kayobe/ansible/roles/bootstrap/tasks/main.yml
Mark Goddard f639ad0b35 Use ansible_facts to reference facts
By default, Ansible injects a variable for every fact, prefixed with
ansible_. This can result in a large number of variables for each host,
which at scale can incur a performance penalty. Ansible provides a
configuration option [0] that can be set to False to prevent this
injection of facts. In this case, facts should be referenced via
ansible_facts.<fact>.

This change updates all references to Ansible facts within Kayobe
from using individual fact variables to using the items in the
ansible_facts dictionary. This allows users to disable fact variable
injection in their Ansible configuration, which may provide some
performance improvement.

This change disables fact variable injection in the ansible
configuration used in CI, to catch any attempts to use the injected
variables.

[0] https://docs.ansible.com/ansible/latest/reference_appendices/config.html#inject-facts-as-vars

Story: 2007993
Task: 42464
Depends-On: https://review.opendev.org/c/openstack/kolla-ansible/+/791276

Change-Id: I14db53ed6e57d37bbd28dd5819e432e3fe6628b2
2021-08-21 09:57:29 +02:00

45 lines
1.3 KiB
YAML

---
- name: Include OS family-specific variables
include_vars: "{{ ansible_facts.os_family }}.yml"
- name: Ensure required packages are installed
package:
name: "{{ bootstrap_package_dependencies }}"
state: present
cache_valid_time: "{{ apt_cache_valid_time if ansible_facts.os_family == 'Debian' else omit }}"
update_cache: "{{ True if ansible_facts.os_family == 'Debian' else omit }}"
become: True
- name: Check whether an SSH key exists
stat:
path: "{{ bootstrap_ssh_private_key_path }}"
get_checksum: False
get_md5: False
mime: False
register: ssh_key_stat
- name: Generate an SSH key
command: ssh-keygen -t {{ bootstrap_ssh_key_type }} -N '' -f {{ bootstrap_ssh_private_key_path }}
when: not ssh_key_stat.stat.exists
- name: Ensure SSH public key is in authorized keys
authorized_key:
user: "{{ ansible_facts.user_id }}"
key: "{{ lookup('file', bootstrap_ssh_private_key_path ~ '.pub') }}"
- name: Scan for SSH keys
command: ssh-keyscan {{ item }}
with_items:
- localhost
- 127.0.0.1
register: keyscan_result
changed_when: False
- name: Ensure SSH keys are in known hosts
known_hosts:
host: "{{ item[0].item }}"
key: "{{ item[1] }}"
with_subelements:
- "{{ keyscan_result.results }}"
- stdout_lines