Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
systemsmanagement:Ardana:8
ardana-osconfig
ardana-osconfig-8.0+git.1610643571.91b88d6.obscpio
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File ardana-osconfig-8.0+git.1610643571.91b88d6.obscpio of Package ardana-osconfig
07070100000000000081A40000000000000000000000016000787300000014000000000000000000000000000000000000003C00000000ardana-osconfig-8.0+git.1610643571.91b88d6/.copyrightignorelibrary/hostname.py 07070100000001000081A40000000000000000000000016000787300000084000000000000000000000000000000000000003600000000ardana-osconfig-8.0+git.1610643571.91b88d6/.gitreview[gerrit] host=gerrit.suse.provo.cloud port=29418 project=ardana/osconfig-ansible.git defaultremote=ardana defaultbranch=stable/pike 07070100000002000081A4000000000000000000000001600078730000279F000000000000000000000000000000000000003300000000ardana-osconfig-8.0+git.1610643571.91b88d6/LICENSE Apache License Version 2.0, January 2004 http://www.apache.org/licenses/ TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION 1. Definitions. "License" shall mean the terms and conditions for use, reproduction, and distribution as defined by Sections 1 through 9 of this document. "Licensor" shall mean the copyright owner or entity authorized by the copyright owner that is granting the License. "Legal Entity" shall mean the union of the acting entity and all other entities that control, are controlled by, or are under common control with that entity. For the purposes of this definition, "control" means (i) the power, direct or indirect, to cause the direction or management of such entity, whether by contract or otherwise, or (ii) ownership of fifty percent (50%) or more of the outstanding shares, or (iii) beneficial ownership of such entity. "You" (or "Your") shall mean an individual or Legal Entity exercising permissions granted by this License. "Source" form shall mean the preferred form for making modifications, including but not limited to software source code, documentation source, and configuration files. "Object" form shall mean any form resulting from mechanical transformation or translation of a Source form, including but not limited to compiled object code, generated documentation, and conversions to other media types. "Work" shall mean the work of authorship, whether in Source or Object form, made available under the License, as indicated by a copyright notice that is included in or attached to the work (an example is provided in the Appendix below). "Derivative Works" shall mean any work, whether in Source or Object form, that is based on (or derived from) the Work and for which the editorial revisions, annotations, elaborations, or other modifications represent, as a whole, an original work of authorship. For the purposes of this License, Derivative Works shall not include works that remain separable from, or merely link (or bind by name) to the interfaces of, the Work and Derivative Works thereof. "Contribution" shall mean any work of authorship, including the original version of the Work and any modifications or additions to that Work or Derivative Works thereof, that is intentionally submitted to Licensor for inclusion in the Work by the copyright owner or by an individual or Legal Entity authorized to submit on behalf of the copyright owner. For the purposes of this definition, "submitted" means any form of electronic, verbal, or written communication sent to the Licensor or its representatives, including but not limited to communication on electronic mailing lists, source code control systems, and issue tracking systems that are managed by, or on behalf of, the Licensor for the purpose of discussing and improving the Work, but excluding communication that is conspicuously marked or otherwise designated in writing by the copyright owner as "Not a Contribution." "Contributor" shall mean Licensor and any individual or Legal Entity on behalf of whom a Contribution has been received by Licensor and subsequently incorporated within the Work. 2. Grant of Copyright License. Subject to the terms and conditions of this License, each Contributor hereby grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare Derivative Works of, publicly display, publicly perform, sublicense, and distribute the Work and such Derivative Works in Source or Object form. 3. Grant of Patent License. Subject to the terms and conditions of this License, each Contributor hereby grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable (except as stated in this section) patent license to make, have made, use, offer to sell, sell, import, and otherwise transfer the Work, where such license applies only to those patent claims licensable by such Contributor that are necessarily infringed by their Contribution(s) alone or by combination of their Contribution(s) with the Work to which such Contribution(s) was submitted. If You institute patent litigation against any entity (including a cross-claim or counterclaim in a lawsuit) alleging that the Work or a Contribution incorporated within the Work constitutes direct or contributory patent infringement, then any patent licenses granted to You under this License for that Work shall terminate as of the date such litigation is filed. 4. Redistribution. You may reproduce and distribute copies of the Work or Derivative Works thereof in any medium, with or without modifications, and in Source or Object form, provided that You meet the following conditions: (a) You must give any other recipients of the Work or Derivative Works a copy of this License; and (b) You must cause any modified files to carry prominent notices stating that You changed the files; and (c) You must retain, in the Source form of any Derivative Works that You distribute, all copyright, patent, trademark, and attribution notices from the Source form of the Work, excluding those notices that do not pertain to any part of the Derivative Works; and (d) If the Work includes a "NOTICE" text file as part of its distribution, then any Derivative Works that You distribute must include a readable copy of the attribution notices contained within such NOTICE file, excluding those notices that do not pertain to any part of the Derivative Works, in at least one of the following places: within a NOTICE text file distributed as part of the Derivative Works; within the Source form or documentation, if provided along with the Derivative Works; or, within a display generated by the Derivative Works, if and wherever such third-party notices normally appear. The contents of the NOTICE file are for informational purposes only and do not modify the License. You may add Your own attribution notices within Derivative Works that You distribute, alongside or as an addendum to the NOTICE text from the Work, provided that such additional attribution notices cannot be construed as modifying the License. You may add Your own copyright statement to Your modifications and may provide additional or different license terms and conditions for use, reproduction, or distribution of Your modifications, or for any such Derivative Works as a whole, provided Your use, reproduction, and distribution of the Work otherwise complies with the conditions stated in this License. 5. Submission of Contributions. Unless You explicitly state otherwise, any Contribution intentionally submitted for inclusion in the Work by You to the Licensor shall be under the terms and conditions of this License, without any additional terms or conditions. Notwithstanding the above, nothing herein shall supersede or modify the terms of any separate license agreement you may have executed with Licensor regarding such Contributions. 6. Trademarks. This License does not grant permission to use the trade names, trademarks, service marks, or product names of the Licensor, except as required for reasonable and customary use in describing the origin of the Work and reproducing the content of the NOTICE file. 7. Disclaimer of Warranty. Unless required by applicable law or agreed to in writing, Licensor provides the Work (and each Contributor provides its Contributions) on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied, including, without limitation, any warranties or conditions of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A PARTICULAR PURPOSE. You are solely responsible for determining the appropriateness of using or redistributing the Work and assume any risks associated with Your exercise of permissions under this License. 8. Limitation of Liability. In no event and under no legal theory, whether in tort (including negligence), contract, or otherwise, unless required by applicable law (such as deliberate and grossly negligent acts) or agreed to in writing, shall any Contributor be liable to You for damages, including any direct, indirect, special, incidental, or consequential damages of any character arising as a result of this License or out of the use or inability to use the Work (including but not limited to damages for loss of goodwill, work stoppage, computer failure or malfunction, or any and all other commercial damages or losses), even if such Contributor has been advised of the possibility of such damages. 9. Accepting Warranty or Additional Liability. While redistributing the Work or Derivative Works thereof, You may choose to offer, and charge a fee for, acceptance of support, warranty, indemnity, or other liability obligations and/or rights consistent with this License. However, in accepting such obligations, You may act only on Your own behalf and on Your sole responsibility, not on behalf of any other Contributor, and only if You agree to indemnify, defend, and hold each Contributor harmless for any liability incurred by, or claims asserted against, such Contributor by reason of your accepting any such warranty or additional liability. 07070100000003000081A400000000000000000000000160007873000002C9000000000000000000000000000000000000003500000000ardana-osconfig-8.0+git.1610643571.91b88d6/README.md (c) Copyright 2015 Hewlett Packard Enterprise Development LP (c) Copyright 2017 SUSE LLC Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. README ====== This repo contains the following roles: - OSCONFIG: Operating System Configuration 07070100000004000081A40000000000000000000000016000787300000D22000000000000000000000000000000000000003E00000000ardana-osconfig-8.0+git.1610643571.91b88d6/_osconfig-base.yml# # (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017-2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # # Common osconfig tasks we want to do during deployment and during an upgrade --- - include: _osconfig-setup-repos.yml - include: _osconfig-setup-fcoe.yml - hosts: "{{ osconfig_resources | default('resources') }}:!NOV-ESX:!NEU-OVSVAPP" become: yes roles: - multipath tasks: - include: roles/multipath/tasks/install.yml - hosts: "{{ osconfig_resources | default('resources') }}" become: yes tasks: - name: osconfig | diskconfig | Check if osconfig has run stat: path=/etc/openstack/osconfig-ran register: osconfig_ran_result - hosts: "{{ osconfig_resources | default('resources') }}:!*-HYP" become: yes tasks: - name: osconfig | diskconfig | Check if diskconfig has to be skipped stat: path=/etc/openstack/skip_disk_config register: skip_disk_config_result - hosts: "{{ osconfig_resources | default('resources') }}" become: yes roles: - diskconfig tasks: - include: roles/diskconfig/tasks/install.yml - include: roles/diskconfig/tasks/configure.yml when: (not osconfig_ran_result.stat.exists and not (skip_disk_config_result is defined and skip_disk_config_result.stat.exists)) - hosts: "{{ osconfig_resources | default('resources') }}" roles: - osconfig - cobbler - deployer-setup tasks: - include: roles/osconfig/tasks/marker.yml - hosts: "{{ osconfig_resources | default('resources') }}:&FND-MDB" roles: - diskconfig tasks: - include: roles/diskconfig/tasks/write_test.yml - hosts: "{{ osconfig_resources | default('resources') }}" roles: - cobbler - osconfig - package-consumer tasks: - include: roles/osconfig/tasks/setup-sudo-conf.yml - include: roles/osconfig/tasks/setup-hosts-file.yml - include: roles/osconfig/tasks/set-hostname.yml - include: roles/osconfig/tasks/setup-resolv-conf.yml - include: roles/osconfig/tasks/set-timezone.yml - include: roles/package-consumer/tasks/install.yml - include: roles/package-consumer/tasks/configure.yml - include: roles/osconfig/tasks/copy-ardana-version-file.yml - include: roles/osconfig/tasks/setup-systemd.yml - include: roles/osconfig/tasks/setup-kernel-parameters.yml - include: roles/osconfig/tasks/setup-hugepages.yml - include: roles/osconfig/tasks/setup-debug-tools.yml - include: roles/osconfig/tasks/set-bnx2x-opts.yml # For now, do not run the configure task - hosts: "{{ osconfig_resources | default('resources') }}" roles: - osconfig-probe tasks: - include: roles/osconfig-probe/tasks/install.yml - hosts: "{{ osconfig_resources | default('resources') }}" roles: - osconfig-common - include: sysctl.yml - include: udev.yml 07070100000005000081A400000000000000000000000160007873000005F6000000000000000000000000000000000000004600000000ardana-osconfig-8.0+git.1610643571.91b88d6/_osconfig-post-upgrade.yml# # (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017-2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # # Playbook to carry out post-upgrade actions for each osconfig # service/component based on the set of package upgrades for this node. --- - hosts: NEU-OVS tasks: - name: osconfig | _osconfig-post-upgrade | Debian - Enable openvswitch service service_restart: service: openvswitch-switch state: enabled become: yes when: (ansible_os_family | lower) == 'debian' - name: osconfig | _osconfig-post-upgrade | SUSE - Enable openvswitch service become: yes service: name: openvswitch state: started enabled: yes when: (ansible_os_family | lower) == 'suse' - name: osconfig | _osconfig-post-upgrade | RedHat - Enable openvswitch service become: yes service: name: openvswitch state: started enabled: yes when: (ansible_os_family | lower) == 'redhat' 07070100000006000081A400000000000000000000000160007873000005F6000000000000000000000000000000000000004500000000ardana-osconfig-8.0+git.1610643571.91b88d6/_osconfig-pre-upgrade.yml# # (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017-2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # # Playbook to carry out pre-upgrade actions for each osconfig # service/component based on the set of package upgrades for this node. --- - hosts: NEU-OVS tasks: - name: osconfig | _osconfig-pre-upgrade | Debian - Disable openvswitch service service_restart: service: openvswitch-switch state: disabled become: yes when: (ansible_os_family | lower) == 'debian' - name: osconfig | _osconfig-post-upgrade | SUSE - Disable openvswitch service become: yes service: name: openvswitch state: started enabled: no when: (ansible_os_family | lower) == 'suse' - name: osconfig | _osconfig-post-upgrade | RedHat - Disable openvswitch service become: yes service: name: openvswitch state: started enabled: no when: (ansible_os_family | lower) == 'redhat' 07070100000007000081A400000000000000000000000160007873000003CC000000000000000000000000000000000000004400000000ardana-osconfig-8.0+git.1610643571.91b88d6/_osconfig-setup-fcoe.yml# # (c) Copyright 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- - hosts: "{{ osconfig_resources | default('resources') }}:!NOV-ESX:!NEU-OVSVAPP" become: yes roles: - fcoe tasks: - include: roles/fcoe/tasks/check_fcoe_order.yml when: ansible_os_family == 'Debian' - include: roles/fcoe/tasks/install.yml - include: roles/fcoe/tasks/configure.yml tags: fcoe_enable 07070100000008000081A40000000000000000000000016000787300000635000000000000000000000000000000000000004500000000ardana-osconfig-8.0+git.1610643571.91b88d6/_osconfig-setup-repos.yml# # (c) Copyright 2016-2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017-2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- - hosts: localhost roles: - osconfig tasks: - include: roles/osconfig/tasks/setup-resolv-conf.yml - include: roles/osconfig/tasks/copy-ardana-version-file.yml - include: roles/osconfig/tasks/get-ptf-signing-key.yml tags: fcoe_enable - hosts: "{{ osconfig_resources | default('resources') }}" roles: - ssh - osconfig - cobbler - deployer-setup - thirdparty-repo tasks: - include: roles/osconfig/tasks/check-for-apt-repo.yml - include: roles/osconfig/tasks/check-for-yum-repo.yml - include: roles/osconfig/tasks/check-for-zypp-repo.yml - include: roles/cobbler/tasks/set-vars.yml - include: roles/osconfig/tasks/setup-apt.yml when: ansible_os_family == 'Debian' - include: roles/osconfig/tasks/setup-yum.yml when: ansible_os_family == 'RedHat' - include: roles/osconfig/tasks/setup-zypp.yml when: ansible_os_family == 'Suse' tags: fcoe_enable 07070100000009000081A400000000000000000000000160007873000005A6000000000000000000000000000000000000004100000000ardana-osconfig-8.0+git.1610643571.91b88d6/_osconfig-upgrade.yml# # (c) Copyright 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017-2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # # Playbook to carry out upgrade actions for each osconfig # service/component. --- # For now osconfig upgrade is just a repeat of a majorify of the osconfig # deploy actions, apart from some of the network configuration plays. - include: _osconfig-base.yml - include: osconfig-iptables-upgrade.yml - hosts: "{{ osconfig_resources | default('resources') }}" roles: - network_interface tasks: - include: roles/network_interface/tasks/configure_pci_to_nic_mappings.yml - include: roles/network_interface/tasks/update_mlx4_raw_udev_rules.yml when: ansible_os_family == "Debian" - hosts: "{{ osconfig_resources | default('resources') }}" roles: - network_interface tasks: - include: roles/network_interface/tasks/configure.yml when: ansible_os_family == "RedHat"0707010000000A000081A40000000000000000000000016000787300000392000000000000000000000000000000000000003F00000000ardana-osconfig-8.0+git.1610643571.91b88d6/_osconfig_probe.yml# # (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # # Top level playbook to run probe. Mostly exists for testing. - hosts: "{{ osconfig_resources | default('resources') }}" roles: - osconfig-probe tasks: - include: roles/osconfig-probe/tasks/install.yml - include: roles/osconfig-probe/tasks/configure.yml 0707010000000B000041ED0000000000000000000000026000787300000000000000000000000000000000000000000000003200000000ardana-osconfig-8.0+git.1610643571.91b88d6/config0707010000000C000081A400000000000000000000000160007873000003C9000000000000000000000000000000000000004400000000ardana-osconfig-8.0+git.1610643571.91b88d6/config/dpdk-symlinks.yml# (c) Copyright 2016-2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # # The following relative symlinks are created under the # my_cloud/config directory. --- symlinks: "osconfig/debian_dpdk.yml": "roles/network_interface/vars/debian_dpdk.yml" "osconfig/redhat_dpdk.yml": "roles/network_interface/vars/redhat_dpdk.yml" "osconfig/suse_dpdk.yml": "roles/network_interface/vars/suse_dpdk.yml" 0707010000000D000081A40000000000000000000000016000787300000331000000000000000000000000000000000000004900000000ardana-osconfig-8.0+git.1610643571.91b88d6/config/multipath-symlinks.yml# (c) Copyright 2015 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # # The following relative symlinks are created under the # my_cloud/config directory. --- symlinks: "multipath/multipath_settings.yml": "roles/multipath/vars/multipath_vars.yml" 0707010000000E000081A4000000000000000000000001600078730000032F000000000000000000000000000000000000004300000000ardana-osconfig-8.0+git.1610643571.91b88d6/config/pci-symlinks.yml# (c) Copyright 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # # The following relative symlinks are created under the # my_cloud/config directory. --- symlinks: "osconfig/pci_debian.yml": "roles/osconfig-network-pci/vars/pci_debian.yml" 0707010000000F000081A4000000000000000000000001600078730000038A000000000000000000000000000000000000004600000000ardana-osconfig-8.0+git.1610643571.91b88d6/config/sysctl-symlinks.yml# (c) Copyright 2015 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # # The following relative symlinks are created under the # my_cloud/config directory. --- symlinks: "osconfig/ardana_sysctl.conf.j2": "roles/sysctl/templates/ardana_sysctl.conf.j2" "osconfig/ardana_kernel_modules.yml": "roles/sysctl/vars/ardana_kernel_modules.yml" 07070100000010000081A400000000000000000000000160007873000002CD000000000000000000000000000000000000003B00000000ardana-osconfig-8.0+git.1610643571.91b88d6/fcoe-enable.yml# # (c) Copyright 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- - include: _osconfig-setup-repos.yml - include: _osconfig-setup-fcoe.yml 07070100000011000041ED0000000000000000000000026000787300000000000000000000000000000000000000000000003A00000000ardana-osconfig-8.0+git.1610643571.91b88d6/filter_plugins07070100000012000081A40000000000000000000000016000787300000367000000000000000000000000000000000000004300000000ardana-osconfig-8.0+git.1610643571.91b88d6/filter_plugins/chain.py# # (c) Copyright 2015 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # # Jinja2 filter to flatten (chain) lists together import itertools def chain(lists): return itertools.chain(*lists) class FilterModule(object): def filters(self): return { 'chain': chain, } 07070100000013000081A4000000000000000000000001600078730000064C000000000000000000000000000000000000004A00000000ardana-osconfig-8.0+git.1610643571.91b88d6/filter_plugins/device_group.py# # (c) Copyright 2015 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # # Usage : # {device_groups:[{name:N1, consumer:C1, ...}, # {name:N2, consumer:C2, ...}, # ...]} | device_group(N2, C2) # => {name:N2, consumer:C2, ...} def device_group(data, dg_name, dg_consumer): output = None for dg in data.get("device_groups", []): # skip if doesn't match require name name = dg.get("name") if not name or name != dg_name: continue # skip if doesn't have a consumer entry consumer = dg.get("consumer") if not consumer: continue # skip if consumer name doesn't match required consumer consumer_name = consumer.get("name") if not consumer_name or consumer_name != dg_consumer: continue # found a matching device group, so return it output = dg break return output class FilterModule(object): def filters(self): return {'device_group': device_group} 07070100000014000081A40000000000000000000000016000787300000558000000000000000000000000000000000000004C00000000ardana-osconfig-8.0+git.1610643571.91b88d6/filter_plugins/fcoe_boot_args.py# # (c) Copyright 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # # return kernel boot arguments for given fcoe interface from ansible.errors import AnsibleFilterError def fcoe_boot_args(host_info, iface): ret = "" iface_entry = 'ansible_%s' % iface iface_info = host_info.get(iface_entry) if iface_info is None: raise AnsibleFilterError("Interface not found: '%s'" % iface) iface_mac = iface_info.get('macaddress') if iface_mac is None: raise AnsibleFilterError("No MAC address available for interface: " "'%s'" % iface) return "fcoe=%s:nodcb iface=%s:%s" % (iface, iface, iface_mac) class FilterModule(object): def filters(self): return { 'fcoe_boot_args': fcoe_boot_args, } 07070100000015000081A4000000000000000000000001600078730000052D000000000000000000000000000000000000004400000000ardana-osconfig-8.0+git.1610643571.91b88d6/filter_plugins/isatty.py# # (c) Copyright 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # # return list of devices that are ttys import os import subprocess from ansible import errors def isatty(devices): ret_list=[] for device in devices: devpath = "/dev/tty" + device if not os.path.exists(devpath): return None try: output = subprocess.check_output(['/sbin/udevadm', 'info', '-x', devpath]) except Exception as e: raise errors.AnsibleFilterError("Failed to open device %s, %s" % (devpath, str(e))) if "/devices/pnp" in output: ret_list.append(device) return ret_list class FilterModule(object): def filters(self): return { 'isatty': isatty, } 07070100000016000081A400000000000000000000000160007873000026E9000000000000000000000000000000000000004C00000000ardana-osconfig-8.0+git.1610643571.91b88d6/filter_plugins/pci_interfaces.py# # (c) Copyright 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017-2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # # This plugin provides the following filters. # pci_changed: This is to determine whether any configuration for a # PCI interface changed or not. # pci_deleted: This is to determine whether the existing interface is # moved from PCI device to non-PCI device. # pci_config_script_list: This is to get a list of config scripts # for PCI interfaces which are newly added, or changed, # or deleted. # pci_add_update_delete_list: This is to get a list of PCI interfaces # which are newly added, or changed, or deleted. # pci_packages: This is to get a list of packages to be installed # on a host based on the drivers specified # pci_modules: This is to get a list of modules to be installed on # a host based on the drivers specified. # pci_validate_multi_port_interfaces: This is to validate that vf_count # is not configured for more than one port of multi-port # interfaces. # pci_hw_address: Get the pci bus address of the pci card using # the device name by searching a mapping table. # pci_dpdk_nic_driver: Get the name of the driver used by the DPDK # pci device devname # from ansible import errors def pci_changed(new_list, old_list): """Returns True or False based on the two lists are same or not.""" for new_entry in new_list: match_found = False for old_entry in old_list: if (new_entry['device'] == old_entry['device'] and new_entry.get('config_script', None) == old_entry['config_script'] and new_entry['vf_count'] == old_entry['vf_count'] and new_entry['nic_device_type']['device_id'] == old_entry['device_id']): # A match is found. No change for that entry. match_found = True break if not match_found: # This means that the entry is changed in the new list. # As there is at least one change detected, we can declare # that two lists are not the same. return True # Nothing got changed. Return False. return False def pci_deleted(new_list, old_list): """Returns list of elements in old_list which are not present in new list.""" delete_list = [] for entry in old_list: # Check whether bus addresses and interface names match in the two lists for # each entry. bus_addr_matches = [x for x in new_list if x['bus_address'] == entry['bus_address'] and x.get('config_script', None)] device_matches = [x for x in new_list if x['device'] == entry['device'] and x.get('config_script', None)] if not (bus_addr_matches and device_matches): delete_list.append(entry) return delete_list def pci_config_script_list(new_list, old_list): """Returns a list of config scripts. Returns a list of config scripts from the list of added, modified and deleted interfaces so that post_configure operation can be performed. """ config_script_list = [] for new_entry in new_list: match_found = False for old_entry in old_list: if (new_entry['device'] == old_entry['device'] and new_entry.get('config_script', None) == old_entry['config_script'] and new_entry['vf_count'] == old_entry['vf_count'] and new_entry['nic_device_type']['device_id'] == old_entry['device_id']): # A match is found. No change for that entry. match_found = True break if not match_found: # This means that the entry is changed in the new list. # Or, the entry is totally new one. # Add the config_script to the list. config_script_list.append(new_entry['config_script']) # Check for deleted interfaces. Post-configure operation is # required for deleted interfaces as well. delete_list = pci_deleted(new_list, old_list) for entry in delete_list: config_script_list.append(entry['config_script']) # Return the final list with unique elements return config_script_list def pci_add_update_delete_list(new_list, old_list): """Returns a list of PCI interfaces which are added/modified/deleted.""" add_modify_list = [] for new_entry in new_list: match_found = False for old_entry in old_list: if (new_entry['device'] == old_entry['device'] and new_entry.get('config_script', None) == old_entry['config_script'] and new_entry['vf_count'] == old_entry['vf_count'] and new_entry['nic_device_type']['device_id'] == old_entry['device_id']): # A match is found. No change for that entry. match_found = True break if not match_found: # This means that the entry is changed in the new list. # Or, the entry is totally new one. # Add the config_script to the list. add_modify_list.append(new_entry) # Check for deleted interfaces. delete_list = pci_deleted(new_list, old_list) # Return the final list with unique elements return add_modify_list + delete_list def _pci_packages(network_pci_pt_sriov_interfaces, package_list): pkg_list = [] for interface in network_pci_pt_sriov_interfaces: for pkg in package_list: for k,v in pkg.items(): matched_drivers = [driver for driver in v['drivers'] if driver == interface['driver']] if matched_drivers: pkg_list.append(pkg) return pkg_list def pci_packages(network_pci_pt_sriov_interfaces, package_list): """Returns a list of packages with matching drivers in network_pci_pt_sriov_interfaces.""" lst = [] tmp_pkg_list = _pci_packages(network_pci_pt_sriov_interfaces, package_list) for pkg in tmp_pkg_list: for k, v in pkg.items(): lst.append(k) return lst def pci_modules(network_pci_pt_sriov_interfaces, package_list): """Returns a list of modules from the package list.""" mod_list = [] tmp_pkg_list = _pci_packages(network_pci_pt_sriov_interfaces, package_list) for pkg in tmp_pkg_list: for k, v in pkg.items(): mod_list = mod_list + v['modules'] return mod_list def pci_validate_multi_port_interfaces(multi_port_interfaces, config_scripts): """Returns an error string after performing a validation check on multi-port interfaces. Validation performed: For multi-port interfaces, vf_count cannot be configured for more than one port. """ for interface in multi_port_interfaces: matched_bus_addresses = [x for x in multi_port_interfaces if x['bus_address'] == interface['bus_address']] bus_addresses_with_vfs = [y for y in matched_bus_addresses if 'vf_count' in y] if len(bus_addresses_with_vfs) > 1: for bus_address in bus_addresses_with_vfs: for script in config_scripts: if (bus_address['config_script'] == script['name'] and script.get('multi_vf_allowed', 'false') == 'false'): return "For multi-port interfaces, vf_count cannot be configured for more than one port. bus_address = %s" % bus_address['bus_address'] return "" def pci_hw_address(devname, mapping_table): if not devname: raise errors.AnsibleFilterError("ERROR: null or empty device name") hw_address = '' for mapping in mapping_table: if mapping.get('logical_name', '') == devname: hw_address = mapping.get('bus_address', '') break if not hw_address: raise errors.AnsibleFilterError("ERROR: PCI H/W address " "not found for " + devname) return hw_address def pci_dpdk_nic_driver(devname, dpdk_device_table): if not devname: raise errors.AnsibleFilterError("ERROR: null or empty device name") try: fnd_ovs = dpdk_device_table.get('FND_OVS') devices = fnd_ovs.get('devices', []) driver = '' for device in devices: if devname == device.get('device', ''): driver = device.get('driver', '') break except Exception as e: raise errors.AnsibleFilterError("ERROR: invalid DPDK device table:\n" "Exception: %s" % str(e)) if not driver: raise errors.AnsibleFilterError("ERROR: DPDK driver not found " "for device " + devname) return driver class FilterModule(object): def filters(self): return {'pci_changed': pci_changed, 'pci_deleted': pci_deleted, 'pci_config_script_list': pci_config_script_list, 'pci_add_update_delete_list': pci_add_update_delete_list, 'pci_packages': pci_packages, 'pci_modules': pci_modules, 'pci_validate_multi_port_interfaces': pci_validate_multi_port_interfaces, 'pci_hw_address': pci_hw_address, 'pci_dpdk_nic_driver': pci_dpdk_nic_driver } 07070100000017000081A40000000000000000000000016000787300000438000000000000000000000000000000000000004C00000000ardana-osconfig-8.0+git.1610643571.91b88d6/filter_plugins/routing_tables.py# # (c) Copyright 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # def routing_tables(ifdictlistlist): ''' Recover all routing_tables in a nested list of interface specifications ''' output = [] for ifdictlist in ifdictlistlist: for ifdict in ifdictlist: if 'routing_table' in ifdict: output.append(ifdict['routing_table']) return output class FilterModule(object): def filters(self): return {'routing_tables': routing_tables} 07070100000018000081A40000000000000000000000016000787300000352000000000000000000000000000000000000004300000000ardana-osconfig-8.0+git.1610643571.91b88d6/filter_plugins/split.py# # (c) Copyright 2015 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # # Jinja2 filter to split a string import os def split(string, *sep): return string.split(*sep) class FilterModule(object): def filters(self): return { 'split': split, } 07070100000019000041ED0000000000000000000000026000787300000000000000000000000000000000000000000000003300000000ardana-osconfig-8.0+git.1610643571.91b88d6/library0707010000001A000081A40000000000000000000000016000787300005345000000000000000000000000000000000000003F00000000ardana-osconfig-8.0+git.1610643571.91b88d6/library/hostname.py#!/usr/bin/python # -*- coding: utf-8 -*- # (c) 2013, Hiroaki Nakamura <hnakamur@gmail.com> # # This file is part of Ansible # # Ansible is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 3 of the License, or # (at your option) any later version. # # Ansible is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with Ansible. If not, see <http://www.gnu.org/licenses/>. DOCUMENTATION = ''' --- module: hostname author: - "Hiroaki Nakamura (@hnakamur)" - "Hideki Saito (@saito-hideki)" version_added: "1.4" short_description: Manage hostname requirements: [ hostname ] description: - Set system's hostname. - Currently implemented on Debian, Ubuntu, Fedora, RedHat, openSUSE, Linaro, ScientificLinux, Arch, CentOS, AMI. - Any distribution that uses systemd as their init system. - Note, this module does *NOT* modify /etc/hosts. You need to modify it yourself using other modules like template or replace. options: name: required: true description: - Name of the host ''' EXAMPLES = ''' - hostname: name=web01 ''' import socket from distutils.version import LooseVersion # import module snippets from ansible.module_utils.basic import * class UnimplementedStrategy(object): def __init__(self, module): self.module = module def get_current_hostname(self): self.unimplemented_error() def set_current_hostname(self, name): self.unimplemented_error() def get_permanent_hostname(self): self.unimplemented_error() def set_permanent_hostname(self, name): self.unimplemented_error() def unimplemented_error(self): platform = get_platform() distribution = get_distribution() if distribution is not None: msg_platform = '%s (%s)' % (platform, distribution) else: msg_platform = platform self.module.fail_json( msg='hostname module cannot be used on platform %s' % msg_platform) class Hostname(object): """ This is a generic Hostname manipulation class that is subclassed based on platform. A subclass may wish to set different strategy instance to self.strategy. All subclasses MUST define platform and distribution (which may be None). """ platform = 'Generic' distribution = None strategy_class = UnimplementedStrategy def __new__(cls, *args, **kwargs): return load_platform_subclass(Hostname, args, kwargs) def __init__(self, module): self.module = module self.name = module.params['name'] self.strategy = self.strategy_class(module) def get_current_hostname(self): return self.strategy.get_current_hostname() def set_current_hostname(self, name): self.strategy.set_current_hostname(name) def get_permanent_hostname(self): return self.strategy.get_permanent_hostname() def set_permanent_hostname(self, name): self.strategy.set_permanent_hostname(name) class GenericStrategy(object): """ This is a generic Hostname manipulation strategy class. A subclass may wish to override some or all of these methods. - get_current_hostname() - get_permanent_hostname() - set_current_hostname(name) - set_permanent_hostname(name) """ def __init__(self, module): self.module = module self.hostname_cmd = self.module.get_bin_path('hostname', True) def get_current_hostname(self): cmd = [self.hostname_cmd] rc, out, err = self.module.run_command(cmd) if rc != 0: self.module.fail_json(msg="Command failed rc=%d, out=%s, err=%s" % (rc, out, err)) return out.strip() def set_current_hostname(self, name): cmd = [self.hostname_cmd, name] rc, out, err = self.module.run_command(cmd) if rc != 0: self.module.fail_json(msg="Command failed rc=%d, out=%s, err=%s" % (rc, out, err)) def get_permanent_hostname(self): return None def set_permanent_hostname(self, name): pass # =========================================== class DebianStrategy(GenericStrategy): """ This is a Debian family Hostname manipulation strategy class - it edits the /etc/hostname file. """ HOSTNAME_FILE = '/etc/hostname' def get_permanent_hostname(self): if not os.path.isfile(self.HOSTNAME_FILE): try: open(self.HOSTNAME_FILE, "a").write("") except IOError, err: self.module.fail_json(msg="failed to write file: %s" % str(err)) try: f = open(self.HOSTNAME_FILE) try: return f.read().strip() finally: f.close() except Exception, err: self.module.fail_json(msg="failed to read hostname: %s" % str(err)) def set_permanent_hostname(self, name): try: f = open(self.HOSTNAME_FILE, 'w+') try: f.write("%s\n" % name) finally: f.close() except Exception, err: self.module.fail_json(msg="failed to update hostname: %s" % str(err)) # =========================================== class SLESStrategy(GenericStrategy): """ This is a SLES Hostname strategy class - it edits the /etc/HOSTNAME file. """ HOSTNAME_FILE = '/etc/HOSTNAME' def get_permanent_hostname(self): if not os.path.isfile(self.HOSTNAME_FILE): try: open(self.HOSTNAME_FILE, "a").write("") except IOError, err: self.module.fail_json(msg="failed to write file: %s" % str(err)) try: f = open(self.HOSTNAME_FILE) try: return f.read().strip() finally: f.close() except Exception, err: self.module.fail_json(msg="failed to read hostname: %s" % str(err)) def set_permanent_hostname(self, name): try: f = open(self.HOSTNAME_FILE, 'w+') try: f.write("%s\n" % name) finally: f.close() except Exception, err: self.module.fail_json(msg="failed to update hostname: %s" % str(err)) # =========================================== class RedHatStrategy(GenericStrategy): """ This is a Redhat Hostname strategy class - it edits the /etc/sysconfig/network file. """ NETWORK_FILE = '/etc/sysconfig/network' def get_permanent_hostname(self): try: f = open(self.NETWORK_FILE, 'rb') try: for line in f.readlines(): if line.startswith('HOSTNAME'): k, v = line.split('=') return v.strip() finally: f.close() except Exception, err: self.module.fail_json(msg="failed to read hostname: %s" % str(err)) def set_permanent_hostname(self, name): try: lines = [] found = False f = open(self.NETWORK_FILE, 'rb') try: for line in f.readlines(): if line.startswith('HOSTNAME'): lines.append("HOSTNAME=%s\n" % name) found = True else: lines.append(line) finally: f.close() if not found: lines.append("HOSTNAME=%s\n" % name) f = open(self.NETWORK_FILE, 'w+') try: f.writelines(lines) finally: f.close() except Exception, err: self.module.fail_json(msg="failed to update hostname: %s" % str(err)) # =========================================== class SystemdStrategy(GenericStrategy): """ This is a Systemd hostname manipulation strategy class - it uses the hostnamectl command. """ def get_current_hostname(self): cmd = ['hostname'] rc, out, err = self.module.run_command(cmd) if rc != 0: self.module.fail_json(msg="Command failed rc=%d, out=%s, err=%s" % (rc, out, err)) return out.strip() def set_current_hostname(self, name): if len(name) > 64: self.module.fail_json(msg="name cannot be longer than 64 characters on systemd servers, try a shorter name") cmd = ['hostnamectl', '--transient', 'set-hostname', name] rc, out, err = self.module.run_command(cmd) if rc != 0: self.module.fail_json(msg="Command failed rc=%d, out=%s, err=%s" % (rc, out, err)) def get_permanent_hostname(self): cmd = ['hostnamectl', '--static', 'status'] rc, out, err = self.module.run_command(cmd) if rc != 0: self.module.fail_json(msg="Command failed rc=%d, out=%s, err=%s" % (rc, out, err)) return out.strip() def set_permanent_hostname(self, name): if len(name) > 64: self.module.fail_json(msg="name cannot be longer than 64 characters on systemd servers, try a shorter name") cmd = ['hostnamectl', '--pretty', 'set-hostname', name] rc, out, err = self.module.run_command(cmd) if rc != 0: self.module.fail_json(msg="Command failed rc=%d, out=%s, err=%s" % (rc, out, err)) cmd = ['hostnamectl', '--static', 'set-hostname', name] rc, out, err = self.module.run_command(cmd) if rc != 0: self.module.fail_json(msg="Command failed rc=%d, out=%s, err=%s" % (rc, out, err)) # =========================================== class OpenRCStrategy(GenericStrategy): """ This is a Gentoo (OpenRC) Hostname manipulation strategy class - it edits the /etc/conf.d/hostname file. """ HOSTNAME_FILE = '/etc/conf.d/hostname' def get_permanent_hostname(self): try: try: f = open(self.HOSTNAME_FILE, 'r') for line in f: line = line.strip() if line.startswith('hostname='): return line[10:].strip('"') except Exception, err: self.module.fail_json(msg="failed to read hostname: %s" % str(err)) finally: f.close() return None def set_permanent_hostname(self, name): try: try: f = open(self.HOSTNAME_FILE, 'r') lines = [x.strip() for x in f] for i, line in enumerate(lines): if line.startswith('hostname='): lines[i] = 'hostname="%s"' % name break f.close() f = open(self.HOSTNAME_FILE, 'w') f.write('\n'.join(lines) + '\n') except Exception, err: self.module.fail_json(msg="failed to update hostname: %s" % str(err)) finally: f.close() # =========================================== class OpenBSDStrategy(GenericStrategy): """ This is a OpenBSD family Hostname manipulation strategy class - it edits the /etc/myname file. """ HOSTNAME_FILE = '/etc/myname' def get_permanent_hostname(self): if not os.path.isfile(self.HOSTNAME_FILE): try: open(self.HOSTNAME_FILE, "a").write("") except IOError, err: self.module.fail_json(msg="failed to write file: %s" % str(err)) try: f = open(self.HOSTNAME_FILE) try: return f.read().strip() finally: f.close() except Exception, err: self.module.fail_json(msg="failed to read hostname: %s" % str(err)) def set_permanent_hostname(self, name): try: f = open(self.HOSTNAME_FILE, 'w+') try: f.write("%s\n" % name) finally: f.close() except Exception, err: self.module.fail_json(msg="failed to update hostname: %s" % str(err)) # =========================================== class SolarisStrategy(GenericStrategy): """ This is a Solaris11 or later Hostname manipulation strategy class - it execute hostname command. """ def set_current_hostname(self, name): cmd_option = '-t' cmd = [self.hostname_cmd, cmd_option, name] rc, out, err = self.module.run_command(cmd) if rc != 0: self.module.fail_json(msg="Command failed rc=%d, out=%s, err=%s" % (rc, out, err)) def get_permanent_hostname(self): fmri = 'svc:/system/identity:node' pattern = 'config/nodename' cmd = '/usr/sbin/svccfg -s %s listprop -o value %s' % (fmri, pattern) rc, out, err = self.module.run_command(cmd, use_unsafe_shell=True) if rc != 0: self.module.fail_json(msg="Command failed rc=%d, out=%s, err=%s" % (rc, out, err)) return out.strip() def set_permanent_hostname(self, name): cmd = [self.hostname_cmd, name] rc, out, err = self.module.run_command(cmd) if rc != 0: self.module.fail_json(msg="Command failed rc=%d, out=%s, err=%s" % (rc, out, err)) # =========================================== class FreeBSDStrategy(GenericStrategy): """ This is a FreeBSD hostname manipulation strategy class - it edits the /etc/rc.conf.d/hostname file. """ HOSTNAME_FILE = '/etc/rc.conf.d/hostname' def get_permanent_hostname(self): if not os.path.isfile(self.HOSTNAME_FILE): try: open(self.HOSTNAME_FILE, "a").write("hostname=temporarystub\n") except IOError, err: self.module.fail_json(msg="failed to write file: %s" % str(err)) try: try: f = open(self.HOSTNAME_FILE, 'r') for line in f: line = line.strip() if line.startswith('hostname='): return line[10:].strip('"') except Exception, err: self.module.fail_json(msg="failed to read hostname: %s" % str(err)) finally: f.close() return None def set_permanent_hostname(self, name): try: try: f = open(self.HOSTNAME_FILE, 'r') lines = [x.strip() for x in f] for i, line in enumerate(lines): if line.startswith('hostname='): lines[i] = 'hostname="%s"' % name break f.close() f = open(self.HOSTNAME_FILE, 'w') f.write('\n'.join(lines) + '\n') except Exception, err: self.module.fail_json(msg="failed to update hostname: %s" % str(err)) finally: f.close() # =========================================== class FedoraHostname(Hostname): platform = 'Linux' distribution = 'Fedora' strategy_class = SystemdStrategy class SLESHostname(Hostname): platform = 'Linux' distribution = 'Suse linux enterprise server ' distribution_version = get_distribution_version() if distribution_version and LooseVersion(distribution_version) >= LooseVersion("12"): strategy_class = SystemdStrategy elif distribution_version and LooseVersion("10") <= LooseVersion(distribution_version) <= LooseVersion("12"): strategy_class = SLESStrategy else: strategy_class = UnimplementedStrategy class OpenSUSEHostname(Hostname): platform = 'Linux' distribution = 'Opensuse ' strategy_class = SystemdStrategy class ArchHostname(Hostname): platform = 'Linux' distribution = 'Arch' strategy_class = SystemdStrategy class RedHat5Hostname(Hostname): platform = 'Linux' distribution = 'Redhat' strategy_class = RedHatStrategy class RedHatServerHostname(Hostname): platform = 'Linux' distribution = 'Red hat enterprise linux server' distribution_version = get_distribution_version() if distribution_version and LooseVersion(distribution_version) >= LooseVersion("7"): strategy_class = SystemdStrategy else: strategy_class = RedHatStrategy class RedHatWorkstationHostname(Hostname): platform = 'Linux' distribution = 'Red hat enterprise linux workstation' distribution_version = get_distribution_version() if distribution_version and LooseVersion(distribution_version) >= LooseVersion("7"): strategy_class = SystemdStrategy else: strategy_class = RedHatStrategy class CentOSHostname(Hostname): platform = 'Linux' distribution = 'Centos' distribution_version = get_distribution_version() if distribution_version and LooseVersion(distribution_version) >= LooseVersion("7"): strategy_class = SystemdStrategy else: strategy_class = RedHatStrategy class CentOSLinuxHostname(Hostname): platform = 'Linux' distribution = 'Centos linux' distribution_version = get_distribution_version() if distribution_version and LooseVersion(distribution_version) >= LooseVersion("7"): strategy_class = SystemdStrategy else: strategy_class = RedHatStrategy class ScientificHostname(Hostname): platform = 'Linux' distribution = 'Scientific' distribution_version = get_distribution_version() if distribution_version and LooseVersion(distribution_version) >= LooseVersion("7"): strategy_class = SystemdStrategy else: strategy_class = RedHatStrategy class ScientificLinuxHostname(Hostname): platform = 'Linux' distribution = 'Scientific linux' distribution_version = get_distribution_version() if distribution_version and LooseVersion(distribution_version) >= LooseVersion("7"): strategy_class = SystemdStrategy else: strategy_class = RedHatStrategy class OracleLinuxHostname(Hostname): platform = 'Linux' distribution = 'Oracle linux server' distribution_version = get_distribution_version() if distribution_version and LooseVersion(distribution_version) >= LooseVersion("7"): strategy_class = SystemdStrategy else: strategy_class = RedHatStrategy class AmazonLinuxHostname(Hostname): platform = 'Linux' distribution = 'Amazon' strategy_class = RedHatStrategy class DebianHostname(Hostname): platform = 'Linux' distribution = 'Debian' strategy_class = DebianStrategy class KaliHostname(Hostname): platform = 'Linux' distribution = 'Kali' strategy_class = DebianStrategy class UbuntuHostname(Hostname): platform = 'Linux' distribution = 'Ubuntu' strategy_class = DebianStrategy class LinuxmintHostname(Hostname): platform = 'Linux' distribution = 'Linuxmint' strategy_class = DebianStrategy class LinaroHostname(Hostname): platform = 'Linux' distribution = 'Linaro' strategy_class = DebianStrategy class GentooHostname(Hostname): platform = 'Linux' distribution = 'Gentoo base system' strategy_class = OpenRCStrategy class ALTLinuxHostname(Hostname): platform = 'Linux' distribution = 'Altlinux' strategy_class = RedHatStrategy class OpenBSDHostname(Hostname): platform = 'OpenBSD' distribution = None strategy_class = OpenBSDStrategy class SolarisHostname(Hostname): platform = 'SunOS' distribution = None strategy_class = SolarisStrategy class FreeBSDHostname(Hostname): platform = 'FreeBSD' distribution = None strategy_class = FreeBSDStrategy # =========================================== def main(): module = AnsibleModule( argument_spec = dict( name=dict(required=True, type='str') ) ) hostname = Hostname(module) changed = False name = module.params['name'] current_name = hostname.get_current_hostname() if current_name != name: hostname.set_current_hostname(name) changed = True permanent_name = hostname.get_permanent_hostname() if permanent_name != name: hostname.set_permanent_hostname(name) changed = True module.exit_json(changed=changed, name=name, ansible_facts=dict(ansible_hostname=name.split('.')[0], ansible_nodename=name, ansible_fqdn=socket.getfqdn(), ansible_domain='.'.join(socket.getfqdn().split('.')[1:]))) main() 0707010000001B000081A40000000000000000000000016000787300005CDA000000000000000000000000000000000000004300000000ardana-osconfig-8.0+git.1610643571.91b88d6/library/iptables_update#!/usr/bin/python # -*- coding: utf-8 -*- # # Copyright 2011 OpenStack Foundation. # # (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017-2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # DOCUMENTATION = ''' --- module: iptables short_description: A module for adding iptables rules. ''' import contextlib import errno import fcntl import hashlib import logging import logging.handlers import os import signal import socket import time LOG = logging.getLogger(__name__) ROOT_PREFIX = 'ardana-INPUT' MAX_CHAIN_NAME_LEN = 28 MAX_COMMENT_LEN = 256 FILTER_TABLE_NAME = 'filter' FILTER_LINE = '*filter' COMMIT_LINE = 'COMMIT' def main(): module = AnsibleModule( argument_spec=dict( enable=dict(required=False, choices=BOOLEANS+['True', True, 'False', False], default=True), logging=dict(required=False, choices=BOOLEANS+['True', True, 'False', False], default=True), rules=dict(type='dict', required=False, default=None), ardana_chains=dict(type='list', default=[], required=False), command=dict(required=False, default=None), lock_path=dict(required=True), lock_name=dict(required=True), lock_timeout=dict(type='int', required=False, default=120), synchronized_prefix=dict(required=False, default=None), os_family=dict(required=True), ), supports_check_mode=False ) init_logging() enable = module.boolean(module.params['enable']) logging = module.boolean(module.params['logging']) rules = module.params['rules'] chains = module.params['ardana_chains'] command = module.params['command'] lock_path = module.params['lock_path'] lock_name = module.params['lock_name'] lock_timeout = module.params['lock_timeout'] synchronized_prefix = module.params['synchronized_prefix'] if module.params['os_family'] == 'Debian': persist_file_ip4 = '/etc/iptables/rules.v4' persist_file_ip6 = '/etc/iptables/rules.v6' else: persist_file_ip4 = '/etc/sysconfig/iptables' persist_file_ip6 = '/etc/sysconfig/ip6tables' root_prefix = ROOT_PREFIX new_cmds = [] new_cmds_ip6 = [] if rules and command: msg = 'Cannot specify both rules and command' module.fail_json(msg) if rules: LOG.info("Installing iptables/ip6tables filter rules") # Pre-build the ip4 and ip6 rules we want to install if enable: create_root_chains(chains, root_prefix, new_cmds, new_cmds_ip6) append_rules(module, rules, root_prefix, new_cmds, new_cmds_ip6) append_default_rules(chains, root_prefix, logging, new_cmds, new_cmds_ip6) try: with lock(lock_name, synchronized_prefix, lock_path, lock_timeout): update_iptables_filters(module, root_prefix, new_cmds, 'iptables') update_iptables_filters(module, root_prefix, new_cmds_ip6, 'ip6tables') persist_iptables_filters(module, persist_file_ip4, new_cmds, root_prefix) persist_iptables_filters(module, persist_file_ip6, new_cmds_ip6, root_prefix) except Exception, e: LOG.error("Installing iptables/ip6tables filter rules: Failed") module.fail_json(msg='Exception: %s' % e) else: LOG.info("Installing iptables/ip6tables filter rules: Done") module.exit_json(**dict(changed=True, enabled=enable, firewall_rules=rules, generated_rules=new_cmds)) elif command: # given a command string such as, '-A INPUT...' LOG.info("Executing iptables command '%s'", command) try: with lock(lock_name, synchronized_prefix, lock_path, lock_timeout): rc, stdout, stderr = run_iptables_cmd(module, command) except Exception, e: LOG.error("Failed to execute iptables command") module.fail_json(msg='Exception: %s' % e) else: changed = (rc == 0) module.exit_json(command=command, changed=changed, stderr=stderr.rstrip("\r\n"), stdout=stdout.rstrip("\r\n"), rc=rc) def get_chain_name_hashed(prefix, chain_name): chain_name_hash = hashlib.md5(chain_name).hexdigest() postfix_length = MAX_CHAIN_NAME_LEN - len(prefix + '-') postfix = chain_name_hash[:postfix_length] return prefix + '-' + postfix def update_iptables_filters(module, root_prefix, cmds, cmd_prefix): '''Read the current set of iptables, remove our previous rules, insert the new set and push back to the system ''' LOG.info("Updating active '%s' %s rules", root_prefix, cmd_prefix) filter_rules = get_iptables_filter_rules(module, cmd_prefix) filter_rules = purge_all_rules_using_prefix(module, filter_rules, root_prefix) commit_idx = filter_rules.index(COMMIT_LINE) filter_rules[commit_idx:commit_idx] = cmds push_iptables_rules(module, filter_rules, cmd_prefix) def get_iptables_filter_rules(module, cmd_prefix): '''Return the active ip(6)tables filter rules as list of strings, or default if none ''' cmd = '%s-save -c -t %s' % (cmd_prefix, FILTER_TABLE_NAME) rc, stdout, stderr = module.run_command(cmd) if rc == 0: return stdout.split('\n') else: return [FILTER_LINE, COMMIT_LINE] def push_iptables_rules(module, rules_list, cmd_prefix): '''Push the ip(6)tables using ip(6)tables-restore, the update is atomic ''' rules = '\n'.join(rules_list) cmd = '%s-restore -c' % cmd_prefix rc, stdout, stderr = module.run_command(cmd, data=rules) if rc != 0: LOG.error("cmd failed: %r, data: %r", (cmd, rules)) LOG.debug("rc: %r", rc) LOG.debug("stdout: %r", stdout) LOG.debug("stderr: %r", stderr) module.fail_json(msg="cmd failed: %s\nstderr: %s\ndata: %s" % (cmd, stderr, rules)) def purge_all_rules_using_prefix(module, rules_list, prefix): '''Given a list of strings, return the subset of strings that don't contain the supplied prefix ''' return [rule for rule in rules_list if prefix not in rule] def create_root_chains(chains, prefix, cmds, cmds_ip6): ''' Create the chain structure and plumb it into the system INPUT chain. The root chain has the name 'prefix' Note: this takes advantage of the fact the specification for the the ip6 chains is exactly the same as for ipv4 ''' cmds.append(':%s -' % prefix) cmds.append('-A INPUT -j %s' % prefix) # create each chain, # link from the prefix-root chain, for chain in chains: chain_name = get_chain_name_hashed(prefix, chain['name']) cmds.append(':%s -' % chain_name) cmds.append('-A %s -i %s -j %s' % (prefix, chain['interface'], chain_name)) # clone for ip6 cmds_ip6.extend(cmds) def append_rules(module, rules, prefix, cmds, ip6_cmds): ''' Create the commands to populate the chain with the requested rules ''' for address, firewall_rules in rules.iteritems(): try: # Because the netaddr module is not available in ansible, use # socket instead to determine the address protocol if socket.inet_pton(socket.AF_INET6, address): ip6_cmds.extend(process_rules(module, address, firewall_rules, prefix, 'ipv6')) except socket.error: cmds.extend(process_rules(module, address, firewall_rules, prefix)) def append_default_rules(chains, prefix, logging, cmds, cmds_ip6): ''' Append the 'default' rules to the existing chain structures - multicast accept - IP4 only (todo: Needs to be service specified) - related,established accept - rate limited logging - optional - drop ''' for chain in chains: chain_name = get_chain_name_hashed(prefix, chain['name']) cmd = '-A %s -m pkttype --pkt-type multicast -j ACCEPT' % \ chain_name cmds.append(cmd) # Open ports needed for icmpv6 functionality for port in [130, 131, 132, 135, 136]: cmd = '-A %s -p icmpv6 --icmpv6-type %s -j ACCEPT' % (chain_name, port) cmds_ip6.append(cmd) cmd = '-A %s -m state --state RELATED,ESTABLISHED -j ACCEPT' % \ chain_name cmds.append(cmd) cmds_ip6.append(cmd) if logging: cmd = '-A %s -m limit --limit 2/min -j LOG ' % chain_name cmd += '--log-prefix "IPTables-Dropped: " --log-level 4' cmds.append(cmd) cmds_ip6.append(cmd) cmd = '-A %s -j DROP' % chain_name cmds.append(cmd) cmds_ip6.append(cmd) def process_rules(module, address, rules, prefix, family=None): cmds = [] for rule in rules: chain_name = get_chain_name_hashed(prefix, rule['chain']) rtype = rule.get('type', 'allow') protocol = rule.get('protocol', 'tcp') if family and family == 'ipv6' and protocol == 'icmp': protocol = 'icmpv6' source = rule.get('remote-ip-prefix', None) source_arg = _address_arg(source, 's') dest_arg = _address_arg(address, 'd') protocol_arg = _protocol_arg(protocol) port_arg = _port_arg(rule, 'dport', protocol) args = ['-A', chain_name] args += source_arg + dest_arg + protocol_arg + port_arg args += ['-m', 'comment', '--comment', '"%s"' % rule['chain'][:MAX_COMMENT_LEN]] if rtype.startswith('allow'): args += ['-j', 'ACCEPT'] elif rtype == 'deny': args += ['-j', 'DROP'] else: LOG.error("rule.type not supported: %r", rule) module.fail_json(msg="rule.type not supported: %s" % rule) cmds.append(' '.join(args)) return cmds def _address_arg(address, direction): if address: return ['-%s' % direction, address] else: return [] def _protocol_arg(protocol): return ['-p', str(protocol)] def _port_arg(rule, direction, protocol): minPort = rule.get('port-range-min', None) maxPort = rule.get('port-range-max', None) # We don't do any input verification elsewhere, so we need to handle the # odd cases here. # # If minPort and maxPort are None, return nothing and caller will # open all ports for the protocol # # If minPort is None and maxPort is not None, reverse them, user error. # We can't set them equal as that will break the ICMP code below # if minPort is None: if maxPort is None: return [] # Handle the case where someone has set max but not min, bad user! minPort = maxPort maxPort = None if protocol in ['icmp', 'icmpv6']: # minPort/maxPort represent icmp type/code when protocol is icmp or # icmpv6. Since icmp code can be 0 we cannot use "if maxPort" here if protocol == 'icmpv6' and minPort == '8': #Make sure that the intended echo-request type is specified minPort = 128 if maxPort is not None: return ['--%s-type' % str(protocol), '%s/%s' % (minPort, maxPort)] return ['--%s-type' % str(protocol), '%s' % minPort] elif minPort == maxPort or maxPort is None: return ['--%s' % direction, '%s' % minPort] else: return ['-m', 'multiport', '--%ss' % direction, '%s:%s' % (minPort, maxPort)] def run_iptables_cmd(module, command): # As the command can be any arbitrary command and the address protocol # is unknown, run for both iptables and ip6tables and report failure # only if both fail. checking = command.startswith("-C") cmd = 'iptables ' + command rcv4, stdoutv4, stderrv4 = module.run_command(cmd) cmdipv6 = 'ip6tables ' + command rcv6, stdoutv6, stderrv6 = module.run_command(cmdipv6) if rcv4 != rcv6: if rcv4 == 0: # IPv4 command version succeeded, report that return rcv4, stdoutv4, stderrv4 elif rcv6 == 0: # IPv6 command version succeeded, report that return rcv6, stdoutv6, stderrv6 if checking: # Only checking to see if a rule/table/chain already # exists. Need to handle special. if (stderrv4.endswith("No chain/target/match by that name.\n") or stderrv4.endswith("Chain already exists.