diff --git a/ansible/group_vars/all.yml b/ansible/group_vars/all.yml
index 5337f3c81e..7c72492dcd 100644
--- a/ansible/group_vars/all.yml
+++ b/ansible/group_vars/all.yml
@@ -769,11 +769,11 @@ monasca_enable_alerting_pipeline: True
# directly to Elasticsearch.
monasca_ingest_control_plane_logs: True
-monasca_api_internal_base_endpoint: "{{ internal_protocol }}://{{ kolla_internal_fqdn | put_address_in_context('url') }}:{{ monasca_api_port }}"
-monasca_api_public_base_endpoint: "{{ public_protocol }}://{{ kolla_external_fqdn | put_address_in_context('url') }}:{{ monasca_api_port }}"
+monasca_api_internal_base_endpoint: "{{ internal_protocol }}://{{ kolla_internal_fqdn | put_address_in_context('url') }}:{{ monasca_api_port }}"
+monasca_api_public_base_endpoint: "{{ public_protocol }}://{{ kolla_external_fqdn | put_address_in_context('url') }}:{{ monasca_api_port }}"
-monasca_log_api_internal_endpoint: "{{ internal_protocol }}://{{ kolla_internal_fqdn | put_address_in_context('url') }}:{{ monasca_log_api_port }}"
-monasca_log_api_public_endpoint: "{{ public_protocol }}://{{ kolla_external_fqdn | put_address_in_context('url') }}:{{ monasca_log_api_port }}"
+monasca_log_api_internal_endpoint: "{{ internal_protocol }}://{{ kolla_internal_fqdn | put_address_in_context('url') }}:{{ monasca_log_api_port }}"
+monasca_log_api_public_endpoint: "{{ public_protocol }}://{{ kolla_external_fqdn | put_address_in_context('url') }}:{{ monasca_log_api_port }}"
# The OpenStack username used by the Monasca Agent and the Fluentd Monasca
# plugin to post logs and metrics from the control plane to Monasca.
diff --git a/ansible/roles/aodh/defaults/main.yml b/ansible/roles/aodh/defaults/main.yml
index ccae15b9f2..0f8a29d718 100644
--- a/ansible/roles/aodh/defaults/main.yml
+++ b/ansible/roles/aodh/defaults/main.yml
@@ -118,7 +118,7 @@ aodh_api_enable_healthchecks: "{{ enable_container_healthchecks }}"
aodh_api_healthcheck_interval: "{{ default_container_healthcheck_interval }}"
aodh_api_healthcheck_retries: "{{ default_container_healthcheck_retries }}"
aodh_api_healthcheck_start_period: "{{ default_container_healthcheck_start_period }}"
-aodh_api_healthcheck_test: ["CMD-SHELL", "healthcheck_curl http://{{ api_interface_address | put_address_in_context('url') }}:{{ aodh_api_listen_port }}"]
+aodh_api_healthcheck_test: ["CMD-SHELL", "healthcheck_curl http://{{ api_interface_address | put_address_in_context('url') }}:{{ aodh_api_listen_port }}"]
aodh_api_healthcheck_timeout: "{{ default_container_healthcheck_timeout }}"
aodh_api_healthcheck:
interval: "{{ aodh_api_healthcheck_interval }}"
diff --git a/ansible/roles/barbican/defaults/main.yml b/ansible/roles/barbican/defaults/main.yml
index 644dab37d8..0f7778175a 100644
--- a/ansible/roles/barbican/defaults/main.yml
+++ b/ansible/roles/barbican/defaults/main.yml
@@ -87,7 +87,7 @@ barbican_api_enable_healthchecks: "{{ enable_container_healthchecks }}"
barbican_api_healthcheck_interval: "{{ default_container_healthcheck_interval }}"
barbican_api_healthcheck_retries: "{{ default_container_healthcheck_retries }}"
barbican_api_healthcheck_start_period: "{{ default_container_healthcheck_start_period }}"
-barbican_api_healthcheck_test: ["CMD-SHELL", "healthcheck_curl {{ 'https' if barbican_enable_tls_backend | bool else 'http' }}://{{ api_interface_address | put_address_in_context('url') }}:{{ barbican_api_listen_port }}"]
+barbican_api_healthcheck_test: ["CMD-SHELL", "healthcheck_curl {{ 'https' if barbican_enable_tls_backend | bool else 'http' }}://{{ api_interface_address | put_address_in_context('url') }}:{{ barbican_api_listen_port }}"]
barbican_api_healthcheck_timeout: "{{ default_container_healthcheck_timeout }}"
barbican_api_healthcheck:
interval: "{{ barbican_api_healthcheck_interval }}"
diff --git a/ansible/roles/cinder/defaults/main.yml b/ansible/roles/cinder/defaults/main.yml
index 8d2f896d90..cdef8704ac 100644
--- a/ansible/roles/cinder/defaults/main.yml
+++ b/ansible/roles/cinder/defaults/main.yml
@@ -103,7 +103,7 @@ cinder_api_enable_healthchecks: "{{ enable_container_healthchecks }}"
cinder_api_healthcheck_interval: "{{ default_container_healthcheck_interval }}"
cinder_api_healthcheck_retries: "{{ default_container_healthcheck_retries }}"
cinder_api_healthcheck_start_period: "{{ default_container_healthcheck_start_period }}"
-cinder_api_healthcheck_test: ["CMD-SHELL", "healthcheck_curl {{ 'https' if cinder_enable_tls_backend | bool else 'http' }}://{{ api_interface_address | put_address_in_context('url') }}:{{ cinder_api_listen_port }}"]
+cinder_api_healthcheck_test: ["CMD-SHELL", "healthcheck_curl {{ 'https' if cinder_enable_tls_backend | bool else 'http' }}://{{ api_interface_address | put_address_in_context('url') }}:{{ cinder_api_listen_port }}"]
cinder_api_healthcheck_timeout: "{{ default_container_healthcheck_timeout }}"
cinder_api_healthcheck:
interval: "{{ cinder_api_healthcheck_interval }}"
diff --git a/ansible/roles/cloudkitty/defaults/main.yml b/ansible/roles/cloudkitty/defaults/main.yml
index 68fdb40d6b..df72fb115a 100644
--- a/ansible/roles/cloudkitty/defaults/main.yml
+++ b/ansible/roles/cloudkitty/defaults/main.yml
@@ -83,7 +83,7 @@ cloudkitty_api_enable_healthchecks: "{{ enable_container_healthchecks }}"
cloudkitty_api_healthcheck_interval: "{{ default_container_healthcheck_interval }}"
cloudkitty_api_healthcheck_retries: "{{ default_container_healthcheck_retries }}"
cloudkitty_api_healthcheck_start_period: "{{ default_container_healthcheck_start_period }}"
-cloudkitty_api_healthcheck_test: ["CMD-SHELL", "healthcheck_curl http://{{ api_interface_address | put_address_in_context('url') }}:{{ cloudkitty_api_port }}"]
+cloudkitty_api_healthcheck_test: ["CMD-SHELL", "healthcheck_curl http://{{ api_interface_address | put_address_in_context('url') }}:{{ cloudkitty_api_port }}"]
cloudkitty_api_healthcheck_timeout: "{{ default_container_healthcheck_timeout }}"
cloudkitty_api_healthcheck:
interval: "{{ cloudkitty_api_healthcheck_interval }}"
diff --git a/ansible/roles/common/tasks/config.yml b/ansible/roles/common/tasks/config.yml
index c8b1594f59..dd0790e25a 100644
--- a/ansible/roles/common/tasks/config.yml
+++ b/ansible/roles/common/tasks/config.yml
@@ -220,8 +220,8 @@
- name: Ensure RabbitMQ Erlang cookie exists
become: true
- copy:
- content: "{{ rabbitmq_cluster_cookie }}"
+ template:
+ src: "rabbitmq-erlang.cookie.j2"
dest: "{{ node_config_directory }}/kolla-toolbox/rabbitmq-erlang.cookie"
mode: "0660"
when:
diff --git a/ansible/roles/common/templates/rabbitmq-erlang.cookie.j2 b/ansible/roles/common/templates/rabbitmq-erlang.cookie.j2
new file mode 100644
index 0000000000..d2322468d0
--- /dev/null
+++ b/ansible/roles/common/templates/rabbitmq-erlang.cookie.j2
@@ -0,0 +1 @@
+{{ rabbitmq_cluster_cookie }}
diff --git a/ansible/roles/cyborg/defaults/main.yml b/ansible/roles/cyborg/defaults/main.yml
index f06034255f..eb92290b83 100644
--- a/ansible/roles/cyborg/defaults/main.yml
+++ b/ansible/roles/cyborg/defaults/main.yml
@@ -72,7 +72,7 @@ cyborg_api_enable_healthchecks: "{{ enable_container_healthchecks }}"
cyborg_api_healthcheck_interval: "{{ default_container_healthcheck_interval }}"
cyborg_api_healthcheck_retries: "{{ default_container_healthcheck_retries }}"
cyborg_api_healthcheck_start_period: "{{ default_container_healthcheck_start_period }}"
