diff --git a/.travis.yml b/.travis.yml index 2c678a47..0eb33b38 100644 --- a/.travis.yml +++ b/.travis.yml @@ -1,23 +1,32 @@ --- language: python +python: + - "2.7" + - "3.6" sudo: required -dist: trusty +dist: bionic cache: directories: [ '$HOME/lxc' ] pip: true +env: + - ANSIBLE_VERSION='~=2.9.0' matrix: fast_finish: true -env: -- ANSIBLE_GIT_VERSION='devel' # 2.9.x development branch -- ANSIBLE_VERSION='<2.9.0' # 2.8.x -- ANSIBLE_VERSION='<2.8.0' # 2.7.x -- ANSIBLE_VERSION='<2.7.0' # 2.6.x + include: +# FIXME: Ansible 2.10.x going through major restructuring. +# https://groups.google.com/forum/#!msg/ansible-project/eXsoOKEd0Mk/XTgbnPWbCAAJ +# - python: '3.6' +# env: ANSIBLE_GIT_VERSION='devel' # 2.10.x development branch + - python: '3.6' + env: ANSIBLE_VERSION='~=2.8.0' + - python: '3.6' + env: ANSIBLE_VERSION='~=2.7.0' install: - if [ "$ANSIBLE_GIT_VERSION" ]; then pip install "https://github.com/ansible/ansible/archive/${ANSIBLE_GIT_VERSION}.tar.gz"; else pip install "ansible${ANSIBLE_VERSION}"; fi; pip install --pre ansible-lint; pip install jmespath netaddr - ansible --version -- ansible-galaxy install lae.travis-lxc,v0.8.1 +- ansible-galaxy install lae.travis-lxc,v0.9.0 - ansible-playbook tests/install.yml -i tests/inventory - git archive --format tar.gz HEAD > lae.proxmox.tar.gz && ansible-galaxy install lae.proxmox.tar.gz,$(git rev-parse HEAD),lae.proxmox && rm lae.proxmox.tar.gz diff --git a/README.md b/README.md index afba8c58..88849e25 100644 --- a/README.md +++ b/README.md @@ -217,9 +217,15 @@ of the `ops` group. Read the **User and ACL Management** section for more info. The backend needs to be supported by [Proxmox](https://pve.proxmox.com/pve-docs/chapter-pvesm.html). Read the **Storage Management** section for more info. -`pve_ssh_port` allows you to change the SSH service port. If your SSH is listing -on a different port then 22, please set this variable. If a new node is joining -the cluster, the PVE cluster needs to communicate once via SSH. +`pve_ssh_port` allows you to change the SSH port. If your SSH is listening on +a port other than the default 22, please set this variable. If a new node is +joining the cluster, the PVE cluster needs to communicate once via SSH. + +`pve_manage_ssh` (default true) allows you to disable any changes this module +would make to your SSH server config. This is useful if you use another role +to manage your SSH server. Note that setting this to false is not officially +supported, you're on your own to replicate the changes normally made in +ssh_cluster_config.yml. `interfaces_template` is set to the path of a template we'll use for configuring the network on these Debian machines. This is only necessary if you want to @@ -299,7 +305,7 @@ Finally, let's write our playbook. `site.yml` will look something like this: delay: 15 when: _configure_interfaces is changed -- hosts: pve +- hosts: pve01 become: True roles: - lae.proxmox @@ -367,7 +373,7 @@ serially during a maintenance period.) It will also enable the IPMI watchdog. - { role: lae.proxmox, pve_group: pve01, - pve_cluster_enabled: yes + pve_cluster_enabled: yes, pve_reboot_on_kernel_update: true, pve_watchdog: ipmi } diff --git a/defaults/main.yml b/defaults/main.yml index eabff5f4..3eb55260 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -39,3 +39,4 @@ pve_users: [] pve_acls: [] pve_storages: [] pve_ssh_port: 22 +pve_manage_ssh: true diff --git a/files/00_remove_checked_command_buster.patch