\n")): return rcv4, stdoutv4, stderrv4 else: stderrv6 = stderrv6.replace("ip6tables","iptables") return rcv6, stdoutv6, stderrv6 # if we have gotten this far, log errors before returning if rcv4 != 0: LOG.error("cmd failed: %r", cmd) LOG.debug("rc: %r", rcv4) LOG.debug("stdout: %r", stdoutv4) LOG.debug("stderr: %r", stderrv4) if rcv6 != 0: LOG.error("cmd failed: %r", cmdipv6) LOG.debug("rc: %r", rcv6) LOG.debug("stdout: %r", stdoutv6) LOG.debug("stderr: %r", stderrv6) # Both commands resulted in the same rc, report IPv4 version for # backwards compatibility in playbooks return rcv4, stdoutv4, stderrv4 def persist_iptables_filters(module, persist_file, cmds, prefix): '''Write our the new set of filter rules to the file specified. ''' LOG.info("Updating persisted '%s' rules in %s", prefix, persist_file) file_list = read_persisted_iptables_filters(module, persist_file) update_persisted_iptables_filters(module, file_list, cmds, prefix) write_persisted_iptables_filters(module, persist_file, file_list) def read_persisted_iptables_filters(module, filename): '''Return the content of the file specified as a list of strings ''' file_contents = [] try: with open(filename, 'r') as pfile: file_contents = pfile.read().splitlines() except: # failure to open is OK, the file may not exist pass return file_contents def write_persisted_iptables_filters(module, filename, content_list): '''Write the content to the file specified. This will raise an exception if the create fails ''' lines = '\n'.join(content_list) lines += '\n' with open(filename, "w") as pfile: pfile.write(lines) def update_persisted_iptables_filters(module, persist_file, cmds, prefix): '''Update the netfilter-persistent rules file with our new content. ''' # assume we don't have a persisted set of filter rules filter_idx = -1 filter_table = [FILTER_LINE, ':INPUT ACCEPT', ':FORWARD ACCEPT', ':OUTPUT ACCEPT', COMMIT_LINE] # if there is a '*filter' table in the file, use that if FILTER_LINE in persist_file: filter_idx = persist_file.index(FILTER_LINE) commit_idx = (filter_idx + persist_file[filter_idx:].index(COMMIT_LINE)) # copy/remove the filter table section filter_table = persist_file[filter_idx:commit_idx+1] persist_file[filter_idx:commit_idx+1] = [] # purge rules (and comment) matching the prefix from filter table filter_table = purge_all_rules_using_prefix(module, filter_table, prefix) # Insert our rules into the filter table before the COMMIT commit_idx = filter_table.index(COMMIT_LINE) filter_table[commit_idx:commit_idx] = cmds # insert a comment after the *filter to track the edit filter_table.insert(1, '# %s: filter section updated on %s' % (prefix, time.ctime())) # put the filter table back where we found it persist_file[filter_idx:filter_idx] = filter_table def init_logging(): syslog_handler = logging.handlers.SysLogHandler(address='/dev/log') formatter = logging.Formatter('%(module)s: %(message)s') syslog_handler.setFormatter(formatter) LOG.addHandler(syslog_handler) LOG.setLevel(logging.INFO) # LOG.setLevel(logging.DEBUG) # comment out if not needed # NOTE: This entire class can be removed if we have the fasteners # module, see oslo.concurrency code for more information. class InterProcessLock(object): """An interprocess locking implementation. This is a lock implementation which allows multiple locks, working around issues like http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=632857 and does not require any cleanup. Since the lock is always held on a file descriptor rather than outside of the process, the lock gets dropped automatically if the process crashes, even if ``__exit__`` is not executed. There are no guarantees regarding usage by multiple threads in a single process here. This lock works only between processes. Note these locks are released when the descriptor is closed, so it's not safe to close the file descriptor while another thread holds the lock. Just opening and closing the lock file can break synchronization, so lock files must be accessed only using this abstraction. """ def __init__(self, path, timeout): self.lockfile = None self.needlock = True self.path = path self.timeout = timeout def _try_acquire(self): # This method will set a timeout as trylock() will do a blocking # lockf() call and we don't want to wait indefinitely. class LockError(Exception): pass def handler(signum, frame): raise LockError() # set the timeout handler signal.signal(signal.SIGALRM, handler) signal.alarm(self.timeout) try: self.trylock() except LockError: msg = 'Unable to acquire lock on `%s` due to timeout' % self.path raise LockError(msg) except IOError as e: msg = ('Unable to acquire lock on `%s` due to exception %s' % (self.path, e)) raise LockError(msg) finally: signal.alarm(0) def _do_open(self): self._ensure_tree() if not self.needlock: return # Open in append mode so we don't overwrite any potential contents of # the target file. This eliminates the possibility of an attacker # creating a symlink to an important file in our lock path. if self.lockfile is None or self.lockfile.closed: self.lockfile = open(self.path, 'a') def acquire(self): """Attempt to acquire the given lock. There are no re-attempts, errors will be raised! :returns: whether or not the acquisition succeeded :rtype bool """ self._do_open() if not self.needlock: return self._try_acquire() LOG.debug('Acquired file lock `%s`', self.path) def _do_close(self): if self.lockfile is not None: self.lockfile.close() self.lockfile = None def __enter__(self): self.acquire() return self def release(self): if not self.needlock: return """Release the previously acquired lock.""" try: self.unlock() except IOError: LOG.exception("Could not unlock the acquired lock opened" " on `%s`", self.path) else: self.acquired = False try: self._do_close() except IOError: LOG.exception("Could not close the file handle" " opened on `%s`", self.path) else: LOG.debug("Unlocked and closed file lock open on" " `%s`", self.path) def __exit__(self, exc_type, exc_val, exc_tb): self.release() def trylock(self): fcntl.lockf(self.lockfile, fcntl.LOCK_EX) def unlock(self): fcntl.lockf(self.lockfile, fcntl.LOCK_UN) def _ensure_tree(self): basedir = os.path.dirname(self.path) # If the directory doesn't exist, we don't need a lock if not os.path.exists(basedir): LOG.debug("Directory `%s` does not exist, file lock not needed", basedir) self.needlock = False return """Create a directory (and any ancestor directories required)""" try: os.makedirs(basedir) except OSError as e: if e.errno == errno.EEXIST: if not os.path.isdir(basedir): raise elif e.errno != errno.EISDIR: raise def _get_lock_path(name, lock_file_prefix, lock_path): # NOTE(mikal): the lock name cannot contain directory # separators name = name.replace(os.sep, '_') sep = '' if lock_file_prefix.endswith('-') else '-' name = '%s%s%s' % (lock_file_prefix, sep, name) return os.path.join(lock_path, name) def external_lock(name, lock_file_prefix, lock_path, lock_timeout): lock_file_path = _get_lock_path(name, lock_file_prefix, lock_path) return InterProcessLock(lock_file_path, lock_timeout) @contextlib.contextmanager def lock(name, lock_file_prefix, lock_path, lock_timeout, do_log=True): """Context based lock This function yields an InterProcessLock instance. :param lock_file_prefix: The lock_file_prefix argument is used to provide lock files on disk with a meaningful prefix. :param lock_path: The path in which to store external lock files. For external locking to work properly, this must be the same for all references to the lock. :param do_log: Whether to log acquire/release messages. This is primarily intended to reduce log message duplication when `lock` is used from the `synchronized` decorator. """ if do_log: LOG.debug('Acquiring "%(lock)s"', {'lock': name}) try: ext_lock = external_lock(name, lock_file_prefix, lock_path, lock_timeout) ext_lock.acquire() try: yield ext_lock finally: ext_lock.release() finally: if do_log: LOG.debug('Releasing lock "%(lock)s"', {'lock': name}) from ansible.module_utils.basic import * if __name__ == '__main__': main() 0707010000001C000081A40000000000000000000000016000787300004C84000000000000000000000000000000000000004600000000ardana-osconfig-8.0+git.1610643571.91b88d6/library/restart_networking#!/usr/bin/python # -*- coding: utf-8 -*- # # (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017-2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # DOCUMENTATION = ''' --- module: restart_networking short_description: A module for restarting Debian networking options: interfaces_path: description: - path of the directory where the interfaces configuration - is stored. required: true shadow_path: description: - path of the directory where the shadow configuration - is stored. required: true default: /etc/network/.shadow force_restart: description: - Force a restart, regardless of differences required: false default: false restart_ovs: description: - Should OpenVSwitch be restarted required: false default: false management_pattern: description: - Unique string to search for in interfaces files to - indicate that they are Ardana managed required: false default: None routing_tables: description: - List of routing tables to create required: true routing_table_file: - path of routing configuration file required: true routing_table_marker: - marker string for managed routing tables required: true routing_table_id_start: - starting number for managed routing tables required: true os_family: - one of "Debian", "RedHat", or "Suse" required: true author: ''' EXAMPLES = ''' - restart_networking: shadow_path=/etc/network/.shadow interfaces_path=/etc/network/interfaces.d restart_ovs=true management_pattern="# Unique Comment marker" routing_tables=["MANAGEMENT", "EXTERNAL-VM"] routing_table_file=/etc/iproute2/rt_table routing_table_marker="unique_marker" routing_table_id_start=101 os_family="Debian" ''' import glob import logging import logging.handlers import os import shutil import filecmp import time import re log = logging.getLogger(__name__) system_files = { 'Suse': [ 'config', 'dhcp', 'ifcfg-lo', 'ifcfg.template', 'if-up.d/SuSEfirewall2', 'routes', 'scripts/firewall', 'scripts/functions.rpm-utils', 'scripts/functions.netconfig', 'scripts/SuSEfirewall2', ] } def init_logging(): syslog_handler = logging.handlers.SysLogHandler(address='/dev/log') formatter = logging.Formatter('%(module)s: %(message)s') syslog_handler.setFormatter(formatter) log.addHandler(syslog_handler) log.setLevel(logging.INFO) def main(): module = AnsibleModule( argument_spec=dict( interfaces_path=dict(required=True), shadow_path=dict(required=True), force_restart=dict(required=False, choices=BOOLEANS+['True', True, 'False', False], default=False), restart_ovs=dict(required=False, choices=BOOLEANS+['True', True, 'False', False], default=False), management_pattern=dict(required=False, default=None), routing_tables=dict(type='list'), routing_table_file=dict(required=True), routing_table_marker=dict(required=True), routing_table_id_start=dict(required=True, type='int'), os_family=dict(required=True, choices=['Debian', 'RedHat', 'Suse'], type='str') ), supports_check_mode=False ) interfaces_path = module.params['interfaces_path'] shadow_path = module.params['shadow_path'] force_restart = module.boolean(module.params['force_restart']) restart_ovs = module.boolean(module.params['restart_ovs']) management_pattern = module.params['management_pattern'] routing_tables = module.params['routing_tables'] routing_table_file = module.params['routing_table_file'] routing_table_marker = module.params['routing_table_marker'] routing_table_id_start = module.params['routing_table_id_start'] os_family = module.params['os_family'] init_logging() try: if not os.path.isdir(shadow_path): raise Exception('Shadow directory not found: %s' % shadow_path) # Before we do any restart or configuration we need to make sure # we don't have extra ifcfg files for non-present interfaces hanging # around disable_absent_ifcfg_interfaces(module, interfaces_path) # Get the list of shadow and interface files and arrange accordingly shadow_files = set(dir_scan(shadow_path)) interface_files = set(get_interfaces_files(module, interfaces_path, management_pattern)) missing_files = shadow_files - interface_files extra_files = interface_files - shadow_files common_files = shadow_files & interface_files missing_files.update(compare_files(shadow_path, interfaces_path, common_files)) # For Debian we use a different filenaming format than 'standard' # Linux, look for 'standard' files we are replacing if os_family == 'Debian': extra_files.update(find_legacy_files(shadow_files, interfaces_path)) # avoid purging system files if os_family in system_files: extra_files -= set(system_files[os_family]) if len(missing_files) > 0 or len(extra_files) > 0: # There are updates - we need to restart the network force_restart = True if not force_restart: log.info("No network install or restart needed") module.exit_json(**dict(changed=False, rc=0)) if os_family == 'Debian': log.info("Update '%s' interfaces in " "/etc/network/interfaces and %s", management_pattern, interfaces_path) else: log.info("Update '%s' interfaces in %s", management_pattern, interfaces_path) # Check for DPDK NIC binding tasks - make sure the DPDK package # is installed beforehand. This does not need to be done # for Suse distros. if os_family != 'Suse': dpdk_drivers = {} if os.path.exists("/usr/sbin/dpdk_nic_bind") and \ len(missing_files) > 0: file_list = [os.path.join(shadow_path, file) for file in missing_files] rc, out, err = module.run_command("grep '^#DPDK=' %s" % " ".join(file_list), check_rc=False) if rc == 0: for line in out.split(): driver, pciaddr = re.sub('.*#DPDK=', '', line).split(',') dpdk_drivers[pciaddr] = driver flush_interfaces(module, os_family) # 'networking start/stop' will ifdown/up all interfaces # It will also cause the udev system to reload its config network_stop(module, os_family) if os_family == 'Debian': clean_interfaces_file(shadow_files, module) # Remove any additional (managed) files from the interfaces dir for file in extra_files: log.info('Removing interface definition file %s', file) os.remove(os.path.join(interfaces_path, file)) # Install each of the files from the shadow path for file in missing_files: log.info('Installing interface definition file %s', file) src_path = os.path.join(shadow_path, file) dest_path = os.path.join(interfaces_path, file) shutil.copy(src_path, dest_path) shutil.copystat(src_path, dest_path) # Do DPDK bindings where necessary # Not needed for Suse if os_family != 'Suse': for addr in dpdk_drivers: module.run_command("/usr/sbin/dpdk_nic_bind --bind=%s %s" % (dpdk_drivers[addr], addr), check_rc=True) # Reload the udev device mappings log.info('Trigger udev mapping of network devices') module.run_command('udevadm control --reload', check_rc=True) module.run_command('udevadm trigger --action=add --subsystem-match=net', check_rc=True) module.run_command('udevadm settle --timeout 60', check_rc=True) # triggering the udev device mapping has the side effect # of leaving around unwanted (stale) ifcfg-* files # we need to remove them or network start up will take # a very long time disable_absent_ifcfg_interfaces(module, interfaces_path, shadow_files) # Reset the routing-tables persist_route_tables(module, routing_table_file, routing_tables, routing_table_marker, routing_table_id_start) network_start(module, os_family) # the udevadm --reload command is asynchronouse and sometimes # it can take some time, so we restart the network once more network_stop(module, os_family) network_start(module, os_family) if restart_ovs and os_family == 'Debian': # bring up all ovs managed interfaces log.info('Bring up openvswitch interfaces') module.run_command('ifup --all --allow ovs --force --ignore-errors', check_rc=True) # Wait for network to settle and reconfigure before continuing # Ideally we'd test the network state, but that's not trivial. log.info('Wait for the network to settle') time.sleep(20) log.info('Network install and restart completed successfully') except Exception, e: module.fail_json(msg='Exception: %s' % e) else: module.exit_json(**dict(changed=True, rc=0)) def interface_names_from(list_of_ifcfg_files): if list_of_ifcfg_files is None: return set() return {os.path.basename(f).replace('ifcfg-', '') for f in list_of_ifcfg_files} def interfaces_according_to_ifcfg_files(interfaces_path): file_pattern = os.path.join(interfaces_path, "ifcfg-*") return interface_names_from(glob.glob(file_pattern)) def interfaces_according_to_ip_link_show(module): interfaces = [] rc, stdout, stderr = module.run_command('ip link show', check_rc=False) lines = stdout.splitlines() # look for 2nd word in lines that start like this # "2: eth0: <NO-CARRIER..." # and split on '@' for line in lines: word = line.split(':') if word[0].isdigit(): interfaces.append(word[1].split('@')[0].strip()) return set(interfaces) def disable_ifcfg_for(module, interfaces_path, interfaces): for interface in interfaces: src_file = os.path.join(interfaces_path, 'ifcfg-' + interface) dst_file = os.path.join(interfaces_path, '-'.join(['disabled-ifcfg', str(time.time()), interface])) try: log.info("Moving {} to {}".format(src_file, dst_file)) cmd = ' '.join(['mv', src_file, dst_file]) module.run_command(cmd, check_rc=False) except OSError: log.info('Failed to move {} to {}'.format(src_file, dst_file)) def disable_absent_ifcfg_interfaces(module, interfaces_path, shadow_files=None): valid_interfaces = set() valid_interfaces.update(interfaces_according_to_ip_link_show(module)) valid_interfaces.update(interface_names_from(shadow_files)) ifcfg_interfaces = interfaces_according_to_ifcfg_files(interfaces_path) absent_interfaces = ifcfg_interfaces.difference(valid_interfaces) disable_ifcfg_for(module, interfaces_path, absent_interfaces) def network_stop(module, os_family): log.info('Stop networking services') if os_family == 'Debian': module.run_command('service networking stop', check_rc=True) else: module.run_command('systemctl stop network', check_rc=True) def network_start(module, os_family): log.info('Start networking services') if os_family == 'Debian': module.run_command('service networking start', check_rc=True) else: # This can appear to fail if we have udev mapped devices # but ifcfg-... files exist for the previous interface names module.run_command('systemctl start network', check_rc=False) def compare_files(shadow_path, interfaces_path, files): # Compare files in both locations and return a list of ones which # are different diffs = [] for file in files: src_path = os.path.join(shadow_path, file) dest_path = os.path.join(interfaces_path, file) if not filecmp.cmp(src_path, dest_path): diffs.append(file) return diffs def flush_interfaces(module, os_family): # Retrieve active interfaces interfaces = get_interfaces(module, os_family) for interface in interfaces: if interface.strip() == 'lo': continue log.info('Flushing interface by bring down interface <%s>', interface) if os_family == 'Debian': module.run_command('timeout -s KILL 60 ifdown --force --ignore-errors %s' % interface, check_rc=False) else: module.run_command('timeout -s KILL 60 ifdown %s' % interface, check_rc=False) # for now also do an 'ifconfig down' on the interface since # just an ifdown isn't reliable module.run_command('timeout -s KILL 60 ifconfig %s down' % interface, check_rc=False) module.run_command('ip addr flush dev %s' % interface, check_rc=False) def get_interfaces(module, os_family): # Retrieve active interfaces interfaces = [] if os_family == 'Debian': rc, stdout, stderr = module.run_command('ifquery --state', check_rc=False) interfaces.extend(stdout.split()) else: rc, stdout, stderr = module.run_command('ip link show', check_rc=False) lines = stdout.splitlines() # look for 2nd word in lines that start like this # "2: eth0: <NO-CARRIER..." for line in lines: word = line.split(':') if word[0].isdigit(): interfaces.append(word[1]) return interfaces def find_legacy_files(shadow_files, interfaces_path): # Delete any files for interfaces that are 'newly' managed by Ardana legacy_files = [] for interface_name in get_interface_names(shadow_files): if os.path.exists(os.path.join(interfaces_path, interface_name)): legacy_files.append(interface_name) return legacy_files def clean_interfaces_file(shadow_files, module): # Remove any configuration stanzas in the /etc/network/interfaces # file which match interfaces to be managed and whose stanzas start # with 'auto' or 'iface'. This will remove the stanza to the first # 'blank' line. for ardana_interface_name in get_interface_names(shadow_files): module.run_command("sed -e '/auto %s/,/^$/d' -i /etc/network/interfaces" % ardana_interface_name, check_rc=True) module.run_command("sed -e '/iface %s/,/^$/d' -i /etc/network/interfaces" % ardana_interface_name, check_rc=True) def get_interface_names(shadow_files): interface_names = [] for config_file in shadow_files: # Strip the first 3 characters off the file name name = config_file.partition('-')[2] interface_names.append(name) return interface_names def get_interfaces_files(module, interfaces_path, management_pattern=None): # Get the list of managed files in the interfaces directory files = dir_scan(interfaces_path) if not management_pattern: return files def matches_pattern(file): rc, out, err = module.run_command("grep -s '^%(ardana)s' %(location)s" % { 'ardana':management_pattern, 'location':os.path.join(interfaces_path, file)}, check_rc=False) return rc == 0 return filter(matches_pattern, files) def dir_scan(root_path, dir_path=''): # Scan the named directory looking for files. Return an array of # relative paths (to root_path). files = [] for file in os.listdir(os.path.join(root_path, dir_path)): rel_path = os.path.join(dir_path, file) if os.path.isdir(os.path.join(root_path, rel_path)): files += dir_scan(root_path, rel_path) else: files.append(rel_path) return files def persist_route_tables(module, persist_file, tables, marker, start_id): '''Write the set of route-table specifications to the file specified. Note: that we do not explicitly flush the current set of route tables here as the stopping of each interface will have explicitly removed the rules added ''' log.info("Updating '%s' route-tables in %s", marker, persist_file) file_list = read_config_file(module, persist_file) update_route_tables(module, file_list, tables, marker, start_id) write_config_file(module, persist_file, file_list) def read_config_file(module, filename): '''Return the content of the file specified as a list of strings ''' file_contents = [] try: with open(filename, 'r') as pfile: file_contents = pfile.read().splitlines() except: # failure to open is OK, the file may not exist pass return file_contents def write_config_file(module, filename, content_list): '''Write the content to the file specified. This will raise an exception if the create fails ''' lines = '\n'.join(content_list) lines += '\n' with open(filename, "w") as pfile: pfile.write(lines) def update_route_tables(module, content_list, tables, marker, start_id): '''Update the route-table specifications with our new content. ''' # purge previous route-tables (and comment) matching the marker content_list[:] = (line for line in content_list if marker not in line) # insert a comment to track the edit content_list.append('#%s: route-tables updated on %s' % (marker, time.ctime())) id = start_id for table in tables: content_list.append("%d %s #%s" % (id, table, marker)) id += 1 # import module snippets from ansible.module_utils.basic import * if __name__ == '__main__': main() 0707010000001D000081A40000000000000000000000016000787300000EC8000000000000000000000000000000000000004D00000000ardana-osconfig-8.0+git.1610643571.91b88d6/library/update_mlx4_udev_rules.py#!/usr/bin/python # # (c) Copyright 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. DOCUMENTATION = ''' --- module: update_mlx4_udev_rules short_description: Updates the udev rules for mellanox cards on Ardana upgrade description: - Reads the existing rules - Generates a new file in correct format if its a mellanox card options: in_file: description: - The input file, the existing rules. required: True out_file: description: - The output file containing the new generated rules. required: True ''' EXAMPLES = ''' - update_mlx4_udev_rules: inFile: "/etc/udev/rules.d/70-persistent-net.rules" outFile: "/etc/udev/rules.d/80-openstack-preserve_eth_names.rules" ''' import json import os def update_udev_rules(module,in_file, out_file): in_lines = read_udev_file(module, in_file) if not ("(mlx4_core)" in ''.join(in_lines)): module.exit_json(**dict(changed=False, rc=0)) first_line = in_lines[0] in_warning_line = "# ARDANA-MANAGED - mlx4_core rules will be in 80-openstack-preserve_eth_names.rules\n" if in_warning_line not in ''.join(in_lines): in_lines[0] = in_warning_line + first_line write_udev_file(module, in_file, in_lines) else: pass out_lines = "" out_warning_line = "# ARDANA-MANAGED - Managed by Ardana - Do not edit\n\n" out_lines += out_warning_line for i, line in enumerate(in_lines): if "(mlx4_core)" in line: out_lines += ''.join(line) temp_line = in_lines[i+1] temp_line = temp_line.replace('dev_id', 'dev_port') temp_line = temp_line.split(',') for j, item in enumerate(temp_line): if "ATTR{dev_port}" in item: temp = temp_line[j].split('==') temp[1] = int(temp[1].strip('"'), 16) temp[1] = '"%s"' % temp[1] string = "==".join(temp) temp_line[j] = string in_lines[i+1] = ','.join(temp_line) out_lines += in_lines[i+1]+'\n' else: continue write_udev_file(module, out_file, out_lines) def read_udev_file(module, filename): file_contents = "" try: with open(filename, 'r') as pfile: file_contents = pfile.readlines() except: error_msg = 'Error: Cannot open %s' % (filename) module.fail_json(msg=error_msg) return file_contents def write_udev_file(module, filename, content): lines = ''.join(content) try: with open(filename, "w") as pfile: pfile.write(lines) except: error_msg = 'Error: Cannot open %s' % (filename) module.fail_json(msg=error_msg) def main(): module = AnsibleModule( argument_spec = dict( inFile=dict(required=True), outFile=dict(required=True) )) in_file = module.params['inFile'] out_file = module.params['outFile'] update_udev_rules(module, in_file, out_file) changed = (os.path.exists(out_file)) result = dict(changed=changed, rc=0) module.exit_json(**result) from ansible.module_utils.basic import * main() 0707010000001E000081A40000000000000000000000016000787300004C42000000000000000000000000000000000000003C00000000ardana-osconfig-8.0+git.1610643571.91b88d6/library/wait_for#!/usr/bin/python # -*- coding: utf-8 -*- # (c) 2012, Jeroen Hoekx <jeroen@hoekx.be> # # This file is part of Ansible # # Ansible is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 3 of the License, or # (at your option) any later version. # # Ansible is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with Ansible. If not, see <http://www.gnu.org/licenses/>. import binascii import datetime import math import re import select import socket import sys import time HAS_PSUTIL = False try: import psutil HAS_PSUTIL = True # just because we can import it on Linux doesn't mean we will use it except ImportError: pass DOCUMENTATION = ''' --- module: wait_for short_description: Waits for a condition before continuing. description: - You can wait for a set amount of time C(timeout), this is the default if nothing is specified. - Waiting for a port to become available is useful for when services are not immediately available after their init scripts return which is true of certain Java application servers. It is also useful when starting guests with the M(virt) module and needing to pause until they are ready. - This module can also be used to wait for a regex match a string to be present in a file. - In 1.6 and later, this module can also be used to wait for a file to be available or absent on the filesystem. - In 1.8 and later, this module can also be used to wait for active connections to be closed before continuing, useful if a node is being rotated out of a load balancer pool. version_added: "0.7" options: host: description: - A resolvable hostname or IP address to wait for required: false default: "127.0.0.1" timeout: description: - maximum number of seconds to wait for required: false default: 300 connect_timeout: description: - maximum number of seconds to wait for a connection to happen before closing and retrying required: false default: 5 delay: description: - number of seconds to wait before starting to poll required: false default: 0 port: description: - port number to poll required: false state: description: - either C(present), C(started), or C(stopped), C(absent), or C(drained) - When checking a port C(started) will ensure the port is open, C(stopped) will check that it is closed, C(drained) will check for active connections - When checking for a file or a search string C(present) or C(started) will ensure that the file or string is present before continuing, C(absent) will check that file is absent or removed choices: [ "present", "started", "stopped", "absent", "drained" ] default: "started" path: version_added: "1.4" required: false description: - path to a file on the filesytem that must exist before continuing search_regex: version_added: "1.4" required: false description: - Can be used to match a string in either a file or a socket connection. Defaults to a multiline regex. exclude_hosts: version_added: "1.8" required: false description: - list of hosts or IPs to ignore when looking for active TCP connections for C(drained) state notes: - The ability to use search_regex with a port connection was added in 1.7. requirements: [] author: - "Jeroen Hoekx (@jhoekx)" - "John Jarvis (@jarv)" - "Andrii Radyk (@AnderEnder)" ''' EXAMPLES = ''' # wait 300 seconds for port 8000 to become open on the host, don't start checking for 10 seconds - wait_for: port=8000 delay=10 # wait 300 seconds for port 8000 of any IP to close active connections, don't start checking for 10 seconds - wait_for: host=0.0.0.0 port=8000 delay=10 state=drained # wait 300 seconds for port 8000 of any IP to close active connections, ignoring connections for specified hosts - wait_for: host=0.0.0.0 port=8000 state=drained exclude_hosts=10.2.1.2,10.2.1.3 # wait until the file /tmp/foo is present before continuing - wait_for: path=/tmp/foo # wait until the string "completed" is in the file /tmp/foo before continuing - wait_for: path=/tmp/foo search_regex=completed # wait until the lock file is removed - wait_for: path=/var/lock/file.lock state=absent # wait until the process is finished and pid was destroyed - wait_for: path=/proc/3466/status state=absent # wait 300 seconds for port 22 to become open and contain "OpenSSH", don't assume the inventory_hostname is resolvable # and don't start checking for 10 seconds - local_action: wait_for port=22 host="{{ ansible_ssh_host | default(inventory_hostname) }}" search_regex=OpenSSH delay=10 ''' class TCPConnectionInfo(object): """ This is a generic TCP Connection Info strategy class that relies on the psutil module, which is not ideal for targets, but necessary for cross platform support. A subclass may wish to override some or all of these methods. - _get_exclude_ips() - get_active_connections() All subclasses MUST define platform and distribution (which may be None). """ platform = 'Generic' distribution = None match_all_ips = { socket.AF_INET: '0.0.0.0', socket.AF_INET6: '::', } connection_states = { '01': 'ESTABLISHED', '02': 'SYN_SENT', '03': 'SYN_RECV', '04': 'FIN_WAIT1', '05': 'FIN_WAIT2', '06': 'TIME_WAIT', } def __new__(cls, *args, **kwargs): return load_platform_subclass(TCPConnectionInfo, args, kwargs) def __init__(self, module): self.module = module (self.family, self.ip) = _convert_host_to_ip(self.module.params['host']) self.port = int(self.module.params['port']) self.exclude_ips = self._get_exclude_ips() if not HAS_PSUTIL: module.fail_json(msg="psutil module required for wait_for") def _get_exclude_ips(self): if self.module.params['exclude_hosts'] is None: return [] exclude_hosts = self.module.params['exclude_hosts'] return [ _convert_host_to_hex(h)[1] for h in exclude_hosts ] def get_active_connections_count(self): active_connections = 0 for p in psutil.process_iter(): connections = p.get_connections(kind='inet') for conn in connections: if conn.status not in self.connection_states.values(): continue (local_ip, local_port) = conn.local_address if self.port == local_port and self.ip in [self.match_all_ips[self.family], local_ip]: (remote_ip, remote_port) = conn.remote_address if remote_ip not in self.exclude_ips: active_connections += 1 return active_connections # =========================================== # Subclass: Linux class LinuxTCPConnectionInfo(TCPConnectionInfo): """ This is a TCP Connection Info evaluation strategy class that utilizes information from Linux's procfs. While less universal, does allow Linux targets to not require an additional library. """ platform = 'Linux' distribution = None source_file = { socket.AF_INET: '/proc/net/tcp', socket.AF_INET6: '/proc/net/tcp6' } match_all_ips = { socket.AF_INET: '00000000', socket.AF_INET6: '00000000000000000000000000000000', } local_address_field = 1 remote_address_field = 2 connection_state_field = 3 def __init__(self, module): self.module = module (self.family, self.ip) = _convert_host_to_hex(module.params['host']) self.port = "%0.4X" % int(module.params['port']) self.exclude_ips = self._get_exclude_ips() def _get_exclude_ips(self): if self.module.params['exclude_hosts'] is None: return [] exclude_hosts = self.module.params['exclude_hosts'] return [ _convert_host_to_hex(h) for h in exclude_hosts ] def get_active_connections_count(self): active_connections = 0 f = open(self.source_file[self.family]) for tcp_connection in f.readlines(): tcp_connection = tcp_connection.strip().split() if tcp_connection[self.local_address_field] == 'local_address': continue if tcp_connection[self.connection_state_field] not in self.connection_states: continue (local_ip, local_port) = tcp_connection[self.local_address_field].split(':') if self.port == local_port and self.ip in [self.match_all_ips[self.family], local_ip]: (remote_ip, remote_port) = tcp_connection[self.remote_address_field].split(':') if remote_ip not in self.exclude_ips: active_connections += 1 f.close() return active_connections def _convert_host_to_ip(host): """ Perform forward DNS resolution on host, IP will give the same IP Args: host: String with either hostname, IPv4, or IPv6 address Returns: Tuple containing address family and IP """ addrinfo = socket.getaddrinfo(host, 80, 0, 0, socket.SOL_TCP)[0] return (addrinfo[0], addrinfo[4][0]) def _convert_host_to_hex(host): """ Convert the provided host to the format in /proc/net/tcp* /proc/net/tcp uses little-endian four byte hex for ipv4 /proc/net/tcp6 uses little-endian per 4B word for ipv6 Args: host: String with either hostname, IPv4, or IPv6 address Returns: Tuple containing address family and the little-endian converted host """ (family, ip) = _convert_host_to_ip(host) hexed = binascii.hexlify(socket.inet_pton(family, ip)).upper() if family == socket.AF_INET: hexed = _little_endian_convert_32bit(hexed) elif family == socket.AF_INET6: # xrange loops through each 8 character (4B) set in the 128bit total hexed = "".join([ _little_endian_convert_32bit(hexed[x:x+8]) for x in xrange(0, 32, 8) ]) return (family, hexed) def _little_endian_convert_32bit(block): """ Convert to little-endian, effectively transposing the order of the four byte word 12345678 -> 78563412 Args: block: String containing a 4 byte hex representation Returns: String containing the little-endian converted block """ # xrange starts at 6, and increments by -2 until it reaches -2 # which lets us start at the end of the string block and work to the begining return "".join([ block[x:x+2] for x in xrange(6, -2, -2) ]) def _create_connection( (host, port), connect_timeout): """ Connect to a 2-tuple (host, port) and return the socket object. Args: 2-tuple (host, port) and connection timeout Returns: Socket object """ if sys.version_info < (2, 6): (family, _) = _convert_host_to_ip(host) connect_socket = socket.socket(family, socket.SOCK_STREAM) connect_socket.settimeout(connect_timeout) connect_socket.connect( (host, port) ) else: connect_socket = socket.create_connection( (host, port), connect_timeout) return connect_socket def _timedelta_total_seconds(timedelta): return ( timedelta.microseconds + 0.0 + (timedelta.seconds + timedelta.days * 24 * 3600) * 10 ** 6) / 10 ** 6 def main(): module = AnsibleModule( argument_spec = dict( host=dict(default='127.0.0.1'), timeout=dict(default=300), connect_timeout=dict(default=5), delay=dict(default=0), port=dict(default=None), path=dict(default=None), search_regex=dict(default=None), state=dict(default='started', choices=['started', 'stopped', 'present', 'absent', 'drained']), exclude_hosts=dict(default=None, type='list') ), ) params = module.params host = params['host'] timeout = int(params['timeout']) connect_timeout = int(params['connect_timeout']) delay = int(params['delay']) if params['port']: port = int(params['port']) else: port = None state = params['state'] path = params['path'] search_regex = params['search_regex'] if search_regex is not None: compiled_search_re = re.compile(search_regex, re.MULTILINE) else: compiled_search_re = None if port and path: module.fail_json(msg="port and path parameter can not both be passed to wait_for") if path and state == 'stopped': module.fail_json(msg="state=stopped should only be used for checking a port in the wait_for module") if path and state == 'drained': module.fail_json(msg="state=drained should only be used for checking a port in the wait_for module") if params['exclude_hosts'] is not None and state != 'drained': module.fail_json(msg="exclude_hosts should only be with state=drained") start = datetime.datetime.now() if delay: time.sleep(delay) if not port and not path and state != 'drained': time.sleep(timeout) elif state in [ 'stopped', 'absent' ]: ### first wait for the stop condition end = start + datetime.timedelta(seconds=timeout) while datetime.datetime.now() < end: if path: try: f = open(path) f.close() time.sleep(1) pass except IOError: break elif port: try: s = _create_connection( (host, port), connect_timeout) s.shutdown(socket.SHUT_RDWR) s.close() time.sleep(1) except: break else: time.sleep(1) else: elapsed = datetime.datetime.now() - start if port: module.fail_json(msg="Timeout when waiting for %s:%s to stop." % (host, port), elapsed=elapsed.seconds) elif path: module.fail_json(msg="Timeout when waiting for %s to be absent." % (path), elapsed=elapsed.seconds) elif state in ['started', 'present']: ### wait for start condition end = start + datetime.timedelta(seconds=timeout) while datetime.datetime.now() < end: if path: try: os.stat(path) except OSError, e: # If anything except file not present, throw an error if e.errno != 2: elapsed = datetime.datetime.now() - start module.fail_json(msg="Failed to stat %s, %s" % (path, e.strerror), elapsed=elapsed.seconds) # file doesn't exist yet, so continue else: # File exists. Are there additional things to check? if not compiled_search_re: # nope, succeed! break try: f = open(path) try: if re.search(compiled_search_re, f.read()): # String found, success! break finally: f.close() except IOError: pass elif port: alt_connect_timeout = math.ceil(_timedelta_total_seconds(end - datetime.datetime.now())) try: s = _create_connection((host, port), min(connect_timeout, alt_connect_timeout)) except: # Failed to connect by connect_timeout. wait and try again pass else: # Connected -- are there additional conditions? if compiled_search_re: data = '' matched = False while datetime.datetime.now() < end: max_timeout = math.ceil(_timedelta_total_seconds(end - datetime.datetime.now())) (readable, w, e) = select.select([s], [], [], max_timeout) if not readable: # No new data. Probably means our timeout # expired continue response = s.recv(1024) if not response: # Server shutdown break data += response if re.search(compiled_search_re, data): matched = True break # Shutdown the client socket s.shutdown(socket.SHUT_RDWR) s.close() if matched: # Found our string, success! break else: # Connection established, success! s.shutdown(socket.SHUT_RDWR) s.close() break # Conditions not yet met, wait and try again time.sleep(1) else: # while-else # Timeout expired elapsed = datetime.datetime.now() - start if port: if search_regex: module.fail_json(msg="Timeout when waiting for search string %s in %s:%s" % (search_regex, host, port), elapsed=elapsed.seconds) else: module.fail_json(msg="Timeout when waiting for %s:%s" % (host, port), elapsed=elapsed.seconds) elif path: if search_regex: module.fail_json(msg="Timeout when waiting for search string %s in %s" % (search_regex, path), elapsed=elapsed.seconds) else: module.fail_json(msg="Timeout when waiting for file %s" % (path), elapsed=elapsed.seconds) elif state == 'drained': ### wait until all active connections are gone end = start + datetime.timedelta(seconds=timeout) tcpconns = TCPConnectionInfo(module) while datetime.datetime.now() < end: try: if tcpconns.get_active_connections_count() == 0: break except IOError: pass time.sleep(1) else: elapsed = datetime.datetime.now() - start module.fail_json(msg="Timeout when waiting for %s:%s to drain" % (host, port), elapsed=elapsed.seconds) elapsed = datetime.datetime.now() - start module.exit_json(state=state, port=port, search_regex=search_regex, path=path, elapsed=elapsed.seconds) # import module snippets from ansible.module_utils.basic import * if __name__ == '__main__': main() 0707010000001F000081A40000000000000000000000016000787300000FA3000000000000000000000000000000000000003D00000000ardana-osconfig-8.0+git.1610643571.91b88d6/library/wipe_disk#!/usr/bin/python # (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # DOCUMENTATION = ''' --- module: wipe_disk short_description: A module for wiping all sd* disks excluding sda options: devices: description: - an ansible list of the drives to be wiped required: true author: ''' import os import glob from ansible.module_utils.basic import * class Wiper(object): def __init__(self, module): self.module = module self.stdout = [] def log(self, line): self.stdout.append(line) def wipedisks(self, partitions): ordered_partitions = list(reversed(sorted(partitions))) for partition_name in ordered_partitions: if "mpath" in partition_name: wipe_path = "/dev/mapper/" + partition_name else: wipe_path = "/dev/" + partition_name self.wipedisk(wipe_path) self.cleanuplvm() self.flush() self.probepartitions() return def wipedisk(self, partition_name): self.log(">>> clearing GPT(MBR) beginning of " + partition_name) command = "sudo dd if=/dev/zero of=" + partition_name arguments = " bs=1048576 count=1000" command = command + arguments os.system(command) self.log(">>> clearing GPT(MBR) end of " + partition_name) command = "sudo blockdev --getsz " + partition_name dsize = os.popen(command).read() dsize = dsize.replace("\n", "") self.log(">>> device size = %s blocks" % dsize) seek_value = int(dsize)*512/1048576 - 1000 command = "sudo dd if=/dev/zero of=" + partition_name arguments = " bs=1048576 count=1000 seek=" + str(seek_value) oflag = " oflag=direct" command = command + arguments + oflag os.system(command) if any(char.isdigit() for char in partition_name) is False: self.log(">>> zapping partitions of " + partition_name) command = "sudo sgdisk --zap-all -- " + partition_name os.system(command) return def cleanuplvm(self): # There could have been stale lvm vols instantiated # remove those not in use devs = glob.glob('/dev/dm*') for dev in devs: command = "sudo dmsetup remove %s" % (dev) os.system(command) # Remove any lingering multipath devs if os.path.exists("/sbin/multipath"): command = "sudo /sbin/multipath -F" os.system(command) command = "sudo /sbin/multipath" os.system(command) return def probepartitions(self): self.log(">>> probing partition tables") command = "sudo /sbin/partprobe -s" out = os.popen(command).read() for line in out.rstrip().split("\n"): self.log(line) def flush(self): command = "echo 3 | sudo tee /proc/sys/vm/drop_caches > /dev/null" os.system(command) def main(): module = AnsibleModule( argument_spec=dict( drives=dict(required=True), ) ) try: partitions = module.params["drives"] wipe = Wiper(module) wipe.wipedisks(partitions) msg = '\n'.join(wipe.stdout).rstrip("\r\n") except Exception as e: module.fail_json(msg='Exception: %s' % e) else: module.exit_json(stdout=msg, changed=(msg != "")) main() 07070100000020000081A400000000000000000000000160007873000015A2000000000000000000000000000000000000005000000000ardana-osconfig-8.0+git.1610643571.91b88d6/library/zypper_check_repositories.py#!/usr/bin/python # # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # DOCUMENTATION = ''' --- module: zypper_check_repositories short_description: Compare installed zypper repositories to required repos description: | Check the zypper repositories installed on the system and compare them with a dictionary that describes the metadata of required repositories. Fails if all required repositories are not installed on the system. author: SUSE Linux GmbH options: expected_repodata: description: Dictionary describing the repomd of required repositories. default: {} ''' EXAMPLES = ''' - set_fact: expected_repodata: cloud: name: "Cloud" repomd: tags: - "obsproduct://build.suse.de/SUSE:SLE-12-SP3:Update:Products:Cloud8/suse-openstack-cloud/8/cd/x86_64" - "obsproduct://build.suse.de/Devel:Cloud:8:Staging/suse-openstack-cloud/8/POOL/x86_64" - name: osconfig | setup-zypp | Check that SLES and Cloud repos are installed zypper_check_repositories: expected_repodata: expected_repodata brand: "SUSE OpenStack Cloud" ''' import glob import re import os import urllib2 from xml.etree import ElementTree try: import urlparse # python2 except ModuleNotFoundError: import urllib.parse as urlparse # python3 from ansible.module_utils.urls import * # Provides the open_url method def _required_tags(expected_repodata, brand): tags = {repo['name']: repo['repomd']['tags'] for repo in expected_repodata.values() if 'brand' not in repo or repo['brand'] == brand} return tags def _repomd_sources(): repomd_sources = [] for repo in glob.glob('/etc/zypp/repos.d/*.repo'): with open(repo) as f: baseurl = [line.split('=')[1].strip() for line in f.readlines() if re.search(r'^baseurl=.*$', line)][0] url_parts = urlparse.urlparse(baseurl) if url_parts.scheme not in ('http', 'https', 'file', 'dir'): # NOTE(colleen): There are many posible URI formats that zypper # could potentially be using as a repository source. We don't # support them all right now. # See: https://en.opensuse.org/openSUSE:Libzypp_URIs continue repomd_source = url_parts._replace( path=urlparse.urljoin( url_parts.path + '/', 'repodata/repomd.xml')).geturl() repomd_sources.append(repomd_source) return repomd_sources def _fetch_url(url): resp = open_url(url) if resp.code and resp.code != 200: raise Exception("Could not reach remote repository: %s" % url) return resp def _fetch_repomd(repo_uri): url = re.sub(r'^dir:', 'file:', repo_uri) try: repomd = _fetch_url(url).read() except urllib2.URLError: # ISO media might be under suse/ url = url.replace('repodata', 'suse/repodata') try: repomd = _fetch_url(url).read() except urllib2.URLError: # This is not a repomd-format repo, move on return return repomd def _find_repotags(): found_repotags = {} repomd_sources = _repomd_sources() for repomd_source in repomd_sources: repomd = _fetch_repomd(repomd_source) if not repomd: continue xmlns = {'repo': 'http://linux.duke.edu/metadata/repo'} try: xmlroot = ElementTree.fromstring(repomd) taglist = xmlroot.findall('repo:tags', xmlns) for repotag in taglist: repos = repotag.findall('repo:repo', xmlns) for r in repos: found_repotags[r.text] = 1 except Exception as e: raise Exception("Could not understand repo metadata located at " "%s: %s" % (repomd_source, e.message)) return found_repotags def run(expected_repodata, brand): found_repotags = _find_repotags() unfound_repos = [] for name, tags in _required_tags(expected_repodata, brand).items(): found_tag = False for tag in tags: if tag in found_repotags: found_tag = True if not found_tag: unfound_repos.append(name) if any(unfound_repos): raise Exception("Missing required repositories: %s" % ', '.join( unfound_repos)) def main(): argument_spec = dict( expected_repodata=dict(default=dict()), brand=dict(type='str', required=True), ) module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=False) params = module.params try: run(params['expected_repodata'], params['brand']) except Exception as e: module.fail_json(msg=e.message) module.exit_json(rc=0, changed=False, msg="All required repositories are installed.") from ansible.module_utils.basic import * if __name__ == '__main__': main() 07070100000021000081A40000000000000000000000016000787300000694000000000000000000000000000000000000004800000000ardana-osconfig-8.0+git.1610643571.91b88d6/network_interface-deploy.yml# # (c) Copyright 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # # # Playbook to install network tools and configure networking. # Deployer nodes are configured first --- - include: pbstart.yml vars: playbook_name: "network_interface-deploy.yml" - hosts: "{{ osconfig_resources | default('resources') }}" roles: - network_interface - osconfig-network-pci tasks: - include: roles/osconfig-network-pci/tasks/install.yml - include: roles/network_interface/tasks/install.yml - hosts: "{{ osconfig_resources | default('resources') }}:&OPS-LM" roles: - network_interface - osconfig-network-pci serial: 1 tasks: - include: roles/osconfig-network-pci/tasks/configure.yml - include: roles/network_interface/tasks/configure.yml - hosts: "{{ osconfig_resources | default('resources') }}:!OPS-LM" roles: - network_interface - osconfig-network-pci tasks: - include: roles/osconfig-network-pci/tasks/configure.yml - include: roles/network_interface/tasks/configure.yml - include: pbfinish.yml vars: playbook_name: "network_interface-deploy.yml" 07070100000022000081A400000000000000000000000160007873000009FA000000000000000000000000000000000000004D00000000ardana-osconfig-8.0+git.1610643571.91b88d6/network_interface-reconfigure.yml# # (c) Copyright 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # # Playbook to reconfigure networking and inform # services of network restart --- # Serialise deployer and hosts with keepalived - hosts: "OPS-LM:FND-CLU:&{{ osconfig_resources | default('resources') }}" roles: - network_interface - osconfig-network-pci serial: 1 tasks: # Try to move the VIP to another agent before we restart the network # TODO: if we could tell a network restart was really going to happen # we could make this conditional. - include: roles/network_interface/tasks/keepalived-force-restart.yml when: ('FND-CLU' in group.services) # Reconfigure virtual functions - include: roles/osconfig-network-pci/tasks/configure.yml # Reconfigure and potentially restart the network - include: roles/network_interface/tasks/configure.yml # A network restart may remove the VIP from an interface. Need to # reload keepalived in such an event to preserve any VIPs - include: roles/network_interface/tasks/keepalived-reload.yml when: ('FND-CLU' in group.services) # Network restarts remove and re-add Open vSwitch ports which can # cause errors with existing OpenFlow rules. Restart the neutron # Open vSwitch agent, so that such configuration is corrected. # # ::TODO:: This needs to be moved out of here and put in the # neutron-ansible playbook, where it belongs. - include: roles/network_interface/tasks/neutron-ovs-agent-restart.yml when: ('NEU-OVS' in group.services) - hosts: "{{ osconfig_resources | default('resources') }}:!OPS-LM:!FND-CLU" roles: - network_interface - osconfig-network-pci tasks: - include: roles/osconfig-network-pci/tasks/configure.yml - include: roles/network_interface/tasks/configure.yml - include: roles/network_interface/tasks/neutron-ovs-agent-restart.yml when: ('NEU-OVS' in group.services) 07070100000023000081A4000000000000000000000001600078730000039F000000000000000000000000000000000000004500000000ardana-osconfig-8.0+git.1610643571.91b88d6/osconfig-fcoe-reorder.yml# # (c) Copyright 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # # Common osconfig tasks we want to do during deployment and during an upgrade --- - hosts: "{{ osconfig_resources | default('resources') }}:!NOV-ESX:!NEU-OVSVAPP" roles: - fcoe tasks: - include: roles/fcoe/tasks/update_fcoe_order.yml when: ansible_os_family == 'Debian' 07070100000024000081A400000000000000000000000160007873000004BB000000000000000000000000000000000000004800000000ardana-osconfig-8.0+git.1610643571.91b88d6/osconfig-iptables-deploy.yml# # (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # # Playbook to install iptables and configure iptables rules. --- - hosts: "{{ osconfig_resources | default('resources') }}:&OPS-LM" roles: - { role: neutron-common } - { role: osconfig-iptables, osconfig_iptables_run_mode: install } serial: 1 tasks: - include: roles/osconfig-iptables/tasks/configure.yml - hosts: "{{ osconfig_resources | default('resources') }}:!OPS-LM" roles: - { role: neutron-common } - { role: osconfig-iptables, osconfig_iptables_run_mode: install } tasks: - include: roles/osconfig-iptables/tasks/configure.yml 07070100000025000081A40000000000000000000000016000787300000436000000000000000000000000000000000000004D00000000ardana-osconfig-8.0+git.1610643571.91b88d6/osconfig-iptables-reconfigure.yml# # (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # # Playbook to reconfigure iptables rules. --- - hosts: "{{ osconfig_resources | default('resources') }}:&OPS-LM" roles: - neutron-common - osconfig-iptables serial: 1 tasks: - include: roles/osconfig-iptables/tasks/configure.yml - hosts: "{{ osconfig_resources | default('resources') }}:!OPS-LM" roles: - neutron-common - osconfig-iptables tasks: - include: roles/osconfig-iptables/tasks/configure.yml 07070100000026000081A40000000000000000000000016000787300000319000000000000000000000000000000000000004900000000ardana-osconfig-8.0+git.1610643571.91b88d6/osconfig-iptables-upgrade.yml# # (c) Copyright 2015 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # # Playbook to upgrade iptables and configure iptables rules. # Currently, equivalent to the deploy playbook. --- - include: osconfig-iptables-deploy.yml 07070100000027000081A4000000000000000000000001600078730000051B000000000000000000000000000000000000003C00000000ardana-osconfig-8.0+git.1610643571.91b88d6/osconfig-run.yml# # (c) Copyright 2015, 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- - include: _osconfig-base.yml - include: network_interface-deploy.yml - include: osconfig-iptables-deploy.yml - hosts: "{{ osconfig_resources | default('resources') }}:&NTP-SVR" roles: - osconfig tasks: - include: roles/osconfig-ntp-server/tasks/install.yml - include: roles/osconfig-ntp-server/tasks/configure.yml - include: roles/osconfig-ntp-server/tasks/start.yml - hosts: "{{ osconfig_resources | default('resources') }}:&NTP-CLI" roles: - osconfig tasks: - include: roles/osconfig-ntp-client/tasks/install.yml - include: roles/osconfig-ntp-client/tasks/configure.yml - include: roles/osconfig-ntp-client/tasks/start.yml 07070100000028000081A400000000000000000000000160007873000003DE000000000000000000000000000000000000003F00000000ardana-osconfig-8.0+git.1610643571.91b88d6/osconfig-status.yml# # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- - name: Check Product Status on all systems hosts: all:!localhost:!*-local max_fail_percentage: 0 tasks: - include: roles/osconfig/tasks/check-repo-status.yml when: "{{ (ansible_os_family | lower) == 'suse' and lookup('env', 'SKIP_REPO_CHECKS')|default('') == '' }}" - include: roles/osconfig/tasks/check-product-status.yml when: (ansible_os_family | lower) == 'suse' 07070100000029000041ED0000000000000000000000116000787300000000000000000000000000000000000000000000003100000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles0707010000002A000041ED0000000000000000000000056000787300000000000000000000000000000000000000000000003C00000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/diskconfig0707010000002B000041ED0000000000000000000000026000787300000000000000000000000000000000000000000000004500000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/diskconfig/defaults0707010000002C000081A4000000000000000000000001600078730000095F000000000000000000000000000000000000004E00000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/diskconfig/defaults/main.yml# # (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017-2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # # Variables used in diskconfig play --- diskconfig_pkg_dependencies: - lvm2 - xfsprogs - e2fsprogs - gdisk - parted - rsyslog # Extract list of PV devices from the volume_groups entries, stripping # off any partition suffixes, real or logical, in the process. _diskconfig_vg_pvs: "{{ host.my_disk_models.volume_groups | map(attribute='physical_volumes') | chain | map('regex_replace', '[0-9]*$', '') | map('regex_replace', '_root', '') | list }}" # Look for a cinder-volume device_group entry assigned to cinder and # extract list of associated devices. _diskconfig_cnd_dg: "{{ host.my_disk_models | device_group('cinder-volume', 'cinder') }}" _diskconfig_cnd_pvs: "{{ _diskconfig_cnd_dg.devices | default([]) | map(attribute='name') | list }}" # Combine the VG PV device and Cinder PV device lists, sorting and # uniqifying them as part of the process. _diskconfig_all_pvs: "{{ _diskconfig_vg_pvs + _diskconfig_cnd_pvs | sort | unique }}" # Construct the accept and reject filter text entry lists _diskconfig_lvm_accepts: "{{ _diskconfig_all_pvs | map('regex_replace', '(.*)', 'a|^\\\\1[0-9]*|') | list }}" _diskconfig_lvm_rejects: - "r|.