-cyborg_api_healthcheck_test: ["CMD-SHELL", "healthcheck_curl http://{{ api_interface_address | put_address_in_context('url') }}:{{ cyborg_api_port }}"]
+cyborg_api_healthcheck_test: ["CMD-SHELL", "healthcheck_curl http://{{ api_interface_address | put_address_in_context('url') }}:{{ cyborg_api_port }}"]
cyborg_api_healthcheck_timeout: "{{ default_container_healthcheck_timeout }}"
cyborg_api_healthcheck:
interval: "{{ cyborg_api_healthcheck_interval }}"
diff --git a/ansible/roles/designate/defaults/main.yml b/ansible/roles/designate/defaults/main.yml
index 527cd9eb09..616b53881f 100644
--- a/ansible/roles/designate/defaults/main.yml
+++ b/ansible/roles/designate/defaults/main.yml
@@ -137,7 +137,7 @@ designate_api_enable_healthchecks: "{{ enable_container_healthchecks }}"
designate_api_healthcheck_interval: "{{ default_container_healthcheck_interval }}"
designate_api_healthcheck_retries: "{{ default_container_healthcheck_retries }}"
designate_api_healthcheck_start_period: "{{ default_container_healthcheck_start_period }}"
-designate_api_healthcheck_test: ["CMD-SHELL", "healthcheck_curl http://{{ api_interface_address | put_address_in_context('url') }}:{{ designate_api_listen_port }}"]
+designate_api_healthcheck_test: ["CMD-SHELL", "healthcheck_curl http://{{ api_interface_address | put_address_in_context('url') }}:{{ designate_api_listen_port }}"]
designate_api_healthcheck_timeout: "{{ default_container_healthcheck_timeout }}"
designate_api_healthcheck:
interval: "{{ designate_api_healthcheck_interval }}"
diff --git a/ansible/roles/destroy/tasks/cleanup_host.yml b/ansible/roles/destroy/tasks/cleanup_host.yml
index 99ccfcc99f..30517dd272 100644
--- a/ansible/roles/destroy/tasks/cleanup_host.yml
+++ b/ansible/roles/destroy/tasks/cleanup_host.yml
@@ -17,19 +17,19 @@
destroy_include_dev: "{{ destroy_include_dev }}"
- block:
- - name: disable octavia-interface service
+ - name: Disable octavia-interface service
service:
name: octavia-interface
enabled: no
state: stopped
failed_when: false
- - name: remove octavia-interface service file
+ - name: Remove octavia-interface service file
file:
path: /etc/systemd/system/octavia-interface.service
state: absent
- - name: remove dhclient.conf
+ - name: Remove dhclient.conf
file:
path: /etc/dhcp/octavia-dhclient.conf
state: absent
diff --git a/ansible/roles/elasticsearch/defaults/main.yml b/ansible/roles/elasticsearch/defaults/main.yml
index 749e789ac0..4f3aa334cc 100644
--- a/ansible/roles/elasticsearch/defaults/main.yml
+++ b/ansible/roles/elasticsearch/defaults/main.yml
@@ -36,7 +36,7 @@ elasticsearch_enable_keystone_registration: False
elasticsearch_cluster_name: "kolla_logging"
es_heap_size: "1g"
-es_java_opts: "{% if es_heap_size %}-Xms{{ es_heap_size }} -Xmx{{ es_heap_size }}{%endif%} -Dlog4j2.formatMsgNoLookups=true"
+es_java_opts: "{% if es_heap_size %}-Xms{{ es_heap_size }} -Xmx{{ es_heap_size }}{% endif %} -Dlog4j2.formatMsgNoLookups=true"
#######################
# Elasticsearch Curator
@@ -62,7 +62,7 @@ elasticsearch_curator_dry_run: false
# Index prefix pattern. Any indices matching this regex will
# be managed by Curator.
-elasticsearch_curator_index_pattern: "^{{ '(monasca|' + kibana_log_prefix + ')' if enable_monasca|bool else kibana_log_prefix }}-.*" # noqa var-spacing
+elasticsearch_curator_index_pattern: "^{{ '(monasca|' + kibana_log_prefix + ')' if enable_monasca | bool else kibana_log_prefix }}-.*" # noqa jinja[spacing]
# Duration after which an index is staged for deletion. This is
# implemented by closing the index. Whilst in this state the index
@@ -103,7 +103,7 @@ elasticsearch_enable_healthchecks: "{{ enable_container_healthchecks }}"
elasticsearch_healthcheck_interval: "{{ default_container_healthcheck_interval }}"
elasticsearch_healthcheck_retries: "{{ default_container_healthcheck_retries }}"
elasticsearch_healthcheck_start_period: "{{ default_container_healthcheck_start_period }}"
-elasticsearch_healthcheck_test: ["CMD-SHELL", "healthcheck_curl http://{{ api_interface_address | put_address_in_context('url') }}:{{ elasticsearch_port }}"]
+elasticsearch_healthcheck_test: ["CMD-SHELL", "healthcheck_curl http://{{ api_interface_address | put_address_in_context('url') }}:{{ elasticsearch_port }}"]
elasticsearch_healthcheck_timeout: "{{ default_container_healthcheck_timeout }}"
elasticsearch_healthcheck:
interval: "{{ elasticsearch_healthcheck_interval }}"
diff --git a/ansible/roles/etcd/defaults/main.yml b/ansible/roles/etcd/defaults/main.yml
index beb26b5f29..10510fc4fc 100644
--- a/ansible/roles/etcd/defaults/main.yml
+++ b/ansible/roles/etcd/defaults/main.yml
@@ -16,10 +16,10 @@ etcd_services:
ETCD_INITIAL_CLUSTER_STATE: "new"
ETCD_OUT_FILE: "/var/log/kolla/etcd/etcd.log"
KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}"
- ETCD_CERT_FILE: "{% if etcd_enable_tls | bool %}/etc/etcd/certs/etcd-cert.pem{% endif %}"
- ETCD_KEY_FILE: "{% if etcd_enable_tls | bool %}/etc/etcd/certs/etcd-key.pem{% endif %}"
- ETCD_PEER_CERT_FILE: "{% if etcd_enable_tls | bool %}/etc/etcd/certs/etcd-cert.pem{% endif %}"
- ETCD_PEER_KEY_FILE: "{% if etcd_enable_tls | bool %}/etc/etcd/certs/etcd-key.pem{% endif %}"
+ ETCD_CERT_FILE: "{% if etcd_enable_tls | bool %}/etc/etcd/certs/etcd-cert.pem{% endif %}"
+ ETCD_KEY_FILE: "{% if etcd_enable_tls | bool %}/etc/etcd/certs/etcd-key.pem{% endif %}"
+ ETCD_PEER_CERT_FILE: "{% if etcd_enable_tls | bool %}/etc/etcd/certs/etcd-cert.pem{% endif %}"
+ ETCD_PEER_KEY_FILE: "{% if etcd_enable_tls | bool %}/etc/etcd/certs/etcd-key.pem{% endif %}"
image: "{{ etcd_image_full }}"
volumes: "{{ etcd_default_volumes + etcd_extra_volumes }}"
dimensions: "{{ etcd_dimensions }}"
diff --git a/ansible/roles/glance/defaults/main.yml b/ansible/roles/glance/defaults/main.yml
index c857c57468..5ca70d9c70 100644
--- a/ansible/roles/glance/defaults/main.yml
+++ b/ansible/roles/glance/defaults/main.yml
@@ -145,7 +145,7 @@ glance_api_enable_healthchecks: "{{ enable_container_healthchecks }}"
glance_api_healthcheck_interval: "{{ default_container_healthcheck_interval }}"
glance_api_healthcheck_retries: "{{ default_container_healthcheck_retries }}"
glance_api_healthcheck_start_period: "{{ default_container_healthcheck_start_period }}"
-glance_api_healthcheck_test: ["CMD-SHELL", "healthcheck_curl http://{% if glance_enable_tls_backend | bool %}localhost{% else %}{{ api_interface_address | put_address_in_context('url') }}{% endif %}:{{ glance_api_listen_port }}"]
+glance_api_healthcheck_test: ["CMD-SHELL", "healthcheck_curl http://{% if glance_enable_tls_backend | bool %}localhost{% else %}{{ api_interface_address | put_address_in_context('url') }}{% endif %}:{{ glance_api_listen_port }}"]
glance_api_healthcheck_timeout: "{{ default_container_healthcheck_timeout }}"
glance_api_healthcheck:
interval: "{{ glance_api_healthcheck_interval }}"
@@ -158,7 +158,7 @@ glance_tls_proxy_enable_healthchecks: "{{ enable_container_healthchecks }}"
glance_tls_proxy_healthcheck_interval: "{{ default_container_healthcheck_interval }}"
glance_tls_proxy_healthcheck_retries: "{{ default_container_healthcheck_retries }}"
glance_tls_proxy_healthcheck_start_period: "{{ default_container_healthcheck_start_period }}"
-glance_tls_proxy_healthcheck_test: ["CMD-SHELL", "healthcheck_curl -u {{ haproxy_user }}:{{ haproxy_password }} {{ api_interface_address | put_address_in_context('url') }}:{{ glance_tls_proxy_stats_port }}"]
