--- - name: Create kolla user user: name: "{{ kolla_user }}" state: present group: "{{ kolla_group }}" groups: "sudo" append: true become: True when: create_kolla_user | bool - name: Add public key to kolla user authorized keys authorized_key: user: "{{ kolla_user }}" key: "{{ kolla_ssh_key.public_key }}" become: True when: create_kolla_user | bool - name: Create sudoers profile for user kolla file: path: /etc/sudoers.d/kolla-ansible-users state: touch become: True when: create_kolla_user_sudoers | bool - name: Grant kolla user passwordless sudo lineinfile: dest: /etc/sudoers.d/kolla-ansible-users state: present regexp: '^{{ kolla_user }}' line: '{{ kolla_user }} ALL=(ALL) NOPASSWD: ALL' become: True when: create_kolla_user_sudoers | bool - name: Ensure virtualenv has correct ownership file: path: "{{ virtualenv }}" recurse: True state: directory owner: "{{ kolla_user }}" group: "{{ kolla_group }}" become: True when: virtualenv is not none - name: Ensure node_config_directory directory exists for user kolla file: path: "{{ node_config_directory }}" state: directory recurse: yes owner: "{{ kolla_user }}" group: "{{ kolla_group }}" mode: 0755 become: True when: create_kolla_user | bool - name: Ensure node_config_directory directory exists file: path: "{{ node_config_directory }}" state: directory recurse: yes mode: 0644 become: True when: not create_kolla_user | bool - name: Ensure docker service directory exists file: path: /etc/systemd/system/docker.service.d state: directory recurse: yes become: True - name: Check dockerd exists stat: path=/usr/bin/dockerd register: dockerd_exists - name: Setting docker daemon name set_fact: docker_binary_name: "dockerd" when: dockerd_exists.stat.exists == True - name: Configure docker service become: True template: src: docker_systemd_service.j2 dest: /etc/systemd/system/docker.service.d/kolla.conf register: docker_configured - name: Reload docker service file become: True systemd: name: docker daemon_reload: yes - name: Get stat of libvirtd apparmor profile stat: path: /etc/apparmor.d/usr.sbin.libvirtd register: apparmor_libvirtd_profile when: ansible_distribution == "Ubuntu" - name: Remove apparmor profile for libvirt command: apparmor_parser -R /etc/apparmor.d/usr.sbin.libvirtd become: True when: - ansible_distribution == "Ubuntu" - apparmor_libvirtd_profile.stat.exists - name: Create docker group group: name: docker become: True - name: Add kolla user to docker group user: name: "{{ kolla_user }}" append: yes groups: docker become: True when: create_kolla_user | bool - name: Start docker service: name: docker state: started become: True - name: Restart docker service: name: docker state: restarted become: True when: docker_configured.changed - name: Enable docker service: name: docker enabled: yes become: True - name: Stop time service service: name: ntp state: stopped become: True when: - ansible_os_family == "Debian" - enable_host_ntp | bool - name: Stop time service service: name: ntpd state: stopped become: True when: - ansible_os_family == "RedHat" - enable_host_ntp | bool - name: Synchronizing time one-time command: ntpd -gq become: True when: enable_host_ntp | bool - name: Start time sync service service: name: ntp state: started enabled: yes become: True when: - ansible_os_family == "Debian" - enable_host_ntp | bool - name: Start time sync service service: name: ntpd state: started enabled: yes become: True when: - ansible_os_family == "RedHat" - enable_host_ntp | bool - name: Change state of selinux selinux: policy: targeted state: "{{ selinux_state }}" become: true when: - change_selinux | bool - ansible_os_family == "RedHat" - name: Reboot command: reboot -f become: True when: - reboot_required is defined - reboot_required | bool