40000000000000000000000015B32C862000026E9000000FD0000000200000000000000000000004C00000000ardana-osconfig-8.0+git.1530054754.b943409/filter_plugins/pci_interfaces.py#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017-2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# This plugin provides the following filters.
# pci_changed: This is to determine whether any configuration for a
# PCI interface changed or not.
# pci_deleted: This is to determine whether the existing interface is
# moved from PCI device to non-PCI device.
# pci_config_script_list: This is to get a list of config scripts
# for PCI interfaces which are newly added, or changed,
# or deleted.
# pci_add_update_delete_list: This is to get a list of PCI interfaces
# which are newly added, or changed, or deleted.
# pci_packages: This is to get a list of packages to be installed
# on a host based on the drivers specified
# pci_modules: This is to get a list of modules to be installed on
# a host based on the drivers specified.
# pci_validate_multi_port_interfaces: This is to validate that vf_count
# is not configured for more than one port of multi-port
# interfaces.
# pci_hw_address: Get the pci bus address of the pci card using
# the device name by searching a mapping table.
# pci_dpdk_nic_driver: Get the name of the driver used by the DPDK
# pci device devname
#
from ansible import errors
def pci_changed(new_list, old_list):
"""Returns True or False based on the two lists are same or not."""
for new_entry in new_list:
match_found = False
for old_entry in old_list:
if (new_entry['device'] == old_entry['device'] and
new_entry.get('config_script', None) == old_entry['config_script'] and
new_entry['vf_count'] == old_entry['vf_count'] and
new_entry['nic_device_type']['device_id'] == old_entry['device_id']):
# A match is found. No change for that entry.
match_found = True
break
if not match_found:
# This means that the entry is changed in the new list.
# As there is at least one change detected, we can declare
# that two lists are not the same.
return True
# Nothing got changed. Return False.
return False
def pci_deleted(new_list, old_list):
"""Returns list of elements in old_list which are not present in new list."""
delete_list = []
for entry in old_list:
# Check whether bus addresses and interface names match in the two lists for
# each entry.
bus_addr_matches = [x for x in new_list if x['bus_address'] == entry['bus_address'] and
x.get('config_script', None)]
device_matches = [x for x in new_list if x['device'] == entry['device'] and
x.get('config_script', None)]
if not (bus_addr_matches and device_matches):
delete_list.append(entry)
return delete_list
def pci_config_script_list(new_list, old_list):
"""Returns a list of config scripts.
Returns a list of config scripts from the list of added, modified and deleted
interfaces so that post_configure operation can be performed.
"""
config_script_list = []
for new_entry in new_list:
match_found = False
for old_entry in old_list:
if (new_entry['device'] == old_entry['device'] and
new_entry.get('config_script', None) == old_entry['config_script'] and
new_entry['vf_count'] == old_entry['vf_count'] and
new_entry['nic_device_type']['device_id'] == old_entry['device_id']):
# A match is found. No change for that entry.
match_found = True
break
if not match_found:
# This means that the entry is changed in the new list.
# Or, the entry is totally new one.
# Add the config_script to the list.
config_script_list.append(new_entry['config_script'])
# Check for deleted interfaces. Post-configure operation is
# required for deleted interfaces as well.
delete_list = pci_deleted(new_list, old_list)
for entry in delete_list:
config_script_list.append(entry['config_script'])
# Return the final list with unique elements
return config_script_list
def pci_add_update_delete_list(new_list, old_list):
"""Returns a list of PCI interfaces which are added/modified/deleted."""
add_modify_list = []
for new_entry in new_list:
match_found = False
for old_entry in old_list:
if (new_entry['device'] == old_entry['device'] and
new_entry.get('config_script', None) == old_entry['config_script'] and
new_entry['vf_count'] == old_entry['vf_count'] and
new_entry['nic_device_type']['device_id'] == old_entry['device_id']):
# A match is found. No change for that entry.
match_found = True
break
if not match_found:
# This means that the entry is changed in the new list.
# Or, the entry is totally new one.
# Add the config_script to the list.
add_modify_list.append(new_entry)
# Check for deleted interfaces.
delete_list = pci_deleted(new_list, old_list)
# Return the final list with unique elements
return add_modify_list + delete_list
def _pci_packages(network_pci_pt_sriov_interfaces, package_list):
pkg_list = []
for interface in network_pci_pt_sriov_interfaces:
for pkg in package_list:
for k,v in pkg.items():
matched_drivers = [driver for driver in v['drivers'] if driver == interface['driver']]
if matched_drivers:
pkg_list.append(pkg)
return pkg_list
def pci_packages(network_pci_pt_sriov_interfaces, package_list):
"""Returns a list of packages with matching drivers in network_pci_pt_sriov_interfaces."""
lst = []
tmp_pkg_list = _pci_packages(network_pci_pt_sriov_interfaces, package_list)
for pkg in tmp_pkg_list:
for k, v in pkg.items():
lst.append(k)
return lst
def pci_modules(network_pci_pt_sriov_interfaces, package_list):
"""Returns a list of modules from the package list."""
mod_list = []
tmp_pkg_list = _pci_packages(network_pci_pt_sriov_interfaces, package_list)
for pkg in tmp_pkg_list:
for k, v in pkg.items():
mod_list = mod_list + v['modules']
return mod_list
def pci_validate_multi_port_interfaces(multi_port_interfaces, config_scripts):
"""Returns an error string after performing a validation check on multi-port interfaces.
Validation performed: For multi-port interfaces, vf_count cannot be configured for more than one port.
"""
for interface in multi_port_interfaces:
matched_bus_addresses = [x for x in multi_port_interfaces if x['bus_address'] == interface['bus_address']]
bus_addresses_with_vfs = [y for y in matched_bus_addresses if 'vf_count' in y]
if len(bus_addresses_with_vfs) > 1:
for bus_address in bus_addresses_with_vfs:
for script in config_scripts:
if (bus_address['config_script'] == script['name'] and
script.get('multi_vf_allowed', 'false') == 'false'):
return "For multi-port interfaces, vf_count cannot be configured for more than one port. bus_address = %s" % bus_address['bus_address']
return ""
def pci_hw_address(devname, mapping_table):
if not devname:
raise errors.AnsibleFilterError("ERROR: null or empty device name")
hw_address = ''
for mapping in mapping_table:
if mapping.get('logical_name', '') == devname:
hw_address = mapping.get('bus_address', '')
break
if not hw_address:
raise errors.AnsibleFilterError("ERROR: PCI H/W address "
"not found for " + devname)
return hw_address
def pci_dpdk_nic_driver(devname, dpdk_device_table):
if not devname:
raise errors.AnsibleFilterError("ERROR: null or empty device name")
try:
fnd_ovs = dpdk_device_table.get('FND_OVS')
devices = fnd_ovs.get('devices', [])
driver = ''
for device in devices:
if devname == device.get('device', ''):
driver = device.get('driver', '')
break
except Exception as e:
raise errors.AnsibleFilterError("ERROR: invalid DPDK device table:\n"
"Exception: %s" % str(e))
if not driver:
raise errors.AnsibleFilterError("ERROR: DPDK driver not found "
"for device " + devname)
return driver
class FilterModule(object):
def filters(self):
return {'pci_changed': pci_changed,
'pci_deleted': pci_deleted,
'pci_config_script_list': pci_config_script_list,
'pci_add_update_delete_list': pci_add_update_delete_list,
'pci_packages': pci_packages,
'pci_modules': pci_modules,
'pci_validate_multi_port_interfaces': pci_validate_multi_port_interfaces,
'pci_hw_address': pci_hw_address,
'pci_dpdk_nic_driver': pci_dpdk_nic_driver
}
0707010019CF4E000081A40000000000000000000000015B32C86200000438000000FD0000000200000000000000000000004C00000000ardana-osconfig-8.0+git.1530054754.b943409/filter_plugins/routing_tables.py#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
def routing_tables(ifdictlistlist):
''' Recover all routing_tables in a nested list of
interface specifications
'''
output = []
for ifdictlist in ifdictlistlist:
for ifdict in ifdictlist:
if 'routing_table' in ifdict:
output.append(ifdict['routing_table'])
return output
class FilterModule(object):
def filters(self):
return {'routing_tables': routing_tables}
0707010019CF51000081A40000000000000000000000015B32C86200000352000000FD0000000200000000000000000000004300000000ardana-osconfig-8.0+git.1530054754.b943409/filter_plugins/split.py#
# (c) Copyright 2015 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# Jinja2 filter to split a string
import os
def split(string, *sep):
return string.split(*sep)
class FilterModule(object):
def filters(self):
return {
'split': split,
}
0707010019D081000041ED0000000000000000000000025B32C86200000000000000FD0000000200000000000000000000003300000000ardana-osconfig-8.0+git.1530054754.b943409/library0707010019D083000081A40000000000000000000000015B32C86200005345000000FD0000000200000000000000000000003F00000000ardana-osconfig-8.0+git.1530054754.b943409/library/hostname.py#!/usr/bin/python
# -*- coding: utf-8 -*-
# (c) 2013, Hiroaki Nakamura <hnakamur@gmail.com>
#
# This file is part of Ansible
#
# Ansible is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# Ansible is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
DOCUMENTATION = '''
---
module: hostname
author:
- "Hiroaki Nakamura (@hnakamur)"
- "Hideki Saito (@saito-hideki)"
version_added: "1.4"
short_description: Manage hostname
requirements: [ hostname ]
description:
- Set system's hostname.
- Currently implemented on Debian, Ubuntu, Fedora, RedHat, openSUSE, Linaro, ScientificLinux, Arch, CentOS, AMI.
- Any distribution that uses systemd as their init system.
- Note, this module does *NOT* modify /etc/hosts. You need to modify it yourself using other modules like template or replace.
options:
name:
required: true
description:
- Name of the host
'''
EXAMPLES = '''
- hostname: name=web01
'''
import socket
from distutils.version import LooseVersion
# import module snippets
from ansible.module_utils.basic import *
class UnimplementedStrategy(object):
def __init__(self, module):
self.module = module
def get_current_hostname(self):
self.unimplemented_error()
def set_current_hostname(self, name):
self.unimplemented_error()
def get_permanent_hostname(self):
self.unimplemented_error()
def set_permanent_hostname(self, name):
self.unimplemented_error()
def unimplemented_error(self):
platform = get_platform()
distribution = get_distribution()
if distribution is not None:
msg_platform = '%s (%s)' % (platform, distribution)
else:
msg_platform = platform
self.module.fail_json(
msg='hostname module cannot be used on platform %s' % msg_platform)
class Hostname(object):
"""
This is a generic Hostname manipulation class that is subclassed
based on platform.
A subclass may wish to set different strategy instance to self.strategy.
All subclasses MUST define platform and distribution (which may be None).
"""
platform = 'Generic'
distribution = None
strategy_class = UnimplementedStrategy
def __new__(cls, *args, **kwargs):
return load_platform_subclass(Hostname, args, kwargs)
def __init__(self, module):
self.module = module
self.name = module.params['name']
self.strategy = self.strategy_class(module)
def get_current_hostname(self):
return self.strategy.get_current_hostname()
def set_current_hostname(self, name):
self.strategy.set_current_hostname(name)
def get_permanent_hostname(self):
return self.strategy.get_permanent_hostname()
def set_permanent_hostname(self, name):
self.strategy.set_permanent_hostname(name)
class GenericStrategy(object):
"""
This is a generic Hostname manipulation strategy class.
A subclass may wish to override some or all of these methods.
- get_current_hostname()
- get_permanent_hostname()
- set_current_hostname(name)
- set_permanent_hostname(name)
"""
def __init__(self, module):
self.module = module
self.hostname_cmd = self.module.get_bin_path('hostname', True)
def get_current_hostname(self):
cmd = [self.hostname_cmd]
rc, out, err = self.module.run_command(cmd)
if rc != 0:
self.module.fail_json(msg="Command failed rc=%d, out=%s, err=%s" %
(rc, out, err))
return out.strip()
def set_current_hostname(self, name):
cmd = [self.hostname_cmd, name]
rc, out, err = self.module.run_command(cmd)
if rc != 0:
self.module.fail_json(msg="Command failed rc=%d, out=%s, err=%s" %
(rc, out, err))
def get_permanent_hostname(self):
return None
def set_permanent_hostname(self, name):
pass
# ===========================================
class DebianStrategy(GenericStrategy):
"""
This is a Debian family Hostname manipulation strategy class - it edits
the /etc/hostname file.
"""
HOSTNAME_FILE = '/etc/hostname'
def get_permanent_hostname(self):
if not os.path.isfile(self.HOSTNAME_FILE):
try:
open(self.HOSTNAME_FILE, "a").write("")
except IOError, err:
self.module.fail_json(msg="failed to write file: %s" %
str(err))
try:
f = open(self.HOSTNAME_FILE)
try:
return f.read().strip()
finally:
f.close()
except Exception, err:
self.module.fail_json(msg="failed to read hostname: %s" %
str(err))
def set_permanent_hostname(self, name):
try:
f = open(self.HOSTNAME_FILE, 'w+')
try:
f.write("%s\n" % name)
finally:
f.close()
except Exception, err:
self.module.fail_json(msg="failed to update hostname: %s" %
str(err))
# ===========================================
class SLESStrategy(GenericStrategy):
"""
This is a SLES Hostname strategy class - it edits the
/etc/HOSTNAME file.
"""
HOSTNAME_FILE = '/etc/HOSTNAME'
def get_permanent_hostname(self):
if not os.path.isfile(self.HOSTNAME_FILE):
try:
open(self.HOSTNAME_FILE, "a").write("")
except IOError, err:
self.module.fail_json(msg="failed to write file: %s" %
str(err))
try:
f = open(self.HOSTNAME_FILE)
try:
return f.read().strip()
finally:
f.close()
except Exception, err:
self.module.fail_json(msg="failed to read hostname: %s" %
str(err))
def set_permanent_hostname(self, name):
try:
f = open(self.HOSTNAME_FILE, 'w+')
try:
f.write("%s\n" % name)
finally:
f.close()
except Exception, err:
self.module.fail_json(msg="failed to update hostname: %s" %
str(err))
# ===========================================
class RedHatStrategy(GenericStrategy):
"""
This is a Redhat Hostname strategy class - it edits the
/etc/sysconfig/network file.
"""
NETWORK_FILE = '/etc/sysconfig/network'
def get_permanent_hostname(self):
try:
f = open(self.NETWORK_FILE, 'rb')
try:
for line in f.readlines():
if line.startswith('HOSTNAME'):
k, v = line.split('=')
return v.strip()
finally:
f.close()
except Exception, err:
self.module.fail_json(msg="failed to read hostname: %s" %
str(err))
def set_permanent_hostname(self, name):
try:
lines = []
found = False
f = open(self.NETWORK_FILE, 'rb')
try:
for line in f.readlines():
if line.startswith('HOSTNAME'):
lines.append("HOSTNAME=%s\n" % name)
found = True
else:
lines.append(line)
finally:
f.close()
if not found:
lines.append("HOSTNAME=%s\n" % name)
f = open(self.NETWORK_FILE, 'w+')
try:
f.writelines(lines)
finally:
f.close()
except Exception, err:
self.module.fail_json(msg="failed to update hostname: %s" %
str(err))
# ===========================================
class SystemdStrategy(GenericStrategy):
"""
This is a Systemd hostname manipulation strategy class - it uses
the hostnamectl command.
"""
def get_current_hostname(self):
cmd = ['hostname']
rc, out, err = self.module.run_command(cmd)
if rc != 0:
self.module.fail_json(msg="Command failed rc=%d, out=%s, err=%s" %
(rc, out, err))
return out.strip()
def set_current_hostname(self, name):
if len(name) > 64:
self.module.fail_json(msg="name cannot be longer than 64 characters on systemd servers, try a shorter name")
cmd = ['hostnamectl', '--transient', 'set-hostname', name]
rc, out, err = self.module.run_command(cmd)
if rc != 0:
self.module.fail_json(msg="Command failed rc=%d, out=%s, err=%s" %
(rc, out, err))
def get_permanent_hostname(self):
cmd = ['hostnamectl', '--static', 'status']
rc, out, err = self.module.run_command(cmd)
if rc != 0:
self.module.fail_json(msg="Command failed rc=%d, out=%s, err=%s" %
(rc, out, err))
return out.strip()
def set_permanent_hostname(self, name):
if len(name) > 64:
self.module.fail_json(msg="name cannot be longer than 64 characters on systemd servers, try a shorter name")
cmd = ['hostnamectl', '--pretty', 'set-hostname', name]
rc, out, err = self.module.run_command(cmd)
if rc != 0:
self.module.fail_json(msg="Command failed rc=%d, out=%s, err=%s" %
(rc, out, err))
cmd = ['hostnamectl', '--static', 'set-hostname', name]
rc, out, err = self.module.run_command(cmd)
if rc != 0:
self.module.fail_json(msg="Command failed rc=%d, out=%s, err=%s" %
(rc, out, err))
# ===========================================
class OpenRCStrategy(GenericStrategy):
"""
This is a Gentoo (OpenRC) Hostname manipulation strategy class - it edits
the /etc/conf.d/hostname file.
"""
HOSTNAME_FILE = '/etc/conf.d/hostname'
def get_permanent_hostname(self):
try:
try:
f = open(self.HOSTNAME_FILE, 'r')
for line in f:
line = line.strip()
if line.startswith('hostname='):
return line[10:].strip('"')
except Exception, err:
self.module.fail_json(msg="failed to read hostname: %s" % str(err))
finally:
f.close()
return None
def set_permanent_hostname(self, name):
try:
try:
f = open(self.HOSTNAME_FILE, 'r')
lines = [x.strip() for x in f]
for i, line in enumerate(lines):
if line.startswith('hostname='):
lines[i] = 'hostname="%s"' % name
break
f.close()
f = open(self.HOSTNAME_FILE, 'w')
f.write('\n'.join(lines) + '\n')
except Exception, err:
self.module.fail_json(msg="failed to update hostname: %s" % str(err))
finally:
f.close()
# ===========================================
class OpenBSDStrategy(GenericStrategy):
"""
This is a OpenBSD family Hostname manipulation strategy class - it edits
the /etc/myname file.
"""
HOSTNAME_FILE = '/etc/myname'
def get_permanent_hostname(self):
if not os.path.isfile(self.HOSTNAME_FILE):
try:
open(self.HOSTNAME_FILE, "a").write("")
except IOError, err:
self.module.fail_json(msg="failed to write file: %s" %
str(err))
try:
f = open(self.HOSTNAME_FILE)
try:
return f.read().strip()
finally:
f.close()
except Exception, err:
self.module.fail_json(msg="failed to read hostname: %s" %
str(err))
def set_permanent_hostname(self, name):
try:
f = open(self.HOSTNAME_FILE, 'w+')
try:
f.write("%s\n" % name)
finally:
f.close()
except Exception, err:
self.module.fail_json(msg="failed to update hostname: %s" %
str(err))
# ===========================================
class SolarisStrategy(GenericStrategy):
"""
This is a Solaris11 or later Hostname manipulation strategy class - it
execute hostname command.
"""
def set_current_hostname(self, name):
cmd_option = '-t'
cmd = [self.hostname_cmd, cmd_option, name]
rc, out, err = self.module.run_command(cmd)
if rc != 0:
self.module.fail_json(msg="Command failed rc=%d, out=%s, err=%s" %
(rc, out, err))
def get_permanent_hostname(self):
fmri = 'svc:/system/identity:node'
pattern = 'config/nodename'
cmd = '/usr/sbin/svccfg -s %s listprop -o value %s' % (fmri, pattern)
rc, out, err = self.module.run_command(cmd, use_unsafe_shell=True)
if rc != 0:
self.module.fail_json(msg="Command failed rc=%d, out=%s, err=%s" %
(rc, out, err))
return out.strip()
def set_permanent_hostname(self, name):
cmd = [self.hostname_cmd, name]
rc, out, err = self.module.run_command(cmd)
if rc != 0:
self.module.fail_json(msg="Command failed rc=%d, out=%s, err=%s" %
(rc, out, err))
# ===========================================
class FreeBSDStrategy(GenericStrategy):
"""
This is a FreeBSD hostname manipulation strategy class - it edits
the /etc/rc.conf.d/hostname file.
"""
HOSTNAME_FILE = '/etc/rc.conf.d/hostname'
def get_permanent_hostname(self):
if not os.path.isfile(self.HOSTNAME_FILE):
try:
open(self.HOSTNAME_FILE, "a").write("hostname=temporarystub\n")
except IOError, err:
self.module.fail_json(msg="failed to write file: %s" %
str(err))
try:
try:
f = open(self.HOSTNAME_FILE, 'r')
for line in f:
line = line.strip()
if line.startswith('hostname='):
return line[10:].strip('"')
except Exception, err:
self.module.fail_json(msg="failed to read hostname: %s" % str(err))
finally:
f.close()
return None
def set_permanent_hostname(self, name):
try:
try:
f = open(self.HOSTNAME_FILE, 'r')
lines = [x.strip() for x in f]
for i, line in enumerate(lines):
if line.startswith('hostname='):
lines[i] = 'hostname="%s"' % name
break
f.close()
f = open(self.HOSTNAME_FILE, 'w')
f.write('\n'.join(lines) + '\n')
except Exception, err:
self.module.fail_json(msg="failed to update hostname: %s" % str(err))
finally:
f.close()
# ===========================================
class FedoraHostname(Hostname):
platform = 'Linux'
distribution = 'Fedora'
strategy_class = SystemdStrategy
class SLESHostname(Hostname):
platform = 'Linux'
distribution = 'Suse linux enterprise server '
distribution_version = get_distribution_version()
if distribution_version and LooseVersion(distribution_version) >= LooseVersion("12"):
strategy_class = SystemdStrategy
elif distribution_version and LooseVersion("10") <= LooseVersion(distribution_version) <= LooseVersion("12"):
strategy_class = SLESStrategy
else:
strategy_class = UnimplementedStrategy
class OpenSUSEHostname(Hostname):
platform = 'Linux'
distribution = 'Opensuse '
strategy_class = SystemdStrategy
class ArchHostname(Hostname):
platform = 'Linux'
distribution = 'Arch'
strategy_class = SystemdStrategy
class RedHat5Hostname(Hostname):
platform = 'Linux'
distribution = 'Redhat'
strategy_class = RedHatStrategy
class RedHatServerHostname(Hostname):
platform = 'Linux'
distribution = 'Red hat enterprise linux server'
distribution_version = get_distribution_version()
if distribution_version and LooseVersion(distribution_version) >= LooseVersion("7"):
strategy_class = SystemdStrategy
else:
strategy_class = RedHatStrategy
class RedHatWorkstationHostname(Hostname):
platform = 'Linux'
distribution = 'Red hat enterprise linux workstation'
distribution_version = get_distribution_version()
if distribution_version and LooseVersion(distribution_version) >= LooseVersion("7"):
strategy_class = SystemdStrategy
else:
strategy_class = RedHatStrategy
class CentOSHostname(Hostname):
platform = 'Linux'
distribution = 'Centos'
distribution_version = get_distribution_version()
if distribution_version and LooseVersion(distribution_version) >= LooseVersion("7"):
strategy_class = SystemdStrategy
else:
strategy_class = RedHatStrategy
class CentOSLinuxHostname(Hostname):
platform = 'Linux'
distribution = 'Centos linux'
distribution_version = get_distribution_version()
if distribution_version and LooseVersion(distribution_version) >= LooseVersion("7"):
strategy_class = SystemdStrategy
else:
strategy_class = RedHatStrategy
class ScientificHostname(Hostname):
platform = 'Linux'
distribution = 'Scientific'
distribution_version = get_distribution_version()
if distribution_version and LooseVersion(distribution_version) >= LooseVersion("7"):
strategy_class = SystemdStrategy
else:
strategy_class = RedHatStrategy
class ScientificLinuxHostname(Hostname):
platform = 'Linux'
distribution = 'Scientific linux'
distribution_version = get_distribution_version()
if distribution_version and LooseVersion(distribution_version) >= LooseVersion("7"):
strategy_class = SystemdStrategy
else:
strategy_class = RedHatStrategy
class OracleLinuxHostname(Hostname):
platform = 'Linux'
distribution = 'Oracle linux server'
distribution_version = get_distribution_version()
if distribution_version and LooseVersion(distribution_version) >= LooseVersion("7"):
strategy_class = SystemdStrategy
else:
strategy_class = RedHatStrategy
class AmazonLinuxHostname(Hostname):
platform = 'Linux'
distribution = 'Amazon'
strategy_class = RedHatStrategy
class DebianHostname(Hostname):
platform = 'Linux'
distribution = 'Debian'
strategy_class = DebianStrategy
class KaliHostname(Hostname):
platform = 'Linux'
distribution = 'Kali'
strategy_class = DebianStrategy
class UbuntuHostname(Hostname):
platform = 'Linux'
distribution = 'Ubuntu'
strategy_class = DebianStrategy
class LinuxmintHostname(Hostname):
platform = 'Linux'
distribution = 'Linuxmint'
strategy_class = DebianStrategy
class LinaroHostname(Hostname):
platform = 'Linux'
distribution = 'Linaro'
strategy_class = DebianStrategy
class GentooHostname(Hostname):
platform = 'Linux'
distribution = 'Gentoo base system'
strategy_class = OpenRCStrategy
class ALTLinuxHostname(Hostname):
platform = 'Linux'
distribution = 'Altlinux'
strategy_class = RedHatStrategy
class OpenBSDHostname(Hostname):
platform = 'OpenBSD'
distribution = None
strategy_class = OpenBSDStrategy
class SolarisHostname(Hostname):
platform = 'SunOS'
distribution = None
strategy_class = SolarisStrategy
class FreeBSDHostname(Hostname):
platform = 'FreeBSD'
distribution = None
strategy_class = FreeBSDStrategy
# ===========================================
def main():
module = AnsibleModule(
argument_spec = dict(
name=dict(required=True, type='str')
)
)
hostname = Hostname(module)
changed = False
name = module.params['name']
current_name = hostname.get_current_hostname()
if current_name != name:
hostname.set_current_hostname(name)
changed = True
permanent_name = hostname.get_permanent_hostname()
if permanent_name != name:
hostname.set_permanent_hostname(name)
changed = True
module.exit_json(changed=changed, name=name,
ansible_facts=dict(ansible_hostname=name.split('.')[0],
ansible_nodename=name,
ansible_fqdn=socket.getfqdn(),
ansible_domain='.'.join(socket.getfqdn().split('.')[1:])))
main()
0707010019D088000081A40000000000000000000000015B32C86200005CDA000000FD0000000200000000000000000000004300000000ardana-osconfig-8.0+git.1530054754.b943409/library/iptables_update#!/usr/bin/python
# -*- coding: utf-8 -*-
#
# Copyright 2011 OpenStack Foundation.
#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017-2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
DOCUMENTATION = '''
---
module: iptables
short_description: A module for adding iptables rules.
'''
import contextlib
import errno
import fcntl
import hashlib
import logging
import logging.handlers
import os
import signal
import socket
import time
LOG = logging.getLogger(__name__)
ROOT_PREFIX = 'ardana-INPUT'
MAX_CHAIN_NAME_LEN = 28
MAX_COMMENT_LEN = 256
FILTER_TABLE_NAME = 'filter'
FILTER_LINE = '*filter'
COMMIT_LINE = 'COMMIT'
def main():
module = AnsibleModule(
argument_spec=dict(
enable=dict(required=False,
choices=BOOLEANS+['True', True,
'False', False],
default=True),
logging=dict(required=False,
choices=BOOLEANS+['True', True,
'False', False],
default=True),
rules=dict(type='dict', required=False, default=None),
ardana_chains=dict(type='list', default=[], required=False),
command=dict(required=False, default=None),
lock_path=dict(required=True),
lock_name=dict(required=True),
lock_timeout=dict(type='int', required=False, default=120),
synchronized_prefix=dict(required=False, default=None),
os_family=dict(required=True),
),
supports_check_mode=False
)
init_logging()
enable = module.boolean(module.params['enable'])
logging = module.boolean(module.params['logging'])
rules = module.params['rules']
chains = module.params['ardana_chains']
command = module.params['command']
lock_path = module.params['lock_path']
lock_name = module.params['lock_name']
lock_timeout = module.params['lock_timeout']
synchronized_prefix = module.params['synchronized_prefix']
if module.params['os_family'] == 'Debian':
persist_file_ip4 = '/etc/iptables/rules.v4'
persist_file_ip6 = '/etc/iptables/rules.v6'
else:
persist_file_ip4 = '/etc/sysconfig/iptables'
persist_file_ip6 = '/etc/sysconfig/ip6tables'
root_prefix = ROOT_PREFIX
new_cmds = []
new_cmds_ip6 = []
if rules and command:
msg = 'Cannot specify both rules and command'
module.fail_json(msg)
if rules:
LOG.info("Installing iptables/ip6tables filter rules")
# Pre-build the ip4 and ip6 rules we want to install
if enable:
create_root_chains(chains, root_prefix, new_cmds, new_cmds_ip6)
append_rules(module, rules, root_prefix, new_cmds, new_cmds_ip6)
append_default_rules(chains, root_prefix, logging, new_cmds,
new_cmds_ip6)
try:
with lock(lock_name, synchronized_prefix, lock_path, lock_timeout):
update_iptables_filters(module, root_prefix, new_cmds,
'iptables')
update_iptables_filters(module, root_prefix, new_cmds_ip6,
'ip6tables')
persist_iptables_filters(module, persist_file_ip4, new_cmds,
root_prefix)
persist_iptables_filters(module, persist_file_ip6, new_cmds_ip6,
root_prefix)
except Exception, e:
LOG.error("Installing iptables/ip6tables filter rules: Failed")
module.fail_json(msg='Exception: %s' % e)
else:
LOG.info("Installing iptables/ip6tables filter rules: Done")
module.exit_json(**dict(changed=True, enabled=enable,
firewall_rules=rules,
generated_rules=new_cmds))
elif command:
# given a command string such as, '-A INPUT...'
LOG.info("Executing iptables command '%s'", command)
try:
with lock(lock_name, synchronized_prefix, lock_path, lock_timeout):
rc, stdout, stderr = run_iptables_cmd(module, command)
except Exception, e:
LOG.error("Failed to execute iptables command")
module.fail_json(msg='Exception: %s' % e)
else:
changed = (rc == 0)
module.exit_json(command=command,
changed=changed,
stderr=stderr.rstrip("\r\n"),
stdout=stdout.rstrip("\r\n"),
rc=rc)
def get_chain_name_hashed(prefix, chain_name):
chain_name_hash = hashlib.md5(chain_name).hexdigest()
postfix_length = MAX_CHAIN_NAME_LEN - len(prefix + '-')
postfix = chain_name_hash[:postfix_length]
return prefix + '-' + postfix
def update_iptables_filters(module, root_prefix, cmds, cmd_prefix):
'''Read the current set of iptables, remove our previous rules,
insert the new set and push back to the system
'''
LOG.info("Updating active '%s' %s rules", root_prefix, cmd_prefix)
filter_rules = get_iptables_filter_rules(module, cmd_prefix)
filter_rules = purge_all_rules_using_prefix(module,
filter_rules,
root_prefix)
commit_idx = filter_rules.index(COMMIT_LINE)
filter_rules[commit_idx:commit_idx] = cmds
push_iptables_rules(module, filter_rules, cmd_prefix)
def get_iptables_filter_rules(module, cmd_prefix):
'''Return the active ip(6)tables filter rules as list of
strings, or default if none
'''
cmd = '%s-save -c -t %s' % (cmd_prefix, FILTER_TABLE_NAME)
rc, stdout, stderr = module.run_command(cmd)
if rc == 0:
return stdout.split('\n')
else:
return [FILTER_LINE,
COMMIT_LINE]
def push_iptables_rules(module, rules_list, cmd_prefix):
'''Push the ip(6)tables using ip(6)tables-restore, the update is atomic
'''
rules = '\n'.join(rules_list)
cmd = '%s-restore -c' % cmd_prefix
rc, stdout, stderr = module.run_command(cmd, data=rules)
if rc != 0:
LOG.error("cmd failed: %r, data: %r", (cmd, rules))
LOG.debug("rc: %r", rc)
LOG.debug("stdout: %r", stdout)
LOG.debug("stderr: %r", stderr)
module.fail_json(msg="cmd failed: %s\nstderr: %s\ndata: %s" %
(cmd, stderr, rules))
def purge_all_rules_using_prefix(module, rules_list, prefix):
'''Given a list of strings, return the subset of strings
that don't contain the supplied prefix
'''
return [rule for rule in rules_list if prefix not in rule]
def create_root_chains(chains, prefix, cmds, cmds_ip6):
''' Create the chain structure and plumb it into the
system INPUT chain.
The root chain has the name 'prefix'
Note: this takes advantage of the fact the specification
for the the ip6 chains is exactly the same as for ipv4
'''
cmds.append(':%s -' % prefix)
cmds.append('-A INPUT -j %s' % prefix)
# create each chain,
# link from the prefix-root chain,
for chain in chains:
chain_name = get_chain_name_hashed(prefix, chain['name'])
cmds.append(':%s -' % chain_name)
cmds.append('-A %s -i %s -j %s' %
(prefix, chain['interface'], chain_name))
# clone for ip6
cmds_ip6.extend(cmds)
def append_rules(module, rules, prefix, cmds, ip6_cmds):
''' Create the commands to populate the chain with the requested rules
'''
for address, firewall_rules in rules.iteritems():
try:
# Because the netaddr module is not available in ansible, use
# socket instead to determine the address protocol
if socket.inet_pton(socket.AF_INET6, address):
ip6_cmds.extend(process_rules(module, address,
firewall_rules, prefix, 'ipv6'))
except socket.error:
cmds.extend(process_rules(module, address, firewall_rules, prefix))
def append_default_rules(chains, prefix, logging, cmds, cmds_ip6):
''' Append the 'default' rules to the existing chain structures
- multicast accept - IP4 only
(todo: Needs to be service specified)
- related,established accept
- rate limited logging - optional
- drop
'''
for chain in chains:
chain_name = get_chain_name_hashed(prefix, chain['name'])
cmd = '-A %s -m pkttype --pkt-type multicast -j ACCEPT' % \
chain_name
cmds.append(cmd)
# Open ports needed for icmpv6 functionality
for port in [130, 131, 132, 135, 136]:
cmd = '-A %s -p icmpv6 --icmpv6-type %s -j ACCEPT' % (chain_name,
port)
cmds_ip6.append(cmd)
cmd = '-A %s -m state --state RELATED,ESTABLISHED -j ACCEPT' % \
chain_name
cmds.append(cmd)
cmds_ip6.append(cmd)
if logging:
cmd = '-A %s -m limit --limit 2/min -j LOG ' % chain_name
cmd += '--log-prefix "IPTables-Dropped: " --log-level 4'
cmds.append(cmd)
cmds_ip6.append(cmd)
cmd = '-A %s -j DROP' % chain_name
cmds.append(cmd)
cmds_ip6.append(cmd)
def process_rules(module, address, rules, prefix, family=None):
cmds = []
for rule in rules:
chain_name = get_chain_name_hashed(prefix, rule['chain'])
rtype = rule.get('type', 'allow')
protocol = rule.get('protocol', 'tcp')
if family and family == 'ipv6' and protocol == 'icmp':
protocol = 'icmpv6'
source = rule.get('remote-ip-prefix', None)
source_arg = _address_arg(source, 's')
dest_arg = _address_arg(address, 'd')
protocol_arg = _protocol_arg(protocol)
port_arg = _port_arg(rule, 'dport', protocol)
args = ['-A', chain_name]
args += source_arg + dest_arg + protocol_arg + port_arg
args += ['-m', 'comment', '--comment',
'"%s"' % rule['chain'][:MAX_COMMENT_LEN]]
if rtype.startswith('allow'):
args += ['-j', 'ACCEPT']
elif rtype == 'deny':
args += ['-j', 'DROP']
else:
LOG.error("rule.type not supported: %r", rule)
module.fail_json(msg="rule.type not supported: %s" % rule)
cmds.append(' '.join(args))
return cmds
def _address_arg(address, direction):
if address:
return ['-%s' % direction, address]
else:
return []
def _protocol_arg(protocol):
return ['-p', str(protocol)]
def _port_arg(rule, direction, protocol):
minPort = rule.get('port-range-min', None)
maxPort = rule.get('port-range-max', None)
# We don't do any input verification elsewhere, so we need to handle the
# odd cases here.
#
# If minPort and maxPort are None, return nothing and caller will
# open all ports for the protocol
#
# If minPort is None and maxPort is not None, reverse them, user error.
# We can't set them equal as that will break the ICMP code below
#
if minPort is None:
if maxPort is None:
return []
# Handle the case where someone has set max but not min, bad user!
minPort = maxPort
maxPort = None
if protocol in ['icmp', 'icmpv6']:
# minPort/maxPort represent icmp type/code when protocol is icmp or
# icmpv6. Since icmp code can be 0 we cannot use "if maxPort" here
if protocol == 'icmpv6' and minPort == '8':
#Make sure that the intended echo-request type is specified
minPort = 128
if maxPort is not None:
return ['--%s-type' % str(protocol), '%s/%s' % (minPort, maxPort)]
return ['--%s-type' % str(protocol), '%s' % minPort]
elif minPort == maxPort or maxPort is None:
return ['--%s' % direction, '%s' % minPort]
else:
return ['-m', 'multiport', '--%ss' % direction,
'%s:%s' % (minPort, maxPort)]
def run_iptables_cmd(module, command):
# As the command can be any arbitrary command and the address protocol
# is unknown, run for both iptables and ip6tables and report failure
# only if both fail.
checking = command.startswith("-C")
cmd = 'iptables ' + command
rcv4, stdoutv4, stderrv4 = module.run_command(cmd)
cmdipv6 = 'ip6tables ' + command
rcv6, stdoutv6, stderrv6 = module.run_command(cmdipv6)
if rcv4 != rcv6:
if rcv4 == 0:
# IPv4 command version succeeded, report that
return rcv4, stdoutv4, stderrv4
elif rcv6 == 0:
# IPv6 command version succeeded, report that
return rcv6, stdoutv6, stderrv6
if checking:
# Only checking to see if a rule/table/chain already
# exists. Need to handle special.
if (stderrv4.endswith("No chain/target/match by that name.\n")
or stderrv4.endswith("Chain already exists.\n")):
return rcv4, stdoutv4, stderrv4
else:
stderrv6 = stderrv6.replace("ip6tables","iptables")
return rcv6, stdoutv6, stderrv6
# if we have gotten this far, log errors before returning
if rcv4 != 0:
LOG.error("cmd failed: %r", cmd)
LOG.debug("rc: %r", rcv4)
LOG.debug("stdout: %r", stdoutv4)
LOG.debug("stderr: %r", stderrv4)
if rcv6 != 0:
LOG.error("cmd failed: %r", cmdipv6)
LOG.debug("rc: %r", rcv6)
LOG.debug("stdout: %r", stdoutv6)
LOG.debug("stderr: %r", stderrv6)
# Both commands resulted in the same rc, report IPv4 version for
# backwards compatibility in playbooks
return rcv4, stdoutv4, stderrv4
def persist_iptables_filters(module, persist_file, cmds, prefix):
'''Write our the new set of filter rules to the file specified.
'''
LOG.info("Updating persisted '%s' rules in %s", prefix, persist_file)
file_list = read_persisted_iptables_filters(module, persist_file)
update_persisted_iptables_filters(module, file_list, cmds, prefix)
write_persisted_iptables_filters(module, persist_file, file_list)
def read_persisted_iptables_filters(module, filename):
'''Return the content of the file specified as a list of strings
'''
file_contents = []
try:
with open(filename, 'r') as pfile:
file_contents = pfile.read().splitlines()
except:
# failure to open is OK, the file may not exist
pass
return file_contents
def write_persisted_iptables_filters(module, filename, content_list):
'''Write the content to the file specified.
This will raise an exception if the create fails
'''
lines = '\n'.join(content_list)
lines += '\n'
with open(filename, "w") as pfile:
pfile.write(lines)
def update_persisted_iptables_filters(module, persist_file, cmds, prefix):
'''Update the netfilter-persistent rules file with our new content.
'''
# assume we don't have a persisted set of filter rules
filter_idx = -1
filter_table = [FILTER_LINE,
':INPUT ACCEPT',
':FORWARD ACCEPT',
':OUTPUT ACCEPT',
COMMIT_LINE]
# if there is a '*filter' table in the file, use that
if FILTER_LINE in persist_file:
filter_idx = persist_file.index(FILTER_LINE)
commit_idx = (filter_idx +
persist_file[filter_idx:].index(COMMIT_LINE))
# copy/remove the filter table section
filter_table = persist_file[filter_idx:commit_idx+1]
persist_file[filter_idx:commit_idx+1] = []
# purge rules (and comment) matching the prefix from filter table
filter_table = purge_all_rules_using_prefix(module,
filter_table,
prefix)
# Insert our rules into the filter table before the COMMIT
commit_idx = filter_table.index(COMMIT_LINE)
filter_table[commit_idx:commit_idx] = cmds
# insert a comment after the *filter to track the edit
filter_table.insert(1, '# %s: filter section updated on %s' %
(prefix, time.ctime()))
# put the filter table back where we found it
persist_file[filter_idx:filter_idx] = filter_table
def init_logging():
syslog_handler = logging.handlers.SysLogHandler(address='/dev/log')
formatter = logging.Formatter('%(module)s: %(message)s')
syslog_handler.setFormatter(formatter)
LOG.addHandler(syslog_handler)
LOG.setLevel(logging.INFO)
# LOG.setLevel(logging.DEBUG) # comment out if not needed
# NOTE: This entire class can be removed if we have the fasteners
# module, see oslo.concurrency code for more information.
class InterProcessLock(object):
"""An interprocess locking implementation.
This is a lock implementation which allows multiple locks, working around
issues like http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=632857 and
does not require any cleanup. Since the lock is always held on a file
descriptor rather than outside of the process, the lock gets dropped
automatically if the process crashes, even if ``__exit__`` is not
executed.
There are no guarantees regarding usage by multiple threads in a
single process here. This lock works only between processes.
Note these locks are released when the descriptor is closed, so it's not
safe to close the file descriptor while another thread holds the
lock. Just opening and closing the lock file can break synchronization,
so lock files must be accessed only using this abstraction.
"""
def __init__(self, path, timeout):
self.lockfile = None
self.needlock = True
self.path = path
self.timeout = timeout
def _try_acquire(self):
# This method will set a timeout as trylock() will do a blocking
# lockf() call and we don't want to wait indefinitely.
class LockError(Exception):
pass
def handler(signum, frame):
raise LockError()
# set the timeout handler
signal.signal(signal.SIGALRM, handler)
signal.alarm(self.timeout)
try:
self.trylock()
except LockError:
msg = 'Unable to acquire lock on `%s` due to timeout' % self.path
raise LockError(msg)
except IOError as e:
msg = ('Unable to acquire lock on `%s` due to exception %s' %
(self.path, e))
raise LockError(msg)
finally:
signal.alarm(0)
def _do_open(self):
self._ensure_tree()
if not self.needlock:
return
# Open in append mode so we don't overwrite any potential contents of
# the target file. This eliminates the possibility of an attacker
# creating a symlink to an important file in our lock path.
if self.lockfile is None or self.lockfile.closed:
self.lockfile = open(self.path, 'a')
def acquire(self):
"""Attempt to acquire the given lock.
There are no re-attempts, errors will be raised!
:returns: whether or not the acquisition succeeded
:rtype bool
"""
self._do_open()
if not self.needlock:
return
self._try_acquire()
LOG.debug('Acquired file lock `%s`', self.path)
def _do_close(self):
if self.lockfile is not None:
self.lockfile.close()
self.lockfile = None
def __enter__(self):
self.acquire()
return self
def release(self):
if not self.needlock:
return
"""Release the previously acquired lock."""
try:
self.unlock()
except IOError:
LOG.exception("Could not unlock the acquired lock opened"
" on `%s`", self.path)
else:
self.acquired = False
try:
self._do_close()
except IOError:
LOG.exception("Could not close the file handle"
" opened on `%s`", self.path)
else:
LOG.debug("Unlocked and closed file lock open on"
" `%s`", self.path)
def __exit__(self, exc_type, exc_val, exc_tb):
self.release()
def trylock(self):
fcntl.lockf(self.lockfile, fcntl.LOCK_EX)
def unlock(self):
fcntl.lockf(self.lockfile, fcntl.LOCK_UN)
def _ensure_tree(self):
basedir = os.path.dirname(self.path)
# If the directory doesn't exist, we don't need a lock
if not os.path.exists(basedir):
LOG.debug("Directory `%s` does not exist, file lock not needed",
basedir)
self.needlock = False
return
"""Create a directory (and any ancestor directories required)"""
try:
os.makedirs(basedir)
except OSError as e:
if e.errno == errno.EEXIST:
if not os.path.isdir(basedir):
raise
elif e.errno != errno.EISDIR:
raise
def _get_lock_path(name, lock_file_prefix, lock_path):
# NOTE(mikal): the lock name cannot contain directory
# separators
name = name.replace(os.sep, '_')
sep = '' if lock_file_prefix.endswith('-') else '-'
name = '%s%s%s' % (lock_file_prefix, sep, name)
return os.path.join(lock_path, name)
def external_lock(name, lock_file_prefix, lock_path, lock_timeout):
lock_file_path = _get_lock_path(name, lock_file_prefix, lock_path)
return InterProcessLock(lock_file_path, lock_timeout)
@contextlib.contextmanager
def lock(name, lock_file_prefix, lock_path, lock_timeout, do_log=True):
"""Context based lock
This function yields an InterProcessLock instance.
:param lock_file_prefix: The lock_file_prefix argument is used to provide
lock files on disk with a meaningful prefix.
:param lock_path: The path in which to store external lock files. For
external locking to work properly, this must be the same for all
references to the lock.
:param do_log: Whether to log acquire/release messages. This is primarily
intended to reduce log message duplication when `lock` is used from the
`synchronized` decorator.
"""
if do_log:
LOG.debug('Acquiring "%(lock)s"', {'lock': name})
try:
ext_lock = external_lock(name, lock_file_prefix, lock_path,
lock_timeout)
ext_lock.acquire()
try:
yield ext_lock
finally:
ext_lock.release()
finally:
if do_log:
LOG.debug('Releasing lock "%(lock)s"', {'lock': name})
from ansible.module_utils.basic import *
if __name__ == '__main__':
main()
0707010019D084000081A40000000000000000000000015B32C862000040A9000000FD0000000200000000000000000000004600000000ardana-osconfig-8.0+git.1530054754.b943409/library/restart_networking#!/usr/bin/python
# -*- coding: utf-8 -*-
#
# (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017-2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
DOCUMENTATION = '''
---
module: restart_networking
short_description: A module for restarting Debian networking
options:
interfaces_path:
description:
- path of the directory where the interfaces configuration
- is stored.
required: true
shadow_path:
description:
- path of the directory where the shadow configuration
- is stored.
required: true
default: /etc/network/.shadow
force_restart:
description:
- Force a restart, regardless of differences
required: false
default: false
restart_ovs:
description:
- Should OpenVSwitch be restarted
required: false
default: false
management_pattern:
description:
- Unique string to search for in interfaces files to
- indicate that they are Ardana managed
required: false
default: None
routing_tables:
description:
- List of routing tables to create
required: true
routing_table_file:
- path of routing configuration file
required: true
routing_table_marker:
- marker string for managed routing tables
required: true
routing_table_id_start:
- starting number for managed routing tables
required: true
os_family:
- one of "Debian", "RedHat", or "Suse"
required: true
author:
'''
EXAMPLES = '''
- restart_networking: shadow_path=/etc/network/.shadow
interfaces_path=/etc/network/interfaces.d
restart_ovs=true
management_pattern="# Unique Comment marker"
routing_tables=["MANAGEMENT", "EXTERNAL-VM"]
routing_table_file=/etc/iproute2/rt_table
routing_table_marker="unique_marker"
routing_table_id_start=101
os_family="Debian"
'''
import logging
import logging.handlers
import os
import shutil
import filecmp
import time
import re
log = logging.getLogger(__name__)
system_files = {
'Suse': [
'config',
'dhcp',
'ifcfg-lo',
'ifcfg.template',
'if-up.d/SuSEfirewall2',
'routes',
'scripts/firewall',
'scripts/functions.rpm-utils',
'scripts/functions.netconfig',
'scripts/SuSEfirewall2',
]
}
def init_logging():
syslog_handler = logging.handlers.SysLogHandler(address='/dev/log')
formatter = logging.Formatter('%(module)s: %(message)s')
syslog_handler.setFormatter(formatter)
log.addHandler(syslog_handler)
log.setLevel(logging.INFO)
def main():
module = AnsibleModule(
argument_spec=dict(
interfaces_path=dict(required=True),
shadow_path=dict(required=True),
force_restart=dict(required=False,
choices=BOOLEANS+['True', True, 'False', False],
default=False),
restart_ovs=dict(required=False,
choices=BOOLEANS+['True', True, 'False', False],
default=False),
management_pattern=dict(required=False, default=None),
routing_tables=dict(type='list'),
routing_table_file=dict(required=True),
routing_table_marker=dict(required=True),
routing_table_id_start=dict(required=True, type='int'),
os_family=dict(required=True, choices=['Debian', 'RedHat', 'Suse'], type='str')
),
supports_check_mode=False
)
interfaces_path = module.params['interfaces_path']
shadow_path = module.params['shadow_path']
force_restart = module.boolean(module.params['force_restart'])
restart_ovs = module.boolean(module.params['restart_ovs'])
management_pattern = module.params['management_pattern']
routing_tables = module.params['routing_tables']
routing_table_file = module.params['routing_table_file']
routing_table_marker = module.params['routing_table_marker']
routing_table_id_start = module.params['routing_table_id_start']
os_family = module.params['os_family']
init_logging()
try:
if not os.path.isdir(shadow_path):
raise Exception('Shadow directory not found: %s' % shadow_path)
# Get the list of shadow and interface files and arrange accordingly
shadow_files = set(dir_scan(shadow_path))
interface_files = set(get_interfaces_files(module,
interfaces_path,
management_pattern))
missing_files = shadow_files - interface_files
extra_files = interface_files - shadow_files
common_files = shadow_files & interface_files
missing_files.update(compare_files(shadow_path,
interfaces_path,
common_files))
# For Debian we use a different filenaming format than 'standard'
# Linux, look for 'standard' files we are replacing
if os_family == 'Debian':
extra_files.update(find_legacy_files(shadow_files,
interfaces_path))
# avoid purging system files
if os_family in system_files:
extra_files -= set(system_files[os_family])
if len(missing_files) > 0 or len(extra_files) > 0:
# There are updates - we need to restart the network
force_restart = True
if not force_restart:
log.info("No network install or restart needed")
module.exit_json(**dict(changed=False, rc=0))
if os_family == 'Debian':
log.info("Update '%s' interfaces in "
"/etc/network/interfaces and %s",
management_pattern, interfaces_path)
else:
log.info("Update '%s' interfaces in %s",
management_pattern, interfaces_path)
# Check for DPDK NIC binding tasks - make sure the DPDK package
# is installed beforehand.
dpdk_drivers = {}
if os.path.exists("/usr/sbin/dpdk_nic_bind") and \
len(missing_files) > 0:
file_list = [os.path.join(shadow_path, file)
for file in missing_files]
rc, out, err = module.run_command("grep '^#DPDK=' %s" %
" ".join(file_list),
check_rc=False)
if rc == 0:
for line in out.split():
driver, pciaddr = re.sub('.*#DPDK=', '', line).split(',')
dpdk_drivers[pciaddr] = driver
flush_interfaces(module, os_family)
# 'networking start/stop' will ifdown/up all interfaces
# It will also cause the udev system to reload its config
network_stop(module, os_family)
if os_family == 'Debian':
clean_interfaces_file(shadow_files, module)
# Remove any additional (managed) files from the interfaces dir
for file in extra_files:
log.info('Removing interface definition file %s', file)
os.remove(os.path.join(interfaces_path, file))
# Install each of the files from the shadow path
for file in missing_files:
log.info('Installing interface definition file %s', file)
src_path = os.path.join(shadow_path, file)
dest_path = os.path.join(interfaces_path, file)
shutil.copy(src_path, dest_path)
shutil.copystat(src_path, dest_path)
# Do DPDK bindings where necessary
for addr in dpdk_drivers:
module.run_command("/usr/sbin/dpdk_nic_bind --bind=%s %s" %
(dpdk_drivers[addr], addr),
check_rc=True)
# Reload the udev device mappings
log.info('Trigger udev mapping of network devices')
module.run_command('udevadm control --reload', check_rc=True)
module.run_command('udevadm trigger --action=add --subsystem-match=net',
check_rc=True)
module.run_command('udevadm settle --timeout 60', check_rc=True)
# Reset the routing-tables
persist_route_tables(module, routing_table_file, routing_tables,
routing_table_marker, routing_table_id_start)
network_start(module, os_family)
if restart_ovs and os_family == 'Debian':
# bring up all ovs managed interfaces
log.info('Bring up openvswitch interfaces')
module.run_command('ifup --all --allow ovs --force --ignore-errors',
check_rc=True)
# Wait for network to settle and reconfigure before continuing
# Ideally we'd test the network state, but that's not trivial.
log.info('Wait for the network to settle')
time.sleep(20)
log.info('Network install and restart completed successfully')
except Exception, e:
module.fail_json(msg='Exception: %s' % e)
else:
module.exit_json(**dict(changed=True, rc=0))
def network_stop(module, os_family):
log.info('Stop networking services')
if os_family == 'Debian':
module.run_command('service networking stop', check_rc=True)
else:
module.run_command('systemctl stop network', check_rc=True)
def network_start(module, os_family):
log.info('Start networking services')
if os_family == 'Debian':
module.run_command('service networking start', check_rc=True)
else:
# This can appear to fail if we have udev mapped devices
# but ifcfg-... files exist for the previous interface names
module.run_command('systemctl start network', check_rc=False)
def compare_files(shadow_path, interfaces_path, files):
# Compare files in both locations and return a list of ones which
# are different
diffs = []
for file in files:
src_path = os.path.join(shadow_path, file)
dest_path = os.path.join(interfaces_path, file)
if not filecmp.cmp(src_path, dest_path):
diffs.append(file)
return diffs
def flush_interfaces(module, os_family):
# Retrieve active interfaces
interfaces = get_interfaces(module, os_family)
for interface in interfaces:
if interface.strip() == 'lo':
continue
log.info('Flushing interface by bring down interface <%s>', interface)
if os_family == 'Debian':
module.run_command('timeout -s KILL 60 ifdown --force --ignore-errors %s'
% interface, check_rc=False)
else:
module.run_command('timeout -s KILL 60 ifdown %s' % interface,
check_rc=False)
# for now also do an 'ifconfig down' on the interface since
# just an ifdown isn't reliable
module.run_command('timeout -s KILL 60 ifconfig %s down' % interface,
check_rc=False)
module.run_command('ip addr flush dev %s' % interface, check_rc=False)
def get_interfaces(module, os_family):
# Retrieve active interfaces
interfaces = []
if os_family == 'Debian':
rc, stdout, stderr = module.run_command('ifquery --state',
check_rc=False)
interfaces.extend(stdout.split())
else:
rc, stdout, stderr = module.run_command('ip link show',
check_rc=False)
lines = stdout.splitlines()
# look for 2nd word in lines that start like this
# "2: eth0: <NO-CARRIER..."
for line in lines:
word = line.split(':')
if word[0].isdigit():
interfaces.append(word[1])
return interfaces
def find_legacy_files(shadow_files, interfaces_path):
# Delete any files for interfaces that are 'newly' managed by Ardana
legacy_files = []
for interface_name in get_interface_names(shadow_files):
if os.path.exists(os.path.join(interfaces_path, interface_name)):
legacy_files.append(interface_name)
return legacy_files
def clean_interfaces_file(shadow_files, module):
# Remove any configuration stanzas in the /etc/network/interfaces
# file which match interfaces to be managed and whose stanzas start
# with 'auto' or 'iface'. This will remove the stanza to the first
# 'blank' line.
for ardana_interface_name in get_interface_names(shadow_files):
module.run_command("sed -e '/auto %s/,/^$/d' -i /etc/network/interfaces"
% ardana_interface_name, check_rc=True)
module.run_command("sed -e '/iface %s/,/^$/d' -i /etc/network/interfaces"
% ardana_interface_name, check_rc=True)
def get_interface_names(shadow_files):
interface_names = []
for config_file in shadow_files:
# Strip the first 3 characters off the file name
name = config_file.partition('-')[2]
interface_names.append(name)
return interface_names
def get_interfaces_files(module, interfaces_path, management_pattern=None):
# Get the list of managed files in the interfaces directory
files = dir_scan(interfaces_path)
if not management_pattern:
return files
def matches_pattern(file):
rc, out, err = module.run_command("grep -s '^%(ardana)s' %(location)s" % {
'ardana':management_pattern,
'location':os.path.join(interfaces_path, file)},
check_rc=False)
return rc == 0
return filter(matches_pattern, files)
def dir_scan(root_path, dir_path=''):
# Scan the named directory looking for files. Return an array of
# relative paths (to root_path).
files = []
for file in os.listdir(os.path.join(root_path, dir_path)):
rel_path = os.path.join(dir_path, file)
if os.path.isdir(os.path.join(root_path, rel_path)):
files += dir_scan(root_path, rel_path)
else:
files.append(rel_path)
return files
def persist_route_tables(module, persist_file, tables, marker, start_id):
'''Write the set of route-table specifications to the file specified.
Note: that we do not explicitly flush the current set of route
tables here as the stopping of each interface will have
explicitly removed the rules added
'''
log.info("Updating '%s' route-tables in %s", marker, persist_file)
file_list = read_config_file(module, persist_file)
update_route_tables(module, file_list, tables, marker, start_id)
write_config_file(module, persist_file, file_list)
def read_config_file(module, filename):
'''Return the content of the file specified as a list of strings
'''
file_contents = []
try:
with open(filename, 'r') as pfile:
file_contents = pfile.read().splitlines()
except:
# failure to open is OK, the file may not exist
pass
return file_contents
def write_config_file(module, filename, content_list):
'''Write the content to the file specified.
This will raise an exception if the create fails
'''
lines = '\n'.join(content_list)
lines += '\n'
with open(filename, "w") as pfile:
pfile.write(lines)
def update_route_tables(module, content_list, tables, marker, start_id):
'''Update the route-table specifications with our new content.
'''
# purge previous route-tables (and comment) matching the marker
content_list[:] = (line for line in content_list if marker not in line)
# insert a comment to track the edit
content_list.append('#%s: route-tables updated on %s' %
(marker, time.ctime()))
id = start_id
for table in tables:
content_list.append("%d %s #%s" % (id, table, marker))
id += 1
# import module snippets
from ansible.module_utils.basic import *
if __name__ == '__main__':
main()
0707010019D085000081A40000000000000000000000015B32C86200000EC8000000FD0000000200000000000000000000004D00000000ardana-osconfig-8.0+git.1530054754.b943409/library/update_mlx4_udev_rules.py#!/usr/bin/python
#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
DOCUMENTATION = '''
---
module: update_mlx4_udev_rules
short_description: Updates the udev rules for mellanox cards on Ardana upgrade
description:
- Reads the existing rules
- Generates a new file in correct format if its a mellanox card
options:
in_file:
description:
- The input file, the existing rules.
required: True
out_file:
description:
- The output file containing the new generated rules.
required: True
'''
EXAMPLES = '''
- update_mlx4_udev_rules:
inFile: "/etc/udev/rules.d/70-persistent-net.rules"
outFile: "/etc/udev/rules.d/80-openstack-preserve_eth_names.rules"
'''
import json
import os
def update_udev_rules(module,in_file, out_file):
in_lines = read_udev_file(module, in_file)
if not ("(mlx4_core)" in ''.join(in_lines)):
module.exit_json(**dict(changed=False, rc=0))
first_line = in_lines[0]
in_warning_line = "# ARDANA-MANAGED - mlx4_core rules will be in 80-openstack-preserve_eth_names.rules\n"
if in_warning_line not in ''.join(in_lines):
in_lines[0] = in_warning_line + first_line
write_udev_file(module, in_file, in_lines)
else:
pass
out_lines = ""
out_warning_line = "# ARDANA-MANAGED - Managed by Ardana - Do not edit\n\n"
out_lines += out_warning_line
for i, line in enumerate(in_lines):
if "(mlx4_core)" in line:
out_lines += ''.join(line)
temp_line = in_lines[i+1]
temp_line = temp_line.replace('dev_id', 'dev_port')
temp_line = temp_line.split(',')
for j, item in enumerate(temp_line):
if "ATTR{dev_port}" in item:
temp = temp_line[j].split('==')
temp[1] = int(temp[1].strip('"'), 16)
temp[1] = '"%s"' % temp[1]
string = "==".join(temp)
temp_line[j] = string
in_lines[i+1] = ','.join(temp_line)
out_lines += in_lines[i+1]+'\n'
else:
continue
write_udev_file(module, out_file, out_lines)
def read_udev_file(module, filename):
file_contents = ""
try:
with open(filename, 'r') as pfile:
file_contents = pfile.readlines()
except:
error_msg = 'Error: Cannot open %s' % (filename)
module.fail_json(msg=error_msg)
return file_contents
def write_udev_file(module, filename, content):
lines = ''.join(content)
try:
with open(filename, "w") as pfile:
pfile.write(lines)
except:
error_msg = 'Error: Cannot open %s' % (filename)
module.fail_json(msg=error_msg)
def main():
module = AnsibleModule(
argument_spec = dict(
inFile=dict(required=True),
outFile=dict(required=True)
))
in_file = module.params['inFile']
out_file = module.params['outFile']
update_udev_rules(module, in_file, out_file)
changed = (os.path.exists(out_file))
result = dict(changed=changed, rc=0)
module.exit_json(**result)
from ansible.module_utils.basic import *
main()
0707010019D087000081A40000000000000000000000015B32C86200004C42000000FD0000000200000000000000000000003C00000000ardana-osconfig-8.0+git.1530054754.b943409/library/wait_for#!/usr/bin/python
# -*- coding: utf-8 -*-
# (c) 2012, Jeroen Hoekx <jeroen@hoekx.be>
#
# This file is part of Ansible
#
# Ansible is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# Ansible is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
import binascii
import datetime
import math
import re
import select
import socket
import sys
import time
HAS_PSUTIL = False
try:
import psutil
HAS_PSUTIL = True
# just because we can import it on Linux doesn't mean we will use it
except ImportError:
pass
DOCUMENTATION = '''
---
module: wait_for
short_description: Waits for a condition before continuing.
description:
- You can wait for a set amount of time C(timeout), this is the default if nothing is specified.
