openstack/openstack-ansible-os_keystone
Code Issues Proposed changes
Files
b9e799bb50ac73840ee3ca618a6483e2bf93ac92
openstack-ansible-os_keystone/tasks/main.yml
Jean-Philippe Evrard b9e799bb50 Force a restart of all the apache nodes during upgrade 
During the upgrades, the venv path will change and therefore the
apache configuration file will change too.

However we apply the restart of apache after the keystone_service_setup
for nodes [1:] (the first node gets restarted as first task of the
keystone_service_setup).

So during an upgrade, because apache is up, the configuration file has
changed but apache still serves the old code (because not restarted yet
on the nodes 1 and above) when the keystone_service_setup is applied.

The keystone module can then hit any node in the load balancer, which
could be a different version.

This commit fixes the issue by ensuring apache is restarted and
therefore runs the latest code.

Change-Id: Iac94a8fc337c2139d1876b9753e46815910a0ba0
Signed-off-by: Jean-Philippe Evrard <jean-philippe.evrard@rackspace.co.uk>
(cherry picked from commit 4f30d3a33c)
2016-08-18 18:28:33 +00:00

126 lines
3.1 KiB
YAML
Raw Blame History

---
# Copyright 2014, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Fail if our required secrets are not present
fail:
msg: "Please set the {{ item }} variable prior to applying this role."
when: (item is undefined) or (item is none)
with_items: "{{ keystone_required_secrets }}"
tags:
- always
- name: Gather variables for each operating system
include_vars: "{{ item }}"
with_first_found:
- "{{ ansible_distribution | lower }}-{{ ansible_distribution_version | lower }}.yml"
- "{{ ansible_distribution | lower }}-{{ ansible_distribution_major_version | lower }}.yml"
- "{{ ansible_os_family | lower }}-{{ ansible_distribution_major_version | lower }}.yml"
- "{{ ansible_distribution | lower }}.yml"
- "{{ ansible_os_family | lower }}.yml"
tags:
- always
- include: keystone_pre_install.yml
tags:
- keystone-install
- include: keystone_install.yml
tags:
- keystone-install
- include: keystone_post_install.yml
tags:
- keystone-install
- keystone-config
- include: keystone_key_setup.yml
tags:
- keystone-install
- include: keystone_fernet.yml
tags:
- keystone-install
- keystone-config
when:
- "'fernet' in keystone_token_provider"
- keystone_service_setup | bool
- include: keystone_federation_sp_setup.yml
tags:
- keystone-install
- keystone-config
when:
- keystone_sp != {}
- include: keystone_db_setup.yml
tags:
- keystone-install
when:
- keystone_database_enabled | bool
- inventory_hostname == groups['keystone_all'][0]
- include: keystone_token_cleanup.yml
tags:
- keystone-install
when:
- "'sql' in keystone_token_driver"
- include: keystone_ssl.yml
tags:
- keystone-install
- keystone-config
- include: keystone_apache.yml
tags:
- keystone-install
- keystone-config
- name: Flush handlers
meta: flush_handlers
- include: keystone_service_setup.yml
tags:
- keystone-install
- keystone-config
when:
- keystone_service_setup | bool
- inventory_hostname == groups['keystone_all'][0]
- include: keystone_ldap_setup.yml
when:
- keystone_service_setup | bool
tags:
- keystone-install
- keystone-config
- include: keystone_federation_sp_idp_setup.yml
tags:
- keystone-install
- keystone-config
when:
- keystone_service_setup | bool
- keystone_sp != {}
- inventory_hostname == groups['keystone_all'][0]
- name: Flush handlers
meta: flush_handlers
- include: keystone_idp_setup.yml
tags:
- keystone-install
- keystone-config
when:
- keystone_idp != {}
View Git Blame Copy Permalink