openstack/kayobe
Code Issues Proposed changes
kayobe/ansible/kolla-ansible-user.yml
Will Szumski 988a822259 Add podman support 
Adds support for Podman as an alternative container engine. This builds
on the support added in kolla-ansible in the 2023.2 cycle.

Change-Id: I2c6befbdda7e684228065103feea7250a0ea3826
2025-01-27 16:42:33 +00:00

59 lines
2.1 KiB
YAML
Raw Blame History

---
- name: Ensure the Kolla Ansible user account exists
hosts: seed:overcloud
gather_facts: false
max_fail_percentage: >-
{{ kolla_ansible_user_max_fail_percentage |
default(host_configure_max_fail_percentage) |
default(kayobe_max_fail_percentage) |
default(100) }}
tags:
- kolla-ansible
- kolla-ansible-user
vars:
# kolla_overcloud_inventory_top_level_group_map looks like:
# kolla_overcloud_inventory_top_level_group_map:
# control:
# groups:
# - controllers
hosts_in_kolla_inventory: >-
{{ kolla_overcloud_inventory_top_level_group_map.values() |
map(attribute='groups') | flatten | unique | union(['seed']) | join(':') }}
tasks:
- block:
- name: Ensure the Kolla Ansible user account exists
include_role:
name: singleplatform-eng.users
apply:
become: True
vars:
groups_to_create: "{{ groups_to_create_template | from_yaml }}"
groups_to_create_template: |-
{% if container_engine == 'docker' %}
- name: docker
{% endif %}
- name: "{{ kolla_ansible_group }}"
- name: sudo
users: "{{ users_template | from_yaml }}"
users_template: |-
- username: "{{ kolla_ansible_user }}"
group: "{{ kolla_ansible_group }}"
groups:
{% if container_engine == 'docker' %}
- docker
{% endif %}
- sudo
append: True
ssh_key:
- "{{ kolla_ansible_custom_passwords.kolla_ssh_key.public_key }}"
- name: Ensure the Kolla Ansible user has passwordless sudo
copy:
content: "{{ kolla_ansible_user }} ALL=(ALL) NOPASSWD: ALL"
dest: "/etc/sudoers.d/kolla-ansible-users"
mode: 0640
become: True
when:
- inventory_hostname in query('inventory_hostnames', hosts_in_kolla_inventory)
- kolla_ansible_create_user | bool
View Git Blame Copy Permalink