From d94e1a97185c81258d02c8b9b7e6934abf02382f Mon Sep 17 00:00:00 2001 From: Marc Gariepy Date: Thu, 5 May 2022 08:49:50 -0400 Subject: [PATCH] Use common service setup tasks from a collection rather than in-role Change-Id: Ic1205401b07382c3c72643ce5fb8b5727944cd9c --- tasks/db_setup.yml | 48 ------------ tasks/main.yml | 19 +++-- tasks/service_setup.yml | 162 ---------------------------------------- 3 files changed, 14 insertions(+), 215 deletions(-) delete mode 100644 tasks/db_setup.yml delete mode 100644 tasks/service_setup.yml diff --git a/tasks/db_setup.yml b/tasks/db_setup.yml deleted file mode 100644 index 09b01f8..0000000 --- a/tasks/db_setup.yml +++ /dev/null @@ -1,48 +0,0 @@ ---- -# Copyright 2019, VEXXHOST, Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# WARNING: -# This file is maintained in the openstack-ansible-tests repository. -# https://git.openstack.org/cgit/openstack/openstack-ansible-tests/tree/sync/tasks/db_setup.yml -# If you need to modify this file, update the one in the openstack-ansible-tests -# repository. Once it merges there, the changes will automatically be proposed to -# all the repositories which use it. - -- name: Setup Database Service (MariaDB) - delegate_to: "{{ _oslodb_setup_host }}" - vars: - ansible_python_interpreter: "{{ _oslodb_ansible_python_interpreter }}" - tags: - - common-mariadb - block: - - name: Create database for service - community.mysql.mysql_db: - name: "{{ item.name }}" - login_host: "{{ _oslodb_setup_endpoint | default(omit) }}" - login_port: "{{ _oslodb_setup_port | default(omit) }}" - loop: "{{ _oslodb_databases }}" - no_log: true - - - name: Grant access to the database for the service - community.mysql.mysql_user: - name: "{{ item.1.username }}" - password: "{{ item.1.password }}" - host: "{{ item.1.host | default('%') }}" - priv: "{{ item.0.name }}.*:{{ item.1.priv | default('ALL') }}" - append_privs: yes - login_host: "{{ _oslodb_setup_endpoint | default(omit) }}" - login_port: "{{ _oslodb_setup_port | default(omit) }}" - loop: "{{ _oslodb_databases | subelements('users') }}" - no_log: true diff --git a/tasks/main.yml b/tasks/main.yml index 30ae825..51d4266 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -27,7 +27,12 @@ tags: - always -- import_tasks: db_setup.yml +- include_role: + name: openstack.osa.db_setup + apply: + tags: + - common-db + - adjutant-config when: _adjutant_is_first_play_host vars: _oslodb_setup_host: "{{ adjutant_galera_setup_host }}" @@ -40,8 +45,7 @@ - username: "{{ adjutant_galera_user }}" password: "{{ adjutant_galera_password }}" tags: - - common-db - - adjutant-config + - always - import_tasks: adjutant_pre_install.yml tags: @@ -60,7 +64,12 @@ tags: - adjutant-config -- import_tasks: service_setup.yml +- include_role: + name: openstack.osa.service_setup + apply: + tags: + - common-service + - adjutant-config vars: _service_adminuri_insecure: "{{ keystone_service_adminuri_insecure }}" _service_in_ldap: "{{ adjutant_service_in_ldap }}" @@ -90,7 +99,7 @@ service: "{{ adjutant_service_name }}" when: _adjutant_is_first_play_host tags: - - adjutant-config + - always - name: Run the systemd service role include_role: diff --git a/tasks/service_setup.yml b/tasks/service_setup.yml deleted file mode 100644 index f9200c2..0000000 --- a/tasks/service_setup.yml +++ /dev/null @@ -1,162 +0,0 @@ ---- -# Copyright 2019, VEXXHOST, Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# WARNING: -# This file is maintained in the openstack-ansible-tests repository. -# https://opendev.org/openstack/openstack-ansible-tests/src/sync/tasks/service_setup.yml -# If you need to modify this file, update the one in the openstack-ansible-tests -# repository. Once it merges there, the changes will automatically be proposed to -# all the repositories which use it. - -# We set the python interpreter to the ansible runtime venv if -# the delegation is to localhost so that we get access to the -# appropriate python libraries in that venv. If the delegation -# is to another host, we assume that it is accessible by the -# system python instead. - -- name: Setup the OS service - delegate_to: "{{ _service_setup_host }}" - vars: - ansible_python_interpreter: "{{ _service_setup_host_python_interpreter }}" - block: - - name: Add keystone domain - openstack.cloud.identity_domain: - cloud: default - state: present - description: "{{ _domain_name_description | default(omit) }}" - name: "{{ _domain_name }}" - endpoint_type: admin - verify: "{{ not _service_adminuri_insecure }}" - register: add_domain - when: _domain_name is defined - until: add_domain is success - retries: 5 - delay: 10 - - - name: Add service project - openstack.cloud.project: - cloud: default - state: present - name: "{{ _project_name }}" - description: "{{ _project_description | default(omit) }}" - domain_id: "{{ _project_domain | default('default') }}" - endpoint_type: admin - validate_certs: "{{ not (_service_adminuri_insecure | default(True) | bool) }}" - register: add_service - when: - - not (_service_in_ldap | default(False) | bool) - - _project_name is defined - until: add_service is success - retries: 5 - delay: 10 - - - name: Add services to the keystone service catalog - openstack.cloud.catalog_service: - cloud: default - state: "{{ item.state | default('present') }}" - name: "{{ item.name }}" - service_type: "{{ item.type }}" - description: "{{ item.description | default('') }}" - endpoint_type: admin - validate_certs: "{{ not (_service_adminuri_insecure | default(True) | bool) }}" - register: add_service - with_items: "{{ _service_catalog }}" - when: _service_catalog is defined - until: add_service is success - retries: 5 - delay: 10 - - - name: Add keystone roles - openstack.cloud.identity_role: - cloud: default - state: present - name: "{{ item.role }}" - endpoint_type: admin - validate_certs: "{{ not (_service_adminuri_insecure | default(True) | bool) }}" - register: add_service - when: - - not (_service_in_ldap | default(False) | bool) - - _service_users is defined - - "'role' in item" - - (item.condition | default(True)) | bool - until: add_service is success - with_items: "{{ _service_users }}" - retries: 5 - delay: 10 - no_log: True - - - name: Add service users - openstack.cloud.identity_user: - cloud: default - state: present - name: "{{ item.name }}" - password: "{{ item.password }}" - domain: "{{ item.domain | default('default') }}" - default_project: "{{ item.project | default(_service_project_name) }}" - endpoint_type: admin - validate_certs: "{{ not (_service_adminuri_insecure | default(True) | bool) }}" - update_password: always - register: add_service - when: - - not (_service_in_ldap | default(False) | bool) - - _service_users is defined - - "'name' in item" - - "'password' in item" - - (item.condition | default(True)) | bool - until: add_service is success - with_items: "{{ _service_users }}" - retries: 5 - delay: 10 - no_log: True - - - name: Add service users to the role - openstack.cloud.role_assignment: - cloud: default - state: present - user: "{{ item.name }}" - role: "{{ item.role }}" - project: "{{ item.project | default(_service_project_name) }}" - domain: "{{ item.domain | default(omit) }}" - endpoint_type: admin - validate_certs: "{{ not (_service_adminuri_insecure | default(True) | bool) }}" - register: add_service - when: - - not (_service_in_ldap | default(False) | bool) - - _service_users is defined - - "'name' in item" - - "'role' in item" - - (item.condition | default(True)) | bool - until: add_service is success - with_items: "{{ _service_users }}" - retries: 5 - delay: 10 - no_log: True - - - name: Add endpoints to keystone endpoint catalog - openstack.cloud.endpoint: - cloud: default - state: "{{ item.state | default('present') }}" - service: "{{ item.service }}" - endpoint_interface: "{{ item.interface }}" - url: "{{ item.url }}" - region: "{{ _service_region | default('RegionOne') }}" - endpoint_type: admin - validate_certs: "{{ not (_service_adminuri_insecure | default(True) | bool) }}" - register: add_service - until: add_service is success - retries: 5 - delay: 10 - with_items: "{{ _service_endpoints }}" - when: _service_endpoints is defined