Merge "Add external LB management handler hook interface"
This commit is contained in:
Jenkins
Gerrit Code Review
commit
f6b5e64e59
@ -53,6 +53,19 @@ Example playbook
|
||||
.. literalinclude:: ../../examples/playbook.yml
|
||||
:language: yaml
|
||||
|
||||
External Restart Hooks
|
||||
~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
When the role performs a restart of the service, it will notify an Ansible
|
||||
handler named ``Manage LB``, which is a noop within this role. In the
|
||||
playbook, other roles may be loaded before and after this role which will
|
||||
implement Ansible handler listeners for ``Manage LB``, allowing external roles
|
||||
to manage the load balancer endpoints responsible for sending traffic to the
|
||||
servers being restarted by marking them in maintenance or active mode,
|
||||
draining sessions, etc. For an example implementation, please reference the
|
||||
`ansible-haproxy-endpoints role <https://github.com/Logan2211/ansible-haproxy-endpoints>`_
|
||||
used by the openstack-ansible project.
|
||||
|
||||
Tags
|
||||
~~~~
|
||||
|
||||
|
||||
@ -103,3 +103,7 @@
|
||||
until: _restart | success
|
||||
retries: 5
|
||||
delay: 2
|
||||
|
||||
- meta: noop
|
||||
listen: Manage LB
|
||||
when: false
|
||||
|
||||
@ -42,6 +42,7 @@
|
||||
when:
|
||||
- ansible_pkg_mgr in ['apt', 'zypper']
|
||||
notify:
|
||||
- Manage LB
|
||||
- Restart web server
|
||||
|
||||
## NOTE(andymccr):
|
||||
@ -54,6 +55,7 @@
|
||||
when:
|
||||
- ansible_pkg_mgr in ['yum', 'dnf']
|
||||
notify:
|
||||
- Manage LB
|
||||
- Restart web server
|
||||
|
||||
- name: Drop apache2 config files
|
||||
@ -64,6 +66,7 @@
|
||||
group: "root"
|
||||
with_items: "{{ keystone_apache_configs }}"
|
||||
notify:
|
||||
- Manage LB
|
||||
- Restart web server
|
||||
|
||||
- name: Disable default apache site
|
||||
@ -72,6 +75,7 @@
|
||||
state: "absent"
|
||||
with_items: "{{ keystone_apache_default_sites }}"
|
||||
notify:
|
||||
- Manage LB
|
||||
- Restart web server
|
||||
|
||||
- name: Enabled keystone vhost
|
||||
@ -83,6 +87,7 @@
|
||||
- keystone_apache_site_available is defined
|
||||
- keystone_apache_site_enabled is defined
|
||||
notify:
|
||||
- Manage LB
|
||||
- Restart web server
|
||||
|
||||
- name: Ensure Apache ServerName
|
||||
@ -90,6 +95,7 @@
|
||||
dest: "{{ keystone_apache_conf }}"
|
||||
line: "ServerName {{ ansible_hostname }}"
|
||||
notify:
|
||||
- Manage LB
|
||||
- Restart web server
|
||||
|
||||
- name: Ensure Apache ServerTokens
|
||||
@ -98,6 +104,7 @@
|
||||
regexp: '^ServerTokens'
|
||||
line: "ServerTokens {{ keystone_apache_servertokens }}"
|
||||
notify:
|
||||
- Manage LB
|
||||
- Restart web server
|
||||
|
||||
- name: Ensure Apache ServerSignature
|
||||
@ -106,6 +113,7 @@
|
||||
regexp: '^ServerSignature'
|
||||
line: "ServerSignature {{ keystone_apache_serversignature }}"
|
||||
notify:
|
||||
- Manage LB
|
||||
- Restart web server
|
||||
|
||||
- name: Remove Listen from Apache config
|
||||
@ -115,4 +123,5 @@
|
||||
backrefs: yes
|
||||
line: '#\1'
|
||||
notify:
|
||||
- Manage LB
|
||||
- Restart web server
|
||||
|
||||
@ -64,6 +64,7 @@
|
||||
- "'systemd could not find' not in _stop.msg"
|
||||