- Waiting for a port to become available is useful for when services
are not immediately available after their init scripts return
which is true of certain Java application servers. It is also
useful when starting guests with the M(virt) module and
needing to pause until they are ready.
- This module can also be used to wait for a regex match a string to be present in a file.
- In 1.6 and later, this module can also be used to wait for a file to be available or
absent on the filesystem.
- In 1.8 and later, this module can also be used to wait for active
connections to be closed before continuing, useful if a node
is being rotated out of a load balancer pool.
version_added: "0.7"
options:
host:
description:
- A resolvable hostname or IP address to wait for
required: false
default: "127.0.0.1"
timeout:
description:
- maximum number of seconds to wait for
required: false
default: 300
connect_timeout:
description:
- maximum number of seconds to wait for a connection to happen before closing and retrying
required: false
default: 5
delay:
description:
- number of seconds to wait before starting to poll
required: false
default: 0
port:
description:
- port number to poll
required: false
state:
description:
- either C(present), C(started), or C(stopped), C(absent), or C(drained)
- When checking a port C(started) will ensure the port is open, C(stopped) will check that it is closed, C(drained) will check for active connections
- When checking for a file or a search string C(present) or C(started) will ensure that the file or string is present before continuing, C(absent) will check that file is absent or removed
choices: [ "present", "started", "stopped", "absent", "drained" ]
default: "started"
path:
version_added: "1.4"
required: false
description:
- path to a file on the filesytem that must exist before continuing
search_regex:
version_added: "1.4"
required: false
description:
- Can be used to match a string in either a file or a socket connection. Defaults to a multiline regex.
exclude_hosts:
version_added: "1.8"
required: false
description:
- list of hosts or IPs to ignore when looking for active TCP connections for C(drained) state
notes:
- The ability to use search_regex with a port connection was added in 1.7.
requirements: []
author:
- "Jeroen Hoekx (@jhoekx)"
- "John Jarvis (@jarv)"
- "Andrii Radyk (@AnderEnder)"
'''
EXAMPLES = '''
# wait 300 seconds for port 8000 to become open on the host, don't start checking for 10 seconds
- wait_for: port=8000 delay=10
# wait 300 seconds for port 8000 of any IP to close active connections, don't start checking for 10 seconds
- wait_for: host=0.0.0.0 port=8000 delay=10 state=drained
# wait 300 seconds for port 8000 of any IP to close active connections, ignoring connections for specified hosts
- wait_for: host=0.0.0.0 port=8000 state=drained exclude_hosts=10.2.1.2,10.2.1.3
# wait until the file /tmp/foo is present before continuing
- wait_for: path=/tmp/foo
# wait until the string "completed" is in the file /tmp/foo before continuing
- wait_for: path=/tmp/foo search_regex=completed
# wait until the lock file is removed
- wait_for: path=/var/lock/file.lock state=absent
# wait until the process is finished and pid was destroyed
- wait_for: path=/proc/3466/status state=absent
# wait 300 seconds for port 22 to become open and contain "OpenSSH", don't assume the inventory_hostname is resolvable
# and don't start checking for 10 seconds
- local_action: wait_for port=22 host="{{ ansible_ssh_host | default(inventory_hostname) }}" search_regex=OpenSSH delay=10
'''
class TCPConnectionInfo(object):
"""
This is a generic TCP Connection Info strategy class that relies
on the psutil module, which is not ideal for targets, but necessary
for cross platform support.
A subclass may wish to override some or all of these methods.
- _get_exclude_ips()
- get_active_connections()
All subclasses MUST define platform and distribution (which may be None).
"""
platform = 'Generic'
distribution = None
match_all_ips = {
socket.AF_INET: '0.0.0.0',
socket.AF_INET6: '::',
}
connection_states = {
'01': 'ESTABLISHED',
'02': 'SYN_SENT',
'03': 'SYN_RECV',
'04': 'FIN_WAIT1',
'05': 'FIN_WAIT2',
'06': 'TIME_WAIT',
}
def __new__(cls, *args, **kwargs):
return load_platform_subclass(TCPConnectionInfo, args, kwargs)
def __init__(self, module):
self.module = module
(self.family, self.ip) = _convert_host_to_ip(self.module.params['host'])
self.port = int(self.module.params['port'])
self.exclude_ips = self._get_exclude_ips()
if not HAS_PSUTIL:
module.fail_json(msg="psutil module required for wait_for")
def _get_exclude_ips(self):
if self.module.params['exclude_hosts'] is None:
return []
exclude_hosts = self.module.params['exclude_hosts']
return [ _convert_host_to_hex(h)[1] for h in exclude_hosts ]
def get_active_connections_count(self):
active_connections = 0
for p in psutil.process_iter():
connections = p.get_connections(kind='inet')
for conn in connections:
if conn.status not in self.connection_states.values():
continue
(local_ip, local_port) = conn.local_address
if self.port == local_port and self.ip in [self.match_all_ips[self.family], local_ip]:
(remote_ip, remote_port) = conn.remote_address
if remote_ip not in self.exclude_ips:
active_connections += 1
return active_connections
# ===========================================
# Subclass: Linux
class LinuxTCPConnectionInfo(TCPConnectionInfo):
"""
This is a TCP Connection Info evaluation strategy class
that utilizes information from Linux's procfs. While less universal,
does allow Linux targets to not require an additional library.
"""
platform = 'Linux'
distribution = None
source_file = {
socket.AF_INET: '/proc/net/tcp',
socket.AF_INET6: '/proc/net/tcp6'
}
match_all_ips = {
socket.AF_INET: '00000000',
socket.AF_INET6: '00000000000000000000000000000000',
}
local_address_field = 1
remote_address_field = 2
connection_state_field = 3
def __init__(self, module):
self.module = module
(self.family, self.ip) = _convert_host_to_hex(module.params['host'])
self.port = "%0.4X" % int(module.params['port'])
self.exclude_ips = self._get_exclude_ips()
def _get_exclude_ips(self):
if self.module.params['exclude_hosts'] is None:
return []
exclude_hosts = self.module.params['exclude_hosts']
return [ _convert_host_to_hex(h) for h in exclude_hosts ]
def get_active_connections_count(self):
active_connections = 0
f = open(self.source_file[self.family])
for tcp_connection in f.readlines():
tcp_connection = tcp_connection.strip().split()
if tcp_connection[self.local_address_field] == 'local_address':
continue
if tcp_connection[self.connection_state_field] not in self.connection_states:
continue
(local_ip, local_port) = tcp_connection[self.local_address_field].split(':')
if self.port == local_port and self.ip in [self.match_all_ips[self.family], local_ip]:
(remote_ip, remote_port) = tcp_connection[self.remote_address_field].split(':')
if remote_ip not in self.exclude_ips:
active_connections += 1
f.close()
return active_connections
def _convert_host_to_ip(host):
"""
Perform forward DNS resolution on host, IP will give the same IP
Args:
host: String with either hostname, IPv4, or IPv6 address
Returns:
Tuple containing address family and IP
"""
addrinfo = socket.getaddrinfo(host, 80, 0, 0, socket.SOL_TCP)[0]
return (addrinfo[0], addrinfo[4][0])
def _convert_host_to_hex(host):
"""
Convert the provided host to the format in /proc/net/tcp*
/proc/net/tcp uses little-endian four byte hex for ipv4
/proc/net/tcp6 uses little-endian per 4B word for ipv6
Args:
host: String with either hostname, IPv4, or IPv6 address
Returns:
Tuple containing address family and the little-endian converted host
"""
(family, ip) = _convert_host_to_ip(host)
hexed = binascii.hexlify(socket.inet_pton(family, ip)).upper()
if family == socket.AF_INET:
hexed = _little_endian_convert_32bit(hexed)
elif family == socket.AF_INET6:
# xrange loops through each 8 character (4B) set in the 128bit total
hexed = "".join([ _little_endian_convert_32bit(hexed[x:x+8]) for x in xrange(0, 32, 8) ])
return (family, hexed)
def _little_endian_convert_32bit(block):
"""
Convert to little-endian, effectively transposing
the order of the four byte word
12345678 -> 78563412
Args:
block: String containing a 4 byte hex representation
Returns:
String containing the little-endian converted block
"""
# xrange starts at 6, and increments by -2 until it reaches -2
# which lets us start at the end of the string block and work to the begining
return "".join([ block[x:x+2] for x in xrange(6, -2, -2) ])
def _create_connection( (host, port), connect_timeout):
"""
Connect to a 2-tuple (host, port) and return
the socket object.
Args:
2-tuple (host, port) and connection timeout
Returns:
Socket object
"""
if sys.version_info < (2, 6):
(family, _) = _convert_host_to_ip(host)
connect_socket = socket.socket(family, socket.SOCK_STREAM)
connect_socket.settimeout(connect_timeout)
connect_socket.connect( (host, port) )
else:
connect_socket = socket.create_connection( (host, port), connect_timeout)
return connect_socket
def _timedelta_total_seconds(timedelta):
return (
timedelta.microseconds + 0.0 +
(timedelta.seconds + timedelta.days * 24 * 3600) * 10 ** 6) / 10 ** 6
def main():
module = AnsibleModule(
argument_spec = dict(
host=dict(default='127.0.0.1'),
timeout=dict(default=300),
connect_timeout=dict(default=5),
delay=dict(default=0),
port=dict(default=None),
path=dict(default=None),
search_regex=dict(default=None),
state=dict(default='started', choices=['started', 'stopped', 'present', 'absent', 'drained']),
exclude_hosts=dict(default=None, type='list')
),
)
params = module.params
host = params['host']
timeout = int(params['timeout'])
connect_timeout = int(params['connect_timeout'])
delay = int(params['delay'])
if params['port']:
port = int(params['port'])
else:
port = None
state = params['state']
path = params['path']
search_regex = params['search_regex']
if search_regex is not None:
compiled_search_re = re.compile(search_regex, re.MULTILINE)
else:
compiled_search_re = None
if port and path:
module.fail_json(msg="port and path parameter can not both be passed to wait_for")
if path and state == 'stopped':
module.fail_json(msg="state=stopped should only be used for checking a port in the wait_for module")
if path and state == 'drained':
module.fail_json(msg="state=drained should only be used for checking a port in the wait_for module")
if params['exclude_hosts'] is not None and state != 'drained':
module.fail_json(msg="exclude_hosts should only be with state=drained")
start = datetime.datetime.now()
if delay:
time.sleep(delay)
if not port and not path and state != 'drained':
time.sleep(timeout)
elif state in [ 'stopped', 'absent' ]:
### first wait for the stop condition
end = start + datetime.timedelta(seconds=timeout)
while datetime.datetime.now() < end:
if path:
try:
f = open(path)
f.close()
time.sleep(1)
pass
except IOError:
break
elif port:
try:
s = _create_connection( (host, port), connect_timeout)
s.shutdown(socket.SHUT_RDWR)
s.close()
time.sleep(1)
except:
break
else:
time.sleep(1)
else:
elapsed = datetime.datetime.now() - start
if port:
module.fail_json(msg="Timeout when waiting for %s:%s to stop." % (host, port), elapsed=elapsed.seconds)
elif path:
module.fail_json(msg="Timeout when waiting for %s to be absent." % (path), elapsed=elapsed.seconds)
elif state in ['started', 'present']:
### wait for start condition
end = start + datetime.timedelta(seconds=timeout)
while datetime.datetime.now() < end:
if path:
try:
os.stat(path)
except OSError, e:
# If anything except file not present, throw an error
if e.errno != 2:
elapsed = datetime.datetime.now() - start
module.fail_json(msg="Failed to stat %s, %s" % (path, e.strerror), elapsed=elapsed.seconds)
# file doesn't exist yet, so continue
else:
# File exists. Are there additional things to check?
if not compiled_search_re:
# nope, succeed!
break
try:
f = open(path)
try:
if re.search(compiled_search_re, f.read()):
# String found, success!
break
finally:
f.close()
except IOError:
pass
elif port:
alt_connect_timeout = math.ceil(_timedelta_total_seconds(end - datetime.datetime.now()))
try:
s = _create_connection((host, port), min(connect_timeout, alt_connect_timeout))
except:
# Failed to connect by connect_timeout. wait and try again
pass
else:
# Connected -- are there additional conditions?
if compiled_search_re:
data = ''
matched = False
while datetime.datetime.now() < end:
max_timeout = math.ceil(_timedelta_total_seconds(end - datetime.datetime.now()))
(readable, w, e) = select.select([s], [], [], max_timeout)
if not readable:
# No new data. Probably means our timeout
# expired
continue
response = s.recv(1024)
if not response:
# Server shutdown
break
data += response
if re.search(compiled_search_re, data):
matched = True
break
# Shutdown the client socket
s.shutdown(socket.SHUT_RDWR)
s.close()
if matched:
# Found our string, success!
break
else:
# Connection established, success!
s.shutdown(socket.SHUT_RDWR)
s.close()
break
# Conditions not yet met, wait and try again
time.sleep(1)
else: # while-else
# Timeout expired
elapsed = datetime.datetime.now() - start
if port:
if search_regex:
module.fail_json(msg="Timeout when waiting for search string %s in %s:%s" % (search_regex, host, port), elapsed=elapsed.seconds)
else:
module.fail_json(msg="Timeout when waiting for %s:%s" % (host, port), elapsed=elapsed.seconds)
elif path:
if search_regex:
module.fail_json(msg="Timeout when waiting for search string %s in %s" % (search_regex, path), elapsed=elapsed.seconds)
else:
module.fail_json(msg="Timeout when waiting for file %s" % (path), elapsed=elapsed.seconds)
elif state == 'drained':
### wait until all active connections are gone
end = start + datetime.timedelta(seconds=timeout)
tcpconns = TCPConnectionInfo(module)
while datetime.datetime.now() < end:
try:
if tcpconns.get_active_connections_count() == 0:
break
except IOError:
pass
time.sleep(1)
else:
elapsed = datetime.datetime.now() - start
module.fail_json(msg="Timeout when waiting for %s:%s to drain" % (host, port), elapsed=elapsed.seconds)
elapsed = datetime.datetime.now() - start
module.exit_json(state=state, port=port, search_regex=search_regex, path=path, elapsed=elapsed.seconds)
# import module snippets
from ansible.module_utils.basic import *
if __name__ == '__main__':
main()
0707010019D082000081A40000000000000000000000015B32C86200000FA3000000FD0000000200000000000000000000003D00000000ardana-osconfig-8.0+git.1530054754.b943409/library/wipe_disk#!/usr/bin/python
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
DOCUMENTATION = '''
---
module: wipe_disk
short_description: A module for wiping all sd* disks excluding sda
options:
devices:
description:
- an ansible list of the drives to be wiped
required: true
author:
'''
import os
import glob
from ansible.module_utils.basic import *
class Wiper(object):
def __init__(self, module):
self.module = module
self.stdout = []
def log(self, line):
self.stdout.append(line)
def wipedisks(self, partitions):
ordered_partitions = list(reversed(sorted(partitions)))
for partition_name in ordered_partitions:
if "mpath" in partition_name:
wipe_path = "/dev/mapper/" + partition_name
else:
wipe_path = "/dev/" + partition_name
self.wipedisk(wipe_path)
self.cleanuplvm()
self.flush()
self.probepartitions()
return
def wipedisk(self, partition_name):
self.log(">>> clearing GPT(MBR) beginning of " + partition_name)
command = "sudo dd if=/dev/zero of=" + partition_name
arguments = " bs=1048576 count=1000"
command = command + arguments
os.system(command)
self.log(">>> clearing GPT(MBR) end of " + partition_name)
command = "sudo blockdev --getsz " + partition_name
dsize = os.popen(command).read()
dsize = dsize.replace("\n", "")
self.log(">>> device size = %s blocks" % dsize)
seek_value = int(dsize)*512/1048576 - 1000
command = "sudo dd if=/dev/zero of=" + partition_name
arguments = " bs=1048576 count=1000 seek=" + str(seek_value)
oflag = " oflag=direct"
command = command + arguments + oflag
os.system(command)
if any(char.isdigit() for char in partition_name) is False:
self.log(">>> zapping partitions of " + partition_name)
command = "sudo sgdisk --zap-all -- " + partition_name
os.system(command)
return
def cleanuplvm(self):
# There could have been stale lvm vols instantiated
# remove those not in use
devs = glob.glob('/dev/dm*')
for dev in devs:
command = "sudo dmsetup remove %s" % (dev)
os.system(command)
# Remove any lingering multipath devs
if os.path.exists("/sbin/multipath"):
command = "sudo /sbin/multipath -F"
os.system(command)
command = "sudo /sbin/multipath"
os.system(command)
return
def probepartitions(self):
self.log(">>> probing partition tables")
command = "sudo /sbin/partprobe -s"
out = os.popen(command).read()
for line in out.rstrip().split("\n"):
self.log(line)
def flush(self):
command = "echo 3 | sudo tee /proc/sys/vm/drop_caches > /dev/null"
os.system(command)
def main():
module = AnsibleModule(
argument_spec=dict(
drives=dict(required=True),
)
)
try:
partitions = module.params["drives"]
wipe = Wiper(module)
wipe.wipedisks(partitions)
msg = '\n'.join(wipe.stdout).rstrip("\r\n")
except Exception as e:
module.fail_json(msg='Exception: %s' % e)
else:
module.exit_json(stdout=msg, changed=(msg != ""))
main()
0707010019D086000081A40000000000000000000000015B32C862000015A2000000FD0000000200000000000000000000005000000000ardana-osconfig-8.0+git.1530054754.b943409/library/zypper_check_repositories.py#!/usr/bin/python
#
# (c) Copyright 2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
DOCUMENTATION = '''
---
module: zypper_check_repositories
short_description: Compare installed zypper repositories to required repos
description: |
Check the zypper repositories installed on the system and compare them with
a dictionary that describes the metadata of required repositories. Fails if
all required repositories are not installed on the system.
author: SUSE Linux GmbH
options:
expected_repodata:
description: Dictionary describing the repomd of required repositories.
default: {}
'''
EXAMPLES = '''
- set_fact:
expected_repodata:
cloud:
name: "Cloud"
repomd:
tags:
- "obsproduct://build.suse.de/SUSE:SLE-12-SP3:Update:Products:Cloud8/suse-openstack-cloud/8/cd/x86_64"
- "obsproduct://build.suse.de/Devel:Cloud:8:Staging/suse-openstack-cloud/8/POOL/x86_64"
- name: osconfig | setup-zypp | Check that SLES and Cloud repos are installed
zypper_check_repositories:
expected_repodata: expected_repodata
brand: "SUSE OpenStack Cloud"
'''
import glob
import re
import os
import urllib2
from xml.etree import ElementTree
try:
import urlparse # python2
except ModuleNotFoundError:
import urllib.parse as urlparse # python3
from ansible.module_utils.urls import * # Provides the open_url method
def _required_tags(expected_repodata, brand):
tags = {repo['name']: repo['repomd']['tags']
for repo in expected_repodata.values()
if 'brand' not in repo or repo['brand'] == brand}
return tags
def _repomd_sources():
repomd_sources = []
for repo in glob.glob('/etc/zypp/repos.d/*.repo'):
with open(repo) as f:
baseurl = [line.split('=')[1].strip() for line in f.readlines()
if re.search(r'^baseurl=.*$', line)][0]
url_parts = urlparse.urlparse(baseurl)
if url_parts.scheme not in ('http', 'https', 'file', 'dir'):
# NOTE(colleen): There are many posible URI formats that zypper
# could potentially be using as a repository source. We don't
# support them all right now.
# See: https://en.opensuse.org/openSUSE:Libzypp_URIs
continue
repomd_source = url_parts._replace(
path=urlparse.urljoin(
url_parts.path + '/', 'repodata/repomd.xml')).geturl()
repomd_sources.append(repomd_source)
return repomd_sources
def _fetch_url(url):
resp = open_url(url)
if resp.code and resp.code != 200:
raise Exception("Could not reach remote repository: %s" % url)
return resp
def _fetch_repomd(repo_uri):
url = re.sub(r'^dir:', 'file:', repo_uri)
try:
repomd = _fetch_url(url).read()
except urllib2.URLError:
# ISO media might be under suse/
url = url.replace('repodata', 'suse/repodata')
try:
repomd = _fetch_url(url).read()
except urllib2.URLError:
# This is not a repomd-format repo, move on
return
return repomd
def _find_repotags():
found_repotags = {}
repomd_sources = _repomd_sources()
for repomd_source in repomd_sources:
repomd = _fetch_repomd(repomd_source)
if not repomd:
continue
xmlns = {'repo': 'http://linux.duke.edu/metadata/repo'}
try:
xmlroot = ElementTree.fromstring(repomd)
taglist = xmlroot.findall('repo:tags', xmlns)
for repotag in taglist:
repos = repotag.findall('repo:repo', xmlns)
for r in repos:
found_repotags[r.text] = 1
except Exception as e:
raise Exception("Could not understand repo metadata located at "
"%s: %s" % (repomd_source, e.message))
return found_repotags
def run(expected_repodata, brand):
found_repotags = _find_repotags()
unfound_repos = []
for name, tags in _required_tags(expected_repodata, brand).items():
found_tag = False
for tag in tags:
if tag in found_repotags:
found_tag = True
if not found_tag:
unfound_repos.append(name)
if any(unfound_repos):
raise Exception("Missing required repositories: %s" % ', '.join(
unfound_repos))
def main():
argument_spec = dict(
expected_repodata=dict(default=dict()),
brand=dict(type='str', required=True),
)
module = AnsibleModule(argument_spec=argument_spec,
supports_check_mode=False)
params = module.params
try:
run(params['expected_repodata'], params['brand'])
except Exception as e:
module.fail_json(msg=e.message)
module.exit_json(rc=0, changed=False,
msg="All required repositories are installed.")
from ansible.module_utils.basic import *
if __name__ == '__main__':
main()
0707010019D089000081A40000000000000000000000015B32C86200000694000000FD0000000200000000000000000000004800000000ardana-osconfig-8.0+git.1530054754.b943409/network_interface-deploy.yml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
#
# Playbook to install network tools and configure networking.
# Deployer nodes are configured first
---
- include: pbstart.yml
vars:
playbook_name: "network_interface-deploy.yml"
- hosts: "{{ osconfig_resources | default('resources') }}"
roles:
- network_interface
- osconfig-network-pci
tasks:
- include: roles/osconfig-network-pci/tasks/install.yml
- include: roles/network_interface/tasks/install.yml
- hosts: "{{ osconfig_resources | default('resources') }}:&OPS-LM"
roles:
- network_interface
- osconfig-network-pci
serial: 1
tasks:
- include: roles/osconfig-network-pci/tasks/configure.yml
- include: roles/network_interface/tasks/configure.yml
- hosts: "{{ osconfig_resources | default('resources') }}:!OPS-LM"
roles:
- network_interface
- osconfig-network-pci
tasks:
- include: roles/osconfig-network-pci/tasks/configure.yml
- include: roles/network_interface/tasks/configure.yml
- include: pbfinish.yml
vars:
playbook_name: "network_interface-deploy.yml"
0707010019CF45000081A40000000000000000000000015B32C862000009FA000000FD0000000200000000000000000000004D00000000ardana-osconfig-8.0+git.1530054754.b943409/network_interface-reconfigure.yml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# Playbook to reconfigure networking and inform
# services of network restart
---
# Serialise deployer and hosts with keepalived
- hosts: "OPS-LM:FND-CLU:&{{ osconfig_resources | default('resources') }}"
roles:
- network_interface
- osconfig-network-pci
serial: 1
tasks:
# Try to move the VIP to another agent before we restart the network
# TODO: if we could tell a network restart was really going to happen
# we could make this conditional.
- include: roles/network_interface/tasks/keepalived-force-restart.yml
when: ('FND-CLU' in group.services)
# Reconfigure virtual functions
- include: roles/osconfig-network-pci/tasks/configure.yml
# Reconfigure and potentially restart the network
- include: roles/network_interface/tasks/configure.yml
# A network restart may remove the VIP from an interface. Need to
# reload keepalived in such an event to preserve any VIPs
- include: roles/network_interface/tasks/keepalived-reload.yml
when: ('FND-CLU' in group.services)
# Network restarts remove and re-add Open vSwitch ports which can
# cause errors with existing OpenFlow rules. Restart the neutron
# Open vSwitch agent, so that such configuration is corrected.
#
# ::TODO:: This needs to be moved out of here and put in the
# neutron-ansible playbook, where it belongs.
- include: roles/network_interface/tasks/neutron-ovs-agent-restart.yml
when: ('NEU-OVS' in group.services)
- hosts: "{{ osconfig_resources | default('resources') }}:!OPS-LM:!FND-CLU"
roles:
- network_interface
- osconfig-network-pci
tasks:
- include: roles/osconfig-network-pci/tasks/configure.yml
- include: roles/network_interface/tasks/configure.yml
- include: roles/network_interface/tasks/neutron-ovs-agent-restart.yml
when: ('NEU-OVS' in group.services)
0707010019CF4C000081A40000000000000000000000015B32C8620000039F000000FD0000000200000000000000000000004500000000ardana-osconfig-8.0+git.1530054754.b943409/osconfig-fcoe-reorder.yml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# Common osconfig tasks we want to do during deployment and during an upgrade
---
- hosts: "{{ osconfig_resources | default('resources') }}:!NOV-ESX:!NEU-OVSVAPP"
roles:
- fcoe
tasks:
- include: roles/fcoe/tasks/update_fcoe_order.yml
when: ansible_os_family == 'Debian'
0707010019D07F000081A40000000000000000000000015B32C862000004BB000000FD0000000200000000000000000000004800000000ardana-osconfig-8.0+git.1530054754.b943409/osconfig-iptables-deploy.yml#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# Playbook to install iptables and configure iptables rules.
---
- hosts: "{{ osconfig_resources | default('resources') }}:&OPS-LM"
roles:
- { role: neutron-common }
- { role: osconfig-iptables, osconfig_iptables_run_mode: install }
serial: 1
tasks:
- include: roles/osconfig-iptables/tasks/configure.yml
- hosts: "{{ osconfig_resources | default('resources') }}:!OPS-LM"
roles:
- { role: neutron-common }
- { role: osconfig-iptables, osconfig_iptables_run_mode: install }
tasks:
- include: roles/osconfig-iptables/tasks/configure.yml
0707010019D080000081A40000000000000000000000015B32C86200000436000000FD0000000200000000000000000000004D00000000ardana-osconfig-8.0+git.1530054754.b943409/osconfig-iptables-reconfigure.yml#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# Playbook to reconfigure iptables rules.
---
- hosts: "{{ osconfig_resources | default('resources') }}:&OPS-LM"
roles:
- neutron-common
- osconfig-iptables
serial: 1
tasks:
- include: roles/osconfig-iptables/tasks/configure.yml
- hosts: "{{ osconfig_resources | default('resources') }}:!OPS-LM"
roles:
- neutron-common
- osconfig-iptables
tasks:
- include: roles/osconfig-iptables/tasks/configure.yml
0707010019D07C000081A40000000000000000000000015B32C86200000319000000FD0000000200000000000000000000004900000000ardana-osconfig-8.0+git.1530054754.b943409/osconfig-iptables-upgrade.yml#
# (c) Copyright 2015 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# Playbook to upgrade iptables and configure iptables rules.
# Currently, equivalent to the deploy playbook.
---
- include: osconfig-iptables-deploy.yml
0707010019D073000081A40000000000000000000000015B32C8620000051B000000FD0000000200000000000000000000003C00000000ardana-osconfig-8.0+git.1530054754.b943409/osconfig-run.yml#
# (c) Copyright 2015, 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- include: _osconfig-base.yml
- include: network_interface-deploy.yml
- include: osconfig-iptables-deploy.yml
- hosts: "{{ osconfig_resources | default('resources') }}:&NTP-SVR"
roles:
- osconfig
tasks:
- include: roles/osconfig-ntp-server/tasks/install.yml
- include: roles/osconfig-ntp-server/tasks/configure.yml
- include: roles/osconfig-ntp-server/tasks/start.yml
- hosts: "{{ osconfig_resources | default('resources') }}:&NTP-CLI"
roles:
- osconfig
tasks:
- include: roles/osconfig-ntp-client/tasks/install.yml
- include: roles/osconfig-ntp-client/tasks/configure.yml
- include: roles/osconfig-ntp-client/tasks/start.yml
0707010019CF44000081A40000000000000000000000015B32C862000003DE000000FD0000000200000000000000000000003F00000000ardana-osconfig-8.0+git.1530054754.b943409/osconfig-status.yml#
# (c) Copyright 2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- name: Check Product Status on all systems
hosts: all:!localhost:!*-local
max_fail_percentage: 0
tasks:
- include: roles/osconfig/tasks/check-repo-status.yml
when: "{{ (ansible_os_family | lower) == 'suse' and
lookup('env', 'SKIP_REPO_CHECKS')|default('') == '' }}"
- include: roles/osconfig/tasks/check-product-status.yml
when: (ansible_os_family | lower) == 'suse'
0707010019CF57000041ED0000000000000000000000115B32C86200000000000000FD0000000200000000000000000000003100000000ardana-osconfig-8.0+git.1530054754.b943409/roles0707010019CFE7000041ED0000000000000000000000055B32C86200000000000000FD0000000200000000000000000000003C00000000ardana-osconfig-8.0+git.1530054754.b943409/roles/diskconfig0707010019CFF2000041ED0000000000000000000000025B32C86200000000000000FD0000000200000000000000000000004500000000ardana-osconfig-8.0+git.1530054754.b943409/roles/diskconfig/defaults0707010019CFF3000081A40000000000000000000000015B32C8620000095F000000FD0000000200000000000000000000004E00000000ardana-osconfig-8.0+git.1530054754.b943409/roles/diskconfig/defaults/main.yml#
# (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017-2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# Variables used in diskconfig play
---
diskconfig_pkg_dependencies:
- lvm2
- xfsprogs
- e2fsprogs
- gdisk
- parted
- rsyslog
# Extract list of PV devices from the volume_groups entries, stripping
# off any partition suffixes, real or logical, in the process.
_diskconfig_vg_pvs: "{{ host.my_disk_models.volume_groups |
map(attribute='physical_volumes') | chain |
map('regex_replace', '[0-9]*$', '') |
map('regex_replace', '_root', '') | list }}"
# Look for a cinder-volume device_group entry assigned to cinder and
# extract list of associated devices.
_diskconfig_cnd_dg: "{{ host.my_disk_models |
device_group('cinder-volume', 'cinder') }}"
_diskconfig_cnd_pvs: "{{ _diskconfig_cnd_dg.devices | default([]) |
map(attribute='name') | list }}"
# Combine the VG PV device and Cinder PV device lists, sorting and
# uniqifying them as part of the process.
_diskconfig_all_pvs: "{{ _diskconfig_vg_pvs + _diskconfig_cnd_pvs |
sort | unique }}"
# Construct the accept and reject filter text entry lists
_diskconfig_lvm_accepts: "{{ _diskconfig_all_pvs |
map('regex_replace', '(.*)',
'a|^\\\\1[0-9]*|') | list }}"
_diskconfig_lvm_rejects:
- "r|.*|"
# Finally combine the accept and reject lists such that we accept only
# the desired devices when scanning for VGs and reject all other devices.
diskconfig_lvm_filter_entries: "{{ _diskconfig_lvm_accepts +
_diskconfig_lvm_rejects }}"
write_test_file: 'write_test_tmp_file'
mysql_part_loc: "{{ mysql_datadir }}"
db_threshold_mb: 50
0707010019CFE8000041ED0000000000000000000000025B32C86200000000000000FD0000000200000000000000000000004200000000ardana-osconfig-8.0+git.1530054754.b943409/roles/diskconfig/tasks0707010019CFEF000081A40000000000000000000000015B32C86200002D97000000FD0000000200000000000000000000005000000000ardana-osconfig-8.0+git.1530054754.b943409/roles/diskconfig/tasks/configure.yml#
# (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017-2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# Play to set up lvm FS and mounts
---
# TODO: remove this debug comment once we are happy this mechanism
# causes no undesirable side effects.
- name: osconfig | diskconfig | proposed lvm.conf filter entries
debug: msg="filter = {{ diskconfig_lvm_filter_entries }}"
# See if lvmetad is already enabled
- name: osconfig | diskconfig | Is lvmetad enabled in lvm.conf already?
become: yes
shell: fgrep "use_lvmetad =" /etc/lvm/lvm.conf | xargs | awk '{ print $3 }'
register: use_lvmetad_output
# We have to stop lvmetad service prior to updating lvm.conf.
# we are enabling lvmetad by setting use_lvmetad = 1 due to bug
# 1084559. This requires making sure lvmetad is stopped prior to
# updating lvm.conf, and then starting it again after
- name: osconfig | diskconfig | Make sure lvm2-lvmetad service is stopped
become: yes
service: name=lvm2-lvmetad state=stopped
when: use_lvmetad_output.stdout == "0"
# Update the filter settings in the lvm.conf using the list of filter
# entries found in the diskconfig_lvm_filter_entries, if not empty.
# This will replace any active filter entry line, since there can be
# only one, and will be inserted before the standard comment line that
# contains the string "By default we accept every block device".
- name: osconfig | diskconfig | Install lvm.conf
become: yes
template:
src: lvm.conf.j2
dest: /etc/lvm/lvm.conf
mode: 0644
owner: root
group: root
- name: osconfig | disk config | get the VG holding root
shell: /bin/bash -c "set -e; /sbin/lvs | awk '\$1 == \"root\" {print \$2}'"
register: root_vg_return
- name: osconfig | disk config | set root VG fact
set_fact:
root_vg: "{{ root_vg_return.stdout }}"
### FIXME(fergal) - SCRD-537 & SCRD-538
### Temporary workaround to rename the VG holding the
# Start of rebranding temporary workaround
- name: osconfig | disk config | get config root VG
set_fact:
cfg_root_vg: "{{ item.0.name }}"
when: item.1 | search("_root")
with_subelements:
- "{{ host.my_disk_models.volume_groups }}"
- physical_volumes
- name: osconfig | disk config | rename root VG
become: yes
shell: |
set -eu
old_vg={{ root_vg }}
new_vg={{ cfg_root_vg }}
old_dm_root="/dev/mapper/${old_vg//-/--}-root"
new_dm_root="/dev/mapper/${new_vg//-/--}-root"
# rename the VG appropriately
vgrename "${old_vg}" "${new_vg}"
# create symlink for old VG root entry under /dev/mapper
# Needed for RHEL/SUSE grub2-mkconfig implementation which doesnt
# resolve root device back to base device entry if it is a symlink
ln -s "$(readlink ${new_dm_root})" "${old_dm_root}"
args:
executable: /bin/bash
when: "root_vg != cfg_root_vg"
- name: osconfig | disk config | update root VG fact
set_fact:
root_vg: "{{ cfg_root_vg }}"
# End of rebranding temporary workaround
- name: osconfig | disk config | get ardana root
set_fact:
base_disk: "{{ item.1 | regex_replace('_root','') }}"
full_match: "{{ item.1 }}"
when: item.0.name == "{{ root_vg }}" and item.1 | search("_root")
with_subelements:
- "{{ host.my_disk_models.volume_groups }}"
- physical_volumes
- name: osconfig | disk config | get base volume in vg
shell: /sbin/pvs | grep "{{ root_vg }}" | grep -e '{{ base_disk }}[0-9]*' -e '{{ base_disk }}-part[0-9]*' | awk '{print $1}'
register: pvs_output
when: base_disk is defined
- name: osconfig | disk config | set base pv
set_fact:
base_pv: "{{ pvs_output.stdout }}"
when: base_disk is defined
- name: osconfig | disk config | get vg device list
local_action: shell echo "{{ item.physical_volumes | join(",") }}" | sed 's:{{ full_match }}:{{ base_pv }}:g'
register: new_vg_list
when: item.name == "{{ root_vg }}" and base_disk is defined
with_items: "{{ host.my_disk_models.volume_groups }}"
- name: osconfig | disk config | assign vg_list
set_fact:
vg_list : "{{ new_vg_list.results[0].stdout}}"
when: item.name == "{{ root_vg }}" and base_disk is defined
with_items: "{{ host.my_disk_models.volume_groups }}"
- name: osconfig | disk config | setup volume groups templated root dev
lvg: vg={{ item.name }} pvs={{ vg_list }}
when: item.name == "{{ root_vg }}" and base_disk is defined
with_items: "{{ host.my_disk_models.volume_groups }}"
- name: osconfig | disk config | setup volume groups
lvg: vg={{ item.name }} pvs={{ item.physical_volumes | join(",") }}
when: item.name != "{{ root_vg }}" or base_disk is not defined
with_items: "{{ host.my_disk_models.volume_groups }}"
- name: osconfig | disk config | create LVs
lvol: vg={{ item.0.name }} lv={{ item.1.name }} size={{ item.1.size }}VG
with_subelements:
- "{{ host.my_disk_models.volume_groups }}"
- logical_volumes
- name: osconfig | disk config | Extend root LV
command: lvextend -l {{ item.1.size }}VG "/dev/{{item.0.name}}/{{item.1.name}}"
when: item.1.name == "root"
with_subelements:
- "{{ host.my_disk_models.volume_groups }}"
- logical_volumes
register: extend_output
failed_when: ( extend_output.rc != 0 ) and ( "matches existing size" not in extend_output.stderr )
- name: osconfig | disk config | mkfs lv with options
filesystem: fstype={{ item.1.fstype }} opts="{{ item.1.mkfs_opts }}" dev="/dev/{{ item.0.name }}/{{ item.1.name }}"
when: item.1.mkfs_opts is defined and item.1.fstype is defined
with_subelements:
- "{{ host.my_disk_models.volume_groups }}"
- logical_volumes
- name: osconfig | disk config | mkfs lv no options
filesystem: fstype={{ item.1.fstype }} dev="/dev/{{ item.0.name }}/{{ item.1.name }}"
when: item.1.mkfs_opts is not defined and item.1.fstype is defined
with_subelements:
- "{{ host.my_disk_models.volume_groups }}"
- logical_volumes
- name: osconfig | disk config | resize root fs if necessary
command: resize2fs "/dev/{{ item.0.name }}/{{ item.1.name }}"
when: item.1.fstype is defined and item.1.fstype == "ext4" and item.1.name == "root"
with_subelements:
- "{{ host.my_disk_models.volume_groups }}"
- logical_volumes
- name: osconfig | disk config | Check if deployer and control plane co-existing
set_fact:
deployer_coexisting: true
when: "'resources' in group_names"
run_once: true
delegate_to: localhost
- name: osconfig | disk config | Check if /var/log is in the disk input model
set_fact:
log_mount_in_disk_model: true
when: deployer_coexisting is defined and item.1.mount is defined and item.1.mount.find("/var/log") != -1
with_subelements:
- "{{ host.my_disk_models.volume_groups }}"
- logical_volumes
run_once: true
delegate_to: localhost
- name: osconfig | disk config | Check if /var/log is a mountpoint
command: bash -c "cat /etc/fstab | grep -e /var/log"
register: log_is_mountpoint
ignore_errors: True
when: deployer_coexisting is defined and log_mount_in_disk_model is defined
run_once: true
delegate_to: localhost
- name: osconfig | disk config | Set log already mounted fact
set_fact:
log_already_mounted: true
when: deployer_coexisting is defined and log_mount_in_disk_model is defined and log_is_mountpoint.rc == 1
run_once: true
delegate_to: localhost
- name: osconfig | disk config | Backup log dir before mounting log partition
become: yes
command: cp -dpr /var/log {{ ansible_env['HOME'] }}
when: log_already_mounted is defined
run_once: true
delegate_to: localhost
- name: osconfig | disk config | Create the lv mount point if it does not exist
file:
path: "{{ item.1.mount }}"
state: directory
when: item.1.mount is defined
with_subelements:
- "{{ host.my_disk_models.volume_groups }}"
- logical_volumes
- name: osconfig | disk config | mount lv fs
mount: name={{ item.1.mount }} src=/dev/{{ item.0.name }}/{{ item.1.name }} fstype={{ item.1.fstype }} state=mounted
when: item.1.mount is defined and item.1.fstype is defined
with_subelements:
- "{{ host.my_disk_models.volume_groups }}"
- logical_volumes
- name: osconfig | disk config | Set the lv root file system mode bits
file:
mode: "{{ item.1.mode }}"
path: "{{ item.1.mount }}"
state: directory
when: item.1.mount is defined and
item.1.mode is defined
with_subelements:
- "{{ host.my_disk_models.volume_groups }}"
- logical_volumes
- name: osconfig | disk config | Restore SELinux security context of /var/log
file:
path: /var/log
state: directory
setype: var_log_t
when: ansible_os_family == 'RedHat'
- name: osconfig | disk config | Restore log dir after mounting log partition
become: yes
command: cp -dpr {{ ansible_env['HOME'] }}/log /var
when: log_already_mounted is defined
run_once: true
delegate_to: localhost
- name: osconfig | disk config | Remove log dir backup
become: yes
file: path={{ ansible_env['HOME'] }}/log state=absent
when: log_already_mounted is defined
run_once: true
delegate_to: localhost
- name: osconfig | disk config | Restart Services using log dir prior to mounting
service: name=apache2 state=restarted
when: log_already_mounted is defined
run_once: true
delegate_to: localhost
- name: osconfig | disk config | mkfs physical device no options
filesystem: fstype={{ item.1.fstype }} dev="{{ item.1.name }}"
when: ( item.1.mkfs_opts is not defined ) and ( item.1.fstype is defined )
with_subelements:
- "{{ host.my_disk_models.device_groups | default([]) }}"
- devices
- name: osconfig | disk config | mkfs physical device with options
filesystem: fstype={{ item.1.fstype }} opts="{{ item.1.mkfs_opts }}" dev="{{ item.1.name }}"
when: ( item.1.mkfs_opts is defined ) and ( item.1.fstype is defined )
with_subelements:
- "{{ host.my_disk_models.device_groups | default([]) }}"
- devices
- name: osconfig | disk config | Create the lv mount point if it does not exits
file:
path: "{{ item.1.mount }}"
state: directory
when: item.1.mount is defined
with_subelements:
- "{{ host.my_disk_models.device_groups | default([]) }}"
- devices
- name: osconfig | disk config | mount pv fs
mount: name={{ item.1.mount }} src="{{ item.1.name }}" fstype={{ item.1.fstype }} state=mounted
when: item.1.mount is defined and item.1.fstype is defined
with_subelements:
- "{{ host.my_disk_models.device_groups | default([]) }}"
- devices
- name: osconfig | disk config | Set the pv root file system mode bits
file:
mode: "{{ item.1.mode }}"
path: "{{ item.1.mount }}"
state: directory
when: item.1.mount is defined and
item.1.mode is defined
with_subelements:
- "{{ host.my_disk_models.device_groups | default([]) }}"
- devices
- name: osconfig | disk config | check if log restart needed
stat: path="{%- if ansible_os_family in ['RedHat', 'Suse'] -%}/var/log/messages{%- else -%}/var/log/syslog{%- endif -%}"
register: syslog_status
- name: osconfig | disk config | restart syslog if needed
service: name=rsyslog state=restarted
when: syslog_status.stat.exists == False
0707010019CFE9000081A40000000000000000000000015B32C86200001318000000FD0000000200000000000000000000005400000000ardana-osconfig-8.0+git.1530054754.b943409/roles/diskconfig/tasks/get_disk_info.yml# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
---
- name: osconfig | diskconfig | list multipath devs
become: yes
shell: ls -1 /dev/mapper/mpath* | wc -l
register: multipath_devs_result
- name: osconfig | diskconfig | check multipath devs
set_fact: multipath_env=true
when: multipath_devs_result.stdout != "0"
- name: osconfig | diskconfig | set multipath env
set_fact: wipe_disks_multipath=true
when: wipe_disks_multipath is not defined and multipath_env is defined
- name: osconfig | diskconfig | set multipath env
set_fact: wipe_disks_multipath=false
when: wipe_disks_multipath is not defined and multipath_env is not defined
- name: osconfig | diskconfig | set default_disk
set_fact: wipe_disks_skip_partition="sda"
when: wipe_disks_skip_partition is not defined and wipe_disks_multipath == False
- name: osconfig | diskconfig | set default_mulitpath_disk
set_fact: wipe_disks_skip_partition="mpatha"
when: wipe_disks_skip_partition is not defined and wipe_disks_multipath == True
- name: osconfig | diskconfig | get list of devices
shell: cat /proc/partitions | grep "sd" | grep -v {{ wipe_disks_skip_partition }}$ | grep -v {{ wipe_disks_skip_partition }}[0-9] | awk '{ print $4 }'
register: single_results
become: yes
when: wipe_disks_multipath == False
ignore_errors: true
- name: osconfig | diskconfig | get multipath list of devices
shell: ls -1 /dev/mapper/ | grep "mpath" | grep -v {{ wipe_disks_skip_partition }}$ | grep -v {{ wipe_disks_skip_partition }}[0-9]
register: multi_results
become: yes
when: wipe_disks_multipath == True
ignore_errors: true
- name: osconfig | diskconfig | set single path result
set_fact: all_devices="{{ single_results.stdout_lines }}"
when: wipe_disks_multipath == False
- name: osconfig | diskconfig | set multi path result
set_fact: all_devices="{{ multi_results.stdout_lines }}"
when: wipe_disks_multipath == True
- name: osconfig | diskconfig | filter one disk only if specified
set_fact: devices="{{ all_devices }}"
when: wipe_one_disk is not defined
# Check needs to be an exact item by item equality check.
- name: osconfig | diskconfig | filter one disk if it exists
set_fact: found_one_dev="{{ wipe_one_disk }}"
when: wipe_one_disk is defined and item == wipe_one_disk
with_items: "{{ all_devices }}"
# Create a one-item list
- name: osconfig | diskconfig | continue if disk exists
set_fact:
devices:
- "{{ wipe_one_disk }}"
when: wipe_one_disk is defined and found_one_dev is defined
- name: osconfig | diskconfig | fail if specified disk doesnt exist
fail:
msg: >
did not find {{ wipe_one_disk }} in list of devices on this node
{{ all_devices }}
when: wipe_one_disk is defined and found_one_dev is not defined
- name: osconfig | diskconfig | Check if osconfig has run
stat: path=/etc/openstack/osconfig-ran
register: osconfig_ran
- name: osconfig | diskconfig | check result of osconfig check
fail:
msg: >
found /etc/openstack/osconfig-ran on node, this means that Ardana$
OpenStack software has been previously installed on this system
{{ inventory_hostname }}, if you want to continue to wipe this node
please remove /etc/openstack/osconfig-ran from the node(s) in question.
when: osconfig_ran.stat.exists == True and wipe_one_disk is not defined
- name: osconfig | diskconfig | check if devices
set_fact: devs_exist=true
with_items: "{{ devices }}"
- name: osconfig | diskconfig | check partition tables for all devices found
shell: fdisk /dev/{{ item }} -l
become: yes
with_items: "{{ devices }}"
register: partitions_found
when: item != "{{ wipe_disks_skip_partition }}" and (osconfig_ran.stat.exists == False or wipe_one_disk is defined) and devs_exist is defined and wipe_disks_multipath == False
- name: osconfig | diskconfig | check partition tables for all devices found
shell: fdisk /dev/mapper/{{ item }} -l
become: yes
with_items: "{{ devices }}"
register: partitions_found
when: item != "{{ wipe_disks_skip_partition }}" and (osconfig_ran.stat.exists == False or wipe_one_disk is defined) and devs_exist is defined and wipe_disks_multipath == True
- name: osconfig | diskconfig | devices to be wiped
debug: msg="wipe {{ devices }}"
0707010019CFEC000081A40000000000000000000000015B32C86200000331000000FD0000000200000000000000000000004E00000000ardana-osconfig-8.0+git.1530054754.b943409/roles/diskconfig/tasks/install.yml#
# (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017-2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- name: osconfig | disk config | Install dependencies
become: yes
package:
name: "{{ item }}"
state: present
with_items: diskconfig_pkg_dependencies
0707010019CFEA000081A40000000000000000000000015B32C8620000043B000000FD0000000200000000000000000000005800000000ardana-osconfig-8.0+git.1530054754.b943409/roles/diskconfig/tasks/wipe_confirmation.yml# (c) Copyright 2015 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
---
- name: You will Wipe the above disks if you continue. This will remove all data on all the selected nodes.
pause: prompt="Wipe the above disks. Press enter to continue or control+c then a to abort"
delegate_to: localhost
when: automate is not defined
- name: 5 minutes to reconsider. press ctrl+c then c if you are sure. if not press ctrl+c then a to abort.
pause: minutes=5
delegate_to: localhost
when: automate is not defined
0707010019CFEB000081A40000000000000000000000015B32C86200000441000000FD0000000200000000000000000000005100000000ardana-osconfig-8.0+git.1530054754.b943409/roles/diskconfig/tasks/wipe_disks.yml# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
---
- include: "install.yml"
- name: osconfig | wipe_disks | Wipe disks
wipe_disk:
drives: "{{ devices }}"
when: partitions_found.msg == "All items completed" and
(osconfig_ran.stat.exists == False or wipe_one_disk is defined) and
devs_exist is defined
register: wipe_disk_result
- name: osconfig | wipe_disks | Display output
debug:
var: wipe_disk_result.stdout_lines
when: wipe_disk_result | skipped != true
0707010019CFED000081A40000000000000000000000015B32C86200000925000000FD0000000200000000000000000000005500000000ardana-osconfig-8.0+git.1530054754.b943409/roles/diskconfig/tasks/wipe_one_check.yml# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
---
- name: diskconfig | wipe_one_check | Check the number of hosts
set_fact:
diskconfig_num_hosts="{{ play_hosts | length }}"
delegate_to: 127.0.0.1
run_once: True
- name: diskconfig | wipe_one_check | Validate number of hosts
fail: msg="The number of nodes in this play must be exactly 1!"
when: diskconfig_num_hosts | int != 1
delegate_to: 127.0.0.1
run_once: True
- name: diskconfig | wipe_one_check | Validate devices defined
fail: msg="You must specify wipe_one_disk as '-e wipe_one_disk=sdc' for example"
when: wipe_one_disk is not defined
delegate_to: 127.0.0.1
run_once: True
- name: diskconfig | wipe_one_check | Validate number of devices
fail: msg="The number of disks must be exactly 1!"
when: "' ' in wipe_one_disk"
delegate_to: 127.0.0.1
run_once: True
- name: diskconfig | wipe_one_check | Find device type
become: yes
command: "lsblk -n -d -o type /dev/{{ wipe_one_disk }}"
register: wipe_one_check_disk
- name: diskconfig | wipe_one_check | Validate its a disk not a partition
fail: msg="You must specify a full disk device"
when: "'disk' not in wipe_one_check_disk.stdout"
- name: diskconfig | wipe_one_check | Find any partitions
become: yes
shell: "lsblk -l -n -o type,name /dev/{{ wipe_one_disk }} |
grep ^part | awk '{print $2}'"
register: wipe_one_check_parts
# lsof isnt a sufficient check
- name: diskconfig | wipe_one_check | Validate no part of device is being used
any_errors_fatal: True
become: yes
command: "python -c 'import os; os.open(\"/dev/{{ item }}\", os.O_EXCL)'"
with_items:
- "{{ wipe_one_check_parts.stdout_lines }}"
- "{{ wipe_one_disk }}"
register: wipe_one_check_parts_used
0707010019CFEE000081A40000000000000000000000015B32C862000007BA000000FD0000000200000000000000000000005100000000ardana-osconfig-8.0+git.1530054754.b943409/roles/diskconfig/tasks/write_test.yml#
# (c) Copyright 2015 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# Play to test write speed of partition holding database
---
- name: diskconfig | write_test | Include FND-MDB defaults
include_vars: "{{ playbook_dir }}/roles/FND-MDB/defaults/main.yml"
- name: diskconfig | write_test | Check for mysql partition
stat:
path: "{{ mysql_datadir }}"
register: mysql_partition_result
become: yes
- name: diskconfig | write_test | Set the mysql partition location if not found
set_fact:
mysql_part_loc: "/"
when: mysql_partition_result.stat.exists == False
- name: diskconfig | write_test | Write file to db partition
shell: |
dd if=/dev/zero of={{ mysql_part_loc }}/{{ write_test_file }} \
bs=4k count=10000 oflag=direct 2>&1 | awk '/copied/ {print $8}'
register: diskconfig_write_result
become: yes
- name: diskconfig | write_test | Print db partition write speed
debug:
msg: "Database partition write speed is = {{ diskconfig_write_result.stdout }} MB/s"
- name: diskconfig | write_test | Warn of slow write speed
debug:
msg: "WARNING Write speed of database partition is slow {{ diskconfig_write_result.stdout }} MB/s"
when: ({{ diskconfig_write_result.stdout | int }} <= {{ db_threshold_mb }})
- name: diskconfig | write_test | Remove write test file
file:
path: "{{ mysql_part_loc }}/{{ write_test_file }}"
state: absent
become: yes
0707010019CFF0000041ED0000000000000000000000025B32C86200000000000000FD0000000200000000000000000000004600000000ardana-osconfig-8.0+git.1530054754.b943409/roles/diskconfig/templates0707010019CFF1000081A40000000000000000000000015B32C8620000E616000000FD0000000200000000000000000000005200000000ardana-osconfig-8.0+git.1530054754.b943409/roles/diskconfig/templates/lvm.conf.j2{#
# (c) Copyright 2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#}
# This section allows you to set the way the configuration settings are handled.
config {
# If enabled, any LVM2 configuration mismatch is reported.
# This implies checking that the configuration key is understood
# by LVM2 and that the value of the key is of a proper type.
# If disabled, any configuration mismatch is ignored and default
# value is used instead without any warning (a message about the
# configuration key not being found is issued in verbose mode only).
checks = 1
# If enabled, any configuration mismatch aborts the LVM2 process.
abort_on_errors = 0
# Directory where LVM looks for configuration profiles.
profile_dir = "/etc/lvm/profile"
}
# This section allows you to configure which block devices should
# be used by the LVM system.
devices {
# Where do you want your volume groups to appear ?
dir = "/dev"
# An array of directories that contain the device nodes you wish
# to use with LVM2.
scan = [ "/dev" ]
# If set, the cache of block device nodes with all associated symlinks
# will be constructed out of the existing udev database content.
# This avoids using and opening any inapplicable non-block devices or
# subdirectories found in the device directory. This setting is applied
# to udev-managed device directory only, other directories will be scanned
# fully. LVM2 needs to be compiled with udev support for this setting to
# take effect. N.B. Any device node or symlink not managed by udev in
# udev directory will be ignored with this setting on.
obtain_device_list_from_udev = 1
# If several entries in the scanned directories correspond to the
# same block device and the tools need to display a name for device,
# all the pathnames are matched against each item in the following
# list of regular expressions in turn and the first match is used.
# By default no preferred names are defined.
# preferred_names = [ ]
# Try to avoid using undescriptive /dev/dm-N names, if present.
# preferred_names = [ "^/dev/mpath/", "^/dev/mapper/mpath", "^/dev/[hs]d" ]
# In case no prefererred name matches or if preferred_names are not
# defined at all, builtin rules are used to determine the preference.
#
# The first builtin rule checks path prefixes and it gives preference
# based on this ordering (where "dev" depends on devices/dev setting):
# /dev/mapper > /dev/disk > /dev/dm-* > /dev/block
#
# If the ordering above cannot be applied, the path with fewer slashes
# gets preference then.
#
# If the number of slashes is the same, a symlink gets preference.
#
# Finally, if all the rules mentioned above are not applicable,
# lexicographical order is used over paths and the smallest one
# of all gets preference.
# A filter that tells LVM2 to only use a restricted set of devices.
# The filter consists of an array of regular expressions. These
# expressions can be delimited by a character of your choice, and
# prefixed with either an 'a' (for accept) or 'r' (for reject).
# The first expression found to match a device name determines if
# the device will be accepted or rejected (ignored). Devices that
# don't match any patterns are accepted.
# Be careful if there there are symbolic links or multiple filesystem
# entries for the same device as each name is checked separately against
# the list of patterns. The effect is that if the first pattern in the
# list to match a name is an 'a' pattern for any of the names, the device
# is accepted; otherwise if the first pattern in the list to match a name
# is an 'r' pattern for any of the names it is rejected; otherwise it is
# accepted.
# By default we accept every block device except udev names, floppy and cdrom drives:
# filter = [ "r|/dev/.*/by-path/.*|", "r|/dev/.*/by-id/.*|", "r|/dev/fd.*|", "r|/dev/cdrom|", "a/.*/" ]
# Exclude the cdrom drive
# filter = [ "r|/dev/cdrom|" ]
# When testing I like to work with just loopback devices:
# filter = [ "a/loop/", "r/.*/" ]
# Or maybe all loops and ide drives except hdc:
# filter =[ "a|loop|", "r|/dev/hdc|", "a|/dev/ide|", "r|.*|" ]
# Use anchors if you want to be really specific
filter = {{ diskconfig_lvm_filter_entries | list }}
# Since "filter" is often overridden from command line, it is not suitable
# for system-wide device filtering (udev rules, lvmetad). To hide devices
# from LVM-specific udev processing and/or from lvmetad, you need to set
# global_filter. The syntax is the same as for normal "filter"
# above. Devices that fail the global_filter are not even opened by LVM.
# global_filter = []
# The results of the filtering are cached on disk to avoid
# rescanning dud devices (which can take a very long time).
# By default this cache is stored in the /etc/lvm/cache directory
# in a file called '.cache'.
# It is safe to delete the contents: the tools regenerate it.
# (The old setting 'cache' is still respected if neither of
# these new ones is present.)
# N.B. If obtain_device_list_from_udev is set to 1 the list of
# devices is instead obtained from udev and any existing .cache
# file is removed.
cache_dir = "/etc/lvm/cache"
cache_file_prefix = ""