+glance_tls_proxy_healthcheck_test: ["CMD-SHELL", "healthcheck_curl -u {{ haproxy_user }}:{{ haproxy_password }} {{ api_interface_address | put_address_in_context('url') }}:{{ glance_tls_proxy_stats_port }}"]
glance_tls_proxy_healthcheck_timeout: "{{ default_container_healthcheck_timeout }}"
glance_tls_proxy_healthcheck:
interval: "{{ glance_tls_proxy_healthcheck_interval }}"
diff --git a/ansible/roles/gnocchi/defaults/main.yml b/ansible/roles/gnocchi/defaults/main.yml
index ac50a45462..e15582f50c 100644
--- a/ansible/roles/gnocchi/defaults/main.yml
+++ b/ansible/roles/gnocchi/defaults/main.yml
@@ -90,7 +90,7 @@ gnocchi_api_enable_healthchecks: "{{ enable_container_healthchecks }}"
gnocchi_api_healthcheck_interval: "{{ default_container_healthcheck_interval }}"
gnocchi_api_healthcheck_retries: "{{ default_container_healthcheck_retries }}"
gnocchi_api_healthcheck_start_period: "{{ default_container_healthcheck_start_period }}"
-gnocchi_api_healthcheck_test: ["CMD-SHELL", "healthcheck_curl http://{{ api_interface_address | put_address_in_context('url') }}:{{ gnocchi_api_listen_port }}"]
+gnocchi_api_healthcheck_test: ["CMD-SHELL", "healthcheck_curl http://{{ api_interface_address | put_address_in_context('url') }}:{{ gnocchi_api_listen_port }}"]
gnocchi_api_healthcheck_timeout: "{{ default_container_healthcheck_timeout }}"
gnocchi_api_healthcheck:
interval: "{{ gnocchi_api_healthcheck_interval }}"
diff --git a/ansible/roles/heat/defaults/main.yml b/ansible/roles/heat/defaults/main.yml
index f9d75159b0..37a4622f62 100644
--- a/ansible/roles/heat/defaults/main.yml
+++ b/ansible/roles/heat/defaults/main.yml
@@ -101,7 +101,7 @@ heat_api_enable_healthchecks: "{{ enable_container_healthchecks }}"
heat_api_healthcheck_interval: "{{ default_container_healthcheck_interval }}"
heat_api_healthcheck_retries: "{{ default_container_healthcheck_retries }}"
heat_api_healthcheck_start_period: "{{ default_container_healthcheck_start_period }}"
-heat_api_healthcheck_test: ["CMD-SHELL", "healthcheck_curl {{ 'https' if heat_enable_tls_backend | bool else 'http' }}://{{ api_interface_address | put_address_in_context('url') }}:{{ heat_api_listen_port }}"]
+heat_api_healthcheck_test: ["CMD-SHELL", "healthcheck_curl {{ 'https' if heat_enable_tls_backend | bool else 'http' }}://{{ api_interface_address | put_address_in_context('url') }}:{{ heat_api_listen_port }}"]
heat_api_healthcheck_timeout: "{{ default_container_healthcheck_timeout }}"
heat_api_healthcheck:
interval: "{{ heat_api_healthcheck_interval }}"
@@ -114,7 +114,7 @@ heat_api_cfn_enable_healthchecks: "{{ enable_container_healthchecks }}"
heat_api_cfn_healthcheck_interval: "{{ default_container_healthcheck_interval }}"
heat_api_cfn_healthcheck_retries: "{{ default_container_healthcheck_retries }}"
heat_api_cfn_healthcheck_start_period: "{{ default_container_healthcheck_start_period }}"
-heat_api_cfn_healthcheck_test: ["CMD-SHELL", "healthcheck_curl {{ 'https' if heat_enable_tls_backend | bool else 'http' }}://{{ api_interface_address | put_address_in_context('url') }}:{{ heat_api_cfn_listen_port }}"]
+heat_api_cfn_healthcheck_test: ["CMD-SHELL", "healthcheck_curl {{ 'https' if heat_enable_tls_backend | bool else 'http' }}://{{ api_interface_address | put_address_in_context('url') }}:{{ heat_api_cfn_listen_port }}"]
heat_api_cfn_healthcheck_timeout: "{{ default_container_healthcheck_timeout }}"
heat_api_cfn_healthcheck:
interval: "{{ heat_api_cfn_healthcheck_interval }}"
diff --git a/ansible/roles/horizon/defaults/main.yml b/ansible/roles/horizon/defaults/main.yml
index 989d8d5e9d..77f76ecd1a 100644
--- a/ansible/roles/horizon/defaults/main.yml
+++ b/ansible/roles/horizon/defaults/main.yml
@@ -17,7 +17,7 @@ horizon_services:
ENABLE_MASAKARI: "{{ 'yes' if enable_horizon_masakari | bool else 'no' }}"
ENABLE_MISTRAL: "{{ 'yes' if enable_horizon_mistral | bool else 'no' }}"
ENABLE_MONASCA: "{{ 'yes' if enable_horizon_monasca | bool else 'no' }}"
- ENABLE_MURANO: "{{ 'yes' if enable_horizon_murano | bool else 'no' }}"
+ ENABLE_MURANO: "{{ 'yes' if enable_horizon_murano | bool else 'no' }}"
ENABLE_NEUTRON_VPNAAS: "{{ 'yes' if enable_horizon_neutron_vpnaas | bool else 'no' }}"
ENABLE_OCTAVIA: "{{ 'yes' if enable_horizon_octavia | bool else 'no' }}"
ENABLE_SAHARA: "{{ 'yes' if enable_horizon_sahara | bool else 'no' }}"
@@ -111,7 +111,7 @@ horizon_enable_healthchecks: "{{ enable_container_healthchecks }}"
horizon_healthcheck_interval: "{{ default_container_healthcheck_interval }}"
horizon_healthcheck_retries: "{{ default_container_healthcheck_retries }}"
horizon_healthcheck_start_period: "{{ default_container_healthcheck_start_period }}"
-horizon_healthcheck_test: ["CMD-SHELL", "healthcheck_curl {{ 'https' if horizon_enable_tls_backend | bool else 'http' }}://{{ api_interface_address | put_address_in_context('url') }}:{{ horizon_listen_port }}"]
+horizon_healthcheck_test: ["CMD-SHELL", "healthcheck_curl {{ 'https' if horizon_enable_tls_backend | bool else 'http' }}://{{ api_interface_address | put_address_in_context('url') }}:{{ horizon_listen_port }}"]
horizon_healthcheck_timeout: "{{ default_container_healthcheck_timeout }}"
horizon_healthcheck:
interval: "{{ horizon_healthcheck_interval }}"
diff --git a/ansible/roles/ironic/defaults/main.yml b/ansible/roles/ironic/defaults/main.yml
index f6ae0e3e18..66ad6b164a 100644
--- a/ansible/roles/ironic/defaults/main.yml
+++ b/ansible/roles/ironic/defaults/main.yml
@@ -149,7 +149,7 @@ ironic_api_enable_healthchecks: "{{ enable_container_healthchecks }}"
ironic_api_healthcheck_interval: "{{ default_container_healthcheck_interval }}"
ironic_api_healthcheck_retries: "{{ default_container_healthcheck_retries }}"
ironic_api_healthcheck_start_period: "{{ default_container_healthcheck_start_period }}"
-ironic_api_healthcheck_test: ["CMD-SHELL", "healthcheck_curl http://{{ api_interface_address | put_address_in_context('url') }}:{{ ironic_api_listen_port }}"]
+ironic_api_healthcheck_test: ["CMD-SHELL", "healthcheck_curl http://{{ api_interface_address | put_address_in_context('url') }}:{{ ironic_api_listen_port }}"]
ironic_api_healthcheck_timeout: "{{ default_container_healthcheck_timeout }}"
ironic_api_healthcheck:
interval: "{{ ironic_api_healthcheck_interval }}"
diff --git a/ansible/roles/keystone/defaults/main.yml b/ansible/roles/keystone/defaults/main.yml
index c07c0b1fc0..83ae28dc79 100644
--- a/ansible/roles/keystone/defaults/main.yml
+++ b/ansible/roles/keystone/defaults/main.yml
@@ -114,7 +114,7 @@ keystone_enable_healthchecks: "{{ enable_container_healthchecks }}"
keystone_healthcheck_interval: "{{ default_container_healthcheck_interval }}"
keystone_healthcheck_retries: "{{ default_container_healthcheck_retries }}"
keystone_healthcheck_start_period: "{{ default_container_healthcheck_start_period }}"
-keystone_healthcheck_test: ["CMD-SHELL", "healthcheck_curl {{ 'https' if keystone_enable_tls_backend | bool else 'http' }}://{{ api_interface_address | put_address_in_context('url') }}:{{ keystone_public_listen_port }}"]
+keystone_healthcheck_test: ["CMD-SHELL", "healthcheck_curl {{ 'https' if keystone_enable_tls_backend | bool else 'http' }}://{{ api_interface_address | put_address_in_context('url') }}:{{ keystone_public_listen_port }}"]
keystone_healthcheck_timeout: "{{ default_container_healthcheck_timeout }}"
keystone_healthcheck:
interval: "{{ keystone_healthcheck_interval }}"
@@ -224,7 +224,7 @@ keystone_host_federation_oidc_attribute_mappings_folder: "{{ node_config_directo
