Merge "Separate per-service host configuration tasks" into stable/stein

2020-05-17 12:06:46 +00:00 · 2020-05-17 12:06:46 +00:00 · 8a8a4c53c2
commit 8a8a4c53c2
parent 7ab59bd01a ae6cef7f00
39 changed files with 157 additions and 100 deletions
--- a/ansible/roles/elasticsearch/tasks/config-host.yml
+++ b/ansible/roles/elasticsearch/tasks/config-host.yml
@ -0,0 +1,12 @@
+---
+- name: Setting sysctl values
+  become: true
+  sysctl:
+    name: "{{ item.name }}"
+    value: "{{ item.value }}"
+    sysctl_set: yes
+  with_items:
+    - { name: "vm.max_map_count", value: 262144}
+  when:
+    - set_sysctl | bool
+    - inventory_hostname in groups['elasticsearch']
--- a/ansible/roles/elasticsearch/tasks/config.yml
+++ b/ansible/roles/elasticsearch/tasks/config.yml
@ -1,13 +1,4 @@
 ---
- name: Setting sysctl values
-  become: true
-  sysctl: name={{ item.name }} value={{ item.value }} sysctl_set=yes
-  with_items:
-    - { name: "vm.max_map_count", value: 262144}
-  when:
-    - set_sysctl | bool
-    - inventory_hostname in groups['elasticsearch']
-
 - name: Ensuring config directories exist
  file:
    path: "{{ node_config_directory }}/{{ item.key }}"
--- a/ansible/roles/elasticsearch/tasks/deploy.yml
+++ b/ansible/roles/elasticsearch/tasks/deploy.yml
@ -1,4 +1,6 @@
 ---
+- include_tasks: config-host.yml
+
 - include_tasks: config.yml

 - name: Flush handlers
--- a/ansible/roles/elasticsearch/tasks/upgrade.yml
+++ b/ansible/roles/elasticsearch/tasks/upgrade.yml
@ -42,6 +42,8 @@
    volumes: "{{ service.volumes }}"
  when: inventory_hostname in groups[service.group]

+- include_tasks: config-host.yml
+
 - include_tasks: config.yml

 - name: Flush handlers
--- a/ansible/roles/haproxy/tasks/config-host.yml
+++ b/ansible/roles/haproxy/tasks/config-host.yml
@ -0,0 +1,20 @@
+---
+- name: Setting sysctl values
+  sysctl:
+    name: "{{ item.name }}"
+    value: "{{ item.value }}"
+    sysctl_set: yes
+  become: true
+  with_items:
+    - { name: "net.ipv4.ip_nonlocal_bind", value: 1}
+    - { name: "net.ipv6.ip_nonlocal_bind", value: 1}
+    - { name: "net.unix.max_dgram_qlen", value: 128}
+  when:
+    - set_sysctl | bool
+
+- name: Load and persist keepalived module
+  import_role:
+    name: module-load
+  vars:
+    modules:
+      - {'name': ip_vs }
--- a/ansible/roles/haproxy/tasks/config.yml
+++ b/ansible/roles/haproxy/tasks/config.yml
@ -1,14 +1,4 @@
 ---
- name: Setting sysctl values
-  sysctl: name={{ item.name }} value={{ item.value }} sysctl_set=yes
-  become: true
-  with_items:
-    - { name: "net.ipv4.ip_nonlocal_bind", value: 1}
-    - { name: "net.ipv6.ip_nonlocal_bind", value: 1}
-    - { name: "net.unix.max_dgram_qlen", value: 128}
-  when:
-    - set_sysctl | bool
-
 - name: Ensuring config directories exist
  file:
    path: "{{ node_config_directory }}/{{ item.key }}"
@ -83,13 +73,6 @@
  notify:
    - Restart haproxy container

- name: Load and persist keepalived module
-  import_role:
-    role: module-load
-  vars:
-    modules:
-      - {'name': ip_vs }
-
 - name: Copying over keepalived.conf
  vars:
    service: "{{ haproxy_services['keepalived'] }}"
--- a/ansible/roles/haproxy/tasks/deploy.yml
+++ b/ansible/roles/haproxy/tasks/deploy.yml
@ -1,4 +1,6 @@
 ---
+- include_tasks: config-host.yml
+
 - include_tasks: config.yml

