openstack/openstack-ansible-os_octavia
Code Issues Proposed changes
openstack-ansible-os_octavia/tasks/main.yml
Dmitriy Rabotyagov d94e57f17b Fix linters and metadata 
With update of ansible-lint to version >=6.0.0 a lot of new
linters were added, that enabled by default. In order to comply
with linter rules we're applying changes to the role.

With that we also update metdata to reflect current state.

Change-Id: Id8215882ee528d4c3055479e770c7432616649ba
2023-07-17 15:38:00 +02:00

308 lines
9.4 KiB
YAML
Raw Blame History

---
# Copyright 2017, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Fail if service was deployed using a different installation method
fail:
msg: "Switching installation methods for OpenStack services is not supported"
when:
- ansible_local is defined
- ansible_local.openstack_ansible is defined
- ansible_local.openstack_ansible.octavia is defined
- ansible_local.openstack_ansible.octavia.install_method is defined
- ansible_local.openstack_ansible.octavia.install_method != octavia_install_method
- name: Gather variables for each operating system
include_vars: "{{ lookup('first_found', params) }}"
vars:
params:
files:
- "{{ ansible_facts['distribution'] | lower }}-{{ ansible_facts['distribution_version'] | lower }}.yml"
- "{{ ansible_facts['distribution'] | lower }}-{{ ansible_facts['distribution_major_version'] | lower }}.yml"
- "{{ ansible_facts['os_family'] | lower }}-{{ ansible_facts['distribution_major_version'] | lower }}.yml"
- "{{ ansible_facts['distribution'] | lower }}.yml"
- "{{ ansible_facts['os_family'] | lower }}.yml"
paths:
- "{{ role_path }}/vars"
tags:
- always
- name: Gather variables for installation method
include_vars: "{{ octavia_install_method }}_install.yml"
tags:
- always
- name: Fail if our required secrets are not present
fail:
msg: "Please set the {{ item }} variable prior to applying this role."
when: (item is undefined) or (item is none)
with_items: "{{ octavia_required_secrets }}"
tags:
- always
- name: Including osa.db_setup role
include_role:
name: openstack.osa.db_setup
apply:
tags:
- common-db
- octavia-config
when:
- _octavia_is_first_play_host
vars:
_oslodb_setup_host: "{{ octavia_db_setup_host }}"
_oslodb_ansible_python_interpreter: "{{ octavia_db_setup_python_interpreter }}"
_oslodb_setup_endpoint: "{{ octavia_galera_address }}"
_oslodb_setup_port: "{{ octavia_galera_port }}"
_oslodb_databases:
- name: "{{ octavia_galera_database }}"
users:
- username: "{{ octavia_galera_user }}"
password: "{{ octavia_container_mysql_password }}"
- name: "{{ octavia_galera_persistence_database }}"
condition: "{{ octavia_coordination_enable | bool }}"
users:
- username: "{{ octavia_galera_user }}"
password: "{{ octavia_container_mysql_password }}"
tags:
- always
- name: Including osa.mq_setup role
include_role:
name: openstack.osa.mq_setup
apply:
tags:
- common-mq
- octavia-config
when:
- _octavia_is_first_play_host
vars:
_oslomsg_rpc_setup_host: "{{ octavia_oslomsg_rpc_setup_host }}"
_oslomsg_rpc_userid: "{{ octavia_oslomsg_rpc_userid }}"
_oslomsg_rpc_password: "{{ octavia_oslomsg_rpc_password }}"
_oslomsg_rpc_vhost: "{{ octavia_oslomsg_rpc_vhost }}"
_oslomsg_rpc_transport: "{{ octavia_oslomsg_rpc_transport }}"
_oslomsg_notify_setup_host: "{{ octavia_oslomsg_notify_setup_host }}"
_oslomsg_notify_userid: "{{ octavia_oslomsg_notify_userid }}"
_oslomsg_notify_password: "{{ octavia_oslomsg_notify_password }}"
_oslomsg_notify_vhost: "{{ octavia_oslomsg_notify_vhost }}"
_oslomsg_notify_transport: "{{ octavia_oslomsg_notify_transport }}"
tags:
- always
- name: Gather variables for installation method
include_vars: "{{ octavia_install_method }}_install.yml"
tags:
- always
- name: Importing octavia_pre_install tasks
import_tasks: octavia_pre_install.yml
tags:
- octavia-install
- name: Create and install SSL certificates
include_role:
name: pki
apply:
tags:
- octavia-config
- pki
vars:
pki_setup_host: "{{ octavia_cert_setup_host }}"
pki_dir: "{{ octavia_cert_dir }}"
pki_create_ca: "{{ octavia_generate_ca }}"
pki_regen_ca: "{{ octavia_regenerate_ca }}"
pki_authorities: "{{ octavia_cert_authorities }}"
pki_create_certificates: "{{ octavia_generate_client_cert }}"
pki_regen_cert: "{{ octavia_regenerate_client_cert }}"
pki_certificates: "{{ octavia_cert_certificates }}"
