Use new ansible package module to install distro packages.

From Newton onwards we're able to take advantage of
the Ansible package module, instead of conditionally
executing the apt or yum module.

Implementing this is an optimisation which we can do
in master and backport to stable/newton,
reducing the execution time.

Reference: http://docs.ansible.com/ansible/package_module.html

Change-Id: Ie15c4b1f2970e3f93765132459e072c58b146799
Related-Bug: #1642654
This commit is contained in:
Donovan Francesco (drifterza) 2016-11-24 20:44:00 +02:00
parent 2417c52cd4
commit 1b5c70bf41
4 changed files with 137 additions and 287 deletions

View File

@ -13,14 +13,145 @@
# See the License for the specific language governing permissions and
# limitations under the License.
- include: keystone_install_apt.yml
static: no
when: ansible_pkg_mgr == 'apt'
- include: keystone_install_yum.yml
static: no
- name: Create keystone dir
file:
path: "{{ item.path }}"
state: directory
owner: "{{ item.owner|default(keystone_system_user_name) }}"
group: "{{ item.group|default(keystone_system_group_name) }}"
mode: "{{ item.mode|default('0755') }}"
with_items:
- { path: "/etc/pki/tls/certs", owner: "root", group: "root" }
- { path: "/etc/pki/tls/private", owner: "root", group: "root" }
- { path: "/var/lock/keystone", mode: "2755" }
- { path: "/var/log/httpd", mode: "2755" }
when: ansible_pkg_mgr == 'yum'
- name: Create system links
file:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
state: "link"
with_items:
- { src: "/etc/pki/tls/certs", dest: "/etc/ssl/certs" }
- { src: "/etc/pki/tls/private", dest: "/etc/ssl/private" }
- { src: "/var/log/httpd", dest: "/var/log/apache2" }
when: ansible_pkg_mgr == 'yum'
- name: Add shibboleth repo
yum_repository:
name: "shibboleth"
description: "shibboleth Repo"
baseurl: "http://download.opensuse.org/repositories/security:/shibboleth/CentOS_7/"
gpgkey: "http://download.opensuse.org/repositories/security:/shibboleth/CentOS_7//repodata/repomd.xml.key"
gpgcheck: yes
when:
- ansible_pkg_mgr == 'yum'
- keystone_sp != {}
- name: Ensure apt cache is up to date
apt:
update_cache: yes
cache_valid_time: "{{ cache_timeout }}"
when:
- ansible_pkg_mgr == 'apt'
- name: Install distro packages
package:
name: "{{ item }}"
state: "{{ keystone_package_state }}"
register: install_packages
until: install_packages|success
retries: 5
delay: 2
with_items: "{{ keystone_distro_packages }}"
- name: Install distro packages for Apache
package:
name: "{{ item }}"
state: "{{ keystone_package_state }}"
register: install_packages
until: install_packages|success
retries: 5
delay: 2
with_items: "{{ keystone_apache_distro_packages }}"
when:
- keystone_apache_enabled | bool
- name: Install distro packages for mod_wsgi
package:
name: "{{ item }}"
state: "{{ keystone_package_state }}"
register: install_packages
until: install_packages|success
retries: 5
delay: 2
with_items: "{{ keystone_mod_wsgi_distro_packages }}"
when:
- keystone_mod_wsgi_enabled | bool
- name: Install distro packages for mod_proxy_uwsgi
package:
name: "{{ item }}"
state: "{{ keystone_package_state }}"
register: install_packages
until: install_packages|success
retries: 5
delay: 2
with_items: "{{ keystone_mod_proxy_uwsgi_distro_packages }}"
when:
- not keystone_mod_wsgi_enabled | bool
- name: Install distro packages for Nginx
package:
name: "{{ item }}"
state: "{{ keystone_package_state }}"
register: install_packages
until: install_packages|success
retries: 5
delay: 2
with_items: "{{ keystone_nginx_distro_packages }}"
when:
- not keystone_apache_enabled | bool
- name: Install distro packages for IdP
package:
name: "{{ item }}"
state: "{{ keystone_package_state }}"
register: install_packages
until: install_packages|success
retries: 5
delay: 2
with_items: "{{ keystone_idp_distro_packages }}"
when:
- keystone_apache_enabled | bool
- keystone_idp != {}
- name: Install distro packages for SP
package:
name: "{{ item }}"
state: "{{ keystone_package_state }}"
register: install_packages
until: install_packages|success
retries: 5
delay: 2
with_items: "{{ keystone_sp_distro_packages }}"
when:
- keystone_apache_enabled | bool
- keystone_sp != {}
- name: Install distro packages for developer mode
package:
name: "{{ item }}"
state: "{{ keystone_package_state }}"
register: install_packages
until: install_packages|success
retries: 5
delay: 2
with_items: "{{ keystone_developer_mode_distro_packages }}"
when:
- keystone_developer_mode | bool
- name: Create WSGI symlinks
file:
src: "{{ item.src }}"

