From b123bf662129fea4ad44dbc7975009a081dded1c Mon Sep 17 00:00:00 2001 From: Mark Goddard Date: Tue, 9 Apr 2019 11:59:02 +0000 Subject: [PATCH] Use become for all docker tasks Many tasks that use Docker have become specified already, but not all. This change ensures all tasks that use the following modules have become: * kolla_docker * kolla_ceph_keyring * kolla_toolbox * kolla_container_facts It also adds become for 'command' tasks that use docker CLI. Change-Id: I4a5ebcedaccb9261dbc958ec67e8077d7980e496 --- ansible/roles/aodh/tasks/bootstrap.yml | 2 ++ ansible/roles/aodh/tasks/precheck.yml | 1 + ansible/roles/aodh/tasks/register.yml | 2 ++ ansible/roles/barbican/tasks/bootstrap.yml | 2 ++ ansible/roles/barbican/tasks/check.yml | 3 +++ ansible/roles/barbican/tasks/precheck.yml | 1 + ansible/roles/barbican/tasks/register.yml | 3 +++ ansible/roles/bifrost/tasks/bootstrap.yml | 3 +++ .../roles/bifrost/tasks/deploy-servers.yml | 2 ++ ansible/roles/bifrost/tasks/reconfigure.yml | 1 + ansible/roles/bifrost/tasks/stop.yml | 1 + ansible/roles/blazar/tasks/bootstrap.yml | 3 +++ ansible/roles/blazar/tasks/precheck.yml | 1 + ansible/roles/blazar/tasks/register.yml | 2 ++ ansible/roles/ceilometer/handlers/main.yml | 1 + ansible/roles/ceilometer/tasks/register.yml | 2 ++ ansible/roles/ceph/tasks/bootstrap_osds.yml | 2 ++ ansible/roles/ceph/tasks/deploy.yml | 1 + .../roles/ceph/tasks/distribute_keyrings.yml | 1 + ansible/roles/ceph/tasks/precheck.yml | 1 + ansible/roles/ceph/tasks/reconfigure.yml | 4 ++++ .../roles/ceph/tasks/start_ceph_dashboard.yml | 1 + ansible/roles/ceph/tasks/start_mdss.yml | 3 +++ ansible/roles/ceph/tasks/start_mgrs.yml | 2 ++ ansible/roles/ceph/tasks/start_osds.yml | 1 + .../roles/ceph/tasks/start_rgw_keystone.yml | 3 +++ ansible/roles/ceph/tasks/stop.yml | 7 ++++++ ansible/roles/ceph/tasks/upgrade.yml | 2 ++ ansible/roles/ceph_pools.yml | 13 +++++++++++ ansible/roles/cinder/tasks/bootstrap.yml | 2 ++ ansible/roles/cinder/tasks/ceph.yml | 2 ++ ansible/roles/cinder/tasks/check.yml | 2 ++ ansible/roles/cinder/tasks/precheck.yml | 1 + ansible/roles/cinder/tasks/register.yml | 2 ++ ansible/roles/cloudkitty/tasks/bootstrap.yml | 2 ++ ansible/roles/cloudkitty/tasks/precheck.yml | 1 + ansible/roles/cloudkitty/tasks/register.yml | 3 +++ ansible/roles/common/handlers/main.yml | 1 + ansible/roles/congress/tasks/bootstrap.yml | 2 ++ ansible/roles/congress/tasks/precheck.yml | 1 + ansible/roles/congress/tasks/register.yml | 2 ++ ansible/roles/cyborg/handlers/main.yml | 3 +++ ansible/roles/cyborg/tasks/bootstrap.yml | 2 ++ .../roles/cyborg/tasks/bootstrap_service.yml | 1 + ansible/roles/cyborg/tasks/config.yml | 1 + ansible/roles/cyborg/tasks/precheck.yml | 1 + ansible/roles/cyborg/tasks/register.yml | 2 ++ ansible/roles/designate/tasks/bootstrap.yml | 2 ++ ansible/roles/designate/tasks/precheck.yml | 1 + ansible/roles/designate/tasks/register.yml | 2 ++ .../roles/designate/tasks/update_pools.yml | 1 + .../roles/elasticsearch/tasks/precheck.yml | 1 + ansible/roles/etcd/tasks/precheck.yml | 1 + ansible/roles/freezer/tasks/precheck.yml | 1 + ansible/roles/freezer/tasks/register.yml | 2 ++ ansible/roles/glance/tasks/bootstrap.yml | 2 ++ .../roles/glance/tasks/bootstrap_service.yml | 2 ++ ansible/roles/glance/tasks/ceph.yml | 1 + ansible/roles/glance/tasks/check.yml | 2 ++ ansible/roles/glance/tasks/precheck.yml | 1 + ansible/roles/glance/tasks/register.yml | 2 ++ .../roles/glance/tasks/rolling_upgrade.yml | 2 ++ ansible/roles/gnocchi/tasks/bootstrap.yml | 2 ++ ansible/roles/gnocchi/tasks/ceph.yml | 1 + ansible/roles/gnocchi/tasks/precheck.yml | 1 + ansible/roles/gnocchi/tasks/register.yml | 2 ++ ansible/roles/grafana/tasks/bootstrap.yml | 2 ++ ansible/roles/grafana/tasks/precheck.yml | 1 + ansible/roles/haproxy/tasks/precheck.yml | 1 + ansible/roles/heat/tasks/bootstrap.yml | 2 ++ ansible/roles/heat/tasks/precheck.yml | 1 + ansible/roles/heat/tasks/register.yml | 5 +++++ ansible/roles/horizon/tasks/bootstrap.yml | 2 ++ ansible/roles/horizon/tasks/precheck.yml | 1 + ansible/roles/influxdb/tasks/precheck.yml | 1 + ansible/roles/ironic/handlers/main.yml | 1 + ansible/roles/ironic/tasks/bootstrap.yml | 2 ++ ansible/roles/ironic/tasks/precheck.yml | 1 + ansible/roles/ironic/tasks/register.yml | 4 ++++ .../roles/ironic/tasks/rolling_upgrade.yml | 1 + ansible/roles/iscsi/tasks/config.yml | 1 + ansible/roles/iscsi/tasks/precheck.yml | 1 + ansible/roles/iscsi/tasks/pull.yml | 1 + ansible/roles/kafka/tasks/precheck.yml | 1 + ansible/roles/karbor/tasks/bootstrap.yml | 2 ++ ansible/roles/karbor/tasks/precheck.yml | 1 + ansible/roles/karbor/tasks/register.yml | 2 ++ ansible/roles/keystone/tasks/bootstrap.yml | 2 ++ ansible/roles/keystone/tasks/check.yml | 1 + ansible/roles/keystone/tasks/init_fernet.yml | 2 ++ ansible/roles/keystone/tasks/precheck.yml | 1 + ansible/roles/keystone/tasks/register.yml | 3 +++ ansible/roles/keystone/tasks/upgrade.yml | 2 ++ ansible/roles/kibana/tasks/precheck.yml | 1 + ansible/roles/kuryr/tasks/precheck.yml | 1 + ansible/roles/kuryr/tasks/register.yml | 1 + ansible/roles/magnum/tasks/bootstrap.yml | 2 ++ ansible/roles/magnum/tasks/precheck.yml | 1 + ansible/roles/magnum/tasks/register.yml | 5 +++++ ansible/roles/manila/tasks/bootstrap.yml | 2 ++ ansible/roles/manila/tasks/ceph.yml | 1 + .../roles/manila/tasks/fix_cephfs_owner.yml | 10 +++++++++ ansible/roles/manila/tasks/precheck.yml | 1 + ansible/roles/manila/tasks/register.yml | 2 ++ ansible/roles/mariadb/tasks/backup.yml | 1 + ansible/roles/mariadb/tasks/check.yml | 1 + ansible/roles/mariadb/tasks/precheck.yml | 1 + .../roles/mariadb/tasks/recover_cluster.yml | 4 ++++ ansible/roles/mariadb/tasks/register.yml | 4 ++++ ansible/roles/memcached/tasks/precheck.yml | 1 + ansible/roles/mistral/tasks/bootstrap.yml | 2 ++ ansible/roles/mistral/tasks/precheck.yml | 1 + ansible/roles/mistral/tasks/register.yml | 2 ++ ansible/roles/monasca/handlers/main.yml | 9 ++++++++ ansible/roles/monasca/tasks/bootstrap.yml | 4 ++++ ansible/roles/monasca/tasks/precheck.yml | 1 + ansible/roles/monasca/tasks/register.yml | 5 +++++ ansible/roles/mongodb/handlers/main.yml | 1 + .../roles/mongodb/tasks/bootstrap_cluster.yml | 1 + ansible/roles/mongodb/tasks/precheck.yml | 1 + ansible/roles/multipathd/tasks/config.yml | 1 + ansible/roles/murano/tasks/bootstrap.yml | 2 ++ .../murano/tasks/import_library_packages.yml | 3 +++ ansible/roles/murano/tasks/precheck.yml | 1 + ansible/roles/murano/tasks/register.yml | 2 ++ ansible/roles/neutron/tasks/bootstrap.yml | 2 ++ ansible/roles/neutron/tasks/precheck.yml | 1 + ansible/roles/neutron/tasks/register.yml | 2 ++ .../roles/neutron/tasks/rolling_upgrade.yml | 2 ++ ansible/roles/nova/tasks/bootstrap.yml | 2 ++ ansible/roles/nova/tasks/ceph.yml | 2 ++ .../roles/nova/tasks/discover_computes.yml | 3 +++ ansible/roles/nova/tasks/precheck.yml | 1 + ansible/roles/nova/tasks/register.yml | 2 ++ ansible/roles/octavia/tasks/bootstrap.yml | 2 ++ ansible/roles/octavia/tasks/precheck.yml | 1 + ansible/roles/octavia/tasks/register.yml | 4 ++++ ansible/roles/opendaylight/tasks/precheck.yml | 1 + ansible/roles/openvswitch/handlers/main.yml | 1 + .../openvswitch/tasks/ensure-ovs-bridge.yml | 1 + ansible/roles/openvswitch/tasks/precheck.yml | 1 + ansible/roles/ovs-dpdk/handlers/main.yml | 3 +++ ansible/roles/panko/tasks/bootstrap.yml | 3 +++ ansible/roles/panko/tasks/precheck.yml | 1 + ansible/roles/panko/tasks/register.yml | 2 ++ ansible/roles/placement/tasks/bootstrap.yml | 2 ++ ansible/roles/placement/tasks/precheck.yml | 1 + ansible/roles/placement/tasks/register.yml | 2 ++ .../roles/prechecks/tasks/service_checks.yml | 1 + ansible/roles/prometheus/handlers/main.yml | 3 +++ ansible/roles/prometheus/tasks/bootstrap.yml | 1 + ansible/roles/prometheus/tasks/precheck.yml | 1 + ansible/roles/qdrouterd/tasks/precheck.yml | 1 + ansible/roles/qinling/tasks/precheck.yml | 1 + ansible/roles/rabbitmq/handlers/main.yml | 1 + ansible/roles/rabbitmq/tasks/precheck.yml | 1 + ansible/roles/rally/tasks/bootstrap.yml | 2 ++ ansible/roles/redis/tasks/check.yml | 1 + ansible/roles/redis/tasks/precheck.yml | 1 + ansible/roles/sahara/tasks/bootstrap.yml | 2 ++ ansible/roles/sahara/tasks/precheck.yml | 1 + ansible/roles/sahara/tasks/register.yml | 2 ++ ansible/roles/searchlight/tasks/precheck.yml | 1 + ansible/roles/searchlight/tasks/register.yml | 2 ++ ansible/roles/senlin/tasks/bootstrap.yml | 2 ++ ansible/roles/senlin/tasks/precheck.yml | 1 + ansible/roles/senlin/tasks/register.yml | 2 ++ ansible/roles/service-stop/tasks/main.yml | 1 + ansible/roles/skydive/tasks/precheck.yml | 1 + ansible/roles/solum/tasks/bootstrap.yml | 2 ++ ansible/roles/solum/tasks/precheck.yml | 1 + ansible/roles/solum/tasks/register.yml | 3 +++ ansible/roles/storm/handlers/main.yml | 2 ++ ansible/roles/storm/tasks/config.yml | 1 + ansible/roles/storm/tasks/precheck.yml | 1 + ansible/roles/storm/tasks/pull.yml | 1 + ansible/roles/swift/tasks/check.yml | 1 + ansible/roles/swift/tasks/precheck.yml | 1 + ansible/roles/swift/tasks/reconfigure.yml | 1 + ansible/roles/swift/tasks/register.yml | 3 +++ ansible/roles/swift/tasks/start.yml | 1 + ansible/roles/swift/tasks/stop.yml | 15 +++++++++++++ ansible/roles/tacker/tasks/bootstrap.yml | 2 ++ ansible/roles/tacker/tasks/precheck.yml | 1 + ansible/roles/tacker/tasks/register.yml | 2 ++ ansible/roles/trove/tasks/bootstrap.yml | 2 ++ ansible/roles/trove/tasks/precheck.yml | 1 + ansible/roles/trove/tasks/register.yml | 2 ++ ansible/roles/vitrage/tasks/bootstrap.yml | 2 ++ ansible/roles/vitrage/tasks/precheck.yml | 1 + ansible/roles/vitrage/tasks/register.yml | 3 +++ ansible/roles/watcher/tasks/bootstrap.yml | 2 ++ ansible/roles/watcher/tasks/precheck.yml | 1 + ansible/roles/watcher/tasks/register.yml | 2 ++ ansible/roles/zookeeper/tasks/precheck.yml | 1 + ansible/roles/zun/handlers/main.yml | 1 + ansible/roles/zun/tasks/bootstrap.yml | 2 ++ ansible/roles/zun/tasks/precheck.yml | 1 + ansible/roles/zun/tasks/register.yml | 2 ++ tools/cleanup-containers | 22 +++++++++---------- tools/cleanup-images | 10 ++++----- tools/validate-docker-execute.sh | 2 +- 202 files changed, 400 insertions(+), 17 deletions(-) diff --git a/ansible/roles/aodh/tasks/bootstrap.yml b/ansible/roles/aodh/tasks/bootstrap.yml index daf9c5f493..8e1f08c082 100644 --- a/ansible/roles/aodh/tasks/bootstrap.yml +++ b/ansible/roles/aodh/tasks/bootstrap.yml @@ -1,5 +1,6 @@ --- - name: Creating aodh database + become: true kolla_toolbox: module_name: mysql_db module_args: @@ -15,6 +16,7 @@ - not use_preconfigured_databases | bool - name: Creating aodh database user and setting permissions + become: true kolla_toolbox: module_name: mysql_user module_args: diff --git a/ansible/roles/aodh/tasks/precheck.yml b/ansible/roles/aodh/tasks/precheck.yml index 39cf225880..e5132d3784 100644 --- a/ansible/roles/aodh/tasks/precheck.yml +++ b/ansible/roles/aodh/tasks/precheck.yml @@ -1,5 +1,6 @@ --- - name: Get container facts + become: true kolla_container_facts: name: - aodh_api diff --git a/ansible/roles/aodh/tasks/register.yml b/ansible/roles/aodh/tasks/register.yml index 82896dd1ce..ccab65f26f 100644 --- a/ansible/roles/aodh/tasks/register.yml +++ b/ansible/roles/aodh/tasks/register.yml @@ -1,5 +1,6 @@ --- - name: Creating the aodh service and endpoint + become: true kolla_toolbox: module_name: "kolla_keystone_service" module_args: @@ -19,6 +20,7 @@ - {'interface': 'public', 'url': '{{ aodh_public_endpoint }}'} - name: Creating the aodh project, user, and role + become: true kolla_toolbox: module_name: "kolla_keystone_user" module_args: diff --git a/ansible/roles/barbican/tasks/bootstrap.yml b/ansible/roles/barbican/tasks/bootstrap.yml index ba5a6091d9..2699909829 100644 --- a/ansible/roles/barbican/tasks/bootstrap.yml +++ b/ansible/roles/barbican/tasks/bootstrap.yml @@ -1,5 +1,6 @@ --- - name: Creating barbican database + become: true kolla_toolbox: module_name: mysql_db module_args: @@ -15,6 +16,7 @@ - not use_preconfigured_databases | bool - name: Creating barbican database user and setting permissions + become: true kolla_toolbox: module_name: mysql_user module_args: diff --git a/ansible/roles/barbican/tasks/check.yml b/ansible/roles/barbican/tasks/check.yml index c053a5fb41..43665afde1 100644 --- a/ansible/roles/barbican/tasks/check.yml +++ b/ansible/roles/barbican/tasks/check.yml @@ -1,5 +1,6 @@ --- - name: Barbican sanity - storing a secret + become: true shell: > docker exec -t barbican_api openstack \ --os-auth-url={{ openstack_auth.auth_url }} \ @@ -12,6 +13,7 @@ when: kolla_enable_sanity_barbican | bool - name: Barbican sanity - fetch secret + become: true command: > docker exec -t barbican_api openstack --os-auth-url={{ openstack_auth.auth_url }} @@ -25,6 +27,7 @@ when: kolla_enable_sanity_barbican | bool - name: Barbican sanity - cleaning up + become: true command: > docker exec -t barbican_api openstack --os-auth-url={{ openstack_auth.auth_url }} diff --git a/ansible/roles/barbican/tasks/precheck.yml b/ansible/roles/barbican/tasks/precheck.yml index 8e1fd559d8..517d6c5e6c 100644 --- a/ansible/roles/barbican/tasks/precheck.yml +++ b/ansible/roles/barbican/tasks/precheck.yml @@ -1,5 +1,6 @@ --- - name: Get container facts + become: true kolla_container_facts: name: - barbican_api diff --git a/ansible/roles/barbican/tasks/register.yml b/ansible/roles/barbican/tasks/register.yml index bcc1558529..6856bc4d35 100644 --- a/ansible/roles/barbican/tasks/register.yml +++ b/ansible/roles/barbican/tasks/register.yml @@ -1,5 +1,6 @@ --- - name: Creating the barbican service and endpoint + become: true kolla_toolbox: module_name: "kolla_keystone_service" module_args: @@ -19,6 +20,7 @@ - {'interface': 'public', 'url': '{{ barbican_public_endpoint }}'} - name: Creating the barbican project, user, and role + become: true kolla_toolbox: module_name: "kolla_keystone_user" module_args: @@ -32,6 +34,7 @@ run_once: True - name: Creating default barbican roles + become: true kolla_toolbox: module_name: os_keystone_role module_args: diff --git a/ansible/roles/bifrost/tasks/bootstrap.yml b/ansible/roles/bifrost/tasks/bootstrap.yml index 697588ec59..6ee2538ee7 100644 --- a/ansible/roles/bifrost/tasks/bootstrap.yml +++ b/ansible/roles/bifrost/tasks/bootstrap.yml @@ -3,6 +3,7 @@ vars: nginx_user: "{{ 'www-data' if is_debian else 'nginx' }}" is_debian: "{{ kolla_base_distro in ['debian', 'ubuntu'] }}" + become: true command: > docker exec bifrost_deploy bash -c 'mkdir -p /var/log/kolla/ironic && @@ -13,6 +14,7 @@ chown {{ nginx_user }}:{{ nginx_user }} /var/log/kolla/nginx' - name: Bootstrap bifrost (this may take several minutes) + become: true command: > docker exec bifrost_deploy bash -c 'source /bifrost/env-vars && @@ -21,6 +23,7 @@ -e @/etc/bifrost/dib.yml -e skip_package_install=true' - name: Installing ssh keys + become: true command: > docker exec bifrost_deploy bash -c 'mkdir /root/.ssh ; mkdir /home/ironic/.ssh; diff --git a/ansible/roles/bifrost/tasks/deploy-servers.yml b/ansible/roles/bifrost/tasks/deploy-servers.yml index 879acfe0ff..101f9715ec 100644 --- a/ansible/roles/bifrost/tasks/deploy-servers.yml +++ b/ansible/roles/bifrost/tasks/deploy-servers.yml @@ -1,5 +1,6 @@ --- - name: Enrolling physical servers with ironic + become: true command: > docker exec bifrost_deploy bash -c 'source /bifrost/env-vars && @@ -8,6 +9,7 @@ /bifrost/playbooks/enroll-dynamic.yaml -e @/etc/bifrost/bifrost.yml' - name: Deploy physical servers with ironic + become: true command: > docker exec bifrost_deploy bash -c 'source /bifrost/env-vars && diff --git a/ansible/roles/bifrost/tasks/reconfigure.yml b/ansible/roles/bifrost/tasks/reconfigure.yml index 2d8ade0733..3364a5f014 100644 --- a/ansible/roles/bifrost/tasks/reconfigure.yml +++ b/ansible/roles/bifrost/tasks/reconfigure.yml @@ -13,6 +13,7 @@ - include_tasks: config.yml - name: Check the configs + become: true command: docker exec {{ item.name }} /usr/local/bin/kolla_set_configs --check changed_when: false failed_when: false diff --git a/ansible/roles/bifrost/tasks/stop.yml b/ansible/roles/bifrost/tasks/stop.yml index 797bd828cd..9a54ab6fc8 100644 --- a/ansible/roles/bifrost/tasks/stop.yml +++ b/ansible/roles/bifrost/tasks/stop.yml @@ -1,5 +1,6 @@ --- - name: Stopping bifrost_deploy container + become: true kolla_docker: action: "stop_container" common_options: "{{ docker_common_options }}" diff --git a/ansible/roles/blazar/tasks/bootstrap.yml b/ansible/roles/blazar/tasks/bootstrap.yml index 999e888a48..59bc454697 100644 --- a/ansible/roles/blazar/tasks/bootstrap.yml +++ b/ansible/roles/blazar/tasks/bootstrap.yml @@ -1,5 +1,6 @@ --- - name: Creating blazar database + become: true kolla_toolbox: module_name: mysql_db module_args: @@ -13,6 +14,7 @@ delegate_to: "{{ groups['blazar-api'][0] }}" - name: Creating