a66bc38593
In order to optimise the distro package installation process the list of packages to install is prepared for the host, then installed by passing the package task the full list instead of using a loop. Change-Id: Ia5c8f31470f0f917ee556ca1157b9191da9d0d2c
193 lines
6.2 KiB
YAML
193 lines
6.2 KiB
YAML
---
|
|
# Copyright 2014, Rackspace US, Inc.
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
# you may not use this file except in compliance with the License.
|
|
# You may obtain a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
# See the License for the specific language governing permissions and
|
|
# limitations under the License.
|
|
|
|
- name: Create keystone dir
|
|
file:
|
|
path: "{{ item.path }}"
|
|
state: directory
|
|
owner: "{{ item.owner|default(keystone_system_user_name) }}"
|
|
group: "{{ item.group|default(keystone_system_group_name) }}"
|
|
mode: "{{ item.mode|default('0755') }}"
|
|
with_items:
|
|
- { path: "/etc/pki/tls/certs", owner: "root", group: "root" }
|
|
- { path: "/etc/pki/tls/private", owner: "root", group: "root" }
|
|
- { path: "/var/lock/keystone", mode: "2755" }
|
|
- { path: "/var/log/httpd", mode: "2755" }
|
|
when: ansible_pkg_mgr == 'yum'
|
|
|
|
- name: Create system links
|
|
file:
|
|
src: "{{ item.src }}"
|
|
dest: "{{ item.dest }}"
|
|
state: "link"
|
|
with_items:
|
|
- { src: "/etc/pki/tls/certs", dest: "/etc/ssl/certs" }
|
|
- { src: "/etc/pki/tls/private", dest: "/etc/ssl/private" }
|
|
- { src: "/var/log/httpd", dest: "/var/log/apache2" }
|
|
when: ansible_pkg_mgr == 'yum'
|
|
|
|
- name: Add shibboleth repo
|
|
yum_repository:
|
|
name: "shibboleth"
|
|
description: "shibboleth Repo"
|
|
baseurl: "http://download.opensuse.org/repositories/security:/shibboleth/CentOS_7/"
|
|
gpgkey: "http://download.opensuse.org/repositories/security:/shibboleth/CentOS_7//repodata/repomd.xml.key"
|
|
gpgcheck: yes
|
|
when:
|
|
- ansible_pkg_mgr == 'yum'
|
|
- keystone_sp != {}
|
|
|
|
- name: Install distro packages
|
|
package:
|
|
name: "{{ keystone_package_list }}"
|
|
state: "{{ keystone_package_state }}"
|
|
update_cache: "{{ (ansible_pkg_mgr == 'apt') | ternary('yes', omit) }}"
|
|
cache_valid_time: "{{ (ansible_pkg_mgr == 'apt') | ternary(cache_timeout, omit) }}"
|
|
register: install_packages
|
|
until: install_packages | success
|
|
retries: 5
|
|
delay: 2
|
|
notify:
|
|
- Restart web server on first node
|
|
- Restart web server on other nodes
|
|
|
|
- name: Create developer mode constraint file
|
|
copy:
|
|
dest: "/opt/developer-pip-constraints.txt"
|
|
content: |
|
|
{% for item in keystone_developer_constraints %}
|
|
{{ item }}
|
|
{% endfor %}
|
|
when: keystone_developer_mode | bool
|
|
|
|
- name: Install required pip packages
|
|
pip:
|
|
name: "{{ keystone_requires_pip_packages }}"
|
|
state: "{{ keystone_pip_package_state }}"
|
|
extra_args: >-
|
|
{{ keystone_developer_mode | ternary(pip_install_developer_constraints | default('--constraint /opt/developer-pip-constraints.txt'), '') }}
|
|
{{ (pip_install_upper_constraints is defined) | ternary('--constraint ' + pip_install_upper_constraints | default(''),'') }}
|
|
{{ pip_install_options | default('') }}
|
|
register: install_packages
|
|
until: install_packages|success
|
|
retries: 5
|
|
delay: 2
|
|
|
|
- name: Retrieve checksum for venv download
|
|
uri:
|
|
url: "{{ keystone_venv_download_url | replace('tgz', 'checksum') }}"
|
|
return_content: yes
|
|
register: keystone_venv_checksum
|
|
when: keystone_venv_download | bool
|
|
|
|
- name: Attempt venv download
|
|
get_url:
|
|
url: "{{ keystone_venv_download_url }}"
|
|
dest: "/var/cache/{{ keystone_venv_download_url | basename }}"
|
|
checksum: "sha1:{{ keystone_venv_checksum.content | trim }}"
|
|
register: keystone_get_venv
|
|
when: keystone_venv_download | bool
|
|
|
|
- name: Remove existing venv
|
|
file:
|
|
path: "{{ keystone_bin | dirname }}"
|
|
state: absent
|
|
when: keystone_get_venv | changed
|
|
|
|
- name: Create keystone venv dir
|
|
file:
|
|
path: "{{ keystone_bin | dirname }}"
|
|
state: directory
|
|
register: keystone_venv_dir
|
|
when: keystone_get_venv | changed
|
|
|
|
- name: Unarchive pre-built venv
|
|
unarchive:
|
|
src: "/var/cache/{{ keystone_venv_download_url | basename }}"
|
|
dest: "{{ keystone_bin | dirname }}"
|
|
copy: "no"
|
|
when: keystone_get_venv | changed
|
|
notify:
|
|
- Restart uWSGI on first node
|
|
- Restart uWSGI on other nodes
|
|
- Restart web server on first node
|
|
- Restart web server on other nodes
|
|
|
|
- name: Install pip packages
|
|
pip:
|
|
name: "{{ keystone_pip_packages }}"
|
|
state: "{{ keystone_pip_package_state }}"
|
|
virtualenv: "{{ keystone_bin | dirname }}"
|
|
virtualenv_site_packages: "no"
|
|
extra_args: >-
|
|
{{ keystone_developer_mode | ternary(pip_install_developer_constraints | default('--constraint /opt/developer-pip-constraints.txt'), '') }}
|
|
{{ (pip_install_upper_constraints is defined) | ternary('--constraint ' + pip_install_upper_constraints | default(''),'') }}
|
|
{{ pip_install_options | default('') }}
|
|
register: install_packages
|
|
until: install_packages|success
|
|
retries: 5
|
|
delay: 2
|
|
when: keystone_get_venv | failed or keystone_get_venv | skipped
|
|
notify:
|
|
- Restart uWSGI on first node
|
|
- Restart uWSGI on other nodes
|
|
- Restart web server on first node
|
|
- Restart web server on other nodes
|
|
|
|
- name: CentOS remove python from path first
|
|
file:
|
|
path: "{{ keystone_bin | dirname }}/bin/python2.7"
|
|
state: "absent"
|
|
when:
|
|
- ansible_pkg_mgr == 'yum'
|
|
- keystone_get_venv | changed
|
|
|
|
- name: Update virtualenv path
|
|
command: >
|
|
virtualenv-tools --update-path=auto --reinitialize {{ keystone_bin | dirname }}
|
|
when: keystone_get_venv | changed
|
|
|
|
- name: Create WSGI symlinks
|
|
file:
|
|
src: "{{ item.src }}"
|
|
dest: "/var/www/cgi-bin/keystone/{{ item.dest }}"
|
|
state: link
|
|
force: yes
|
|
with_items:
|
|
- src: "{{ keystone_bin }}/keystone-wsgi-admin"
|
|
dest: admin
|
|
- src: "{{ keystone_bin }}/keystone-wsgi-public"
|
|
dest: main
|
|
notify:
|
|
- Restart web server on first node
|
|
- Restart web server on other nodes
|
|
|
|
- name: Record the need for a db sync
|
|
ini_file:
|
|
dest: "/etc/ansible/facts.d/openstack_ansible.fact"
|
|
section: keystone
|
|
option: need_db_sync
|
|
value: True
|
|
when: keystone_get_venv | changed or
|
|
keystone_venv_dir | changed or
|
|
install_packages | changed
|
|
|
|
- name: Record the venv tag deployed
|
|
ini_file:
|
|
dest: "/etc/ansible/facts.d/openstack_ansible.fact"
|
|
section: keystone
|
|
option: venv_tag
|
|
value: "{{ keystone_venv_tag }}"
|