diff --git a/ansible/install/roles/cinder/tasks/main.yml b/ansible/install/roles/cinder/tasks/main.yml index 57249fd1e..1c152c7e5 100644 --- a/ansible/install/roles/cinder/tasks/main.yml +++ b/ansible/install/roles/cinder/tasks/main.yml @@ -4,14 +4,14 @@ # - name: Check for connmon in cinder.conf - shell: grep -Eq 'connection\s?=\s?mysql:' /etc/cinder/cinder.conf + command: grep -Eq 'connection\s?=\s?mysql:' /etc/cinder/cinder.conf register: cinder_mysql become: true ignore_errors: true changed_when: false - name: Enable Connmon in cinder.conf - shell: sed -i 's/mysql:/mysql+connmon:/g' /etc/cinder/cinder.conf + command: sed -i 's/mysql:/mysql+connmon:/g' /etc/cinder/cinder.conf when: cinder_mysql.rc == 0 become: true notify: diff --git a/ansible/install/roles/common/tasks/main.yml b/ansible/install/roles/common/tasks/main.yml index 91dc17f35..a068f9a60 100644 --- a/ansible/install/roles/common/tasks/main.yml +++ b/ansible/install/roles/common/tasks/main.yml @@ -3,9 +3,13 @@ # Browbeat Install Common # - name: Check external connectivity - shell: ping google.com -c 1 -q + command: ping google.com -c 1 -q register: ping ignore_errors: true + tags: + # Skip ANSIBLE0012 Commands should not change things if nothing needs doing + # Need to check external activity every time + - skip_ansible_lint - name: Add DNS record become: true diff --git a/ansible/install/roles/connmon/tasks/main.yml b/ansible/install/roles/connmon/tasks/main.yml index da0ffcae0..8dd92e3c2 100644 --- a/ansible/install/roles/connmon/tasks/main.yml +++ b/ansible/install/roles/connmon/tasks/main.yml @@ -25,7 +25,7 @@ become: true - name: Install Screen for connmon - yum: name=screen state=latest + yum: name=screen state=present become: true when: undercloud @@ -47,18 +47,30 @@ ignore_errors: true register: firewalld_in_use no_log: true + tags: + # Skip ANSIBLE0012 Commands should not change things if nothing needs doing + # Need to check if firewall is in use + - skip_ansible_lint - name: (connmon) Determine if firewalld is active shell: systemctl is-active firewalld.service | grep -vq inactive ignore_errors: true register: firewalld_is_active no_log: true + tags: + # Skip ANSIBLE0012 Commands should not change things if nothing needs doing + # Need to check if firewall is active + - skip_ansible_lint - name: (connmon) Determine if TCP/{{connmon_port}} is already active shell: firewall-cmd --list-ports | egrep -q "^{{connmon_port}}/tcp" ignore_errors: true register: firewalld_tcp{{connmon_port}}_exists no_log: true + tags: + # Skip ANSIBLE0012 Commands should not change things if nothing needs doing + # Need to check if port is already active + - skip_ansible_lint # add firewall rule via firewall-cmd - name: (connmon) Add firewall rule for TCP/{{connmon_port}} (firewalld) @@ -78,6 +90,10 @@ register: iptables_tcp5800_exists failed_when: iptables_tcp{{connmon_port}}_exists == 127i no_log: true + tags: + # Skip ANSIBLE0012 Commands should not change things if nothing needs doing + # Need to check if port is already active + - skip_ansible_lint - name: (connmon) Add firewall rule for TCP/{{connmon_port}} (iptables-services) lineinfile: @@ -91,7 +107,7 @@ register: iptables_needs_restart - name: (connmon) Restart iptables-services for TCP/{{connmon_port}} (iptables-services) - shell: systemctl restart iptables.service + command: systemctl restart iptables.service ignore_errors: true become: true when: iptables_needs_restart != 0 and firewalld_in_use.rc != 0 and firewalld_is_active.rc != 0 diff --git a/ansible/install/roles/heat/tasks/main.yml b/ansible/install/roles/heat/tasks/main.yml index 4210ec991..ef5b3f389 100644 --- a/ansible/install/roles/heat/tasks/main.yml +++ b/ansible/install/roles/heat/tasks/main.yml @@ -3,14 +3,14 @@ ## # - name: Check for connmon in heat.conf - shell: grep -Eq 'connection\s?=\s?mysql:' /etc/heat/heat.conf + command: grep -Eq 'connection\s?=\s?mysql:' /etc/heat/heat.conf register: heat_mysql become: true ignore_errors: true changed_when: false - name: Enable Connmon in heat.conf - shell: sed -i 's/mysql:/mysql+connmon:/g' /etc/heat/heat.conf + command: sed -i 's/mysql:/mysql+connmon:/g' /etc/heat/heat.conf when: heat_mysql.rc == 0 become: true notify: diff --git a/ansible/install/roles/keystone/tasks/main.yml b/ansible/install/roles/keystone/tasks/main.yml index f82d9f8b3..a38f847ea 100644 --- a/ansible/install/roles/keystone/tasks/main.yml +++ b/ansible/install/roles/keystone/tasks/main.yml @@ -4,7 +4,7 @@ # - name: Determine if keystone is deployed in eventlet - shell: ps afx | grep "[Kk]eystone-all" -c + command: ps afx | grep "[Kk]eystone-all" -c register: deployed ignore_errors: true changed_when: false @@ -22,14 +22,14 @@ # - name: Check for connmon in keystone.conf - shell: grep -Eq 'connection\s?=\s?mysql:' /etc/keystone/keystone.conf + command: grep -Eq 'connection\s?=\s?mysql:' /etc/keystone/keystone.conf register: keystone_mysql become: true ignore_errors: true changed_when: false - name: Enable connmon in keystone.conf - shell: sed -i 's/mysql:/mysql+connmon:/g' /etc/keystone/keystone.conf + command: sed -i 's/mysql:/mysql+connmon:/g' /etc/keystone/keystone.conf when: keystone_mysql.rc == 0 become: true notify: diff --git a/ansible/install/roles/neutron/tasks/main.yml b/ansible/install/roles/neutron/tasks/main.yml index 81df216bf..c050f1102 100644 --- a/ansible/install/roles/neutron/tasks/main.yml +++ b/ansible/install/roles/neutron/tasks/main.yml @@ -4,14 +4,14 @@ # - name: Check for connmon in neutron.conf - shell: grep -Eq 'connection\s?=\s?mysql:' /etc/neutron/neutron.conf + command: grep -Eq 'connection\s?=\s?mysql:' /etc/neutron/neutron.conf register: neutron_mysql become: true ignore_errors: true changed_when: false - name: Enable Connmon in neutron.conf - shell: sed -i 's/mysql:/mysql+connmon:/g' /etc/neutron/neutron.conf + command: sed -i 's/mysql:/mysql+connmon:/g' /etc/neutron/neutron.conf when: neutron_mysql.rc == 0 become: true notify: diff --git a/ansible/install/roles/nova/tasks/main.yml b/ansible/install/roles/nova/tasks/main.yml index 27fee5636..b83c3c2c4 100644 --- a/ansible/install/roles/nova/tasks/main.yml +++ b/ansible/install/roles/nova/tasks/main.yml @@ -4,14 +4,14 @@ # - name: Check for connmon in nova.conf - shell: grep -Eq 'connection\s?=\s?mysql:' /etc/nova/nova.conf + command: grep -Eq 'connection\s?=\s?mysql:' /etc/nova/nova.conf register: nova_mysql become: true ignore_errors: true changed_when: false - name: Enable Connmon in nova.conf - shell: sed -i 's/mysql:/mysql+connmon:/g' /etc/nova/nova.conf + command: sed -i 's/mysql:/mysql+connmon:/g' /etc/nova/nova.conf when: nova_mysql.rc == 0 become: true notify: