diff --git a/CHANGELOG-0.10.md b/CHANGELOG-0.10.md index c31e31f387..05e84d4ef6 100644 --- a/CHANGELOG-0.10.md +++ b/CHANGELOG-0.10.md @@ -13,6 +13,7 @@ - [#1908](https://github.com/epiphany-platform/epiphany/issues/1908) - Research why Epiphany nodes hang when memory is overcommited - [#1979](https://github.com/epiphany-platform/epiphany/issues/1979) - RabbitMQ fails on upgrade when 2 nodes are specified that are not clustered - [#1984](https://github.com/epiphany-platform/epiphany/issues/1984) - RabbitMQ 3.7.10 fails on upgrade to 3.8.9: 'rabbitmqctl version' command not found +- [#1824](https://github.com/epiphany-platform/epiphany/issues/1824) - offline installation fails with error 'yum lockfile is held by another process' (Azure/RHEL) ### Updated diff --git a/core/src/epicli/data/common/ansible/playbooks/group_vars/all.yml b/core/src/epicli/data/common/ansible/playbooks/group_vars/all.yml index 2c570c9cd3..3a6d785559 100644 --- a/core/src/epicli/data/common/ansible/playbooks/group_vars/all.yml +++ b/core/src/epicli/data/common/ansible/playbooks/group_vars/all.yml @@ -8,3 +8,6 @@ image_registry_address: "{{ custom_image_registry_address | default(local_image_ kubeconfig: local: "{{ inventory_dir }}/kubeconfig" remote: /etc/kubernetes/admin.conf + +# https://github.com/ansible/ansible/issues/57189 +yum_lock_timeout: 300 diff --git a/core/src/epicli/data/common/ansible/playbooks/roles/common/tasks/Debian.yml b/core/src/epicli/data/common/ansible/playbooks/roles/common/tasks/Debian.yml index e5e7519d0e..3a551d4b56 100644 --- a/core/src/epicli/data/common/ansible/playbooks/roles/common/tasks/Debian.yml +++ b/core/src/epicli/data/common/ansible/playbooks/roles/common/tasks/Debian.yml @@ -6,8 +6,12 @@ name: - build-essential - python-selinux - update_cache: yes + update_cache: true state: present + register: result + retries: 3 + delay: 1 + until: result is succeeded - name: Install Debian family packages apt: @@ -36,8 +40,11 @@ - tmux - unzip - vim - update_cache: yes state: present + register: result + retries: 3 + delay: 1 + until: result is succeeded - name: Append prompt to .profile lineinfile: diff --git a/core/src/epicli/data/common/ansible/playbooks/roles/common/tasks/RedHat.yml b/core/src/epicli/data/common/ansible/playbooks/roles/common/tasks/RedHat.yml index 91406bf2f9..770823f9ad 100644 --- a/core/src/epicli/data/common/ansible/playbooks/roles/common/tasks/RedHat.yml +++ b/core/src/epicli/data/common/ansible/playbooks/roles/common/tasks/RedHat.yml @@ -6,8 +6,14 @@ - name: Install the latest version of ca-certificates package yum: - name: ca-certificates + name: + - ca-certificates + update_cache: true state: latest + register: result + retries: 3 + delay: 1 + until: result is succeeded - name: Install RedHat family packages yum: @@ -36,7 +42,6 @@ - vim - yum-utils - yum-versionlock - update_cache: yes state: present register: result retries: 3 diff --git a/core/src/epicli/data/common/ansible/playbooks/roles/common/tasks/main.yml b/core/src/epicli/data/common/ansible/playbooks/roles/common/tasks/main.yml index 5b4f9c0bae..f920de7f25 100644 --- a/core/src/epicli/data/common/ansible/playbooks/roles/common/tasks/main.yml +++ b/core/src/epicli/data/common/ansible/playbooks/roles/common/tasks/main.yml @@ -6,7 +6,11 @@ # Common main as the entry point -- include_tasks: "{{ ansible_os_family }}.yml" +- name: Execute OS-specific tasks (common) + block: + - include_tasks: "{{ ansible_os_family }}.yml" + module_defaults: + yum: { lock_timeout: "{{ yum_lock_timeout }}" } - name: Print environment variables debug: diff --git a/core/src/epicli/data/common/ansible/playbooks/roles/docker/tasks/main.yml b/core/src/epicli/data/common/ansible/playbooks/roles/docker/tasks/main.yml index a745c70809..c12fa9cb54 100644 --- a/core/src/epicli/data/common/ansible/playbooks/roles/docker/tasks/main.yml +++ b/core/src/epicli/data/common/ansible/playbooks/roles/docker/tasks/main.yml @@ -3,17 +3,19 @@ - name: Install Docker packages package: - name: "{{ packages[ansible_os_family] }}" + name: "{{ _packages[ansible_os_family] }}" state: present vars: - packages: - RedHat: - - containerd.io - - docker-ce-cli-{{ docker_version.RedHat }} - - docker-ce-{{ docker_version.RedHat }} + _packages: Debian: - - containerd.io - - docker-ce-cli={{ docker_version.Debian }} - - docker-ce={{ docker_version.Debian }} + - containerd.io + - docker-ce-cli={{ docker_version.Debian }} + - docker-ce={{ docker_version.Debian }} + RedHat: + - containerd.io + - docker-ce-cli-{{ docker_version.RedHat }} + - docker-ce-{{ docker_version.RedHat }} + module_defaults: + yum: { lock_timeout: "{{ yum_lock_timeout }}" } - include_tasks: configure-docker.yml diff --git a/core/src/epicli/data/common/ansible/playbooks/roles/elasticsearch/tasks/Debian.yml