Fix updating amphora images

The octavia_amp_image.yml playbook is not idempotent because it is
missing some conditional logic and uses an incorrect result variable
name for the `os_image_facts` module (albeit following the module
documentation).

This change also updates the use of the `id` key to the required
`name` key in the `os_image` module.

Also, the fact get and image deletion need to be done by the service
account, not the cloud admin account.

Finally, these tasks all have the same conditional, so we put them
all into a block.

Change-Id: I52e111fffe9a60c879c967c94a895ae272d98fcd
This commit is contained in:
Nicolas Bock 2018-10-17 10:51:04 -06:00 committed by Jesse Pretorius (odyssey4me)
parent d699d4e6f4
commit 08f1a28085
1 changed files with 53 additions and 41 deletions

View File

@ -43,47 +43,59 @@
when:
- octavia_download_artefact | bool
- name: Get current image id
os_image_facts:
cloud: default
region_name: "{{ octavia_service_region }}"
image: amphora-x64-haproxy
interface: admin
verify: "{{ not keystone_service_adminuri_insecure }}"
register: get_image_facts
until: get_image_facts is success
retries: 5
delay: 10
when:
- octavia_download_result | changed
# This uses command since os_image doesn't support tags.
# TODO(odyssey4me):
# Add tag capability to os_image module and replace this.
- name: Upload new image to glance
command: >-
openstack image create
--os-cloud default
--file {{ octavia_download_result.dest }}
--disk-format qcow2
--tag {{ octavia_glance_image_tag }}
--private
--project service
amphora-x64-haproxy
- name: Replace existing image with new one
when:
- octavia_download_result | changed
block:
- name: Get current image id
os_image_facts:
auth:
auth_url: "{{ keystone_service_adminurl }}"
username: "{{ octavia_service_user_name }}"
password: "{{ octavia_service_password }}"
project_name: "{{ octavia_service_project_name }}"
user_domain_name: "{{ octavia_service_user_domain_id }}"
project_domain_name: "{{ octavia_service_project_domain_id }}"
region_name: "{{ octavia_service_region }}"
image: amphora-x64-haproxy
interface: admin
verify: "{{ not keystone_service_adminuri_insecure }}"
register: get_image_facts
until: get_image_facts is success
retries: 5
delay: 10
- name: Delete old image from glance
os_image:
cloud: default
state: absent
region_name: "{{ octavia_service_region }}"
id: "{{ openstack.id }}"
interface: admin
verify: "{{ not keystone_service_adminuri_insecure }}"
register: remove_old_image
until: remove_old_image is success
retries: 5
delay: 10
when:
- openstack is defined # result from os_image_facts
# This uses command since os_image doesn't support tags.
# TODO(odyssey4me):
# Add tag capability to os_image module and replace this.
- name: Upload new image to glance
command: >-
openstack image create
--os-cloud default
--file {{ octavia_download_result.dest }}
--disk-format qcow2
--tag {{ octavia_glance_image_tag }}
--private
--project service
amphora-x64-haproxy
- name: Delete old image from glance
os_image:
auth:
auth_url: "{{ keystone_service_adminurl }}"
username: "{{ octavia_service_user_name }}"
password: "{{ octavia_service_password }}"
project_name: "{{ octavia_service_project_name }}"
user_domain_name: "{{ octavia_service_user_domain_id }}"
project_domain_name: "{{ octavia_service_project_domain_id }}"
state: absent
region_name: "{{ octavia_service_region }}"
name: "{{ openstack_image.id }}"
interface: admin
verify: "{{ not keystone_service_adminuri_insecure }}"
register: remove_old_image
until: remove_old_image is success
retries: 5
delay: 10
when:
- openstack_image.id is defined