kolla-ansible/ansible/roles/baremetal/tasks/install.yml

---
- name: Update apt cache
  apt:
    update_cache: yes
  become: True
  when: ansible_os_family == 'Debian'

# TODO(inc0): Gates don't seem to have ufw executable, check for it instead of ignore errors
- name: Set firewall default policy
  become: True
  ufw:
    state: disabled
    policy: allow
  when: ansible_os_family == 'Debian'
  ignore_errors: yes

- name: Check if firewalld is installed
  command: rpm -q firewalld
  register: firewalld_check
  failed_when: firewalld_check.rc > 1
  when: ansible_os_family == 'RedHat'

- name: Disable firewalld
  become: True
  service:
    name: "{{ item }}"
    enabled: false
    state: stopped
  with_items:
    - firewalld
  when:
    - ansible_os_family == 'RedHat'
    - firewalld_check.rc == 0

# Upgrading docker engine may cause containers to stop. Take a snapshot of the
# running containers prior to a potential upgrade of Docker.

- name: Check which containers are running
  command: docker ps -f 'status=running' -q
  become: true
  # If Docker is not installed this command may exit non-zero.
  failed_when: false
  changed_when: false
  register: running_containers

- name: Install apt packages
  package:
    name: "{{ item }}"
    state: present
  become: True
  with_items: "{{ debian_pkg_install }}"
  when:
    - ansible_os_family == 'Debian'
    - item != ""
  register: apt_install_result

- name: Install deltarpm packages
  package:
    name: "{{ item }}"
    state: present
    update_cache: yes
  become: True
  with_items:
    - deltarpm
  when: ansible_os_family == 'RedHat'

- name: Install yum packages
  package:
    name: "{{ item }}"
    state: present
    update_cache: yes
  become: True
  with_items: "{{ redhat_pkg_install }}"
  when: ansible_os_family == 'RedHat'
  register: yum_install_result

# If any packages were updated, and any containers were running, wait for the
# daemon to come up and start all previously running containers.

- block:
    - name: Wait for Docker to start
      command: docker info
      become: true
      changed_when: false
      register: result
      until: result is success
      retries: 6
      delay: 10

    - name: Ensure containers are running after Docker upgrade
      command: "docker start {{ running_containers.stdout }}"
      become: true
  when:
    - install_result is changed
    - running_containers.rc == 0
    - running_containers.stdout != ''
  vars:
    install_result: "{{ yum_install_result if ansible_os_family == 'RedHat' else apt_install_result }}"

- name: Install virtualenv packages
  package:
    name: python-virtualenv
    state: present
  become: True
  when: virtualenv is not none

- name: Install pip
  easy_install:
    name: pip
    virtualenv: "{{ virtualenv is none | ternary(omit, virtualenv) }}"
    virtualenv_site_packages: "{{ virtualenv is none | ternary(omit, virtualenv_site_packages) }}"
  become: True
  when: easy_install_available

- name: Install latest pip in the virtualenv
  pip:
    name: pip
    state: latest
    virtualenv: "{{ virtualenv }}"
    virtualenv_site_packages: "{{ virtualenv_site_packages }}"
  become: True
  when: virtualenv is not none

- name: Install docker SDK for python
  pip:
    name: docker
    state: latest
    virtualenv: "{{ virtualenv is none | ternary(omit, virtualenv) }}"
    virtualenv_site_packages: "{{ virtualenv is none | ternary(omit, virtualenv_site_packages) }}"
  become: True

- name: Remove packages
  package:
    name: "{{ item }}"
    state: absent
  with_items: "{{ ubuntu_pkg_removals }}"
  become: True
  when:
    - ansible_distribution|lower == "ubuntu"
    - item != ""

- name: Remove packages
  package:
    name: "{{ item }}"
    state: absent
  with_items: "{{ redhat_pkg_removals }}"
  become: True
  when:
    - ansible_os_family == 'RedHat'
    - item != ""