View File

@ -1,119 +0,0 @@
---
# Copyright 2015, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Update apt sources
apt:
update_cache: yes
cache_valid_time: 600
register: apt_update
until: apt_update|success
retries: 5
delay: 2
- name: Install apt packages
apt:
pkg: "{{ item }}"
state: "{{ keystone_package_state }}"
register: install_packages
until: install_packages|success
retries: 5
delay: 2
with_items: "{{ keystone_distro_packages }}"
- name: Install Apache apt packages
apt:
pkg: "{{ item }}"
state: "{{ keystone_package_state }}"
register: install_packages
until: install_packages|success
retries: 5
delay: 2
with_items: "{{ keystone_apache_distro_packages }}"
when:
- keystone_apache_enabled | bool
- name: Install mod_wsgi apt packages
apt:
pkg: "{{ item }}"
state: "{{ keystone_package_state }}"
register: install_packages
until: install_packages|success
retries: 5
delay: 2
with_items: "{{ keystone_mod_wsgi_distro_packages }}"
when:
- keystone_mod_wsgi_enabled | bool
- name: Install mod_proxy_uwsgi apt packages
apt:
pkg: "{{ item }}"
state: "{{ keystone_package_state }}"
register: install_packages
until: install_packages|success
retries: 5
delay: 2
with_items: "{{ keystone_mod_proxy_uwsgi_distro_packages }}"
when:
- not keystone_mod_wsgi_enabled | bool
- name: Install Nginx apt packages
apt:
pkg: "{{ item }}"
state: "{{ keystone_package_state }}"
register: install_packages
until: install_packages|success
retries: 5
delay: 2
with_items: "{{ keystone_nginx_distro_packages }}"
when:
- not keystone_apache_enabled | bool
- name: Install IdP apt packages
apt:
pkg: "{{ item }}"
state: "{{ keystone_package_state }}"
register: install_packages
until: install_packages|success
retries: 5
delay: 2
with_items: "{{ keystone_idp_distro_packages }}"
when:
- keystone_apache_enabled | bool
- keystone_idp != {}
- name: Install SP apt packages
apt:
pkg: "{{ item }}"
state: "{{ keystone_package_state }}"
register: install_packages
until: install_packages|success
retries: 5
delay: 2
with_items: "{{ keystone_sp_distro_packages }}"
when:
- keystone_apache_enabled | bool
- keystone_sp != {}
- name: Install developer mode apt packages
apt:
pkg: "{{ item }}"
state: "{{ keystone_package_state }}"
register: install_packages
until: install_packages|success
retries: 5
delay: 2
with_items: "{{ keystone_developer_mode_distro_packages }}"
when:
- keystone_developer_mode | bool