b/core/src/epicli/data/common/ansible/playbooks/roles/elasticsearch/tasks/Debian.yml index 00dd09d497..986d1aa5cd 100644 --- a/core/src/epicli/data/common/ansible/playbooks/roles/elasticsearch/tasks/Debian.yml +++ b/core/src/epicli/data/common/ansible/playbooks/roles/elasticsearch/tasks/Debian.yml @@ -1,3 +1,4 @@ +--- # splitted to separate tasks to make it work on Debian/Ubuntu: # https://github.com/elastic/elasticsearch/issues/33607#issue-359124678 @@ -5,6 +6,7 @@ apt: name: - openjdk-8-jre-headless + update_cache: true state: present - name: Install Elasticsearch package @@ -12,4 +14,4 @@ name: - elasticsearch-oss={{ specification.elasticsearch_version }} state: present - register: install_elasticsearch_package \ No newline at end of file + register: install_elasticsearch_package diff --git a/core/src/epicli/data/common/ansible/playbooks/roles/elasticsearch/tasks/RedHat.yml b/core/src/epicli/data/common/ansible/playbooks/roles/elasticsearch/tasks/RedHat.yml index 59d346d7de..e7968c6359 100644 --- a/core/src/epicli/data/common/ansible/playbooks/roles/elasticsearch/tasks/RedHat.yml +++ b/core/src/epicli/data/common/ansible/playbooks/roles/elasticsearch/tasks/RedHat.yml @@ -1,9 +1,10 @@ +--- - name: Install Elasticsearch package yum: name: - java-1.8.0-openjdk-headless - elasticsearch-oss-{{ specification.elasticsearch_version }} - update_cache: yes + update_cache: true state: present exclude: elasticsearch-oss-7* # v7 is installed by opendistro_for_elasticsearch role register: install_elasticsearch_package diff --git a/core/src/epicli/data/common/ansible/playbooks/roles/elasticsearch/tasks/install-es.yml b/core/src/epicli/data/common/ansible/playbooks/roles/elasticsearch/tasks/install-es.yml index de5951260f..d5ca01708c 100644 --- a/core/src/epicli/data/common/ansible/playbooks/roles/elasticsearch/tasks/install-es.yml +++ b/core/src/epicli/data/common/ansible/playbooks/roles/elasticsearch/tasks/install-es.yml @@ -15,5 +15,8 @@ - { limit_type: 'soft', limit_item: 'memlock', value: unlimited } - { limit_type: 'hard', limit_item: 'memlock', value: unlimited } -- name: Install Elasticsearch ({{ ansible_os_family }}) - include_tasks: "{{ ansible_os_family }}.yml" \ No newline at end of file +- name: Execute OS-specific tasks (elasticsearch) + block: + - include_tasks: "{{ ansible_os_family }}.yml" + module_defaults: + yum: { lock_timeout: "{{ yum_lock_timeout }}" } diff --git a/core/src/epicli/data/common/ansible/playbooks/roles/elasticsearch_curator/tasks/Debian.yml b/core/src/epicli/data/common/ansible/playbooks/roles/elasticsearch_curator/tasks/Debian.yml deleted file mode 100644 index f728ca9242..0000000000 --- a/core/src/epicli/data/common/ansible/playbooks/roles/elasticsearch_curator/tasks/Debian.yml +++ /dev/null @@ -1,6 +0,0 @@ -- name: Install elasticsearch-curator package - apt: - name: - - elasticsearch-curator={{ specification.curator_version }} - update_cache: yes - state: present \ No newline at end of file diff --git a/core/src/epicli/data/common/ansible/playbooks/roles/elasticsearch_curator/tasks/RedHat.yml b/core/src/epicli/data/common/ansible/playbooks/roles/elasticsearch_curator/tasks/RedHat.yml deleted file mode 100644 index 77bde1430b..0000000000 --- a/core/src/epicli/data/common/ansible/playbooks/roles/elasticsearch_curator/tasks/RedHat.yml +++ /dev/null @@ -1,6 +0,0 @@ -- name: Install elasticsearch-curator package - yum: - name: - - elasticsearch-curator-{{ specification.curator_version }} - update_cache: yes - state: present \ No newline at end of file diff --git a/core/src/epicli/data/common/ansible/playbooks/roles/elasticsearch_curator/tasks/install-es-curator.yml b/core/src/epicli/data/common/ansible/playbooks/roles/elasticsearch_curator/tasks/install-es-curator.yml index f302b39afd..1c6c7ab1ae 100644 --- a/core/src/epicli/data/common/ansible/playbooks/roles/elasticsearch_curator/tasks/install-es-curator.yml +++ b/core/src/epicli/data/common/ansible/playbooks/roles/elasticsearch_curator/tasks/install-es-curator.yml @@ -1,5 +1,15 @@ --- # This file is meant to be also used by upgrade playbook -- name: Install Elasticsearch Curator ({{ ansible_os_family }}) - include_tasks: "{{ ansible_os_family }}.yml" \ No newline at end of file +- name: Install Elasticsearch-Curator package + package: + name: "{{ _packages[ansible_os_family] }}" + state: present + vars: + _packages: + Debian: + - elasticsearch-curator={{ specification.curator_version }} + RedHat: + - elasticsearch-curator-{{ specification.curator_version }} + module_defaults: + yum: { lock_timeout: "{{ yum_lock_timeout }}" } diff --git a/core/src/epicli/data/common/ansible/playbooks/roles/filebeat/tasks/Debian.yml b/core/src/epicli/data/common/ansible/playbooks/roles/filebeat/tasks/Debian.yml deleted file mode 100644 index 70f4e8fcd7..0000000000 --- a/core/src/epicli/data/common/ansible/playbooks/roles/filebeat/tasks/Debian.yml +++ /dev/null @@ -1,19 +0,0 @@ ---- -- name: Install filebeat package - apt: - name: - - filebeat={{ filebeat_version }} - update_cache: true - state: present - register: install_filebeat_package - -- name: Install auditd package - apt: - name: - - auditd - update_cache: true - state: present - register: install_auditd_package - until: install_auditd_package is success - retries: 3 # Installing auditd sometimes fails in post-inst: https://bugs.launchpad.net/ubuntu/+source/auditd/+bug/1848330 - delay: 1 diff --git a/core/src/epicli/data/common/ansible/playbooks/roles/filebeat/tasks/RedHat.yml b/core/src/epicli/data/common/ansible/playbooks/roles/filebeat/tasks/RedHat.yml deleted file mode 100644 index aab0992e73..0000000000 --- a/core/src/epicli/data/common/ansible/playbooks/roles/filebeat/tasks/RedHat.yml +++ /dev/null @@ -1,16 +0,0 @@ ---- -- name: Install filebeat package - yum: - name: - - filebeat-{{ filebeat_version }} - update_cache: true - state: present - register: install_filebeat_package - -- name: Install auditd package - yum: - name: - - audit - update_cache: true - state: present - register: install_auditd_package diff --git a/core/src/epicli/data/common/ansible/playbooks/roles/filebeat/tasks/install-filebeat-as-system-service.yml b/core/src/epicli/data/common/ansible/playbooks/roles/filebeat/tasks/install-filebeat-as-system-service.yml index 676153cfd6..28506cc8e3 100644 --- a/core/src/epicli/data/common/ansible/playbooks/roles/filebeat/tasks/install-filebeat-as-system-service.yml +++ b/core/src/epicli/data/common/ansible/playbooks/roles/filebeat/tasks/install-filebeat-as-system-service.yml @@ -1,5 +1,33 @@ --- # This file is meant to be also used by upgrade playbook -- name: Install Filebeat ({{ ansible_os_family }}) - include_tasks: "{{ ansible_os_family }}.yml" +- name: Install Filebeat package + package: + name: "{{ _packages[ansible_os_family] }}" + state: present + vars: + _packages: + Debian: + - filebeat={{ filebeat_version }} + RedHat: + - filebeat-{{ filebeat_version }} + register: install_filebeat_package + module_defaults: + yum: { lock_timeout: "{{ yum_lock_timeout }}" } + +- name: Install Auditd package + package: + name: "{{ _packages[ansible_os_family] }}" + state: present + vars: + _packages: + Debian: + - auditd + RedHat: + - audit + register: install_auditd_package + until: install_auditd_package is success + retries: 3 # Installing auditd sometimes fails in post-inst: https://bugs.launchpad.net/ubuntu/+source/auditd/+bug/1848330 + delay: 1 + module_defaults: + yum: { lock_timeout: "{{ yum_lock_timeout }}" } diff --git a/core/src/epicli/data/common/ansible/playbooks/roles/firewall/tasks/Debian/install-firewall.yml b/core/src/epicli/data/common/ansible/playbooks/roles/firewall/tasks/Debian/install-firewall.yml index d14c4d4804..cc2c5d9ae4 100644 --- a/core/src/epicli/data/common/ansible/playbooks/roles/firewall/tasks/Debian/install-firewall.yml +++ b/core/src/epicli/data/common/ansible/playbooks/roles/firewall/tasks/Debian/install-firewall.yml @@ -18,7 +18,7 @@ - name: Install firewalld package block: - name: Install firewalld package - package: + apt: name: firewalld state: present register: install_firewalld @@ -42,4 +42,4 @@ when: - install_firewalld.changed when: - - specification.Debian.install_firewalld \ No newline at end of file + - specification.Debian.install_firewalld diff --git a/core/src/epicli/data/common/ansible/playbooks/roles/firewall/tasks/RedHat/install-firewall.yml b/core/src/epicli/data/common/ansible/playbooks/roles/firewall/tasks/RedHat/install-firewall.yml index aff74a5cef..5577b0baab 100644 --- a/core/src/epicli/data/common/ansible/playbooks/roles/firewall/tasks/RedHat/install-firewall.yml +++ b/core/src/epicli/data/common/ansible/playbooks/roles/firewall/tasks/RedHat/install-firewall.yml @@ -1,5 +1,5 @@ --- - name: Install firewalld package - package: + yum: name: firewalld - state: present \ No newline at end of file + state: present diff --git a/core/src/epicli/data/common/ansible/playbooks/roles/firewall/tasks/main.yml b/core/src/epicli/data/common/ansible/playbooks/roles/firewall/tasks/main.yml index f331b2c6c9..27a6aa48f9 100644 --- a/core/src/epicli/data/common/ansible/playbooks/roles/firewall/tasks/main.yml +++ b/core/src/epicli/data/common/ansible/playbooks/roles/firewall/tasks/main.yml @@ -1,6 +1,9 @@ --- -- name: Include installation tasks ({{ ansible_os_family }}) - include_tasks: "{{ ansible_os_family }}/install-firewall.yml" +- name: Execute OS-specific tasks (firewall) + block: + - include_tasks: "{{ ansible_os_family }}/install-firewall.yml" + module_defaults: + yum: { lock_timeout: "{{ yum_lock_timeout }}" } - name: Include configuration tasks - include_tasks: configure-firewall.yml \ No newline at end of file + include_tasks: configure-firewall.yml diff --git a/core/src/epicli/data/common/ansible/playbooks/roles/grafana/tasks/install.yml b/core/src/epicli/data/common/ansible/playbooks/roles/grafana/tasks/install.yml index cb4403152e..946fd3c5c2 100644 --- a/core/src/epicli/data/common/ansible/playbooks/roles/grafana/tasks/install.yml +++ b/core/src/epicli/data/common/ansible/playbooks/roles/grafana/tasks/install.yml @@ -14,6 +14,8 @@ - grafana={{ grafana_version }} RedHat: - grafana-{{ grafana_version }} + module_defaults: + yum: { lock_timeout: "{{ yum_lock_timeout }}" } - name: Recursively chown /etc/grafana (fix permissions) file: diff --git a/core/src/epicli/data/common/ansible/playbooks/roles/kafka/tasks/setup-kafka.yml b/core/src/epicli/data/common/ansible/playbooks/roles/kafka/tasks/setup-kafka.yml index ac4c78c029..d1581323a6 100644 --- a/core/src/epicli/data/common/ansible/playbooks/roles/kafka/tasks/setup-kafka.yml +++ b/core/src/epicli/data/common/ansible/playbooks/roles/kafka/tasks/setup-kafka.yml @@ -1,5 +1,4 @@ --- - - name: Setup group group: name: "{{ specification.kafka_var.group }}" @@ -12,18 +11,18 @@ group: "{{ specification.kafka_var.group }}" shell: "/usr/sbin/nologin" - - name: Install Java package package: - name: "java-1.8.0-openjdk-headless" + name: "{{ _packages[ansible_os_family] }}" state: present - when: ansible_os_family == "RedHat" - -- name: Install Java package - package: - name: "openjdk-8-jre-headless" - state: present - when: ansible_os_family == "Debian" + vars: + _packages: + Debian: + - openjdk-8-jre-headless + RedHat: + - java-1.8.0-openjdk-headless + module_defaults: + yum: { lock_timeout: "{{ yum_lock_timeout }}" } - name: Set Kafka file name to install set_fact: diff --git a/core/src/epicli/data/common/ansible/playbooks/roles/kibana/tasks/Debian.yml b/core/src/epicli/data/common/ansible/playbooks/roles/kibana/tasks/Debian.yml deleted file mode 100644 index 11e393a861..0000000000 --- a/core/src/epicli/data/common/ansible/playbooks/roles/kibana/tasks/Debian.yml +++ /dev/null @@ -1,7 +0,0 @@ ---- -- name: Install Kibana package - apt: - name: - - opendistroforelasticsearch-kibana={{ kibana_package_version }} - update_cache: yes - state: present diff --git a/core/src/epicli/data/common/ansible/playbooks/roles/kibana/tasks/RedHat.yml b/core/src/epicli/data/common/ansible/playbooks/roles/kibana/tasks/RedHat.yml deleted file mode 100644 index 6d71cecdf3..0000000000 --- a/core/src/epicli/data/common/ansible/playbooks/roles/kibana/tasks/RedHat.yml +++ /dev/null @@ -1,7 +0,0 @@ ---- -- name: Install Kibana package - yum: - name: - - opendistroforelasticsearch-kibana-{{ kibana_package_version }} - update_cache: yes - state: present diff --git a/core/src/epicli/data/common/ansible/playbooks/roles/kibana/tasks/main.yml b/core/src/epicli/data/common/ansible/playbooks/roles/kibana/tasks/main.yml index 13a25fd164..a0096773e0 100644 --- a/core/src/epicli/data/common/ansible/playbooks/roles/kibana/tasks/main.yml +++ b/core/src/epicli/data/common/ansible/playbooks/roles/kibana/tasks/main.yml @@ -4,10 +4,20 @@ file: roles/opendistro_for_elasticsearch/defaults/main.yml name: opendistro_for_elasticsearch_defaults -- name: Include Kibana package installation task - include_tasks: "{{ ansible_os_family }}.yml" +- name: Install Kibana package + package: + name: "{{ _packages[ansible_os_family] }}" + state: present vars: - kibana_package_version: "{{ opendistro_for_elasticsearch_defaults.versions[ansible_os_family].opendistro }}" + _kibana_version: >- + {{ opendistro_for_elasticsearch_defaults.versions[ansible_os_family].opendistro }} + _packages: + Debian: + - opendistroforelasticsearch-kibana={{ _kibana_version }} + RedHat: + - opendistroforelasticsearch-kibana-{{ _kibana_version }} + module_defaults: + yum: { lock_timeout: "{{ yum_lock_timeout }}" } - name: Update Kibana configuration file template: diff --git a/core/src/epicli/data/common/ansible/playbooks/roles/kubernetes_common/tasks/install-packages-Debian.yml b/core/src/epicli/data/common/ansible/playbooks/roles/kubernetes_common/tasks/install-packages-Debian.yml deleted file mode 100644 index 649387ffe1..0000000000 --- a/core/src/epicli/data/common/ansible/playbooks/roles/kubernetes_common/tasks/install-packages-Debian.yml +++ /dev/null @@ -1,15 +0,0 @@ ---- -- name: Install NFS package for Debian family - apt: - name: - - nfs-common - state: present - -- name: Install Kubernetes packages for Debian family - apt: - name: - - kubelet={{ specification.version }}-00 - - kubectl={{ specification.version }}-00 - - kubeadm={{ specification.version }}-00 - - kubernetes-cni={{ specification.cni_version }}-00 - state: present diff --git a/core/src/epicli/data/common/ansible/playbooks/roles/kubernetes_common/tasks/install-packages-RedHat.yml