ef84890798
The IPA ramdisk and kernel images may be built or downloaded via a URL. If the latter option is used, any images previously downloaded to $KOLLA_CONFIG_PATH/config/ironic/ironic-agent.* would previously not be updated if the image contents change. This change introduces variables for setting a URL to a file containing checksums for the images. The algorithm used to compute the checksum is also configurable (default sha256). This allows us to ensure we are using the correct version of the image, while avoiding an expensive few hundred megabyte image download just to check. If a checksum is not specified, the image will be downloaded every time to ensure that it is up to date. Change-Id: I8120518ed98d61f3652f5205ce7ec9f798ab2aa1 Story: 2001660 Task: 6693
108 lines
4.0 KiB
YAML
108 lines
4.0 KiB
YAML
---
|
|
- name: Check whether Ironic is enabled
|
|
hosts: controllers
|
|
tags:
|
|
- ipa-images
|
|
tasks:
|
|
- name: Create controllers group with ironic enabled
|
|
group_by:
|
|
key: "controllers_for_ipa_images_{{ kolla_enable_ironic | bool }}"
|
|
|
|
- name: Ensure Ironic Python Agent (IPA) images are downloaded and registered
|
|
hosts: controllers_for_ipa_images_True[0]
|
|
gather_facts: False
|
|
tags:
|
|
- ipa-images
|
|
vars:
|
|
# These are the filenames generated by overcloud-ipa-build.yml.
|
|
ipa_image_name: "ipa"
|
|
ipa_images:
|
|
- "{{ ipa_image_name }}.vmlinuz"
|
|
- "{{ ipa_image_name }}.initramfs"
|
|
pre_tasks:
|
|
- name: Validate OpenStack password authentication parameters
|
|
fail:
|
|
msg: >
|
|
Required OpenStack authentication parameter {{ item }} is
|
|
{% if item in openstack_auth %}empty{% else %}not present{% endif %}
|
|
in openstack_auth. Have you sourced the environment file?
|
|
when:
|
|
- openstack_auth_type == 'password'
|
|
- item not in openstack_auth or not openstack_auth[item]
|
|
with_items: "{{ openstack_auth_password_required_params }}"
|
|
tags:
|
|
- config-validation
|
|
|
|
- block:
|
|
- name: Check for the presence of locally built Ironic Python Agent (IPA) images
|
|
stat:
|
|
path: "{{ image_cache_path }}/{{ ipa_image_name }}/{{ item }}"
|
|
get_md5: False
|
|
get_checksum: False
|
|
mime: False
|
|
with_items: "{{ ipa_images }}"
|
|
register: ipa_image_stat
|
|
|
|
- name: Validate the presence of locally built Ironic Python Agent (IPA) images
|
|
fail:
|
|
msg: >
|
|
Expected locally built Ironic Python Agent (IPA) image
|
|
{{ item.item }} was not present in {{ image_cache_path }}.
|
|
with_items: "{{ ipa_image_stat.results }}"
|
|
when: not item.stat.exists
|
|
when: ipa_build_images | bool
|
|
tags:
|
|
- config-validation
|
|
|
|
- name: Set fact containing the Ironic Python Agent (IPA) image URLs
|
|
set_fact:
|
|
# Don't pass the kernel and ramdisk image URLs if using built images.
|
|
ipa_images_kernel_url: "{{ ipa_kernel_upstream_url }}"
|
|
ipa_images_kernel_checksum_url: "{{ ipa_kernel_checksum_url }}"
|
|
ipa_images_kernel_checksum_algorithm: "{{ ipa_kernel_checksum_algorithm }}"
|
|
ipa_images_ramdisk_url: "{{ ipa_ramdisk_upstream_url }}"
|
|
ipa_images_ramdisk_checksum_url: "{{ ipa_ramdisk_checksum_url }}"
|
|
ipa_images_ramdisk_checksum_algorithm: "{{ ipa_ramdisk_checksum_algorithm }}"
|
|
when: not ipa_build_images | bool
|
|
|
|
- name: Check whether the image cache directory exists
|
|
stat:
|
|
path: "{{ image_cache_path }}"
|
|
get_md5: False
|
|
get_checksum: False
|
|
mime: False
|
|
register: image_cache_stat
|
|
|
|
- name: Ensure the image cache directory exists
|
|
file:
|
|
path: "{{ image_cache_path }}"
|
|
state: directory
|
|
owner: "{{ ansible_user_uid }}"
|
|
group: "{{ ansible_user_gid }}"
|
|
become: True
|
|
when: >-
|
|
not image_cache_stat.stat.exists or
|
|
not image_cache_stat.stat.writeable
|
|
|
|
- name: Ensure locally built Ironic Python Agent (IPA) images are copied
|
|
copy:
|
|
src: "{{ image_cache_path }}/{{ ipa_image_name }}/{{ item.src }}"
|
|
dest: "{{ image_cache_path }}/{{ ipa_image_name }}/{{ item.dest }}"
|
|
remote_src: True
|
|
with_items:
|
|
- src: "{{ ipa_images[0] }}"
|
|
dest: "{{ ipa_images_kernel_name }}"
|
|
- src: "{{ ipa_images[1] }}"
|
|
dest: "{{ ipa_images_ramdisk_name }}"
|
|
when:
|
|
- ipa_build_images | bool
|
|
- item.src != item.dest
|
|
roles:
|
|
- role: ipa-images
|
|
os_shade_install_epel: "{{ yum_install_epel }}"
|
|
ipa_images_venv: "{{ virtualenv_path }}/shade"
|
|
ipa_images_openstack_auth_type: "{{ openstack_auth_type }}"
|
|
ipa_images_openstack_auth: "{{ openstack_auth }}"
|
|
ipa_images_openstack_auth_env: "{{ openstack_auth_env }}"
|
|
ipa_images_cache_path: "{{ image_cache_path }}/{{ ipa_image_name }}"
|