kolla-ansible/ansible/roles/prechecks/tasks/service_checks.yml

---
- name: Checking that libvirt is not running
  stat: path=/var/run/libvirt/libvirt-sock
  register: result
  failed_when: result.stat.exists
  when: inventory_hostname in groups['compute']

- name: Checking Docker version
  command: docker version
  register: result
  changed_when: false
  failed_when: result | failed
               or (result.stdout | from_yaml).Server.Version | regex_replace('(\\d+\\.\\d+\\.\\d+).*', '\\1') | version_compare(docker_version_min, '<')

# When MountFlags is set to shared, a signal bit configured on 20th bit of a number
# We need to check the 20th bit. 2^20 = 1048576. So we are validating against it.
- name: Checking if 'MountFlags' for docker service is set to 'shared'
  command: systemctl show docker
  register: result
  changed_when: false
  failed_when: result.stdout.find('MountFlags=1048576') == -1
  when:
    - (inventory_hostname in groups['neutron-dhcp-agent']
       or inventory_hostname in groups['neutron-l3-agent']
       or inventory_hostname in groups['neutron-metadata-agent'])
    - ansible_os_family == 'RedHat'
       or (ansible_distribution == 'Ubuntu' and ansible_distribution_version > '14.04')

- name: Checking if '/run' mount flag is set to 'shared'
  command: awk '$5 == "/run" {print $7}' /proc/self/mountinfo
  register: result
  changed_when: false
  failed_when: result.stdout.find('shared') == -1
  when:
    - (inventory_hostname in groups['neutron-dhcp-agent']
       or inventory_hostname in groups['neutron-l3-agent']
       or inventory_hostname in groups['neutron-metadata-agent'])
    - ansible_distribution == 'Ubuntu' and ansible_distribution_version == '14.04'

- name: Checking empty passwords in passwords.yml. Run kolla-genpwd if this task fails
  local_action: command grep '^[^#].*:\s*$' "{{ CONFIG_DIR }}/passwords.yml"
  register: result
  changed_when: false
  failed_when: result.stdout | regex_replace('(.*ssh_key.*)', '') | search(":")

- name: Checking fernet_token_expiry in globals.yml. Update fernet_token_expiry to allowed value if this task fails
  local_action: command grep '^[^#]*fernet_token_expiry:\s*\d*' "{{ CONFIG_DIR }}/globals.yml" | sed 's/[^0-9]*//g'
  register: result
  changed_when: false
  failed_when: result.stdout | regex_replace('(60|120|180|240|300|360|600|720|900|1200|1800|3600|7200|10800|14400|21600|28800|43200|86400|604800)', '') | search(".+")

- name: Checking number of network agents
  local_action: fail msg="Number of network agents are less than two when enabling agent ha"
  changed_when: false
  when:
    - enable_neutron_agent_ha | bool
    - groups['neutron-dhcp-agent'] | length < 2
      or groups['neutron-l3-agent'] | length < 2

- name: Checking mongodb backend for ceilometer
  local_action: fail msg="ceilometer_database_type set to 'mongodb' but mongodb is not enabled"
  changed_when: false
  when:
    - enable_ceilometer | bool
    - not enable_mongodb | bool
    - ceilometer_database_type == "mongodb"