- "'Could not find the requested service' not in _stop.msg"
|
||||
notify:
|
||||
- Manage LB
|
||||
- Restart uWSGI
|
||||
|
||||
- name: Perform a Keystone DB sync expand
|
||||
|
||||
@ -33,6 +33,7 @@
|
||||
changed_when: false
|
||||
when: inventory_hostname == groups['keystone_all'][0]
|
||||
notify:
|
||||
- Manage LB
|
||||
- Restart web server
|
||||
- Restart Shibd
|
||||
|
||||
@ -65,6 +66,7 @@
|
||||
mode: "0640"
|
||||
when: inventory_hostname != groups['keystone_all'][0]
|
||||
notify:
|
||||
- Manage LB
|
||||
- Restart web server
|
||||
- Restart Shibd
|
||||
|
||||
@ -77,6 +79,7 @@
|
||||
mode: "0640"
|
||||
when: inventory_hostname != groups['keystone_all'][0]
|
||||
notify:
|
||||
- Manage LB
|
||||
- Restart web server
|
||||
- Restart Shibd
|
||||
|
||||
@ -90,5 +93,6 @@
|
||||
- "/etc/shibboleth/sp-key.pem"
|
||||
when: inventory_hostname != groups['keystone_all'][0]
|
||||
notify:
|
||||
- Manage LB
|
||||
- Restart web server
|
||||
- Restart Shibd
|
||||
|
||||
@ -20,4 +20,5 @@
|
||||
become_user: "{{ keystone_system_user_name }}"
|
||||
when: keystone_idp != {}
|
||||
notify:
|
||||
- Manage LB
|
||||
- Restart uWSGI
|
||||
|
||||
@ -33,6 +33,7 @@
|
||||
when: >
|
||||
inventory_hostname == groups['keystone_all'][0]
|
||||
notify:
|
||||
- Manage LB
|
||||
- Restart web server
|
||||
|
||||
- name: Set appropriate file ownership on the IdP self-signed cert
|
||||
|
||||
@ -30,6 +30,7 @@
|
||||
retries: 5
|
||||
delay: 2
|
||||
notify:
|
||||
- Manage LB
|
||||
- Restart web server
|
||||
|
||||
- name: Set appropriate file ownership on the IdP self-signed cert
|
||||
|
||||
@ -39,6 +39,7 @@
|
||||
owner: "root"
|
||||
group: "root"
|
||||
notify:
|
||||
- Manage LB
|
||||
- Restart uWSGI
|
||||
- Restart web server
|
||||
|
||||
@ -53,5 +54,6 @@
|
||||
config_type: "ini"
|
||||
with_items: "{{ keystone_wsgi_program_names }}"
|
||||
notify:
|
||||
- Manage LB
|
||||
- Restart uWSGI
|
||||
- Restart web server
|
||||
|
||||
@ -78,6 +78,7 @@
|
||||
retries: 5
|
||||
delay: 2
|
||||
notify:
|
||||
- Manage LB
|
||||
- Restart web server
|
||||
|
||||
- name: Create developer mode constraint file
|
||||
@ -137,6 +138,7 @@
|
||||
copy: "no"
|
||||
when: keystone_get_venv | changed
|
||||
notify:
|
||||
- Manage LB
|
||||
- Restart uWSGI
|
||||
- Restart web server
|
||||
|
||||
@ -156,6 +158,7 @@
|
||||
delay: 2
|
||||
when: keystone_get_venv | failed or keystone_get_venv | skipped
|
||||
notify:
|
||||
- Manage LB
|
||||
- Restart uWSGI
|
||||
- Restart web server
|
||||
|
||||
@ -184,6 +187,7 @@
|
||||
- src: "{{ keystone_bin }}/keystone-wsgi-public"
|
||||
dest: main
|
||||
notify:
|
||||
- Manage LB
|
||||
- Restart web server
|
||||
|
||||
- name: Initialise the upgrade facts
|
||||
|
||||
@ -35,6 +35,7 @@
|
||||
mode: "0640"
|
||||
with_dict: "{{ keystone_ldap }}"
|
||||
notify:
|
||||
- Manage LB
|
||||
- Restart uWSGI
|
||||
- Restart web server
|
||||
|
||||
@ -47,5 +48,6 @@
|
||||
state: absent
|
||||
when: keystone_ldap.Default is not defined
|
||||
notify:
|
||||
- Manage LB
|
||||
- Restart uWSGI
|
||||
- Restart web server
|
||||
|
||||
@ -24,6 +24,7 @@
|
||||
path: /etc/nginx/sites-enabled/default
|
||||
state: absent
|
||||
notify:
|
||||
- Manage LB
|
||||
