From df5672b3d9c29b51397f4770eb992c9f3f3955ce Mon Sep 17 00:00:00 2001 From: pmikus Date: Thu, 8 Apr 2021 10:44:18 +0000 Subject: Ansible git move + Better accessibility + Compliant with fdio.infra._function_ - function [pxe|terraform|ansible|vagrant] + dill==0.3.3 also applied on TBs - ci-man to follow today - Docs to be updated in separate patch Signed-off-by: pmikus Change-Id: Iff9eaa29d63044188cc8160db2d9b44b7635782a --- fdio.infra.ansible/roles/kernel/defaults/main.yaml | 43 +++++++ .../roles/kernel/filter_plugins/main.py | 143 +++++++++++++++++++++ fdio.infra.ansible/roles/kernel/handlers/main.yaml | 8 ++ fdio.infra.ansible/roles/kernel/tasks/main.yaml | 9 ++ .../roles/kernel/tasks/ubuntu_bionic.yaml | 51 ++++++++ .../roles/kernel/tasks/ubuntu_focal.yaml | 51 ++++++++ 6 files changed, 305 insertions(+) create mode 100644 fdio.infra.ansible/roles/kernel/defaults/main.yaml create mode 100644 fdio.infra.ansible/roles/kernel/filter_plugins/main.py create mode 100644 fdio.infra.ansible/roles/kernel/handlers/main.yaml create mode 100644 fdio.infra.ansible/roles/kernel/tasks/main.yaml create mode 100644 fdio.infra.ansible/roles/kernel/tasks/ubuntu_bionic.yaml create mode 100644 fdio.infra.ansible/roles/kernel/tasks/ubuntu_focal.yaml (limited to 'fdio.infra.ansible/roles/kernel') diff --git a/fdio.infra.ansible/roles/kernel/defaults/main.yaml b/fdio.infra.ansible/roles/kernel/defaults/main.yaml new file mode 100644 index 0000000000..b9b4253622 --- /dev/null +++ b/fdio.infra.ansible/roles/kernel/defaults/main.yaml @@ -0,0 +1,43 @@ +--- +# file: roles/kernel/defaults/main.yaml + +# Kernel version to install (Default to any version). +kernel_version: "{{ kernel_version_by_distro[ansible_distribution|lower][ansible_distribution_release] | join(' ') }}" + +kernel_version_by_distro: + ubuntu: + bionic: + - "4.15.0-72" + focal: + - "5.4.0-65" + +kernel_packages: "{{ kernel_packages_by_distro[ansible_distribution|lower][ansible_distribution_release] | flatten(levels=1) }}" + +kernel_packages_by_distro: + ubuntu: + bionic: + - "linux-image" + - "linux-headers" + - "linux-modules" + - "linux-modules-extra" + - "linux-tools" + focal: + - "linux-image" + - "linux-headers" + - "linux-modules" + - "linux-modules-extra" + - "linux-tools" + +# Packages to remove in relation to kernel upgrade. +absent_packages: "{{ absent_packages_by_distro[ansible_distribution|lower][ansible_distribution_release] | flatten(levels=1) }}" + +absent_packages_by_distro: + ubuntu: + bionic: + - "amd64-microcode" + - "intel-microcode" + - "iucode-tool" + focal: + - "amd64-microcode" + - "intel-microcode" + - "iucode-tool" \ No newline at end of file diff --git a/fdio.infra.ansible/roles/kernel/filter_plugins/main.py b/fdio.infra.ansible/roles/kernel/filter_plugins/main.py new file mode 100644 index 0000000000..7d909b90e8 --- /dev/null +++ b/fdio.infra.ansible/roles/kernel/filter_plugins/main.py @@ -0,0 +1,143 @@ + +"""Extra Ansible filters""" + +def deb_kernel(packages, kernel_version, current_version): + """ + Return best matching kernel version. + Args: + packages (dict): apt-cache showpkg output. + kernel_version (str): Kernel version to install. + current_version (str): Current kernel version. + Returns: + str: kernel version. + """ + kernels = set() + + # List all available kernel version and associated repository + for line in packages['stdout'].splitlines(): + line = line.strip() + if line.startswith('Package: ') and ( + line.endswith('-common') or # Debian + line.endswith('-generic')): # Ubuntu + kernel = line.split()[1] + + for string in ('linux-headers-', 'common', 'generic'): + kernel = kernel.replace(string, '') + kernel = kernel.strip('-') + + if kernel: + kernels.add(kernel) + + # Sort Kernel versions + versions = {} + for kernel in kernels: + try: + version, build = kernel.split('-', 1) + except ValueError: + version = kernel + build = '' + versions[kernel] = list( + int(ver) for ver in version.split('.')) + [build] + kernels = sorted(versions.keys(), key=versions.get, reverse=True) + + # Return more recent kernel package that match version requirement + for kernel in kernels: + if kernel.startswith(kernel_version): + return kernel + + raise RuntimeError( + 'No kernel matching to "%s". Available kernel versions: %s' % ( + kernel_version, ', '.join(reversed(kernels)))) + + +def _deb_kernel_package(kernel, dist, arch, name): + """ + Return kernel package name. + Args: + kernel (str): Kernel version. + dist (str): Distribution. + arch (str): Architecture. + name (str): Package name. + Returns: + str: kernel package. + """ + # Define package suffix + if dist == 'Ubuntu': + suffix = 'generic' + elif name == 'linux-image': + suffix = arch.replace('x86_64', 'amd64') + else: + suffix = 'common' + + return '-'.join((name, kernel, suffix)) + + +def deb_kernel_pkg(packages, kernel_version, current_version, dist, arch, name): + """ + Return kernel package to install. + Args: + packages (dict): apt-cache showpkg output. + kernel_version (str): Kernel version to install. + current_version (str): Current kernel version. + dist (str): Distribution. + arch (str): Architecture. + name (str): Package name. + Returns: + str: kernel package to install. + """ + return _deb_kernel_package( + deb_kernel(packages, kernel_version, current_version), dist, arch, name) + + +def deb_installed_kernel(installed, packages, kernel_version, current_version): + """ + Return old kernel packages to remove. + Args: + installed (dict): dpkg -l output. + packages (dict): apt-cache showpkg output. + kernel_version (str): Kernel version to install. + current_version (str): Current kernel version. + Returns: + list of str: Kernel packages to remove. + """ + # Filter installed package to keep + to_keep = deb_kernel(packages, kernel_version, current_version) + + # Return installed package to remove + to_remove = [] + for line in installed['stdout'].splitlines(): + if ' linux-' not in line: + continue + + package = line.split()[1] + if ((package.startswith('linux-image-') or + package.startswith('linux-headers-')) and not ( + package.startswith('linux-image-' + to_keep) or + package.startswith('linux-headers-' + to_keep))): + to_remove.append(package) + + return to_remove + + +def kernel_match(kernel, kernel_spec): + """ + Check if kernel version match. + Args: + kernel (str): Kernel + kernel_spec (str): Kernel to match. + Returns: + bool: True if Kernel match. + """ + return kernel.startswith(kernel_spec) + + +class FilterModule(object): + """Return filter plugin""" + + @staticmethod + def filters(): + """Return filter""" + return {'deb_kernel': deb_kernel, + 'deb_kernel_pkg': deb_kernel_pkg, + 'deb_installed_kernel': deb_installed_kernel, + 'kernel_match': kernel_match} diff --git a/fdio.infra.ansible/roles/kernel/handlers/main.yaml b/fdio.infra.ansible/roles/kernel/handlers/main.yaml new file mode 100644 index 0000000000..963fd71756 --- /dev/null +++ b/fdio.infra.ansible/roles/kernel/handlers/main.yaml @@ -0,0 +1,8 @@ +--- +# file