Mark Goddard b123bf6621 Use become for all docker tasks
Many tasks that use Docker have become specified already, but
not all. This change ensures all tasks that use the following
modules have become:

* kolla_docker
* kolla_ceph_keyring
* kolla_toolbox
* kolla_container_facts

It also adds become for 'command' tasks that use docker CLI.

Change-Id: I4a5ebcedaccb9261dbc958ec67e8077d7980e496
2019-06-06 19:04:58 +01:00

45 lines
1.8 KiB
YAML

---
- name: Ensure log directories exist
vars:
nginx_user: "{{ 'www-data' if is_debian else 'nginx' }}"
is_debian: "{{ kolla_base_distro in ['debian', 'ubuntu'] }}"
become: true
command: >
docker exec bifrost_deploy
bash -c 'mkdir -p /var/log/kolla/ironic &&
chown ironic:ironic /var/log/kolla/ironic &&
mkdir -p /var/log/kolla/ironic-inspector &&
chown ironic:ironic /var/log/kolla/ironic-inspector &&
mkdir -p /var/log/kolla/nginx &&
chown {{ nginx_user }}:{{ nginx_user }} /var/log/kolla/nginx'
- name: Bootstrap bifrost (this may take several minutes)
become: true
command: >
docker exec bifrost_deploy
bash -c 'source /bifrost/env-vars &&
ansible-playbook -vvvv -i /bifrost/playbooks/inventory/target
/bifrost/playbooks/install.yaml -e @/etc/bifrost/bifrost.yml
-e @/etc/bifrost/dib.yml -e skip_package_install=true'
- name: Installing ssh keys
become: true
command: >
docker exec bifrost_deploy
bash -c 'mkdir /root/.ssh ; mkdir /home/ironic/.ssh;
cp -f /etc/bifrost/id_rsa /root/.ssh/id_rsa &&
cp -f /etc/bifrost/id_rsa.pub /root/.ssh/id_rsa.pub &&
cp -f /etc/bifrost/ssh_config /root/.ssh/config &&
cp -f /etc/bifrost/id_rsa /home/ironic/.ssh/id_rsa &&
cp -f /etc/bifrost/id_rsa.pub /home/ironic/.ssh/id_rsa.pub &&
cp -f /etc/bifrost/ssh_config /home/ironic/.ssh/config &&
chmod 600 /root/.ssh/id_rsa &&
chmod 600 /root/.ssh/id_rsa.pub &&
chmod 600 /root/.ssh/config &&
chmod 600 /home/ironic/.ssh/id_rsa &&
chmod 600 /home/ironic/.ssh/id_rsa.pub &&
chmod 600 /home/ironic/.ssh/config &&
chown ironic:ironic /home/ironic/.ssh/id_rsa &&
chown ironic:ironic /home/ironic/.ssh/id_rsa.pub &&
chown ironic:ironic /home/ironic/.ssh/config'