openstack/openstack-ansible-os_octavia
Code Issues Proposed changes
openstack-ansible-os_octavia/tasks/octavia_amp_image.yml
Jonathan Rosser a4d2a2aa64 Use the admin endpoint to upload glance images 
The deploy host may not have access to the public endpoint. The
public endpoint SSL certificate may not be trusted. Both of
these things will cause a failure to upload the image.

Depends-On: I8de48eb1fb4c8d321098ca54b9e21270edc7ac87
Depends-On: Ide70b5d8f67d8c8a87e3f16671f0f7fb72338b89
Depends-On: Ia5fda5d417b79189d048c8891b84d57331df1404
Change-Id: Iddc604e852e0ceb7ef6fd68a123f44a14d8762fa
Closes-Bug: 1831183
2019-06-27 21:09:00 +00:00

103 lines
3.9 KiB
YAML
Raw Blame History

---
# Copyright 2018, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# We set the python interpreter to the ansible runtime venv if
# the delegation is to localhost so that we get access to the
# appropriate python libraries in that venv. If the delegation
# is to another host, we assume that it is accessible by the
# system python instead.
- name: Setup the amphora image
delegate_to: "{{ octavia_service_setup_host }}"
vars:
ansible_python_interpreter: >-
{{ (octavia_service_setup_host == 'localhost') | ternary(ansible_playbook_python, ansible_python['executable']) }}
block:
- name: Create image download directory
file:
path: "{{ octavia_amp_image_path }}"
state: directory
mode: "0750"
owner: "{{ octavia_amp_image_path_owner }}"
when:
- octavia_download_artefact | bool
- name: Download image from artefact server
get_url:
url: "{{ octavia_artefact_url }}"
dest: "{{ octavia_amp_image_path }}"
retries: 10
delay: 10
register: octavia_download_result
when:
- octavia_download_artefact | bool
- name: Replace existing image with new one
when:
- octavia_download_result is changed
block:
- name: Get current image id
os_image_facts:
auth:
auth_url: "{{ keystone_service_adminurl }}"
username: "{{ octavia_service_user_name }}"
password: "{{ octavia_service_password }}"
project_name: "{{ octavia_service_project_name }}"
user_domain_name: "{{ octavia_service_user_domain_id }}"
project_domain_name: "{{ octavia_service_project_domain_id }}"
region_name: "{{ octavia_service_region }}"
image: amphora-x64-haproxy
interface: admin
verify: "{{ not keystone_service_adminuri_insecure }}"
register: get_image_facts
until: get_image_facts is success
retries: 5
delay: 10
# This uses command since os_image doesn't support tags.
# TODO(odyssey4me):
# Add tag capability to os_image module and replace this.
- name: Upload new image to glance
command: >-
openstack image create
--os-cloud default
--os-interface admin
--file {{ octavia_download_result.dest }}
--disk-format qcow2
--tag {{ octavia_glance_image_tag }}
--private
--project service
amphora-x64-haproxy
- name: Delete old image from glance
os_image:
auth:
auth_url: "{{ keystone_service_adminurl }}"
username: "{{ octavia_service_user_name }}"
password: "{{ octavia_service_password }}"
project_name: "{{ octavia_service_project_name }}"
user_domain_name: "{{ octavia_service_user_domain_id }}"
project_domain_name: "{{ octavia_service_project_domain_id }}"
state: absent
region_name: "{{ octavia_service_region }}"
name: "{{ openstack_image.id }}"
interface: admin
verify: "{{ not keystone_service_adminuri_insecure }}"
register: remove_old_image
until: remove_old_image is success
retries: 5
delay: 10
when:
- openstack_image.id is defined
View Git Blame Copy Permalink