openstack/kolla-ansible
Code Issues Proposed changes
97bbad7c19
kolla-ansible/ansible/roles/baremetal/tasks/post-install.yml
Mark Goddard 12987ca0fa Fix kolla-bootstrap-servers with docker_storage_driver set 
If docker_storage_driver is set in globals.yml, then kolla-ansible
bootstrap-servers is run, it fails like so:

The conditional check 'docker_storage_driver' failed. The error was: error
while evaluating conditional (docker_storage_driver): 'devicemapper' is
undefined

Ansible does not like evaluating strings as conditionals. This change switches
to using the length filter.

Change-Id: Ib95cbdac2a659e7a0d5f113fe48046de3a39dcda
Closes-Bug: #1849691
2019-10-24 16:15:23 +01:00

239 lines
5.4 KiB
YAML
Raw Blame History

---
- name: Create kolla user
user:
name: "{{ kolla_user }}"
state: present
group: "{{ kolla_group }}"
groups: "sudo"
append: true
become: True
when: create_kolla_user | bool
- name: Add public key to kolla user authorized keys
authorized_key:
user: "{{ kolla_user }}"
key: "{{ kolla_ssh_key.public_key }}"
become: True
when: create_kolla_user | bool
- name: Grant kolla user passwordless sudo
lineinfile:
dest: /etc/sudoers.d/kolla-ansible-users
state: present
create: yes
mode: '0640'
regexp: '^{{ kolla_user }}'
line: '{{ kolla_user }} ALL=(ALL) NOPASSWD: ALL'
become: True
when: create_kolla_user_sudoers | bool
- name: Ensure virtualenv has correct ownership
file:
path: "{{ virtualenv }}"
recurse: True
state: directory
owner: "{{ kolla_user }}"
group: "{{ kolla_group }}"
become: True
when: virtualenv is not none
- name: Ensure node_config_directory directory exists for user kolla
file:
path: "{{ node_config_directory }}"
state: directory
owner: "{{ kolla_user }}"
group: "{{ kolla_group }}"
mode: 0755
become: True
when: create_kolla_user | bool
- name: Ensure node_config_directory directory exists
file:
path: "{{ node_config_directory }}"
state: directory
mode: 0755
become: True
when: not create_kolla_user | bool
- name: Ensure docker config directory exists
file:
path: /etc/docker
state: directory
become: True
- name: Merge Zun docker config
set_fact:
docker_config: "{{ docker_config | combine(docker_zun_config) }}"
when:
- docker_configure_for_zun | bool
- name: Warn about deprecations
debug:
msg: >
docker_custom_option is deprecated in favor of docker_custom_config
when: docker_custom_option | length > 0
- name: Setup docker insecure registries
vars:
registries: ["{{ docker_registry }}"]
set_fact:
docker_config: "{{ docker_config | combine({'insecure-registries': registries}) }}"
when: docker_registry_insecure | bool
- name: Setup docker storage driver
set_fact:
docker_config: "{{ docker_config | combine({'storage-driver': docker_storage_driver}) }}"
when: docker_storage_driver | length > 0
- name: Setup docker runtime directory
set_fact:
docker_config: "{{ docker_config | combine({'data-root': docker_runtime_directory}) }}"
when: docker_runtime_directory | length > 0
- name: Merge custom docker config
set_fact:
docker_config: "{{ docker_config | combine(docker_custom_config) }}"
- name: Write docker config
become: True
copy:
content: "{{ docker_config | to_nice_json }}"
dest: /etc/docker/daemon.json
mode: 0644
register: docker_configured
- name: Remove old docker options file
become: True
file:
path: /etc/systemd/system/docker.service.d/kolla.conf
state: absent
when:
- not docker_custom_option
- not docker_configure_for_zun|bool
- name: Ensure docker service directory exists
become: True
file:
path: /etc/systemd/system/docker.service.d
state: directory
recurse: yes
when: docker_custom_option | length > 0 or docker_configure_for_zun|bool
- name: Configure docker service
become: True
template:
src: docker_systemd_service.j2
dest: /etc/systemd/system/docker.service.d/kolla.conf
when: docker_custom_option | length > 0 or docker_configure_for_zun|bool
- name: Reload docker service file
become: True
systemd:
name: docker
daemon_reload: yes
register: docker_reloaded
- name: Get stat of libvirtd apparmor profile
stat:
path: /etc/apparmor.d/usr.sbin.libvirtd
register: apparmor_libvirtd_profile
when: ansible_distribution == "Ubuntu"
- name: Remove apparmor profile for libvirt
command: apparmor_parser -R /etc/apparmor.d/usr.sbin.libvirtd
become: True
when:
- ansible_distribution == "Ubuntu"
- apparmor_libvirtd_profile.stat.exists
- name: Create docker group
group:
name: docker
become: True
- name: Add kolla user to docker group
user:
name: "{{ kolla_user }}"
append: yes
groups: docker
become: True
when: create_kolla_user | bool
- name: Start docker
service:
name: docker
state: started
become: True
- name: Restart docker
service:
name: docker
state: restarted
become: True
when: docker_configured.changed or docker_reloaded.changed
- name: Enable docker
service:
name: docker
enabled: yes
become: True
- name: Stop time service
service:
name: ntp
state: stopped
become: True
when:
- ansible_os_family == "Debian"
- enable_host_ntp | bool
- name: Stop time service
service:
name: ntpd
state: stopped
become: True
when:
- ansible_os_family == "RedHat"
- enable_host_ntp | bool
- name: Synchronizing time one-time
command: ntpd -gq
become: True
when: enable_host_ntp | bool
- name: Start time sync service
service:
name: ntp
state: started
enabled: yes
become: True
when:
- ansible_os_family == "Debian"
- enable_host_ntp | bool
- name: Start time sync service
service:
name: ntpd
state: started
enabled: yes
become: True
when:
- ansible_os_family == "RedHat"
- enable_host_ntp | bool
- name: Change state of selinux
selinux:
policy: targeted
state: "{{ selinux_state }}"
become: true
when:
- change_selinux | bool
- ansible_os_family == "RedHat"
- name: Reboot
command: reboot -f
become: True
when:
- reboot_required is defined
- reboot_required | bool
View Git Blame Copy Permalink