View File

@ -1,154 +0,0 @@
---
# Copyright 2016, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Create keystone dir
file:
path: "{{ item.path }}"
state: directory
owner: "{{ item.owner|default(keystone_system_user_name) }}"
group: "{{ item.group|default(keystone_system_group_name) }}"
mode: "{{ item.mode|default('0755') }}"
with_items:
- { path: "/etc/pki/tls/certs", owner: "root", group: "root" }
- { path: "/etc/pki/tls/private", owner: "root", group: "root" }
- { path: "/var/lock/keystone", mode: "2755" }
- { path: "/var/log/httpd", mode: "2755" }
- name: Create system links
file:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
state: "link"
with_items:
- { src: "/etc/pki/tls/certs", dest: "/etc/ssl/certs" }
- { src: "/etc/pki/tls/private", dest: "/etc/ssl/private" }
- { src: "/var/log/httpd", dest: "/var/log/apache2" }
- name: Install yum packages
yum:
pkg: "{{ item }}"
state: "{{ keystone_package_state }}"
register: install_packages
until: install_packages|success
retries: 5
delay: 2
with_items: "{{ keystone_distro_packages }}"
- name: Install Apache yum packages
yum:
pkg: "{{ item }}"
state: "{{ keystone_package_state }}"
register: install_packages
until: install_packages|success
retries: 5
delay: 2
with_items: "{{ keystone_apache_distro_packages }}"
when:
- keystone_apache_enabled | bool
- name: Install mod_wsgi yum packages
yum:
pkg: "{{ item }}"
state: "{{ keystone_package_state }}"
register: install_packages
until: install_packages|success
retries: 5
delay: 2
with_items: "{{ keystone_mod_wsgi_distro_packages }}"
when:
- keystone_mod_wsgi_enabled | bool
- name: Install mod_proxy_uwsgi apt packages
yum:
pkg: "{{ item }}"
state: "{{ keystone_package_state }}"
register: install_packages
until: install_packages|success
retries: 5
delay: 2
with_items: "{{ keystone_mod_proxy_uwsgi_distro_packages }}"
when:
- not keystone_mod_wsgi_enabled | bool
- name: Install Nginx yum packages
yum:
pkg: "{{ item }}"
state: "{{ keystone_package_state }}"
register: install_packages
until: install_packages|success
retries: 5
delay: 2
with_items: "{{ keystone_nginx_distro_packages }}"
when:
- not keystone_apache_enabled | bool
- name: Install IdP yum packages
yum:
pkg: "{{ item }}"
state: "{{ keystone_package_state }}"
register: install_packages
until: install_packages|success
retries: 5
delay: 2
with_items: "{{ keystone_idp_distro_packages }}"
when:
- keystone_idp != {}
#TODO(cloudnull) Remove this task once we move to Ansible 2.1
# where we can leverage the `yum_repository` module:
# https://docs.ansible.com/ansible/yum_repository_module.html
- name: Add shibboleth repo
copy:
content: |
[{{ item.name }}]
name={{ item.name }}
description={{ item.description }}
baseurl={{ item.baseurl }}
gpgkey={{ item.gpgkey }}
gpgcheck=1
enabled=1
dest: "/etc/yum.repos.d/{{ item.file }}.repo"
register: add_repos
until: add_repos|success
retries: 5
delay: 2
with_items:
- "{{ keystone_shibboleth_repo }}"
when:
- keystone_sp != {}
- name: Install SP yum packages
yum:
pkg: "{{ item }}"
state: "{{ keystone_package_state }}"
register: install_packages
until: install_packages|success
retries: 5
delay: 2
with_items: "{{ keystone_sp_distro_packages }}"
when:
- keystone_sp != {}
- name: Install developer mode yum packages
yum:
pkg: "{{ item }}"
state: "{{ keystone_package_state }}"
register: install_packages
until: install_packages|success
retries: 5
delay: 2
with_items: "{{ keystone_developer_mode_distro_packages }}"
when:
- keystone_developer_mode | bool

View File

@ -13,14 +13,6 @@
# See the License for the specific language governing permissions and
# limitations under the License.
keystone_shibboleth_repo:
state: "present"
name: "shibboleth"
description: "shibboleth Repo"
file: shibboleth
baseurl: "http://download.opensuse.org/repositories/security:/shibboleth/CentOS_7/"
gpgkey: "http://download.opensuse.org/repositories/security:/shibboleth/CentOS_7//repodata/repomd.xml.key"
keystone_distro_packages:
- ca-certificates
- cronie