Manage trove images through openstack_resources role

This unifies approach for common resource management, like image uploads. With that we also split network creation with information fetch about it to include role only once and save execution time. Change-Id: Ib0126a0ac70aa613296a8d6e1ca61b34e22b02c2
2024-05-03 18:47:32 +02:00 · 2024-05-03 18:47:32 +02:00 · d9db42e5a9
commit d9db42e5a9
parent 4186873963
5 changed files with 74 additions and 116 deletions
--- a/tasks/main.yml
+++ b/tasks/main.yml
@ -159,15 +159,20 @@
  tags:
    - trove-install

- name: Importing trove_service_network tasks
-  import_tasks: trove_service_network.yml
+- name: Including trove_resources tasks
+  include_tasks: trove_resources.yml
+  when:
+    - trove_service_net_setup or trove_guestagent_images
+    - _trove_is_first_play_host
+  args:
+    apply:
+      tags:
+        - trove-install
  tags:
    - trove-install
-    - trove-config

- name: Including trove_guest_image tasks
-  include_tasks: trove_guest_image.yml
-  when: trove_guestagent_images | length > 0
+- name: Importing trove_service_network tasks
+  import_tasks: trove_service_network.yml
  tags:
    - trove-install
    - trove-config
--- a/tasks/trove_guest_image.yml
+++ b/tasks/trove_guest_image.yml
@ -1,89 +0,0 @@
---
-# Copyright 2021 City Network International AB
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#    http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
- name: Setup the guest image
-  delegate_to: "{{ trove_service_setup_host }}"
-  vars:
-    ansible_python_interpreter: "{{ trove_service_setup_host_python_interpreter }}"
-  block:
-    - name: Create image download directory
-      file:
-        path: "{{ trove_image_local_path }}"
-        state: directory
-        mode: "0750"
-        owner: "{{ trove_image_path_owner }}"
-      when:
-        - trove_guestagent_images | length > 0
-
-    - name: Download image from artefact server
-      get_url:
-        url: "{{ item.file }}"
-        dest: "{{ trove_image_local_path }}/{{ item.file | basename }}"
-        checksum: "{{ item.checksum | default(omit) }}"
-        mode: "0644"
-      retries: 5
-      delay: 10
-      register: trove_download_images
-      until: trove_download_images is success
-      when: item.file | regex_search('^(http|https|ftp)://') is truthy(convert_bool=True)
-      with_items: "{{ trove_guestagent_images }}"
-
-    - name: Replace existing image with new one
-      when:
-        - trove_download_images is changed
-      block:
-        - name: Get current image id
-          openstack.cloud.image_info:
-            cloud: "{{ item.cloud | default('default') }}"
-            region_name: "{{ trove_service_region }}"
-            image: "{{ item.name }}"
-            interface: "{{ item.interface | default('admin') }}"
-            verify: "{{ not keystone_service_adminuri_insecure }}"
-          register: get_image_info
-          until: get_image_info is success
-          retries: 5
-          delay: 10
-          with_items: "{{ trove_download_images['results'] | selectattr('changed') | map(attribute='item') }}"
-
-        # This uses command since os_image doesn't support tags.
-        # TODO(odyssey4me):
-        # Add tag capability to os_image module and replace this.
-        - name: Upload new image to glance # noqa: no-changed-when jinja[spacing]
-          command: >-
-            openstack image create
-            --os-cloud {{ item.cloud | default('default') }}
-            --os-interface {{ item.interface | default('admin') }}
-            --file {{ trove_image_local_path }}/{{ item.file | basename }}
-            --disk-format {{ item.disk_format | default('qcow2') }}
-            --container-format {{ item.image_format | default('bare') }}
-            {% if item.tags | length > 0%}--tag {{ item.tags | join(' --tag ') }}{% endif %}
-            {{ (item.public | default(False)) | ternary('--public', '--private') }}
-            --project service
-            {{ item.name }}
-          with_items: "{{ trove_download_images['results'] | selectattr('changed') | map(attribute='item') }}"
-
-        - name: Delete old image from glance
-          openstack.cloud.image:
-            cloud: "{{ item.cloud | default('default') }}"
-            region_name: "{{ trove_service_region }}"
-            state: absent
-            name: "{{ item.id }}"
-            interface: admin
-            verify: "{{ not keystone_service_adminuri_insecure }}"
-          register: remove_old_image
-          until: remove_old_image is success
-          retries: 5
-          delay: 10
-          with_items: "{{ get_image_info['results'] | selectattr('openstack_image') | map(attribute='openstack_image') }}"
--- a/tasks/trove_resources.yml
+++ b/tasks/trove_resources.yml
@ -0,0 +1,37 @@
+---
+# Copyright 2024, Cleura AB.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+- name: Set up the service network
+  ansible.builtin.include_role:
+    name: openstack.osa.openstack_resources
+  vars:
+    openstack_resources_setup_host: "{{ trove_service_setup_host }}"
+    openstack_resources_python_interpreter: "{{ trove_service_setup_host_python_interpreter }}"
+    _network_resources:
+      - name: "{{ trove_service_net_name }}"
+        network_type: "{{ trove_service_net_type }}"
+        physical_network: "{{ trove_service_net_phys_net }}"
+        segmentation_id: "{{ trove_service_net_segmentation_id | default(omit) }}"
+        project: "admin"
+        subnets:
+          - name: "{{ trove_service_subnet_name }}"
+            cidr: "{{ trove_service_net_subnet_cidr }}"
+            dhcp: "{{ trove_service_net_dhcp }}"
+            allocation_start: "{{ trove_service_net_allocation_pool_start | default(omit) }}"
+            allocation_end: "{{ trove_service_net_allocation_pool_end | default(omit) }}"
+    openstack_resources_network:
+      networks: "{{ trove_service_net_setup | ternary(_network_resources, []) }}"
+    openstack_resources_image:
+      images: "{{ _trove_glance_images_compat }}"
--- a/tasks/trove_service_network.yml
+++ b/tasks/trove_service_network.yml
@ -14,27 +14,6 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.