*|" # Finally combine the accept and reject lists such that we accept only # the desired devices when scanning for VGs and reject all other devices. diskconfig_lvm_filter_entries: "{{ _diskconfig_lvm_accepts + _diskconfig_lvm_rejects }}" write_test_file: 'write_test_tmp_file' mysql_part_loc: "{{ mysql_datadir }}" db_threshold_mb: 50 0707010000002D000041ED0000000000000000000000026000787300000000000000000000000000000000000000000000004200000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/diskconfig/tasks0707010000002E000081A40000000000000000000000016000787300002D2F000000000000000000000000000000000000005000000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/diskconfig/tasks/configure.yml# # (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017-2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # # Play to set up lvm FS and mounts --- # TODO: remove this debug comment once we are happy this mechanism # causes no undesirable side effects. - name: osconfig | diskconfig | proposed lvm.conf filter entries debug: msg="filter = {{ diskconfig_lvm_filter_entries }}" # See if lvmetad is already enabled - name: osconfig | diskconfig | Is lvmetad enabled in lvm.conf already? become: yes shell: fgrep "use_lvmetad =" /etc/lvm/lvm.conf | xargs | awk '{ print $3 }' register: use_lvmetad_output # We have to stop lvmetad service prior to updating lvm.conf. # we are enabling lvmetad by setting use_lvmetad = 1 due to bug # 1084559. This requires making sure lvmetad is stopped prior to # updating lvm.conf, and then starting it again after - name: osconfig | diskconfig | Make sure lvm2-lvmetad service is stopped become: yes service: name=lvm2-lvmetad state=stopped when: use_lvmetad_output.stdout == "0" # Update the filter settings in the lvm.conf using the list of filter # entries found in the diskconfig_lvm_filter_entries, if not empty. # This will replace any active filter entry line, since there can be # only one, and will be inserted before the standard comment line that # contains the string "By default we accept every block device". - name: osconfig | diskconfig | Install lvm.conf become: yes template: src: lvm.conf.j2 dest: /etc/lvm/lvm.conf mode: 0644 owner: root group: root - name: osconfig | diskconfig | determine root filesystem mount set_fact: root_mount: > {{ ansible_mounts | selectattr('mount', 'equalto', '/') | first }} - name: osconfig | diskconfig | determine VG & LV for root device become: yes command: > lvs -o vg_name,lv_name --noheadings --nameprefixes --unquoted {{ root_mount.device }} register: _lvs_root_device_result - name: osconfig | diskconfig | extract VG & LV for root filesystem set_fact: root_vg: > {{ _lvs_root_device_result.stdout.strip().split(' ')[0].split('=')[1] }} root_lv: > {{ _lvs_root_device_result.stdout.strip().split(' ')[1].split('=')[1] }} - name: osconfig | diskconfig | get ardana root set_fact: # item.0 doesn't include the named subelement, so retrieve the # matching VG entry again explicitly. mdm_base_vg: "{{ host.my_disk_models.volume_groups | selectattr('name', 'equalto', item.0.name) | list | first }}" base_disk: "{{ item.1 | regex_replace('_root','') }}" full_match: "{{ item.1 }}" when: item.0.name == "{{ root_vg }}" and item.1 | search("_root") with_subelements: - "{{ host.my_disk_models.volume_groups }}" - physical_volumes - name: osconfig | diskconfig | get base volume in vg command: > vgs -o pv_name --noheadings --nameprefixes --unquoted {{ root_vg }} register: _vgs_root_vg_result when: base_disk is defined - name: osconfig | diskconfig | set base pv set_fact: base_pv: > {{ _vgs_root_vg_result.stdout.strip().split(' ')[0].split('=')[1] }} when: base_disk is defined - name: osconfig | diskconfig | assign vg_pvs set_fact: vg_pvs: > {{ mdm_base_vg.physical_volumes | join(',') | replace(full_match, base_pv) }} when: base_disk is defined - name: osconfig | diskconfig | setup volume groups templated root dev lvg: vg={{ mdm_base_vg.name }} pvs={{ vg_pvs }} when: base_disk is defined - name: osconfig | diskconfig | setup volume groups lvg: vg={{ item.name }} pvs={{ item.physical_volumes | join(",") }} when: item.name != "{{ root_vg }}" or base_disk is not defined with_items: "{{ host.my_disk_models.volume_groups }}" # remap lv named "root" in root VG to be dynamically determined root_lv # value in the following actions using ternary() operator - name: osconfig | diskconfig | create LVs lvol: vg: "{{ item.0.name }}" lv: > {{ ((item.0.name == root_vg) and (item.1.name == "root")) | ternary(root_lv, item.1.name) }} size: "{{ item.1.size }}VG" with_subelements: - "{{ host.my_disk_models.volume_groups }}" - logical_volumes - name: osconfig | diskconfig | Extend root LV command: > lvextend -l {{ item.1.size }}VG /dev/{{ item.0.name }}/{{ (item.1.name == "root") | ternary(root_lv, item.1.name) }} when: - item.0.name == root_vg - (item.1.name == root_lv) or (item.1.name == "root") with_subelements: - "{{ host.my_disk_models.volume_groups }}" - logical_volumes register: extend_output failed_when: ( extend_output.rc != 0 ) and ( "matches existing size" not in extend_output.stderr ) - name: osconfig | diskconfig | mkfs lv with options filesystem: fstype: "{{ item.1.fstype }}" opts: "{{ item.1.mkfs_opts }}" dev: > /dev/{{ item.0.name }}/{{ (item.1.name == "root") | ternary(root_lv, item.1.name) }} when: item.1.mkfs_opts is defined and item.1.fstype is defined with_subelements: - "{{ host.my_disk_models.volume_groups }}" - logical_volumes - name: osconfig | diskconfig | mkfs lv no options filesystem: fstype: "{{ item.1.fstype }}" dev: > /dev/{{ item.0.name }}/{{ (item.1.name == "root") | ternary(root_lv, item.1.name) }} when: item.1.mkfs_opts is not defined and item.1.fstype is defined with_subelements: - "{{ host.my_disk_models.volume_groups }}" - logical_volumes - name: osconfig | diskconfig | resize root fs if necessary command: > resize2fs /dev/{{ item.0.name }}/{{ (item.1.name == "root") | ternary(root_lv, item.1.name) }} when: - item.0.name == root_vg - item.1.fstype is defined - item.1.fstype == "ext4" - (item.1.name == root_lv) or (item.1.name == "root") with_subelements: - "{{ host.my_disk_models.volume_groups }}" - logical_volumes - name: osconfig | diskconfig | Check if deployer and control plane co-existing set_fact: deployer_coexisting: true when: "'resources' in group_names" run_once: true delegate_to: localhost - name: osconfig | diskconfig | Check if /var/log is in the disk input model set_fact: log_mount_in_disk_model: true when: deployer_coexisting is defined and item.1.mount is defined and item.1.mount.find("/var/log") != -1 with_subelements: - "{{ host.my_disk_models.volume_groups }}" - logical_volumes run_once: true delegate_to: localhost - name: osconfig | diskconfig | Check if /var/log is a mountpoint command: bash -c "cat /etc/fstab | grep -e /var/log" register: log_is_mountpoint ignore_errors: True when: deployer_coexisting is defined and log_mount_in_disk_model is defined run_once: true delegate_to: localhost - name: osconfig | diskconfig | Set log already mounted fact set_fact: log_already_mounted: true when: deployer_coexisting is defined and log_mount_in_disk_model is defined and log_is_mountpoint.rc == 1 run_once: true delegate_to: localhost - name: osconfig | diskconfig | Backup log dir before mounting log partition become: yes command: cp -dpr /var/log {{ ansible_env['HOME'] }} when: log_already_mounted is defined run_once: true delegate_to: localhost - name: osconfig | diskconfig | Create the lv mount point if it does not exist file: path: "{{ item.1.mount }}" state: directory when: item.1.mount is defined with_subelements: - "{{ host.my_disk_models.volume_groups }}" - logical_volumes - name: osconfig | diskconfig | mount lv fs mount: name={{ item.1.mount }} src=/dev/{{ item.0.name }}/{{ item.1.name }} fstype={{ item.1.fstype }} state=mounted when: item.1.mount is defined and item.1.fstype is defined with_subelements: - "{{ host.my_disk_models.volume_groups }}" - logical_volumes - name: osconfig | diskconfig | Set the lv file system mode bits file: mode: "{{ item.1.mode }}" path: "{{ item.1.mount }}" state: directory when: item.1.mount is defined and item.1.mode is defined with_subelements: - "{{ host.my_disk_models.volume_groups }}" - logical_volumes - name: osconfig | diskconfig | Restore SELinux security context of /var/log file: path: /var/log state: directory setype: var_log_t when: ansible_os_family == 'RedHat' - name: osconfig | diskconfig | Restore log dir after mounting log partition become: yes command: cp -dpr {{ ansible_env['HOME'] }}/log /var when: log_already_mounted is defined run_once: true delegate_to: localhost - name: osconfig | diskconfig | Remove log dir backup become: yes file: path={{ ansible_env['HOME'] }}/log state=absent when: log_already_mounted is defined run_once: true delegate_to: localhost - name: osconfig | diskconfig | Restart Services using log dir prior to mounting service: name=apache2 state=restarted when: log_already_mounted is defined run_once: true delegate_to: localhost - name: osconfig | diskconfig | mkfs physical device no options filesystem: fstype={{ item.1.fstype }} dev="{{ item.1.name }}" when: ( item.1.mkfs_opts is not defined ) and ( item.1.fstype is defined ) with_subelements: - "{{ host.my_disk_models.device_groups | default([]) }}" - devices - name: osconfig | diskconfig | mkfs physical device with options filesystem: fstype={{ item.1.fstype }} opts="{{ item.1.mkfs_opts }}" dev="{{ item.1.name }}" when: ( item.1.mkfs_opts is defined ) and ( item.1.fstype is defined ) with_subelements: - "{{ host.my_disk_models.device_groups | default([]) }}" - devices - name: osconfig | diskconfig | Create the physical device mount point if needed file: path: "{{ item.1.mount }}" state: directory when: item.1.mount is defined with_subelements: - "{{ host.my_disk_models.device_groups | default([]) }}" - devices - name: osconfig | diskconfig | mount physical device fs mount: name={{ item.1.mount }} src="{{ item.1.name }}" fstype={{ item.1.fstype }} state=mounted when: item.1.mount is defined and item.1.fstype is defined with_subelements: - "{{ host.my_disk_models.device_groups | default([]) }}" - devices - name: osconfig | diskconfig | Set the physical device file system mode bits file: mode: "{{ item.1.mode }}" path: "{{ item.1.mount }}" state: directory when: item.1.mount is defined and item.1.mode is defined with_subelements: - "{{ host.my_disk_models.device_groups | default([]) }}" - devices - name: osconfig | diskconfig | check if log restart needed stat: path="{%- if ansible_os_family in ['RedHat', 'Suse'] -%}/var/log/messages{%- else -%}/var/log/syslog{%- endif -%}" register: syslog_status - name: osconfig | diskconfig | restart syslog if needed service: name=rsyslog state=restarted when: syslog_status.stat.exists == False 0707010000002F000081A40000000000000000000000016000787300001318000000000000000000000000000000000000005400000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/diskconfig/tasks/get_disk_info.yml# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. --- - name: osconfig | diskconfig | list multipath devs become: yes shell: ls -1 /dev/mapper/mpath* | wc -l register: multipath_devs_result - name: osconfig | diskconfig | check multipath devs set_fact: multipath_env=true when: multipath_devs_result.stdout != "0" - name: osconfig | diskconfig | set multipath env set_fact: wipe_disks_multipath=true when: wipe_disks_multipath is not defined and multipath_env is defined - name: osconfig | diskconfig | set multipath env set_fact: wipe_disks_multipath=false when: wipe_disks_multipath is not defined and multipath_env is not defined - name: osconfig | diskconfig | set default_disk set_fact: wipe_disks_skip_partition="sda" when: wipe_disks_skip_partition is not defined and wipe_disks_multipath == False - name: osconfig | diskconfig | set default_mulitpath_disk set_fact: wipe_disks_skip_partition="mpatha" when: wipe_disks_skip_partition is not defined and wipe_disks_multipath == True - name: osconfig | diskconfig | get list of devices shell: cat /proc/partitions | grep "sd" | grep -v {{ wipe_disks_skip_partition }}$ | grep -v {{ wipe_disks_skip_partition }}[0-9] | awk '{ print $4 }' register: single_results become: yes when: wipe_disks_multipath == False ignore_errors: true - name: osconfig | diskconfig | get multipath list of devices shell: ls -1 /dev/mapper/ | grep "mpath" | grep -v {{ wipe_disks_skip_partition }}$ | grep -v {{ wipe_disks_skip_partition }}[0-9] register: multi_results become: yes when: wipe_disks_multipath == True ignore_errors: true - name: osconfig | diskconfig | set single path result set_fact: all_devices="{{ single_results.stdout_lines }}" when: wipe_disks_multipath == False - name: osconfig | diskconfig | set multi path result set_fact: all_devices="{{ multi_results.stdout_lines }}" when: wipe_disks_multipath == True - name: osconfig | diskconfig | filter one disk only if specified set_fact: devices="{{ all_devices }}" when: wipe_one_disk is not defined # Check needs to be an exact item by item equality check. - name: osconfig | diskconfig | filter one disk if it exists set_fact: found_one_dev="{{ wipe_one_disk }}" when: wipe_one_disk is defined and item == wipe_one_disk with_items: "{{ all_devices }}" # Create a one-item list - name: osconfig | diskconfig | continue if disk exists set_fact: devices: - "{{ wipe_one_disk }}" when: wipe_one_disk is defined and found_one_dev is defined - name: osconfig | diskconfig | fail if specified disk doesnt exist fail: msg: > did not find {{ wipe_one_disk }} in list of devices on this node {{ all_devices }} when: wipe_one_disk is defined and found_one_dev is not defined - name: osconfig | diskconfig | Check if osconfig has run stat: path=/etc/openstack/osconfig-ran register: osconfig_ran - name: osconfig | diskconfig | check result of osconfig check fail: msg: > found /etc/openstack/osconfig-ran on node, this means that Ardana$ OpenStack software has been previously installed on this system {{ inventory_hostname }}, if you want to continue to wipe this node please remove /etc/openstack/osconfig-ran from the node(s) in question. when: osconfig_ran.stat.exists == True and wipe_one_disk is not defined - name: osconfig | diskconfig | check if devices set_fact: devs_exist=true with_items: "{{ devices }}" - name: osconfig | diskconfig | check partition tables for all devices found shell: fdisk /dev/{{ item }} -l become: yes with_items: "{{ devices }}" register: partitions_found when: item != "{{ wipe_disks_skip_partition }}" and (osconfig_ran.stat.exists == False or wipe_one_disk is defined) and devs_exist is defined and wipe_disks_multipath == False - name: osconfig | diskconfig | check partition tables for all devices found shell: fdisk /dev/mapper/{{ item }} -l become: yes with_items: "{{ devices }}" register: partitions_found when: item != "{{ wipe_disks_skip_partition }}" and (osconfig_ran.stat.exists == False or wipe_one_disk is defined) and devs_exist is defined and wipe_disks_multipath == True - name: osconfig | diskconfig | devices to be wiped debug: msg="wipe {{ devices }}" 07070100000030000081A40000000000000000000000016000787300000331000000000000000000000000000000000000004E00000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/diskconfig/tasks/install.yml# # (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017-2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- - name: osconfig | disk config | Install dependencies become: yes package: name: "{{ item }}" state: present with_items: diskconfig_pkg_dependencies 07070100000031000081A4000000000000000000000001600078730000043B000000000000000000000000000000000000005800000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/diskconfig/tasks/wipe_confirmation.yml# (c) Copyright 2015 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. --- - name: You will Wipe the above disks if you continue. This will remove all data on all the selected nodes. pause: prompt="Wipe the above disks. Press enter to continue or control+c then a to abort" delegate_to: localhost when: automate is not defined - name: 5 minutes to reconsider. press ctrl+c then c if you are sure. if not press ctrl+c then a to abort. pause: minutes=5 delegate_to: localhost when: automate is not defined 07070100000032000081A40000000000000000000000016000787300000441000000000000000000000000000000000000005100000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/diskconfig/tasks/wipe_disks.yml# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. --- - include: "install.yml" - name: osconfig | wipe_disks | Wipe disks wipe_disk: drives: "{{ devices }}" when: partitions_found.msg == "All items completed" and (osconfig_ran.stat.exists == False or wipe_one_disk is defined) and devs_exist is defined register: wipe_disk_result - name: osconfig | wipe_disks | Display output debug: var: wipe_disk_result.stdout_lines when: wipe_disk_result | skipped != true 07070100000033000081A40000000000000000000000016000787300000925000000000000000000000000000000000000005500000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/diskconfig/tasks/wipe_one_check.yml# (c) Copyright 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. --- - name: diskconfig | wipe_one_check | Check the number of hosts set_fact: diskconfig_num_hosts="{{ play_hosts | length }}" delegate_to: 127.0.0.1 run_once: True - name: diskconfig | wipe_one_check | Validate number of hosts fail: msg="The number of nodes in this play must be exactly 1!" when: diskconfig_num_hosts | int != 1 delegate_to: 127.0.0.1 run_once: True - name: diskconfig | wipe_one_check | Validate devices defined fail: msg="You must specify wipe_one_disk as '-e wipe_one_disk=sdc' for example" when: wipe_one_disk is not defined delegate_to: 127.0.0.1 run_once: True - name: diskconfig | wipe_one_check | Validate number of devices fail: msg="The number of disks must be exactly 1!" when: "' ' in wipe_one_disk" delegate_to: 127.0.0.1 run_once: True - name: diskconfig | wipe_one_check | Find device type become: yes command: "lsblk -n -d -o type /dev/{{ wipe_one_disk }}" register: wipe_one_check_disk - name: diskconfig | wipe_one_check | Validate its a disk not a partition fail: msg="You must specify a full disk device" when: "'disk' not in wipe_one_check_disk.stdout" - name: diskconfig | wipe_one_check | Find any partitions become: yes shell: "lsblk -l -n -o type,name /dev/{{ wipe_one_disk }} | grep ^part | awk '{print $2}'" register: wipe_one_check_parts # lsof isnt a sufficient check - name: diskconfig | wipe_one_check | Validate no part of device is being used any_errors_fatal: True become: yes command: "python -c 'import os; os.open(\"/dev/{{ item }}\", os.O_EXCL)'" with_items: - "{{ wipe_one_check_parts.stdout_lines }}" - "{{ wipe_one_disk }}" register: wipe_one_check_parts_used 07070100000034000081A400000000000000000000000160007873000007BA000000000000000000000000000000000000005100000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/diskconfig/tasks/write_test.yml# # (c) Copyright 2015 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # # Play to test write speed of partition holding database --- - name: diskconfig | write_test | Include FND-MDB defaults include_vars: "{{ playbook_dir }}/roles/FND-MDB/defaults/main.yml" - name: diskconfig | write_test | Check for mysql partition stat: path: "{{ mysql_datadir }}" register: mysql_partition_result become: yes - name: diskconfig | write_test | Set the mysql partition location if not found set_fact: mysql_part_loc: "/" when: mysql_partition_result.stat.exists == False - name: diskconfig | write_test | Write file to db partition shell: | dd if=/dev/zero of={{ mysql_part_loc }}/{{ write_test_file }} \ bs=4k count=10000 oflag=direct 2>&1 | awk '/copied/ {print $8}' register: diskconfig_write_result become: yes - name: diskconfig | write_test | Print db partition write speed debug: msg: "Database partition write speed is = {{ diskconfig_write_result.stdout }} MB/s" - name: diskconfig | write_test | Warn of slow write speed debug: msg: "WARNING Write speed of database partition is slow {{ diskconfig_write_result.stdout }} MB/s" when: ({{ diskconfig_write_result.stdout | int }} <= {{ db_threshold_mb }}) - name: diskconfig | write_test | Remove write test file file: path: "{{ mysql_part_loc }}/{{ write_test_file }}" state: absent become: yes 07070100000035000041ED0000000000000000000000026000787300000000000000000000000000000000000000000000004600000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/diskconfig/templates07070100000036000081A4000000000000000000000001600078730000E655000000000000000000000000000000000000005200000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/diskconfig/templates/lvm.conf.j2{# # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. #} # This section allows you to set the way the configuration settings are handled. config { # If enabled, any LVM2 configuration mismatch is reported. # This implies checking that the configuration key is understood # by LVM2 and that the value of the key is of a proper type. # If disabled, any configuration mismatch is ignored and default # value is used instead without any warning (a message about the # configuration key not being found is issued in verbose mode only). checks = 1 # If enabled, any configuration mismatch aborts the LVM2 process. abort_on_errors = 0 # Directory where LVM looks for configuration profiles. profile_dir = "/etc/lvm/profile" } # This section allows you to configure which block devices should # be used by the LVM system. devices { # Where do you want your volume groups to appear ? dir = "/dev" # An array of directories that contain the device nodes you wish # to use with LVM2. scan = [ "/dev" ] # If set, the cache of block device nodes with all associated symlinks # will be constructed out of the existing udev database content. # This avoids using and opening any inapplicable non-block devices or # subdirectories found in the device directory. This setting is applied # to udev-managed device directory only, other directories will be scanned # fully. LVM2 needs to be compiled with udev support for this setting to # take effect. N.B. Any device node or symlink not managed by udev in # udev directory will be ignored with this setting on. obtain_device_list_from_udev = 1 # If several entries in the scanned directories correspond to the # same block device and the tools need to display a name for device, # all the pathnames are matched against each item in the following # list of regular expressions in turn and the first match is used. # By default no preferred names are defined. # preferred_names = [ ] # Try to avoid using undescriptive /dev/dm-N names, if present. # preferred_names = [ "^/dev/mpath/", "^/dev/mapper/mpath", "^/dev/[hs]d" ] # In case no prefererred name matches or if preferred_names are not # defined at all, builtin rules are used to determine the preference. # # The first builtin rule checks path prefixes and it gives preference # based on this ordering (where "dev" depends on devices/dev setting): # /dev/mapper > /dev/disk > /dev/dm-* > /dev/block # # If the ordering above cannot be applied, the path with fewer slashes # gets preference then. # # If the number of slashes is the same, a symlink gets preference. # # Finally, if all the rules mentioned above are not applicable, # lexicographical order is used over paths and the smallest one # of all gets preference. # A filter that tells LVM2 to only use a restricted set of devices. # The filter consists of an array of regular expressions. These # expressions can be delimited by a character of your choice, and # prefixed with either an 'a' (for accept) or 'r' (for reject). # The first expression found to match a device name determines if # the device will be accepted or rejected (ignored). Devices that # don't match any patterns are accepted. # Be careful if there there are symbolic links or multiple filesystem # entries for the same device as each name is checked separately against # the list of patterns. The effect is that if the first pattern in the # list to match a name is an 'a' pattern for any of the names, the device # is accepted; otherwise if the first pattern in the list to match a name # is an 'r' pattern for any of the names it is rejected; otherwise it is # accepted. # By default we accept every block device except udev names, floppy and cdrom drives: # filter = [ "r|/dev/.*/by-path/.*|", "r|/dev/.*/by-id/.*|", "r|/dev/fd.*|", "r|/dev/cdrom|", "a/.*/" ] # Exclude the cdrom drive # filter = [ "r|/dev/cdrom|" ] # When testing I like to work with just loopback devices: # filter = [ "a/loop/", "r/.*/" ] # Or maybe all loops and ide drives except hdc: # filter =[ "a|loop|", "r|/dev/hdc|", "a|/dev/ide|", "r|.*|" ] # Use anchors if you want to be really specific filter = {{ diskconfig_lvm_filter_entries | list }} # Since "filter" is often overridden from command line, it is not suitable # for system-wide device filtering (udev rules, lvmetad). To hide devices # from LVM-specific udev processing and/or from lvmetad, you need to set # global_filter. The syntax is the same as for normal "filter" # above. Devices that fail the global_filter are not even opened by LVM. # global_filter = [] global_filter = {{ diskconfig_lvm_filter_entries | list }} # The results of the filtering are cached on disk to avoid # rescanning dud devices (which can take a very long time). # By default this cache is stored in the /etc/lvm/cache directory # in a file called '.cache'. # It is safe to delete the contents: the tools regenerate it. # (The old setting 'cache' is still respected if neither of # these new ones is present.) # N.B. If obtain_device_list_from_udev is set to 1 the list of # devices is instead obtained from udev and any existing .cache # file is removed. cache_dir = "/etc/lvm/cache" cache_file_prefix = "" # You can turn off writing this cache file by setting this to 0. write_cache_state = 1 # Advanced settings. # List of pairs of additional acceptable block device types found # in /proc/devices with maximum (non-zero) number of partitions. # types = [ "fd", 16 ] # If sysfs is mounted (2.6 kernels) restrict device scanning to # the block devices it believes are valid. # 1 enables; 0 disables. sysfs_scan = 1 # By default, LVM2 will ignore devices used as component paths # of device-mapper multipath devices. # 1 enables; 0 disables. multipath_component_detection = 1 # By default, LVM2 will ignore devices used as components of # software RAID (md) devices by looking for md superblocks. # 1 enables; 0 disables. md_component_detection = 1 # By default, if a PV is placed directly upon an md device, LVM2 # will align its data blocks with the md device's stripe-width. # 1 enables; 0 disables. md_chunk_alignment = 1 # Default alignment of the start of a data area in MB. If set to 0, # a value of 64KB will be used. Set to 1 for 1MiB, 2 for 2MiB, etc. # default_data_alignment = 1 # By default, the start of a PV's data area will be a multiple of # the 'minimum_io_size' or 'optimal_io_size' exposed in sysfs. # - minimum_io_size - the smallest request the device can perform # w/o incurring a read-modify-write penalty (e.g. MD's chunk size) # - optimal_io_size - the device's preferred unit of receiving I/O # (e.g. MD's stripe width) # minimum_io_size is used if optimal_io_size is undefined (0). # If md_chunk_alignment is enabled, that detects the optimal_io_size. # This setting takes precedence over md_chunk_alignment. # 1 enables; 0 disables. data_alignment_detection = 1 # Alignment (in KB) of start of data area when creating a new PV. # md_chunk_alignment and data_alignment_detection are disabled if set. # Set to 0 for the default alignment (see: data_alignment_default) # or page size, if larger. data_alignment = 0 # By default, the start of the PV's aligned data area will be shifted by # the 'alignment_offset' exposed in sysfs. This offset is often 0 but # may be non-zero; e.g.: certain 4KB sector drives that compensate for # windows partitioning will have an alignment_offset of 3584 bytes # (sector 7 is the lowest aligned logical block, the 4KB sectors start # at LBA -1, and consequently sector 63 is aligned on a 4KB boundary). # But note that pvcreate --dataalignmentoffset will skip this detection. # 1 enables; 0 disables. data_alignment_offset_detection = 1 # If, while scanning the system for PVs, LVM2 encounters a device-mapper # device that has its I/O suspended, it waits for it to become accessible. # Set this to 1 to skip such devices. This should only be needed # in recovery situations. ignore_suspended_devices = 0 # ignore_lvm_mirrors: Introduced in version 2.02.104 # This setting determines whether logical volumes of "mirror" segment # type are scanned for LVM labels. This affects the ability of # mirrors to be used as physical volumes. If 'ignore_lvm_mirrors' # is set to '1', it becomes impossible to create volume groups on top # of mirror logical volumes - i.e. to stack volume groups on mirrors. # # Allowing mirror logical volumes to be scanned (setting the value to '0') # can potentially cause LVM processes and I/O to the mirror to become # blocked. This is due to the way that the "mirror" segment type handles # failures. In order for the hang to manifest itself, an LVM command must # be run just after a failure and before the automatic LVM repair process # takes place OR there must be failures in multiple mirrors in the same # volume group at the same time with write failures occurring moments # before a scan of the mirror's labels. # # Note that these scanning limitations do not apply to the LVM RAID # types, like "raid1". The RAID segment types handle failures in a # different way and are not subject to possible process or I/O blocking. # # It is encouraged that users set 'ignore_lvm_mirrors' to 1 if they # are using the "mirror" segment type. Users that require volume group # stacking on mirrored logical volumes should consider using the "raid1" # segment type. The "raid1" segment type is not available for # active/active clustered volume groups. # # Set to 1 to disallow stacking and thereby avoid a possible deadlock. ignore_lvm_mirrors = 1 # During each LVM operation errors received from each device are counted. # If the counter of a particular device exceeds the limit set here, no # further I/O is sent to that device for the remainder of the respective # operation. Setting the parameter to 0 disables the counters altogether. disable_after_error_count = 0 # Allow use of pvcreate --uuid without requiring --restorefile. require_restorefile_with_uuid = 1 # Minimum size (in KB) of block devices which can be used as PVs. # In a clustered environment all nodes must use the same value. # Any value smaller than 512KB is ignored. # Ignore devices smaller than 2MB such as floppy drives. pv_min_size = 2048 # The original built-in setting was 512 up to and including version 2.02.84. # pv_min_size = 512 # Issue discards to a logical volumes's underlying physical volume(s) when # the logical volume is no longer using the physical volumes' space (e.g. # lvremove, lvreduce, etc). Discards inform the storage that a region is # no longer in use. Storage that supports discards advertise the protocol # specific way discards should be issued by the kernel (TRIM, UNMAP, or # WRITE SAME with UNMAP bit set). Not all storage will support or benefit # from discards but SSDs and thinly provisioned LUNs generally do. If set # to 1, discards will only be issued if both the storage and kernel provide # support. # 1 enables; 0 disables. issue_discards = 0 } # This section allows you to configure the way in which LVM selects # free space for its Logical Volumes. allocation { # When searching for free space to extend an LV, the "cling" # allocation policy will choose space on the same PVs as the last # segment of the existing LV. If there is insufficient space and a # list of tags is defined here, it will check whether any of them are # attached to the PVs concerned and then seek to match those PV tags # between existing extents and new extents. # Use the special tag "@*" as a wildcard to match any PV tag. # Example: LVs are mirrored between two sites within a single VG. # PVs are tagged with either @site1 or @site2 to indicate where # they are situated. # cling_tag_list = [ "@site1", "@site2" ] # cling_tag_list = [ "@*" ] # Changes made in version 2.02.85 extended the reach of the 'cling' # policies to detect more situations where data can be grouped # onto the same disks. Set this to 0 to revert to the previous # algorithm. maximise_cling = 1 # Whether to use blkid library instead of native LVM2 code to detect # any existing signatures while creating new Physical Volumes and # Logical Volumes. LVM2 needs to be compiled with blkid wiping support # for this setting to take effect. # # LVM2 native detection code is currently able to recognize these signatures: # - MD device signature # - swap signature # - LUKS signature # To see the list of signatures recognized by blkid, check the output # of 'blkid -k' command. The blkid can recognize more signatures than # LVM2 native detection code, but due to this higher number of signatures # to be recognized, it can take more time to complete the signature scan. use_blkid_wiping = 1 # Set to 1 to wipe any signatures found on newly-created Logical Volumes # automatically in addition to zeroing of the first KB on the LV # (controlled by the -Z/--zero y option). # The command line option -W/--wipesignatures takes precedence over this # setting. # The default is to wipe signatures when zeroing. # wipe_signatures_when_zeroing_new_lvs = 1 # Set to 1 to guarantee that mirror logs will always be placed on # different PVs from the mirror images. This was the default # until version 2.02.85. mirror_logs_require_separate_pvs = 0 # Set to 1 to guarantee that cache_pool metadata will always be # placed on different PVs from the cache_pool data. cache_pool_metadata_require_separate_pvs = 0 # Specify the minimal chunk size (in kiB) for cache pool volumes. # Using a chunk_size that is too large can result in wasteful use of # the cache, where small reads and writes can cause large sections of # an LV to be mapped into the cache. However, choosing a chunk_size # that is too small can result in more overhead trying to manage the # numerous chunks that become mapped into the cache. The former is # more of a problem than the latter in most cases, so we default to # a value that is on the smaller end of the spectrum. Supported values # range from 32(kiB) to 1048576 in multiples of 32. # cache_pool_chunk_size = 64 # Set to 1 to guarantee that thin pool metadata will always # be placed on different PVs from the pool data. thin_pool_metadata_require_separate_pvs = 0 # Specify chunk size calculation policy for thin pool volumes. # Possible options are: # "generic" - if thin_pool_chunk_size is defined, use it. # Otherwise, calculate the chunk size based on # estimation and device hints exposed in sysfs: # the minimum_io_size. The chunk size is always # at least 64KiB. # # "performance" - if thin_pool_chunk_size is defined, use it. # Otherwise, calculate the chunk size for # performance based on device hints exposed in # sysfs: the optimal_io_size. The chunk size is # always at least 512KiB. # thin_pool_chunk_size_policy = "generic" # Specify the minimal chunk size (in KB) for thin pool volumes. # Use of the larger chunk size may improve performance for plain # thin volumes, however using them for snapshot volumes is less efficient, # as it consumes more space and takes extra time for copying. # When unset, lvm tries to estimate chunk size starting from 64KB # Supported values are in range from 64 to 1048576. # thin_pool_chunk_size = 64 # Specify discards behaviour of the thin pool volume. # Select one of "ignore", "nopassdown", "passdown" # thin_pool_discards = "passdown" # Set to 0, to disable zeroing of thin pool data chunks before their # first use. # N.B. zeroing larger thin pool chunk size degrades performance. # thin_pool_zero = 1 } # This section that allows you to configure the nature of the # information that LVM2 reports. log { # Controls the messages sent to stdout or stderr. # There are three levels of verbosity, 3 being the most verbose. verbose = 0 # Set to 1 to suppress all non-essential messages from stdout. # This has the same effect as -qq. # When this is set, the following commands still produce output: # dumpconfig, lvdisplay, lvmdiskscan, lvs, pvck, pvdisplay, # pvs, version, vgcfgrestore -l, vgdisplay, vgs. # Non-essential messages are shifted from log level 4 to log level 5 # for syslog and lvm2_log_fn purposes. # Any 'yes' or 'no' questions not overridden by other arguments # are suppressed and default to 'no'. silent = 0 # Should we send log messages through syslog? # 1 is yes; 0 is no. syslog = 1 # Should we log error and debug messages to a file? # By default there is no log file. #file = "/var/log/lvm2.log" # Should we overwrite the log file each time the program is run? # By default we append. overwrite = 0 # What level of log messages should we send to the log file and/or syslog? # There are 6 syslog-like log levels currently in use - 2 to 7 inclusive. # 7 is the most verbose (LOG_DEBUG). level = 0 # Format of output messages # Whether or not (1 or 0) to indent messages according to their severity indent = 1 # Whether or not (1 or 0) to display the command name on each line output command_names = 0 # A prefix to use before the message text (but after the command name, # if selected). Default is two spaces, so you can see/grep the severity # of each message. prefix = " " # To make the messages look similar to the original LVM tools use: # indent = 0 # command_names = 1 # prefix = " -- " # Set this if you want log messages during activation. # Don't use this in low memory situations (can deadlock). # activation = 0 # Some debugging messages are assigned to a class and only appear # in debug output if the class is listed here. # Classes currently available: # memory, devices, activation, allocation, lvmetad, metadata, cache, # locking # Use "all" to see everything. debug_classes = [ "memory", "devices", "activation", "allocation", "lvmetad", "metadata", "cache", "locking" ] } # Configuration of metadata backups and archiving. In LVM2 when we # talk about a 'backup' we mean making a copy of the metadata for the # *current* system. The 'archive' contains old metadata configurations. # Backups are stored in a human readable text format. backup { # Should we maintain a backup of the current metadata configuration ? # Use 1 for Yes; 0 for No. # Think very hard before turning this off! backup = 1 # Where shall we keep it ? # Remember to back up this directory regularly! backup_dir = "/etc/lvm/backup" # Should we maintain an archive of old metadata configurations. # Use 1 for Yes; 0 for No. # On by default. Think very hard before turning this off. archive = 1 # Where should archived files go ? # Remember to back up this directory regularly! archive_dir = "/etc/lvm/archive" # What is the minimum number of archive files you wish to keep ? retain_min = 10 # What is the minimum time you wish to keep an archive file for ? retain_days = 30 } # Settings for the running LVM2 in shell (readline) mode. shell { # Number of lines of history to store in ~/.lvm_history history_size = 100 } # Miscellaneous global LVM2 settings global { # The file creation mask for any files and directories created. # Interpreted as octal if the first digit is zero. umask = 077 # Allow other users to read the files #umask = 022 # Enabling test mode means that no changes to the on disk metadata # will be made. Equivalent to having the -t option on every # command. Defaults to off. test = 0 # Default value for --units argument units = "h" # Since version 2.02.54, the tools distinguish between powers of # 1024 bytes (e.g. KiB, MiB, GiB) and powers of 1000 bytes (e.g. # KB, MB, GB). # If you have scripts that depend on the old behaviour, set this to 0 # temporarily until you update them. si_unit_consistency = 1 # Whether or not to display unit suffix for sizes. This setting has # no effect if the units are in human-readable form (global/units="h") # in which case the suffix is always displayed. suffix = 1 # Whether or not to communicate with the kernel device-mapper. # Set to 0 if you want to use the tools to manipulate LVM metadata # without activating any logical volumes. # If the device-mapper kernel driver is not present in your kernel # setting this to 0 should suppress the error messages. activation = 1 # If we can't communicate with device-mapper, should we try running # the LVM1 tools? # This option only applies to 2.4 kernels and is provided to help you # switch between device-mapper kernels and LVM1 kernels. # The LVM1 tools need to be installed with .lvm1 suffices # e.g. vgscan.lvm1 and they will stop working after you start using # the new lvm2 on-disk metadata format. # The default value is set when the tools are built. # fallback_to_lvm1 = 0 # The default metadata format that commands should use - "lvm1" or "lvm2". # The command line override is -M1 or -M2. # Defaults to "lvm2". # format = "lvm2" # Location of proc filesystem proc = "/proc" # Type of locking to use. Defaults to local file-based locking (1). # Turn locking off by setting to 0 (dangerous: risks metadata corruption # if LVM2 commands get run concurrently). # Type 2 uses the external shared library locking_library. # Type 3 uses built-in clustered locking. # Type 4 uses read-only locking which forbids any operations that might # change metadata. # Type 5 offers dummy locking for tools that do not need any locks. # You should not need to set this directly: the tools will select when # to use it instead of the configured locking_type. Do not use lvmetad or # the kernel device-mapper driver with this locking type. # It is used by the --readonly option that offers read-only access to # Volume Group metadata that cannot be locked safely because it belongs to # an inaccessible domain and might be in use, for example a virtual machine # image or a disk that is shared by a clustered machine. # # N.B. Don't use lvmetad with locking type 3 as lvmetad is not yet # supported in clustered environment. If use_lvmetad=1 and locking_type=3 # is set at the same time, LVM always issues a warning message about this # and then it automatically disables lvmetad use. locking_type = 1 # Set to 0 to fail when a lock request cannot be satisfied immediately. wait_for_locks = 1 # If using external locking (type 2) and initialisation fails, # with this set to 1 an attempt will be made to use the built-in # clustered locking. # If you are using a customised locking_library you should set this to 0. fallback_to_clustered_locking = 1 # If an attempt to initialise type 2 or type 3 locking failed, perhaps # because cluster components such as clvmd are not running, with this set # to 1 an attempt will be made to use local file-based locking (type 1). # If this succeeds, only commands against local volume groups will proceed. # Volume Groups marked as clustered will be ignored. fallback_to_local_locking = 1 # Local non-LV directory that holds file-based locks while commands are # in progress. A directory like /tmp that may get wiped on reboot is OK. locking_dir = "/run/lvm/lock" # Whenever there are competing read-only and read-write access requests for # a volume group's metadata, instead of always granting the read-only # requests immediately, delay them to allow the read-write requests to be # serviced. Without this setting, write access may be stalled by a high # volume of read-only requests. # NB. This option only affects locking_type = 1 viz. local file-based # locking. prioritise_write_locks = 1 # Other entries can go here to allow you to load shared libraries # e.g. if support for LVM1 metadata was compiled as a shared library use # format_libraries = "liblvm2format1.so" # Full pathnames can be given. # Search this directory first for shared libraries. # library_dir = "/lib" # The external locking library to load if locking_type is set to 2. # locking_library = "liblvm2clusterlock.so" # Treat any internal errors as fatal errors, aborting the process that # encountered the internal error. Please only enable for debugging. abort_on_internal_errors = 0 # Check whether CRC is matching when parsed VG is used multiple times. # This is useful to catch unexpected internal cached volume group # structure modification. Please only enable for debugging. detect_internal_vg_cache_corruption = 0 # If set to 1, no operations that change on-disk metadata will be permitted. # Additionally, read-only commands that encounter metadata in need of repair # will still be allowed to proceed exactly as if the repair had been # performed (except for the unchanged vg_seqno). # Inappropriate use could mess up your system, so seek advice first! metadata_read_only = 0 # 'mirror_segtype_default' defines which segtype will be used when the # shorthand '-m' option is used for mirroring. The possible options are: # # "mirror" - The original RAID1 implementation provided by LVM2/DM. It is # characterized by a flexible log solution (core, disk, mirrored) # and by the necessity to block I/O while reconfiguring in the # event of a failure. # # There is an inherent race in the dmeventd failure handling # logic with snapshots of devices using this type of RAID1 that # in the worst case could cause a deadlock. # Ref: https://bugzilla.redhat.com/show_bug.cgi?id=817130#c10 # # "raid1" - This implementation leverages MD's RAID1 personality through # device-mapper. It is characterized by a lack of log options. # (A log is always allocated for every device and they are placed # on the same device as the image - no separate devices are # required.) This mirror implementation does not require I/O # to be blocked in the kernel in the event of a failure. # This mirror implementation is not cluster-aware and cannot be # used in a shared (active/active) fashion in a cluster. # # Specify the '--type <mirror|raid1>' option to override this default # setting. mirror_segtype_default = "raid1" # 'raid10_segtype_default' determines the segment types used by default # when the '--stripes/-i' and '--mirrors/-m' arguments are both specified # during the creation of a logical volume. # Possible settings include: # # "raid10" - This implementation leverages MD's RAID10 personality through # device-mapper. # # "mirror" - LVM will layer the 'mirror' and 'stripe' segment types. It # will do this by creating a mirror on top of striped sub-LVs; # effectively creating a RAID 0+1 array. This is suboptimal # in terms of providing redundancy and performance. Changing to # this setting is not advised. # Specify the '--type <raid10|mirror>' option to override this default # setting. raid10_segtype_default = "raid10" # The default format for displaying LV names in lvdisplay was changed # in version 2.02.89 to show the LV name and path separately. # Previously this was always shown as /dev/vgname/lvname even when that # was never a valid path in the /dev filesystem. # Set to 1 to reinstate the previous format. # # lvdisplay_shows_full_device_path = 0 # Whether to use (trust) a running instance of lvmetad. If this is set to # 0, all commands fall back to the usual scanning mechanisms. When set to 1 # *and* when lvmetad is running (automatically instantiated by making use of # systemd's socket-based service activation or run as an initscripts service # or run manually), the volume group metadata and PV state flags are obtained # from the lvmetad instance and no scanning is done by the individual # commands. In a setup with lvmetad, lvmetad udev rules *must* be set up for # LVM to work correctly. Without proper udev rules, all changes in block # device configuration will be *ignored* until a manual 'pvscan --cache' # is performed. These rules are installed by default. # # If lvmetad has been running while use_lvmetad was 0, it MUST be stopped # before changing use_lvmetad to 1 and started again afterwards. # # If using lvmetad, the volume activation is also switched to automatic # event-based mode. In this mode, the volumes are activated based on # incoming udev events that automatically inform lvmetad about new PVs # that appear in the system. Once the VG is complete (all the PVs are # present), it is auto-activated. The activation/auto_activation_volume_list # setting controls which volumes are auto-activated (all by default). # # A note about device filtering while lvmetad is used: # When lvmetad is updated (either automatically based on udev events # or directly by pvscan --cache <device> call), the devices/filter # is ignored and all devices are scanned by default. The lvmetad always # keeps unfiltered information which is then provided to LVM commands # and then each LVM command does the filtering based on devices/filter # setting itself. # To prevent scanning devices completely, even when using lvmetad, # the devices/global_filter must be used. # N.B. Don't use lvmetad with locking type 3 as lvmetad is not yet # supported in clustered environment. If use_lvmetad=1 and locking_type=3 # is set at the same time, LVM always issues a warning message about this # and then it automatically disables lvmetad use. # If use_lvmetad set to 1, please make sure lvm2-lvmetad.socket is started use_lvmetad = 1 # Full path of the utility called to check that a thin metadata device # is in a state that allows it to be used. # Each time a thin pool needs to be activated or after it is deactivated # this utility is executed. The activation will only proceed if the utility # has an exit status of 0. # Set to "" to skip this check. (Not recommended.) # The thin tools are available as part of the device-mapper-persistent-data # package from https://github.com/jthornber/thin-provisioning-tools. # # thin_check_executable = "/usr/sbin/thin_check" # Array of string options passed with thin_check command. By default, # option "-q" is for quiet output. # With thin_check version 2.1 or newer you can add "--ignore-non-fatal-errors" # to let it pass through ignorable errors and fix them later. # With thin_check version 3.2 or newer you should add # "--clear-needs-check-flag". # # thin_check_options = [ "-q", "--clear-needs-check-flag" ] # Full path of the utility called to repair a thin metadata device # is in a state that allows it to be used. # Each time a thin pool needs repair this utility is executed. # See thin_check_executable how to obtain binaries. # # thin_repair_executable = "/usr/sbin/thin_repair" # Array of extra string options passed with thin_repair command. # thin_repair_options = [ "" ] # Full path of the utility called to dump thin metadata content. # See thin_check_executable how to obtain binaries. # # thin_dump_executable = "/usr/sbin/thin_dump" # If set, given features are not used by thin driver. # This can be helpful not just for testing, but i.e. allows to avoid # using problematic implementation of some thin feature. # Features: # block_size # discards # discards_non_power_2 # external_origin # metadata_resize # external_origin_extend # # thin_disabled_features = [ "discards", "block_size" ] # Full path of the utility called to check that a cache metadata device # is in a state that allows it to be used. # Each time a cached LV needs to be used or after it is deactivated # this utility is executed. The activation will only proceed if the utility # has an exit status of 0. # Set to "" to skip this check. (Not recommended.) # The cache tools are available as part of the device-mapper-persistent-data # package from https://github.com/jthornber/thin-provisioning-tools. # # cache_check_executable = "autodetect" # Array of string options passed with cache_check command. By default, # option "-q" is for quiet output. # # cache_check_options = [ "-q" ] # Full path of the utility called to repair a cache metadata device. # Each time a cache metadata needs repair this utility is executed. # See cache_check_executable how to obtain binaries. # # cache_repair_executable = "autodetect" # Array of extra string options passed with cache_repair command. # cache_repair_options = [ "" ] # Full path of the utility called to dump cache metadata content. # See cache_check_executable how to obtain binaries. # # cache_dump_executable = "autodetect" } activation { # Set to 1 to perform internal checks on the operations issued to # libdevmapper. Useful for debugging problems with activation. # Some of the checks may be expensive, so it's best to use this # only when there seems to be a problem. checks = 0 # Set to 0 to disable udev synchronisation (if compiled into the binaries). # Processes will not wait for notification from udev. # They will continue irrespective of any possible udev processing # in the background. You should only use this if udev is not running # or has rules that ignore the devices LVM2 creates. # The command line argument --nodevsync takes precedence over this setting. # If set to 1 when udev is not running, and there are LVM2 processes # waiting for udev, run 'dmsetup udevcomplete_all' manually to wake them up. udev_sync = 1 # Set to 0 to disable the udev rules installed by LVM2 (if built with # --enable-udev_rules). LVM2 will then manage the /dev nodes and symlinks # for active logical volumes directly itself. # N.B. Manual intervention may be required if this setting is changed # while any logical volumes are active. udev_rules = 1 # Set to 1 for LVM2 to verify operations performed by udev. This turns on # additional checks (and if necessary, repairs) on entries in the device # directory after udev has completed processing its events. # Useful for diagnosing problems with LVM2/udev interactions. verify_udev_operations = 0 # If set to 1 and if deactivation of an LV fails, perhaps because # a process run from a quick udev rule temporarily opened the device, # retry the operation for a few seconds before failing. retry_deactivation = 1 # How to fill in missing stripes if activating an incomplete volume. # Using "error" will make inaccessible parts of the device return # I/O errors on access. You can instead use a device path, in which # case, that device will be used to in place of missing stripes. # But note that using anything other than "error" with mirrored # or snapshotted volumes is likely to result in data corruption. missing_stripe_filler = "error" # The linear target is an optimised version of the striped target # that only handles a single stripe. Set this to 0 to disable this # optimisation and always use the striped target. use_linear_target = 1 # How much stack (in KB) to reserve for use while devices suspended # Prior to version 2.02.89 this used to be set to 256KB reserved_stack = 64 # How much memory (in KB) to reserve for use while devices suspended reserved_memory = 8192 # Nice value used while devices suspended process_priority = -18 # If volume_list is defined, each LV is only activated if there is a # match against the list. # # "vgname" and "vgname/lvname" are matched exactly. # "@tag" matches any tag set in the LV or VG. # "@*" matches if any tag defined on the host is also set in the LV or VG # # If any host tags exist but volume_list is not defined, a default # single-entry list containing "@*" is assumed. # # volume_list = [ "vg1", "vg2/lvol1", "@tag1", "@*" ] # If auto_activation_volume_list is defined, each LV that is to be # activated with the autoactivation option (--activate ay/-a ay) is # first checked against the list. There are two scenarios in which # the autoactivation option is used: # # - automatic activation of volumes based on incoming PVs. If all the # PVs making up a VG are present in the system, the autoactivation # is triggered. This requires lvmetad (global/use_lvmetad=1) and udev # to be running. In this case, "pvscan --cache -aay" is called # automatically without any user intervention while processing # udev events. Please, make sure you define auto_activation_volume_list # properly so only the volumes you want and expect are autoactivated. # # - direct activation on command line with the autoactivation option. # In this case, the user calls "vgchange --activate ay/-a ay" or # "lvchange --activate ay/-a ay" directly. # # By default, the auto_activation_volume_list is not defined and all # volumes will be activated either automatically or by using --activate ay/-a ay. # # N.B. The "activation/volume_list" is still honoured in all cases so even # if the VG/LV passes the auto_activation_volume_list, it still needs to # pass the volume_list for it to be activated in the end. # If auto_activation_volume_list is defined but empty, no volumes will be # activated automatically and --activate ay/-a ay will do nothing. # # auto_activation_volume_list = [] # If auto_activation_volume_list is defined and it's not empty, only matching # volumes will be activated either automatically or by using --activate ay/-a ay. # # "vgname" and "vgname/lvname" are matched exactly. # "@tag" matches any tag set in the LV or VG. # "@*" matches if any tag defined on the host is also set in the LV or VG # # auto_activation_volume_list = [ "vg1", "vg2/lvol1", "@tag1", "@*" ] # If read_only_volume_list is defined, each LV that is to be activated # is checked against the list, and if it matches, it as activated # in read-only mode. (This overrides '--permission rw' stored in the # metadata.) # # "vgname" and "vgname/lvname" are matched exactly. # "@tag" matches any tag set in the LV or VG. # "@*" matches if any tag defined on the host is also set in the LV or VG # # read_only_volume_list = [ "vg1", "vg2/lvol1", "@tag1", "@*" ] # Each LV can have an 'activation skip' flag stored persistently against it. # During activation, this flag is used to decide whether such an LV is skipped. # The 'activation skip' flag can be set during LV creation and by default it # is automatically set for thin snapshot LVs. The 'auto_set_activation_skip' # enables or disables this automatic setting of the flag while LVs are created. # auto_set_activation_skip = 1 # For RAID or 'mirror' segment types, 'raid_region_size' is the # size (in KiB) of each: # - synchronization operation when initializing # - each copy operation when performing a 'pvmove' (using 'mirror' segtype) # This setting has replaced 'mirror_region_size' since version 2.02.99 raid_region_size = 512 # Setting to use when there is no readahead value stored in the metadata. # # "none" - Disable readahead. # "auto" - Use default value chosen by kernel. readahead = "auto" # 'raid_fault_policy' defines how a device failure in a RAID logical # volume is handled. This includes logical volumes that have the following # segment types: raid1, raid4, raid5*, and raid6*. # # In the event of a failure, the following policies will determine what # actions are performed during the automated response to failures (when # dmeventd is monitoring the RAID logical volume) and when 'lvconvert' is # called manually with the options '--repair' and '--use-policies'. # # "warn" - Use the system log to warn the user that a device in the RAID # logical volume has failed. It is left to the user to run # 'lvconvert --repair' manually to remove or replace the failed # device. As long as the number of failed devices does not # exceed the redundancy of the logical volume (1 device for # raid4/5, 2 for raid6, etc) the logical volume will remain # usable. # # "allocate" - Attempt to use any extra physical volumes in the volume # group as spares and replace faulty devices. # raid_fault_policy = "warn" # 'mirror_image_fault_policy' and 'mirror_log_fault_policy' define # how a device failure affecting a mirror (of "mirror" segment type) is # handled. A mirror is composed of mirror images (copies) and a log. # A disk log ensures that a mirror does not need to be re-synced # (all copies made the same) every time a machine reboots or crashes. # # In the event of a failure, the specified policy will be used to determine # what happens. This applies to automatic repairs (when the mirror is being # monitored by dmeventd) and to manual lvconvert --repair when # --use-policies is given. # # "remove" - Simply remove the faulty device and run without it. If # the log device fails, the mirror would convert to using # an in-memory log. This means the mirror will not # remember its sync status across crashes/reboots and # the entire mirror will be re-synced. If a # mirror image fails, the mirror will convert to a # non-mirrored device if there is only one remaining good # copy. # # "allocate" - Remove the faulty device and try to allocate space on # a new device to be a replacement for the failed device. # Using this policy for the log is fast and maintains the # ability to remember sync state through crashes/reboots. # Using this policy for a mirror device is slow, as it # requires the mirror to resynchronize the devices, but it # will preserve the mirror characteristic of the device. # This policy acts like "remove" if no suitable device and # space can be allocated for the replacement. # # "allocate_anywhere" - Not yet implemented. Useful to place the log device # temporarily on same physical volume as one of the mirror # images. This policy is not recommended for mirror devices # since it would break the redundant nature of the mirror. This # policy acts like "remove" if no suitable device and space can # be allocated for the replacement. mirror_log_fault_policy = "allocate" mirror_image_fault_policy = "remove" # 'snapshot_autoextend_threshold' and 'snapshot_autoextend_percent' define # how to handle automatic snapshot extension. The former defines when the # snapshot should be extended: when its space usage exceeds this many # percent. The latter defines how much extra space should be allocated for # the snapshot, in percent of its current size. # # For example, if you set snapshot_autoextend_threshold to 70 and # snapshot_autoextend_percent to 20, whenever a snapshot exceeds 70% usage, # it will be extended by another 20%. For a 1G snapshot, using up 700M will # trigger a resize to 1.2G. When the usage exceeds 840M, the snapshot will # be extended to 1.44G, and so on. # # Setting snapshot_autoextend_threshold to 100 disables automatic # extensions. The minimum value is 50 (A setting below 50 will be treated # as 50). snapshot_autoextend_threshold = 100 snapshot_autoextend_percent = 20 # 'thin_pool_autoextend_threshold' and 'thin_pool_autoextend_percent' define # how to handle automatic pool extension. The former defines when the # pool should be extended: when its space usage exceeds this many # percent. The latter defines how much extra space should be allocated for # the pool, in percent of its current size. # # For example, if you set thin_pool_autoextend_threshold to 70 and # thin_pool_autoextend_percent to 20, whenever a pool exceeds 70% usage, # it will be extended by another 20%. For a 1G pool, using up 700M will # trigger a resize to 1.2G. When the usage exceeds 840M, the pool will # be extended to 1.44G, and so on. # # Setting thin_pool_autoextend_threshold to 100 disables automatic # extensions. The minimum value is 50 (A setting below 50 will be treated # as 50). thin_pool_autoextend_threshold = 100 thin_pool_autoextend_percent = 20 # While activating devices, I/O to devices being (re)configured is # suspended, and as a precaution against deadlocks, LVM2 needs to pin # any memory it is using so it is not paged out. Groups of pages that # are known not to be accessed during activation need not be pinned # into memory. Each string listed in this setting is compared against # each line in /proc/self/maps, and the pages corresponding to any # lines that match are not pinned. On some systems locale-archive was # found to make up over 80% of the memory used by the process. # mlock_filter = [ "locale/locale-archive", "gconv/gconv-modules.cache" ] # Set to 1 to revert to the default behaviour prior to version 2.02.62 # which used mlockall() to pin the whole process's memory while activating # devices. use_mlockall = 0 # Monitoring is enabled by default when activating logical volumes. # Set to 0 to disable monitoring or use the --ignoremonitoring option. monitoring = 1 # When pvmove or lvconvert must wait for the kernel to finish # synchronising or merging data, they check and report progress # at intervals of this number of seconds. The default is 15 seconds. # If this is set to 0 and there is only one thing to wait for, there # are no progress reports, but the process is awoken immediately the # operation is complete. polling_interval = 15 # 'activation_mode' determines how Logical Volumes are activated if # any devices are missing. Possible settings are: # # "complete" - Only allow activation of an LV if all of the Physical # Volumes it uses are present. Other PVs in the Volume # Group may be missing. # # "degraded" - Like "complete", but additionally RAID Logical Volumes of # segment type raid1, raid4, raid5, radid6 and raid10 will # be activated if there is no data loss, i.e. they have # sufficient redundancy to present the entire addressable # range of the Logical Volume. # # "partial" - Allows the activation of any Logical Volume even if # a missing or failed PV could cause data loss with a # portion of the Logical Volume inaccessible. # This setting should not normally be used, but may # sometimes assist with data recovery. # # This setting was introduced in LVM version 2.02.108. It corresponds # with the '--activationmode' option for lvchange and vgchange. activation_mode = "degraded" } # Report settings. # # report { # Align columns on report output. # aligned=1 # When buffered reporting is used, the report's content is appended # incrementally to include each object being reported until the report # is flushed to output which normally happens at the end of command # execution. Otherwise, if buffering is not used, each object is # reported as soon as its processing is finished. # buffered=1 # Show headings for columns on report. # headings=1 # A separator to use on report after each field. # separator=" " # A separator to use for list items when reported. # list_item_separator="," # Use a field name prefix for each field reported. # prefixes=0 # Quote field values when using field name prefixes. # quoted=1 # Output each column as a row. If set, this also implies report/prefixes=1. # colums_as_rows=0 # Use binary values "0" or "1" instead of descriptive literal values for # columns that have exactly two valid values to report (not counting the # "unknown" value which denotes that the value could not be determined). # # binary_values_as_numeric = 0 # Comma separated list of columns to sort by when reporting 'lvm devtypes' command. # See 'lvm devtypes -o help' for the list of possible fields. # devtypes_sort="devtype_name" # Comma separated list of columns to report for 'lvm devtypes' command. # See 'lvm devtypes -o help' for the list of possible fields. # devtypes_cols="devtype_name,devtype_max_partitions,devtype_description" # Comma separated list of columns to report for 'lvm devtypes' command in verbose mode. # See 'lvm devtypes -o help' for the list of possible fields. # devtypes_cols_verbose="devtype_name,devtype_max_partitions,devtype_description" # Comma separated list of columns to sort by when reporting 'lvs' command. # See 'lvs -o help' for the list of possible fields. # lvs_sort="vg_name,lv_name" # Comma separated list of columns to report for 'lvs' command. # See 'lvs -o help' for the list of possible fields. # lvs_cols="lv_name,vg_name,lv_attr,lv_size,pool_lv,origin,data_percent,metadata_percent,move_pv,mirror_log,copy_percent,convert_lv" # Comma separated list of columns to report for 'lvs' command in verbose mode. # See 'lvs -o help' for the list of possible fields. # lvs_cols_verbose="lv_name,vg_name,seg_count,lv_attr,lv_size,lv_major,lv_minor,lv_kernel_major,lv_kernel_minor,pool_lv,origin,data_percent,metadata_percent,move_pv,copy_percent,mirror_log,convert # Comma separated list of columns to sort by when reporting 'vgs' command. # See 'vgs -o help' for the list of possible fields. # vgs_sort="vg_name" # Comma separated list of columns to report for 'vgs' command. # See 'vgs -o help' for the list of possible fields. # vgs_cols="vg_name,pv_count,lv_count,snap_count,vg_attr,vg_size,vg_free" # Comma separated list of columns to report for 'vgs' command in verbose mode. # See 'vgs -o help' for the list of possible fields. # vgs_cols_verbose="vg_name,vg_attr,vg_extent_size,pv_count,lv_count,snap_count,vg_size,vg_free,vg_uuid,vg_profile" # Comma separated list of columns to sort by when reporting 'pvs' command. # See 'pvs -o help' for the list of possible fields. # pvs_sort="pv_name" # Comma separated list of columns to report for 'pvs' command. # See 'pvs -o help' for the list of possible fields. # pvs_cols="pv_name,vg_name,pv_fmt,pv_attr,pv_size,pv_free" # Comma separated list of columns to report for 'pvs' command in verbose mode. # See 'pvs -o help' for the list of possible fields. # pvs_cols_verbose="pv_name,vg_name,pv_fmt,pv_attr,pv_size,pv_free,dev_size,pv_uuid" # Comma separated list of columns to sort by when reporting 'lvs --segments' command. # See 'lvs --segments -o help' for the list of possible fields. # segs_sort="vg_name,lv_name,seg_start" # Comma separated list of columns to report for 'lvs --segments' command. # See 'lvs --segments -o help' for the list of possible fields. # segs_cols="lv_name,vg_name,lv_attr,stripes,segtype,seg_size" # Comma separated list of columns to report for 'lvs --segments' command in verbose mode. # See 'lvs --segments -o help' for the list of possible fields. # segs_cols_verbose="lv_name,vg_name,lv_attr,seg_start,seg_size,stripes,segtype,stripesize,chunksize" # Comma separated list of columns to sort by when reporting 'pvs --segments' command. # See 'pvs --segments -o help' for the list of possible fields. # pvsegs_sort="pv_name,pvseg_start" # Comma separated list of columns to sort by when reporting 'pvs --segments' command. # See 'pvs --segments -o help' for the list of possible fields. # pvsegs_cols="pv_name,vg_name,pv_fmt,pv_attr,pv_size,pv_free,pvseg_start,pvseg_size" # Comma separated list of columns to sort by when reporting 'pvs --segments' command in verbose mode. # See 'pvs --segments -o help' for the list of possible fields. # pvsegs_cols_verbose="pv_name,vg_name,pv_fmt,pv_attr,pv_size,pv_free,pvseg_start,pvseg_size,lv_name,seg_start_pe,segtype,seg_pe_ranges" #} #################### # Advanced section # #################### # Metadata settings # # metadata { # Configuration option metadata/check_pv_device_sizes. # Check device sizes are not smaller than corresponding PV sizes. # If device size is less than corresponding PV size found in metadata, # there is always a risk of data loss. If this option is set, then LVM # issues a warning message each time it finds that the device size is # less than corresponding PV size. You should not disable this unless # you are absolutely sure about what you are doing! # This configuration option is advanced. # This configuration option has an automatic default value. # check_pv_device_sizes = 1 # Default number of copies of metadata to hold on each PV. 0, 1 or 2. # You might want to override it from the command line with 0 # when running pvcreate on new PVs which are to be added to large VGs. # pvmetadatacopies = 1 # Default number of copies of metadata to maintain for each VG. # If set to a non-zero value, LVM automatically chooses which of # the available metadata areas to use to achieve the requested # number of copies of the VG metadata. If you set a value larger # than the the total number of metadata areas available then # metadata is stored in them all. # The default value of 0 ("unmanaged") disables this automatic # management and allows you to control which metadata areas # are used at the individual PV level using 'pvchange # --metadataignore y/n'. # vgmetadatacopies = 0 # Approximate default size of on-disk metadata areas in sectors. # You should increase this if you have large volume groups or # you want to retain a large on-disk history of your metadata changes. # pvmetadatasize = 255 # List of directories holding live copies of text format metadata. # These directories must not be on logical volumes! # It's possible to use LVM2 with a couple of directories here, # preferably on different (non-LV) filesystems, and with no other # on-disk metadata (pvmetadatacopies = 0). Or this can be in # addition to on-disk metadata areas. # The feature was originally added to simplify testing and is not # supported under low memory situations - the machine could lock up. # # Never edit any files in these directories by hand unless you # you are absolutely sure you know what you are doing! Use # the supplied toolset to make changes (e.g. vgcfgrestore). # dirs = [ "/etc/lvm/metadata", "/mnt/disk2/lvm/metadata2" ] #} # Event daemon # dmeventd { # mirror_library is the library used when monitoring a mirror device. # # "libdevmapper-event-lvm2mirror.so" attempts to recover from # failures. It removes failed devices from a volume group and # reconfigures a mirror as necessary. If no mirror library is # provided, mirrors are not monitored through dmeventd. mirror_library = "libdevmapper-event-lvm2mirror.so" # snapshot_library is the library used when monitoring a snapshot device. # # "libdevmapper-event-lvm2snapshot.so" monitors the filling of # snapshots and emits a warning through syslog when the use of # the snapshot exceeds 80%. The warning is repeated when 85%, 90% and # 95% of the snapshot is filled. snapshot_library = "libdevmapper-event-lvm2snapshot.so" # thin_library is the library used when monitoring a thin device. # # "libdevmapper-event-lvm2thin.so" monitors the filling of # pool and emits a warning through syslog when the use of # the pool exceeds 80%. The warning is repeated when 85%, 90% and # 95% of the pool is filled. thin_library = "libdevmapper-event-lvm2thin.so" # Full path of the dmeventd binary. # # executable = "" } 07070100000037000041ED0000000000000000000000066000787300000000000000000000000000000000000000000000003600000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/fcoe07070100000038000041ED0000000000000000000000026000787300000000000000000000000000000000000000000000003E00000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/fcoe/library07070100000039000081A4000000000000000000000001600078730000C972000000000000000000000000000000000000005200000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/fcoe/library/update_fcoe_udev.py#!