openstack/kolla-ansible
Code Issues Proposed changes
kolla-ansible/ansible/roles/nova-cell/tasks/external_ceph.yml
Andrei Nistor 6ff6337230 Fix 'nova_cephx_raw_key' is undefined 
When using external ceph without nova integration, kolla-ansible fails
because 'nova_cephx_raw_key' is undefined.
This patch fixes the issue by applying the 'default' filter to
prevent failure on undefined.
The change in behavior was introduced by [1].

[1] https://review.opendev.org/689753
commit 44709f413246a05b891f250e88c43226e1f1b0c9

Change-Id: I2fdca1a6a78e78623733a387a2d8c7e29d449083
Closes-Bug: #1853862
Co-Authored-By: Mark Goddard <mark@stackhpc.com>
2019-11-25 16:33:22 +00:00

136 lines
4.1 KiB
YAML
Raw Blame History

---
- name: Ensuring config directory exists
file:
path: "{{ node_config_directory }}/{{ item }}"
state: "directory"
mode: "0770"
become: true
with_items:
- "nova-libvirt/secrets"
when: inventory_hostname in groups[nova_cell_compute_group]
- name: Check nova keyring file
stat:
path: "{{ node_custom_config }}/nova/ceph.client.nova.keyring"
delegate_to: localhost
run_once: True
register: nova_cephx_keyring_file
failed_when: not nova_cephx_keyring_file.stat.exists
when:
- nova_backend == "rbd"
- external_ceph_cephx_enabled | bool
- name: Check cinder keyring file
stat:
path: "{{ node_custom_config }}/nova/ceph.client.cinder.keyring"
delegate_to: localhost
run_once: True
register: cinder_cephx_keyring_file
failed_when: not cinder_cephx_keyring_file.stat.exists
when:
- cinder_backend_ceph | bool
- external_ceph_cephx_enabled | bool
# NOTE: nova-compute and nova-libvirt only need ceph.client.nova.keyring.
- name: Copy over ceph nova keyring file
copy:
src: "{{ nova_cephx_keyring_file.stat.path }}"
dest: "{{ node_config_directory }}/{{ item }}/"
mode: "0660"
become: true
with_items:
- nova-compute
- nova-libvirt
when:
- inventory_hostname in groups[nova_cell_compute_group]
- nova_backend == "rbd"
- external_ceph_cephx_enabled | bool
notify:
- Restart {{ item }} container
- name: Copy over ceph.conf
template:
src: "{{ node_custom_config }}/nova/ceph.conf"
dest: "{{ node_config_directory }}/{{ item }}/"
mode: "0660"
become: true
with_items:
- nova-compute
- nova-libvirt
when:
- inventory_hostname in groups[nova_cell_compute_group]
- nova_backend == "rbd"
notify:
- Restart {{ item }} container
- name: Pushing nova secret xml for libvirt
template:
src: "secret.xml.j2"
dest: "{{ node_config_directory }}/nova-libvirt/secrets/{{ item.uuid }}.xml"
mode: "0600"
become: true
when:
- inventory_hostname in groups[nova_cell_compute_group]
- item.enabled | bool
with_items:
- uuid: "{{ rbd_secret_uuid }}"
name: "client.nova secret"
enabled: "{{ nova_backend == 'rbd' }}"
- uuid: "{{ cinder_rbd_secret_uuid }}"
name: "client.cinder secret"
enabled: "{{ cinder_backend_ceph }}"
notify:
- Restart nova-libvirt container
- name: Extract nova key from file
set_fact:
nova_cephx_raw_key: "{{ lookup('file', nova_cephx_keyring_file.stat.path) | regex_search('key\\s*=.*$', multiline=True) | regex_replace('key\\s*=\\s*(.*)\\s*', '\\1') }}"
changed_when: false
run_once: True
when:
- nova_backend == "rbd"
- external_ceph_cephx_enabled | bool
- name: Extract cinder key from file
set_fact:
cinder_cephx_raw_key: "{{ lookup('file', cinder_cephx_keyring_file.stat.path) | regex_search('key\\s*=.*$', multiline=True) | regex_replace('key\\s*=\\s*(.*)\\s*', '\\1') }}"
changed_when: false
run_once: True
when:
- cinder_backend_ceph | bool
- external_ceph_cephx_enabled | bool
- name: Pushing secrets key for libvirt
copy:
content: "{{ item.result }}"
dest: "{{ node_config_directory }}/nova-libvirt/secrets/{{ item.uuid }}.base64"
mode: "0600"
become: true
when:
- inventory_hostname in groups[nova_cell_compute_group]
- item.enabled | bool
- external_ceph_cephx_enabled | bool
with_items:
# NOTE(yoctozepto): 'default' filter required due to eager evaluation of item content
# which will be undefined if the applicable condition is False
- uuid: "{{ rbd_secret_uuid }}"
result: "{{ nova_cephx_raw_key | default }}"
enabled: "{{ nova_backend == 'rbd' }}"
- uuid: "{{ cinder_rbd_secret_uuid }}"
result: "{{ cinder_cephx_raw_key | default }}"
enabled: "{{ cinder_backend_ceph }}"
notify:
- Restart nova-libvirt container
- name: Ensuring config directory has correct owner and permission
become: true
file:
path: "{{ node_config_directory }}/{{ item }}"
recurse: yes
owner: "{{ config_owner_user }}"
group: "{{ config_owner_group }}"
with_items:
- "nova-compute"
- "nova-libvirt/secrets"
when: inventory_hostname in groups[nova_cell_compute_group]
View Git Blame Copy Permalink