b/files/00_remove_checked_command_buster.patch index bb6abac9..7dbabfe9 100644 --- a/files/00_remove_checked_command_buster.patch +++ b/files/00_remove_checked_command_buster.patch @@ -1,37 +1,19 @@ diff -ur /usr/share/javascript/proxmox-widget-toolkit/proxmoxlib.js /usr/share/javascript/proxmox-widget-toolkit/proxmoxlib.js ---- /usr/share/javascript/proxmox-widget-toolkit/proxmoxlib.js 2019-12-17 11:02:52.000000000 +0000 -+++ /usr/share/javascript/proxmox-widget-toolkit/proxmoxlib.js 2020-01-18 16:29:37.362953621 +0000 -@@ -6016,7 +6016,7 @@ - var update_btn = new Ext.Button({ +--- /usr/share/javascript/proxmox-widget-toolkit/proxmoxlib.js ++++ /usr/share/javascript/proxmox-widget-toolkit/proxmoxlib.js +@@ -7446,7 +7446,7 @@ + let update_btn = new Ext.Button({ text: gettext('Refresh'), handler: function() { - Proxmox.Utils.checked_command(function() { apt_command('update'); }); + apt_command('update'); - } + }, }); diff -ur /usr/share/pve-manager/js/pvemanagerlib.js /usr/share/pve-manager/js/pvemanagerlib.js ---- /usr/share/pve-manager/js/pvemanagerlib.js 2019-12-16 14:12:19.000000000 +0000 -+++ /usr/share/pve-manager/js/pvemanagerlib.js 2020-01-18 16:26:07.187536513 +0000 -@@ -19024,7 +19024,7 @@ - var version_btn = new Ext.Button({ - text: gettext('Package versions'), - handler: function(){ -- Proxmox.Utils.checked_command(function() { me.showVersions(); }); -+ me.showVersions(); - } - }); - -@@ -19288,7 +19288,7 @@ - { - text: gettext('System Report'), - handler: function() { -- Proxmox.Utils.checked_command(function (){ me.showReport(); }); -+ me.showReport(); - } - } - ], -@@ -40472,7 +40472,6 @@ +--- /usr/share/pve-manager/js/pvemanagerlib.js ++++ /usr/share/pve-manager/js/pvemanagerlib.js +@@ -3151,7 +3151,6 @@ handler: function(data) { me.login = null; me.updateLoginData(data); @@ -39,3 +21,20 @@ diff -ur /usr/share/pve-manager/js/pvemanagerlib.js /usr/share/pve-manager/js/pv } }); } +@@ -28330,7 +28329,7 @@ + { + text: gettext('System Report'), + handler: function() { +- Proxmox.Utils.checked_command(function() { me.showReport(); }); ++ me.showReport(); + }, + }, + ], +@@ -28428,7 +28427,7 @@ + var version_btn = new Ext.Button({ + text: gettext('Package versions'), + handler: function(){ +- Proxmox.Utils.checked_command(function() { me.showVersions(); }); ++ me.showVersions(); + } + }); diff --git a/files/01_pass_correct_format_for_linkX.patch b/files/01_pass_correct_format_for_linkX.patch new file mode 100644 index 00000000..2cd55371 --- /dev/null +++ b/files/01_pass_correct_format_for_linkX.patch @@ -0,0 +1,26 @@ +to unbreak joining via SSH with an explicit link address. + +Signed-off-by: Fabian Grünbichler +--- + data/PVE/CLI/pvecm.pm | 4 +++- + 1 file changed, 3 insertions(+), 1 deletion(-) + +diff --git a/data/PVE/CLI/pvecm.pm b/data/PVE/CLI/pvecm.pm +index b381f4f..fe099d4 100755 +--- /usr/share/perl5/PVE/CLI/pvecm.pm ++++ /usr/share/perl5/PVE/CLI/pvecm.pm +@@ -405,9 +405,11 @@ __PACKAGE__->register_method ({ + push @$cmd, '--nodeid', $param->{nodeid} if $param->{nodeid}; + push @$cmd, '--votes', $param->{votes} if defined($param->{votes}); + ++ my $link_desc = get_standard_option('corosync-link'); ++ + foreach my $link (keys %$links) { + push @$cmd, "--link$link", PVE::JSONSchema::print_property_string( +- $links->{$link}, get_standard_option('corosync-link')); ++ $links->{$link}, $link_desc->{format}); + } + + # this will be used as fallback if no links are specified +-- + diff --git