/usr/bin/env python # # (c) Copyright 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. """update_fcoe_udev.py Provides tooling that can be used to manage the persistent ordering of network devices for use with FCOE deployments. Usage: update_fcoe_udev.py [--prefix|-p <prefix>] Where: --prefix, -p <prefix> specifies the path to prefix system file access with. Example: When running during a preseed install, the installed system hierarchy is mounted under /target, so invoke the command as follows: % update_fcoe_udev.py -p /target """ from collections import OrderedDict from glob import glob from hashlib import md5 as hasher from operator import attrgetter, itemgetter from cStringIO import StringIO import os import re import sys class HelionSystemPathsError(RuntimeError): def __init__(self, *args, **kwargs): super(HelionSystemPathsError, self).__init__(*args, **kwargs) class DictReplacerError(RuntimeError): def __init__(self, *args, **kwargs): super(DictReplacerError, self).__init__(*args, **kwargs) class ConfFileError(RuntimeError): def __init__(self, *args, **kwargs): super(ConfFileError, self).__init__(*args, **kwargs) class PhaseRenameError(ConfFileError): def __init__(self, *args, **kwargs): super(PhaseRenameError, self).__init__(*args, **kwargs) class NetRulesError(RuntimeError): def __init__(self, *args, **kwargs): super(NetRulesError, self).__init__(*args, **kwargs) class NotRuleError(NetRulesError): def __init__(self, *args, **kwargs): super(NotRuleError, self).__init__(*args, **kwargs) class NotRule70Error(NetRulesError): def __init__(self, *args, **kwargs): super(NotRule70Error, self).__init__(*args, **kwargs) class NotRule71Error(NetRulesError): def __init__(self, *args, **kwargs): super(NotRule71Error, self).__init__(*args, **kwargs) class RenameError(NetRulesError): def __init__(self, *args, **kwargs): super(RenameError, self).__init__(*args, **kwargs) class InvalidRuleError(NetRulesError): def __init__(self, *args, **kwargs): super(InvalidRuleError, self).__init__(*args, **kwargs) class InvalidDeviceNameError(NetRulesError): def __init__(self, *args, **kwargs): super(InvalidDeviceNameError, self).__init__(*args, **kwargs) class HelionSystemPaths(object): """Helper class for system path access. Implements a simple helper class used to manage access the important system paths, potentially accessed under a provided offset, e.g. during an install. """ _default_path_prefix = "/" _default_flag_dir = "/etc/openstack" _default_flag_name = "udev_net_rules_updated" _rules_file_70 = "/etc/udev/rules.d/70-persistent-net.rules" _rules_file_71 = "/etc/udev/rules.d/71-persistent-net.rules" _fcoe_dir = "/etc/fcoe" _ifaces_file = "/etc/network/interfaces" _ifaces_dir = "/etc/network/interfaces.d" def __init__(self, prefix=None, sys_prefix=None, flag_dir=None, flag_name=None): """Initialise instance settings. The prefix argument specifies an offset path for all path resolution, e.g. /target if invoked during preseed install. The flag_dir and flag_name combined specify a flag file, the presence of which indicates that the associated operations have already been performed. """ if prefix is None: prefix = self._default_path_prefix if sys_prefix is None: sys_prefix = self._default_path_prefix if flag_dir is None: flag_dir = self._default_flag_dir if flag_name is None: flag_name = self._default_flag_name if not os.path.exists(prefix): raise HelionSystemPathsError("Prefix '%s' doesn't exist!" % prefix) self._path_prefix = prefix self._path_sys_prefix = sys_prefix self._flag_dir = flag_dir self._flag_name = flag_name @property def prefix(self): """Expose prefix path as readonly attr.""" return self._path_prefix @prefix.setter def prefix(self, prefix): """Update the prefix path to a new value.""" self._path_prefix = prefix def system_path(self, path): """Returns the actual path to use to access specified path.""" return os.path.join(self.prefix, path.lstrip('/')) @property def sys_prefix(self): """Expose sys_prefix path as readonly attr.""" return self._path_sys_prefix @sys_prefix.setter def sys_prefix(self, sys_prefix): """Update the sys_prefix path to a new value.""" self._path_sys_prefix = sys_prefix def system_sys_path(self, *args): """Returns the actual path to use to access specified path.""" return os.path.join(self.sys_prefix, "sys", *args) @property def rules_file_70(self): """System path to persistent udev rules file.""" return self.system_path(self._rules_file_70) @property def rules_file_71(self): """System path to persistent udev rules file.""" return self.system_path(self._rules_file_71) @property def fcoe_dir(self): """System path to FCOE config directory.""" return self.system_path(self._fcoe_dir) @property def ifaces_file(self): """System path to network interfaces config file.""" return self.system_path(self._ifaces_file) @property def ifaces_dir(self): """System path to network interfaces config directory.""" return self.system_path(self._ifaces_dir) @property def flag_dir(self): """System path to directory holding flag files.""" return self.system_path(self._flag_dir) @property def flag_name(self): """Expose flag name as readonly attr.""" return self._flag_name @property def flag_file(self): """System path to specified flag file.""" return os.path.join(self.flag_dir, self.flag_name) @property def flag_exists(self): """True if specified flag file exists.""" return os.path.exists(self.flag_file) class DictReplacer(object): """Manage text replacement based upon lookup table. Instances of this class can be used to manage updating contents of lines where the replacement value is dynamically looked up in a provided dictionary, based on the value to be replaced; if no value is found in provided dictionary then leave unchanged. """ def __init__(self, replacer, lookup, field=1, skipper=None): """Initialise the instance settings. The replacer argument must include at least one group specifier identifying the value to be replaced. The lookup argument must be a dictionary line object that maps candidate values onto there replacements. The field argument specifies which group's value should be looked up in the lookup map when doing replacement. The skipper argument can optionally specify a pattern that can be used to skip processing, e.g. ignore comment or blank lines. NOTE: The replacer and skipper can be provided as either compiled pattern objects, or pattern strings which will be automatically compiled, and the compiled versions used. """ if isinstance(replacer, str): replacer = re.compile(replacer) if isinstance(skipper, str): skipper = re.compile(skipper) if not replacer.groups: raise DictReplacerError("Invalid replacer pattern: no groups " "specified - '%s'" % replacer.pattern) self._replacer = replacer self._lookup = lookup self._field = field self._skipper = skipper @property def replacer(self): """Expose replacer as a readonly attr.""" return self._replacer @property def lookup(self): """Expose lookup as a readonly attr.""" return self._lookup @property def field(self): """Expose field as a readonly attr.""" return self._field @property def skipper(self): """Expose skipper as a readonly attr.""" return self._skipper def should_skip(self, text): """Check if we should skip processing of this text. Returns true if a skipper pattern has been provided, and the pattern matches the specified value. """ return self.skipper and self.skipper.match(text) def _callback(self, matcher): """Callback handling lookup of the substitution value.""" matched_field = matcher.group(self.field) replacement = self.lookup.get(matched_field) if not replacement: return matcher.group(0) fields = list(f or "" for f in matcher.groups()) fields[self.field - 1] = replacement return "".join(fields) def replace(self, text): """Replace content in text based upon lookup table. Based upon the content of the associated lookup table, replace any occurrences of any matching keys with their associated values that may be found in the provided text. """ if self.should_skip(text): return text return self.replacer.sub(self._callback, text) class ConfEntry(object): """Basic Conf File Entry handler.""" def __init__(self, line, lineno, syspaths): """Record line and line number.""" self._line = line self._lineno = lineno self._orig_line = None self._syspaths = syspaths def __str__(self): """Return line as str() value.""" return self._line @property def syspaths(self): """Syspaths object to use when resolving paths.""" return self._syspaths @property def lineno(self): """Line number of this line in the file.""" return self._lineno @property def orig_line(self): """Original line content.""" if self._orig_line is None: return self._line return self._orig_line def _backup_line(self): """Backup line content if not previously done.""" if self._orig_line is None: self._orig_line = self._line def update(self, new_line): """Update line with new content, backing up if needed.""" if new_line == self._line: return self._backup_line() self._line = new_line @property def dirty(self): """True if line has in fact been modified.""" return self._orig_line is not None class UdevNetEntry(ConfEntry): """Manage Udev persistent network rule entry. Class used to manage a specific udev persistent net rules, allowing renaming of associated device and checking whether the device exists on the system, and whether the configured settings match the actual settings in use.. """ def __init__(self, line, lineno, syspaths): """Record line and line number, and parse fields from line.""" super(UdevNetEntry, self).__init__(line, lineno, syspaths) self._orig_dev_name = None self._fields = self._parse_line() def _parse_line(self): """Parse line into fields, skipping comment and blank lines.""" # check if line contains a rule or not stripped = self._line.strip() if not stripped or stripped.startswith("#"): return None # strip out double quotes from values, and simplify equals strings simplified = self._line.replace("==", "=").replace('"', '') # return a dictionary formed from the key=value pairs found in line return dict(f.strip().split("=", 1) for f in simplified.split(",")) def _backup_dev_name(self): """Backup original device name if not previously done.""" if self._orig_dev_name is None: self._orig_dev_name = self.dev_name @property def is_rule(self): """True if line represents a udev rule.""" return self._fields is not None @property def mac(self): """Expose parsed MAC address as a readonly attr.""" if not self.is_rule: raise NotRuleError("No 'ATTR{address}' field.") if "ATTR{address}" not in self._fields: raise NotRule70Error("No 'ATTR{address}' field.") return self._fields["ATTR{address}"] @property def dev_name(self): """Expose parsed device name as a readonly attr.""" if not self.is_rule: raise NotRuleError("No 'NAME' field.") return self._fields["NAME"] _name_re = re.compile(r"^(\D+)(\d+)$") @property def is_dev_name_valid(self): """True if device name is valid format.""" return self._name_re.match(self.dev_name) is not None @property def dev_name_prefix(self): """Device name prefix string. Expose the device name prefix string, e.g. eth for ethN, as a readonly attr. """ match = self._name_re.match(self.dev_name) if not match: raise InvalidDeviceNameError("Not a valid device name: '%s'" % self.dev_name) return match.group(1) @property def orig_dev_name(self): """Expose original device name as a readonly attr.""" if not self.is_rule: raise NotRuleError("No original name to find.") if self._orig_dev_name: return self._orig_dev_name return self.dev_name _dev_rename_re = re.compile(r'(\sNAME=")([^"]+)(")') def dev_rename(self, new_dev_name): """Rename device associated with rule. Rename the device associated with a given rule, if the name has in fact changed, and the device hasn't already been re-ordered. """ if not self.is_rule: raise NotRuleError("Rename not possible.") if new_dev_name == self.dev_name: return if self.reordered: return self._backup_dev_name() repl_value = r'\1' + new_dev_name + r'\3' new_line, count = self._dev_rename_re.subn(repl_value, self._line, 1) if not count: raise InvalidRuleError("Failed to update NAME field") self.update(new_line) self._fields["NAME"] = new_dev_name @property def sys_class_orig_path(self): """Expose path to original /sys/class/net entry as readonly attr.""" if not self.is_rule: raise NotRuleError("Cannot determine /sys/class/net path") return self.syspaths.system_sys_path('class/net', self.orig_dev_name) @property def sys_class_path(self): """Expose path to current /sys/class/net entry as readonly attr.""" if not self.is_rule: raise NotRuleError("Cannot determine /sys/class/net path") return self.syspaths.system_sys_path('class/net', self.dev_name) @property def sys_path_exists(self): """True if original /sys/class/net path exists.""" return os.path.exists(self.sys_class_orig_path) @property def sys_dev_port(self): """The PCI device port of the device associated with this rule. Expose PCI Device port associated with original device name as readonly attr. """ try: with open(os.path.join(self.sys_class_orig_path, "dev_port")) as f: dev_port = f.read().strip('\0').strip() except Exception: sys.stderr.write("Failed to read dev_port for entry: %s\n" % (self._orig_line)) raise return dev_port @property def dev_port(self): """The ATTR{dev_port} specified in this rule.""" if not self.is_rule: raise NotRuleError("No 'ATTR{dev_port}' field.") if "ATTR{dev_port}" not in self._fields: raise NotRule71Error("No 'ATTR{dev_port}' field.") return self._fields["ATTR{dev_port}"] @property def devpath(self): """The DEVPATH specified in this rule.""" if not self.is_rule: raise NotRuleError("No 'DEVPATH' field.") if "DEVPATH" not in self._fields: raise NotRule71Error("No 'DEVPATH' field.") return self._fields["DEVPATH"] @property def sys_mac(self): """The system MAC address associated with rules current device. Expose the MAC address associated with the current device name as a readonly attr. Used in determining if network devices have already been re-ordered. """ try: with open(os.path.join(self.sys_class_path, "address")) as f: sys_mac = f.read().strip('\0').strip() except Exception: sys.stderr.write("Failed to read address for entry: %s\n" % (self._orig_line)) raise return sys_mac @property def pci_dev(self): """The PCI device ID associated with rules network device. Expose the PCI Device ID associated with the original device name as a readonly attr. """ return os.path.realpath(self.sys_class_orig_path).split("/")[-3] @property def pci_order(self): """Returns constructed PCI ordering string for use in sorting.""" return "%s:%s" % (self.pci_dev, self.sys_dev_port) @property def reordered(self): """Has this rule already been re-ordered. True if device associated with has already been reordered, either by us or a previous run. """ if "ATTR{address}" in self._fields: return self.mac != self.sys_mac if "DEVPATH" in self._fields: return self.devpath != ("*/%s/*" % self.pci_dev) class ConfFile(object): """Class used to manage on-disk config files""" def __init__(self, conf_file, syspaths, handler=None): """Initialise instance settings. If no handler specified, use default, i.e. ConfEntry. Track name changes for conf file via path list. """ if handler is None: handler = ConfEntry self._path = [conf_file] self._rename_phase = 0 self._handler = handler self._lines = [] self._linemap = {} self._syspaths = syspaths @property def syspaths(self): """System paths manager to use when resolving paths.""" return self._syspaths @property def path(self): """Current file path.""" return self._path[-1] @path.setter def path(self, new_path): """Change file path to new name.""" if new_path == self.path: return self._path.append(new_path) @property def paths(self): """Expose rename paths list as readonly attr.""" return tuple(self._path) @property def orig_path(self): """Expose original file path as readonly attr.""" return self._path[0] @property def rename_phases(self): """Total number of renames for this conf file.""" return len(self._path) - 1 @property def has_moved(self): """True if a file has been renamed.""" return bool(self.rename_phases) @property def renames_remaining(self): """Number of outstanding rename operations. Remaining number of renames for this conf file that haven't yet been performed. """ return self.rename_phases - self._rename_phase @property def rename_phase_src(self): """Source path for current rename phase.""" return self._path[self._rename_phase] @property def rename_phase_dst(self): """Destination path for current rename phase.""" if not self.renames_remaining: raise PhaseRenameError("File '%s' already fully renamed to '%s'" % (self.orig_path, self.path)) return self._path[self._rename_phase + 1] def _load_file(self): """Load entries from on-disk file. Load the conf file lines each as an instance of provided handler, and record associated line number mapping. """ try: with open(self.path) as f: conf_lines = f.readlines() except Exception: sys.stderr.write("open('%s') failed: %s\n" % (self.path, sys.exc_info()[1])) raise for lineno, line in enumerate(conf_lines): entry = self._handler(line, lineno, self.syspaths) self._lines.append(entry) self._linemap[lineno] = entry @property def entries(self): """List of entries in the file. Expose list of entries in the conf file as a readonly attr, dynamically loading the file lines if necessary. """ if not self._lines: self._load_file() return tuple(self._lines) @property def lines(self): """Expose text lines of conf file as readonly attr.""" return tuple(str(e) for e in self.entries) @property def content(self): """Expose text content of conf file as readonly attr.""" return "".join(self.lines) @property def ondisk_digest(self): """Generate hashed digest of on-disk file content. Returns hashed digest based upon on-disk file content for current file name; used in determining whether file has been modified. """ with open(self.rename_phase_src) as f: return hasher(f.read()).hexdigest() @property def incore_digest(self): """Generate hashed digest of in-code file content. Returns hashed digest based upon in-core file content for conf file; used in determining whether file has been modified. """ return hasher(self.content).hexdigest() @property def consistent(self): """True if in-core and on-disk content digests match.""" return self.incore_digest == self.ondisk_digest def _update_ondisk(self): """Write out in-core file content to disk.""" with open(self.orig_path, "w") as f: f.write(self.content) @property def dirty(self): """True if in-core and on-disk content differs.""" return not self.consistent def replace(self, replacer): """Replace specific values based upon lookup table. Update file content via the provided DictReplacer instance, which will replace matching values based upon their current value, looked up in the replacer's lookup table. """ for e in self.entries: e.update(replacer.replace(str(e))) def _rename_ondisk(self): """Perform an on-disk rename action. Perform the next on-disk rename of this conf file, if one is pending. """ if not self.has_moved or not self.renames_remaining: return try: os.rename(self.rename_phase_src, self.rename_phase_dst) except Exception: sys.stderr.write("Failed to renamed '%s' to '%s'\n" % (self.rename_phase_src, self.rename_phase_dst)) raise self._rename_phase += 1 def commit(self, phases=1): """Commit pending changes for this conf file. Write any required changes to the conf file if it is dirty, and perform specified number of rename phases, where -1 means all remaining phases. The latter special value should only be used if we are certain that we are not trying to swap the names of two conf files. """ if self.dirty: self._update_ondisk() if self.has_moved and self.renames_remaining: if phases == -1: phases = self.renames_remaining for phase in range(phases): self._rename_ondisk() class UdevNetRulesFile(ConfFile): """Manage a udev net rules file. Provides common framework for managing net rules files. """ def __init__(self, conf_file, syspaths): """Manage this conf file using the UdevNetEntry handler.""" super(UdevNetRulesFile, self).__init__(conf_file, syspaths, UdevNetEntry) @property def rules(self): """Expose list of rules as readonly attr.""" return tuple(e for e in self.entries if e.is_rule) @property def reordered_rules(self): """Expose list of re-ordered rules as readonly attr.""" return tuple(r for r in self.rules if r.reordered) @property def reordered(self): """True if any rules have been re-ordered.""" return bool(self.reordered_rules) @property def devices_exist(self): """Check that all rule network devices exist. Returns true only if all the /sys/class/net devices associated with all rules still exist. """ return all(r.sys_path_exists for r in self.rules) class UdevNetRulesFile70(UdevNetRulesFile): """Manage a udev 70-persistent-net.rules file. This class manages the contents of the udev persistent net rules file /etc/udev/rules.d/70-persistent-net.rules. """ def __init__(self, syspaths): """Manage this conf file using the UdevNetEntry handler.""" super(UdevNetRulesFile70, self).__init__(syspaths.rules_file_70, syspaths) def reorder_rules(self): """Re-order the device names in the rules by PCI device. Sort rule devices according to the associated pci_order value, and rename device names based upon that ordering. """ new_order = sorted(self.rules, key=attrgetter("pci_order")) for idx, r in enumerate(new_order): r.dev_rename("%s%s" % (r.dev_name_prefix, idx)) class UdevNetRulesFile71(UdevNetRulesFile): """Manage a udev 71-persistent-net.rules file. This class manages the contents of the udev persistent net rules file /etc/udev/rules.d/71-persistent-net.rules. """ def __init__(self, syspaths): """Manage this conf file using the UdevNetEntry handler.""" super(UdevNetRulesFile71, self).__init__(syspaths.rules_file_71, syspaths) def reorder_rules(self): raise NetRulesError("Re-ordering not supported for " "71-persistent-net.rules file.") class UdevNetRulesManager(object): """Udev Net Rules Manager Class used to make the udev persistent net rules settings for a system. Generates a 71-persistent-net.rules file that orders network devices by PCI order, superceding any existing 70-persistent-net.rules file. We will also update the 70-persistent-net.rules file to match the new order. """ def __init__(self, syspaths): """Initialise instance settings. The syspaths object manages access to the system paths against which the operations should be performed. """ self._syspaths = syspaths self._rules_70 = None self._rules_71 = None self._rules_71_created = False @property def syspaths(self): return self._syspaths @property def rules_70(self): if not self._rules_70: self._load_rules_70() return self._rules_70 @property def rules_71(self): if not self._rules_71: self._load_rules_71() return self._rules_71 @property def rules_71_created(self): return self._rules_71_created @property def rules_file_70_exists(self): return os.path.exists(self._syspaths.rules_file_70) @property def rules_file_71_exists(self): return os.path.exists(self._syspaths.rules_file_71) def _load_rules_70(self): if not self.rules_file_70_exists: return self._rules_70 = UdevNetRulesFile70(self.syspaths) def _load_rules_71(self): if not self.rules_file_71_exists: self._gen_rules_file_71() self._rules_71 = UdevNetRulesFile71(self.syspaths) @staticmethod def _get_net_dev_info(net_dev_path): dev_name = os.path.basename(net_dev_path) pci = os.path.realpath(net_dev_path).split('/')[-3] with file(os.path.join(net_dev_path, 'dev_port')) as fp: port = fp.read().strip('\0').strip() with file(os.path.join(net_dev_path, 'address')) as fp: address = fp.read().strip('\0').strip() return dict(dev_name=dev_name, pci=pci, port=port, address=address) @property def system_eth_devices(self): class_net = self.syspaths.system_sys_path('class', 'net') eth_dev_info = list(self._get_net_dev_info(e) for e in glob(os.path.join(class_net, 'eth*'))) return {e['dev_name']: e for e in eth_dev_info} @property def ordered_eth_devices(self): sys_devs = self.system_eth_devices pci_ordered = sorted(sys_devs.values(), key=lambda x: '%s:%s' % (x['pci'], x['port'])) ordered_devs = OrderedDict() for i, e in enumerate(pci_ordered): dev_name = 'eth%d' % i new_e = e.copy() new_e.update(dict(dev_name=dev_name)) ordered_devs[dev_name] = new_e return ordered_devs @property def reordered(self): sys_devs = self.system_eth_devices ordered_devs = self.ordered_eth_devices return (sys_devs != ordered_devs) @property def reordered_devices(self): sys_devs = self.system_eth_devices sys_set = set("%s:%s#%s" % (e['pci'], e['port'], e['dev_name']) for e in sys_devs.itervalues()) ordered_devs = self.ordered_eth_devices ordered_set = set("%s:%s#%s" % (e['pci'], e['port'], e['dev_name']) for e in ordered_devs.itervalues()) set_diffs = sys_set.symmetric_difference(ordered_set) diff_map = {} for d in set_diffs: d_pci, d_name = d.split('#') if d_pci not in diff_map: diff_map[d_pci] = {} if d in sys_set: diff_map[d_pci]['from'] = d_name else: diff_map[d_pci]['to'] = d_name return sorted(diff_map.itervalues(), key=itemgetter('from')) @staticmethod def _gen_rules_71_entry(e): return ['', ('SUBSYSTEM=="net", ACTION=="add", DEVPATH=="*/%s/*", ' 'ATTR{dev_port}=="%s", NAME="%s"' % (e['pci'], e['port'], e['dev_name']))] def _gen_rules_file_71(self): ordered_devs = self.ordered_eth_devices content = ["# ARDANA-MANAGED - Managed by Ardana - Do not edit", "# Generated by update_fcoe_udev during install/setup", "#", ("# udev rules to persistently map physical PCI devices " "to ethX device names."), ("# This is used to hard-wire specific ethX names to a " "specific (PCI address,"), ("# dev_port) pairings so that the names don't change " "across reboots.")] for e in ordered_devs: content.extend(self._gen_rules_71_entry(ordered_devs[e])) rules_file = self.syspaths.rules_file_71 with file(rules_file, "w") as fp: fp.write("\n".join(content)) self._rules_71_created = True @property def dirty(self): if self.rules_71_created and self.reordered: return True if self.rules_70: if self.rules_70.dirty: return True return False @property def devices_exist(self): if not self.rules_71.devices_exist: return False if self.rules_71: if not self.rules_71.devices_exist: return False return True def reorder_rules(self): if self.rules_70: self.rules_70.reorder_rules() # We should never need to re-order the entries in rules_71 def commit(self): if self.rules_70: self.rules_70.commit() class NetworkDeviceManager(object): """Network Device Management Helper Class used to manage updating system configuration files as a result of reordering network devices in PCI device order. """ def __init__(self, prefix, sys_prefix, syspaths=None): """Initialise instance settings. The arguments that we support are: * prefix - path The path under which to look for network configuration files. * sys_prefix - path The path under which to perform /sys lookups """ if syspaths is None: syspaths = HelionSystemPaths(prefix, sys_prefix) self._syspaths = syspaths self._udev = UdevNetRulesManager(syspaths) self._fcoe_confs = [] self._ifaces_confs = [] self._remap_renamer = None @property def syspaths(self): """Expose syspaths as a readonly attr.""" return self._syspaths @property def udev(self): """Expose udev as a readonly attr.""" return self._udev @property def fcoe_confs(self): """Expose fcoe_confs as a readonly attr.""" return tuple(self._fcoe_confs) @property def ifaces_confs(self): """Expose ifaces_confs as a readonly attr.""" return tuple(self._ifaces_confs) @property def remap_renamer(self): """Renamer tool used to manage content updates. Dynamically creates a DictReplacer instance to be used for updating config files the first this is called after devices have been reordered, and thereafter returns that DictReplacer instance. """ if self._remap_renamer is None and self.udev.reordered: # Construct a DictReplacer instance that can be used to # rename the device names within config files. reordered = self.udev.reordered_devices rename_map = dict(((r['from'], r['to']) for r in reordered)) self._remap_renamer = DictReplacer(r"(eth\d+)", rename_map) return self._remap_renamer _noreorder_flag = "fcoe_noreorder" @property def dont_run(self): """Returns true if flag found in /proc/cmdline.""" cmdline_file = "/proc/cmdline" try: with open(cmdline_file) as f: cmdline = f.read() except Exception: sys.stderr.write("Failed to open '%s': %s\n" % (cmdline_file, sys.exc_info()[1])) raise return self._noreorder_flag in cmdline @property def system_valid(self): """Check that system state is consistent and valid. Returns false if any of the network devices identified in ther persistent udev net rules doesn't exist. """ return self.udev.devices_exist @property def already_processed(self): """Check if a system has already been processed. Should be called before doing anything to check if system has already been processed, and or needs a reboot. """ # If the flag file has been created by a previous run # or if any of the rules have already been re-ordered # then we shouldn't make any more changes and instead # the system needs to be rebooted. return self.syspaths.flag_exists @property def needs_reboot(self): return self.udev.reordered def reorder_udev_rules(self): """Re-order network devcies in Udev persistent rules.""" self.udev.reorder_rules() @property def fcoe_dirty(self): """True if any FCOE config changes pending.""" return any(c.dirty or c.renames_remaining for c in self.fcoe_confs) @property def ifaces_dirty(self): """True if any network interface config changes pending.""" return any(c.dirty or c.renames_remaining for c in self.ifaces_confs) @property def dirty(self): """True if any udev, FCOE or network config changes pending.""" return self.udev.dirty or self.fcoe_dirty or self.ifaces_dirty def _process_candidate_conf_files(self, reordered_files): """Process specified conf files. Given a list of (rule, file) pairs, weed out those for which the conf file doesn't exist and then process the remaining conf files, updating their content as appropriate and then rename them in a 2 phase process; this allows us to safely swap files. Return the resulting list of ConfFile instances. """ confs = [] for r, f in reordered_files: if not os.path.exists(f): continue conf = ConfFile(f, self.syspaths) conf.replace(self.remap_renamer) temp_name = "%s...%s" % (r['from'], r['to']) conf.path = conf.path.replace(r['from'], temp_name) conf.path = conf.path.replace(temp_name, r['to']) confs.append(conf) return confs def update_fcoe_configs(self): """Update FCOE config based on re-ordered udev rules.""" # Nothing to be done if no reordering has occurred. reordered = self.udev.reordered_devices if not reordered: return # Skip if we have already completed this stage if self.fcoe_confs: return # Generate candidate list of fcoe conf files, with # associated rule, that need to be processed reordered_files = tuple((r, os.path.join(self.syspaths.fcoe_dir, "cfg-%s" % r['from'])) for r in reordered) # At this stage changes have been prepared but are not yet # committed to disk self._fcoe_confs = self._process_candidate_conf_files(reordered_files) def update_ifaces_configs(self): """Update network config based on re-ordered udev rules.""" # Nothing to be done if no reordering has occurred. reordered = self.udev.reordered_devices if not reordered: return # Skip if we have already completed this stage if self.ifaces_confs: return # Generate candidate list of iface conf files, with # associated rule, that need to be processed. reordered_files = tuple((r, os.path.join(self.syspaths.ifaces_dir, r['from'])) for r in reordered) ifaces_confs = self._process_candidate_conf_files(reordered_files) # Process the main interfaces file, and if it was modified, then # include it in the list of interface conf objects to be tracked conf = ConfFile(self.syspaths.ifaces_file, self.syspaths) conf.replace(self.remap_renamer) if conf.dirty: ifaces_confs.append(conf) # At this stage changes have been prepared but are not yet # committed to disk self._ifaces_confs = ifaces_confs @staticmethod def _gen_conf_changes_text(action, title, conf_list): """Generate change info text.""" if not (conf_list and any(c.dirty or c.has_moved for c in conf_list)): return "" lines = ["%s %s Changes:" % (action, title)] if any(c.has_moved for c in conf_list): lines.append(" Reordering:") lines.extend([" %s ==> %s" % (c.orig_path, c.path) for c in conf_list if c.has_moved]) if any(c.dirty for c in conf_list): lines.append(" Modifying:") lines.extend([" %s" % c.path for c in conf_list if c.has_moved]) lines.append("") return "\n".join(lines) @staticmethod def _gen_udev_changes_text(action, reordered_list): """Generate device reorder change text.""" if not reordered_list: return "" lines = ["%s Device Re-ordering:" % action] lines.extend([" %6s ==> %s" % (r['from'], r['to']) for r in reordered_list]) lines.append("") return "\n".join(lines) def _gen_changes_text(self, action): reordered = self.udev.reordered_devices changes = [self._gen_udev_changes_text(action, reordered), self._gen_conf_changes_text(action, "FCOE", self.fcoe_confs), self._gen_conf_changes_text(action, "Network", self.ifaces_confs)] return "\n".join(c for c in changes if c) def _create_flag_file(self, content): """Create flag file with provided content.""" if not os.path.exists(self.syspaths.flag_dir): try: os.makedirs(self.syspaths.flag_dir) except Exception: sys.stderr.write("Failed to create flag directory '%s': %s\n" % (self.syspaths.flag_dir, sys.exc_info()[1])) raise try: with open(self.syspaths.flag_file, "w") as f: f.write(content) except Exception: sys.stderr.write("Failed to create flag file '%s': %s\n" % (self.syspaths.flag_file, sys.exc_info()[1])) raise def commit(self): """Commit any pending changes to disk.""" changes = "No reordering required." msg = "No device reordering required on this system." if self.dirty: print(self._gen_changes_text("Proposed")) # Generate committed changes text before committing. changes = self._gen_changes_text("Committed") # If the rules have been updated commit those changes if self.udev.dirty: self.udev.commit() # If any of the fcoe or interfaces files have been # updated or renamed then commit those changes if self.fcoe_dirty or self.ifaces_dirty: conf_list = self.fcoe_confs + self.ifaces_confs rename_phases = max(c.renames_remaining for c in conf_list) # We want to iterate at least once, and up to max # number of rename operations outstanding. for i in range(max(1, rename_phases)): for conf in conf_list: # First time through will update file content, and # peforms first rename if any; subsequent commits # perform any remaining renames conf.commit() msg = ("All device reordering changes committed to disk.\n" "NOTE:\n" " Please ensure that the ramdisk is updated and the\n" " system is rebooted for these changes to take effect.") self._create_flag_file(changes) print(msg) def process_system(self): """Process the current system. Update the system by re-ordering the udev persistent network rules according to PCI device order, and then reflect those reordering changes in the system FCOE and network interfaces configurations, and then commit those changes to disk. """ if self.already_processed or self.dont_run or not self.system_valid: return self.reorder_udev_rules() self.update_fcoe_configs() self.update_ifaces_configs() self.commit() class UpdateFcoeUdev(object): """UpdateFcoeUdev Class implementing Ansible module support for updating FCOE udev persistent rule ordering. """ def __init__(self, module): self._module = module self._ndm = None self._stdout = StringIO() self._stderr = StringIO() self._orig_stdout = None self._orig_stderr = None # swap in our stdout/stderr to capture any output generated. self._swap_stdio() def _swap_stdio_handle(self, name): orig_name = "_orig_%s" % name if not getattr(self, orig_name): setattr(self, orig_name, getattr(sys, name)) setattr(sys, name, getattr(self, "_" + name)) else: setattr(sys, name, getattr(self, orig_name)) setattr(self, orig_name, None) def _swap_stdio(self): self._swap_stdio_handle("stdout") self._swap_stdio_handle("stderr") def _add_stdio_handle(self, results, name): existing = results.get(name, "") handle = getattr(self, "_" + name) existing += "\n" + handle.getvalue() results[name] = existing def _add_stdio(self, results): self._add_stdio_handle(results, "stdout") self._add_stdio_handle(results, "stderr") def _restore_stdio(self, results): self._swap_stdio() self._add_stdio(results) @property def module(self): return self._module @property def update(self): return self._module.params['update'] @property def prefix(self): return self._module.params['prefix'] @property def sys_prefix(self): return self._module.params['sys_prefix'] @property def ndm(self): if self._ndm is None: self._ndm = NetworkDeviceManager(self.prefix, self.sys_prefix) return self._ndm def fail(self, **results): self._restore_stdio(results) self.module.fail_json(**results) def exit(self, **results): self._swap_stdio() self.module.exit_json(**results) def _check(self): self.ndm.reorder_udev_rules() if self.ndm.udev.reordered: self.exit(msg="Reordering of FCOE devices required.", rc=1, changed=False) def _update(self): self.ndm.reorder_udev_rules() if not self.ndm.udev.reordered: self.exit(msg="No reordering of FCOE devices required.", rc=0, changed=False) self.ndm.update_fcoe_configs() self.ndm.update_ifaces_configs() self.ndm.commit() self.exit(msg=("System FCOE device reordering completed; reboot " "required for changes to take effect."), rc=0, changed=True) def execute(self): try: if not self.ndm.system_valid: self.fail(msg=("System state invalid: one or more network " "devices referenced in persistent udev rules " "doesn't exist."), rc=256, changed=False) if self.ndm.already_processed: if self.ndm.needs_reboot: self.exit(msg=("Reboot required to complete pending " "device reordering."), rc=2, changed=False) self.exit(msg="System FCOE devices already reordered.", rc=0, changed=False) if not self.update: self._check() else: self._update() except Exception: self.fail(msg="Failed to determine system FCOE state", rc=256, changed=False) self.exit(msg="No reordering required.", rc=0, changed=False) def main(): """Main body for ansible module.""" module = AnsibleModule( argument_spec=dict( update=dict(required=False, default=False, type='bool'), prefix=dict(required=False, default="/", type='str'), sys_prefix=dict(required=False, default="/", type='str') ) ) ufu = UpdateFcoeUdev(module) ufu.execute() DOCUMENTATION = ''' --- module: update_fcoe_udev author: Fergal Mc Carthy short_description: Ensure consistent ordering of FCOE network devices. description: - Checks if system has already had FCOE network devices re-ordered. - Updates system by re-ordering FCOE network devices, if requested. - If system is changed as a result of this successful completion of the action, a reboot is required. - Fails with rc = 1 if system needs FCOE device re-ordering. - Fails with rc = 2 if system still needs to be rebooted after a previous reordering operation. - Fails with rc = 256 if anything else goes wrong. - stdout & stderr lines. options: action: required: True choices: [check, update] description: - If check is specified, just checks system state and fails appropriately if needed. - If update is specified, updates system state if needed, and a changed status indicates a reboot is required. prefix: required: False default: / description: - Specifies system path prefix used to access config files. - Only needed if system files are not mounted at traditional location, e.g. during an install operation candidate system file systems are mounted under /target. sys_prefix: required: False default: / description: - Specifies system sys path prefix used to access /sys files. - Only needed if system files are not mounted at traditional location, e.g. for simulation purposes. ''' EXAMPLES = ''' - update_fcoe_udev: register: ufu_check_result ignore_errors: True - fail: msg="Reboot required." when: ufu_check_result.rc == 2 - fail: msg: | Unknown error: stdout={{ ufu_check_result.stdout }} stderr={{ ufu_check_result.stderr }} when: ufu_check_result.rc == 256 - update_fcoe_udev: update=True register: ufu_result when: ufu_check_result.rc = 1 ignore_errors: True - fail: - fail: msg="Reboot required." when: ufu_result.rc | changed ''' from ansible.module_utils.basic import * # NOQA if __name__ == '__main__': main() 0707010000003A000041ED0000000000000000000000026000787300000000000000000000000000000000000000000000003C00000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/fcoe/tasks0707010000003B000081A4000000000000000000000001600078730000097A000000000000000000000000000000000000005100000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/fcoe/tasks/check_fcoe_order.yml# (c) Copyright 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # # Check that FCOE device reordering has been completed successfully and # request a manual reboot of the system if necessary. --- - name: fcoe | check_fcoe_order | Set os-specific variables include_vars: "{{ ansible_os_family | lower }}.yml" # Shouldn't need root privs to check system state. - name: fcoe | check_fcoe_order | Check FCOE device ordering become: no update_fcoe_udev: update: False prefix: / register: ufu_check_result when: host.fcoe_interfaces | length > 0 ignore_errors: True - name: fcoe | check_fcoe_order | Handle ordering check exceptions fail: msg: | Unknown error while checking FCOE device ordering: stdout={{ ufu_check_result.stdout }} stderr={{ ufu_check_result.stderr }} when: ((host.fcoe_interfaces | length > 0) and (ufu_check_result.rc == 256)) # Should have already been done but just in case, do it again. - name: fcoe | check_fcoe_order | Rebuild the initramfs become: yes command: "{{ initramfs_update_command }}" when: ((host.fcoe_interfaces | length > 0) and (ufu_check_result.rc == 2)) - name: fcoe | check_fcoe_order | Handle reboot required fail: msg: | Detected that FCOE devices have been re-ordered but a restart is still required for the changes to take effect. Please reboot the system manually before continuing. when: ((host.fcoe_interfaces | length > 0) and (ufu_check_result.rc == 2)) - name: fcoe | check_fcoe_order | Handle re-ordering required fail: msg: | Detected that FCOE devices have not yet been re-ordered. Please run the osconfig-fcoe-reorder play and then manually reboot the system before continuing. when: ((host.fcoe_interfaces | length > 0) and (ufu_check_result.rc == 1)) 0707010000003C000081A40000000000000000000000016000787300001377000000000000000000000000000000000000004A00000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/fcoe/tasks/configure.yml# (c) Copyright 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. --- # fcoe configure playbook # playbook to enable fcoe for bnxfc2 driver - name: fcoe | configure | bring up interface become: yes command: /sbin/ip link set up {{ item.1 }} with_subelements: - "{{ host.fcoe_interfaces | default([]) }}" - devices - name: fcoe | configure | disable Redhat network manager become: yes service: name: NetworkManager enabled: no when: ansible_os_family == 'RedHat' and host.fcoe_interfaces | length > 0 - name: fcoe | configure | stop Redhat network manager become: yes service: name: NetworkManager state: stopped when: ansible_os_family == 'RedHat' and host.fcoe_interfaces | length > 0 - name: fcoe | configure | remove default config redhat become: yes file: path: /etc/sysconfig/network-scripts/ifcfg-{{ item.1 }} state: absent with_subelements: - "{{ host.fcoe_interfaces | default([]) }}" - devices when: ansible_os_family == 'RedHat' register: fcoe_ifcfgs_rm_result # Add the fcoe boots args for given interface to kernel command line # only if not already present, ensuring that crashkernel options are # always at the end of the generated command line. - name: fcoe | configure | add required args to kernel command line shell: | set -e for arg in {{ hostvars[inventory_hostname] | fcoe_boot_args(item.1) }} do if ! grep -qs "^GRUB_CMDLINE_LINUX=.*\<${arg}\>" /etc/default/grub; then sed -i -e '/^GRUB_CMDLINE_LINUX=/ { s/\("\)$/ '"${arg}"'\1/ s/\(crashkernel=[^ ]* \)\([^\"]*\)\("\)$/\2 \1\3/ s/ * \("\)$/\1/ }' /etc/default/grub echo Changed fi done with_subelements: - "{{ host.fcoe_interfaces | default([]) }}" - devices when: ansible_os_family == 'RedHat' register: fcoe_grub_mod_result changed_when: '"Changed" in fcoe_grub_mod_result.stdout' - name: fcoe | configure | update grub if kernel command line changed become: yes command: grub2-mkconfig -o /boot/grub2/grub.cfg when: fcoe_grub_mod_result | changed and ansible_os_family == 'RedHat' - name: fcoe | configure | create the fcoe dir become: yes file: path: "{{fcoe_config_dir}}" state: directory mode: 0755 - name: fcoe | configure | Setup fcoe cfg file become: yes template: src: fcoe.cfg.j2 dest: "{{fcoe_config_dir}}/cfg-{{ item.1 }}" with_subelements: - "{{ host.fcoe_interfaces | default([]) }}" - devices register: fcoe_result - name: fcoe | configure | enable lldpad become: yes service: name: lldpad state: restarted enabled: true when: fcoe_result.changed - name: fcoe | configure | disable lldpad on interfaces become: yes command: /usr/sbin/lldptool set-lldp -i {{ item.1 }} adminStatus=disabled with_subelements: - "{{ host.fcoe_interfaces | default([]) }}" - devices when: fcoe_result.changed - name: fcoe | configure | restart the service become: yes service: name: fcoemon state: restarted enabled: true when: fcoe_result.changed and ansible_os_family == 'Debian' - name: fcoe | configure | restart the service become: yes service: name: fcoe state: restarted enabled: true when: fcoe_result.changed and ansible_os_family == 'RedHat' - name: fcoe | configure | restart the service become: yes service: name: fcoe state: restarted enabled: true when: fcoe_result.changed and ansible_os_family == 'Suse' - name: fcoe | configure | restart the service become: yes service: name: multipathd state: restarted enabled: true when: fcoe_result.changed and ansible_os_family == 'Suse' - name: fcoe | configure | get scsi hosts become: yes shell: ls -d -1 /sys/class/scsi_host/host* register: dir_list_result - name: fcoe | configure | rescan the bus become: yes shell: echo "- - - " > "{{ item }}/scan" with_items: "{{ dir_list_result.stdout_lines}}" when: fcoe_result.changed - name: fcoe | configure | rebuild the initramfs become: yes command: "{{ initramfs_update_command }}" when: fcoe_result.changed or (ansible_os_family == 'RedHat' and ((fcoe_ifcfgs_rm_result | changed) or (fcoe_grub_mod_result | changed))) 0707010000003D000081A40000000000000000000000016000787300000412000000000000000000000000000000000000004800000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/fcoe/tasks/install.yml# (c) Copyright 2016-2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017-2018 SUSE LLC # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. --- - name: fcoe | install | Set os-specific variables include_vars: "{{ ansible_os_family | lower }}.yml" # install dependencies for fcoe for bnx2fc/Qlogic CNA - name: fcoe | install | Install the required packages become: yes package: name: "{{ item }}" state: present with_items: fcoe_packages when: host.fcoe_interfaces | length > 0 0707010000003E000081A400000000000000000000000160007873000007F0000000000000000000000000000000000000005200000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/fcoe/tasks/update_fcoe_order.yml# (c) Copyright 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # # Update the FCOE device ordering if needed and request a manual reboot of # the system if required. --- - name: fcoe | update_fcoe_order | Set os-specific variables include_vars: "{{ ansible_os_family | lower }}.yml" - name: fcoe | update_fcoe_order | Update FCOE device ordering become: yes update_fcoe_udev: update: True prefix: / register: ufu_update_result when: host.fcoe_interfaces | length > 0 ignore_errors: True - name: fcoe | update_fcoe_order | Handle ordering check exceptions fail: msg: | Unknown error while checking FCOE device ordering: stdout={{ ufu_update_result.stdout }} stderr={{ ufu_update_result.stderr }} when: ((host.fcoe_interfaces | length > 0) and (ufu_update_result.rc == 256)) - name: fcoe | update_fcoe_order | Rebuild the initramfs become: yes command: "{{ initramfs_update_command }}" when: ((host.fcoe_interfaces | length > 0) and ((ufu_update_result | changed) or (ufu_update_result.rc == 2))) - name: fcoe | update_fcoe_order | FCOE devices re-ordered. fail: msg: | The system FCOE device ordering has been updated and a manual reboot is required for the changes to take effect. Please manually reboot the system before continuing. when: ((host.fcoe_interfaces | length > 0) and ((ufu_update_result | changed) or (ufu_update_result.rc == 2))) 0707010000003F000041ED0000000000000000000000026000787300000000000000000000000000000000000000000000004000000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/fcoe/templates07070100000040000081A40000000000000000000000016000787300000534000000000000000000000000000000000000004C00000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/fcoe/templates/fcoe.cfg.j2{# # (c) Copyright 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # #} ### Type: yes/no ## Default: no # Enable/Disable FCoE service at the Ethernet port # Normally set to "yes" FCOE_ENABLE="yes" ## Type: yes/no ## Default: no # Indicate if DCB service is required at the Ethernet port # Normally set to "yes" DCB_REQUIRED="no" ## Type: yes/no ## Default: no # Indicate if VLAN discovery should be handled by fcoemon # Normally set to "yes" AUTO_VLAN="yes" ## Type: fabric/vn2vn ## Default: fabric # Indicate the mode of the FCoE operation, either fabric or vn2vn # Normally set to "fabric" MODE="fabric" ## Type: yes/no ## Default: no # Indicate whether to run a FIP responder for VLAN discovery in vn2vn mode #FIP_RESP="yes" 07070100000041000041ED0000000000000000000000026000787300000000000000000000000000000000000000000000003B00000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/fcoe/vars07070100000042000081A40000000000000000000000016000787300000306000000000000000000000000000000000000004600000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/fcoe/vars/debian.yml# (c) Copyright 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. fcoe_packages: - lldpad - lldpad-boot - fcoe-utils initramfs_update_command: "update-initramfs -u -k all" 07070100000043000081A400000000000000000000000160007873000002BA000000000000000000000000000000000000004400000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/fcoe/vars/main.yml# (c) Copyright 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. --- fcoe_config_dir: /etc/fcoe 07070100000044000081A400000000000000000000000160007873000002E8000000000000000000000000000000000000004600000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/fcoe/vars/redhat.yml# (c) Copyright 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. fcoe_packages: - lldpad - fcoe-utils initramfs_update_command: "dracut -f" 07070100000045000081A400000000000000000000000160007873000002E9000000000000000000000000000000000000004400000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/fcoe/vars/suse.yml# (c) Copyright 2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. fcoe_packages: - open-lldp - fcoe-utils initramfs_update_command: "dracut -f" 07070100000046000041ED0000000000000000000000056000787300000000000000000000000000000000000000000000003A00000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/iptables07070100000047000041ED0000000000000000000000026000787300000000000000000000000000000000000000000000004300000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/iptables/defaults07070100000048000081A400000000000000000000000160007873000003A4000000000000000000000000000000000000004C00000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/iptables/defaults/main.yml# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- # defaults file for iptables # Make sure that 'lock_path' here matches the 'neutron_common_rundir' # in roles/neutron-common/defaults/main.yml iptables_lock_path: "/var/run/neutron/lock" iptables_lock_name: 'iptables' iptables_lock_timeout: 120 iptables_synchronized_prefix: 'neutron-' 07070100000049000041ED0000000000000000000000026000787300000000000000000000000000000000000000000000003F00000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/iptables/meta0707010000004A000081A400000000000000000000000160007873000002D6000000000000000000000000000000000000004800000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/iptables/meta/main.yml# # (c) Copyright 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- dependencies: - role: osconfig-iptables osconfig_iptables_run_mode: install 0707010000004B000041ED0000000000000000000000026000787300000000000000000000000000000000000000000000004000000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/iptables/tasks0707010000004C000081A40000000000000000000000016000787300000EA6000000000000000000000000000000000000005100000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/iptables/tasks/iptables-add.yml# # (c) Copyright 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- - name: iptables | iptables-add | Add iptables chain become: yes iptables_update: command: > --new-chain {{ iptables_chain }} lock_path: "{{ iptables_lock_path }}" lock_name: "{{ iptables_lock_name }}" lock_timeout: "{{ iptables_lock_timeout }}" synchronized_prefix: "{{ iptables_synchronized_prefix }}" os_family: "{{ ansible_os_family }}" register: _iptables_add_chain_result failed_when: > (_iptables_add_chain_result | failed) and _iptables_add_chain_result.stderr != "iptables: Chain already exists." - name: iptables | iptables-add | Check if iptables chain is present on INPUT become: yes iptables_update: command: > --check INPUT --jump {{ iptables_chain }} lock_path: "{{ iptables_lock_path }}" lock_name: "{{ iptables_lock_name }}" lock_timeout: "{{ iptables_lock_timeout }}" synchronized_prefix: "{{ iptables_synchronized_prefix }}" os_family: "{{ ansible_os_family }}" register: _iptables_add_chain_result changed_when: false failed_when: > (_iptables_add_chain_result | failed) and _iptables_add_chain_result.stderr != "iptables: No chain/target/match by that name." # Note: This is an insert to make the chain higher precedence than all others. - name: iptables | iptables-add | Add iptables chain to INPUT at top of table become: yes iptables_update: command: > --insert INPUT --jump {{ iptables_chain }} lock_path: "{{ iptables_lock_path }}" lock_name: "{{ iptables_lock_name }}" lock_timeout: "{{ iptables_lock_timeout }}" synchronized_prefix: "{{ iptables_synchronized_prefix }}" os_family: "{{ ansible_os_family }}" when: (_iptables_add_chain_result | failed) - name: iptables | iptables-add | Check if iptables rules are already applied become: yes iptables_update: command: > --check {{ iptables_chain }} --destination {{ item.ip }}/32 --protocol tcp --match tcp --dport {{ item.port }} --jump REJECT lock_path: "{{ iptables_lock_path }}" lock_name: "{{ iptables_lock_name }}" lock_timeout: "{{ iptables_lock_timeout }}" synchronized_prefix: "{{ iptables_synchronized_prefix }}" os_family: "{{ ansible_os_family }}" register: _iptables_add_rule_result with_items: iptables_ip_port changed_when: false failed_when: > (_iptables_add_rule_result | failed) and _iptables_add_rule_result.stderr != "iptables: No chain/target/match by that name." - name: iptables | iptables-add | Reject incoming messages on ports become: yes iptables_update: command: > --insert {{ iptables_chain }} --destination {{ item.item.ip }}/32 --protocol tcp --match tcp --dport {{ item.item.port }} --jump REJECT lock_path: "{{ iptables_lock_path }}" lock_name: "{{ iptables_lock_name }}" lock_timeout: "{{ iptables_lock_timeout }}" synchronized_prefix: "{{ iptables_synchronized_prefix }}" os_family: "{{ ansible_os_family }}" when: (item | failed) with_items: _iptables_add_rule_result.results 0707010000004D000081A400000000000000000000000160007873000007C3000000000000000000000000000000000000005400000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/iptables/tasks/iptables-delete.yml# # (c) Copyright 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- - name: iptables | iptables-delete | Delete all rules in iptables chain become: yes iptables_update: command: > --delete {{ iptables_chain }} --destination {{ item.ip }}/32 --protocol tcp --match tcp --dport {{ item.port }} --jump REJECT lock_path: "{{ iptables_lock_path }}" lock_name: "{{ iptables_lock_name }}" lock_timeout: "{{ iptables_lock_timeout }}" synchronized_prefix: "{{ iptables_synchronized_prefix }}" os_family: "{{ ansible_os_family }}" with_items: iptables_ip_port - name: iptables | iptables-delete | Delete all iptables chain in INPUT become: yes iptables_update: command: > --delete INPUT --jump {{ iptables_chain }} lock_path: "{{ iptables_lock_path }}" lock_name: "{{ iptables_lock_name }}" lock_timeout: "{{ iptables_lock_timeout }}" synchronized_prefix: "{{ iptables_synchronized_prefix }}" os_family: "{{ ansible_os_family }}" - name: iptables | iptables-delete | Delete iptables chain become: yes iptables_update: command: > --delete-chain {{ iptables_chain }} lock_path: "{{ iptables_lock_path }}" lock_name: "{{ iptables_lock_name }}" lock_timeout: "{{ iptables_lock_timeout }}" synchronized_prefix: "{{ iptables_synchronized_prefix }}" os_family: "{{ ansible_os_family }}" 0707010000004E000041ED0000000000000000000000066000787300000000000000000000000000000000000000000000003B00000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/multipath0707010000004F000081A40000000000000000000000016000787300001825000000000000000000000000000000000000004500000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/multipath/README.md (c) Copyright 2015 Hewlett Packard Enterprise Development LP (c) Copyright 2017 SUSE LLC Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. multipath ========= This role enables users to configure various multipath on target machines. Requirements ------------ This role requires Ansible 1.4 or higher Role Variables -------------- The variables that can be passed to this role and a brief description about them are as follows: multipath_defaults: <A dictionary of key-value pairs for defaults section> eg: multipath_defaults: user_friendly_names: no max_fds: max fast_io_fail_tmo: 5 multipath_devices: <A list of devices with key-value pairs for devices section> eg: multipath_devices: - vendor: "HP" product: "3PAR" path_selector: "round-robin 0" getuid_callout: "/lib/udev/scsi_id -g -u -d /dev/%n" - vendor: "NETAPP" product: "LUN" path_selector: "round-robin 0" getuid_callout: "/lib/udev/scsi_id -g -u -d /dev/%n" multipath_blacklist: <A list of regex with key-value pairs for blacklist section> eg: multipath_blacklist: - devnode: "^sd[a-z]" - wwid: "2345123469" - device: vendor: "IBM" product: "*" multipath_blacklist_exceptions: <A list of regex with key-value pairs for blacklist_exceptions section> eg: multipath_blacklist_exceptions: - devnode: "^sdc" - wwid: "23451234698" - device: vendor: "IBM" product: "ST500" Operational Guide: ------------------ The default settings are to blacklist all devices. To overwrite the default settings do the following before running the site.yml playbook 1. In the Ardana OpenStack deployer node, open the multipath/multipath_settings.yml under my_cloud/config where the default setting will be to blacklist all devices with the exception of HP 3PAR: i.e., multipath_blacklist: - device: vendor: ".*" product: ".*" multipath_blacklist_exceptions: - device: vendor: "3PARdata" product: "VV" NOTE: Additionally all disk model devices will be blacklisted by default using wwid 2. Modify the file as per the "Role Variables" section described at the beginning 3. Follow the below steps to apply the settings: cd ~/openstack/ardana/ansible git add -A git commit -m "your commit message" ansible-playbook -i hosts/localhost config-processor-run.yml ansible-playbook -i hosts/localhost ready-deployment.yml cd ~/scratch/ansible/next/ardana/ansible ansible-playbook -i hosts/verb_hosts site.yml Examples -------- Input variables: ---------------- multipath_defaults: user_friendly_names: no max_fds: max flush_on_last_del: yes queue_without_daemon: no dev_loss_tmo: infinity fast_io_fail_tmo: 5 multipath_devices: - vendor: "NETAPP" product: "LUN" path_grouping_policy: group_by_prio features: "3 queue_if_no_path pg_init_retries 50" prio: "alua" path_checker: tur failback: immediate path_selector: "round-robin 0" hardware_handler: "1 alua" rr_weight: uniform rr_min_io: 128 getuid_callout: "/lib/udev/scsi_id -g -u -d /dev/%n" - vendor: "HP" product: "3PAR" path_grouping_policy: group_by_prio failback: immediate path_selector: "round-robin 0" getuid_callout: "/lib/udev/scsi_id -g -u -d /dev/%n" multipath_blacklist: - devnode: "^sd[a-z]" - wwid: "2345123469" - device: vendor: "IBM" product: "*" multipath_blacklist_exceptions: - devnode: "^sdc" - wwid: "23451234698" - device: vendor: "IBM" product: "ST500" Resulting multipath.conf: ------------------------- defaults { fast_io_fail_tmo "5" flush_on_last_del "True" max_fds "max" user_friendly_names "False" dev_loss_tmo "infinity" queue_without_daemon "False" } devices { device { path_checker "tur" product "LUN" vendor "NETAPP" features "3 queue_if_no_path pg_init_retries 50" prio "alua" rr_min_io "128" path_grouping_policy "group_by_prio" path_selector "round-robin 0" getuid_callout "/lib/udev/scsi_id -g -u -d /dev/%n" hardware_handler "1 alua" rr_weight "uniform" failback "immediate" } device { product "3PAR" vendor "HP" path_grouping_policy "group_by_prio" path_selector "round-robin 0" getuid_callout "/lib/udev/scsi_id -g -u -d /dev/%n" failback "immediate" } } blacklist { devnode "^sd[a-z]" wwid "2345123469" device { product "*" vendor "IBM" } } blacklist_exceptions { devnode "^sdc" wwid "23451234698" device { product "ST500" vendor "IBM" } } 07070100000050000041ED0000000000000000000000026000787300000000000000000000000000000000000000000000004300000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/multipath/library07070100000051000081A40000000000000000000000016000787300000519000000000000000000000000000000000000005500000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/multipath/library/check_wildcard.py#!