blazar database user and setting permissions + become: true kolla_toolbox: module_name: mysql_user module_args: @@ -31,6 +33,7 @@ # TODO(egonzalez) Use os_nova_host_aggregate ansible module once ansible min version is 2.3 # http://docs.ansible.com/ansible/os_nova_host_aggregate_module.html - name: Creating blazar host aggregate + become: true command: > docker exec kolla_toolbox openstack --os-interface internal diff --git a/ansible/roles/blazar/tasks/precheck.yml b/ansible/roles/blazar/tasks/precheck.yml index 8a83efcac0..6a9b59635f 100644 --- a/ansible/roles/blazar/tasks/precheck.yml +++ b/ansible/roles/blazar/tasks/precheck.yml @@ -1,5 +1,6 @@ --- - name: Get container facts + become: true kolla_container_facts: name: - blazar_api diff --git a/ansible/roles/blazar/tasks/register.yml b/ansible/roles/blazar/tasks/register.yml index 7e8bb4236d..31aff54ded 100644 --- a/ansible/roles/blazar/tasks/register.yml +++ b/ansible/roles/blazar/tasks/register.yml @@ -1,5 +1,6 @@ --- - name: Creating the blazar service and endpoint + become: true kolla_toolbox: module_name: "kolla_keystone_service" module_args: @@ -19,6 +20,7 @@ - {'interface': 'public', 'url': '{{ blazar_public_endpoint }}'} - name: Creating the blazar project, user, and role + become: true kolla_toolbox: module_name: "kolla_keystone_user" module_args: diff --git a/ansible/roles/ceilometer/handlers/main.yml b/ansible/roles/ceilometer/handlers/main.yml index 2f393b4397..82f0327788 100644 --- a/ansible/roles/ceilometer/handlers/main.yml +++ b/ansible/roles/ceilometer/handlers/main.yml @@ -117,6 +117,7 @@ policy_overwriting: "{{ ceilometer_policy_overwriting.results|selectattr('item.key', 'equalto', service_name)|first }}" polling_overwriting: "{{ ceilometer_polling_overwriting.results|selectattr('item.key', 'equalto', service_name)|first }}" ceilometer_ipmi_container: "{{ check_ceilometer_containers.results|selectattr('item.key', 'equalto', service_name)|first }}" + become: true kolla_docker: action: "recreate_or_restart_container" common_options: "{{ docker_common_options }}" diff --git a/ansible/roles/ceilometer/tasks/register.yml b/ansible/roles/ceilometer/tasks/register.yml index 0621b6b2b7..9ceacbace5 100644 --- a/ansible/roles/ceilometer/tasks/register.yml +++ b/ansible/roles/ceilometer/tasks/register.yml @@ -1,5 +1,6 @@ --- - name: Creating the Ceilometer project, user, and role + become: true kolla_toolbox: module_name: "kolla_keystone_user" module_args: @@ -13,6 +14,7 @@ run_once: True - name: Associate the ResellerAdmin role and ceilometer user + become: true kolla_toolbox: module_name: "os_user_role" module_args: diff --git a/ansible/roles/ceph/tasks/bootstrap_osds.yml b/ansible/roles/ceph/tasks/bootstrap_osds.yml index 8a1c842e8e..aef33395e7 100644 --- a/ansible/roles/ceph/tasks/bootstrap_osds.yml +++ b/ansible/roles/ceph/tasks/bootstrap_osds.yml @@ -1,5 +1,6 @@ --- - name: Looking up disks to bootstrap for Ceph OSDs + become: true command: docker exec -t kolla_toolbox sudo -E ansible localhost -m find_disks -a "partition_name={{ partition_name_osd_bootstrap }} match_mode='prefix' use_udev={{ kolla_ceph_use_udev }}" @@ -12,6 +13,7 @@ osds_bootstrap: "{{ (osd_lookup.stdout.split('localhost | SUCCESS => ')[1]|from_json).disks|from_json }}" - name: Looking up disks to bootstrap for Ceph Cache OSDs + become: true command: docker exec -t kolla_toolbox sudo -E ansible localhost -m find_disks -a "partition_name={{ partition_name_cache_bootstrap }} match_mode='prefix' use_udev={{ kolla_ceph_use_udev }}" diff --git a/ansible/roles/ceph/tasks/deploy.yml b/ansible/roles/ceph/tasks/deploy.yml index cddd4171c4..c72eced8ef 100644 --- a/ansible/roles/ceph/tasks/deploy.yml +++ b/ansible/roles/ceph/tasks/deploy.yml @@ -23,6 +23,7 @@ - inventory_hostname in groups['ceph-nfs'] - name: configuring client.admin caps + become: true kolla_ceph_keyring: name: client.admin caps: "{{ ceph_client_admin_keyring_caps }}" diff --git a/ansible/roles/ceph/tasks/distribute_keyrings.yml b/ansible/roles/ceph/tasks/distribute_keyrings.yml index bb391f1c87..1b87e1ada8 100644 --- a/ansible/roles/ceph/tasks/distribute_keyrings.yml +++ b/ansible/roles/ceph/tasks/distribute_keyrings.yml @@ -1,5 +1,6 @@ --- - name: Fetching Ceph keyrings + become: true command: docker exec ceph_mon fetch_ceph_keys.py register: ceph_files_json changed_when: (ceph_files_json.stdout | from_json).changed diff --git a/ansible/roles/ceph/tasks/precheck.yml b/ansible/roles/ceph/tasks/precheck.yml index fabae009a4..cda620d697 100644 --- a/ansible/roles/ceph/tasks/precheck.yml +++ b/ansible/roles/ceph/tasks/precheck.yml @@ -1,5 +1,6 @@ --- - name: Get container facts + become: true kolla_container_facts: name: - ceph_rgw diff --git a/ansible/roles/ceph/tasks/reconfigure.yml b/ansible/roles/ceph/tasks/reconfigure.yml index 9e4ca35574..7b1f49d0fc 100644 --- a/ansible/roles/ceph/tasks/reconfigure.yml +++ b/ansible/roles/ceph/tasks/reconfigure.yml @@ -11,6 +11,7 @@ - { name: ceph_mon, group: ceph-mon } - name: Looking up OSDs for Ceph + become: true command: docker exec -t kolla_toolbox sudo -E ansible localhost -m find_disks -a "partition_name={{ partition_name_osd_data }} match_mode='prefix' use_udev={{ kolla_ceph_use_udev }}" @@ -58,6 +59,7 @@ - include_tasks: config.yml - name: Check the configs in ceph_mon container + become: true command: docker exec {{ item.name }} /usr/local/bin/kolla_set_configs --check changed_when: false failed_when: false @@ -67,6 +69,7 @@ - { name: ceph_mon, group: ceph-mon } - name: Check the configs in the ceph_osd container + become: true command: docker exec ceph_osd_{{ item.stdout }} /usr/local/bin/kolla_set_configs --check changed_when: false failed_when: false @@ -75,6 +78,7 @@ when: inventory_hostname in groups['ceph-osd'] - name: Check the configs in ceph_rgw container + become: true command: docker exec {{ item.name }} /usr/local/bin/kolla_set_configs --check changed_when: false failed_when: false diff --git a/ansible/roles/ceph/tasks/start_ceph_dashboard.yml b/ansible/roles/ceph/tasks/start_ceph_dashboard.yml index 19885d98be..2976959e49 100644 --- a/ansible/roles/ceph/tasks/start_ceph_dashboard.yml +++ b/ansible/roles/ceph/tasks/start_ceph_dashboard.yml @@ -1,5 +1,6 @@ --- - name: Enable ceph dashboard + become: true command: docker exec ceph_mon ceph mgr module enable dashboard changed_when: false run_once: true diff --git a/ansible/roles/ceph/tasks/start_mdss.yml b/ansible/roles/ceph/tasks/start_mdss.yml index 76d8a27c6a..8c3b7806ab 100644 --- a/ansible/roles/ceph/tasks/start_mdss.yml +++ b/ansible/roles/ceph/tasks/start_mdss.yml @@ -20,6 +20,7 @@ pool_pgp_num: "{{ cephfs_metadata_pool_pgp_num }}" - name: Geting ceph mds keyring + become: true kolla_ceph_keyring: name: "mds.{{ hostvars[item]['inventory_hostname'] }}" caps: "{{ ceph_client_mds_keyring_caps }}" @@ -53,6 +54,7 @@ - "kolla_logs:/var/log/kolla/" - name: Checking whether cephfs is created + become: true command: docker exec ceph_mon ceph fs get cephfs register: cephfs_stat failed_when: false @@ -60,6 +62,7 @@ run_once: true - name: Creating ceph new filesystem + become: true command: docker exec ceph_mon ceph fs new cephfs cephfs_metadata cephfs_data run_once: true when: cephfs_stat.rc != 0 diff --git a/ansible/roles/ceph/tasks/start_mgrs.yml b/ansible/roles/ceph/tasks/start_mgrs.yml index 2e7af05de6..3bdddf100f 100644 --- a/ansible/roles/ceph/tasks/start_mgrs.yml +++ b/ansible/roles/ceph/tasks/start_mgrs.yml @@ -1,5 +1,6 @@ --- - name: Getting ceph mgr keyring + become: true kolla_ceph_keyring: name: "mgr.{{ item }}" caps: "{{ ceph_client_mgr_keyring_caps }}" @@ -33,6 +34,7 @@ - "kolla_logs:/var/log/kolla" - name: Enable the ceph mgr prometheus module + become: true command: docker exec ceph_mgr ceph mgr module enable prometheus when: - inventory_hostname in groups['ceph-mgr'] diff --git a/ansible/roles/ceph/tasks/start_osds.yml b/ansible/roles/ceph/tasks/start_osds.yml index 849458b85a..e89cd3c2eb 100644 --- a/ansible/roles/ceph/tasks/start_osds.yml +++ b/ansible/roles/ceph/tasks/start_osds.yml @@ -1,5 +1,6 @@ --- - name: Looking up OSDs for Ceph + become: true command: docker exec -t kolla_toolbox sudo -E ansible localhost -m find_disks -a "partition_name={{ partition_name_osd_data }} match_mode='prefix' use_udev={{ kolla_ceph_use_udev }}" diff --git a/ansible/roles/ceph/tasks/start_rgw_keystone.yml b/ansible/roles/ceph/tasks/start_rgw_keystone.yml index 945cad0ab1..a510a30764 100644 --- a/ansible/roles/ceph/tasks/start_rgw_keystone.yml +++ b/ansible/roles/ceph/tasks/start_rgw_keystone.yml @@ -1,5 +1,6 @@ --- - name: Creating the Swift service and endpoint + become: true kolla_toolbox: module_name: kolla_keystone_service module_args: @@ -19,6 +20,7 @@ - {'interface': 'public', 'url': '{{ swift_public_endpoint }}'} - name: Registering keystone ceph_rgw user + become: true kolla_toolbox: module_name: kolla_keystone_user module_args: @@ -32,6 +34,7 @@ run_once: True - name: Creating the ResellerAdmin role + become: true kolla_toolbox: module_name: "os_keystone_role" module_args: diff --git a/ansible/roles/ceph/tasks/stop.yml b/ansible/roles/ceph/tasks/stop.yml index e3852b5fde..90f1318d27 100644 --- a/ansible/roles/ceph/tasks/stop.yml +++ b/ansible/roles/ceph/tasks/stop.yml @@ -1,5 +1,6 @@ --- - name: Stopping ceph-mon container + become: true kolla_docker: action: "stop_container" common_options: "{{ docker_common_options }}" @@ -9,10 +10,12 @@ - "'ceph_mon' not in skip_stop_containers" - name: Find running ceph-osds containers + become: true command: "docker ps --filter name=ceph_osd_ --format {% raw %}{{.Names}}{% endraw %}" register: ceph_osd_containers - name: Stopping ceph-osd container + become: true kolla_docker: action: "stop_container" common_options: "{{ docker_common_options }}" @@ -24,6 +27,7 @@ - item not in skip_stop_containers - name: Stopping ceph-rgw container + become: true kolla_docker: action: "stop_container" common_options: "{{ docker_common_options }}" @@ -34,6 +38,7 @@ - "'ceph_rgw' not in skip_stop_containers" - name: Stopping ceph-mgr container + become: true kolla_docker: action: "stop_container" common_options: "{{ docker_common_options }}" @@ -43,6 +48,7 @@ - "'ceph_mgr' not in skip_stop_containers" - name: Stopping ceph-mds container + become: true kolla_docker: action: "stop_container" common_options: "{{ docker_common_options }}" @@ -53,6 +59,7 @@ - "'ceph_mds' not in skip_stop_containers" - name: Stopping ceph-nfs container + become: true kolla_docker: action: "stop_container" common_options: "{{ docker_common_options }}" diff --git a/ansible/roles/ceph/tasks/upgrade.yml b/ansible/roles/ceph/tasks/upgrade.yml index 89449a0de5..61ec87db35 100644 --- a/ansible/roles/ceph/tasks/upgrade.yml +++ b/ansible/roles/ceph/tasks/upgrade.yml @@ -4,6 +4,7 @@ # NOTE(jeffrey4l): client.admin caps should be update when upgrade from Jewel # to Luminous - name: configuring client.admin caps + become: true kolla_ceph_keyring: name: client.admin caps: "{{ ceph_client_admin_keyring_caps }}" @@ -37,6 +38,7 @@ # NOTE(chenxing): Disallowing pre-luminous OSDs and enabling all # new Luminous-only functionality - name: Enabling all new Luminous-only functionality + become: true command: docker exec ceph_mon ceph osd require-osd-release luminous delegate_to: "{{ groups['ceph-mon'][0] }}" changed_when: False diff --git a/ansible/roles/ceph_pools.yml b/ansible/roles/ceph_pools.yml index 1de46c859e..a5c3007964 100644 --- a/ansible/roles/ceph_pools.yml +++ b/ansible/roles/ceph_pools.yml @@ -1,6 +1,7 @@ --- # TODO(SamYaple): Improve failed_when and changed_when tests if possible - name: Creating ceph erasure profile + become: true command: docker exec ceph_mon ceph osd erasure-code-profile set erasure-profile {{ ceph_erasure_profile }} delegate_to: "{{ groups['ceph-mon'][0] }}" changed_when: False @@ -9,6 +10,7 @@ when: pool_type == "erasure" - name: Creating ceph ruleset + become: true command: docker exec ceph_mon ceph osd crush rule create-erasure disks erasure-profile delegate_to: "{{ groups['ceph-mon'][0] }}" changed_when: False @@ -17,6 +19,7 @@ when: pool_type == "erasure" - name: Creating ceph ruleset + become: true command: docker exec ceph_mon ceph osd crush rule create-simple disks {{ ceph_rule }} delegate_to: "{{ groups['ceph-mon'][0] }}" changed_when: False @@ -25,18 +28,21 @@ when: pool_type == "replicated" - name: Creating ceph pool + become: true command: docker exec ceph_mon ceph osd pool create {{ pool_name }} {{ pool_pg_num }} {{ pool_pgp_num }} {{ pool_type }} {{ 'erasure-profile' if pool_type == 'erasure' else '' }} disks delegate_to: "{{ groups['ceph-mon'][0] }}" changed_when: False run_once: True - name: enable application for ceph pool + become: true command: docker exec ceph_mon ceph osd pool application enable {{ pool_name }} {{ pool_application }} changed_when: False delegate_to: "{{ groups['ceph-mon'][0] }}" run_once: True - name: Creating ceph ruleset for cache + become: true command: docker exec ceph_mon ceph osd crush rule create-simple cache {{ ceph_cache_rule }} delegate_to: "{{ groups['ceph-mon'][0] }}" changed_when: False @@ -45,6 +51,7 @@ when: ceph_enable_cache | bool - name: Creating ceph pool for cache + become: true command: docker exec ceph_mon ceph osd pool create {{ pool_name }}-cache 128 128 replicated cache delegate_to: "{{ groups['ceph-mon'][0] }}" changed_when: False @@ -52,6 +59,7 @@ when: ceph_enable_cache | bool - name: Adding cache to pool + become: true command: docker exec ceph_mon ceph osd tier add {{ pool_name }} {{ pool_name }}-cache delegate_to: "{{ groups['ceph-mon'][0] }}" changed_when: False @@ -60,6 +68,7 @@ when: ceph_enable_cache | bool - name: Setting cache-mode + become: true command: docker exec ceph_mon ceph osd tier cache-mode {{ pool_name }}-cache {{ cache_mode }} delegate_to: "{{ groups['ceph-mon'][0] }}" changed_when: False @@ -68,6 +77,7 @@ when: ceph_enable_cache | bool - name: Setting cache overlay for pool + become: true command: docker exec ceph_mon ceph osd tier set-overlay {{ pool_name }} {{ pool_name }}-cache delegate_to: "{{ groups['ceph-mon'][0] }}" changed_when: False @@ -76,6 +86,7 @@ when: ceph_enable_cache | bool - name: Setting cache hit_set_type + become: true command: docker exec ceph_mon ceph osd pool set {{ pool_name }}-cache hit_set_type bloom delegate_to: "{{ groups['ceph-mon'][0] }}" changed_when: False @@ -84,6 +95,7 @@ when: ceph_enable_cache | bool - name: Setting cache target_max_bytes + become: true command: docker exec ceph_mon ceph osd pool set {{ pool_name }}-cache target_max_bytes {{ ceph_target_max_bytes }} delegate_to: "{{ groups['ceph-mon'][0] }}" changed_when: False @@ -94,6 +106,7 @@ - ceph_target_max_bytes != '' - name: Setting cache target_max_objects + become: true command: docker exec ceph_mon ceph osd pool set {{ pool_name }}-cache target_max_objects {{ ceph_target_max_objects }} delegate_to: "{{ groups['ceph-mon'][0] }}" changed_when: False diff --git a/ansible/roles/cinder/tasks/bootstrap.yml b/ansible/roles/cinder/tasks/bootstrap.yml index d68e9f148a..1b62ec6ddd 100644 --- a/ansible/roles/cinder/tasks/bootstrap.yml +++ b/ansible/roles/cinder/tasks/bootstrap.yml @@ -1,5 +1,6 @@ --- - name: Creating Cinder database + become: true kolla_toolbox: module_name: mysql_db module_args: @@ -15,6 +16,7 @@ - not use_preconfigured_databases | bool - name: Creating Cinder database user and setting permissions + become: true kolla_toolbox: module_name: mysql_user module_args: diff --git a/ansible/roles/cinder/tasks/ceph.yml b/ansible/roles/cinder/tasks/ceph.yml index 38e9cb148e..dae58d1d1b 100644 --- a/ansible/roles/cinder/tasks/ceph.yml +++ b/ansible/roles/cinder/tasks/ceph.yml @@ -40,6 +40,7 @@ pool_application: "rbd" - name: Pulling cephx keyring for cinder + become: true kolla_ceph_keyring: name: client.cinder caps: "{{ ceph_client_cinder_keyring_caps }}" @@ -48,6 +49,7 @@ run_once: True - name: Pulling cephx keyring for cinder-backup + become: true kolla_ceph_keyring: name: client.cinder-backup caps: "{{ ceph_client_cinder_backup_keyring_caps }}" diff --git a/ansible/roles/cinder/tasks/check.yml b/ansible/roles/cinder/tasks/check.yml index 0f3ca0df6c..fb58e02470 100644 --- a/ansible/roles/cinder/tasks/check.yml +++ b/ansible/roles/cinder/tasks/check.yml @@ -1,5 +1,6 @@ --- - name: Cinder sanity check - create volume + become: true kolla_toolbox: module_name: os_volume module_args: @@ -13,6 +14,7 @@ when: kolla_enable_sanity_cinder | bool - name: Cinder sanity check - cleanup volume + become: true kolla_toolbox: module_name: os_volume module_args: diff --git a/ansible/roles/cinder/tasks/precheck.yml b/ansible/roles/cinder/tasks/precheck.yml index bf5783cdbb..09737bc7a8 100644 --- a/ansible/roles/cinder/tasks/precheck.yml +++ b/ansible/roles/cinder/tasks/precheck.yml @@ -1,5 +1,6 @@ --- - name: Get container facts + become: true kolla_container_facts: name: - cinder_api diff --git a/ansible/roles/cinder/tasks/register.yml b/ansible/roles/cinder/tasks/register.yml index 4e19a590bc..f013f89408 100644 --- a/ansible/roles/cinder/tasks/register.yml +++ b/ansible/roles/cinder/tasks/register.yml @@ -1,5 +1,6 @@ --- - name: Creating the Cinder service and endpoint + become: true kolla_toolbox: module_name: "kolla_keystone_service" module_args: @@ -22,6 +23,7 @@ - {'interface': 'public', 'url': '{{ cinder_v3_public_endpoint }}', 'service_name': 'cinderv3', 'service_type': 'volumev3'} - name: Creating the Cinder project, user, and role + become: true kolla_toolbox: module_name: "kolla_keystone_user" module_args: diff --git a/ansible/roles/cloudkitty/tasks/bootstrap.yml b/ansible/roles/cloudkitty/tasks/bootstrap.yml index e96a568454..1da6991465 100644 --- a/ansible/roles/cloudkitty/tasks/bootstrap.yml +++ b/ansible/roles/cloudkitty/tasks/bootstrap.yml @@ -1,5 +1,6 @@ --- - name: Creating Cloudkitty database + become: true kolla_toolbox: module_name: mysql_db module_args: @@ -15,6 +16,7 @@ - not use_preconfigured_databases | bool - name: Creating Cloudkitty database user and setting permissions + become: true kolla_toolbox: module_name: mysql_user module_args: diff --git a/ansible/roles/cloudkitty/tasks/precheck.yml b/ansible/roles/cloudkitty/tasks/precheck.yml index bf61bfefb9..1a78b37b0a 100644 --- a/ansible/roles/cloudkitty/tasks/precheck.yml +++ b/ansible/roles/cloudkitty/tasks/precheck.yml @@ -1,5 +1,6 @@ --- - name: Get container facts + become: true kolla_container_facts: name: - cloudkitty_api diff --git a/ansible/roles/cloudkitty/tasks/register.yml b/ansible/roles/cloudkitty/tasks/register.yml index cb8b19a6ff..7f7cd9e69c 100644 --- a/ansible/roles/cloudkitty/tasks/register.yml +++ b/ansible/roles/cloudkitty/tasks/register.yml @@ -1,5 +1,6 @@ --- - name: Creating the Cloudkitty service and endpoint + become: true kolla_toolbox: module_name: "kolla_keystone_service" module_args: @@ -19,6 +20,7 @@ - {'interface': 'public', 'url': '{{ cloudkitty_public_endpoint }}'} - name: Creating the Cloudkitty project, user, and role + become: true kolla_toolbox: module_name: "kolla_keystone_user" module_args: @@ -32,6 +34,7 @@ run_once: True - name: Creating the rating role + become: true kolla_toolbox: module_name: os_keystone_role module_args: diff --git a/ansible/roles/common/handlers/main.yml b/ansible/roles/common/handlers/main.yml index e279b079e4..8bf5267647 100644 --- a/ansible/roles/common/handlers/main.yml +++ b/ansible/roles/common/handlers/main.yml @@ -54,6 +54,7 @@ - Initializing toolbox container using normal user - name: Initializing toolbox container using normal user + become: true command: docker exec -t kolla_toolbox ansible --version changed_when: false diff --git a/ansible/roles/congress/tasks/bootstrap.yml b/ansible/roles/congress/tasks/bootstrap.yml index a3a0c5c62b..9ddabffd43 100644 --- a/ansible/roles/congress/tasks/bootstrap.yml +++ b/ansible/roles/congress/tasks/bootstrap.yml @@ -1,5 +1,6 @@ --- - name: Creating congress database + become: true kolla_toolbox: module_name: mysql_db module_args: @@ -15,6 +16,7 @@ - not use_preconfigured_databases | bool - name: Creating congress database user and setting permissions + become: true kolla_toolbox: module_name: mysql_user module_args: diff --git a/ansible/roles/congress/tasks/precheck.yml b/ansible/roles/congress/tasks/precheck.yml index d98647364b..666e7d4258 100644 --- a/ansible/roles/congress/tasks/precheck.yml +++ b/ansible/roles/congress/tasks/precheck.yml @@ -1,5 +1,6 @@ --- - name: Get container facts + become: true kolla_container_facts: name: - congress_api diff --git a/ansible/roles/congress/tasks/register.yml b/ansible/roles/congress/tasks/register.yml index 491809e537..bbbd39cac2 100644 --- a/ansible/roles/congress/tasks/register.yml +++ b/ansible/roles/congress/tasks/register.yml @@ -1,5 +1,6 @@ --- - name: Creating the congress service and endpoint + become: true kolla_toolbox: module_name: "kolla_keystone_service" module_args: @@ -19,6 +20,7 @@ - {'interface': 'public', 'url': '{{ congress_public_endpoint }}'} - name: Creating the congress project, user, and role + become: true kolla_toolbox: module_name: "kolla_keystone_user" module_args: diff --git a/ansible/roles/cyborg/handlers/main.yml b/ansible/roles/cyborg/handlers/main.yml index ea0bb2093c..97dcbcdb4e 100644 --- a/ansible/roles/cyborg/handlers/main.yml +++ b/ansible/roles/cyborg/handlers/main.yml @@ -7,6 +7,7 @@ cyborg_conf: "{{ cyborg_confs.results|selectattr('item.key', 'equalto', service_name)|first }}" policy_overwriting: "{{ cyborg_policy_overwriting.results|selectattr('item.key', 'equalto', service_name)|first }}" cyborg_api_container: "{{ check_cyborg_containers.results|selectattr('item.key', 'equalto', service_name)|first }}" + become: true kolla_docker: action: "recreate_or_restart_container" common_options: "{{ docker_common_options }}" @@ -31,6 +32,7 @@ cyborg_conf: "{{ cyborg_confs.results|selectattr('item.key', 'equalto', service_name)|first }}" policy_overwriting: "{{ cyborg_policy_overwriting.results|selectattr('item.key', 'equalto', service_name)|first }}" cyborg_conductor_container: "{{ check_cyborg_containers.results|selectattr('item.key', 'equalto', service_name)|first }}" + become: true kolla_docker: action: "recreate_or_restart_container" common_options: "{{ docker_common_options }}" @@ -55,6 +57,7 @@ cyborg_conf: "{{ cyborg_confs.results|selectattr('item.key', 'equalto', service_name)|first }}" policy_overwriting: "{{ cyborg_policy_overwriting.results|selectattr('item.key', 'equalto', service_name)|first }}" cyborg_agent_container: "{{ check_cyborg_containers.results|selectattr('item.key', 'equalto', service_name)|first }}" + become: true kolla_docker: action: "recreate_or_restart_container" common_options: "{{ docker_common_options }}" diff --git a/ansible/roles/cyborg/tasks/bootstrap.yml b/ansible/roles/cyborg/tasks/bootstrap.yml index fec53cdf03..83ca49f712 100644 --- a/ansible/roles/cyborg/tasks/bootstrap.yml +++ b/ansible/roles/cyborg/tasks/bootstrap.yml @@ -1,5 +1,6 @@ --- - name: Creating cyborg database + become: true kolla_toolbox: module_name: mysql_db module_args: @@ -15,6 +16,7 @@ - not use_preconfigured_databases | bool - name: Creating cyborg database user and setting permissions + become: true kolla_toolbox: module_name: mysql_user module_args: diff --git a/ansible/roles/cyborg/tasks/bootstrap_service.yml b/ansible/roles/cyborg/tasks/bootstrap_service.yml index b272595514..164aeae2d7 100644 --- a/ansible/roles/cyborg/tasks/bootstrap_service.yml +++ b/ansible/roles/cyborg/tasks/bootstrap_service.yml @@ -2,6 +2,7 @@ - name: Running cyborg bootstrap container vars: cyborg_api: "{{ cyborg_services['cyborg-api'] }}" + become: true kolla_docker: action: "start_container" common_options: "{{ docker_common_options }}" diff --git a/ansible/roles/cyborg/tasks/config.yml b/ansible/roles/cyborg/tasks/config.yml index ea8e29df23..0c24e72810 100644 --- a/ansible/roles/cyborg/tasks/config.yml +++ b/ansible/roles/cyborg/tasks/config.yml @@ -109,6 +109,7 @@ - Restart cyborg-api container - name: Check cyborg containers + become: true kolla_docker: action: "compare_container" common_options: "{{ docker_common_options }}" diff --git a/ansible/roles/cyborg/tasks/precheck.yml b/ansible/roles/cyborg/tasks/precheck.yml index fbd1cb3c7a..f7470f3e1c 100644 --- a/ansible/roles/cyborg/tasks/precheck.yml +++ b/ansible/roles/cyborg/tasks/precheck.yml @@ -1,5 +1,6 @@ --- - name: Get container facts + become: true kolla_container_facts: name: - cyborg_api diff --git a/ansible/roles/cyborg/tasks/register.yml b/ansible/roles/cyborg/tasks/register.yml index b43de75590..decd02d617 100644 --- a/ansible/roles/cyborg/tasks/register.yml +++ b/ansible/roles/cyborg/tasks/register.yml @@ -1,5 +1,6 @@ --- - name: Creating the cyborg service and endpoint + become: true kolla_toolbox: module_name: "kolla_keystone_service" module_args: @@ -19,6 +20,7 @@ - {'interface': 'public', 'url': '{{ cyborg_public_endpoint }}'} - name: Creating the cyborg project, user, and role + become: true kolla_toolbox: module_name: "kolla_keystone_user" module_args: diff --git a/ansible/roles/designate/tasks/bootstrap.yml b/ansible/roles/designate/tasks/bootstrap.yml index 71899b1974..5c478dab4c 100644 --- a/ansible/roles/designate/tasks/bootstrap.yml +++ b/ansible/roles/designate/tasks/bootstrap.yml @@ -1,5 +1,6 @@ --- - name: Creating Designate databases + become: true kolla_toolbox: module_name: mysql_db module_args: @@ -18,6 +19,7 @@ - not use_preconfigured_databases | bool - name: Creating Designate databases user and setting permissions + become: true kolla_toolbox: module_name: mysql_user module_args: diff --git a/ansible/roles/designate/tasks/precheck.yml b/ansible/roles/designate/tasks/precheck.yml index 626fc31500..10d67e6b85 100644 --- a/ansible/roles/designate/tasks/precheck.yml +++ b/ansible/roles/designate/tasks/precheck.yml @@ -1,5 +1,6 @@ --- - name: Get container facts + become: true kolla_container_facts: name: - designate_api diff --git a/ansible/roles/designate/tasks/register.yml b/ansible/roles/designate/tasks/register.yml index 8fa6e7d4b9..354f3503b0 100644 --- a/ansible/roles/designate/tasks/register.yml +++ b/ansible/roles/designate/tasks/register.yml @@ -1,5 +1,6 @@ --- - name: Creating the Designate service and endpoint + become: true kolla_toolbox: module_name: "kolla_keystone_service" module_args: @@ -19,6 +20,7 @@ - {'interface': 'public', 'url': '{{ designate_public_endpoint }}'} - name: Creating the Designate project, user, and role + become: true kolla_toolbox: module_name: "kolla_keystone_user" module_args: diff --git a/ansible/roles/designate/tasks/update_pools.yml b/ansible/roles/designate/tasks/update_pools.yml index c0602d7f93..21d29ee02c 100644 --- a/ansible/roles/designate/tasks/update_pools.yml +++ b/ansible/roles/designate/tasks/update_pools.yml @@ -1,4 +1,5 @@ --- - name: Update DNS pools + become: true command: docker exec -t designate_worker designate-manage pool update --file /etc/designate/pools.yaml when: inventory_hostname == groups['designate-worker'][0] diff --git a/ansible/roles/elasticsearch/tasks/precheck.yml b/ansible/roles/elasticsearch/tasks/precheck.yml index 409c765d28..3124b06ee7 100644 --- a/ansible/roles/elasticsearch/tasks/precheck.yml +++ b/ansible/roles/elasticsearch/tasks/precheck.yml @@ -1,5 +1,6 @@ --- - name: Get container facts + become: true kolla_container_facts: name: - elasticsearch diff --git a/ansible/roles/etcd/tasks/precheck.yml b/ansible/roles/etcd/tasks/precheck.yml index 8b0a0433f3..cc9deb3377 100644 --- a/ansible/roles/etcd/tasks/precheck.yml +++ b/ansible/roles/etcd/tasks/precheck.yml @@ -1,5 +1,6 @@ --- - name: Get container facts + become: true kolla_container_facts: name: - etcd diff --git a/ansible/roles/freezer/tasks/precheck.yml b/ansible/roles/freezer/tasks/precheck.yml index 06150b2e66..94f8e42165 100644 --- a/ansible/roles/freezer/tasks/precheck.yml +++ b/ansible/roles/freezer/tasks/precheck.yml @@ -1,5 +1,6 @@ --- - name: Get container facts + become: true kolla_container_facts: name: - freezer_api diff --git a/ansible/roles/freezer/tasks/register.yml b/ansible/roles/freezer/tasks/register.yml index 433d8a8267..5dfa960114 100644 --- a/ansible/roles/freezer/tasks/register.yml +++ b/ansible/roles/freezer/tasks/register.yml @@ -1,5 +1,6 @@ --- - name: Creating the freezer service and endpoint + become: true kolla_toolbox: module_name: kolla_keystone_service module_args: @@ -19,6 +20,7 @@ - {'interface': 'public', 'url': '{{ freezer_public_endpoint }}'} - name: Creating the freezer project, user, and role + become: true kolla_toolbox: module_name: kolla_keystone_user module_args: diff --git a/ansible/roles/glance/tasks/bootstrap.yml b/ansible/roles/glance/tasks/bootstrap.yml index e1f6244ba9..5a55857bf9 100644 --- a/ansible/roles/glance/tasks/bootstrap.yml +++ b/ansible/roles/glance/tasks/bootstrap.yml @@ -1,5 +1,6 @@ --- - name: Creating Glance database + become: true kolla_toolbox: module_name: mysql_db module_args: @@ -15,6 +16,7 @@ - not use_preconfigured_databases | bool - name: Creating Glance database user and setting permissions + become: true kolla_toolbox: module_name: mysql_user module_args: diff --git a/ansible/roles/glance/tasks/bootstrap_service.yml b/ansible/roles/glance/tasks/bootstrap_service.yml index 110841d4eb..f182d7d689 100644 --- a/ansible/roles/glance/tasks/bootstrap_service.yml +++ b/ansible/roles/glance/tasks/bootstrap_service.yml @@ -2,6 +2,7 @@ - name: Enable log_bin_trust_function_creators function vars: glance_api: "{{ glance_services['glance-api'] }}" + become: true kolla_toolbox: module_name: mysql_variables module_args: @@ -39,6 +40,7 @@ - name: Disable log_bin_trust_function_creators function vars: glance_api: "{{ glance_services['glance-api'] }}" + become: true kolla_toolbox: module_name: mysql_variables module_args: diff --git a/ansible/roles/glance/tasks/ceph.yml b/ansible/roles/glance/tasks/ceph.yml index 49f43bd2c7..f8fd4979d7 100644 --- a/ansible/roles/glance/tasks/ceph.yml +++ b/ansible/roles/glance/tasks/ceph.yml @@ -20,6 +20,7 @@ pool_application: "rbd" - name: Pulling cephx keyring + become: true kolla_ceph_keyring: name: client.glance caps: "{{ ceph_client_glance_keyring_caps }}" diff --git a/ansible/roles/glance/tasks/check.yml b/ansible/roles/glance/tasks/check.yml index 6dccb2b99a..466681bf16 100644 --- a/ansible/roles/glance/tasks/check.yml +++ b/ansible/roles/glance/tasks/check.yml @@ -1,5 +1,6 @@ --- - name: Glance sanity check - create image + become: true kolla_toolbox: module_name: os_image module_args: @@ -16,6 +17,7 @@ when: kolla_enable_sanity_glance | bool - name: Glance sanity check - cleanup + become: true kolla_toolbox: module_name: os_image module_args: diff --git a/ansible/roles/glance/tasks/precheck.yml b/ansible/roles/glance/tasks/precheck.yml index a443a53571..2be891740d 100644 --- a/ansible/roles/glance/tasks/precheck.yml +++ b/ansible/roles/glance/tasks/precheck.yml @@ -1,5 +1,6 @@ --- - name: Get container facts + become: true kolla_container_facts: name: "{{ glance_services.values()|map(attribute='container_name')|list }}" register: container_facts diff --git a/ansible/roles/glance/tasks/register.yml b/ansible/roles/glance/tasks/register.yml index 49c50c75f7..a94c34f8ff 100644 --- a/ansible/roles/glance/tasks/register.yml +++ b/ansible/roles/glance/tasks/register.yml @@ -1,5 +1,6 @@ --- - name: Creating the Glance service and endpoint + become: true kolla_toolbox: module_name: "kolla_keystone_service" module_args: @@ -19,6 +20,7 @@ - {'interface': 'public', 'url': '{{ glance_public_endpoint }}'} - name: Creating the Glance project, user, and role + become: true kolla_toolbox: module_name: "kolla_keystone_user" module_args: diff --git a/ansible/roles/glance/tasks/rolling_upgrade.yml b/ansible/roles/glance/tasks/rolling_upgrade.yml index d4675c304d..c971507faa 100644 --- a/ansible/roles/glance/tasks/rolling_upgrade.yml +++ b/ansible/roles/glance/tasks/rolling_upgrade.yml @@ -12,6 +12,7 @@ - name: Enable log_bin_trust_function_creators function vars: glance_api: "{{ glance_services['glance-api'] }}" + become: true kolla_toolbox: module_name: mysql_variables module_args: @@ -101,6 +102,7 @@ - name: Disable log_bin_trust_function_creators function vars: glance_api: "{{ glance_services['glance-api'] }}" + become: true kolla_toolbox: module_name: mysql_variables module_args: diff --git a/ansible/roles/gnocchi/tasks/bootstrap.yml b/ansible/roles/gnocchi/tasks/bootstrap.yml index ec33bac7c5..dcc6054448 100644 --- a/ansible/roles/gnocchi/tasks/bootstrap.yml +++ b/ansible/roles/gnocchi/tasks/bootstrap.yml @@ -1,5 +1,6 @@ --- - name: Creating gnocchi database + become: true kolla_toolbox: module_name: mysql_db module_args: @@ -15,6 +16,7 @@ - not use_preconfigured_databases | bool - name: Creating gnocchi database user and setting permissions + become: true kolla_toolbox: module_name: mysql_user module_args: diff --git a/ansible/roles/gnocchi/tasks/ceph.yml b/ansible/roles/gnocchi/tasks/ceph.yml index dd0e198f92..8a16656599 100644 --- a/ansible/roles/gnocchi/tasks/ceph.yml +++ b/ansible/roles/gnocchi/tasks/ceph.yml @@ -24,6 +24,7 @@ pool_application: "rgw" - name: Pulling cephx keyring + become: true kolla_ceph_keyring: name: client.gnocchi caps: "{{ ceph_client_gnocchi_keyring_caps }}" diff --git a/ansible/roles/gnocchi/tasks/precheck.yml b/ansible/roles/gnocchi/tasks/precheck.yml index a352d9701d..4b43ed97f0 100644 --- a/ansible/roles/gnocchi/tasks/precheck.yml +++ b/ansible/roles/gnocchi/tasks/precheck.yml @@ -1,5 +1,6 @@ --- - name: Get