b/core/src/epicli/data/common/ansible/playbooks/roles/kubernetes_common/tasks/install-packages-RedHat.yml deleted file mode 100644 index ed5452f6ea..0000000000 --- a/core/src/epicli/data/common/ansible/playbooks/roles/kubernetes_common/tasks/install-packages-RedHat.yml +++ /dev/null @@ -1,17 +0,0 @@ ---- -- name: Install NFS package for RedHat family - yum: - name: - - nfs-utils - update_cache: yes - state: present - -- name: Install Kubernetes packages for RedHat family - yum: - name: - - kubelet-{{ specification.version }}-0 - - kubectl-{{ specification.version }}-0 - - kubeadm-{{ specification.version }}-0 - - kubernetes-cni-{{ specification.cni_version }}-0 - update_cache: yes - state: present diff --git a/core/src/epicli/data/common/ansible/playbooks/roles/kubernetes_common/tasks/install-packages.yml b/core/src/epicli/data/common/ansible/playbooks/roles/kubernetes_common/tasks/install-packages.yml index ac2a155e2e..e612aa7d08 100644 --- a/core/src/epicli/data/common/ansible/playbooks/roles/kubernetes_common/tasks/install-packages.yml +++ b/core/src/epicli/data/common/ansible/playbooks/roles/kubernetes_common/tasks/install-packages.yml @@ -1,12 +1,38 @@ --- - name: Install Storage packages package: - name: "{{ item }}" - update_cache: true + name: "{{ _packages[ansible_os_family] }}" state: present - loop: - - cifs-utils - - samba-client - - samba-common + vars: + _packages: + Debian: + - cifs-utils + - samba-client + - samba-common + - nfs-common + RedHat: + - cifs-utils + - samba-client + - samba-common + - nfs-utils + module_defaults: + yum: { lock_timeout: "{{ yum_lock_timeout }}" } -- include_tasks: "install-packages-{{ ansible_os_family }}.yml" +- name: Install Kubernetes packages + package: + name: "{{ _packages[ansible_os_family] }}" + state: present + vars: + _packages: + Debian: + - kubelet={{ specification.version }}-00 + - kubectl={{ specification.version }}-00 + - kubeadm={{ specification.version }}-00 + - kubernetes-cni={{ specification.cni_version }}-00 + RedHat: + - kubelet-{{ specification.version }}-0 + - kubectl-{{ specification.version }}-0 + - kubeadm-{{ specification.version }}-0 + - kubernetes-cni-{{ specification.cni_version }}-0 + module_defaults: + yum: { lock_timeout: "{{ yum_lock_timeout }}" } diff --git a/core/src/epicli/data/common/ansible/playbooks/roles/logstash/tasks/Debian.yml b/core/src/epicli/data/common/ansible/playbooks/roles/logstash/tasks/Debian.yml deleted file mode 100644 index ca9bbefea8..0000000000 --- a/core/src/epicli/data/common/ansible/playbooks/roles/logstash/tasks/Debian.yml +++ /dev/null @@ -1,7 +0,0 @@ ---- -- name: Install Logstash package - apt: - name: - - logstash-oss={{ versions[ansible_os_family] }} - update_cache: yes - state: present diff --git a/core/src/epicli/data/common/ansible/playbooks/roles/logstash/tasks/RedHat.yml b/core/src/epicli/data/common/ansible/playbooks/roles/logstash/tasks/RedHat.yml deleted file mode 100644 index d7129b36c0..0000000000 --- a/core/src/epicli/data/common/ansible/playbooks/roles/logstash/tasks/RedHat.yml +++ /dev/null @@ -1,7 +0,0 @@ ---- -- name: Install Logstash package - yum: - name: - - logstash-oss-{{ versions[ansible_os_family] }} - update_cache: yes - state: present diff --git a/core/src/epicli/data/common/ansible/playbooks/roles/logstash/tasks/main.yml b/core/src/epicli/data/common/ansible/playbooks/roles/logstash/tasks/main.yml index a58e189e2d..f297f2b843 100644 --- a/core/src/epicli/data/common/ansible/playbooks/roles/logstash/tasks/main.yml +++ b/core/src/epicli/data/common/ansible/playbooks/roles/logstash/tasks/main.yml @@ -1,6 +1,16 @@ --- -- name: Install logstash-oss - include_tasks: "{{ ansible_os_family }}.yml" +- name: Install Logstash package + package: + name: "{{ _packages[ansible_os_family] }}" + state: present + vars: + _packages: + Debian: + - logstash-oss={{ versions[ansible_os_family] }} + RedHat: + - logstash-oss-{{ versions[ansible_os_family] }} + module_defaults: + yum: { lock_timeout: "{{ yum_lock_timeout }}" } - name: Ensure Logstash is disabled systemd: diff --git a/core/src/epicli/data/common/ansible/playbooks/roles/opendistro_for_elasticsearch/tasks/install-es-Debian.yml b/core/src/epicli/data/common/ansible/playbooks/roles/opendistro_for_elasticsearch/tasks/install-es-Debian.yml deleted file mode 100644 index a56c13f634..0000000000 --- a/core/src/epicli/data/common/ansible/playbooks/roles/opendistro_for_elasticsearch/tasks/install-es-Debian.yml +++ /dev/null @@ -1,7 +0,0 @@ ---- -- name: Install Open Distro for Elasticsearch packages - apt: - name: - - elasticsearch-oss={{ versions[ansible_os_family].elasticsearch_oss }} - state: present - register: install_elasticsearch_package diff --git a/core/src/epicli/data/common/ansible/playbooks/roles/opendistro_for_elasticsearch/tasks/install-es-RedHat.yml