 # NOTE(yoctozepto): haproxy role handlers should not be flushed early.
--- a/ansible/roles/haproxy/tasks/upgrade.yml
+++ b/ansible/roles/haproxy/tasks/upgrade.yml
@ -1,4 +1,6 @@
 ---
+- include_tasks: config-host.yml
+
 - include_tasks: config.yml

 - set_fact: secondary_addresses={{ hostvars[inventory_hostname]['ansible_' + api_interface].get('ipv4_secondaries', []) | map(attribute='address') | list }}
--- a/ansible/roles/ironic/tasks/config-host.yml
+++ b/ansible/roles/ironic/tasks/config-host.yml
@ -0,0 +1,8 @@
+---
+- name: Load and persist iscsi_tcp module
+  import_role:
+    name: module-load
+  vars:
+    modules:
+      - {'name': iscsi_tcp}
+  when: inventory_hostname in groups['ironic-conductor']
--- a/ansible/roles/ironic/tasks/config.yml
+++ b/ansible/roles/ironic/tasks/config.yml
@ -1,11 +1,4 @@
 ---
- name: Load and persist iscsi_tcp module
-  import_role:
-    role: module-load
-  vars:
-    modules:
-      - {'name': iscsi_tcp}
-
 - name: Ensuring config directories exist
  file:
    path: "{{ node_config_directory }}/{{ item.key }}"
--- a/ansible/roles/ironic/tasks/deploy.yml
+++ b/ansible/roles/ironic/tasks/deploy.yml
@ -4,6 +4,8 @@
        (inventory_hostname in groups['ironic-api'] or
        inventory_hostname in groups['ironic-inspector'])

+- include_tasks: config-host.yml
+
 - include_tasks: config.yml
  when: inventory_hostname in groups['ironic-api'] or
        inventory_hostname in groups['ironic-conductor'] or
--- a/ansible/roles/ironic/tasks/legacy_upgrade.yml
+++ b/ansible/roles/ironic/tasks/legacy_upgrade.yml
@ -1,4 +1,6 @@
 ---
+- include_tasks: config-host.yml
+
 - include_tasks: config.yml

 - include_tasks: bootstrap_service.yml
--- a/ansible/roles/ironic/tasks/rolling_upgrade.yml
+++ b/ansible/roles/ironic/tasks/rolling_upgrade.yml
@ -1,4 +1,6 @@
 ---
+- include_tasks: config-host.yml
+
 # Pin release version
 - include_tasks: config.yml
  vars:
--- a/ansible/roles/iscsi/tasks/config-host.yml
+++ b/ansible/roles/iscsi/tasks/config-host.yml
@ -0,0 +1,10 @@
+---
+- name: Load and persist configfs module
+  import_role:
+    name: module-load
+  vars:
+    modules:
+      - name: configfs
+  when:
+    - inventory_hostname in groups[iscsi_services.iscsid.group]
+    - iscsi_services.iscsid.enabled | bool
--- a/ansible/roles/iscsi/tasks/config.yml
+++ b/ansible/roles/iscsi/tasks/config.yml
@ -1,14 +1,4 @@
 ---
- name: Load and persist configfs module
-  import_role:
-    role: module-load
-  vars:
-    modules:
-      - name: configfs
-  when:
-    - inventory_hostname in groups[iscsi_services.iscsid.group]
-    - iscsi_services.iscsid.enabled | bool
-
 - name: Ensuring config directories exist
  file:
    path: "{{ node_config_directory }}/{{ item.key }}"
--- a/ansible/roles/iscsi/tasks/deploy.yml
+++ b/ansible/roles/iscsi/tasks/deploy.yml
@ -1,4 +1,6 @@
 ---
+- include_tasks: config-host.yml
+
 - include_tasks: config.yml