# You can turn off writing this cache file by setting this to 0.
write_cache_state = 1
# Advanced settings.
# List of pairs of additional acceptable block device types found
# in /proc/devices with maximum (non-zero) number of partitions.
# types = [ "fd", 16 ]
# If sysfs is mounted (2.6 kernels) restrict device scanning to
# the block devices it believes are valid.
# 1 enables; 0 disables.
sysfs_scan = 1
# By default, LVM2 will ignore devices used as component paths
# of device-mapper multipath devices.
# 1 enables; 0 disables.
multipath_component_detection = 1
# By default, LVM2 will ignore devices used as components of
# software RAID (md) devices by looking for md superblocks.
# 1 enables; 0 disables.
md_component_detection = 1
# By default, if a PV is placed directly upon an md device, LVM2
# will align its data blocks with the md device's stripe-width.
# 1 enables; 0 disables.
md_chunk_alignment = 1
# Default alignment of the start of a data area in MB. If set to 0,
# a value of 64KB will be used. Set to 1 for 1MiB, 2 for 2MiB, etc.
# default_data_alignment = 1
# By default, the start of a PV's data area will be a multiple of
# the 'minimum_io_size' or 'optimal_io_size' exposed in sysfs.
# - minimum_io_size - the smallest request the device can perform
# w/o incurring a read-modify-write penalty (e.g. MD's chunk size)
# - optimal_io_size - the device's preferred unit of receiving I/O
# (e.g. MD's stripe width)
# minimum_io_size is used if optimal_io_size is undefined (0).
# If md_chunk_alignment is enabled, that detects the optimal_io_size.
# This setting takes precedence over md_chunk_alignment.
# 1 enables; 0 disables.
data_alignment_detection = 1
# Alignment (in KB) of start of data area when creating a new PV.
# md_chunk_alignment and data_alignment_detection are disabled if set.
# Set to 0 for the default alignment (see: data_alignment_default)
# or page size, if larger.
data_alignment = 0
# By default, the start of the PV's aligned data area will be shifted by
# the 'alignment_offset' exposed in sysfs. This offset is often 0 but
# may be non-zero; e.g.: certain 4KB sector drives that compensate for
# windows partitioning will have an alignment_offset of 3584 bytes
# (sector 7 is the lowest aligned logical block, the 4KB sectors start
# at LBA -1, and consequently sector 63 is aligned on a 4KB boundary).
# But note that pvcreate --dataalignmentoffset will skip this detection.
# 1 enables; 0 disables.
data_alignment_offset_detection = 1
# If, while scanning the system for PVs, LVM2 encounters a device-mapper
# device that has its I/O suspended, it waits for it to become accessible.
# Set this to 1 to skip such devices. This should only be needed
# in recovery situations.
ignore_suspended_devices = 0
# ignore_lvm_mirrors: Introduced in version 2.02.104
# This setting determines whether logical volumes of "mirror" segment
# type are scanned for LVM labels. This affects the ability of
# mirrors to be used as physical volumes. If 'ignore_lvm_mirrors'
# is set to '1', it becomes impossible to create volume groups on top
# of mirror logical volumes - i.e. to stack volume groups on mirrors.
#
# Allowing mirror logical volumes to be scanned (setting the value to '0')
# can potentially cause LVM processes and I/O to the mirror to become
# blocked. This is due to the way that the "mirror" segment type handles
# failures. In order for the hang to manifest itself, an LVM command must
# be run just after a failure and before the automatic LVM repair process
# takes place OR there must be failures in multiple mirrors in the same
# volume group at the same time with write failures occurring moments
# before a scan of the mirror's labels.
#
# Note that these scanning limitations do not apply to the LVM RAID
# types, like "raid1". The RAID segment types handle failures in a
# different way and are not subject to possible process or I/O blocking.
#
# It is encouraged that users set 'ignore_lvm_mirrors' to 1 if they
# are using the "mirror" segment type. Users that require volume group
# stacking on mirrored logical volumes should consider using the "raid1"
# segment type. The "raid1" segment type is not available for
# active/active clustered volume groups.
#
# Set to 1 to disallow stacking and thereby avoid a possible deadlock.
ignore_lvm_mirrors = 1
# During each LVM operation errors received from each device are counted.
# If the counter of a particular device exceeds the limit set here, no
# further I/O is sent to that device for the remainder of the respective
# operation. Setting the parameter to 0 disables the counters altogether.
disable_after_error_count = 0
# Allow use of pvcreate --uuid without requiring --restorefile.
require_restorefile_with_uuid = 1
# Minimum size (in KB) of block devices which can be used as PVs.
# In a clustered environment all nodes must use the same value.
# Any value smaller than 512KB is ignored.
# Ignore devices smaller than 2MB such as floppy drives.
pv_min_size = 2048
# The original built-in setting was 512 up to and including version 2.02.84.
# pv_min_size = 512
# Issue discards to a logical volumes's underlying physical volume(s) when
# the logical volume is no longer using the physical volumes' space (e.g.
# lvremove, lvreduce, etc). Discards inform the storage that a region is
# no longer in use. Storage that supports discards advertise the protocol
# specific way discards should be issued by the kernel (TRIM, UNMAP, or
# WRITE SAME with UNMAP bit set). Not all storage will support or benefit
# from discards but SSDs and thinly provisioned LUNs generally do. If set
# to 1, discards will only be issued if both the storage and kernel provide
# support.
# 1 enables; 0 disables.
issue_discards = 0
}
# This section allows you to configure the way in which LVM selects
# free space for its Logical Volumes.
allocation {
# When searching for free space to extend an LV, the "cling"
# allocation policy will choose space on the same PVs as the last
# segment of the existing LV. If there is insufficient space and a
# list of tags is defined here, it will check whether any of them are
# attached to the PVs concerned and then seek to match those PV tags
# between existing extents and new extents.
# Use the special tag "@*" as a wildcard to match any PV tag.
# Example: LVs are mirrored between two sites within a single VG.
# PVs are tagged with either @site1 or @site2 to indicate where
# they are situated.
# cling_tag_list = [ "@site1", "@site2" ]
# cling_tag_list = [ "@*" ]
# Changes made in version 2.02.85 extended the reach of the 'cling'
# policies to detect more situations where data can be grouped
# onto the same disks. Set this to 0 to revert to the previous
# algorithm.
maximise_cling = 1
# Whether to use blkid library instead of native LVM2 code to detect
# any existing signatures while creating new Physical Volumes and
# Logical Volumes. LVM2 needs to be compiled with blkid wiping support
# for this setting to take effect.
#
# LVM2 native detection code is currently able to recognize these signatures:
# - MD device signature
# - swap signature
# - LUKS signature
# To see the list of signatures recognized by blkid, check the output
# of 'blkid -k' command. The blkid can recognize more signatures than
# LVM2 native detection code, but due to this higher number of signatures
# to be recognized, it can take more time to complete the signature scan.
use_blkid_wiping = 1
# Set to 1 to wipe any signatures found on newly-created Logical Volumes
# automatically in addition to zeroing of the first KB on the LV
# (controlled by the -Z/--zero y option).
# The command line option -W/--wipesignatures takes precedence over this
# setting.
# The default is to wipe signatures when zeroing.
#
wipe_signatures_when_zeroing_new_lvs = 1
# Set to 1 to guarantee that mirror logs will always be placed on
# different PVs from the mirror images. This was the default
# until version 2.02.85.
mirror_logs_require_separate_pvs = 0
# Set to 1 to guarantee that cache_pool metadata will always be
# placed on different PVs from the cache_pool data.
cache_pool_metadata_require_separate_pvs = 0
# Specify the minimal chunk size (in kiB) for cache pool volumes.
# Using a chunk_size that is too large can result in wasteful use of
# the cache, where small reads and writes can cause large sections of
# an LV to be mapped into the cache. However, choosing a chunk_size
# that is too small can result in more overhead trying to manage the
# numerous chunks that become mapped into the cache. The former is
# more of a problem than the latter in most cases, so we default to
# a value that is on the smaller end of the spectrum. Supported values
# range from 32(kiB) to 1048576 in multiples of 32.
# cache_pool_chunk_size = 64
# Set to 1 to guarantee that thin pool metadata will always
# be placed on different PVs from the pool data.
thin_pool_metadata_require_separate_pvs = 0
# Specify chunk size calculation policy for thin pool volumes.
# Possible options are:
# "generic" - if thin_pool_chunk_size is defined, use it.
# Otherwise, calculate the chunk size based on
# estimation and device hints exposed in sysfs:
# the minimum_io_size. The chunk size is always
# at least 64KiB.
#
# "performance" - if thin_pool_chunk_size is defined, use it.
# Otherwise, calculate the chunk size for
# performance based on device hints exposed in
# sysfs: the optimal_io_size. The chunk size is
# always at least 512KiB.
# thin_pool_chunk_size_policy = "generic"
# Specify the minimal chunk size (in KB) for thin pool volumes.
# Use of the larger chunk size may improve performance for plain
# thin volumes, however using them for snapshot volumes is less efficient,
# as it consumes more space and takes extra time for copying.
# When unset, lvm tries to estimate chunk size starting from 64KB
# Supported values are in range from 64 to 1048576.
# thin_pool_chunk_size = 64
# Specify discards behaviour of the thin pool volume.
# Select one of "ignore", "nopassdown", "passdown"
# thin_pool_discards = "passdown"
# Set to 0, to disable zeroing of thin pool data chunks before their
# first use.
# N.B. zeroing larger thin pool chunk size degrades performance.
# thin_pool_zero = 1
}
# This section that allows you to configure the nature of the
# information that LVM2 reports.
log {
# Controls the messages sent to stdout or stderr.
# There are three levels of verbosity, 3 being the most verbose.
verbose = 0
# Set to 1 to suppress all non-essential messages from stdout.
# This has the same effect as -qq.
# When this is set, the following commands still produce output:
# dumpconfig, lvdisplay, lvmdiskscan, lvs, pvck, pvdisplay,
# pvs, version, vgcfgrestore -l, vgdisplay, vgs.
# Non-essential messages are shifted from log level 4 to log level 5
# for syslog and lvm2_log_fn purposes.
# Any 'yes' or 'no' questions not overridden by other arguments
# are suppressed and default to 'no'.
silent = 0
# Should we send log messages through syslog?
# 1 is yes; 0 is no.
syslog = 1
# Should we log error and debug messages to a file?
# By default there is no log file.
#file = "/var/log/lvm2.log"
# Should we overwrite the log file each time the program is run?
# By default we append.
overwrite = 0
# What level of log messages should we send to the log file and/or syslog?
# There are 6 syslog-like log levels currently in use - 2 to 7 inclusive.
# 7 is the most verbose (LOG_DEBUG).
level = 0
# Format of output messages
# Whether or not (1 or 0) to indent messages according to their severity
indent = 1
# Whether or not (1 or 0) to display the command name on each line output
command_names = 0
# A prefix to use before the message text (but after the command name,
# if selected). Default is two spaces, so you can see/grep the severity
# of each message.
prefix = " "
# To make the messages look similar to the original LVM tools use:
# indent = 0
# command_names = 1
# prefix = " -- "
# Set this if you want log messages during activation.
# Don't use this in low memory situations (can deadlock).
# activation = 0
# Some debugging messages are assigned to a class and only appear
# in debug output if the class is listed here.
# Classes currently available:
# memory, devices, activation, allocation, lvmetad, metadata, cache,
# locking
# Use "all" to see everything.
debug_classes = [ "memory", "devices", "activation", "allocation", "lvmetad", "metadata", "cache", "locking" ]
}
# Configuration of metadata backups and archiving. In LVM2 when we
# talk about a 'backup' we mean making a copy of the metadata for the
# *current* system. The 'archive' contains old metadata configurations.
# Backups are stored in a human readable text format.
backup {
# Should we maintain a backup of the current metadata configuration ?
# Use 1 for Yes; 0 for No.
# Think very hard before turning this off!
backup = 1
# Where shall we keep it ?
# Remember to back up this directory regularly!
backup_dir = "/etc/lvm/backup"
# Should we maintain an archive of old metadata configurations.
# Use 1 for Yes; 0 for No.
# On by default. Think very hard before turning this off.
archive = 1
# Where should archived files go ?
# Remember to back up this directory regularly!
archive_dir = "/etc/lvm/archive"
# What is the minimum number of archive files you wish to keep ?
retain_min = 10
# What is the minimum time you wish to keep an archive file for ?
retain_days = 30
}
# Settings for the running LVM2 in shell (readline) mode.
shell {
# Number of lines of history to store in ~/.lvm_history
history_size = 100
}
# Miscellaneous global LVM2 settings
global {
# The file creation mask for any files and directories created.
# Interpreted as octal if the first digit is zero.
umask = 077
# Allow other users to read the files
#umask = 022
# Enabling test mode means that no changes to the on disk metadata
# will be made. Equivalent to having the -t option on every
# command. Defaults to off.
test = 0
# Default value for --units argument
units = "h"
# Since version 2.02.54, the tools distinguish between powers of
# 1024 bytes (e.g. KiB, MiB, GiB) and powers of 1000 bytes (e.g.
# KB, MB, GB).
# If you have scripts that depend on the old behaviour, set this to 0
# temporarily until you update them.
si_unit_consistency = 1
# Whether or not to display unit suffix for sizes. This setting has
# no effect if the units are in human-readable form (global/units="h")
# in which case the suffix is always displayed.
suffix = 1
# Whether or not to communicate with the kernel device-mapper.
# Set to 0 if you want to use the tools to manipulate LVM metadata
# without activating any logical volumes.
# If the device-mapper kernel driver is not present in your kernel
# setting this to 0 should suppress the error messages.
activation = 1
# If we can't communicate with device-mapper, should we try running
# the LVM1 tools?
# This option only applies to 2.4 kernels and is provided to help you
# switch between device-mapper kernels and LVM1 kernels.
# The LVM1 tools need to be installed with .lvm1 suffices
# e.g. vgscan.lvm1 and they will stop working after you start using
# the new lvm2 on-disk metadata format.
# The default value is set when the tools are built.
# fallback_to_lvm1 = 0
# The default metadata format that commands should use - "lvm1" or "lvm2".
# The command line override is -M1 or -M2.
# Defaults to "lvm2".
# format = "lvm2"
# Location of proc filesystem
proc = "/proc"
# Type of locking to use. Defaults to local file-based locking (1).
# Turn locking off by setting to 0 (dangerous: risks metadata corruption
# if LVM2 commands get run concurrently).
# Type 2 uses the external shared library locking_library.
# Type 3 uses built-in clustered locking.
# Type 4 uses read-only locking which forbids any operations that might
# change metadata.
# Type 5 offers dummy locking for tools that do not need any locks.
# You should not need to set this directly: the tools will select when
# to use it instead of the configured locking_type. Do not use lvmetad or
# the kernel device-mapper driver with this locking type.
# It is used by the --readonly option that offers read-only access to
# Volume Group metadata that cannot be locked safely because it belongs to
# an inaccessible domain and might be in use, for example a virtual machine
# image or a disk that is shared by a clustered machine.
#
# N.B. Don't use lvmetad with locking type 3 as lvmetad is not yet
# supported in clustered environment. If use_lvmetad=1 and locking_type=3
# is set at the same time, LVM always issues a warning message about this
# and then it automatically disables lvmetad use.
locking_type = 1
# Set to 0 to fail when a lock request cannot be satisfied immediately.
wait_for_locks = 1
# If using external locking (type 2) and initialisation fails,
# with this set to 1 an attempt will be made to use the built-in
# clustered locking.
# If you are using a customised locking_library you should set this to 0.
fallback_to_clustered_locking = 1
# If an attempt to initialise type 2 or type 3 locking failed, perhaps
# because cluster components such as clvmd are not running, with this set
# to 1 an attempt will be made to use local file-based locking (type 1).
# If this succeeds, only commands against local volume groups will proceed.
# Volume Groups marked as clustered will be ignored.
fallback_to_local_locking = 1
# Local non-LV directory that holds file-based locks while commands are
# in progress. A directory like /tmp that may get wiped on reboot is OK.
locking_dir = "/run/lvm/lock"
# Whenever there are competing read-only and read-write access requests for
# a volume group's metadata, instead of always granting the read-only
# requests immediately, delay them to allow the read-write requests to be
# serviced. Without this setting, write access may be stalled by a high
# volume of read-only requests.
# NB. This option only affects locking_type = 1 viz. local file-based
# locking.
prioritise_write_locks = 1
# Other entries can go here to allow you to load shared libraries
# e.g. if support for LVM1 metadata was compiled as a shared library use
# format_libraries = "liblvm2format1.so"
# Full pathnames can be given.
# Search this directory first for shared libraries.
# library_dir = "/lib"
# The external locking library to load if locking_type is set to 2.
# locking_library = "liblvm2clusterlock.so"
# Treat any internal errors as fatal errors, aborting the process that
# encountered the internal error. Please only enable for debugging.
abort_on_internal_errors = 0
# Check whether CRC is matching when parsed VG is used multiple times.
# This is useful to catch unexpected internal cached volume group
# structure modification. Please only enable for debugging.
detect_internal_vg_cache_corruption = 0
# If set to 1, no operations that change on-disk metadata will be permitted.
# Additionally, read-only commands that encounter metadata in need of repair
# will still be allowed to proceed exactly as if the repair had been
# performed (except for the unchanged vg_seqno).
# Inappropriate use could mess up your system, so seek advice first!
metadata_read_only = 0
# 'mirror_segtype_default' defines which segtype will be used when the
# shorthand '-m' option is used for mirroring. The possible options are:
#
# "mirror" - The original RAID1 implementation provided by LVM2/DM. It is
# characterized by a flexible log solution (core, disk, mirrored)
# and by the necessity to block I/O while reconfiguring in the
# event of a failure.
#
# There is an inherent race in the dmeventd failure handling
# logic with snapshots of devices using this type of RAID1 that
# in the worst case could cause a deadlock.
# Ref: https://bugzilla.redhat.com/show_bug.cgi?id=817130#c10
#
# "raid1" - This implementation leverages MD's RAID1 personality through
# device-mapper. It is characterized by a lack of log options.
# (A log is always allocated for every device and they are placed
# on the same device as the image - no separate devices are
# required.) This mirror implementation does not require I/O
# to be blocked in the kernel in the event of a failure.
# This mirror implementation is not cluster-aware and cannot be
# used in a shared (active/active) fashion in a cluster.
#
# Specify the '--type <mirror|raid1>' option to override this default
# setting.
mirror_segtype_default = "raid1"
# 'raid10_segtype_default' determines the segment types used by default
# when the '--stripes/-i' and '--mirrors/-m' arguments are both specified
# during the creation of a logical volume.
# Possible settings include:
#
# "raid10" - This implementation leverages MD's RAID10 personality through
# device-mapper.
#
# "mirror" - LVM will layer the 'mirror' and 'stripe' segment types. It
# will do this by creating a mirror on top of striped sub-LVs;
# effectively creating a RAID 0+1 array. This is suboptimal
# in terms of providing redundancy and performance. Changing to
# this setting is not advised.
# Specify the '--type <raid10|mirror>' option to override this default
# setting.
raid10_segtype_default = "raid10"
# The default format for displaying LV names in lvdisplay was changed
# in version 2.02.89 to show the LV name and path separately.
# Previously this was always shown as /dev/vgname/lvname even when that
# was never a valid path in the /dev filesystem.
# Set to 1 to reinstate the previous format.
#
# lvdisplay_shows_full_device_path = 0
# Whether to use (trust) a running instance of lvmetad. If this is set to
# 0, all commands fall back to the usual scanning mechanisms. When set to 1
# *and* when lvmetad is running (automatically instantiated by making use of
# systemd's socket-based service activation or run as an initscripts service
# or run manually), the volume group metadata and PV state flags are obtained
# from the lvmetad instance and no scanning is done by the individual
# commands. In a setup with lvmetad, lvmetad udev rules *must* be set up for
# LVM to work correctly. Without proper udev rules, all changes in block
# device configuration will be *ignored* until a manual 'pvscan --cache'
# is performed. These rules are installed by default.
#
# If lvmetad has been running while use_lvmetad was 0, it MUST be stopped
# before changing use_lvmetad to 1 and started again afterwards.
#
# If using lvmetad, the volume activation is also switched to automatic
# event-based mode. In this mode, the volumes are activated based on
# incoming udev events that automatically inform lvmetad about new PVs
# that appear in the system. Once the VG is complete (all the PVs are
# present), it is auto-activated. The activation/auto_activation_volume_list
# setting controls which volumes are auto-activated (all by default).
#
# A note about device filtering while lvmetad is used:
# When lvmetad is updated (either automatically based on udev events
# or directly by pvscan --cache <device> call), the devices/filter
# is ignored and all devices are scanned by default. The lvmetad always
# keeps unfiltered information which is then provided to LVM commands
# and then each LVM command does the filtering based on devices/filter
# setting itself.
# To prevent scanning devices completely, even when using lvmetad,
# the devices/global_filter must be used.
# N.B. Don't use lvmetad with locking type 3 as lvmetad is not yet
# supported in clustered environment. If use_lvmetad=1 and locking_type=3
# is set at the same time, LVM always issues a warning message about this
# and then it automatically disables lvmetad use.
# If use_lvmetad set to 1, please make sure lvm2-lvmetad.socket is started
use_lvmetad = 1
# Full path of the utility called to check that a thin metadata device
# is in a state that allows it to be used.
# Each time a thin pool needs to be activated or after it is deactivated
# this utility is executed. The activation will only proceed if the utility
# has an exit status of 0.
# Set to "" to skip this check. (Not recommended.)
# The thin tools are available as part of the device-mapper-persistent-data
# package from https://github.com/jthornber/thin-provisioning-tools.
#
# thin_check_executable = "/usr/sbin/thin_check"
# Array of string options passed with thin_check command. By default,
# option "-q" is for quiet output.
# With thin_check version 2.1 or newer you can add "--ignore-non-fatal-errors"
# to let it pass through ignorable errors and fix them later.
# With thin_check version 3.2 or newer you should add
# "--clear-needs-check-flag".
#
# thin_check_options = [ "-q", "--clear-needs-check-flag" ]
# Full path of the utility called to repair a thin metadata device
# is in a state that allows it to be used.
# Each time a thin pool needs repair this utility is executed.
# See thin_check_executable how to obtain binaries.
#
# thin_repair_executable = "/usr/sbin/thin_repair"
# Array of extra string options passed with thin_repair command.
# thin_repair_options = [ "" ]
# Full path of the utility called to dump thin metadata content.
# See thin_check_executable how to obtain binaries.
#
# thin_dump_executable = "/usr/sbin/thin_dump"
# If set, given features are not used by thin driver.
# This can be helpful not just for testing, but i.e. allows to avoid
# using problematic implementation of some thin feature.
# Features:
# block_size
# discards
# discards_non_power_2
# external_origin
# metadata_resize
# external_origin_extend
#
# thin_disabled_features = [ "discards", "block_size" ]
# Full path of the utility called to check that a cache metadata device
# is in a state that allows it to be used.
# Each time a cached LV needs to be used or after it is deactivated
# this utility is executed. The activation will only proceed if the utility
# has an exit status of 0.
# Set to "" to skip this check. (Not recommended.)
# The cache tools are available as part of the device-mapper-persistent-data
# package from https://github.com/jthornber/thin-provisioning-tools.
#
# cache_check_executable = "autodetect"
# Array of string options passed with cache_check command. By default,
# option "-q" is for quiet output.
#
# cache_check_options = [ "-q" ]
# Full path of the utility called to repair a cache metadata device.
# Each time a cache metadata needs repair this utility is executed.
# See cache_check_executable how to obtain binaries.
#
# cache_repair_executable = "autodetect"
# Array of extra string options passed with cache_repair command.
# cache_repair_options = [ "" ]
# Full path of the utility called to dump cache metadata content.
# See cache_check_executable how to obtain binaries.
#
# cache_dump_executable = "autodetect"
}
activation {
# Set to 1 to perform internal checks on the operations issued to
# libdevmapper. Useful for debugging problems with activation.
# Some of the checks may be expensive, so it's best to use this
# only when there seems to be a problem.
checks = 0
# Set to 0 to disable udev synchronisation (if compiled into the binaries).
# Processes will not wait for notification from udev.
# They will continue irrespective of any possible udev processing
# in the background. You should only use this if udev is not running
# or has rules that ignore the devices LVM2 creates.
# The command line argument --nodevsync takes precedence over this setting.
# If set to 1 when udev is not running, and there are LVM2 processes
# waiting for udev, run 'dmsetup udevcomplete_all' manually to wake them up.
udev_sync = 1
# Set to 0 to disable the udev rules installed by LVM2 (if built with
# --enable-udev_rules). LVM2 will then manage the /dev nodes and symlinks
# for active logical volumes directly itself.
# N.B. Manual intervention may be required if this setting is changed
# while any logical volumes are active.
udev_rules = 1
# Set to 1 for LVM2 to verify operations performed by udev. This turns on
# additional checks (and if necessary, repairs) on entries in the device
# directory after udev has completed processing its events.
# Useful for diagnosing problems with LVM2/udev interactions.
verify_udev_operations = 0
# If set to 1 and if deactivation of an LV fails, perhaps because
# a process run from a quick udev rule temporarily opened the device,
# retry the operation for a few seconds before failing.
retry_deactivation = 1
# How to fill in missing stripes if activating an incomplete volume.
# Using "error" will make inaccessible parts of the device return
# I/O errors on access. You can instead use a device path, in which
# case, that device will be used to in place of missing stripes.
# But note that using anything other than "error" with mirrored
# or snapshotted volumes is likely to result in data corruption.
missing_stripe_filler = "error"
# The linear target is an optimised version of the striped target
# that only handles a single stripe. Set this to 0 to disable this
# optimisation and always use the striped target.
use_linear_target = 1
# How much stack (in KB) to reserve for use while devices suspended
# Prior to version 2.02.89 this used to be set to 256KB
reserved_stack = 64
# How much memory (in KB) to reserve for use while devices suspended
reserved_memory = 8192
# Nice value used while devices suspended
process_priority = -18
# If volume_list is defined, each LV is only activated if there is a
# match against the list.
#
# "vgname" and "vgname/lvname" are matched exactly.
# "@tag" matches any tag set in the LV or VG.
# "@*" matches if any tag defined on the host is also set in the LV or VG
#
# If any host tags exist but volume_list is not defined, a default
# single-entry list containing "@*" is assumed.
#
# volume_list = [ "vg1", "vg2/lvol1", "@tag1", "@*" ]
# If auto_activation_volume_list is defined, each LV that is to be
# activated with the autoactivation option (--activate ay/-a ay) is
# first checked against the list. There are two scenarios in which
# the autoactivation option is used:
#
# - automatic activation of volumes based on incoming PVs. If all the
# PVs making up a VG are present in the system, the autoactivation
# is triggered. This requires lvmetad (global/use_lvmetad=1) and udev
# to be running. In this case, "pvscan --cache -aay" is called
# automatically without any user intervention while processing
# udev events. Please, make sure you define auto_activation_volume_list
# properly so only the volumes you want and expect are autoactivated.
#
# - direct activation on command line with the autoactivation option.
# In this case, the user calls "vgchange --activate ay/-a ay" or
# "lvchange --activate ay/-a ay" directly.
#
# By default, the auto_activation_volume_list is not defined and all
# volumes will be activated either automatically or by using --activate ay/-a ay.
#
# N.B. The "activation/volume_list" is still honoured in all cases so even
# if the VG/LV passes the auto_activation_volume_list, it still needs to
# pass the volume_list for it to be activated in the end.
# If auto_activation_volume_list is defined but empty, no volumes will be
# activated automatically and --activate ay/-a ay will do nothing.
#
# auto_activation_volume_list = []
# If auto_activation_volume_list is defined and it's not empty, only matching
# volumes will be activated either automatically or by using --activate ay/-a ay.
#
# "vgname" and "vgname/lvname" are matched exactly.
# "@tag" matches any tag set in the LV or VG.
# "@*" matches if any tag defined on the host is also set in the LV or VG
#
# auto_activation_volume_list = [ "vg1", "vg2/lvol1", "@tag1", "@*" ]
# If read_only_volume_list is defined, each LV that is to be activated
# is checked against the list, and if it matches, it as activated
# in read-only mode. (This overrides '--permission rw' stored in the
# metadata.)
#
# "vgname" and "vgname/lvname" are matched exactly.
# "@tag" matches any tag set in the LV or VG.
# "@*" matches if any tag defined on the host is also set in the LV or VG
#
# read_only_volume_list = [ "vg1", "vg2/lvol1", "@tag1", "@*" ]
# Each LV can have an 'activation skip' flag stored persistently against it.
# During activation, this flag is used to decide whether such an LV is skipped.
# The 'activation skip' flag can be set during LV creation and by default it
# is automatically set for thin snapshot LVs. The 'auto_set_activation_skip'
# enables or disables this automatic setting of the flag while LVs are created.
# auto_set_activation_skip = 1
# For RAID or 'mirror' segment types, 'raid_region_size' is the
# size (in KiB) of each:
# - synchronization operation when initializing
# - each copy operation when performing a 'pvmove' (using 'mirror' segtype)
# This setting has replaced 'mirror_region_size' since version 2.02.99
raid_region_size = 512
# Setting to use when there is no readahead value stored in the metadata.
#
# "none" - Disable readahead.
# "auto" - Use default value chosen by kernel.
readahead = "auto"
# 'raid_fault_policy' defines how a device failure in a RAID logical
# volume is handled. This includes logical volumes that have the following
# segment types: raid1, raid4, raid5*, and raid6*.
#
# In the event of a failure, the following policies will determine what
# actions are performed during the automated response to failures (when
# dmeventd is monitoring the RAID logical volume) and when 'lvconvert' is
# called manually with the options '--repair' and '--use-policies'.
#
# "warn" - Use the system log to warn the user that a device in the RAID
# logical volume has failed. It is left to the user to run
# 'lvconvert --repair' manually to remove or replace the failed
# device. As long as the number of failed devices does not
# exceed the redundancy of the logical volume (1 device for
# raid4/5, 2 for raid6, etc) the logical volume will remain
# usable.
#
# "allocate" - Attempt to use any extra physical volumes in the volume
# group as spares and replace faulty devices.
#
raid_fault_policy = "warn"
# 'mirror_image_fault_policy' and 'mirror_log_fault_policy' define
# how a device failure affecting a mirror (of "mirror" segment type) is
# handled. A mirror is composed of mirror images (copies) and a log.
# A disk log ensures that a mirror does not need to be re-synced
# (all copies made the same) every time a machine reboots or crashes.
#
# In the event of a failure, the specified policy will be used to determine
# what happens. This applies to automatic repairs (when the mirror is being
# monitored by dmeventd) and to manual lvconvert --repair when
# --use-policies is given.
#
# "remove" - Simply remove the faulty device and run without it. If
# the log device fails, the mirror would convert to using
# an in-memory log. This means the mirror will not
# remember its sync status across crashes/reboots and
# the entire mirror will be re-synced. If a
# mirror image fails, the mirror will convert to a
# non-mirrored device if there is only one remaining good
# copy.
#
# "allocate" - Remove the faulty device and try to allocate space on
# a new device to be a replacement for the failed device.
# Using this policy for the log is fast and maintains the
# ability to remember sync state through crashes/reboots.
# Using this policy for a mirror device is slow, as it
# requires the mirror to resynchronize the devices, but it
# will preserve the mirror characteristic of the device.
# This policy acts like "remove" if no suitable device and
# space can be allocated for the replacement.
#
# "allocate_anywhere" - Not yet implemented. Useful to place the log device
# temporarily on same physical volume as one of the mirror
# images. This policy is not recommended for mirror devices
# since it would break the redundant nature of the mirror. This
# policy acts like "remove" if no suitable device and space can
# be allocated for the replacement.
mirror_log_fault_policy = "allocate"
mirror_image_fault_policy = "remove"
# 'snapshot_autoextend_threshold' and 'snapshot_autoextend_percent' define
# how to handle automatic snapshot extension. The former defines when the
# snapshot should be extended: when its space usage exceeds this many
# percent. The latter defines how much extra space should be allocated for
# the snapshot, in percent of its current size.
#
# For example, if you set snapshot_autoextend_threshold to 70 and
# snapshot_autoextend_percent to 20, whenever a snapshot exceeds 70% usage,
# it will be extended by another 20%. For a 1G snapshot, using up 700M will
# trigger a resize to 1.2G. When the usage exceeds 840M, the snapshot will
# be extended to 1.44G, and so on.
#
# Setting snapshot_autoextend_threshold to 100 disables automatic
# extensions. The minimum value is 50 (A setting below 50 will be treated
# as 50).
snapshot_autoextend_threshold = 100
snapshot_autoextend_percent = 20
# 'thin_pool_autoextend_threshold' and 'thin_pool_autoextend_percent' define
# how to handle automatic pool extension. The former defines when the
# pool should be extended: when its space usage exceeds this many
# percent. The latter defines how much extra space should be allocated for
# the pool, in percent of its current size.
#
# For example, if you set thin_pool_autoextend_threshold to 70 and
# thin_pool_autoextend_percent to 20, whenever a pool exceeds 70% usage,
# it will be extended by another 20%. For a 1G pool, using up 700M will
# trigger a resize to 1.2G. When the usage exceeds 840M, the pool will
# be extended to 1.44G, and so on.
#
# Setting thin_pool_autoextend_threshold to 100 disables automatic
# extensions. The minimum value is 50 (A setting below 50 will be treated
# as 50).
thin_pool_autoextend_threshold = 100
thin_pool_autoextend_percent = 20
# While activating devices, I/O to devices being (re)configured is
# suspended, and as a precaution against deadlocks, LVM2 needs to pin
# any memory it is using so it is not paged out. Groups of pages that
# are known not to be accessed during activation need not be pinned
# into memory. Each string listed in this setting is compared against
# each line in /proc/self/maps, and the pages corresponding to any
# lines that match are not pinned. On some systems locale-archive was
# found to make up over 80% of the memory used by the process.
# mlock_filter = [ "locale/locale-archive", "gconv/gconv-modules.cache" ]
# Set to 1 to revert to the default behaviour prior to version 2.02.62
# which used mlockall() to pin the whole process's memory while activating
# devices.
use_mlockall = 0
# Monitoring is enabled by default when activating logical volumes.
# Set to 0 to disable monitoring or use the --ignoremonitoring option.
monitoring = 1
# When pvmove or lvconvert must wait for the kernel to finish
# synchronising or merging data, they check and report progress
# at intervals of this number of seconds. The default is 15 seconds.
# If this is set to 0 and there is only one thing to wait for, there
# are no progress reports, but the process is awoken immediately the
# operation is complete.
polling_interval = 15
# 'activation_mode' determines how Logical Volumes are activated if
# any devices are missing. Possible settings are:
#
# "complete" - Only allow activation of an LV if all of the Physical
# Volumes it uses are present. Other PVs in the Volume
# Group may be missing.
#
# "degraded" - Like "complete", but additionally RAID Logical Volumes of
# segment type raid1, raid4, raid5, radid6 and raid10 will
# be activated if there is no data loss, i.e. they have
# sufficient redundancy to present the entire addressable
# range of the Logical Volume.
#
# "partial" - Allows the activation of any Logical Volume even if
# a missing or failed PV could cause data loss with a
# portion of the Logical Volume inaccessible.
# This setting should not normally be used, but may
# sometimes assist with data recovery.
#
# This setting was introduced in LVM version 2.02.108. It corresponds
# with the '--activationmode' option for lvchange and vgchange.
activation_mode = "degraded"
}
# Report settings.
#
# report {
# Align columns on report output.
# aligned=1
# When buffered reporting is used, the report's content is appended
# incrementally to include each object being reported until the report
# is flushed to output which normally happens at the end of command
# execution. Otherwise, if buffering is not used, each object is
# reported as soon as its processing is finished.
# buffered=1
# Show headings for columns on report.
# headings=1
# A separator to use on report after each field.
# separator=" "
# A separator to use for list items when reported.
# list_item_separator=","
# Use a field name prefix for each field reported.
# prefixes=0
# Quote field values when using field name prefixes.
# quoted=1
# Output each column as a row. If set, this also implies report/prefixes=1.
# colums_as_rows=0
# Use binary values "0" or "1" instead of descriptive literal values for
# columns that have exactly two valid values to report (not counting the
# "unknown" value which denotes that the value could not be determined).
#
# binary_values_as_numeric = 0
# Comma separated list of columns to sort by when reporting 'lvm devtypes' command.
# See 'lvm devtypes -o help' for the list of possible fields.
# devtypes_sort="devtype_name"
# Comma separated list of columns to report for 'lvm devtypes' command.
# See 'lvm devtypes -o help' for the list of possible fields.
# devtypes_cols="devtype_name,devtype_max_partitions,devtype_description"
# Comma separated list of columns to report for 'lvm devtypes' command in verbose mode.
# See 'lvm devtypes -o help' for the list of possible fields.
# devtypes_cols_verbose="devtype_name,devtype_max_partitions,devtype_description"
# Comma separated list of columns to sort by when reporting 'lvs' command.
# See 'lvs -o help' for the list of possible fields.
# lvs_sort="vg_name,lv_name"
# Comma separated list of columns to report for 'lvs' command.
# See 'lvs -o help' for the list of possible fields.
# lvs_cols="lv_name,vg_name,lv_attr,lv_size,pool_lv,origin,data_percent,metadata_percent,move_pv,mirror_log,copy_percent,convert_lv"
# Comma separated list of columns to report for 'lvs' command in verbose mode.
# See 'lvs -o help' for the list of possible fields.
# lvs_cols_verbose="lv_name,vg_name,seg_count,lv_attr,lv_size,lv_major,lv_minor,lv_kernel_major,lv_kernel_minor,pool_lv,origin,data_percent,metadata_percent,move_pv,copy_percent,mirror_log,convert
# Comma separated list of columns to sort by when reporting 'vgs' command.
# See 'vgs -o help' for the list of possible fields.
# vgs_sort="vg_name"
# Comma separated list of columns to report for 'vgs' command.
# See 'vgs -o help' for the list of possible fields.
# vgs_cols="vg_name,pv_count,lv_count,snap_count,vg_attr,vg_size,vg_free"
# Comma separated list of columns to report for 'vgs' command in verbose mode.
# See 'vgs -o help' for the list of possible fields.
# vgs_cols_verbose="vg_name,vg_attr,vg_extent_size,pv_count,lv_count,snap_count,vg_size,vg_free,vg_uuid,vg_profile"
# Comma separated list of columns to sort by when reporting 'pvs' command.
# See 'pvs -o help' for the list of possible fields.
# pvs_sort="pv_name"
# Comma separated list of columns to report for 'pvs' command.
# See 'pvs -o help' for the list of possible fields.
# pvs_cols="pv_name,vg_name,pv_fmt,pv_attr,pv_size,pv_free"
# Comma separated list of columns to report for 'pvs' command in verbose mode.
# See 'pvs -o help' for the list of possible fields.
# pvs_cols_verbose="pv_name,vg_name,pv_fmt,pv_attr,pv_size,pv_free,dev_size,pv_uuid"
# Comma separated list of columns to sort by when reporting 'lvs --segments' command.
# See 'lvs --segments -o help' for the list of possible fields.
# segs_sort="vg_name,lv_name,seg_start"
# Comma separated list of columns to report for 'lvs --segments' command.
# See 'lvs --segments -o help' for the list of possible fields.
# segs_cols="lv_name,vg_name,lv_attr,stripes,segtype,seg_size"
# Comma separated list of columns to report for 'lvs --segments' command in verbose mode.
# See 'lvs --segments -o help' for the list of possible fields.
# segs_cols_verbose="lv_name,vg_name,lv_attr,seg_start,seg_size,stripes,segtype,stripesize,chunksize"
# Comma separated list of columns to sort by when reporting 'pvs --segments' command.
# See 'pvs --segments -o help' for the list of possible fields.
# pvsegs_sort="pv_name,pvseg_start"
# Comma separated list of columns to sort by when reporting 'pvs --segments' command.
# See 'pvs --segments -o help' for the list of possible fields.
# pvsegs_cols="pv_name,vg_name,pv_fmt,pv_attr,pv_size,pv_free,pvseg_start,pvseg_size"
# Comma separated list of columns to sort by when reporting 'pvs --segments' command in verbose mode.
# See 'pvs --segments -o help' for the list of possible fields.
# pvsegs_cols_verbose="pv_name,vg_name,pv_fmt,pv_attr,pv_size,pv_free,pvseg_start,pvseg_size,lv_name,seg_start_pe,segtype,seg_pe_ranges"
#}
####################
# Advanced section #
####################
# Metadata settings
#
# metadata {
# Configuration option metadata/check_pv_device_sizes.
# Check device sizes are not smaller than corresponding PV sizes.
# If device size is less than corresponding PV size found in metadata,
# there is always a risk of data loss. If this option is set, then LVM
# issues a warning message each time it finds that the device size is
# less than corresponding PV size. You should not disable this unless
# you are absolutely sure about what you are doing!
# This configuration option is advanced.
# This configuration option has an automatic default value.
# check_pv_device_sizes = 1
# Default number of copies of metadata to hold on each PV. 0, 1 or 2.
# You might want to override it from the command line with 0
# when running pvcreate on new PVs which are to be added to large VGs.
# pvmetadatacopies = 1
# Default number of copies of metadata to maintain for each VG.
# If set to a non-zero value, LVM automatically chooses which of
# the available metadata areas to use to achieve the requested
# number of copies of the VG metadata. If you set a value larger
# than the the total number of metadata areas available then
# metadata is stored in them all.
# The default value of 0 ("unmanaged") disables this automatic
# management and allows you to control which metadata areas
# are used at the individual PV level using 'pvchange
# --metadataignore y/n'.
# vgmetadatacopies = 0
# Approximate default size of on-disk metadata areas in sectors.
# You should increase this if you have large volume groups or
# you want to retain a large on-disk history of your metadata changes.
# pvmetadatasize = 255
# List of directories holding live copies of text format metadata.
# These directories must not be on logical volumes!
# It's possible to use LVM2 with a couple of directories here,
# preferably on different (non-LV) filesystems, and with no other
# on-disk metadata (pvmetadatacopies = 0). Or this can be in
# addition to on-disk metadata areas.
# The feature was originally added to simplify testing and is not
# supported under low memory situations - the machine could lock up.
#
# Never edit any files in these directories by hand unless you
# you are absolutely sure you know what you are doing! Use
# the supplied toolset to make changes (e.g. vgcfgrestore).
# dirs = [ "/etc/lvm/metadata", "/mnt/disk2/lvm/metadata2" ]
#}
# Event daemon
#
dmeventd {
# mirror_library is the library used when monitoring a mirror device.
#
# "libdevmapper-event-lvm2mirror.so" attempts to recover from
# failures. It removes failed devices from a volume group and
# reconfigures a mirror as necessary. If no mirror library is
# provided, mirrors are not monitored through dmeventd.
mirror_library = "libdevmapper-event-lvm2mirror.so"
# snapshot_library is the library used when monitoring a snapshot device.
#
# "libdevmapper-event-lvm2snapshot.so" monitors the filling of
# snapshots and emits a warning through syslog when the use of
# the snapshot exceeds 80%. The warning is repeated when 85%, 90% and
# 95% of the snapshot is filled.
snapshot_library = "libdevmapper-event-lvm2snapshot.so"
# thin_library is the library used when monitoring a thin device.
#
# "libdevmapper-event-lvm2thin.so" monitors the filling of
# pool and emits a warning through syslog when the use of
# the pool exceeds 80%. The warning is repeated when 85%, 90% and
# 95% of the pool is filled.
thin_library = "libdevmapper-event-lvm2thin.so"
# Full path of the dmeventd binary.
#
# executable = ""
}
0707010019CFFB000041ED0000000000000000000000065B32C86200000000000000FD0000000200000000000000000000003600000000ardana-osconfig-8.0+git.1530054754.b943409/roles/fcoe0707010019D001000041ED0000000000000000000000025B32C86200000000000000FD0000000200000000000000000000003E00000000ardana-osconfig-8.0+git.1530054754.b943409/roles/fcoe/library0707010019D002000081A40000000000000000000000015B32C8620000C972000000FD0000000200000000000000000000005200000000ardana-osconfig-8.0+git.1530054754.b943409/roles/fcoe/library/update_fcoe_udev.py#!/usr/bin/env python
#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
"""update_fcoe_udev.py
Provides tooling that can be used to manage the persistent ordering of
network devices for use with FCOE deployments.
Usage:
update_fcoe_udev.py [--prefix|-p <prefix>]
Where:
--prefix, -p <prefix>
specifies the path to prefix system file access with.
Example:
When running during a preseed install, the installed system
hierarchy is mounted under /target, so invoke the command as follows:
% update_fcoe_udev.py -p /target
"""
from collections import OrderedDict
from glob import glob
from hashlib import md5 as hasher
from operator import attrgetter, itemgetter
from cStringIO import StringIO
import os
import re
import sys
class HelionSystemPathsError(RuntimeError):
def __init__(self, *args, **kwargs):
super(HelionSystemPathsError, self).__init__(*args, **kwargs)
class DictReplacerError(RuntimeError):
def __init__(self, *args, **kwargs):
super(DictReplacerError, self).__init__(*args, **kwargs)
class ConfFileError(RuntimeError):
def __init__(self, *args, **kwargs):
super(ConfFileError, self).__init__(*args, **kwargs)
class PhaseRenameError(ConfFileError):
def __init__(self, *args, **kwargs):
super(PhaseRenameError, self).__init__(*args, **kwargs)
class NetRulesError(RuntimeError):
def __init__(self, *args, **kwargs):
super(NetRulesError, self).__init__(*args, **kwargs)
class NotRuleError(NetRulesError):
def __init__(self, *args, **kwargs):
super(NotRuleError, self).__init__(*args, **kwargs)
class NotRule70Error(NetRulesError):
def __init__(self, *args, **kwargs):
super(NotRule70Error, self).__init__(*args, **kwargs)
class NotRule71Error(NetRulesError):
def __init__(self, *args, **kwargs):
super(NotRule71Error, self).__init__(*args, **kwargs)
class RenameError(NetRulesError):
def __init__(self, *args, **kwargs):
super(RenameError, self).__init__(*args, **kwargs)
class InvalidRuleError(NetRulesError):
def __init__(self, *args, **kwargs):
super(InvalidRuleError, self).__init__(*args, **kwargs)
class InvalidDeviceNameError(NetRulesError):
def __init__(self, *args, **kwargs):
super(InvalidDeviceNameError, self).__init__(*args, **kwargs)
class HelionSystemPaths(object):
"""Helper class for system path access.
Implements a simple helper class used to manage access the important
system paths, potentially accessed under a provided offset, e.g.
during an install.
"""
_default_path_prefix = "/"
_default_flag_dir = "/etc/openstack"
_default_flag_name = "udev_net_rules_updated"
_rules_file_70 = "/etc/udev/rules.d/70-persistent-net.rules"
_rules_file_71 = "/etc/udev/rules.d/71-persistent-net.rules"
_fcoe_dir = "/etc/fcoe"
_ifaces_file = "/etc/network/interfaces"
_ifaces_dir = "/etc/network/interfaces.d"
def __init__(self, prefix=None, sys_prefix=None, flag_dir=None,
flag_name=None):
"""Initialise instance settings.
The prefix argument specifies an offset path for all path
resolution, e.g. /target if invoked during preseed install.
The flag_dir and flag_name combined specify a flag file, the
presence of which indicates that the associated operations
have already been performed.
"""
if prefix is None:
prefix = self._default_path_prefix
if sys_prefix is None:
sys_prefix = self._default_path_prefix
if flag_dir is None:
flag_dir = self._default_flag_dir
if flag_name is None:
flag_name = self._default_flag_name
if not os.path.exists(prefix):
raise HelionSystemPathsError("Prefix '%s' doesn't exist!" %
prefix)
self._path_prefix = prefix
self._path_sys_prefix = sys_prefix
self._flag_dir = flag_dir
self._flag_name = flag_name
@property
def prefix(self):
"""Expose prefix path as readonly attr."""
return self._path_prefix
@prefix.setter
def prefix(self, prefix):
"""Update the prefix path to a new value."""
self._path_prefix = prefix
def system_path(self, path):
"""Returns the actual path to use to access specified path."""
return os.path.join(self.prefix, path.lstrip('/'))
@property
def sys_prefix(self):
"""Expose sys_prefix path as readonly attr."""
return self._path_sys_prefix
@sys_prefix.setter
def sys_prefix(self, sys_prefix):
"""Update the sys_prefix path to a new value."""
self._path_sys_prefix = sys_prefix
def system_sys_path(self, *args):
"""Returns the actual path to use to access specified path."""
return os.path.join(self.sys_prefix, "sys", *args)
@property
def rules_file_70(self):
"""System path to persistent udev rules file."""
return self.system_path(self._rules_file_70)
@property
def rules_file_71(self):
"""System path to persistent udev rules file."""
return self.system_path(self._rules_file_71)
@property
def fcoe_dir(self):
"""System path to FCOE config directory."""
return self.system_path(self._fcoe_dir)
@property
def ifaces_file(self):
"""System path to network interfaces config file."""
return self.system_path(self._ifaces_file)
@property
def ifaces_dir(self):
"""System path to network interfaces config directory."""
return self.system_path(self._ifaces_dir)
@property
def flag_dir(self):
"""System path to directory holding flag files."""
return self.system_path(self._flag_dir)
@property
def flag_name(self):
"""Expose flag name as readonly attr."""
return self._flag_name
@property
def flag_file(self):
"""System path to specified flag file."""
return os.path.join(self.flag_dir, self.flag_name)
@property
def flag_exists(self):
"""True if specified flag file exists."""
return os.path.exists(self.flag_file)
class DictReplacer(object):
"""Manage text replacement based upon lookup table.
Instances of this class can be used to manage updating contents
of lines where the replacement value is dynamically looked up
in a provided dictionary, based on the value to be replaced; if
no value is found in provided dictionary then leave unchanged.
"""
def __init__(self, replacer, lookup, field=1, skipper=None):
"""Initialise the instance settings.
The replacer argument must include at least one group
specifier identifying the value to be replaced.
The lookup argument must be a dictionary line object that
maps candidate values onto there replacements.
The field argument specifies which group's value should be
looked up in the lookup map when doing replacement.
The skipper argument can optionally specify a pattern that
can be used to skip processing, e.g. ignore comment or
blank lines.
NOTE: The replacer and skipper can be provided as either
compiled pattern objects, or pattern strings which will be
automatically compiled, and the compiled versions used.
"""
if isinstance(replacer, str):
replacer = re.compile(replacer)
if isinstance(skipper, str):
skipper = re.compile(skipper)
if not replacer.groups:
raise DictReplacerError("Invalid replacer pattern: no groups "
"specified - '%s'" % replacer.pattern)
self._replacer = replacer
self._lookup = lookup
self._field = field
self._skipper = skipper
@property
def replacer(self):
"""Expose replacer as a readonly attr."""
return self._replacer
@property
def lookup(self):
"""Expose lookup as a readonly attr."""
return self._lookup
@property
def field(self):
"""Expose field as a readonly attr."""
return self._field
@property
def skipper(self):
"""Expose skipper as a readonly attr."""
return self._skipper
def should_skip(self, text):
"""Check if we should skip processing of this text.
Returns true if a skipper pattern has been provided, and
the pattern matches the specified value.
"""
return self.skipper and self.skipper.match(text)
def _callback(self, matcher):
"""Callback handling lookup of the substitution value."""
matched_field = matcher.group(self.field)
replacement = self.lookup.get(matched_field)
if not replacement:
return matcher.group(0)
fields = list(f or "" for f in matcher.groups())
fields[self.field - 1] = replacement
return "".join(fields)
def replace(self, text):
"""Replace content in text based upon lookup table.
Based upon the content of the associated lookup table,
replace any occurrences of any matching keys with their
associated values that may be found in the provided text.
"""
if self.should_skip(text):
return text
return self.replacer.sub(self._callback, text)
class ConfEntry(object):
"""Basic Conf File Entry handler."""
def __init__(self, line, lineno, syspaths):
"""Record line and line number."""
self._line = line
self._lineno = lineno
self._orig_line = None
self._syspaths = syspaths
def __str__(self):
"""Return line as str() value."""
return self._line
@property
def syspaths(self):
"""Syspaths object to use when resolving paths."""
return self._syspaths
@property
def lineno(self):
"""Line number of this line in the file."""
return self._lineno
@property
def orig_line(self):
"""Original line content."""
if self._orig_line is None:
return self._line
return self._orig_line
def _backup_line(self):
"""Backup line content if not previously done."""
if self._orig_line is None:
self._orig_line = self._line
def update(self, new_line):
"""Update line with new content, backing up if needed."""
if new_line == self._line:
return
self._backup_line()
self._line = new_line
@property
def dirty(self):
"""True if line has in fact been modified."""
return self._orig_line is not None
class UdevNetEntry(ConfEntry):
"""Manage Udev persistent network rule entry.
Class used to manage a specific udev persistent net rules,
allowing renaming of associated device and checking whether
the device exists on the system, and whether the configured
settings match the actual settings in use..
"""
def __init__(self, line, lineno, syspaths):
"""Record line and line number, and parse fields from line."""
super(UdevNetEntry, self).__init__(line, lineno, syspaths)
self._orig_dev_name = None
self._fields = self._parse_line()
def _parse_line(self):
"""Parse line into fields, skipping comment and blank lines."""
# check if line contains a rule or not
stripped = self._line.strip()
if not stripped or stripped.startswith("#"):
return None
# strip out double quotes from values, and simplify equals strings
simplified = self._line.replace("==", "=").replace('"', '')
# return a dictionary formed from the key=value pairs found in line
return dict(f.strip().split("=", 1) for f in simplified.split(","))
def _backup_dev_name(self):
"""Backup original device name if not previously done."""
if self._orig_dev_name is None:
self._orig_dev_name = self.dev_name
@property
def is_rule(self):
"""True if line represents a udev rule."""
return self._fields is not None
@property
def mac(self):
"""Expose parsed MAC address as a readonly attr."""
if not self.is_rule:
raise NotRuleError("No 'ATTR{address}' field.")
if "ATTR{address}" not in self._fields:
raise NotRule70Error("No 'ATTR{address}' field.")
return self._fields["ATTR{address}"]
@property
def dev_name(self):
"""Expose parsed device name as a readonly attr."""
if not self.is_rule:
raise NotRuleError("No 'NAME' field.")
return self._fields["NAME"]
_name_re = re.compile(r"^(\D+)(\d+)$")
@property
def is_dev_name_valid(self):
"""True if device name is valid format."""
return self._name_re.match(self.dev_name) is not None
@property
def dev_name_prefix(self):
"""Device name prefix string.
Expose the device name prefix string, e.g. eth for ethN,
as a readonly attr.
"""
match = self._name_re.match(self.dev_name)
if not match:
raise InvalidDeviceNameError("Not a valid device name: '%s'" %
self.dev_name)
return match.group(1)
@property
def orig_dev_name(self):
"""Expose original device name as a readonly attr."""
if not self.is_rule:
raise NotRuleError("No original name to find.")
if self._orig_dev_name:
return self._orig_dev_name
return self.dev_name
_dev_rename_re = re.compile(r'(\sNAME=")([^"]+)(")')
def dev_rename(self, new_dev_name):
"""Rename device associated with rule.
Rename the device associated with a given rule, if the
name has in fact changed, and the device hasn't already
been re-ordered.
"""
if not self.is_rule:
raise NotRuleError("Rename not possible.")
if new_dev_name == self.dev_name:
return
if self.reordered:
return
self._backup_dev_name()
repl_value = r'\1' + new_dev_name + r'\3'
new_line, count = self._dev_rename_re.subn(repl_value,
self._line, 1)
if not count:
raise InvalidRuleError("Failed to update NAME field")
self.update(new_line)
self._fields["NAME"] = new_dev_name
@property
def sys_class_orig_path(self):
"""Expose path to original /sys/class/net entry as readonly attr."""
if not self.is_rule:
raise NotRuleError("Cannot determine /sys/class/net path")
return self.syspaths.system_sys_path('class/net', self.orig_dev_name)
@property
def sys_class_path(self):
"""Expose path to current /sys/class/net entry as readonly attr."""
if not self.is_rule:
raise NotRuleError("Cannot determine /sys/class/net path")
return self.syspaths.system_sys_path('class/net', self.dev_name)
@property
def sys_path_exists(self):
"""True if original /sys/class/net path exists."""
return os.path.exists(self.sys_class_orig_path)
@property
def sys_dev_port(self):
"""The PCI device port of the device associated with this rule.
Expose PCI Device port associated with original device name as
readonly attr.
"""
try:
with open(os.path.join(self.sys_class_orig_path, "dev_port")) as f:
dev_port = f.read().strip('\0').strip()
except Exception:
sys.stderr.write("Failed to read dev_port for entry: %s\n" %
(self._orig_line))
raise
return dev_port
@property
def dev_port(self):
"""The ATTR{dev_port} specified in this rule."""
if not self.is_rule:
raise NotRuleError("No 'ATTR{dev_port}' field.")
if "ATTR{dev_port}" not in self._fields:
raise NotRule71Error("No 'ATTR{dev_port}' field.")
return self._fields["ATTR{dev_port}"]
@property
def devpath(self):
"""The DEVPATH specified in this rule."""
if not self.is_rule:
raise NotRuleError("No 'DEVPATH' field.")
if "DEVPATH" not in self._fields:
raise NotRule71Error("No 'DEVPATH' field.")
return self._fields["DEVPATH"]
@property
def sys_mac(self):
"""The system MAC address associated with rules current device.
Expose the MAC address associated with the current device name
as a readonly attr. Used in determining if network devices have
already been re-ordered.
"""
try:
with open(os.path.join(self.sys_class_path, "address")) as f:
sys_mac = f.read().strip('\0').strip()
except Exception:
sys.stderr.write("Failed to read address for entry: %s\n" %
(self._orig_line))
raise
return sys_mac
@property
def pci_dev(self):
"""The PCI device ID associated with rules network device.
Expose the PCI Device ID associated with the original device
name as a readonly attr.
"""
return os.path.realpath(self.sys_class_orig_path).split("/")[-3]
@property
def pci_order(self):
"""Returns constructed PCI ordering string for use in sorting."""
return "%s:%s" % (self.pci_dev, self.sys_dev_port)
@property
def reordered(self):
"""Has this rule already been re-ordered.
True if device associated with has already been reordered,
either by us or a previous run.
"""
if "ATTR{address}" in self._fields:
return self.mac != self.sys_mac
if "DEVPATH" in self._fields:
return self.devpath != ("*/%s/*" % self.pci_dev)
class ConfFile(object):
"""Class used to manage on-disk config files"""
def __init__(self, conf_file, syspaths, handler=None):
"""Initialise instance settings.
If no handler specified, use default, i.e. ConfEntry.
Track name changes for conf file via path list.
"""
if handler is None:
handler = ConfEntry
self._path = [conf_file]
self._rename_phase = 0
self._handler = handler
self._lines = []
self._linemap = {}
self._syspaths = syspaths
@property
def syspaths(self):
"""System paths manager to use when resolving paths."""
return self._syspaths
@property
def path(self):
"""Current file path."""
return self._path[-1]
@path.setter
def path(self, new_path):
"""Change file path to new name."""
if new_path == self.path:
return
self._path.append(new_path)
@property
def paths(self):
"""Expose rename paths list as readonly attr."""
return tuple(self._path)
@property
def orig_path(self):
"""Expose original file path as readonly attr."""
return self._path[0]
@property
def rename_phases(self):
"""Total number of renames for this conf file."""
return len(self._path) - 1
@property
def has_moved(self):
"""True if a file has been renamed."""
return bool(self.rename_phases)
@property
def renames_remaining(self):
"""Number of outstanding rename operations.
Remaining number of renames for this conf file that
haven't yet been performed.
"""
return self.rename_phases - self._rename_phase
@property
def rename_phase_src(self):
"""Source path for current rename phase."""
return self._path[self._rename_phase]
@property
def rename_phase_dst(self):
"""Destination path for current rename phase."""
if not self.renames_remaining:
raise PhaseRenameError("File '%s' already fully renamed to '%s'"
% (self.orig_path, self.path))
return self._path[self._rename_phase + 1]
def _load_file(self):
"""Load entries from on-disk file.
Load the conf file lines each as an instance of provided
handler, and record associated line number mapping.
"""
try:
with open(self.path) as f:
conf_lines = f.readlines()
except Exception:
sys.stderr.write("open('%s') failed: %s\n" %
(self.path, sys.exc_info()[1]))
raise
for lineno, line in enumerate(conf_lines):
entry = self._handler(line, lineno, self.syspaths)
self._lines.append(entry)
self._linemap[lineno] = entry
@property
def entries(self):
"""List of entries in the file.
Expose list of entries in the conf file as a readonly attr,
dynamically loading the file lines if necessary.
"""
if not self._lines:
self._load_file()
return tuple(self._lines)
@property
def lines(self):
"""Expose text lines of conf file as readonly attr."""
return tuple(str(e) for e in self.entries)
@property
def content(self):
"""Expose text content of conf file as readonly attr."""
return "".join(self.lines)
@property
def ondisk_digest(self):
"""Generate hashed digest of on-disk file content.
Returns hashed digest based upon on-disk file content for
current file name; used in determining whether file has
been modified.
"""
with open(self.rename_phase_src) as f:
return hasher(f.read()).hexdigest()
@property
def incore_digest(self):
"""Generate hashed digest of in-code file content.
Returns hashed digest based upon in-core file content for
conf file; used in determining whether file has been modified.
"""
return hasher(self.content).hexdigest()
@property
def consistent(self):
"""True if in-core and on-disk content digests match."""
return self.incore_digest == self.ondisk_digest
def _update_ondisk(self):
"""Write out in-core file content to disk."""
with open(self.orig_path, "w") as f:
f.write(self.content)
@property
def dirty(self):
"""True if in-core and on-disk content differs."""
return not self.consistent
def replace(self, replacer):
"""Replace specific values based upon lookup table.
Update file content via the provided DictReplacer instance,
which will replace matching values based upon their current
value, looked up in the replacer's lookup table.
"""
for e in self.entries:
e.update(replacer.replace(str(e)))
def _rename_ondisk(self):
"""Perform an on-disk rename action.
Perform the next on-disk rename of this conf file, if one is
pending.
"""
if not self.has_moved or not self.renames_remaining:
return
try:
os.rename(self.rename_phase_src, self.rename_phase_dst)
except Exception:
sys.stderr.write("Failed to renamed '%s' to '%s'\n" %
(self.rename_phase_src,
self.rename_phase_dst))
raise
self._rename_phase += 1
def commit(self, phases=1):
"""Commit pending changes for this conf file.
Write any required changes to the conf file if it is dirty, and
perform specified number of rename phases, where -1 means all
remaining phases. The latter special value should only be used
if we are certain that we are not trying to swap the names of
two conf files.
"""
if self.dirty:
self._update_ondisk()
if self.has_moved and self.renames_remaining:
if phases == -1:
phases = self.renames_remaining
for phase in range(phases):
self._rename_ondisk()
class UdevNetRulesFile(ConfFile):
"""Manage a udev net rules file.
Provides common framework for managing net rules files.
"""
def __init__(self, conf_file, syspaths):
"""Manage this conf file using the UdevNetEntry handler."""
super(UdevNetRulesFile, self).__init__(conf_file, syspaths,
UdevNetEntry)
@property
def rules(self):
"""Expose list of rules as readonly attr."""
return tuple(e for e in self.entries if e.is_rule)
@property
def reordered_rules(self):
"""Expose list of re-ordered rules as readonly attr."""
return tuple(r for r in self.rules if r.reordered)
@property
def reordered(self):
"""True if any rules have been re-ordered."""
return bool(self.reordered_rules)
@property
def devices_exist(self):
"""Check that all rule network devices exist.
Returns true only if all the /sys/class/net devices associated
with all rules still exist.
"""
return all(r.sys_path_exists for r in self.rules)
class UdevNetRulesFile70(UdevNetRulesFile):
"""Manage a udev 70-persistent-net.rules file.
This class manages the contents of the udev persistent net
rules file /etc/udev/rules.d/70-persistent-net.rules.
"""
def __init__(self, syspaths):
"""Manage this conf file using the UdevNetEntry handler."""
super(UdevNetRulesFile70, self).__init__(syspaths.rules_file_70,
syspaths)
def reorder_rules(self):
"""Re-order the device names in the rules by PCI device.
Sort rule devices according to the associated pci_order value,
and rename device names based upon that ordering.
"""
new_order = sorted(self.rules, key=attrgetter("pci_order"))
for idx, r in enumerate(new_order):
r.dev_rename("%s%s" % (r.dev_name_prefix, idx))
class UdevNetRulesFile71(UdevNetRulesFile):
"""Manage a udev 71-persistent-net.rules file.
This class manages the contents of the udev persistent net
rules file /etc/udev/rules.d/71-persistent-net.rules.
"""
def __init__(self, syspaths):
"""Manage this conf file using the UdevNetEntry handler."""
super(UdevNetRulesFile71, self).__init__(syspaths.rules_file_71,
syspaths)
def reorder_rules(self):
raise NetRulesError("Re-ordering not supported for "
"71-persistent-net.rules file.")
class UdevNetRulesManager(object):
"""Udev Net Rules Manager
Class used to make the udev persistent net rules settings
for a system. Generates a 71-persistent-net.rules file that
orders network devices by PCI order, superceding any existing
70-persistent-net.rules file.
We will also update the 70-persistent-net.rules file to match
the new order.
"""
def __init__(self, syspaths):
"""Initialise instance settings.
The syspaths object manages access to the system paths
against which the operations should be performed.