b/core/src/epicli/data/common/ansible/playbooks/roles/opendistro_for_elasticsearch/tasks/install-es-RedHat.yml deleted file mode 100644 index c1aecc4d89..0000000000 --- a/core/src/epicli/data/common/ansible/playbooks/roles/opendistro_for_elasticsearch/tasks/install-es-RedHat.yml +++ /dev/null @@ -1,8 +0,0 @@ ---- -- name: Install Open Distro for Elasticsearch packages - yum: - name: - - elasticsearch-oss-{{ versions[ansible_os_family].elasticsearch_oss }} - update_cache: yes - state: present - register: install_elasticsearch_package diff --git a/core/src/epicli/data/common/ansible/playbooks/roles/opendistro_for_elasticsearch/tasks/install-opendistro-Debian.yml b/core/src/epicli/data/common/ansible/playbooks/roles/opendistro_for_elasticsearch/tasks/install-opendistro-Debian.yml deleted file mode 100644 index b53efa2f65..0000000000 --- a/core/src/epicli/data/common/ansible/playbooks/roles/opendistro_for_elasticsearch/tasks/install-opendistro-Debian.yml +++ /dev/null @@ -1,13 +0,0 @@ ---- -# Keep in mind compatibility matrix for Open Distro https://opendistro.github.io/for-elasticsearch-docs/docs/install/plugins/#plugin-compatibility -- name: Install Open Distro for Elasticsearch packages - apt: - name: - - opendistro-alerting={{ versions[ansible_os_family].opendistro }} - - opendistro-index-management={{ versions[ansible_os_family].opendistro }} - - opendistro-job-scheduler={{ versions[ansible_os_family].opendistro }} - - opendistro-performance-analyzer={{ versions[ansible_os_family].opendistro }} - - opendistro-security={{ versions[ansible_os_family].opendistro }} - - opendistro-sql={{ versions[ansible_os_family].opendistro }} - state: present - register: install_opendistro_packages diff --git a/core/src/epicli/data/common/ansible/playbooks/roles/opendistro_for_elasticsearch/tasks/install-opendistro-RedHat.yml b/core/src/epicli/data/common/ansible/playbooks/roles/opendistro_for_elasticsearch/tasks/install-opendistro-RedHat.yml deleted file mode 100644 index 1f1788356b..0000000000 --- a/core/src/epicli/data/common/ansible/playbooks/roles/opendistro_for_elasticsearch/tasks/install-opendistro-RedHat.yml +++ /dev/null @@ -1,14 +0,0 @@ ---- -# Keep in mind compatibility matrix for Open Distro https://opendistro.github.io/for-elasticsearch-docs/docs/install/plugins/#plugin-compatibility -- name: Install Open Distro for Elasticsearch packages - yum: - name: - - opendistro-alerting-{{ versions[ansible_os_family].opendistro }} - - opendistro-index-management-{{ versions[ansible_os_family].opendistro }} - - opendistro-job-scheduler-{{ versions[ansible_os_family].opendistro }} - - opendistro-performance-analyzer-{{ versions[ansible_os_family].opendistro }} - - opendistro-security-{{ versions[ansible_os_family].opendistro }} - - opendistro-sql-{{ versions[ansible_os_family].opendistro }} - update_cache: yes - state: present - register: install_opendistro_packages diff --git a/core/src/epicli/data/common/ansible/playbooks/roles/opendistro_for_elasticsearch/tasks/main.yml b/core/src/epicli/data/common/ansible/playbooks/roles/opendistro_for_elasticsearch/tasks/main.yml index 60dc6918b7..0e233276af 100644 --- a/core/src/epicli/data/common/ansible/playbooks/roles/opendistro_for_elasticsearch/tasks/main.yml +++ b/core/src/epicli/data/common/ansible/playbooks/roles/opendistro_for_elasticsearch/tasks/main.yml @@ -13,11 +13,44 @@ - { limit_type: 'soft', limit_item: 'memlock', value: unlimited } - { limit_type: 'hard', limit_item: 'memlock', value: unlimited } -- name: Include elasticsearch-oss installation task - include_tasks: "install-es-{{ ansible_os_family }}.yml" +- name: Install elasticsearch-oss packages + package: + name: "{{ _packages[ansible_os_family] }}" + state: present + vars: + _packages: + Debian: + - elasticsearch-oss={{ versions[ansible_os_family].elasticsearch_oss }} + RedHat: + - elasticsearch-oss-{{ versions[ansible_os_family].elasticsearch_oss }} + register: install_elasticsearch_package + module_defaults: + yum: { lock_timeout: "{{ yum_lock_timeout }}" } -- name: Include opendistro-* plugins installation task - include_tasks: "install-opendistro-{{ ansible_os_family }}.yml" +# NOTE: Keep in mind compatibility matrix for Open Distro https://opendistro.github.io/for-elasticsearch-docs/docs/install/plugins/#plugin-compatibility +- name: Install opendistro-* packages + package: + name: "{{ _packages[ansible_os_family] }}" + state: present + vars: + _packages: + Debian: + - opendistro-alerting={{ versions[ansible_os_family].opendistro }} + - opendistro-index-management={{ versions[ansible_os_family].opendistro }} + - opendistro-job-scheduler={{ versions[ansible_os_family].opendistro }} + - opendistro-performance-analyzer={{ versions[ansible_os_family].opendistro }} + - opendistro-security={{ versions[ansible_os_family].opendistro }} + - opendistro-sql={{ versions[ansible_os_family].opendistro }} + RedHat: + - opendistro-alerting-{{ versions[ansible_os_family].opendistro }} + - opendistro-index-management-{{ versions[ansible_os_family].opendistro }} + - opendistro-job-scheduler-{{ versions[ansible_os_family].opendistro }} + - opendistro-performance-analyzer-{{ versions[ansible_os_family].opendistro }} + - opendistro-security-{{ versions[ansible_os_family].opendistro }} + - opendistro-sql-{{ versions[ansible_os_family].opendistro }} + register: install_opendistro_packages + module_defaults: + yum: { lock_timeout: "{{ yum_lock_timeout }}" } - name: Include configuration tasks include_tasks: configure-es.yml diff --git a/core/src/epicli/data/common/ansible/playbooks/roles/postgresql/tasks/install-packages/Debian.yml b/core/src/epicli/data/common/ansible/playbooks/roles/postgresql/tasks/install-packages/Debian.yml index a058e86598..42f20567fd 100644 --- a/core/src/epicli/data/common/ansible/playbooks/roles/postgresql/tasks/install-packages/Debian.yml +++ b/core/src/epicli/data/common/ansible/playbooks/roles/postgresql/tasks/install-packages/Debian.yml @@ -5,7 +5,7 @@ - postgresql-10 - postgresql-contrib-10 - python-psycopg2 # required for postresql ansible management - update_cache: yes + update_cache: true state: present # --- extensions --- @@ -15,7 +15,6 @@ name: - pgbouncer state: present - update_cache: yes when: - specification.extensions.pgbouncer.enabled is defined - specification.extensions.pgbouncer.enabled @@ -25,7 +24,6 @@ name: - postgresql-10-repmgr state: present - update_cache: yes when: - specification.extensions.replication.use_repmgr is defined - specification.extensions.replication.use_repmgr @@ -37,4 +35,4 @@ state: present when: - specification.extensions.pgaudit.enabled is defined - - specification.extensions.pgaudit.enabled \ No newline at end of file + - specification.extensions.pgaudit.enabled diff --git a/core/src/epicli/data/common/ansible/playbooks/roles/postgresql/tasks/install-packages/RedHat.yml b/core/src/epicli/data/common/ansible/playbooks/roles/postgresql/tasks/install-packages/RedHat.yml index 32dbfe51f6..20f0fd40f8 100644 --- a/core/src/epicli/data/common/ansible/playbooks/roles/postgresql/tasks/install-packages/RedHat.yml +++ b/core/src/epicli/data/common/ansible/playbooks/roles/postgresql/tasks/install-packages/RedHat.yml @@ -4,7 +4,7 @@ name: - postgresql10-server - python-psycopg2 # required for postresql ansible management - update_cache: yes + update_cache: true state: present # --- additional components --- @@ -14,7 +14,6 @@ name: - pgbouncer state: present - update_cache: yes when: - specification.extensions.pgbouncer.enabled is defined - specification.extensions.pgbouncer.enabled @@ -26,7 +25,6 @@ name: - repmgr10-4.0.6 state: present - update_cache: yes - name: Create repmgr symlink file: @@ -46,4 +44,4 @@ state: present when: - specification.extensions.pgaudit.enabled is defined - - specification.extensions.pgaudit.enabled \ No newline at end of file + - specification.extensions.pgaudit.enabled diff --git a/core/src/epicli/data/common/ansible/playbooks/roles/postgresql/tasks/main.yml b/core/src/epicli/data/common/ansible/playbooks/roles/postgresql/tasks/main.yml index 5fa6772d3a..5415931441 100644 --- a/core/src/epicli/data/common/ansible/playbooks/roles/postgresql/tasks/main.yml +++ b/core/src/epicli/data/common/ansible/playbooks/roles/postgresql/tasks/main.yml @@ -1,6 +1,9 @@ --- -- name: Include installation tasks ({{ ansible_os_family }}) - include_tasks: install-packages/{{ ansible_os_family }}.yml +- name: Execute OS-specific package installation (postgresql) + block: + - include_tasks: "install-packages/{{ ansible_os_family }}.yml" + module_defaults: + yum: { lock_timeout: "{{ yum_lock_timeout }}" } - name: Include configuration tasks include_tasks: configure-postgresql.yml diff --git a/core/src/epicli/data/common/ansible/playbooks/roles/repository/tasks/RedHat/setup.yml b/core/src/epicli/data/common/ansible/playbooks/roles/repository/tasks/RedHat/setup.yml index c0be39d050..49c44dbb92 100644 --- a/core/src/epicli/data/common/ansible/playbooks/roles/repository/tasks/RedHat/setup.yml +++ b/core/src/epicli/data/common/ansible/playbooks/roles/repository/tasks/RedHat/setup.yml @@ -1,4 +1,10 @@ --- +- name: Wait for yum lock to be released + yum: + list: installed + module_defaults: + yum: { lock_timeout: "{{ yum_lock_timeout }}" } + - name: Set SELinux in permissive mode until the machine is rebooted command: setenforce 0 failed_when: false diff --git a/core/src/epicli/data/common/ansible/playbooks/roles/upgrade/tasks/docker.yml b/core/src/epicli/data/common/ansible/playbooks/roles/upgrade/tasks/docker.yml index db06b87f62..da5bb38891 