fa06dcd37b
This patch includes three unrelated fixes. Make qemu use nova user in centos Libvirt 3.2.0 (latest version in centos) seems to have changed behavior of dynamic_ownership. Pin ansible to <2.4 to make ara work in gates ARA does not work yet with ansible 2.4, this change pins to lower version to make gates work. Revert once ara works with 2.4 Disable selinux for oraclelinux and centos. Co-Authored-By: wanghongxu <wang19930902@gmail.com> Co-Authored-By: Jeffrey Zhang <jeffrey.zhang@99cloud.net> Change-Id: Iac8bec19437192cd198d58f71c6ed0a65a76f820 Closes-bug: #1718541
122 lines
2.3 KiB
YAML
122 lines
2.3 KiB
YAML
---
|
|
- name: Ensure docker service directory exists
|
|
file:
|
|
path=/etc/systemd/system/docker.service.d
|
|
state=directory
|
|
recurse=yes
|
|
become: True
|
|
|
|
- name: Configure docker service
|
|
become: True
|
|
template:
|
|
src=docker_systemd_service.j2
|
|
dest=/etc/systemd/system/docker.service.d/kolla.conf
|
|
register: docker_configured
|
|
|
|
- name: Reload docker service file
|
|
become: True
|
|
command: systemctl daemon-reload
|
|
|
|
- name: Get stat of libvirtd apparmor profile
|
|
stat: path=/etc/apparmor.d/usr.sbin.libvirtd
|
|
register: apparmor_libvirtd_profile
|
|
when: ansible_distribution == "Ubuntu"
|
|
|
|
- name: Remove apparmor profile for libvirt
|
|
command: apparmor_parser -R /etc/apparmor.d/usr.sbin.libvirtd
|
|
become: True
|
|
when:
|
|
- ansible_distribution == "Ubuntu"
|
|
- apparmor_libvirtd_profile.stat.exists
|
|
|
|
- name: Create docker group
|
|
group:
|
|
name: docker
|
|
become: True
|
|
|
|
- name: Add kolla user to docker group
|
|
user:
|
|
name: kolla
|
|
append: yes
|
|
groups: docker
|
|
become: True
|
|
when: create_kolla_user | bool
|
|
|
|
- name: Start docker
|
|
service:
|
|
name: docker
|
|
state: started
|
|
become: True
|
|
|
|
- name: Restart docker
|
|
service:
|
|
name: docker
|
|
state: restarted
|
|
become: True
|
|
when: docker_configured.changed
|
|
|
|
- name: Enable docker
|
|
service:
|
|
name: docker
|
|
enabled: yes
|
|
become: True
|
|
|
|
- name: Stop time service
|
|
service:
|
|
name: ntp
|
|
state: stopped
|
|
become: True
|
|
when:
|
|
- ansible_os_family == "Debian"
|
|
- enable_host_ntp | bool
|
|
|
|
- name: Stop time service
|
|
service:
|
|
name: ntpd
|
|
state: stopped
|
|
become: True
|
|
when:
|
|
- ansible_os_family == "RedHat"
|
|
- enable_host_ntp | bool
|
|
|
|
- name: Synchronizing time one-time
|
|
command: ntpd -gq
|
|
become: True
|
|
when: enable_host_ntp | bool
|
|
|
|
- name: Start time sync service
|
|
service:
|
|
name: ntp
|
|
state: started
|
|
enabled: yes
|
|
become: True
|
|
when:
|
|
- ansible_os_family == "Debian"
|
|
- enable_host_ntp | bool
|
|
|
|
- name: Start time sync service
|
|
service:
|
|
name: ntpd
|
|
state: started
|
|
enabled: yes
|
|
become: True
|
|
when:
|
|
- ansible_os_family == "RedHat"
|
|
- enable_host_ntp | bool
|
|
|
|
- name: Disable selinux
|
|
selinux:
|
|
policy: target
|
|
state: permissive
|
|
become: true
|
|
when:
|
|
- disable_selinux | bool
|
|
- ansible_os_family == "RedHat"
|
|
|
|
- name: Reboot
|
|
command: reboot -f
|
|
become: True
|
|
when:
|
|
- reboot_required is defined
|
|
- reboot_required | bool
|