/usr/bin/python # # (c) Copyright 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # def main(): module = AnsibleModule( argument_spec=dict( blacklist=dict() ) ) blacklist = json.loads(module.params['blacklist']) for entry in blacklist: if 'device' in entry.keys(): if 'product' in entry['device'].keys() and 'vendor' in entry['device'].keys(): if entry['device']['product'] == ".*" and entry['device']['vendor'] == ".*": module.fail_json(rc=256, msg="No wildcard on blacklist allowed on redhat nodes") module.exit_json( rc=0, changed=False ) from ansible.module_utils.basic import * # NOQA main() 07070100000052000081A4000000000000000000000001600078730000094A000000000000000000000000000000000000005300000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/multipath/library/get_bindings.py#!/usr/bin/python # # (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # import os def main(): my_bindings=[] disks = [] module = AnsibleModule( argument_spec=dict( ardana_host_info=dict(required=True) ) ) ardana_host_info = json.loads(module.params['ardana_host_info']) ardana_disk_models = ardana_host_info.get('my_disk_models', dict()) ardana_device_groups = ardana_host_info.get('my_device_groups', dict()) if ardana_disk_models: for volume_group in ardana_disk_models['volume_groups']: for physical_volume in volume_group['physical_volumes']: physical_volume = physical_volume.replace('_root', '') disks.append(os.path.basename(physical_volume)) if ardana_device_groups: for device_group in ardana_device_groups: for entry in ardana_device_groups[device_group]: for dev in entry['devices']: disks.append(os.path.basename(dev['name'])) if not os.path.exists("/etc/multipath/bindings"): module.exit_json( bindings = my_bindings, rc=0, changed=False ) try: with open("/etc/multipath/bindings") as f: bindings = f.readlines() except: module_fail_json(rc=256, msg="failed to open the binding file") for line in bindings: stripped = line.strip() if stripped.startswith("#") or stripped == "": continue device, wwid = line.split() if device in disks: my_bindings.append(dict(alias=device, wwid=wwid)) module.exit_json( bindings = my_bindings, rc=0, changed=False ) from ansible.module_utils.basic import * # NOQA main() 07070100000053000081A40000000000000000000000016000787300001388000000000000000000000000000000000000004F00000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/multipath/library/get_wwid.py#!/usr/bin/python # # (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # DOCUMENTATION = ''' --- module: get_wwid short_description: Retrieves the wwids of specified device or devices for a given Ardana Host data description: - The module accepts either a device parameter or a Ardana Host data JSON options: device: description: - Full path of the device E.g., '/dev/sda' to retrieve wwid required: true (One of the two options) default: null ardana_host_info: description: - Ardana host info in JSON form. This is usually found in host_vars as host. - Use to_json filter to convert to JSON string required: true (One of the two options) default: null author: ''' EXAMPLES = ''' # Example from Ansible Playbooks. - get_wwid: device='/dev/sda' # Returns dict with key 'wwid' and wwid of the device as value. # Using Ardana host info - get_wwid: ardana_host_info='{{ host | to_json }}' # Returns dict with key 'wwid' and device-wwid key-value pairs dict as value. # NOTE: Please use single quotes for host info converted to JSON as # double quotes will cause argument errors ''' def main(): module = AnsibleModule( argument_spec=dict( device=dict(), ardana_host_info=dict() ) ) device = module.params['device'] ardana_host_info = json.loads(module.params['ardana_host_info']) if not device and not ardana_host_info: module.fail_json(rc=256, msg="No device or Ardana host info specified") ardana_disk_models = ardana_host_info['my_disk_models'] \ if 'my_disk_models' in ardana_host_info else dict() ardana_device_groups = ardana_host_info['my_device_groups'] \ if 'my_device_groups' in ardana_host_info else dict() if ardana_host_info: rc_cumulative = 0 err_cumulative = "" wwids = dict() if ardana_disk_models: for volume_group in ardana_disk_models['volume_groups']: if 'multipath' in volume_group\ and volume_group['multipath'] == True: continue for physical_volume in volume_group['physical_volumes']: physical_volume = physical_volume.replace('_root', '') # Not a scsi disk skip if not os.path.exists("/sys/block/%s/device/scsi_disk" % (os.path.basename(physical_volume))): continue wwid_command = '/lib/udev/scsi_id -g %s' % physical_volume rc, out, err = module.run_command(wwid_command) rc_cumulative += rc err_cumulative += err wwids[physical_volume] = '' if out is None \ else out.rstrip("\r\n") if ardana_device_groups: for device_group in ardana_device_groups: for entry in ardana_device_groups[device_group]: if 'multipath' in entry\ and entry['multipath'] == True: continue for dev in entry['devices']: # Not a scsi disk skip if not os.path.exists("/sys/block/%s/device/scsi_disk" % (os.path.basename(dev['name']))): continue wwid_command = '/lib/udev/scsi_id -g %s' % dev['name'] rc, out, err = module.run_command(wwid_command) rc_cumulative += rc err_cumulative += err wwids[dev['name']] = '' if out is None \ else out.rstrip("\r\n") module.exit_json( hostname=ardana_host_info['vars']['my_network_name'], wwid=wwids, rc=rc_cumulative, stderr=err_cumulative, changed=True ) if device: wwid_command = '/lib/udev/scsi_id -g %s' % device rc, out, err = module.run_command(wwid_command) module.exit_json( disk=wwid_command, wwid='' if out is None else out.rstrip("\r\n"), stderr='' if err is None else err.rstrip("\r\n"), rc=rc, changed=True ) from ansible.module_utils.basic import * # NOQA main() 07070100000054000041ED0000000000000000000000026000787300000000000000000000000000000000000000000000004100000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/multipath/tasks07070100000055000081A40000000000000000000000016000787300001471000000000000000000000000000000000000004D00000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/multipath/tasks/install.yml# # (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017-2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- - include_vars: multipath_vars.yml # Is this the first ever run - name: multipath | install | Check if multipath ran stat: path=/etc/openstack/multipath-ran register: multipath_ran_result - name: multipath | install | get pvs shell: pvs | grep mapper register: multipath_pv_devices failed_when: multipath_pv_devices.rc > 1 - name: multipath | install | get mount paths shell: mount | grep mpath register: multipath_mount_devices failed_when: multipath_mount_devices.rc > 1 - name: multipath | install | get mounts set_fact: multipath_used: True when: multipath_mount_devices.rc == 0 or multipath_pv_devices.rc == 0 - name: multipath | install | check fact check_wildcard: blacklist='{{ multipath_blacklist | to_json }}' when: multipath_blacklist is defined and multipath_used is defined and ansible_os_family == 'RedHat' - name: multipath | install | Check if multipath ran stat: path=/etc/openstack/osconfig-ran register: osconfig_ran_result - name: multipath | install | Set fact if first run set_fact: multipath_first_run: True when: (multipath_ran_result.stat.exists == False) and (osconfig_ran_result.stat.exists == False) - name: multipath | install | Load multipath configuration variables include_vars: "multipath_vars.yml" - name: multipath | install | Get wwids of all devices in disk model get_wwid: ardana_host_info='{{ host | to_json }}' register: disk_model_mappings # For the very first time that multipath is configured need to set user friendly name # This will then be changed once the bindings file is updated # This could already be done during install phase - name: multipath | install | Check if multipath.conf exists stat: path: /etc/multipath.conf register: multipath_conf_result - name: multipath | install | Set user_friendly_names yes set_fact: multipath_user_friendly_names: "yes" when: multipath_conf_result.stat.exists == False - name: multipath | install | Set initial multipath configuration template: src: "multipath.conf.j2" dest: "/etc/multipath.conf" register: configuration_update when: multipath_conf_result.stat.exists == False - name: multipath | install | Load the multipath daemon on redhat command: modprobe dm-multipath when: ansible_os_family == 'RedHat' - name: multipath | install | Install the required packages become: yes package: name: "{{ item }}" state: present with_items: multipath_pkgs - name: multipath | install | Ensure started service: name: "{{ item }}" state: "started" enabled: "yes" with_items: service_daemons # Run multipath the first time - name: multipath | install | run multipath on first run command: /sbin/multipath when: multipath_first_run is defined or multipath_conf_result.stat.exists == False ignore_errors: yes # The disk_binding_result is consumed in the multipath.conf template # This results in an updated multipath.conf next time - name: multipath | install | Get bindings of devices on system get_bindings: ardana_host_info='{{ host | to_json }}' register: disk_bindings_result - name: multipath | install | flush multipath on first run command: /sbin/multipath -F when: multipath_first_run is defined failed_when: false - name: multipath | install | reinvoke multipath on first run command: /sbin/multipath when: multipath_first_run is defined # This is what we want - name: multipath | install | Set user_friendly_names no set_fact: multipath_user_friendly_names: "no" # This is with the aliases for the user friendly names for first run other wise normal - name: multipath | install | Set real multipath configuration template: src: "multipath.conf.j2" dest: "/etc/multipath.conf" register: configuration_update - name: multipath | install | run multipath on first run command: /sbin/multipath when: configuration_update.changed or multipath_first_run is defined # This may be redundant - name: multipath | install | Restart if there is a configuration update service: name: "{{ item }}" state: "restarted" enabled: "yes" with_items: service_daemons when: configuration_update.changed or multipath_first_run is defined - name: multipath | install | Update initramfs command: "{{ initramfs_update_command }}" when: initramfs_update_command is defined and configuration_update.changed - name: multipath | marker | create /etc/openstack directory file: path=/etc/openstack state=directory - name: osconfig | marker | create marker file: path=/etc/openstack/multipath-ran state=touch 07070100000056000081A400000000000000000000000160007873000002EE000000000000000000000000000000000000004A00000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/multipath/tasks/main.yml# # (c) Copyright 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- - name: multipath | main | Set os-specific variables include_vars: "{{ ansible_os_family | lower }}.yml" 07070100000057000041ED0000000000000000000000026000787300000000000000000000000000000000000000000000004500000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/multipath/templates07070100000058000081A40000000000000000000000016000787300000A2E000000000000000000000000000000000000005700000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/multipath/templates/multipath.conf.j2{# # # (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # #} defaults { user_friendly_names {{ multipath_user_friendly_names }} {% if multipath_defaults is defined %} {% for key in multipath_defaults %} {{ key }} "{{ multipath_defaults[key] }}" {% endfor %} {% endif %} } {% if multipath_devices is defined %} devices { {% for device in multipath_devices %} device { {% for key in device %} {{ key }} "{{ device[key] }}" {% endfor %} } {% endfor %} } {% endif %} {% if multipaths is defined or disk_bindings_result is defined %} multipaths { {% if multipaths is defined %} {% for multipath in multipaths %} multipath { {% for key in multipath %} {{ key }} "{{ multipath[key] }}" {% endfor %} } {% endfor %} {% endif %} {% if disk_bindings_result is defined %} {% for multipath in disk_bindings_result.bindings %} multipath { {% for key in multipath %} {{ key }} "{{ multipath[key] }}" {% endfor %} } {% endfor %} {% endif %} } {% endif %} blacklist { {% if multipath_blacklist is defined %} {% for entry in multipath_blacklist %} {% if entry.wwid is defined %} wwid "{{ entry.wwid }}" {% elif entry.devnode is defined %} devnode "{{ entry.devnode }}" {% elif entry.device is defined %} device { {% for key in entry.device %} {{ key }} "{{ entry.device[key] }}" {% endfor %} } {% endif %} {% endfor %} {% endif %} {% if disk_model_mappings is defined %} {% for device in disk_model_mappings.wwid %} wwid "{{ disk_model_mappings.wwid[device] }}" {% endfor %} {% endif %} } {% if multipath_blacklist_exceptions is defined %} blacklist_exceptions { {% for entry in multipath_blacklist_exceptions %} {% if entry.wwid is defined %} wwid "{{ entry.wwid }}" {% elif entry.devnode is defined %} devnode "{{ entry.devnode }}" {% elif entry.device is defined %} device { {% for key in entry.device %} {{ key }} "{{ entry.device[key] }}" {% endfor %} } {% endif %} {% endfor %} } {% endif %} 07070100000059000041ED0000000000000000000000026000787300000000000000000000000000000000000000000000004000000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/multipath/vars0707010000005A000081A40000000000000000000000016000787300000331000000000000000000000000000000000000004B00000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/multipath/vars/debian.yml# # (c) Copyright 2015 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- multipath_pkgs: - multipath-tools - multipath-tools-boot service_daemons: - multipath-tools - multipath-tools-boot initramfs_update_command: "update-initramfs -uv"0707010000005B000081A40000000000000000000000016000787300000298000000000000000000000000000000000000004900000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/multipath/vars/main.yml# # (c) Copyright 2015 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- env: RUNLEVEL: 1 0707010000005C000081A40000000000000000000000016000787300000490000000000000000000000000000000000000005300000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/multipath/vars/multipath_vars.yml# # (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- multipath_user_friendly_names: "no" multipath_devices: - vendor: "3PARdata" product: "VV" path_grouping_policy: "group_by_prio" path_selector: "round-robin 0" path_checker: "tur" checker: "tur" features: "0" hardware_handler: "1 alua" prio: "alua" failback: "immediate" no_path_retry: "queue" rr_min_io: "100" multipath_blacklist: - device: vendor: ".*" product: ".*" multipath_blacklist_exceptions: - device: vendor: "3PARdata" product: "VV" 0707010000005D000081A400000000000000000000000160007873000002F8000000000000000000000000000000000000004B00000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/multipath/vars/redhat.yml# # (c) Copyright 2015 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- multipath_pkgs: - device-mapper-multipath service_daemons: - multipathd initramfs_update_command: "dracut -f" 0707010000005E000081A400000000000000000000000160007873000002F0000000000000000000000000000000000000004900000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/multipath/vars/suse.yml# # (c) Copyright 2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- multipath_pkgs: - multipath-tools service_daemons: - multipathd initramfs_update_command: "dracut -f" 0707010000005F000041ED0000000000000000000000086000787300000000000000000000000000000000000000000000004300000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/network_interface07070100000060000081A40000000000000000000000016000787300003DF3000000000000000000000000000000000000004D00000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/network_interface/README.md (c) Copyright 2015, 2016 Hewlett Packard Enterprise Development LP (c) Copyright 2017 SUSE LLC network_interface ================= _WARNING: This role can be dangerous to use. If you lose network connectivity to your target host by incorrectly configuring your networking, you may be unable to recover without physical access to the machine._ This role enables users to configure various network components on target machines. The role can be used to configure: - `Ethernet interfaces` - `Bonded interfaces` - `VLAN interfaces` - `OVS Bridge interfaces` - `Bridge interfaces` and within each of those - `Network routes` Requirements ------------ This role requires Ansible 1.4 or higher, and platform requirements are listed in the metadata file. Role Variables -------------- The variables that can be passed to this role and a brief description follows: # The list of ethernet interfaces to be added to the system network_ether_interfaces: [] # The list of bonded interfaces to be added to the system network_bond_interfaces: [] # The list of vlan_interfaces network_vlan_interfaces: [] # The list of openvswitch bridges and ports ovs_bridge_interfaces: [] # The list of bridge interfaces to be added to the system network_bridge_interfaces: [] NOTE: The attributes for each of these lists are shown below. Typically these lists are generated by the Configuration Processor and are created in host_vars for every host. M - mandatory, O - optional, D - deprecated network_*_interfaces: These options are common for all interface types - device: M name for the interface being defined bootproto: M manual/static/dhcp[dhcp should not be used for Ardana OpenStack] address: O IP address of this interface netmask: O netmask for this interface (255.255.255.0 or 24) (address & netmask required for bootproto: static only) mtu: O MTU size for this interface route: O list of route triples (full triples required) - network: O a.b.c.d netmask: O 255.255.255.0 gateway: O a.b.c.e - address of the gateway for this network/netmask (network & netmask of 0.0.0.0 implies use as system default gateway) routing_table: O name of routing table used by this interface gateway: O gateway for this subnet (within routing_table) cidr: O CIDR of this interface (v.w.x.y/z) (within routing_table) vips: O list of VIP addresses on this interface (within routing_table) network_ether_interfaces: ovs_bridge: O this interface is attached to this ovs_bridge pci_pt: O this interface is dedicated to PCI passthrough sriov_only: O this interface is dedicated to SR-IOV network_bond_interfaces: ovs_bridge: O this interface is attached to this ovs_bridge bond_mode: M bonding mode bond_miimon: D include in bond_options as 'miimon' bond_slaves: M sub-interfaces of this bond bond_primary: O primary sub-interface for the bond bond_options: O set of bonding options not including mode, slaves or primary network_vlan_interfaces: ovs_bridge: O this interface is attached to this ovs_bridge vlanrawdevice: M which interface to put this VLAN on vlanid: M VLAN-id to use ovs_bridge_interfaces: port: M interface to attach to this bridge hwaddr: O MAC address to set for this bridge dpdk_port: true O interface will be used as a dpdk device network_bridge_interfaces: # not currently used by Ardana OpenStack, not documented There is also an ansible variable defined that globally controls the generation of disable LRO directives within capable devices. This is defined in the Debian specific ansible vars. disable_lro: true M disable LRO for capable interfaces All generated files as shown below are generated on the target system in the directory: `/etc/network/interfaces.d/` Examples -------- ### Non-bonded configuration outline -- br-vlan103 ovs-bridge: no-IP+routing_table:EXTERNAL_VM +---vlan103 vlan: no-IP +---eth3 inherited from system -- br-eth1 ovs-bridge: static-IP+routing_table:MANAGEMENT+routes+vips +---eth1 ether: no-IP -- eth2 ether: static-IP+routing_table:Ardana #### Ansible variables: Within per-host host-vars network_ether_interfaces: - address: 192.168.10.3 bootproto: static cidr: 192.168.10.0/24 device: eth2 gateway: 192.168.10.1 netmask: 24 routing_table: Ardana - bootproto: manual device: eth1 ovs_bridge: br-eth1 network_vlan_interfaces: - bootproto: manual device: vlan103 ovs_bridge: br-vlan103 vlanid: 103 vlanrawdevice: eth3 ovs_bridge_interfaces: - bootproto: manual device: br-vlan103 port: vlan103 routing_table: EXTERNAL-VM - address: 192.168.245.3 bootproto: static cidr: 192.168.245.0/24 device: br-eth1 gateway: 192.168.245.1 netmask: 24 port: eth1 route: - gateway: 192.168.245.1 netmask: 0.0.0.0 network: 0.0.0.0 routing_table: MANAGEMENT vips: - 192.168.245.9 - 192.168.245.10 #### Generated files: `/etc/network/interfaces.d/45-br-vlan103` # ARDANA-MANAGED - Managed by Ardana - Do not edit allow-ovs br-vlan103 iface br-vlan103 inet manual pre-up ovs-vsctl --timeout=5 -- --may-exist add-br br-vlan103 || true pre-up ip addr flush dev vlan103 || true pre-up ovs-vsctl --timeout=5 -- --may-exist add-port br-vlan103 vlan103 -- || true pre-up ifconfig vlan103 up || true down ovs-vsctl --timeout=5 -- --if-exists del-port br-vlan103 vlan103 -- || true `/etc/network/interfaces.d/35-vlan103` # ARDANA-MANAGED - Managed by Ardana - Do not edit auto vlan103 iface vlan103 inet manual vlan-raw-device eth3 pre-up ethtool -K eth3 lro off || true up ip link set vlan103 up || true `/etc/network/interfaces.d/45-br-eth1` # ARDANA-MANAGED - Managed by Ardana - Do not edit allow-ovs br-eth1 iface br-eth1 inet static address 192.168.245.3 netmask 24 pre-up ovs-vsctl --timeout=5 -- --may-exist add-br br-eth1 || true pre-up ip addr flush dev eth1 || true pre-up ovs-vsctl --timeout=5 -- --may-exist add-port br-eth1 eth1 -- || true pre-up ifconfig eth1 up || true down ovs-vsctl --timeout=5 -- --if-exists del-port br-eth1 eth1 -- || true pre-up ip route delete default || true up route add -net 0.0.0.0 netmask 0.0.0.0 gw 192.168.245.1 dev br-eth1 || true down route delete -net 0.0.0.0 netmask 0.0.0.0 gw 192.168.245.1 dev br-eth1 || true up ip route add default via 192.168.245.1 table MANAGEMENT || true down ip route delete default via 192.168.245.1 table MANAGEMENT || true up ip route add 192.168.245.0/24 dev br-eth1 table MANAGEMENT || true down ip route delete 192.168.245.0/24 dev br-eth1 table MANAGEMENT || true up ip rule add from 192.168.245.3 table MANAGEMENT || true down ip rule delete from 192.168.245.3 table MANAGEMENT || true up ip rule add from 192.168.245.9 table MANAGEMENT || true down ip rule delete from 192.168.245.9 table MANAGEMENT || true up ip rule add from 192.168.245.10 table MANAGEMENT || true down ip rule delete from 192.168.245.10 table MANAGEMENT || true `/etc/network/interfaces.d/25-eth1` # ARDANA-MANAGED - Managed by Ardana - Do not edit auto eth1 iface eth1 inet manual pre-up ethtool -K eth1 lro off || true up ip link set eth1 up || true `/etc/network/interfaces.d/25-eth2` # ARDANA-MANAGED - Managed by Ardana - Do not edit auto eth2 iface eth2 inet static address 192.168.10.3 netmask 24 pre-up ethtool -K eth2 lro off || true up ip route add default via 192.168.10.1 table Ardana || true down ip route delete default via 192.168.10.1 table Ardana || true up ip route add 192.168.10.0/24 dev eth2 table Ardana || true down ip route delete 192.168.10.0/24 dev eth2 table Ardana || true up ip rule add from 192.168.10.3 table Ardana || true down ip rule delete from 192.168.10.3 table Ardana || true ### Bonded configuration outline -- br-vlan333 ovs-bridge: no-IP +---vlan333 vlan: no-IP +---bond0 bond: see below -- vlan423 vlan: static-IP+routing_table:MGMT+routes+vips +---bond0 bond: see below -- vlan429 vlan: static-IP+routing_table:EXTERNAL_API+vips +---bond0 bond: see below -- vlan435 vlan: static-IP+routing_table:GUEST +---bond0 bond: see below -- bond0 bond: no-IP. active-backup+miimon++updelay+downdelay+primary:hed4 +---hed4 ether: slave+primary +---hed5 ether: slave #### Ansible variables: Within per-host host-vars ovs_bridge_interfaces: - bootproto: manual device: br-vlan333 port: vlan333 routing_table: EXTERNAL_VM network_vlan_interfaces: - address: 10.241.107.34 bootproto: static cidr: 10.241.107.32/28 device: vlan429 gateway: 10.241.107.33 netmask: 28 routing_table: EXTERNAL_API vips: - 10.241.107.37 vlanid: 429 vlanrawdevice: bond0 - bootproto: manual device: vlan333 ovs_bridge: br-vlan333 vlanid: 333 vlanrawdevice: bond0 - address: 10.241.107.130 bootproto: static cidr: 10.241.107.128/28 device: vlan435 gateway: 10.241.107.129 netmask: 28 routing_table: GUEST vlanid: 435 vlanrawdevice: bond0 - address: 10.241.103.2 bootproto: static cidr: 10.241.103.0/24 device: vlan423 gateway: 10.241.103.1 netmask: 24 route: - gateway: 10.241.103.1 netmask: 0.0.0.0 network: 0.0.0.0 routing_table: MGMT vips: - 10.241.103.15 vlanid: 423 vlanrawdevice: bond0 network_bond_interfaces: - bond_mode: active-backup bond_options: miimon: 200 updelay: 200 downdelay: 200 bond_slaves: - hed4 - hed5 bond_primary: hed4 bootproto: manual device: bond0 #### Generated files: `/etc/network/interfaces.d/45-br-vlan333` # ARDANA-MANAGED - Managed by Ardana - Do not edit allow-ovs br-vlan333 iface br-vlan333 inet manual pre-up ovs-vsctl --timeout=5 -- --may-exist add-br br-vlan103 || true pre-up ip addr flush dev vlan333 || true up ovs-vsctl --timeout=5 -- --may-exist add-port br-vlan333 vlan333 -- || true pre-up ifconfig vlan333 up || true down ovs-vsctl --timeout=5 -- --if-exists del-port br-vlan333 vlan333 -- || true `/etc/network/interfaces.d/35-vlan333` # ARDANA-MANAGED - Managed by Ardana - Do not edit auto vlan333 iface vlan333 inet manual vlan-raw-device bond0 up ip link set vlan333 up || true `/etc/network/interfaces.d/35-vlan423` # ARDANA-MANAGED - Managed by Ardana - Do not edit auto vlan423 iface vlan423 inet static address 10.241.103.2 netmask 24 vlan-raw-device bond0 pre-up ip route delete default || true up route add -net 0.0.0.0 netmask 0.0.0.0 gw 10.241.103.1 dev vlan423 || true down route delete -net 0.0.0.0 netmask 0.0.0.0 gw 10.241.103.1 dev vlan423 || true up ip route add default via 10.241.103.1 table MGMT || true down ip route delete default via 10.241.103.1 table MGMT || true up ip route add 10.241.103.0/24 dev vlan423 table MGMT || true down ip route delete 10.241.103.0/24 dev vlan423 table MGMT || true up ip rule add from 10.241.103.2 table MGMT || true down ip rule delete from 10.241.103.2 table MGMT || true `/etc/network/interfaces.d/35-vlan429` # ARDANA-MANAGED - Managed by Ardana - Do not edit auto vlan429 iface vlan429 inet static address 10.241.107.34 netmask 28 vlan-raw-device bond0 up ip route add default via 10.241.107.33 table EXTERNAL_API || true down ip route delete default via 10.241.107.33 table EXTERNAL_API || true up ip route add 10.241.107.32/28 dev vlan429 table EXTERNAL_API || true down ip route delete 10.241.107.32/28 dev vlan429 table EXTERNAL_API || true up ip rule add from 10.241.107.34 table EXTERNAL_API || true down ip rule delete from 10.241.107.34 table EXTERNAL_API || true `/etc/network/interfaces.d/35-vlan435` # ARDANA-MANAGED - Managed by Ardana - Do not edit auto vlan435 iface vlan435 inet static address 10.241.107.130 netmask 28 vlan-raw-device bond0 up ip route add default via 10.241.107.129 table GUEST || true down ip route delete default via 10.241.107.129 table GUEST || true up ip route add 10.241.107.128/28 dev vlan435 table GUEST || true down ip route delete 10.241.107.128/28 dev vlan435 table GUEST || true up ip rule add from 10.241.107.130 table GUEST || true down ip rule delete from 10.241.107.130 table GUEST || true `/etc/network/interfaces.d/15-bond0` # ARDANA-MANAGED - Managed by Ardana - Do not edit auto bond0 iface bond0 inet manual bond-mode active-backup bond-slaves none bond-miimon 200 bond-updelay 200 bond-downdelay 200 `/etc/network/interfaces.d/25-hed4` # ARDANA-MANAGED - Managed by Ardana - Do not edit auto hed4 iface hed4 inet manual bond-master bond0 bond-primary hed4 pre-up ethtool -K hed4 lro off || true pre-up ip addr flush dev hed4 || true up ip link set hed4 up || true `/etc/network/interfaces.d/25-hed5` # ARDANA-MANAGED - Managed by Ardana - Do not edit auto hed5 iface hed5 inet manual bond-master bond0 pre-up ethtool -K hed5 lro off || true pre-up ip addr flush dev hed5 || true up ip link set hed5 up || true -------------------------------------------------------------------------------- Note: Ansible needs network connectivity throughout the playbook process, you may need to have a control interface that you do *not* modify using this method so that Ansible has a stable connection to configure the target systems. Dependencies ------------ None License ------- BSD Author Information ------------------ Benno Joy Hewlett Packard Enterprise Development LP 07070100000061000041ED0000000000000000000000026000787300000000000000000000000000000000000000000000004C00000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/network_interface/defaults07070100000062000081A40000000000000000000000016000787300000DB7000000000000000000000000000000000000005500000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/network_interface/defaults/main.yml# (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. --- nic_mappings: [] network_ether_interfaces: [] network_bridge_interfaces: [] network_bond_interfaces: [] ovs_bridge_interfaces: [] network_vlan_interfaces: [] udev_prefix_nic_mapping: 90 order_prefix_bond: 15 order_prefix_ether: 25 order_prefix_vlan: 35 order_prefix_bridge: 45 rhel_prefix: ifcfg suse_prefix: ifcfg dpdk_driver_file: '99-dpdk-driver' interface_file_marker: '# ARDANA-MANAGED - Managed by Ardana - Do not edit' dpdk_kernel_module_file: /etc/modules-load.d/ardana_dpdk-modules.conf passthrough_max_mtu: "{%- set ptn_mtu_list = [0] -%} {%- if host.my_network_groups is defined -%} {%- for netgroup, net_list in host.my_network_groups.iteritems() -%} {%- for network_attrs in net_list -%} {%- if 'passthrough-mtu' in network_attrs -%} {%- if ptn_mtu_list.append(network_attrs['passthrough-mtu']) -%}{%- endif -%} {%- endif -%} {%- endfor -%} {%- endfor -%} {%- endif -%} {{ ptn_mtu_list | max }}" multi_port_sriov_interfaces: "{% set temp_list = [] %} {%- if network_pci_pt_sriov_interfaces is defined -%} {%- for interface in network_pci_pt_sriov_interfaces -%} {%- if interface.type == 'multi-port' and interface.vf_count is defined and interface.config_script is defined -%} {%- if temp_list.append( interface ) -%} {%- endif -%} {%- endif -%} {%- endfor -%} {%- endif -%} {{ temp_list }}" simple_port_sriov_interfaces: "{% set temp_list = [] %} {%- if network_pci_pt_sriov_interfaces is defined -%} {%- for interface in network_pci_pt_sriov_interfaces -%} {%- if interface.type == 'simple-port' and interface.vf_count is defined and interface.config_script is defined -%} {%- if temp_list.append( interface ) -%} {%- endif -%} {%- endif -%} {%- endfor -%} {%- endif -%} {{ temp_list }}" sriov_interfaces: "{{ simple_port_sriov_interfaces + multi_port_sriov_interfaces }}" 07070100000063000041ED0000000000000000000000026000787300000000000000000000000000000000000000000000004900000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/network_interface/files07070100000064000081A4000000000000000000000001600078730000035C000000000000000000000000000000000000005C00000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/network_interface/files/ardana_udev_run.sh#!/bin/sh # # (c) Copyright 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # # ARDANA-MANAGED - Managed by Ardana - Do not edit devpath=`env | grep 'DEVPATH' | cut -f2 -d '='` NET_PCI_SCRIPT=/etc/udev/ardana_network_pci.py if [ -x $NET_PCI_SCRIPT ] then $NET_PCI_SCRIPT $devpath fi 07070100000065000081A40000000000000000000000016000787300000318000000000000000000000000000000000000005A00000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/network_interface/files/ifdown-pre-local#!/bin/bash # # (c) Copyright 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # DEVICE=$1 OTHERSCRIPT="/etc/sysconfig/network-scripts/ifdown-pre-local-${DEVICE}" if [ -x ${OTHERSCRIPT} ]; then eval ${OTHERSCRIPT} fi 07070100000066000081A40000000000000000000000016000787300000312000000000000000000000000000000000000005400000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/network_interface/files/ifup-local#!/bin/bash # # (c) Copyright 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # DEVICE=$1 OTHERSCRIPT="/etc/sysconfig/network-scripts/ifup-local-${DEVICE}" if [ -x ${OTHERSCRIPT} ]; then eval ${OTHERSCRIPT} fi 07070100000067000081A40000000000000000000000016000787300000310000000000000000000000000000000000000005F00000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/network_interface/files/suse-ifdown-pre-local#!/bin/bash # # (c) Copyright 2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # DEVICE=$1 OTHERSCRIPT="/etc/sysconfig/network/ifdown-pre-local-${DEVICE}" if [ -x ${OTHERSCRIPT} ]; then eval ${OTHERSCRIPT} fi 07070100000068000081A4000000000000000000000001600078730000030A000000000000000000000000000000000000005900000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/network_interface/files/suse-ifup-local#!/bin/bash # # (c) Copyright 2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # DEVICE=$1 OTHERSCRIPT="/etc/sysconfig/network/ifup-local-${DEVICE}" if [ -x ${OTHERSCRIPT} ]; then eval ${OTHERSCRIPT} fi 07070100000069000041ED0000000000000000000000026000787300000000000000000000000000000000000000000000004800000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/network_interface/meta0707010000006A000081A4000000000000000000000001600078730000003C000000000000000000000000000000000000005D00000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/network_interface/meta/.galaxy_install_info{install_date: 'Thu Apr 23 17:16:55 2015', version: master} 0707010000006B000081A40000000000000000000000016000787300000199000000000000000000000000000000000000005100000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/network_interface/meta/main.yml--- galaxy_info: author: "Benno Joy" company: AnsibleWorks license: "Simplified BSD License" min_ansible_version: 1.4 platforms: - name: EL versions: - 5 - 6 - name: Fedora versions: - 16 - 17 - 18 - name: Ubuntu versions: - precise - quantal - raring - saucy categories: - networking - system dependencies: [] 0707010000006C000041ED0000000000000000000000026000787300000000000000000000000000000000000000000000004900000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/network_interface/tasks0707010000006D000081ED000000000000000000000001600078730000638C000000000000000000000000000000000000005700000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/network_interface/tasks/configure.yml# (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017-2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. --- # network_interface configure playbook - name: network_interface | configure | Create temporary shadow directory command: /bin/mktemp -d register: shadow_dir - name: network_interface | configure | Simplify registered values set_fact: shadow_dir: "{{ shadow_dir.stdout }}" - name: network_interface | configure | Fact for RedHat OvS install set_fact: ovs_redhat_check: true when: ('FND-OVS' in group.services or ovs_bridge_interfaces != []) and ansible_os_family == 'RedHat' - name: network_interface | configure | Ensure ovs_redhat_check exists set_fact: ovs_redhat_check: false when: ovs_redhat_check is not defined - name: network_interface | configure | Fact for SUSE OvS install set_fact: ovs_suse_check: true when: ('FND-OVS' in group.services or ovs_bridge_interfaces != []) and ansible_os_family == 'Suse' - name: network_interface | configure | Ensure ovs_suse_check exists set_fact: ovs_suse_check: false when: ovs_suse_check is not defined - name: network_interface | configure | Fact for running on Compute Node w/ DPDK set_fact: compute_with_dpdk_check: true when: ('NOV-KVM' in group.services) and ansible_processor[0] == 'GenuineIntel' and ('True' in dpdk_enabled) - name: network_interface | configure | Ensure compute_with_dpdk_check exists set_fact: compute_with_dpdk_check: false when: compute_with_dpdk_check is not defined - name: network_interface | configure | Ensure switchd values exist set_fact: switchd: { orig_checksum: '' } when: switchd is not defined - name: network_interface | configure | RedHat- Install openvswitch packages become: yes package: name: "{{ item }}" state: present with_items: openvswitch_packages when: ovs_redhat_check - name: network_interface | configure | RedHat- Start openvswitch become: yes service: name: openvswitch state: started enabled: yes when: ovs_redhat_check - name: network_interface | configure | SUSE- Install openvswitch packages become: yes package: name: "{{ item }}" state: present with_items: openvswitch_packages when: ovs_suse_check - name: network_interface | configure | SUSE- Install extra dpdk packages become: yes package: name: "{{ item }}" state: present with_items: dpdk_extra.packages when: ovs_suse_check and compute_with_dpdk_check - name: network_interface | configure | SUSE- Get libvirt_qemu_user from Nova include_vars: ../../NOV-CMP-KVM/vars/suse.yml when: ovs_suse_check and compute_with_dpdk_check - name: network_interface | configure | SUSE- Create openvswitch script to bind dpdk nics become: yes template: src: ovs-dpdk-bindings.j2 dest: /usr/share/openvswitch/scripts/ovs-dpdk-bindings owner: root group: root mode: 0744 when: ovs_suse_check and compute_with_dpdk_check - name: network_interface | configure | SUSE- Create openvswitch service script directory become: yes file: path: /usr/lib/systemd/system/openvswitch.service.d state: directory owner: root group: root mode: 0644 when: ovs_suse_check - name: network_interface | configure | SUSE- Create openvswitch default options become: yes template: src: openvswitch.j2 dest: /usr/lib/systemd/system/openvswitch.service.d/dpdk_environment.conf owner: root group: root mode: 0644 when: ovs_suse_check and compute_with_dpdk_check - name: network_interface | configure | SUSE- Configure openvswitch to bind dpdk nics before starting become: yes template: src: dpdk_bindings.conf.j2 dest: /usr/lib/systemd/system/openvswitch.service.d/dpdk_bindings.conf when: ovs_suse_check and compute_with_dpdk_check - name: network_interface | configure | SUSE- Configure openvswitch to start before wickedd become: yes template: src: openvswitch.service-wickedd.conf.j2 dest: /usr/lib/systemd/system/openvswitch.service.d/wickedd.conf when: ovs_suse_check - name: network_interface | configure | SUSE- Systemctl daemon-reload become: yes shell: systemctl daemon-reload when: ovs_suse_check - name: network_interface | configure | SUSE- Restart openvswitch become: yes service: name: openvswitch state: restarted enabled: yes when: ovs_suse_check and compute_with_dpdk_check - name: network_interface | configure | SUSE- Configure dpdk openvswitch core mask become: yes command: "ovs-vsctl set Open_vSwitch . other_config:dpdk-lcore-mask={{ dpdk_core_mask }}" when: ovs_suse_check and compute_with_dpdk_check - name: network_interface | configure | SUSE- Configure dpdk openvswitch pmd mask become: yes command: "ovs-vsctl set Open_vSwitch . other_config:pmd-cpu-mask={{ dpdk_pmd_mask }}" when: ovs_suse_check and compute_with_dpdk_check - name: network_interface | configure | SUSE- Configure openvswitch dpdk socket memory become: yes command: "ovs-vsctl set Open_vSwitch . other_config:dpdk-socket-mem={{ dpdk_socket_mem }}" when: ovs_suse_check and compute_with_dpdk_check - name: network_interface | configure | SUSE- Configure openvswitch memory channels become: yes command: "ovs-vsctl set Open_vSwitch . other_config:dpdk-extra='-n {{ dpdk_extra_options }}'" when: ovs_suse_check and compute_with_dpdk_check - name: network_interface | configure | SUSE- Configure dpdk openvswitch rxqs become: yes command: "ovs-vsctl set Open_vSwitch . other_config:n-dpdk-rxqs={{ dpdk_rx_queues }}" when: ovs_suse_check and compute_with_dpdk_check - name: network_interface | configure | SUSE- Restart openvswitch become: yes service: name: openvswitch state: restarted enabled: yes when: ovs_suse_check and compute_with_dpdk_check - name: network_interface | configure | SUSE- Make certain openvswitch is started become: yes service: name: openvswitch state: started enabled: yes when: ovs_suse_check - name: network_interface | configure | Install linux-bridge packages become: yes package: name: "{{ item }}" state: present with_items: linuxbridge_packages environment: env when: network_bridge_interfaces != [] - name: network_interface | configure | RedHat- Provide system ifup-local support become: yes copy: src: ../files/ifup-local dest: /sbin/ifup-local owner: root group: root mode: 0755 when: ansible_os_family == 'RedHat' - name: network_interface | configure | RedHat- Provide system ifdown-pre-local support become: yes copy: src: ../files/ifdown-pre-local dest: /sbin/ifdown-pre-local owner: root group: root mode: 0755 when: ansible_os_family == 'RedHat' - name: network_interface | configure | Configure the PCI->NIC mappings become: yes template: src: nic_mapping.j2 dest: /etc/udev/rules.d/{{ udev_prefix_nic_mapping }}-ardana-nic-mapping.rules owner: root group: root mode: 0644 when: nic_mappings != [] register: udev_config_result - name: network_interface | configure | Debian- Ensure the include line is in interfaces file become: yes lineinfile: > regexp="^source-directory\ \/etc\/network\/interfaces.d" line="source-directory /etc/network/interfaces.d" dest=/etc/network/interfaces state=present insertafter=EOF when: ansible_os_family == "Debian" - name: network_interface | configure | Debian- Ensure other include forms are not in interfaces file become: yes lineinfile: > regexp="^source\ \/etc\/network\/interfaces.d\/\*" dest=/etc/network/interfaces state=absent when: ansible_os_family == "Debian" - name: network_interface | configure | Create interface configuration directory become: yes file: path: "{{ net_path }}" state: directory - name: network_interface | configure | Remove previous .shadow configuration directory become: yes file: path: "{{ shadow_dir }}" state: absent - name: network_interface | configure | Create .shadow configuration directory become: yes file: path: "{{ shadow_dir }}" state: directory - name: Get list of routing tables set_fact: routing_tables: "{{ [network_ether_interfaces, network_bond_interfaces, network_vlan_interfaces, ovs_bridge_interfaces, network_bridge_interfaces] | routing_tables | list }}" - name: network_interface | configure | Debian- Create OVS-VLAN configuration files become: yes template: src: ovs_vlan_{{ ansible_os_family|lower }}.j2 dest: "{{ shadow_dir }}/{{ order_prefix_vlan }}-{{ item.device }}" with_items: network_vlan_interfaces when: ansible_os_family|lower == 'debian' and (item.provider|default('') == 'openvswitch' or item.provider|default('') == 'ovs') - name: network_interface | configure | Debian- Create OVS-bridge configuration files become: yes template: src=ovs_bridge_{{ ansible_os_family }}.j2 dest={{ shadow_dir }}/{{ order_prefix_bridge }}-{{ item.device }} with_items: ovs_bridge_interfaces when: ansible_os_family == 'Debian' - name: network_interface | configure | RedHat- Create OVS-bridge 'up' configuration files become: yes template: src: ovs_bridge_up_{{ ansible_os_family }}.j2 dest: "{{ shadow_dir }}/ifup-local-{{ item.port }}" owner: root group: root mode: 0744 with_items: ovs_bridge_interfaces when: ansible_os_family == 'RedHat' - name: network_interface | configure | RedHat- Create OVS-bridge 'down' configuration files become: yes template: src: ovs_bridge_down_{{ ansible_os_family }}.j2 dest: "{{ shadow_dir }}/ifdown-pre-local-{{ item.port }}" owner: root group: root mode: 0744 with_items: ovs_bridge_interfaces when: ansible_os_family == 'RedHat' - name: network_interface | configure | SUSE- Create OVS-VLAN configuration files become: yes template: src: ovs_vlan_{{ ansible_os_family }}.j2 dest: "{{ shadow_dir }}/{{ suse_prefix }}-{{ item.device }}" with_items: network_vlan_interfaces when: ansible_os_family == 'Suse' and (item.provider|default('') == 'openvswitch' or item.provider|default('') == 'ovs') - name: network_interface | configure | SUSE- Create OVS-VLAN scripts become: yes template: src: ovs_vlan_{{ ansible_os_family }}_script.j2 dest: "{{ shadow_dir }}/ifscript-{{ item.device }}.sh" mode: 0744 with_items: network_vlan_interfaces when: ansible_os_family == 'Suse' and (item.provider|default('') == 'openvswitch' or item.provider|default('') == 'ovs') - name: network_interface | configure | SUSE- Create OVS-bridge configuration files become: yes template: src: ovs_bridge_{{ ansible_os_family }}.j2 dest: "{{ shadow_dir }}/{{ suse_prefix }}-{{ item.device }}" with_items: ovs_bridge_interfaces when: ansible_os_family == 'Suse' - name: network_interface | configure | SUSE- Create OVS-bridge scripts become: yes template: src: ovs_bridge_{{ ansible_os_family }}_script.j2 dest: "{{ shadow_dir }}/ifscript-{{ item.device }}.sh" mode: 0744 with_items: ovs_bridge_interfaces when: ansible_os_family == 'Suse' - name: network_interface | configure | Debian- Create ethernet configuration files become: yes template: src=ethernet_{{ ansible_os_family }}.j2 dest={{ shadow_dir }}/{{ order_prefix_ether }}-{{ item.device }} with_items: network_ether_interfaces when: ansible_os_family == 'Debian' register: ether_result - name: network_interface | configure | RedHat- Create ethernet configuration files become: yes template: src: ethernet_{{ ansible_os_family }}.j2 dest: "{{ shadow_dir }}/{{ rhel_prefix }}-{{ item.device }}" with_items: network_ether_interfaces when: ansible_os_family == 'RedHat' register: ether_result - name: network_interface | configure | RedHat- Create ethernet route configuration files become: yes template: src: route_{{ ansible_os_family }}.j2 dest: "{{ shadow_dir }}/route-{{ item.device }}" with_items: network_ether_interfaces when: ether_result is defined and (item.route is defined or item.routing_table is defined) and ansible_os_family == 'RedHat' - name: network_interface | configure | RedHat- Create ethernet routing-rule configuration files become: yes template: src: rule_{{ ansible_os_family }}.j2 dest: "{{ shadow_dir }}/rule-{{ item.device }}" with_items: network_ether_interfaces when: ether_result is defined and (item.route is defined or item.routing_table is defined) and ansible_os_family == 'RedHat' - name: network_interface | configure | SUSE- Create ethernet configuration files become: yes template: src: ethernet_{{ ansible_os_family }}.j2 dest: "{{ shadow_dir }}/{{ suse_prefix }}-{{ item.device }}" with_items: network_ether_interfaces when: ansible_os_family == 'Suse' register: ether_result - name: network_interface | configure | SUSE- Create ethernet scripts become: yes template: src: ethernet_{{ ansible_os_family }}_script.j2 dest: "{{ shadow_dir }}/ifscript-{{ item.device }}.sh" mode: 0744 with_items: network_ether_interfaces when: ansible_os_family == 'Suse' register: ether_result - name: network_interface | configure | Debian- Create Linux-bridge configuration files become: yes template: src=bridge_{{ ansible_os_family }}.j2 dest={{ shadow_dir }}/{{ order_prefix_bridge }}-{{ item.device }} with_items: network_bridge_interfaces when: ansible_os_family == 'Debian' - name: network_interface | configure | RedHat- Create Linux-bridge configuration files become: yes template: src: bridge_{{ ansible_os_family }}.j2 dest: "{{ shadow_dir }}/{{ rhel_prefix }}-{{ item.device }}" with_items: network_bridge_interfaces when: ansible_os_family == 'RedHat' - name: network_interface | configure | SUSE- Create Linux-bridge configuration files become: yes template: src: bridge_{{ ansible_os_family }}.j2 dest: "{{ shadow_dir }}/{{ suse_prefix }}-{{ item.device }}" with_items: network_bridge_interfaces when: ansible_os_family == 'Suse' - name: network_interface | configure | SUSE- Create Linux-bridge scripts become: yes template: src: bridge_{{ ansible_os_family }}_script.j2 dest: "{{ shadow_dir }}/ifscript-{{ item.device }}.sh" mode: 0744 with_items: network_bridge_interfaces when: ansible_os_family == 'Suse' - name: network_interface | configure | Debian- Create bond configuration files become: yes template: src=bond_{{ ansible_os_family }}.j2 dest={{ shadow_dir }}/{{ order_prefix_bond }}-{{ item.device }} with_items: network_bond_interfaces when: ansible_os_family == 'Debian' register: bond_result - name: network_interface | configure | RedHat- Create bond configuration files become: yes template: src: bond_{{ ansible_os_family }}.j2 dest: "{{ shadow_dir }}/{{ rhel_prefix }}-{{ item.device }}" with_items: network_bond_interfaces when: ansible_os_family == 'RedHat' register: bond_result - name: network_interface | configure | SUSE- Create bond configuration files become: yes template: src: bond_{{ ansible_os_family }}.j2 dest: "{{ shadow_dir }}/{{ suse_prefix }}-{{ item.device }}" with_items: network_bond_interfaces when: ansible_os_family == 'Suse' register: bond_result - name: network_interface | configure | SUSE- Create bond scripts become: yes template: src: bond_{{ ansible_os_family }}_script.j2 dest: "{{ shadow_dir }}/ifscript-{{ item.device }}.sh" mode: 0744 with_items: network_bond_interfaces when: ansible_os_family == 'Suse' - name: network_interface | configure | Debian- Ensure the bonding module is loaded become: yes modprobe: name=bonding state=present when: bond_result|changed and ansible_os_family == 'Debian' - name: network_interface | configure | RedHat- Configure bonding module become: yes lineinfile: > dest=/etc/modprobe.d/bonding.conf line="options bonding max_bonds=0" state=present create=yes owner=root group=root mode=0644 insertafter=EOF when: bond_result|changed and ansible_os_family == 'RedHat' - name: network_interface | configure | RedHat- Ensure the bonding module is loaded become: yes modprobe: name: bonding state: present when: bond_result|changed and ansible_os_family == 'RedHat' - name: network_interface | configure | RedHat- Create bond route configuration files become: yes template: src: route_{{ ansible_os_family }}.j2 dest: "{{ shadow_dir }}/route-{{ item.device }}" with_items: network_bond_interfaces when: bond_result is defined and item.route is defined and ansible_os_family == 'RedHat' - name: network_interface | configure | RedHat- Create bond routing-rule configuration files become: yes template: src: rule_{{ ansible_os_family }}.j2 dest: "{{ shadow_dir }}/rule-{{ item.device }}" with_items: network_bond_interfaces when: bond_result is defined and (item.route is defined or item.routing_table is defined) and ansible_os_family == 'RedHat' - name: network_interface | configure | SUSE- Ensure the bonding module is loaded become: yes modprobe: name: bonding state: present when: bond_result|changed and ansible_os_family == 'Suse' - name: network_interface | configure | Debian- Create bond-slave configuration files become: yes template: src=bond_slave_{{ ansible_os_family }}.j2 dest={{ shadow_dir }}/{{ order_prefix_ether }}-{{ item.1 }} with_subelements: - network_bond_interfaces - bond_slaves when: ansible_os_family == 'Debian' register: bond_port_result - name: network_interface | configure | RedHat- Create bond-slave configuration files become: yes template: src: bond_slave_{{ ansible_os_family }}.j2 dest: "{{ shadow_dir }}/{{ rhel_prefix }}-{{ item.1 }}" with_subelements: - network_bond_interfaces - bond_slaves when: bond_result is defined and ansible_os_family == 'RedHat' register: bond_port_result - name: network_interface | configure | SUSE- Create bond-slave configuration files become: yes template: src: bond_slave_{{ ansible_os_family }}.j2 dest: "{{ shadow_dir }}/{{ suse_prefix }}-{{ item.1 }}" with_subelements: - network_bond_interfaces - bond_slaves when: bond_result is defined and ansible_os_family == 'Suse' register: bond_port_result - name: network_interface | configure | SUSE- Create bond-slave scripts become: yes template: src: bond_slave_{{ ansible_os_family }}_script.j2 dest: "{{ shadow_dir }}/ifscript-{{ item.1 }}.sh" mode: 0744 with_subelements: - network_bond_interfaces - bond_slaves when: bond_result is defined and ansible_os_family == 'Suse' register: bond_port_result - name: network_interface | configure | Debian- Create vlan configuration files become: yes template: src=vlan_{{ ansible_os_family }}.j2 dest={{ shadow_dir }}/{{ order_prefix_vlan }}-{{ item.device }} with_items: network_vlan_interfaces when: ansible_os_family == 'Debian' and item.provider|default('linux') == 'linux' - name: network_interface | configure | RedHat- Create vlan configuration files become: yes template: src: vlan_{{ ansible_os_family }}.j2 dest: "{{ shadow_dir }}/{{ rhel_prefix }}-{{ item.device }}" with_items: network_vlan_interfaces when: network_vlan_interfaces is defined and ansible_os_family == 'RedHat' register: vlan_result - name: network_interface | configure | RedHat- Create vlan 'up' configuration files become: yes template: src: vlan_up_{{ ansible_os_family }}.j2 dest: "{{ shadow_dir }}/ifup-local-{{ item.device }}" owner: root group: root mode: 0744 with_items: network_vlan_interfaces when: vlan_result is defined and item.ovs_bridge is not defined and ansible_os_family == 'RedHat' - name: network_interface | configure | RedHat- Create vlan route configuration files become: yes template: src: route_{{ ansible_os_family }}.j2 dest: "{{ shadow_dir }}/route-{{ item.device }}" with_items: network_vlan_interfaces when: vlan_result is defined and (item.route is defined or item.routing_table is defined) and ansible_os_family == 'RedHat' - name: network_interface | configure | RedHat- Create vlan routing-rule configuration files become: yes template: src: rule_{{ ansible_os_family }}.j2 dest: "{{ shadow_dir }}/rule-{{ item.device }}" with_items: network_vlan_interfaces when: vlan_result is defined and (item.route is defined or item.routing_table is defined) and ansible_os_family == 'RedHat' - name: network_interface | configure | SUSE- Create vlan configuration files become: yes template: src: vlan_{{ ansible_os_family }}.j2 dest: "{{ shadow_dir }}/{{ suse_prefix }}-{{ item.device }}" with_items: network_vlan_interfaces when: ansible_os_family == 'Suse' and item.provider|default('linux') == 'linux' - name: network_interface | configure | SUSE- Create vlan scripts become: yes template: src: vlan_{{ ansible_os_family }}_script.j2 dest: "{{ shadow_dir }}/ifscript-{{ item.device }}.sh" mode: 0744 with_items: network_vlan_interfaces when: ansible_os_family == 'Suse' and item.provider|default('linux') == 'linux' - name: network_interface | configure | Debian- Specify DPDK PCI/driver data become: yes template: src: dpdk_drivers_{{ ansible_os_family }}.j2 dest: "{{ shadow_dir }}/{{ dpdk_driver_file }}" when: ansible_os_family == 'Debian' and dpdk_network_devices is defined and dpdk_network_devices.FND_OVS is defined and dpdk_network_devices.FND_OVS.devices is defined and dpdk_drivers != ' ' - name: network_interface | configure | Force libvirt vnet'x' port MTU become: yes template: src: libvirt_mtu.j2 dest: /etc/udev/rules.d/{{ udev_prefix_nic_mapping }}-ardana-libvirt-mtu.rules owner: root group: root mode: 0644 when: passthrough_max_mtu != '0' - name: network_interface | configure | Remove libvirt vnet'x' port MTU if not required become: yes file: path: /etc/udev/rules.d/{{ udev_prefix_nic_mapping }}-ardana-libvirt-mtu.rules state: absent when: passthrough_max_mtu == '0' - name: network_interface | configure | Copy udev run script to run nic vendor scripts become: yes copy: src: "../files/ardana_udev_run.sh" dest: "/etc/udev/ardana_udev_run.sh" owner: root group: root mode: 0755 register: ardana_udev_run_result when: sriov_interfaces != [] - name: network_interface | configure | Restart networking become: yes restart_networking: interfaces_path: "{{ net_path }}" shadow_path: "{{ shadow_dir }}" force_restart: "{{ udev_config_result.changed or ardana_udev_run_result.changed or network_pci_restart_required|default('false') }}" restart_ovs: "{{ ovs_redhat_check }}" management_pattern: "{{ interface_file_marker }}" routing_tables: "{{ routing_tables }}" routing_table_file: "{{ routing_table_file }}" routing_table_marker: "{{ routing_table_marker }}" routing_table_id_start: "{{ routing_table_id_start }}" os_family: "{{ ansible_os_family }}" register: net_restart_result - name: network_interface | configure | Set network_restarted fact for later use set_fact: network_restarted: "{{ net_restart_result.changed }}" - name: Delete temporary shadow directory become: yes file: path: "{{ shadow_dir }}" state: absent - name: network_interface | configure | Copy RHEL ovs reboot workaround script become: yes template: src: "ovs_reboot_workaround.sh.j2" dest: "/tmp/ovs_reboot_workaround.sh" mode: 0700 when: - ansible_os_family == 'RedHat' - ovs_bridge_interfaces | length > 0 - name: network_interface | configure | Run RHEL ovs reboot workaround script become: yes command: > /tmp/ovs_reboot_workaround.sh register: _ovs_reboot_workaround_result when: - ansible_os_family == 'RedHat' - ovs_bridge_interfaces | length > 0 - name: network_interface | configure | Remove RHEL ovs reboot workaround script become: yes file: state: absent path: "/tmp/ovs_reboot_workaround.sh" when: - ansible_os_family == 'RedHat' - ovs_bridge_interfaces | length > 0 - name: network_interface | configure | SUSE- Restart dpdk network become: yes service: name: network state: restarted enabled: yes when: ovs_suse_check and compute_with_dpdk_check 0707010000006E000081A400000000000000000000000160007873000003D6000000000000000000000000000000000000006B00000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/network_interface/tasks/configure_pci_to_nic_mappings.yml# # (c) Copyright 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- - name: network_interface | configure | Configure the PCI->NIC mappings become: yes template: src: nic_mapping.j2 dest: /etc/udev/rules.d/{{ udev_prefix_nic_mapping }}-ardana-nic-mapping.rules owner: root group: root mode: 0644 when: nic_mappings is defined and nic_mappings != [] register: udev_config_result 0707010000006F000081A4000000000000000000000001600078730000043D000000000000000000000000000000000000005500000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/network_interface/tasks/install.yml# (c) Copyright 2016-2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017-2018 SUSE LLC # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. --- # network_interface install playbook - name: network_interface | install | Install the required packages become: yes package: name: "{{ item }}" state: present with_items: network_pkgs - name: network_interface | install | Disable unsupported services become: yes service: name: "{{ item }}" state: stopped enabled: no with_items: "{{ disable_svcs|default([]) }}" 07070100000070000081A40000000000000000000000016000787300000378000000000000000000000000000000000000006600000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/network_interface/tasks/keepalived-force-restart.yml# # (c) Copyright 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # # If this keepalived instance is currently MASTER this should force the # MASTER to another node --- - name: network_interface | keepalived-force-restart | Force restart keepalived become: yes service: name: keepalived state: restarted 07070100000071000081A40000000000000000000000016000787300000335000000000000000000000000000000000000005F00000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/network_interface/tasks/keepalived-reload.yml# # (c) Copyright 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- - name: network_interface | keepalived-reload | Reload keepalived on network restart become: yes service: name: keepalived state: reloaded when: network_restarted 07070100000072000081A40000000000000000000000016000787300000374000000000000000000000000000000000000005200000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/network_interface/tasks/main.yml# # (c) Copyright 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- - name: network_interface | main | Set os-specific variables include_vars: "{{ ansible_os_family | lower }}.yml" - name: network_interface | main | Set os-specific dpdk variables include_vars: "{{ ansible_os_family | lower }}_dpdk.yml" 07070100000073000081A4000000000000000000000001600078730000035D000000000000000000000000000000000000006700000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/network_interface/tasks/neutron-ovs-agent-restart.yml# # (c) Copyright 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- - name: network_interface | neutron-ovs-agent-restart | Restart neutron-openvswitch-agent on network restart become: yes service: name: neutron-openvswitch-agent state: restarted when: network_restarted 07070100000074000081A400000000000000000000000160007873000007E4000000000000000000000000000000000000006800000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/network_interface/tasks/update_mlx4_raw_udev_rules.yml# # (c) Copyright 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # # Updates the udev rules for mellanox cards on Ardana upgrade --- - name: network_interface | configure | Kernel version check. shell: uname -r register: udev_mlx4_kernel_ver_result - name: network_interface | configure | check for a mellanox card shell: lsmod | grep mlx4_en ignore_errors: yes register: udev_mlx4_card_present_result when: udev_mlx4_kernel_ver_result is defined and udev_mlx4_kernel_ver_result[0] != 4 - name: network_interface | configure | check if 90-ardana-nic-mapping.rules exists stat: path: /etc/udev/rules.d/90-ardana-nic-mapping.rules register: udev_mlx4_ardana_file_result when: udev_mlx4_card_present_result is defined and udev_mlx4_card_present_result.rc == 0 - name: network_interface | configure | check if 70-persistent-net.rules exists stat: path: /etc/udev/rules.d/70-persistent-net.rules register: udev_mlx4_default_rules_file_result when: udev_mlx4_ardana_file_result is defined and udev_mlx4_ardana_file_result.stat.exists == False - name: network_interface | configure | create new rules become: yes update_mlx4_udev_rules: inFile: "/etc/udev/rules.d/70-persistent-net.rules" outFile: "/etc/udev/rules.d/80-openstack-preserve_eth_names.rules" when: udev_mlx4_default_rules_file_result is defined and udev_mlx4_default_rules_file_result.stat.exists == True 07070100000075000041ED0000000000000000000000026000787300000000000000000000000000000000000000000000004D00000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/network_interface/templates07070100000076000081A4000000000000000000000001600078730000052D000000000000000000000000000000000000005C00000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/network_interface/templates/bond_Debian.j2{# # # (c) Copyright 2015, 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # #} {{ interface_file_marker }} auto {{ item.device }} {% include 'if_ipinfo_Debian.j2' %} {% if item.bond_miimon is defined %} bond-miimon {{ item.bond_miimon|default(100) }} {% endif %} {% if item.bond_mode is defined %} bond-mode {{ item.bond_mode }} {% endif %} bond-slaves none {% if item.bond_options is defined %} {% for key, value in item.bond_options.iteritems() %} bond-{{ key }} {{ value }} {% endfor %} {% endif %} {% if item.ovs_bridge is defined %} up ip link set {{ item.device }} up || true {% endif %} {% if item.mtu is defined %} post-up ip link set dev {{ item.device }} mtu {{ item.mtu }} || true {% endif %} {% include 'if_routes_Debian.j2' %} 07070100000077000081A4000000000000000000000001600078730000046F000000000000000000000000000000000000005C00000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/network_interface/templates/bond_RedHat.j2{# # # (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # #} {{ interface_file_marker }} TYPE=Bond {% include 'if_ipinfo_RedHat.j2' %} {% if disable_lro is defined and