As a continuation of a7f2fa73e6, this
change switches fact injection to off by default in the provided
ansible.cfg.
Signed-off-by: Alex Schultz <aschultz@redhat.com>
(cherry picked from commit db031a4993)
(cherry picked from commit 5fa4ff5ed3)
As of 2.10, group names containing a dash are invalid.
However, setting this option makes it still possible to use a dash in
group names and prevent this warning to show up.
It might need to be definitely addressed in a future ansible release.
Closes: https://bugzilla.redhat.com/show_bug.cgi?id=1880476
Signed-off-by: Guillaume Abrioux <gabrioux@redhat.com>
(cherry picked from commit 6938ed1302)
There's no need to enforce PreferredAuthentications by default.
Users can still choose to override the ansible.cfg with any additional
parameter like this one to fit their infrastructure.
Fixes: #4826
Signed-off-by: Guillaume Abrioux <gabrioux@redhat.com>
This change implements a filter_plugin that is used in the
ceph-facts, ceph-validate roles and infrastucture-playbooks.
The new filter plugin will return a list of all IP address
that reside in any one of the given IP ranges. The new filter
replaces the use of the ipaddr filter.
ceph.conf already support a comma separated list of CIDRs
for the public_network and cluster_network options.
Changes: [1] and [2] introduced a regression in ceph-ansible
where public_network can no longer be a comma separated list
of cidrs.
With this change a comma separated list of subnet CIDRs can
also be used for monitor_address_block and radosgw_address_block.
[1] commit: d67230b2a2
[2] commit: 20e4852888
Related-To: https://bugs.launchpad.net/tripleo/+bug/1840030
Related-To: https://bugzilla.redhat.com/show_bug.cgi?id=1740283Closes: #4333
Please backport to stable-4.0
Signed-off-by: Harald Jensås <hjensas@redhat.com>
Because we're using vagrant, a ssh config file will be created for
each nodes with options like user, host, port, identity, etc...
But via tox we're override ANSIBLE_SSH_ARGS to use this file. This
remove the default value set in ansible.cfg.
Also adding PreferredAuthentications=publickey because CentOS/RHEL
servers are configured with GSSAPIAuthenticationis enabled for ssh
server forcing the client to make a PTR DNS query.
Signed-off-by: Dimitri Savineau <dsavinea@redhat.com>
Ceph module path needs to be configured if we want to avoid issues
like:
no action detected in task. This often indicates a misspelled module
name, or incorrect module path
Currently the ansible-lint command in Travis CI complains about that.
Signed-off-by: Dimitri Savineau <dsavinea@redhat.com>
Since fact_caching_connection uses a directory in $HOME already, write the
ansible.log to the same directory.
Fixes: #3509
Signed-off-by: Patrick C. F. Ernzer <pcfe@redhat.com>
We see quite a few failures in the CI related to testing nodes losing
ssh connection. This modification allows ansible to retry more times and
wait longer before timing out. This seems to really affect testing
scenarios that use a large amount of testing nodes. The centos7_cluster
scenario specifically has 12 nodes and suffered from these failures
often.
Signed-off-by: Andrew Schoen <aschoen@redhat.com>
Having callback_plugins, and action plugins in random locations causes
a lot of disparity.
We should centralize this into one place in the plugins directory and
fix up the ansible.cfg to reflect this.
Additionally, since the ansible.cfg already reflects action_plugins, we
don't need a link to action_plugins in the base of the repository.
We noticed that sometime, ceph-ansible can fail with error :
`Failed to connect to the host via ssh:`
It can occurs after the task `restart firewalld` has been played.
Setting `retries` to 5 should prevent from unexcepted ssh failure.
Signed-off-by: Guillaume Abrioux <gabrioux@redhat.com>
CI slaves are slow so by setting a higher value we can avoid the following error:
Timeout (12s) waiting for privilege escalation prompt:
Now we wait for 32 sec...
More info here: https://github.com/ansible/ansible/issues/14426
Signed-off-by: Sébastien Han <seb@redhat.com>
On a Vagrant setup, every host is 127.0.0.1 and every user is vagrant.
To not have ansible do the same stuff on the same machine (the one
we connected first), we should keep the port as part of the
control path.
Also this helps in setups where different hosts might be hidden
behind the same IP, but on different ports (e.g. using DNAT).
Comments inside this file must be set BEFORE the option. NOT after the
option, otherwise the comment will be interpreted as a value to that
option.
Signed-off-by: Sébastien Han <seb@redhat.com>
If the comment is put after the line then it is interpreted so we need
to move it before and have a dedicated line.
Signed-off-by: Sébastien Han <seb@redhat.com>
Ability to log ansible plays in a log file. Default location is
/var/log/ansible.log
Be sure the user running Ansible has permissions on the logfile.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1445065
Signed-off-by: Sébastien Han <seb@redhat.com>
- Updates to allow running infrastructure-playbooks both from within its
directory or root directory of ceph-ansible.
Signed-off-by: Ivan Font <ifont@redhat.com>
Thanks to @cloudnull great patch at
https://github.com/ansible/ansible/pull/12555
we now have the ability to add more configuration options instead of
having to push a PR to add a new option to the template. So you can
dynamically add and remove flags.
To use it, edit `ceph_conf_overrides` in `group_vars/all` like so:
```
ceph_conf_overrides
global:
foo: 12345
bar: 6789
```
Signed-off-by: Sébastien Han <seb@redhat.com>
Use Vagrant's built-in support for Ansible provisioner. This eliminates the need
for a hosts file, and simplifies the ansible config file.
Renames config from .ansible.cfg to ansible.cfg since Ansible expects the file
to be called ansible.cfg and be adjacent to Vagrantfile when using the Vagrant
provisioner.