"""
self._syspaths = syspaths
self._rules_70 = None
self._rules_71 = None
self._rules_71_created = False
@property
def syspaths(self):
return self._syspaths
@property
def rules_70(self):
if not self._rules_70:
self._load_rules_70()
return self._rules_70
@property
def rules_71(self):
if not self._rules_71:
self._load_rules_71()
return self._rules_71
@property
def rules_71_created(self):
return self._rules_71_created
@property
def rules_file_70_exists(self):
return os.path.exists(self._syspaths.rules_file_70)
@property
def rules_file_71_exists(self):
return os.path.exists(self._syspaths.rules_file_71)
def _load_rules_70(self):
if not self.rules_file_70_exists:
return
self._rules_70 = UdevNetRulesFile70(self.syspaths)
def _load_rules_71(self):
if not self.rules_file_71_exists:
self._gen_rules_file_71()
self._rules_71 = UdevNetRulesFile71(self.syspaths)
@staticmethod
def _get_net_dev_info(net_dev_path):
dev_name = os.path.basename(net_dev_path)
pci = os.path.realpath(net_dev_path).split('/')[-3]
with file(os.path.join(net_dev_path, 'dev_port')) as fp:
port = fp.read().strip('\0').strip()
with file(os.path.join(net_dev_path, 'address')) as fp:
address = fp.read().strip('\0').strip()
return dict(dev_name=dev_name, pci=pci, port=port, address=address)
@property
def system_eth_devices(self):
class_net = self.syspaths.system_sys_path('class', 'net')
eth_dev_info = list(self._get_net_dev_info(e)
for e in glob(os.path.join(class_net, 'eth*')))
return {e['dev_name']: e for e in eth_dev_info}
@property
def ordered_eth_devices(self):
sys_devs = self.system_eth_devices
pci_ordered = sorted(sys_devs.values(),
key=lambda x: '%s:%s' % (x['pci'], x['port']))
ordered_devs = OrderedDict()
for i, e in enumerate(pci_ordered):
dev_name = 'eth%d' % i
new_e = e.copy()
new_e.update(dict(dev_name=dev_name))
ordered_devs[dev_name] = new_e
return ordered_devs
@property
def reordered(self):
sys_devs = self.system_eth_devices
ordered_devs = self.ordered_eth_devices
return (sys_devs != ordered_devs)
@property
def reordered_devices(self):
sys_devs = self.system_eth_devices
sys_set = set("%s:%s#%s" % (e['pci'], e['port'], e['dev_name'])
for e in sys_devs.itervalues())
ordered_devs = self.ordered_eth_devices
ordered_set = set("%s:%s#%s" % (e['pci'], e['port'], e['dev_name'])
for e in ordered_devs.itervalues())
set_diffs = sys_set.symmetric_difference(ordered_set)
diff_map = {}
for d in set_diffs:
d_pci, d_name = d.split('#')
if d_pci not in diff_map:
diff_map[d_pci] = {}
if d in sys_set:
diff_map[d_pci]['from'] = d_name
else:
diff_map[d_pci]['to'] = d_name
return sorted(diff_map.itervalues(), key=itemgetter('from'))
@staticmethod
def _gen_rules_71_entry(e):
return ['',
('SUBSYSTEM=="net", ACTION=="add", DEVPATH=="*/%s/*", '
'ATTR{dev_port}=="%s", NAME="%s"' % (e['pci'], e['port'],
e['dev_name']))]
def _gen_rules_file_71(self):
ordered_devs = self.ordered_eth_devices
content = ["# ARDANA-MANAGED - Managed by Ardana - Do not edit",
"# Generated by update_fcoe_udev during install/setup",
"#",
("# udev rules to persistently map physical PCI devices "
"to ethX device names."),
("# This is used to hard-wire specific ethX names to a "
"specific (PCI address,"),
("# dev_port) pairings so that the names don't change "
"across reboots.")]
for e in ordered_devs:
content.extend(self._gen_rules_71_entry(ordered_devs[e]))
rules_file = self.syspaths.rules_file_71
with file(rules_file, "w") as fp:
fp.write("\n".join(content))
self._rules_71_created = True
@property
def dirty(self):
if self.rules_71_created and self.reordered:
return True
if self.rules_70:
if self.rules_70.dirty:
return True
return False
@property
def devices_exist(self):
if not self.rules_71.devices_exist:
return False
if self.rules_71:
if not self.rules_71.devices_exist:
return False
return True
def reorder_rules(self):
if self.rules_70:
self.rules_70.reorder_rules()
# We should never need to re-order the entries in rules_71
def commit(self):
if self.rules_70:
self.rules_70.commit()
class NetworkDeviceManager(object):
"""Network Device Management Helper
Class used to manage updating system configuration files as a
result of reordering network devices in PCI device order.
"""
def __init__(self, prefix, sys_prefix, syspaths=None):
"""Initialise instance settings.
The arguments that we support are:
* prefix - path
The path under which to look for network configuration files.
* sys_prefix - path
The path under which to perform /sys lookups
"""
if syspaths is None:
syspaths = HelionSystemPaths(prefix, sys_prefix)
self._syspaths = syspaths
self._udev = UdevNetRulesManager(syspaths)
self._fcoe_confs = []
self._ifaces_confs = []
self._remap_renamer = None
@property
def syspaths(self):
"""Expose syspaths as a readonly attr."""
return self._syspaths
@property
def udev(self):
"""Expose udev as a readonly attr."""
return self._udev
@property
def fcoe_confs(self):
"""Expose fcoe_confs as a readonly attr."""
return tuple(self._fcoe_confs)
@property
def ifaces_confs(self):
"""Expose ifaces_confs as a readonly attr."""
return tuple(self._ifaces_confs)
@property
def remap_renamer(self):
"""Renamer tool used to manage content updates.
Dynamically creates a DictReplacer instance to be used for
updating config files the first this is called after devices have
been reordered, and thereafter returns that DictReplacer instance.
"""
if self._remap_renamer is None and self.udev.reordered:
# Construct a DictReplacer instance that can be used to
# rename the device names within config files.
reordered = self.udev.reordered_devices
rename_map = dict(((r['from'], r['to'])
for r in reordered))
self._remap_renamer = DictReplacer(r"(eth\d+)",
rename_map)
return self._remap_renamer
_noreorder_flag = "fcoe_noreorder"
@property
def dont_run(self):
"""Returns true if flag found in /proc/cmdline."""
cmdline_file = "/proc/cmdline"
try:
with open(cmdline_file) as f:
cmdline = f.read()
except Exception:
sys.stderr.write("Failed to open '%s': %s\n" %
(cmdline_file, sys.exc_info()[1]))
raise
return self._noreorder_flag in cmdline
@property
def system_valid(self):
"""Check that system state is consistent and valid.
Returns false if any of the network devices identified in
ther persistent udev net rules doesn't exist.
"""
return self.udev.devices_exist
@property
def already_processed(self):
"""Check if a system has already been processed.
Should be called before doing anything to check if system
has already been processed, and or needs a reboot.
"""
# If the flag file has been created by a previous run
# or if any of the rules have already been re-ordered
# then we shouldn't make any more changes and instead
# the system needs to be rebooted.
return self.syspaths.flag_exists
@property
def needs_reboot(self):
return self.udev.reordered
def reorder_udev_rules(self):
"""Re-order network devcies in Udev persistent rules."""
self.udev.reorder_rules()
@property
def fcoe_dirty(self):
"""True if any FCOE config changes pending."""
return any(c.dirty or c.renames_remaining for c in self.fcoe_confs)
@property
def ifaces_dirty(self):
"""True if any network interface config changes pending."""
return any(c.dirty or c.renames_remaining for c in self.ifaces_confs)
@property
def dirty(self):
"""True if any udev, FCOE or network config changes pending."""
return self.udev.dirty or self.fcoe_dirty or self.ifaces_dirty
def _process_candidate_conf_files(self, reordered_files):
"""Process specified conf files.
Given a list of (rule, file) pairs, weed out those for which
the conf file doesn't exist and then process the remaining
conf files, updating their content as appropriate and then
rename them in a 2 phase process; this allows us to safely
swap files. Return the resulting list of ConfFile instances.
"""
confs = []
for r, f in reordered_files:
if not os.path.exists(f):
continue
conf = ConfFile(f, self.syspaths)
conf.replace(self.remap_renamer)
temp_name = "%s...%s" % (r['from'], r['to'])
conf.path = conf.path.replace(r['from'], temp_name)
conf.path = conf.path.replace(temp_name, r['to'])
confs.append(conf)
return confs
def update_fcoe_configs(self):
"""Update FCOE config based on re-ordered udev rules."""
# Nothing to be done if no reordering has occurred.
reordered = self.udev.reordered_devices
if not reordered:
return
# Skip if we have already completed this stage
if self.fcoe_confs:
return
# Generate candidate list of fcoe conf files, with
# associated rule, that need to be processed
reordered_files = tuple((r, os.path.join(self.syspaths.fcoe_dir,
"cfg-%s" % r['from']))
for r in reordered)
# At this stage changes have been prepared but are not yet
# committed to disk
self._fcoe_confs = self._process_candidate_conf_files(reordered_files)
def update_ifaces_configs(self):
"""Update network config based on re-ordered udev rules."""
# Nothing to be done if no reordering has occurred.
reordered = self.udev.reordered_devices
if not reordered:
return
# Skip if we have already completed this stage
if self.ifaces_confs:
return
# Generate candidate list of iface conf files, with
# associated rule, that need to be processed.
reordered_files = tuple((r, os.path.join(self.syspaths.ifaces_dir,
r['from']))
for r in reordered)
ifaces_confs = self._process_candidate_conf_files(reordered_files)
# Process the main interfaces file, and if it was modified, then
# include it in the list of interface conf objects to be tracked
conf = ConfFile(self.syspaths.ifaces_file, self.syspaths)
conf.replace(self.remap_renamer)
if conf.dirty:
ifaces_confs.append(conf)
# At this stage changes have been prepared but are not yet
# committed to disk
self._ifaces_confs = ifaces_confs
@staticmethod
def _gen_conf_changes_text(action, title, conf_list):
"""Generate change info text."""
if not (conf_list and
any(c.dirty or c.has_moved for c in conf_list)):
return ""
lines = ["%s %s Changes:" % (action, title)]
if any(c.has_moved for c in conf_list):
lines.append(" Reordering:")
lines.extend([" %s ==> %s" % (c.orig_path, c.path)
for c in conf_list if c.has_moved])
if any(c.dirty for c in conf_list):
lines.append(" Modifying:")
lines.extend([" %s" % c.path
for c in conf_list if c.has_moved])
lines.append("")
return "\n".join(lines)
@staticmethod
def _gen_udev_changes_text(action, reordered_list):
"""Generate device reorder change text."""
if not reordered_list:
return ""
lines = ["%s Device Re-ordering:" % action]
lines.extend([" %6s ==> %s" % (r['from'], r['to'])
for r in reordered_list])
lines.append("")
return "\n".join(lines)
def _gen_changes_text(self, action):
reordered = self.udev.reordered_devices
changes = [self._gen_udev_changes_text(action, reordered),
self._gen_conf_changes_text(action, "FCOE",
self.fcoe_confs),
self._gen_conf_changes_text(action, "Network",
self.ifaces_confs)]
return "\n".join(c for c in changes if c)
def _create_flag_file(self, content):
"""Create flag file with provided content."""
if not os.path.exists(self.syspaths.flag_dir):
try:
os.makedirs(self.syspaths.flag_dir)
except Exception:
sys.stderr.write("Failed to create flag directory '%s': %s\n" %
(self.syspaths.flag_dir, sys.exc_info()[1]))
raise
try:
with open(self.syspaths.flag_file, "w") as f:
f.write(content)
except Exception:
sys.stderr.write("Failed to create flag file '%s': %s\n" %
(self.syspaths.flag_file, sys.exc_info()[1]))
raise
def commit(self):
"""Commit any pending changes to disk."""
changes = "No reordering required."
msg = "No device reordering required on this system."
if self.dirty:
print(self._gen_changes_text("Proposed"))
# Generate committed changes text before committing.
changes = self._gen_changes_text("Committed")
# If the rules have been updated commit those changes
if self.udev.dirty:
self.udev.commit()
# If any of the fcoe or interfaces files have been
# updated or renamed then commit those changes
if self.fcoe_dirty or self.ifaces_dirty:
conf_list = self.fcoe_confs + self.ifaces_confs
rename_phases = max(c.renames_remaining
for c in conf_list)
# We want to iterate at least once, and up to max
# number of rename operations outstanding.
for i in range(max(1, rename_phases)):
for conf in conf_list:
# First time through will update file content, and
# peforms first rename if any; subsequent commits
# perform any remaining renames
conf.commit()
msg = ("All device reordering changes committed to disk.\n"
"NOTE:\n"
" Please ensure that the ramdisk is updated and the\n"
" system is rebooted for these changes to take effect.")
self._create_flag_file(changes)
print(msg)
def process_system(self):
"""Process the current system.
Update the system by re-ordering the udev persistent network
rules according to PCI device order, and then reflect those
reordering changes in the system FCOE and network interfaces
configurations, and then commit those changes to disk.
"""
if self.already_processed or self.dont_run or not self.system_valid:
return
self.reorder_udev_rules()
self.update_fcoe_configs()
self.update_ifaces_configs()
self.commit()
class UpdateFcoeUdev(object):
"""UpdateFcoeUdev
Class implementing Ansible module support for updating FCOE
udev persistent rule ordering.
"""
def __init__(self, module):
self._module = module
self._ndm = None
self._stdout = StringIO()
self._stderr = StringIO()
self._orig_stdout = None
self._orig_stderr = None
# swap in our stdout/stderr to capture any output generated.
self._swap_stdio()
def _swap_stdio_handle(self, name):
orig_name = "_orig_%s" % name
if not getattr(self, orig_name):
setattr(self, orig_name, getattr(sys, name))
setattr(sys, name, getattr(self, "_" + name))
else:
setattr(sys, name, getattr(self, orig_name))
setattr(self, orig_name, None)
def _swap_stdio(self):
self._swap_stdio_handle("stdout")
self._swap_stdio_handle("stderr")
def _add_stdio_handle(self, results, name):
existing = results.get(name, "")
handle = getattr(self, "_" + name)
existing += "\n" + handle.getvalue()
results[name] = existing
def _add_stdio(self, results):
self._add_stdio_handle(results, "stdout")
self._add_stdio_handle(results, "stderr")
def _restore_stdio(self, results):
self._swap_stdio()
self._add_stdio(results)
@property
def module(self):
return self._module
@property
def update(self):
return self._module.params['update']
@property
def prefix(self):
return self._module.params['prefix']
@property
def sys_prefix(self):
return self._module.params['sys_prefix']
@property
def ndm(self):
if self._ndm is None:
self._ndm = NetworkDeviceManager(self.prefix,
self.sys_prefix)
return self._ndm
def fail(self, **results):
self._restore_stdio(results)
self.module.fail_json(**results)
def exit(self, **results):
self._swap_stdio()
self.module.exit_json(**results)
def _check(self):
self.ndm.reorder_udev_rules()
if self.ndm.udev.reordered:
self.exit(msg="Reordering of FCOE devices required.",
rc=1, changed=False)
def _update(self):
self.ndm.reorder_udev_rules()
if not self.ndm.udev.reordered:
self.exit(msg="No reordering of FCOE devices required.",
rc=0, changed=False)
self.ndm.update_fcoe_configs()
self.ndm.update_ifaces_configs()
self.ndm.commit()
self.exit(msg=("System FCOE device reordering completed; reboot "
"required for changes to take effect."),
rc=0, changed=True)
def execute(self):
try:
if not self.ndm.system_valid:
self.fail(msg=("System state invalid: one or more network "
"devices referenced in persistent udev rules "
"doesn't exist."),
rc=256, changed=False)
if self.ndm.already_processed:
if self.ndm.needs_reboot:
self.exit(msg=("Reboot required to complete pending "
"device reordering."),
rc=2, changed=False)
self.exit(msg="System FCOE devices already reordered.",
rc=0, changed=False)
if not self.update:
self._check()
else:
self._update()
except Exception:
self.fail(msg="Failed to determine system FCOE state",
rc=256, changed=False)
self.exit(msg="No reordering required.", rc=0, changed=False)
def main():
"""Main body for ansible module."""
module = AnsibleModule(
argument_spec=dict(
update=dict(required=False, default=False, type='bool'),
prefix=dict(required=False, default="/", type='str'),
sys_prefix=dict(required=False, default="/", type='str')
)
)
ufu = UpdateFcoeUdev(module)
ufu.execute()
DOCUMENTATION = '''
---
module: update_fcoe_udev
author: Fergal Mc Carthy
short_description: Ensure consistent ordering of FCOE network devices.
description:
- Checks if system has already had FCOE network devices re-ordered.
- Updates system by re-ordering FCOE network devices, if requested.
- If system is changed as a result of this successful completion of
the action, a reboot is required.
- Fails with rc = 1 if system needs FCOE device re-ordering.
- Fails with rc = 2 if system still needs to be rebooted after a
previous reordering operation.
- Fails with rc = 256 if anything else goes wrong.
- stdout & stderr lines.
options:
action:
required: True
choices: [check, update]
description:
- If check is specified, just checks system state and fails
appropriately if needed.
- If update is specified, updates system state if needed, and
a changed status indicates a reboot is required.
prefix:
required: False
default: /
description:
- Specifies system path prefix used to access config files.
- Only needed if system files are not mounted at traditional
location, e.g. during an install operation candidate system
file systems are mounted under /target.
sys_prefix:
required: False
default: /
description:
- Specifies system sys path prefix used to access /sys files.
- Only needed if system files are not mounted at traditional
location, e.g. for simulation purposes.
'''
EXAMPLES = '''
- update_fcoe_udev:
register: ufu_check_result
ignore_errors: True
- fail: msg="Reboot required."
when: ufu_check_result.rc == 2
- fail:
msg: |
Unknown error:
stdout={{ ufu_check_result.stdout }}
stderr={{ ufu_check_result.stderr }}
when: ufu_check_result.rc == 256
- update_fcoe_udev: update=True
register: ufu_result
when: ufu_check_result.rc = 1
ignore_errors: True
- fail:
- fail: msg="Reboot required."
when: ufu_result.rc | changed
'''
from ansible.module_utils.basic import * # NOQA
if __name__ == '__main__':
main()
0707010019D003000041ED0000000000000000000000025B32C86200000000000000FD0000000200000000000000000000003C00000000ardana-osconfig-8.0+git.1530054754.b943409/roles/fcoe/tasks0707010019D005000081A40000000000000000000000015B32C8620000097A000000FD0000000200000000000000000000005100000000ardana-osconfig-8.0+git.1530054754.b943409/roles/fcoe/tasks/check_fcoe_order.yml# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# Check that FCOE device reordering has been completed successfully and
# request a manual reboot of the system if necessary.
---
- name: fcoe | check_fcoe_order | Set os-specific variables
include_vars: "{{ ansible_os_family | lower }}.yml"
# Shouldn't need root privs to check system state.
- name: fcoe | check_fcoe_order | Check FCOE device ordering
become: no
update_fcoe_udev:
update: False
prefix: /
register: ufu_check_result
when: host.fcoe_interfaces | length > 0
ignore_errors: True
- name: fcoe | check_fcoe_order | Handle ordering check exceptions
fail:
msg: |
Unknown error while checking FCOE device ordering:
stdout={{ ufu_check_result.stdout }}
stderr={{ ufu_check_result.stderr }}
when: ((host.fcoe_interfaces | length > 0) and
(ufu_check_result.rc == 256))
# Should have already been done but just in case, do it again.
- name: fcoe | check_fcoe_order | Rebuild the initramfs
become: yes
command: "{{ initramfs_update_command }}"
when: ((host.fcoe_interfaces | length > 0) and
(ufu_check_result.rc == 2))
- name: fcoe | check_fcoe_order | Handle reboot required
fail:
msg: |
Detected that FCOE devices have been re-ordered but a restart is
still required for the changes to take effect.
Please reboot the system manually before continuing.
when: ((host.fcoe_interfaces | length > 0) and
(ufu_check_result.rc == 2))
- name: fcoe | check_fcoe_order | Handle re-ordering required
fail:
msg: |
Detected that FCOE devices have not yet been re-ordered.
Please run the osconfig-fcoe-reorder play and then manually reboot
the system before continuing.
when: ((host.fcoe_interfaces | length > 0) and
(ufu_check_result.rc == 1))
0707010019D007000081A40000000000000000000000015B32C862000011F5000000FD0000000200000000000000000000004A00000000ardana-osconfig-8.0+git.1530054754.b943409/roles/fcoe/tasks/configure.yml# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
---
# fcoe configure playbook
# playbook to enable fcoe for bnxfc2 driver
- name: fcoe | configure | bring up interface
become: yes
command: /sbin/ip link set up {{ item.1 }}
with_subelements:
- "{{ host.fcoe_interfaces | default([]) }}"
- devices
- name: fcoe | configure | disable Redhat network manager
become: yes
service:
name: NetworkManager
enabled: no
when: ansible_os_family == 'RedHat' and host.fcoe_interfaces | length > 0
- name: fcoe | configure | stop Redhat network manager
become: yes
service:
name: NetworkManager
state: stopped
when: ansible_os_family == 'RedHat' and host.fcoe_interfaces | length > 0
- name: fcoe | configure | remove default config redhat
become: yes
file:
path: /etc/sysconfig/network-scripts/ifcfg-{{ item.1 }}
state: absent
with_subelements:
- "{{ host.fcoe_interfaces | default([]) }}"
- devices
when: ansible_os_family == 'RedHat'
register: fcoe_ifcfgs_rm_result
# Add the fcoe boots args for given interface to kernel command line
# only if not already present, ensuring that crashkernel options are
# always at the end of the generated command line.
- name: fcoe | configure | add required args to kernel command line
shell: |
set -e
for arg in {{ hostvars[inventory_hostname] | fcoe_boot_args(item.1) }}
do
if ! grep -qs "^GRUB_CMDLINE_LINUX=.*\<${arg}\>" /etc/default/grub; then
sed -i -e '/^GRUB_CMDLINE_LINUX=/ {
s/\("\)$/ '"${arg}"'\1/
s/\(crashkernel=[^ ]* \)\([^\"]*\)\("\)$/\2 \1\3/
s/ * \("\)$/\1/
}' /etc/default/grub
echo Changed
fi
done
with_subelements:
- "{{ host.fcoe_interfaces | default([]) }}"
- devices
when: ansible_os_family == 'RedHat'
register: fcoe_grub_mod_result
changed_when: '"Changed" in fcoe_grub_mod_result.stdout'
- name: fcoe | configure | update grub if kernel command line changed
become: yes
command: grub2-mkconfig -o /boot/grub2/grub.cfg
when: fcoe_grub_mod_result | changed and ansible_os_family == 'RedHat'
- name: fcoe | configure | create the fcoe dir
become: yes
file:
path: "{{fcoe_config_dir}}"
state: directory
mode: 0755
- name: fcoe | configure | Setup fcoe cfg file
become: yes
template:
src: fcoe.cfg.j2
dest: "{{fcoe_config_dir}}/cfg-{{ item.1 }}"
with_subelements:
- "{{ host.fcoe_interfaces | default([]) }}"
- devices
register: fcoe_result
- name: fcoe | configure | enable lldpad
become: yes
service:
name: lldpad
state: restarted
enabled: true
when: fcoe_result.changed
- name: fcoe | configure | disable lldpad on interfaces
become: yes
command: /usr/sbin/lldptool set-lldp -i {{ item.1 }} adminStatus=disabled
with_subelements:
- "{{ host.fcoe_interfaces | default([]) }}"
- devices
when: fcoe_result.changed
- name: fcoe | configure | restart the service
become: yes
service:
name: fcoemon
state: restarted
enabled: true
when: fcoe_result.changed and ansible_os_family == 'Debian'
- name: fcoe | configure | restart the service
become: yes
service:
name: fcoe
state: restarted
enabled: true
when: fcoe_result.changed and ansible_os_family == 'RedHat'
- name: fcoe | configure | get scsi hosts
become: yes
shell: ls -d -1 /sys/class/scsi_host/host*
register: dir_list_result
- name: fcoe | configure | rescan the bus
become: yes
shell: echo "- - - " > "{{ item }}/scan"
with_items: "{{ dir_list_result.stdout_lines}}"
when: fcoe_result.changed
- name: fcoe | configure | rebuild the initramfs
become: yes
command: "{{ initramfs_update_command }}"
when: fcoe_result.changed or
(ansible_os_family == 'RedHat' and
((fcoe_ifcfgs_rm_result | changed) or
(fcoe_grub_mod_result | changed)))
0707010019D006000081A40000000000000000000000015B32C86200000412000000FD0000000200000000000000000000004800000000ardana-osconfig-8.0+git.1530054754.b943409/roles/fcoe/tasks/install.yml# (c) Copyright 2016-2017 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017-2018 SUSE LLC
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
---
- name: fcoe | install | Set os-specific variables
include_vars: "{{ ansible_os_family | lower }}.yml"
# install dependencies for fcoe for bnx2fc/Qlogic CNA
- name: fcoe | install | Install the required packages
become: yes
package:
name: "{{ item }}"
state: present
with_items:
fcoe_packages
when:
host.fcoe_interfaces | length > 0
0707010019D004000081A40000000000000000000000015B32C862000007F0000000FD0000000200000000000000000000005200000000ardana-osconfig-8.0+git.1530054754.b943409/roles/fcoe/tasks/update_fcoe_order.yml# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# Update the FCOE device ordering if needed and request a manual reboot of
# the system if required.
---
- name: fcoe | update_fcoe_order | Set os-specific variables
include_vars: "{{ ansible_os_family | lower }}.yml"
- name: fcoe | update_fcoe_order | Update FCOE device ordering
become: yes
update_fcoe_udev:
update: True
prefix: /
register: ufu_update_result
when: host.fcoe_interfaces | length > 0
ignore_errors: True
- name: fcoe | update_fcoe_order | Handle ordering check exceptions
fail:
msg: |
Unknown error while checking FCOE device ordering:
stdout={{ ufu_update_result.stdout }}
stderr={{ ufu_update_result.stderr }}
when: ((host.fcoe_interfaces | length > 0) and
(ufu_update_result.rc == 256))
- name: fcoe | update_fcoe_order | Rebuild the initramfs
become: yes
command: "{{ initramfs_update_command }}"
when: ((host.fcoe_interfaces | length > 0) and
((ufu_update_result | changed) or (ufu_update_result.rc == 2)))
- name: fcoe | update_fcoe_order | FCOE devices re-ordered.
fail:
msg: |
The system FCOE device ordering has been updated and a manual reboot
is required for the changes to take effect.
Please manually reboot the system before continuing.
when: ((host.fcoe_interfaces | length > 0) and
((ufu_update_result | changed) or (ufu_update_result.rc == 2)))
0707010019D008000041ED0000000000000000000000025B32C86200000000000000FD0000000200000000000000000000004000000000ardana-osconfig-8.0+git.1530054754.b943409/roles/fcoe/templates0707010019D009000081A40000000000000000000000015B32C86200000534000000FD0000000200000000000000000000004C00000000ardana-osconfig-8.0+git.1530054754.b943409/roles/fcoe/templates/fcoe.cfg.j2{#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
#}
### Type: yes/no
## Default: no
# Enable/Disable FCoE service at the Ethernet port
# Normally set to "yes"
FCOE_ENABLE="yes"
## Type: yes/no
## Default: no
# Indicate if DCB service is required at the Ethernet port
# Normally set to "yes"
DCB_REQUIRED="no"
## Type: yes/no
## Default: no
# Indicate if VLAN discovery should be handled by fcoemon
# Normally set to "yes"
AUTO_VLAN="yes"
## Type: fabric/vn2vn
## Default: fabric
# Indicate the mode of the FCoE operation, either fabric or vn2vn
# Normally set to "fabric"
MODE="fabric"
## Type: yes/no
## Default: no
# Indicate whether to run a FIP responder for VLAN discovery in vn2vn mode
#FIP_RESP="yes"
0707010019CFFC000041ED0000000000000000000000025B32C86200000000000000FD0000000200000000000000000000003B00000000ardana-osconfig-8.0+git.1530054754.b943409/roles/fcoe/vars0707010019CFFE000081A40000000000000000000000015B32C86200000306000000FD0000000200000000000000000000004600000000ardana-osconfig-8.0+git.1530054754.b943409/roles/fcoe/vars/debian.yml# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
fcoe_packages:
- lldpad
- lldpad-boot
- fcoe-utils
initramfs_update_command: "update-initramfs -u -k all"
0707010019D000000081A40000000000000000000000015B32C862000002BA000000FD0000000200000000000000000000004400000000ardana-osconfig-8.0+git.1530054754.b943409/roles/fcoe/vars/main.yml# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
---
fcoe_config_dir: /etc/fcoe
0707010019CFFD000081A40000000000000000000000015B32C862000002E8000000FD0000000200000000000000000000004600000000ardana-osconfig-8.0+git.1530054754.b943409/roles/fcoe/vars/redhat.yml# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
fcoe_packages:
- lldpad
- fcoe-utils
initramfs_update_command: "dracut -f"
0707010019CFFF000081A40000000000000000000000015B32C862000002E9000000FD0000000200000000000000000000004400000000ardana-osconfig-8.0+git.1530054754.b943409/roles/fcoe/vars/suse.yml# (c) Copyright 2017 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
fcoe_packages:
- open-lldp
- fcoe-utils
initramfs_update_command: "dracut -f"
0707010019D05F000041ED0000000000000000000000055B32C86200000000000000FD0000000200000000000000000000003A00000000ardana-osconfig-8.0+git.1530054754.b943409/roles/iptables0707010019D065000041ED0000000000000000000000025B32C86200000000000000FD0000000200000000000000000000004300000000ardana-osconfig-8.0+git.1530054754.b943409/roles/iptables/defaults0707010019D066000081A40000000000000000000000015B32C862000003A4000000FD0000000200000000000000000000004C00000000ardana-osconfig-8.0+git.1530054754.b943409/roles/iptables/defaults/main.yml# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
# defaults file for iptables
# Make sure that 'lock_path' here matches the 'neutron_common_rundir'
# in roles/neutron-common/defaults/main.yml
iptables_lock_path: "/var/run/neutron/lock"
iptables_lock_name: 'iptables'
iptables_lock_timeout: 120
iptables_synchronized_prefix: 'neutron-'
0707010019D060000041ED0000000000000000000000025B32C86200000000000000FD0000000200000000000000000000003F00000000ardana-osconfig-8.0+git.1530054754.b943409/roles/iptables/meta0707010019D061000081A40000000000000000000000015B32C862000002D6000000FD0000000200000000000000000000004800000000ardana-osconfig-8.0+git.1530054754.b943409/roles/iptables/meta/main.yml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
dependencies:
- role: osconfig-iptables
osconfig_iptables_run_mode: install
0707010019D062000041ED0000000000000000000000025B32C86200000000000000FD0000000200000000000000000000004000000000ardana-osconfig-8.0+git.1530054754.b943409/roles/iptables/tasks0707010019D063000081A40000000000000000000000015B32C86200000EA6000000FD0000000200000000000000000000005100000000ardana-osconfig-8.0+git.1530054754.b943409/roles/iptables/tasks/iptables-add.yml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- name: iptables | iptables-add | Add iptables chain
become: yes
iptables_update:
command: >
--new-chain {{ iptables_chain }}
lock_path: "{{ iptables_lock_path }}"
lock_name: "{{ iptables_lock_name }}"
lock_timeout: "{{ iptables_lock_timeout }}"
synchronized_prefix: "{{ iptables_synchronized_prefix }}"
os_family: "{{ ansible_os_family }}"
register: _iptables_add_chain_result
failed_when: >
(_iptables_add_chain_result | failed) and
_iptables_add_chain_result.stderr !=
"iptables: Chain already exists."
- name: iptables | iptables-add | Check if iptables chain is present on INPUT
become: yes
iptables_update:
command: >
--check INPUT
--jump {{ iptables_chain }}
lock_path: "{{ iptables_lock_path }}"
lock_name: "{{ iptables_lock_name }}"
lock_timeout: "{{ iptables_lock_timeout }}"
synchronized_prefix: "{{ iptables_synchronized_prefix }}"
os_family: "{{ ansible_os_family }}"
register: _iptables_add_chain_result
changed_when: false
failed_when: >
(_iptables_add_chain_result | failed) and
_iptables_add_chain_result.stderr !=
"iptables: No chain/target/match by that name."
# Note: This is an insert to make the chain higher precedence than all others.
- name: iptables | iptables-add | Add iptables chain to INPUT at top of table
become: yes
iptables_update:
command: >
--insert INPUT
--jump {{ iptables_chain }}
lock_path: "{{ iptables_lock_path }}"
lock_name: "{{ iptables_lock_name }}"
lock_timeout: "{{ iptables_lock_timeout }}"
synchronized_prefix: "{{ iptables_synchronized_prefix }}"
os_family: "{{ ansible_os_family }}"
when: (_iptables_add_chain_result | failed)
- name: iptables | iptables-add | Check if iptables rules are already applied
become: yes
iptables_update:
command: >
--check {{ iptables_chain }}
--destination {{ item.ip }}/32
--protocol tcp
--match tcp
--dport {{ item.port }}
--jump REJECT
lock_path: "{{ iptables_lock_path }}"
lock_name: "{{ iptables_lock_name }}"
lock_timeout: "{{ iptables_lock_timeout }}"
synchronized_prefix: "{{ iptables_synchronized_prefix }}"
os_family: "{{ ansible_os_family }}"
register: _iptables_add_rule_result
with_items: iptables_ip_port
changed_when: false
failed_when: >
(_iptables_add_rule_result | failed) and
_iptables_add_rule_result.stderr !=
"iptables: No chain/target/match by that name."
- name: iptables | iptables-add | Reject incoming messages on ports
become: yes
iptables_update:
command: >
--insert {{ iptables_chain }}
--destination {{ item.item.ip }}/32
--protocol tcp
--match tcp
--dport {{ item.item.port }}
--jump REJECT
lock_path: "{{ iptables_lock_path }}"
lock_name: "{{ iptables_lock_name }}"
lock_timeout: "{{ iptables_lock_timeout }}"
synchronized_prefix: "{{ iptables_synchronized_prefix }}"
os_family: "{{ ansible_os_family }}"
when: (item | failed)
with_items: _iptables_add_rule_result.results
0707010019D064000081A40000000000000000000000015B32C862000007C3000000FD0000000200000000000000000000005400000000ardana-osconfig-8.0+git.1530054754.b943409/roles/iptables/tasks/iptables-delete.yml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- name: iptables | iptables-delete | Delete all rules in iptables chain
become: yes
iptables_update:
command: >
--delete {{ iptables_chain }}
--destination {{ item.ip }}/32
--protocol tcp
--match tcp
--dport {{ item.port }}
--jump REJECT
lock_path: "{{ iptables_lock_path }}"
lock_name: "{{ iptables_lock_name }}"
lock_timeout: "{{ iptables_lock_timeout }}"
synchronized_prefix: "{{ iptables_synchronized_prefix }}"
os_family: "{{ ansible_os_family }}"
with_items: iptables_ip_port
- name: iptables | iptables-delete | Delete all iptables chain in INPUT
become: yes
iptables_update:
command: >
--delete INPUT
--jump {{ iptables_chain }}
lock_path: "{{ iptables_lock_path }}"
lock_name: "{{ iptables_lock_name }}"
lock_timeout: "{{ iptables_lock_timeout }}"
synchronized_prefix: "{{ iptables_synchronized_prefix }}"
os_family: "{{ ansible_os_family }}"
- name: iptables | iptables-delete | Delete iptables chain
become: yes
iptables_update:
command: >
--delete-chain {{ iptables_chain }}
lock_path: "{{ iptables_lock_path }}"
lock_name: "{{ iptables_lock_name }}"
lock_timeout: "{{ iptables_lock_timeout }}"
synchronized_prefix: "{{ iptables_synchronized_prefix }}"
os_family: "{{ ansible_os_family }}"
0707010019D00A000041ED0000000000000000000000065B32C86200000000000000FD0000000200000000000000000000003B00000000ardana-osconfig-8.0+git.1530054754.b943409/roles/multipath0707010019D01A000081A40000000000000000000000015B32C86200001825000000FD0000000200000000000000000000004500000000ardana-osconfig-8.0+git.1530054754.b943409/roles/multipath/README.md
(c) Copyright 2015 Hewlett Packard Enterprise Development LP
(c) Copyright 2017 SUSE LLC
Licensed under the Apache License, Version 2.0 (the "License"); you may
not use this file except in compliance with the License. You may obtain
a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
License for the specific language governing permissions and limitations
under the License.
multipath
=========
This role enables users to configure various multipath on target
machines.
Requirements
------------
This role requires Ansible 1.4 or higher
Role Variables
--------------
The variables that can be passed to this role and a brief description about
them are as follows:
multipath_defaults: <A dictionary of key-value pairs for defaults section>
eg:
multipath_defaults:
user_friendly_names: no
max_fds: max
fast_io_fail_tmo: 5
multipath_devices: <A list of devices with key-value pairs for devices section>
eg:
multipath_devices:
- vendor: "HP"
product: "3PAR"
path_selector: "round-robin 0"
getuid_callout: "/lib/udev/scsi_id -g -u -d /dev/%n"
- vendor: "NETAPP"
product: "LUN"
path_selector: "round-robin 0"
getuid_callout: "/lib/udev/scsi_id -g -u -d /dev/%n"
multipath_blacklist: <A list of regex with key-value pairs for blacklist section>
eg:
multipath_blacklist:
- devnode: "^sd[a-z]"
- wwid: "2345123469"
- device:
vendor: "IBM"
product: "*"
multipath_blacklist_exceptions: <A list of regex with key-value pairs for blacklist_exceptions section>
eg:
multipath_blacklist_exceptions:
- devnode: "^sdc"
- wwid: "23451234698"
- device:
vendor: "IBM"
product: "ST500"
Operational Guide:
------------------
The default settings are to blacklist all devices. To overwrite the default settings
do the following before running the site.yml playbook
1. In the Ardana OpenStack deployer node, open the multipath/multipath_settings.yml under my_cloud/config
where the default setting will be to blacklist all devices with the exception of HP 3PAR:
i.e.,
multipath_blacklist:
- device:
vendor: ".*"
product: ".*"
multipath_blacklist_exceptions:
- device:
vendor: "3PARdata"
product: "VV"
NOTE: Additionally all disk model devices will be blacklisted by default using wwid
2. Modify the file as per the "Role Variables" section described at the beginning
3. Follow the below steps to apply the settings:
cd ~/openstack/ardana/ansible
git add -A
git commit -m "your commit message"
ansible-playbook -i hosts/localhost config-processor-run.yml
ansible-playbook -i hosts/localhost ready-deployment.yml
cd ~/scratch/ansible/next/ardana/ansible
ansible-playbook -i hosts/verb_hosts site.yml
Examples
--------
Input variables:
----------------
multipath_defaults:
user_friendly_names: no
max_fds: max
flush_on_last_del: yes
queue_without_daemon: no
dev_loss_tmo: infinity
fast_io_fail_tmo: 5
multipath_devices:
- vendor: "NETAPP"
product: "LUN"
path_grouping_policy: group_by_prio
features: "3 queue_if_no_path pg_init_retries 50"
prio: "alua"
path_checker: tur
failback: immediate
path_selector: "round-robin 0"
hardware_handler: "1 alua"
rr_weight: uniform
rr_min_io: 128
getuid_callout: "/lib/udev/scsi_id -g -u -d /dev/%n"
- vendor: "HP"
product: "3PAR"
path_grouping_policy: group_by_prio
failback: immediate
path_selector: "round-robin 0"
getuid_callout: "/lib/udev/scsi_id -g -u -d /dev/%n"
multipath_blacklist:
- devnode: "^sd[a-z]"
- wwid: "2345123469"
- device:
vendor: "IBM"
product: "*"
multipath_blacklist_exceptions:
- devnode: "^sdc"
- wwid: "23451234698"
- device:
vendor: "IBM"
product: "ST500"
Resulting multipath.conf:
-------------------------
defaults {
fast_io_fail_tmo "5"
flush_on_last_del "True"
max_fds "max"
user_friendly_names "False"
dev_loss_tmo "infinity"
queue_without_daemon "False"
}
devices {
device {
path_checker "tur"
product "LUN"
vendor "NETAPP"
features "3 queue_if_no_path pg_init_retries 50"
prio "alua"
rr_min_io "128"
path_grouping_policy "group_by_prio"
path_selector "round-robin 0"
getuid_callout "/lib/udev/scsi_id -g -u -d /dev/%n"
hardware_handler "1 alua"
rr_weight "uniform"
failback "immediate"
}
device {
product "3PAR"
vendor "HP"
path_grouping_policy "group_by_prio"
path_selector "round-robin 0"
getuid_callout "/lib/udev/scsi_id -g -u -d /dev/%n"
failback "immediate"
}
}
blacklist {
devnode "^sd[a-z]"
wwid "2345123469"
device {
product "*"
vendor "IBM"
}
}
blacklist_exceptions {
devnode "^sdc"
wwid "23451234698"
device {
product "ST500"
vendor "IBM"
}
}
0707010019D011000041ED0000000000000000000000025B32C86200000000000000FD0000000200000000000000000000004300000000ardana-osconfig-8.0+git.1530054754.b943409/roles/multipath/library0707010019D012000081A40000000000000000000000015B32C86200000519000000FD0000000200000000000000000000005500000000ardana-osconfig-8.0+git.1530054754.b943409/roles/multipath/library/check_wildcard.py#!/usr/bin/python
#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
def main():
module = AnsibleModule(
argument_spec=dict(
blacklist=dict()
)
)
blacklist = json.loads(module.params['blacklist'])
for entry in blacklist:
if 'device' in entry.keys():
if 'product' in entry['device'].keys() and 'vendor' in entry['device'].keys():
if entry['device']['product'] == ".*" and entry['device']['vendor'] == ".*":
module.fail_json(rc=256, msg="No wildcard on blacklist allowed on redhat nodes")
module.exit_json(
rc=0,
changed=False
)
from ansible.module_utils.basic import * # NOQA
main()
0707010019D014000081A40000000000000000000000015B32C8620000094A000000FD0000000200000000000000000000005300000000ardana-osconfig-8.0+git.1530054754.b943409/roles/multipath/library/get_bindings.py#!/usr/bin/python
#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
import os
def main():
my_bindings=[]
disks = []
module = AnsibleModule(
argument_spec=dict(
ardana_host_info=dict(required=True)
)
)
ardana_host_info = json.loads(module.params['ardana_host_info'])
ardana_disk_models = ardana_host_info.get('my_disk_models', dict())
ardana_device_groups = ardana_host_info.get('my_device_groups', dict())
if ardana_disk_models:
for volume_group in ardana_disk_models['volume_groups']:
for physical_volume in volume_group['physical_volumes']:
physical_volume = physical_volume.replace('_root', '')
disks.append(os.path.basename(physical_volume))
if ardana_device_groups:
for device_group in ardana_device_groups:
for entry in ardana_device_groups[device_group]:
for dev in entry['devices']:
disks.append(os.path.basename(dev['name']))
if not os.path.exists("/etc/multipath/bindings"):
module.exit_json(
bindings = my_bindings,
rc=0,
changed=False
)
try:
with open("/etc/multipath/bindings") as f:
bindings = f.readlines()
except:
module_fail_json(rc=256, msg="failed to open the binding file")
for line in bindings:
stripped = line.strip()
if stripped.startswith("#") or stripped == "":
continue
device, wwid = line.split()
if device in disks:
my_bindings.append(dict(alias=device, wwid=wwid))
module.exit_json(
bindings = my_bindings,
rc=0,
changed=False
)
from ansible.module_utils.basic import * # NOQA
main()
0707010019D013000081A40000000000000000000000015B32C86200001388000000FD0000000200000000000000000000004F00000000ardana-osconfig-8.0+git.1530054754.b943409/roles/multipath/library/get_wwid.py#!/usr/bin/python
#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
DOCUMENTATION = '''
---
module: get_wwid
short_description: Retrieves the wwids of specified device or devices for a
given Ardana Host data
description:
- The module accepts either a device parameter or a Ardana Host data JSON
options:
device:
description:
- Full path of the device E.g., '/dev/sda' to retrieve wwid
required: true (One of the two options)
default: null
ardana_host_info:
description:
- Ardana host info in JSON form. This is usually found in host_vars as host.
- Use to_json filter to convert to JSON string
required: true (One of the two options)
default: null
author:
'''
EXAMPLES = '''
# Example from Ansible Playbooks.
- get_wwid: device='/dev/sda'
# Returns dict with key 'wwid' and wwid of the device as value.
# Using Ardana host info
- get_wwid: ardana_host_info='{{ host | to_json }}'
# Returns dict with key 'wwid' and device-wwid key-value pairs dict as value.
# NOTE: Please use single quotes for host info converted to JSON as
# double quotes will cause argument errors
'''
def main():
module = AnsibleModule(
argument_spec=dict(
device=dict(),
ardana_host_info=dict()
)
)
device = module.params['device']
ardana_host_info = json.loads(module.params['ardana_host_info'])
if not device and not ardana_host_info:
module.fail_json(rc=256, msg="No device or Ardana host info specified")
ardana_disk_models = ardana_host_info['my_disk_models'] \
if 'my_disk_models' in ardana_host_info else dict()
ardana_device_groups = ardana_host_info['my_device_groups'] \
if 'my_device_groups' in ardana_host_info else dict()
if ardana_host_info:
rc_cumulative = 0
err_cumulative = ""
wwids = dict()
if ardana_disk_models:
for volume_group in ardana_disk_models['volume_groups']:
if 'multipath' in volume_group\
and volume_group['multipath'] == True:
continue
for physical_volume in volume_group['physical_volumes']:
physical_volume = physical_volume.replace('_root', '')
# Not a scsi disk skip
if not os.path.exists("/sys/block/%s/device/scsi_disk"
% (os.path.basename(physical_volume))):
continue
wwid_command = '/lib/udev/scsi_id -g %s' % physical_volume
rc, out, err = module.run_command(wwid_command)
rc_cumulative += rc
err_cumulative += err
wwids[physical_volume] = '' if out is None \
else out.rstrip("\r\n")
if ardana_device_groups:
for device_group in ardana_device_groups:
for entry in ardana_device_groups[device_group]:
if 'multipath' in entry\
and entry['multipath'] == True:
continue
for dev in entry['devices']:
# Not a scsi disk skip
if not os.path.exists("/sys/block/%s/device/scsi_disk"
% (os.path.basename(dev['name']))):
continue
wwid_command = '/lib/udev/scsi_id -g %s' % dev['name']
rc, out, err = module.run_command(wwid_command)
rc_cumulative += rc
err_cumulative += err
wwids[dev['name']] = '' if out is None \
else out.rstrip("\r\n")
module.exit_json(
hostname=ardana_host_info['vars']['my_network_name'],
wwid=wwids,
rc=rc_cumulative,
stderr=err_cumulative,
changed=True
)
if device:
wwid_command = '/lib/udev/scsi_id -g %s' % device
rc, out, err = module.run_command(wwid_command)
module.exit_json(
disk=wwid_command,
wwid='' if out is None else out.rstrip("\r\n"),
stderr='' if err is None else err.rstrip("\r\n"),
rc=rc,
changed=True
)
from ansible.module_utils.basic import * # NOQA
main()
0707010019D015000041ED0000000000000000000000025B32C86200000000000000FD0000000200000000000000000000004100000000ardana-osconfig-8.0+git.1530054754.b943409/roles/multipath/tasks0707010019D016000081A40000000000000000000000015B32C86200001471000000FD0000000200000000000000000000004D00000000ardana-osconfig-8.0+git.1530054754.b943409/roles/multipath/tasks/install.yml#
# (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017-2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- include_vars: multipath_vars.yml
# Is this the first ever run
- name: multipath | install | Check if multipath ran
stat: path=/etc/openstack/multipath-ran
register: multipath_ran_result
- name: multipath | install | get pvs
shell: pvs | grep mapper
register: multipath_pv_devices
failed_when: multipath_pv_devices.rc > 1
- name: multipath | install | get mount paths
shell: mount | grep mpath
register: multipath_mount_devices
failed_when: multipath_mount_devices.rc > 1
- name: multipath | install | get mounts
set_fact:
multipath_used: True
when: multipath_mount_devices.rc == 0 or multipath_pv_devices.rc == 0
- name: multipath | install | check fact
check_wildcard: blacklist='{{ multipath_blacklist | to_json }}'
when: multipath_blacklist is defined and multipath_used is defined and ansible_os_family == 'RedHat'
- name: multipath | install | Check if multipath ran
stat: path=/etc/openstack/osconfig-ran
register: osconfig_ran_result
- name: multipath | install | Set fact if first run
set_fact:
multipath_first_run: True
when: (multipath_ran_result.stat.exists == False) and (osconfig_ran_result.stat.exists == False)
- name: multipath | install | Load multipath configuration variables
include_vars: "multipath_vars.yml"
- name: multipath | install | Get wwids of all devices in disk model
get_wwid: ardana_host_info='{{ host | to_json }}'
register: disk_model_mappings
# For the very first time that multipath is configured need to set user friendly name
# This will then be changed once the bindings file is updated
# This could already be done during install phase
- name: multipath | install | Check if multipath.conf exists
stat:
path: /etc/multipath.conf
register: multipath_conf_result
- name: multipath | install | Set user_friendly_names yes
set_fact:
multipath_user_friendly_names: "yes"
when: multipath_conf_result.stat.exists == False
- name: multipath | install | Set initial multipath configuration
template:
src: "multipath.conf.j2"
dest: "/etc/multipath.conf"
register: configuration_update
when: multipath_conf_result.stat.exists == False
- name: multipath | install | Load the multipath daemon on redhat
command: modprobe dm-multipath
when: ansible_os_family == 'RedHat'
- name: multipath | install | Install the required packages
become: yes
package:
name: "{{ item }}"
state: present
with_items: multipath_pkgs
- name: multipath | install | Ensure started
service:
name: "{{ item }}"
state: "started"
enabled: "yes"
with_items: service_daemons
# Run multipath the first time
- name: multipath | install | run multipath on first run
command: /sbin/multipath
when: multipath_first_run is defined or multipath_conf_result.stat.exists == False
ignore_errors: yes
# The disk_binding_result is consumed in the multipath.conf template
# This results in an updated multipath.conf next time
- name: multipath | install | Get bindings of devices on system
get_bindings: ardana_host_info='{{ host | to_json }}'
register: disk_bindings_result
- name: multipath | install | flush multipath on first run
command: /sbin/multipath -F
when: multipath_first_run is defined
failed_when: false
- name: multipath | install | reinvoke multipath on first run
command: /sbin/multipath
when: multipath_first_run is defined
# This is what we want
- name: multipath | install | Set user_friendly_names no
set_fact:
multipath_user_friendly_names: "no"
# This is with the aliases for the user friendly names for first run other wise normal
- name: multipath | install | Set real multipath configuration
template:
src: "multipath.conf.j2"
dest: "/etc/multipath.conf"
register: configuration_update
- name: multipath | install | run multipath on first run
command: /sbin/multipath
when: configuration_update.changed or multipath_first_run is defined
# This may be redundant
- name: multipath | install | Restart if there is a configuration update
service:
name: "{{ item }}"
state: "restarted"
enabled: "yes"
with_items: service_daemons
when: configuration_update.changed or multipath_first_run is defined
- name: multipath | install | Update initramfs
command: "{{ initramfs_update_command }}"
when: initramfs_update_command is defined and configuration_update.changed
- name: multipath | marker | create /etc/openstack directory
file: path=/etc/openstack state=directory
- name: osconfig | marker | create marker
file: path=/etc/openstack/multipath-ran state=touch
0707010019D017000081A40000000000000000000000015B32C862000002EE000000FD0000000200000000000000000000004A00000000ardana-osconfig-8.0+git.1530054754.b943409/roles/multipath/tasks/main.yml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- name: multipath | main | Set os-specific variables
include_vars: "{{ ansible_os_family | lower }}.yml"
0707010019D018000041ED0000000000000000000000025B32C86200000000000000FD0000000200000000000000000000004500000000ardana-osconfig-8.0+git.1530054754.b943409/roles/multipath/templates0707010019D019000081A40000000000000000000000015B32C86200000A2E000000FD0000000200000000000000000000005700000000ardana-osconfig-8.0+git.1530054754.b943409/roles/multipath/templates/multipath.conf.j2{#
#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
#}
defaults {
user_friendly_names {{ multipath_user_friendly_names }}
{% if multipath_defaults is defined %}
{% for key in multipath_defaults %}
{{ key }} "{{ multipath_defaults[key] }}"
{% endfor %}
{% endif %}
}
{% if multipath_devices is defined %}
devices {
{% for device in multipath_devices %}
device {
{% for key in device %}
{{ key }} "{{ device[key] }}"
{% endfor %}
}
{% endfor %}
}
{% endif %}
{% if multipaths is defined or disk_bindings_result is defined %}
multipaths {
{% if multipaths is defined %}
{% for multipath in multipaths %}
multipath {
{% for key in multipath %}
{{ key }} "{{ multipath[key] }}"
{% endfor %}
}
{% endfor %}
{% endif %}
{% if disk_bindings_result is defined %}
{% for multipath in disk_bindings_result.bindings %}
multipath {
{% for key in multipath %}
{{ key }} "{{ multipath[key] }}"
{% endfor %}
}
{% endfor %}
{% endif %}
}
{% endif %}
blacklist {
{% if multipath_blacklist is defined %}
{% for entry in multipath_blacklist %}
{% if entry.wwid is defined %}
wwid "{{ entry.wwid }}"
{% elif entry.devnode is defined %}
devnode "{{ entry.devnode }}"
{% elif entry.device is defined %}
device {
{% for key in entry.device %}
{{ key }} "{{ entry.device[key] }}"
{% endfor %}
}
{% endif %}
{% endfor %}
{% endif %}
{% if disk_model_mappings is defined %}
{% for device in disk_model_mappings.wwid %}
wwid "{{ disk_model_mappings.wwid[device] }}"
{% endfor %}
{% endif %}
}
{% if multipath_blacklist_exceptions is defined %}
blacklist_exceptions {
{% for entry in multipath_blacklist_exceptions %}
{% if entry.wwid is defined %}
wwid "{{ entry.wwid }}"
{% elif entry.devnode is defined %}
devnode "{{ entry.devnode }}"
{% elif entry.device is defined %}
device {
{% for key in entry.device %}
{{ key }} "{{ entry.device[key] }}"
{% endfor %}
}
{% endif %}
{% endfor %}
}
{% endif %}
0707010019D00B000041ED0000000000000000000000025B32C86200000000000000FD0000000200000000000000000000004000000000ardana-osconfig-8.0+git.1530054754.b943409/roles/multipath/vars0707010019D00D000081A40000000000000000000000015B32C86200000331000000FD0000000200000000000000000000004B00000000ardana-osconfig-8.0+git.1530054754.b943409/roles/multipath/vars/debian.yml#
# (c) Copyright 2015 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
multipath_pkgs:
- multipath-tools
- multipath-tools-boot
service_daemons:
- multipath-tools
- multipath-tools-boot
initramfs_update_command: "update-initramfs -uv"0707010019D010000081A40000000000000000000000015B32C86200000298000000FD0000000200000000000000000000004900000000ardana-osconfig-8.0+git.1530054754.b943409/roles/multipath/vars/main.yml#
# (c) Copyright 2015 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
env:
RUNLEVEL: 1
0707010019D00F000081A40000000000000000000000015B32C86200000490000000FD0000000200000000000000000000005300000000ardana-osconfig-8.0+git.1530054754.b943409/roles/multipath/vars/multipath_vars.yml#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
multipath_user_friendly_names: "no"
multipath_devices:
- vendor: "3PARdata"
product: "VV"
path_grouping_policy: "group_by_prio"
path_selector: "round-robin 0"
path_checker: "tur"
checker: "tur"
features: "0"
hardware_handler: "1 alua"
prio: "alua"
failback: "immediate"
no_path_retry: "queue"
rr_min_io: "100"
multipath_blacklist:
- device:
vendor: ".*"
product: ".*"
multipath_blacklist_exceptions:
- device:
vendor: "3PARdata"
product: "VV"
0707010019D00C000081A40000000000000000000000015B32C862000002F8000000FD0000000200000000000000000000004B00000000ardana-osconfig-8.0+git.1530054754.b943409/roles/multipath/vars/redhat.yml#
# (c) Copyright 2015 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
multipath_pkgs:
- device-mapper-multipath
service_daemons:
- multipathd
initramfs_update_command: "dracut -f"
0707010019D00E000081A40000000000000000000000015B32C862000002F0000000FD0000000200000000000000000000004900000000ardana-osconfig-8.0+git.1530054754.b943409/roles/multipath/vars/suse.yml#
# (c) Copyright 2017 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
multipath_pkgs:
- multipath-tools
service_daemons:
- multipathd
initramfs_update_command: "dracut -f"
0707010019CF66000041ED0000000000000000000000085B32C86200000000000000FD0000000200000000000000000000004300000000ardana-osconfig-8.0+git.1530054754.b943409/roles/network_interface0707010019CFB4000081A40000000000000000000000015B32C86200003DF3000000FD0000000200000000000000000000004D00000000ardana-osconfig-8.0+git.1530054754.b943409/roles/network_interface/README.md
(c) Copyright 2015, 2016 Hewlett Packard Enterprise Development LP
(c) Copyright 2017 SUSE LLC
network_interface
=================
_WARNING: This role can be dangerous to use. If you lose network connectivity
to your target host by incorrectly configuring your networking, you may be
unable to recover without physical access to the machine._
This role enables users to configure various network components on target
machines. The role can be used to configure:
- `Ethernet interfaces`
- `Bonded interfaces`
- `VLAN interfaces`
- `OVS Bridge interfaces`
- `Bridge interfaces`
and within each of those
- `Network routes`
Requirements
------------
This role requires Ansible 1.4 or higher, and platform requirements are listed
in the metadata file.
Role Variables
--------------
The variables that can be passed to this role and a brief description follows:
# The list of ethernet interfaces to be added to the system
network_ether_interfaces: []
# The list of bonded interfaces to be added to the system
network_bond_interfaces: []
# The list of vlan_interfaces
network_vlan_interfaces: []
# The list of openvswitch bridges and ports
ovs_bridge_interfaces: []
# The list of bridge interfaces to be added to the system
network_bridge_interfaces: []
NOTE: The attributes for each of these lists are shown below.
Typically these lists are generated by the Configuration Processor and are
created in host_vars for every host.
M - mandatory, O - optional, D - deprecated
network_*_interfaces: These options are common for all interface types
- device: M name for the interface being defined
bootproto: M manual/static/dhcp[dhcp should not be used for Ardana OpenStack]
address: O IP address of this interface
netmask: O netmask for this interface (255.255.255.0 or 24)
(address & netmask required for bootproto: static only)
mtu: O MTU size for this interface
route: O list of route triples (full triples required)
- network: O a.b.c.d
netmask: O 255.255.255.0
gateway: O a.b.c.e - address of the gateway for this network/netmask
(network & netmask of 0.0.0.0 implies use as system default gateway)
routing_table: O name of routing table used by this interface
gateway: O gateway for this subnet (within routing_table)
cidr: O CIDR of this interface (v.w.x.y/z) (within routing_table)
vips: O list of VIP addresses on this interface (within routing_table)
network_ether_interfaces:
ovs_bridge: O this interface is attached to this ovs_bridge
pci_pt: O this interface is dedicated to PCI passthrough
sriov_only: O this interface is dedicated to SR-IOV
network_bond_interfaces:
ovs_bridge: O this interface is attached to this ovs_bridge
bond_mode: M bonding mode
bond_miimon: D include in bond_options as 'miimon'
bond_slaves: M sub-interfaces of this bond
bond_primary: O primary sub-interface for the bond
bond_options: O set of bonding options not including mode, slaves or primary
network_vlan_interfaces:
ovs_bridge: O this interface is attached to this ovs_bridge
vlanrawdevice: M which interface to put this VLAN on
vlanid: M VLAN-id to use
ovs_bridge_interfaces:
port: M interface to attach to this bridge
hwaddr: O MAC address to set for this bridge
dpdk_port: true O interface will be used as a dpdk device
network_bridge_interfaces: # not currently used by Ardana OpenStack, not documented
There is also an ansible variable defined that globally controls the generation
of disable LRO directives within capable devices.