container facts + become: true kolla_container_facts: name: - gnocchi_api diff --git a/ansible/roles/gnocchi/tasks/register.yml b/ansible/roles/gnocchi/tasks/register.yml index b1f6ba8c09..785267f803 100644 --- a/ansible/roles/gnocchi/tasks/register.yml +++ b/ansible/roles/gnocchi/tasks/register.yml @@ -1,5 +1,6 @@ --- - name: Creating the gnocchi service and endpoint + become: true kolla_toolbox: module_name: "kolla_keystone_service" module_args: @@ -19,6 +20,7 @@ - {'interface': 'public', 'url': '{{ gnocchi_public_endpoint }}'} - name: Creating the gnocchi project, user, and role + become: true kolla_toolbox: module_name: "kolla_keystone_user" module_args: diff --git a/ansible/roles/grafana/tasks/bootstrap.yml b/ansible/roles/grafana/tasks/bootstrap.yml index 97727dab7f..4fcec904e6 100644 --- a/ansible/roles/grafana/tasks/bootstrap.yml +++ b/ansible/roles/grafana/tasks/bootstrap.yml @@ -1,5 +1,6 @@ --- - name: Creating grafana database + become: true kolla_toolbox: module_name: mysql_db module_args: @@ -14,6 +15,7 @@ - not use_preconfigured_databases | bool - name: Creating grafana database user and setting permissions + become: true kolla_toolbox: module_name: mysql_user module_args: diff --git a/ansible/roles/grafana/tasks/precheck.yml b/ansible/roles/grafana/tasks/precheck.yml index 2545a37d35..2c30876c51 100644 --- a/ansible/roles/grafana/tasks/precheck.yml +++ b/ansible/roles/grafana/tasks/precheck.yml @@ -1,5 +1,6 @@ --- - name: Get container facts + become: true kolla_container_facts: name: - grafana diff --git a/ansible/roles/haproxy/tasks/precheck.yml b/ansible/roles/haproxy/tasks/precheck.yml index 20b1e1565a..f3a0dffc2c 100644 --- a/ansible/roles/haproxy/tasks/precheck.yml +++ b/ansible/roles/haproxy/tasks/precheck.yml @@ -1,5 +1,6 @@ --- - name: Get container facts + become: true kolla_container_facts: name: - haproxy diff --git a/ansible/roles/heat/tasks/bootstrap.yml b/ansible/roles/heat/tasks/bootstrap.yml index 7fe1b95524..c2fb68ff35 100644 --- a/ansible/roles/heat/tasks/bootstrap.yml +++ b/ansible/roles/heat/tasks/bootstrap.yml @@ -1,5 +1,6 @@ --- - name: Creating Heat database + become: true kolla_toolbox: module_name: mysql_db module_args: @@ -15,6 +16,7 @@ - not use_preconfigured_databases | bool - name: Creating Heat database user and setting permissions + become: true kolla_toolbox: module_name: mysql_user module_args: diff --git a/ansible/roles/heat/tasks/precheck.yml b/ansible/roles/heat/tasks/precheck.yml index 4454fbd612..fc75b7804b 100644 --- a/ansible/roles/heat/tasks/precheck.yml +++ b/ansible/roles/heat/tasks/precheck.yml @@ -1,5 +1,6 @@ --- - name: Get container facts + become: true kolla_container_facts: name: - heat_api diff --git a/ansible/roles/heat/tasks/register.yml b/ansible/roles/heat/tasks/register.yml index 0a2e2c2c12..b93f64e9bb 100644 --- a/ansible/roles/heat/tasks/register.yml +++ b/ansible/roles/heat/tasks/register.yml @@ -1,5 +1,6 @@ --- - name: Creating the Heat service and endpoint + become: true kolla_toolbox: module_name: "kolla_keystone_service" module_args: @@ -22,6 +23,7 @@ - {'interface': 'public', 'url': '{{ heat_cfn_public_endpoint }}', 'service_name': 'heat-cfn', 'service_type': 'cloudformation', 'description': 'Orchestration'} - name: Creating the Heat project, user, and role + become: true kolla_toolbox: module_name: "kolla_keystone_user" module_args: @@ -35,6 +37,7 @@ run_once: True - name: Creating the heat_stack_user role + become: true kolla_toolbox: module_name: os_keystone_role module_args: @@ -44,6 +47,7 @@ run_once: True - name: Creating the heat_stack_owner role + become: true kolla_toolbox: module_name: os_keystone_role module_args: @@ -53,6 +57,7 @@ run_once: True - name: Add the heat_stack_owner role to the admin project + become: true kolla_toolbox: module_name: "os_user_role" module_args: diff --git a/ansible/roles/horizon/tasks/bootstrap.yml b/ansible/roles/horizon/tasks/bootstrap.yml index dfd0ece1cb..37df28d150 100644 --- a/ansible/roles/horizon/tasks/bootstrap.yml +++ b/ansible/roles/horizon/tasks/bootstrap.yml @@ -1,5 +1,6 @@ --- - name: Creating Horizon database + become: true kolla_toolbox: module_name: mysql_db module_args: @@ -15,6 +16,7 @@ - not use_preconfigured_databases | bool - name: Creating Horizon database user and setting permissions + become: true kolla_toolbox: module_name: mysql_user module_args: diff --git a/ansible/roles/horizon/tasks/precheck.yml b/ansible/roles/horizon/tasks/precheck.yml index 740e61602f..f565ed1b88 100644 --- a/ansible/roles/horizon/tasks/precheck.yml +++ b/ansible/roles/horizon/tasks/precheck.yml @@ -1,5 +1,6 @@ --- - name: Get container facts + become: true kolla_container_facts: name: - horizon diff --git a/ansible/roles/influxdb/tasks/precheck.yml b/ansible/roles/influxdb/tasks/precheck.yml index c7a839daac..dd965b65e0 100644 --- a/ansible/roles/influxdb/tasks/precheck.yml +++ b/ansible/roles/influxdb/tasks/precheck.yml @@ -1,5 +1,6 @@ --- - name: Get container facts + become: true kolla_container_facts: name: - influxdb diff --git a/ansible/roles/ironic/handlers/main.yml b/ansible/roles/ironic/handlers/main.yml index 5fc02543c1..7fbbc317af 100644 --- a/ansible/roles/ironic/handlers/main.yml +++ b/ansible/roles/ironic/handlers/main.yml @@ -105,6 +105,7 @@ service: "{{ ironic_services[service_name] }}" config_json: "{{ ironic_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}" ironic_ipxe_container: "{{ check_ironic_containers.results|selectattr('item.key', 'equalto', service_name)|first }}" + become: true kolla_docker: action: "recreate_or_restart_container" common_options: "{{ docker_common_options }}" diff --git a/ansible/roles/ironic/tasks/bootstrap.yml b/ansible/roles/ironic/tasks/bootstrap.yml index 0763380b4b..3c35cf7747 100644 --- a/ansible/roles/ironic/tasks/bootstrap.yml +++ b/ansible/roles/ironic/tasks/bootstrap.yml @@ -1,5 +1,6 @@ --- - name: Creating Ironic database + become: true kolla_toolbox: module_name: mysql_db module_args: @@ -21,6 +22,7 @@ - inventory_hostname in groups[item.group] - name: Creating Ironic database user and setting permissions + become: true kolla_toolbox: module_name: mysql_user module_args: diff --git a/ansible/roles/ironic/tasks/precheck.yml b/ansible/roles/ironic/tasks/precheck.yml index 93d270b71f..fe5eca9c6d 100644 --- a/ansible/roles/ironic/tasks/precheck.yml +++ b/ansible/roles/ironic/tasks/precheck.yml @@ -1,5 +1,6 @@ --- - name: Get container facts + become: true kolla_container_facts: name: - ironic_api diff --git a/ansible/roles/ironic/tasks/register.yml b/ansible/roles/ironic/tasks/register.yml index 9171f30711..07a141d57f 100644 --- a/ansible/roles/ironic/tasks/register.yml +++ b/ansible/roles/ironic/tasks/register.yml @@ -1,5 +1,6 @@ --- - name: Creating the Ironic service and endpoint + become: true kolla_toolbox: module_name: "kolla_keystone_service" module_args: @@ -20,6 +21,7 @@ - {'interface': 'public', 'url': '{{ ironic_public_endpoint }}'} - name: Creating the Ironic project, user, and role + become: true kolla_toolbox: module_name: "kolla_keystone_user" module_args: @@ -34,6 +36,7 @@ when: inventory_hostname in groups['ironic-api'] - name: Creating the Ironic Inspector service and endpoint + become: true kolla_toolbox: module_name: "kolla_keystone_service" module_args: @@ -54,6 +57,7 @@ - {'interface': 'public', 'url': '{{ ironic_inspector_public_endpoint }}'} - name: Creating the Ironic Inspector project, user, and role + become: true kolla_toolbox: module_name: "kolla_keystone_user" module_args: diff --git a/ansible/roles/ironic/tasks/rolling_upgrade.yml b/ansible/roles/ironic/tasks/rolling_upgrade.yml index 2634c2563c..2b502fec1b 100644 --- a/ansible/roles/ironic/tasks/rolling_upgrade.yml +++ b/ansible/roles/ironic/tasks/rolling_upgrade.yml @@ -24,6 +24,7 @@ - name: Running Ironic online data migration vars: ironic_api: "{{ ironic_services['ironic-api'] }}" + become: true kolla_docker: action: "start_container" common_options: "{{ docker_common_options }}" diff --git a/ansible/roles/iscsi/tasks/config.yml b/ansible/roles/iscsi/tasks/config.yml index 11f357aa95..caf0f66b5f 100644 --- a/ansible/roles/iscsi/tasks/config.yml +++ b/ansible/roles/iscsi/tasks/config.yml @@ -36,6 +36,7 @@ - "Restart {{ item.key }} container" - name: Check iscsi containers + become: true kolla_docker: action: "compare_container" common_options: "{{ docker_common_options }}" diff --git a/ansible/roles/iscsi/tasks/precheck.yml b/ansible/roles/iscsi/tasks/precheck.yml index 8e776ba780..f3c0b2f097 100644 --- a/ansible/roles/iscsi/tasks/precheck.yml +++ b/ansible/roles/iscsi/tasks/precheck.yml @@ -1,5 +1,6 @@ --- - name: Get container facts + become: true kolla_container_facts: name: - iscsid diff --git a/ansible/roles/iscsi/tasks/pull.yml b/ansible/roles/iscsi/tasks/pull.yml index 5e09cd5054..cc808b8397 100644 --- a/ansible/roles/iscsi/tasks/pull.yml +++ b/ansible/roles/iscsi/tasks/pull.yml @@ -1,5 +1,6 @@ --- - name: Pulling iscsi images + become: true kolla_docker: action: "pull_image" common_options: "{{ docker_common_options }}" diff --git a/ansible/roles/kafka/tasks/precheck.yml b/ansible/roles/kafka/tasks/precheck.yml index 924d393319..1006df0de7 100644 --- a/ansible/roles/kafka/tasks/precheck.yml +++ b/ansible/roles/kafka/tasks/precheck.yml @@ -1,5 +1,6 @@ --- - name: Get container facts + become: true kolla_container_facts: name: - kafka diff --git a/ansible/roles/karbor/tasks/bootstrap.yml b/ansible/roles/karbor/tasks/bootstrap.yml index 58e67b7d79..0b362e3310 100644 --- a/ansible/roles/karbor/tasks/bootstrap.yml +++ b/ansible/roles/karbor/tasks/bootstrap.yml @@ -1,5 +1,6 @@ --- - name: Creating Karbor database + become: true kolla_toolbox: module_name: mysql_db module_args: @@ -15,6 +16,7 @@ - not use_preconfigured_databases | bool - name: Creating Karbor database user and setting permissions + become: true kolla_toolbox: module_name: mysql_user module_args: diff --git a/ansible/roles/karbor/tasks/precheck.yml b/ansible/roles/karbor/tasks/precheck.yml index 2dff30b47d..624b69ab8d 100644 --- a/ansible/roles/karbor/tasks/precheck.yml +++ b/ansible/roles/karbor/tasks/precheck.yml @@ -1,5 +1,6 @@ --- - name: Get container facts + become: true kolla_container_facts: name: - karbor_api diff --git a/ansible/roles/karbor/tasks/register.yml b/ansible/roles/karbor/tasks/register.yml index b6e31efc3d..e1c33f70d5 100644 --- a/ansible/roles/karbor/tasks/register.yml +++ b/ansible/roles/karbor/tasks/register.yml @@ -1,5 +1,6 @@ --- - name: Creating the Karbor service and endpoint + become: true kolla_toolbox: module_name: "kolla_keystone_service" module_args: @@ -19,6 +20,7 @@ - {'interface': 'public', 'url': '{{ karbor_public_endpoint }}'} - name: Creating the Karbor project, user, and role + become: true kolla_toolbox: module_name: "kolla_keystone_user" module_args: diff --git a/ansible/roles/keystone/tasks/bootstrap.yml b/ansible/roles/keystone/tasks/bootstrap.yml index 093d7966f2..a9eca9cc07 100644 --- a/ansible/roles/keystone/tasks/bootstrap.yml +++ b/ansible/roles/keystone/tasks/bootstrap.yml @@ -1,5 +1,6 @@ --- - name: Creating keystone database + become: true kolla_toolbox: module_name: mysql_db module_args: @@ -15,6 +16,7 @@ - not use_preconfigured_databases | bool - name: Creating Keystone database user and setting permissions + become: true kolla_toolbox: module_name: mysql_user module_args: diff --git a/ansible/roles/keystone/tasks/check.yml b/ansible/roles/keystone/tasks/check.yml index 84531d8886..58e9b42394 100644 --- a/ansible/roles/keystone/tasks/check.yml +++ b/ansible/roles/keystone/tasks/check.yml @@ -1,5 +1,6 @@ --- - name: Keystone sanity checks + become: true kolla_toolbox: module_name: os_auth module_args: diff --git a/ansible/roles/keystone/tasks/init_fernet.yml b/ansible/roles/keystone/tasks/init_fernet.yml index 8c496288a3..09602a6bbf 100644 --- a/ansible/roles/keystone/tasks/init_fernet.yml +++ b/ansible/roles/keystone/tasks/init_fernet.yml @@ -10,6 +10,7 @@ delay: 5 - name: Initialise fernet key authentication + become: true command: "docker exec -t keystone_fernet kolla_keystone_bootstrap {{ keystone_username }} {{ keystone_groupname }}" register: fernet_create changed_when: fernet_create.stdout.find('localhost | SUCCESS => ') != -1 and (fernet_create.stdout.split('localhost | SUCCESS => ')[1]|from_json).changed @@ -20,6 +21,7 @@ delegate_to: "{{ groups['keystone'][0] }}" - name: Run key distribution + become: true command: docker exec -t keystone_fernet /usr/bin/fernet-rotate.sh run_once: True delegate_to: "{{ groups['keystone'][0] }}" diff --git a/ansible/roles/keystone/tasks/precheck.yml b/ansible/roles/keystone/tasks/precheck.yml index e28fa1bc70..f48d8c6f4b 100644 --- a/ansible/roles/keystone/tasks/precheck.yml +++ b/ansible/roles/keystone/tasks/precheck.yml @@ -1,5 +1,6 @@ --- - name: Get container facts + become: true kolla_container_facts: name: - keystone diff --git a/ansible/roles/keystone/tasks/register.yml b/ansible/roles/keystone/tasks/register.yml index c0d7af6776..9915a84cfd 100644 --- a/ansible/roles/keystone/tasks/register.yml +++ b/ansible/roles/keystone/tasks/register.yml @@ -1,5 +1,6 @@ --- - name: Creating admin project, user, role, service, and endpoint + become: true command: docker exec keystone kolla_keystone_bootstrap {{ openstack_auth.username }} {{ openstack_auth.password }} {{ openstack_auth.project_name }} admin {{ keystone_admin_url }} {{ keystone_internal_url }} {{ keystone_public_url }} {{ item }} register: keystone_bootstrap changed_when: (keystone_bootstrap.stdout | from_json).changed @@ -10,6 +11,7 @@ # NOTE(jeffrey4l): Since keystone-manage bootstrap cloud not update the endpoint, # run kolla_keystone_service module again. - name: Creating the Keystone service and endpoint + become: true kolla_toolbox: module_name: "kolla_keystone_service" module_args: @@ -29,6 +31,7 @@ - { interface: public, url: "{{ keystone_public_url }}" } - name: Creating default user role + become: true kolla_toolbox: module_name: "os_keystone_role" module_args: diff --git a/ansible/roles/keystone/tasks/upgrade.yml b/ansible/roles/keystone/tasks/upgrade.yml index 8b2c7c29a2..bdecd9676f 100644 --- a/ansible/roles/keystone/tasks/upgrade.yml +++ b/ansible/roles/keystone/tasks/upgrade.yml @@ -2,6 +2,7 @@ - include_tasks: config.yml - name: Enable log_bin_trust_function_creators function + become: true kolla_toolbox: module_name: mysql_variables module_args: @@ -30,6 +31,7 @@ meta: flush_handlers - name: Disable log_bin_trust_function_creators function + become: true kolla_toolbox: module_name: mysql_variables module_args: diff --git a/ansible/roles/kibana/tasks/precheck.yml b/ansible/roles/kibana/tasks/precheck.yml index 07d480e045..90294ca5f9 100644 --- a/ansible/roles/kibana/tasks/precheck.yml +++ b/ansible/roles/kibana/tasks/precheck.yml @@ -1,5 +1,6 @@ --- - name: Get container facts + become: true kolla_container_facts: name: - kibana diff --git a/ansible/roles/kuryr/tasks/precheck.yml b/ansible/roles/kuryr/tasks/precheck.yml index 35f26c5495..27afba68ff 100644 --- a/ansible/roles/kuryr/tasks/precheck.yml +++ b/ansible/roles/kuryr/tasks/precheck.yml @@ -1,5 +1,6 @@ --- - name: Get container facts + become: true kolla_container_facts: name: - kuryr diff --git a/ansible/roles/kuryr/tasks/register.yml b/ansible/roles/kuryr/tasks/register.yml index ee5de80773..8f4baefdcc 100644 --- a/ansible/roles/kuryr/tasks/register.yml +++ b/ansible/roles/kuryr/tasks/register.yml @@ -1,5 +1,6 @@ --- - name: Creating the Kuryr project, user, and role + become: true kolla_toolbox: module_name: "kolla_keystone_user" module_args: diff --git a/ansible/roles/magnum/tasks/bootstrap.yml b/ansible/roles/magnum/tasks/bootstrap.yml index 8cd2221bcd..c192702222 100644 --- a/ansible/roles/magnum/tasks/bootstrap.yml +++ b/ansible/roles/magnum/tasks/bootstrap.yml @@ -1,5 +1,6 @@ --- - name: Creating Magnum database + become: true kolla_toolbox: module_name: mysql_db module_args: @@ -15,6 +16,7 @@ - not use_preconfigured_databases | bool - name: Creating Magnum database user and setting permissions + become: true kolla_toolbox: module_name: mysql_user module_args: diff --git a/ansible/roles/magnum/tasks/precheck.yml b/ansible/roles/magnum/tasks/precheck.yml index ef115c89ec..c6e33188a6 100644 --- a/ansible/roles/magnum/tasks/precheck.yml +++ b/ansible/roles/magnum/tasks/precheck.yml @@ -1,5 +1,6 @@ --- - name: Get container facts + become: true kolla_container_facts: name: - magnum_api diff --git a/ansible/roles/magnum/tasks/register.yml b/ansible/roles/magnum/tasks/register.yml index 4d615f3267..b0fdd5741b 100644 --- a/ansible/roles/magnum/tasks/register.yml +++ b/ansible/roles/magnum/tasks/register.yml @@ -1,5 +1,6 @@ --- - name: Creating the Magnum service and endpoint + become: true kolla_toolbox: module_name: "kolla_keystone_service" module_args: @@ -19,6 +20,7 @@ - {'interface': 'public', 'url': '{{ magnum_public_endpoint }}'} - name: Creating the Magnum project, user, and role + become: true kolla_toolbox: module_name: "kolla_keystone_user" module_args: @@ -32,6 +34,7 @@ run_once: True - name: Creating Magnum trustee domain + become: true kolla_toolbox: module_name: "os_keystone_domain" module_args: @@ -43,6 +46,7 @@ run_once: True - name: Creating Magnum trustee user + become: true kolla_toolbox: module_name: "os_user" module_args: @@ -54,6 +58,7 @@ run_once: True - name: Creating Magnum trustee user role + become: true kolla_toolbox: module_name: "os_user_role" module_args: diff --git a/ansible/roles/manila/tasks/bootstrap.yml b/ansible/roles/manila/tasks/bootstrap.yml index d55dcce5f6..2a855bde9e 100644 --- a/ansible/roles/manila/tasks/bootstrap.yml +++ b/ansible/roles/manila/tasks/bootstrap.yml @@ -1,5 +1,6 @@ --- - name: Creating Manila database + become: true kolla_toolbox: module_name: mysql_db module_args: @@ -15,6 +16,7 @@ - not use_preconfigured_databases | bool - name: Creating Manila database user and setting permissions + become: true kolla_toolbox: module_name: mysql_user module_args: diff --git a/ansible/roles/manila/tasks/ceph.yml b/ansible/roles/manila/tasks/ceph.yml index eb1870cb7a..1deaf6b0c0 100644 --- a/ansible/roles/manila/tasks/ceph.yml +++ b/ansible/roles/manila/tasks/ceph.yml @@ -10,6 +10,7 @@ become: true - name: Pulling cephx keyring for manila + become: true kolla_ceph_keyring: name: client.manila caps: "{{ ceph_client_manila_keyring_caps }}" diff --git a/ansible/roles/manila/tasks/fix_cephfs_owner.yml b/ansible/roles/manila/tasks/fix_cephfs_owner.yml index ceb76788ad..6c6602c467 100644 --- a/ansible/roles/manila/tasks/fix_cephfs_owner.yml +++ b/ansible/roles/manila/tasks/fix_cephfs_owner.yml @@ -1,5 +1,6 @@ --- - name: Check /tmp/cephfs path + become: true command: "docker exec -u 0 manila_share ls /tmp/cephfs/" register: check_cephfs changed_when: False @@ -7,11 +8,13 @@ run_once: True - name: Create /tmp/cephfs path + become: true command: "docker exec -u 0 manila_share mkdir -p /tmp/cephfs" run_once: True when: check_cephfs.rc != 0 - name: Get monitor dump + become: true command: docker exec manila_share ceph mon dump -c /etc/ceph/ceph.conf --name client.manila -f json register: ceph_monitor_dump changed_when: False @@ -28,12 +31,14 @@ run_once: true - name: Get cephfs secret + become: true command: docker exec manila_share ceph-authtool -p /etc/ceph/ceph.client.manila.keyring -n client.manila register: manila_keyring changed_when: False run_once: True - name: Umount cephfs + become: true command: "docker exec -u 0 manila_share umount /tmp/cephfs/" register: umount_cephfs changed_when: False @@ -41,12 +46,14 @@ run_once: True - name: Mount cephfs + become: true command: "docker exec -u 0 manila_share mount -t ceph {{cephfs_addr}} /tmp/cephfs -o name=manila,secret={{ manila_keyring.stdout }}" register: mount_cephfs changed_when: False run_once: True - name: Check volumes path + become: true command: "docker exec -u 0 manila_share ls /tmp/cephfs/volumes" register: check_volume changed_when: False @@ -54,18 +61,21 @@ run_once: True - name: Create /tmp/cephfs/volumes path + become: true command: "docker exec -u 0 manila_share mkdir /tmp/cephfs/volumes" register: create_volume run_once: True when: check_volume.rc != 0 - name: Change the owner and group of /tmp/cephfs/volumes + become: true command: "docker exec -u 0 manila_share chown manila:manila /tmp/cephfs/volumes" register: chown_volume run_once: True when: check_volume.rc != 0 and create_volume.rc == 0 - name: Umount cephfs + become: true command: "docker exec -u 0 manila_share umount /tmp/cephfs" changed_when: False register: umount_cephfs diff --git a/ansible/roles/manila/tasks/precheck.yml b/ansible/roles/manila/tasks/precheck.yml index 87e6d95b0d..c5b0a4eca8 100644 --- a/ansible/roles/manila/tasks/precheck.yml +++ b/ansible/roles/manila/tasks/precheck.yml @@ -1,5 +1,6 @@ --- - name: Get container facts + become: true kolla_container_facts: name: - manila_api diff --git a/ansible/roles/manila/tasks/register.yml b/ansible/roles/manila/tasks/register.yml index ac54525c58..46850d17a7 100644 --- a/ansible/roles/manila/tasks/register.yml +++ b/ansible/roles/manila/tasks/register.yml @@ -1,5 +1,6 @@ --- - name: Creating the Manila service and endpoint + become: true kolla_toolbox: module_name: "kolla_keystone_service" module_args: @@ -22,6 +23,7 @@ - {'interface': 'public', 'url': '{{ manila_v2_public_endpoint }}', 'service_name': 'manilav2', 'service_type': 'sharev2'} - name: Creating the Manila project, user and role + become: true kolla_toolbox: module_name: "kolla_keystone_user" module_args: diff --git a/ansible/roles/mariadb/tasks/backup.yml b/ansible/roles/mariadb/tasks/backup.yml index 601d5b3012..f6ad91c34c 100644 --- a/ansible/roles/mariadb/tasks/backup.yml +++ b/ansible/roles/mariadb/tasks/backup.yml @@ -1,5 +1,6 @@ --- - name: Taking {{ mariadb_backup_type }} database backup via XtraBackup + become: true kolla_docker: action: "start_container" common_options: "{{ docker_common_options }}" diff --git a/ansible/roles/mariadb/tasks/check.yml b/ansible/roles/mariadb/tasks/check.yml index e09d4bddae..66c5299e82 100644 --- a/ansible/roles/mariadb/tasks/check.yml +++ b/ansible/roles/mariadb/tasks/check.yml @@ -1,5 +1,6 @@ --- - name: Waiting for MariaDB service to be ready through VIP + become: true command: "docker exec mariadb mysql -h {{ database_address }} -P {{ database_port }} -u haproxy -e 'show databases;'" register: result until: result is success diff --git a/ansible/roles/mariadb/tasks/precheck.yml b/ansible/roles/mariadb/tasks/precheck.yml index 0f9fa175b1..877c988456 100644 --- a/ansible/roles/mariadb/tasks/precheck.yml +++ b/ansible/roles/mariadb/tasks/precheck.yml @@ -1,5 +1,6 @@ --- - name: Get container facts + become: true kolla_container_facts: name: - mariadb diff --git a/ansible/roles/mariadb/tasks/recover_cluster.yml b/ansible/roles/mariadb/tasks/recover_cluster.yml index 1d1c340feb..1181b1a7d8 100644 --- a/ansible/roles/mariadb/tasks/recover_cluster.yml +++ b/ansible/roles/mariadb/tasks/recover_cluster.yml @@ -48,6 +48,7 @@ action: "stop_container" - name: Copying MariaDB log file to /tmp + become: true shell: "docker cp {{ mariadb_service.container_name }}:/var/log/kolla/mariadb/mariadb.log /tmp/mariadb_tmp.log" - name: Get MariaDB wsrep recovery seqno @@ -95,6 +96,7 @@ changed_when: true - name: Copying grastate.dat file from MariaDB container in bootstrap host + become: true command: "docker cp {{ mariadb_service.container_name }}:/var/lib/mysql/grastate.dat /tmp/kolla_mariadb_grastate.dat" changed_when: false when: @@ -112,6 +114,7 @@ - bootstrap_host == inventory_hostname - name: Copying grastate.dat file to mariadb container + become: true command: docker cp /tmp/kolla_mariadb_grastate.dat mariadb:/var/lib/mysql/grastate.dat changed_when: false when: @@ -152,6 +155,7 @@ - bootstrap_host == inventory_hostname - name: Set first MariaDB container as primary + become: true shell: "docker exec {{ mariadb_service.container_name }} mysql -uroot -p{{ database_password }} -e \"SET GLOBAL wsrep_provider_options='pc.bootstrap=yes';\"" no_log: True when: diff --git a/ansible/roles/mariadb/tasks/register.yml b/ansible/roles/mariadb/tasks/register.yml index bdcd12eb2e..691224b3b4 100644 --- a/ansible/roles/mariadb/tasks/register.yml +++ b/ansible/roles/mariadb/tasks/register.yml @@ -1,5 +1,6 @@ --- - name: Creating haproxy mysql user + become: true kolla_toolbox: module_name: mysql_user module_args: @@ -14,6 +15,7 @@ run_once: True - name: Creating the Percona XtraBackup database + become: true kolla_toolbox: module_name: mysql_db module_args: @@ -27,6 +29,7 @@ - enable_xtrabackup | bool - name: Creating database backup user and setting permissions + become: true kolla_toolbox: module_name: mysql_user module_args: @@ -44,6 +47,7 @@ - enable_xtrabackup | bool - name: Granting permissions on XtraBackup database to backup user + become: true kolla_toolbox: module_name: mysql_user module_args: diff --git a/ansible/roles/memcached/tasks/precheck.yml b/ansible/roles/memcached/tasks/precheck.yml index e9941fee6b..51334a5797 100644 --- a/ansible/roles/memcached/tasks/precheck.yml +++ b/ansible/roles/memcached/tasks/precheck.yml @@ -1,5 +1,6 @@ --- - name: Get container facts + become: true kolla_container_facts: name: - memcached diff --git a/ansible/roles/mistral/tasks/bootstrap.yml b/ansible/roles/mistral/tasks/bootstrap.yml index 43cd92426d..59160f3af8 100644 --- a/ansible/roles/mistral/tasks/bootstrap.yml +++ b/ansible/roles/mistral/tasks/bootstrap.yml @@ -1,5 +1,6 @@ --- - name: Creating Mistral database + become: true kolla_toolbox: module_name: mysql_db module_args: @@ -15,6 +16,7 @@ - not use_preconfigured_databases | bool - name: Creating Mistral database user and setting permissions + become: true kolla_toolbox: module_name: mysql_user module_args: diff --git a/ansible/roles/mistral/tasks/precheck.yml b/ansible/roles/mistral/tasks/precheck.yml index d80d79af41..4a2a76b3dc 100644 --- a/ansible/roles/mistral/tasks/precheck.yml +++ b/ansible/roles/mistral/tasks/precheck.yml @@ -1,5 +1,6 @@ --- - name: Get container facts + become: true kolla_container_facts: name: - mistral_api diff --git a/ansible/roles/mistral/tasks/register.yml b/ansible/roles/mistral/tasks/register.yml index 677fabfb5a..d057721b4c 100644 --- a/ansible/roles/mistral/tasks/register.yml +++ b/ansible/roles/mistral/tasks/register.yml @@ -1,5 +1,6 @@ --- - name: Creating the Mistral service and endpoint + become: true kolla_toolbox: module_name: "kolla_keystone_service" module_args: @@ -19,6 +20,7 @@ - {'interface': 'public', 'url': '{{ mistral_public_endpoint }}'} - name: Creating the Mistral project, user, and role + become: true kolla_toolbox: module_name: "kolla_keystone_user" module_args: diff --git a/ansible/roles/monasca/handlers/main.yml b/ansible/roles/monasca/handlers/main.yml index 75cd51c277..50c19637e8 100644 --- a/ansible/roles/monasca/handlers/main.yml +++ b/ansible/roles/monasca/handlers/main.yml @@ -51,6 +51,7 @@ service: "{{ monasca_services[service_name] }}" config_json: "{{ monasca_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}" monasca_log_transformer_container: "{{ check_monasca_containers.results|selectattr('item.key', 'equalto', service_name)|first }}" + become: true kolla_docker: action: "recreate_or_restart_container" common_options: "{{ docker_common_options }}" @@ -72,6 +73,7 @@ service: "{{ monasca_services[service_name] }}" config_json: "{{ monasca_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}" monasca_log_persister_container: "{{ check_monasca_containers.results|selectattr('item.key', 'equalto', service_name)|first }}" + become: true kolla_docker: action: "recreate_or_restart_container" common_options: "{{ docker_common_options }}" @@ -94,6 +96,7 @@ service: "{{ monasca_services[service_name] }}" config_json: "{{ monasca_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}" monasca_log_metrics_container: "{{ check_monasca_containers.results|selectattr('item.key', 'equalto', service_name)|first }}" + become: true kolla_docker: action: "recreate_or_restart_container" common_options: "{{ docker_common_options }}" @@ -115,6 +118,7 @@ service: "{{ monasca_services[service_name] }}" config_json: "{{ monasca_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}" monasca_thresh_container: "{{ check_monasca_containers.results|selectattr('item.key', 'equalto', service_name)|first }}" + become: true kolla_docker: action: "recreate_or_restart_container" common_options: "{{ docker_common_options }}" @@ -137,6 +141,7 @@ service: "{{ monasca_services[service_name] }}" config_json: "{{ monasca_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}" monasca_notification_container: "{{ check_monasca_containers.results|selectattr('item.key', 'equalto', service_name)|first }}" + become: true kolla_docker: action: "recreate_or_restart_container" common_options: "{{ docker_common_options }}" @@ -159,6 +164,7 @@ service: "{{ monasca_services[service_name] }}" config_json: "{{ monasca_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}" monasca_persister_container: "{{ check_monasca_containers.results|selectattr('item.key', 'equalto', service_name)|first }}" + become: true kolla_docker: action: "recreate_or_restart_container" common_options: "{{ docker_common_options }}" @@ -180,6 +186,7 @@ service: "{{ monasca_services[service_name] }}" config_json: "{{ monasca_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}" monasca_agent_collector_container: "{{ check_monasca_containers.results|selectattr('item.key', 'equalto', service_name)|first }}" + become: true kolla_docker: action: "recreate_or_restart_container" common_options: "{{ docker_common_options }}" @@ -203,6 +210,7 @@ service: "{{ monasca_services[service_name] }}" config_json: "{{ monasca_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}" monasca_agent_forwarder_container: "{{ check_monasca_containers.results|selectattr('item.key', 'equalto', service_name)|first }}" + become: true kolla_docker: action: "recreate_or_restart_container" common_options: "{{ docker_common_options }}" @@ -224,6 +232,7 @@ service: "{{ monasca_services[service_name] }}" config_json: "{{ monasca_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}" monasca_agent_statsd_container: "{{ check_monasca_containers.results|selectattr('item.key', 'equalto', service_name)|first }}" + become: true kolla_docker: action: "recreate_or_restart_container" common_options: "{{ docker_common_options }}" diff --git a/ansible/roles/monasca/tasks/bootstrap.yml b/ansible/roles/monasca/tasks/bootstrap.yml index 9e6ba22a5b..a07b6efb6f 100644 --- a/ansible/roles/monasca/tasks/bootstrap.yml +++ b/ansible/roles/monasca/tasks/bootstrap.yml @@ -1,5 +1,6 @@ --- - name: Creating monasca database + become: true kolla_toolbox: module_name: mysql_db module_args: @@ -18,6 +19,7 @@ - not use_preconfigured_databases | bool - name: Creating monasca database user and setting permissions + become: true kolla_toolbox: module_name: mysql_user module_args: @@ -45,6 +47,7 @@ # and set a default retention policy. # [1] https://github.com/influxdata/influxdb-python#influxdb-pre-v110-users - name: List influxdb databases + become: true command: "docker exec influxdb influx -host {{ monasca_influxdb_address }} -port {{ monasca_influxdb_http_port }} -execute 'show databases'" run_once: True delegate_to: "{{ groups['influxdb'][0] }}" @@ -52,6 +55,7 @@ changed_when: False - name: Creating monasca influxdb database + become: true command: "docker exec influxdb influx -host {{ monasca_influxdb_address }} -port {{ monasca_influxdb_http_port }} -execute 'CREATE DATABASE {{ monasca_influxdb_name }} WITH DURATION {{ monasca_influxdb_retention_policy.duration }} REPLICATION {{ monasca_influxdb_retention_policy.replication_count }} NAME {{ monasca_influxdb_retention_policy.name }}'" run_once: True delegate_to: "{{ groups['influxdb'][0] }}" diff --git a/ansible/roles/monasca/tasks/precheck.yml b/ansible/roles/monasca/tasks/precheck.yml index 56f77a7b20..ef19091d09 100644 --- a/ansible/roles/monasca/tasks/precheck.yml +++ b/ansible/roles/monasca/tasks/precheck.yml @@ -1,5 +1,6 @@ --- - name: Get container facts + become: true kolla_container_facts: name: "{{ monasca_services.values()|map(attribute='container_name')|list }}" register: container_facts diff --git a/ansible/roles/monasca/tasks/register.yml b/ansible/roles/monasca/tasks/register.yml index 1f8bb2ae8e..fae82631b5 100644 --- a/ansible/roles/monasca/tasks/register.yml +++ b/ansible/roles/monasca/tasks/register.yml @@ -1,5 +1,6 @@ --- - name: Creating monasca-api service and endpoints + become: true kolla_toolbox: module_name: "kolla_keystone_service" module_args: @@ -19,6 +20,7 @@ - {'interface': 'public', 'url': '{{ monasca_api_public_endpoint }}'} - name: Creating monasca-log-api service and endpoints + become: true kolla_toolbox: module_name: "kolla_keystone_service" module_args: @@ -38,6 +40,7 @@ - {'interface': 'public', 'url': '{{ monasca_log_api_public_endpoint }}'} - name: Creating the monasca keystone user + become: true kolla_toolbox: module_name: "kolla_keystone_user" module_args: @@ -51,6 +54,7 @@ run_once: True - name: Creating monasca roles + become: true kolla_toolbox: module_name: os_keystone_role module_args: @@ -66,6 +70,7 @@ - "{{ monasca_delegate_authorized_roles }}" - name: Creating the monasca agent user + become: true kolla_toolbox: module_name: "kolla_keystone_user" module_args: diff --git a/ansible/roles/mongodb/handlers/main.yml b/ansible/roles/mongodb/handlers/main.yml index 10f5ac1ae7..a1210e67fa 100644 --- a/ansible/roles/mongodb/handlers/main.yml +++ b/ansible/roles/mongodb/handlers/main.yml @@ -30,6 +30,7 @@ wait_for: host={{ hostvars[inventory_hostname]['ansible_' + api_interface]['ipv4']['address'] }} port={{ mongodb_port }} - name: Checking current replication status + become: true command: "docker exec -t mongodb mongo {{ hostvars[inventory_hostname]['ansible_' + api_interface]['ipv4']['address'] }} --quiet --eval rs.status().ok" register: mongodb_replication_status changed_when: false diff --git a/ansible/roles/mongodb/tasks/bootstrap_cluster.yml b/ansible/roles/mongodb/tasks/bootstrap_cluster.yml index eeb0a15ff4..487edfc522 100644 --- a/ansible/roles/mongodb/tasks/bootstrap_cluster.yml +++ b/ansible/roles/mongodb/tasks/bootstrap_cluster.yml @@ -4,6 +4,7 @@ run_once: True - name: Bootstrapping the mongodb replication set + become: true command: "docker exec -t mongodb mongo {{ api_interface_address }} --quiet --eval '{{ lookup('file','/tmp/mongodb_bootstrap_replication_set.js') }}'" register: bootstrap_mongodb_cluster failed_when: (bootstrap_mongodb_cluster.stdout|from_json).ok != 1 diff --git a/ansible/roles/mongodb/tasks/precheck.yml b/ansible/roles/mongodb/tasks/precheck.yml index 316e3c5635..d093befa71 100644 --- a/ansible/roles/mongodb/tasks/precheck.yml +++ b/ansible/roles/mongodb/tasks/precheck.yml @@ -1,5 +1,6 @@ --- - name: Get container facts + become: true kolla_container_facts: name: - mongodb diff --git a/ansible/roles/multipathd/tasks/config.yml b/ansible/roles/multipathd/tasks/config.yml index ce4e7de548..3e43c0514e 100644 --- a/ansible/roles/multipathd/tasks/config.yml +++ b/ansible/roles/multipathd/tasks/config.yml @@ -48,6 +48,7 @@ - Restart multipathd container - name: Check multipathd containers + become: true kolla_docker: action: "compare_container" common_options: "{{ docker_common_options }}" diff --git a/ansible/roles/murano/tasks/bootstrap.yml b/ansible/roles/murano/tasks/bootstrap.yml index 3a26ab11c8..33d63f19fa 100644 --- a/ansible/roles/murano/tasks/bootstrap.yml +++ b/ansible/roles/murano/tasks/bootstrap.yml @@ -1,5 +1,6 @@ --- - name: Creating Murano database + become: true kolla_toolbox: module_name: mysql_db module_args: @@ -15,6 +16,7 @@ - not use_preconfigured_databases | bool - name: Creating Murano database user and setting permissions + become: true kolla_toolbox: module_name: mysql_user module_args: diff --git a/ansible/roles/murano/tasks/import_library_packages.yml b/ansible/roles/murano/tasks/import_library_packages.yml index 9666d29f41..13b5310043 100644 --- a/ansible/roles/murano/tasks/import_library_packages.yml +++ b/ansible/roles/murano/tasks/import_library_packages.yml @@ -13,6 +13,7 @@ delegate_to: "{{ groups['murano-api'][0] }}" - name: Checking if Murano core and applications library packages exist + become: true command: > docker exec murano_api murano --os-username {{ openstack_auth.username }} @@ -27,6 +28,7 @@ delegate_to: "{{ groups['murano-api'][0] }}" - name: Importing Murano core library package + become: true command: > docker exec murano_api murano --os-username {{ openstack_auth.username }} @@ -41,6 +43,7 @@ - status.stdout.find("io.murano") == -1 or kolla_action == "upgrade" - name: Importing Murano applications library package + become: true command: > docker exec murano_api murano --os-username {{ openstack_auth.username }} diff --git a/ansible/roles/murano/tasks/precheck.yml b/ansible/roles/murano/tasks/precheck.yml index f070e4756d..17019d125a 100644 --- a/ansible/roles/murano/tasks/precheck.yml +++ b/ansible/roles/murano/tasks/precheck.yml @@ -1,5 +1,6 @@ --- - name: Get container facts + become: true kolla_container_facts: name: - murano_api diff --git a/ansible/roles/murano/tasks/register.yml b/ansible/roles/murano/tasks/register.yml index addfc3d590..5945c1a42c 100644 --- a/ansible/roles/murano/tasks/register.yml +++ b/ansible/roles/murano/tasks/register.yml @@ -1,5 +1,6 @@ --- - name: Creating the Murano service and endpoint + become: true kolla_toolbox: module_name: "kolla_keystone_service" module_args: @@ -19,6 +20,7 @@ - {'interface': 'public', 'url': '{{ murano_public_endpoint }}'} - name: Creating the Murano project, user, and role + become: true kolla_toolbox: module_name: "kolla_keystone_user" module_args: diff --git a/ansible/roles/neutron/tasks/bootstrap.yml b/ansible/roles/neutron/tasks/bootstrap.yml index 837af0a27f..e9c43c7e9d 100644 --- a/ansible/roles/neutron/tasks/bootstrap.yml +++ b/ansible/roles/neutron/tasks/bootstrap.yml @@ -1,5 +1,6 @@ --- - name: Creating Neutron database + become: true kolla_toolbox: module_name: mysql_db module_args: @@ -15,6 +16,7 @@ - not use_preconfigured_databases | bool - name: Creating Neutron database user and setting permissions + become: true kolla_toolbox: module_name: mysql_user module_args: diff --git a/ansible/roles/neutron/tasks/precheck.yml b/ansible/roles/neutron/tasks/precheck.yml index 19ecdab411..c9983262ec 100644 --- a/ansible/roles/neutron/tasks/precheck.yml +++ b/ansible/roles/neutron/tasks/precheck.yml @@ -1,5 +1,6 @@ --- - name: Get container facts + become: true kolla_container_facts: name: - neutron_server diff --git a/ansible/roles/neutron/tasks/register.yml b/ansible/roles/neutron/tasks/register.yml index 0ca2d4179a..7938774fb2 100644 --- a/ansible/roles/neutron/tasks/register.yml +++ b/ansible/roles/neutron/tasks/register.yml @@ -1,5 +1,6 @@ --- - name: Creating the Neutron service and endpoint + become: true kolla_toolbox: module_name: "kolla_keystone_service" module_args: @@ -19,6 +20,7 @@ - {'interface': 'public', 'url': '{{ neutron_public_endpoint }}'} - name: Creating the Neutron project, user, and role + become: true kolla_toolbox: module_name: "kolla_keystone_user" module_args: diff --git a/ansible/roles/neutron/tasks/rolling_upgrade.yml b/ansible/roles/neutron/tasks/rolling_upgrade.yml index 9e76b788a7..c95decc84b 100644 --- a/ansible/roles/neutron/tasks/rolling_upgrade.yml +++ b/ansible/roles/neutron/tasks/rolling_upgrade.yml @@ -9,6 +9,7 @@ - name: Running Neutron database expand container vars: neutron_server: "{{ neutron_services['neutron-server'] }}" + become: true kolla_docker: action: "start_container" common_options: "{{ docker_common_options }}" @@ -66,6 +67,7 @@ - name: Running Neutron database contract container vars: neutron_server: "{{ neutron_services['neutron-server'] }}" + become: true kolla_docker: action: "start_container" common_options: "{{ docker_common_options }}" diff --git a/ansible/roles/nova/tasks/bootstrap.yml b/ansible/roles/nova/tasks/bootstrap.yml index 8f43f8fb5d..fadab3e171 100644 --- a/ansible/roles/nova/tasks/bootstrap.yml +++ b/ansible/roles/nova/tasks/bootstrap.yml @@ -1,5 +1,6 @@ --- - name: Creating Nova databases + become: true kolla_toolbox: module_name: mysql_db module_args: @@ -19,6 +20,7 @@ - not use_preconfigured_databases | bool - name: Creating Nova databases user and setting permissions + become: true kolla_toolbox: module_name: mysql_user module_args: diff --git a/ansible/roles/nova/tasks/ceph.yml b/ansible/roles/nova/tasks/ceph.yml index 36a6bafc6f..e4ee741840 100644 --- a/ansible/roles/nova/tasks/ceph.yml +++ b/ansible/roles/nova/tasks/ceph.yml @@ -38,6 +38,7 @@ pool_application: "rbd" - name: Pulling cephx keyring for nova + become: true kolla_ceph_keyring: name: client.nova caps: "{{ ceph_client_nova_keyring_caps }}" @@ -46,6 +47,7 @@ run_once: True - name: Pulling cinder cephx keyring for libvirt + become: true command: docker exec ceph_mon ceph auth get-key client.cinder register: cinder_cephx_raw_key delegate_to: "{{ groups['ceph-mon'][0] }}" diff --git a/ansible/roles/nova/tasks/discover_computes.yml b/ansible/roles/nova/tasks/discover_computes.yml index 3035020fbc..676a964259 100644 --- a/ansible/roles/nova/tasks/discover_computes.yml +++ b/ansible/roles/nova/tasks/discover_computes.yml @@ -1,5 +1,6 @@ --- - name: Waiting for nova-compute service up + become: true command: > docker exec kolla_toolbox openstack --os-interface internal @@ -22,6 +23,7 @@ - nova_compute_services.stdout | from_json | length != 0 - name: Discovering nova hosts + become: true command: > docker exec nova_api nova-manage cell_v2 discover_hosts --by-service register: discover_hosts @@ -30,6 +32,7 @@ delegate_to: "{{ groups['nova-api'][0] }}" - name: Refresh cell cache in nova scheduler + become: true command: docker kill --signal HUP nova_scheduler changed_when: False when: diff --git a/ansible/roles/nova/tasks/precheck.yml b/ansible/roles/nova/tasks/precheck.yml index 8a639cb012..3978379dfc 100644 --- a/ansible/roles/nova/tasks/precheck.yml +++ b/ansible/roles/nova/tasks/precheck.yml @@ -1,5 +1,6 @@ --- - name: Get container facts + become: true kolla_container_facts: name: - nova_api diff --git a/ansible/roles/nova/tasks/register.yml b/ansible/roles/nova/tasks/register.yml index e0d0acb9c6..4c540f8f97 100644 --- a/ansible/roles/nova/tasks/register.yml +++ b/ansible/roles/nova/tasks/register.yml @@ -1,5 +1,6 @@ --- - name: Creating the Nova service and endpoint + become: true kolla_toolbox: module_name: "kolla_keystone_service" module_args: @@ -22,6 +23,7 @@ - {'name': 'nova', 'service_type': 'compute', 'interface': 'public', 'url': '{{ nova_public_endpoint }}', 'description': 'OpenStack Compute Service'} - name: Creating the Nova project, user, and role + become: true kolla_toolbox: module_name: "kolla_keystone_user" module_args: diff --git a/ansible/roles/octavia/tasks/bootstrap.yml b/ansible/roles/octavia/tasks/bootstrap.yml index 0b4fc8b078..ce44d80789 100644 --- a/ansible/roles/octavia/tasks/bootstrap.yml +++ b/ansible/roles/octavia/tasks/bootstrap.yml @@ -1,5 +1,6 @@ --- - name: Creating Octavia database + become: true kolla_toolbox: module_name: mysql_db module_args: @@ -15,6 +16,7 @@ - not use_preconfigured_databases | bool - name: Creating Octavia database user and setting permissions + become: true kolla_toolbox: module_name: mysql_user module_args: diff --git a/ansible/roles/octavia/tasks/precheck.yml b/ansible/roles/octavia/tasks/precheck.yml index 3815736181..f6f9e55739 100644 --- a/ansible/roles/octavia/tasks/precheck.yml +++ b/ansible/roles/octavia/tasks/precheck.yml @@ -1,5 +1,6 @@ --- - name: Get container facts + become: true kolla_container_facts: name: - octavia_api diff --git a/ansible/roles/octavia/tasks/register.yml b/ansible/roles/octavia/tasks/register.yml index 7d0f42da2e..c89cf0c1ff 100644 --- a/ansible/roles/octavia/tasks/register.yml +++ b/ansible/roles/octavia/tasks/register.yml @@ -1,5 +1,6 @@ --- - name: Creating the Octavia service and endpoint + become: true kolla_toolbox: module_name: "kolla_keystone_service" module_args: @@ -19,6 +20,7 @@ - {'interface': 'public', 'url': '{{ octavia_public_endpoint }}'} - name: Creating the Octavia project, user, and role + become: true kolla_toolbox: module_name: "kolla_keystone_user" module_args: @@ -32,6 +34,7 @@ run_once: True - name: Adding octavia user into admin project + become: true kolla_toolbox: module_name: "os_user_role" module_args: @@ -43,6 +46,7 @@ run_once: True - name: Adding octavia related roles + become: true kolla_toolbox: module_name: "os_keystone_role" module_args: diff --git a/ansible/roles/opendaylight/tasks/precheck.yml b/ansible/roles/opendaylight/tasks/precheck.yml index 260e774f4e..b7e7018a96 100644 --- a/ansible/roles/opendaylight/tasks/precheck.yml +++ b/ansible/roles/opendaylight/tasks/precheck.yml @@ -1,5 +1,6 @@ --- - name: Get container facts + become: true kolla_container_facts: name: - opendaylight diff --git a/ansible/roles/openvswitch/handlers/main.yml b/ansible/roles/openvswitch/handlers/main.yml index 4342d0c142..7349a567f5 100644 --- a/ansible/roles/openvswitch/handlers/main.yml +++ b/ansible/roles/openvswitch/handlers/main.yml @@ -24,6 +24,7 @@ - Waiting for openvswitch_db service to be ready - name: Waiting for openvswitch_db service to be ready + become: true command: docker exec openvswitch_db ovs-vsctl --no-wait show register: check_result until: check_result is success diff --git a/ansible/roles/openvswitch/tasks/ensure-ovs-bridge.yml b/ansible/roles/openvswitch/tasks/ensure-ovs-bridge.yml index 818a1e487e..ebd034de41 100644 --- a/ansible/roles/openvswitch/tasks/ensure-ovs-bridge.yml +++ b/ansible/roles/openvswitch/tasks/ensure-ovs-bridge.yml @@ -1,5 +1,6 @@ --- - name: Ensuring OVS bridge is properly setup + become: true command: docker exec openvswitch_db /usr/local/bin/kolla_ensure_openvswitch_configured {{ item.0 }} {{ item.1 }} register: status changed_when: status.stdout.find('changed') != -1 diff --git a/ansible/roles/openvswitch/tasks/precheck.yml b/ansible/roles/openvswitch/tasks/precheck.yml index af938f4552..8a19c0cd3f 100644 --- a/ansible/roles/openvswitch/tasks/precheck.yml +++ b/ansible/roles/openvswitch/tasks/precheck.yml @@ -1,5 +1,6 @@ --- - name: Get container facts + become: true kolla_container_facts: name: - openvswitch_db diff --git a/ansible/roles/ovs-dpdk/handlers/main.yml b/ansible/roles/ovs-dpdk/handlers/main.yml index d6f0db0653..2fe79959d3 100644 --- a/ansible/roles/ovs-dpdk/handlers/main.yml +++ b/ansible/roles/ovs-dpdk/handlers/main.yml @@ -31,6 +31,7 @@ vars: service_name: "ovsdpdk-db" service: "{{ ovsdpdk_services[service_name] }}" + become: true command: docker exec "{{ service.container_name }}" ovs-vsctl --no-wait show register: check_result until: check_result is success @@ -42,6 +43,7 @@ vars: service_name: "ovsdpdk-db" service: "{{ ovsdpdk_services[service_name] }}" + become: true command: "docker exec {{ service.container_name }} /bin/sh -c 'CONFIG_FILE={{ container_config_directory }}/ovs-dpdkctl.conf {{ container_config_directory }}/ovs-dpdkctl.sh init'" register: status changed_when: status.stdout.find('changed') != -1 @@ -79,6 +81,7 @@ vars: service_name: "ovsdpdk-db" service: "{{ ovsdpdk_services[service_name] }}" + become: true command: "docker exec {{ service.container_name }} /bin/sh -c 'CONFIG_FILE={{ container_config_directory }}/ovs-dpdkctl.conf {{ container_config_directory }}/ovs-dpdkctl.sh init'" register: status changed_when: status.stdout.find('changed') != -1 diff --git a/ansible/roles/panko/tasks/bootstrap.yml b/ansible/roles/panko/tasks/bootstrap.yml index 5ac8915727..8531ec901c 100644 --- a/ansible/roles/panko/tasks/bootstrap.yml +++ b/ansible/roles/panko/tasks/bootstrap.yml @@ -1,5 +1,6 @@ --- - name: Creating Panko MongoDB database + become: true command: docker exec -t mongodb mongo --host {{ mongodb_replication_set_name }}/{{ panko_database_mongodb_address }} --eval 'db = db.getSiblingDB("{{ panko_database_name }}"); db.createUser({user':' "{{ panko_database_user }}", pwd':' "{{ panko_database_password }}", roles':' [ "readWrite", "dbAdmin" ]})' register: mongodb_panko_database run_once: true @@ -10,6 +11,7 @@ - panko_database_type == "mongodb" - name: Creating Panko mysql database + become: true kolla_toolbox: module_name: mysql_db module_args: @@ -26,6 +28,7 @@ - panko_database_type == "mysql" - name: Creating Panko mysql database user and setting permissions + become: true kolla_toolbox: module_name: mysql_user module_args: diff --git a/ansible/roles/panko/tasks/precheck.yml b/ansible/roles/panko/tasks/precheck.yml index 97fcc42654..097211c15c 100644 --- a/ansible/roles/panko/tasks/precheck.yml +++ b/ansible/roles/panko/tasks/precheck.yml @@ -1,5 +1,6 @@ --- - name: Get container facts + become: true kolla_container_facts: name: - panko_api diff --git a/ansible/roles/panko/tasks/register.yml b/ansible/roles/panko/tasks/register.yml index 2247d3ada7..579da88f44 100644 --- a/ansible/roles/panko/tasks/register.yml +++ b/ansible/roles/panko/tasks/register.yml @@ -1,5 +1,6 @@ --- - name: Creating the panko service and endpoint + become: true kolla_toolbox: module_name: "kolla_keystone_service" module_args: @@ -19,6 +20,7 @@ - {'interface': 'public', 'url': '{{ panko_public_endpoint }}'} - name: Creating the panko project, user, and role + become: true kolla_toolbox: module_name: "kolla_keystone_user" module_args: diff --git a/ansible/roles/placement/tasks/bootstrap.yml b/ansible/roles/placement/tasks/bootstrap.yml index 922f54966c..5f94280b57 100644 --- a/ansible/roles/placement/tasks/bootstrap.yml +++ b/ansible/roles/placement/tasks/bootstrap.yml @@ -1,5 +1,6 @@ --- - name: Creating placement databases + become: true kolla_toolbox: module_name: mysql_db module_args: @@ -15,6 +16,7 @@ - not use_preconfigured_databases | bool - name: Creating placement databases user and setting permissions + become: true kolla_toolbox: module_name: mysql_user module_args: diff --git a/ansible/roles/placement/tasks/precheck.yml b/ansible/roles/placement/tasks/precheck.yml index dbb012036f..8454f5266a 100644 --- a/ansible/roles/placement/tasks/precheck.yml +++ b/ansible/roles/placement/tasks/precheck.yml @@ -1,5 +1,6 @@ --- - name: Get container facts + become: true kolla_container_facts: name: - placement_api diff --git a/ansible/roles/placement/tasks/register.yml b/ansible/roles/placement/tasks/register.yml index e611cea6da..3ccd87c404 100644 --- a/ansible/roles/placement/tasks/register.yml +++ b/ansible/roles/placement/tasks/register.yml @@ -1,5 +1,6 @@ --- - name: Creating the placement service and endpoint + become: true kolla_toolbox: module_name: "kolla_keystone_service" module_args: @@ -19,6 +20,7 @@ - {'name': 'placement', 'service_type': 'placement', 'interface': 'public', 'url': '{{ placement_public_endpoint }}', 'description': 'Placement Service'} - name: Creating the placement project, user, and role + become: true kolla_toolbox: module_name: "kolla_keystone_user" module_args: diff --git a/ansible/roles/prechecks/tasks/service_checks.yml b/ansible/roles/prechecks/tasks/service_checks.yml index 9ca8e160b7..8a295f93be 100644 --- a/ansible/roles/prechecks/tasks/service_checks.yml +++ b/ansible/roles/prechecks/tasks/service_checks.yml @@ -1,5 +1,6 @@ --- - name: Checking Docker version + become: true command: docker --version register: result changed_when: false diff --git a/ansible/roles/prometheus/handlers/main.yml b/ansible/roles/prometheus/handlers/main.yml index 300927bb2e..0ae42f1b9d 100644 --- a/ansible/roles/prometheus/handlers/main.yml +++ b/ansible/roles/prometheus/handlers/main.yml @@ -113,6 +113,7 @@ service: "{{ prometheus_services[service_name] }}" config_json: "{{ prometheus_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}" prometheus_container: "{{ check_prometheus_containers.results|selectattr('item.key', 'equalto', service_name)|first }}" + become: true kolla_docker: action: "recreate_or_restart_container" common_options: "{{ docker_common_options }}" @@ -133,6 +134,7 @@ service: "{{ prometheus_services[service_name] }}" config_json: "{{ prometheus_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}" prometheus_container: "{{ check_prometheus_containers.results|selectattr('item.key', 'equalto', service_name)|first }}" + become: true kolla_docker: action: "recreate_or_restart_container" common_options: "{{ docker_common_options }}" @@ -154,6 +156,7 @@ service: "{{ prometheus_services[service_name] }}" config_json: "{{ prometheus_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}" prometheus_container: "{{ check_prometheus_containers.results|selectattr('item.key', 'equalto', service_name)|first }}" + become: true kolla_docker: action: "recreate_or_restart_container" common_options: "{{ docker_common_options }}" diff --git a/ansible/roles/prometheus/tasks/bootstrap.yml b/ansible/roles/prometheus/tasks/bootstrap.yml index 512fbcb86a..7447eebdff 100644 --- a/ansible/roles/prometheus/tasks/bootstrap.yml +++ b/ansible/roles/prometheus/tasks/bootstrap.yml @@ -1,5 +1,6 @@ --- - name: Creating prometheus database user and setting permissions + become: true kolla_toolbox: module_name: mysql_user module_args: diff --git a/ansible/roles/prometheus/tasks/precheck.yml b/ansible/roles/prometheus/tasks/precheck.yml index a9290ade1e..058278cf42 100644 --- a/ansible/roles/prometheus/tasks/precheck.yml +++ b/ansible/roles/prometheus/tasks/precheck.yml @@ -1,5 +1,6 @@ --- - name: Get container facts + become: true kolla_container_facts: name: - prometheus_server diff --git a/ansible/roles/qdrouterd/tasks/precheck.yml b/ansible/roles/qdrouterd/tasks/precheck.yml index 5cec762a74..18fdb1935c 100644 --- a/ansible/roles/qdrouterd/tasks/precheck.yml +++ b/ansible/roles/qdrouterd/tasks/precheck.yml @@ -1,5 +1,6 @@ --- - name: Get container facts + become: true kolla_container_facts: name: - qdrouterd diff --git a/ansible/roles/qinling/tasks/precheck.yml b/ansible/roles/qinling/tasks/precheck.yml index 724fd02977..cd98766b3a 100644 --- a/ansible/roles/qinling/tasks/precheck.yml +++ b/ansible/roles/qinling/tasks/precheck.yml @@ -1,5 +1,6 @@ --- - name: Get container facts + become: true kolla_container_facts: name: - qinling_api diff --git a/ansible/roles/rabbitmq/handlers/main.yml b/ansible/roles/rabbitmq/handlers/main.yml index c8e91203a1..fab1c5a0b8 100644 --- a/ansible/roles/rabbitmq/handlers/main.yml +++ b/ansible/roles/rabbitmq/handlers/main.yml @@ -22,6 +22,7 @@ vars: service_name: "rabbitmq" service: "{{ rabbitmq_services[service_name] }}" + become: true shell: "docker exec {{ service.container_name }} rabbitmqctl wait {{ rabbitmq_pid_file }}" when: - inventory_hostname == groups[service.group]|first diff --git a/ansible/roles/rabbitmq/tasks/precheck.yml b/ansible/roles/rabbitmq/tasks/precheck.yml index 6e6584fc25..1f9e4853c7 100644 --- a/ansible/roles/rabbitmq/tasks/precheck.yml +++ b/ansible/roles/rabbitmq/tasks/precheck.yml @@ -1,5 +1,6 @@ --- - name: Get container facts + become: true kolla_container_facts: name: - rabbitmq diff --git a/ansible/roles/rally/tasks/bootstrap.yml b/ansible/roles/rally/tasks/bootstrap.yml index 534fd857a0..ef80807cd0 100644 --- a/ansible/roles/rally/tasks/bootstrap.yml +++ b/ansible/roles/rally/tasks/bootstrap.yml @@ -1,5 +1,6 @@ --- - name: Creating rally database + become: true kolla_toolbox: module_name: mysql_db module_args: @@ -15,6 +16,7 @@ - not use_preconfigured_databases | bool - name: Creating rally database user and setting permissions + become: true kolla_toolbox: module_name: mysql_user module_args: diff --git a/ansible/roles/redis/tasks/check.yml b/ansible/roles/redis/tasks/check.yml index 5f107caa7c..6737ba1c0f 100644 --- a/ansible/roles/redis/tasks/check.yml +++ b/ansible/roles/redis/tasks/check.yml @@ -1,5 +1,6 @@ --- - name: Redis ping pong check + become: true command: "docker exec redis redis-cli -h {{ api_interface_address }} -a {{ redis_master_password }} ping" register: redis_check changed_when: "redis_check.stdout != 'PONG'" diff --git a/ansible/roles/redis/tasks/precheck.yml b/ansible/roles/redis/tasks/precheck.yml index ec94321cdb..7a21bc7fc0 100644 --- a/ansible/roles/redis/tasks/precheck.yml +++ b/ansible/roles/redis/tasks/precheck.yml @@ -1,5 +1,6 @@ --- - name: Get container facts + become: true kolla_container_facts: name: - redis diff --git a/ansible/roles/sahara/tasks/bootstrap.yml b/ansible/roles/sahara/tasks/bootstrap.yml index 6f99e5b6cd..0059264118 100644 --- a/ansible/roles/sahara/tasks/bootstrap.yml +++ b/ansible/roles/sahara/tasks/bootstrap.yml @@ -1,5 +1,6 @@ --- - name: Creating sahara database + become: true kolla_toolbox: module_name: mysql_db module_args: @@ -15,6 +16,7 @@ - not use_preconfigured_databases | bool - name: Creating sahara database user and setting permissions + become: true kolla_toolbox: module_name: mysql_user module_args: diff --git a/ansible/roles/sahara/tasks/precheck.yml b/ansible/roles/sahara/tasks/precheck.yml index 3830380e0a..86b3d182d3 100644 --- a/ansible/roles/sahara/tasks/precheck.yml +++ b/ansible/roles/sahara/tasks/precheck.yml @@ -1,5 +1,6 @@ --- - name: Get container facts + become: true kolla_container_facts: name: - sahara_api diff --git a/ansible/roles/sahara/tasks/register.yml b/ansible/roles/sahara/tasks/register.yml index 2aba0ac330..2bf18582c9 100644 --- a/ansible/roles/sahara/tasks/register.yml +++ b/ansible/roles/sahara/tasks/register.yml @@ -1,5 +1,6 @@ --- - name: Creating the Sahara service and endpoint + become: true kolla_toolbox: module_name: "kolla_keystone_service" module_args: @@ -19,6 +20,7 @@ - {'interface': 'public', 'url': '{{ sahara_public_endpoint }}'} - name: Creating the Sahara project, user, and role + become: true kolla_toolbox: module_name: "kolla_keystone_user" module_args: diff --git a/ansible/roles/searchlight/tasks/precheck.yml b/ansible/roles/searchlight/tasks/precheck.yml index bd1471a643..ef2d3ae999 100644 --- a/ansible/roles/searchlight/tasks/precheck.yml +++ b/ansible/roles/searchlight/tasks/precheck.yml @@ -1,5 +1,6 @@ --- - name: Get container facts + become: true kolla_container_facts: name: - searchlight_api diff --git a/ansible/roles/searchlight/tasks/register.yml b/ansible/roles/searchlight/tasks/register.yml index 27977c72f6..4902aa11e1 100644 --- a/ansible/roles/searchlight/tasks/register.yml +++ b/ansible/roles/searchlight/tasks/register.yml @@ -1,5 +1,6 @@ --- - name: Creating the Searchlight service and endpoint + become: true kolla_toolbox: module_name: "kolla_keystone_service" module_args: @@ -19,6 +20,7 @@ - {'interface': 'public', 'url': '{{ searchlight_public_endpoint }}'} - name: Creating the Searchlight project, user, and role + become: true kolla_toolbox: module_name: "kolla_keystone_user" module_args: diff --git a/ansible/roles/senlin/tasks/bootstrap.yml b/ansible/roles/senlin/tasks/bootstrap.yml index 8a82e834d6..56414e26fd 100644 --- a/ansible/roles/senlin/tasks/bootstrap.yml +++ b/ansible/roles/senlin/tasks/bootstrap.yml @@ -1,5 +1,6 @@ --- - name: Creating Senlin database + become: true kolla_toolbox: module_name: mysql_db module_args: @@ -15,6 +16,7 @@ - not use_preconfigured_databases | bool - name: Creating Senlin database user and setting permissions + become: true kolla_toolbox: module_name: mysql_user module_args: diff --git a/ansible/roles/senlin/tasks/precheck.yml b/ansible/roles/senlin/tasks/precheck.yml index 451f85e0b4..af0677acd1 100644 --- a/ansible/roles/senlin/tasks/precheck.yml +++ b/ansible/roles/senlin/tasks/precheck.yml @@ -1,5 +1,6 @@ --- - name: Get container facts + become: true kolla_container_facts: name: - senlin_api diff --git a/ansible/roles/senlin/tasks/register.yml b/ansible/roles/senlin/tasks/register.yml index c48da95451..0a4be59240 100644 --- a/ansible/roles/senlin/tasks/register.yml +++ b/ansible/roles/senlin/tasks/register.yml @@ -1,5 +1,6 @@ --- - name: Creating the Senlin service and endpoint + become: true kolla_toolbox: module_name: "kolla_keystone_service" module_args: @@ -19,6 +20,7 @@ - {'interface': 'public', 'url': '{{ senlin_public_endpoint }}'} - name: Creating the Senlin project, user, and role + become: true kolla_toolbox: module_name: "kolla_keystone_user" module_args: diff --git a/ansible/roles/service-stop/tasks/main.yml b/ansible/roles/service-stop/tasks/main.yml index b1db420588..d65f438ce4 100644 --- a/ansible/roles/service-stop/tasks/main.yml +++ b/ansible/roles/service-stop/tasks/main.yml @@ -2,6 +2,7 @@ - name: "Stopping {{ service_name }} containers" vars: service: "{{ item.value }}" + become: true kolla_docker: action: "stop_container" common_options: "{{ docker_common_options }}" diff --git a/ansible/roles/skydive/tasks/precheck.yml b/ansible/roles/skydive/tasks/precheck.yml index 0f58c10e0b..611475f61a 100644 --- a/ansible/roles/skydive/tasks/precheck.yml +++ b/ansible/roles/skydive/tasks/precheck.yml @@ -1,5 +1,6 @@ --- - name: Get container facts + become: true kolla_container_facts: name: - skydive_analyzer diff --git a/ansible/roles/solum/tasks/bootstrap.yml b/ansible/roles/solum/tasks/bootstrap.yml index 0d3194c46d..083f108b23 100644 --- a/ansible/roles/solum/tasks/bootstrap.yml +++ b/ansible/roles/solum/tasks/bootstrap.yml @@ -1,5 +1,6 @@ --- - name: Creating Solum database + become: true kolla_toolbox: module_name: mysql_db module_args: @@ -15,6 +16,7 @@ - not use_preconfigured_databases | bool - name: Creating Solum database user and setting permissions + become: true kolla_toolbox: module_name: mysql_user module_args: diff --git a/ansible/roles/solum/tasks/precheck.yml b/ansible/roles/solum/tasks/precheck.yml index 0dc5e8cfe2..7d79a18e0b 100644 --- a/ansible/roles/solum/tasks/precheck.yml +++ b/ansible/roles/solum/tasks/precheck.yml @@ -1,5 +1,6 @@ --- - name: Get container facts + become: true kolla_container_facts: name: - solum_api diff --git a/ansible/roles/solum/tasks/register.yml b/ansible/roles/solum/tasks/register.yml index cf54e869bb..f31415739e 100644 --- a/ansible/roles/solum/tasks/register.yml +++ b/ansible/roles/solum/tasks/register.yml @@ -1,5 +1,6 @@ --- - name: Creating the Solum image builder service and endpoint + become: true kolla_toolbox: module_name: "kolla_keystone_service" module_args: @@ -19,6 +20,7 @@ - {'interface': 'public', 'url': '{{ solum_image_builder_public_endpoint }}'} - name: Creating the Solum application deployment service and endpoint + become: true kolla_toolbox: module_name: "kolla_keystone_service" module_args: @@ -38,6 +40,7 @@ - {'interface': 'public', 'url': '{{ solum_application_deployment_public_endpoint }}'} - name: Creating the Solum project, user, and role + become: true kolla_toolbox: module_name: "kolla_keystone_user" module_args: diff --git a/ansible/roles/storm/handlers/main.yml b/ansible/roles/storm/handlers/main.yml index c03afb73e9..6fe4e0c5eb 100644 --- a/ansible/roles/storm/handlers/main.yml +++ b/ansible/roles/storm/handlers/main.yml @@ -5,6 +5,7 @@ service: "{{ storm_services[service_name] }}" config_json: "{{ storm_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}" worker_container: "{{ check_storm_containers.results|selectattr('item.key', 'equalto', service_name)|first }}" + become: true kolla_docker: action: "recreate_or_restart_container" common_options: "{{ docker_common_options }}" @@ -27,6 +28,7 @@ service: "{{ storm_services[service_name] }}" config_json: "{{ storm_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}" nimbus_container: "{{ check_storm_containers.results|selectattr('item.key', 'equalto', service_name)|first }}" + become: true kolla_docker: action: "recreate_or_restart_container" common_options: "{{ docker_common_options }}" diff --git a/ansible/roles/storm/tasks/config.yml b/ansible/roles/storm/tasks/config.yml index d60dec8769..d6c3b7a123 100644 --- a/ansible/roles/storm/tasks/config.yml +++ b/ansible/roles/storm/tasks/config.yml @@ -65,6 +65,7 @@ - Restart storm-nimbus container - name: Check storm containers + become: true kolla_docker: action: "compare_container" common_options: "{{ docker_common_options }}" diff --git a/ansible/roles/storm/tasks/precheck.yml b/ansible/roles/storm/tasks/precheck.yml index 91c66e18bd..e835686532 100644 --- a/ansible/roles/storm/tasks/precheck.yml +++ b/ansible/roles/storm/tasks/precheck.yml @@ -1,5 +1,6 @@ --- - name: Get container facts + become: true kolla_container_facts: name: - storm_worker diff --git a/ansible/roles/storm/tasks/pull.yml b/ansible/roles/storm/tasks/pull.yml index 757d0477c9..a2eb29f991 100644 --- a/ansible/roles/storm/tasks/pull.yml +++ b/ansible/roles/storm/tasks/pull.yml @@ -1,5 +1,6 @@ --- - name: Pulling storm images + become: true kolla_docker: action: "pull_image" common_options: "{{ docker_common_options }}" diff --git a/ansible/roles/swift/tasks/check.yml b/ansible/roles/swift/tasks/check.yml index e79ecdb518..ac26b20abc 100644 --- a/ansible/roles/swift/tasks/check.yml +++ b/ansible/roles/swift/tasks/check.yml @@ -1,5 +1,6 @@ --- - name: Swift sanity checks + become: true command: docker exec -t kolla_toolbox ansible localhost -m kolla_sanity -a "service=swift diff --git a/ansible/roles/swift/tasks/precheck.yml b/ansible/roles/swift/tasks/precheck.yml index 97e927166d..297b65be0b 100644 --- a/ansible/roles/swift/tasks/precheck.yml +++ b/ansible/roles/swift/tasks/precheck.yml @@ -1,5 +1,6 @@ --- - name: Get container facts + become: true kolla_container_facts: name: - swift_account_server diff --git a/ansible/roles/swift/tasks/reconfigure.yml b/ansible/roles/swift/tasks/reconfigure.yml index 09442fd962..26f4b3ddd5 100644 --- a/ansible/roles/swift/tasks/reconfigure.yml +++ b/ansible/roles/swift/tasks/reconfigure.yml @@ -32,6 +32,7 @@ - include_tasks: config.yml - name: Check the configs + become: true command: docker exec -u root {{ item.name }} /usr/local/bin/kolla_set_configs --check changed_when: false failed_when: false diff --git a/ansible/roles/swift/tasks/register.yml b/ansible/roles/swift/tasks/register.yml index 75d56c90af..04f7d958c9 100644 --- a/ansible/roles/swift/tasks/register.yml +++ b/ansible/roles/swift/tasks/register.yml @@ -1,5 +1,6 @@ --- - name: Creating the Swift service and endpoint + become: true kolla_toolbox: module_name: "kolla_keystone_service" module_args: @@ -19,6 +20,7 @@ - {'interface': 'public', 'url': '{{ swift_public_endpoint }}'} - name: Creating the Swift project, user, and role + become: true kolla_toolbox: module_name: "kolla_keystone_user" module_args: @@ -32,6 +34,7 @@ run_once: True - name: Creating the ResellerAdmin role + become: true kolla_toolbox: module_name: "os_keystone_role" module_args: diff --git a/ansible/roles/swift/tasks/start.yml b/ansible/roles/swift/tasks/start.yml index 55ffc33620..648b6e92c8 100644 --- a/ansible/roles/swift/tasks/start.yml +++ b/ansible/roles/swift/tasks/start.yml @@ -1,5 +1,6 @@ --- - name: Looking up disks for Swift + become: true command: docker exec -t kolla_toolbox sudo -E ansible localhost -m find_disks -a "name={{ swift_devices_name }} diff --git a/ansible/roles/swift/tasks/stop.yml b/ansible/roles/swift/tasks/stop.yml index 19ec5a08f0..f874a6855c 100644 --- a/ansible/roles/swift/tasks/stop.yml +++ b/ansible/roles/swift/tasks/stop.yml @@ -1,5 +1,6 @@ --- - name: Stopping swift-rsyncd container + become: true kolla_docker: action: "stop_container" common_options: "{{ docker_common_options }}" @@ -10,6 +11,7 @@ 'swift_rsyncd' not in skip_stop_containers - name: Stopping swift-account-server container + become: true kolla_docker: action: "stop_container" common_options: "{{ docker_common_options }}" @@ -19,6 +21,7 @@ - "'swift_account_server' not in skip_stop_containers" - name: Stopping swift-account-auditor container + become: true kolla_docker: action: "stop_container" common_options: "{{ docker_common_options }}" @@ -28,6 +31,7 @@ - "'swift_object_auditor' not in skip_stop_containers" - name: Stopping swift-account-replicator container + become: true kolla_docker: action: "stop_container" common_options: "{{ docker_common_options }}" @@ -37,6 +41,7 @@ - "'swift_account_replicator' not in skip_stop_containers" - name: Stopping swift-account-reaper container + become: true kolla_docker: action: "stop_container" common_options: "{{ docker_common_options }}" @@ -46,6 +51,7 @@ - "'swift_account_reaper' not in skip_stop_containers" - name: Stopping swift-container-server container + become: true kolla_docker: action: "stop_container" common_options: "{{ docker_common_options }}" @@ -55,6 +61,7 @@ - "'swift_container_server' not in skip_stop_containers" - name: Stopping swift-container-auditor container + become: true kolla_docker: action: "stop_container" common_options: "{{ docker_common_options }}" @@ -64,6 +71,7 @@ - "'swift_container_auditor' not in skip_stop_containers" - name: Stopping swift-container-replicator container + become: true kolla_docker: action: "stop_container" common_options: "{{ docker_common_options }}" @@ -73,6 +81,7 @@ - "'swift_container_replicator' not in skip_stop_containers" - name: Stopping swift-container-updater container + become: true kolla_docker: action: "stop_container" common_options: "{{ docker_common_options }}" @@ -82,6 +91,7 @@ - "'swift_container_updater' not in skip_stop_containers" - name: Stopping swift-object-server container + become: true kolla_docker: action: "stop_container" common_options: "{{ docker_common_options }}" @@ -91,6 +101,7 @@ - "'swift_object_server' not in skip_stop_containers" - name: Stopping swift-object-auditor container + become: true kolla_docker: action: "stop_container" common_options: "{{ docker_common_options }}" @@ -100,6 +111,7 @@ - "'swift_object_auditor' not in skip_stop_containers" - name: Stopping swift-object-replicator container + become: true kolla_docker: action: "stop_container" common_options: "{{ docker_common_options }}" @@ -109,6 +121,7 @@ - "'swift_object_replicator' not in skip_stop_containers" - name: Stopping swift-object-updater container + become: true kolla_docker: action: "start_container" common_options: "{{ docker_common_options }}" @@ -118,6 +131,7 @@ - "'swift_object_updater' not in skip_stop_containers" - name: Stopping swift-object-expirer container + become: true kolla_docker: action: "stop_container" common_options: "{{ docker_common_options }}" @@ -127,6 +141,7 @@ - "'swift_object_expirer' not in skip_stop_containers" - name: Stopping swift-proxy-server container + become: true kolla_docker: action: "stop_container" common_options: "{{ docker_common_options }}" diff --git a/ansible/roles/tacker/tasks/bootstrap.yml b/ansible/roles/tacker/tasks/bootstrap.yml index 2f1c5309ac..03907742c3 100644 --- a/ansible/roles/tacker/tasks/bootstrap.yml +++ b/ansible/roles/tacker/tasks/bootstrap.yml @@ -1,5 +1,6 @@ --- - name: Creating tacker database + become: true kolla_toolbox: module_name: mysql_db module_args: @@ -15,6 +16,7 @@ - not use_preconfigured_databases | bool - name: Creating tacker database user and setting permissions + become: true kolla_toolbox: module_name: mysql_user module_args: diff --git a/ansible/roles/tacker/tasks/precheck.yml b/ansible/roles/tacker/tasks/precheck.yml index df60eaf6f8..944af80136 100644 --- a/ansible/roles/tacker/tasks/precheck.yml +++ b/ansible/roles/tacker/tasks/precheck.yml @@ -1,5 +1,6 @@ --- - name: Get container facts + become: true kolla_container_facts: name: - tacker_server diff --git a/ansible/roles/tacker/tasks/register.yml b/ansible/roles/tacker/tasks/register.yml index e1b4060f25..0bb38a7792 100644 --- a/ansible/roles/tacker/tasks/register.yml +++ b/ansible/roles/tacker/tasks/register.yml @@ -1,5 +1,6 @@ --- - name: Creating the Tacker service and endpoint + become: true kolla_toolbox: module_name: "kolla_keystone_service" module_args: @@ -19,6 +20,7 @@ - {'interface': 'public', 'url': '{{ tacker_public_endpoint }}'} - name: Creating the Tacker project, user, and role + become: true kolla_toolbox: module_name: "kolla_keystone_user" module_args: diff --git a/ansible/roles/trove/tasks/bootstrap.yml b/ansible/roles/trove/tasks/bootstrap.yml index 4befaf2068..3b5bd45fe3 100644 --- a/ansible/roles/trove/tasks/bootstrap.yml +++ b/ansible/roles/trove/tasks/bootstrap.yml @@ -1,5 +1,6 @@ --- - name: Creating trove database + become: true kolla_toolbox: module_name: mysql_db module_args: @@ -15,6 +16,7 @@ - not use_preconfigured_databases | bool - name: Creating trove database user and setting permissions + become: true kolla_toolbox: module_name: mysql_user module_args: diff --git a/ansible/roles/trove/tasks/precheck.yml b/ansible/roles/trove/tasks/precheck.yml index 041d904fa8..befcc5bb2e 100644 --- a/ansible/roles/trove/tasks/precheck.yml +++ b/ansible/roles/trove/tasks/precheck.yml @@ -1,5 +1,6 @@ --- - name: Get container facts + become: true kolla_container_facts: name: - trove_api diff --git a/ansible/roles/trove/tasks/register.yml b/ansible/roles/trove/tasks/register.yml index cd7eea00e5..c24d42db9b 100644 --- a/ansible/roles/trove/tasks/register.yml +++ b/ansible/roles/trove/tasks/register.yml @@ -1,5 +1,6 @@ --- - name: Creating the Trove service and endpoint + become: true kolla_toolbox: module_name: "kolla_keystone_service" module_args: @@ -19,6 +20,7 @@ - {'interface': 'public', 'url': '{{ trove_public_endpoint }}'} - name: Creating the Trove project, user, and role + become: true kolla_toolbox: module_name: "kolla_keystone_user" module_args: diff --git a/ansible/roles/vitrage/tasks/bootstrap.yml b/ansible/roles/vitrage/tasks/bootstrap.yml index 8c57251e02..a6951fbdcd 100644 --- a/ansible/roles/vitrage/tasks/bootstrap.yml +++ b/ansible/roles/vitrage/tasks/bootstrap.yml @@ -1,5 +1,6 @@ --- - name: Creating vitrage database + become: true kolla_toolbox: module_name: mysql_db module_args: @@ -15,6 +16,7 @@ - not use_preconfigured_databases | bool - name: Creating vitrage database user and setting permissions + become: true kolla_toolbox: module_name: mysql_user module_args: diff --git a/ansible/roles/vitrage/tasks/precheck.yml b/ansible/roles/vitrage/tasks/precheck.yml index 63f52c2e7c..95e4566447 100644 --- a/ansible/roles/vitrage/tasks/precheck.yml +++ b/ansible/roles/vitrage/tasks/precheck.yml @@ -1,5 +1,6 @@ --- - name: Get container facts + become: true kolla_container_facts: name: - vitrage_api diff --git a/ansible/roles/vitrage/tasks/register.yml b/ansible/roles/vitrage/tasks/register.yml index c2f9e95b89..0be3f1bdb5 100644 --- a/ansible/roles/vitrage/tasks/register.yml +++ b/ansible/roles/vitrage/tasks/register.yml @@ -1,5 +1,6 @@ --- - name: Creating the Vitrage service and endpoint + become: true kolla_toolbox: module_name: "kolla_keystone_service" module_args: @@ -19,6 +20,7 @@ - {'interface': 'public', 'url': '{{ vitrage_public_endpoint }}'} - name: Creating the Vitrage project, user, and role + become: true kolla_toolbox: module_name: "kolla_keystone_user" module_args: @@ -32,6 +34,7 @@ run_once: True - name: Adding vitrage user into admin project + become: true kolla_toolbox: module_name: "os_user_role" module_args: diff --git a/ansible/roles/watcher/tasks/bootstrap.yml b/ansible/roles/watcher/tasks/bootstrap.yml index e0d0dc3a4f..9d3c540a02 100644 --- a/ansible/roles/watcher/tasks/bootstrap.yml +++ b/ansible/roles/watcher/tasks/bootstrap.yml @@ -1,5 +1,6 @@ --- - name: Creating Watcher database + become: true kolla_toolbox: module_name: mysql_db module_args: @@ -15,6 +16,7 @@ - not use_preconfigured_databases | bool - name: Creating Watcher database user and setting permissions + become: true kolla_toolbox: module_name: mysql_user module_args: diff --git a/ansible/roles/watcher/tasks/precheck.yml b/ansible/roles/watcher/tasks/precheck.yml index 3f0401ea67..32a32c630c 100644 --- a/ansible/roles/watcher/tasks/precheck.yml +++ b/ansible/roles/watcher/tasks/precheck.yml @@ -1,5 +1,6 @@ --- - name: Get container facts + become: true kolla_container_facts: name: - watcher_api diff --git a/ansible/roles/watcher/tasks/register.yml b/ansible/roles/watcher/tasks/register.yml index f28bf54478..70b4997004 100644 --- a/ansible/roles/watcher/tasks/register.yml +++ b/ansible/roles/watcher/tasks/register.yml @@ -1,5 +1,6 @@ --- - name: Creating the Watcher service and endpoint + become: true kolla_toolbox: module_name: "kolla_keystone_service" module_args: @@ -19,6 +20,7 @@ - {'interface': 'public', 'url': '{{ watcher_public_endpoint }}'} - name: Creating the Watcher project, user, and role + become: true kolla_toolbox: module_name: "kolla_keystone_user" module_args: diff --git a/ansible/roles/zookeeper/tasks/precheck.yml b/ansible/roles/zookeeper/tasks/precheck.yml index 38aeeb95c8..f411378891 100644 --- a/ansible/roles/zookeeper/tasks/precheck.yml +++ b/ansible/roles/zookeeper/tasks/precheck.yml @@ -1,5 +1,6 @@ --- - name: Get container facts + become: true kolla_container_facts: name: - zookeeper diff --git a/ansible/roles/zun/handlers/main.yml b/ansible/roles/zun/handlers/main.yml index 4bc0af02c3..7cf52d5b22 100644 --- a/ansible/roles/zun/handlers/main.yml +++ b/ansible/roles/zun/handlers/main.yml @@ -34,6 +34,7 @@ zun_conf: "{{ zun_confs.results|selectattr('item.key', 'equalto', service_name)|first }}" policy_overwriting: "{{ zun_policy_overwriting.results|selectattr('item.key', 'equalto', service_name)|first }}" zun_wsproxy_container: "{{ check_zun_containers.results|selectattr('item.key', 'equalto', service_name)|first }}" + become: true kolla_docker: action: "recreate_or_restart_container" common_options: "{{ docker_common_options }}" diff --git a/ansible/roles/zun/tasks/bootstrap.yml b/ansible/roles/zun/tasks/bootstrap.yml index c794cdbfe6..d65daa4b64 100644 --- a/ansible/roles/zun/tasks/bootstrap.yml +++ b/ansible/roles/zun/tasks/bootstrap.yml @@ -1,5 +1,6 @@ --- - name: Creating Zun database + become: true kolla_toolbox: module_name: mysql_db module_args: @@ -15,6 +16,7 @@ - not use_preconfigured_databases | bool - name: Creating Zun database user and setting permissions + become: true kolla_toolbox: module_name: mysql_user module_args: diff --git a/ansible/roles/zun/tasks/precheck.yml b/ansible/roles/zun/tasks/precheck.yml index f155ba06f8..89fadc8aec 100644 --- a/ansible/roles/zun/tasks/precheck.yml +++ b/ansible/roles/zun/tasks/precheck.yml @@ -1,5 +1,6 @@ --- - name: Get container facts + become: true kolla_container_facts: name: - zun_api diff --git a/ansible/roles/zun/tasks/register.yml b/ansible/roles/zun/tasks/register.yml index 11963dba9e..f6d5e8de39 100644 --- a/ansible/roles/zun/tasks/register.yml +++ b/ansible/roles/zun/tasks/register.yml @@ -1,5 +1,6 @@ --- - name: Creating the Zun service and endpoint + become: true kolla_toolbox: module_name: "kolla_keystone_service" module_args: @@ -19,6 +20,7 @@ - {'interface': 'public', 'url': '{{ zun_public_endpoint }}'} - name: Creating the Zun project, user, and role + become: true kolla_toolbox: module_name: "kolla_keystone_user" module_args: diff --git a/tools/cleanup-containers b/tools/cleanup-containers index 91a22056f4..946c8245c6 100755 --- a/tools/cleanup-containers +++ b/tools/cleanup-containers @@ -1,6 +1,6 @@ #!/bin/bash -containers_running=$(docker ps --filter "label=kolla_version" --format "{{.Names}}") +containers_running=$(sudo docker ps --filter "label=kolla_version" --format "{{.Names}}") QEMU_PIDS=$(pgrep -l qemu | awk '!/qemu-ga/ && !/qemu-img/ {print $1}') if [[ "${containers_running}" =~ "nova_libvirt" ]] && [[ $QEMU_PIDS ]] && [[ $(ps --no-headers wwwup $QEMU_PIDS | grep --invert-match '\-xen\-domid 0') ]]; then @@ -11,37 +11,37 @@ if [[ "${containers_running}" =~ "nova_libvirt" ]] && [[ $QEMU_PIDS ]] && [[ $(p fi if [ -n "$1" ]; then - containers_to_kill=$(docker ps --filter "label=kolla_version" --format "{{.Names}}" -a | grep -E "$1" | awk '{print $1}') - volumes_to_remove=$(docker inspect -f '{{range .Mounts}} {{printf "%s\n" .Name }}{{end}}' ${containers_to_kill} | \ + containers_to_kill=$(sudo docker ps --filter "label=kolla_version" --format "{{.Names}}" -a | grep -E "$1" | awk '{print $1}') + volumes_to_remove=$(sudo docker inspect -f '{{range .Mounts}} {{printf "%s\n" .Name }}{{end}}' ${containers_to_kill} | \ egrep -v '(^\s*$)' | sort | uniq) else - containers_to_kill=$(docker ps --filter "label=kolla_version" --format "{{.Names}}" -a) + containers_to_kill=$(sudo docker ps --filter "label=kolla_version" --format "{{.Names}}" -a) - volumes_to_remove=$(docker inspect -f '{{range .Mounts}} {{printf "%s\n" .Name }}{{end}}' ${containers_to_kill} | \ + volumes_to_remove=$(sudo docker inspect -f '{{range .Mounts}} {{printf "%s\n" .Name }}{{end}}' ${containers_to_kill} | \ egrep -v '(^\s*$)' | sort | uniq) fi if [[ "${containers_to_kill}" =~ "openvswitch_vswitchd" ]] && [[ "${containers_running}" =~ "neutron_openvswitch_agent" ]]; then echo "Removing ovs bridge..." -(docker exec -u root neutron_openvswitch_agent neutron-ovs-cleanup \ +(sudo docker exec -u root neutron_openvswitch_agent neutron-ovs-cleanup \ --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini \ --ovs_all_ports) > /dev/null -(docker exec -it openvswitch_vswitchd bash -c 'for br in `ovs-vsctl list-br`;do ovs-vsctl --if-exists del-br $br;done') > /dev/null +(sudo docker exec -it openvswitch_vswitchd bash -c 'for br in `ovs-vsctl list-br`;do ovs-vsctl --if-exists del-br $br;done') > /dev/null fi echo "Stopping containers..." -(docker stop -t 2 ${containers_to_kill} 2>&1) > /dev/null +(sudo docker stop -t 2 ${containers_to_kill} 2>&1) > /dev/null echo "Removing containers..." -(docker rm -v -f ${containers_to_kill} 2>&1) > /dev/null +(sudo docker rm -v -f ${containers_to_kill} 2>&1) > /dev/null echo "Disconnecting containers from docker host network" for container in ${containers_to_kill}; do -(docker network disconnect -f host $container 2>&1) > /dev/null +(sudo docker network disconnect -f host $container 2>&1) > /dev/null done echo "Removing volumes..." -(docker volume rm ${volumes_to_remove} 2>&1) > /dev/null +(sudo docker volume rm ${volumes_to_remove} 2>&1) > /dev/null echo "Removing link of kolla_log volume..." (rm -f /var/log/kolla 2>&1) > /dev/null diff --git a/tools/cleanup-images b/tools/cleanup-images index 22b27058bf..68b01b5399 100755 --- a/tools/cleanup-images +++ b/tools/cleanup-images @@ -40,22 +40,22 @@ eval set -- "$ARGS" case "$1" in (--all|-a) - KOLLA_IMAGES="$(docker images -a --filter "label=kolla_version" --format "{{.ID}}")" + KOLLA_IMAGES="$(sudo docker images -a --filter "label=kolla_version" --format "{{.ID}}")" shift ;; (--dangling) - KOLLA_IMAGES="$(docker images -a --filter dangling=true --format "{{.ID}}")" + KOLLA_IMAGES="$(sudo docker images -a --filter dangling=true --format "{{.ID}}")" shift ;; (--image|-i) - KOLLA_IMAGES="$(docker images -a --filter "label=kolla_version" --format "{{.Repository}}\t{{.ID}}" | grep -E "$2" | awk '{print $2}')" + KOLLA_IMAGES="$(sudo docker images -a --filter "label=kolla_version" --format "{{.Repository}}\t{{.ID}}" | grep -E "$2" | awk '{print $2}')" shift 2 ;; (--image-version) - KOLLA_IMAGES="$(docker images -a --filter "label=kolla_version=${2}" --format "{{.ID}}")" + KOLLA_IMAGES="$(sudo docker images -a --filter "label=kolla_version=${2}" --format "{{.ID}}")" shift 2 ;; @@ -73,5 +73,5 @@ case "$1" in esac -CMD="docker rmi -f $@ $KOLLA_IMAGES" +CMD="sudo docker rmi -f $@ $KOLLA_IMAGES" process_cmd diff --git a/tools/validate-docker-execute.sh b/tools/validate-docker-execute.sh index 3dda59e86c..94a6756cb8 100755 --- a/tools/validate-docker-execute.sh +++ b/tools/validate-docker-execute.sh @@ -4,7 +4,7 @@ # docker commands function check_dockerexecute { - docker ps &>/dev/null + sudo docker ps &>/dev/null return_val=$? if [ $return_val -ne 0 ]; then echo "User $USER can't seem to run Docker commands. Verify product documentation to allow user to execute docker commands" 1>&2