diff --git a/defaults/main.yml b/defaults/main.yml index 07161747..dbc5c8e4 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -24,7 +24,11 @@ glance_venv_python_executable: "{{ openstack_venv_python_executable | default('p # for the service setup. The host must already have # clouds.yaml properly configured. glance_service_setup_host: "{{ openstack_service_setup_host | default('localhost') }}" -glance_service_setup_host_python_interpreter: "{{ openstack_service_setup_host_python_interpreter | default((glance_service_setup_host == 'localhost') | ternary(ansible_playbook_python, ansible_facts['python']['executable'])) }}" +glance_service_setup_host_python_interpreter: >- + {{ + openstack_service_setup_host_python_interpreter | default( + (glance_service_setup_host == 'localhost') | ternary(ansible_playbook_python, ansible_facts['python']['executable'])) + }} # Set the package install state for distribution packages # Options are 'present' and 'latest' @@ -32,7 +36,8 @@ glance_package_state: "{{ package_state | default('latest') }}" glance_git_repo: https://opendev.org/openstack/glance glance_git_install_branch: master -glance_upper_constraints_url: "{{ requirements_git_url | default('https://releases.openstack.org/constraints/upper/' ~ requirements_git_install_branch | default('master')) }}" +glance_upper_constraints_url: >- + {{ requirements_git_url | default('https://releases.openstack.org/constraints/upper/' ~ requirements_git_install_branch | default('master')) }} glance_git_constraints: - "--constraint {{ glance_upper_constraints_url }}" @@ -81,7 +86,7 @@ glance_default_store: file glance_additional_stores: - http - cinder -glance_available_stores: "{{ [ glance_default_store ] + glance_additional_stores }}" +glance_available_stores: "{{ [glance_default_store] + glance_additional_stores }}" glance_flavor: "{% if glance_default_store == 'rbd' %}keystone{% else %}keystone+cachemanagement{% endif %}" glance_show_image_direct_url: "{{ glance_default_store == 'rbd' }}" glance_show_multiple_locations: "{{ glance_default_store == 'rbd' }}" @@ -124,7 +129,11 @@ glance_oslomsg_amqp1_enabled: "{{ glance_oslomsg_rpc_transport == 'amqp' }}" ## Database info glance_db_setup_host: "{{ openstack_db_setup_host | default('localhost') }}" -glance_db_setup_python_interpreter: "{{ openstack_db_setup_python_interpreter | default((glance_db_setup_host == 'localhost') | ternary(ansible_playbook_python, ansible_facts['python']['executable'])) }}" +glance_db_setup_python_interpreter: >- + {{ + openstack_db_setup_python_interpreter | default( + (glance_db_setup_host == 'localhost') | ternary(ansible_playbook_python, ansible_facts['python']['executable'])) + }} glance_galera_address: "{{ galera_address | default('127.0.0.1') }}" glance_galera_database: glance glance_galera_user: glance @@ -203,7 +212,8 @@ glance_cors_allowed_origin: "{{ openstack_service_publicuri_proto | default('htt ## Cap the maximum number of threads / workers when a user value is unspecified. glance_api_threads_max: 16 -glance_api_threads: "{{ [[(ansible_facts['processor_vcpus']//ansible_facts['processor_threads_per_core'])|default(1), 1] | max, glance_api_threads_max] | min }}" +glance_api_threads: >- + {{ [[(ansible_facts['processor_vcpus'] // ansible_facts['processor_threads_per_core']) | default(1), 1] | max, glance_api_threads_max] | min }} glance_task_executor: taskflow glance_digest_algorithm: sha256 @@ -233,9 +243,9 @@ glance_remote_client: "{{ glance_nfs_client | default([]) }}" ## Policy vars # Provide a list of access controls to update the default policy.json with. These changes will be merged # with the access controls in the default policy.json. E.g. -#glance_policy_overrides: -# "add_image": "" -# "delete_image": "" +# glance_policy_overrides: +# "add_image": "" +# "delete_image": "" ## Ceph rbd Options glance_ceph_client: glance @@ -294,7 +304,8 @@ glance_services: # Glance uWSGI settings glance_wsgi_processes_max: 16 -glance_wsgi_processes: "{{ [[(ansible_facts['processor_vcpus']//ansible_facts['processor_threads_per_core'])|default(1), 1] | max * 2, glance_wsgi_processes_max] | min }}" +glance_wsgi_processes: >- + {{ [[(ansible_facts['processor_vcpus'] // ansible_facts['processor_threads_per_core']) | default(1), 1] | max * 2, glance_wsgi_processes_max] | min }} glance_wsgi_threads: 1 glance_uwsgi_tls: crt: "{{ glance_ssl_cert }}" @@ -313,7 +324,7 @@ glance_policy_content: {} glance_api_uwsgi_ini_overrides: {} # Specify path on the local filesystem for glance-image-import.conf -#glance_glance_image_import_conf_location: /path/to/local/glance-image-import.conf +# glance_glance_image_import_conf_location: /path/to/local/glance-image-import.conf ### ### Backend TLS @@ -360,5 +371,5 @@ glance_pki_install_certificates: mode: "0600" # Define user-provided SSL certificates -#glance_user_ssl_cert: -#glance_user_ssl_key: +# glance_user_ssl_cert: +# glance_user_ssl_key: diff --git a/meta/main.yml b/meta/main.yml index 006d4cac..16e9e004 100644 --- a/meta/main.yml +++ b/meta/main.yml @@ -18,19 +18,21 @@ galaxy_info: description: Installation and setup of glance company: Rackspace license: Apache2 - min_ansible_version: 2.4 + role_name: os_glance + namespace: openstack + min_ansible_version: "2.10" platforms: - name: Debian versions: - - buster + - bullseye - name: Ubuntu versions: - - bionic - focal + - jammy - name: EL versions: - - 8 - categories: + - "9" + galaxy_tags: - cloud - python - glance diff --git a/tasks/glance_install.yml b/tasks/glance_install.yml index c468401c..0dd4cb38 100644 --- a/tasks/glance_install.yml +++ b/tasks/glance_install.yml @@ -19,13 +19,14 @@ section: "glance" option: "install_method" value: "{{ glance_install_method }}" + mode: "0644" - name: Refresh local facts to ensure the glance section is present setup: filter: ansible_local gather_subset: "!all" -- name: create the system group +- name: Create the system group group: name: "{{ glance_system_group_name }}" gid: "{{ glance_system_group_gid | default(omit) }}" @@ -70,8 +71,8 @@ src: "{{ item.src | default(omit) }}" dest: "{{ item.dest | default(omit) }}" state: "{{ item.state | default('directory') }}" - owner: "{{ item.owner|default(glance_system_user_name) }}" - group: "{{ item.group|default(glance_system_group_name) }}" + owner: "{{ item.owner | default(glance_system_user_name) }}" + group: "{{ item.group | default(glance_system_group_name) }}" mode: "{{ item.mode | default(omit) }}" force: "{{ item.force | default(omit) }}" when: @@ -146,10 +147,10 @@ systemd_tempd_prefix: openstack systemd_slice_name: glance systemd_lock_path: /var/lock/glance - systemd_CPUAccounting: true - systemd_BlockIOAccounting: true - systemd_MemoryAccounting: true - systemd_TasksAccounting: true + systemd_service_cpu_accounting: true + systemd_service_block_io_accounting: true + systemd_service_memory_accounting: true + systemd_service_tasks_accounting: true systemd_services: - service_name: "{{ service_var.service_name }}" enabled: "{{ service_var.enabled | default(True) }}" diff --git a/tasks/glance_post_install.yml b/tasks/glance_post_install.yml index 05350752..444a6619 100644 --- a/tasks/glance_post_install.yml +++ b/tasks/glance_post_install.yml @@ -19,9 +19,9 @@ file: path: "{{ item.path | default(omit) }}" state: "directory" - owner: "{{ item.owner|default(glance_system_user_name) }}" - group: "{{ item.group|default(glance_system_group_name) }}" - mode: "{{ item.mode | default(omit) }}" + owner: "{{ item.owner | default(glance_system_user_name) }}" + group: "{{ item.group | default(glance_system_group_name) }}" + mode: "{{ item.mode | default('0755') }}" loop: - path: "/etc/glance/rootwrap.d" owner: "root" @@ -33,6 +33,7 @@ dest: "/etc/glance/rootwrap.d/" owner: "root" group: "root" + mode: "0644" with_fileglob: - rootwrap.d/* tags: @@ -107,6 +108,9 @@ template: src: "{{ glance_glance_image_import_conf_location }}" dest: "{{ glance_etc_dir }}/glance-image-import.conf" + mode: "0640" + owner: root + group: "{{ glance_system_group_name }}" when: glance_glance_image_import_conf_location is defined notify: - Restart glance services diff --git a/tasks/main.yml b/tasks/main.yml index f77b9c5c..9420a5e0 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -43,7 +43,8 @@ tags: - always -- include_role: +- name: Including osa.db_setup role + include_role: name: openstack.osa.db_setup apply: tags: @@ -64,7 +65,8 @@ tags: - always -- include_role: +- name: Including osa.mq_setup role + include_role: name: openstack.osa.mq_setup apply: tags: @@ -86,7 +88,8 @@ tags: - always -- import_tasks: glance_install.yml +- name: Importing glance_install tasks + import_tasks: glance_install.yml tags: - glance-install @@ -110,17 +113,20 @@ tags: - always -- import_tasks: glance_post_install.yml +- name: Importing glance_post_install tasks + import_tasks: glance_post_install.yml tags: - glance-config -- import_tasks: glance_db_sync.yml +- name: Importing glance_db_sync tasks + import_tasks: glance_db_sync.yml when: - "_glance_is_first_play_host" tags: - glance-config -- include_role: +- name: Including osa.service_setup role + include_role: name: openstack.osa.service_setup apply: tags: diff --git a/vars/distro_install.yml b/vars/distro_install.yml index d27f5654..e013fd31 100644 --- a/vars/distro_install.yml +++ b/vars/distro_install.yml @@ -14,7 +14,7 @@ # limitations under the License. glance_package_list: |- - {% set packages = (glance_distro_packages + glance_service_distro_packages) %} + {% set packages = glance_distro_packages + glance_service_distro_packages %} {% if glance_oslomsg_amqp1_enabled | bool %} {% set _ = packages.extend(glance_oslomsg_amqp1_distro_packages) %} {% endif %} diff --git a/vars/main.yml b/vars/main.yml index 47e4c887..a4f903c7 100644 --- a/vars/main.yml +++ b/vars/main.yml @@ -13,7 +13,11 @@ # See the License for the specific language governing permissions and # limitations under the License. -_glance_is_first_play_host: "{{ (glance_services['glance-api']['group'] in group_names and inventory_hostname == (groups[glance_services['glance-api']['group']] | intersect(ansible_play_hosts)) | first) | bool }}" +_glance_is_first_play_host: >- + {{ + (glance_services['glance-api']['group'] in group_names and + inventory_hostname == (groups[glance_services['glance-api']['group']] | intersect(ansible_play_hosts)) | first) | bool + }} # # Compile a list of the services on a host based on whether