a/tasks/ceph.yml b/tasks/ceph.yml index e1166417..de072d3d 100644 --- a/tasks/ceph.yml +++ b/tasks/ceph.yml @@ -73,7 +73,7 @@ with_items: "{{ _existing_ceph_volumes_tmp }}" tags: ceph_volume - - name: Change osd list (remove existing osds from the list) + - name: Change osd list (remove existing osds from the list) set_fact: pve_ceph_osds_diff: "{{ pve_ceph_osds | difference(_existing_ceph_volumes) }}" tags: ceph_volume @@ -86,7 +86,7 @@ creates: '{{ item.device }}1' with_items: '{{ pve_ceph_osds_diff }}' - tags: create_osd + tags: create_osd - block: - name: List Ceph CRUSH rules diff --git a/tasks/main.yml b/tasks/main.yml index c6556f3e..d547e305 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -18,6 +18,8 @@ when: "pve_cluster_enabled | bool" - import_tasks: ssh_cluster_config.yml + when: + - "pve_manage_ssh | bool and pve_cluster_enabled | bool" - name: Run handlers if needed (sshd reload) meta: flush_handlers @@ -30,8 +32,7 @@ {% for host in groups[pve_group] %}\ {{ hostvars[host].pve_cluster_addr0 }} {{ hostvars[host].ansible_fqdn }} - {{ hostvars[host].ansible_hostname }}\ - {% if ansible_fqdn == hostvars[host].ansible_fqdn %} pvelocalhost{% endif %} + {{ hostvars[host].ansible_hostname }} {% endfor %}" @@ -40,7 +41,7 @@ lineinfile: dest: /etc/hosts # expanded, this turns out to be, for example: - # regexp: "^(?!10\.0\.3\.17\\ test01\.lxc\\ test01\\ pvelocalhost)(?!10\.0\.3\.17)[0-9a-f:.]+(\s+.*)?\s(test01\.lxc|test01|pvelocalhost)(\s+.*|\s*)$' + # regexp: "^(?!10\.0\.3\.17\\ test01\.lxc\\ test01)(?!10\.0\.3\.17)[0-9a-f:.]+(\s+.*)?\s(test01\.lxc|test01)(\s+.*|\s*)$' # basically first we ignore lines that match from the host enumeration task # above, then we match against different IPs (e.g. NOT 10.0.3.17) that have # the hostname/fqdn we inserted a record for previously, taking care also to @@ -66,16 +67,12 @@ _correct_line: "\ {{ hostvars[item].pve_cluster_addr0 }} {{ hostvars[item].ansible_fqdn }} - {{ hostvars[item].ansible_hostname }}\ - {% if ansible_fqdn == hostvars[item].ansible_fqdn %} pvelocalhost{% endif %}" + {{ hostvars[item].ansible_hostname }}" _correct_ip: "{{ hostvars[item].pve_cluster_addr0 }}" _match_hosts: >- [ "{{ hostvars[item].ansible_fqdn }}", - "{{ hostvars[item].ansible_hostname }}", - {% if ansible_fqdn == hostvars[item].ansible_fqdn %} - "pvelocalhost" - {% endif %} + "{{ hostvars[item].ansible_hostname }}" ] - name: Trust Proxmox' packaging key @@ -166,6 +163,13 @@ - import_tasks: kernel_module_cleanup.yml +- name: "[TEMPFIX] Fix cluster joins on PVE 6" + patch: + src: "01_pass_correct_format_for_linkX.patch" + basedir: / + strip: 1 + when: ansible_distribution_release == 'buster' + - import_tasks: pve_cluster_config.yml when: "pve_cluster_enabled | bool" diff --git a/tasks/ssh_cluster_config.yml b/tasks/ssh_cluster_config.yml index 43aaef0d..830d7b97 100644 --- a/tasks/ssh_cluster_config.yml +++ b/tasks/ssh_cluster_config.yml @@ -74,7 +74,9 @@ content: | {% for host in groups[pve_group] %} {% for keytype in ['rsa', 'ed25519', 'ecdsa'] %} - {{ hostvars[host].pve_cluster_ssh_addrs | join(",") }} {{ ' '.join(lookup('file', pve_fetch_directory + '/' + host + '/ssh_host_' + keytype + '_key.pub').split()[:-1]) }} + {%- set _keyfile = pve_fetch_directory + '/' + host + '/ssh_host_' + keytype + '_key.pub' -%} + {%- set _key = ' '.join(lookup('file', _keyfile).split()[:-1]) -%} + {{ hostvars[host].pve_cluster_ssh_addrs | join(",") }} {{ _key }} {% endfor %} {% endfor %} when: