openstack/kolla-ansible
Code Issues Proposed changes
c02d736ba7
kolla-ansible/ansible/roles/nova-cell/tasks/external_ceph.yml
Roman Krček fb3a8f5fa9 Performance: use filters for service dicts 
Most roles are not leveraging the jinja filters available.
According to [1] filtering the list of services makes the execution
faster than skipping the tasks.

This patchset also includes some cosmetic changes to genconfig.
Individual services are now also using a jinja filter. This has
no impact on performance, just makes the tasks look cleaner.

Naming of some vars in genconfig was changed to "service" to make
the tasks more uniform as some were previously using
the service name and some were using "service".

Three metrics from the deployment were taken and those were
- overall deployment time [s]
- time spent on the specific role [s]
- CPU usage (measured with perf) [-]
Overall genconfig time went down on avg. from 209s to 195s
Time spent on the loadbalancer role went down on avg. from 27s to 23s
Time spent on the neutron role went down on avg from 102s to 95s
Time spent on the nova-cell role went down on avg. from 54s to 52s
Also the average CPUs utilized reported by perf went down
from 3.31 to 3.15.
For details of how this was measured see the comments in gerrit.

[1] - https://github.com/stackhpc/ansible-scaling/blob/master/doc/skip.md

Change-Id: Ib0f00aadb6c7022de6e8b455ac4b9b8cd6be5b1b
Signed-off-by: Roman Krček <roman.krcek@tietoevry.com>
2024-06-28 09:04:43 +02:00

208 lines
7.0 KiB
YAML
Raw Blame History

---
- name: Check nova keyring file
vars:
keyring: "{{ nova_ceph_cluster }}.{{ ceph_nova_keyring }}"
paths:
- "{{ node_custom_config }}/nova/{{ inventory_hostname }}/{{ keyring }}"
- "{{ node_custom_config }}/nova/{{ keyring }}"
stat:
path: "{{ lookup('first_found', paths) }}"
delegate_to: localhost
register: nova_cephx_keyring_file
failed_when: not nova_cephx_keyring_file.stat.exists
when:
- nova_backend == "rbd"
- external_ceph_cephx_enabled | bool
- name: Check cinder keyring file
vars:
keyring: "{{ nova_ceph_cluster }}.{{ ceph_cinder_keyring }}"
paths:
- "{{ node_custom_config }}/nova/{{ inventory_hostname }}/{{ keyring }}"
- "{{ node_custom_config }}/nova/{{ keyring }}"
stat:
path: "{{ lookup('first_found', paths) }}"
delegate_to: localhost
register: cinder_cephx_keyring_file
failed_when: not cinder_cephx_keyring_file.stat.exists
when:
- cinder_backend_ceph | bool
- external_ceph_cephx_enabled | bool
- name: Extract nova key from file
set_fact:
nova_cephx_raw_key:
"{{ lookup('template', nova_cephx_keyring_file.stat.path) | regex_search('key\\s*=.*$', multiline=True) | regex_replace('key\\s*=\\s*(.*)\\s*', '\\1') }}"
changed_when: false
when:
- nova_backend == "rbd"
- external_ceph_cephx_enabled | bool
- name: Extract cinder key from file
set_fact:
cinder_cephx_raw_key:
"{{ lookup('file', cinder_cephx_keyring_file.stat.path) | regex_search('key\\s*=.*$', multiline=True) | regex_replace('key\\s*=\\s*(.*)\\s*', '\\1') }}"
changed_when: false
when:
- cinder_backend_ceph | bool
- external_ceph_cephx_enabled | bool
- name: Copy over ceph nova keyring file
template:
src: "{{ nova_cephx_keyring_file.stat.path }}"
dest: "{{ node_config_directory }}/{{ item }}/"
owner: "{{ config_owner_user }}"
group: "{{ config_owner_group }}"
mode: "0660"
become: true
with_items:
- nova-compute
when:
- inventory_hostname in groups[nova_cell_compute_group]
- nova_backend == "rbd"
- external_ceph_cephx_enabled | bool
notify:
- Restart {{ item }} container
- name: Copy over ceph cinder keyring file
template:
src: "{{ cinder_cephx_keyring_file.stat.path }}"
dest: "{{ node_config_directory }}/{{ item }}/"
owner: "{{ config_owner_user }}"
group: "{{ config_owner_group }}"
mode: "0660"
become: true
with_items: # NOTE: nova-libvirt does not need it
- nova-compute
when:
- inventory_hostname in groups[nova_cell_compute_group]
- nova_backend == "rbd"
- external_ceph_cephx_enabled | bool
notify:
- Restart {{ item }} container
- name: Copy over ceph.conf
vars:
service: "{{ nova_cell_services[item] }}"
paths:
- "{{ node_custom_config }}/nova/{{ inventory_hostname }}/{{ nova_ceph_cluster }}.conf"
- "{{ node_custom_config }}/nova/{{ nova_ceph_cluster }}.conf"
template:
src: "{{ lookup('first_found', paths) }}"
dest: "{{ node_config_directory }}/{{ item }}/"
owner: "{{ config_owner_user }}"
group: "{{ config_owner_group }}"
mode: "0660"
become: true
with_items:
- nova-compute
- nova-libvirt
when:
- service | service_enabled_and_mapped_to_host
- nova_backend == "rbd"
notify:
- Restart {{ item }} container
- block:
- name: Ensure /etc/ceph directory exists (host libvirt)
vars:
paths:
- "{{ node_custom_config }}/nova/{{ inventory_hostname }}/{{ nova_ceph_cluster }}.conf"
- "{{ node_custom_config }}/nova/{{ nova_ceph_cluster }}.conf"
file:
path: "/etc/ceph/"
state: "directory"
owner: "root"
group: "root"
mode: "0755"
become: true
- name: Copy over ceph.conf (host libvirt)
vars:
paths:
- "{{ node_custom_config }}/nova/{{ inventory_hostname }}/{{ nova_ceph_cluster }}.conf"
- "{{ node_custom_config }}/nova/{{ nova_ceph_cluster }}.conf"
template:
src: "{{ lookup('first_found', paths) }}"
dest: "/etc/ceph/{{ nova_ceph_cluster }}.conf"
owner: "root"
group: "root"
mode: "0644"
become: true
when:
- not enable_nova_libvirt_container | bool
- inventory_hostname in groups[nova_cell_compute_group]
- nova_backend == "rbd"
- block:
- name: Ensuring libvirt secrets directory exists
vars:
service: "{{ nova_cell_services['nova-libvirt'] }}"
file:
path: "{{ libvirt_secrets_dir }}"
state: "directory"
owner: "{{ config_owner_user }}"
group: "{{ config_owner_group }}"
mode: "0770"
become: true
when: service | service_enabled_and_mapped_to_host
- name: Pushing nova secret xml for libvirt
vars:
service: "{{ nova_cell_services['nova-libvirt'] }}"
template:
src: "secret.xml.j2"
dest: "{{ libvirt_secrets_dir }}/{{ item.uuid }}.xml"
owner: "{{ config_owner_user }}"
group: "{{ config_owner_group }}"
mode: "0600"
become: true
when: service | service_enabled_and_mapped_to_host
with_items:
- uuid: "{{ rbd_secret_uuid }}"
name: "client.nova secret"
enabled: "{{ nova_backend == 'rbd' }}"
- uuid: "{{ cinder_rbd_secret_uuid }}"
name: "client.cinder secret"
enabled: "{{ cinder_backend_ceph }}"
notify: "{{ libvirt_restart_handlers }}"
- name: Pushing secrets key for libvirt
vars:
service: "{{ nova_cell_services['nova-libvirt'] }}"
template:
src: "libvirt-secret.j2"
dest: "{{ libvirt_secrets_dir }}/{{ item.uuid }}.base64"
owner: "{{ config_owner_user }}"
group: "{{ config_owner_group }}"
mode: "0600"
become: true
when:
- service | service_enabled_and_mapped_to_host
- item.enabled | bool
- external_ceph_cephx_enabled | bool
with_items:
# NOTE(yoctozepto): 'default' filter required due to eager evaluation of item content
# which will be undefined if the applicable condition is False
- uuid: "{{ rbd_secret_uuid }}"
result: "{{ nova_cephx_raw_key | default }}"
enabled: "{{ nova_backend == 'rbd' }}"
- uuid: "{{ cinder_rbd_secret_uuid }}"
result: "{{ cinder_cephx_raw_key | default }}"
enabled: "{{ cinder_backend_ceph }}"
notify: "{{ libvirt_restart_handlers }}"
no_log: True
vars:
libvirt_secrets_dir: >-
{{ (node_config_directory ~ '/nova-libvirt/secrets')
if enable_nova_libvirt_container | bool
else '/etc/libvirt/secrets' }}
# NOTE(mgoddard): When running libvirt as a host daemon, on CentOS it
# appears to pick up secrets automatically, while on Ubuntu it requires a
# reload. This may be due to differences in tested versions of libvirt
# (8.0.0 vs 6.0.0). Reload should be low overhead, so do it always.
libvirt_restart_handlers: >-
{{ ['Restart nova-libvirt container']
if enable_nova_libvirt_container | bool else
['Reload libvirtd'] }}
View Git Blame Copy Permalink