 - name: Flush handlers
--- a/ansible/roles/multipathd/tasks/config-host.yml
+++ b/ansible/roles/multipathd/tasks/config-host.yml
@ -0,0 +1,7 @@
+---
+- name: Load and persist dm-multipath module
+  import_role:
+    name: module-load
+  vars:
+    modules:
+      - {'name': dm-multipath}
--- a/ansible/roles/multipathd/tasks/config.yml
+++ b/ansible/roles/multipathd/tasks/config.yml
@ -1,11 +1,4 @@
 ---
- name: Load and persist dm-multipath module
-  import_role:
-    role: module-load
-  vars:
-    modules:
-      - {'name': dm-multipath}
-
 - name: Ensuring config directories exist
  file:
    path: "{{ node_config_directory }}/{{ item.key }}"
--- a/ansible/roles/multipathd/tasks/deploy.yml
+++ b/ansible/roles/multipathd/tasks/deploy.yml
@ -1,4 +1,6 @@
 ---
+- include_tasks: config-host.yml
+
 - include_tasks: config.yml

 - name: Flush handlers
--- a/ansible/roles/multipathd/tasks/upgrade.yml
+++ b/ansible/roles/multipathd/tasks/upgrade.yml
@ -1,4 +1,6 @@
 ---
+- include_tasks: config-host.yml
+
 - include_tasks: config.yml

 - name: Flush handlers
--- a/ansible/roles/neutron/tasks/config-host.yml
+++ b/ansible/roles/neutron/tasks/config-host.yml
@ -0,0 +1,22 @@
+---
+- name: Setting sysctl values
+  become: true
+  vars:
+    neutron_l3_agent: "{{ neutron_services['neutron-l3-agent'] }}"
+  sysctl:
+    name: "{{ item.name }}"
+    value: "{{ item.value }}"
+    sysctl_set: yes
+  with_items:
+    - { name: "net.ipv4.ip_forward", value: 1}
+    - { name: "net.ipv4.conf.all.rp_filter", value: "{{ neutron_l3_agent_host_rp_filter_mode }}"}
+    - { name: "net.ipv4.conf.default.rp_filter", value: "{{ neutron_l3_agent_host_rp_filter_mode }}"}
+    - { name: "net.ipv4.neigh.default.gc_thresh1", value: "{{ neutron_l3_agent_host_ipv4_neigh_gc_thresh1 }}"}
+    - { name: "net.ipv4.neigh.default.gc_thresh2", value: "{{ neutron_l3_agent_host_ipv4_neigh_gc_thresh2 }}"}
+    - { name: "net.ipv4.neigh.default.gc_thresh3", value: "{{ neutron_l3_agent_host_ipv4_neigh_gc_thresh3 }}"}
+    - { name: "net.ipv6.neigh.default.gc_thresh1", value: "{{ neutron_l3_agent_host_ipv6_neigh_gc_thresh1 }}"}
+    - { name: "net.ipv6.neigh.default.gc_thresh2", value: "{{ neutron_l3_agent_host_ipv6_neigh_gc_thresh2 }}"}
+    - { name: "net.ipv6.neigh.default.gc_thresh3", value: "{{ neutron_l3_agent_host_ipv6_neigh_gc_thresh3 }}"}
+  when:
+    - set_sysctl | bool
+    - (neutron_l3_agent.enabled | bool and neutron_l3_agent.host_in_groups | bool)
--- a/ansible/roles/neutron/tasks/config.yml
+++ b/ansible/roles/neutron/tasks/config.yml
@ -1,23 +1,4 @@
 ---
- name: Setting sysctl values
-  become: true
-  vars:
-    neutron_l3_agent: "{{ neutron_services['neutron-l3-agent'] }}"
-  sysctl: name={{ item.name }} value={{ item.value }} sysctl_set=yes
-  with_items:
-    - { name: "net.ipv4.ip_forward", value: 1}
-    - { name: "net.ipv4.conf.all.rp_filter", value: "{{ neutron_l3_agent_host_rp_filter_mode }}"}
-    - { name: "net.ipv4.conf.default.rp_filter", value: "{{ neutron_l3_agent_host_rp_filter_mode }}"}
-    - { name: "net.ipv4.neigh.default.gc_thresh1", value: "{{ neutron_l3_agent_host_ipv4_neigh_gc_thresh1 }}"}
-    - { name: "net.ipv4.neigh.default.gc_thresh2", value: "{{ neutron_l3_agent_host_ipv4_neigh_gc_thresh2 }}"}
-    - { name: "net.ipv4.neigh.default.gc_thresh3", value: "{{ neutron_l3_agent_host_ipv4_neigh_gc_thresh3 }}"}
-    - { name: "net.ipv6.neigh.default.gc_thresh1", value: "{{ neutron_l3_agent_host_ipv6_neigh_gc_thresh1 }}"}
-    - { name: "net.ipv6.neigh.default.gc_thresh2", value: "{{ neutron_l3_agent_host_ipv6_neigh_gc_thresh2 }}"}
-    - { name: "net.ipv6.neigh.default.gc_thresh3", value: "{{ neutron_l3_agent_host_ipv6_neigh_gc_thresh3 }}"}
-  when:
-    - set_sysctl | bool
-    - (neutron_l3_agent.enabled | bool and neutron_l3_agent.host_in_groups | bool)
-
 - name: Ensuring config directories exist
  become: true
  file:
--- a/ansible/roles/neutron/tasks/deploy.yml
+++ b/ansible/roles/neutron/tasks/deploy.yml
@ -2,6 +2,8 @@
 - include_tasks: register.yml
  when: inventory_hostname in groups['neutron-server']