roles/kernel/handlers/main.yaml + +- name: Reboot Server + reboot: + reboot_timeout: 3600 + tags: + - reboot-server \ No newline at end of file diff --git a/fdio.infra.ansible/roles/kernel/tasks/main.yaml b/fdio.infra.ansible/roles/kernel/tasks/main.yaml new file mode 100644 index 0000000000..431e344fb8 --- /dev/null +++ b/fdio.infra.ansible/roles/kernel/tasks/main.yaml @@ -0,0 +1,9 @@ +--- +# file: roles/kernel/tasks/main.yaml + +- name: Inst - Prerequisites + include_tasks: "{{ ansible_distribution|lower }}_{{ ansible_distribution_release }}.yaml" + tags: + - kernel-inst-prerequisites + +- meta: flush_handlers diff --git a/fdio.infra.ansible/roles/kernel/tasks/ubuntu_bionic.yaml b/fdio.infra.ansible/roles/kernel/tasks/ubuntu_bionic.yaml new file mode 100644 index 0000000000..349c853c11 --- /dev/null +++ b/fdio.infra.ansible/roles/kernel/tasks/ubuntu_bionic.yaml @@ -0,0 +1,51 @@ +--- +# file: roles/kernel/tasks/ubuntu_bionic.yaml + +- name: Get Available Kernel Versions + command: "apt-cache showpkg linux-headers-*" + changed_when: false + register: apt_kernel_list + tags: + - kernel-inst + +- name: Get installed packages with APT + command: "dpkg -l" + changed_when: false + register: apt_packages_list + tags: + - kernel-inst + +- name: Set target APT kernel version + set_fact: + _kernel: "{{ apt_kernel_list | deb_kernel( + kernel_version, ansible_kernel) }}" + tags: + - kernel-inst + +- name: Ensure Packages Versions + apt: + name: "{{ apt_kernel_list | deb_kernel_pkg( + kernel_version, ansible_kernel, ansible_distribution, + ansible_architecture, item) }}" + loop: "{{ kernel_packages }}" + tags: + - kernel-inst + +- name: Ensure Any Other Kernel Packages Are Removed + apt: + name: "{{ apt_packages_list | deb_installed_kernel( + apt_kernel_list, kernel_version, ansible_kernel) }}" + state: absent + purge: true + notify: + - "Reboot Server" + tags: + - kernel-inst + +- name: Ensure Any Microcode Is Absent + apt: + name: "{{ absent_packages }}" + state: absent + purge: true + tags: + - kernel-inst \ No newline at end of file diff --git a/fdio.infra.ansible/roles/kernel/tasks/ubuntu_focal.yaml b/fdio.infra.ansible/roles/kernel/tasks/ubuntu_focal.yaml new file mode 100644 index 0000000000..9cbc4d4787 --- /dev/null +++ b/fdio.infra.ansible/roles/kernel/tasks/ubuntu_focal.yaml @@ -0,0 +1,51 @@ +--- +# file: roles/kernel/tasks/ubuntu_focal.yaml + +- name: Get Available Kernel Versions + command: "apt-cache showpkg linux-headers-*" + changed_when: false + register: apt_kernel_list + tags: + - kernel-inst + +- name: Get installed packages with APT + command: "dpkg -l" + changed_when: false + register: apt_packages_list + tags: + - kernel-inst + +- name: Set target APT kernel version + set_fact: + _kernel: "{{ apt_kernel_list | deb_kernel( + kernel_version, ansible_kernel) }}" + tags: + - kernel-inst + +- name: Ensure Packages Versions + apt: + name: "{{ apt_kernel_list | deb_kernel_pkg( + kernel_version, ansible_kernel, ansible_distribution, + ansible_architecture, item) }}" + loop: "{{ kernel_packages }}" + tags: + - kernel-inst + +- name: Ensure Any Other Kernel Packages Are Removed + apt: + name: "{{ apt_packages_list | deb_installed_kernel( + apt_kernel_list, kernel_version, ansible_kernel) }}" + state: absent + purge: true + notify: + - "Reboot Server" + tags: + - kernel-inst + +- name: Ensure Any Microcode Is Absent + apt: + name: "{{ absent_packages }}" + state: absent + purge: true + tags: + - kernel-inst \ No newline at end of file -- cgit 1.2.3-korg