This is defined in the Debian specific ansible vars.
disable_lro: true M disable LRO for capable interfaces
All generated files as shown below are generated on the target system in the
directory: `/etc/network/interfaces.d/`
Examples
--------
### Non-bonded configuration outline
-- br-vlan103 ovs-bridge: no-IP+routing_table:EXTERNAL_VM
+---vlan103 vlan: no-IP
+---eth3 inherited from system
-- br-eth1 ovs-bridge: static-IP+routing_table:MANAGEMENT+routes+vips
+---eth1 ether: no-IP
-- eth2 ether: static-IP+routing_table:Ardana
#### Ansible variables: Within per-host host-vars
network_ether_interfaces:
- address: 192.168.10.3
bootproto: static
cidr: 192.168.10.0/24
device: eth2
gateway: 192.168.10.1
netmask: 24
routing_table: Ardana
- bootproto: manual
device: eth1
ovs_bridge: br-eth1
network_vlan_interfaces:
- bootproto: manual
device: vlan103
ovs_bridge: br-vlan103
vlanid: 103
vlanrawdevice: eth3
ovs_bridge_interfaces:
- bootproto: manual
device: br-vlan103
port: vlan103
routing_table: EXTERNAL-VM
- address: 192.168.245.3
bootproto: static
cidr: 192.168.245.0/24
device: br-eth1
gateway: 192.168.245.1
netmask: 24
port: eth1
route:
- gateway: 192.168.245.1
netmask: 0.0.0.0
network: 0.0.0.0
routing_table: MANAGEMENT
vips:
- 192.168.245.9
- 192.168.245.10
#### Generated files:
`/etc/network/interfaces.d/45-br-vlan103`
# ARDANA-MANAGED - Managed by Ardana - Do not edit
allow-ovs br-vlan103
iface br-vlan103 inet manual
pre-up ovs-vsctl --timeout=5 -- --may-exist add-br br-vlan103 || true
pre-up ip addr flush dev vlan103 || true
pre-up ovs-vsctl --timeout=5 -- --may-exist add-port br-vlan103 vlan103 -- || true
pre-up ifconfig vlan103 up || true
down ovs-vsctl --timeout=5 -- --if-exists del-port br-vlan103 vlan103 -- || true
`/etc/network/interfaces.d/35-vlan103`
# ARDANA-MANAGED - Managed by Ardana - Do not edit
auto vlan103
iface vlan103 inet manual
vlan-raw-device eth3
pre-up ethtool -K eth3 lro off || true
up ip link set vlan103 up || true
`/etc/network/interfaces.d/45-br-eth1`
# ARDANA-MANAGED - Managed by Ardana - Do not edit
allow-ovs br-eth1
iface br-eth1 inet static
address 192.168.245.3
netmask 24
pre-up ovs-vsctl --timeout=5 -- --may-exist add-br br-eth1 || true
pre-up ip addr flush dev eth1 || true
pre-up ovs-vsctl --timeout=5 -- --may-exist add-port br-eth1 eth1 -- || true
pre-up ifconfig eth1 up || true
down ovs-vsctl --timeout=5 -- --if-exists del-port br-eth1 eth1 -- || true
pre-up ip route delete default || true
up route add -net 0.0.0.0 netmask 0.0.0.0 gw 192.168.245.1 dev br-eth1 || true
down route delete -net 0.0.0.0 netmask 0.0.0.0 gw 192.168.245.1 dev br-eth1 || true
up ip route add default via 192.168.245.1 table MANAGEMENT || true
down ip route delete default via 192.168.245.1 table MANAGEMENT || true
up ip route add 192.168.245.0/24 dev br-eth1 table MANAGEMENT || true
down ip route delete 192.168.245.0/24 dev br-eth1 table MANAGEMENT || true
up ip rule add from 192.168.245.3 table MANAGEMENT || true
down ip rule delete from 192.168.245.3 table MANAGEMENT || true
up ip rule add from 192.168.245.9 table MANAGEMENT || true
down ip rule delete from 192.168.245.9 table MANAGEMENT || true
up ip rule add from 192.168.245.10 table MANAGEMENT || true
down ip rule delete from 192.168.245.10 table MANAGEMENT || true
`/etc/network/interfaces.d/25-eth1`
# ARDANA-MANAGED - Managed by Ardana - Do not edit
auto eth1
iface eth1 inet manual
pre-up ethtool -K eth1 lro off || true
up ip link set eth1 up || true
`/etc/network/interfaces.d/25-eth2`
# ARDANA-MANAGED - Managed by Ardana - Do not edit
auto eth2
iface eth2 inet static
address 192.168.10.3
netmask 24
pre-up ethtool -K eth2 lro off || true
up ip route add default via 192.168.10.1 table Ardana || true
down ip route delete default via 192.168.10.1 table Ardana || true
up ip route add 192.168.10.0/24 dev eth2 table Ardana || true
down ip route delete 192.168.10.0/24 dev eth2 table Ardana || true
up ip rule add from 192.168.10.3 table Ardana || true
down ip rule delete from 192.168.10.3 table Ardana || true
### Bonded configuration outline
-- br-vlan333 ovs-bridge: no-IP
+---vlan333 vlan: no-IP
+---bond0 bond: see below
-- vlan423 vlan: static-IP+routing_table:MGMT+routes+vips
+---bond0 bond: see below
-- vlan429 vlan: static-IP+routing_table:EXTERNAL_API+vips
+---bond0 bond: see below
-- vlan435 vlan: static-IP+routing_table:GUEST
+---bond0 bond: see below
-- bond0 bond: no-IP. active-backup+miimon++updelay+downdelay+primary:hed4
+---hed4 ether: slave+primary
+---hed5 ether: slave
#### Ansible variables: Within per-host host-vars
ovs_bridge_interfaces:
- bootproto: manual
device: br-vlan333
port: vlan333
routing_table: EXTERNAL_VM
network_vlan_interfaces:
- address: 10.241.107.34
bootproto: static
cidr: 10.241.107.32/28
device: vlan429
gateway: 10.241.107.33
netmask: 28
routing_table: EXTERNAL_API
vips:
- 10.241.107.37
vlanid: 429
vlanrawdevice: bond0
- bootproto: manual
device: vlan333
ovs_bridge: br-vlan333
vlanid: 333
vlanrawdevice: bond0
- address: 10.241.107.130
bootproto: static
cidr: 10.241.107.128/28
device: vlan435
gateway: 10.241.107.129
netmask: 28
routing_table: GUEST
vlanid: 435
vlanrawdevice: bond0
- address: 10.241.103.2
bootproto: static
cidr: 10.241.103.0/24
device: vlan423
gateway: 10.241.103.1
netmask: 24
route:
- gateway: 10.241.103.1
netmask: 0.0.0.0
network: 0.0.0.0
routing_table: MGMT
vips:
- 10.241.103.15
vlanid: 423
vlanrawdevice: bond0
network_bond_interfaces:
- bond_mode: active-backup
bond_options:
miimon: 200
updelay: 200
downdelay: 200
bond_slaves:
- hed4
- hed5
bond_primary: hed4
bootproto: manual
device: bond0
#### Generated files:
`/etc/network/interfaces.d/45-br-vlan333`
# ARDANA-MANAGED - Managed by Ardana - Do not edit
allow-ovs br-vlan333
iface br-vlan333 inet manual
pre-up ovs-vsctl --timeout=5 -- --may-exist add-br br-vlan103 || true
pre-up ip addr flush dev vlan333 || true
up ovs-vsctl --timeout=5 -- --may-exist add-port br-vlan333 vlan333 -- || true
pre-up ifconfig vlan333 up || true
down ovs-vsctl --timeout=5 -- --if-exists del-port br-vlan333 vlan333 -- || true
`/etc/network/interfaces.d/35-vlan333`
# ARDANA-MANAGED - Managed by Ardana - Do not edit
auto vlan333
iface vlan333 inet manual
vlan-raw-device bond0
up ip link set vlan333 up || true
`/etc/network/interfaces.d/35-vlan423`
# ARDANA-MANAGED - Managed by Ardana - Do not edit
auto vlan423
iface vlan423 inet static
address 10.241.103.2
netmask 24
vlan-raw-device bond0
pre-up ip route delete default || true
up route add -net 0.0.0.0 netmask 0.0.0.0 gw 10.241.103.1 dev vlan423 || true
down route delete -net 0.0.0.0 netmask 0.0.0.0 gw 10.241.103.1 dev vlan423 || true
up ip route add default via 10.241.103.1 table MGMT || true
down ip route delete default via 10.241.103.1 table MGMT || true
up ip route add 10.241.103.0/24 dev vlan423 table MGMT || true
down ip route delete 10.241.103.0/24 dev vlan423 table MGMT || true
up ip rule add from 10.241.103.2 table MGMT || true
down ip rule delete from 10.241.103.2 table MGMT || true
`/etc/network/interfaces.d/35-vlan429`
# ARDANA-MANAGED - Managed by Ardana - Do not edit
auto vlan429
iface vlan429 inet static
address 10.241.107.34
netmask 28
vlan-raw-device bond0
up ip route add default via 10.241.107.33 table EXTERNAL_API || true
down ip route delete default via 10.241.107.33 table EXTERNAL_API || true
up ip route add 10.241.107.32/28 dev vlan429 table EXTERNAL_API || true
down ip route delete 10.241.107.32/28 dev vlan429 table EXTERNAL_API || true
up ip rule add from 10.241.107.34 table EXTERNAL_API || true
down ip rule delete from 10.241.107.34 table EXTERNAL_API || true
`/etc/network/interfaces.d/35-vlan435`
# ARDANA-MANAGED - Managed by Ardana - Do not edit
auto vlan435
iface vlan435 inet static
address 10.241.107.130
netmask 28
vlan-raw-device bond0
up ip route add default via 10.241.107.129 table GUEST || true
down ip route delete default via 10.241.107.129 table GUEST || true
up ip route add 10.241.107.128/28 dev vlan435 table GUEST || true
down ip route delete 10.241.107.128/28 dev vlan435 table GUEST || true
up ip rule add from 10.241.107.130 table GUEST || true
down ip rule delete from 10.241.107.130 table GUEST || true
`/etc/network/interfaces.d/15-bond0`
# ARDANA-MANAGED - Managed by Ardana - Do not edit
auto bond0
iface bond0 inet manual
bond-mode active-backup
bond-slaves none
bond-miimon 200
bond-updelay 200
bond-downdelay 200
`/etc/network/interfaces.d/25-hed4`
# ARDANA-MANAGED - Managed by Ardana - Do not edit
auto hed4
iface hed4 inet manual
bond-master bond0
bond-primary hed4
pre-up ethtool -K hed4 lro off || true
pre-up ip addr flush dev hed4 || true
up ip link set hed4 up || true
`/etc/network/interfaces.d/25-hed5`
# ARDANA-MANAGED - Managed by Ardana - Do not edit
auto hed5
iface hed5 inet manual
bond-master bond0
pre-up ethtool -K hed5 lro off || true
pre-up ip addr flush dev hed5 || true
up ip link set hed5 up || true
--------------------------------------------------------------------------------
Note: Ansible needs network connectivity throughout the playbook process, you
may need to have a control interface that you do *not* modify using this
method so that Ansible has a stable connection to configure the target
systems.
Dependencies
------------
None
License
-------
BSD
Author Information
------------------
Benno Joy
Hewlett Packard Enterprise Development LP
0707010019CFB5000041ED0000000000000000000000025B32C86200000000000000FD0000000200000000000000000000004C00000000ardana-osconfig-8.0+git.1530054754.b943409/roles/network_interface/defaults0707010019CFB6000081A40000000000000000000000015B32C86200000DB7000000FD0000000200000000000000000000005500000000ardana-osconfig-8.0+git.1530054754.b943409/roles/network_interface/defaults/main.yml# (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
---
nic_mappings: []
network_ether_interfaces: []
network_bridge_interfaces: []
network_bond_interfaces: []
ovs_bridge_interfaces: []
network_vlan_interfaces: []
udev_prefix_nic_mapping: 90
order_prefix_bond: 15
order_prefix_ether: 25
order_prefix_vlan: 35
order_prefix_bridge: 45
rhel_prefix: ifcfg
suse_prefix: ifcfg
dpdk_driver_file: '99-dpdk-driver'
interface_file_marker: '# ARDANA-MANAGED - Managed by Ardana - Do not edit'
dpdk_kernel_module_file: /etc/modules-load.d/ardana_dpdk-modules.conf
passthrough_max_mtu: "{%- set ptn_mtu_list = [0] -%}
{%- if host.my_network_groups is defined -%}
{%- for netgroup, net_list in host.my_network_groups.iteritems() -%}
{%- for network_attrs in net_list -%}
{%- if 'passthrough-mtu' in network_attrs -%}
{%- if ptn_mtu_list.append(network_attrs['passthrough-mtu']) -%}{%- endif -%}
{%- endif -%}
{%- endfor -%}
{%- endfor -%}
{%- endif -%}
{{ ptn_mtu_list | max }}"
multi_port_sriov_interfaces: "{% set temp_list = [] %}
{%- if network_pci_pt_sriov_interfaces is defined -%}
{%- for interface in network_pci_pt_sriov_interfaces -%}
{%- if interface.type == 'multi-port' and
interface.vf_count is defined and
interface.config_script is defined -%}
{%- if temp_list.append( interface ) -%}
{%- endif -%}
{%- endif -%}
{%- endfor -%}
{%- endif -%}
{{ temp_list }}"
simple_port_sriov_interfaces: "{% set temp_list = [] %}
{%- if network_pci_pt_sriov_interfaces is defined -%}
{%- for interface in network_pci_pt_sriov_interfaces -%}
{%- if interface.type == 'simple-port' and
interface.vf_count is defined and
interface.config_script is defined -%}
{%- if temp_list.append( interface ) -%}
{%- endif -%}
{%- endif -%}
{%- endfor -%}
{%- endif -%}
{{ temp_list }}"
sriov_interfaces: "{{ simple_port_sriov_interfaces + multi_port_sriov_interfaces }}"
0707010019CF72000041ED0000000000000000000000025B32C86200000000000000FD0000000200000000000000000000004900000000ardana-osconfig-8.0+git.1530054754.b943409/roles/network_interface/files0707010019CF74000081A40000000000000000000000015B32C8620000035C000000FD0000000200000000000000000000005C00000000ardana-osconfig-8.0+git.1530054754.b943409/roles/network_interface/files/ardana_udev_run.sh#!/bin/sh
#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# ARDANA-MANAGED - Managed by Ardana - Do not edit
devpath=`env | grep 'DEVPATH' | cut -f2 -d '='`
NET_PCI_SCRIPT=/etc/udev/ardana_network_pci.py
if [ -x $NET_PCI_SCRIPT ]
then
$NET_PCI_SCRIPT $devpath
fi
0707010019CF75000081A40000000000000000000000015B32C86200000318000000FD0000000200000000000000000000005A00000000ardana-osconfig-8.0+git.1530054754.b943409/roles/network_interface/files/ifdown-pre-local#!/bin/bash
#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
DEVICE=$1
OTHERSCRIPT="/etc/sysconfig/network-scripts/ifdown-pre-local-${DEVICE}"
if [ -x ${OTHERSCRIPT} ]; then
eval ${OTHERSCRIPT}
fi
0707010019CF76000081A40000000000000000000000015B32C86200000312000000FD0000000200000000000000000000005400000000ardana-osconfig-8.0+git.1530054754.b943409/roles/network_interface/files/ifup-local#!/bin/bash
#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
DEVICE=$1
OTHERSCRIPT="/etc/sysconfig/network-scripts/ifup-local-${DEVICE}"
if [ -x ${OTHERSCRIPT} ]; then
eval ${OTHERSCRIPT}
fi
0707010019CF77000081A40000000000000000000000015B32C86200000310000000FD0000000200000000000000000000005F00000000ardana-osconfig-8.0+git.1530054754.b943409/roles/network_interface/files/suse-ifdown-pre-local#!/bin/bash
#
# (c) Copyright 2017 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
DEVICE=$1
OTHERSCRIPT="/etc/sysconfig/network/ifdown-pre-local-${DEVICE}"
if [ -x ${OTHERSCRIPT} ]; then
eval ${OTHERSCRIPT}
fi
0707010019CF73000081A40000000000000000000000015B32C8620000030A000000FD0000000200000000000000000000005900000000ardana-osconfig-8.0+git.1530054754.b943409/roles/network_interface/files/suse-ifup-local#!/bin/bash
#
# (c) Copyright 2017 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
DEVICE=$1
OTHERSCRIPT="/etc/sysconfig/network/ifup-local-${DEVICE}"
if [ -x ${OTHERSCRIPT} ]; then
eval ${OTHERSCRIPT}
fi
0707010019CF6F000041ED0000000000000000000000025B32C86200000000000000FD0000000200000000000000000000004800000000ardana-osconfig-8.0+git.1530054754.b943409/roles/network_interface/meta0707010019CF70000081A40000000000000000000000015B32C8620000003C000000FD0000000200000000000000000000005D00000000ardana-osconfig-8.0+git.1530054754.b943409/roles/network_interface/meta/.galaxy_install_info{install_date: 'Thu Apr 23 17:16:55 2015', version: master}
0707010019CF71000081A40000000000000000000000015B32C86200000199000000FD0000000200000000000000000000005100000000ardana-osconfig-8.0+git.1530054754.b943409/roles/network_interface/meta/main.yml---
galaxy_info:
author: "Benno Joy"
company: AnsibleWorks
license: "Simplified BSD License"
min_ansible_version: 1.4
platforms:
- name: EL
versions:
- 5
- 6
- name: Fedora
versions:
- 16
- 17
- 18
- name: Ubuntu
versions:
- precise
- quantal
- raring
- saucy
categories:
- networking
- system
dependencies: []
0707010019CF78000041ED0000000000000000000000025B32C86200000000000000FD0000000200000000000000000000004900000000ardana-osconfig-8.0+git.1530054754.b943409/roles/network_interface/tasks0707010019CF7F000081A40000000000000000000000015B32C86200005EF9000000FD0000000200000000000000000000005700000000ardana-osconfig-8.0+git.1530054754.b943409/roles/network_interface/tasks/configure.yml# (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017-2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
---
# network_interface configure playbook
- name: network_interface | configure | Create temporary shadow directory
command: /bin/mktemp -d
register: shadow_dir
- name: network_interface | configure | Simplify registered values
set_fact:
shadow_dir: "{{ shadow_dir.stdout }}"
- name: network_interface | configure | Fact for RedHat OvS install
set_fact:
ovs_redhat_check: true
when:
('FND-OVS' in group.services or ovs_bridge_interfaces != []) and
ansible_os_family == 'RedHat'
- name: network_interface | configure | Ensure ovs_redhat_check exists
set_fact:
ovs_redhat_check: false
when:
ovs_redhat_check is not defined
- name: network_interface | configure | Fact for SUSE OvS install
set_fact:
ovs_suse_check: true
when:
('FND-OVS' in group.services or ovs_bridge_interfaces != []) and
ansible_os_family == 'Suse'
- name: network_interface | configure | Ensure ovs_suse_check exists
set_fact:
ovs_suse_check: false
when:
ovs_suse_check is not defined
- name: network_interface | configure | Fact for running on Compute Node w/ DPDK
set_fact:
compute_with_dpdk_check: true
when:
('NOV-KVM' in group.services) and
ansible_processor[0] == 'GenuineIntel' and
('True' in dpdk_enabled)
- name: network_interface | configure | Ensure compute_with_dpdk_check exists
set_fact:
compute_with_dpdk_check: false
when:
compute_with_dpdk_check is not defined
- name: network_interface | configure | Ensure switchd values exist
set_fact:
switchd: { orig_checksum: '' }
when:
switchd is not defined
- name: network_interface | configure | RedHat- Install openvswitch packages
become: yes
package:
name: "{{ item }}"
state: present
with_items: openvswitch_packages
when: ovs_redhat_check
- name: network_interface | configure | RedHat- Start openvswitch
become: yes
service:
name: openvswitch
state: started
enabled: yes
when: ovs_redhat_check
- name: network_interface | configure | SUSE- Install openvswitch packages
become: yes
package:
name: "{{ item }}"
state: present
with_items: openvswitch_packages
when: ovs_suse_check
- name: network_interface | configure | SUSE- Install extra dpdk packages
become: yes
package:
name: "{{ item }}"
state: present
with_items: dpdk_extra.packages
when:
ovs_suse_check and
compute_with_dpdk_check
- name: network_interface | configure | SUSE- Get libvirt_qemu_user from Nova
include_vars: ../../NOV-CMP-KVM/vars/suse.yml
when:
ovs_suse_check and
compute_with_dpdk_check
- name: network_interface | configure | SUSE- Create openvswitch script to bind dpdk nics
become: yes
template:
src: ovs-dpdk-bindings.j2
dest: /usr/share/openvswitch/scripts/ovs-dpdk-bindings
owner: root
group: root
mode: 0744
when:
ovs_suse_check and
compute_with_dpdk_check
- name: network_interface | configure | SUSE- Create openvswitch service script directory
become: yes
file:
path: /usr/lib/systemd/system/openvswitch.service.d
state: directory
owner: root
group: root
mode: 0644
when:
ovs_suse_check and
compute_with_dpdk_check
- name: network_interface | configure | SUSE- Create openvswitch default options
become: yes
template:
src: openvswitch.j2
dest: /usr/lib/systemd/system/openvswitch.service.d/dpdk_environment.conf
owner: root
group: root
mode: 0644
when:
ovs_suse_check and
compute_with_dpdk_check
- name: network_interface | configure | SUSE- Configure openvswitch to bind dpdk nics before starting
become: yes
template:
src: dpdk_bindings.conf.j2
dest: /usr/lib/systemd/system/openvswitch.service.d/dpdk_bindings.conf
when:
ovs_suse_check and
compute_with_dpdk_check
- name: network_interface | configure | SUSE- Systemctl daemon-reload
become: yes
shell: systemctl daemon-reload
when:
ovs_suse_check and
compute_with_dpdk_check
- name: network_interface | configure | SUSE- Restart openvswitch
become: yes
service:
name: openvswitch
state: restarted
enabled: yes
when:
ovs_suse_check and
compute_with_dpdk_check
- name: network_interface | configure | SUSE- Start openvswitch
become: yes
service:
name: openvswitch
state: started
enabled: yes
when: ovs_suse_check
- name: network_interface | configure | SUSE- Configure dpdk openvswitch rxqs
become: yes
command: "ovs-vsctl set Open_vSwitch . other_config:n-dpdk-rxqs={{ dpdk_rx_queues }}"
when:
ovs_suse_check and
compute_with_dpdk_check
- name: network_interface | configure | SUSE- Configure dpdk openvswitch pmd mask
become: yes
command: "ovs-vsctl set Open_vSwitch . other_config:pmd-cpu-mask={{ dpdk_pmd_mask }}"
when:
ovs_suse_check and
compute_with_dpdk_check
- name: network_interface | configure | Install linux-bridge packages
become: yes
package:
name: "{{ item }}"
state: present
with_items: linuxbridge_packages
environment: env
when:
network_bridge_interfaces != []
- name: network_interface | configure | RedHat- Provide system ifup-local support
become: yes
copy:
src: ../files/ifup-local
dest: /sbin/ifup-local
owner: root
group: root
mode: 0755
when:
ansible_os_family == 'RedHat'
- name: network_interface | configure | RedHat- Provide system ifdown-pre-local support
become: yes
copy:
src: ../files/ifdown-pre-local
dest: /sbin/ifdown-pre-local
owner: root
group: root
mode: 0755
when:
ansible_os_family == 'RedHat'
- name: network_interface | configure | Configure the PCI->NIC mappings
become: yes
template:
src: nic_mapping.j2
dest: /etc/udev/rules.d/{{ udev_prefix_nic_mapping }}-ardana-nic-mapping.rules
owner: root
group: root
mode: 0644
when:
nic_mappings != []
register: udev_config_result
- name: network_interface | configure | Debian- Ensure the include line is in interfaces file
become: yes
lineinfile: >
regexp="^source-directory\ \/etc\/network\/interfaces.d"
line="source-directory /etc/network/interfaces.d"
dest=/etc/network/interfaces
state=present
insertafter=EOF
when: ansible_os_family == "Debian"
- name: network_interface | configure | Debian- Ensure other include forms are not in interfaces file
become: yes
lineinfile: >
regexp="^source\ \/etc\/network\/interfaces.d\/\*"
dest=/etc/network/interfaces
state=absent
when: ansible_os_family == "Debian"
- name: network_interface | configure | Create interface configuration directory
become: yes
file:
path: "{{ net_path }}"
state: directory
- name: network_interface | configure | Remove previous .shadow configuration directory
become: yes
file:
path: "{{ shadow_dir }}"
state: absent
- name: network_interface | configure | Create .shadow configuration directory
become: yes
file:
path: "{{ shadow_dir }}"
state: directory
- name: Get list of routing tables
set_fact:
routing_tables: "{{ [network_ether_interfaces, network_bond_interfaces, network_vlan_interfaces, ovs_bridge_interfaces, network_bridge_interfaces] | routing_tables | list }}"
- name: network_interface | configure | Debian- Create OVS-VLAN configuration files
become: yes
template:
src: ovs_vlan_{{ ansible_os_family|lower }}.j2
dest: "{{ shadow_dir }}/{{ order_prefix_vlan }}-{{ item.device }}"
with_items:
network_vlan_interfaces
when:
ansible_os_family|lower == 'debian' and
(item.provider|default('') == 'openvswitch' or
item.provider|default('') == 'ovs')
- name: network_interface | configure | Debian- Create OVS-bridge configuration files
become: yes
template: src=ovs_bridge_{{ ansible_os_family }}.j2 dest={{ shadow_dir }}/{{ order_prefix_bridge }}-{{ item.device }}
with_items: ovs_bridge_interfaces
when: ansible_os_family == 'Debian'
- name: network_interface | configure | RedHat- Create OVS-bridge 'up' configuration files
become: yes
template:
src: ovs_bridge_up_{{ ansible_os_family }}.j2
dest: "{{ shadow_dir }}/ifup-local-{{ item.port }}"
owner: root
group: root
mode: 0744
with_items: ovs_bridge_interfaces
when: ansible_os_family == 'RedHat'
- name: network_interface | configure | RedHat- Create OVS-bridge 'down' configuration files
become: yes
template:
src: ovs_bridge_down_{{ ansible_os_family }}.j2
dest: "{{ shadow_dir }}/ifdown-pre-local-{{ item.port }}"
owner: root
group: root
mode: 0744
with_items: ovs_bridge_interfaces
when: ansible_os_family == 'RedHat'
- name: network_interface | configure | SUSE- Create OVS-VLAN configuration files
become: yes
template:
src: ovs_vlan_{{ ansible_os_family }}.j2
dest: "{{ shadow_dir }}/{{ suse_prefix }}-{{ item.device }}"
with_items:
network_vlan_interfaces
when:
ansible_os_family == 'Suse' and
(item.provider|default('') == 'openvswitch' or
item.provider|default('') == 'ovs')
- name: network_interface | configure | SUSE- Create OVS-VLAN scripts
become: yes
template:
src: ovs_vlan_{{ ansible_os_family }}_script.j2
dest: "{{ shadow_dir }}/ifscript-{{ item.device }}.sh"
mode: 0744
with_items:
network_vlan_interfaces
when:
ansible_os_family == 'Suse' and
(item.provider|default('') == 'openvswitch' or
item.provider|default('') == 'ovs')
- name: network_interface | configure | SUSE- Create OVS-bridge configuration files
become: yes
template:
src: ovs_bridge_{{ ansible_os_family }}.j2
dest: "{{ shadow_dir }}/{{ suse_prefix }}-{{ item.device }}"
with_items: ovs_bridge_interfaces
when: ansible_os_family == 'Suse'
- name: network_interface | configure | SUSE- Create OVS-bridge scripts
become: yes
template:
src: ovs_bridge_{{ ansible_os_family }}_script.j2
dest: "{{ shadow_dir }}/ifscript-{{ item.device }}.sh"
mode: 0744
with_items: ovs_bridge_interfaces
when: ansible_os_family == 'Suse'
- name: network_interface | configure | Debian- Create ethernet configuration files
become: yes
template: src=ethernet_{{ ansible_os_family }}.j2 dest={{ shadow_dir }}/{{ order_prefix_ether }}-{{ item.device }}
with_items: network_ether_interfaces
when: ansible_os_family == 'Debian'
register: ether_result
- name: network_interface | configure | RedHat- Create ethernet configuration files
become: yes
template:
src: ethernet_{{ ansible_os_family }}.j2
dest: "{{ shadow_dir }}/{{ rhel_prefix }}-{{ item.device }}"
with_items: network_ether_interfaces
when: ansible_os_family == 'RedHat'
register: ether_result
- name: network_interface | configure | RedHat- Create ethernet route configuration files
become: yes
template:
src: route_{{ ansible_os_family }}.j2
dest: "{{ shadow_dir }}/route-{{ item.device }}"
with_items: network_ether_interfaces
when:
ether_result is defined and
(item.route is defined or item.routing_table is defined) and
ansible_os_family == 'RedHat'
- name: network_interface | configure | RedHat- Create ethernet routing-rule configuration files
become: yes
template:
src: rule_{{ ansible_os_family }}.j2
dest: "{{ shadow_dir }}/rule-{{ item.device }}"
with_items: network_ether_interfaces
when:
ether_result is defined and
(item.route is defined or item.routing_table is defined) and
ansible_os_family == 'RedHat'
- name: network_interface | configure | SUSE- Create ethernet configuration files
become: yes
template:
src: ethernet_{{ ansible_os_family }}.j2
dest: "{{ shadow_dir }}/{{ suse_prefix }}-{{ item.device }}"
with_items: network_ether_interfaces
when: ansible_os_family == 'Suse'
register: ether_result
- name: network_interface | configure | SUSE- Create ethernet scripts
become: yes
template:
src: ethernet_{{ ansible_os_family }}_script.j2
dest: "{{ shadow_dir }}/ifscript-{{ item.device }}.sh"
mode: 0744
with_items: network_ether_interfaces
when: ansible_os_family == 'Suse'
register: ether_result
- name: network_interface | configure | Debian- Create Linux-bridge configuration files
become: yes
template: src=bridge_{{ ansible_os_family }}.j2 dest={{ shadow_dir }}/{{ order_prefix_bridge }}-{{ item.device }}
with_items: network_bridge_interfaces
when: ansible_os_family == 'Debian'
- name: network_interface | configure | RedHat- Create Linux-bridge configuration files
become: yes
template:
src: bridge_{{ ansible_os_family }}.j2
dest: "{{ shadow_dir }}/{{ rhel_prefix }}-{{ item.device }}"
with_items:
network_bridge_interfaces
when: ansible_os_family == 'RedHat'
- name: network_interface | configure | SUSE- Create Linux-bridge configuration files
become: yes
template:
src: bridge_{{ ansible_os_family }}.j2
dest: "{{ shadow_dir }}/{{ suse_prefix }}-{{ item.device }}"
with_items:
network_bridge_interfaces
when: ansible_os_family == 'Suse'
- name: network_interface | configure | SUSE- Create Linux-bridge scripts
become: yes
template:
src: bridge_{{ ansible_os_family }}_script.j2
dest: "{{ shadow_dir }}/ifscript-{{ item.device }}.sh"
mode: 0744
with_items:
network_bridge_interfaces
when: ansible_os_family == 'Suse'
- name: network_interface | configure | Debian- Create bond configuration files
become: yes
template: src=bond_{{ ansible_os_family }}.j2 dest={{ shadow_dir }}/{{ order_prefix_bond }}-{{ item.device }}
with_items: network_bond_interfaces
when: ansible_os_family == 'Debian'
register: bond_result
- name: network_interface | configure | RedHat- Create bond configuration files
become: yes
template:
src: bond_{{ ansible_os_family }}.j2
dest: "{{ shadow_dir }}/{{ rhel_prefix }}-{{ item.device }}"
with_items:
network_bond_interfaces
when:
ansible_os_family == 'RedHat'
register:
bond_result
- name: network_interface | configure | SUSE- Create bond configuration files
become: yes
template:
src: bond_{{ ansible_os_family }}.j2
dest: "{{ shadow_dir }}/{{ suse_prefix }}-{{ item.device }}"
with_items:
network_bond_interfaces
when:
ansible_os_family == 'Suse'
register:
bond_result
- name: network_interface | configure | SUSE- Create bond scripts
become: yes
template:
src: bond_{{ ansible_os_family }}_script.j2
dest: "{{ shadow_dir }}/ifscript-{{ item.device }}.sh"
mode: 0744
with_items: network_bond_interfaces
when: ansible_os_family == 'Suse'
- name: network_interface | configure | Debian- Ensure the bonding module is loaded
become: yes
modprobe: name=bonding state=present
when:
bond_result|changed and
ansible_os_family == 'Debian'
- name: network_interface | configure | RedHat- Configure bonding module
become: yes
lineinfile: >
dest=/etc/modprobe.d/bonding.conf
line="options bonding max_bonds=0"
state=present
create=yes
owner=root
group=root
mode=0644
insertafter=EOF
when:
bond_result|changed and
ansible_os_family == 'RedHat'
- name: network_interface | configure | RedHat- Ensure the bonding module is loaded
become: yes
modprobe:
name: bonding
state: present
when:
bond_result|changed and
ansible_os_family == 'RedHat'
- name: network_interface | configure | RedHat- Create bond route configuration files
become: yes
template:
src: route_{{ ansible_os_family }}.j2
dest: "{{ shadow_dir }}/route-{{ item.device }}"
with_items:
network_bond_interfaces
when:
bond_result is defined and
item.route is defined and
ansible_os_family == 'RedHat'
- name: network_interface | configure | RedHat- Create bond routing-rule configuration files
become: yes
template:
src: rule_{{ ansible_os_family }}.j2
dest: "{{ shadow_dir }}/rule-{{ item.device }}"
with_items:
network_bond_interfaces
when:
bond_result is defined and
(item.route is defined or item.routing_table is defined) and
ansible_os_family == 'RedHat'
- name: network_interface | configure | SUSE- Ensure the bonding module is loaded
become: yes
modprobe:
name: bonding
state: present
when:
bond_result|changed and
ansible_os_family == 'Suse'
- name: network_interface | configure | Debian- Create bond-slave configuration files
become: yes
template: src=bond_slave_{{ ansible_os_family }}.j2 dest={{ shadow_dir }}/{{ order_prefix_ether }}-{{ item.1 }}
with_subelements:
- network_bond_interfaces
- bond_slaves
when: ansible_os_family == 'Debian'
register: bond_port_result
- name: network_interface | configure | RedHat- Create bond-slave configuration files
become: yes
template:
src: bond_slave_{{ ansible_os_family }}.j2
dest: "{{ shadow_dir }}/{{ rhel_prefix }}-{{ item.1 }}"
with_subelements:
- network_bond_interfaces
- bond_slaves
when:
bond_result is defined and
ansible_os_family == 'RedHat'
register:
bond_port_result
- name: network_interface | configure | SUSE- Create bond-slave configuration files
become: yes
template:
src: bond_slave_{{ ansible_os_family }}.j2
dest: "{{ shadow_dir }}/{{ suse_prefix }}-{{ item.1 }}"
with_subelements:
- network_bond_interfaces
- bond_slaves
when:
bond_result is defined and
ansible_os_family == 'Suse'
register: bond_port_result
- name: network_interface | configure | SUSE- Create bond-slave scripts
become: yes
template:
src: bond_slave_{{ ansible_os_family }}_script.j2
dest: "{{ shadow_dir }}/ifscript-{{ item.1 }}.sh"
mode: 0744
with_subelements:
- network_bond_interfaces
- bond_slaves
when:
bond_result is defined and
ansible_os_family == 'Suse'
register: bond_port_result
- name: network_interface | configure | Debian- Create vlan configuration files
become: yes
template: src=vlan_{{ ansible_os_family }}.j2 dest={{ shadow_dir }}/{{ order_prefix_vlan }}-{{ item.device }}
with_items: network_vlan_interfaces
when:
ansible_os_family == 'Debian' and
item.provider|default('linux') == 'linux'
- name: network_interface | configure | RedHat- Create vlan configuration files
become: yes
template:
src: vlan_{{ ansible_os_family }}.j2
dest: "{{ shadow_dir }}/{{ rhel_prefix }}-{{ item.device }}"
with_items: network_vlan_interfaces
when:
network_vlan_interfaces is defined and
ansible_os_family == 'RedHat'
register: vlan_result
- name: network_interface | configure | RedHat- Create vlan 'up' configuration files
become: yes
template:
src: vlan_up_{{ ansible_os_family }}.j2
dest: "{{ shadow_dir }}/ifup-local-{{ item.device }}"
owner: root
group: root
mode: 0744
with_items: network_vlan_interfaces
when:
vlan_result is defined and
item.ovs_bridge is not defined and
ansible_os_family == 'RedHat'
- name: network_interface | configure | RedHat- Create vlan route configuration files
become: yes
template:
src: route_{{ ansible_os_family }}.j2
dest: "{{ shadow_dir }}/route-{{ item.device }}"
with_items: network_vlan_interfaces
when:
vlan_result is defined and
(item.route is defined or item.routing_table is defined) and
ansible_os_family == 'RedHat'
- name: network_interface | configure | RedHat- Create vlan routing-rule configuration files
become: yes
template:
src: rule_{{ ansible_os_family }}.j2
dest: "{{ shadow_dir }}/rule-{{ item.device }}"
with_items: network_vlan_interfaces
when:
vlan_result is defined and
(item.route is defined or item.routing_table is defined) and
ansible_os_family == 'RedHat'
- name: network_interface | configure | SUSE- Create vlan configuration files
become: yes
template:
src: vlan_{{ ansible_os_family }}.j2
dest: "{{ shadow_dir }}/{{ suse_prefix }}-{{ item.device }}"
with_items: network_vlan_interfaces
when:
ansible_os_family == 'Suse' and
item.provider|default('linux') == 'linux'
- name: network_interface | configure | SUSE- Create vlan scripts
become: yes
template:
src: vlan_{{ ansible_os_family }}_script.j2
dest: "{{ shadow_dir }}/ifscript-{{ item.device }}.sh"
mode: 0744
with_items: network_vlan_interfaces
when:
ansible_os_family == 'Suse' and
item.provider|default('linux') == 'linux'
- name: network_interface | configure | Debian- Specify DPDK PCI/driver data
become: yes
template:
src: dpdk_drivers_{{ ansible_os_family }}.j2
dest: "{{ shadow_dir }}/{{ dpdk_driver_file }}"
when:
ansible_os_family == 'Debian' and
dpdk_network_devices is defined and
dpdk_network_devices.FND_OVS is defined and
dpdk_network_devices.FND_OVS.devices is defined and
dpdk_drivers != ' '
- name: network_interface | configure | Disable remote root login over ssh
become: yes
lineinfile: >
regexp="^#?PermitRootLogin "
line="PermitRootLogin no"
dest=/etc/ssh/sshd_config
state=present
- name: network_interface | configure | Force libvirt vnet'x' port MTU
become: yes
template:
src: libvirt_mtu.j2
dest: /etc/udev/rules.d/{{ udev_prefix_nic_mapping }}-ardana-libvirt-mtu.rules
owner: root
group: root
mode: 0644
when: passthrough_max_mtu != '0'
- name: network_interface | configure | Remove libvirt vnet'x' port MTU if not required
become: yes
file:
path: /etc/udev/rules.d/{{ udev_prefix_nic_mapping }}-ardana-libvirt-mtu.rules
state: absent
when: passthrough_max_mtu == '0'
- name: network_interface | configure | Copy udev run script to run nic vendor scripts
become: yes
copy:
src: "../files/ardana_udev_run.sh"
dest: "/etc/udev/ardana_udev_run.sh"
owner: root
group: root
mode: 0755
register: ardana_udev_run_result
when:
sriov_interfaces != []
- name: network_interface | configure | Restart networking
become: yes
restart_networking:
interfaces_path: "{{ net_path }}"
shadow_path: "{{ shadow_dir }}"
force_restart: "{{ udev_config_result.changed or ardana_udev_run_result.changed or network_pci_restart_required|default('false') }}"
restart_ovs: "{{ ovs_redhat_check }}"
management_pattern: "{{ interface_file_marker }}"
routing_tables: "{{ routing_tables }}"
routing_table_file: "{{ routing_table_file }}"
routing_table_marker: "{{ routing_table_marker }}"
routing_table_id_start: "{{ routing_table_id_start }}"
os_family: "{{ ansible_os_family }}"
register: net_restart_result
- name: network_interface | configure | Set network_restarted fact for later use
set_fact:
network_restarted: "{{ net_restart_result.changed }}"
- name: Delete temporary shadow directory
become: yes
file:
path: "{{ shadow_dir }}"
state: absent
- name: network_interface | configure | Copy RHEL ovs reboot workaround script
become: yes
template:
src: "ovs_reboot_workaround.sh.j2"
dest: "/tmp/ovs_reboot_workaround.sh"
mode: 0700
when:
- ansible_os_family == 'RedHat'
- ovs_bridge_interfaces | length > 0
- name: network_interface | configure | Run RHEL ovs reboot workaround script
become: yes
command: >
/tmp/ovs_reboot_workaround.sh
register: _ovs_reboot_workaround_result
when:
- ansible_os_family == 'RedHat'
- ovs_bridge_interfaces | length > 0
- name: network_interface | configure | Remove RHEL ovs reboot workaround script
become: yes
file:
state: absent
path: "/tmp/ovs_reboot_workaround.sh"
when:
- ansible_os_family == 'RedHat'
- ovs_bridge_interfaces | length > 0
0707010019CF7C000081A40000000000000000000000015B32C862000003D6000000FD0000000200000000000000000000006B00000000ardana-osconfig-8.0+git.1530054754.b943409/roles/network_interface/tasks/configure_pci_to_nic_mappings.yml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- name: network_interface | configure | Configure the PCI->NIC mappings
become: yes
template:
src: nic_mapping.j2
dest: /etc/udev/rules.d/{{ udev_prefix_nic_mapping }}-ardana-nic-mapping.rules
owner: root
group: root
mode: 0644
when: nic_mappings is defined and nic_mappings != []
register: udev_config_result
0707010019CF7D000081A40000000000000000000000015B32C8620000043D000000FD0000000200000000000000000000005500000000ardana-osconfig-8.0+git.1530054754.b943409/roles/network_interface/tasks/install.yml# (c) Copyright 2016-2017 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017-2018 SUSE LLC
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
---
# network_interface install playbook
- name: network_interface | install | Install the required packages
become: yes
package:
name: "{{ item }}"
state: present
with_items:
network_pkgs
- name: network_interface | install | Disable unsupported services
become: yes
service:
name: "{{ item }}"
state: stopped
enabled: no
with_items:
"{{ disable_svcs|default([]) }}"
0707010019CF79000081A40000000000000000000000015B32C86200000378000000FD0000000200000000000000000000006600000000ardana-osconfig-8.0+git.1530054754.b943409/roles/network_interface/tasks/keepalived-force-restart.yml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# If this keepalived instance is currently MASTER this should force the
# MASTER to another node
---
- name: network_interface | keepalived-force-restart | Force restart keepalived
become: yes
service:
name: keepalived
state: restarted
0707010019CF7A000081A40000000000000000000000015B32C86200000335000000FD0000000200000000000000000000005F00000000ardana-osconfig-8.0+git.1530054754.b943409/roles/network_interface/tasks/keepalived-reload.yml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- name: network_interface | keepalived-reload | Reload keepalived on network restart
become: yes
service:
name: keepalived
state: reloaded
when: network_restarted
0707010019CF80000081A40000000000000000000000015B32C86200000374000000FD0000000200000000000000000000005200000000ardana-osconfig-8.0+git.1530054754.b943409/roles/network_interface/tasks/main.yml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- name: network_interface | main | Set os-specific variables
include_vars: "{{ ansible_os_family | lower }}.yml"
- name: network_interface | main | Set os-specific dpdk variables
include_vars: "{{ ansible_os_family | lower }}_dpdk.yml"
0707010019CF7E000081A40000000000000000000000015B32C8620000035D000000FD0000000200000000000000000000006700000000ardana-osconfig-8.0+git.1530054754.b943409/roles/network_interface/tasks/neutron-ovs-agent-restart.yml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- name: network_interface | neutron-ovs-agent-restart | Restart neutron-openvswitch-agent on network restart
become: yes
service:
name: neutron-openvswitch-agent
state: restarted
when: network_restarted
0707010019CF7B000081A40000000000000000000000015B32C862000007E4000000FD0000000200000000000000000000006800000000ardana-osconfig-8.0+git.1530054754.b943409/roles/network_interface/tasks/update_mlx4_raw_udev_rules.yml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# Updates the udev rules for mellanox cards on Ardana upgrade
---
- name: network_interface | configure | Kernel version check.
shell: uname -r
register: udev_mlx4_kernel_ver_result
- name: network_interface | configure | check for a mellanox card
shell: lsmod | grep mlx4_en
ignore_errors: yes
register: udev_mlx4_card_present_result
when: udev_mlx4_kernel_ver_result is defined and
udev_mlx4_kernel_ver_result[0] != 4
- name: network_interface | configure | check if 90-ardana-nic-mapping.rules exists
stat:
path: /etc/udev/rules.d/90-ardana-nic-mapping.rules
register: udev_mlx4_ardana_file_result
when: udev_mlx4_card_present_result is defined and
udev_mlx4_card_present_result.rc == 0
- name: network_interface | configure | check if 70-persistent-net.rules exists
stat:
path: /etc/udev/rules.d/70-persistent-net.rules
register: udev_mlx4_default_rules_file_result
when: udev_mlx4_ardana_file_result is defined and
udev_mlx4_ardana_file_result.stat.exists == False
- name: network_interface | configure | create new rules
become: yes
update_mlx4_udev_rules:
inFile: "/etc/udev/rules.d/70-persistent-net.rules"
outFile: "/etc/udev/rules.d/80-openstack-preserve_eth_names.rules"
when: udev_mlx4_default_rules_file_result is defined and
udev_mlx4_default_rules_file_result.stat.exists == True
0707010019CF81000041ED0000000000000000000000025B32C86200000000000000FD0000000200000000000000000000004D00000000ardana-osconfig-8.0+git.1530054754.b943409/roles/network_interface/templates0707010019CFB2000081A40000000000000000000000015B32C8620000052D000000FD0000000200000000000000000000005C00000000ardana-osconfig-8.0+git.1530054754.b943409/roles/network_interface/templates/bond_Debian.j2{#
#
# (c) Copyright 2015, 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
#}
{{ interface_file_marker }}
auto {{ item.device }}
{% include 'if_ipinfo_Debian.j2' %}
{% if item.bond_miimon is defined %}
bond-miimon {{ item.bond_miimon|default(100) }}
{% endif %}
{% if item.bond_mode is defined %}
bond-mode {{ item.bond_mode }}
{% endif %}
bond-slaves none
{% if item.bond_options is defined %}
{% for key, value in item.bond_options.iteritems() %}
bond-{{ key }} {{ value }}
{% endfor %}
{% endif %}
{% if item.ovs_bridge is defined %}
up ip link set {{ item.device }} up || true
{% endif %}
{% if item.mtu is defined %}
post-up ip link set dev {{ item.device }} mtu {{ item.mtu }} || true
{% endif %}
{% include 'if_routes_Debian.j2' %}
0707010019CF97000081A40000000000000000000000015B32C8620000046F000000FD0000000200000000000000000000005C00000000ardana-osconfig-8.0+git.1530054754.b943409/roles/network_interface/templates/bond_RedHat.j2{#
#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
#}
{{ interface_file_marker }}
TYPE=Bond
{% include 'if_ipinfo_RedHat.j2' %}
{% if disable_lro is defined and disable_lro %}
ETHTOOL_OPTS="lro off"
{% endif %}
{% if item.mtu is defined %}
MTU={{ item.mtu }}
{% endif %}
BONDING_OPTS="
{%- if item.bond_mode is defined %}
mode={{ item.bond_mode }}
{%- endif %}
{%- if item.bond_primary is defined %}
primary={{ item.bond_primary }}
{%- endif %}
{%- for key, value in item.bond_options.iteritems() %}
{{ key }}={{ value }}
{%- endfor %}"
0707010019CF98000081ED0000000000000000000000015B32C86200000535000000FD0000000200000000000000000000005A00000000ardana-osconfig-8.0+git.1530054754.b943409/roles/network_interface/templates/bond_Suse.j2{#
#
# (c) Copyright 2017 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
#}
{{ interface_file_marker }}
BONDING_MASTER='yes'
{% include 'if_ipinfo_Suse.j2' %}
BONDING_MODULE_OPTS="
{%- if item.bond_mode is defined %}
mode={{ item.bond_mode }}
{%- endif %}
{%- if item.bond_miimon is defined %}
miimon={{ item.bond_miimon }}
{%- endif %}
{%- if item.bond_primary is defined %}
primary={{ item.bond_primary }}
{%- endif %}
{%- for key, value in item.bond_options.iteritems() %}
{{ key }}={{ value }}
{%- endfor %}"
{% for slave in item.bond_slaves %}
BONDING_SLAVE{{ loop.index - 1 }}='{{ slave }}'
{% endfor %}
{% if item.mtu is defined %}
MTU={{ item.mtu }}
{% endif %}
{% if disable_lro is defined and disable_lro %}
ETHTOOL_OPTIONS='lro off'
{% endif %}
0707010019CFA3000081A40000000000000000000000015B32C862000003AA000000FD0000000200000000000000000000006100000000ardana-osconfig-8.0+git.1530054754.b943409/roles/network_interface/templates/bond_Suse_script.j2{#
#
# (c) Copyright 2017 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
#}
{% include 'ifscript_header_Suse.j2' %}
{% if item.ovs_bridge is defined %}
$PRE_UP || ip link set {{ item.device }} up || true
{% endif %}
{% if item.mtu is defined %}
$POST_UP || ip link set dev {{ item.device }} mtu {{ item.mtu }} || true
{% endif %}
{% include 'if_routes_Suse.j2' %}
0707010019CF9D000081A40000000000000000000000015B32C86200000431000000FD0000000200000000000000000000006200000000ardana-osconfig-8.0+git.1530054754.b943409/roles/network_interface/templates/bond_slave_Debian.j2{#
#
# (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
#}
{{ interface_file_marker }}
auto {{ item.1 }}
iface {{ item.1 }} inet manual
bond-master {{ item.0.device }}
{% if item.0.bond_primary is defined and item.1 == item.0.bond_primary %}
bond-primary {{ item.1 }}
{% endif %}
{% if disable_lro is defined and disable_lro %}
pre-up ethtool -K {{ item.1 }} lro off || true
{% endif %}
pre-up ip addr flush dev {{ item.1 }} || true
up ip link set {{ item.1 }} up || true
0707010019CF92000081A40000000000000000000000015B32C86200000376000000FD0000000200000000000000000000006200000000ardana-osconfig-8.0+git.1530054754.b943409/roles/network_interface/templates/bond_slave_RedHat.j2{#
#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
#}
{{ interface_file_marker }}
TYPE=Ethernet
DEVICE={{ item.1 }}
BOOTPROTO=none
ONBOOT=yes
NM_CONTROLLED=no
USERCTL=no
MASTER={{ item.0.device }}
SLAVE=yes
{% if disable_lro is defined and disable_lro %}
ETHTOOL_OPTS="lro off"
{% endif %}
0707010019CF83000081ED0000000000000000000000015B32C86200000444000000FD0000000200000000000000000000006000000000ardana-osconfig-8.0+git.1530054754.b943409/roles/network_interface/templates/bond_slave_Suse.j2{#
#
# (c) Copyright 2017 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
#}
{{ interface_file_marker }}
BOOTPROTO=none
STARTMODE=hotplug
BROADCAST=''
NM_CONTROLLED=no
USERCTL=no
{% if disable_lro is defined and disable_lro %}
ETHTOOL_OPTIONS="lro off"
{% endif %}
PRE_UP_SCRIPT='wicked:{{ net_path }}/ifscript-{{ item.1 }}.sh'
POST_UP_SCRIPT='wicked:{{ net_path }}/ifscript-{{ item.1 }}.sh'
PRE_DOWN_SCRIPT='wicked:{{ net_path }}/ifscript-{{ item.1 }}.sh'
POST_DOWN_SCRIPT='wicked:{{ net_path }}/ifscript-{{ item.1 }}.sh'
0707010019CF95000081A40000000000000000000000015B32C86200000384000000FD0000000200000000000000000000006700000000ardana-osconfig-8.0+git.1530054754.b943409/roles/network_interface/templates/bond_slave_Suse_script.j2{#
#
# (c) Copyright 2017 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
#}
{% include 'ifscript_header_Suse.j2' %}
{% if disable_lro is defined and disable_lro %}
$PRE_UP || ethtool -K {{ item.1 }} lro off || true
{% endif %}
$PRE_UP || ip addr flush dev {{ item.1 }} || true
$POST_UP || ip link set {{ item.1 }} up || true
0707010019CF8D000081A40000000000000000000000015B32C86200000010000000FD0000000200000000000000000000005D00000000ardana-osconfig-8.0+git.1530054754.b943409/roles/network_interface/templates/bonding.conf.j2options bonding
0707010019CF8C000081A40000000000000000000000015B32C86200000B94000000FD0000000200000000000000000000005E00000000ardana-osconfig-8.0+git.1530054754.b943409/roles/network_interface/templates/bridge_Debian.j2{#
#
# (c) Copyright 2015, 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
#}
{{ interface_file_marker }}
{% if item.bootproto == 'manual' %}
auto {{ item.device }}
iface {{ item.device }} inet manual
{% if item.ports is defined %}
bridge_ports {{ item.ports|join(' ') }}
{% endif %}
{% if item.stp is defined %}
bridge_stp {{ item.stp }}
{% endif %}
{% endif %}
{% if item.bootproto == 'static' %}
auto {{ item.device }}
iface {{ item.device }} inet static
{% if item.address is defined %}
address {{ item.address }}
{% endif %}
{% if item.netmask is defined %}
netmask {{ item.netmask }}
{% endif %}
{% if item.ports is defined %}
bridge_ports {{ item.ports|join(' ') }}
{% endif %}
{% if item.stp is defined %}
bridge_stp {{ item.stp }}
{% endif %}
{% endif %}
{% if item.bootproto == 'dhcp' %}
auto {{ item.device }}
iface {{ item.device }} inet dhcp
{% if item.ports is defined %}
bridge_ports {{ item.port }}
{% endif %}
{% if item.stp is defined %}
bridge_stp {{ item.stp }}
{% endif %}
{% endif %}
{% if item.mtu is defined %}
post-up ip link set dev {{ item.device }} mtu {{ item.mtu }} || true
{% endif %}
{% if item.route is defined %}
{% for i in item.route %}
up route add -net {{ i.network }} netmask {{ i.netmask }} gw {{ i.gateway }} dev {{ item.device }} || true
down route delete -net {{ i.network }} netmask {{ i.netmask }} gw {{ i.gateway }} dev {{ item.device }} || true
{% endfor %}
{% endif %}
{% if item.routing_table is defined %}
{% if item.address is defined %}
{% if item.gateway is defined %}
up ip route add default via {{ item.gateway }} table {{ item.routing_table }} || true
down ip route delete default via {{ item.gateway }} table {{ item.routing_table }} || true
{% if item.cidr is defined %}
up ip route add {{ item.cidr }} dev {{ item.device }} table {{ item.routing_table }} || true
down ip route delete {{ item.cidr }} dev {{ item.device }} table {{ item.routing_table }} || true
{% endif %}
up ip rule add from {{ item.address }} table {{ item.routing_table }} || true
down ip rule delete from {{ item.address }} table {{ item.routing_table }} || true
{% if item.vips is defined %}
{% for vip in item.vips %}
up ip rule add from {{ vip }} table {{ item.routing_table }} || true
down ip rule delete from {{ vip }} table {{ item.routing_table }} || true
{% endfor %}
{% endif %}
{% endif %}
{% endif %}
{% endif %}
0707010019CFB0000081A40000000000000000000000015B32C86200000579000000FD0000000200000000000000000000005E00000000ardana-osconfig-8.0+git.1530054754.b943409/roles/network_interface/templates/bridge_RedHat.j2{#
#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
#}
{{ interface_file_marker }}
{% if item.bootproto == 'static' %}
DEVICE={{ item.device }}
TYPE=Bridge
BOOTPROTO=none
{% if item.stp is defined %}
STP={{ item.stp }}
{% endif %}
{% if item.address is defined %}
IPADDR={{ item.address }}
{% endif %}
{% if item.onboot is defined %}
ONBOOT={{ item.onboot }}
{% endif %}
{% if item.netmask is defined %}
NETMASK={{ item.netmask }}
{% endif %}
{% if item.gateway is defined %}
GATEWAY={{ item.gateway }}
{% endif %}
{% if item.mtu is defined %}
MTU={{ item.mtu }}
{% endif %}
{% endif %}
{% if item.bootproto == 'dhcp' %}
DEVICE={{ item.device }}
TYPE=bridge
BOOTPROTO=dhcp
{% if item.stp is defined %}
STP={{ item.stp }}
{% endif %}
{% if item.mtu is defined %}
MTU={{ item.mtu }}
{% endif %}
{% endif %}
0707010019CFA6000081ED0000000000000000000000015B32C86200000652000000FD0000000200000000000000000000005C00000000ardana-osconfig-8.0+git.1530054754.b943409/roles/network_interface/templates/bridge_Suse.j2{#
#
# (c) Copyright 2017 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
#}
{{ interface_file_marker }}
{% if item.bootproto == 'static' %}
BRIDGE_PORTS={{ item.device }}
BRIDGE=yes
BOOTPROTO=none
{% if item.stp is defined %}
STP={{ item.stp }}
{% endif %}
{% if item.address is defined %}
IPADDR={{ item.address }}
{% endif %}
{% if item.netmask is defined %}
PREFIXLEN={{ item.netmask }}
{% endif %}
{% if item.gateway is defined %}
GATEWAY={{ item.gateway }}
{% endif %}
{% if item.mtu is defined %}
MTU={{ item.mtu }}
{% endif %}
{% endif %}
{% if item.bootproto == 'dhcp' %}
BRIDGE_PORTS={{ item.device }}
BRIDGE=yes
BOOTPROTO=dhcp
{% if item.stp is defined %}
STP={{ item.stp }}
{% endif %}
{% if item.mtu is defined %}
MTU={{ item.mtu }}
{% endif %}
{% endif %}
PRE_UP_SCRIPT='wicked:{{ net_path }}/ifscript-{{ item.device }}.sh'
POST_UP_SCRIPT='wicked:{{ net_path }}/ifscript-{{ item.device }}.sh'
PRE_DOWN_SCRIPT='wicked:{{ net_path }}/ifscript-{{ item.device }}.sh'
POST_DOWN_SCRIPT='wicked:{{ net_path }}/ifscript-{{ item.device }}.sh'
0707010019CF8F000081A40000000000000000000000015B32C8620000085E000000FD0000000200000000000000000000006300000000ardana-osconfig-8.0+git.1530054754.b943409/roles/network_interface/templates/bridge_Suse_script.j2{#
#
# (c) Copyright 2017 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
#}
{% include 'ifscript_header_Suse.j2' %}
{% if item.mtu is defined %}
$POST_UP || ip link set dev {{ item.device }} mtu {{ item.mtu }} || true
{% endif %}
{% if item.route is defined %}
{% for i in item.route %}
$POST_UP || route add -net {{ i.network }} netmask {{ i.netmask }} gw {{ i.gateway }} dev {{ item.device }} || true
$PRE_DOWN || route delete -net {{ i.network }} netmask {{ i.netmask }} gw {{ i.gateway }} dev {{ item.device }} || true
{% endfor %}
{% endif %}
{% if item.routing_table is defined %}
{% if item.address is defined %}
{% if item.gateway is defined %}
$POST_UP || ip route add default via {{ item.gateway }} table {{ item.routing_table }} || true
$PRE_DOWN || ip route delete default via {{ item.gateway }} table {{ item.routing_table }} || true
{% if item.cidr is defined %}
$POST_UP || ip route add {{ item.cidr }} dev {{ item.device }} table {{ item.routing_table }} || true
$PRE_DOWN || ip route delete {{ item.cidr }} dev {{ item.device }} table {{ item.routing_table }} || true
{% endif %}
$POST_UP || ip rule add from {{ item.address }} table {{ item.routing_table }} || true
$PRE_DOWN || ip rule delete from {{ item.address }} table {{ item.routing_table }} || true
{% if item.vips is defined %}
{% for vip in item.vips %}
$POST_UP || ip rule add from {{ vip }} table {{ item.routing_table }} || true
$PRE_DOWN || ip rule delete from {{ vip }} table {{ item.routing_table }} || true
{% endfor %}
{% endif %}
{% endif %}
{% endif %}
{% endif %}
0707010019CFA5000081A40000000000000000000000015B32C862000002A8000000FD0000000200000000000000000000006300000000ardana-osconfig-8.0+git.1530054754.b943409/roles/network_interface/templates/dpdk_bindings.conf.j2{#
# (c) Copyright 2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
#}
{{ interface_file_marker }}
[Service]
ExecStartPre=/usr/share/openvswitch/scripts/ovs-dpdk-bindings
0707010019CF87000081A40000000000000000000000015B32C862000002B5000000FD0000000200000000000000000000005E00000000ardana-osconfig-8.0+git.1530054754.b943409/roles/network_interface/templates/dpdk_bindings.j2{#
#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
#}
{{ interface_file_marker }}
{{ dpdk_bindings }}
0707010019CFB3000081A40000000000000000000000015B32C8620000047E000000FD0000000200000000000000000000006000000000ardana-osconfig-8.0+git.1530054754.b943409/roles/network_interface/templates/ethernet_Debian.j2{#
#
# (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
#}
{{ interface_file_marker }}
auto {{ item.device }}
{% include 'if_ipinfo_Debian.j2' %}
{% if disable_lro is defined and disable_lro %}
pre-up ethtool -K {{ item.device }} lro off || true
{% endif %}
{% if item.ovs_bridge is defined or item.pci_pt is defined or item.sriov_only is defined %}
up ip link set {{ item.device }} up || true
{% endif %}
{% if item.mtu is defined %}
post-up ip link set dev {{ item.device }} mtu {{ item.mtu }} || true
{% endif %}
{% include 'if_routes_Debian.j2' %}
0707010019CF84000081A40000000000000000000000015B32C86200000367000000FD0000000200000000000000000000006000000000ardana-osconfig-8.0+git.1530054754.b943409/roles/network_interface/templates/ethernet_RedHat.j2{#
#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
#}
{{ interface_file_marker }}
TYPE=Ethernet
{% include 'if_ipinfo_RedHat.j2' %}
{% if disable_lro is defined and disable_lro %}
ETHTOOL_OPTS="lro off"
{% endif %}
{% if item.mtu is defined %}
MTU={{ item.mtu }}
{% endif %}
0707010019CFAE000081A40000000000000000000000015B32C86200000355000000FD0000000200000000000000000000005E00000000ardana-osconfig-8.0+git.1530054754.b943409/roles/network_interface/templates/ethernet_Suse.j2{#
#
# (c) Copyright 2017 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
#}
{{ interface_file_marker }}
{% include 'if_ipinfo_Suse.j2' %}
{% if disable_lro is defined and disable_lro %}
ETHTOOL_OPTIONS="lro off"
{% endif %}
{% if item.mtu is defined %}
MTU={{ item.mtu }}
{% endif %}
0707010019CF90000081A40000000000000000000000015B32C86200000459000000FD0000000200000000000000000000006500000000ardana-osconfig-8.0+git.1530054754.b943409/roles/network_interface/templates/ethernet_Suse_script.j2{#
#
# (c) Copyright 2017 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
#}
{% include 'ifscript_header_Suse.j2' %}
{% if disable_lro is defined and disable_lro %}
$PRE_UP || ethtool -K {{ item.device }} lro off || true
{% endif %}
{% if item.ovs_bridge is defined or item.pci_pt is defined or item.sriov_only is defined %}
$POST_UP || ip link set {{ item.device }} up || true
{% endif %}
{% if item.mtu is defined %}
$POST_UP || ip link set dev {{ item.device }} mtu {{ item.mtu }} || true
{% endif %}
{% include 'if_routes_Suse.j2' %}
0707010019CF93000081A40000000000000000000000015B32C86200000493000000FD0000000200000000000000000000006100000000ardana-osconfig-8.0+git.1530054754.b943409/roles/network_interface/templates/if_ipinfo_Debian.j2{#
#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
#}
{% set family %}{% if item.family is defined and item.family == 'IPv6' %}6{% else %}{% endif %}
{% endset %}
{% if item.bootproto == 'manual' %}
iface {{ item.device }} inet{{ family }} manual
{% elif item.bootproto == 'static' %}
iface {{ item.device }} inet{{ family }} static
{% if item.address is defined %}
address {{ item.address }}
{% endif %}
{% if item.netmask is defined %}
netmask {{ item.netmask }}
{% endif %}
{% elif item.bootproto == 'dhcp' %}
iface {{ item.device }} inet{{ family }} dhcp
{% endif %}
0707010019CF8E000081A40000000000000000000000015B32C8620000048A000000FD0000000200000000000000000000006100000000ardana-osconfig-8.0+git.1530054754.b943409/roles/network_interface/templates/if_ipinfo_RedHat.j2{#
#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
#}
{% set ip_family %}{% if item.family is defined and item.family == 'IPv6' %}V6{% else %}{% endif %}
{% endset %}
DEVICE={{ item.device }}
{% if item.bootproto == 'manual' %}
BOOTPROTO=none
{% elif item.bootproto == 'static' %}
BOOTPROTO=none
{% if item.address is defined %}
IP{{ ip_family }}ADDR={{ item.address }}
{% endif %}
{% if item.netmask is defined %}
PREFIX={{ item.netmask }}
{% endif %}
{% elif item.bootproto == 'dhcp' %}
BOOTPROTO=dhcp
{% endif %}
ONBOOT=yes
NM_CONTROLLED=no
USERCTL=no
NOZEROCONF=yes
0707010019CFAA000081A40000000000000000000000015B32C86200000565000000FD0000000200000000000000000000005F00000000ardana-osconfig-8.0+git.1530054754.b943409/roles/network_interface/templates/if_ipinfo_Suse.j2{#
#
# (c) Copyright 2017 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
#}
{% set ip_family %}{% if item.family is defined and item.family == 'IPv6' %}V6{% else %}{% endif %}
{% endset %}
{% if item.bootproto == 'manual' %}
BOOTPROTO=none
{% elif item.bootproto == 'static' %}
BOOTPROTO=static
{% if item.address is defined %}
IP{{ ip_family }}ADDR={{ item.address }}
{% endif %}
{% if item.netmask is defined %}
PREFIXLEN={{ item.netmask }}
{% endif %}
{% elif item.bootproto == 'dhcp' %}
BOOTPROTO=dhcp
{% endif %}
STARTMODE=auto
PRE_UP_SCRIPT='wicked:{{ net_path }}/ifscript-{{ item.device }}.sh'
POST_UP_SCRIPT='wicked:{{ net_path }}/ifscript-{{ item.device }}.sh'
PRE_DOWN_SCRIPT='wicked:{{ net_path }}/ifscript-{{ item.device }}.sh'
POST_DOWN_SCRIPT='wicked:{{ net_path }}/ifscript-{{ item.device }}.sh'
0707010019CF96000081A40000000000000000000000015B32C862000009A7000000FD0000000200000000000000000000006100000000ardana-osconfig-8.0+git.1530054754.b943409/roles/network_interface/templates/if_routes_Debian.j2{#
#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
#}
{% set family %}{% if item.family is defined and item.family == 'IPv6' %}6{% else %}{% endif %}
{% endset %}
{% set ip_family %}
{% if family == '6' %} -f inet6{% else %}{% endif %}
{% endset %}
{% set route_family %}
{% if family == '6' %} --inet6{% else %}{% endif %}
{% endset %}
{% if item.route is defined %}
{% for i in item.route %}
{% if i.netmask == '0.0.0.0' or i.netmask == '::/0' %}
pre-up ip{{ ip_family }} route delete default || true
{% endif %}
up route{{ route_family }} add -net {{ i.network }} netmask {{ i.netmask }} gw {{ i.gateway }} dev {{ item.device }} || true
down route{{ route_family }} delete -net {{ i.network }} netmask {{ i.netmask }} gw {{ i.gateway }} dev {{ item.device }} || true
{% endfor %}
{% endif %}
{% if item.routing_table is defined %}
{% if item.address is defined %}
{% if item.gateway is defined %}
up ip{{ ip_family }} route add default via {{ item.gateway }} table {{ item.routing_table }} || true
down ip{{ ip_family }} route delete default via {{ item.gateway }} table {{ item.routing_table }} || true
{% if item.cidr is defined %}
up ip{{ ip_family }} route add {{ item.cidr }} dev {{ item.device }} table {{ item.routing_table }} || true
down ip{{ ip_family }} route delete {{ item.cidr }} dev {{ item.device }} table {{ item.routing_table }} || true
{% endif %}
up ip{{ ip_family }} rule add from {{ item.address }} table {{ item.routing_table }} || true
down ip{{ ip_family }} rule delete from {{ item.address }} table {{ item.routing_table }} || true
{% if item.vips is defined %}
{% for vip in item.vips %}
up ip{{ ip_family }} rule add from {{ vip }} table {{ item.routing_table }} || true
down ip{{ ip_family }} rule delete from {{ vip }} table {{ item.routing_table }} || true
{% endfor %}
{% endif %}
{% endif %}
{% endif %}
{% endif %}
0707010019CF9E000081A40000000000000000000000015B32C862000009FB000000FD0000000200000000000000000000005F00000000ardana-osconfig-8.0+git.1530054754.b943409/roles/network_interface/templates/if_routes_Suse.j2{#
#
# (c) Copyright 2017 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
#}
{% set family %}{% if item.family is defined and item.family == 'IPv6' %}6{% else %}{% endif %}
{% endset %}
{% set ip_family %}
{% if family == '6' %} -f inet6{% else %}{% endif %}
{% endset %}
{% set route_family %}
{% if family == '6' %} --inet6{% else %}{% endif %}
{% endset %}
{% if item.route is defined %}
{% for i in item.route %}
{% if i.netmask == '0.0.0.0' or i.netmask == '::/0' %}
$PRE_UP || ip{{ ip_family }} route delete default || true
{% endif %}
$POST_UP || route{{ route_family }} add -net {{ i.network }} netmask {{ i.netmask }} gw {{ i.gateway }} dev {{ item.device }} || true
$PRE_DOWN || route{{ route_family }} delete -net {{ i.network }} netmask {{ i.netmask }} gw {{ i.gateway }} dev {{ item.device }} || true
{% endfor %}
{% endif %}
{% if item.routing_table is defined %}
{% if item.address is defined %}
{% if item.gateway is defined %}
$POST_UP || ip{{ ip_family }} route add default via {{ item.gateway }} table {{ item.routing_table }} || true
$PRE_DOWN || ip{{ ip_family }} route delete default via {{ item.gateway }} table {{ item.routing_table }} || true
{% if item.cidr is defined %}
$POST_UP || ip{{ ip_family }} route add {{ item.cidr }} dev {{ item.device }} table {{ item.routing_table }} || true
$PRE_DOWN || ip{{ ip_family }} route delete {{ item.cidr }} dev {{ item.device }} table {{ item.routing_table }} || true
{% endif %}
$POST_UP || ip{{ ip_family }} rule add from {{ item.address }} table {{ item.routing_table }} || true
$PRE_DOWN || ip{{ ip_family }} rule delete from {{ item.address }} table {{ item.routing_table }} || true
{% if item.vips is defined %}
{% for vip in item.vips %}
$POST_UP || ip{{ ip_family }} rule add from {{ vip }} table {{ item.routing_table }} || true
$PRE_DOWN || ip{{ ip_family }} rule delete from {{ vip }} table {{ item.routing_table }} || true
{% endfor %}
{% endif %}
{% endif %}
{% endif %}
{% endif %}
0707010019CFA0000081A40000000000000000000000015B32C86200000401000000FD0000000200000000000000000000006500000000ardana-osconfig-8.0+git.1530054754.b943409/roles/network_interface/templates/ifscript_header_Suse.j2{#
#
# (c) Copyright 2017 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
#}
#!/bin/bash
{{ interface_file_marker }}
PARAM_ACTION=$1
PARAM_INTERFACE=$2
PRE_UP=true
POST_UP=true
PRE_DOWN=true
POST_DOWN=true
if [ "$PARAM_ACTION" == "pre-up" ]; then
PRE_UP=false
fi
if [ "$PARAM_ACTION" == "post-up" ]; then
POST_UP=false
fi
if [ "$PARAM_ACTION" == "pre-down" ]; then
PRE_DOWN=false
fi
if [ "$PARAM_ACTION" == "post-down" ]; then
POST_DOWN=false
fi
0707010019CF8A000081A40000000000000000000000015B32C86200000385000000FD0000000200000000000000000000005C00000000ardana-osconfig-8.0+git.1530054754.b943409/roles/network_interface/templates/libvirt_mtu.j2{#