# These variables are used to define multiple trusted Horizon dashboards.
# keystone_trusted_dashboards: ['', '', '']
keystone_trusted_dashboards: "{{ ['%s://%s/auth/websso/' % (public_protocol, kolla_external_fqdn), '%s/auth/websso/' % (horizon_public_endpoint)] if enable_horizon | bool else [] }}"
-keystone_enable_federation_openid: "{{ enable_keystone_federation | bool and keystone_identity_providers | selectattr('protocol','equalto','openid') | list | count > 0 }}"
+keystone_enable_federation_openid: "{{ enable_keystone_federation | bool and keystone_identity_providers | selectattr('protocol', 'equalto', 'openid') | list | count > 0 }}"
keystone_should_remove_attribute_mappings: False
keystone_should_remove_identity_providers: False
keystone_federation_oidc_response_type: "id_token"
diff --git a/ansible/roles/keystone/tasks/distribute_fernet.yml b/ansible/roles/keystone/tasks/distribute_fernet.yml
index f5c12b8031..ce7414b643 100644
--- a/ansible/roles/keystone/tasks/distribute_fernet.yml
+++ b/ansible/roles/keystone/tasks/distribute_fernet.yml
@@ -15,5 +15,4 @@
run_once: True
delegate_to: >-
{% if groups['keystone_fernet_running'] is defined -%}
- {{ groups['keystone_fernet_running'][0] }}
- {%- else -%}{{ groups['keystone'][0] }}{%- endif %}
+ {{ groups['keystone_fernet_running'][0] }}{%- else -%}{{ groups['keystone'][0] }}{%- endif %}
diff --git a/ansible/roles/kibana/defaults/main.yml b/ansible/roles/kibana/defaults/main.yml
index ae102faf09..9f4935dca0 100644
--- a/ansible/roles/kibana/defaults/main.yml
+++ b/ansible/roles/kibana/defaults/main.yml
@@ -46,7 +46,7 @@ kibana_enable_healthchecks: "{{ enable_container_healthchecks }}"
kibana_healthcheck_interval: "{{ default_container_healthcheck_interval }}"
kibana_healthcheck_retries: "{{ default_container_healthcheck_retries }}"
kibana_healthcheck_start_period: "{{ default_container_healthcheck_start_period }}"
-kibana_healthcheck_test: ["CMD-SHELL", "healthcheck_curl http://{{ api_interface_address | put_address_in_context('url') }}:{{ kibana_server_port }}"]
+kibana_healthcheck_test: ["CMD-SHELL", "healthcheck_curl http://{{ api_interface_address | put_address_in_context('url') }}:{{ kibana_server_port }}"]
kibana_healthcheck_timeout: "{{ default_container_healthcheck_timeout }}"
kibana_healthcheck:
interval: "{{ kibana_healthcheck_interval }}"
diff --git a/ansible/roles/loadbalancer/defaults/main.yml b/ansible/roles/loadbalancer/defaults/main.yml
index 4582978e72..722d8a1033 100644
--- a/ansible/roles/loadbalancer/defaults/main.yml
+++ b/ansible/roles/loadbalancer/defaults/main.yml
@@ -64,7 +64,7 @@ haproxy_enable_healthchecks: "{{ enable_container_healthchecks }}"
haproxy_healthcheck_interval: "{{ default_container_healthcheck_interval }}"
haproxy_healthcheck_retries: "{{ default_container_healthcheck_retries }}"
haproxy_healthcheck_start_period: "{{ default_container_healthcheck_start_period }}"
-haproxy_healthcheck_test: ["CMD-SHELL", "healthcheck_curl http://{{ api_interface_address | put_address_in_context('url') }}:{{ haproxy_monitor_port }}"]
+haproxy_healthcheck_test: ["CMD-SHELL", "healthcheck_curl http://{{ api_interface_address | put_address_in_context('url') }}:{{ haproxy_monitor_port }}"]
haproxy_healthcheck_timeout: "{{ default_container_healthcheck_timeout }}"
haproxy_healthcheck:
interval: "{{ haproxy_healthcheck_interval }}"
diff --git a/ansible/roles/loadbalancer/tasks/precheck.yml b/ansible/roles/loadbalancer/tasks/precheck.yml
index 644682b4d2..d0218c53cf 100644
--- a/ansible/roles/loadbalancer/tasks/precheck.yml
+++ b/ansible/roles/loadbalancer/tasks/precheck.yml
@@ -101,16 +101,15 @@
- haproxy_enable_external_vip | bool
- not hostvars[inventory_hostname].ansible_facts[kolla_external_vip_interface]['active']
+# NOTE(hrw): let assume that each supported host OS has ping with ipv4/v6 support
- name: Checking if kolla_internal_vip_address and kolla_external_vip_address are not pingable from any node
- command: "{{ item.command }} -c 3 {{ item.address }}"
+ command: "ping -c 3 {{ item }}"
register: ping_output
changed_when: false
failed_when: ping_output.rc != 1
with_items:
- - address: "{{ kolla_internal_vip_address }}"
- command: "{{ 'ping' if kolla_internal_vip_address | ipv4 else 'ping6' }}"
- - address: "{{ kolla_external_vip_address }}"
- command: "{{ 'ping' if kolla_external_vip_address | ipv4 else 'ping6' }}"
+ - "{{ kolla_internal_vip_address }}"
+ - "{{ kolla_external_vip_address }}"
when:
- enable_keepalived | bool
- keepalived_vip_prechecks
@@ -195,7 +194,7 @@
- name: Getting haproxy stat
become: true
- shell: echo "show stat" | docker exec -i haproxy socat unix-connect:/var/lib/kolla/haproxy/haproxy.sock stdio # noqa 306
+ shell: echo "show stat" | docker exec -i haproxy socat unix-connect:/var/lib/kolla/haproxy/haproxy.sock stdio # noqa risky-shell-pipe
register: haproxy_stat_shell
changed_when: false
when: container_facts['haproxy'] is defined
diff --git a/ansible/roles/magnum/defaults/main.yml b/ansible/roles/magnum/defaults/main.yml
index a21e1aedfb..1a051095d8 100644
--- a/ansible/roles/magnum/defaults/main.yml
+++ b/ansible/roles/magnum/defaults/main.yml
@@ -82,7 +82,7 @@ magnum_api_enable_healthchecks: "{{ enable_container_healthchecks }}"
magnum_api_healthcheck_interval: "{{ default_container_healthcheck_interval }}"
magnum_api_healthcheck_retries: "{{ default_container_healthcheck_retries }}"
magnum_api_healthcheck_start_period: "{{ default_container_healthcheck_start_period }}"
-magnum_api_healthcheck_test: ["CMD-SHELL", "healthcheck_curl http://{{ api_interface_address | put_address_in_context('url') }}:{{ magnum_api_port }}"]
+magnum_api_healthcheck_test: ["CMD-SHELL", "healthcheck_curl http://{{ api_interface_address | put_address_in_context('url') }}:{{ magnum_api_port }}"]
magnum_api_healthcheck_timeout: "{{ default_container_healthcheck_timeout }}"
magnum_api_healthcheck:
interval: "{{ magnum_api_healthcheck_interval }}"
diff --git a/ansible/roles/manila/defaults/main.yml b/ansible/roles/manila/defaults/main.yml
index 7045160e67..895290a329 100644
--- a/ansible/roles/manila/defaults/main.yml
+++ b/ansible/roles/manila/defaults/main.yml
@@ -98,7 +98,7 @@ manila_api_enable_healthchecks: "{{ enable_container_healthchecks }}"
manila_api_healthcheck_interval: "{{ default_container_healthcheck_interval }}"
manila_api_healthcheck_retries: "{{ default_container_healthcheck_retries }}"
manila_api_healthcheck_start_period: "{{ default_container_healthcheck_start_period }}"
-manila_api_healthcheck_test: ["CMD-SHELL", "healthcheck_curl http://{{ api_interface_address | put_address_in_context('url') }}:{{ manila_api_port }}"]
+manila_api_healthcheck_test: ["CMD-SHELL", "healthcheck_curl http://{{ api_interface_address | put_address_in_context('url') }}:{{ manila_api_port }}"]
manila_api_healthcheck_timeout: "{{ default_container_healthcheck_timeout }}"
manila_api_healthcheck:
interval: "{{ manila_api_healthcheck_interval }}"
diff --git a/ansible/roles/mariadb/tasks/recover_cluster.yml b/ansible/roles/mariadb/tasks/recover_cluster.yml
index e02fd726ff..d0d86aef43 100644
--- a/ansible/roles/mariadb/tasks/recover_cluster.yml
+++ b/ansible/roles/mariadb/tasks/recover_cluster.yml
@@ -77,8 +77,8 @@
changed_when: false
- name: Writing hostname of host with the largest seqno to temp file
- copy:
- content: "{{ inventory_hostname }}"
+ template:
+ src: "hostname.j2"
dest: "{{ mariadb_recover_tmp_file_path }}"
mode: 0644
delegate_to: localhost
diff --git a/ansible/roles/mariadb/templates/hostname.j2 b/ansible/roles/mariadb/templates/hostname.j2
new file mode 100644
index 0000000000..1fad51f6ea
--- /dev/null
+++ b/ansible/roles/mariadb/templates/hostname.j2
@@ -0,0 +1 @@
+{{ inventory_hostname }}
diff --git a/ansible/roles/mistral/defaults/main.yml b/ansible/roles/mistral/defaults/main.yml
index c63cfbc6f5..b00acd8da3 100644
--- a/ansible/roles/mistral/defaults/main.yml
+++ b/ansible/roles/mistral/defaults/main.yml
@@ -96,7 +96,7 @@ mistral_api_enable_healthchecks: "{{ enable_container_healthchecks }}"
mistral_api_healthcheck_interval: "{{ default_container_healthcheck_interval }}"
mistral_api_healthcheck_retries: "{{ default_container_healthcheck_retries }}"
mistral_api_healthcheck_start_period: "{{ default_container_healthcheck_start_period }}"
-mistral_api_healthcheck_test: ["CMD-SHELL", "healthcheck_curl http://{{ api_interface_address | put_address_in_context('url') }}:{{ mistral_api_port }}"]
+mistral_api_healthcheck_test: ["CMD-SHELL", "healthcheck_curl http://{{ api_interface_address | put_address_in_context('url') }}:{{ mistral_api_port }}"]
mistral_api_healthcheck_timeout: "{{ default_container_healthcheck_timeout }}"
mistral_api_healthcheck:
interval: "{{ mistral_api_healthcheck_interval }}"
diff --git a/ansible/roles/neutron/defaults/main.yml b/ansible/roles/neutron/defaults/main.yml
index 16e6a58651..d0e0e7d075 100644
--- a/ansible/roles/neutron/defaults/main.yml
+++ b/ansible/roles/neutron/defaults/main.yml
@@ -31,25 +31,24 @@ neutron_services:
KOLLA_LEGACY_IPTABLES: "{{ neutron_legacy_iptables | bool | lower }}"
host_in_groups: >-
{{
- ( inventory_hostname in groups['compute']
+ (inventory_hostname in groups['compute']
or (enable_manila_backend_generic | bool and inventory_hostname in groups['manila-share'])
or inventory_hostname in groups['neutron-dhcp-agent']
or inventory_hostname in groups['neutron-l3-agent']
or inventory_hostname in groups['neutron-metadata-agent']
- and not enable_nova_fake | bool
- ) or
- ( inventory_hostname in groups['neutron-dhcp-agent']
+ and not enable_nova_fake | bool)
+ or
+ (inventory_hostname in groups['neutron-dhcp-agent']
or inventory_hostname in groups['neutron-l3-agent']
or inventory_hostname in groups['neutron-metadata-agent']
- and enable_nova_fake | bool
- )
+ and enable_nova_fake | bool)
}}
volumes: "{{ neutron_openvswitch_agent_default_volumes + neutron_openvswitch_agent_extra_volumes }}"
dimensions: "{{ neutron_openvswitch_agent_dimensions }}"
healthcheck: "{{ neutron_openvswitch_agent_healthcheck }}"
neutron-linuxbridge-agent:
container_name: "neutron_linuxbridge_agent"
- image: "{{ neutron_linuxbridge_agent_image_full }}"
+ image: "{{ neutron_linuxbridge_agent_image_full }}"
privileged: True
enabled: "{{ neutron_plugin_agent == 'linuxbridge' }}"
environment:
@@ -94,7 +93,7 @@ neutron_services:
container_name: "neutron_sriov_agent"
image: "{{ neutron_sriov_agent_image_full }}"
privileged: True
- enabled: "{{ enable_neutron_sriov | bool and neutron_plugin_agent not in ['vmware_nsxv', 'vmware_nsxv3', 'vmware_nsxp' ] }}"
+ enabled: "{{ enable_neutron_sriov | bool and neutron_plugin_agent not in ['vmware_nsxv', 'vmware_nsxv3', 'vmware_nsxp'] }}"
host_in_groups: "{{ inventory_hostname in groups['compute'] }}"
volumes: "{{ neutron_sriov_agent_default_volumes + neutron_sriov_agent_extra_volumes }}"
dimensions: "{{ neutron_sriov_agent_dimensions }}"
@@ -102,7 +101,7 @@ neutron_services:
neutron-mlnx-agent:
container_name: "neutron_mlnx_agent"
image: "{{ neutron_mlnx_agent_image_full }}"
- enabled: "{{ enable_neutron_mlnx | bool and neutron_plugin_agent not in ['vmware_nsxv', 'vmware_nsxv3', 'vmware_nsxp' ] }}"
+ enabled: "{{ enable_neutron_mlnx | bool and neutron_plugin_agent not in ['vmware_nsxv', 'vmware_nsxv3', 'vmware_nsxp'] }}"
host_in_groups: "{{ inventory_hostname in groups['compute'] }}"
volumes: "{{ neutron_mlnx_agent_default_volumes + neutron_mlnx_agent_extra_volumes }}"
dimensions: "{{ neutron_mlnx_agent_dimensions }}"
@@ -110,7 +109,7 @@ neutron_services:
container_name: "neutron_eswitchd"
image: "{{ neutron_eswitchd_image_full }}"
privileged: True
- enabled: "{{ enable_neutron_mlnx | bool and neutron_plugin_agent not in ['vmware_nsxv', 'vmware_nsxv3', 'vmware_nsxp' ] }}"
+ enabled: "{{ enable_neutron_mlnx | bool and neutron_plugin_agent not in ['vmware_nsxv', 'vmware_nsxv3', 'vmware_nsxp'] }}"
host_in_groups: "{{ inventory_hostname in groups['compute'] }}"
volumes: "{{ neutron_eswitchd_default_volumes + neutron_eswitchd_extra_volumes }}"
dimensions: "{{ neutron_eswitchd_dimensions }}"
@@ -118,7 +117,7 @@ neutron_services:
container_name: "neutron_metadata_agent"
image: "{{ neutron_metadata_agent_image_full }}"
privileged: True
- enabled: "{{ neutron_plugin_agent not in [ 'ovn', 'vmware_nsxv', 'vmware_nsxv3', 'vmware_nsxp' ] }}"
+ enabled: "{{ neutron_plugin_agent not in ['ovn', 'vmware_nsxv', 'vmware_nsxv3', 'vmware_nsxp'] }}"
host_in_groups: >-
{{
inventory_hostname in groups['neutron-metadata-agent']
@@ -398,7 +397,7 @@ neutron_server_enable_healthchecks: "{{ enable_container_healthchecks }}"
neutron_server_healthcheck_interval: "{{ default_container_healthcheck_interval }}"
neutron_server_healthcheck_retries: "{{ default_container_healthcheck_retries }}"
neutron_server_healthcheck_start_period: "{{ default_container_healthcheck_start_period }}"
-neutron_server_healthcheck_test: ["CMD-SHELL", "healthcheck_curl http://{% if neutron_enable_tls_backend | bool %}localhost{% else %}{{ api_interface_address | put_address_in_context('url') }}{% endif %}:{{ neutron_server_listen_port }}"]
+neutron_server_healthcheck_test: ["CMD-SHELL", "healthcheck_curl http://{% if neutron_enable_tls_backend | bool %}localhost{% else %}{{ api_interface_address | put_address_in_context('url') }}{% endif %}:{{ neutron_server_listen_port }}"]
neutron_server_healthcheck_timeout: "{{ default_container_healthcheck_timeout }}"
neutron_server_healthcheck:
interval: "{{ neutron_server_healthcheck_interval }}"
@@ -411,7 +410,7 @@ neutron_tls_proxy_enable_healthchecks: "{{ enable_container_healthchecks }}"
neutron_tls_proxy_healthcheck_interval: "{{ default_container_healthcheck_interval }}"
neutron_tls_proxy_healthcheck_retries: "{{ default_container_healthcheck_retries }}"
neutron_tls_proxy_healthcheck_start_period: "{{ default_container_healthcheck_start_period }}"
-neutron_tls_proxy_healthcheck_test: ["CMD-SHELL", "healthcheck_curl -u {{ haproxy_user }}:{{ haproxy_password }} {{ api_interface_address | put_address_in_context('url') }}:{{ neutron_tls_proxy_stats_port }}"]
+neutron_tls_proxy_healthcheck_test: ["CMD-SHELL", "healthcheck_curl -u {{ haproxy_user }}:{{ haproxy_password }} {{ api_interface_address | put_address_in_context('url') }}:{{ neutron_tls_proxy_stats_port }}"]
neutron_tls_proxy_healthcheck_timeout: "{{ default_container_healthcheck_timeout }}"
neutron_tls_proxy_healthcheck:
interval: "{{ neutron_tls_proxy_healthcheck_interval }}"
diff --git a/ansible/roles/neutron/tasks/config-host.yml b/ansible/roles/neutron/tasks/config-host.yml
index 80dfefca27..9ffd4cd7c6 100644
--- a/ansible/roles/neutron/tasks/config-host.yml
+++ b/ansible/roles/neutron/tasks/config-host.yml
@@ -9,7 +9,7 @@
neutron_services |
select_services_enabled_and_mapped_to_host |
list |
- intersect([ "neutron-l3-agent", "neutron-linuxbridge-agent", "neutron-openvswitch-agent" ]) |
+ intersect(["neutron-l3-agent", "neutron-linuxbridge-agent", "neutron-openvswitch-agent"]) |
list |
length > 0
diff --git a/ansible/roles/neutron/tasks/rolling_upgrade.yml b/ansible/roles/neutron/tasks/rolling_upgrade.yml
index ce6e2e372b..987e43851a 100644
--- a/ansible/roles/neutron/tasks/rolling_upgrade.yml