+- include_tasks: config-host.yml
+
 - include_tasks: config.yml

 - include_tasks: config-neutron-fake.yml
--- a/ansible/roles/neutron/tasks/legacy_upgrade.yml
+++ b/ansible/roles/neutron/tasks/legacy_upgrade.yml
@ -1,4 +1,6 @@
 ---
+- include_tasks: config-host.yml
+
 - include_tasks: config.yml

 - include_tasks: config-neutron-fake.yml
--- a/ansible/roles/neutron/tasks/rolling_upgrade.yml
+++ b/ansible/roles/neutron/tasks/rolling_upgrade.yml
@ -1,4 +1,6 @@
 ---
+- include_tasks: config-host.yml
+
 - include_tasks: config.yml

 - include_tasks: config-neutron-fake.yml
--- a/ansible/roles/nova/tasks/config-host.yml
+++ b/ansible/roles/nova/tasks/config-host.yml
@ -0,0 +1,12 @@
+---
+- name: Setting sysctl values
+  become: true
+  sysctl: name={{ item.name }} value={{ item.value }} sysctl_set=yes
+  with_items:
+    - { name: "net.bridge.bridge-nf-call-iptables", value: 1}
+    - { name: "net.bridge.bridge-nf-call-ip6tables", value: 1}
+    - { name: "net.ipv4.conf.all.rp_filter", value: "{{ nova_compute_host_rp_filter_mode }}"}
+    - { name: "net.ipv4.conf.default.rp_filter", value: "{{ nova_compute_host_rp_filter_mode }}"}
+  when:
+    - set_sysctl | bool
+    - inventory_hostname in groups['compute']
--- a/ansible/roles/nova/tasks/config.yml
+++ b/ansible/roles/nova/tasks/config.yml
@ -1,16 +1,4 @@
 ---
- name: Setting sysctl values
-  become: true
-  sysctl: name={{ item.name }} value={{ item.value }} sysctl_set=yes
-  with_items:
-    - { name: "net.bridge.bridge-nf-call-iptables", value: 1}
-    - { name: "net.bridge.bridge-nf-call-ip6tables", value: 1}
-    - { name: "net.ipv4.conf.all.rp_filter", value: "{{ nova_compute_host_rp_filter_mode }}"}
-    - { name: "net.ipv4.conf.default.rp_filter", value: "{{ nova_compute_host_rp_filter_mode }}"}
-  when:
-    - set_sysctl | bool
-    - inventory_hostname in groups['compute']
-
 - name: Ensuring config directories exist
  become: true
  file:
--- a/ansible/roles/nova/tasks/deploy.yml
+++ b/ansible/roles/nova/tasks/deploy.yml
@ -10,6 +10,8 @@
 - include_tasks: clone.yml
  when: nova_dev_mode | bool

+- include_tasks: config-host.yml
+
 - include_tasks: config.yml

 - include_tasks: config-nova-fake.yml
--- a/ansible/roles/nova/tasks/legacy_upgrade.yml
+++ b/ansible/roles/nova/tasks/legacy_upgrade.yml
@ -1,4 +1,6 @@
 ---
+- include_tasks: config-host.yml
+
 - include_tasks: config.yml

 - include_tasks: bootstrap_service.yml
--- a/ansible/roles/nova/tasks/rolling_upgrade.yml
+++ b/ansible/roles/nova/tasks/rolling_upgrade.yml
@ -1,4 +1,6 @@
 ---
+- include_tasks: config-host.yml
+
 # Create new set of configs on nodes
 - include_tasks: config.yml