#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
#}
{{ interface_file_marker }}
#
# systemd-udev rule to configure the maximum MTU required for libvirt network
# ports providing network access to auto-booted VMs.
#
SUBSYSTEM=="net", ACTION=="add", KERNEL=="vnet[0-9]*", ATTR{mtu}="{{ passthrough_max_mtu }}"
0707010019CFAB000081A40000000000000000000000015B32C862000007E1000000FD0000000200000000000000000000005C00000000ardana-osconfig-8.0+git.1530054754.b943409/roles/network_interface/templates/nic_mapping.j2{#
#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017-2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
#}
{{ interface_file_marker }}
#
# systemd-udev rules to map physical PCI devices to virtual NIC names.
# This is used to hard-wire a NIC name to a PCI address so that the name
# doesn't change across reboots and so that it is predictable. Defined in
# the CP input model as nic_mappings[].
#
{% for nic in nic_mappings %}
{% if nic.logical_name is defined %}
{% set run_directive = [] %}
{% for interface in sriov_interfaces %}
{% if nic.logical_name == interface.device %}
{% if run_directive.append(', RUN+="/etc/udev/ardana_udev_run.sh"') %}{% endif %}
{% endif %}
{% endfor %}
{% if nic.type == "multi-port" %}
{% set port_num = nic.port_attributes['port_num'] %}
#Backward compatiblity for 3 series and 4 series mlx drivers
SUBSYSTEM=="net", ACTION=="add", DEVPATH=="*/{{nic.bus_address}}/*", ATTR{dev_id}=="0x{{port_num}}", ATTR{dev_port}=="{{port_num}}", NAME="{{nic.logical_name}}"{{run_directive[0]|default('')}}
{% elif nic.type == "simple-port" %}
SUBSYSTEM=="net", ACTION=="add", DEVPATH=="*/{{nic.bus_address}}/*", NAME="{{nic.logical_name}}"{{run_directive[0]|default('')}}
{% else %}
SUBSYSTEM=="net", ACTION=="add", DEVPATH=="*/{{nic.bus_address}}/*", NAME="{{nic.logical_name}}"{{run_directive[0]|default('')}}
{% endif %}
{% else %}
SUBSYSTEM=="net", ACTION=="add", DEVPATH=="*/{{nic_mappings[nic]}}/*", NAME="{{nic}}"
{% endif %}
{% endfor %}
0707010019CF89000081A40000000000000000000000015B32C86200000310000000FD0000000200000000000000000000005C00000000ardana-osconfig-8.0+git.1530054754.b943409/roles/network_interface/templates/openvswitch.j2{#
#
# (c) Copyright 2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
#}
{{ interface_file_marker }}
[Service]
Environment="DPDK_OPTIONS=-c {{ dpdk_core_mask }} {{ dpdk_eal_opts }}"
Environment="OVS_VSWITCHD_GROUP={{ libvirt_qemu_user }}"
Environment="OVS_VSWITCHD_UMASK=002"0707010019CF99000081A40000000000000000000000015B32C862000002B0000000FD0000000200000000000000000000006200000000ardana-osconfig-8.0+git.1530054754.b943409/roles/network_interface/templates/ovs-dpdk-bindings.j2{#
# (c) Copyright 2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
#}
#! /bin/sh
{{ interface_file_marker }}
{{ dpdk_commands_to_load_drivers }}
{{ dpdk_commands_to_bind_nics }}
0707010019CF9F000081A40000000000000000000000015B32C86200000F2D000000FD0000000200000000000000000000006200000000ardana-osconfig-8.0+git.1530054754.b943409/roles/network_interface/templates/ovs_bridge_Debian.j2{#
#
# (c) Copyright 2015, 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
#}
{{ interface_file_marker }}
allow-ovs {{ item.device }}
{% include 'if_ipinfo_Debian.j2' %}
pre-up ovs-vsctl --timeout=5 -- --may-exist add-br {{ item.device }} \
{% if item.hwaddr is defined %}
-- set bridge {{ item.device }} other-config:hwaddr={{ item.hwaddr }} \
{% endif %}
-- set bridge {{ item.device }} datapath_type={{ item.datapath_type }} || true
{% if item.bond_mode is defined %}
pre-up ovs-vsctl --timeout=5 -- --may-exist add-bond {{ item.device }} {{ item.port }}
{%- for slave in item.bond_slaves %}
{{ slave }}
{%- endfor %}
bond_mode={{ item.bond_mode }}
{%- if item.bond_options is defined %}
{%- for key, value in item.bond_options.iteritems() %}
{%- if key == "lacp" or key == "bond_updelay" or key == "bond_downdelay" %}
{{ key }}={{ value }}
{%- else %}
other-config:{{ key }}={{ value }}
{%- endif %}
{%- endfor %}
{%- endif %}
{%- if item.dpdk_port is defined %}
{%- for slave in item.bond_slaves %}
-- set Interface {{ slave }} type=dpdk
{%- endfor %}
{%- endif %}
-- || true
{% if item.dpdk_port is not defined %}
{% for slave in item.bond_slaves %}
pre-up ip link set {{ slave }} up
{%- if item.interface_mtu is defined %}
mtu {{ item.interface_mtu }}
{%- endif %}
|| true
down ip link set {{ slave }} down || true
{% endfor %}
{%- endif %}
down ovs-vsctl --timeout=5 -- --if-exists del-port {{ item.device }} {{ item.port }} -- || true
{% elif item.vlanid is defined %}
pre-up ovs-vsctl --timeout=5 -- --may-exist add-br {{ item.port }} || true
pre-up ovs-vsctl --timeout=5 -- --may-exist add-port {{ item.device }} u-{{ item.port }}-{{ item.vlanid }} \
-- set interface u-{{ item.port }}-{{ item.vlanid }} type=patch options:peer=l-{{ item.port }}-{{ item.vlanid }} \
-- --may-exist add-port {{ item.port }} l-{{ item.port }}-{{ item.vlanid }} tag={{ item.vlanid }} \
-- set interface l-{{ item.port }}-{{ item.vlanid }} type=patch options:peer=u-{{ item.port }}-{{ item.vlanid }} || true
down ovs-vsctl --timeout=5 -- --if-exists del-port {{ item.port }} l-{{ item.port }}-{{ item.vlanid }} \
-- --if-exists del-port {{ item.device }} u-{{ item.port }}-{{ item.vlanid }} || true
{% else %}
{% if item.port is defined %}
pre-up ip addr flush dev {{ item.port }} || true
{% if item.dpdk_port is defined %}
pre-up ovs-vsctl --timeout=5 -- --may-exist add-port {{ item.device }} {{ item.port }} -- set Interface {{ item.port }} type=dpdk -- || true
{% else %}
pre-up ovs-vsctl --timeout=5 -- --may-exist add-port {{ item.device }} {{ item.port }} -- || true
{% if item.force_interface_mtu is defined and item.interface_mtu is defined %}
post-up ip link set dev {{ item.port }} mtu {{ item.interface_mtu }} || true
{% endif %}
{% endif %}
pre-up ifconfig {{ item.port }} up || true
down ovs-vsctl --timeout=5 -- --if-exists del-port {{ item.device }} {{ item.port }} -- || true
{% endif %}
{% endif %}
{% if item.mtu is defined %}
post-up ip link set dev {{ item.device }} mtu {{ item.mtu }} || true
{% endif %}
{% include 'if_routes_Debian.j2' %}
0707010019CF86000081A40000000000000000000000015B32C86200000353000000FD0000000200000000000000000000006000000000ardana-osconfig-8.0+git.1530054754.b943409/roles/network_interface/templates/ovs_bridge_Suse.j2{#
#
# (c) Copyright 2017 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017-2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
#}
{{ interface_file_marker }}
OVS_BRIDGE='yes'
{% if item.dpdk_port is not defined%}
OVS_BRIDGE_PORT_DEVICE='{{ item.port }}'
{%- endif %}
{% include 'if_ipinfo_Suse.j2' %}
ETHTOOL_OPTIONS='lro off'
0707010019CFB1000081A40000000000000000000000015B32C862000010E7000000FD0000000200000000000000000000006700000000ardana-osconfig-8.0+git.1530054754.b943409/roles/network_interface/templates/ovs_bridge_Suse_script.j2{#
#
# (c) Copyright 2017 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017-2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
#}
{% include 'ifscript_header_Suse.j2' %}
$PRE_UP || ovs-vsctl --timeout=5 -- --may-exist add-br {{ item.device }} \
{% if item.hwaddr is defined %}
-- set bridge {{ item.device }} other-config:hwaddr={{ item.hwaddr }} \
{% endif %}
-- set bridge {{ item.device }} datapath_type={{ item.datapath_type }} || true
$PRE_UP || ovs-ofctl add-flow {{ item.device }} priority=0,actions=normal || true
{% if item.bond_mode is defined %}
$PRE_UP || ovs-vsctl --timeout=5 -- --may-exist add-bond {{ item.device }} {{ item.port }}
{%- for slave in item.bond_slaves %}
{{ slave }}
{%- endfor %}
bond_mode={{ item.bond_mode }}
{%- if item.bond_options is defined %}
{%- for key, value in item.bond_options.iteritems() %}
{%- if key == "lacp" or key == "bond_updelay" or key == "bond_downdelay" %}
{{ key }}={{ value }}
{%- else %}
other-config:{{ key }}={{ value }}
{%- endif %}
{%- endfor %}
{%- endif %}
{%- if item.dpdk_port is defined %}
{%- for slave in item.bond_slaves %}
-- set Interface {{ slave }} type=dpdk options:dpdk-devargs={{ slave | pci_hw_address(nic_mappings) }}
{%- endfor %}
{%- endif %}
-- || true
{% if item.dpdk_port is not defined %}
{% for slave in item.bond_slaves %}
$PRE_UP || ip link set {{ slave }} up
{%- if item.interface_mtu is defined %}
mtu {{ item.interface_mtu }}
{%- endif %}
|| true
$POST_DOWN || ip link set {{ slave }} down || true
{% endfor %}
{%- endif %}
$POST_DOWN || ovs-vsctl --timeout=5 -- --if-exists del-port {{ item.device }} {{ item.port }} -- || true
{% elif item.vlanid is defined %}
$PRE_UP || ovs-vsctl --timeout=5 -- --may-exist add-br {{ item.port }} || true
$PRE_UP || ovs-vsctl --timeout=5 -- --may-exist add-port {{ item.device }} u-{{ item.port }}-{{ item.vlanid }} \
-- set interface u-{{ item.port }}-{{ item.vlanid }} type=patch options:peer=l-{{ item.port }}-{{ item.vlanid }} \
-- --may-exist add-port {{ item.port }} l-{{ item.port }}-{{ item.vlanid }} tag={{ item.vlanid }} \
-- set interface l-{{ item.port }}-{{ item.vlanid }} type=patch options:peer=u-{{ item.port }}-{{ item.vlanid }} || true
$POST_DOWN || ovs-vsctl --timeout=5 -- --if-exists del-port {{ item.port }} l-{{ item.port }}-{{ item.vlanid }} \
-- --if-exists del-port {{ item.device }} u-{{ item.port }}-{{ item.vlanid }} || true
{% else %}
{% if item.port is defined %}
$PRE_UP || ip addr flush dev {{ item.port }} || true
{% if item.dpdk_port is defined %}
$PRE_UP || ovs-vsctl --timeout=5 -- --may-exist add-port {{ item.device }} {{ item.port }} -- set Interface {{ item.port }} type=dpdk options:dpdk-devargs={{ item.port | pci_hw_address(nic_mappings) }} -- || true
$PRE_UP || rm /etc/sysconfig/network/ifcfg-{{ item.port }}
{% else %}
$PRE_UP || ovs-vsctl --timeout=5 -- --may-exist add-port {{ item.device }} {{ item.port }} -- || true
{% if item.force_interface_mtu is defined and item.interface_mtu is defined %}
$POST_UP || ip link set dev {{ item.port }} mtu {{ item.interface_mtu }} || true
{% endif %}
{% endif %}
$PRE_UP || ifconfig {{ item.port }} up || true
$POST_DOWN || ovs-vsctl --timeout=5 -- --if-exists del-port {{ item.device }} {{ item.port }} -- || true
{% if item.dpdk_port is defined %}
$POST_DOWN || ovs-vsctl --timeout=5 -- --if-exists del-br {{ item.device }} -- || true
{% endif %}
{% endif %}
{% endif %}
{% if item.mtu is defined %}
$POST_UP || ip link set dev {{ item.device }} mtu {{ item.mtu }} || true
{% endif %}
{% include 'if_routes_Suse.j2' %}
0707010019CFAF000081A40000000000000000000000015B32C8620000092F000000FD0000000200000000000000000000006700000000ardana-osconfig-8.0+git.1530054754.b943409/roles/network_interface/templates/ovs_bridge_down_RedHat.j2{#
#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
#}
{% set ip_family %}{% if item.family is defined and item.family == 'IPv6' %} -f inet6{% else %}{% endif %}
{% endset %}
{{ interface_file_marker }}
SERVICE_UNIT=/usr/lib/systemd/system/openvswitch-nonetwork.service
if [ -f $SERVICE_UNIT ] && [ -x /usr/bin/systemctl ]; then
if ! systemctl --quiet is-active openvswitch-nonetwork.service; then
systemctl start openvswitch-nonetwork.service
fi
else
if [ ! -f /var/lock/subsys/openvswitch ]; then
/sbin/service openvswitch start
fi
fi
{% if item.port is defined %}
ovs-vsctl --timeout=5 -- --if-exists del-port {{ item.device }} {{ item.port }} --
{% endif %}
{% if item.route is defined %}
{% for i in item.route %}
ip{{ ip_family }} route delete {{ i.network }}/{{ i.netmask }} via {{ i.gateway }} dev {{ item.device }}
{% endfor %}
{% endif %}
{% if item.routing_table is defined %}
{% if item.address is defined %}
{% if item.gateway is defined %}
ip{{ ip_family }} route delete default via {{ item.gateway }} table {{ item.routing_table }}
{% if item.cidr is defined %}
ip{{ ip_family }} route delete {{ item.cidr }} dev {{ item.device }} table {{ item.routing_table }}
{% endif %}
ip{{ ip_family }} rule delete from {{ item.address }} table {{ item.routing_table }}
{% if item.vips is defined %}
{% for vip in item.vips %}
ip{{ ip_family }} rule delete from {{ vip }} table {{ item.routing_table }}
{% endfor %}
{% endif %}
{% endif %}
{% endif %}
{% endif %}
{% if item.bootproto == 'static' and item.address is defined and item.netmask is defined %}
ip{{ ip_family }} addr delete {{ item.address }}/{{ item.netmask }} dev {{ item.device }}
{% endif %}
ip link set {{ item.device }} down
0707010019CFA4000081A40000000000000000000000015B32C86200000C43000000FD0000000200000000000000000000006500000000ardana-osconfig-8.0+git.1530054754.b943409/roles/network_interface/templates/ovs_bridge_up_RedHat.j2{#
#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
#}
{% set ip_family %}{% if item.family is defined and item.family == 'IPv6' %} -f inet6{% else %}{% endif %}
{% endset %}
{{ interface_file_marker }}
SERVICE_UNIT=/usr/lib/systemd/system/openvswitch-nonetwork.service
if [ -f $SERVICE_UNIT ] && [ -x /usr/bin/systemctl ]; then
if ! systemctl --quiet is-active openvswitch-nonetwork.service; then
systemctl start openvswitch-nonetwork.service
fi
else
if [ ! -f /var/lock/subsys/openvswitch ]; then
/sbin/service openvswitch start
fi
fi
{% if item.hwaddr is defined %}
ovs-vsctl --timeout=5 -- --may-exist add-br {{ item.device }} -- set bridge {{ item.device }} other-config:hwaddr={{ item.hwaddr }}
{% else %}
ovs-vsctl --timeout=5 -- --may-exist add-br {{ item.device }}
{% endif %}
{% if item.bootproto == 'static' and item.address is defined and item.netmask is defined %}
ip{{ ip_family }} addr add {{ item.address }}/{{ item.netmask }} dev {{ item.device }}
{% endif %}
ip link set {{ item.device }} up
{% if item.port is defined %}
ip{{ ip_family }} addr flush dev {{ item.port }}
ovs-vsctl --timeout=5 -- --may-exist add-port {{ item.device }} {{ item.port }} --
ip link set {{ item.port }} up
{% if item.mtu is defined %}
{% if network_vlan_interfaces is defined %}
{% for vlan_iface in network_vlan_interfaces if vlan_iface.device == item.port %}
ip link set dev {{ vlan_iface.vlanrawdevice }} mtu {{ vlan_iface.vlanrawdevice_mtu }}
ip link set dev {{ vlan_iface.device }} mtu {{ vlan_iface.mtu }}
{% endfor %}
{% endif %}
ip link set dev {{ item.device }} mtu {{ item.mtu }}
{% endif %}
{% endif %}
{% if item.route is defined %}
{% for i in item.route %}
{% if i.netmask == '0.0.0.0' %}
ip{{ ip_family }} route delete default
{% endif %}
ip{{ ip_family }} route add {{ i.network }}/{{ i.netmask }} via {{ i.gateway }} dev {{ item.device }}
{% endfor %}
{% endif %}
{% if item.routing_table is defined %}
{% if item.address is defined %}
{% if item.gateway is defined %}
ip{{ ip_family }} route add default via {{ item.gateway }} table {{ item.routing_table }}
{% if item.cidr is defined %}
ip{{ ip_family }} route add {{ item.cidr }} dev {{ item.device }} table {{ item.routing_table }}
{% endif %}
ip{{ ip_family }} rule add from {{ item.address }} table {{ item.routing_table }}
{% if item.vips is defined %}
{% for vip in item.vips %}
ip{{ ip_family }} rule add from {{ vip }} table {{ item.routing_table }}
{% endfor %}
{% endif %}
{% endif %}
{% endif %}
{% endif %}
0707010019CF9A000081A40000000000000000000000015B32C86200001396000000FD0000000200000000000000000000006900000000ardana-osconfig-8.0+git.1530054754.b943409/roles/network_interface/templates/ovs_reboot_workaround.sh.j2#!/bin/bash
#
# (c) Copyright 2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# ##########################################################################
#
# Workaround for network connectivity issue at node reboot when mgmt and ovs
# bridges are using same port. In that case, ovs would not be able to connect
# to rabbitmq (some models have it on controller) hence would not be able to
# complete network connectivity. So here normal ovs flow is added, to have that
# connectivity at node bootup.
# Adding this ovs flow in /etc/sysconfig/network-scripts/ifup-local-{intf}
# results in error when network restart is done by playbooks. That's why
# adding this flow just for reboot situation by adding in /etc/rc.d/rc.local
#
# ###########################################################################
# Usage: (need to run as root on host where this workaround is needed)
#
# ./ovs_reboot_workaround.sh
#
# ###########################################################################
#
# host (resource) managment ip
g_host_mgmt_ip=''
# ovs bidge device name
g_device_name=''
mqhost_route_info() {
{% if NEU.consumes_FND_RMQ.members.private[0].ip_address is defined %}
mq_hostname='{{ NEU.consumes_FND_RMQ.members.private[0].ip_address }}'
{%- endif %}
# rabbit host name or ip is required and should be non-empty.
if [ -n "$mq_hostname" ] ; then
# check rabbitmq host ip if first argument is host name
mqhost_ip=$(ping $mq_hostname -c 1 | awk 'NR < 2 {gsub(/[()]/, "", $3); print $3}')
if [ $? -eq 0 ]; then
# get network device name
g_device_name=$(ip route get $mqhost_ip | awk 'NR < 2 {print $3}')
if [ $? -eq 0 ]; then
# get route-src host mgmt network ip
g_host_mgmt_ip=$(ip route get $mqhost_ip | awk 'NR < 2 {print $5}')
fi
fi
fi
}
# Check is done based on networking data in input model.
# First get ovs bridge address and device information from input model
# And then compare the address with host mgmt ip to confirm br device name
check_via_input_model() {
local device_name=''
declare -A ovs_br_arr
{% for item in ovs_bridge_interfaces -%}
{% if host.my_network_tags is defined -%}
{%- for network_tag in host.my_network_tags -%}
{%- if network_tag.bridge_port is defined and network_tag.bridge_port == item.port -%}
{%- if item.address is defined and network_tag.address == item.address%}
ovs_br_arr['{{ item.address }}']='{{ item.device }}'
{% endif -%}
{%- endif -%}
{%- endfor -%}
{%- endif %}
{%- endfor %}
for item_key in "${!ovs_br_arr[@]}"
do
if [ "$g_host_mgmt_ip" = "$item_key" ]; then
device_name="${ovs_br_arr[$item_key]}"
break;
fi
done
if [ -n "$device_name" ] ; then
g_device_name="$device_name"
else
g_device_name=''
fi
}
# Check if same bridge port is used between ovs and mgmt bridge
# If device is not set, then its set the device for that shared bridge port
# Check is done using ovs cli commands here
check_via_ovs_cli() {
local device_found=0
check_ovs_configured=$(ovs-vsctl show)
if [ $? -eq 0 ]; then
# check if above found network exists in ovs
device_found=$(ovs-vsctl list-br | grep $g_device_name)
if [ $? -eq 0 ] && [ -n "$device_found" ]; then
br_exists=$(ovs-vsctl br-exists $g_device_name)
if [ $? -eq 0 ]; then
device_found=1
fi
fi
fi
if [ $device_found -eq 0 ] ; then
g_device_name=''
fi
}
mqhost_route_info
if [ -n $g_device_name ] ; then
check_via_input_model
if [ -n $g_device_name ] ; then
check_via_ovs_cli
fi
fi
# if bridge device name is missing or made blank in previous checks,
# skip the workaround as its not needed here.
if [ -z "$g_device_name" ] ; then
echo "Ovs reboot workaround is not applied as cannot identify bridge device name"
exit 0
fi
# check if command to add-flow already exists in
# startup file executed at node bootup
CMD_LINE="ovs-ofctl add-flow $g_device_name priority=0,actions=normal"
FILE="/etc/rc.d/rc.local"
# file should exists, just create if not there
if [ ! -f $FILE ]; then
touch $FILE
echo "#!/bin/bash" >> "$FILE"
fi
# check file has execute permission, if not add it
if [ ! -x $FILE ]; then
chmod +x $FILE
fi
# append command line in end if not there.
grep -qF "$CMD_LINE" "$FILE" || echo "$CMD_LINE" >> "$FILE"
echo "Ovs reboot workaround is applied"
0707010019CF9B000081A40000000000000000000000015B32C862000003EE000000FD0000000200000000000000000000005E00000000ardana-osconfig-8.0+git.1530054754.b943409/roles/network_interface/templates/ovs_vlan_Suse.j2{#
# (c) Copyright 2017 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#}
{{ interface_file_marker }}
OVS_BRIDGE='yes'
OVS_BRIDGE_PORT_DEVICE={{ item.device }}
PRE_UP_SCRIPT='wicked:{{ net_path }}/ifscript-{{ item.device }}.sh'
POST_UP_SCRIPT='wicked:{{ net_path }}/ifscript-{{ item.device }}.sh'
PRE_DOWN_SCRIPT='wicked:{{ net_path }}/ifscript-{{ item.device }}.sh'
POST_DOWN_SCRIPT='wicked:{{ net_path }}/ifscript-{{ item.device }}.sh'
0707010019CFAD000081A40000000000000000000000015B32C862000004E2000000FD0000000200000000000000000000006500000000ardana-osconfig-8.0+git.1530054754.b943409/roles/network_interface/templates/ovs_vlan_Suse_script.j2{#
# (c) Copyright 2017 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#}
{% include 'ifscript_header_Suse.j2' %}
$PRE_UP || ovs-vsctl --timeout=5 -- --may-exist add-br {{ item.vlanrawdevice }} || true
$PRE_UP || ovs-vsctl --timeout=5 -- --may-exist add-port {{ item.vlanrawdevice }} {{ item.device }} tag={{ item.vlanid }} \
-- set interface {{ item.device }} type=internal || true
$POST_DOWN || ovs-vsctl --timeout=5 -- --if-exists del-port {{ item.vlanrawdevice }} {{ item.device }} || true
{% if item.mtu is defined %}
$POST_UP || ip link set dev {{ item.device }} mtu {{ item.mtu }} || true
{% endif %}
{% include 'if_routes_Suse.j2' %}
0707010019CF8B000081A40000000000000000000000015B32C86200000503000000FD0000000200000000000000000000006000000000ardana-osconfig-8.0+git.1530054754.b943409/roles/network_interface/templates/ovs_vlan_debian.j2{#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#}
{{ interface_file_marker }}
allow-ovs {{ item.device }}
{% include 'if_ipinfo_Debian.j2' %}
pre-up ovs-vsctl --timeout=5 -- --may-exist add-br {{ item.vlanrawdevice }} || true
pre-up ovs-vsctl --timeout=5 -- --may-exist add-port {{ item.vlanrawdevice }} {{ item.device }} tag={{ item.vlanid }} \
-- set interface {{ item.device }} type=internal || true
down ovs-vsctl --timeout=5 -- --if-exists del-port {{ item.vlanrawdevice }} {{ item.device }} || true
{% if item.mtu is defined %}
post-up ip link set dev {{ item.device }} mtu {{ item.mtu }} || true
{% endif %}
{% include 'if_routes_Debian.j2' %}
0707010019CFA2000081A40000000000000000000000015B32C8620000047C000000FD0000000200000000000000000000005D00000000ardana-osconfig-8.0+git.1530054754.b943409/roles/network_interface/templates/route_RedHat.j2{#
#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
#}
{{ interface_file_marker }}
{% if item.route is defined %}
{% for i in item.route %}
{{ i.network }}/{{ i.netmask }} via {{ i.gateway }} dev {{ item.device }}
{% endfor %}
{% endif %}
{% if item.routing_table is defined %}
{% if item.address is defined %}
{% if item.gateway is defined %}
default via {{ item.gateway }} table {{ item.routing_table }}
{% if item.cidr is defined %}
{{ item.cidr }} dev {{ item.device }} table {{ item.routing_table }}
{% endif %}
{% endif %}
{% endif %}
{% endif %}
0707010019CFA1000081A40000000000000000000000015B32C8620000047C000000FD0000000200000000000000000000005B00000000ardana-osconfig-8.0+git.1530054754.b943409/roles/network_interface/templates/route_Suse.j2{#
#
# (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
#}
{{ interface_file_marker }}
{% if item.route is defined %}
{% for i in item.route %}
{{ i.network }}/{{ i.netmask }} via {{ i.gateway }} dev {{ item.device }}
{% endfor %}
{% endif %}
{% if item.routing_table is defined %}
{% if item.address is defined %}
{% if item.gateway is defined %}
default via {{ item.gateway }} table {{ item.routing_table }}
{% if item.cidr is defined %}
{{ item.cidr }} dev {{ item.device }} table {{ item.routing_table }}
{% endif %}
{% endif %}
{% endif %}
{% endif %}
0707010019CF91000081A40000000000000000000000015B32C862000003E5000000FD0000000200000000000000000000005C00000000ardana-osconfig-8.0+git.1530054754.b943409/roles/network_interface/templates/rule_RedHat.j2{#
#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
#}
{{ interface_file_marker }}
{% if item.routing_table is defined %}
{% if item.address is defined %}
{% if item.gateway is defined %}
from {{ item.address }} table {{ item.routing_table }}
{% if item.vips is defined %}
{% for vip in item.vips %}
from {{ vip }} table {{ item.routing_table }}
{% endfor %}
{% endif %}
{% endif %}
{% endif %}
{% endif %}
0707010019CFA9000081A40000000000000000000000015B32C862000003E5000000FD0000000200000000000000000000005A00000000ardana-osconfig-8.0+git.1530054754.b943409/roles/network_interface/templates/rule_Suse.j2{#
#
# (c) Copyright 2017 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
#}
{{ interface_file_marker }}
{% if item.routing_table is defined %}
{% if item.address is defined %}
{% if item.gateway is defined %}
from {{ item.address }} table {{ item.routing_table }}
{% if item.vips is defined %}
{% for vip in item.vips %}
from {{ vip }} table {{ item.routing_table }}
{% endfor %}
{% endif %}
{% endif %}
{% endif %}
{% endif %}
0707010019CF85000081A40000000000000000000000015B32C86200000507000000FD0000000200000000000000000000005C00000000ardana-osconfig-8.0+git.1530054754.b943409/roles/network_interface/templates/vlan_Debian.j2{#
#
# (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
#}
{{ interface_file_marker }}
auto {{ item.device }}
{% include 'if_ipinfo_Debian.j2' %}
{% if item.vlanrawdevice is defined %}
vlan-raw-device {{ item.vlanrawdevice }}
{% if disable_lro is defined and disable_lro %}
pre-up ethtool -K {{ item.vlanrawdevice }} lro off || true
{% endif %}
{% if item.mtu is defined %}
post-up ip link set dev {{ item.vlanrawdevice }} mtu {{ item.vlanrawdevice_mtu }} || true
post-up ip link set dev {{ item.device }} mtu {{ item.mtu }} || true
{% endif %}
{% endif %}
{% if item.ovs_bridge is defined %}
up ip link set {{ item.device }} up || true
{% endif %}
{% include 'if_routes_Debian.j2' %}
0707010019CF9C000081A40000000000000000000000015B32C8620000036C000000FD0000000200000000000000000000005C00000000ardana-osconfig-8.0+git.1530054754.b943409/roles/network_interface/templates/vlan_RedHat.j2{#
#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
#}
{{ interface_file_marker }}
TYPE=Ethernet
{% include 'if_ipinfo_RedHat.j2' %}
VLAN=yes
{% if item.vlanrawdevice is defined %}
PHYSDEV={{ item.vlanrawdevice }}
{% endif %}
{% if item.mtu is defined %}
MTU={{ item.mtu }}
{% endif %}
0707010019CFA8000081A40000000000000000000000015B32C86200000394000000FD0000000200000000000000000000005A00000000ardana-osconfig-8.0+git.1530054754.b943409/roles/network_interface/templates/vlan_Suse.j2{#
#
# (c) Copyright 2017 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
#}
{{ interface_file_marker }}
{% include 'if_ipinfo_Suse.j2' %}
{% if disable_lro is defined and disable_lro %}
ETHTOOL_OPTIONS="lro off"
{% endif %}
{% if item.mtu is defined %}
MTU={{ item.mtu }}
{% endif %}
ETHERDEVICE={{ item.vlanrawdevice }}
VLAN_ID={{ item.vlanid }}
0707010019CFA7000081A40000000000000000000000015B32C862000004BB000000FD0000000200000000000000000000006100000000ardana-osconfig-8.0+git.1530054754.b943409/roles/network_interface/templates/vlan_Suse_script.j2{#
#
# (c) Copyright 2017 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
#}
{% include 'ifscript_header_Suse.j2' %}
{% if item.vlanrawdevice is defined %}
{% if disable_lro is defined and disable_lro %}
$PRE_UP || ethtool -K {{ item.vlanrawdevice }} lro off || true
{% endif %}
{% if item.mtu is defined %}
$POST_UP || ip link set dev {{ item.vlanrawdevice }} mtu {{ item.vlanrawdevice_mtu }} || true
$POST_UP || ip link set dev {{ item.device }} mtu {{ item.mtu }} || true
{% endif %}
{% endif %}
{% if item.ovs_bridge is defined %}
$POST_UP || ip link set {{ item.device }} up || true
{% endif %}
{% include 'if_routes_Suse.j2' %}
0707010019CF94000081A40000000000000000000000015B32C862000003E4000000FD0000000200000000000000000000005F00000000ardana-osconfig-8.0+git.1530054754.b943409/roles/network_interface/templates/vlan_up_RedHat.j2{#
#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
#}
{{ interface_file_marker }}
{% if item.vlanrawdevice is defined %}
{% if disable_lro is defined and disable_lro %}
ethtool -K {{ item.vlanrawdevice }} lro off
{% endif %}
{% if item.mtu is defined %}
ip link set dev {{ item.vlanrawdevice }} mtu {{ item.vlanrawdevice_mtu }}
ip link set dev {{ item.device }} mtu {{ item.mtu }}
{% endif %}
{% endif %}
0707010019CFAC000081A40000000000000000000000015B32C862000003E4000000FD0000000200000000000000000000005D00000000ardana-osconfig-8.0+git.1530054754.b943409/roles/network_interface/templates/vlan_up_Suse.j2{#
#
# (c) Copyright 2017 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
#}
{{ interface_file_marker }}
{% if item.vlanrawdevice is defined %}
{% if disable_lro is defined and disable_lro %}
ethtool -K {{ item.vlanrawdevice }} lro off
{% endif %}
{% if item.mtu is defined %}
ip link set dev {{ item.vlanrawdevice }} mtu {{ item.vlanrawdevice_mtu }}
ip link set dev {{ item.device }} mtu {{ item.mtu }}
{% endif %}
{% endif %}
0707010019CF67000041ED0000000000000000000000025B32C86200000000000000FD0000000200000000000000000000004800000000ardana-osconfig-8.0+git.1530054754.b943409/roles/network_interface/vars0707010019CF69000081A40000000000000000000000015B32C86200000F41000000FD0000000200000000000000000000005300000000ardana-osconfig-8.0+git.1530054754.b943409/roles/network_interface/vars/debian.yml# (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
---
network_pkgs:
- python-selinux
- ifenslave-2.6
- vlan
openvswitch_packages:
- openvswitch-switch
openvswitch_packages_dpdk:
- openvswitch-switch
- openvswitch-switch-dpdk
linuxbridge_packages:
- bridge-utils
net_path: "/etc/network/interfaces.d"
disable_lro: true
dpdk_enabled: "
{%- if dpdk_network_devices is defined and \
dpdk_network_devices.FND_OVS is defined and \
dpdk_network_devices.FND_OVS.devices is defined -%}
{%- if dpdk_network_devices.FND_OVS.devices|length > 0 -%}
True
{% else %}
False
{%- endif -%}
{% else %}
False
{%- endif -%}"
dpdk_eal_opts: "
{% set temp_list = [] %}
{%- if dpdk_network_devices is defined and \
dpdk_network_devices.FND_OVS is defined and \
dpdk_network_devices.FND_OVS.eal_options is defined -%}
{%- for opt in dpdk_network_devices.FND_OVS.eal_options -%}
{%- if opt.value is defined -%}
{%- if opt.value|string|length == 1 -%}
{%- set opts = '-'+opt.name+' '+opt.value|string+' ' -%}
{%- else -%}
{%- set opts = '--'+opt.name+' '+opt.value|string+' ' -%}
{%- endif -%}
{%- else -%}
{%- set opts = opt.name+' ' -%}
{%- endif -%}
{%- if temp_list.append( opts ) -%}{%- endif -%}
{%- endfor -%}
{%- endif -%}
{{ temp_list|join ('') }}"
dpdk_core_mask: "{{ host | item('cpu_assignments.FND_OVS.eal.bitmask', default='1') }}"
dpdk_pmd_mask: "{{ host | item('cpu_assignments.FND_OVS.pmd.bitmask', default='2') }}"
# this will leave tmp_dpdk_rx_queues either an empty string or opt.value
tmp_dpdk_rx_queues: "
{%- if dpdk_network_devices is defined and \
dpdk_network_devices.FND_OVS is defined and \
dpdk_network_devices.FND_OVS.component_options is defined -%}
{%- for opt in dpdk_network_devices.FND_OVS.component_options -%}
{%- if opt.name|string == 'n-dpdk-rxqs' -%}
{{ opt.value }}
{%- endif -%}
{%- endfor -%}
{%- endif -%}"
# handle the empty string as a default
dpdk_rx_queues: "
{%- if tmp_dpdk_rx_queues == '' -%}
1
{%- else -%}
{{ tmp_dpdk_rx_queues }}
{%- endif -%}"
dpdk_bindings: "
{% set temp_list = [] %}
{%- if dpdk_network_devices is defined and \
dpdk_network_devices.FND_OVS is defined and \
dpdk_network_devices.FND_OVS.devices is defined -%}
{%- for entry in dpdk_network_devices.FND_OVS.devices -%}
{% if entry.driver is defined -%}
{% set line = '\npci ' + entry.bus_address + ' ' + entry.driver %}
{%- if temp_list.append( line ) -%}{%- endif -%}
{%- endif -%}
{%- endfor -%}
{%- endif -%}
{{ temp_list |join ('') }}"
dpdk_drivers: "
{% set temp_list = [] %}
{%- if dpdk_network_devices is defined and \
dpdk_network_devices.FND_OVS is defined and \
dpdk_network_devices.FND_OVS.devices is defined -%}
{%- for device in dpdk_network_devices.FND_OVS.devices -%}
{% if device.driver is defined -%}
{%- if temp_list.append( device.driver ) -%}{%- endif -%}
{%- endif -%}
{%- endfor -%}
{%- endif -%}
{{ temp_list|unique|join(',')}}"
0707010019CF6C000081A40000000000000000000000015B32C862000002D8000000FD0000000200000000000000000000005800000000ardana-osconfig-8.0+git.1530054754.b943409/roles/network_interface/vars/debian_dpdk.yml# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
---
dpdk_extra:
packages: []
modules: []
ovs_opts: ''
0707010019CF6E000081A40000000000000000000000015B32C86200000321000000FD0000000200000000000000000000005100000000ardana-osconfig-8.0+git.1530054754.b943409/roles/network_interface/vars/main.yml# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
---
env:
RUNLEVEL: 1
routing_table_file : '/etc/iproute2/rt_tables'
routing_table_marker : 'ardana'
routing_table_id_start : 101
0707010019CF68000081A40000000000000000000000015B32C86200000438000000FD0000000200000000000000000000005300000000ardana-osconfig-8.0+git.1530054754.b943409/roles/network_interface/vars/redhat.yml# (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017-2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
---
network_pkgs:
- libselinux-python
- bridge-utils
- iputils
- net-tools
openvswitch_packages:
- openvswitch
openvswitch_packages_dpdk: []
linuxbridge_packages:
- bridge-utils
disable_svcs:
- NetworkManager
net_path: "/etc/sysconfig/network-scripts"
dpdk_enabled: "False"
dpdk_eal_opts: ""
dpdk_core_mask: ""
dpdk_pmd_mask: ""
dpdk_rx_queues: ""
dpdk_bindings: ""
dpdk_drivers: ""
0707010019CF6D000081A40000000000000000000000015B32C862000002D8000000FD0000000200000000000000000000005800000000ardana-osconfig-8.0+git.1530054754.b943409/roles/network_interface/vars/redhat_dpdk.yml# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
---
dpdk_extra:
packages: []
modules: []
ovs_opts: ''
0707010019CF6B000081A40000000000000000000000015B32C8620000115C000000FD0000000200000000000000000000005100000000ardana-osconfig-8.0+git.1530054754.b943409/roles/network_interface/vars/suse.yml# (c) Copyright 2017 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017-2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
---
network_pkgs:
- python-selinux
- bridge-utils
- iputils
openvswitch_packages:
- openvswitch
openvswitch_packages_dpdk: []
linuxbridge_packages:
- bridge-utils
net_path: "/etc/sysconfig/network"
dpdk_enabled: "
{%- if dpdk_network_devices is defined and \
dpdk_network_devices.FND_OVS is defined and \
dpdk_network_devices.FND_OVS.devices is defined -%}
{%- if dpdk_network_devices.FND_OVS.devices|length > 0 -%}
True
{% else %}
False
{%- endif -%}
{% else %}
False
{%- endif -%}"
dpdk_eal_opts: "
{% set temp_list = [] %}
{%- if dpdk_network_devices is defined and \
dpdk_network_devices.FND_OVS is defined and \
dpdk_network_devices.FND_OVS.eal_options is defined -%}
{%- for opt in dpdk_network_devices.FND_OVS.eal_options -%}
{%- if opt.value is defined -%}
{%- if opt.value|string|length == 1 -%}
{%- do temp_list.append('-'+opt.name+' '+opt.value|string+' ') -%}
{%- else -%}
{%- do temp_list.append('--'+opt.name+' '+opt.value|string+' ') -%}
{%- endif -%}
{%- else -%}
{%- do temp_list.append(opt.name+' ') -%}
{%- endif -%}
{%- endfor -%}
{%- endif -%}
{{ temp_list | join ('') }}"
dpdk_core_mask: "{{ host | item('cpu_assignments.FND_OVS.eal.bitmask', default='1') }}"
dpdk_pmd_mask: "{{ host | item('cpu_assignments.FND_OVS.pmd.bitmask', default='2') }}"
# this will leave tmp_dpdk_rx_queues either an empty string or opt.value
tmp_dpdk_rx_queues: "
{%- if dpdk_network_devices is defined and \
dpdk_network_devices.FND_OVS is defined and \
dpdk_network_devices.FND_OVS.component_options is defined -%}
{%- for opt in dpdk_network_devices.FND_OVS.component_options -%}
{%- if opt.name|string == 'n-dpdk-rxqs' -%}
{{ opt.value }}
{%- endif -%}
{%- endfor -%}
{%- endif -%}"
# handle the empty string as a default
dpdk_rx_queues: "
{%- if tmp_dpdk_rx_queues == '' -%}
1
{%- else -%}
{{ tmp_dpdk_rx_queues }}
{%- endif -%}"
dpdk_bindings: "
{% set temp_list = [] %}
{%- if dpdk_network_devices is defined and \
dpdk_network_devices.FND_OVS is defined and \
dpdk_network_devices.FND_OVS.devices is defined -%}
{%- for entry in dpdk_network_devices.FND_OVS.devices -%}
{% if entry.driver is defined -%}
{% do temp_list.append( '\npci ' + entry.bus_address + ' ' + entry.driver) %}
{%- endif -%}
{%- endfor -%}
{%- endif -%}
{{ temp_list | join ('') }}"
dpdk_commands_to_bind_nics: "
{% set temp_list = [] %}
{%- if dpdk_network_devices is defined and \
dpdk_network_devices.FND_OVS is defined and \
dpdk_network_devices.FND_OVS.devices is defined -%}
{%- for entry in dpdk_network_devices.FND_OVS.devices -%}
{% if entry.driver is defined -%}
{% do temp_list.append('/usr/sbin/dpdk-devbind -b ' + entry.driver + ' ' + entry.bus_address) %}
{%- endif -%}
{%- endfor -%}
{%- endif -%}
{{ temp_list|join ('\n') }}"
dpdk_drivers: "
{% set temp_list = [] %}
{%- if dpdk_network_devices is defined and \
dpdk_network_devices.FND_OVS is defined and \
dpdk_network_devices.FND_OVS.devices is defined -%}
{%- for device in dpdk_network_devices.FND_OVS.devices -%}
{%- if device.driver is defined -%}
{% do temp_list.append( device.driver ) %}
{%- endif -%}
{%- endfor -%}
{%- endif -%}
{{ temp_list | unique | join(',') }}"
dpdk_commands_to_load_drivers: "
{% set temp_list = [] %}
{%- for driver in dpdk_drivers.split(',') -%}
{% do temp_list.append( '/usr/sbin/modprobe --allow-unsupported ' + driver) %}
{%- endfor -%}
{{ temp_list |unique |join ('\n') }}"0707010019CF6A000081A40000000000000000000000015B32C86200000302000000FD0000000200000000000000000000005600000000ardana-osconfig-8.0+git.1530054754.b943409/roles/network_interface/vars/suse_dpdk.yml# (c) Copyright 2017 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017-2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
---
dpdk_extra:
packages:
- dpdk-tools
- dpdk-kmp-default
modules: []
ovs_opts: ''
0707010019CFB7000041ED0000000000000000000000075B32C86200000000000000FD0000000200000000000000000000003A00000000ardana-osconfig-8.0+git.1530054754.b943409/roles/osconfig0707010019D04D000041ED0000000000000000000000085B32C86200000000000000FD0000000200000000000000000000004100000000ardana-osconfig-8.0+git.1530054754.b943409/roles/osconfig-common0707010019D05D000041ED0000000000000000000000025B32C86200000000000000FD0000000200000000000000000000004A00000000ardana-osconfig-8.0+git.1530054754.b943409/roles/osconfig-common/defaults0707010019D05E000081A40000000000000000000000015B32C8620000029E000000FD0000000200000000000000000000005300000000ardana-osconfig-8.0+git.1530054754.b943409/roles/osconfig-common/defaults/main.yml#
# (c) Copyright 2015 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
ardana_irq_hint_policy: ""
0707010019D055000041ED0000000000000000000000025B32C86200000000000000FD0000000200000000000000000000004A00000000ardana-osconfig-8.0+git.1530054754.b943409/roles/osconfig-common/handlers0707010019D056000081A40000000000000000000000015B32C86200000283000000FD0000000200000000000000000000005300000000ardana-osconfig-8.0+git.1530054754.b943409/roles/osconfig-common/handlers/main.yml#
# (c) Copyright 2015 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
0707010019D057000041ED0000000000000000000000025B32C86200000000000000FD0000000200000000000000000000004900000000ardana-osconfig-8.0+git.1530054754.b943409/roles/osconfig-common/library0707010019D058000081A40000000000000000000000015B32C8620000054C000000FD0000000200000000000000000000005C00000000ardana-osconfig-8.0+git.1530054754.b943409/roles/osconfig-common/library/get_serial_ttys.py#!/usr/bin/python
#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
import os
import subprocess
def main():
module = AnsibleModule(
argument_spec=dict(
dev_ins=dict(required=True)
)
)
devices = module.params['dev_ins']
ret_list=[]
for device in devices:
devpath = "/dev/tty" + device
if not os.path.exists(devpath):
return None
try:
fd = os.open(devpath, os.O_RDONLY)
except Exception as e:
module.fail_json(msg = "Failed to open device %s, %s" % (devpath, str(e)))
if os.isatty(fd):
ret_list.append(device)
module.exit_json(
dev_outs=ret_list,
changed=True
)
from ansible.module_utils.basic import * # NOQA
main()
0707010019D059000041ED0000000000000000000000025B32C86200000000000000FD0000000200000000000000000000004700000000ardana-osconfig-8.0+git.1530054754.b943409/roles/osconfig-common/tasks0707010019D05A000081A40000000000000000000000015B32C86200000745000000FD0000000200000000000000000000005000000000ardana-osconfig-8.0+git.1530054754.b943409/roles/osconfig-common/tasks/main.yml#
# (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017-2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- name: osconfig-common | main | Set os-specific variables
include_vars: "{{ ansible_os_family | lower }}.yml"
- name: Install common packages
become: yes
package:
name: "{{ item }}"
state: present
with_items:
common_packages
- name: check irqbalance config
become: yes
shell: lsmod | grep {{ item }}
with_items: irq_affinity_drivers
register: is_driver_loaded
ignore_errors: yes
- name: Set irqbalance hint policy default
set_fact:
ardana_irq_hint_policy: OPTIONS="--hintpolicy=ignore"
when: item.rc == 0
with_items: "{{ is_driver_loaded.results }}"
- name : Set irqbalance config file
become: yes
template:
src: default-irqbalance.j2
dest: /etc/default/irqbalance
register: new_default_irqbalance
- name: restart irqbalance if necesary
become: yes
service:
name: irqbalance
state: restarted
when: new_default_irqbalance.changed
- name: Get serial consoles
become: yes
get_serial_ttys:
dev_ins: "{{ tty_list }}"
register: serial_ttys
- name: Setup serial consoles
become: yes
service:
name: serial-getty@tty{{ item }}.service
enabled: yes
state: started
with_items:
"{{ serial_ttys.dev_outs }}"
0707010019D05B000041ED0000000000000000000000025B32C86200000000000000FD0000000200000000000000000000004B00000000ardana-osconfig-8.0+git.1530054754.b943409/roles/osconfig-common/templates0707010019D05C000081A40000000000000000000000015B32C862000002FF000000FD0000000200000000000000000000006100000000ardana-osconfig-8.0+git.1530054754.b943409/roles/osconfig-common/templates/default-irqbalance.j2{#
#
# (c) Copyright 2015 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
#}
#Should irqbalance be enabled?
ENABLED="1"
#Balance the IRQs only once?
ONESHOT="0"
#Options
{{ ardana_irq_hint_policy }}
0707010019D04F000041ED0000000000000000000000025B32C86200000000000000FD0000000200000000000000000000004600000000ardana-osconfig-8.0+git.1530054754.b943409/roles/osconfig-common/vars0707010019D051000081A40000000000000000000000015B32C862000003A6000000FD0000000200000000000000000000005100000000ardana-osconfig-8.0+git.1530054754.b943409/roles/osconfig-common/vars/debian.yml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017-2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
# apt packages in this list will be installed on all nodes
common_packages:
- irqbalance
- dbus
- vim
- python-yaml
ntp_cli_pkgs:
- lockfile-progs
- ntpdate
- ntp
- util-linux
ntp_srv_pkgs:
- lockfile-progs
- ntpdate
- ntp
- util-linux
ntp_service_name: ntp
0707010019D053000081A40000000000000000000000015B32C862000002F3000000FD0000000200000000000000000000004F00000000ardana-osconfig-8.0+git.1530054754.b943409/roles/osconfig-common/vars/main.yml#
# (c) Copyright 2015 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
#Check on drivers that set affinity on numa themselves
irq_affinity_drivers:
- ixgbe
tty_list:
- S0
- S1
- S2
0707010019D050000081A40000000000000000000000015B32C86200000368000000FD0000000200000000000000000000005100000000ardana-osconfig-8.0+git.1530054754.b943409/roles/osconfig-common/vars/redhat.yml#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017-2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
# yum packages in this list will be installed on all nodes
common_packages:
- irqbalance
- dbus
- vim
- python-yaml
ntp_cli_pkgs:
- ntpdate
- ntp
ntp_srv_pkgs:
- ntpdate
- ntp
ntp_service_name: ntpd
0707010019D052000081A40000000000000000000000015B32C8620000036B000000FD0000000200000000000000000000004F00000000ardana-osconfig-8.0+git.1530054754.b943409/roles/osconfig-common/vars/suse.yml#
# (c) Copyright 2017 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017-2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
# zypper packages in this list will be installed on all nodes
common_packages:
- irqbalance
- dbus-1
- vim
- libyaml-0-2
- rsyslog
ntp_cli_pkgs:
- ntp
ntp_srv_pkgs:
- ntp
- util-linux
ntp_service_name: ntpd
0707010019CF58000041ED0000000000000000000000065B32C86200000000000000FD0000000200000000000000000000004300000000ardana-osconfig-8.0+git.1530054754.b943409/roles/osconfig-iptables0707010019CF64000041ED0000000000000000000000025B32C86200000000000000FD0000000200000000000000000000004C00000000ardana-osconfig-8.0+git.1530054754.b943409/roles/osconfig-iptables/defaults0707010019CF65000081A40000000000000000000000015B32C862000003A5000000FD0000000200000000000000000000005500000000ardana-osconfig-8.0+git.1530054754.b943409/roles/osconfig-iptables/defaults/main.yml# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
---
# defaults file for iptables
# Make sure that 'lock_path' here matches the 'neutron_common_rundir'
# in roles/neutron-common/defaults/main.yml
lock_path: "{{neutron_common_rundir}}/lock"
lock_name: 'iptables'
lock_timeout: 120
synchronized_prefix: 'neutron-'
0707010019CF5E000041ED0000000000000000000000025B32C86200000000000000FD0000000200000000000000000000004C00000000ardana-osconfig-8.0+git.1530054754.b943409/roles/osconfig-iptables/handlers0707010019CF5F000081A40000000000000000000000015B32C862000002BA000000FD0000000200000000000000000000005500000000ardana-osconfig-8.0+git.1530054754.b943409/roles/osconfig-iptables/handlers/main.yml# (c) Copyright 2015 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
---
# handlers file for iptables
0707010019CF60000041ED0000000000000000000000025B32C86200000000000000FD0000000200000000000000000000004900000000ardana-osconfig-8.0+git.1530054754.b943409/roles/osconfig-iptables/tasks0707010019CF62000081A40000000000000000000000015B32C862000004BA000000FD0000000200000000000000000000005700000000ardana-osconfig-8.0+git.1530054754.b943409/roles/osconfig-iptables/tasks/configure.yml# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
---
# Playbook to configure iptable rules
- name: osconfig-iptables | configure | apply firewall rules
become: yes
iptables_update:
enable: "{{ firewall.enable }}"
logging: "{{ firewall.settings.logging|default(true) }}"
ardana_chains: "{{ firewall.managed_networks }}"
rules: "{{ firewall.rules }}"
lock_path: "{{ lock_path }}"
lock_name: "{{ lock_name }}"
lock_timeout: "{{ lock_timeout }}"
synchronized_prefix: "{{ synchronized_prefix }}"
os_family: "{{ ansible_os_family }}"
register: result
0707010019CF61000081A40000000000000000000000015B32C86200000609000000FD0000000200000000000000000000005500000000ardana-osconfig-8.0+git.1530054754.b943409/roles/osconfig-iptables/tasks/install.yml# (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017-2018 SUSE LLC
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
---
# iptables install playbook
- name: osconfig-iptables | install | RedHat- Prevent potential sample iptables
become: yes
file:
path: "{{ item }}"
state: touch
mode: 0644
with_items:
- /etc/sysconfig/iptables
- /etc/sysconfig/ip6tables
when:
ansible_os_family == 'RedHat'
- name: osconfig-iptables | install | Install the required packages
become: yes
package:
name: "{{ item }}"
state: present
with_items:
iptables_pkgs
- name: osconfig-iptables | install | Disable unsupported OS services
become: yes
service:
name: "{{ item }}"
state: stopped
enabled: no
with_items:
"{{ disable_svcs|default([]) }}"
- name: osconfig-iptables | install | Enable services
become: yes
service:
name: "{{ item }}"
state: started
enabled: yes
with_items:
"{{ enable_svcs|default([]) }}"
0707010019CF63000081A40000000000000000000000015B32C86200000370000000FD0000000200000000000000000000005200000000ardana-osconfig-8.0+git.1530054754.b943409/roles/osconfig-iptables/tasks/main.yml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- name: osconfig-iptables | main | Set os-specific variables
include_vars: "{{ ansible_os_family | lower }}.yml"
- include: install.yml
when:
osconfig_iptables_run_mode is defined and
osconfig_iptables_run_mode == "install"
0707010019CF59000041ED0000000000000000000000025B32C86200000000000000FD0000000200000000000000000000004800000000ardana-osconfig-8.0+git.1530054754.b943409/roles/osconfig-iptables/vars0707010019CF5B000081A40000000000000000000000015B32C86200000315000000FD0000000200000000000000000000005300000000ardana-osconfig-8.0+git.1530054754.b943409/roles/osconfig-iptables/vars/debian.yml# (c) Copyright 2015 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
---
# Debian specific vars file for iptables
iptables_pkgs:
- iptables
- netfilter-persistent
- iptables-persistent
0707010019CF5D000081A40000000000000000000000015B32C862000002B6000000FD0000000200000000000000000000005100000000ardana-osconfig-8.0+git.1530054754.b943409/roles/osconfig-iptables/vars/main.yml# (c) Copyright 2015 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
---
# vars file for iptables
0707010019CF5A000081A40000000000000000000000015B32C86200000340000000FD0000000200000000000000000000005300000000ardana-osconfig-8.0+git.1530054754.b943409/roles/osconfig-iptables/vars/redhat.yml# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You mayobtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
# RedHat specific vars file for iptables
iptables_pkgs:
- iptables
- iptables-services
disable_svcs:
- firewalld
enable_svcs:
- iptables
- ip6tables
0707010019CF5C000081A40000000000000000000000015B32C86200000316000000FD0000000200000000000000000000005100000000ardana-osconfig-8.0+git.1530054754.b943409/roles/osconfig-iptables/vars/suse.yml# (c) Copyright 2017 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You mayobtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
# SLES specific vars file for iptables
iptables_pkgs:
- iptables
disable_svcs:
- SuSEfirewall2_init
- SuSEfirewall2
0707010019D01B000041ED0000000000000000000000075B32C86200000000000000FD0000000200000000000000000000004600000000ardana-osconfig-8.0+git.1530054754.b943409/roles/osconfig-network-pci0707010019D029000041ED0000000000000000000000025B32C86200000000000000FD0000000200000000000000000000004F00000000ardana-osconfig-8.0+git.1530054754.b943409/roles/osconfig-network-pci/defaults0707010019D02A000081A40000000000000000000000015B32C862000004B4000000FD0000000200000000000000000000005800000000ardana-osconfig-8.0+git.1530054754.b943409/roles/osconfig-network-pci/defaults/main.yml# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
---
udev_dir: "/etc/udev"
config_scripts: "{% set temp_list = [] %}
{%- if sriov_interfaces is defined -%}
{%- for interface in sriov_interfaces -%}
{%- if temp_list.append( interface.config_script ) -%}
{%- endif -%}
{%- endfor -%}
{%- endif -%}
{{ temp_list|unique }}"
pci_file_marker: '# ARDANA-MANAGED - Managed by Ardana - Do not edit'
network_pci_pt_sriov_interfaces: []
0707010019D01E000041ED0000000000000000000000025B32C86200000000000000FD0000000200000000000000000000004C00000000ardana-osconfig-8.0+git.1530054754.b943409/roles/osconfig-network-pci/files0707010019D020000081A40000000000000000000000015B32C862000014AE000000FD0000000200000000000000000000006200000000ardana-osconfig-8.0+git.1530054754.b943409/roles/osconfig-network-pci/files/ardana_network_pci.py#!/usr/bin/python
#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# This file will be called by ardana_udev_run.sh to configure or remove VF's
# based on the interface removed/added/updated.
import os
import sys
import syslog
import yaml
SUCCESS = 0
FAILURE = 1
SKIPPED = 2
class udev_pci_request(object):
def __init__(self, devpath):
self._device_name = None
self._device_address = None
# Parse the devpath
if devpath:
path_parts = devpath.split("/")
self._device_name = path_parts[6] \
if len(path_parts) >= 7 else None
self._device_address = path_parts[4] \
if len(path_parts) >= 5 else None
@property
def device_name(self):
return self._device_name
@property
def device_address(self):
return self._device_address
class network_pci_database(object):
UDEV_DIR = '/etc/udev'
DB_FILE = UDEV_DIR + '/network-pci.yml'
def __init__(self):
# Construct the DB map
self._nic_device_map = {}
# Scan db file and create device map
self._load_devices()
def _read_db(self, db_file):
data = {}
try:
if os.path.isfile(db_file):
with open(db_file, 'r') as _db_file:
data = yaml.load(_db_file)
if data is None:
data = {}
except Exception:
# Log message, do not fail UDEV
syslog.syslog(syslog.LOG_ERR, '%s not found' % 'db_file')
return data
def _load_devices(self):
# Read the db files and store in respective device map
data = self._read_db(self.DB_FILE)
# Making sure that the key 'pci_entries' exists
# and its respective values are not empty
if data.get('pci_entries', None):
# Form device list from raw data
device_list = [{item.pop('device'): item}
for item in data.get('pci_entries')]
self._nic_device_map = {item.keys()[0]: item.get(item.keys()[0])
for item in device_list}
def _set_device_up(self, device_name):
# Execute ip link show command to find out the interface is up/down
command = "ip link show %s | awk 'NR==1{print $9; exit}'"\
% device_name
output = os.popen(command).read().rstrip()
# If interface is down, make it up
if output == 'DOWN':
cmd = "ip link set %s up" % device_name
return os.system(cmd)
else:
# Interface is already up skip it
return SKIPPED
def config_VFs(self, request, device):
# Calls the device specific script to configure VFs
# Form the command and arguments
command = os.path.join(self.UDEV_DIR, device['config_script'])
args = "%s %s %s configure %s %s" \
% (device['distro'], request.device_name,
str(device['vf_count']), device['bus_address'],
str(device['port_num']))
# VFs on system device get configured with the value in the database
result1 = os.system("%s %s" % (command, args))
# Make the device up if it is down
if result1 != FAILURE:
result2 = self._set_device_up(request.device_name)
if result2 != FAILURE:
return SUCCESS
syslog.syslog(syslog.LOG_ERR,
'Configuring device with address %s failed'
% request.device_address)
return FAILURE
# This python script requires an command line argument which
# is the form of "/devices/pci0000:00/0000:00:02.0/0000:05:00.0/net/hed1"
# where "0000:05:00.0" represents the address and "hed1"
# represents the device name.
#
# It also has dependency on the db file named
# 'network-pci.yml' which contains the
# device details in the following yaml format
# pci_entries:
# - 'device': 'hed1'
# 'config_script': '8086_10fb.sh'
# 'vf_count': '10'
# 'bus_address': '0000:05:00.0'
# 'port_num': '0'
# 'device_id': '10fb'
# 'distro': 'Debian'
def main():
# A valid device create request
request = udev_pci_request(sys.argv[1])
pci_db = network_pci_database()
name = request.device_name
if name and name in pci_db._nic_device_map:
# Configure the VF setting for this device
return pci_db.config_VFs(request,
pci_db._nic_device_map.get(name))
syslog.syslog(syslog.LOG_ERR,
'Unknown device: %s, VFs not configured' % name)
return FAILURE
main()
0707010019D01F000081ED0000000000000000000000015B32C86200002EB5000000FD0000000200000000000000000000005A00000000ardana-osconfig-8.0+git.1530054754.b943409/roles/osconfig-network-pci/files/connect-x3.sh#!/bin/bash
#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# Usage: connect-x3.sh <Distro> <device-name> <vf-count> <operation> <bus_address> <port_num>
# e.g. connect-x3.sh Debian eth7 10 configure 0000:04:00.0 1
#########################################################################
# Variables shared between functions
#########################################################################
export MLX_CORE_CONF="/etc/modprobe.d/mlx4_core.conf"
export SCRIPT
export DISTRO
export DEVICE
export VF_COUNT
export OPERATION
export BUS_ADDRESS
export PORT_NUM
export DEVICE_ID
#SUCCESS 0; FAILURE 1; SKIPPED 2
export EXIT_STATUS_SUCCESS=0
export EXIT_STATUS_FAILED=1
export EXIT_STATUS_SKIPPED=2
export EXIT_STATUS=$EXIT_STATUS_SUCCESS
# log a message identifying this script
log_msg() {
logger "$SCRIPT: $1"
}
# Initialise port number value when empty and check the device status
init() {
if [ -z $PORT_NUM ]; then
PORT_NUM=0
fi
dev_id=$( cat /sys/bus/pci/devices/$BUS_ADDRESS/device )
DEVICE_ID=${dev_id:2}
}
# Unload mlx4_en and mlx4_ib drivers.
unload_mlx4_drivers() {
log_msg "unload mlx4_en driver"
if [ `lsmod | grep mlx4_en | cut -f1 -d ' ' | grep mlx4_en` ]; then
modprobe -r mlx4_en
fi
log_msg "unload mlx4_ib driver"
if [ `lsmod | grep mlx4_ib | cut -f1 -d ' ' | grep mlx4_ib` ]; then
modprobe -r mlx4_ib
fi
}
# Check if vfs are configured in the existing vf by checking if it contains non-zero digits
# - If yes, return 0 - e.g. vf="0;6" returns 0
# - Else, return 1 - e.g. vf="0;0" returns 1
is_vf_configured() {
if [[ `echo $1 | grep -o '[1-9]*'` ]]
then
return 0
else
return 1
fi
}
extend_vf_array() {
array_size=${#VFS_ARRAY[@]}
pos=`expr $PORT_NUM + 1`
if (( $pos > $array_size ))
then
diff=`expr $pos - $array_size`
i=0
while [ $i -lt $diff ]
do
VFS_ARRAY+=('0')
i=`expr $i + 1`
done
fi
}
extend_port_type_array() {
array_size=${#PORT_TYPE_ARRAY[@]}
pos=`expr $PORT_NUM + 1`
if (( $pos > $array_size ))
then
diff=`expr $pos - $array_size`
i=0
while [ $i -lt $diff ]
do
PORT_TYPE_ARRAY+=('2')
i=`expr $i + 1`
done
fi
}
# Pre configure to flush the VFs values to 0 if the entry exists in MLX_CORE_CONF file
pre_configure() {
if [[ -f $MLX_CORE_CONF && $DEVICE_ID -eq 1007 ]]
then
if grep "$BUS_ADDRESS/*" $MLX_CORE_CONF
then
num_vf=`grep -o "num_vfs.*" $MLX_CORE_CONF`
# Fetching the existing vf value, e.g.-0000:04:00.0-0;4
existing_vfs=`echo $num_vf | grep -o "$BUS_ADDRESS[^ ]*"`
vfs=`echo $existing_vfs | cut -d '-' -f2`
# Prepare VF array for initializing
IFS=';' read -r -a VFS_ARRAY <<< $vfs
# Get port type array
port_array=$(grep -o "port_type_array=[^ ]*" $MLX_CORE_CONF)
existing_port_types=`echo $port_array | grep -o "$BUS_ADDRESS[^ ]*"`
old_port_array=`echo $existing_port_types | cut -d '-' -f2`
# Prepare PORT TYPE array for initializing
IFS=';' read -r -a PORT_TYPE_ARRAY <<< $old_port_array
array_size=${#VFS_ARRAY[@]}
i=0
while [ $i -lt $array_size ]
do
VFS_ARRAY[$i]='0'
i=`expr $i + 1`
done
extend_vf_array
extend_port_type_array
# Initialize the vf configuration
final_vf=$(IFS=";" ; echo "${VFS_ARRAY[*]}")
vf_str="$BUS_ADDRESS-${final_vf}"
sed -i "s/${existing_vfs}/${vf_str}/g" $MLX_CORE_CONF
# Update port_type_array
final_port_array=$(IFS=";" ; echo "${PORT_TYPE_ARRAY[*]}")
port_str="$BUS_ADDRESS-${final_port_array}"
sed -i "s/${existing_port_types}/${port_str}/g" $MLX_CORE_CONF
else
# BUS_ADDRESS does not exist in the MLX_CORE_CONF file
log_msg "Pre-configure: Skipped for $BUS_ADDRESS as the bus address does not exist in $MLX_CORE_CONF"
fi
else
log_msg "Pre-configure: Skipped for $BUS_ADDRESS as either $MLX_CORE_CONF not found, or it is unsupported device $DEVICE_ID"
fi
}
# This function updates existing VF configuration for multiport device with ID 1007,
# and is called only if there is a change in the vf-count for the specified port.
# This function is expected to do the following :
# - Update the existing VF configuration to reflect the current request for the port.
# For e.g. num_vfs=0000:04:00.0-1;0, for the case where vf-count of 1 is specified for port
# number 0 in the request.
# For e.g. num_vfs=0000:04:00.0-0;2, for the case where vf-count of 2 is specified for port
# number 1 in the request.
# - Check and fail if vfs exists on other ports of the same bus address.
configure_vfs() {
vf=$1
existing_vfs=$2
if is_vf_configured $vf;
then
IFS=';' read -r -a vfs_array <<< $vf
log_msg "Configure: Updating $MLX_CORE_CONF file for Device Id - $DEVICE_ID"
# Update the num of vfs only if configuration is already done for that port
if [ ${vfs_array[$PORT_NUM]} -eq 0 ]
then
log_msg "Configure: Device Id 1007 does not support VF creation on multiple ports of the same card."
EXIT_STATUS=$EXIT_STATUS_FAILED
exit $EXIT_STATUS
fi
fi
sed -i "s/${existing_vfs}/${NUM_VFS}/g" $MLX_CORE_CONF
# Get port type array
port_array=$(grep -o "port_type_array=[^ ]*" $MLX_CORE_CONF)
existing_port_types=`echo $port_array | grep -o "$BUS_ADDRESS[^ ]*"`
old_port_array=`echo $existing_port_types | cut -d '-' -f2`
# Update port_type_array
sed -i "s/${existing_port_types}/$PORT_TYPE_ARRAY/g" $MLX_CORE_CONF
log_msg "Configure: $MLX_CORE_CONF file updated for $DEVICE and $BUS_ADDRESS"
}
# This function creates vf configuration if it doesn't exists. It skips the configuration
# if there is no change required or else updates the existing configuration.
# This function is expected to do the following :
# - Check for the device id and call appropriate functions to handle VF creation.
# - Maintain idempotency with respect to vf counts.
configure() {
PORT_TYPE_ETHERNET=2
# e.g. In case of ethernet, num_vfs=0000:04:00.0-0;4 and port_type_array=0000:04:00.0-2;2
i=0
ports=$PORT_NUM
if (( $PORT_NUM % 2 == 0 ));
then
ports=`expr $PORT_NUM + 1`
fi
while [ $i -le $ports ]
do
vf_array[i]=0
port_array[i]=$PORT_TYPE_ETHERNET
if [[ $i = $PORT_NUM ]]; then
vf_array[i]=$VF_COUNT
fi
i=`expr $i + 1`
done
vf=$(IFS=";" ; echo "${vf_array[*]}")
port=$(IFS=";" ; echo "${port_array[*]}")
NUM_VFS="$BUS_ADDRESS-$vf"
PORT_TYPE_ARRAY="$BUS_ADDRESS-$port"
VIRT_FUN="options mlx4_core port_type_array=$PORT_TYPE_ARRAY num_vfs=$NUM_VFS enable_64b_cqe_eqe=0 log_num_mgm_entry_size=-1"
if [ -f $MLX_CORE_CONF ]
then
if grep -Fq "$BUS_ADDRESS" $MLX_CORE_CONF
then
# VF configuration exists. Update it
vfs=$(grep -o "num_vfs.*" $MLX_CORE_CONF)
# Fetching the existing vf value, e.g.-0000:04:00.0-0;4
existing_vfs=`echo $vfs | grep -o "$BUS_ADDRESS[^ ]*"`
old_vf=`echo $existing_vfs | cut -d '-' -f2`
if [ "$existing_vfs" = "$NUM_VFS" ]
then
log_msg "Configure: Skipped for $DEVICE and $BUS_ADDRESS"
EXIT_STATUS=$EXIT_STATUS_SKIPPED
# Device Id 1007 has a limitation that it cannot handle VFs creation across multiple ports of the same card.
elif [[ $DEVICE_ID -eq 1007 ]]
then
log_msg "Configure: Device $DEVICE already configured. Updating."
configure_vfs $old_vf $existing_vfs
else
log_msg "Configure: Device $DEVICE with device id $DEVICE_ID not supported "
EXIT_STATUS=$EXIT_STATUS_SKIPPED
fi
# If values for num_vfs and port_array already exists then prepending new
# values to the existing value
elif vf_num=$(grep -o "num_vfs=[^ ]*" $MLX_CORE_CONF)
then
# VF configuration does not exist. Write the one requested.
log_msg "Configure: Device $DEVICE not configured for VF. Creating."
old_vfs=`echo $vf_num | cut -d '=' -f2`
#Fetching the previous port_type_array value, eg-0000:04:00.0-2;2
port_array=$(grep -o "port_type_array=[^ ]*" $MLX_CORE_CONF)
old_port_array=`echo $port_array | cut -d '=' -f2`
new_vfs="$NUM_VFS $old_vfs"
new_port_array="$PORT_TYPE_ARRAY $old_port_array"
sed -i "s/${old_vfs}/${new_vfs}/g" $MLX_CORE_CONF
sed -i "s/${old_port_array}/${new_port_array}/g" $MLX_CORE_CONF
log_msg "Configure: $MLX_CORE_CONF file updated for $DEVICE and $BUS_ADDRESS"
else
echo $VIRT_FUN | tee $MLX_CORE_CONF
log_msg "Configure: $MLX_CORE_CONF file updated for $DEVICE and $BUS_ADDRESS"
fi
else
# Config file does not exist. Create it.
log_msg "Configure: Creating $MLX_CORE_CONF file"
touch $MLX_CORE_CONF
chmod 644 $MLX_CORE_CONF
echo $VIRT_FUN | tee $MLX_CORE_CONF
log_msg "Configure: $MLX_CORE_CONF file updated for $DEVICE and $BUS_ADDRESS"
fi
# If VF count got updated for success, or skipped case (vf_count = 0), then
# reload the required drivers.
if (( (EXIT_STATUS == EXIT_STATUS_SUCCESS) || (EXIT_STATUS == EXIT_STATUS_SKIPPED && VF_COUNT == 0) ))
then
if [[ $VF_COUNT > 0 ]]
then
update-initramfs -k all -t -u
fi
unload_mlx4_drivers
modprobe mlx4_en
# Bring up the interface that is impacted
if [[ ! `ip link show $DEVICE up` ]]
then
ip link set $DEVICE up
fi
fi
# At this stage EXIT_STATUS can have 2 values EXIT_STATUS_SKIPPED or EXIT_STATUS_SUCCESS
# Since this script is called from system, we do not want to sent FAILED status hence
# setting the EXIT_STATUS to SUCCESS
EXIT_STATUS=$EXIT_STATUS_SUCCESS
}
SCRIPT=$0
DISTRO=$1
DEVICE=$2
VF_COUNT=$3
OPERATION=$4
BUS_ADDRESS=$5
PORT_NUM=$6
if [ "$DISTRO" == "Debian" ]; then
case $OPERATION in
'pre_configure')
init
log_msg "Pre-configure: $DEVICE"
pre_configure
log_msg "Pre-configure: Successfully completed for $DEVICE"
;;
'configure')
init
log_msg "Configure: $DEVICE"
configure
if [[ "$EXIT_STATUS" == "$EXIT_STATUS_SUCCESS" ]];then
log_msg "Configure: Successfully completed for $DEVICE"
fi
;;
'post_configure')
log_msg "Post-configure: Successfully completed."
;;
*)
log_msg "Unknown Operation: $OPERATION"
EXIT_STATUS=$EXIT_STATUS_FAILED
;;
esac
else
log_msg "Unsupported distro: $DISTRO"
EXIT_STATUS=$EXIT_STATUS_FAILED
fi
exit $EXIT_STATUS0707010019D021000081A40000000000000000000000015B32C86200000D4E000000FD0000000200000000000000000000005B00000000ardana-osconfig-8.0+git.1530054754.b943409/roles/osconfig-network-pci/files/intel-82599.sh#!/bin/bash
#
# (c) Copyright 2016-2017 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# Usage: intel-82599.sh <Distro> <device-name> <vf-count> <operation>
# e.g. intel-82599.sh Debian eth7 10 configure
#########################################################################
# Variables shared between functions
#########################################################################
export HLINUX_SYSPATH="/sys/class/net"
export INTEL_VFDRIVER_CONF="/etc/modprobe.d/blacklist-ixgbevf.conf"
export BLACKLIST="blacklist ixgbevf"
export DISTRO
export OPERATION
export DEVICE
export VF_COUNT
export DEV_FILE
export CONFIG_RUN_SKIPPED=0
# SUCCESS 0;FAILURE 1; SKIPPED=2
export EXIT_STATUS_SUCCESS=0
export EXIT_STATUS_FAILED=1
export EXIT_STATUS_SKIPPED=2
export EXIT_STATUS=$EXIT_STATUS_SUCCESS
# log a message identifying this script
log_msg() {
logger "$SCRIPT: $1"
}
# Unload ixgbevf driver and blacklist this driver.
unload_ixgbevf() {
local module="ixgbevf"
# update $INTEL_VFDRIVER_CONF file to make ixgbevf driver never
# load across re-boots
if ! grep $BLACKLIST $INTEL_VFDRIVER_CONF; then
echo $BLACKLIST | tee $INTEL_VFDRIVER_CONF
fi
if [ `lsmod | grep $module | cut -f1 -d ' '` ]; then
modprobe -r $module
fi
}
# Pre-configure steps
pre_configure() {
unload_ixgbevf
EXIT_STATUS=$EXIT_STATUS_SUCCESS
}
# is the setting already correct?
is_configure_required() {
if [ -f $DEV_FILE ]; then
CONFIG_RUN_SKIPPED=0
value=$(< $DEV_FILE)
if [[ $value == $VF_COUNT ]]; then
CONFIG_RUN_SKIPPED=1
fi
fi
}
# Update the active 'num_vfs' file
configure() {
is_configure_required
if [[ $CONFIG_RUN_SKIPPED == 1 ]]; then
EXIT_STATUS=$EXIT_STATUS_SKIPPED
log_msg "Configure: Skipped for $DEVICE"
else
log_msg "Configure: $DEV_FILE updated for $DEVICE"
echo "0" | tee $DEV_FILE
echo $VF_COUNT | tee $DEV_FILE
EXIT_STATUS=$EXIT_STATUS_SUCCESS
log_msg "Configure: Successfully completed for $DEVICE"
fi
}
SCRIPT=$0
DISTRO=$1
DEVICE=$2
VF_COUNT=$3
OPERATION=$4
DEV_FILE=$HLINUX_SYSPATH/$DEVICE/device/sriov_numvfs
if [ "$DISTRO" == "Debian" ] || [ "$DISTRO" == "RedHat" ] || [ "$DISTRO" == "Suse" ]; then
case $OPERATION in
'pre_configure')
log_msg "Pre-configure"
pre_configure
;;
'configure')
log_msg "Configure: $DEVICE"
configure
;;
'post_configure')
log_msg "Post-configure: Successfully completed."
;;
*)
log_msg "Unknown Operation: $OPERATION"
EXIT_STATUS=$EXIT_STATUS_FAILED
;;
esac
else
log_msg "Unsupported distro: $DISTRO"
EXIT_STATUS=$EXIT_STATUS_FAILED
fi
exit $EXIT_STATUS
0707010019D022000041ED0000000000000000000000025B32C86200000000000000FD0000000200000000000000000000004C00000000ardana-osconfig-8.0+git.1530054754.b943409/roles/osconfig-network-pci/tasks0707010019D023000081A40000000000000000000000015B32C8620000098A000000FD0000000200000000000000000000005C00000000ardana-osconfig-8.0+git.1530054754.b943409/roles/osconfig-network-pci/tasks/_write_conf.yml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- name: osconfig-network-pci | _write_conf |
Check for pre-existing version of network-pci.yml
stat: path="{{ dest }}"
register: conf_stat_result
- name: osconfig-network-pci | _write_conf |
Fetch network-pci.yml file from the target host
become: yes
fetch: src={{ dest }} dest=roles/osconfig-network-pci/vars/{{ inventory_hostname }} flat=yes
when: conf_stat_result.stat.exists
- name: osconfig-network-pci | _write_conf |
Read network-pci.yml file
include_vars: '{{ inventory_hostname }}'
when: conf_stat_result.stat.exists
- name: osconfig-network-pci | _write_conf | Check for additions or changes in PCI interfaces
set_fact: is_pci_changed="{{ sriov_interfaces | pci_changed(pci_entries|default([])) }}"
- name: osconfig-network-pci | _write_conf |
Prepare a list of interfaces for which stale VFs are to be cleared
set_fact: pci_deleted="{{ sriov_interfaces | pci_deleted(pci_entries|default([])) }}"
- name: osconfig-network-pci | _write_conf |
Get a list of config scripts required for post-configure operation
set_fact: post_config_script_list="{{ sriov_interfaces | pci_config_script_list(pci_entries|default([])) | unique }}"
- name: osconfig-network-pci | _write_conf | Template /etc/udev/network-pci.yml
become: yes
template:
src: "{{ src }}"
dest: "{{ dest }}"
owner: root
group: root
mode: 0644
when: sriov_interfaces != []
- name: osconfig-network-pci | _write_conf |
Delete local network-pci.yml file
local_action: file path=roles/osconfig-network-pci/vars/{{ inventory_hostname }} state=absent
- name: osconfig-network-pci | _write_conf |
Delete network-pci.yml file on the remote host if no SRIOV interfaces found
become: yes
file: path={{ dest }} state=absent
when: sriov_interfaces == []
0707010019D026000081A40000000000000000000000015B32C86200000DFC000000FD0000000200000000000000000000005A00000000ardana-osconfig-8.0+git.1530054754.b943409/roles/osconfig-network-pci/tasks/configure.yml# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
---
- name: osconfig-network-pci | configure | Copy the PCI configuration script to hosts
become: yes
copy:
src: "../files/ardana_network_pci.py"
dest: "/etc/udev/ardana_network_pci.py"
owner: root
group: root
mode: 0755
register: network_pci_file_result
when: sriov_interfaces is defined and sriov_interfaces != []
- name: osconfig-network-pci | configure | Copy config_scripts to hosts
become: yes
copy:
src: "../files/{{ item }}"
dest: "{{ udev_dir }}"
owner: root
group: root
mode: 0755
register: config_script_result
with_items: config_scripts
- name: osconfig-network-pci | configure | Create network-pci context
include: _write_conf.yml
src: "../templates/network-pci.j2"
dest: "{{ udev_dir }}/network-pci.yml"
- name: osconfig-network-pci | configure |
Set network_pci_restart_required for later use
set_fact: network_pci_restart_required="{{ network_pci_file_result.changed or config_script_result.changed or is_pci_changed }}"
when: sriov_interfaces is defined and sriov_interfaces != []
- name: osconfig-network-pci | configure |
Get a list of interfaces required for pre-configure operation
set_fact: preconfigure_list="{{ sriov_interfaces | default([]) | pci_add_update_delete_list(pci_entries|default([])) }}"
- name: osconfig-network-pci | configure |
Pre-configure operation for added/modified/deleted interfaces for simple port
become: yes
script: "{{ item.config_script }} {{ ansible_os_family }} \
{{ item.device }} {{ item.vf_count }} pre_configure \
{{ item.bus_address }} \
{{ item.port_num }}"
when: item.port_num is defined
with_items: preconfigure_list
- name: osconfig-network-pci | configure |
Pre-configure operation for added/modified/deleted interfaces for simple port
become: yes
script: "{{ item.config_script }} {{ ansible_os_family }} \
{{ item.device }} {{ item.vf_count }} pre_configure \
{{ item.bus_address }} \
'0'"
when: item.port_num is not defined and item.port_attributes is not defined
with_items: preconfigure_list
- name: osconfig-network-pci | configure |
Pre-configure operation for added/modified/deleted interfaces for multi port
become: yes
script: "{{ item.config_script }} {{ ansible_os_family }} \
{{ item.device }} {{ item.vf_count }} pre_configure \
{{ item.bus_address }} \
{{ item.port_attributes.port_num }}"
when: item.port_attributes is defined
with_items: preconfigure_list
- name: osconfig-network-pci | configure |
Delete stale VFs on interfaces that are now made as non-PCI interfaces
become: yes
script: "{{ item.config_script }} {{ item.distro }} \
{{ item.device }} '0' 'configure' \
{{ item.bus_address }} \
{{ item.port_num }}"
with_items: pci_deleted
when: pci_deleted is defined
0707010019D025000081A40000000000000000000000015B32C862000007B4000000FD0000000200000000000000000000005800000000ardana-osconfig-8.0+git.1530054754.b943409/roles/osconfig-network-pci/tasks/install.yml# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
---
- name: osconfig-network-pci | install | Validate the requested configuration
include: validate.yml
- name: osconfig-network-pci | install | Debian - Determine the extra PCI drivers
set_fact: packages="{{ network_pci_pt_sriov_interfaces | pci_packages( pci_extra.packages ) | unique }}"
when: ansible_os_family == 'Debian'
- name: osconfig-network-pci | install | Debian - Search for extra PCI packages
become: yes
shell: >
/usr/bin/apt-cache search {{ item }} | cut -f1 -d " "
register: pkg_search_result
with_items: packages
when: ansible_os_family == 'Debian'
- name: osconfig-network-pci | install | Debian - Install extra PCI packages
become: yes
apt:
name: "{{ item.stdout }}"
install_recommends: no
state: latest
force: yes
with_items: pkg_search_result.results
when: ansible_os_family == 'Debian' and item.stdout is defined and item.stdout != ""
- name: osconfig-network-pci | install | Debian - Get list of modules
set_fact: modules="{{ network_pci_pt_sriov_interfaces | pci_modules( pci_extra.packages ) }}"
when: ansible_os_family == 'Debian'
- name: osconfig-network-pci | install | Debian - Load the modules
become: yes
modprobe:
name: "{{ item }}"
state: present
with_items: modules
when: ansible_os_family == 'Debian'
0707010019D024000081A40000000000000000000000015B32C862000004DE000000FD0000000200000000000000000000005900000000ardana-osconfig-8.0+git.1530054754.b943409/roles/osconfig-network-pci/tasks/validate.yml# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
---
- name: osconfig-network-pci | validate | Include local vars
include_vars: 'pci_debian.yml'
- name: osconfig-network-pci | validate | Validate multi-port interfaces
set_fact: validate_mp_interfaces="{{ multi_port_sriov_interfaces | default([]) | pci_validate_multi_port_interfaces( pci_extra.config_scripts ) }}"
when: ansible_os_family == 'Debian'
- name: osconfig-network-pci | validate | Fail if validation failed
fail: msg="{{ validate_mp_interfaces }}"
when: validate_mp_interfaces is defined and validate_mp_interfaces != "" and ansible_os_family == 'Debian'
0707010019D027000041ED0000000000000000000000025B32C86200000000000000FD0000000200000000000000000000005000000000ardana-osconfig-8.0+git.1530054754.b943409/roles/osconfig-network-pci/templates0707010019D028000081A40000000000000000000000015B32C86200000548000000FD0000000200000000000000000000005F00000000ardana-osconfig-8.0+git.1530054754.b943409/roles/osconfig-network-pci/templates/network-pci.j2{#
#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
#}
{{ pci_file_marker }}
{% if sriov_interfaces is defined and sriov_interfaces %}
pci_entries:
{% for interface in sriov_interfaces %}
- 'device': {{'\''}}{{ interface.device }}{{'\''}}
'config_script': {{'\''}}{{ interface.config_script }}{{'\''}}
'vf_count': {{'\''}}{{ interface.vf_count }}{{'\''}}
'bus_address': {{'\''}}{{ interface.bus_address }}{{'\''}}
{% if interface.type == 'simple-port' %}
'port_num': {{'\''}}0{{'\''}}
{% else %}
'port_num': {{'\''}}{{ interface.port_attributes.port_num }}{{'\''}}
{% endif %}
'device_id': {{'\''}}{{ interface.nic_device_type.device_id }}{{'\''}}
'distro': {{'\''}}{{ ansible_os_family }}{{'\''}}
{% endfor %}
{% endif %}
0707010019D01C000041ED0000000000000000000000025B32C86200000000000000FD0000000200000000000000000000004B00000000ardana-osconfig-8.0+git.1530054754.b943409/roles/osconfig-network-pci/vars0707010019D01D000081A40000000000000000000000015B32C86200000364000000FD0000000200000000000000000000005A00000000ardana-osconfig-8.0+git.1530054754.b943409/roles/osconfig-network-pci/vars/pci_debian.yml# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
---
pci_extra:
packages:
- mlnx-ofed-modules:
modules:
- mlx4_en
drivers:
- mlx4
config_scripts:
- name: connect-x3.sh
multi_vf_allowed: 'false'
0707010019D038000041ED0000000000000000000000045B32C86200000000000000FD0000000200000000000000000000004500000000ardana-osconfig-8.0+git.1530054754.b943409/roles/osconfig-ntp-client0707010019D039000041ED0000000000000000000000025B32C86200000000000000FD0000000200000000000000000000004B00000000ardana-osconfig-8.0+git.1530054754.b943409/roles/osconfig-ntp-client/tasks0707010019D03C000081A40000000000000000000000015B32C86200000622000000FD0000000200000000000000000000005900000000ardana-osconfig-8.0+git.1530054754.b943409/roles/osconfig-ntp-client/tasks/configure.yml#
# (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# Playbook for configuring ntp client settings
---
- include_vars: "../../osconfig-common/vars/{{ ansible_os_family | lower }}.yml"
- name: osconfig-ntp-client| configure | Verify ntp servers are accessible
become: yes
command: /usr/sbin/ntpdate -v -q {{ item.host }}
when: not (ardana_notify_osconfig_ntp_restart_required is not defined)
and ardana_notify_osconfig_ntp_restart_required.changed and
ntp_restarted is not defined
with_items: NTP_CLI.consumes_NTP_SVR.members.private
register: ntpdate_result
until: ntpdate_result | success
retries: 120
delay: 2
- name: osconfig-ntp-client | configure | Stop ntp so time can be updated
become: yes
service:
name: "{{ ntp_service_name }}"
state: stopped
when: not (ardana_notify_osconfig_ntp_restart_required is not defined)
and ardana_notify_osconfig_ntp_restart_required.changed and
ntp_restarted is not defined
0707010019D03B000081A40000000000000000000000015B32C86200000661000000FD0000000200000000000000000000005700000000ardana-osconfig-8.0+git.1530054754.b943409/roles/osconfig-ntp-client/tasks/install.yml#
# (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017-2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# Playbook for installing ntp client software
---
- include_vars: "../../osconfig-common/vars/{{ ansible_os_family | lower }}.yml"
- name: osconfig-ntp-client | install | Determine iface ips for ntp servers
shell: |
ip route get "{{ item.ip_address }}" |
awk '$(NF-1) == "src" {print $NF}'
with_items: NTP_CLI.consumes_NTP_SVR.members.private
register: ntp_svr_ip_route_get_results
- name: osconfig-ntp-client | install | Extract unique list of iface ips
set_fact:
ntp_client_listen_ifaces: "{{ ntp_svr_ip_route_get_results.results |
map(attribute='stdout') | list | unique }}"
- name: osconfig-ntp-client | install | Create ntp configuration file
become: yes
template: src=ntp.conf.j2 dest=/etc/ntp.conf
register: ardana_notify_osconfig_ntp_restart_required
- name: osconfig-ntp-client | install | Install required packages
become: yes
package:
name: "{{ item }}"
state: present
with_items: ntp_cli_pkgs
0707010019D03A000081A40000000000000000000000015B32C86200000916000000FD0000000200000000000000000000005500000000ardana-osconfig-8.0+git.1530054754.b943409/roles/osconfig-ntp-client/tasks/start.yml#
# (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# Playbook for starting the ntp client service
---
- include_vars: "../../osconfig-common/vars/{{ ansible_os_family | lower }}.yml"
- name: osconfig-ntp-client | start | Update system time to ntp server time
become: yes
command: /usr/sbin/ntpdate -v -b {{ NTP_CLI.consumes_NTP_SVR.members.private[0].host }}
when: not (ardana_notify_osconfig_ntp_restart_required is not defined)
and ardana_notify_osconfig_ntp_restart_required.changed and
ntp_restarted is not defined
- name: osconfig-ntp-client | start | Update the hardware clock with system time
become: yes
command: /sbin/hwclock --systohc
when: not (ardana_notify_osconfig_ntp_restart_required is not defined)
and ardana_notify_osconfig_ntp_restart_required.changed and
ntp_restarted is not defined
- name: osconfig-ntp-client | start | Restart ntp service
become: yes
service:
name: "{{ ntp_service_name }}"
state: restarted
when: not (ardana_notify_osconfig_ntp_restart_required is not defined)
and ardana_notify_osconfig_ntp_restart_required.changed and
ntp_restarted is not defined
register: ntp_restarted
- name: osconfig-ntp-client | start | Start and enable ntp service
become: yes
service:
name: "{{ ntp_service_name }}"
state: running
enabled: yes
- name: osconfig-ntp-client | start | Restart services that are affected by time changing
service:
name: "{{ item }}"
state: restarted
enabled: yes
become: yes
with_items:
- rsyslog
when: ardana_notify_osconfig_ntp_restart_required is defined
and ardana_notify_osconfig_ntp_restart_required.changed and
ntp_restarted is not defined
0707010019D03D000041ED0000000000000000000000025B32C86200000000000000FD0000000200000000000000000000004F00000000ardana-osconfig-8.0+git.1530054754.b943409/roles/osconfig-ntp-client/templates0707010019D03E000081A40000000000000000000000015B32C86200000747000000FD0000000200000000000000000000005B00000000ardana-osconfig-8.0+git.1530054754.b943409/roles/osconfig-ntp-client/templates/ntp.conf.j2{#
#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017-2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
#}
# /etc/ntp.conf, configuration for ntpd; see ntp.conf(5) for help
driftfile /var/lib/ntp/ntp.drift
# Enable this if you want statistics to be logged.
#statsdir /var/log/ntpstats/
statistics loopstats peerstats clockstats
filegen loopstats file loopstats type none enable
filegen peerstats file peerstats type none enable
filegen clockstats file clockstats type none enable
# By default, exchange time with everybody, but don't allow configuration.
restrict -4 default kod notrap nomodify nopeer noquery
restrict -6 default kod notrap nomodify nopeer noquery
# Local users may interrogate the ntp server more closely.
restrict 127.0.0.1
restrict ::1
# Remote NTP server(s) to synchronize with.
{% for item in NTP_CLI.consumes_NTP_SVR.members.private %}
server {{ item.host }}
{% endfor %}
# Listen only on interfaces needed to access NTP server(s)
{% for item in ntp_client_listen_ifaces %}
interface listen {{ item }}
{% endfor %}
# Specify the internal hardware clock as a reference clock.
# Set a high stratum so this is only used if all external clocks fail.
# This will mitigate skew until external clocks return to service.
server 127.127.1.0 # local clock address
fudge 127.127.1.0 stratum 10
0707010019D06C000041ED0000000000000000000000045B32C86200000000000000FD0000000200000000000000000000004500000000ardana-osconfig-8.0+git.1530054754.b943409/roles/osconfig-ntp-server0707010019D06D000041ED0000000000000000000000025B32C86200000000000000FD0000000200000000000000000000004B00000000ardana-osconfig-8.0+git.1530054754.b943409/roles/osconfig-ntp-server/tasks0707010019D070000081A40000000000000000000000015B32C86200000685000000FD0000000200000000000000000000005900000000ardana-osconfig-8.0+git.1530054754.b943409/roles/osconfig-ntp-server/tasks/configure.yml#
# (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# Playbook for configuring ntp server settings
- include_vars: "../../osconfig-common/vars/{{ ansible_os_family | lower }}.yml"
- name: osconfig-ntp-server | configure | Verify ntp servers are accessible
become: yes
command: /usr/sbin/ntpdate -q {{ ntp_servers | join(' ') }}
when: not (ardana_notify_osconfig_ntp_restart_required is not defined)
and ardana_notify_osconfig_ntp_restart_required.changed and
ntp_restarted is not defined
register: ntpdate_result
until: ntpdate_result | success
retries: 120
delay: 2
- name: osconfig-ntp-server | configure | Record ntp server responses
debug:
var: ntpdate_result.stdout_lines
when: ntpdate_result | success
- name: osconfig-ntp-server | configure | Stop ntp so time can be updated
become: yes
service:
name={{ ntp_service_name }}
state=stopped
when: not (ardana_notify_osconfig_ntp_restart_required is not defined)
and ardana_notify_osconfig_ntp_restart_required.changed and
ntp_restarted is not defined
0707010019D06F000081A40000000000000000000000015B32C8620000046A000000FD0000000200000000000000000000005700000000ardana-osconfig-8.0+git.1530054754.b943409/roles/osconfig-ntp-server/tasks/install.yml#
# (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017-2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# Playbook for installing ntp server software
---
- include_vars: "../../osconfig-common/vars/{{ ansible_os_family | lower }}.yml"
- name: osconfig-ntp-server | install | Create ntp configuration file
become: yes
template: src=ntp.conf.j2 dest=/etc/ntp.conf
register: ardana_notify_osconfig_ntp_restart_required
- name: osconfig-ntp-server | install | Install required packages
become: yes
package:
name: "{{ item }}"
state: present
with_items: ntp_srv_pkgs
0707010019D06E000081A40000000000000000000000015B32C86200000A2E000000FD0000000200000000000000000000005500000000ardana-osconfig-8.0+git.1530054754.b943409/roles/osconfig-ntp-server/tasks/start.yml#
# (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# Playbook for starting the ntp server service
- include_vars: "../../osconfig-common/vars/{{ ansible_os_family | lower }}.yml"
- name: osconfig-ntp-server | start | Update system time to ntp server time
become: yes
command: /usr/sbin/ntpdate -b {{ ntp_servers[0] }}
when: not (ardana_notify_osconfig_ntp_restart_required is not defined)
and ardana_notify_osconfig_ntp_restart_required.changed and
ntp_restarted is not defined
ignore_errors: true
- name: osconfig-ntp-server | start | Update the hardware clock with system time
become: yes
command: /sbin/hwclock --systohc
when: not (ardana_notify_osconfig_ntp_restart_required is not defined)
and ardana_notify_osconfig_ntp_restart_required.changed and
ntp_restarted is not defined
- name: osconfig-ntp-server | start | Restart ntp service
become: yes
service:
name: "{{ ntp_service_name }}"
state: restarted
when: not (ardana_notify_osconfig_ntp_restart_required is not defined)
and ardana_notify_osconfig_ntp_restart_required.changed and
ntp_restarted is not defined
register: ntp_restarted
- name: osconfig-ntp-server | start | Start and enable ntp service
become: yes
service:
name: "{{ ntp_service_name }}"
state: running
enabled: yes
- name: osconfig-ntp-server | start | Verify ntp service is responding
become: yes
command: /usr/sbin/ntpdate -q {{ ansible_ssh_host | default('localhost') }}
register: _osconfig_ntp_server_verify_responding
until: _osconfig_ntp_server_verify_responding | success
retries: 120
delay: 3
- name: osconfig-ntp-server | start | Restart services that are affected by time changing
service:
name: "{{ item }}"
state: restarted
enabled: yes
become: yes
with_items:
- rsyslog
when: ardana_notify_osconfig_ntp_restart_required is defined
and ardana_notify_osconfig_ntp_restart_required.changed and
ntp_restarted is not defined
0707010019D071000041ED0000000000000000000000025B32C86200000000000000FD0000000200000000000000000000004F00000000ardana-osconfig-8.0+git.1530054754.b943409/roles/osconfig-ntp-server/templates0707010019D072000081A40000000000000000000000015B32C86200000697000000FD0000000200000000000000000000005B00000000ardana-osconfig-8.0+git.1530054754.b943409/roles/osconfig-ntp-server/templates/ntp.conf.j2{#
#
# (c) Copyright 2015 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017-2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
#}
# /etc/ntp.conf, configuration for ntpd; see ntp.conf(5) for help
driftfile /var/lib/ntp/ntp.drift
# Enable this if you want statistics to be logged.
#statsdir /var/log/ntpstats/
statistics loopstats peerstats clockstats
filegen loopstats file loopstats type none enable
filegen peerstats file peerstats type none enable
filegen clockstats file clockstats type none enable
# By default, exchange time with everybody, but don't allow configuration.
restrict -4 default kod notrap nomodify nopeer noquery
restrict -6 default kod notrap nomodify nopeer noquery
# Local users may interrogate the ntp server more closely.
restrict 127.0.0.1
restrict ::1
# Remote NTP server(s) to synchronize with.
{% for item in ntp_servers %}
server {{ item }} iburst
{% endfor %}
# Specify the internal hardware clock as a reference clock.
# Set a high stratum so this is only used if all external clocks fail.
# This will mitigate skew until external clocks return to service.
server 127.127.1.0 # local clock address
fudge 127.127.1.0 stratum 10
0707010019D03F000041ED0000000000000000000000065B32C86200000000000000FD0000000200000000000000000000004000000000ardana-osconfig-8.0+git.1530054754.b943409/roles/osconfig-probe0707010019D042000041ED0000000000000000000000025B32C86200000000000000FD0000000200000000000000000000004800000000ardana-osconfig-8.0+git.1530054754.b943409/roles/osconfig-probe/library0707010019D043000081A40000000000000000000000015B32C862000045A5000000FD0000000200000000000000000000005100000000ardana-osconfig-8.0+git.1530054754.b943409/roles/osconfig-probe/library/probe.py#!/usr/bin/python
#
# (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
import glob
import json
import os
import re
import shlex
import subprocess
import sys
"""
Probe hardware/software and gather various information
Usage:
- become: true
probe: ipaddr=<ipaddr> hostname=<hostname>
The information is returned as 'ansible_facts' with the keys described
below. This allows code such as:
- name: Probe
probe:
- name: Dump BIOS release date
debug:
var="{{ ardana_dmi_data.ardana_dmi_data.bios_information[0].release_date }}"
Note: The ansible facts are returned as a dictionary where each item has
a key that in turn contains an item with the same key. The is so that when
used in a j2 file, the first item in the resulting file is the key. The
resulting file is modelled on input model files: a key containing an array
item, where the item contains a dict with ipaddr and hostname as keys. The
hostname item will be null if this is used before running the Ardana
Configuration Processor.
ardana_drive_configuration:
Lists the name and size of block devices. Each item
containing two items: name and bytes, where bytes is the size of the
block device in bytes.
Example (expressed as YAML):
ardana_drive_configuration:
ardana_drive_configuration:
- ipaddr: 10.0.0.0
hostname: whatever
drives:
- name: /dev/sda
bytes: 42949672960
partitions:
- name: sda1
bytes: 42949672960
- name: /dev/sdb
bytes: 20000000000
partitions: []
dmi_data:
Contains the output from dmidecode. All keys and data is lower-cased.
All top level keys are followed by an array -- frequently one. Each
item in the array is a dict that contains a 'handle' key, followed
by the keys from dmidecode.
Example (small subset):
ardana_dmi_data:
ardana_dmi_data:
- ipaddr: 10.0.0.0
hostname: whatever
dmidata:
system_information:
- _handle: _0x0001
manufacturer: hewlett-packard
product_name: hp_z620_workstation
serial_number: czc4361dq2
bios_information:
- _handle: _0x0000
bios_revision: '3.69'
characteristics:
'0': pci_is_supported
'1': pnp_is_supported
release_date: 03/25/2014
rom_size: 16384_kb
runtime_size: 64_kb
vendor: hewlett-packard
version: j61_v03.69
ardana_interface_configuration:
Contains a list of ethN devices. The link_detected key is always reported.
The speed and duplex keys may be absent.
Example:
ardana_interface_configuration:
ardana_interface_configuration:
- ipaddr: 10.0.0.0
hostname: whatever
interfaces:
- name: eth0
device:
name: eth0
state: UP
mac: fe:54:00:77:94:8f
link_detected: yes
- name: eth1
device:
name: eth1
state: UP
mac: b2:c9:43:3b:4a:99
link_detected: no
duplex: Full
speed: 1000Mb/s
ardana_meminfo:
Contains a dict of all items from /proc/meminfo.
Where needed, the units (e.g. kB) are specified.
Example (much redacted):
ardana_meminfo:
ardana_meminfo:
- ipaddr: 10.0.0.0
hostname: whatever
meminfo:
memtotal:
value: 505648
units: kB
hugepages_total:
value: 0
directmap4k:
value: 2048
units: kB
ardana_packages:
Contains a list of all packages installed on a server. Note the version
key is a string. Hence (in JSON) it is quoted.
Example:
ardana_packages:
ardana_packages:
- ipaddr: 10.0.0.0
hostname: whatever
packages:
- name: acl
status: ii
version: 2.2.52-2
section: utils
architecture: amd64
description: Access control list utilities
- name: init-system-helpers
status: ii
version: '1.14'
architecture: all
description: helper tools for all init systems
"""
def drive_configuration():
""" Get drive (block device) names and sizes """
block_devices = []
for device in os.listdir('/sys/block'):
if os.path.exists('/sys/block/%s/device' % device):
# Is a disk drive
with open('/sys/block/%s/size' % device) as dev:
sectors = dev.read()
with open('/sys/block/%s/queue/hw_sector_size' % device) as dev:
hw_sector_size = dev.read()
size = int(sectors) * int(hw_sector_size)
pathname = os.path.join('/dev', device)
partitions = []
for partition_number in range(1, 99):
partition_path = '/sys/block/%s/%s%s' % (device, device,
partition_number)
if os.path.exists(partition_path):
with open(os.path.join(partition_path, 'size')) as part:
partition_size = int(part.read()) * int(hw_sector_size)
partitions.append({
'partition': '%s%s' % (device, partition_number),
'bytes': partition_size})
block_devices.append({'name': pathname, 'bytes': size,
'partitions': partitions})
# Iterate through the multipath devices and assign sizes
mpath_devices = glob.glob("/dev/mapper/mpath*")
device_list=[]
dm_devs={}
for mdev in mpath_devices:
dm_dev = os.path.basename(os.path.realpath(mdev))
# The devices that have a "hold" on this device
# Could be a partition on an LVM volume
holders = os.listdir("/sys/block/%s/holders" % dm_dev)
slaves = os.listdir("/sys/block/%s/slaves" % dm_dev)
dev_entry = {"mdev": mdev, "dm_dev": dm_dev, "holders": holders,
"slaves": slaves, "partitions": []}
device_list.append(dev_entry)
with open('/sys/block/%s/size' % dm_dev) as dev:
sectors = dev.read()
with open('/sys/block/%s/queue/hw_sector_size' % dm_dev) as dev:
hw_sector_size = dev.read()
size = int(sectors) * int(hw_sector_size)
dm_devs[dm_dev] = {'name': mdev, 'bytes': size}
# Find and attach the partitions to the structure
for dev in device_list:
# since device can have no slaves or holders in which case it is empty
# set default to drive
dev["type"] = "drive"
for slave in dev["slaves"]:
# The slave is a multipath device
if slave in dm_devs.keys():
dev["type"] = "partition"
assert (len(dev["slaves"]) == 1), 'device %s: slaves !=1'%dev
partitions = []
for holder in dev["holders"]:
if holder in dm_devs.keys():
assert (dev["type"] == "drive"), 'device holder %s: type !=drive'%holder
my_partition = {'partition': dm_devs[holder]['name'],
'bytes': dm_devs[holder]['bytes']}
partitions.append(my_partition)
dev["partitions"] = partitions
# validation check
for dev in device_list:
assert (dev["type"] != ""), 'device %s: type = ""'%dev
# Add the multipath data to the existing list
for dev in device_list:
if dev["type"] == "drive":
dm_dev = dm_devs[dev["dm_dev"]]
block_devices.append({'name': dev['mdev'], 'bytes': dm_dev['bytes'],
'partitions': dev['partitions']})
return block_devices
def dmidecode():
""" Get dmidebode and lspci information """
hardware = {}
try:
output = subprocess.check_output(['/usr/sbin/dmidecode'])
except subprocess.CalledProcessError:
output = ''
state = 'need_handle'
for line in output.split('\n'):
if state == 'need_handle':
if line.startswith('Handle '):
handle = '_' + line[7:13]
state = 'need_dmi'
continue
if state == 'need_dmi':
dmi = line.lower().strip().replace(' ', '_')
if not hardware.get(dmi):
hardware[dmi] = {}
hardware[dmi][handle] = {}
state = 'need_attributes'
continue
if state == 'need_attributes':
if line.strip() == '':
state = 'need_handle'
else:
if ':' in line:
attr_val = line.split(':')
if len(attr_val[1]) > 1:
#print 'DEBUG: found value %s' %\
# attr_val[1].strip().lower().replace(' ', '_')
attr = attr_val[0].strip().lower().replace(' ', '_')
val = attr_val[1].strip().lower().replace(' ', '_')
hardware[dmi][handle][attr] = val
else:
attr = attr_val[0].strip().lower().replace(' ', '_')
state = 'reading_array'
hardware[dmi][handle][attr] = {}
idx = 0
else:
# Attribute value contains newline -- ignore
pass
continue
if state == 'reading_array':
if line.strip() == '':
state = 'need_handle'
elif ':' in line:
state = 'need_attributes'
attr_val = line.split(':')
attr = attr_val[0].strip().lower().replace(' ', '_')
val = attr_val[1].strip().lower().replace(' ', '_')
hardware[dmi][handle][attr] = val
else:
hardware[dmi][handle][attr][str(idx)] = \
line.strip().lower().replace(' ', '_')
idx += 1
continue
dmidata = {}
for key in hardware.keys():
dmidata[key] = []
for handle in hardware[key]:
newvalue = hardware.get(key).get(handle)
newvalue['_handle'] = handle
dmidata[key].append(newvalue)
return dmidata
def ip():
interfaces = []
try:
output = subprocess.check_output(['/sbin/ip', 'link'])
except subprocess.CalledProcessError:
output = ''
parser = 'need_name'
name = ''
state = ''
for line in output.split('\n'):
pieces = line.split()
if len(pieces) == 0:
continue
if parser == 'need_name':
name = pieces[1].split(':')[0]
state = pieces[8]
parser = 'need_mac'
else:
is_ether = False
if pieces[0] == 'link/ether' and name.startswith('eth'):
is_ether = True
mac = pieces[1]
if is_ether:
interfaces.append({'name': name,
'device': [{'name': name,
'state': state,
'macaddr': mac}]})
parser = 'need_name'
# Add additional information to the device data
for interface in interfaces:
name = interface['name']
try:
output = subprocess.check_output(['/sbin/ethtool', '%s' % name])
except subprocess.CalledProcessError:
output = ''
dev_info = interface.get('device')[0]
for line in output.split('\n'):
if line.strip().startswith('Link detected:'):
dev_info['link_detected'] = line.strip().split()[2]
elif line.strip().startswith('Duplex:'):
dev_info['duplex'] = line.strip().split()[1]
elif line.strip().startswith('Speed:'):
dev_info['speed'] = line.strip().split()[1]
return interfaces
def meminfo():
mem_info = {}
with open('/proc/meminfo') as lines:
for line in lines:
item = {}
name = line.split()[0].split(':')[0].lower()
item['value'] = int(line.split()[1].strip())
try:
item['units'] = line.split()[2].strip()
except IndexError:
pass
mem_info[name] = item
return mem_info
def package_info():
if os.path.exists('/usr/bin/dpkg'):
return dpkg()
elif os.path.exists('/usr/bin/zypper'):
return zypper()
else:
raise NotImplementedError('Could not determine package manager to use')
def dpkg():
packages = []
try:
output = subprocess.check_output(['/usr/bin/dpkg', '-l'])
except subprocess.CalledProcessError:
output = ''
parser = 'need_divider'
for line in output.split('\n'):
if parser == 'need_divider':
if line.startswith('+++-=='):
parser = 'consume_items'
else:
pieces = line.split()
if len(pieces) == 0:
continue # blank/empty line (probably at end of listing)
package = {
'status': pieces[0],
'name': pieces[1],
'version': str(pieces[2]),
'architecture': pieces[3],
'description': ' '.join(pieces[4:])}
packages.append(package)
return packages
def zypper():
package_versions = {}
package_version_lines = zypper_lines(['/usr/bin/zypper', 'search', '-i', '-s'])
for pieces in package_version_lines:
if len(pieces) == 6 and pieces[2] == 'package':
package_versions[pieces[1]] = (pieces[3], pieces[4])
packages = []
package_lines = zypper_lines(['/usr/bin/zypper', 'search', '-i'])
for pieces in package_lines:
if len(pieces) == 4 and pieces[3] == 'package':
package_version = package_versions.get(pieces[1], ('', ''))
package = {
'status': pieces[0],
'name': pieces[1],
'version': package_version[0],
'architecture': package_version[1],
'description': pieces[2]
}
packages.append(package)
return packages
def zypper_lines(command):
output_lines = []
try:
output = subprocess.check_output(command)
except subprocess.CalledProcessError:
output = ''
parser = 'need_divider'
for line in output.split('\n'):
if parser == 'need_divider':
if line.startswith('---+'):
parser = 'consume_items'
else:
output_lines.append(re.split('\s*\|\s*', line))
return output_lines
def main():
ipaddr = None
hostname = None
try:
args_file = sys.argv[1]
args_data = file(args_file).read()
arguments = shlex.split(args_data)
except (IndexError, IOError):
arguments = sys.argv # Running interactively
for arg in arguments:
if "=" in arg:
(key, value) = arg.split('=')
if key == 'ipaddr':
ipaddr = value
if key == 'hostname':
hostname = value
ret={}
try:
failed_msg = ''
discovered_drives = drive_configuration()
dmidata = dmidecode()
interfaces = ip()
mem_info = meminfo()
packages = package_info()
except AssertionError as msg:
failed_msg = msg
ret['failed'] = True
ret['rc'] = 1
ret['msg'] = str(failed_msg)
print(json.dumps(ret))
sys.exit(1)
ret['failed'] = False
ret['rc'] = 0
ret['ansible_facts'] = \
{
'ardana_meminfo': {
'ardana_meminfo': [{
'ipaddr': ipaddr,
'hostname': hostname,
'meminfo': mem_info
}]
},
'ardana_drive_configuration': {
'ardana_drive_configuration': [{
'ipaddr': ipaddr,
'hostname': hostname,
'drives': discovered_drives
}]
},
'ardana_interface_configuration': {
'ardana_interface_configuration': [{
'ipaddr': ipaddr,
'hostname': hostname,
'interfaces': interfaces
}]
},
'ardana_dmi_data': {
'ardana_dmi_data': [{
'ipaddr': ipaddr,
'hostname': hostname,
'dmidata': dmidata
}]
},
'ardana_packages': {
'ardana_packages': [{
'ipaddr': ipaddr,
'hostname': hostname,
'packages': packages
}]
}
}
print(json.dumps(ret))
if __name__ == '__main__':
main()
0707010019D044000041ED0000000000000000000000025B32C86200000000000000FD0000000200000000000000000000004600000000ardana-osconfig-8.0+git.1530054754.b943409/roles/osconfig-probe/tasks0707010019D046000081A40000000000000000000000015B32C8620000065D000000FD0000000200000000000000000000005400000000ardana-osconfig-8.0+git.1530054754.b943409/roles/osconfig-probe/tasks/configure.yml#
# (c) Copyright 2015 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- name: osconfig-probe | configure | Probe hardware configuration
become: yes
probe: ipaddr={{ ansible_default_ipv4.address }}
hostname={{ host.vars.my_network_name }}
- name: osconfig-probe | configure | Create /var/cache/ for probe
become: yes
file: >
path={{ probe_var_cache }}
owner=root
group=root
mode=0755
state=directory
- name: osconfig-probe | configure | Update /var/cache yml files
become: yes
template:
src: "{{ item }}.j2"
dest: "{{ probe_var_cache }}/{{ item }}.yml"
owner: root
group: root
mode: "a=r"
with_items:
- drive_configuration
- interface_configuration
- dmi_data
- meminfo
- packages
- name: osconfig-probe | configure | Upload data to deployer
fetch:
src={{ probe_var_cache}}/{{ item }}.yml
dest=osconfig-probe/{{ ansible_default_ipv4.address }}/
flat=yes
with_items:
- drive_configuration
- interface_configuration
- dmi_data
- meminfo
- packages0707010019D045000081A40000000000000000000000015B32C86200000409000000FD0000000200000000000000000000005200000000ardana-osconfig-8.0+git.1530054754.b943409/roles/osconfig-probe/tasks/install.yml#
# (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017-2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- name: osconfig-probe | install | Install misc utilities
become: yes
package:
name: "{{ item }}"
state: present
with_items:
- dmidecode
- ethtool
- iproute
- name: osconfig-probe | install | Install extra misc utilities - Debian
become: yes
package:
name: "{{ item }}"
state: present
with_items:
- dpkg
when: ansible_os_family == 'Debian'
0707010019D047000041ED0000000000000000000000025B32C86200000000000000FD0000000200000000000000000000004A00000000ardana-osconfig-8.0+git.1530054754.b943409/roles/osconfig-probe/templates0707010019D048000081A40000000000000000000000015B32C862000002AF000000FD0000000200000000000000000000005600000000ardana-osconfig-8.0+git.1530054754.b943409/roles/osconfig-probe/templates/dmi_data.j2{#
#
# (c) Copyright 2015 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
#}
---
{{ ardana_dmi_data | to_nice_yaml }}
0707010019D04B000081A40000000000000000000000015B32C862000002B9000000FD0000000200000000000000000000006100000000ardana-osconfig-8.0+git.1530054754.b943409/roles/osconfig-probe/templates/drive_configuration.j2{#
#
# (c) Copyright 2015 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
#}
---
{{ ardana_drive_configuration | to_nice_yaml}}
0707010019D04A000081A40000000000000000000000015B32C862000002BE000000FD0000000200000000000000000000006500000000ardana-osconfig-8.0+git.1530054754.b943409/roles/osconfig-probe/templates/interface_configuration.j2{#
#
# (c) Copyright 2015 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
#}
---
{{ ardana_interface_configuration | to_nice_yaml }}
0707010019D04C000081A40000000000000000000000015B32C862000002AE000000FD0000000200000000000000000000005500000000ardana-osconfig-8.0+git.1530054754.b943409/roles/osconfig-probe/templates/meminfo.j2{#
#
# (c) Copyright 2015 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
#}
---
{{ ardana_meminfo | to_nice_yaml }}
0707010019D049000081A40000000000000000000000015B32C862000002B3000000FD0000000200000000000000000000005600000000ardana-osconfig-8.0+git.1530054754.b943409/roles/osconfig-probe/templates/packages.j2{#
#
# (c) Copyright 2015 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
#}
---
{{ ardana_packages | to_nice_yaml }}
0707010019D040000041ED0000000000000000000000025B32C86200000000000000FD0000000200000000000000000000004500000000ardana-osconfig-8.0+git.1530054754.b943409/roles/osconfig-probe/vars0707010019D041000081A40000000000000000000000015B32C862000002D2000000FD0000000200000000000000000000004E00000000ardana-osconfig-8.0+git.1530054754.b943409/roles/osconfig-probe/vars/main.yml#
# (c) Copyright 2015 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
probe_var_cache: /var/cache/osconfig-probe
probe_deployer_dir: osconfig-probe
0707010019CFE5000041ED0000000000000000000000025B32C86200000000000000FD0000000200000000000000000000004300000000ardana-osconfig-8.0+git.1530054754.b943409/roles/osconfig/defaults0707010019CFE6000081A40000000000000000000000015B32C8620000053B000000FD0000000200000000000000000000004C00000000ardana-osconfig-8.0+git.1530054754.b943409/roles/osconfig/defaults/main.yml#
# (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017-2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
dns: {}
collectl_dir: /var/cache/collectl
numa_huge_pages: "{{ host | item('my_memory_model.numa_huge_pages', default=[]) }}"
non_numa_huge_pages: "{{ host | item('my_memory_model.non_numa_huge_pages', default=[]) }}"
total_huge_pages: "{{ numa_huge_pages | union(non_numa_huge_pages) }}"
default_huge_page_size: "{{ host | item('my_memory_model.default_huge_page_size', default='') }}"
processor_list: "{{ host | item('cpu_assignments.server.processor_list', default='') }}"
crashkernel_settings: "crashkernel=384M-2G:64M,2G-:256M"
osconfig_zypper_os_repo_name: SLES-OS
osconfig_zypper_os_repo_loc: ardana/sles12/zypper/OS/
osconfig_yum_optional_repo_loc: ardana/rhel7/yum/optional/
0707010019CFBE000041ED0000000000000000000000025B32C86200000000000000FD0000000200000000000000000000004000000000ardana-osconfig-8.0+git.1530054754.b943409/roles/osconfig/files0707010019CFC0000081A40000000000000000000000015B32C8620000001C000000FD0000000200000000000000000000004B00000000ardana-osconfig-8.0+git.1530054754.b943409/roles/osconfig/files/bnx2x.confoptions bnx2x disable_tpa=1
0707010019CFBF000081A40000000000000000000000015B32C862000000A7000000FD0000000200000000000000000000004D00000000ardana-osconfig-8.0+git.1530054754.b943409/roles/osconfig/files/kdump_configUSE_KDUMP=1
KDUMP_SYSCTL="kernel.panic_on_oops=1"
KDUMP_COREDIR="/var/crash"
KDUMP_FAIL_CMD="reboot -f"
KDUMP_DUMP_DMESG=1
#KDUMP_DUMP_KDUMPDMESG=
KDUMP_NUM_DUMPS=4
0707010019CFC1000041ED0000000000000000000000025B32C86200000000000000FD0000000200000000000000000000004000000000ardana-osconfig-8.0+git.1530054754.b943409/roles/osconfig/tasks0707010019CFD5000081A40000000000000000000000015B32C862000004F9000000FD0000000200000000000000000000005700000000ardana-osconfig-8.0+git.1530054754.b943409/roles/osconfig/tasks/check-for-apt-repo.yml#
# (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- name: osconfig | check-for-apt-repo | Checking for apt-repo
delegate_to: localhost
stat:
path: "{{ hlinux_apt_repo_dir }}/dists"
register: _apt_repo_stat_result
- set_fact:
deployer_apt_repo_present: "{{ _apt_repo_stat_result.stat.exists | bool }}"
- name: osconfig | check-for-apt-repo | Checking for thirdparty-repo
delegate_to: localhost
stat:
path: "{{ thirdparty_apt_repo_dir }}/latest/dists"
register: _tp_repo_stat_result
- name: osconfig | check-for-apt-repo | Set _thirdparty_repo_present fact
set_fact:
thirdparty_apt_repo_present: "{{ _tp_repo_stat_result.stat.exists | bool }}"
0707010019CFD3000081A40000000000000000000000015B32C862000003F0000000FD0000000200000000000000000000005700000000ardana-osconfig-8.0+git.1530054754.b943409/roles/osconfig/tasks/check-for-yum-repo.yml#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- name: osconfig | check-for-yum-repo | Checking for thirdparty-repo
delegate_to: localhost
stat:
path: "{{ yum_thirdparty_dir }}/latest/repodata"
register: _tp_repo_stat_result
- name: osconfig | check-for-yum-repo | Set _thirdparty_yum_repo_present fact
set_fact:
thirdparty_yum_repo_present: "{{ _tp_repo_stat_result.stat.exists | bool }}"
0707010019CFC7000081A40000000000000000000000015B32C862000003EF000000FD0000000200000000000000000000005800000000ardana-osconfig-8.0+git.1530054754.b943409/roles/osconfig/tasks/check-for-zypp-repo.yml#
# (c) Copyright 2017 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- name: osconfig | check-for-zypp-repo | Checking for thirdparty-repo
delegate_to: localhost
stat:
path: "{{ zypp_thirdparty_dir }}/directory.yast"
register: _tp_repo_stat_result
- name: osconfig | check-for-zypp-repo | Set _thirdparty_zypp_repo_present fact
set_fact:
thirdparty_zypp_repo_present: "{{ _tp_repo_stat_result.stat.exists | bool }}"
0707010019CFCE000081A40000000000000000000000015B32C86200000589000000FD0000000200000000000000000000005900000000ardana-osconfig-8.0+git.1530054754.b943409/roles/osconfig/tasks/check-product-status.yml#
# (c) Copyright 2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- name: deployer-setup | check-product-status | Check HOS product availability
become: yes
zypper:
name: "hpe-helion-openstack-release>=8"
state: present
ignore_errors: yes
register: product_flavor_hos
- name: deployer-setup | check-product-status | Check SOC product availability
become: yes
zypper:
name: "suse-openstack-cloud-release>=8"
state: present
ignore_errors: yes
register: product_flavor_soc
- name: deployer-setup | check-product-status | Provide help
fail:
msg: >
The deployer node does not have a Cloud Add-On product installed.
