From b78e8a68ea9f20e1220847ccae8e73604ee50ab7 Mon Sep 17 00:00:00 2001 From: Dmitriy Rabotyagov Date: Sun, 11 Feb 2024 17:36:15 +0100 Subject: [PATCH] Evaluate my_ip address once Instead of evaluating same condition of my_ip in multiple places across the role this patch suggests doing this once in vars and using the resulting variable afterwards. This not only reduce amount of evaluations made throughout the role runtime, but also solves possible corner cases where some syntax may go off. Closes-Bug: #2052884 Change-Id: I454b53713ecacf844ac14f77b6d1e1adc1322c0e --- defaults/main.yml | 11 +++++------ templates/nova.conf.j2 | 10 +++++----- vars/main.yml | 2 ++ 3 files changed, 12 insertions(+), 11 deletions(-) diff --git a/defaults/main.yml b/defaults/main.yml index e2d4b458..e8d24a16 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -264,8 +264,8 @@ nova_novncproxy_port: 6080 nova_novncproxy_host: "{{ openstack_service_bind_address | default('0.0.0.0') }}" nova_novncproxy_base_uri: "{{ nova_novncproxy_proto }}://{{ external_lb_vip_address }}:{{ nova_novncproxy_port }}" nova_novncproxy_base_url: "{{ nova_novncproxy_base_uri }}/vnc_lite.html" -nova_novncproxy_vncserver_proxyclient_address: "{{ (nova_management_address == 'localhost') | ternary('127.0.0.1', nova_management_address) }}" -nova_novncproxy_vncserver_listen: "{{ (nova_management_address == 'localhost') | ternary('127.0.0.1', nova_management_address) }}" +nova_novncproxy_vncserver_proxyclient_address: "{{ _nova_my_ip }}" +nova_novncproxy_vncserver_listen: "{{ _nova_my_ip }}" nova_novncproxy_git_repo: "{{ novncproxy_git_repo | default('https://github.com/novnc/noVNC') }}" nova_novncproxy_git_install_branch: "{{ novncproxy_git_install_branch | default('master') }}" @@ -304,7 +304,7 @@ nova_libvirt_inject_partition: -2 nova_libvirt_inject_password: False nova_libvirt_disk_cachemodes: '{{ (nova_libvirt_images_rbd_pool | length > 0) | ternary("network=writeback", "") }}' nova_libvirt_hw_disk_discard: '{{ (nova_libvirt_images_rbd_pool | length > 0) | ternary("unmap", "ignore") }}' -nova_libvirt_live_migration_inbound_addr: '{{ (nova_management_address == "localhost") | ternary("127.0.0.1", nova_management_address) }}' +nova_libvirt_live_migration_inbound_addr: '{{ _nova_my_ip }}' ## Nova console # Set the console type for the compute host. Presently the only options are ["spice", "novnc", "serialconsole", "disabled"]. @@ -628,9 +628,8 @@ nova_pki_regen_cert: '' nova_pki_san: "{{ openstack_pki_san | default('DNS:' ~ ansible_facts['hostname'] ~ ',IP:' ~ management_address) }}" nova_pki_compute_san: >- {{ - 'DNS:' ~ ansible_facts['hostname'] ~ ',DNS:' ~ ansible_facts['nodename'] ~ ',IP:' ~ (nova_management_address == 'localhost') | ternary( - '127.0.0.1', nova_management_address) ~ (nova_libvirt_live_migration_inbound_addr != nova_management_address) |ternary( - ',IP:' ~ nova_libvirt_live_migration_inbound_addr, '') + 'DNS:' ~ ansible_facts['hostname'] ~ ',DNS:' ~ ansible_facts['nodename'] ~ ',IP:' ~ _nova_my_ip ~ ( + nova_libvirt_live_migration_inbound_addr != nova_management_address) |ternary(',IP:' ~ nova_libvirt_live_migration_inbound_addr, '') }} # Create client and server cert for compute hosts # This certiticate is used to secure TLS live migrations and VNC sessions diff --git a/templates/nova.conf.j2 b/templates/nova.conf.j2 index f5c838b5..f0be649e 100644 --- a/templates/nova.conf.j2 +++ b/templates/nova.conf.j2 @@ -33,7 +33,7 @@ enabled_apis = {{ nova_enabled_apis }} transport_url = {{ nova_oslomsg_rpc_transport }}://{% for host in nova_oslomsg_rpc_servers.split(',') %}{{ nova_oslomsg_rpc_userid }}:{{ nova_oslomsg_rpc_password }}@{{ host }}:{{ nova_oslomsg_rpc_port }}{% if not loop.last %},{% else %}/{{ _nova_oslomsg_rpc_vhost_conf }}{% if nova_oslomsg_rpc_use_ssl | bool %}?ssl=1&ssl_version={{ nova_oslomsg_rpc_ssl_version }}&ssl_ca_file={{ nova_oslomsg_rpc_ssl_ca_file }}{% else %}?ssl=0{% endif %}{% endif %}{% endfor %} # Network -my_ip = {% if nova_management_address == 'localhost' %}127.0.0.1{% else %}{{ nova_management_address }}{% endif %} +my_ip = {{ _nova_my_ip }} # Hypervisor default_ephemeral_format = ext4 @@ -88,9 +88,9 @@ agent_enabled = {{ nova_spice_console_agent_enabled }} enabled = {{ (nova_console_type == 'spice') | ternary(True, False) }} {% if 'spice' in nova_console_proxy_types %} html5proxy_base_url = {{ nova_spice_html5proxy_base_url }} -html5proxy_host = {% if nova_management_address == 'localhost' %}127.0.0.1{% else %}{{ nova_management_address }}{% endif %} -server_listen = {% if nova_management_address == 'localhost' %}127.0.0.1{% else %}{{ nova_management_address }}{% endif %} -server_proxyclient_address = {% if nova_management_address == 'localhost' %}127.0.0.1{% else %}{{ nova_management_address }}{% endif %} +html5proxy_host = {{ _nova_my_ip }} +server_listen = {{ _nova_my_ip }} +server_proxyclient_address = {{ _nova_my_ip }} {% endif %} [vnc] @@ -114,7 +114,7 @@ vencrypt_ca_certs={{ nova_vencrypt_ca_certs }} enabled = {{ (nova_console_type == 'serialconsole') | ternary(True, False) }} {% if 'serialconsole' in nova_console_proxy_types %} base_url= {{ nova_serialconsoleproxy_base_url }} -proxyclient_address = {% if nova_management_address == 'localhost' +%}127.0.0.1{% else +%}{{ nova_management_address }}{% endif +%} +proxyclient_address = {{ _nova_my_ip }} port_range = {{ nova_serialconsoleproxy_port_range }} serialproxy_host= {{ nova_serialconsoleproxy_serialconsole_proxyserver_proxyclient_address }} serialproxy_port= {{ nova_serialconsoleproxy_port }} diff --git a/vars/main.yml b/vars/main.yml index 70b54699..1eaf9ca7 100644 --- a/vars/main.yml +++ b/vars/main.yml @@ -135,6 +135,8 @@ nova_core_files: group: "{{ nova_system_group_name }}" mode: "0640" +_nova_my_ip: "{{ (nova_management_address == 'localhost') | ternary('127.0.0.1', nova_management_address) }}" + _nova_scheduler_filters: |- {% set default_filters = nova_scheduler_default_filters %} {% if default_filters is not iterable and default_filters is string %}