8ceea78a97
With update of ansible-lint to version >=6.0.0 a lot of new linters were added, that enabled by default. In order to comply with linter rules we're applying changes to the role. With that we also update metdata to reflect current state. Depends-On: https://review.opendev.org/c/openstack/ansible-role-systemd_service/+/888223 Change-Id: I3905e334cfbeb7ccb976358016f81c5edd6cd284
166 lines
5.4 KiB
YAML
166 lines
5.4 KiB
YAML
---
|
|
# Copyright 2014, Rackspace US, Inc.
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
# you may not use this file except in compliance with the License.
|
|
# You may obtain a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
# See the License for the specific language governing permissions and
|
|
# limitations under the License.
|
|
|
|
- name: Stop services
|
|
service:
|
|
name: "{{ item.service_name }}"
|
|
enabled: yes
|
|
state: "stopped"
|
|
daemon_reload: yes
|
|
with_items: "{{ filtered_neutron_services }}"
|
|
register: _stop
|
|
until: _stop is success
|
|
retries: 5
|
|
delay: 2
|
|
listen:
|
|
- "Restart neutron services"
|
|
- "venv changed"
|
|
- "systemd service changed"
|
|
- "cert installed"
|
|
|
|
# NOTE(cloudnull):
|
|
# When installing or upgrading it is possible that an old metadata proxy process will not
|
|
# be restarted by the metadata agent when a version changes. To fix it the ns-metadata
|
|
# proxy pids are killed if they're not running the current tag. Once the old processeses
|
|
# are removed the metadata agent will respawn the missing process within 60 seconds using
|
|
# the correct code.
|
|
- name: Run ns-metadata-proxy process cleanup
|
|
shell: |
|
|
for ns_pid in $(pgrep neutron-ns-meta); do
|
|
echo $(readlink -f "/proc/$ns_pid/exe") | grep -qv "{{ neutron_venv_tag }}"
|
|
if [ $? -eq 0 ]; then
|
|
if kill -9 "$ns_pid"; then
|
|
logger -s "old metadata proxy pid found and has been cleaned up on: \"$ns_pid\""
|
|
fi
|
|
fi
|
|
done
|
|
when: "'neutron-metadata-agent' in (filtered_neutron_services | map(attribute='service_key') | list)"
|
|
changed_when: false
|
|
listen:
|
|
- "Restart neutron services"
|
|
- "venv changed"
|
|
|
|
# NOTE
|
|
# When restarting neutron-l3-agent, a non-default systemd KillMode of 'process' is used
|
|
# to prevent Keepalived from exiting and causing a data-plane outage. As a result of this
|
|
# some neutron processes remain running. In the case of an upgrade, these remaining
|
|
# processes will be running code from the previous version. This step ensures these
|
|
# orphaned processes are cleaned up correctly.
|
|
- name: Run neutron-l3-agent process cleanup
|
|
shell: |
|
|
for ns_pid in $(cat /sys/fs/cgroup/pids/neutron.slice/neutron-l3-agent.service/cgroup.procs); do
|
|
echo $(readlink -f "/proc/$ns_pid/exe") | egrep -qv "keepalived|haproxy"
|
|
if [ $? -eq 0 ] || [ "{{ neutron_l3_cleanup_on_shutdown | bool }}" = "True" ]; then
|
|
if kill -9 "$ns_pid"; then
|
|
logger -s "old neutron-l3-agent pid found and has been cleaned up on: \"$ns_pid\""
|
|
fi
|
|
fi
|
|
done
|
|
when: "'neutron-l3-agent' in (filtered_neutron_services | map(attribute='service_key') | list)"
|
|
changed_when: false
|
|
listen:
|
|
- "Restart neutron services"
|
|
- "venv changed"
|
|
|
|
- name: Restart openvswitch
|
|
service:
|
|
name: "{{ neutron_ovs_service_name }}"
|
|
state: restarted
|
|
listen:
|
|
- "Restart provider services"
|
|
when:
|
|
- neutron_needs_openvswitch | bool
|
|
- not _neutron_ovs_disabled
|
|
|
|
- name: Symlink neutron config directory
|
|
file:
|
|
# NOTE(cloudnull): The "src" path is relative. This ensures all files remain
|
|
# within the host/container confines when connecting to
|
|
# them using the connection plugin or the root filesystem.
|
|
src: "{{ neutron_conf_version_dir | regex_replace('^/', '../') }}"
|
|
dest: "{{ neutron_conf_dir }}"
|
|
state: link
|
|
force: true
|
|
when: neutron_install_method == 'source'
|
|
listen:
|
|
- "venv changed"
|
|
|
|
- name: Drop sudoers file
|
|
template:
|
|
src: "sudoers.j2"
|
|
dest: "/etc/sudoers.d/{{ neutron_system_user_name }}_sudoers"
|
|
mode: "0440"
|
|
owner: "root"
|
|
group: "root"
|
|
listen:
|
|
- "Restart neutron services"
|
|
- "venv changed"
|
|
|
|
- name: Perform a DB contract
|
|
command: "{{ neutron_bin }}/neutron-db-manage upgrade --contract"
|
|
become: yes
|
|
become_user: "{{ neutron_system_user_name }}"
|
|
delegate_to: "{{ groups[neutron_services['neutron-server']['group']][0] }}"
|
|
changed_when: false
|
|
when:
|
|
- "ansible_local['openstack_ansible']['neutron']['need_db_contract'] | bool"
|
|
- "_neutron_is_first_play_host"
|
|
listen:
|
|
- "Restart neutron services"
|
|
- "venv changed"
|
|
|
|
- name: Start services
|
|
service:
|
|
name: "{{ item.service_name }}"
|
|
enabled: yes
|
|
state: "started"
|
|
daemon_reload: yes
|
|
with_items: "{{ filtered_neutron_services }}"
|
|
register: _start
|
|
until: _start is success
|
|
retries: 5
|
|
delay: 2
|
|
listen:
|
|
- "Restart neutron services"
|
|
- "venv changed"
|
|
- "systemd service changed"
|
|
- "cert installed"
|
|
|
|
- name: Start ovn service
|
|
service:
|
|
name: "{{ neutron_ovn_northd_service_name }}"
|
|
state: started
|
|
listen:
|
|
- start ovn service
|
|
|
|
# (NOTE) Restarting twice to cleanup some pid.
|
|
- name: Restart ovn northd
|
|
service:
|
|
name: "{{ neutron_ovn_northd_service_name }}"
|
|
state: restarted
|
|
when:
|
|
- neutron_services['neutron-ovn-northd']['group'] in group_names and neutron_plugin_type == 'ml2.ovn'
|
|
listen:
|
|
- restart ovn service
|
|
|
|
- name: Restart ovn controller
|
|
service:
|
|
name: "{{ neutron_ovn_controller_service_name }}"
|
|
state: restarted
|
|
when:
|
|
- neutron_services['neutron-ovn-controller']['group'] in group_names and neutron_plugin_type == 'ml2.ovn'
|
|
listen:
|
|
- restart ovn service
|