In YaST select Software/Add-On Products to see an overview of installed
add-on products and use "Add" to add the Cloud product.
when: product_flavor_hos|failed and product_flavor_soc|failed and not deployer_media_legacy_layout|bool
0707010019CFC9000081A40000000000000000000000015B32C86200000788000000FD0000000200000000000000000000005600000000ardana-osconfig-8.0+git.1530054754.b943409/roles/osconfig/tasks/check-repo-status.yml#
# (c) Copyright 2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- set_fact:
suse_release: suse-{{ansible_distribution_version}}
- include: check-product-status.yml
- name: osconfig | check-repo-status | Load expected repodata
include_vars: repos-cloud.yml
- name: osconfig | check-repo-status | Set brand fact
set_fact:
brand: "{{ 'SUSE OpenStack Cloud' if (not product_flavor_soc|failed) else 'HPE Helion OpenStack' }}"
- name: osconfig | check-repo-status | Check that SLES and Cloud repos are installed
zypper_check_repositories:
expected_repodata: "{{ expected_repodata[suse_release][ansible_architecture] }}"
brand: "{{ brand }}"
register: maintenance_repos_installed
ignore_errors: true
when: deployer_media_legacy_layout|bool == false
# Finally, if the above didn't work, fail.
- name: osconfig | check-repo-status | Fail if unable to configure SLES and Cloud repos
delegate_to: localhost
fail:
msg: >
The SUSE Linux Enterprise Server and {{ brand }} Add-On
repositories are required for updates. Complete the SCC registration of
this node with YaST, and install the appropriate Cloud Add-On product
from Software/Add-On Products. You may also configure your deployer
node as an SMT mirror to enable these repositories for entire cloud.
when: (maintenance_repos_installed is defined and
maintenance_repos_installed.failed)
0707010019CFCF000081A40000000000000000000000015B32C8620000037E000000FD0000000200000000000000000000005D00000000ardana-osconfig-8.0+git.1530054754.b943409/roles/osconfig/tasks/copy-ardana-version-file.yml#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# create a version file under /etc to identify which deployer release was used
- name: osconfig | create_ardana_version_file | copy version file from deployer
copy:
src: Ardana_version
dest: /etc/Ardana_version
mode: 0644
sudo: True
0707010019CFC5000081A40000000000000000000000015B32C862000003FE000000FD0000000200000000000000000000005800000000ardana-osconfig-8.0+git.1530054754.b943409/roles/osconfig/tasks/get-ptf-signing-key.yml#
# (c) Copyright 2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
# This should only run on the deployer!
- name: osconfig | get-ptf-signing-key | Read gpg public key for PTF repo
command: "/usr/bin/gpg -a --export 'PTF repository signing key'"
become: yes
ignore_errors: yes
register: ptf_signing_key_result
- name: osconfig | get-ptf-signing-key | Set gpg public key fact for PTF repo
set_fact:
ptf_signing_key: "{{ ptf_signing_key_result.stdout }}"
when: ptf_signing_key_result.rc == 0
0707010019CFDA000081A40000000000000000000000015B32C86200000372000000FD0000000200000000000000000000004900000000ardana-osconfig-8.0+git.1530054754.b943409/roles/osconfig/tasks/main.yml#
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# Warning: If this is used to stop on all nodes the whole cluster is down
# and can only be started by bootstrapping the cluster manually
#
---
- name: osconfig | main | Include platform vars
include_vars: "{{ item }}"
with_first_found:
- "{{ ansible_os_family | lower }}.yml"
- "default.yml"
0707010019CFC6000081A40000000000000000000000015B32C86200000361000000FD0000000200000000000000000000004B00000000ardana-osconfig-8.0+git.1530054754.b943409/roles/osconfig/tasks/marker.yml# (c) Copyright 2015 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
---
- name: osconfig | marker | create /etc/ardana directory
file: path=/etc/openstack state=directory
become: yes
- name: osconfig | marker | create marker
file: path=/etc/openstack/osconfig-ran state=touch
become: yes
0707010019CFD8000081A40000000000000000000000015B32C86200000539000000FD0000000200000000000000000000005300000000ardana-osconfig-8.0+git.1530054754.b943409/roles/osconfig/tasks/set-bnx2x-opts.yml#
# (c) Copyright 2016-2017 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
---
- name: osconfig | set-bnx2x-opts | place /etc/modprobe.d/bnx2x.conf
become: yes
copy:
src: bnx2x.conf
dest: /etc/modprobe.d/bnx2x.conf
owner: root
group: root
mode: 644
register: bnx2x_conf
- name: osconfig | set-bnx2x-opts | rebuild the initrd Debian
become: yes
command: /usr/sbin/update-initramfs -u -k all
when: bnx2x_conf.changed and ansible_os_family == 'Debian'
- name: osconfig | set-bnx2x-opts | rebuild the initrd RedHat
become: yes
command: dracut -f
when: bnx2x_conf.changed and ansible_os_family == 'RedHat'
- name: osconfig | set-bnx2x-opts | rebuild the initrd SUSE
become: yes
command: dracut -f
when: bnx2x_conf.changed and ansible_os_family == 'Suse'
0707010019CFD6000081A40000000000000000000000015B32C862000003F5000000FD0000000200000000000000000000005100000000ardana-osconfig-8.0+git.1530054754.b943409/roles/osconfig/tasks/set-hostname.yml#
# (c) Copyright 2015 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
- name: osconfig | set-hostname | Set native hostname
become: yes
hostname: name={{ host.vars.my_network_name }}
register: set_hostname
- name: osconfig | set-hostname | Restart services that are affected by hostname change
service:
name: "{{ item }}"
state: restarted
enabled: yes
become: yes
with_items:
- rsyslog
when: set_hostname.changed
0707010019CFC3000081A40000000000000000000000015B32C8620000064E000000FD0000000200000000000000000000005100000000ardana-osconfig-8.0+git.1530054754.b943409/roles/osconfig/tasks/set-timezone.yml#
# (c) Copyright 2015,2017 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
- name: osconfig | set-timezone | Update /etc/timezone
template: src=timezone.j2 dest=/etc/timezone mode=0644
become: yes
register: tz
- name: osconfig | set-timezone | Update tzdata Debian
command: dpkg-reconfigure -fnoninteractive tzdata
become: yes
when: tz.changed and ansible_os_family == 'Debian'
- name: osconfig | set-timezone | Read tzdata RedHat
shell: cat /etc/timezone | grep -v \#
become: yes
register: tzlocal
when: ansible_os_family == 'RedHat'
- name: osconfig | set-timezone | Update tzdata RedHat
command: timedatectl set-timezone "{{tzlocal.stdout}}"
become: yes
when: ansible_os_family == 'RedHat'
- name: osconfig | set-timezone | Read tzdata SUSE
shell: cat /etc/timezone | grep -v \#
become: yes
register: tzlocal
when: ansible_os_family == 'Suse'
- name: osconfig | set-timezone | Update tzdata SUSE
command: timedatectl set-timezone "{{tzlocal.stdout}}"
become: yes
when: ansible_os_family == 'Suse'
0707010019CFD9000081A40000000000000000000000015B32C862000008E2000000FD0000000200000000000000000000004E00000000ardana-osconfig-8.0+git.1530054754.b943409/roles/osconfig/tasks/setup-apt.yml#
# (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017-2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- name: osconfig | setup-apt | Install prereqs
become: yes
apt: name={{ item }} state=latest
with_items:
- python-apt
- name: osconfig | setup-apt | Remove /etc/apt/sources.list
become: yes
file:
path: "/etc/apt/sources.list"
state: absent
register: _apt_source_list_result
when: deployer_apt_repo_present
- name: osconfig | setup-apt | Add deployer apt repo
become: yes
apt_repository:
repo: "deb [arch=amd64] {{ hlinux_url }} {{ hlinux_distro }} main contrib non-free"
update_cache: no
when: deployer_apt_repo_present
- name: osconfig | setup-apt | Get symlink source
delegate_to: localhost
stat:
path: "{{ thirdparty_apt_repo_dir }}/latest"
register: latest_source_result
when: thirdparty_apt_repo_present
- name: osconfig | setup-apt | Add thirdparty apt repo
become: yes
apt_repository:
repo: "{{ item }}"
update_cache: no
with_items:
- "deb [arch=amd64] {{ deployer_server }}/{{ thirdparty_repo_loc }}/public/{{ latest_source_result.stat.lnk_source | basename }} {{ hlinux_distro }} main"
when: thirdparty_apt_repo_present
- name: osconfig | setup-apt | Setup apt repository priority preferences
become: yes
template:
src: "priority.d.j2"
dest: "/etc/apt/preferences.d/{{ deployer_server | replace('http://', '') | replace('.', '_') | replace('-', '_') | replace('/', '_') }}"
register: _apt_repository_priority_result
when: deployer_apt_repo_present
- name: osconfig | setup-apt | Update and upgrade apt repository
become: yes
command: apt-get update
when: deployer_apt_repo_present or thirdparty_apt_repo_present
0707010019CFCC000081A40000000000000000000000015B32C86200000635000000FD0000000200000000000000000000005600000000ardana-osconfig-8.0+git.1530054754.b943409/roles/osconfig/tasks/setup-debug-tools.yml#
# (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017-2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
---
- name: osconfig | setup-debug-tools | Get variables
include_vars: "{{ ansible_os_family | lower }}.yml"
- name: osconfig | setup-debug-tools | Directory for collectl
become: yes
file: path={{ collectl_dir }} owner=root group=root mode=0755 state=directory
when: '"collectl" in osconfig_debug_tools'
- name: osconfig | setup-debug-tools | Config for collectl
become: yes
template:
src: collectl.conf.j2
dest: /etc/collectl.conf
owner: root
group: root
mode: 0644
register: collectl_conf
when: '"collectl" in osconfig_debug_tools'
- name: osconfig | setup-debug-tools | Install additional debugging packages
become: yes
package:
name: "{{ item }}"
state: present
with_items:
"{{osconfig_debug_tools}}"
- name: osconfig | setup-debug-tools | Restart collectl if necessary
become: yes
service:
name: collectl
state: restarted
when: '"collectl" in osconfig_debug_tools and collectl_conf.changed'
0707010019CFD2000081A40000000000000000000000015B32C86200000356000000FD0000000200000000000000000000005500000000ardana-osconfig-8.0+git.1530054754.b943409/roles/osconfig/tasks/setup-hosts-file.yml#
# (c) Copyright 2015 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
- name: osconfig | setup-hosts-file | Update /etc/hosts
become: yes
copy:
src: generated_files/etc/hosts
dest: /etc/hosts
owner: root
group: root
mode: 0644
tags:
- generate_hosts_file
0707010019CFD0000081A40000000000000000000000015B32C86200000C0E000000FD0000000200000000000000000000005400000000ardana-osconfig-8.0+git.1530054754.b943409/roles/osconfig/tasks/setup-hugepages.yml#
# (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017-2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
---
# This script is intended to run early in the boot process to improve the
# chances of getting physically contiguous pages in the specified NUMA nodes.
- name: osconfig | setup-hugepages | template service script
become: yes
template:
src: hugepages-service.sh.j2
dest: /usr/bin/hugepages-service.sh
owner: root
group: root
mode: 0755
when:
numa_huge_pages | length > 0
- name: osconfig | setup-hugepages | clean existing service
become: yes
file:
path: "{{ systemd_script_dir }}/ardana-hugepages.service"
state: absent
- name: osconfig | setup-hugepages | template service systemd
become: yes
template:
src: hugepages-service.j2
dest: "{{ systemd_script_dir }}/ardana-hugepages.service"
owner: root
group: root
mode: 0644
register:
ardana_notify_service_systemd_result
when:
numa_huge_pages | length > 0
- name: osconfig | setup-hugepages | add service to systemd
become: yes
command: /bin/systemctl daemon-reload
when:
not (ardana_notify_service_systemd_result is not defined) and
ardana_notify_service_systemd_result.changed
- name: osconfig | setup-hugepages | start and enable service
become: yes
service:
name: ardana-hugepages
enabled: yes
state: started
when:
ardana_notify_service_systemd_result is defined and
ardana_notify_service_systemd_result.changed
- name: osconfig | setup-hugepages | create hugepage directories
become: yes
file:
name: /dev/hugepages_{{ item.size }}
state: directory
owner: root
group: root
mode: 01770
with_items:
total_huge_pages
when:
total_huge_pages | length > 0
- name: osconfig | setup-hugepages | mount hugepages
become: yes
mount:
name: /dev/hugepages_{{ item.size }}
src: hugetlbfs
fstype: hugetlbfs
state: mounted
opts: 'pagesize={{ item.size }}'
with_items:
total_huge_pages
when:
total_huge_pages | length > 0
- name: osconfig | setup-hugepages | remove any existing hugepages mounts
become: yes
lineinfile:
dest: /etc/fstab
regexp: '^.*hugetlbfs.*$'
state: absent
- name: osconfig | setup-hugepages | Add hugepages mount to fstab
become: yes
lineinfile:
dest: /etc/fstab
line: >
hugetlbfs /dev/hugepages_{{ item.size }} hugetlbfs
mode=01770,pagesize={{ item.size }} 0 0
insertafter: EOF
with_items:
total_huge_pages
when:
total_huge_pages | length > 0
0707010019CFD7000081A40000000000000000000000015B32C8620000164C000000FD0000000200000000000000000000005C00000000ardana-osconfig-8.0+git.1530054754.b943409/roles/osconfig/tasks/setup-kernel-parameters.yml#
# (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017-2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
---
- name: osconfig | setup-kernel-parameters |
Remove any existing default hugepage references
become: yes
replace:
dest: /etc/default/grub
regexp: '\s?default_hugepagesz=\w+'
replace: ''
- name: osconfig | setup-kernel-parameters |
Remove any existing hugepage references
become: yes
replace:
dest: /etc/default/grub
regexp: '(\s?hugepagesz?=\w+)+'
replace: ''
- name: osconfig | setup-kernel-parameters | Reset crashkernal_settings if Suse
set_fact:
crashkernel_settings: "crashkernel=768,HIGH crashkernel=128,LOW"
when: ansible_os_family == 'Suse'
- name: osconfig | setup-kernel-parameters | setup crashkernel
become: yes
command: >-
sed -i \
-e '/^GRUB_CMDLINE_LINUX=/ s#\([" ]*\)crashkernel=[^ "]*[ ]*#\1#g' \
-e '/^GRUB_CMDLINE_LINUX=/ s# *"$# {{ crashkernel_settings }}"#g' \
-e '/^GRUB_CMDLINE_LINUX=/ s#" #"#g' \
/etc/default/grub
register: grub_mod
- name: osconfig | setup-kernel-parameters | setup hugepages
become: yes
lineinfile:
dest: /etc/default/grub
backrefs: True
state: present
regexp: '(GRUB_CMDLINE_LINUX=)"(.*)"'
line: '\1\"\2 hugepagesz={{ item.size }} hugepages={{ item.count }}\"'
# we limit this to non NUMA pages since there is no mechanism in the
# kernel parameters to specify which NUMA node a page should be allocated to.
with_items:
non_numa_huge_pages
when:
non_numa_huge_pages | length > 0
- name: osconfig | setup-kernel-parameters | setup hugepage default size
become: yes
lineinfile:
dest: /etc/default/grub
backrefs: True
state: present
regexp: '(GRUB_CMDLINE_LINUX=)"(.*)"'
line: '\1\"\2 default_hugepagesz={{ default_huge_page_size }}\"'
when:
non_numa_huge_pages | length > 0 and
default_huge_page_size != ''
- name: osconfig | setup-kernel-parameters | remove existing cpu isolation
become: yes
replace:
dest: /etc/default/grub
regexp: '\s?isolcpus=[0-9,]*'
replace: ''
- name: osconfig | setup-kernel-parameters | isolate cpus
become: yes
lineinfile:
dest: /etc/default/grub
backrefs: True
state: present
regexp: 'GRUB_CMDLINE_LINUX="(.*)"'
line: 'GRUB_CMDLINE_LINUX="\1 isolcpus={{ processor_list }}"'
when:
processor_list != ''
- name: osconfig | setup-kernel-parameters |
check if GRUB_CMDLINE_LINUX is found
become: yes
command: grep "GRUB_CMDLINE_LINUX" /etc/default/grub
register: check_attr
ignore_errors: True
- name: osconfig | setup-kernel-parameters | remove existing intel_iommu
become: yes
replace:
dest: /etc/default/grub
regexp: '\s?intel_iommu=\w+'
replace: ''
- name: osconfig | setup-kernel-parameters | remove existing iommu
become: yes
replace:
dest: /etc/default/grub
regexp: '\s?iommu=\w+'
replace: ''
- name: osconfig | setup-kernel-parameters | set intel_iommu and iommu
become: yes
lineinfile:
dest: /etc/default/grub
backrefs: True
state: present
regexp: 'GRUB_CMDLINE_LINUX="(.*)"'
line: 'GRUB_CMDLINE_LINUX="\1 intel_iommu=on iommu=pt"'
when:
network_pci_pt_sriov_interfaces is defined or {{ dpdk_enable_iommu }}
- name: osconfig | setup-kernel-parameters |
set intel_iommu and iommu when GRUB_CMDLINE_LINUX is not found
become: yes
lineinfile:
dest: /etc/default/grub
line: 'GRUB_CMDLINE_LINUX="intel_iommu=on iommu=pt"'
when:
(network_pci_pt_sriov_interfaces is defined or {{ dpdk_enable_iommu }}) and check_attr.rc != 0
- name: osconfig | setup-kernel-parameters | apt install kdump-tools
become: yes
apt:
pkg: kdump-tools
force: yes
when: ansible_os_family == 'Debian'
- name: osconfig | setup-kernel-parameters | yum install kexec-tools
become: yes
yum:
pkg: kexec-tools
when: ansible_os_family == 'RedHat'
- name: osconfig | setup-kernel-parameters | zypper install kdump
become: yes
zypper:
pkg:
- kdump
when: ansible_os_family == 'Suse'
- name: osconfig | setup-kernel-parameters | configure kdump settings
become: yes
copy:
src: kdump_config
dest: /etc/default/kdump-tools
register: kdump_mod
when: ansible_os_family == 'Debian'
- name: osconfig | setup-kernel-parameters | restart kdump-tools
become: yes
service:
name: kdump-tools
state: restarted
when: kdump_mod.changed and ansible_os_family == 'Debian'
- name: osconfig | setup-kernel-parameters | update-grub
become: yes
command: /usr/sbin/update-grub
when: grub_mod.changed and ansible_os_family == 'Debian'
- name: osconfig | setup-kernel-parameters | update-grub RedHat/Suse
become: yes
command: grub2-mkconfig -o /boot/grub2/grub.cfg
when: grub_mod.changed and ansible_os_family in ['RedHat', 'Suse']
- name: osconfig | setup-kernel-parameters | enable kdump on boot (Suse)
become: yes
service:
name: kdump
enabled: yes
when: ansible_os_family == 'Suse'
- name: osconfig | setup-kernel-parameters | restart kdump RedHat
become: yes
service:
name: kdump
state: restarted
when: ansible_os_family == 'RedHat'
0707010019CFCD000081A40000000000000000000000015B32C86200000355000000FD0000000200000000000000000000005600000000ardana-osconfig-8.0+git.1530054754.b943409/roles/osconfig/tasks/setup-resolv-conf.yml#
# (c) Copyright 2015 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
- name: osconfig | setup-resolv-conf | Update /etc/resolv.conf
become: yes
template:
src: resolv.conf.j2
dest: /etc/resolv.conf
owner: root
group: root
mode: 0644
when: osconfig_dns != {}
0707010019CFD4000081A40000000000000000000000015B32C862000004E2000000FD0000000200000000000000000000005400000000ardana-osconfig-8.0+git.1530054754.b943409/roles/osconfig/tasks/setup-sudo-conf.yml#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# Turn off interface probing in sudo as it doesn't scale with # of interfaces
- name: osconfig | setup-sudo-conf | Set up /etc/sudo.conf
become: yes
lineinfile:
dest: /etc/sudo.conf
create: yes
owner: root
group: root
state: present
line: "Set probe_interfaces false"
# Ensure that /usr/local/bin to secure path
- name: osconfig | setup-sudo-conf | Set secure_path to be consistent
become: yes
lineinfile:
dest: /etc/sudoers
state: present
regexp: "^Defaults\\s+secure_path\\s*="
line: "Defaults\tsecure_path = /sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin"
0707010019CFC2000081A40000000000000000000000015B32C8620000040B000000FD0000000200000000000000000000005200000000ardana-osconfig-8.0+git.1530054754.b943409/roles/osconfig/tasks/setup-systemd.yml#
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
---
- name: osconfig | setup-systemd | tweak systemd parameters
become: yes
lineinfile:
dest: /etc/systemd/system.conf
regexp: '^#?DefaultTasksMax=.+'
line: 'DefaultTasksMax=infinity'
register: osconfig_setup_systemd_result
when: ansible_os_family == 'Suse'
- name: osconfig | setup-systemd | reload systemd configuration
become: yes
command: systemctl daemon-reload
when: osconfig_setup_systemd_result is defined and
osconfig_setup_systemd_result.changed
0707010019CFC8000081A40000000000000000000000015B32C862000008F5000000FD0000000200000000000000000000004E00000000ardana-osconfig-8.0+git.1530054754.b943409/roles/osconfig/tasks/setup-yum.yml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017-2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
#- name: osconfig | setup-yum | check yum package installed or not
# become: yes
# file:
# path: "/etc/apt/sources.list"
# state: absent
# register: _apt_source_list_result
# when: deployer_apt_repo_present
# 1. Check RHEL_##.iso is mounted / else throw an error
# 2. Update local yum repo to point to locallay mounted RHEL_##.iso
# 3. Based on other dependented build mechanism
# (through yum mirror at deployer or bundled with venv build
# through external venv mechanism ) write a task
# to install those.
---
- name: osconfig | setup-yum | Configure the extras yum repo on RHEL nodes
become: yes
template:
src: "openstack_yum.repo.j2"
dest: "/etc/yum.repos.d/openstack_yum.repo"
when: deployer_media_legacy_layout|bool
- name: osconfig | setup-yum | Check optional yum repo existence on deployer
delegate_to: localhost
stat:
path: "{{ PACKAGE_CONSTANTS.REPO_DIR }}/{{ osconfig_yum_optional_repo_loc }}"
register: _rhel_optional_repo_stat_result
- name: osconfig | setup-yum | Configure the optional yum repo on RHEL nodes
become: yes
template:
src: "optional_yum.repo.j2"
dest: "/etc/yum.repos.d/optional_yum.repo"
when: _rhel_optional_repo_stat_result.stat.exists
- name: osconfig | setup-yum | Get symlink source
delegate_to: localhost
stat:
path: "{{ yum_thirdparty_dir }}/latest"
register: latest_source_result
when: thirdparty_yum_repo_present
- name: osconfig | setup-yum | Configure the thirdparty yum repo on RHEL nodes
become: yes
template:
src: "tp_yum.repo.j2"
dest: "/etc/yum.repos.d/tp_yum.repo"
mode: 0644
when: thirdparty_yum_repo_present
0707010019CFC4000081A40000000000000000000000015B32C86200001778000000FD0000000200000000000000000000004F00000000ardana-osconfig-8.0+git.1530054754.b943409/roles/osconfig/tasks/setup-zypp.yml#
# (c) Copyright 2017 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017-2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
# TODO(fergal): remove once ardana-ansible updated to specify zypp_server
- set_fact:
zypp_server: "{{ deployer_server }}"
when: zypp_server is not defined and deployer_server is defined
- set_fact:
zypp_server_http: "{{ zypp_server }}"
when: zypp_server_http is not defined
##########################
# Legacy media mode only #
##########################
- name: osconfig | setup-zypp | Check SLES OS zypper repo location
delegate_to: localhost
stat:
path: "{{ PACKAGE_CONSTANTS.REPO_DIR }}/{{ osconfig_zypper_os_repo_loc }}/suse"
register: _sles_os_repo_stat_result
- name: osconfig | setup-zypp | Remove any old OS zypper repo
become: yes
zypper_repository:
name: "{{ osconfig_zypper_os_repo_name }}"
state: absent
when: _sles_os_repo_stat_result.stat.exists
- name: osconfig | setup-zypp | Configure the OS zypper repo
become: yes
zypper_repository:
name: "{{ osconfig_zypper_os_repo_name }}"
description: "{{ osconfig_zypper_os_repo_name }}"
repo: "{{ zypp_server }}/{{ osconfig_zypper_os_repo_loc }}"
when: _sles_os_repo_stat_result.stat.exists
##############################
# Import gpg key for PTF repo#
##############################
# NOTE(toabctl): The include will set the hostvars['localhost']['ptf_signing_key'] variable
- include: get-ptf-signing-key.yml
become: yes
delegate_to: localhost
delegate_facts: yes
- name: osconfig | setup-zypp | Import ptf signing key into RPM key DB
become: yes
shell: |
ARDANA_TMPDIR=$(mktemp -d --tmpdir ardana-gpg-pubkey-XXXXXX)
echo "{{ hostvars['localhost']['ptf_signing_key'] }}" >> $ARDANA_TMPDIR/pub.key
rpmkeys --import $ARDANA_TMPDIR/pub.key
rm -rf $ARDANA_TMPDIR
when: hostvars['localhost']['ptf_signing_key'] is defined and not deployer_media_legacy_layout|bool
##############################
# Set up required SUSE Media #
##############################
- name: osconfig | setup-zypp | Add SLES and Cloud repos
set_fact:
_repositories:
- alias: Cloud
name: Cloud
- alias: PTF
name: PTF
- alias: SLES12-SP3-Pool
name: SLES12-SP3-Pool
- alias: SLES12-SP3-Updates
name: SLES12-SP3-Updates
- alias: SLES12-SP3-Updates-test
name: SLES12-SP3-Updates-test
- alias: SUSE-OpenStack-Cloud-8-Pool
name: OpenStack-Cloud-8-Pool
- alias: SUSE-OpenStack-Cloud-8-Updates
name: OpenStack-Cloud-8-Updates
- alias: SUSE-OpenStack-Cloud-8-Updates-test
name: OpenStack-Cloud-8-Updates-test
- alias: HPE-Helion-OpenStack-8-Pool
name: OpenStack-8-Pool
- alias: HPE-Helion-OpenStack-8-Updates
name: OpenStack-8-Updates
- alias: HPE-Helion-OpenStack-8-Updates-test
name: OpenStack-8-Updates-test
- set_fact:
suse_release: suse-{{ansible_distribution_version}}
- name: osconfig | setup-zypp | Configure SLES and Cloud repos on nodes
become: yes
zypper_repository:
name: "{{ item.alias }}"
description: "{{ item.name }}"
repo: "{{ zypp_server_http }}/SUSE-12-3/{{ ansible_architecture }}/repos/{{ item.alias }}"
with_items: _repositories
# If the repositories are not available on the deployer, that is not
# necessarily critical yet. The next tasks will check whether the release
# package is available. If it is, then at least the Cloud media made it onto
# the node somehow. In the upgrade stage, we will need to do more strict
# verification that the SLES and Cloud Pool and Updates repositories have
# made it onto the node.
ignore_errors: True
- include: check-product-status.yml
############################
# Set up third party repos #
############################
- name: osconfig | setup-zypp | Get thirdparty symlink source
delegate_to: localhost
stat:
path: "{{ zypp_thirdparty_dir }}/latest"
register: latest_source_result
when: thirdparty_zypp_repo_present
- name: osconfig | setup-zypp | Remove any old thirdparty zypp repo on SLES nodes
become: yes
zypper_repository:
name: tprepo
state: absent
when: thirdparty_zypp_repo_present
- name: osconfig | setup-zypp | Configure the thirdparty zypp repo on SLES nodes
become: yes
zypper_repository:
name: tprepo
description: Thirdparty Repository
repo: "{{ zypp_server }}/{{ zypp_thirdparty_loc }}/{{ latest_source_result.stat.lnk_source | basename }}"
# TODO: trust the 3rd party key
disable_gpg_check: yes
when: thirdparty_zypp_repo_present
#####################
# Refresh all repos #
#####################
- name: osconfig | setup-zypp | Generate list of zypper repos to refresh
set_fact:
_refresh_repos: >
{%- set _rr_list = [] -%}
{%- if _sles_os_repo_stat_result.stat.exists -%}
{%- set _ = _rr_list.append(osconfig_zypper_os_repo_name) -%}
{%- endif -%}
{%- for r in _repositories -%}
{%- set _ = _rr_list.append(r.name) -%}
{%- endfor -%}
{%- if thirdparty_zypp_repo_present -%}
{%- set _ = _rr_list.append("tprepo") -%}
{%- endif -%}
{{ _rr_list|unique }}
# include refresh task until we upgrade to Ansible 2.2+ and use the
# zypper_repository.runrefresh flag
- name: osconfig | setup-zypp | Refresh newly added repositories
become: yes
command: "zypper --non-interactive refresh --force {{ _refresh_repos | join(' ') }}"
0707010019CFCA000081A40000000000000000000000015B32C8620000033E000000FD0000000200000000000000000000005100000000ardana-osconfig-8.0+git.1530054754.b943409/roles/osconfig/tasks/wait-for-ssh.yml#
# (c) Copyright 2015 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
- name: network_interface | wait-for-ssh | Wait for ssh on nodes
local_action: wait_for port=22 host="{{ ansible_ssh_host | default(inventory_hostname) }}" search_regex=OpenSSH timeout=600
0707010019CFDB000041ED0000000000000000000000025B32C86200000000000000FD0000000200000000000000000000004400000000ardana-osconfig-8.0+git.1530054754.b943409/roles/osconfig/templates0707010019CFDF000081A40000000000000000000000015B32C86200001F50000000FD0000000200000000000000000000005500000000ardana-osconfig-8.0+git.1530054754.b943409/roles/osconfig/templates/collectl.conf.j2{#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
#}
# Like most Linux configuration files, this specifies a set of user controller
# parameters. In many cases these are commented out which simply means those
# are the default values already used by collectl. To change a value
# uncomment the line and change it. To revert back to the default all you
# need do is recomment the line.
############################
# daemon/service handling
############################
# When someone specifies a daemon is to be run, typically but not limited
# to running collectl as a service, this string will cause the associated
# values to be used. They CAN also be overriden via a command line switch.
# In other words, if DaemonCommands is set to '-s cdm' and collectl is
# envoked with -D, it will process subsystems 'cdm'. However, if it is envoked
# with '-D -s mnp' it will process subsystems 'mnp', there is no combining the
# two set of values. Be sure to include any switches a daemon is required to
# have such as -f and either -r or -R.
# NOTE - if things aren't behaving as expected, you can always try running
# collectl in non-daemon mode just to see if there are any error messages. If
# you include the -m switch, you can also look in the collectl log, which is
# stored in the logging directory.
DaemonCommands = -f {{ collectl_dir}}/ -r00:00,7,60 -i5:60 -m -F60 -scdmntDY -P --rawtoo --rawnetignore tap,qbr,qv
# This defines the location to look for all additional required files if formatit.ph
# is not in the same directory as collectl itself.
#ReqDir = /usr/share/collectl
# E x t r a L i b r a r i e s
# So far this has only been used during development, but if there are extra
# library locations that should be 'used', put them here.
#Libraries =
# S t a n d a r d U t i l i t i e s
# Note that by default collectl will look for lspci in both /sbin and
# /usr/sbin, but if listed here will only look in that one place.
#Grep = /bin/grep
#Egrep = /bin/egrep
#Ps = /bin/ps
#Rpm = /bin/rpm
#Lspci = /sbin/lspci
#Lctl = /usr/sbin/lctl
# I n f i n i b a n d S u p p o r t
# Collectl will assume open fabric and will attempt to use the perfquery
# utility to get the counters. If not there, it assumes Voltaire and will
# first look in /proc/voltaire/adaptor-mlx/stats and failing that will use
# the get_pcounter utiliy. Since collectl resets IB counters in the
# hardware you can disable its collection by commenting out the appropriate
# variable below. PQuery for OFED, PCounter for get_pcounter calls and
# VStat for ALL non-ofed access of any kind.
# can disable either by commenting out the reference to VStat/PQuery below.
PQuery = /usr/sbin/perfquery:/usr/bin/perfquery:/usr/local/ofed/bin/perfquery
PCounter = /usr/mellanox/bin/get_pcounter
VStat = /usr/mellanox/bin/vstat:/usr/bin/vstat
OfedInfo = /usr/bin/ofed_info:/usr/local/ofed/bin/ofed_info
# Set this flag to 0 to disable checking for duplicate instances of collectl
# both trying to monitor IB stats
#IbDupCheckFlag=1
# D e f a u l t s
# This set of variables are actually all set in collectl and you need not
# change them.
# This parameter controls subsystem selection. The 'core' subsystems are
# selected when the user omits the -s switch OR uses the '+' or '-' to
# add/remove from that list. Note that changing this will also change the
# default for -s displayed in help.
#SubsysCore = bcdfijlmnstx
# although these can all be overridden by switches, they're assumed to
# always be defined so don't remove or comment any of them out! Over time
# more may be added
#Interval = 10
#Interval2 = 60
#Interval3 = 120
# These are SFS lustre specific. When using the -OD switch, any partitions
# found to be smaller than LustreSvcLunMax, which is in GB, will be ignored.
# When displaying data in verbose mode, only LustreMaxBlkSize will be
# displayed, but ALL block sizes will be read and recorded
#LustreSvcLunMax = 10
#LustreMaxBlkSize = 512
# By default, we check at these frequencies to see if lustre or interconnect
# configurations have changed. Things are efficient enough that now we can
# check for lustre changes every polling interval but I'm leaving the code
# in place rather than remove it in case needed again in the future.
#LustreConfigInt = 1
#InterConnectInt = 900
# These apply to disk/partition limits for exception (-o x/X) processing
#LimSVC = 30 # Minimum partition Avg Service time
#LimIOS = 10 # Minumum number of Disk OR Partion I/Os
#LimBool = 0 # generate exception record if EITHER limit exceeded
#LimLusKBS = 100 # Minimum number of Lustre OSS KB/sec
#LimLusReints = 1000 # Minimum number o Lustre MDS Reint operations
# Socket I/O Defaults
#Port = 2655
#Timeout = 10
# Maximum allowable zlib errors in a single day or run.
#MaxZlibErrors = 20
# In order to detect bogus network data we need to know what is normal for that
# interface. Collectl uses ethtool for 'eth' interfaces to get the default
# speed but that requires elevated privileges. It the ethtool fails, this
# value (which is in Mb) will be used instead.
# To disable bogus network data checking, set this to any negative value
#DefNetSpeed=10000
# Collectl will automatically size the frequency of headers in 'brief format'
# to the height of your display window which it determines using the resize
# utility. If that utility can't be found, it will use the height speficied
# in 'TermSize'. If 'resize' is in your path but you want a fixed/different
# size, comment out the Resize line and uncomment TermHeight, setting it to
# what you want.
#TermHeight = 24
Resize=/usr/bin/resize:/usr/X11R6/bin/resize
# To turn off Time:HiRes/glibc incompatibility checking, the following
# should be enabled and set to 0
#TimeHiResCheck = 1
# These control environmental monitoring and to use it you MUST have ipmitool
# installed (see http://ipmitool.sourceforge.net/). If not in the path shown
# below, you must change it.
Ipmitool = /usr/bin/ipmitool:/usr/local/bin/ipmitool:/opt/hptc/sbin/ipmitool
IpmiCache = /var/run/collectl-ipmicache
IpmiTypes = fan,temp,current
# passwd file for UID to usernames mapping during process monitoring
#Passwd = /etc/passwd
# If a cciss device is reset (such as when during a lun scan) while collectl running,
# disk rates will be excessive. If one seen above the following, reset ALL stats for
# that disk to 0. To disable set this to -1
#DiskMaxValue=5000000
# When collectl reads disk data, it filters out any that don't match the DiskFilter,
# which by default looks for cciss, hd, sd, xvd, dm, emcpower and psv. All others are
# ignored. To change the filter, set the string below to those you want to keep BUT
# you need to know what a perl regular expression looks like or you may not get the
# desired results. CAUTION - white space is CRITICAL for this to work.
#DiskFilter = /cciss/c\d+d\d+ |hd[ab] | sd[a-z]+ |dm-\d+ |xvd[a-z] |fio[a-z]+ | vd[a-z]+ |emcpower[a-z]+ |psv\d+ /
# Kernel Efficiency Test
# On kernels 2.6.32 forward (and you can't tell how distros patched) there is a read inefficiency
# in the /proc filesystem for 4 and more sockets and the only way to tell is to test it. If slow
# generate a warning that patching the kernel may be recommmended. To bypass the test/message, set
# the following to 'no'
#ProcReadTest = yes
0707010019CFDC000081A40000000000000000000000015B32C8620000038D000000FD0000000200000000000000000000005900000000ardana-osconfig-8.0+git.1530054754.b943409/roles/osconfig/templates/hugepages-service.j2{#
#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017-2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
#}
[Unit]
Description=Service file to call hugepages script
Before=openvswitch.service ovs-vswitchd.service
After=sysinit.target
[Service]
Type=oneshot
Restart=no
RemainAfterExit=yes
ExecStart=/usr/bin/hugepages-service.sh
[Install]
WantedBy=multi-user.target
0707010019CFDD000081A40000000000000000000000015B32C862000004B3000000FD0000000200000000000000000000005C00000000ardana-osconfig-8.0+git.1530054754.b943409/roles/osconfig/templates/hugepages-service.sh.j2{#
#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
#}
#!/bin/sh
#
# rc.local
#
# set the number of hugepages on a node
if mkdir /dev/shm/hugepage-service; then
echo "Creating node-specific huge pages."
{% for item in numa_huge_pages %}
nodedir='/sys/devices/system/node/node{{ item.numa_node }}'
hugepages='hugepages/hugepages-{{ item.size_in_k }}kB/nr_hugepages'
old_page_count=`cat $nodedir/$hugepages`
new_page_count=$((old_page_count + {{ item.count}}))
echo $new_page_count > $nodedir/$hugepages
{% endfor %}
exit 0
fi
echo "Service has been run previously. Do nothing."
exit 0
0707010019CFE4000081A40000000000000000000000015B32C86200000332000000FD0000000200000000000000000000005A00000000ardana-osconfig-8.0+git.1530054754.b943409/roles/osconfig/templates/openstack_yum.repo.j2{#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017-2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
#}
[ardanarepo]
name=Ardana OpenStack Repository
baseurl=http://{{ ansible_env.SSH_CLIENT.split()[0] }}:{{ deployer_server_port }}/{{ yum_extras_loc }}
enabled=1
gpgcheck=0
0707010019CFDE000081A40000000000000000000000015B32C862000002F6000000FD0000000200000000000000000000005900000000ardana-osconfig-8.0+git.1530054754.b943409/roles/osconfig/templates/optional_yum.repo.j2{#
# (c) Copyright 2017-2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
#}
[optionalrepo]
name=Ardana Optional Repository
baseurl=http://{{ ansible_env.SSH_CLIENT.split()[0] }}:{{ deployer_server_port }}/{{ yum_optional_loc }}
enabled=1
gpgcheck=0
0707010019CFE2000081A40000000000000000000000015B32C862000002E2000000FD0000000200000000000000000000005200000000ardana-osconfig-8.0+git.1530054754.b943409/roles/osconfig/templates/priority.d.j2{#
#
# (c) Copyright 2015 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017-2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
#}
Package: *
Pin: origin {{ deployer_server | replace('http://', '') }}
Pin-Priority: 600
0707010019CFE0000081A40000000000000000000000015B32C86200000510000000FD0000000200000000000000000000005300000000ardana-osconfig-8.0+git.1530054754.b943409/roles/osconfig/templates/resolv.conf.j2{#
#
# (c) Copyright 2015 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
#}
# Created resolv.conf(5) file for glibc resolver(3) generated by osconfig-ansible
# EDITS TO THIS FILE WILL BE OVERWRITTEN BY osconfig
{% for server in osconfig_dns.nameservers %}
nameserver {{ server }}
{% endfor %}
{% if 'domain' in osconfig_dns %}
domain {{ osconfig_dns.domain }}
{% endif %}
{% if 'search' in osconfig_dns %}
search {{ osconfig_dns.search | join(" ") }}
{% endif %}
{% if 'sortlist' in osconfig_dns %}
sortlist {{ osconfig_dns['sortlist'] | join(" ") }}
{% endif %}
{% for option, value in osconfig_dns.get('options', {}).items() %}
options {{ "%s:%s" % (option, value) if value is not none else "%s" % option }}
{% endfor %}
0707010019CFE1000081A40000000000000000000000015B32C8620000028D000000FD0000000200000000000000000000005000000000ardana-osconfig-8.0+git.1530054754.b943409/roles/osconfig/templates/timezone.j2{#
#
# (c) Copyright 2015 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
#}
Etc/UTC
0707010019CFE3000081A40000000000000000000000015B32C8620000032E000000FD0000000200000000000000000000005300000000ardana-osconfig-8.0+git.1530054754.b943409/roles/osconfig/templates/tp_yum.repo.j2{#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017-2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
#}
[tprepo]
name=Thirdparty Repository
baseurl={{ deployer_server }}/{{ yum_thirdparty_loc }}/{{ latest_source_result.stat.lnk_source | basename }}
enabled=1
gpgcheck=0
0707010019CFB8000041ED0000000000000000000000025B32C86200000000000000FD0000000200000000000000000000003F00000000ardana-osconfig-8.0+git.1530054754.b943409/roles/osconfig/vars0707010019CFB9000081A40000000000000000000000015B32C8620000026C000000FD0000000200000000000000000000004B00000000ardana-osconfig-8.0+git.1530054754.b943409/roles/osconfig/vars/default.yml#
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
systemd_script_dir: /lib/systemd/system
0707010019CFBC000081A40000000000000000000000015B32C8620000046F000000FD0000000200000000000000000000004800000000ardana-osconfig-8.0+git.1530054754.b943409/roles/osconfig/vars/main.yml#
# (c) Copyright 2015 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
ardanauser: "{{ ansible_env['USER'] }}"
ardanauser_home: "{{ ansible_env['HOME'] }}"
osconfig_dns: "{{ dns |
default(host.get('dns', {}) if host is defined else {}, true) |
default(group.get('dns', {}) if group is defined else {}, true) |
default(global.get('dns', {}) if global is defined else {}, true)
}}"
dpdk_enable_iommu: "
{%- if dpdk_network_devices is defined -%}
{% set result = True %}
{% else %}
{% set result = False %}
{%- endif -%}
{{ result }}"
0707010019CFBA000081A40000000000000000000000015B32C862000002D9000000FD0000000200000000000000000000004A00000000ardana-osconfig-8.0+git.1530054754.b943409/roles/osconfig/vars/redhat.yml#
# (c) Copyright 2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
systemd_script_dir: /usr/lib/systemd/system
osconfig_debug_tools:
- tcpdump
- bind-utils
- lsof
- strace
- curl
# - collectl
- numactl
0707010019CFBD000081A40000000000000000000000015B32C86200000926000000FD0000000200000000000000000000004F00000000ardana-osconfig-8.0+git.1530054754.b943409/roles/osconfig/vars/repos-cloud.yml#
# (c) Copyright 2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
expected_repodata:
suse-12.3:
x86_64:
sles12-sp3-pool:
name: "SLES12-SP3-Pool"
repomd:
tags: ["obsproduct://build.suse.de/SUSE:SLE-12-SP3:GA/SLES/12.3/POOL/x86_64"]
smt_path: "SUSE/Products/SLE-SERVER/12-SP3/x86_64/product"
sles12-sp3-updates:
name: "SLES12-SP3-Updates"
repomd:
tags: ["obsrepository://build.suse.de/SUSE:Updates:SLE-SERVER:12-SP3:x86_64/update"]
smt_path: "SUSE/Updates/SLE-SERVER/12-SP3/x86_64/update"
suse-openstack-cloud-8-pool:
name: "SUSE-OpenStack-Cloud-8-Pool"
repomd:
tags: ["obsproduct://build.suse.de/SUSE:SLE-12-SP3:Update:Products:Cloud8/suse-openstack-cloud/8/POOL/x86_64"]
smt_path: "SUSE/Products/OpenStack-Cloud/8/x86_64/product"
brand: "SUSE OpenStack Cloud"
hpe-helion-openstack-8-pool:
name: "HPE-Helion-OpenStack-8-Pool"
repomd:
tags: ["obsproduct://build.suse.de/SUSE:SLE-12-SP3:Update:Products:Cloud8/hpe-helion-openstack/8/POOL/x86_64"]
smt_path: "SUSE/Products/HPE-Helion-OpenStack/8/x86_64/product"
brand: "HPE Helion OpenStack"
suse-openstack-cloud-8-updates:
name: "SUSE-OpenStack-Cloud-8-Updates"
repomd:
tags: ["obsrepository://build.suse.de/SUSE:Updates:OpenStack-Cloud:8:x86_64/update"]
smt_path: "SUSE/Updates/OpenStack-Cloud/8/x86_64/update"
brand: "SUSE OpenStack Cloud"
hpe-helion-openstack-8-updates:
name: "HPE-Helion-OpenStack-8-Updates"
repomd:
tags: ["obsrepository://build.suse.de/SUSE:Updates:HPE-Helion-OpenStack:8:x86_64/update"]
smt_path: "SUSE/Updates/HPE-Helion-OpenStack/8/x86_64/update"
brand: "HPE Helion OpenStack"
0707010019CFBB000081A40000000000000000000000015B32C862000002ED000000FD0000000200000000000000000000004800000000ardana-osconfig-8.0+git.1530054754.b943409/roles/osconfig/vars/suse.yml#
# (c) Copyright 2017-2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
systemd_script_dir: /usr/lib/systemd/system
osconfig_debug_tools:
- tcpdump
- bind-utils
- iputils
- lsof
- strace
- curl
# - collectl
- numactl
0707010019D067000041ED0000000000000000000000045B32C86200000000000000FD0000000200000000000000000000003500000000ardana-osconfig-8.0+git.1530054754.b943409/roles/ssh0707010019D06A000041ED0000000000000000000000025B32C86200000000000000FD0000000200000000000000000000003E00000000ardana-osconfig-8.0+git.1530054754.b943409/roles/ssh/defaults0707010019D06B000081A40000000000000000000000015B32C86200000396000000FD0000000200000000000000000000004700000000ardana-osconfig-8.0+git.1530054754.b943409/roles/ssh/defaults/main.yml# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
---
# ssh defaults
ssh_sshd_config:
- regexp: "^#?PermitRootLogin "
line: "PermitRootLogin without-password"
- regexp: "^#?\\s*MaxSessions\\s+"
line: "MaxSessions 100"
- regexp: "^#?\\s*MaxStartups\\s+"
line: "MaxStartups 50:30:100"
0707010019D068000041ED0000000000000000000000025B32C86200000000000000FD0000000200000000000000000000003B00000000ardana-osconfig-8.0+git.1530054754.b943409/roles/ssh/tasks0707010019D069000081A40000000000000000000000015B32C8620000040C000000FD0000000200000000000000000000004400000000ardana-osconfig-8.0+git.1530054754.b943409/roles/ssh/tasks/main.yml# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
---
# ssh setup
- name: Configure sshd
become: yes
lineinfile:
regexp: "{{ item.regexp }}"
line: "{{ item.line }}"
dest: /etc/ssh/sshd_config
state: present
with_items: ssh_sshd_config
register: _ssh_sshd_config_updated
- name: Restart sshd
become: yes
service:
name: sshd
state: restarted
when: _ssh_sshd_config_updated | changed
0707010019D02B000041ED0000000000000000000000075B32C86200000000000000FD0000000200000000000000000000003800000000ardana-osconfig-8.0+git.1530054754.b943409/roles/sysctl0707010019D036000041ED0000000000000000000000025B32C86200000000000000FD0000000200000000000000000000004100000000ardana-osconfig-8.0+git.1530054754.b943409/roles/sysctl/defaults0707010019D037000081A40000000000000000000000015B32C8620000043D000000FD0000000200000000000000000000004A00000000ardana-osconfig-8.0+git.1530054754.b943409/roles/sysctl/defaults/main.yml#
# (c) Copyright 2015 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
# marker indicating that the file is managed by Ardana$
file_marker: '# ARDANA-MANAGED - Managed by Ardana - Do not edit'
# ardana kernel module file for modules needed by all servers
sysctl_kernel_module_file: /etc/modules-load.d/ardana_sysctl-modules.conf
# ardana managed sysctl.conf file
ardana_sysctl_conf_file: /etc/sysctl.d/ardana_sysctl.conf
# ardana fs.file-max as percent of total system memory
ardana_fs_file_max_percent: 0.10
0707010019D02F000041ED0000000000000000000000025B32C86200000000000000FD0000000200000000000000000000004100000000ardana-osconfig-8.0+git.1530054754.b943409/roles/sysctl/handlers0707010019D030000081A40000000000000000000000015B32C862000002DE000000FD0000000200000000000000000000004A00000000ardana-osconfig-8.0+git.1530054754.b943409/roles/sysctl/handlers/main.yml#
# (c) Copyright 2015 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- name: Load sysctl settings from file
shell: sysctl -p "{{ ardana_sysctl_conf_file }}"
0707010019D031000041ED0000000000000000000000025B32C86200000000000000FD0000000200000000000000000000003E00000000ardana-osconfig-8.0+git.1530054754.b943409/roles/sysctl/tasks0707010019D032000081A40000000000000000000000015B32C862000004EB000000FD0000000200000000000000000000004700000000ardana-osconfig-8.0+git.1530054754.b943409/roles/sysctl/tasks/main.yml#
# (c) Copyright 2015 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- name: Include list of common kernel modules
include_vars: ardana_kernel_modules.yml
- name: Load required kernel modules
modprobe: name={{ item }} state=present
with_items: kernel_modules | default([])
- name: Persist kernel modules for reboot
template:
src: sysctl_modules_load.conf.j2
dest: "{{ sysctl_kernel_module_file }}"
owner: root
group: root
mode: '0640'
- name: Configure kernel parameters
template:
src: ardana_sysctl.conf.j2
dest: "{{ ardana_sysctl_conf_file }}"
owner: root
group: root
mode: '0640'
notify:
- Load sysctl settings from file
0707010019D033000041ED0000000000000000000000025B32C86200000000000000FD0000000200000000000000000000004200000000ardana-osconfig-8.0+git.1530054754.b943409/roles/sysctl/templates0707010019D034000081A40000000000000000000000015B32C86200000894000000FD0000000200000000000000000000005800000000ardana-osconfig-8.0+git.1530054754.b943409/roles/sysctl/templates/ardana_sysctl.conf.j2{#
#
# (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
#}
{# CAUTION: when adding new settings to this template, make sure you are not
overwriting settings from another service with a different value. Services
which may be co-located on the same node with conflicting settings need to
resolve those conflicts and apply the conflicting settings conditionally. #}
{# fs.file-max set as a percentage of total system memory (in kB) #}
fs.file-max = {{ (ansible_memtotal_mb * 1024 * ardana_fs_file_max_percent)|round|int }}
{# rabbitmq-server #}
{% if 'FND-RMQ' in group.services %}
# 'FND-RMQ' RabbitMQ uses port 61000 so we must reduce the range by 1.
net.ipv4.ip_local_port_range = 32768 60999
{% endif %}
{# neutron-openvswitch-agent #}
# make sure to handle integrated and non-integrated deployer node cases.
{% for _svc in ['neutron-openvswitch-agent', 'lifecycle-manager'] %}
{% if _svc in group.services %}
# neutron-openvswitch-agent
net.ipv4.neigh.default.gc_thresh1 = 8192
net.ipv4.neigh.default.gc_thresh2 = 16384
net.ipv4.neigh.default.gc_thresh3 = 32768
{% endif %}
{% endfor %}
{# nova-compute #}
{% if 'nova-compute' in group.services %}
# nova-compute
vm.dirty_background_bytes = 16777216
vm.dirty_bytes = 33554432
vm.max_map_count = 65530
{% endif %}
{# sysctl settings which should be on all servers, regardless of services #}
# common
net.ipv4.tcp_keepalive_probes = 3
net.ipv4.tcp_syncookies = 0
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_keepalive_intvl = 5
net.ipv4.tcp_keepalive_time = 45
net.ipv4.tcp_tw_recycle = 1
net.nf_conntrack_max = 524288
fs.aio-max-nr = 1048576
0707010019D035000081A40000000000000000000000015B32C862000002D5000000FD0000000200000000000000000000005E00000000ardana-osconfig-8.0+git.1530054754.b943409/roles/sysctl/templates/sysctl_modules_load.conf.j2{#
#
# (c) Copyright 2015 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
#}
{{ file_marker }}
{% for module in kernel_modules %}
{{ module }}
{% endfor %}
0707010019D02C000041ED0000000000000000000000025B32C86200000000000000FD0000000200000000000000000000003D00000000ardana-osconfig-8.0+git.1530054754.b943409/roles/sysctl/vars0707010019D02D000081A40000000000000000000000015B32C86200000323000000FD0000000200000000000000000000005700000000ardana-osconfig-8.0+git.1530054754.b943409/roles/sysctl/vars/ardana_kernel_modules.yml#
# (c) Copyright 2015 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
# Kernel modules in this list will be loaded into memory and persisted for
# reboot across all servers.
kernel_modules:
- nf_conntrack_ipv4
- nf_conntrack_ipv60707010019D02E000081A40000000000000000000000015B32C86200000283000000FD0000000200000000000000000000004600000000ardana-osconfig-8.0+git.1530054754.b943409/roles/sysctl/vars/main.yml#
# (c) Copyright 2015 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
0707010019CFF4000041ED0000000000000000000000055B32C86200000000000000FD0000000200000000000000000000003600000000ardana-osconfig-8.0+git.1530054754.b943409/roles/udev0707010019CFF9000041ED0000000000000000000000025B32C86200000000000000FD0000000200000000000000000000003F00000000ardana-osconfig-8.0+git.1530054754.b943409/roles/udev/defaults0707010019CFFA000081A40000000000000000000000015B32C862000002DE000000FD0000000200000000000000000000004800000000ardana-osconfig-8.0+git.1530054754.b943409/roles/udev/defaults/main.yml#
# (c) Copyright 2015 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# Variables used in diskconfig play
---
udev_max_children_multiplier: 8
udev_min_events: 16
0707010019CFF5000041ED0000000000000000000000025B32C86200000000000000FD0000000200000000000000000000003C00000000ardana-osconfig-8.0+git.1530054754.b943409/roles/udev/tasks0707010019CFF6000081A40000000000000000000000015B32C86200000A5F000000FD0000000200000000000000000000004A00000000ardana-osconfig-8.0+git.1530054754.b943409/roles/udev/tasks/configure.yml#
# (c) Copyright 2015,2017 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# Play to set up lvm FS and mounts
---
- name: osconfig | udev config | remove udev rule
become: yes
file:
path: /lib/udev/rules.d/60-multipath.rules
state: absent
- name: osconfig | udev config | reload udev rules
become: yes
command: udevadm control --reload-rules
- name: osconfig | udev config | rebuild the initrd Debian
become: yes
command: /usr/sbin/update-initramfs -u -k all
when: ansible_os_family == 'Debian'
- name: osconfig | udev config | rebuild the initrd RedHat
become: yes
command: dracut -f
when: ansible_os_family == 'RedHat'
- name: osconfig | udev config | get the ncores
become: yes
shell: cat /proc/cpuinfo | grep processor | wc -l
register: num_cpus_output
- name: osconfig | udev config | calculate the multiplier
command: expr {{ udev_max_children_multiplier }} * {{ num_cpus_output.stdout }}
register: udev_max
- name: osconfig | udev config | calculate the children
become: yes
set_fact:
max_children_list: "[{{ udev_max.stdout }}, {{ udev_min_events }} ]"
- name: osconfig | udev config | calculate the max
become: yes
set_fact:
udev_max_children: "{{ max_children_list | max }}"
- name: osconfig | udev config | Set the running value
become: yes
command: udevadm control --children-max={{ udev_max_children }}
- name: osconfig | udev config | Set the unit file for Debian
become: yes
template: src=udev-unit.j2 dest=/lib/systemd/system/ardana-udev.service
when: ansible_os_family == 'Debian'
- name: osconfig | udev config | Set the unit file for RedHat
become: yes
template: src=udev-unit.j2 dest=/lib/systemd/system/ardana-udev.service
when: ansible_os_family == 'RedHat'
- name: osconfig | udev config | Set the unit file for SUSE
become: yes
template: src=udev-unit.j2 dest=/usr/lib/systemd/system/ardana-udev.service
when: ansible_os_family == 'Suse'
- name: osconfig | udev config | Enable the unit file
become: yes
service: name=ardana-udev enabled=yes state=started
0707010019CFF7000041ED0000000000000000000000025B32C86200000000000000FD0000000200000000000000000000004000000000ardana-osconfig-8.0+git.1530054754.b943409/roles/udev/templates0707010019CFF8000081A40000000000000000000000015B32C8620000039C000000FD0000000200000000000000000000004D00000000ardana-osconfig-8.0+git.1530054754.b943409/roles/udev/templates/udev-unit.j2{#
#
# (c) Copyright 2015 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
#}
[Unit]
Description=Service file to limit udev child processes for multipath suupport
Requires=systemd-udevd.service
After=systemd-udevd.service
[Service]
Restart=no
ExecStart=/sbin/udevadm control --children-max={{ udev_max_children }}
[Install]
WantedBy=systemd-udevd.service
0707010019CF41000081A40000000000000000000000015B32C862000002E8000000FD0000000200000000000000000000003600000000ardana-osconfig-8.0+git.1530054754.b943409/sysctl.yml#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- hosts: "{{ osconfig_resources | default('resources') }}"
become: yes
roles:
- sysctl
0707010019CF49000081A40000000000000000000000015B32C8620000031D000000FD0000000200000000000000000000003400000000ardana-osconfig-8.0+git.1530054754.b943409/udev.yml#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- hosts: "{{ osconfig_resources | default('resources') }}"
become: yes
roles:
- udev
tasks:
- include: roles/udev/tasks/configure.yml
0707010019CF55000081A40000000000000000000000015B32C8620000038C000000FD0000000200000000000000000000003A00000000ardana-osconfig-8.0+git.1530054754.b943409/wipe_disks.yml# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
---
- hosts: "{{ osconfig_resources | default('resources') }}"
roles:
- diskconfig
tasks:
- include: roles/diskconfig/tasks/get_disk_info.yml
- include: roles/diskconfig/tasks/wipe_confirmation.yml
- include: roles/diskconfig/tasks/wipe_disks.yml
0707010019D07B000081A40000000000000000000000015B32C862000003C0000000FD0000000200000000000000000000003D00000000ardana-osconfig-8.0+git.1530054754.b943409/wipe_one_disk.yml# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
---
- hosts: "{{ osconfig_resources | default('resources') }}"
roles:
- diskconfig
tasks:
- include: roles/diskconfig/tasks/wipe_one_check.yml
- include: roles/diskconfig/tasks/get_disk_info.yml
- include: roles/diskconfig/tasks/wipe_confirmation.yml
- include: roles/diskconfig/tasks/wipe_disks.yml
07070100000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000B00000000TRAILER!!!1375 blocks