kolla-ansible/ansible/roles/ironic/tasks/deploy.yml
Mark Goddard 46df30d871 ironic: Follow up for ironic_enable_keystone_integration
Follow up for I0c7e9a28876a1d4278fb2ed8555c2b08472864b9 which added a
ironic_enable_keystone_integration variable to support Ironic in
multi-region environments. This change skips Keystone service
registration based on ironic_enable_keystone_integration rather than
enable_keystone. It also updates the ironic-inspector.conf template to
use the new variable.

Change-Id: I2ecba4999e194766258ac5beed62877d43829313
2021-08-10 09:36:25 +01:00

35 lines
1.0 KiB
YAML

---
- import_tasks: register.yml
when: ironic_enable_keystone_integration | bool
- import_tasks: config-host.yml
- import_tasks: config.yml
- import_tasks: check-containers.yml
- include_tasks: clone.yml
when: ironic_dev_mode | bool
- import_tasks: bootstrap.yml
- name: Flush handlers
meta: flush_handlers
# NOTE(mgoddard): If inspector was previously configured to use the iptables
# PXE filter, it may leave rules in place that block inspection. Clean them up.
# The iptables Ansible module is not idempotent - it fails if the chain does
# not exist, so use a command instead.
- name: Flush and delete ironic-inspector iptables chain
become: true
command: iptables --{{ item }} ironic-inspector
register: ironic_inspector_chain
with_items:
- flush
- delete-chain
when: ironic_inspector_pxe_filter != 'iptables'
changed_when: ironic_inspector_chain.rc == 0
failed_when:
- ironic_inspector_chain.rc != 0
- "'No chain/target/match by that name' not in ironic_inspector_chain.stderr"