disable_lro %} ETHTOOL_OPTS="lro off" {% endif %} {% if item.mtu is defined %} MTU={{ item.mtu }} {% endif %} BONDING_OPTS=" {%- if item.bond_mode is defined %} mode={{ item.bond_mode }} {%- endif %} {%- if item.bond_primary is defined %} primary={{ item.bond_primary }} {%- endif %} {%- for key, value in item.bond_options.iteritems() %} {{ key }}={{ value }} {%- endfor %}" 07070100000078000081ED0000000000000000000000016000787300000535000000000000000000000000000000000000005A00000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/network_interface/templates/bond_Suse.j2{# # # (c) Copyright 2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # #} {{ interface_file_marker }} BONDING_MASTER='yes' {% include 'if_ipinfo_Suse.j2' %} BONDING_MODULE_OPTS=" {%- if item.bond_mode is defined %} mode={{ item.bond_mode }} {%- endif %} {%- if item.bond_miimon is defined %} miimon={{ item.bond_miimon }} {%- endif %} {%- if item.bond_primary is defined %} primary={{ item.bond_primary }} {%- endif %} {%- for key, value in item.bond_options.iteritems() %} {{ key }}={{ value }} {%- endfor %}" {% for slave in item.bond_slaves %} BONDING_SLAVE{{ loop.index - 1 }}='{{ slave }}' {% endfor %} {% if item.mtu is defined %} MTU={{ item.mtu }} {% endif %} {% if disable_lro is defined and disable_lro %} ETHTOOL_OPTIONS='lro off' {% endif %} 07070100000079000081A400000000000000000000000160007873000003AA000000000000000000000000000000000000006100000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/network_interface/templates/bond_Suse_script.j2{# # # (c) Copyright 2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # #} {% include 'ifscript_header_Suse.j2' %} {% if item.ovs_bridge is defined %} $PRE_UP || ip link set {{ item.device }} up || true {% endif %} {% if item.mtu is defined %} $POST_UP || ip link set dev {{ item.device }} mtu {{ item.mtu }} || true {% endif %} {% include 'if_routes_Suse.j2' %} 0707010000007A000081A40000000000000000000000016000787300000431000000000000000000000000000000000000006200000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/network_interface/templates/bond_slave_Debian.j2{# # # (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # #} {{ interface_file_marker }} auto {{ item.1 }} iface {{ item.1 }} inet manual bond-master {{ item.0.device }} {% if item.0.bond_primary is defined and item.1 == item.0.bond_primary %} bond-primary {{ item.1 }} {% endif %} {% if disable_lro is defined and disable_lro %} pre-up ethtool -K {{ item.1 }} lro off || true {% endif %} pre-up ip addr flush dev {{ item.1 }} || true up ip link set {{ item.1 }} up || true 0707010000007B000081A40000000000000000000000016000787300000376000000000000000000000000000000000000006200000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/network_interface/templates/bond_slave_RedHat.j2{# # # (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # #} {{ interface_file_marker }} TYPE=Ethernet DEVICE={{ item.1 }} BOOTPROTO=none ONBOOT=yes NM_CONTROLLED=no USERCTL=no MASTER={{ item.0.device }} SLAVE=yes {% if disable_lro is defined and disable_lro %} ETHTOOL_OPTS="lro off" {% endif %} 0707010000007C000081ED0000000000000000000000016000787300000444000000000000000000000000000000000000006000000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/network_interface/templates/bond_slave_Suse.j2{# # # (c) Copyright 2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # #} {{ interface_file_marker }} BOOTPROTO=none STARTMODE=hotplug BROADCAST='' NM_CONTROLLED=no USERCTL=no {% if disable_lro is defined and disable_lro %} ETHTOOL_OPTIONS="lro off" {% endif %} PRE_UP_SCRIPT='wicked:{{ net_path }}/ifscript-{{ item.1 }}.sh' POST_UP_SCRIPT='wicked:{{ net_path }}/ifscript-{{ item.1 }}.sh' PRE_DOWN_SCRIPT='wicked:{{ net_path }}/ifscript-{{ item.1 }}.sh' POST_DOWN_SCRIPT='wicked:{{ net_path }}/ifscript-{{ item.1 }}.sh' 0707010000007D000081A40000000000000000000000016000787300000384000000000000000000000000000000000000006700000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/network_interface/templates/bond_slave_Suse_script.j2{# # # (c) Copyright 2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # #} {% include 'ifscript_header_Suse.j2' %} {% if disable_lro is defined and disable_lro %} $PRE_UP || ethtool -K {{ item.1 }} lro off || true {% endif %} $PRE_UP || ip addr flush dev {{ item.1 }} || true $POST_UP || ip link set {{ item.1 }} up || true 0707010000007E000081A40000000000000000000000016000787300000010000000000000000000000000000000000000005D00000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/network_interface/templates/bonding.conf.j2options bonding 0707010000007F000081A40000000000000000000000016000787300000B94000000000000000000000000000000000000005E00000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/network_interface/templates/bridge_Debian.j2{# # # (c) Copyright 2015, 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # #} {{ interface_file_marker }} {% if item.bootproto == 'manual' %} auto {{ item.device }} iface {{ item.device }} inet manual {% if item.ports is defined %} bridge_ports {{ item.ports|join(' ') }} {% endif %} {% if item.stp is defined %} bridge_stp {{ item.stp }} {% endif %} {% endif %} {% if item.bootproto == 'static' %} auto {{ item.device }} iface {{ item.device }} inet static {% if item.address is defined %} address {{ item.address }} {% endif %} {% if item.netmask is defined %} netmask {{ item.netmask }} {% endif %} {% if item.ports is defined %} bridge_ports {{ item.ports|join(' ') }} {% endif %} {% if item.stp is defined %} bridge_stp {{ item.stp }} {% endif %} {% endif %} {% if item.bootproto == 'dhcp' %} auto {{ item.device }} iface {{ item.device }} inet dhcp {% if item.ports is defined %} bridge_ports {{ item.port }} {% endif %} {% if item.stp is defined %} bridge_stp {{ item.stp }} {% endif %} {% endif %} {% if item.mtu is defined %} post-up ip link set dev {{ item.device }} mtu {{ item.mtu }} || true {% endif %} {% if item.route is defined %} {% for i in item.route %} up route add -net {{ i.network }} netmask {{ i.netmask }} gw {{ i.gateway }} dev {{ item.device }} || true down route delete -net {{ i.network }} netmask {{ i.netmask }} gw {{ i.gateway }} dev {{ item.device }} || true {% endfor %} {% endif %} {% if item.routing_table is defined %} {% if item.address is defined %} {% if item.gateway is defined %} up ip route add default via {{ item.gateway }} table {{ item.routing_table }} || true down ip route delete default via {{ item.gateway }} table {{ item.routing_table }} || true {% if item.cidr is defined %} up ip route add {{ item.cidr }} dev {{ item.device }} table {{ item.routing_table }} || true down ip route delete {{ item.cidr }} dev {{ item.device }} table {{ item.routing_table }} || true {% endif %} up ip rule add from {{ item.address }} table {{ item.routing_table }} || true down ip rule delete from {{ item.address }} table {{ item.routing_table }} || true {% if item.vips is defined %} {% for vip in item.vips %} up ip rule add from {{ vip }} table {{ item.routing_table }} || true down ip rule delete from {{ vip }} table {{ item.routing_table }} || true {% endfor %} {% endif %} {% endif %} {% endif %} {% endif %} 07070100000080000081A40000000000000000000000016000787300000579000000000000000000000000000000000000005E00000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/network_interface/templates/bridge_RedHat.j2{# # # (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # #} {{ interface_file_marker }} {% if item.bootproto == 'static' %} DEVICE={{ item.device }} TYPE=Bridge BOOTPROTO=none {% if item.stp is defined %} STP={{ item.stp }} {% endif %} {% if item.address is defined %} IPADDR={{ item.address }} {% endif %} {% if item.onboot is defined %} ONBOOT={{ item.onboot }} {% endif %} {% if item.netmask is defined %} NETMASK={{ item.netmask }} {% endif %} {% if item.gateway is defined %} GATEWAY={{ item.gateway }} {% endif %} {% if item.mtu is defined %} MTU={{ item.mtu }} {% endif %} {% endif %} {% if item.bootproto == 'dhcp' %} DEVICE={{ item.device }} TYPE=bridge BOOTPROTO=dhcp {% if item.stp is defined %} STP={{ item.stp }} {% endif %} {% if item.mtu is defined %} MTU={{ item.mtu }} {% endif %} {% endif %} 07070100000081000081ED0000000000000000000000016000787300000652000000000000000000000000000000000000005C00000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/network_interface/templates/bridge_Suse.j2{# # # (c) Copyright 2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # #} {{ interface_file_marker }} {% if item.bootproto == 'static' %} BRIDGE_PORTS={{ item.device }} BRIDGE=yes BOOTPROTO=none {% if item.stp is defined %} STP={{ item.stp }} {% endif %} {% if item.address is defined %} IPADDR={{ item.address }} {% endif %} {% if item.netmask is defined %} PREFIXLEN={{ item.netmask }} {% endif %} {% if item.gateway is defined %} GATEWAY={{ item.gateway }} {% endif %} {% if item.mtu is defined %} MTU={{ item.mtu }} {% endif %} {% endif %} {% if item.bootproto == 'dhcp' %} BRIDGE_PORTS={{ item.device }} BRIDGE=yes BOOTPROTO=dhcp {% if item.stp is defined %} STP={{ item.stp }} {% endif %} {% if item.mtu is defined %} MTU={{ item.mtu }} {% endif %} {% endif %} PRE_UP_SCRIPT='wicked:{{ net_path }}/ifscript-{{ item.device }}.sh' POST_UP_SCRIPT='wicked:{{ net_path }}/ifscript-{{ item.device }}.sh' PRE_DOWN_SCRIPT='wicked:{{ net_path }}/ifscript-{{ item.device }}.sh' POST_DOWN_SCRIPT='wicked:{{ net_path }}/ifscript-{{ item.device }}.sh' 07070100000082000081A4000000000000000000000001600078730000085E000000000000000000000000000000000000006300000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/network_interface/templates/bridge_Suse_script.j2{# # # (c) Copyright 2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # #} {% include 'ifscript_header_Suse.j2' %} {% if item.mtu is defined %} $POST_UP || ip link set dev {{ item.device }} mtu {{ item.mtu }} || true {% endif %} {% if item.route is defined %} {% for i in item.route %} $POST_UP || route add -net {{ i.network }} netmask {{ i.netmask }} gw {{ i.gateway }} dev {{ item.device }} || true $PRE_DOWN || route delete -net {{ i.network }} netmask {{ i.netmask }} gw {{ i.gateway }} dev {{ item.device }} || true {% endfor %} {% endif %} {% if item.routing_table is defined %} {% if item.address is defined %} {% if item.gateway is defined %} $POST_UP || ip route add default via {{ item.gateway }} table {{ item.routing_table }} || true $PRE_DOWN || ip route delete default via {{ item.gateway }} table {{ item.routing_table }} || true {% if item.cidr is defined %} $POST_UP || ip route add {{ item.cidr }} dev {{ item.device }} table {{ item.routing_table }} || true $PRE_DOWN || ip route delete {{ item.cidr }} dev {{ item.device }} table {{ item.routing_table }} || true {% endif %} $POST_UP || ip rule add from {{ item.address }} table {{ item.routing_table }} || true $PRE_DOWN || ip rule delete from {{ item.address }} table {{ item.routing_table }} || true {% if item.vips is defined %} {% for vip in item.vips %} $POST_UP || ip rule add from {{ vip }} table {{ item.routing_table }} || true $PRE_DOWN || ip rule delete from {{ vip }} table {{ item.routing_table }} || true {% endfor %} {% endif %} {% endif %} {% endif %} {% endif %} 07070100000083000081A400000000000000000000000160007873000002A8000000000000000000000000000000000000006300000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/network_interface/templates/dpdk_bindings.conf.j2{# # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # #} {{ interface_file_marker }} [Service] ExecStartPre=/usr/share/openvswitch/scripts/ovs-dpdk-bindings 07070100000084000081A400000000000000000000000160007873000002B5000000000000000000000000000000000000005E00000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/network_interface/templates/dpdk_bindings.j2{# # # (c) Copyright 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # #} {{ interface_file_marker }} {{ dpdk_bindings }} 07070100000085000081A4000000000000000000000001600078730000047E000000000000000000000000000000000000006000000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/network_interface/templates/ethernet_Debian.j2{# # # (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # #} {{ interface_file_marker }} auto {{ item.device }} {% include 'if_ipinfo_Debian.j2' %} {% if disable_lro is defined and disable_lro %} pre-up ethtool -K {{ item.device }} lro off || true {% endif %} {% if item.ovs_bridge is defined or item.pci_pt is defined or item.sriov_only is defined %} up ip link set {{ item.device }} up || true {% endif %} {% if item.mtu is defined %} post-up ip link set dev {{ item.device }} mtu {{ item.mtu }} || true {% endif %} {% include 'if_routes_Debian.j2' %} 07070100000086000081A40000000000000000000000016000787300000367000000000000000000000000000000000000006000000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/network_interface/templates/ethernet_RedHat.j2{# # # (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # #} {{ interface_file_marker }} TYPE=Ethernet {% include 'if_ipinfo_RedHat.j2' %} {% if disable_lro is defined and disable_lro %} ETHTOOL_OPTS="lro off" {% endif %} {% if item.mtu is defined %} MTU={{ item.mtu }} {% endif %} 07070100000087000081A40000000000000000000000016000787300000355000000000000000000000000000000000000005E00000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/network_interface/templates/ethernet_Suse.j2{# # # (c) Copyright 2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # #} {{ interface_file_marker }} {% include 'if_ipinfo_Suse.j2' %} {% if disable_lro is defined and disable_lro %} ETHTOOL_OPTIONS="lro off" {% endif %} {% if item.mtu is defined %} MTU={{ item.mtu }} {% endif %} 07070100000088000081A40000000000000000000000016000787300000459000000000000000000000000000000000000006500000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/network_interface/templates/ethernet_Suse_script.j2{# # # (c) Copyright 2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # #} {% include 'ifscript_header_Suse.j2' %} {% if disable_lro is defined and disable_lro %} $PRE_UP || ethtool -K {{ item.device }} lro off || true {% endif %} {% if item.ovs_bridge is defined or item.pci_pt is defined or item.sriov_only is defined %} $POST_UP || ip link set {{ item.device }} up || true {% endif %} {% if item.mtu is defined %} $POST_UP || ip link set dev {{ item.device }} mtu {{ item.mtu }} || true {% endif %} {% include 'if_routes_Suse.j2' %} 07070100000089000081A40000000000000000000000016000787300000493000000000000000000000000000000000000006100000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/network_interface/templates/if_ipinfo_Debian.j2{# # # (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # #} {% set family %}{% if item.family is defined and item.family == 'IPv6' %}6{% else %}{% endif %} {% endset %} {% if item.bootproto == 'manual' %} iface {{ item.device }} inet{{ family }} manual {% elif item.bootproto == 'static' %} iface {{ item.device }} inet{{ family }} static {% if item.address is defined %} address {{ item.address }} {% endif %} {% if item.netmask is defined %} netmask {{ item.netmask }} {% endif %} {% elif item.bootproto == 'dhcp' %} iface {{ item.device }} inet{{ family }} dhcp {% endif %} 0707010000008A000081A4000000000000000000000001600078730000048A000000000000000000000000000000000000006100000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/network_interface/templates/if_ipinfo_RedHat.j2{# # # (c) Copyright 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # #} {% set ip_family %}{% if item.family is defined and item.family == 'IPv6' %}V6{% else %}{% endif %} {% endset %} DEVICE={{ item.device }} {% if item.bootproto == 'manual' %} BOOTPROTO=none {% elif item.bootproto == 'static' %} BOOTPROTO=none {% if item.address is defined %} IP{{ ip_family }}ADDR={{ item.address }} {% endif %} {% if item.netmask is defined %} PREFIX={{ item.netmask }} {% endif %} {% elif item.bootproto == 'dhcp' %} BOOTPROTO=dhcp {% endif %} ONBOOT=yes NM_CONTROLLED=no USERCTL=no NOZEROCONF=yes 0707010000008B000081A40000000000000000000000016000787300000565000000000000000000000000000000000000005F00000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/network_interface/templates/if_ipinfo_Suse.j2{# # # (c) Copyright 2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # #} {% set ip_family %}{% if item.family is defined and item.family == 'IPv6' %}V6{% else %}{% endif %} {% endset %} {% if item.bootproto == 'manual' %} BOOTPROTO=none {% elif item.bootproto == 'static' %} BOOTPROTO=static {% if item.address is defined %} IP{{ ip_family }}ADDR={{ item.address }} {% endif %} {% if item.netmask is defined %} PREFIXLEN={{ item.netmask }} {% endif %} {% elif item.bootproto == 'dhcp' %} BOOTPROTO=dhcp {% endif %} STARTMODE=auto PRE_UP_SCRIPT='wicked:{{ net_path }}/ifscript-{{ item.device }}.sh' POST_UP_SCRIPT='wicked:{{ net_path }}/ifscript-{{ item.device }}.sh' PRE_DOWN_SCRIPT='wicked:{{ net_path }}/ifscript-{{ item.device }}.sh' POST_DOWN_SCRIPT='wicked:{{ net_path }}/ifscript-{{ item.device }}.sh' 0707010000008C000081A400000000000000000000000160007873000009A7000000000000000000000000000000000000006100000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/network_interface/templates/if_routes_Debian.j2{# # # (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # #} {% set family %}{% if item.family is defined and item.family == 'IPv6' %}6{% else %}{% endif %} {% endset %} {% set ip_family %} {% if family == '6' %} -f inet6{% else %}{% endif %} {% endset %} {% set route_family %} {% if family == '6' %} --inet6{% else %}{% endif %} {% endset %} {% if item.route is defined %} {% for i in item.route %} {% if i.netmask == '0.0.0.0' or i.netmask == '::/0' %} pre-up ip{{ ip_family }} route delete default || true {% endif %} up route{{ route_family }} add -net {{ i.network }} netmask {{ i.netmask }} gw {{ i.gateway }} dev {{ item.device }} || true down route{{ route_family }} delete -net {{ i.network }} netmask {{ i.netmask }} gw {{ i.gateway }} dev {{ item.device }} || true {% endfor %} {% endif %} {% if item.routing_table is defined %} {% if item.address is defined %} {% if item.gateway is defined %} up ip{{ ip_family }} route add default via {{ item.gateway }} table {{ item.routing_table }} || true down ip{{ ip_family }} route delete default via {{ item.gateway }} table {{ item.routing_table }} || true {% if item.cidr is defined %} up ip{{ ip_family }} route add {{ item.cidr }} dev {{ item.device }} table {{ item.routing_table }} || true down ip{{ ip_family }} route delete {{ item.cidr }} dev {{ item.device }} table {{ item.routing_table }} || true {% endif %} up ip{{ ip_family }} rule add from {{ item.address }} table {{ item.routing_table }} || true down ip{{ ip_family }} rule delete from {{ item.address }} table {{ item.routing_table }} || true {% if item.vips is defined %} {% for vip in item.vips %} up ip{{ ip_family }} rule add from {{ vip }} table {{ item.routing_table }} || true down ip{{ ip_family }} rule delete from {{ vip }} table {{ item.routing_table }} || true {% endfor %} {% endif %} {% endif %} {% endif %} {% endif %} 0707010000008D000081A400000000000000000000000160007873000009FB000000000000000000000000000000000000005F00000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/network_interface/templates/if_routes_Suse.j2{# # # (c) Copyright 2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # #} {% set family %}{% if item.family is defined and item.family == 'IPv6' %}6{% else %}{% endif %} {% endset %} {% set ip_family %} {% if family == '6' %} -f inet6{% else %}{% endif %} {% endset %} {% set route_family %} {% if family == '6' %} --inet6{% else %}{% endif %} {% endset %} {% if item.route is defined %} {% for i in item.route %} {% if i.netmask == '0.0.0.0' or i.netmask == '::/0' %} $PRE_UP || ip{{ ip_family }} route delete default || true {% endif %} $POST_UP || route{{ route_family }} add -net {{ i.network }} netmask {{ i.netmask }} gw {{ i.gateway }} dev {{ item.device }} || true $PRE_DOWN || route{{ route_family }} delete -net {{ i.network }} netmask {{ i.netmask }} gw {{ i.gateway }} dev {{ item.device }} || true {% endfor %} {% endif %} {% if item.routing_table is defined %} {% if item.address is defined %} {% if item.gateway is defined %} $POST_UP || ip{{ ip_family }} route add default via {{ item.gateway }} table {{ item.routing_table }} || true $PRE_DOWN || ip{{ ip_family }} route delete default via {{ item.gateway }} table {{ item.routing_table }} || true {% if item.cidr is defined %} $POST_UP || ip{{ ip_family }} route add {{ item.cidr }} dev {{ item.device }} table {{ item.routing_table }} || true $PRE_DOWN || ip{{ ip_family }} route delete {{ item.cidr }} dev {{ item.device }} table {{ item.routing_table }} || true {% endif %} $POST_UP || ip{{ ip_family }} rule add from {{ item.address }} table {{ item.routing_table }} || true $PRE_DOWN || ip{{ ip_family }} rule delete from {{ item.address }} table {{ item.routing_table }} || true {% if item.vips is defined %} {% for vip in item.vips %} $POST_UP || ip{{ ip_family }} rule add from {{ vip }} table {{ item.routing_table }} || true $PRE_DOWN || ip{{ ip_family }} rule delete from {{ vip }} table {{ item.routing_table }} || true {% endfor %} {% endif %} {% endif %} {% endif %} {% endif %} 0707010000008E000081A40000000000000000000000016000787300000401000000000000000000000000000000000000006500000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/network_interface/templates/ifscript_header_Suse.j2{# # # (c) Copyright 2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # #} #!/bin/bash {{ interface_file_marker }} PARAM_ACTION=$1 PARAM_INTERFACE=$2 PRE_UP=true POST_UP=true PRE_DOWN=true POST_DOWN=true if [ "$PARAM_ACTION" == "pre-up" ]; then PRE_UP=false fi if [ "$PARAM_ACTION" == "post-up" ]; then POST_UP=false fi if [ "$PARAM_ACTION" == "pre-down" ]; then PRE_DOWN=false fi if [ "$PARAM_ACTION" == "post-down" ]; then POST_DOWN=false fi 0707010000008F000081A40000000000000000000000016000787300000385000000000000000000000000000000000000005C00000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/network_interface/templates/libvirt_mtu.j2{# # # (c) Copyright 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # #} {{ interface_file_marker }} # # systemd-udev rule to configure the maximum MTU required for libvirt network # ports providing network access to auto-booted VMs. # SUBSYSTEM=="net", ACTION=="add", KERNEL=="vnet[0-9]*", ATTR{mtu}="{{ passthrough_max_mtu }}" 07070100000090000081A400000000000000000000000160007873000007D6000000000000000000000000000000000000005C00000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/network_interface/templates/nic_mapping.j2{# # # (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017-2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # #} {{ interface_file_marker }} # # systemd-udev rules to map physical PCI devices to virtual NIC names. # This is used to hard-wire a NIC name to a PCI address so that the name # doesn't change across reboots and so that it is predictable. Defined in # the CP input model as nic_mappings[]. # {% for nic in nic_mappings %} {% if nic.logical_name is defined %} {% set run_directive = [] %} {% for interface in sriov_interfaces %} {% if nic.logical_name == interface.device %} {% if run_directive.append(', RUN+="/etc/udev/ardana_udev_run.sh"') %}{% endif %} {% endif %} {% endfor %} {% if nic.type == "multi-port" %} {% set port_num = nic.port_attributes['port_num'] %} #Backward compatiblity for 3 series and 4 series mlx drivers SUBSYSTEM=="net", ACTION=="add", DEVPATH=="*/{{nic.bus_address}}/*", ATTR{dev_id}=="0x0", ATTR{dev_port}=="{{port_num}}", NAME="{{nic.logical_name}}"{{run_directive[0]|default('')}} {% elif nic.type == "simple-port" %} SUBSYSTEM=="net", ACTION=="add", DEVPATH=="*/{{nic.bus_address}}/*", NAME="{{nic.logical_name}}"{{run_directive[0]|default('')}} {% else %} SUBSYSTEM=="net", ACTION=="add", DEVPATH=="*/{{nic.bus_address}}/*", NAME="{{nic.logical_name}}"{{run_directive[0]|default('')}} {% endif %} {% else %} SUBSYSTEM=="net", ACTION=="add", DEVPATH=="*/{{nic_mappings[nic]}}/*", NAME="{{nic}}" {% endif %} {% endfor %} 07070100000091000081A40000000000000000000000016000787300000310000000000000000000000000000000000000005C00000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/network_interface/templates/openvswitch.j2{# # # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # #} {{ interface_file_marker }} [Service] Environment="DPDK_OPTIONS=-c {{ dpdk_core_mask }} {{ dpdk_eal_opts }}" Environment="OVS_VSWITCHD_GROUP={{ libvirt_qemu_user }}" Environment="OVS_VSWITCHD_UMASK=002"07070100000092000081A4000000000000000000000001600078730000001E000000000000000000000000000000000000007100000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/network_interface/templates/openvswitch.service-wickedd.conf.j2[Unit] Before=wickedd.service 07070100000093000081A400000000000000000000000160007873000002B0000000000000000000000000000000000000006200000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/network_interface/templates/ovs-dpdk-bindings.j2{# # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # #} #! /bin/sh {{ interface_file_marker }} {{ dpdk_commands_to_load_drivers }} {{ dpdk_commands_to_bind_nics }} 07070100000094000081A40000000000000000000000016000787300000F2D000000000000000000000000000000000000006200000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/network_interface/templates/ovs_bridge_Debian.j2{# # # (c) Copyright 2015, 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # #} {{ interface_file_marker }} allow-ovs {{ item.device }} {% include 'if_ipinfo_Debian.j2' %} pre-up ovs-vsctl --timeout=5 -- --may-exist add-br {{ item.device }} \ {% if item.hwaddr is defined %} -- set bridge {{ item.device }} other-config:hwaddr={{ item.hwaddr }} \ {% endif %} -- set bridge {{ item.device }} datapath_type={{ item.datapath_type }} || true {% if item.bond_mode is defined %} pre-up ovs-vsctl --timeout=5 -- --may-exist add-bond {{ item.device }} {{ item.port }} {%- for slave in item.bond_slaves %} {{ slave }} {%- endfor %} bond_mode={{ item.bond_mode }} {%- if item.bond_options is defined %} {%- for key, value in item.bond_options.iteritems() %} {%- if key == "lacp" or key == "bond_updelay" or key == "bond_downdelay" %} {{ key }}={{ value }} {%- else %} other-config:{{ key }}={{ value }} {%- endif %} {%- endfor %} {%- endif %} {%- if item.dpdk_port is defined %} {%- for slave in item.bond_slaves %} -- set Interface {{ slave }} type=dpdk {%- endfor %} {%- endif %} -- || true {% if item.dpdk_port is not defined %} {% for slave in item.bond_slaves %} pre-up ip link set {{ slave }} up {%- if item.interface_mtu is defined %} mtu {{ item.interface_mtu }} {%- endif %} || true down ip link set {{ slave }} down || true {% endfor %} {%- endif %} down ovs-vsctl --timeout=5 -- --if-exists del-port {{ item.device }} {{ item.port }} -- || true {% elif item.vlanid is defined %} pre-up ovs-vsctl --timeout=5 -- --may-exist add-br {{ item.port }} || true pre-up ovs-vsctl --timeout=5 -- --may-exist add-port {{ item.device }} u-{{ item.port }}-{{ item.vlanid }} \ -- set interface u-{{ item.port }}-{{ item.vlanid }} type=patch options:peer=l-{{ item.port }}-{{ item.vlanid }} \ -- --may-exist add-port {{ item.port }} l-{{ item.port }}-{{ item.vlanid }} tag={{ item.vlanid }} \ -- set interface l-{{ item.port }}-{{ item.vlanid }} type=patch options:peer=u-{{ item.port }}-{{ item.vlanid }} || true down ovs-vsctl --timeout=5 -- --if-exists del-port {{ item.port }} l-{{ item.port }}-{{ item.vlanid }} \ -- --if-exists del-port {{ item.device }} u-{{ item.port }}-{{ item.vlanid }} || true {% else %} {% if item.port is defined %} pre-up ip addr flush dev {{ item.port }} || true {% if item.dpdk_port is defined %} pre-up ovs-vsctl --timeout=5 -- --may-exist add-port {{ item.device }} {{ item.port }} -- set Interface {{ item.port }} type=dpdk -- || true {% else %} pre-up ovs-vsctl --timeout=5 -- --may-exist add-port {{ item.device }} {{ item.port }} -- || true {% if item.force_interface_mtu is defined and item.interface_mtu is defined %} post-up ip link set dev {{ item.port }} mtu {{ item.interface_mtu }} || true {% endif %} {% endif %} pre-up ifconfig {{ item.port }} up || true down ovs-vsctl --timeout=5 -- --if-exists del-port {{ item.device }} {{ item.port }} -- || true {% endif %} {% endif %} {% if item.mtu is defined %} post-up ip link set dev {{ item.device }} mtu {{ item.mtu }} || true {% endif %} {% include 'if_routes_Debian.j2' %} 07070100000095000081A40000000000000000000000016000787300000377000000000000000000000000000000000000006000000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/network_interface/templates/ovs_bridge_Suse.j2{# # # (c) Copyright 2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017-2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # #} {{ interface_file_marker }} OVS_BRIDGE='yes' {% if item.dpdk_port is not defined and item.bond_mode is not defined -%} OVS_BRIDGE_PORT_DEVICE='{{ item.port }}' {%- endif %} {% include 'if_ipinfo_Suse.j2' %} ETHTOOL_OPTIONS='lro off' 07070100000096000081A40000000000000000000000016000787300001133000000000000000000000000000000000000006700000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/network_interface/templates/ovs_bridge_Suse_script.j2{# # # (c) Copyright 2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017-2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # #} {% include 'ifscript_header_Suse.j2' %} {# ADD NORMAL FLOW TO PREVENT UNINTENDED DISCONNECTION FROM NETWORK #} $POST_UP || ovs-ofctl add-flow {{ item.device }} priority=0,actions=normal || true {% for vlan_interface in network_vlan_interfaces if vlan_interface.ovs_bridge is defined and vlan_interface.ovs_bridge == item.device %} $POST_UP || VLANID_HEX=`printf '%04x' {{ vlan_interface.vlanid }}` {# assuming the lower 48-bit is the mac address #} $POST_UP || LOWERCASE_MAC=`ovs-vsctl get Bridge {{ item.device }} datapath-id` $POST_UP || LOWERCASE_MAC=${LOWERCASE_MAC:5:12} $POST_UP || DATAPATH_ID="${VLANID_HEX}${LOWERCASE_MAC}" $POST_UP || ovs-vsctl set Bridge {{ item.device }} other-config:datapath-id=$DATAPATH_ID {% endfor %} {# FOR DPDK BRIDGES WE NEED TO SET DATAPATH TYPE ON START, AND DELETE PORT AND BRIDGE ON EXIT #} {% if item.dpdk_port is defined -%} $POST_UP || ovs-vsctl --timeout=5 set bridge {{ item.device }} datapath_type=netdev || true $PRE_DOWN || ovs-vsctl --timeout=5 set bridge {{ item.device }} datapath_type=system || true $PRE_DOWN || ovs-vsctl --timeout=5 -- --if-exists del-port {{ item.device }} {{ item.port }} -- || true $PRE_DOWN || ovs-vsctl --timeout=5 -- --if-exists del-br {{ item.device }} -- || true {% endif %} {# DEFINE HARDWARE ADDRESS FOR THE BRIDGE #} {%- if item.hwaddr is defined %} $POST_UP || ovs-vsctl --timeout=5 set bridge {{ item.device }} other-config:hwaddr={{ item.hwaddr }} || true {% endif %} {# CONNECT PORT #} {# IF PORT IS DEFINED IN THE IFCFG- FILE AND NO DPDK, WE DON"T HAVE TO DO ANYTHING. WICKED PLUGS IT IN #} {# IF BRIDGE USES OVS BONDS WE CONFIGURE IT AS THE PORT USING OVSCTL #} {% if item.bond_mode is defined %} $POST_UP || ovs-vsctl --timeout=5 --may-exist add-bond {{ item.device }} {{ item.port }} {%- for slave in item.bond_slaves %} {{ slave }} {% endfor -%} bond_mode={{ item.bond_mode }} {%- if item.bond_options is defined %} {%- for key, value in item.bond_options.iteritems() %} {%- if key == "lacp" or key == "bond_updelay" or key == "bond_downdelay" %} {{ key }}={{ value }} {%- else %} other-config:{{ key }}={{ value }} {%- endif %} {%- endfor %} {%- endif %} || true {# IF BRIDGE USES OVS DPDK BONDS WE HAVE SOME EXTRA CONFIGURATION #} {% if item.dpdk_port is defined %} {% for slave in item.bond_slaves %} $POST_UP || ovs-vsctl --timeout=5 set Interface {{ slave }} type=dpdk options:dpdk-devargs={{ slave | pci_hw_address(nic_mappings) }} || true {% endfor %} {% endif %} {# IF BRIDGE IS NOT DPDK BUT USES OVS BONDS, WE NEED TO SET MTUS OF SLAVES. #} {% if item.dpdk_port is defined %} {%- for slave in item.bond_slaves %} {% if item.interface_mtu is defined %} $POST_UP || ip link set {{ slave }} mtu {{ item.interface_mtu }} || true {% endif %} {% endfor -%} {% endif %} {% else %} {# NO OVS BONDS. BRIDGE USES DIRECT INTERFACES #} {# DPDK REQUIRED PORT TO BE ADDED USING OVSVSCTL #} {%- if item.dpdk_port is defined %} $POST_UP || ovs-vsctl --timeout=5 -- --may-exist add-port {{ item.device }} {{ item.port }} -- set Interface {{ item.port }} type=dpdk options:dpdk-devargs={{ item.port | pci_hw_address(nic_mappings) }} -- || true {# REMOVE ANY CONFIGURATION LEFT BEHIND FOR PORT #} $POST_UP || rm /etc/sysconfig/network/ifcfg-{{ item.port }} || true {% endif %} {# NONE DPDK BRIDGES SHOULD DEFINE THEIR PORTS IN IFCFG FILES #} {% endif %} {# END CONNECT PORT #} {# CONFIGURE MTU IF REQUIRED.#} {%- if item.force_interface_mtu is defined and item.interface_mtu is defined %} $POST_UP || ip link set dev {{ item.port }} mtu {{ item.interface_mtu }} || true {% endif %} {%- if item.mtu is defined %} $POST_UP || ip link set dev {{ item.device }} mtu {{ item.mtu }} || true {% endif %} {% include 'if_routes_Suse.j2' %} 07070100000097000081A4000000000000000000000001600078730000092F000000000000000000000000000000000000006700000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/network_interface/templates/ovs_bridge_down_RedHat.j2{# # # (c) Copyright 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # #} {% set ip_family %}{% if item.family is defined and item.family == 'IPv6' %} -f inet6{% else %}{% endif %} {% endset %} {{ interface_file_marker }} SERVICE_UNIT=/usr/lib/systemd/system/openvswitch-nonetwork.service if [ -f $SERVICE_UNIT ] && [ -x /usr/bin/systemctl ]; then if ! systemctl --quiet is-active openvswitch-nonetwork.service; then systemctl start openvswitch-nonetwork.service fi else if [ ! -f /var/lock/subsys/openvswitch ]; then /sbin/service openvswitch start fi fi {% if item.port is defined %} ovs-vsctl --timeout=5 -- --if-exists del-port {{ item.device }} {{ item.port }} -- {% endif %} {% if item.route is defined %} {% for i in item.route %} ip{{ ip_family }} route delete {{ i.network }}/{{ i.netmask }} via {{ i.gateway }} dev {{ item.device }} {% endfor %} {% endif %} {% if item.routing_table is defined %} {% if item.address is defined %} {% if item.gateway is defined %} ip{{ ip_family }} route delete default via {{ item.gateway }} table {{ item.routing_table }} {% if item.cidr is defined %} ip{{ ip_family }} route delete {{ item.cidr }} dev {{ item.device }} table {{ item.routing_table }} {% endif %} ip{{ ip_family }} rule delete from {{ item.address }} table {{ item.routing_table }} {% if item.vips is defined %} {% for vip in item.vips %} ip{{ ip_family }} rule delete from {{ vip }} table {{ item.routing_table }} {% endfor %} {% endif %} {% endif %} {% endif %} {% endif %} {% if item.bootproto == 'static' and item.address is defined and item.netmask is defined %} ip{{ ip_family }} addr delete {{ item.address }}/{{ item.netmask }} dev {{ item.device }} {% endif %} ip link set {{ item.device }} down 07070100000098000081A40000000000000000000000016000787300000C43000000000000000000000000000000000000006500000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/network_interface/templates/ovs_bridge_up_RedHat.j2{# # # (c) Copyright 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # #} {% set ip_family %}{% if item.family is defined and item.family == 'IPv6' %} -f inet6{% else %}{% endif %} {% endset %} {{ interface_file_marker }} SERVICE_UNIT=/usr/lib/systemd/system/openvswitch-nonetwork.service if [ -f $SERVICE_UNIT ] && [ -x /usr/bin/systemctl ]; then if ! systemctl --quiet is-active openvswitch-nonetwork.service; then systemctl start openvswitch-nonetwork.service fi else if [ ! -f /var/lock/subsys/openvswitch ]; then /sbin/service openvswitch start fi fi {% if item.hwaddr is defined %} ovs-vsctl --timeout=5 -- --may-exist add-br {{ item.device }} -- set bridge {{ item.device }} other-config:hwaddr={{ item.hwaddr }} {% else %} ovs-vsctl --timeout=5 -- --may-exist add-br {{ item.device }} {% endif %} {% if item.bootproto == 'static' and item.address is defined and item.netmask is defined %} ip{{ ip_family }} addr add {{ item.address }}/{{ item.netmask }} dev {{ item.device }} {% endif %} ip link set {{ item.device }} up {% if item.port is defined %} ip{{ ip_family }} addr flush dev {{ item.port }} ovs-vsctl --timeout=5 -- --may-exist add-port {{ item.device }} {{ item.port }} -- ip link set {{ item.port }} up {% if item.mtu is defined %} {% if network_vlan_interfaces is defined %} {% for vlan_iface in network_vlan_interfaces if vlan_iface.device == item.port %} ip link set dev {{ vlan_iface.vlanrawdevice }} mtu {{ vlan_iface.vlanrawdevice_mtu }} ip link set dev {{ vlan_iface.device }} mtu {{ vlan_iface.mtu }} {% endfor %} {% endif %} ip link set dev {{ item.device }} mtu {{ item.mtu }} {% endif %} {% endif %} {% if item.route is defined %} {% for i in item.route %} {% if i.netmask == '0.0.0.0' %} ip{{ ip_family }} route delete default {% endif %} ip{{ ip_family }} route add {{ i.network }}/{{ i.netmask }} via {{ i.gateway }} dev {{ item.device }} {% endfor %} {% endif %} {% if item.routing_table is defined %} {% if item.address is defined %} {% if item.gateway is defined %} ip{{ ip_family }} route add default via {{ item.gateway }} table {{ item.routing_table }} {% if item.cidr is defined %} ip{{ ip_family }} route add {{ item.cidr }} dev {{ item.device }} table {{ item.routing_table }} {% endif %} ip{{ ip_family }} rule add from {{ item.address }} table {{ item.routing_table }} {% if item.vips is defined %} {% for vip in item.vips %} ip{{ ip_family }} rule add from {{ vip }} table {{ item.routing_table }} {% endfor %} {% endif %} {% endif %} {% endif %} {% endif %} 07070100000099000081A40000000000000000000000016000787300001396000000000000000000000000000000000000006900000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/network_interface/templates/ovs_reboot_workaround.sh.j2#!/bin/bash # # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # # ########################################################################## # # Workaround for network connectivity issue at node reboot when mgmt and ovs # bridges are using same port. In that case, ovs would not be able to connect # to rabbitmq (some models have it on controller) hence would not be able to # complete network connectivity. So here normal ovs flow is added, to have that # connectivity at node bootup. # Adding this ovs flow in /etc/sysconfig/network-scripts/ifup-local-{intf} # results in error when network restart is done by playbooks. That's why # adding this flow just for reboot situation by adding in /etc/rc.d/rc.local # # ########################################################################### # Usage: (need to run as root on host where this workaround is needed) # # ./ovs_reboot_workaround.sh # # ########################################################################### # # host (resource) managment ip g_host_mgmt_ip='' # ovs bidge device name g_device_name='' mqhost_route_info() { {% if NEU.consumes_FND_RMQ.members.private[0].ip_address is defined %} mq_hostname='{{ NEU.consumes_FND_RMQ.members.private[0].ip_address }}' {%- endif %} # rabbit host name or ip is required and should be non-empty. if [ -n "$mq_hostname" ] ; then # check rabbitmq host ip if first argument is host name mqhost_ip=$(ping $mq_hostname -c 1 | awk 'NR < 2 {gsub(/[()]/, "", $3); print $3}') if [ $? -eq 0 ]; then # get network device name g_device_name=$(ip route get $mqhost_ip | awk 'NR < 2 {print $3}') if [ $? -eq 0 ]; then # get route-src host mgmt network ip g_host_mgmt_ip=$(ip route get $mqhost_ip | awk 'NR < 2 {print $5}') fi fi fi } # Check is done based on networking data in input model. # First get ovs bridge address and device information from input model # And then compare the address with host mgmt ip to confirm br device name check_via_input_model() { local device_name='' declare -A ovs_br_arr {% for item in ovs_bridge_interfaces -%} {% if host.my_network_tags is defined -%} {%- for network_tag in host.my_network_tags -%} {%- if network_tag.bridge_port is defined and network_tag.bridge_port == item.port -%} {%- if item.address is defined and network_tag.address == item.address%} ovs_br_arr['{{ item.address }}']='{{ item.device }}' {% endif -%} {%- endif -%} {%- endfor -%} {%- endif %} {%- endfor %} for item_key in "${!ovs_br_arr[@]}" do if [ "$g_host_mgmt_ip" = "$item_key" ]; then device_name="${ovs_br_arr[$item_key]}" break; fi done if [ -n "$device_name" ] ; then g_device_name="$device_name" else g_device_name='' fi } # Check if same bridge port is used between ovs and mgmt bridge # If device is not set, then its set the device for that shared bridge port # Check is done using ovs cli commands here check_via_ovs_cli() { local device_found=0 check_ovs_configured=$(ovs-vsctl show) if [ $? -eq 0 ]; then # check if above found network exists in ovs device_found=$(ovs-vsctl list-br | grep $g_device_name) if [ $? -eq 0 ] && [ -n "$device_found" ]; then br_exists=$(ovs-vsctl br-exists $g_device_name) if [ $? -eq 0 ]; then device_found=1 fi fi fi if [ $device_found -eq 0 ] ; then g_device_name='' fi } mqhost_route_info if [ -n $g_device_name ] ; then check_via_input_model if [ -n $g_device_name ] ; then check_via_ovs_cli fi fi # if bridge device name is missing or made blank in previous checks, # skip the workaround as its not needed here. if [ -z "$g_device_name" ] ; then echo "Ovs reboot workaround is not applied as cannot identify bridge device name" exit 0 fi # check if command to add-flow already exists in # startup file executed at node bootup CMD_LINE="ovs-ofctl add-flow $g_device_name priority=0,actions=normal" FILE="/etc/rc.d/rc.local" # file should exists, just create if not there if [ ! -f $FILE ]; then touch $FILE echo "#!/bin/bash" >> "$FILE" fi # check file has execute permission, if not add it if [ ! -x $FILE ]; then chmod +x $FILE fi # append command line in end if not there. grep -qF "$CMD_LINE" "$FILE" || echo "$CMD_LINE" >> "$FILE" echo "Ovs reboot workaround is applied" 0707010000009A000081A400000000000000000000000160007873000003EE000000000000000000000000000000000000005E00000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/network_interface/templates/ovs_vlan_Suse.j2{# # (c) Copyright 2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. #} {{ interface_file_marker }} OVS_BRIDGE='yes' OVS_BRIDGE_PORT_DEVICE={{ item.device }} PRE_UP_SCRIPT='wicked:{{ net_path }}/ifscript-{{ item.device }}.sh' POST_UP_SCRIPT='wicked:{{ net_path }}/ifscript-{{ item.device }}.sh' PRE_DOWN_SCRIPT='wicked:{{ net_path }}/ifscript-{{ item.device }}.sh' POST_DOWN_SCRIPT='wicked:{{ net_path }}/ifscript-{{ item.device }}.sh' 0707010000009B000081A400000000000000000000000160007873000004E2000000000000000000000000000000000000006500000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/network_interface/templates/ovs_vlan_Suse_script.j2{# # (c) Copyright 2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. #} {% include 'ifscript_header_Suse.j2' %} $PRE_UP || ovs-vsctl --timeout=5 -- --may-exist add-br {{ item.vlanrawdevice }} || true $PRE_UP || ovs-vsctl --timeout=5 -- --may-exist add-port {{ item.vlanrawdevice }} {{ item.device }} tag={{ item.vlanid }} \ -- set interface {{ item.device }} type=internal || true $POST_DOWN || ovs-vsctl --timeout=5 -- --if-exists del-port {{ item.vlanrawdevice }} {{ item.device }} || true {% if item.mtu is defined %} $POST_UP || ip link set dev {{ item.device }} mtu {{ item.mtu }} || true {% endif %} {% include 'if_routes_Suse.j2' %} 0707010000009C000081A40000000000000000000000016000787300000503000000000000000000000000000000000000006000000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/network_interface/templates/ovs_vlan_debian.j2{# # (c) Copyright 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. #} {{ interface_file_marker }} allow-ovs {{ item.device }} {% include 'if_ipinfo_Debian.j2' %} pre-up ovs-vsctl --timeout=5 -- --may-exist add-br {{ item.vlanrawdevice }} || true pre-up ovs-vsctl --timeout=5 -- --may-exist add-port {{ item.vlanrawdevice }} {{ item.device }} tag={{ item.vlanid }} \ -- set interface {{ item.device }} type=internal || true down ovs-vsctl --timeout=5 -- --if-exists del-port {{ item.vlanrawdevice }} {{ item.device }} || true {% if item.mtu is defined %} post-up ip link set dev {{ item.device }} mtu {{ item.mtu }} || true {% endif %} {% include 'if_routes_Debian.j2' %} 0707010000009D000081A4000000000000000000000001600078730000047C000000000000000000000000000000000000005D00000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/network_interface/templates/route_RedHat.j2{# # # (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # #} {{ interface_file_marker }} {% if item.route is defined %} {% for i in item.route %} {{ i.network }}/{{ i.netmask }} via {{ i.gateway }} dev {{ item.device }} {% endfor %} {% endif %} {% if item.routing_table is defined %} {% if item.address is defined %} {% if item.gateway is defined %} default via {{ item.gateway }} table {{ item.routing_table }} {% if item.cidr is defined %} {{ item.cidr }} dev {{ item.device }} table {{ item.routing_table }} {% endif %} {% endif %} {% endif %} {% endif %} 0707010000009E000081A4000000000000000000000001600078730000047C000000000000000000000000000000000000005B00000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/network_interface/templates/route_Suse.j2{# # # (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # #} {{ interface_file_marker }} {% if item.route is defined %} {% for i in item.route %} {{ i.network }}/{{ i.netmask }} via {{ i.gateway }} dev {{ item.device }} {% endfor %} {% endif %} {% if item.routing_table is defined %} {% if item.address is defined %} {% if item.gateway is defined %} default via {{ item.gateway }} table {{ item.routing_table }} {% if item.cidr is defined %} {{ item.cidr }} dev {{ item.device }} table {{ item.routing_table }} {% endif %} {% endif %} {% endif %} {% endif %} 0707010000009F000081A400000000000000000000000160007873000003E5000000000000000000000000000000000000005C00000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/network_interface/templates/rule_RedHat.j2{# # # (c) Copyright 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # #} {{ interface_file_marker }} {% if item.routing_table is defined %} {% if item.address is defined %} {% if item.gateway is defined %} from {{ item.address }} table {{ item.routing_table }} {% if item.vips is defined %} {% for vip in item.vips %} from {{ vip }} table {{ item.routing_table }} {% endfor %} {% endif %} {% endif %} {% endif %} {% endif %} 070701000000A0000081A400000000000000000000000160007873000003E5000000000000000000000000000000000000005A00000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/network_interface/templates/rule_Suse.j2{# # # (c) Copyright 2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # #} {{ interface_file_marker }} {% if item.routing_table is defined %} {% if item.address is defined %} {% if item.gateway is defined %} from {{ item.address }} table {{ item.routing_table }} {% if item.vips is defined %} {% for vip in item.vips %} from {{ vip }} table {{ item.routing_table }} {% endfor %} {% endif %} {% endif %} {% endif %} {% endif %} 070701000000A1000081A40000000000000000000000016000787300000507000000000000000000000000000000000000005C00000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/network_interface/templates/vlan_Debian.j2{# # # (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # #} {{ interface_file_marker }} auto {{ item.device }} {% include 'if_ipinfo_Debian.j2' %} {% if item.vlanrawdevice is defined %} vlan-raw-device {{ item.vlanrawdevice }} {% if disable_lro is defined and disable_lro %} pre-up ethtool -K {{ item.vlanrawdevice }} lro off || true {% endif %} {% if item.mtu is defined %} post-up ip link set dev {{ item.vlanrawdevice }} mtu {{ item.vlanrawdevice_mtu }} || true post-up ip link set dev {{ item.device }} mtu {{ item.mtu }} || true {% endif %} {% endif %} {% if item.ovs_bridge is defined %} up ip link set {{ item.device }} up || true {% endif %} {% include 'if_routes_Debian.j2' %} 070701000000A2000081A4000000000000000000000001600078730000036C000000000000000000000000000000000000005C00000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/network_interface/templates/vlan_RedHat.j2{# # # (c) Copyright 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # #} {{ interface_file_marker }} TYPE=Ethernet {% include 'if_ipinfo_RedHat.j2' %} VLAN=yes {% if item.vlanrawdevice is defined %} PHYSDEV={{ item.vlanrawdevice }} {% endif %} {% if item.mtu is defined %} MTU={{ item.mtu }} {% endif %} 070701000000A3000081A40000000000000000000000016000787300000394000000000000000000000000000000000000005A00000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/network_interface/templates/vlan_Suse.j2{# # # (c) Copyright 2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # #} {{ interface_file_marker }} {% include 'if_ipinfo_Suse.j2' %} {% if disable_lro is defined and disable_lro %} ETHTOOL_OPTIONS="lro off" {% endif %} {% if item.mtu is defined %} MTU={{ item.mtu }} {% endif %} ETHERDEVICE={{ item.vlanrawdevice }} VLAN_ID={{ item.vlanid }} 070701000000A4000081A400000000000000000000000160007873000004BB000000000000000000000000000000000000006100000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/network_interface/templates/vlan_Suse_script.j2{# # # (c) Copyright 2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # #} {% include 'ifscript_header_Suse.j2' %} {% if item.vlanrawdevice is defined %} {% if disable_lro is defined and disable_lro %} $PRE_UP || ethtool -K {{ item.vlanrawdevice }} lro off || true {% endif %} {% if item.mtu is defined %} $POST_UP || ip link set dev {{ item.vlanrawdevice }} mtu {{ item.vlanrawdevice_mtu }} || true $POST_UP || ip link set dev {{ item.device }} mtu {{ item.mtu }} || true {% endif %} {% endif %} {% if item.ovs_bridge is defined %} $POST_UP || ip link set {{ item.device }} up || true {% endif %} {% include 'if_routes_Suse.j2' %} 070701000000A5000081A400000000000000000000000160007873000003E4000000000000000000000000000000000000005F00000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/network_interface/templates/vlan_up_RedHat.j2{# # # (c) Copyright 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # #} {{ interface_file_marker }} {% if item.vlanrawdevice is defined %} {% if disable_lro is defined and disable_lro %} ethtool -K {{ item.vlanrawdevice }} lro off {% endif %} {% if item.mtu is defined %} ip link set dev {{ item.vlanrawdevice }} mtu {{ item.vlanrawdevice_mtu }} ip link set dev {{ item.device }} mtu {{ item.mtu }} {% endif %} {% endif %} 070701000000A6000081A400000000000000000000000160007873000003E4000000000000000000000000000000000000005D00000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/network_interface/templates/vlan_up_Suse.j2{# # # (c) Copyright 2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # #} {{ interface_file_marker }} {% if item.vlanrawdevice is defined %} {% if disable_lro is defined and disable_lro %} ethtool -K {{ item.vlanrawdevice }} lro off {% endif %} {% if item.mtu is defined %} ip link set dev {{ item.vlanrawdevice }} mtu {{ item.vlanrawdevice_mtu }} ip link set dev {{ item.device }} mtu {{ item.mtu }} {% endif %} {% endif %} 070701000000A7000041ED0000000000000000000000026000787300000000000000000000000000000000000000000000004800000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/network_interface/vars070701000000A8000081A40000000000000000000000016000787300000F41000000000000000000000000000000000000005300000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/network_interface/vars/debian.yml# (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. --- network_pkgs: - python-selinux - ifenslave-2.6 - vlan openvswitch_packages: - openvswitch-switch openvswitch_packages_dpdk: - openvswitch-switch - openvswitch-switch-dpdk linuxbridge_packages: - bridge-utils net_path: "/etc/network/interfaces.d" disable_lro: true dpdk_enabled: " {%- if dpdk_network_devices is defined and \ dpdk_network_devices.FND_OVS is defined and \ dpdk_network_devices.FND_OVS.devices is defined -%} {%- if dpdk_network_devices.FND_OVS.devices|length > 0 -%} True {% else %} False {%- endif -%} {% else %} False {%- endif -%}" dpdk_eal_opts: " {% set temp_list = [] %} {%- if dpdk_network_devices is defined and \ dpdk_network_devices.FND_OVS is defined and \ dpdk_network_devices.FND_OVS.eal_options is defined -%} {%- for opt in dpdk_network_devices.FND_OVS.eal_options -%} {%- if opt.value is defined -%} {%- if opt.value|string|length == 1 -%} {%- set opts = '-'+opt.name+' '+opt.value|string+' ' -%} {%- else -%} {%- set opts = '--'+opt.name+' '+opt.value|string+' ' -%} {%- endif -%} {%- else -%} {%- set opts = opt.name+' ' -%} {%- endif -%} {%- if temp_list.append( opts ) -%}{%- endif -%} {%- endfor -%} {%- endif -%} {{ temp_list|join ('') }}" dpdk_core_mask: "{{ host | item('cpu_assignments.FND_OVS.eal.bitmask', default='1') }}" dpdk_pmd_mask: "{{ host | item('cpu_assignments.FND_OVS.pmd.bitmask', default='2') }}" # this will leave tmp_dpdk_rx_queues either an empty string or opt.value tmp_dpdk_rx_queues: " {%- if dpdk_network_devices is defined and \ dpdk_network_devices.FND_OVS is defined and \ dpdk_network_devices.FND_OVS.component_options is defined -%} {%- for opt in dpdk_network_devices.FND_OVS.component_options -%} {%- if opt.name|string == 'n-dpdk-rxqs' -%} {{ opt.value }} {%- endif -%} {%- endfor -%} {%- endif -%}" # handle the empty string as a default dpdk_rx_queues: " {%- if tmp_dpdk_rx_queues == '' -%} 1 {%- else -%} {{ tmp_dpdk_rx_queues }} {%- endif -%}" dpdk_bindings: " {% set temp_list = [] %} {%- if dpdk_network_devices is defined and \ dpdk_network_devices.FND_OVS is defined and \ dpdk_network_devices.FND_OVS.devices is defined -%} {%- for entry in dpdk_network_devices.FND_OVS.devices -%} {% if entry.driver is defined -%} {% set line = '\npci ' + entry.bus_address + ' ' + entry.driver %} {%- if temp_list.append( line ) -%}{%- endif -%} {%- endif -%} {%- endfor -%} {%- endif -%} {{ temp_list |join ('') }}" dpdk_drivers: " {% set temp_list = [] %} {%- if dpdk_network_devices is defined and \ dpdk_network_devices.FND_OVS is defined and \ dpdk_network_devices.FND_OVS.devices is defined -%} {%- for device in dpdk_network_devices.FND_OVS.devices -%} {% if device.driver is defined -%} {%- if temp_list.append( device.driver ) -%}{%- endif -%} {%- endif -%} {%- endfor -%} {%- endif -%} {{ temp_list|unique|join(',')}}" 070701000000A9000081A400000000000000000000000160007873000002D8000000000000000000000000000000000000005800000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/network_interface/vars/debian_dpdk.yml# (c) Copyright 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. --- dpdk_extra: packages: [] modules: [] ovs_opts: '' 070701000000AA000081A40000000000000000000000016000787300000321000000000000000000000000000000000000005100000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/network_interface/vars/main.yml# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. --- env: RUNLEVEL: 1 routing_table_file : '/etc/iproute2/rt_tables' routing_table_marker : 'ardana' routing_table_id_start : 101 070701000000AB000081A40000000000000000000000016000787300000438000000000000000000000000000000000000005300000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/network_interface/vars/redhat.yml# (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017-2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. --- network_pkgs: - libselinux-python - bridge-utils - iputils - net-tools openvswitch_packages: - openvswitch openvswitch_packages_dpdk: [] linuxbridge_packages: - bridge-utils disable_svcs: - NetworkManager net_path: "/etc/sysconfig/network-scripts" dpdk_enabled: "False" dpdk_eal_opts: "" dpdk_core_mask: "" dpdk_pmd_mask: "" dpdk_rx_queues: "" dpdk_bindings: "" dpdk_drivers: "" 070701000000AC000081A400000000000000000000000160007873000002D8000000000000000000000000000000000000005800000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/network_interface/vars/redhat_dpdk.yml# (c) Copyright 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. --- dpdk_extra: packages: [] modules: [] ovs_opts: '' 070701000000AD000081A40000000000000000000000016000787300001452000000000000000000000000000000000000005100000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/network_interface/vars/suse.yml# (c) Copyright 2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017-2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. --- network_pkgs: - python-selinux - bridge-utils - iputils openvswitch_packages: - openvswitch openvswitch_packages_dpdk: [] linuxbridge_packages: - bridge-utils net_path: "/etc/sysconfig/network" dpdk_enabled: " {%- if dpdk_network_devices is defined and \ dpdk_network_devices.FND_OVS is defined and \ dpdk_network_devices.FND_OVS.devices is defined -%} {%- if dpdk_network_devices.FND_OVS.devices|length > 0 -%} True {% else %} False {%- endif -%} {% else %} False {%- endif -%}" dpdk_eal_opts: " {% set temp_list = [] %} {%- if dpdk_network_devices is defined and \ dpdk_network_devices.FND_OVS is defined and \ dpdk_network_devices.FND_OVS.eal_options is defined -%} {%- for opt in dpdk_network_devices.FND_OVS.eal_options -%} {%- if opt.value is defined -%} {%- if opt.value|string|length == 1 -%} {%- do temp_list.append('-'+opt.name+' '+opt.value|string+' ') -%} {%- else -%} {%- do temp_list.append('--'+opt.name+' '+opt.value|string+' ') -%} {%- endif -%} {%- else -%} {%- do temp_list.append(opt.name+' ') -%} {%- endif -%} {%- endfor -%} {%- endif -%} {{ temp_list | join ('') }}" dpdk_core_mask: "{{ host | item('cpu_assignments.FND_OVS.eal.bitmask', default='1') }}" dpdk_pmd_mask: "{{ host | item('cpu_assignments.FND_OVS.pmd.bitmask', default='2') }}" dpdk_socket_mem: " {%- if dpdk_network_devices is defined and \ dpdk_network_devices.FND_OVS is defined and \ dpdk_network_devices.FND_OVS.eal_options is defined -%} {%- for opt in dpdk_network_devices.FND_OVS.eal_options -%} {%- if opt.name|string == 'socket-mem' -%} {{ opt.value }} {%- endif -%} {%- endfor -%} {%- endif -%}" dpdk_extra_options: " {%- if dpdk_network_devices is defined and \ dpdk_network_devices.FND_OVS is defined and \ dpdk_network_devices.FND_OVS.eal_options is defined -%} {%- for opt in dpdk_network_devices.FND_OVS.eal_options -%} {%- if opt.name|string == 'n' -%} {{ opt.value }} {%- endif -%} {%- endfor -%} {%- endif -%}" # this will leave tmp_dpdk_rx_queues either an empty string or opt.value tmp_dpdk_rx_queues: " {%- if dpdk_network_devices is defined and \ dpdk_network_devices.FND_OVS is defined and \ dpdk_network_devices.FND_OVS.component_options is defined -%} {%- for opt in dpdk_network_devices.FND_OVS.component_options -%} {%- if opt.name|string == 'n-dpdk-rxqs' -%} {{ opt.value }} {%- endif -%} {%- endfor -%} {%- endif -%}" # handle the empty string as a default dpdk_rx_queues: " {%- if tmp_dpdk_rx_queues == '' -%} 1 {%- else -%} {{ tmp_dpdk_rx_queues }} {%- endif -%}" dpdk_bindings: " {% set temp_list = [] %} {%- if dpdk_network_devices is defined and \ dpdk_network_devices.FND_OVS is defined and \ dpdk_network_devices.FND_OVS.devices is defined -%} {%- for entry in dpdk_network_devices.FND_OVS.devices -%} {% if entry.driver is defined -%} {% do temp_list.append( '\npci ' + entry.bus_address + ' ' + entry.driver) %} {%- endif -%} {%- endfor -%} {%- endif -%} {{ temp_list | join ('') }}" dpdk_commands_to_bind_nics: " {% set temp_list = [] %} {%- if dpdk_network_devices is defined and \ dpdk_network_devices.FND_OVS is defined and \ dpdk_network_devices.FND_OVS.devices is defined -%} {%- for entry in dpdk_network_devices.FND_OVS.devices -%} {% if entry.driver is defined -%} {% do temp_list.append('/usr/sbin/dpdk-devbind -b ' + entry.driver + ' ' + entry.bus_address) %} {%- endif -%} {%- endfor -%} {%- endif -%} {{ temp_list|join ('\n') }}" dpdk_drivers: " {% set temp_list = [] %} {%- if dpdk_network_devices is defined and \ dpdk_network_devices.FND_OVS is defined and \ dpdk_network_devices.FND_OVS.devices is defined -%} {%- for device in dpdk_network_devices.FND_OVS.devices -%} {%- if device.driver is defined -%} {% do temp_list.append( device.driver ) %} {%- endif -%} {%- endfor -%} {%- endif -%} {{ temp_list | unique | join(',') }}" dpdk_commands_to_load_drivers: " {% set temp_list = [] %} {%- for driver in dpdk_drivers.split(',') -%} {% do temp_list.append( '/usr/sbin/modprobe --allow-unsupported ' + driver) %} {%- endfor -%} {{ temp_list |unique |join ('\n') }}"070701000000AE000081A40000000000000000000000016000787300000302000000000000000000000000000000000000005600000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/network_interface/vars/suse_dpdk.yml# (c) Copyright 2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017-2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. --- dpdk_extra: packages: - dpdk-tools - dpdk-kmp-default modules: [] ovs_opts: '' 070701000000AF000041ED0000000000000000000000076000787300000000000000000000000000000000000000000000003A00000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/osconfig070701000000B0000041ED0000000000000000000000086000787300000000000000000000000000000000000000000000004100000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/osconfig-common070701000000B1000041ED0000000000000000000000026000787300000000000000000000000000000000000000000000004A00000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/osconfig-common/defaults070701000000B2000081A4000000000000000000000001600078730000029E000000000000000000000000000000000000005300000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/osconfig-common/defaults/main.yml# # (c) Copyright 2015 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- ardana_irq_hint_policy: "" 070701000000B3000041ED0000000000000000000000026000787300000000000000000000000000000000000000000000004A00000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/osconfig-common/handlers070701000000B4000081A40000000000000000000000016000787300000283000000000000000000000000000000000000005300000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/osconfig-common/handlers/main.yml# # (c) Copyright 2015 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- 070701000000B5000041ED0000000000000000000000026000787300000000000000000000000000000000000000000000004900000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/osconfig-common/library070701000000B6000081A4000000000000000000000001600078730000054C000000000000000000000000000000000000005C00000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/osconfig-common/library/get_serial_ttys.py#!