- Restart web server
|
||||
|
||||
- name: Configure custom nginx log format
|
||||
@ -34,6 +35,7 @@
|
||||
dest: "/etc/nginx/nginx.conf"
|
||||
line: "log_format custom '{{ keystone_nginx_access_log_format_combined }} {{ keystone_nginx_access_log_format_extras }}';"
|
||||
notify:
|
||||
- Manage LB
|
||||
- Restart web server
|
||||
|
||||
- name: Ensure configuration directory exists
|
||||
@ -48,6 +50,7 @@
|
||||
dest: "/etc/nginx/{{ keystone_nginx_conf_path }}/{{ item }}.conf"
|
||||
with_items: "{{ keystone_wsgi_program_names }}"
|
||||
notify:
|
||||
- Manage LB
|
||||
- Restart web server
|
||||
|
||||
- name: Link to enable virtual hosts
|
||||
@ -58,4 +61,5 @@
|
||||
with_items: "{{ keystone_wsgi_program_names }}"
|
||||
when: ansible_os_family == "Debian"
|
||||
notify:
|
||||
- Manage LB
|
||||
- Restart web server
|
||||
|
||||
@ -54,6 +54,7 @@
|
||||
config_type: "json"
|
||||
content: "{{ keystone_policy_user_content | default('{}', true) }}"
|
||||
notify:
|
||||
- Manage LB
|
||||
- Restart uWSGI
|
||||
- Restart web server
|
||||
|
||||
@ -67,6 +68,7 @@
|
||||
when:
|
||||
- keystone_idp != {}
|
||||
notify:
|
||||
- Manage LB
|
||||
- Restart uWSGI
|
||||
- Restart web server
|
||||
|
||||
@ -77,5 +79,6 @@
|
||||
when:
|
||||
- keystone_idp == {}
|
||||
notify:
|
||||
- Manage LB
|
||||
- Restart uWSGI
|
||||
- Restart web server
|
||||
|
||||
@ -29,6 +29,7 @@
|
||||
-extensions v3_ca
|
||||
creates={{ keystone_ssl_cert }}
|
||||
notify:
|
||||
- Manage LB
|
||||
- Restart web server
|
||||
|
||||
- name: Ensure keystone user owns the self-signed key and certificate
|
||||
@ -41,4 +42,5 @@
|
||||
- "{{ keystone_ssl_key }}"
|
||||
- "{{ keystone_ssl_cert }}"
|
||||
notify:
|
||||
- Manage LB
|
||||
- Restart web server
|
||||
|
||||
@ -21,6 +21,7 @@
|
||||
group: "{{ keystone_system_group_name }}"
|
||||
mode: "0640"
|
||||
notify:
|
||||
- Manage LB
|
||||
- Restart web server
|
||||
|
||||
- name: Distribute self signed ssl cert
|
||||
@ -31,6 +32,7 @@
|
||||
group: "{{ keystone_system_group_name }}"
|
||||
mode: "0640"
|
||||
notify:
|
||||
- Manage LB
|
||||
- Restart web server
|
||||
|
||||
- name: Ensure keystone user owns the self-signed key and certificate
|
||||
@ -42,4 +44,5 @@
|
||||
- "{{ keystone_ssl_key }}"
|
||||
- "{{ keystone_ssl_cert }}"
|
||||
notify:
|
||||
- Manage LB
|
||||
- Restart web server
|
||||
|
||||
@ -22,6 +22,7 @@
|
||||
mode: "0644"
|
||||
when: keystone_user_ssl_cert is defined
|
||||
notify:
|
||||
- Manage LB
|
||||
- Restart web server
|
||||
|
||||
- name: Drop user provided ssl key
|
||||
@ -33,6 +34,7 @@
|
||||
mode: "0640"
|
||||
when: keystone_user_ssl_key is defined
|
||||
notify:
|
||||
- Manage LB
|
||||
- Restart web server
|
||||
|
||||
- name: Drop user provided ssl CA cert
|
||||
@ -44,4 +46,5 @@
|
||||
mode: "0644"
|
||||
when: keystone_user_ssl_ca_cert is defined
|
||||
notify:
|
||||
- Manage LB
|
||||
- Restart web server
|
||||
|
||||
@ -27,6 +27,7 @@
|
||||
config_type: ini
|
||||
with_items: "{{ keystone_wsgi_program_names }}"
|
||||
notify:
|
||||
- Manage LB
|
||||
- Restart uWSGI
|
||||
|
||||
- include: "keystone_init_{{ ansible_service_mgr }}.yml"
|
||||
|
||||
Loading…
Reference in New Issue
Block a user