100644 --- a/core/src/epicli/data/common/ansible/playbooks/roles/upgrade/tasks/docker.yml +++ b/core/src/epicli/data/common/ansible/playbooks/roles/upgrade/tasks/docker.yml @@ -33,6 +33,8 @@ # Remove Docker in version < 18.09 on RedHat before installing v18.09 to avoid package conflict error like below # 'file /usr/bin/docker from install of docker-ce-cli-1:18.09.9-3.el7.x86_64 conflicts with file from package docker-ce-17.03.2.ce-1.el7.centos.x86_64' - name: Remove Docker in version < 18.09 (RedHat) + module_defaults: + yum: { lock_timeout: "{{ yum_lock_timeout }}" } block: - name: Get information about installed packages as facts package_facts: @@ -41,12 +43,12 @@ - name: Remove docker-ce and docker-ce-selinux block: - name: Remove docker-ce - package: + yum: name: docker-ce-{{ ansible_facts.packages['docker-ce'][0].version }} state: absent - name: Remove docker-ce-selinux - package: + yum: name: docker-ce-selinux-{{ ansible_facts.packages['docker-ce-selinux'][0].version }} state: absent when: "'docker-ce-selinux' in ansible_facts.packages" @@ -76,4 +78,4 @@ name: kubelet daemon_reload: yes when: - - is_docker_updatable \ No newline at end of file + - is_docker_updatable diff --git a/core/src/epicli/data/common/ansible/playbooks/roles/upgrade/tasks/kubernetes/RedHat/install-kubeadm.yml b/core/src/epicli/data/common/ansible/playbooks/roles/upgrade/tasks/kubernetes/RedHat/install-kubeadm.yml index 9f74207868..b942042c6a 100644 --- a/core/src/epicli/data/common/ansible/playbooks/roles/upgrade/tasks/kubernetes/RedHat/install-kubeadm.yml +++ b/core/src/epicli/data/common/ansible/playbooks/roles/upgrade/tasks/kubernetes/RedHat/install-kubeadm.yml @@ -6,3 +6,5 @@ allow_downgrade: true disable_excludes: kubernetes state: present + module_defaults: + yum: { lock_timeout: "{{ yum_lock_timeout }}" } diff --git a/core/src/epicli/data/common/ansible/playbooks/roles/upgrade/tasks/kubernetes/RedHat/install-packages-cni-in-kubelet.yml b/core/src/epicli/data/common/ansible/playbooks/roles/upgrade/tasks/kubernetes/RedHat/install-packages-cni-in-kubelet.yml index 24c2a8a985..f71e35a53c 100644 --- a/core/src/epicli/data/common/ansible/playbooks/roles/upgrade/tasks/kubernetes/RedHat/install-packages-cni-in-kubelet.yml +++ b/core/src/epicli/data/common/ansible/playbooks/roles/upgrade/tasks/kubernetes/RedHat/install-packages-cni-in-kubelet.yml @@ -8,3 +8,5 @@ allow_downgrade: true disable_excludes: kubernetes state: present + module_defaults: + yum: { lock_timeout: "{{ yum_lock_timeout }}" } diff --git a/core/src/epicli/data/common/ansible/playbooks/roles/upgrade/tasks/kubernetes/RedHat/install-packages.yml b/core/src/epicli/data/common/ansible/playbooks/roles/upgrade/tasks/kubernetes/RedHat/install-packages.yml index 28226ee0e7..af45b59030 100644 --- a/core/src/epicli/data/common/ansible/playbooks/roles/upgrade/tasks/kubernetes/RedHat/install-packages.yml +++ b/core/src/epicli/data/common/ansible/playbooks/roles/upgrade/tasks/kubernetes/RedHat/install-packages.yml @@ -9,3 +9,5 @@ allow_downgrade: true disable_excludes: kubernetes state: present + module_defaults: + yum: { lock_timeout: "{{ yum_lock_timeout }}" } diff --git a/core/src/epicli/data/common/ansible/playbooks/roles/upgrade/tasks/legacy-haproxy/RedHat/uninstall-haproxy.yml b/core/src/epicli/data/common/ansible/playbooks/roles/upgrade/tasks/legacy-haproxy/RedHat/uninstall-haproxy.yml index 1a6849caa4..a0f8f174ce 100644 --- a/core/src/epicli/data/common/ansible/playbooks/roles/upgrade/tasks/legacy-haproxy/RedHat/uninstall-haproxy.yml +++ b/core/src/epicli/data/common/ansible/playbooks/roles/upgrade/tasks/legacy-haproxy/RedHat/uninstall-haproxy.yml @@ -8,3 +8,5 @@ - rh-haproxy18-runtime update_cache: true state: absent + module_defaults: + yum: { lock_timeout: "{{ yum_lock_timeout }}" } diff --git a/core/src/epicli/data/common/ansible/playbooks/roles/zookeeper/tasks/main.yml b/core/src/epicli/data/common/ansible/playbooks/roles/zookeeper/tasks/main.yml index 9fae5309c0..c1e10ef6f9 100644 --- a/core/src/epicli/data/common/ansible/playbooks/roles/zookeeper/tasks/main.yml +++ b/core/src/epicli/data/common/ansible/playbooks/roles/zookeeper/tasks/main.yml @@ -1,5 +1,4 @@ --- - - name: Create Zookeeper group group: name: "{{ zookeeper_group }}" @@ -14,15 +13,16 @@ - name: Install Java package package: - name: "java-1.8.0-openjdk-headless" - state: present - when: ansible_os_family == "RedHat" - -- name: Install Java package - package: - name: "openjdk-8-jre-headless" + name: "{{ _packages[ansible_os_family] }}" state: present - when: ansible_os_family == "Debian" + vars: + _packages: + Debian: + - openjdk-8-jre-headless + RedHat: + - java-1.8.0-openjdk-headless + module_defaults: + yum: { lock_timeout: "{{ yum_lock_timeout }}" } - name: Check if jmx exporter is available stat: