--- - name: Checking Docker version become: true command: docker --version register: result changed_when: false when: inventory_hostname in groups['baremetal'] failed_when: result is failed or result.stdout | regex_replace('.*(\\d+\\.\\d+\\.\\d+).*', '\\1') is version(docker_version_min, '<') # NOTE(mgoddard): If passwords.yml is encrypted using ansible-vault, this check # will pass, but only because nothing in the vault file has the format of a # YAML dict item. - name: Checking empty passwords in passwords.yml. Run kolla-genpwd if this task fails command: cmd: grep '^[^#].*:\s*$' "{{ node_config }}/passwords.yml" delegate_to: localhost run_once: True register: result changed_when: false failed_when: result.stdout | regex_replace('(.*ssh_key.*)', '') is search(":") - name: Check if nscd is running command: pgrep nscd ignore_errors: yes failed_when: false changed_when: false register: nscd_status - name: Fail if nscd is running fail: msg: | Service nscd is running. This is known to cause issues with Docker's user namespaces in Kolla. Please disable it before proceeding. when: - nscd_status.rc == 0 - name: Validate that internal and external vip address are different when TLS is enabled only on either the internal and external network run_once: True fail: msg: 'kolla_external_vip_address and kolla_internal_vip_address must not be the same when only one network has TLS enabled' changed_when: false when: - kolla_enable_tls_external | bool or kolla_enable_tls_internal | bool - not (kolla_enable_tls_external | bool and kolla_enable_tls_internal | bool) - kolla_same_external_internal_vip | bool - name: Validate that enable_ceph is disabled run_once: True fail: msg: "We are sorry but enable_ceph is no longer supported. Please use external ceph support." when: - (enable_ceph | default()) | bool