c9f8d80ba6
The 'kayobe * host configure' commands no longer use the 'kolla-ansible bootstrap-servers' command, and associated 'baremetal' role in Kolla Ansible. The functionality provided by the 'baremetal' role has been extracted into the openstack.kolla Ansible collection, and split into separate roles. This allows Kayobe to use it directly, and only the necessary parts. This change improves failure handling in these Kayobe commands, and aims to reduce confusion over which '--limit' and '--tags' arguments to provide. This ensures that if a host fails during a host configuration command, other hosts are able to continue to completion. Previously, if any host failed during the Kayobe playbooks, the 'kolla-ansible bootstrap-servers' command would not run. This is useful at scale, where host failures occur more frequently. This change has implications for configuration of Kayobe, since some variables that were previously in Kolla Ansible are now in Kayobe. Several parts of the baremetal role have been split out and used here: * apparmor-libvirt: disable AppArmor rules for libvirt on Ubuntu. * docker: Docker installation & configuration. The docker role in openstack.kolla combines functionality from kolla-ansible and kayobe. * etc-hosts: it proved difficult to generalise this, so we have some almost duplicated the code from kolla-ansible here. Requires delegated fact gathering for the case when --limit is used. * firewall: support to disable UFW, for feature parity. * kolla-packages: miscellaneous package installs & removals. The addition of the stack user to the docker group has been moved to the user bootstrapping playbook, and the docker SDK installation has been moved to the virtualenv setup playbook. Depends-On: https://review.opendev.org/c/openstack/ansible-collection-kolla/+/829587 Story: 2009854 Task: 44505 Change-Id: I61a61ca59652b13687c2247d5881012b51f666a7
114 lines
4.1 KiB
YAML
114 lines
4.1 KiB
YAML
---
|
|
# Create a virtualenv for ansible modules to use on the remote target systems
|
|
# when running kayobe.
|
|
|
|
- name: Ensure a virtualenv exists for kayobe
|
|
hosts: seed:seed-hypervisor:overcloud:infra-vms
|
|
gather_facts: False
|
|
tags:
|
|
- kayobe-target-venv
|
|
tasks:
|
|
- name: Set a fact about the kayobe target virtualenv
|
|
set_fact:
|
|
virtualenv: "{{ ansible_python_interpreter | dirname | dirname }}"
|
|
when:
|
|
- ansible_python_interpreter is defined
|
|
- not ansible_python_interpreter.startswith('/bin')
|
|
- not ansible_python_interpreter.startswith('/usr/bin')
|
|
|
|
- block:
|
|
- name: Gather facts
|
|
setup:
|
|
filter: "{{ kayobe_ansible_setup_filter }}"
|
|
gather_subset: "{{ kayobe_ansible_setup_gather_subset }}"
|
|
when: not ansible_facts
|
|
register: gather_facts
|
|
|
|
- name: Ensure the Python venv package is installed on Debian family systems
|
|
package:
|
|
name: python3-venv
|
|
state: present
|
|
cache_valid_time: "{{ apt_cache_valid_time }}"
|
|
update_cache: "True"
|
|
become: True
|
|
when: ansible_facts.os_family == 'Debian'
|
|
|
|
- name: Ensure global virtualenv directory exists
|
|
file:
|
|
path: "{{ virtualenv_path }}"
|
|
state: directory
|
|
owner: "{{ ansible_facts.user_uid }}"
|
|
group: "{{ ansible_facts.user_gid }}"
|
|
mode: 0755
|
|
# Check whether the virtualenv directory is a subdirectory of the
|
|
# global virtualenv directory.
|
|
when: virtualenv.startswith(virtualenv_path)
|
|
become: True
|
|
|
|
- name: Ensure kayobe virtualenv directory exists
|
|
file:
|
|
path: "{{ virtualenv }}"
|
|
state: directory
|
|
owner: "{{ ansible_facts.user_uid }}"
|
|
group: "{{ ansible_facts.user_gid }}"
|
|
mode: 0700
|
|
become: True
|
|
|
|
- name: Ensure kayobe virtualenv has the latest version of pip installed
|
|
pip:
|
|
name: pip
|
|
state: latest
|
|
virtualenv: "{{ virtualenv }}"
|
|
# Site packages are required for using the dnf module, which is not
|
|
# available via PyPI.
|
|
virtualenv_site_packages: True
|
|
virtualenv_command: "python3.{{ ansible_facts.python.version.minor }} -m venv"
|
|
|
|
- name: Ensure kayobe virtualenv has SELinux bindings installed
|
|
pip:
|
|
name: selinux
|
|
state: latest
|
|
virtualenv: "{{ virtualenv }}"
|
|
when:
|
|
- ansible_facts.os_family == 'RedHat'
|
|
vars:
|
|
# Use the system python interpreter since the virtualenv might not
|
|
# exist.
|
|
ansible_python_interpreter: /usr/bin/python3
|
|
when: virtualenv is defined
|
|
|
|
# If we gathered facts earlier it would have been with a different Python
|
|
# interpreter. For gathering modes that may use a fact cache, gather facts
|
|
# again using the interpreter from the virtual environment.
|
|
- name: Gather facts
|
|
setup:
|
|
filter: "{{ kayobe_ansible_setup_filter }}"
|
|
gather_subset: "{{ kayobe_ansible_setup_gather_subset }}"
|
|
when:
|
|
- virtualenv is defined
|
|
- gather_facts is not skipped
|
|
- lookup('config', 'DEFAULT_GATHERING') != 'implicit'
|
|
|
|
- block:
|
|
- name: Ensure Python setuptools and pip packages are installed
|
|
vars:
|
|
packages:
|
|
- python3-setuptools
|
|
- python3-pip
|
|
package:
|
|
name: "{{ packages | select | list }}"
|
|
state: present
|
|
become: True
|
|
when: virtualenv is not defined
|
|
|
|
- name: Ensure kolla-ansible virtualenv has docker SDK for python installed
|
|
pip:
|
|
name: docker
|
|
state: latest
|
|
virtualenv: "{{ virtualenv | default(omit) }}"
|
|
extra_args: "{% if docker_upper_constraints_file %}-c {{ docker_upper_constraints_file }}{% endif %}"
|
|
become: "{{ virtualenv is not defined }}"
|
|
vars:
|
|
docker_upper_constraints_file: "{{ pip_upper_constraints_file }}"
|
|
when: "'docker' in group_names"
|