kolla-ansible/ansible/roles/nova-cell/tasks/config-libvirt-tls.yml
Roman Krček fb3a8f5fa9 Performance: use filters for service dicts
Most roles are not leveraging the jinja filters available.
According to [1] filtering the list of services makes the execution
faster than skipping the tasks.

This patchset also includes some cosmetic changes to genconfig.
Individual services are now also using a jinja filter. This has
no impact on performance, just makes the tasks look cleaner.

Naming of some vars in genconfig was changed to "service" to make
the tasks more uniform as some were previously using
the service name and some were using "service".

Three metrics from the deployment were taken and those were
- overall deployment time [s]
- time spent on the specific role [s]
- CPU usage (measured with perf) [-]
Overall genconfig time went down on avg. from 209s to 195s
Time spent on the loadbalancer role went down on avg. from 27s to 23s
Time spent on the neutron role went down on avg from 102s to 95s
Time spent on the nova-cell role went down on avg. from 54s to 52s
Also the average CPUs utilized reported by perf went down
from 3.31 to 3.15.
For details of how this was measured see the comments in gerrit.

[1] - https://github.com/stackhpc/ansible-scaling/blob/master/doc/skip.md

Change-Id: Ib0f00aadb6c7022de6e8b455ac4b9b8cd6be5b1b
Signed-off-by: Roman Krček <roman.krcek@tietoevry.com>
2024-06-28 09:04:43 +02:00

30 lines
969 B
YAML

---
- name: Copying over libvirt TLS keys to services
become: true
vars:
services:
- "nova-compute"
- "nova-libvirt"
key_files:
- cacert.pem
- clientcert.pem
- clientkey.pem
- servercert.pem
- serverkey.pem
service_name: "{{ item[0] }}"
filename: "{{ item[1] }}"
paths:
- "{{ node_custom_config }}/nova/nova-libvirt/{{ inventory_hostname }}/{{ filename }}"
- "{{ node_custom_config }}/nova/nova-libvirt/{{ filename }}"
service: "{{ nova_cell_services[service_name] }}"
copy:
src: "{{ lookup('first_found', paths) }}"
dest: "{{ node_config_directory }}/{{ service_name }}/{{ filename }}"
mode: "0600"
when:
- service | service_enabled_and_mapped_to_host
- not (service_name == 'nova-compute' and (filename == 'servercert.pem' or filename == 'serverkey.pem'))
loop: "{{ services | product(key_files) | list }}"
notify:
- Restart {{service_name }} container