From 59b34958b7b69a90486fea33bd89c80997fa449c Mon Sep 17 00:00:00 2001 From: Logan V Date: Wed, 8 Feb 2017 12:55:51 -0600 Subject: [PATCH] Target unbound component group instead of _all The unbound container group and component group share the same name, so we are hitting the quirk in OSA inventory where containerized services that have component and container groups sharing the same name get both the hosts and containers added to the _all group. This change targets the component group to correctly target only the unbound containers, not the physical hosts for the containers. Change-Id: Id214bbebeee73a6bf48088396e2e450669e00926 --- playbooks/inventory/group_vars/all.yml | 2 +- playbooks/inventory/group_vars/hosts.yml | 2 +- playbooks/unbound-install.yml | 6 +++--- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/playbooks/inventory/group_vars/all.yml b/playbooks/inventory/group_vars/all.yml index 0e1f9d4a8b..554d039378 100644 --- a/playbooks/inventory/group_vars/all.yml +++ b/playbooks/inventory/group_vars/all.yml @@ -70,7 +70,7 @@ openstack_host_specific_kernel_modules: ## DNS resolution (resolvconf) options #Group containing resolvers to configure -resolvconf_resolver_group: unbound_all +resolvconf_resolver_group: unbound ## Memcached options memcached_port: 11211 diff --git a/playbooks/inventory/group_vars/hosts.yml b/playbooks/inventory/group_vars/hosts.yml index de11d885e9..8c71ed5970 100644 --- a/playbooks/inventory/group_vars/hosts.yml +++ b/playbooks/inventory/group_vars/hosts.yml @@ -19,7 +19,7 @@ openstack_hosts_package_state: "{{ package_state }}" security_package_state: "{{ package_state }}" # Disable /etc/hosts management if unbound DNS resolution containers exist -openstack_host_manage_hosts_file: "{{ groups['unbound_all'] is not defined or groups['unbound_all'] | length < 1 }}" +openstack_host_manage_hosts_file: "{{ groups['unbound'] is not defined or groups['unbound'] | length < 1 }}" # Use the RHEL 7 STIG content from the openstack-ansible-security role stig_version: rhel7 diff --git a/playbooks/unbound-install.yml b/playbooks/unbound-install.yml index 7ead0d0ec1..dfa6fcc162 100644 --- a/playbooks/unbound-install.yml +++ b/playbooks/unbound-install.yml @@ -15,7 +15,7 @@ - name: Install unbound DNS resolvers hosts: - - unbound_all + - unbound gather_facts: "{{ gather_facts | default(True) }}" user: root roles: @@ -32,7 +32,7 @@ - name: Install unbound DNS resolver client configurations hosts: - - "!unbound_all" + - "!unbound" - "{{ openstack_host_group|default('hosts') }}" - "{{ container_group|default('all_containers') }}" user: root @@ -94,4 +94,4 @@ - unbound_client vars: #Only run the resolvconf role when DNS containers are deployed to the env. - resolvconf_enabled: "{{ groups['unbound_all'] is defined and groups['unbound_all'] | length > 0 }}" + resolvconf_enabled: "{{ groups['unbound'] is defined and groups['unbound'] | length > 0 }}"