--- a/ansible/roles/opendaylight/tasks/config-host.yml
+++ b/ansible/roles/opendaylight/tasks/config-host.yml
@ -0,0 +1,12 @@
+---
+- name: Setting sysctl values
+  become: true
+  sysctl: name={{ item.name }} value={{ item.value }} sysctl_set=yes
+  with_items:
+    - { name: "net.bridge.bridge-nf-call-iptables", value: 1}
+    - { name: "net.bridge.bridge-nf-call-ip6tables", value: 1}
+    - { name: "net.ipv4.conf.all.rp_filter", value: 0}
+    - { name: "net.ipv4.conf.default.rp_filter", value: 0}
+  when:
+    - set_sysctl | bool
+    - inventory_hostname in groups['opendaylight']
--- a/ansible/roles/opendaylight/tasks/config.yml
+++ b/ansible/roles/opendaylight/tasks/config.yml
@ -1,16 +1,4 @@
 ---
- name: Setting sysctl values
-  become: true
-  sysctl: name={{ item.name }} value={{ item.value }} sysctl_set=yes
-  with_items:
-    - { name: "net.bridge.bridge-nf-call-iptables", value: 1}
-    - { name: "net.bridge.bridge-nf-call-ip6tables", value: 1}
-    - { name: "net.ipv4.conf.all.rp_filter", value: 0}
-    - { name: "net.ipv4.conf.default.rp_filter", value: 0}
-  when:
-    - set_sysctl | bool
-    - inventory_hostname in groups['opendaylight']
-
 - name: Ensuring config directories exist
  file:
    path: "{{ node_config_directory }}/{{ item }}"
--- a/ansible/roles/opendaylight/tasks/deploy.yml
+++ b/ansible/roles/opendaylight/tasks/deploy.yml
@ -1,4 +1,6 @@
 ---
+- include_tasks: config-host.yml
+
 - include_tasks: config.yml

 - name: Flush Handlers
--- a/ansible/roles/opendaylight/tasks/upgrade.yml
+++ b/ansible/roles/opendaylight/tasks/upgrade.yml
@ -1,4 +1,6 @@
 ---
+- include_tasks: config-host.yml
+
 - include_tasks: config.yml

 - name: Flush Handlers
--- a/ansible/roles/openvswitch/tasks/config-host.yml
+++ b/ansible/roles/openvswitch/tasks/config-host.yml
@ -0,0 +1,7 @@
+---
+- name: Load and persist openvswitch module
+  import_role:
+    name: module-load
+  vars:
+    modules:
+      - {'name': openvswitch}
--- a/ansible/roles/openvswitch/tasks/config.yml
+++ b/ansible/roles/openvswitch/tasks/config.yml
@ -1,11 +1,4 @@
 ---
- name: Load and persist openvswitch module
-  import_role:
-    role: module-load
-  vars:
-    modules:
-      - {'name': openvswitch}
-
 - name: Ensuring config directories exist
  become: true
  file:
--- a/ansible/roles/openvswitch/tasks/deploy.yml
+++ b/ansible/roles/openvswitch/tasks/deploy.yml
@ -1,4 +1,6 @@
 ---
+- include_tasks: config-host.yml
+
 - include_tasks: config.yml

 - name: Flush Handlers
--- a/ansible/roles/openvswitch/tasks/upgrade.yml
+++ b/ansible/roles/openvswitch/tasks/upgrade.yml
@ -1,4 +1,6 @@
 ---
+- include_tasks: config-host.yml
+
 - include_tasks: config.yml

 - name: Flush Handlers
--- a/releasenotes/notes/no-host-config-in-genconfig-7321f0dcfc9d728d.yaml
+++ b/releasenotes/notes/no-host-config-in-genconfig-7321f0dcfc9d728d.yaml
@ -0,0 +1,7 @@
+---
+fixes:
+  - |
+    Fixes an issue where host configuration tasks (``sysctl``, loading kernel
+    modules) could be performed during the ``kolla-ansible genconfig`` command.
+    See `bug 1860161 <https://bugs.launchpad.net/kolla-ansible/+bug/1860161>`__
+    for details.