b123bf6621
Many tasks that use Docker have become specified already, but not all. This change ensures all tasks that use the following modules have become: * kolla_docker * kolla_ceph_keyring * kolla_toolbox * kolla_container_facts It also adds become for 'command' tasks that use docker CLI. Change-Id: I4a5ebcedaccb9261dbc958ec67e8077d7980e496
43 lines
1.5 KiB
YAML
43 lines
1.5 KiB
YAML
---
|
|
- name: Checking Docker version
|
|
become: true
|
|
command: docker --version
|
|
register: result
|
|
changed_when: false
|
|
when: inventory_hostname in groups['baremetal']
|
|
failed_when: result is failed
|
|
or result.stdout | regex_replace('.*(\\d+\\.\\d+\\.\\d+).*', '\\1') is version(docker_version_min, '<')
|
|
|
|
# NOTE(mgoddard): If passwords.yml is encrypted using ansible-vault, this check
|
|
# will pass, but only because nothing in the vault file has the format of a
|
|
# YAML dict item.
|
|
- name: Checking empty passwords in passwords.yml. Run kolla-genpwd if this task fails
|
|
local_action: command grep '^[^#].*:\s*$' "{{ node_config }}/passwords.yml"
|
|
run_once: True
|
|
register: result
|
|
changed_when: false
|
|
failed_when: result.stdout | regex_replace('(.*ssh_key.*)', '') is search(":")
|
|
|
|
- name: Check if nscd is running
|
|
command: pgrep nscd
|
|
ignore_errors: yes
|
|
failed_when: false
|
|
changed_when: false
|
|
register: nscd_status
|
|
|
|
- name: Fail if nscd is running
|
|
fail:
|
|
msg: |
|
|
Service nscd is running. This is known to cause issues with Docker's user namespaces in
|
|
Kolla. Please disable it before proceeding.
|
|
when:
|
|
- nscd_status.rc == 0
|
|
|
|
- name: Checking internal and external VIP addresses differ
|
|
run_once: True
|
|
local_action: fail msg='kolla_external_vip_address and kolla_internal_vip_address must not be the same when TLS is enabled'
|
|
changed_when: false
|
|
when:
|
|
- kolla_enable_tls_external | bool
|
|
- kolla_external_vip_address == kolla_internal_vip_address
|