+++ b/ansible/roles/neutron/tasks/rolling_upgrade.yml
@@ -48,6 +48,7 @@
neutron_server: "{{ neutron_services['neutron-server'] }}"
first_neutron_server_host: "{{ groups[neutron_server.group][0] }}"
results_of_check_pending_contract_scripts: "{{ hostvars[first_neutron_server_host]['neutron_check_contract_db_stdout'] }}"
+ # NOTE(hrw): no idea
filter_rc: "results[?rc!=`0`]"
is_stop_neutron_server: "{{ results_of_check_pending_contract_scripts | json_query(filter_rc) }}"
become: true
diff --git a/ansible/roles/nova-cell/defaults/main.yml b/ansible/roles/nova-cell/defaults/main.yml
index f2c95471d2..5fc0a79f91 100644
--- a/ansible/roles/nova-cell/defaults/main.yml
+++ b/ansible/roles/nova-cell/defaults/main.yml
@@ -298,7 +298,7 @@ nova_novncproxy_enable_healthchecks: "{{ enable_container_healthchecks }}"
nova_novncproxy_healthcheck_interval: "{{ default_container_healthcheck_interval }}"
nova_novncproxy_healthcheck_retries: "{{ default_container_healthcheck_retries }}"
nova_novncproxy_healthcheck_start_period: "{{ default_container_healthcheck_start_period }}"
-nova_novncproxy_healthcheck_test: ["CMD-SHELL", "healthcheck_curl http://{{ api_interface_address | put_address_in_context('url') }}:{{ nova_novncproxy_listen_port }}/vnc_lite.html"]
+nova_novncproxy_healthcheck_test: ["CMD-SHELL", "healthcheck_curl http://{{ api_interface_address | put_address_in_context('url') }}:{{ nova_novncproxy_listen_port }}/vnc_lite.html"]
nova_novncproxy_healthcheck_timeout: "{{ default_container_healthcheck_timeout }}"
nova_novncproxy_healthcheck:
interval: "{{ nova_novncproxy_healthcheck_interval }}"
@@ -311,7 +311,7 @@ nova_spicehtml5proxy_enable_healthchecks: "{{ enable_container_healthchecks }}"
nova_spicehtml5proxy_healthcheck_interval: "{{ default_container_healthcheck_interval }}"
nova_spicehtml5proxy_healthcheck_retries: "{{ default_container_healthcheck_retries }}"
nova_spicehtml5proxy_healthcheck_start_period: "{{ default_container_healthcheck_start_period }}"
-nova_spicehtml5proxy_healthcheck_test: ["CMD-SHELL", "healthcheck_curl http://{{ api_interface_address | put_address_in_context('url') }}:{{ nova_spicehtml5proxy_listen_port }}/spice_auto.html"]
+nova_spicehtml5proxy_healthcheck_test: ["CMD-SHELL", "healthcheck_curl http://{{ api_interface_address | put_address_in_context('url') }}:{{ nova_spicehtml5proxy_listen_port }}/spice_auto.html"]
nova_spicehtml5proxy_healthcheck_timeout: "{{ default_container_healthcheck_timeout }}"
nova_spicehtml5proxy_healthcheck:
interval: "{{ nova_spicehtml5proxy_healthcheck_interval }}"
@@ -466,7 +466,7 @@ openstack_nova_auth: "{{ openstack_auth }}"
# Set to KOLLA_UNSET to make Kolla unset these in the managed sysctl.conf file.
nova_compute_host_rp_filter_mode: KOLLA_SKIP
-nova_libvirt_port: "{{'16514' if libvirt_tls | bool else '16509'}}"
+nova_libvirt_port: "{{ '16514' if libvirt_tls | bool else '16509' }}"
nova_ssh_port: "8022"
# NOTE(mgoddard): The order of this list defines the order in which services
diff --git a/ansible/roles/nova-cell/tasks/external_ceph.yml b/ansible/roles/nova-cell/tasks/external_ceph.yml
index 847dec0473..07324e99c1 100644
--- a/ansible/roles/nova-cell/tasks/external_ceph.yml
+++ b/ansible/roles/nova-cell/tasks/external_ceph.yml
@@ -157,8 +157,8 @@
- name: Pushing secrets key for libvirt
vars:
service: "{{ nova_cell_services['nova-libvirt'] }}"
- copy:
- content: "{{ item.result }}"
+ template:
+ src: "libvirt-secret.j2"
dest: "{{ libvirt_secrets_dir }}/{{ item.uuid }}.base64"
owner: "{{ config_owner_user }}"
group: "{{ config_owner_group }}"
diff --git a/ansible/roles/nova-cell/templates/libvirt-secret.j2 b/ansible/roles/nova-cell/templates/libvirt-secret.j2
new file mode 100644
index 0000000000..f0e80108ad
--- /dev/null
+++ b/ansible/roles/nova-cell/templates/libvirt-secret.j2
@@ -0,0 +1 @@
+{{ item.result }}
diff --git a/ansible/roles/nova/defaults/main.yml b/ansible/roles/nova/defaults/main.yml
index d35d241f54..42817bfd6b 100644
--- a/ansible/roles/nova/defaults/main.yml
+++ b/ansible/roles/nova/defaults/main.yml
@@ -116,7 +116,7 @@ nova_api_enable_healthchecks: "{{ enable_container_healthchecks }}"
nova_api_healthcheck_interval: "{{ default_container_healthcheck_interval }}"
nova_api_healthcheck_retries: "{{ default_container_healthcheck_retries }}"
nova_api_healthcheck_start_period: "{{ default_container_healthcheck_start_period }}"
-nova_api_healthcheck_test: ["CMD-SHELL", "healthcheck_curl {{ 'https' if nova_enable_tls_backend | bool else 'http' }}://{{ api_interface_address | put_address_in_context('url') }}:{{ nova_api_listen_port }} "]
+nova_api_healthcheck_test: ["CMD-SHELL", "healthcheck_curl {{ 'https' if nova_enable_tls_backend | bool else 'http' }}://{{ api_interface_address | put_address_in_context('url') }}:{{ nova_api_listen_port }} "]
nova_api_healthcheck_timeout: "{{ default_container_healthcheck_timeout }}"
nova_api_healthcheck:
interval: "{{ nova_api_healthcheck_interval }}"
diff --git a/ansible/roles/octavia/defaults/main.yml b/ansible/roles/octavia/defaults/main.yml
index 91f41f4352..ae428d4c78 100644
--- a/ansible/roles/octavia/defaults/main.yml
+++ b/ansible/roles/octavia/defaults/main.yml
@@ -119,7 +119,7 @@ octavia_api_enable_healthchecks: "{{ enable_container_healthchecks }}"
octavia_api_healthcheck_interval: "{{ default_container_healthcheck_interval }}"
octavia_api_healthcheck_retries: "{{ default_container_healthcheck_retries }}"
octavia_api_healthcheck_start_period: "{{ default_container_healthcheck_start_period }}"
-octavia_api_healthcheck_test: ["CMD-SHELL", "healthcheck_curl {{ 'https' if octavia_enable_tls_backend | bool else 'http' }}://{{ api_interface_address | put_address_in_context('url') }}:{{ octavia_api_listen_port }}"]
+octavia_api_healthcheck_test: ["CMD-SHELL", "healthcheck_curl {{ 'https' if octavia_enable_tls_backend | bool else 'http' }}://{{ api_interface_address | put_address_in_context('url') }}:{{ octavia_api_listen_port }}"]
octavia_api_healthcheck_timeout: "{{ default_container_healthcheck_timeout }}"
octavia_api_healthcheck:
interval: "{{ octavia_api_healthcheck_interval }}"
@@ -348,8 +348,8 @@ octavia_amp_network:
octavia_amp_network_cidr: 10.1.0.0/24
# Octavia provider drivers
-octavia_provider_drivers: "amphora:Amphora provider{% if neutron_plugin_agent == 'ovn'%}, ovn:OVN provider{% endif %}"
-octavia_provider_agents: "amphora_agent{% if neutron_plugin_agent == 'ovn'%}, ovn{% endif %}"
+octavia_provider_drivers: "amphora:Amphora provider{% if neutron_plugin_agent == 'ovn' %}, ovn:OVN provider{% endif %}"
+octavia_provider_agents: "amphora_agent{% if neutron_plugin_agent == 'ovn' %}, ovn{% endif %}"
####################
# TLS
diff --git a/ansible/roles/octavia/tasks/config.yml b/ansible/roles/octavia/tasks/config.yml
index 818f0e14e6..ee0b1d9ea9 100644
--- a/ansible/roles/octavia/tasks/config.yml
+++ b/ansible/roles/octavia/tasks/config.yml
@@ -103,8 +103,8 @@
- block:
- name: Copying over Octavia SSH key
- copy:
- content: "{{ octavia_amp_ssh_key.private_key }}"
+ template:
+ src: "octavia-ssh-key.j2"
dest: "{{ node_config_directory }}/octavia-worker/{{ octavia_amp_ssh_key_name }}"
owner: "{{ config_owner_user }}"
group: "{{ config_owner_group }}"
diff --git a/ansible/roles/octavia/templates/octavia-ssh-key.j2 b/ansible/roles/octavia/templates/octavia-ssh-key.j2
new file mode 100644
index 0000000000..a11b0eb6b4
--- /dev/null
+++ b/ansible/roles/octavia/templates/octavia-ssh-key.j2
@@ -0,0 +1 @@
+{{ octavia_amp_ssh_key.private_key }}
diff --git a/ansible/roles/ovn/tasks/bootstrap.yml b/ansible/roles/ovn/tasks/bootstrap.yml