/usr/bin/python # # (c) Copyright 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # import os import subprocess def main(): module = AnsibleModule( argument_spec=dict( dev_ins=dict(required=True) ) ) devices = module.params['dev_ins'] ret_list=[] for device in devices: devpath = "/dev/tty" + device if not os.path.exists(devpath): return None try: fd = os.open(devpath, os.O_RDONLY) except Exception as e: module.fail_json(msg = "Failed to open device %s, %s" % (devpath, str(e))) if os.isatty(fd): ret_list.append(device) module.exit_json( dev_outs=ret_list, changed=True ) from ansible.module_utils.basic import * # NOQA main() 070701000000B7000041ED0000000000000000000000026000787300000000000000000000000000000000000000000000004700000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/osconfig-common/tasks070701000000B8000081A40000000000000000000000016000787300000745000000000000000000000000000000000000005000000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/osconfig-common/tasks/main.yml# # (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017-2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- - name: osconfig-common | main | Set os-specific variables include_vars: "{{ ansible_os_family | lower }}.yml" - name: Install common packages become: yes package: name: "{{ item }}" state: present with_items: common_packages - name: check irqbalance config become: yes shell: lsmod | grep {{ item }} with_items: irq_affinity_drivers register: is_driver_loaded ignore_errors: yes - name: Set irqbalance hint policy default set_fact: ardana_irq_hint_policy: OPTIONS="--hintpolicy=ignore" when: item.rc == 0 with_items: "{{ is_driver_loaded.results }}" - name : Set irqbalance config file become: yes template: src: default-irqbalance.j2 dest: /etc/default/irqbalance register: new_default_irqbalance - name: restart irqbalance if necesary become: yes service: name: irqbalance state: restarted when: new_default_irqbalance.changed - name: Get serial consoles become: yes get_serial_ttys: dev_ins: "{{ tty_list }}" register: serial_ttys - name: Setup serial consoles become: yes service: name: serial-getty@tty{{ item }}.service enabled: yes state: started with_items: "{{ serial_ttys.dev_outs }}" 070701000000B9000041ED0000000000000000000000026000787300000000000000000000000000000000000000000000004B00000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/osconfig-common/templates070701000000BA000081A400000000000000000000000160007873000002FF000000000000000000000000000000000000006100000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/osconfig-common/templates/default-irqbalance.j2{# # # (c) Copyright 2015 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # #} #Should irqbalance be enabled? ENABLED="1" #Balance the IRQs only once? ONESHOT="0" #Options {{ ardana_irq_hint_policy }} 070701000000BB000041ED0000000000000000000000026000787300000000000000000000000000000000000000000000004600000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/osconfig-common/vars070701000000BC000081A400000000000000000000000160007873000003A6000000000000000000000000000000000000005100000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/osconfig-common/vars/debian.yml# # (c) Copyright 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017-2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- # apt packages in this list will be installed on all nodes common_packages: - irqbalance - dbus - vim - python-yaml ntp_cli_pkgs: - lockfile-progs - ntpdate - ntp - util-linux ntp_srv_pkgs: - lockfile-progs - ntpdate - ntp - util-linux ntp_service_name: ntp 070701000000BD000081A400000000000000000000000160007873000002F3000000000000000000000000000000000000004F00000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/osconfig-common/vars/main.yml# # (c) Copyright 2015 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- #Check on drivers that set affinity on numa themselves irq_affinity_drivers: - ixgbe tty_list: - S0 - S1 - S2 070701000000BE000081A40000000000000000000000016000787300000368000000000000000000000000000000000000005100000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/osconfig-common/vars/redhat.yml# # (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017-2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- # yum packages in this list will be installed on all nodes common_packages: - irqbalance - dbus - vim - python-yaml ntp_cli_pkgs: - ntpdate - ntp ntp_srv_pkgs: - ntpdate - ntp ntp_service_name: ntpd 070701000000BF000081A4000000000000000000000001600078730000036B000000000000000000000000000000000000004F00000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/osconfig-common/vars/suse.yml# # (c) Copyright 2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017-2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- # zypper packages in this list will be installed on all nodes common_packages: - irqbalance - dbus-1 - vim - libyaml-0-2 - rsyslog ntp_cli_pkgs: - ntp ntp_srv_pkgs: - ntp - util-linux ntp_service_name: ntpd 070701000000C0000041ED0000000000000000000000066000787300000000000000000000000000000000000000000000004300000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/osconfig-iptables070701000000C1000041ED0000000000000000000000026000787300000000000000000000000000000000000000000000004C00000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/osconfig-iptables/defaults070701000000C2000081A400000000000000000000000160007873000003A5000000000000000000000000000000000000005500000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/osconfig-iptables/defaults/main.yml# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. --- # defaults file for iptables # Make sure that 'lock_path' here matches the 'neutron_common_rundir' # in roles/neutron-common/defaults/main.yml lock_path: "{{neutron_common_rundir}}/lock" lock_name: 'iptables' lock_timeout: 120 synchronized_prefix: 'neutron-' 070701000000C3000041ED0000000000000000000000026000787300000000000000000000000000000000000000000000004C00000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/osconfig-iptables/handlers070701000000C4000081A400000000000000000000000160007873000002BA000000000000000000000000000000000000005500000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/osconfig-iptables/handlers/main.yml# (c) Copyright 2015 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. --- # handlers file for iptables 070701000000C5000041ED0000000000000000000000026000787300000000000000000000000000000000000000000000004900000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/osconfig-iptables/tasks070701000000C6000081A400000000000000000000000160007873000004BA000000000000000000000000000000000000005700000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/osconfig-iptables/tasks/configure.yml# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. --- # Playbook to configure iptable rules - name: osconfig-iptables | configure | apply firewall rules become: yes iptables_update: enable: "{{ firewall.enable }}" logging: "{{ firewall.settings.logging|default(true) }}" ardana_chains: "{{ firewall.managed_networks }}" rules: "{{ firewall.rules }}" lock_path: "{{ lock_path }}" lock_name: "{{ lock_name }}" lock_timeout: "{{ lock_timeout }}" synchronized_prefix: "{{ synchronized_prefix }}" os_family: "{{ ansible_os_family }}" register: result 070701000000C7000081A40000000000000000000000016000787300000609000000000000000000000000000000000000005500000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/osconfig-iptables/tasks/install.yml# (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017-2018 SUSE LLC # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. --- # iptables install playbook - name: osconfig-iptables | install | RedHat- Prevent potential sample iptables become: yes file: path: "{{ item }}" state: touch mode: 0644 with_items: - /etc/sysconfig/iptables - /etc/sysconfig/ip6tables when: ansible_os_family == 'RedHat' - name: osconfig-iptables | install | Install the required packages become: yes package: name: "{{ item }}" state: present with_items: iptables_pkgs - name: osconfig-iptables | install | Disable unsupported OS services become: yes service: name: "{{ item }}" state: stopped enabled: no with_items: "{{ disable_svcs|default([]) }}" - name: osconfig-iptables | install | Enable services become: yes service: name: "{{ item }}" state: started enabled: yes with_items: "{{ enable_svcs|default([]) }}" 070701000000C8000081A40000000000000000000000016000787300000370000000000000000000000000000000000000005200000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/osconfig-iptables/tasks/main.yml# # (c) Copyright 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- - name: osconfig-iptables | main | Set os-specific variables include_vars: "{{ ansible_os_family | lower }}.yml" - include: install.yml when: osconfig_iptables_run_mode is defined and osconfig_iptables_run_mode == "install" 070701000000C9000041ED0000000000000000000000026000787300000000000000000000000000000000000000000000004800000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/osconfig-iptables/vars070701000000CA000081A40000000000000000000000016000787300000315000000000000000000000000000000000000005300000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/osconfig-iptables/vars/debian.yml# (c) Copyright 2015 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. --- # Debian specific vars file for iptables iptables_pkgs: - iptables - netfilter-persistent - iptables-persistent 070701000000CB000081A400000000000000000000000160007873000002B6000000000000000000000000000000000000005100000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/osconfig-iptables/vars/main.yml# (c) Copyright 2015 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. --- # vars file for iptables 070701000000CC000081A40000000000000000000000016000787300000340000000000000000000000000000000000000005300000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/osconfig-iptables/vars/redhat.yml# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You mayobtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # RedHat specific vars file for iptables iptables_pkgs: - iptables - iptables-services disable_svcs: - firewalld enable_svcs: - iptables - ip6tables 070701000000CD000081A40000000000000000000000016000787300000316000000000000000000000000000000000000005100000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/osconfig-iptables/vars/suse.yml# (c) Copyright 2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You mayobtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # SLES specific vars file for iptables iptables_pkgs: - iptables disable_svcs: - SuSEfirewall2_init - SuSEfirewall2 070701000000CE000041ED0000000000000000000000076000787300000000000000000000000000000000000000000000004600000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/osconfig-network-pci070701000000CF000041ED0000000000000000000000026000787300000000000000000000000000000000000000000000004F00000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/osconfig-network-pci/defaults070701000000D0000081A400000000000000000000000160007873000004B4000000000000000000000000000000000000005800000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/osconfig-network-pci/defaults/main.yml# (c) Copyright 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. --- udev_dir: "/etc/udev" config_scripts: "{% set temp_list = [] %} {%- if sriov_interfaces is defined -%} {%- for interface in sriov_interfaces -%} {%- if temp_list.append( interface.config_script ) -%} {%- endif -%} {%- endfor -%} {%- endif -%} {{ temp_list|unique }}" pci_file_marker: '# ARDANA-MANAGED - Managed by Ardana - Do not edit' network_pci_pt_sriov_interfaces: [] 070701000000D1000041ED0000000000000000000000026000787300000000000000000000000000000000000000000000004C00000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/osconfig-network-pci/files070701000000D2000081A400000000000000000000000160007873000014AE000000000000000000000000000000000000006200000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/osconfig-network-pci/files/ardana_network_pci.py#!/usr/bin/python # # (c) Copyright 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # # This file will be called by ardana_udev_run.sh to configure or remove VF's # based on the interface removed/added/updated. import os import sys import syslog import yaml SUCCESS = 0 FAILURE = 1 SKIPPED = 2 class udev_pci_request(object): def __init__(self, devpath): self._device_name = None self._device_address = None # Parse the devpath if devpath: path_parts = devpath.split("/") self._device_name = path_parts[6] \ if len(path_parts) >= 7 else None self._device_address = path_parts[4] \ if len(path_parts) >= 5 else None @property def device_name(self): return self._device_name @property def device_address(self): return self._device_address class network_pci_database(object): UDEV_DIR = '/etc/udev' DB_FILE = UDEV_DIR + '/network-pci.yml' def __init__(self): # Construct the DB map self._nic_device_map = {} # Scan db file and create device map self._load_devices() def _read_db(self, db_file): data = {} try: if os.path.isfile(db_file): with open(db_file, 'r') as _db_file: data = yaml.load(_db_file) if data is None: data = {} except Exception: # Log message, do not fail UDEV syslog.syslog(syslog.LOG_ERR, '%s not found' % 'db_file') return data def _load_devices(self): # Read the db files and store in respective device map data = self._read_db(self.DB_FILE) # Making sure that the key 'pci_entries' exists # and its respective values are not empty if data.get('pci_entries', None): # Form device list from raw data device_list = [{item.pop('device'): item} for item in data.get('pci_entries')] self._nic_device_map = {item.keys()[0]: item.get(item.keys()[0]) for item in device_list} def _set_device_up(self, device_name): # Execute ip link show command to find out the interface is up/down command = "ip link show %s | awk 'NR==1{print $9; exit}'"\ % device_name output = os.popen(command).read().rstrip() # If interface is down, make it up if output == 'DOWN': cmd = "ip link set %s up" % device_name return os.system(cmd) else: # Interface is already up skip it return SKIPPED def config_VFs(self, request, device): # Calls the device specific script to configure VFs # Form the command and arguments command = os.path.join(self.UDEV_DIR, device['config_script']) args = "%s %s %s configure %s %s" \ % (device['distro'], request.device_name, str(device['vf_count']), device['bus_address'], str(device['port_num'])) # VFs on system device get configured with the value in the database result1 = os.system("%s %s" % (command, args)) # Make the device up if it is down if result1 != FAILURE: result2 = self._set_device_up(request.device_name) if result2 != FAILURE: return SUCCESS syslog.syslog(syslog.LOG_ERR, 'Configuring device with address %s failed' % request.device_address) return FAILURE # This python script requires an command line argument which # is the form of "/devices/pci0000:00/0000:00:02.0/0000:05:00.0/net/hed1" # where "0000:05:00.0" represents the address and "hed1" # represents the device name. # # It also has dependency on the db file named # 'network-pci.yml' which contains the # device details in the following yaml format # pci_entries: # - 'device': 'hed1' # 'config_script': '8086_10fb.sh' # 'vf_count': '10' # 'bus_address': '0000:05:00.0' # 'port_num': '0' # 'device_id': '10fb' # 'distro': 'Debian' def main(): # A valid device create request request = udev_pci_request(sys.argv[1]) pci_db = network_pci_database() name = request.device_name if name and name in pci_db._nic_device_map: # Configure the VF setting for this device return pci_db.config_VFs(request, pci_db._nic_device_map.get(name)) syslog.syslog(syslog.LOG_ERR, 'Unknown device: %s, VFs not configured' % name) return FAILURE main() 070701000000D3000081ED0000000000000000000000016000787300002EB5000000000000000000000000000000000000005A00000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/osconfig-network-pci/files/connect-x3.sh#!/bin/bash # # (c) Copyright 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # # Usage: connect-x3.sh <Distro> <device-name> <vf-count> <operation> <bus_address> <port_num> # e.g. connect-x3.sh Debian eth7 10 configure 0000:04:00.0 1 ######################################################################### # Variables shared between functions ######################################################################### export MLX_CORE_CONF="/etc/modprobe.d/mlx4_core.conf" export SCRIPT export DISTRO export DEVICE export VF_COUNT export OPERATION export BUS_ADDRESS export PORT_NUM export DEVICE_ID #SUCCESS 0; FAILURE 1; SKIPPED 2 export EXIT_STATUS_SUCCESS=0 export EXIT_STATUS_FAILED=1 export EXIT_STATUS_SKIPPED=2 export EXIT_STATUS=$EXIT_STATUS_SUCCESS # log a message identifying this script log_msg() { logger "$SCRIPT: $1" } # Initialise port number value when empty and check the device status init() { if [ -z $PORT_NUM ]; then PORT_NUM=0 fi dev_id=$( cat /sys/bus/pci/devices/$BUS_ADDRESS/device ) DEVICE_ID=${dev_id:2} } # Unload mlx4_en and mlx4_ib drivers. unload_mlx4_drivers() { log_msg "unload mlx4_en driver" if [ `lsmod | grep mlx4_en | cut -f1 -d ' ' | grep mlx4_en` ]; then modprobe -r mlx4_en fi log_msg "unload mlx4_ib driver" if [ `lsmod | grep mlx4_ib | cut -f1 -d ' ' | grep mlx4_ib` ]; then modprobe -r mlx4_ib fi } # Check if vfs are configured in the existing vf by checking if it contains non-zero digits # - If yes, return 0 - e.g. vf="0;6" returns 0 # - Else, return 1 - e.g. vf="0;0" returns 1 is_vf_configured() { if [[ `echo $1 | grep -o '[1-9]*'` ]] then return 0 else return 1 fi } extend_vf_array() { array_size=${#VFS_ARRAY[@]} pos=`expr $PORT_NUM + 1` if (( $pos > $array_size )) then diff=`expr $pos - $array_size` i=0 while [ $i -lt $diff ] do VFS_ARRAY+=('0') i=`expr $i + 1` done fi } extend_port_type_array() { array_size=${#PORT_TYPE_ARRAY[@]} pos=`expr $PORT_NUM + 1` if (( $pos > $array_size )) then diff=`expr $pos - $array_size` i=0 while [ $i -lt $diff ] do PORT_TYPE_ARRAY+=('2') i=`expr $i + 1` done fi } # Pre configure to flush the VFs values to 0 if the entry exists in MLX_CORE_CONF file pre_configure() { if [[ -f $MLX_CORE_CONF && $DEVICE_ID -eq 1007 ]] then if grep "$BUS_ADDRESS/*" $MLX_CORE_CONF then num_vf=`grep -o "num_vfs.*" $MLX_CORE_CONF` # Fetching the existing vf value, e.g.-0000:04:00.0-0;4 existing_vfs=`echo $num_vf | grep -o "$BUS_ADDRESS[^ ]*"` vfs=`echo $existing_vfs | cut -d '-' -f2` # Prepare VF array for initializing IFS=';' read -r -a VFS_ARRAY <<< $vfs # Get port type array port_array=$(grep -o "port_type_array=[^ ]*" $MLX_CORE_CONF) existing_port_types=`echo $port_array | grep -o "$BUS_ADDRESS[^ ]*"` old_port_array=`echo $existing_port_types | cut -d '-' -f2` # Prepare PORT TYPE array for initializing IFS=';' read -r -a PORT_TYPE_ARRAY <<< $old_port_array array_size=${#VFS_ARRAY[@]} i=0 while [ $i -lt $array_size ] do VFS_ARRAY[$i]='0' i=`expr $i + 1` done extend_vf_array extend_port_type_array # Initialize the vf configuration final_vf=$(IFS=";" ; echo "${VFS_ARRAY[*]}") vf_str="$BUS_ADDRESS-${final_vf}" sed -i "s/${existing_vfs}/${vf_str}/g" $MLX_CORE_CONF # Update port_type_array final_port_array=$(IFS=";" ; echo "${PORT_TYPE_ARRAY[*]}") port_str="$BUS_ADDRESS-${final_port_array}" sed -i "s/${existing_port_types}/${port_str}/g" $MLX_CORE_CONF else # BUS_ADDRESS does not exist in the MLX_CORE_CONF file log_msg "Pre-configure: Skipped for $BUS_ADDRESS as the bus address does not exist in $MLX_CORE_CONF" fi else log_msg "Pre-configure: Skipped for $BUS_ADDRESS as either $MLX_CORE_CONF not found, or it is unsupported device $DEVICE_ID" fi } # This function updates existing VF configuration for multiport device with ID 1007, # and is called only if there is a change in the vf-count for the specified port. # This function is expected to do the following : # - Update the existing VF configuration to reflect the current request for the port. # For e.g. num_vfs=0000:04:00.0-1;0, for the case where vf-count of 1 is specified for port # number 0 in the request. # For e.g. num_vfs=0000:04:00.0-0;2, for the case where vf-count of 2 is specified for port # number 1 in the request. # - Check and fail if vfs exists on other ports of the same bus address. configure_vfs() { vf=$1 existing_vfs=$2 if is_vf_configured $vf; then IFS=';' read -r -a vfs_array <<< $vf log_msg "Configure: Updating $MLX_CORE_CONF file for Device Id - $DEVICE_ID" # Update the num of vfs only if configuration is already done for that port if [ ${vfs_array[$PORT_NUM]} -eq 0 ] then log_msg "Configure: Device Id 1007 does not support VF creation on multiple ports of the same card." EXIT_STATUS=$EXIT_STATUS_FAILED exit $EXIT_STATUS fi fi sed -i "s/${existing_vfs}/${NUM_VFS}/g" $MLX_CORE_CONF # Get port type array port_array=$(grep -o "port_type_array=[^ ]*" $MLX_CORE_CONF) existing_port_types=`echo $port_array | grep -o "$BUS_ADDRESS[^ ]*"` old_port_array=`echo $existing_port_types | cut -d '-' -f2` # Update port_type_array sed -i "s/${existing_port_types}/$PORT_TYPE_ARRAY/g" $MLX_CORE_CONF log_msg "Configure: $MLX_CORE_CONF file updated for $DEVICE and $BUS_ADDRESS" } # This function creates vf configuration if it doesn't exists. It skips the configuration # if there is no change required or else updates the existing configuration. # This function is expected to do the following : # - Check for the device id and call appropriate functions to handle VF creation. # - Maintain idempotency with respect to vf counts. configure() { PORT_TYPE_ETHERNET=2 # e.g. In case of ethernet, num_vfs=0000:04:00.0-0;4 and port_type_array=0000:04:00.0-2;2 i=0 ports=$PORT_NUM if (( $PORT_NUM % 2 == 0 )); then ports=`expr $PORT_NUM + 1` fi while [ $i -le $ports ] do vf_array[i]=0 port_array[i]=$PORT_TYPE_ETHERNET if [[ $i = $PORT_NUM ]]; then vf_array[i]=$VF_COUNT fi i=`expr $i + 1` done vf=$(IFS=";" ; echo "${vf_array[*]}") port=$(IFS=";" ; echo "${port_array[*]}") NUM_VFS="$BUS_ADDRESS-$vf" PORT_TYPE_ARRAY="$BUS_ADDRESS-$port" VIRT_FUN="options mlx4_core port_type_array=$PORT_TYPE_ARRAY num_vfs=$NUM_VFS enable_64b_cqe_eqe=0 log_num_mgm_entry_size=-1" if [ -f $MLX_CORE_CONF ] then if grep -Fq "$BUS_ADDRESS" $MLX_CORE_CONF then # VF configuration exists. Update it vfs=$(grep -o "num_vfs.*" $MLX_CORE_CONF) # Fetching the existing vf value, e.g.-0000:04:00.0-0;4 existing_vfs=`echo $vfs | grep -o "$BUS_ADDRESS[^ ]*"` old_vf=`echo $existing_vfs | cut -d '-' -f2` if [ "$existing_vfs" = "$NUM_VFS" ] then log_msg "Configure: Skipped for $DEVICE and $BUS_ADDRESS" EXIT_STATUS=$EXIT_STATUS_SKIPPED # Device Id 1007 has a limitation that it cannot handle VFs creation across multiple ports of the same card. elif [[ $DEVICE_ID -eq 1007 ]] then log_msg "Configure: Device $DEVICE already configured. Updating." configure_vfs $old_vf $existing_vfs else log_msg "Configure: Device $DEVICE with device id $DEVICE_ID not supported " EXIT_STATUS=$EXIT_STATUS_SKIPPED fi # If values for num_vfs and port_array already exists then prepending new # values to the existing value elif vf_num=$(grep -o "num_vfs=[^ ]*" $MLX_CORE_CONF) then # VF configuration does not exist. Write the one requested. log_msg "Configure: Device $DEVICE not configured for VF. Creating." old_vfs=`echo $vf_num | cut -d '=' -f2` #Fetching the previous port_type_array value, eg-0000:04:00.0-2;2 port_array=$(grep -o "port_type_array=[^ ]*" $MLX_CORE_CONF) old_port_array=`echo $port_array | cut -d '=' -f2` new_vfs="$NUM_VFS $old_vfs" new_port_array="$PORT_TYPE_ARRAY $old_port_array" sed -i "s/${old_vfs}/${new_vfs}/g" $MLX_CORE_CONF sed -i "s/${old_port_array}/${new_port_array}/g" $MLX_CORE_CONF log_msg "Configure: $MLX_CORE_CONF file updated for $DEVICE and $BUS_ADDRESS" else echo $VIRT_FUN | tee $MLX_CORE_CONF log_msg "Configure: $MLX_CORE_CONF file updated for $DEVICE and $BUS_ADDRESS" fi else # Config file does not exist. Create it. log_msg "Configure: Creating $MLX_CORE_CONF file" touch $MLX_CORE_CONF chmod 644 $MLX_CORE_CONF echo $VIRT_FUN | tee $MLX_CORE_CONF log_msg "Configure: $MLX_CORE_CONF file updated for $DEVICE and $BUS_ADDRESS" fi # If VF count got updated for success, or skipped case (vf_count = 0), then # reload the required drivers. if (( (EXIT_STATUS == EXIT_STATUS_SUCCESS) || (EXIT_STATUS == EXIT_STATUS_SKIPPED && VF_COUNT == 0) )) then if [[ $VF_COUNT > 0 ]] then update-initramfs -k all -t -u fi unload_mlx4_drivers modprobe mlx4_en # Bring up the interface that is impacted if [[ ! `ip link show $DEVICE up` ]] then ip link set $DEVICE up fi fi # At this stage EXIT_STATUS can have 2 values EXIT_STATUS_SKIPPED or EXIT_STATUS_SUCCESS # Since this script is called from system, we do not want to sent FAILED status hence # setting the EXIT_STATUS to SUCCESS EXIT_STATUS=$EXIT_STATUS_SUCCESS } SCRIPT=$0 DISTRO=$1 DEVICE=$2 VF_COUNT=$3 OPERATION=$4 BUS_ADDRESS=$5 PORT_NUM=$6 if [ "$DISTRO" == "Debian" ]; then case $OPERATION in 'pre_configure') init log_msg "Pre-configure: $DEVICE" pre_configure log_msg "Pre-configure: Successfully completed for $DEVICE" ;; 'configure') init log_msg "Configure: $DEVICE" configure if [[ "$EXIT_STATUS" == "$EXIT_STATUS_SUCCESS" ]];then log_msg "Configure: Successfully completed for $DEVICE" fi ;; 'post_configure') log_msg "Post-configure: Successfully completed." ;; *) log_msg "Unknown Operation: $OPERATION" EXIT_STATUS=$EXIT_STATUS_FAILED ;; esac else log_msg "Unsupported distro: $DISTRO" EXIT_STATUS=$EXIT_STATUS_FAILED fi exit $EXIT_STATUS070701000000D4000081A40000000000000000000000016000787300000D4E000000000000000000000000000000000000005B00000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/osconfig-network-pci/files/intel-82599.sh#!/bin/bash # # (c) Copyright 2016-2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # # Usage: intel-82599.sh <Distro> <device-name> <vf-count> <operation> # e.g. intel-82599.sh Debian eth7 10 configure ######################################################################### # Variables shared between functions ######################################################################### export HLINUX_SYSPATH="/sys/class/net" export INTEL_VFDRIVER_CONF="/etc/modprobe.d/blacklist-ixgbevf.conf" export BLACKLIST="blacklist ixgbevf" export DISTRO export OPERATION export DEVICE export VF_COUNT export DEV_FILE export CONFIG_RUN_SKIPPED=0 # SUCCESS 0;FAILURE 1; SKIPPED=2 export EXIT_STATUS_SUCCESS=0 export EXIT_STATUS_FAILED=1 export EXIT_STATUS_SKIPPED=2 export EXIT_STATUS=$EXIT_STATUS_SUCCESS # log a message identifying this script log_msg() { logger "$SCRIPT: $1" } # Unload ixgbevf driver and blacklist this driver. unload_ixgbevf() { local module="ixgbevf" # update $INTEL_VFDRIVER_CONF file to make ixgbevf driver never # load across re-boots if ! grep $BLACKLIST $INTEL_VFDRIVER_CONF; then echo $BLACKLIST | tee $INTEL_VFDRIVER_CONF fi if [ `lsmod | grep $module | cut -f1 -d ' '` ]; then modprobe -r $module fi } # Pre-configure steps pre_configure() { unload_ixgbevf EXIT_STATUS=$EXIT_STATUS_SUCCESS } # is the setting already correct? is_configure_required() { if [ -f $DEV_FILE ]; then CONFIG_RUN_SKIPPED=0 value=$(< $DEV_FILE) if [[ $value == $VF_COUNT ]]; then CONFIG_RUN_SKIPPED=1 fi fi } # Update the active 'num_vfs' file configure() { is_configure_required if [[ $CONFIG_RUN_SKIPPED == 1 ]]; then EXIT_STATUS=$EXIT_STATUS_SKIPPED log_msg "Configure: Skipped for $DEVICE" else log_msg "Configure: $DEV_FILE updated for $DEVICE" echo "0" | tee $DEV_FILE echo $VF_COUNT | tee $DEV_FILE EXIT_STATUS=$EXIT_STATUS_SUCCESS log_msg "Configure: Successfully completed for $DEVICE" fi } SCRIPT=$0 DISTRO=$1 DEVICE=$2 VF_COUNT=$3 OPERATION=$4 DEV_FILE=$HLINUX_SYSPATH/$DEVICE/device/sriov_numvfs if [ "$DISTRO" == "Debian" ] || [ "$DISTRO" == "RedHat" ] || [ "$DISTRO" == "Suse" ]; then case $OPERATION in 'pre_configure') log_msg "Pre-configure" pre_configure ;; 'configure') log_msg "Configure: $DEVICE" configure ;; 'post_configure') log_msg "Post-configure: Successfully completed." ;; *) log_msg "Unknown Operation: $OPERATION" EXIT_STATUS=$EXIT_STATUS_FAILED ;; esac else log_msg "Unsupported distro: $DISTRO" EXIT_STATUS=$EXIT_STATUS_FAILED fi exit $EXIT_STATUS 070701000000D5000041ED0000000000000000000000026000787300000000000000000000000000000000000000000000004C00000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/osconfig-network-pci/tasks070701000000D6000081A4000000000000000000000001600078730000098A000000000000000000000000000000000000005C00000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/osconfig-network-pci/tasks/_write_conf.yml# # (c) Copyright 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- - name: osconfig-network-pci | _write_conf | Check for pre-existing version of network-pci.yml stat: path="{{ dest }}" register: conf_stat_result - name: osconfig-network-pci | _write_conf | Fetch network-pci.yml file from the target host become: yes fetch: src={{ dest }} dest=roles/osconfig-network-pci/vars/{{ inventory_hostname }} flat=yes when: conf_stat_result.stat.exists - name: osconfig-network-pci | _write_conf | Read network-pci.yml file include_vars: '{{ inventory_hostname }}' when: conf_stat_result.stat.exists - name: osconfig-network-pci | _write_conf | Check for additions or changes in PCI interfaces set_fact: is_pci_changed="{{ sriov_interfaces | pci_changed(pci_entries|default([])) }}" - name: osconfig-network-pci | _write_conf | Prepare a list of interfaces for which stale VFs are to be cleared set_fact: pci_deleted="{{ sriov_interfaces | pci_deleted(pci_entries|default([])) }}" - name: osconfig-network-pci | _write_conf | Get a list of config scripts required for post-configure operation set_fact: post_config_script_list="{{ sriov_interfaces | pci_config_script_list(pci_entries|default([])) | unique }}" - name: osconfig-network-pci | _write_conf | Template /etc/udev/network-pci.yml become: yes template: src: "{{ src }}" dest: "{{ dest }}" owner: root group: root mode: 0644 when: sriov_interfaces != [] - name: osconfig-network-pci | _write_conf | Delete local network-pci.yml file local_action: file path=roles/osconfig-network-pci/vars/{{ inventory_hostname }} state=absent - name: osconfig-network-pci | _write_conf | Delete network-pci.yml file on the remote host if no SRIOV interfaces found become: yes file: path={{ dest }} state=absent when: sriov_interfaces == [] 070701000000D7000081A40000000000000000000000016000787300000DFC000000000000000000000000000000000000005A00000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/osconfig-network-pci/tasks/configure.yml# (c) Copyright 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. --- - name: osconfig-network-pci | configure | Copy the PCI configuration script to hosts become: yes copy: src: "../files/ardana_network_pci.py" dest: "/etc/udev/ardana_network_pci.py" owner: root group: root mode: 0755 register: network_pci_file_result when: sriov_interfaces is defined and sriov_interfaces != [] - name: osconfig-network-pci | configure | Copy config_scripts to hosts become: yes copy: src: "../files/{{ item }}" dest: "{{ udev_dir }}" owner: root group: root mode: 0755 register: config_script_result with_items: config_scripts - name: osconfig-network-pci | configure | Create network-pci context include: _write_conf.yml src: "../templates/network-pci.j2" dest: "{{ udev_dir }}/network-pci.yml" - name: osconfig-network-pci | configure | Set network_pci_restart_required for later use set_fact: network_pci_restart_required="{{ network_pci_file_result.changed or config_script_result.changed or is_pci_changed }}" when: sriov_interfaces is defined and sriov_interfaces != [] - name: osconfig-network-pci | configure | Get a list of interfaces required for pre-configure operation set_fact: preconfigure_list="{{ sriov_interfaces | default([]) | pci_add_update_delete_list(pci_entries|default([])) }}" - name: osconfig-network-pci | configure | Pre-configure operation for added/modified/deleted interfaces for simple port become: yes script: "{{ item.config_script }} {{ ansible_os_family }} \ {{ item.device }} {{ item.vf_count }} pre_configure \ {{ item.bus_address }} \ {{ item.port_num }}" when: item.port_num is defined with_items: preconfigure_list - name: osconfig-network-pci | configure | Pre-configure operation for added/modified/deleted interfaces for simple port become: yes script: "{{ item.config_script }} {{ ansible_os_family }} \ {{ item.device }} {{ item.vf_count }} pre_configure \ {{ item.bus_address }} \ '0'" when: item.port_num is not defined and item.port_attributes is not defined with_items: preconfigure_list - name: osconfig-network-pci | configure | Pre-configure operation for added/modified/deleted interfaces for multi port become: yes script: "{{ item.config_script }} {{ ansible_os_family }} \ {{ item.device }} {{ item.vf_count }} pre_configure \ {{ item.bus_address }} \ {{ item.port_attributes.port_num }}" when: item.port_attributes is defined with_items: preconfigure_list - name: osconfig-network-pci | configure | Delete stale VFs on interfaces that are now made as non-PCI interfaces become: yes script: "{{ item.config_script }} {{ item.distro }} \ {{ item.device }} '0' 'configure' \ {{ item.bus_address }} \ {{ item.port_num }}" with_items: pci_deleted when: pci_deleted is defined 070701000000D8000081A400000000000000000000000160007873000007B4000000000000000000000000000000000000005800000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/osconfig-network-pci/tasks/install.yml# (c) Copyright 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. --- - name: osconfig-network-pci | install | Validate the requested configuration include: validate.yml - name: osconfig-network-pci | install | Debian - Determine the extra PCI drivers set_fact: packages="{{ network_pci_pt_sriov_interfaces | pci_packages( pci_extra.packages ) | unique }}" when: ansible_os_family == 'Debian' - name: osconfig-network-pci | install | Debian - Search for extra PCI packages become: yes shell: > /usr/bin/apt-cache search {{ item }} | cut -f1 -d " " register: pkg_search_result with_items: packages when: ansible_os_family == 'Debian' - name: osconfig-network-pci | install | Debian - Install extra PCI packages become: yes apt: name: "{{ item.stdout }}" install_recommends: no state: latest force: yes with_items: pkg_search_result.results when: ansible_os_family == 'Debian' and item.stdout is defined and item.stdout != "" - name: osconfig-network-pci | install | Debian - Get list of modules set_fact: modules="{{ network_pci_pt_sriov_interfaces | pci_modules( pci_extra.packages ) }}" when: ansible_os_family == 'Debian' - name: osconfig-network-pci | install | Debian - Load the modules become: yes modprobe: name: "{{ item }}" state: present with_items: modules when: ansible_os_family == 'Debian' 070701000000D9000081A400000000000000000000000160007873000004DE000000000000000000000000000000000000005900000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/osconfig-network-pci/tasks/validate.yml# (c) Copyright 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. --- - name: osconfig-network-pci | validate | Include local vars include_vars: 'pci_debian.yml' - name: osconfig-network-pci | validate | Validate multi-port interfaces set_fact: validate_mp_interfaces="{{ multi_port_sriov_interfaces | default([]) | pci_validate_multi_port_interfaces( pci_extra.config_scripts ) }}" when: ansible_os_family == 'Debian' - name: osconfig-network-pci | validate | Fail if validation failed fail: msg="{{ validate_mp_interfaces }}" when: validate_mp_interfaces is defined and validate_mp_interfaces != "" and ansible_os_family == 'Debian' 070701000000DA000041ED0000000000000000000000026000787300000000000000000000000000000000000000000000005000000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/osconfig-network-pci/templates070701000000DB000081A40000000000000000000000016000787300000548000000000000000000000000000000000000005F00000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/osconfig-network-pci/templates/network-pci.j2{# # # (c) Copyright 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # #} {{ pci_file_marker }} {% if sriov_interfaces is defined and sriov_interfaces %} pci_entries: {% for interface in sriov_interfaces %} - 'device': {{'\''}}{{ interface.device }}{{'\''}} 'config_script': {{'\''}}{{ interface.config_script }}{{'\''}} 'vf_count': {{'\''}}{{ interface.vf_count }}{{'\''}} 'bus_address': {{'\''}}{{ interface.bus_address }}{{'\''}} {% if interface.type == 'simple-port' %} 'port_num': {{'\''}}0{{'\''}} {% else %} 'port_num': {{'\''}}{{ interface.port_attributes.port_num }}{{'\''}} {% endif %} 'device_id': {{'\''}}{{ interface.nic_device_type.device_id }}{{'\''}} 'distro': {{'\''}}{{ ansible_os_family }}{{'\''}} {% endfor %} {% endif %} 070701000000DC000041ED0000000000000000000000026000787300000000000000000000000000000000000000000000004B00000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/osconfig-network-pci/vars070701000000DD000081A40000000000000000000000016000787300000364000000000000000000000000000000000000005A00000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/osconfig-network-pci/vars/pci_debian.yml# (c) Copyright 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. --- pci_extra: packages: - mlnx-ofed-modules: modules: - mlx4_en drivers: - mlx4 config_scripts: - name: connect-x3.sh multi_vf_allowed: 'false' 070701000000DE000041ED0000000000000000000000046000787300000000000000000000000000000000000000000000004500000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/osconfig-ntp-client070701000000DF000041ED0000000000000000000000026000787300000000000000000000000000000000000000000000004B00000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/osconfig-ntp-client/tasks070701000000E0000081A40000000000000000000000016000787300000622000000000000000000000000000000000000005900000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/osconfig-ntp-client/tasks/configure.yml# # (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # # Playbook for configuring ntp client settings --- - include_vars: "../../osconfig-common/vars/{{ ansible_os_family | lower }}.yml" - name: osconfig-ntp-client| configure | Verify ntp servers are accessible become: yes command: /usr/sbin/ntpdate -v -q {{ item.host }} when: not (ardana_notify_osconfig_ntp_restart_required is not defined) and ardana_notify_osconfig_ntp_restart_required.changed and ntp_restarted is not defined with_items: NTP_CLI.consumes_NTP_SVR.members.private register: ntpdate_result until: ntpdate_result | success retries: 120 delay: 2 - name: osconfig-ntp-client | configure | Stop ntp so time can be updated become: yes service: name: "{{ ntp_service_name }}" state: stopped when: not (ardana_notify_osconfig_ntp_restart_required is not defined) and ardana_notify_osconfig_ntp_restart_required.changed and ntp_restarted is not defined 070701000000E1000081A40000000000000000000000016000787300000661000000000000000000000000000000000000005700000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/osconfig-ntp-client/tasks/install.yml# # (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017-2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # # Playbook for installing ntp client software --- - include_vars: "../../osconfig-common/vars/{{ ansible_os_family | lower }}.yml" - name: osconfig-ntp-client | install | Determine iface ips for ntp servers shell: | ip route get "{{ item.ip_address }}" | awk '$(NF-1) == "src" {print $NF}' with_items: NTP_CLI.consumes_NTP_SVR.members.private register: ntp_svr_ip_route_get_results - name: osconfig-ntp-client | install | Extract unique list of iface ips set_fact: ntp_client_listen_ifaces: "{{ ntp_svr_ip_route_get_results.results | map(attribute='stdout') | list | unique }}" - name: osconfig-ntp-client | install | Create ntp configuration file become: yes template: src=ntp.conf.j2 dest=/etc/ntp.conf register: ardana_notify_osconfig_ntp_restart_required - name: osconfig-ntp-client | install | Install required packages become: yes package: name: "{{ item }}" state: present with_items: ntp_cli_pkgs 070701000000E2000081A40000000000000000000000016000787300000916000000000000000000000000000000000000005500000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/osconfig-ntp-client/tasks/start.yml# # (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # # Playbook for starting the ntp client service --- - include_vars: "../../osconfig-common/vars/{{ ansible_os_family | lower }}.yml" - name: osconfig-ntp-client | start | Update system time to ntp server time become: yes command: /usr/sbin/ntpdate -v -b {{ NTP_CLI.consumes_NTP_SVR.members.private[0].host }} when: not (ardana_notify_osconfig_ntp_restart_required is not defined) and ardana_notify_osconfig_ntp_restart_required.changed and ntp_restarted is not defined - name: osconfig-ntp-client | start | Update the hardware clock with system time become: yes command: /sbin/hwclock --systohc when: not (ardana_notify_osconfig_ntp_restart_required is not defined) and ardana_notify_osconfig_ntp_restart_required.changed and ntp_restarted is not defined - name: osconfig-ntp-client | start | Restart ntp service become: yes service: name: "{{ ntp_service_name }}" state: restarted when: not (ardana_notify_osconfig_ntp_restart_required is not defined) and ardana_notify_osconfig_ntp_restart_required.changed and ntp_restarted is not defined register: ntp_restarted - name: osconfig-ntp-client | start | Start and enable ntp service become: yes service: name: "{{ ntp_service_name }}" state: running enabled: yes - name: osconfig-ntp-client | start | Restart services that are affected by time changing service: name: "{{ item }}" state: restarted enabled: yes become: yes with_items: - rsyslog when: ardana_notify_osconfig_ntp_restart_required is defined and ardana_notify_osconfig_ntp_restart_required.changed and ntp_restarted is not defined 070701000000E3000041ED0000000000000000000000026000787300000000000000000000000000000000000000000000004F00000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/osconfig-ntp-client/templates070701000000E4000081A40000000000000000000000016000787300000747000000000000000000000000000000000000005B00000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/osconfig-ntp-client/templates/ntp.conf.j2{# # # (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017-2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # #} # /etc/ntp.conf, configuration for ntpd; see ntp.conf(5) for help driftfile /var/lib/ntp/ntp.drift # Enable this if you want statistics to be logged. #statsdir /var/log/ntpstats/ statistics loopstats peerstats clockstats filegen loopstats file loopstats type none enable filegen peerstats file peerstats type none enable filegen clockstats file clockstats type none enable # By default, exchange time with everybody, but don't allow configuration. restrict -4 default kod notrap nomodify nopeer noquery restrict -6 default kod notrap nomodify nopeer noquery # Local users may interrogate the ntp server more closely. restrict 127.0.0.1 restrict ::1 # Remote NTP server(s) to synchronize with. {% for item in NTP_CLI.consumes_NTP_SVR.members.private %} server {{ item.host }} {% endfor %} # Listen only on interfaces needed to access NTP server(s) {% for item in ntp_client_listen_ifaces %} interface listen {{ item }} {% endfor %} # Specify the internal hardware clock as a reference clock. # Set a high stratum so this is only used if all external clocks fail. # This will mitigate skew until external clocks return to service. server 127.127.1.0 # local clock address fudge 127.127.1.0 stratum 10 070701000000E5000041ED0000000000000000000000046000787300000000000000000000000000000000000000000000004500000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/osconfig-ntp-server070701000000E6000041ED0000000000000000000000026000787300000000000000000000000000000000000000000000004B00000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/osconfig-ntp-server/tasks070701000000E7000081A40000000000000000000000016000787300000685000000000000000000000000000000000000005900000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/osconfig-ntp-server/tasks/configure.yml# # (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # # Playbook for configuring ntp server settings - include_vars: "../../osconfig-common/vars/{{ ansible_os_family | lower }}.yml" - name: osconfig-ntp-server | configure | Verify ntp servers are accessible become: yes command: /usr/sbin/ntpdate -q {{ ntp_servers | join(' ') }} when: not (ardana_notify_osconfig_ntp_restart_required is not defined) and ardana_notify_osconfig_ntp_restart_required.changed and ntp_restarted is not defined register: ntpdate_result until: ntpdate_result | success retries: 120 delay: 2 - name: osconfig-ntp-server | configure | Record ntp server responses debug: var: ntpdate_result.stdout_lines when: ntpdate_result | success - name: osconfig-ntp-server | configure | Stop ntp so time can be updated become: yes service: name={{ ntp_service_name }} state=stopped when: not (ardana_notify_osconfig_ntp_restart_required is not defined) and ardana_notify_osconfig_ntp_restart_required.changed and ntp_restarted is not defined 070701000000E8000081A4000000000000000000000001600078730000046A000000000000000000000000000000000000005700000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/osconfig-ntp-server/tasks/install.yml# # (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017-2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # # Playbook for installing ntp server software --- - include_vars: "../../osconfig-common/vars/{{ ansible_os_family | lower }}.yml" - name: osconfig-ntp-server | install | Create ntp configuration file become: yes template: src=ntp.conf.j2 dest=/etc/ntp.conf register: ardana_notify_osconfig_ntp_restart_required - name: osconfig-ntp-server | install | Install required packages become: yes package: name: "{{ item }}" state: present with_items: ntp_srv_pkgs 070701000000E9000081A40000000000000000000000016000787300000A2E000000000000000000000000000000000000005500000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/osconfig-ntp-server/tasks/start.yml# # (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # # Playbook for starting the ntp server service - include_vars: "../../osconfig-common/vars/{{ ansible_os_family | lower }}.yml" - name: osconfig-ntp-server | start | Update system time to ntp server time become: yes command: /usr/sbin/ntpdate -b {{ ntp_servers[0] }} when: not (ardana_notify_osconfig_ntp_restart_required is not defined) and ardana_notify_osconfig_ntp_restart_required.changed and ntp_restarted is not defined ignore_errors: true - name: osconfig-ntp-server | start | Update the hardware clock with system time become: yes command: /sbin/hwclock --systohc when: not (ardana_notify_osconfig_ntp_restart_required is not defined) and ardana_notify_osconfig_ntp_restart_required.changed and ntp_restarted is not defined - name: osconfig-ntp-server | start | Restart ntp service become: yes service: name: "{{ ntp_service_name }}" state: restarted when: not (ardana_notify_osconfig_ntp_restart_required is not defined) and ardana_notify_osconfig_ntp_restart_required.changed and ntp_restarted is not defined register: ntp_restarted - name: osconfig-ntp-server | start | Start and enable ntp service become: yes service: name: "{{ ntp_service_name }}" state: running enabled: yes - name: osconfig-ntp-server | start | Verify ntp service is responding become: yes command: /usr/sbin/ntpdate -q {{ ansible_ssh_host | default('localhost') }} register: _osconfig_ntp_server_verify_responding until: _osconfig_ntp_server_verify_responding | success retries: 120 delay: 3 - name: osconfig-ntp-server | start | Restart services that are affected by time changing service: name: "{{ item }}" state: restarted enabled: yes become: yes with_items: - rsyslog when: ardana_notify_osconfig_ntp_restart_required is defined and ardana_notify_osconfig_ntp_restart_required.changed and ntp_restarted is not defined 070701000000EA000041ED0000000000000000000000026000787300000000000000000000000000000000000000000000004F00000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/osconfig-ntp-server/templates070701000000EB000081A40000000000000000000000016000787300000697000000000000000000000000000000000000005B00000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/osconfig-ntp-server/templates/ntp.conf.j2{# # # (c) Copyright 2015 Hewlett Packard Enterprise Development LP # (c) Copyright 2017-2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # #} # /etc/ntp.conf, configuration for ntpd; see ntp.conf(5) for help driftfile /var/lib/ntp/ntp.drift # Enable this if you want statistics to be logged. #statsdir /var/log/ntpstats/ statistics loopstats peerstats clockstats filegen loopstats file loopstats type none enable filegen peerstats file peerstats type none enable filegen clockstats file clockstats type none enable # By default, exchange time with everybody, but don't allow configuration. restrict -4 default kod notrap nomodify nopeer noquery restrict -6 default kod notrap nomodify nopeer noquery # Local users may interrogate the ntp server more closely. restrict 127.0.0.1 restrict ::1 # Remote NTP server(s) to synchronize with. {% for item in ntp_servers %} server {{ item }} iburst {% endfor %} # Specify the internal hardware clock as a reference clock. # Set a high stratum so this is only used if all external clocks fail. # This will mitigate skew until external clocks return to service. server 127.127.1.0 # local clock address fudge 127.127.1.0 stratum 10 070701000000EC000041ED0000000000000000000000066000787300000000000000000000000000000000000000000000004000000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/osconfig-probe070701000000ED000041ED0000000000000000000000026000787300000000000000000000000000000000000000000000004800000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/osconfig-probe/library070701000000EE000081A400000000000000000000000160007873000045A5000000000000000000000000000000000000005100000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/osconfig-probe/library/probe.py#!/usr/bin/python # # (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # import glob import json import os import re import shlex import subprocess import sys """ Probe hardware/software and gather various information Usage: - become: true probe: ipaddr=<ipaddr> hostname=<hostname> The information is returned as 'ansible_facts' with the keys described below. This allows code such as: - name: Probe probe: - name: Dump BIOS release date debug: var="{{ ardana_dmi_data.ardana_dmi_data.bios_information[0].release_date }}" Note: The ansible facts are returned as a dictionary where each item has a key that in turn contains an item with the same key. The is so that when used in a j2 file, the first item in the resulting file is the key. The resulting file is modelled on input model files: a key containing an array item, where the item contains a dict with ipaddr and hostname as keys. The hostname item will be null if this is used before running the Ardana Configuration Processor. ardana_drive_configuration: Lists the name and size of block devices. Each item containing two items: name and bytes, where bytes is the size of the block device in bytes. Example (expressed as YAML): ardana_drive_configuration: ardana_drive_configuration: - ipaddr: 10.0.0.0 hostname: whatever drives: - name: /dev/sda bytes: 42949672960 partitions: - name: sda1 bytes: 42949672960 - name: /dev/sdb bytes: 20000000000 partitions: [] dmi_data: Contains the output from dmidecode. All keys and data is lower-cased. All top level keys are followed by an array -- frequently one. Each item in the array is a dict that contains a 'handle' key, followed by the keys from dmidecode. Example (small subset): ardana_dmi_data: ardana_dmi_data: - ipaddr: 10.0.0.0 hostname: whatever dmidata: system_information: - _handle: _0x0001 manufacturer: hewlett-packard product_name: hp_z620_workstation serial_number: czc4361dq2 bios_information: - _handle: _0x0000 bios_revision: '3.69' characteristics: '0': pci_is_supported '1': pnp_is_supported release_date: 03/25/2014 rom_size: 16384_kb runtime_size: 64_kb vendor: hewlett-packard version: j61_v03.69 ardana_interface_configuration: Contains a list of ethN devices. The link_detected key is always reported. The speed and duplex keys may be absent. Example: ardana_interface_configuration: ardana_interface_configuration: - ipaddr: 10.0.0.0 hostname: whatever interfaces: - name: eth0 device: name: eth0 state: UP mac: fe:54:00:77:94:8f link_detected: yes - name: eth1 device: name: eth1 state: UP mac: b2:c9:43:3b:4a:99 link_detected: no duplex: Full speed: 1000Mb/s ardana_meminfo: Contains a dict of all items from /proc/meminfo. Where needed, the units (e.g. kB) are specified. Example (much redacted): ardana_meminfo: ardana_meminfo: - ipaddr: 10.0.0.0 hostname: whatever meminfo: memtotal: value: 505648 units: kB hugepages_total: value: 0 directmap4k: value: 2048 units: kB ardana_packages: Contains a list of all packages installed on a server. Note the version key is a string. Hence (in JSON) it is quoted. Example: ardana_packages: ardana_packages: - ipaddr: 10.0.0.0 hostname: whatever packages: - name: acl status: ii version: 2.2.52-2 section: utils architecture: amd64 description: Access control list utilities - name: init-system-helpers status: ii version: '1.14' architecture: all description: helper tools for all init systems """ def drive_configuration(): """ Get drive (block device) names and sizes """ block_devices = [] for device in os.listdir('/sys/block'): if os.path.exists('/sys/block/%s/device' % device): # Is a disk drive with open('/sys/block/%s/size' % device) as dev: sectors = dev.read() with open('/sys/block/%s/queue/hw_sector_size' % device) as dev: hw_sector_size = dev.read() size = int(sectors) * int(hw_sector_size) pathname = os.path.join('/dev', device) partitions = [] for partition_number in range(1, 99): partition_path = '/sys/block/%s/%s%s' % (device, device, partition_number) if os.path.exists(partition_path): with open(os.path.join(partition_path, 'size')) as part: partition_size = int(part.read()) * int(hw_sector_size) partitions.append({ 'partition': '%s%s' % (device, partition_number), 'bytes': partition_size}) block_devices.append({'name': pathname, 'bytes': size, 'partitions': partitions}) # Iterate through the multipath devices and assign sizes mpath_devices = glob.glob("/dev/mapper/mpath*") device_list=[] dm_devs={} for mdev in mpath_devices: dm_dev = os.path.basename(os.path.realpath(mdev)) # The devices that have a "hold" on this device # Could be a partition on an LVM volume holders = os.listdir("/sys/block/%s/holders" % dm_dev) slaves = os.listdir("/sys/block/%s/slaves" % dm_dev) dev_entry = {"mdev": mdev, "dm_dev": dm_dev, "holders": holders, "slaves": slaves, "partitions": []} device_list.append(dev_entry) with open('/sys/block/%s/size' % dm_dev) as dev: sectors = dev.read() with open('/sys/block/%s/queue/hw_sector_size' % dm_dev) as dev: hw_sector_size = dev.read() size = int(sectors) * int(hw_sector_size) dm_devs[dm_dev] = {'name': mdev, 'bytes': size} # Find and attach the partitions to the structure for dev in device_list: # since device can have no slaves or holders in which case it is empty # set default to drive dev["type"] = "drive" for slave in dev["slaves"]: # The slave is a multipath device if slave in dm_devs.keys(): dev["type"] = "partition" assert (len(dev["slaves"]) == 1), 'device %s: slaves !=1'%dev partitions = [] for holder in dev["holders"]: if holder in dm_devs.keys(): assert (dev["type"] == "drive"), 'device holder %s: type !