pki_install_certificates: "{{ octavia_cert_install_certificates }}"
when:
- (octavia_generate_certs | bool) or (octavia_backend_ssl | bool)
tags:
- always
- name: Assemble SSL certificates
assemble:
src: /etc/octavia/certs/
dest: /etc/octavia/certs/client.pem
regexp: '(client\.pem\.crt|client\.pem\.key)$'
owner: "{{ octavia_system_user_name }}"
group: "{{ octavia_system_group_name }}"
mode: "0640"
notify:
- Restart octavia services
- Restart uwsgi services
when:
- octavia_generate_certs | bool
tags:
- octavia-config
- octavia-install
- name: Importing octavia_install tasks
import_tasks: octavia_install.yml
tags:
- octavia-install
- name: Import uwsgi role
import_role:
name: uwsgi
vars:
uwsgi_services: "{{ uwsgi_octavia_services }}"
uwsgi_install_method: "{{ octavia_install_method }}"
tags:
- octavia-config
- uwsgi
- name: Run the systemd service role
import_role:
name: systemd_service
vars:
systemd_after_targets: "{{ service_var.after_targets | default(['syslog.target', 'network.target']) }}"
systemd_user_name: "{{ octavia_system_user_name }}"
systemd_group_name: "{{ octavia_system_group_name }}"
systemd_tempd_prefix: openstack
systemd_slice_name: "{{ octavia_system_slice_name }}"
systemd_lock_dir: "{{ octavia_lock_dir }}"
systemd_service_cpu_accounting: true
systemd_service_block_io_accounting: true
systemd_service_memory_accounting: true
systemd_service_tasks_accounting: true
systemd_services: "{{ filtered_octavia_services }}"
tags:
- octavia-config
- systemd-service
- name: Including osa.service_setup role
include_role:
name: openstack.osa.service_setup
apply:
tags:
- common-service
- octavia-config
vars:
_service_adminuri_insecure: "{{ keystone_service_adminuri_insecure }}"
_service_in_ldap: "{{ octavia_service_in_ldap }}"
_service_setup_host: "{{ octavia_service_setup_host }}"
_service_setup_host_python_interpreter: "{{ octavia_service_setup_host_python_interpreter }}"
_service_project_name: "{{ octavia_service_project_name }}"
_service_region: "{{ octavia_service_region }}"
_service_users:
- name: "{{ octavia_service_user_name }}"
password: "{{ octavia_service_password }}"
role: "{{ octavia_service_role_names }}"
- role: load-balancer_observer
- role: load-balancer_global_observer
- role: load-balancer_member
- role: load-balancer_admin
- role: load-balancer_quota_admin
_service_endpoints:
- service: "{{ octavia_service_name }}"
interface: "public"
url: "{{ octavia_service_publicuri }}"
- service: "{{ octavia_service_name }}"
interface: "internal"
url: "{{ octavia_service_internaluri }}"
- service: "{{ octavia_service_name }}"
interface: "admin"
url: "{{ octavia_service_adminuri }}"
_service_catalog:
- name: "{{ octavia_service_name }}"
type: "{{ octavia_service_type }}"
description: "{{ octavia_service_description }}"
when: _octavia_is_first_play_host
tags:
- always
- name: Including octavia_mgmt_network tasks
include_tasks: octavia_mgmt_network.yml
args:
apply:
tags:
- octavia-install
- octavia-config
when:
- octavia_neutron_management_network_uuid is not defined
- octavia_neutron_management_network_name is defined
- _octavia_is_first_play_host
tags:
- always
- name: Importing octavia_security_group tasks
import_tasks: octavia_security_group.yml
when:
- _octavia_is_first_play_host
tags:
- octavia-install
- name: Including octavia_keypair tasks
include_tasks: octavia_keypair.yml
args:
apply:
tags:
- octavia-config
when:
- _octavia_is_first_play_host
tags:
- always
- name: Importing octavia_flavor_create tasks
include_tasks: octavia_flavor_create.yml
args:
apply:
tags:
- octavia-install
- octavia-config
when:
- _octavia_is_first_play_host
- octavia_nova_flavor_uuid is not defined
tags:
- always
- name: Importing octavia_post_install tasks
import_tasks: octavia_post_install.yml
tags:
- octavia-install
- octavia-config
- name: Importing octavia_db_sync tasks
import_tasks: octavia_db_sync.yml
when:
- _octavia_is_first_play_host
tags:
- octavia-install
- name: Importing octavia_policy tasks
import_tasks: octavia_policy.yml
tags:
- octavia-install
- octavia-config
- octavia-policy-override
- name: Including octavia_amp_image tasks
include_tasks: octavia_amp_image.yml
args:
apply:
tags:
- octavia-config
when:
- _octavia_is_first_play_host
- octavia_download_artefact | bool
tags:
- always
- name: Flush handlers
meta: flush_handlers
View Git Blame Copy Permalink