- name: Set up the service network
-  ansible.builtin.include_role:
-    name: openstack.osa.openstack_resources
-  vars:
-    openstack_resources_setup_host: "{{ trove_service_setup_host }}"
-    openstack_resources_python_interpreter: "{{ trove_service_setup_host_python_interpreter }}"
-    openstack_resources_network:
-      networks:
-        - name: "{{ trove_service_net_name }}"
-          network_type: "{{ trove_service_net_type }}"
-          physical_network: "{{ trove_service_net_phys_net }}"
-          segmentation_id: "{{ trove_service_net_segmentation_id | default(omit) }}"
-          project: "admin"
-          subnets:
-            - name: "{{ trove_service_subnet_name }}"
-              cidr: "{{ trove_service_net_subnet_cidr }}"
-              dhcp: "{{ trove_service_net_dhcp }}"
-              allocation_start: "{{ trove_service_net_allocation_pool_start | default(omit) }}"
-              allocation_end: "{{ trove_service_net_allocation_pool_end | default(omit) }}"
-  when: trove_service_net_setup
-
 - name: Get the service network ID
  delegate_to: "{{ trove_service_setup_host }}"
  vars:
--- a/vars/main.yml
+++ b/vars/main.yml
@ -86,3 +86,29 @@ uwsgi_trove_services: |-
  {%   endif %}
  {% endfor %}
  {{ services }}
+
+_trove_glance_images_compat: |-
+  {% set images = [] %}
+  {% for image in trove_guestagent_images %}
+  {%   if 'public' in image and image['public'] %}
+  {%     set _ = image.update({'visibility': 'public'}) %}
+  {%     set _ = image.pop('public')  %}
+  {%   endif %}
+  {%   if 'distro' in image %}
+  {%     set image_properties = image.get('properties', {}) %}
+  {%     set _ = image_properties.update({'os_distro': image.pop('distro')}) %}
+  {%     set _ = image.update({'properties': image_properties}) %}
+  {%   endif %}
+  {%   if 'file' in image and image['file'] is url %}
+  {%     set _ = image.update({'url': image.pop('file')}) %}
+  {%   endif %}
+  {%   if 'image_format' in image %}
+  {%     set _ = image.update({'container_format': image.pop('image_format')}) %}
+  {%   endif %}
+  {# NOTE(noonedeadpunk): Glance requires image checksum to be in plain md5 only #}
+  {%   if 'checksum' in image and image['checksum'].split(':') | length > 1 %}
+  {%     set _ = image.pop('checksum') %}
+  {%   endif %}
+  {%   set _ = images.append(image) %}
+  {% endfor %}
+  {{ images }}