index ddb3cfa8b3..6da56297b5 100644
--- a/ansible/roles/ovn/tasks/bootstrap.yml
+++ b/ansible/roles/ovn/tasks/bootstrap.yml
@@ -12,7 +12,7 @@
- name: Configure OVN in OVSDB
vars:
ovn_mappings: "{% for bridge in neutron_bridge_name.split(',') %}physnet{{ loop.index0 + 1 }}:{{ bridge }}{% if not loop.last %},{% endif %}{% endfor %}"
- ovn_macs: "{% for bridge in neutron_bridge_name.split(',') %}physnet{{ loop.index0 + 1 }}:{{ ovn_base_mac | random_mac(seed=inventory_hostname+bridge) }}{% if not loop.last %},{% endif %}{% endfor %}"
+ ovn_macs: "{% for bridge in neutron_bridge_name.split(',') %}physnet{{ loop.index0 + 1 }}:{{ ovn_base_mac | random_mac(seed=inventory_hostname + bridge) }}{% if not loop.last %},{% endif %}{% endfor %}"
ovn_cms_opts: "{{ 'enable-chassis-as-gw' if inventory_hostname in groups['ovn-controller-network'] else '' }}"
become: true
kolla_toolbox:
diff --git a/ansible/roles/ovs-dpdk/handlers/main.yml b/ansible/roles/ovs-dpdk/handlers/main.yml
index c507d1c1b5..7dbe94f2d4 100644
--- a/ansible/roles/ovs-dpdk/handlers/main.yml
+++ b/ansible/roles/ovs-dpdk/handlers/main.yml
@@ -85,13 +85,13 @@
or inventory_hostname in groups['neutron-metadata-agent'])
- ovs_physical_port_policy == 'named'
-- name: wait for dpdk tunnel ip
+- name: Wait for dpdk tunnel ip
wait_for:
host: "{{ dpdk_tunnel_interface_address }}"
timeout: 300
sleep: 5
-- name: ovs-dpdk gather facts
+- name: OVS-DPDK gather facts
setup:
filter: ansible_*
when:
diff --git a/ansible/roles/placement/defaults/main.yml b/ansible/roles/placement/defaults/main.yml
index 3a222b719a..a287454e62 100644
--- a/ansible/roles/placement/defaults/main.yml
+++ b/ansible/roles/placement/defaults/main.yml
@@ -60,7 +60,7 @@ placement_api_enable_healthchecks: "{{ enable_container_healthchecks }}"
placement_api_healthcheck_interval: "{{ default_container_healthcheck_interval }}"
placement_api_healthcheck_retries: "{{ default_container_healthcheck_retries }}"
placement_api_healthcheck_start_period: "{{ default_container_healthcheck_start_period }}"
-placement_api_healthcheck_test: ["CMD-SHELL", "healthcheck_curl {{ 'https' if placement_enable_tls_backend | bool else 'http' }}://{{ api_interface_address | put_address_in_context('url') }}:{{ placement_api_listen_port }}"]
+placement_api_healthcheck_test: ["CMD-SHELL", "healthcheck_curl {{ 'https' if placement_enable_tls_backend | bool else 'http' }}://{{ api_interface_address | put_address_in_context('url') }}:{{ placement_api_listen_port }}"]
placement_api_healthcheck_timeout: "{{ default_container_healthcheck_timeout }}"
placement_api_healthcheck:
interval: "{{ placement_api_healthcheck_interval }}"
diff --git a/ansible/roles/prechecks/tasks/service_checks.yml b/ansible/roles/prechecks/tasks/service_checks.yml
index 73809a6b15..864c8a51b2 100644
--- a/ansible/roles/prechecks/tasks/service_checks.yml
+++ b/ansible/roles/prechecks/tasks/service_checks.yml
@@ -6,7 +6,7 @@
changed_when: false
when: inventory_hostname in groups['baremetal']
failed_when: result is failed
- or result.stdout | regex_replace('.*\\b(\\d+\\.\\d+\\.\\d+)\\b.*', '\\1') is version(docker_version_min, '<')
+ or result.stdout | regex_replace('.*\\b(\\d+\\.\\d+\\.\\d+)\\b.*', '\\1') is version(docker_version_min, '<')
# NOTE(mgoddard): If passwords.yml is encrypted using ansible-vault, this check
# will pass, but only because nothing in the vault file has the format of a
@@ -18,7 +18,7 @@
run_once: True
register: result
changed_when: false
- failed_when: result.stdout | regex_replace('(.*ssh_key.*)', '') is search(":")
+ failed_when: result.stdout | regex_replace('(.*ssh_key.*)', '') is search(":")
- name: Check if nscd is running
command: pgrep nscd
diff --git a/ansible/roles/proxysql-config/defaults/main.yml b/ansible/roles/proxysql-config/defaults/main.yml
index 085ceb80c1..f09305d9f4 100644
--- a/ansible/roles/proxysql-config/defaults/main.yml
+++ b/ansible/roles/proxysql-config/defaults/main.yml
@@ -1,6 +1,6 @@
---
proxysql_project_database_shard: "{{ lookup('vars', (kolla_role_name | default(project_name)) + '_database_shard', default=omit) }}"
# NOTE(kevko): Kolla_role_name and replace is used only because of nova-cell
-proxysql_project: "{{ kolla_role_name | default(project_name) | replace('_','-') }}"
+proxysql_project: "{{ kolla_role_name | default(project_name) | replace('_', '-') }}"
proxysql_config_users: "{% if proxysql_project_database_shard is defined and proxysql_project_database_shard['users'] is defined %}True{% else %}False{% endif %}"
proxysql_config_rules: "{% if proxysql_project_database_shard is defined and proxysql_project_database_shard['rules'] is defined %}True{% else %}False{% endif %}"
diff --git a/ansible/roles/sahara/defaults/main.yml b/ansible/roles/sahara/defaults/main.yml
index 7f1a82b707..7d746c23b1 100644
--- a/ansible/roles/sahara/defaults/main.yml
+++ b/ansible/roles/sahara/defaults/main.yml
@@ -71,7 +71,7 @@ sahara_api_enable_healthchecks: "{{ enable_container_healthchecks }}"
sahara_api_healthcheck_interval: "{{ default_container_healthcheck_interval }}"
sahara_api_healthcheck_retries: "{{ default_container_healthcheck_retries }}"
sahara_api_healthcheck_start_period: "{{ default_container_healthcheck_start_period }}"
-sahara_api_healthcheck_test: ["CMD-SHELL", "healthcheck_curl http://{{ api_interface_address | put_address_in_context('url') }}:{{ sahara_api_port }}"]
+sahara_api_healthcheck_test: ["CMD-SHELL", "healthcheck_curl http://{{ api_interface_address | put_address_in_context('url') }}:{{ sahara_api_port }}"]
sahara_api_healthcheck_timeout: "{{ default_container_healthcheck_timeout }}"
sahara_api_healthcheck:
interval: "{{ sahara_api_healthcheck_interval }}"
diff --git a/ansible/roles/senlin/defaults/main.yml b/ansible/roles/senlin/defaults/main.yml
index 591885baab..ded678fb34 100644
--- a/ansible/roles/senlin/defaults/main.yml
+++ b/ansible/roles/senlin/defaults/main.yml
@@ -97,7 +97,7 @@ senlin_api_enable_healthchecks: "{{ enable_container_healthchecks }}"
senlin_api_healthcheck_interval: "{{ default_container_healthcheck_interval }}"
senlin_api_healthcheck_retries: "{{ default_container_healthcheck_retries }}"
senlin_api_healthcheck_start_period: "{{ default_container_healthcheck_start_period }}"
-senlin_api_healthcheck_test: ["CMD-SHELL", "healthcheck_curl http://{{ api_interface_address | put_address_in_context('url') }}:{{ senlin_api_listen_port }}"]
+senlin_api_healthcheck_test: ["CMD-SHELL", "healthcheck_curl http://{{ api_interface_address | put_address_in_context('url') }}:{{ senlin_api_listen_port }}"]
senlin_api_healthcheck_timeout: "{{ default_container_healthcheck_timeout }}"
senlin_api_healthcheck:
interval: "{{ senlin_api_healthcheck_interval }}"
diff --git a/ansible/roles/solum/defaults/main.yml b/ansible/roles/solum/defaults/main.yml
index 77c2c4c795..766dea8ec4 100644
--- a/ansible/roles/solum/defaults/main.yml
+++ b/ansible/roles/solum/defaults/main.yml
@@ -109,7 +109,7 @@ solum_api_enable_healthchecks: "{{ enable_container_healthchecks }}"
solum_api_healthcheck_interval: "{{ default_container_healthcheck_interval }}"
solum_api_healthcheck_retries: "{{ default_container_healthcheck_retries }}"
solum_api_healthcheck_start_period: "{{ default_container_healthcheck_start_period }}"
-solum_api_healthcheck_test: ["CMD-SHELL", "healthcheck_curl http://{{ api_interface_address | put_address_in_context('url') }}:{{ solum_application_deployment_port }}"]
+solum_api_healthcheck_test: ["CMD-SHELL", "healthcheck_curl http://{{ api_interface_address | put_address_in_context('url') }}:{{ solum_application_deployment_port }}"]
solum_api_healthcheck_timeout: "{{ default_container_healthcheck_timeout }}"
solum_api_healthcheck:
interval: "{{ solum_api_healthcheck_interval }}"
diff --git a/ansible/roles/swift/defaults/main.yml b/ansible/roles/swift/defaults/main.yml
index c1e64c8bdc..4469d7cd68 100644
--- a/ansible/roles/swift/defaults/main.yml
+++ b/ansible/roles/swift/defaults/main.yml
@@ -44,7 +44,7 @@ swift_rsyncd_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ do
swift_rsyncd_tag: "{{ swift_tag }}"
swift_rsyncd_image_full: "{{ swift_rsyncd_image }}:{{ swift_rsyncd_tag }}"
-swift_log_level: "{{ 'DEBUG' if openstack_logging_debug | bool else 'INFO'}}"
+swift_log_level: "{{ 'DEBUG' if openstack_logging_debug | bool else 'INFO' }}"
####################
# OpenStack
diff --git a/ansible/roles/swift/tasks/stop.yml b/ansible/roles/swift/tasks/stop.yml
index 4edd2ae3b3..39fe0329ac 100644
--- a/ansible/roles/swift/tasks/stop.yml
+++ b/ansible/roles/swift/tasks/stop.yml
@@ -5,9 +5,9 @@
action: "stop_container"
common_options: "{{ docker_common_options }}"
name: "swift_rsyncd"
- when: ( inventory_hostname in groups['swift-account-server'] or
+ when: (inventory_hostname in groups['swift-account-server'] or
inventory_hostname in groups['swift-container-server'] or
- inventory_hostname in groups['swift-object-server'] ) and
+ inventory_hostname in groups['swift-object-server']) and
'swift_rsyncd' not in skip_stop_containers
- name: Stopping swift-account-server container
diff --git a/ansible/roles/tacker/defaults/main.yml b/ansible/roles/tacker/defaults/main.yml
index 322dc3f7da..8ec8233787 100644
--- a/ansible/roles/tacker/defaults/main.yml
+++ b/ansible/roles/tacker/defaults/main.yml
@@ -73,7 +73,7 @@ tacker_server_enable_healthchecks: "{{ enable_container_healthchecks }}"
tacker_server_healthcheck_interval: "{{ default_container_healthcheck_interval }}"
tacker_server_healthcheck_retries: "{{ default_container_healthcheck_retries }}"
tacker_server_healthcheck_start_period: "{{ default_container_healthcheck_start_period }}"
-tacker_server_healthcheck_test: ["CMD-SHELL", "healthcheck_curl http://{{ api_interface_address | put_address_in_context('url') }}:{{ tacker_server_port }}"]
+tacker_server_healthcheck_test: ["CMD-SHELL", "healthcheck_curl http://{{ api_interface_address | put_address_in_context('url') }}:{{ tacker_server_port }}"]
tacker_server_healthcheck_timeout: "{{ default_container_healthcheck_timeout }}"
tacker_server_healthcheck:
interval: "{{ tacker_server_healthcheck_interval }}"
diff --git a/ansible/roles/trove/defaults/main.yml b/ansible/roles/trove/defaults/main.yml
index ec74b61580..1971f4a36a 100644
--- a/ansible/roles/trove/defaults/main.yml
+++ b/ansible/roles/trove/defaults/main.yml
@@ -83,7 +83,7 @@ trove_api_enable_healthchecks: "{{ enable_container_healthchecks }}"
trove_api_healthcheck_interval: "{{ default_container_healthcheck_interval }}"
trove_api_healthcheck_retries: "{{ default_container_healthcheck_retries }}"
trove_api_healthcheck_start_period: "{{ default_container_healthcheck_start_period }}"
-trove_api_healthcheck_test: ["CMD-SHELL", "healthcheck_curl http://{{ api_interface_address | put_address_in_context('url') }}:{{ trove_api_port }}"]
+trove_api_healthcheck_test: ["CMD-SHELL", "healthcheck_curl http://{{ api_interface_address | put_address_in_context('url') }}:{{ trove_api_port }}"]
trove_api_healthcheck_timeout: "{{ default_container_healthcheck_timeout }}"
trove_api_healthcheck:
interval: "{{ trove_api_healthcheck_interval }}"
diff --git a/ansible/roles/venus/defaults/main.yml b/ansible/roles/venus/defaults/main.yml
index bb237c260b..a1a7021a11 100644
--- a/ansible/roles/venus/defaults/main.yml
+++ b/ansible/roles/venus/defaults/main.yml
@@ -55,7 +55,7 @@ venus_api_enable_healthchecks: "{{ enable_container_healthchecks }}"
venus_api_healthcheck_interval: "{{ default_container_healthcheck_interval }}"
venus_api_healthcheck_retries: "{{ default_container_healthcheck_retries }}"
venus_api_healthcheck_start_period: "{{ default_container_healthcheck_start_period }}"
-venus_api_healthcheck_test: ["CMD-SHELL", "healthcheck_curl http://{{ api_interface_address | put_address_in_context('url') }}:{{ venus_api_port }}"]
+venus_api_healthcheck_test: ["CMD-SHELL", "healthcheck_curl http://{{ api_interface_address | put_address_in_context('url') }}:{{ venus_api_port }}"]
venus_api_healthcheck_timeout: "{{ default_container_healthcheck_timeout }}"
venus_api_healthcheck:
interval: "{{ venus_api_healthcheck_interval }}"
diff --git a/ansible/roles/vitrage/defaults/main.yml b/ansible/roles/vitrage/defaults/main.yml
index e5baff59dd..bbe74ebf5c 100644
--- a/ansible/roles/vitrage/defaults/main.yml
+++ b/ansible/roles/vitrage/defaults/main.yml
@@ -109,7 +109,7 @@ vitrage_api_enable_healthchecks: "{{ enable_container_healthchecks }}"
vitrage_api_healthcheck_interval: "{{ default_container_healthcheck_interval }}"
vitrage_api_healthcheck_retries: "{{ default_container_healthcheck_retries }}"
vitrage_api_healthcheck_start_period: "{{ default_container_healthcheck_start_period }}"
-vitrage_api_healthcheck_test: ["CMD-SHELL", "healthcheck_curl http://{{ api_interface_address | put_address_in_context('url') }}:{{ vitrage_api_port }}"]
+vitrage_api_healthcheck_test: ["CMD-SHELL", "healthcheck_curl http://{{ api_interface_address | put_address_in_context('url') }}:{{ vitrage_api_port }}"]
vitrage_api_healthcheck_timeout: "{{ default_container_healthcheck_timeout }}"
vitrage_api_healthcheck:
interval: "{{ vitrage_api_healthcheck_interval }}"
diff --git a/ansible/roles/watcher/defaults/main.yml b/ansible/roles/watcher/defaults/main.yml
index 39f498b273..35df766ecb 100644
--- a/ansible/roles/watcher/defaults/main.yml
+++ b/ansible/roles/watcher/defaults/main.yml
@@ -83,7 +83,7 @@ watcher_api_enable_healthchecks: "{{ enable_container_healthchecks }}"
watcher_api_healthcheck_interval: "{{ default_container_healthcheck_interval }}"
watcher_api_healthcheck_retries: "{{ default_container_healthcheck_retries }}"
watcher_api_healthcheck_start_period: "{{ default_container_healthcheck_start_period }}"
-watcher_api_healthcheck_test: ["CMD-SHELL", "healthcheck_curl http://{{ api_interface_address | put_address_in_context('url') }}:{{ watcher_api_port }}"]
+watcher_api_healthcheck_test: ["CMD-SHELL", "healthcheck_curl http://{{ api_interface_address | put_address_in_context('url') }}:{{ watcher_api_port }}"]
watcher_api_healthcheck_timeout: "{{ default_container_healthcheck_timeout }}"
watcher_api_healthcheck:
interval: "{{ watcher_api_healthcheck_interval }}"
diff --git a/ansible/roles/zun/defaults/main.yml b/ansible/roles/zun/defaults/main.yml
index 4f2889f779..8a2533d007 100644
--- a/ansible/roles/zun/defaults/main.yml
+++ b/ansible/roles/zun/defaults/main.yml
@@ -109,7 +109,7 @@ zun_api_enable_healthchecks: "{{ enable_container_healthchecks }}"
zun_api_healthcheck_interval: "{{ default_container_healthcheck_interval }}"
zun_api_healthcheck_retries: "{{ default_container_healthcheck_retries }}"
zun_api_healthcheck_start_period: "{{ default_container_healthcheck_start_period }}"
-zun_api_healthcheck_test: ["CMD-SHELL", "healthcheck_curl http://{{ api_interface_address | put_address_in_context('url') }}:{{ zun_api_port }}"]
+zun_api_healthcheck_test: ["CMD-SHELL", "healthcheck_curl http://{{ api_interface_address | put_address_in_context('url') }}:{{ zun_api_port }}"]
zun_api_healthcheck_timeout: "{{ default_container_healthcheck_timeout }}"
zun_api_healthcheck:
interval: "{{ zun_api_healthcheck_interval }}"