Target unbound component group instead of _all

The unbound container group and component group share the same name, so we are hitting the quirk in OSA inventory where containerized services that have component and container groups sharing the same name get both the hosts and containers added to the _all group. This change targets the component group to correctly target only the unbound containers, not the physical hosts for the containers. Change-Id: Id214bbebeee73a6bf48088396e2e450669e00926
2017-02-08 12:55:51 -06:00 · 2017-02-08 12:55:51 -06:00 · 59b34958b7
commit 59b34958b7
parent e63a453785
3 changed files with 5 additions and 5 deletions
--- a/playbooks/inventory/group_vars/all.yml
+++ b/playbooks/inventory/group_vars/all.yml
@ -70,7 +70,7 @@ openstack_host_specific_kernel_modules:

 ## DNS resolution (resolvconf) options
 #Group containing resolvers to configure
-resolvconf_resolver_group: unbound_all
+resolvconf_resolver_group: unbound

 ## Memcached options
 memcached_port: 11211
--- a/playbooks/inventory/group_vars/hosts.yml
+++ b/playbooks/inventory/group_vars/hosts.yml
@ -19,7 +19,7 @@ openstack_hosts_package_state: "{{ package_state }}"
 security_package_state: "{{ package_state }}"

 # Disable /etc/hosts management if unbound DNS resolution containers exist
-openstack_host_manage_hosts_file: "{{ groups['unbound_all'] is not defined or groups['unbound_all'] | length < 1 }}"
+openstack_host_manage_hosts_file: "{{ groups['unbound'] is not defined or groups['unbound'] | length < 1 }}"

 # Use the RHEL 7 STIG content from the openstack-ansible-security role
 stig_version: rhel7
--- a/playbooks/unbound-install.yml
+++ b/playbooks/unbound-install.yml
@ -15,7 +15,7 @@

 - name: Install unbound DNS resolvers
  hosts:
-    - unbound_all
+    - unbound
  gather_facts: "{{ gather_facts | default(True) }}"
  user: root
  roles:
@ -32,7 +32,7 @@

 - name: Install unbound DNS resolver client configurations
  hosts:
-    - "!unbound_all"
+    - "!unbound"
    - "{{ openstack_host_group|default('hosts') }}"
    - "{{ container_group|default('all_containers') }}"
  user: root
@ -94,4 +94,4 @@
        - unbound_client
  vars:
    #Only run the resolvconf role when DNS containers are deployed to the env.
-    resolvconf_enabled: "{{ groups['unbound_all'] is defined and groups['unbound_all'] | length > 0 }}"
+    resolvconf_enabled: "{{ groups['unbound'] is defined and groups['unbound'] | length > 0 }}"