Allow to distribute custom key with the role

Right now we have quite strong assumption that `nova_ceph_client` should be
present among clients to fetch. At the same time, in case the role is
included outside of the OSA context, ceph_client_filtered_clients might
not contain all users we expect to see.

With that we alter the logic to fetch nova key not only when role is launched
against compute host, but also when the client is present in the list.

Change-Id: I7810881a01b9d2f3d98a6c3ad590b9ea63358011
This commit is contained in:
Dmitriy Rabotyagov 2023-10-02 15:10:25 +02:00
parent d086041842
commit eb27ca0874
3 changed files with 3 additions and 0 deletions

View File

@ -79,6 +79,7 @@
command: virsh secret-get-value {{ nova_ceph_client_uuid }} command: virsh secret-get-value {{ nova_ceph_client_uuid }}
when: when:
- inventory_hostname in groups.nova_compute - inventory_hostname in groups.nova_compute
- ceph_nova_secret is defined
changed_when: false changed_when: false
failed_when: false failed_when: false
register: libvirt_nova_set register: libvirt_nova_set

View File

@ -57,6 +57,7 @@
stdout: "{{ (ceph_client_keys[nova_ceph_client] | regex_search('.*^\\s*key\\s*=\\s*(.*)$.*', '\\1', multiline=True))[0] }}" stdout: "{{ (ceph_client_keys[nova_ceph_client] | regex_search('.*^\\s*key\\s*=\\s*(.*)$.*', '\\1', multiline=True))[0] }}"
when: when:
- inventory_hostname in groups.nova_compute - inventory_hostname in groups.nova_compute
- nova_ceph_client in ceph_client_filtered_clients | map(attribute='name') | list
delegate_to: localhost delegate_to: localhost
tags: tags:
- always - always

View File

@ -61,6 +61,7 @@
command: ceph auth get-key client.{{ nova_ceph_client }} --cluster {{ ceph_cluster_name }} command: ceph auth get-key client.{{ nova_ceph_client }} --cluster {{ ceph_cluster_name }}
when: when:
- inventory_hostname in groups.nova_compute - inventory_hostname in groups.nova_compute
- nova_ceph_client in ceph_client_filtered_clients | map(attribute='name') | list
changed_when: false changed_when: false
delegate_to: '{{ ceph_mon_host }}' delegate_to: '{{ ceph_mon_host }}'
register: ceph_nova_secret register: ceph_nova_secret