=drive'%holder my_partition = {'partition': dm_devs[holder]['name'], 'bytes': dm_devs[holder]['bytes']} partitions.append(my_partition) dev["partitions"] = partitions # validation check for dev in device_list: assert (dev["type"] != ""), 'device %s: type = ""'%dev # Add the multipath data to the existing list for dev in device_list: if dev["type"] == "drive": dm_dev = dm_devs[dev["dm_dev"]] block_devices.append({'name': dev['mdev'], 'bytes': dm_dev['bytes'], 'partitions': dev['partitions']}) return block_devices def dmidecode(): """ Get dmidebode and lspci information """ hardware = {} try: output = subprocess.check_output(['/usr/sbin/dmidecode']) except subprocess.CalledProcessError: output = '' state = 'need_handle' for line in output.split('\n'): if state == 'need_handle': if line.startswith('Handle '): handle = '_' + line[7:13] state = 'need_dmi' continue if state == 'need_dmi': dmi = line.lower().strip().replace(' ', '_') if not hardware.get(dmi): hardware[dmi] = {} hardware[dmi][handle] = {} state = 'need_attributes' continue if state == 'need_attributes': if line.strip() == '': state = 'need_handle' else: if ':' in line: attr_val = line.split(':') if len(attr_val[1]) > 1: #print 'DEBUG: found value %s' %\ # attr_val[1].strip().lower().replace(' ', '_') attr = attr_val[0].strip().lower().replace(' ', '_') val = attr_val[1].strip().lower().replace(' ', '_') hardware[dmi][handle][attr] = val else: attr = attr_val[0].strip().lower().replace(' ', '_') state = 'reading_array' hardware[dmi][handle][attr] = {} idx = 0 else: # Attribute value contains newline -- ignore pass continue if state == 'reading_array': if line.strip() == '': state = 'need_handle' elif ':' in line: state = 'need_attributes' attr_val = line.split(':') attr = attr_val[0].strip().lower().replace(' ', '_') val = attr_val[1].strip().lower().replace(' ', '_') hardware[dmi][handle][attr] = val else: hardware[dmi][handle][attr][str(idx)] = \ line.strip().lower().replace(' ', '_') idx += 1 continue dmidata = {} for key in hardware.keys(): dmidata[key] = [] for handle in hardware[key]: newvalue = hardware.get(key).get(handle) newvalue['_handle'] = handle dmidata[key].append(newvalue) return dmidata def ip(): interfaces = [] try: output = subprocess.check_output(['/sbin/ip', 'link']) except subprocess.CalledProcessError: output = '' parser = 'need_name' name = '' state = '' for line in output.split('\n'): pieces = line.split() if len(pieces) == 0: continue if parser == 'need_name': name = pieces[1].split(':')[0] state = pieces[8] parser = 'need_mac' else: is_ether = False if pieces[0] == 'link/ether' and name.startswith('eth'): is_ether = True mac = pieces[1] if is_ether: interfaces.append({'name': name, 'device': [{'name': name, 'state': state, 'macaddr': mac}]}) parser = 'need_name' # Add additional information to the device data for interface in interfaces: name = interface['name'] try: output = subprocess.check_output(['/sbin/ethtool', '%s' % name]) except subprocess.CalledProcessError: output = '' dev_info = interface.get('device')[0] for line in output.split('\n'): if line.strip().startswith('Link detected:'): dev_info['link_detected'] = line.strip().split()[2] elif line.strip().startswith('Duplex:'): dev_info['duplex'] = line.strip().split()[1] elif line.strip().startswith('Speed:'): dev_info['speed'] = line.strip().split()[1] return interfaces def meminfo(): mem_info = {} with open('/proc/meminfo') as lines: for line in lines: item = {} name = line.split()[0].split(':')[0].lower() item['value'] = int(line.split()[1].strip()) try: item['units'] = line.split()[2].strip() except IndexError: pass mem_info[name] = item return mem_info def package_info(): if os.path.exists('/usr/bin/dpkg'): return dpkg() elif os.path.exists('/usr/bin/zypper'): return zypper() else: raise NotImplementedError('Could not determine package manager to use') def dpkg(): packages = [] try: output = subprocess.check_output(['/usr/bin/dpkg', '-l']) except subprocess.CalledProcessError: output = '' parser = 'need_divider' for line in output.split('\n'): if parser == 'need_divider': if line.startswith('+++-=='): parser = 'consume_items' else: pieces = line.split() if len(pieces) == 0: continue # blank/empty line (probably at end of listing) package = { 'status': pieces[0], 'name': pieces[1], 'version': str(pieces[2]), 'architecture': pieces[3], 'description': ' '.join(pieces[4:])} packages.append(package) return packages def zypper(): package_versions = {} package_version_lines = zypper_lines(['/usr/bin/zypper', 'search', '-i', '-s']) for pieces in package_version_lines: if len(pieces) == 6 and pieces[2] == 'package': package_versions[pieces[1]] = (pieces[3], pieces[4]) packages = [] package_lines = zypper_lines(['/usr/bin/zypper', 'search', '-i']) for pieces in package_lines: if len(pieces) == 4 and pieces[3] == 'package': package_version = package_versions.get(pieces[1], ('', '')) package = { 'status': pieces[0], 'name': pieces[1], 'version': package_version[0], 'architecture': package_version[1], 'description': pieces[2] } packages.append(package) return packages def zypper_lines(command): output_lines = [] try: output = subprocess.check_output(command) except subprocess.CalledProcessError: output = '' parser = 'need_divider' for line in output.split('\n'): if parser == 'need_divider': if line.startswith('---+'): parser = 'consume_items' else: output_lines.append(re.split('\s*\|\s*', line)) return output_lines def main(): ipaddr = None hostname = None try: args_file = sys.argv[1] args_data = file(args_file).read() arguments = shlex.split(args_data) except (IndexError, IOError): arguments = sys.argv # Running interactively for arg in arguments: if "=" in arg: (key, value) = arg.split('=') if key == 'ipaddr': ipaddr = value if key == 'hostname': hostname = value ret={} try: failed_msg = '' discovered_drives = drive_configuration() dmidata = dmidecode() interfaces = ip() mem_info = meminfo() packages = package_info() except AssertionError as msg: failed_msg = msg ret['failed'] = True ret['rc'] = 1 ret['msg'] = str(failed_msg) print(json.dumps(ret)) sys.exit(1) ret['failed'] = False ret['rc'] = 0 ret['ansible_facts'] = \ { 'ardana_meminfo': { 'ardana_meminfo': [{ 'ipaddr': ipaddr, 'hostname': hostname, 'meminfo': mem_info }] }, 'ardana_drive_configuration': { 'ardana_drive_configuration': [{ 'ipaddr': ipaddr, 'hostname': hostname, 'drives': discovered_drives }] }, 'ardana_interface_configuration': { 'ardana_interface_configuration': [{ 'ipaddr': ipaddr, 'hostname': hostname, 'interfaces': interfaces }] }, 'ardana_dmi_data': { 'ardana_dmi_data': [{ 'ipaddr': ipaddr, 'hostname': hostname, 'dmidata': dmidata }] }, 'ardana_packages': { 'ardana_packages': [{ 'ipaddr': ipaddr, 'hostname': hostname, 'packages': packages }] } } print(json.dumps(ret)) if __name__ == '__main__': main() 070701000000EF000041ED0000000000000000000000026000787300000000000000000000000000000000000000000000004600000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/osconfig-probe/tasks070701000000F0000081A4000000000000000000000001600078730000065D000000000000000000000000000000000000005400000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/osconfig-probe/tasks/configure.yml# # (c) Copyright 2015 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- - name: osconfig-probe | configure | Probe hardware configuration become: yes probe: ipaddr={{ ansible_default_ipv4.address }} hostname={{ host.vars.my_network_name }} - name: osconfig-probe | configure | Create /var/cache/ for probe become: yes file: > path={{ probe_var_cache }} owner=root group=root mode=0755 state=directory - name: osconfig-probe | configure | Update /var/cache yml files become: yes template: src: "{{ item }}.j2" dest: "{{ probe_var_cache }}/{{ item }}.yml" owner: root group: root mode: "a=r" with_items: - drive_configuration - interface_configuration - dmi_data - meminfo - packages - name: osconfig-probe | configure | Upload data to deployer fetch: src={{ probe_var_cache}}/{{ item }}.yml dest=osconfig-probe/{{ ansible_default_ipv4.address }}/ flat=yes with_items: - drive_configuration - interface_configuration - dmi_data - meminfo - packages070701000000F1000081A40000000000000000000000016000787300000409000000000000000000000000000000000000005200000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/osconfig-probe/tasks/install.yml# # (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017-2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- - name: osconfig-probe | install | Install misc utilities become: yes package: name: "{{ item }}" state: present with_items: - dmidecode - ethtool - iproute - name: osconfig-probe | install | Install extra misc utilities - Debian become: yes package: name: "{{ item }}" state: present with_items: - dpkg when: ansible_os_family == 'Debian' 070701000000F2000041ED0000000000000000000000026000787300000000000000000000000000000000000000000000004A00000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/osconfig-probe/templates070701000000F3000081A400000000000000000000000160007873000002AF000000000000000000000000000000000000005600000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/osconfig-probe/templates/dmi_data.j2{# # # (c) Copyright 2015 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # #} --- {{ ardana_dmi_data | to_nice_yaml }} 070701000000F4000081A400000000000000000000000160007873000002B9000000000000000000000000000000000000006100000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/osconfig-probe/templates/drive_configuration.j2{# # # (c) Copyright 2015 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # #} --- {{ ardana_drive_configuration | to_nice_yaml}} 070701000000F5000081A400000000000000000000000160007873000002BE000000000000000000000000000000000000006500000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/osconfig-probe/templates/interface_configuration.j2{# # # (c) Copyright 2015 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # #} --- {{ ardana_interface_configuration | to_nice_yaml }} 070701000000F6000081A400000000000000000000000160007873000002AE000000000000000000000000000000000000005500000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/osconfig-probe/templates/meminfo.j2{# # # (c) Copyright 2015 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # #} --- {{ ardana_meminfo | to_nice_yaml }} 070701000000F7000081A400000000000000000000000160007873000002B3000000000000000000000000000000000000005600000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/osconfig-probe/templates/packages.j2{# # # (c) Copyright 2015 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # #} --- {{ ardana_packages | to_nice_yaml }} 070701000000F8000041ED0000000000000000000000026000787300000000000000000000000000000000000000000000004500000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/osconfig-probe/vars070701000000F9000081A400000000000000000000000160007873000002D2000000000000000000000000000000000000004E00000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/osconfig-probe/vars/main.yml# # (c) Copyright 2015 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- probe_var_cache: /var/cache/osconfig-probe probe_deployer_dir: osconfig-probe 070701000000FA000041ED0000000000000000000000026000787300000000000000000000000000000000000000000000004300000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/osconfig/defaults070701000000FB000081A400000000000000000000000160007873000004FF000000000000000000000000000000000000004C00000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/osconfig/defaults/main.yml# # (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017-2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- dns: {} collectl_dir: /var/cache/collectl numa_huge_pages: "{{ host | item('my_memory_model.numa_huge_pages', default=[]) }}" non_numa_huge_pages: "{{ host | item('my_memory_model.non_numa_huge_pages', default=[]) }}" total_huge_pages: "{{ numa_huge_pages | union(non_numa_huge_pages) }}" default_huge_page_size: "{{ host | item('my_memory_model.default_huge_page_size', default='') }}" processor_list: "{{ host | item('cpu_assignments.server.processor_list', default='') }}" crashkernel_settings: "crashkernel=384M-2G:64M,2G-:256M" osconfig_zypper_os_repo_name: SLES-OS osconfig_zypper_os_repo_loc: ardana/sles12/zypper/OS/ 070701000000FC000041ED0000000000000000000000026000787300000000000000000000000000000000000000000000004000000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/osconfig/files070701000000FD000081A4000000000000000000000001600078730000001C000000000000000000000000000000000000004B00000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/osconfig/files/bnx2x.confoptions bnx2x disable_tpa=1 070701000000FE000081A400000000000000000000000160007873000000A7000000000000000000000000000000000000004D00000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/osconfig/files/kdump_configUSE_KDUMP=1 KDUMP_SYSCTL="kernel.panic_on_oops=1" KDUMP_COREDIR="/var/crash" KDUMP_FAIL_CMD="reboot -f" KDUMP_DUMP_DMESG=1 #KDUMP_DUMP_KDUMPDMESG= KDUMP_NUM_DUMPS=4 070701000000FF000041ED0000000000000000000000026000787300000000000000000000000000000000000000000000004000000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/osconfig/tasks07070100000100000081A400000000000000000000000160007873000004F9000000000000000000000000000000000000005700000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/osconfig/tasks/check-for-apt-repo.yml# # (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- - name: osconfig | check-for-apt-repo | Checking for apt-repo delegate_to: localhost stat: path: "{{ hlinux_apt_repo_dir }}/dists" register: _apt_repo_stat_result - set_fact: deployer_apt_repo_present: "{{ _apt_repo_stat_result.stat.exists | bool }}" - name: osconfig | check-for-apt-repo | Checking for thirdparty-repo delegate_to: localhost stat: path: "{{ thirdparty_apt_repo_dir }}/latest/dists" register: _tp_repo_stat_result - name: osconfig | check-for-apt-repo | Set _thirdparty_repo_present fact set_fact: thirdparty_apt_repo_present: "{{ _tp_repo_stat_result.stat.exists | bool }}" 07070100000101000081A400000000000000000000000160007873000003F0000000000000000000000000000000000000005700000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/osconfig/tasks/check-for-yum-repo.yml# # (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- - name: osconfig | check-for-yum-repo | Checking for thirdparty-repo delegate_to: localhost stat: path: "{{ yum_thirdparty_dir }}/latest/repodata" register: _tp_repo_stat_result - name: osconfig | check-for-yum-repo | Set _thirdparty_yum_repo_present fact set_fact: thirdparty_yum_repo_present: "{{ _tp_repo_stat_result.stat.exists | bool }}" 07070100000102000081A400000000000000000000000160007873000003EF000000000000000000000000000000000000005800000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/osconfig/tasks/check-for-zypp-repo.yml# # (c) Copyright 2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- - name: osconfig | check-for-zypp-repo | Checking for thirdparty-repo delegate_to: localhost stat: path: "{{ zypp_thirdparty_dir }}/directory.yast" register: _tp_repo_stat_result - name: osconfig | check-for-zypp-repo | Set _thirdparty_zypp_repo_present fact set_fact: thirdparty_zypp_repo_present: "{{ _tp_repo_stat_result.stat.exists | bool }}" 07070100000103000081A40000000000000000000000016000787300000589000000000000000000000000000000000000005900000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/osconfig/tasks/check-product-status.yml# # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- - name: deployer-setup | check-product-status | Check HOS product availability become: yes zypper: name: "hpe-helion-openstack-release>=8" state: present ignore_errors: yes register: product_flavor_hos - name: deployer-setup | check-product-status | Check SOC product availability become: yes zypper: name: "suse-openstack-cloud-release>=8" state: present ignore_errors: yes register: product_flavor_soc - name: deployer-setup | check-product-status | Provide help fail: msg: > The deployer node does not have a Cloud Add-On product installed. In YaST select Software/Add-On Products to see an overview of installed add-on products and use "Add" to add the Cloud product. when: product_flavor_hos|failed and product_flavor_soc|failed and not deployer_media_legacy_layout|bool 07070100000104000081A40000000000000000000000016000787300000788000000000000000000000000000000000000005600000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/osconfig/tasks/check-repo-status.yml# # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- - set_fact: suse_release: suse-{{ansible_distribution_version}} - include: check-product-status.yml - name: osconfig | check-repo-status | Load expected repodata include_vars: repos-cloud.yml - name: osconfig | check-repo-status | Set brand fact set_fact: brand: "{{ 'SUSE OpenStack Cloud' if (not product_flavor_soc|failed) else 'HPE Helion OpenStack' }}" - name: osconfig | check-repo-status | Check that SLES and Cloud repos are installed zypper_check_repositories: expected_repodata: "{{ expected_repodata[suse_release][ansible_architecture] }}" brand: "{{ brand }}" register: maintenance_repos_installed ignore_errors: true when: deployer_media_legacy_layout|bool == false # Finally, if the above didn't work, fail. - name: osconfig | check-repo-status | Fail if unable to configure SLES and Cloud repos delegate_to: localhost fail: msg: > The SUSE Linux Enterprise Server and {{ brand }} Add-On repositories are required for updates. Complete the SCC registration of this node with YaST, and install the appropriate Cloud Add-On product from Software/Add-On Products. You may also configure your deployer node as an SMT mirror to enable these repositories for entire cloud. when: (maintenance_repos_installed is defined and maintenance_repos_installed.failed) 07070100000105000081A4000000000000000000000001600078730000037E000000000000000000000000000000000000005D00000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/osconfig/tasks/copy-ardana-version-file.yml# # (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # # create a version file under /etc to identify which deployer release was used - name: osconfig | create_ardana_version_file | copy version file from deployer copy: src: Ardana_version dest: /etc/Ardana_version mode: 0644 sudo: True 07070100000106000081A400000000000000000000000160007873000003FE000000000000000000000000000000000000005800000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/osconfig/tasks/get-ptf-signing-key.yml# # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- # This should only run on the deployer! - name: osconfig | get-ptf-signing-key | Read gpg public key for PTF repo command: "/usr/bin/gpg -a --export 'PTF repository signing key'" become: yes ignore_errors: yes register: ptf_signing_key_result - name: osconfig | get-ptf-signing-key | Set gpg public key fact for PTF repo set_fact: ptf_signing_key: "{{ ptf_signing_key_result.stdout }}" when: ptf_signing_key_result.rc == 0 07070100000107000081A40000000000000000000000016000787300000372000000000000000000000000000000000000004900000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/osconfig/tasks/main.yml# # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # # Warning: If this is used to stop on all nodes the whole cluster is down # and can only be started by bootstrapping the cluster manually # --- - name: osconfig | main | Include platform vars include_vars: "{{ item }}" with_first_found: - "{{ ansible_os_family | lower }}.yml" - "default.yml" 07070100000108000081A40000000000000000000000016000787300000361000000000000000000000000000000000000004B00000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/osconfig/tasks/marker.yml# (c) Copyright 2015 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. --- - name: osconfig | marker | create /etc/ardana directory file: path=/etc/openstack state=directory become: yes - name: osconfig | marker | create marker file: path=/etc/openstack/osconfig-ran state=touch become: yes 07070100000109000081A40000000000000000000000016000787300000539000000000000000000000000000000000000005300000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/osconfig/tasks/set-bnx2x-opts.yml# # (c) Copyright 2016-2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. --- - name: osconfig | set-bnx2x-opts | place /etc/modprobe.d/bnx2x.conf become: yes copy: src: bnx2x.conf dest: /etc/modprobe.d/bnx2x.conf owner: root group: root mode: 644 register: bnx2x_conf - name: osconfig | set-bnx2x-opts | rebuild the initrd Debian become: yes command: /usr/sbin/update-initramfs -u -k all when: bnx2x_conf.changed and ansible_os_family == 'Debian' - name: osconfig | set-bnx2x-opts | rebuild the initrd RedHat become: yes command: dracut -f when: bnx2x_conf.changed and ansible_os_family == 'RedHat' - name: osconfig | set-bnx2x-opts | rebuild the initrd SUSE become: yes command: dracut -f when: bnx2x_conf.changed and ansible_os_family == 'Suse' 0707010000010A000081A400000000000000000000000160007873000003F5000000000000000000000000000000000000005100000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/osconfig/tasks/set-hostname.yml# # (c) Copyright 2015 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # - name: osconfig | set-hostname | Set native hostname become: yes hostname: name={{ host.vars.my_network_name }} register: set_hostname - name: osconfig | set-hostname | Restart services that are affected by hostname change service: name: "{{ item }}" state: restarted enabled: yes become: yes with_items: - rsyslog when: set_hostname.changed 0707010000010B000081A4000000000000000000000001600078730000064E000000000000000000000000000000000000005100000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/osconfig/tasks/set-timezone.yml# # (c) Copyright 2015,2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # - name: osconfig | set-timezone | Update /etc/timezone template: src=timezone.j2 dest=/etc/timezone mode=0644 become: yes register: tz - name: osconfig | set-timezone | Update tzdata Debian command: dpkg-reconfigure -fnoninteractive tzdata become: yes when: tz.changed and ansible_os_family == 'Debian' - name: osconfig | set-timezone | Read tzdata RedHat shell: cat /etc/timezone | grep -v \# become: yes register: tzlocal when: ansible_os_family == 'RedHat' - name: osconfig | set-timezone | Update tzdata RedHat command: timedatectl set-timezone "{{tzlocal.stdout}}" become: yes when: ansible_os_family == 'RedHat' - name: osconfig | set-timezone | Read tzdata SUSE shell: cat /etc/timezone | grep -v \# become: yes register: tzlocal when: ansible_os_family == 'Suse' - name: osconfig | set-timezone | Update tzdata SUSE command: timedatectl set-timezone "{{tzlocal.stdout}}" become: yes when: ansible_os_family == 'Suse' 0707010000010C000081A400000000000000000000000160007873000008E2000000000000000000000000000000000000004E00000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/osconfig/tasks/setup-apt.yml# # (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017-2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- - name: osconfig | setup-apt | Install prereqs become: yes apt: name={{ item }} state=latest with_items: - python-apt - name: osconfig | setup-apt | Remove /etc/apt/sources.list become: yes file: path: "/etc/apt/sources.list" state: absent register: _apt_source_list_result when: deployer_apt_repo_present - name: osconfig | setup-apt | Add deployer apt repo become: yes apt_repository: repo: "deb [arch=amd64] {{ hlinux_url }} {{ hlinux_distro }} main contrib non-free" update_cache: no when: deployer_apt_repo_present - name: osconfig | setup-apt | Get symlink source delegate_to: localhost stat: path: "{{ thirdparty_apt_repo_dir }}/latest" register: latest_source_result when: thirdparty_apt_repo_present - name: osconfig | setup-apt | Add thirdparty apt repo become: yes apt_repository: repo: "{{ item }}" update_cache: no with_items: - "deb [arch=amd64] {{ deployer_server }}/{{ thirdparty_repo_loc }}/public/{{ latest_source_result.stat.lnk_source | basename }} {{ hlinux_distro }} main" when: thirdparty_apt_repo_present - name: osconfig | setup-apt | Setup apt repository priority preferences become: yes template: src: "priority.d.j2" dest: "/etc/apt/preferences.d/{{ deployer_server | replace('http://', '') | replace('.', '_') | replace('-', '_') | replace('/', '_') }}" register: _apt_repository_priority_result when: deployer_apt_repo_present - name: osconfig | setup-apt | Update and upgrade apt repository become: yes command: apt-get update when: deployer_apt_repo_present or thirdparty_apt_repo_present 0707010000010D000081A40000000000000000000000016000787300000635000000000000000000000000000000000000005600000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/osconfig/tasks/setup-debug-tools.yml# # (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017-2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. --- - name: osconfig | setup-debug-tools | Get variables include_vars: "{{ ansible_os_family | lower }}.yml" - name: osconfig | setup-debug-tools | Directory for collectl become: yes file: path={{ collectl_dir }} owner=root group=root mode=0755 state=directory when: '"collectl" in osconfig_debug_tools' - name: osconfig | setup-debug-tools | Config for collectl become: yes template: src: collectl.conf.j2 dest: /etc/collectl.conf owner: root group: root mode: 0644 register: collectl_conf when: '"collectl" in osconfig_debug_tools' - name: osconfig | setup-debug-tools | Install additional debugging packages become: yes package: name: "{{ item }}" state: present with_items: "{{osconfig_debug_tools}}" - name: osconfig | setup-debug-tools | Restart collectl if necessary become: yes service: name: collectl state: restarted when: '"collectl" in osconfig_debug_tools and collectl_conf.changed' 0707010000010E000081A40000000000000000000000016000787300000356000000000000000000000000000000000000005500000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/osconfig/tasks/setup-hosts-file.yml# # (c) Copyright 2015 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # - name: osconfig | setup-hosts-file | Update /etc/hosts become: yes copy: src: generated_files/etc/hosts dest: /etc/hosts owner: root group: root mode: 0644 tags: - generate_hosts_file 0707010000010F000081A40000000000000000000000016000787300000C0E000000000000000000000000000000000000005400000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/osconfig/tasks/setup-hugepages.yml# # (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017-2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. --- # This script is intended to run early in the boot process to improve the # chances of getting physically contiguous pages in the specified NUMA nodes. - name: osconfig | setup-hugepages | template service script become: yes template: src: hugepages-service.sh.j2 dest: /usr/bin/hugepages-service.sh owner: root group: root mode: 0755 when: numa_huge_pages | length > 0 - name: osconfig | setup-hugepages | clean existing service become: yes file: path: "{{ systemd_script_dir }}/ardana-hugepages.service" state: absent - name: osconfig | setup-hugepages | template service systemd become: yes template: src: hugepages-service.j2 dest: "{{ systemd_script_dir }}/ardana-hugepages.service" owner: root group: root mode: 0644 register: ardana_notify_service_systemd_result when: numa_huge_pages | length > 0 - name: osconfig | setup-hugepages | add service to systemd become: yes command: /bin/systemctl daemon-reload when: not (ardana_notify_service_systemd_result is not defined) and ardana_notify_service_systemd_result.changed - name: osconfig | setup-hugepages | start and enable service become: yes service: name: ardana-hugepages enabled: yes state: started when: ardana_notify_service_systemd_result is defined and ardana_notify_service_systemd_result.changed - name: osconfig | setup-hugepages | create hugepage directories become: yes file: name: /tmp/hugepages_{{ item.size }} state: directory owner: root group: root mode: 01770 with_items: total_huge_pages when: total_huge_pages | length > 0 - name: osconfig | setup-hugepages | mount hugepages become: yes mount: name: /tmp/hugepages_{{ item.size }} src: hugetlbfs fstype: hugetlbfs state: mounted opts: 'pagesize={{ item.size }}' with_items: total_huge_pages when: total_huge_pages | length > 0 - name: osconfig | setup-hugepages | remove any existing hugepages mounts become: yes lineinfile: dest: /etc/fstab regexp: '^.*hugetlbfs.*$' state: absent - name: osconfig | setup-hugepages | Add hugepages mount to fstab become: yes lineinfile: dest: /etc/fstab line: > hugetlbfs /tmp/hugepages_{{ item.size }} hugetlbfs mode=01770,pagesize={{ item.size }} 0 0 insertafter: EOF with_items: total_huge_pages when: total_huge_pages | length > 0 07070100000110000081A4000000000000000000000001600078730000164C000000000000000000000000000000000000005C00000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/osconfig/tasks/setup-kernel-parameters.yml# # (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017-2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. --- - name: osconfig | setup-kernel-parameters | Remove any existing default hugepage references become: yes replace: dest: /etc/default/grub regexp: '\s?default_hugepagesz=\w+' replace: '' - name: osconfig | setup-kernel-parameters | Remove any existing hugepage references become: yes replace: dest: /etc/default/grub regexp: '(\s?hugepagesz?=\w+)+' replace: '' - name: osconfig | setup-kernel-parameters | Reset crashkernal_settings if Suse set_fact: crashkernel_settings: "crashkernel=768,HIGH crashkernel=128,LOW" when: ansible_os_family == 'Suse' - name: osconfig | setup-kernel-parameters | setup crashkernel become: yes command: >- sed -i \ -e '/^GRUB_CMDLINE_LINUX=/ s#\([" ]*\)crashkernel=[^ "]*[ ]*#\1#g' \ -e '/^GRUB_CMDLINE_LINUX=/ s# *"$# {{ crashkernel_settings }}"#g' \ -e '/^GRUB_CMDLINE_LINUX=/ s#" #"#g' \ /etc/default/grub register: grub_mod - name: osconfig | setup-kernel-parameters | setup hugepages become: yes lineinfile: dest: /etc/default/grub backrefs: True state: present regexp: '(GRUB_CMDLINE_LINUX=)"(.*)"' line: '\1\"\2 hugepagesz={{ item.size }} hugepages={{ item.count }}\"' # we limit this to non NUMA pages since there is no mechanism in the # kernel parameters to specify which NUMA node a page should be allocated to. with_items: non_numa_huge_pages when: non_numa_huge_pages | length > 0 - name: osconfig | setup-kernel-parameters | setup hugepage default size become: yes lineinfile: dest: /etc/default/grub backrefs: True state: present regexp: '(GRUB_CMDLINE_LINUX=)"(.*)"' line: '\1\"\2 default_hugepagesz={{ default_huge_page_size }}\"' when: non_numa_huge_pages | length > 0 and default_huge_page_size != '' - name: osconfig | setup-kernel-parameters | remove existing cpu isolation become: yes replace: dest: /etc/default/grub regexp: '\s?isolcpus=[0-9,]*' replace: '' - name: osconfig | setup-kernel-parameters | isolate cpus become: yes lineinfile: dest: /etc/default/grub backrefs: True state: present regexp: 'GRUB_CMDLINE_LINUX="(.*)"' line: 'GRUB_CMDLINE_LINUX="\1 isolcpus={{ processor_list }}"' when: processor_list != '' - name: osconfig | setup-kernel-parameters | check if GRUB_CMDLINE_LINUX is found become: yes command: grep "GRUB_CMDLINE_LINUX" /etc/default/grub register: check_attr ignore_errors: True - name: osconfig | setup-kernel-parameters | remove existing intel_iommu become: yes replace: dest: /etc/default/grub regexp: '\s?intel_iommu=\w+' replace: '' - name: osconfig | setup-kernel-parameters | remove existing iommu become: yes replace: dest: /etc/default/grub regexp: '\s?iommu=\w+' replace: '' - name: osconfig | setup-kernel-parameters | set intel_iommu and iommu become: yes lineinfile: dest: /etc/default/grub backrefs: True state: present regexp: 'GRUB_CMDLINE_LINUX="(.*)"' line: 'GRUB_CMDLINE_LINUX="\1 intel_iommu=on iommu=pt"' when: network_pci_pt_sriov_interfaces is defined or {{ dpdk_enable_iommu }} - name: osconfig | setup-kernel-parameters | set intel_iommu and iommu when GRUB_CMDLINE_LINUX is not found become: yes lineinfile: dest: /etc/default/grub line: 'GRUB_CMDLINE_LINUX="intel_iommu=on iommu=pt"' when: (network_pci_pt_sriov_interfaces is defined or {{ dpdk_enable_iommu }}) and check_attr.rc != 0 - name: osconfig | setup-kernel-parameters | apt install kdump-tools become: yes apt: pkg: kdump-tools force: yes when: ansible_os_family == 'Debian' - name: osconfig | setup-kernel-parameters | yum install kexec-tools become: yes yum: pkg: kexec-tools when: ansible_os_family == 'RedHat' - name: osconfig | setup-kernel-parameters | zypper install kdump become: yes zypper: pkg: - kdump when: ansible_os_family == 'Suse' - name: osconfig | setup-kernel-parameters | configure kdump settings become: yes copy: src: kdump_config dest: /etc/default/kdump-tools register: kdump_mod when: ansible_os_family == 'Debian' - name: osconfig | setup-kernel-parameters | restart kdump-tools become: yes service: name: kdump-tools state: restarted when: kdump_mod.changed and ansible_os_family == 'Debian' - name: osconfig | setup-kernel-parameters | update-grub become: yes command: /usr/sbin/update-grub when: grub_mod.changed and ansible_os_family == 'Debian' - name: osconfig | setup-kernel-parameters | update-grub RedHat/Suse become: yes command: grub2-mkconfig -o /boot/grub2/grub.cfg when: grub_mod.changed and ansible_os_family in ['RedHat', 'Suse'] - name: osconfig | setup-kernel-parameters | enable kdump on boot (Suse) become: yes service: name: kdump enabled: yes when: ansible_os_family == 'Suse' - name: osconfig | setup-kernel-parameters | restart kdump RedHat become: yes service: name: kdump state: restarted when: ansible_os_family == 'RedHat' 07070100000111000081A40000000000000000000000016000787300000355000000000000000000000000000000000000005600000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/osconfig/tasks/setup-resolv-conf.yml# # (c) Copyright 2015 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # - name: osconfig | setup-resolv-conf | Update /etc/resolv.conf become: yes template: src: resolv.conf.j2 dest: /etc/resolv.conf owner: root group: root mode: 0644 when: osconfig_dns != {} 07070100000112000081A400000000000000000000000160007873000004E2000000000000000000000000000000000000005400000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/osconfig/tasks/setup-sudo-conf.yml# # (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # # Turn off interface probing in sudo as it doesn't scale with # of interfaces - name: osconfig | setup-sudo-conf | Set up /etc/sudo.conf become: yes lineinfile: dest: /etc/sudo.conf create: yes owner: root group: root state: present line: "Set probe_interfaces false" # Ensure that /usr/local/bin to secure path - name: osconfig | setup-sudo-conf | Set secure_path to be consistent become: yes lineinfile: dest: /etc/sudoers state: present regexp: "^Defaults\\s+secure_path\\s*=" line: "Defaults\tsecure_path = /sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin" 07070100000113000081A4000000000000000000000001600078730000040B000000000000000000000000000000000000005200000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/osconfig/tasks/setup-systemd.yml# # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. --- - name: osconfig | setup-systemd | tweak systemd parameters become: yes lineinfile: dest: /etc/systemd/system.conf regexp: '^#?DefaultTasksMax=.+' line: 'DefaultTasksMax=infinity' register: osconfig_setup_systemd_result when: ansible_os_family == 'Suse' - name: osconfig | setup-systemd | reload systemd configuration become: yes command: systemctl daemon-reload when: osconfig_setup_systemd_result is defined and osconfig_setup_systemd_result.changed 07070100000114000081A4000000000000000000000001600078730000093A000000000000000000000000000000000000004E00000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/osconfig/tasks/setup-yum.yml# # (c) Copyright 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017-2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # #- name: osconfig | setup-yum | check yum package installed or not # become: yes # file: # path: "/etc/apt/sources.list" # state: absent # register: _apt_source_list_result # when: deployer_apt_repo_present # 1. Check RHEL_##.iso is mounted / else throw an error # 2. Update local yum repo to point to locallay mounted RHEL_##.iso # 3. Based on other dependented build mechanism # (through yum mirror at deployer or bundled with venv build # through external venv mechanism ) write a task # to install those. --- - name: osconfig | setup-yum | Configure the extras yum repo on RHEL nodes become: yes template: src: "openstack_yum.repo.j2" dest: "/etc/yum.repos.d/openstack_yum.repo" when: deployer_media_legacy_layout|bool - name: osconfig | setup-yum | Check optional yum repo existence on deployer delegate_to: localhost stat: path: "{{ PACKAGE_CONSTANTS.REPO_DIR }}/{{ yum_optional_loc }}" register: _rhel_optional_repo_stat_result when: yum_optional_loc is defined - name: osconfig | setup-yum | Configure the optional yum repo on RHEL nodes become: yes template: src: "optional_yum.repo.j2" dest: "/etc/yum.repos.d/optional_yum.repo" when: _rhel_optional_repo_stat_result is defined and _rhel_optional_repo_stat_result.stat.exists - name: osconfig | setup-yum | Get symlink source delegate_to: localhost stat: path: "{{ yum_thirdparty_dir }}/latest" register: latest_source_result when: thirdparty_yum_repo_present - name: osconfig | setup-yum | Configure the thirdparty yum repo on RHEL nodes become: yes template: src: "tp_yum.repo.j2" dest: "/etc/yum.repos.d/tp_yum.repo" mode: 0644 when: thirdparty_yum_repo_present 07070100000115000081A4000000000000000000000001600078730000181E000000000000000000000000000000000000004F00000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/osconfig/tasks/setup-zypp.yml# # (c) Copyright 2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017-2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- # TODO(fergal): remove once ardana-ansible updated to specify zypp_server - set_fact: zypp_server: "{{ deployer_server }}" when: zypp_server is not defined and deployer_server is defined - set_fact: zypp_server_http: "{{ zypp_server }}" when: zypp_server_http is not defined ########################## # Legacy media mode only # ########################## - name: osconfig | setup-zypp | Check SLES OS zypper repo location delegate_to: localhost stat: path: "{{ PACKAGE_CONSTANTS.REPO_DIR }}/{{ osconfig_zypper_os_repo_loc }}/suse" register: _sles_os_repo_stat_result - name: osconfig | setup-zypp | Remove any old OS zypper repo become: yes zypper_repository: name: "{{ osconfig_zypper_os_repo_name }}" state: absent when: _sles_os_repo_stat_result.stat.exists - name: osconfig | setup-zypp | Configure the OS zypper repo become: yes zypper_repository: name: "{{ osconfig_zypper_os_repo_name }}" description: "{{ osconfig_zypper_os_repo_name }}" repo: "{{ zypp_server }}/{{ osconfig_zypper_os_repo_loc }}" when: _sles_os_repo_stat_result.stat.exists ############################## # Import gpg key for PTF repo# ############################## # NOTE(toabctl): The include will set the hostvars['localhost']['ptf_signing_key'] variable - include: get-ptf-signing-key.yml become: yes delegate_to: localhost delegate_facts: yes - name: osconfig | setup-zypp | Import ptf signing key into RPM key DB become: yes shell: | ARDANA_TMPDIR=$(mktemp -d --tmpdir ardana-gpg-pubkey-XXXXXX) echo "{{ hostvars['localhost']['ptf_signing_key'] }}" >> $ARDANA_TMPDIR/pub.key rpmkeys --import $ARDANA_TMPDIR/pub.key rm -rf $ARDANA_TMPDIR when: hostvars['localhost']['ptf_signing_key'] is defined and not deployer_media_legacy_layout|bool ############################## # Set up required SUSE Media # ############################## - name: osconfig | setup-zypp | Add SLES and Cloud repos set_fact: _repositories: - alias: Cloud name: Cloud - alias: PTF name: PTF - alias: SLES12-SP3-Pool name: SLES12-SP3-Pool - alias: SLES12-SP3-Updates name: SLES12-SP3-Updates - alias: SLES12-SP3-Updates-test name: SLES12-SP3-Updates-test - alias: SLES12-SP3-LTSS-Updates name: SLES12-SP3-LTSS-Updates - alias: SLES12-SP3-LTSS-Updates-test name: SLES12-SP3-LTSS-Updates-test - alias: SUSE-OpenStack-Cloud-8-Pool name: OpenStack-Cloud-8-Pool - alias: SUSE-OpenStack-Cloud-8-Updates name: OpenStack-Cloud-8-Updates - alias: SUSE-OpenStack-Cloud-8-Updates-test name: OpenStack-Cloud-8-Updates-test - alias: HPE-Helion-OpenStack-8-Pool name: OpenStack-8-Pool - alias: HPE-Helion-OpenStack-8-Updates name: OpenStack-8-Updates - alias: HPE-Helion-OpenStack-8-Updates-test name: OpenStack-8-Updates-test - set_fact: suse_release: suse-{{ansible_distribution_version}} - name: osconfig | setup-zypp | Configure SLES and Cloud repos on nodes become: yes zypper_repository: name: "{{ item.alias }}" description: "{{ item.name }}" repo: "{{ zypp_server_http }}/SUSE-12-3/{{ ansible_architecture }}/repos/{{ item.alias }}" with_items: _repositories # If the repositories are not available on the deployer, that is not # necessarily critical yet. The next tasks will check whether the release # package is available. If it is, then at least the Cloud media made it onto # the node somehow. In the upgrade stage, we will need to do more strict # verification that the SLES and Cloud Pool and Updates repositories have # made it onto the node. ignore_errors: True - include: check-product-status.yml ############################ # Set up third party repos # ############################ - name: osconfig | setup-zypp | Get thirdparty symlink source delegate_to: localhost stat: path: "{{ zypp_thirdparty_dir }}/latest" register: latest_source_result when: thirdparty_zypp_repo_present - name: osconfig | setup-zypp | Remove any old thirdparty zypp repo on SLES nodes become: yes zypper_repository: name: tprepo state: absent when: thirdparty_zypp_repo_present - name: osconfig | setup-zypp | Configure the thirdparty zypp repo on SLES nodes become: yes zypper_repository: name: tprepo description: Thirdparty Repository repo: "{{ zypp_server }}/{{ zypp_thirdparty_loc }}/{{ latest_source_result.stat.lnk_source | basename }}" # TODO: trust the 3rd party key disable_gpg_check: yes when: thirdparty_zypp_repo_present ##################### # Refresh all repos # ##################### - name: osconfig | setup-zypp | Generate list of zypper repos to refresh set_fact: _refresh_repos: > {%- set _rr_list = [] -%} {%- if _sles_os_repo_stat_result.stat.exists -%} {%- set _ = _rr_list.append(osconfig_zypper_os_repo_name) -%} {%- endif -%} {%- for r in _repositories -%} {%- set _ = _rr_list.append(r.name) -%} {%- endfor -%} {%- if thirdparty_zypp_repo_present -%} {%- set _ = _rr_list.append("tprepo") -%} {%- endif -%} {{ _rr_list|unique }} # include refresh task until we upgrade to Ansible 2.2+ and use the # zypper_repository.runrefresh flag - name: osconfig | setup-zypp | Refresh newly added repositories become: yes command: "zypper --non-interactive refresh --force {{ _refresh_repos | join(' ') }}" 07070100000116000081A4000000000000000000000001600078730000033E000000000000000000000000000000000000005100000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/osconfig/tasks/wait-for-ssh.yml# # (c) Copyright 2015 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # - name: network_interface | wait-for-ssh | Wait for ssh on nodes local_action: wait_for port=22 host="{{ ansible_ssh_host | default(inventory_hostname) }}" search_regex=OpenSSH timeout=600 07070100000117000041ED0000000000000000000000026000787300000000000000000000000000000000000000000000004400000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/osconfig/templates07070100000118000081A40000000000000000000000016000787300001F50000000000000000000000000000000000000005500000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/osconfig/templates/collectl.conf.j2{# # (c) Copyright 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # #} # Like most Linux configuration files, this specifies a set of user controller # parameters. In many cases these are commented out which simply means those # are the default values already used by collectl. To change a value # uncomment the line and change it. To revert back to the default all you # need do is recomment the line. ############################ # daemon/service handling ############################ # When someone specifies a daemon is to be run, typically but not limited # to running collectl as a service, this string will cause the associated # values to be used. They CAN also be overriden via a command line switch. # In other words, if DaemonCommands is set to '-s cdm' and collectl is # envoked with -D, it will process subsystems 'cdm'. However, if it is envoked # with '-D -s mnp' it will process subsystems 'mnp', there is no combining the # two set of values. Be sure to include any switches a daemon is required to # have such as -f and either -r or -R. # NOTE - if things aren't behaving as expected, you can always try running # collectl in non-daemon mode just to see if there are any error messages. If # you include the -m switch, you can also look in the collectl log, which is # stored in the logging directory. DaemonCommands = -f {{ collectl_dir}}/ -r00:00,7,60 -i5:60 -m -F60 -scdmntDY -P --rawtoo --rawnetignore tap,qbr,qv # This defines the location to look for all additional required files if formatit.ph # is not in the same directory as collectl itself. #ReqDir = /usr/share/collectl # E x t r a L i b r a r i e s # So far this has only been used during development, but if there are extra # library locations that should be 'used', put them here. #Libraries = # S t a n d a r d U t i l i t i e s # Note that by default collectl will look for lspci in both /sbin and # /usr/sbin, but if listed here will only look in that one place. #Grep = /bin/grep #Egrep = /bin/egrep #Ps = /bin/ps #Rpm = /bin/rpm #Lspci = /sbin/lspci #Lctl = /usr/sbin/lctl # I n f i n i b a n d S u p p o r t # Collectl will assume open fabric and will attempt to use the perfquery # utility to get the counters. If not there, it assumes Voltaire and will # first look in /proc/voltaire/adaptor-mlx/stats and failing that will use # the get_pcounter utiliy. Since collectl resets IB counters in the # hardware you can disable its collection by commenting out the appropriate # variable below. PQuery for OFED, PCounter for get_pcounter calls and # VStat for ALL non-ofed access of any kind. # can disable either by commenting out the reference to VStat/PQuery below. PQuery = /usr/sbin/perfquery:/usr/bin/perfquery:/usr/local/ofed/bin/perfquery PCounter = /usr/mellanox/bin/get_pcounter VStat = /usr/mellanox/bin/vstat:/usr/bin/vstat OfedInfo = /usr/bin/ofed_info:/usr/local/ofed/bin/ofed_info # Set this flag to 0 to disable checking for duplicate instances of collectl # both trying to monitor IB stats #IbDupCheckFlag=1 # D e f a u l t s # This set of variables are actually all set in collectl and you need not # change them. # This parameter controls subsystem selection. The 'core' subsystems are # selected when the user omits the -s switch OR uses the '+' or '-' to # add/remove from that list. Note that changing this will also change the # default for -s displayed in help. #SubsysCore = bcdfijlmnstx # although these can all be overridden by switches, they're assumed to # always be defined so don't remove or comment any of them out! Over time # more may be added #Interval = 10 #Interval2 = 60 #Interval3 = 120 # These are SFS lustre specific. When using the -OD switch, any partitions # found to be smaller than LustreSvcLunMax, which is in GB, will be ignored. # When displaying data in verbose mode, only LustreMaxBlkSize will be # displayed, but ALL block sizes will be read and recorded #LustreSvcLunMax = 10 #LustreMaxBlkSize = 512 # By default, we check at these frequencies to see if lustre or interconnect # configurations have changed. Things are efficient enough that now we can # check for lustre changes every polling interval but I'm leaving the code # in place rather than remove it in case needed again in the future. #LustreConfigInt = 1 #InterConnectInt = 900 # These apply to disk/partition limits for exception (-o x/X) processing #LimSVC = 30 # Minimum partition Avg Service time #LimIOS = 10 # Minumum number of Disk OR Partion I/Os #LimBool = 0 # generate exception record if EITHER limit exceeded #LimLusKBS = 100 # Minimum number of Lustre OSS KB/sec #LimLusReints = 1000 # Minimum number o Lustre MDS Reint operations # Socket I/O Defaults #Port = 2655 #Timeout = 10 # Maximum allowable zlib errors in a single day or run. #MaxZlibErrors = 20 # In order to detect bogus network data we need to know what is normal for that # interface. Collectl uses ethtool for 'eth' interfaces to get the default # speed but that requires elevated privileges. It the ethtool fails, this # value (which is in Mb) will be used instead. # To disable bogus network data checking, set this to any negative value #DefNetSpeed=10000 # Collectl will automatically size the frequency of headers in 'brief format' # to the height of your display window which it determines using the resize # utility. If that utility can't be found, it will use the height speficied # in 'TermSize'. If 'resize' is in your path but you want a fixed/different # size, comment out the Resize line and uncomment TermHeight, setting it to # what you want. #TermHeight = 24 Resize=/usr/bin/resize:/usr/X11R6/bin/resize # To turn off Time:HiRes/glibc incompatibility checking, the following # should be enabled and set to 0 #TimeHiResCheck = 1 # These control environmental monitoring and to use it you MUST have ipmitool # installed (see http://ipmitool.sourceforge.net/). If not in the path shown # below, you must change it. Ipmitool = /usr/bin/ipmitool:/usr/local/bin/ipmitool:/opt/hptc/sbin/ipmitool IpmiCache = /var/run/collectl-ipmicache IpmiTypes = fan,temp,current # passwd file for UID to usernames mapping during process monitoring #Passwd = /etc/passwd # If a cciss device is reset (such as when during a lun scan) while collectl running, # disk rates will be excessive. If one seen above the following, reset ALL stats for # that disk to 0. To disable set this to -1 #DiskMaxValue=5000000 # When collectl reads disk data, it filters out any that don't match the DiskFilter, # which by default looks for cciss, hd, sd, xvd, dm, emcpower and psv. All others are # ignored. To change the filter, set the string below to those you want to keep BUT # you need to know what a perl regular expression looks like or you may not get the # desired results. CAUTION - white space is CRITICAL for this to work. #DiskFilter = /cciss/c\d+d\d+ |hd[ab] | sd[a-z]+ |dm-\d+ |xvd[a-z] |fio[a-z]+ | vd[a-z]+ |emcpower[a-z]+ |psv\d+ / # Kernel Efficiency Test # On kernels 2.6.32 forward (and you can't tell how distros patched) there is a read inefficiency # in the /proc filesystem for 4 and more sockets and the only way to tell is to test it. If slow # generate a warning that patching the kernel may be recommmended. To bypass the test/message, set # the following to 'no' #ProcReadTest = yes 07070100000119000081A4000000000000000000000001600078730000038D000000000000000000000000000000000000005900000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/osconfig/templates/hugepages-service.j2{# # # (c) Copyright 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017-2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # #} [Unit] Description=Service file to call hugepages script Before=openvswitch.service ovs-vswitchd.service After=sysinit.target [Service] Type=oneshot Restart=no RemainAfterExit=yes ExecStart=/usr/bin/hugepages-service.sh [Install] WantedBy=multi-user.target 0707010000011A000081A400000000000000000000000160007873000004B3000000000000000000000000000000000000005C00000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/osconfig/templates/hugepages-service.sh.j2{# # # (c) Copyright 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # #} #!/bin/sh # # rc.local # # set the number of hugepages on a node if mkdir /dev/shm/hugepage-service; then echo "Creating node-specific huge pages." {% for item in numa_huge_pages %} nodedir='/sys/devices/system/node/node{{ item.numa_node }}' hugepages='hugepages/hugepages-{{ item.size_in_k }}kB/nr_hugepages' old_page_count=`cat $nodedir/$hugepages` new_page_count=$((old_page_count + {{ item.count}})) echo $new_page_count > $nodedir/$hugepages {% endfor %} exit 0 fi echo "Service has been run previously. Do nothing." exit 0 0707010000011B000081A40000000000000000000000016000787300000332000000000000000000000000000000000000005A00000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/osconfig/templates/openstack_yum.repo.j2{# # (c) Copyright 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017-2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # #} [ardanarepo] name=Ardana OpenStack Repository baseurl=http://{{ ansible_env.SSH_CLIENT.split()[0] }}:{{ deployer_server_port }}/{{ yum_extras_loc }} enabled=1 gpgcheck=0 0707010000011C000081A400000000000000000000000160007873000002F6000000000000000000000000000000000000005900000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/osconfig/templates/optional_yum.repo.j2{# # (c) Copyright 2017-2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # #} [optionalrepo] name=Ardana Optional Repository baseurl=http://{{ ansible_env.SSH_CLIENT.split()[0] }}:{{ deployer_server_port }}/{{ yum_optional_loc }} enabled=1 gpgcheck=0 0707010000011D000081A400000000000000000000000160007873000002E2000000000000000000000000000000000000005200000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/osconfig/templates/priority.d.j2{# # # (c) Copyright 2015 Hewlett Packard Enterprise Development LP # (c) Copyright 2017-2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # #} Package: * Pin: origin {{ deployer_server | replace('http://', '') }} Pin-Priority: 600 0707010000011E000081A40000000000000000000000016000787300000510000000000000000000000000000000000000005300000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/osconfig/templates/resolv.conf.j2{# # # (c) Copyright 2015 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # #} # Created resolv.conf(5) file for glibc resolver(3) generated by osconfig-ansible # EDITS TO THIS FILE WILL BE OVERWRITTEN BY osconfig {% for server in osconfig_dns.nameservers %} nameserver {{ server }} {% endfor %} {% if 'domain' in osconfig_dns %} domain {{ osconfig_dns.domain }} {% endif %} {% if 'search' in osconfig_dns %} search {{ osconfig_dns.search | join(" ") }} {% endif %} {% if 'sortlist' in osconfig_dns %} sortlist {{ osconfig_dns['sortlist'] | join(" ") }} {% endif %} {% for option, value in osconfig_dns.get('options', {}).items() %} options {{ "%s:%s" % (option, value) if value is not none else "%s" % option }} {% endfor %} 0707010000011F000081A4000000000000000000000001600078730000028D000000000000000000000000000000000000005000000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/osconfig/templates/timezone.j2{# # # (c) Copyright 2015 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # #} Etc/UTC 07070100000120000081A4000000000000000000000001600078730000032E000000000000000000000000000000000000005300000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/osconfig/templates/tp_yum.repo.j2{# # (c) Copyright 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017-2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # #} [tprepo] name=Thirdparty Repository baseurl={{ deployer_server }}/{{ yum_thirdparty_loc }}/{{ latest_source_result.stat.lnk_source | basename }} enabled=1 gpgcheck=0 07070100000121000041ED0000000000000000000000026000787300000000000000000000000000000000000000000000003F00000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/osconfig/vars07070100000122000081A4000000000000000000000001600078730000026C000000000000000000000000000000000000004B00000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/osconfig/vars/default.yml# # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- systemd_script_dir: /lib/systemd/system 07070100000123000081A4000000000000000000000001600078730000046F000000000000000000000000000000000000004800000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/osconfig/vars/main.yml# # (c) Copyright 2015 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- ardanauser: "{{ ansible_env['USER'] }}" ardanauser_home: "{{ ansible_env['HOME'] }}" osconfig_dns: "{{ dns | default(host.get('dns', {}) if host is defined else {}, true) | default(group.get('dns', {}) if group is defined else {}, true) | default(global.get('dns', {}) if global is defined else {}, true) }}" dpdk_enable_iommu: " {%- if dpdk_network_devices is defined -%} {% set result = True %} {% else %} {% set result = False %} {%- endif -%} {{ result }}" 07070100000124000081A400000000000000000000000160007873000002D9000000000000000000000000000000000000004A00000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/osconfig/vars/redhat.yml# # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- systemd_script_dir: /usr/lib/systemd/system osconfig_debug_tools: - tcpdump - bind-utils - lsof - strace - curl # - collectl - numactl 07070100000125000081A40000000000000000000000016000787300000926000000000000000000000000000000000000004F00000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/osconfig/vars/repos-cloud.yml# # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- expected_repodata: suse-12.3: x86_64: sles12-sp3-pool: name: "SLES12-SP3-Pool" repomd: tags: ["obsproduct://build.suse.de/SUSE:SLE-12-SP3:GA/SLES/12.3/POOL/x86_64"] smt_path: "SUSE/Products/SLE-SERVER/12-SP3/x86_64/product" sles12-sp3-updates: name: "SLES12-SP3-Updates" repomd: tags: ["obsrepository://build.suse.de/SUSE:Updates:SLE-SERVER:12-SP3:x86_64/update"] smt_path: "SUSE/Updates/SLE-SERVER/12-SP3/x86_64/update" suse-openstack-cloud-8-pool: name: "SUSE-OpenStack-Cloud-8-Pool" repomd: tags: ["obsproduct://build.suse.de/SUSE:SLE-12-SP3:Update:Products:Cloud8/suse-openstack-cloud/8/POOL/x86_64"] smt_path: "SUSE/Products/OpenStack-Cloud/8/x86_64/product" brand: "SUSE OpenStack Cloud" hpe-helion-openstack-8-pool: name: "HPE-Helion-OpenStack-8-Pool" repomd: tags: ["obsproduct://build.suse.de/SUSE:SLE-12-SP3:Update:Products:Cloud8/hpe-helion-openstack/8/POOL/x86_64"] smt_path: "SUSE/Products/HPE-Helion-OpenStack/8/x86_64/product" brand: "HPE Helion OpenStack" suse-openstack-cloud-8-updates: name: "SUSE-OpenStack-Cloud-8-Updates" repomd: tags: ["obsrepository://build.suse.de/SUSE:Updates:OpenStack-Cloud:8:x86_64/update"] smt_path: "SUSE/Updates/OpenStack-Cloud/8/x86_64/update" brand: "SUSE OpenStack Cloud" hpe-helion-openstack-8-updates: name: "HPE-Helion-OpenStack-8-Updates" repomd: tags: ["obsrepository://build.suse.de/SUSE:Updates:HPE-Helion-OpenStack:8:x86_64/update"] smt_path: "SUSE/Updates/HPE-Helion-OpenStack/8/x86_64/update" brand: "HPE Helion OpenStack" 07070100000126000081A400000000000000000000000160007873000002ED000000000000000000000000000000000000004800000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/osconfig/vars/suse.yml# # (c) Copyright 2017-2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- systemd_script_dir: /usr/lib/systemd/system osconfig_debug_tools: - tcpdump - bind-utils - iputils - lsof - strace - curl # - collectl - numactl 07070100000127000041ED0000000000000000000000046000787300000000000000000000000000000000000000000000003500000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/ssh07070100000128000041ED0000000000000000000000026000787300000000000000000000000000000000000000000000003E00000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/ssh/defaults07070100000129000081A40000000000000000000000016000787300000396000000000000000000000000000000000000004700000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/ssh/defaults/main.yml# (c) Copyright 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. --- # ssh defaults ssh_sshd_config: - regexp: "^#?PermitRootLogin " line: "PermitRootLogin without-password" - regexp: "^#?\\s*MaxSessions\\s+" line: "MaxSessions 100" - regexp: "^#?\\s*MaxStartups\\s+" line: "MaxStartups 50:30:100" 0707010000012A000041ED0000000000000000000000026000787300000000000000000000000000000000000000000000003B00000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/ssh/tasks0707010000012B000081A4000000000000000000000001600078730000040C000000000000000000000000000000000000004400000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/ssh/tasks/main.yml# (c) Copyright 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. --- # ssh setup - name: Configure sshd become: yes lineinfile: regexp: "{{ item.regexp }}" line: "{{ item.line }}" dest: /etc/ssh/sshd_config state: present with_items: ssh_sshd_config register: _ssh_sshd_config_updated - name: Restart sshd become: yes service: name: sshd state: restarted when: _ssh_sshd_config_updated | changed 0707010000012C000041ED0000000000000000000000076000787300000000000000000000000000000000000000000000003800000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/sysctl0707010000012D000041ED0000000000000000000000026000787300000000000000000000000000000000000000000000004100000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/sysctl/defaults0707010000012E000081A4000000000000000000000001600078730000043D000000000000000000000000000000000000004A00000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/sysctl/defaults/main.yml# # (c) Copyright 2015 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- # marker indicating that the file is managed by Ardana$ file_marker: '# ARDANA-MANAGED - Managed by Ardana - Do not edit' # ardana kernel module file for modules needed by all servers sysctl_kernel_module_file: /etc/modules-load.d/ardana_sysctl-modules.conf # ardana managed sysctl.conf file ardana_sysctl_conf_file: /etc/sysctl.d/ardana_sysctl.conf # ardana fs.file-max as percent of total system memory ardana_fs_file_max_percent: 0.10 0707010000012F000041ED0000000000000000000000026000787300000000000000000000000000000000000000000000004100000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/sysctl/handlers07070100000130000081A400000000000000000000000160007873000002DE000000000000000000000000000000000000004A00000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/sysctl/handlers/main.yml# # (c) Copyright 2015 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- - name: Load sysctl settings from file shell: sysctl -p "{{ ardana_sysctl_conf_file }}" 07070100000131000041ED0000000000000000000000026000787300000000000000000000000000000000000000000000003E00000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/sysctl/tasks07070100000132000081A400000000000000000000000160007873000004EB000000000000000000000000000000000000004700000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/sysctl/tasks/main.yml# # (c) Copyright 2015 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- - name: Include list of common kernel modules include_vars: ardana_kernel_modules.yml - name: Load required kernel modules modprobe: name={{ item }} state=present with_items: kernel_modules | default([]) - name: Persist kernel modules for reboot template: src: sysctl_modules_load.conf.j2 dest: "{{ sysctl_kernel_module_file }}" owner: root group: root mode: '0640' - name: Configure kernel parameters template: src: ardana_sysctl.conf.j2 dest: "{{ ardana_sysctl_conf_file }}" owner: root group: root mode: '0640' notify: - Load sysctl settings from file 07070100000133000041ED0000000000000000000000026000787300000000000000000000000000000000000000000000004200000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/sysctl/templates07070100000134000081A40000000000000000000000016000787300000924000000000000000000000000000000000000005800000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/sysctl/templates/ardana_sysctl.conf.j2{# # # (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # #} {# CAUTION: when adding new settings to this template, make sure you are not overwriting settings from another service with a different value. Services which may be co-located on the same node with conflicting settings need to resolve those conflicts and apply the conflicting settings conditionally. #} {# fs.file-max set as a percentage of total system memory (in kB) #} fs.file-max = {{ (ansible_memtotal_mb * 1024 * ardana_fs_file_max_percent)|round|int }} {# rabbitmq-server #} {% if 'FND-RMQ' in group.services %} # 'FND-RMQ' RabbitMQ uses port 61000 so we must reduce the range by 1. net.ipv4.ip_local_port_range = 32768 60999 {% endif %} {# neutron-openvswitch-agent #} # make sure to handle integrated and non-integrated deployer node cases. {% for _svc in ['neutron-openvswitch-agent', 'lifecycle-manager'] %} {% if _svc in group.services %} # neutron-openvswitch-agent net.ipv4.neigh.default.gc_thresh1 = 8192 net.ipv4.neigh.default.gc_thresh2 = 16384 net.ipv4.neigh.default.gc_thresh3 = 32768 {% endif %} {% endfor %} {# neutron-dhcp-agent #} {% if 'neutron-dhcp-agent' in group.services %} # neutron-dhcp-agent fs.inotify.max_user_instances = 8192 {% endif %} {# nova-compute #} {% if 'nova-compute' in group.services %} # nova-compute vm.dirty_background_bytes = 16777216 vm.dirty_bytes = 33554432 vm.max_map_count = 65530 {% endif %} {# sysctl settings which should be on all servers, regardless of services #} # common net.ipv4.tcp_keepalive_probes = 3 net.ipv4.tcp_syncookies = 0 net.ipv4.tcp_tw_reuse = 1 net.ipv4.tcp_keepalive_intvl = 5 net.ipv4.tcp_keepalive_time = 45 net.ipv4.tcp_tw_recycle = 1 net.nf_conntrack_max = 524288 fs.aio-max-nr = 1048576 07070100000135000081A400000000000000000000000160007873000002D5000000000000000000000000000000000000005E00000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/sysctl/templates/sysctl_modules_load.conf.j2{# # # (c) Copyright 2015 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # #} {{ file_marker }} {% for module in kernel_modules %} {{ module }} {% endfor %} 07070100000136000041ED0000000000000000000000026000787300000000000000000000000000000000000000000000003D00000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/sysctl/vars07070100000137000081A40000000000000000000000016000787300000323000000000000000000000000000000000000005700000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/sysctl/vars/ardana_kernel_modules.yml# # (c) Copyright 2015 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- # Kernel modules in this list will be loaded into memory and persisted for # reboot across all servers. kernel_modules: - nf_conntrack_ipv4 - nf_conntrack_ipv607070100000138000081A40000000000000000000000016000787300000283000000000000000000000000000000000000004600000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/sysctl/vars/main.yml# # (c) Copyright 2015 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- 07070100000139000041ED0000000000000000000000056000787300000000000000000000000000000000000000000000003600000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/udev0707010000013A000041ED0000000000000000000000026000787300000000000000000000000000000000000000000000003F00000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/udev/defaults0707010000013B000081A400000000000000000000000160007873000002DE000000000000000000000000000000000000004800000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/udev/defaults/main.yml# # (c) Copyright 2015 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # # Variables used in diskconfig play --- udev_max_children_multiplier: 8 udev_min_events: 16 0707010000013C000041ED0000000000000000000000026000787300000000000000000000000000000000000000000000003C00000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/udev/tasks0707010000013D000081A40000000000000000000000016000787300000A5F000000000000000000000000000000000000004A00000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/udev/tasks/configure.yml# # (c) Copyright 2015,2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # # Play to set up lvm FS and mounts --- - name: osconfig | udev config | remove udev rule become: yes file: path: /lib/udev/rules.d/60-multipath.rules state: absent - name: osconfig | udev config | reload udev rules become: yes command: udevadm control --reload-rules - name: osconfig | udev config | rebuild the initrd Debian become: yes command: /usr/sbin/update-initramfs -u -k all when: ansible_os_family == 'Debian' - name: osconfig | udev config | rebuild the initrd RedHat become: yes command: dracut -f when: ansible_os_family == 'RedHat' - name: osconfig | udev config | get the ncores become: yes shell: cat /proc/cpuinfo | grep processor | wc -l register: num_cpus_output - name: osconfig | udev config | calculate the multiplier command: expr {{ udev_max_children_multiplier }} * {{ num_cpus_output.stdout }} register: udev_max - name: osconfig | udev config | calculate the children become: yes set_fact: max_children_list: "[{{ udev_max.stdout }}, {{ udev_min_events }} ]" - name: osconfig | udev config | calculate the max become: yes set_fact: udev_max_children: "{{ max_children_list | max }}" - name: osconfig | udev config | Set the running value become: yes command: udevadm control --children-max={{ udev_max_children }} - name: osconfig | udev config | Set the unit file for Debian become: yes template: src=udev-unit.j2 dest=/lib/systemd/system/ardana-udev.service when: ansible_os_family == 'Debian' - name: osconfig | udev config | Set the unit file for RedHat become: yes template: src=udev-unit.j2 dest=/lib/systemd/system/ardana-udev.service when: ansible_os_family == 'RedHat' - name: osconfig | udev config | Set the unit file for SUSE become: yes template: src=udev-unit.j2 dest=/usr/lib/systemd/system/ardana-udev.service when: ansible_os_family == 'Suse' - name: osconfig | udev config | Enable the unit file become: yes service: name=ardana-udev enabled=yes state=started 0707010000013E000041ED0000000000000000000000026000787300000000000000000000000000000000000000000000004000000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/udev/templates0707010000013F000081A4000000000000000000000001600078730000039C000000000000000000000000000000000000004D00000000ardana-osconfig-8.0+git.1610643571.91b88d6/roles/udev/templates/udev-unit.j2{# # # (c) Copyright 2015 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # #} [Unit] Description=Service file to limit udev child processes for multipath suupport Requires=systemd-udevd.service After=systemd-udevd.service [Service] Restart=no ExecStart=/sbin/udevadm control --children-max={{ udev_max_children }} [Install] WantedBy=systemd-udevd.service 07070100000140000081A400000000000000000000000160007873000003D0000000000000000000000000000000000000003F00000000ardana-osconfig-8.0+git.1610643571.91b88d6/setup-hugepages.yml# # (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # # Common osconfig tasks we want to do during deployment and during an upgrade --- - hosts: "{{ osconfig_resources | default('resources') }}" roles: - cobbler - osconfig - package-consumer tasks: - include: roles/osconfig/tasks/setup-kernel-parameters.yml - include: roles/osconfig/tasks/setup-hugepages.yml 07070100000141000081A400000000000000000000000160007873000002E8000000000000000000000000000000000000003600000000ardana-osconfig-8.0+git.1610643571.91b88d6/sysctl.yml# # (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- - hosts: "{{ osconfig_resources | default('resources') }}" become: yes roles: - sysctl 07070100000142000081A4000000000000000000000001600078730000031D000000000000000000000000000000000000003400000000ardana-osconfig-8.0+git.1610643571.91b88d6/udev.yml# # (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- - hosts: "{{ osconfig_resources | default('resources') }}" become: yes roles: - udev tasks: - include: roles/udev/tasks/configure.yml 07070100000143000081A40000000000000000000000016000787300000419000000000000000000000000000000000000003A00000000ardana-osconfig-8.0+git.1610643571.91b88d6/wipe_disks.yml# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017-2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. --- - include: pbstart.yml vars: playbook_name: "wipe_disks.yml" - hosts: "{{ osconfig_resources | default('resources') }}" roles: - diskconfig tasks: - include: roles/diskconfig/tasks/get_disk_info.yml - include: roles/diskconfig/tasks/wipe_confirmation.yml - include: roles/diskconfig/tasks/wipe_disks.yml - include: pbfinish.yml vars: playbook_name: "wipe_disks.yml"07070100000144000081A400000000000000000000000160007873000003C0000000000000000000000000000000000000003D00000000ardana-osconfig-8.0+git.1610643571.91b88d6/wipe_one_disk.yml# (c) Copyright 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. --- - hosts: "{{ osconfig_resources | default('resources') }}" roles: - diskconfig tasks: - include: roles/diskconfig/tasks/wipe_one_check.yml - include: roles/diskconfig/tasks/get_disk_info.yml - include: roles/diskconfig/tasks/wipe_confirmation.yml - include: roles/diskconfig/tasks/wipe_disks.yml 07070100000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000B00000000TRAILER!!!1390 blocks
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor