9c4ff72a6c
With ansible-core 2.16 a breaking changes landed [1] to some filters making their result returned in arbitrary order. With that, we were relying on them to always return exactly same ordered lists. With that we need to ensure that we still have determenistic behaviour where this is important. [1] https://github.com/ansible/ansible/issues/82554 Depends-On: https://review.opendev.org/c/openstack/openstack-ansible/+/927841 Change-Id: I9b0c090d69bd9a86da9f8d877a4c561b22f8a028
214 lines
7.3 KiB
YAML
214 lines
7.3 KiB
YAML
---
|
|
# Copyright 2018, Rackspace US, Inc.
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
# you may not use this file except in compliance with the License.
|
|
# You may obtain a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
# See the License for the specific language governing permissions and
|
|
# limitations under the License.
|
|
|
|
- name: Gather variables for each operating system
|
|
include_vars: "{{ lookup('first_found', params) }}"
|
|
vars:
|
|
params:
|
|
files:
|
|
- "{{ ansible_facts['distribution'] | lower }}-{{ ansible_facts['distribution_version'] | lower }}.yml"
|
|
- "{{ ansible_facts['distribution'] | lower }}-{{ ansible_facts['distribution_major_version'] | lower }}.yml"
|
|
- "{{ ansible_facts['os_family'] | lower }}-{{ ansible_facts['distribution_major_version'] | lower }}.yml"
|
|
- "{{ ansible_facts['distribution'] | lower }}.yml"
|
|
- "{{ ansible_facts['os_family'] | lower }}-{{ ansible_facts['distribution_version'].split('.')[0] }}.yml"
|
|
- "{{ ansible_facts['os_family'] | lower }}.yml"
|
|
paths:
|
|
- "{{ role_path }}/vars"
|
|
tags:
|
|
- always
|
|
|
|
- name: Importing zun_pre_install tasks
|
|
import_tasks: zun_pre_install.yml
|
|
tags:
|
|
- zun-install
|
|
|
|
- name: Create and install SSL certificates
|
|
include_role:
|
|
name: pki
|
|
tasks_from: main_certs.yml
|
|
apply:
|
|
tags:
|
|
- zun-config
|
|
- pki
|
|
vars:
|
|
pki_setup_host: "{{ zun_pki_setup_host }}"
|
|
pki_dir: "{{ zun_pki_dir }}"
|
|
pki_create_certificates: "{{ zun_user_ssl_cert is not defined and zun_user_ssl_key is not defined }}"
|
|
pki_regen_cert: "{{ zun_pki_regen_cert }}"
|
|
pki_certificates: "{{ zun_pki_certificates }}"
|
|
pki_install_certificates: "{{ zun_pki_install_certificates }}"
|
|
when:
|
|
- zun_backend_ssl
|
|
tags:
|
|
- always
|
|
|
|
# NOTE(jrosser)
|
|
# kuryr-lib appears in u-c and the new pip resolver will fail to install
|
|
# if two contradictory constraints are given which will always happen
|
|
# with a source install and wheels built on the repo server. We must
|
|
# filter kuryr-lib out of u-c.
|
|
- name: Retrieve the constraints URL
|
|
uri:
|
|
url: "{{ zun_upper_constraints_url }}"
|
|
return_content: yes
|
|
register: _u_c_contents
|
|
|
|
- name: Install the python venv
|
|
import_role:
|
|
name: "python_venv_build"
|
|
vars:
|
|
venv_python_executable: "{{ zun_venv_python_executable }}"
|
|
venv_build_constraints: "{{ _u_c_contents.content.split('\n') | reject('match', '^kuryr-lib=') | list }}"
|
|
venv_install_destination_path: "{{ zun_bin | dirname }}"
|
|
venv_install_distro_package_list: "{{ zun_distro_packages }}"
|
|
venv_pip_install_args: "{{ zun_pip_install_args }}"
|
|
venv_pip_packages: "{{ zun_pip_packages | union((zun_oslomsg_amqp1_enabled | bool) | ternary(zun_optional_oslomsg_amqp1_pip_packages, [])) }}"
|
|
venv_facts_when_changed:
|
|
- section: "zun"
|
|
option: "venv_tag"
|
|
value: "{{ zun_venv_tag }}"
|
|
tags:
|
|
- zun-install
|
|
|
|
- name: Including osa.mq_setup role
|
|
include_role:
|
|
name: openstack.osa.mq_setup
|
|
apply:
|
|
tags:
|
|
- common-mq
|
|
- zun-config
|
|
when:
|
|
- _zun_is_first_play_host
|
|
vars:
|
|
_oslomsg_rpc_setup_host: "{{ zun_oslomsg_rpc_setup_host }}"
|
|
_oslomsg_rpc_userid: "{{ zun_oslomsg_rpc_userid }}"
|
|
_oslomsg_rpc_password: "{{ zun_oslomsg_rpc_password }}"
|
|
_oslomsg_rpc_vhost: "{{ zun_oslomsg_rpc_vhost }}"
|
|
_oslomsg_rpc_transport: "{{ zun_oslomsg_rpc_transport }}"
|
|
_oslomsg_rpc_policies: "{{ zun_oslomsg_rpc_policies }}"
|
|
_oslomsg_notify_setup_host: "{{ zun_oslomsg_notify_setup_host }}"
|
|
_oslomsg_notify_userid: "{{ zun_oslomsg_notify_userid }}"
|
|
_oslomsg_notify_password: "{{ zun_oslomsg_notify_password }}"
|
|
_oslomsg_notify_vhost: "{{ zun_oslomsg_notify_vhost }}"
|
|
_oslomsg_notify_transport: "{{ zun_oslomsg_notify_transport }}"
|
|
_oslomsg_configure_notify: "{{ (zun_ceilometer_enabled | bool) or (zun_designate_enabled | bool) }}"
|
|
_oslomsg_notify_policies: "{{ zun_oslomsg_notify_policies }}"
|
|
_oslomsg_notify_configure: "{{ zun_oslomsg_notify_configure }}"
|
|
tags:
|
|
- always
|
|
|
|
- name: Including osa.db_setup role
|
|
include_role:
|
|
name: openstack.osa.db_setup
|
|
apply:
|
|
tags:
|
|
- common-db
|
|
- zun-config
|
|
vars:
|
|
_oslodb_setup_host: "{{ zun_db_setup_host }}"
|
|
_oslodb_ansible_python_interpreter: "{{ zun_db_setup_python_interpreter }}"
|
|
_oslodb_setup_endpoint: "{{ zun_galera_address }}"
|
|
_oslodb_setup_port: "{{ zun_galera_port }}"
|
|
_oslodb_databases:
|
|
- name: "{{ zun_galera_database }}"
|
|
users:
|
|
- username: "{{ zun_galera_user }}"
|
|
password: "{{ zun_galera_password }}"
|
|
when:
|
|
- _zun_is_first_play_host
|
|
tags:
|
|
- always
|
|
|
|
- name: Including osa.service_setup role
|
|
include_role:
|
|
name: openstack.osa.service_setup
|
|
apply:
|
|
tags:
|
|
- common-service
|
|
- zun-config
|
|
vars:
|
|
_service_adminuri_insecure: "{{ keystone_service_adminuri_insecure }}"
|
|
_service_in_ldap: "{{ zun_service_in_ldap }}"
|
|
_service_setup_host: "{{ zun_service_setup_host }}"
|
|
_service_setup_host_python_interpreter: "{{ zun_service_setup_host_python_interpreter }}"
|
|
_service_project_name: "{{ zun_service_project_name }}"
|
|
_service_region: "{{ zun_service_region }}"
|
|
_service_users:
|
|
- name: "{{ zun_service_user_name }}"
|
|
password: "{{ zun_service_password }}"
|
|
role: "{{ zun_service_role_names }}"
|
|
- name: "{{ zun_kuryr_service_username }}"
|
|
password: "{{ zun_kuryr_service_password }}"
|
|
role: "{{ zun_service_role_names }}"
|
|
_service_endpoints:
|
|
- service: "{{ zun_service_name }}"
|
|
interface: "public"
|
|
url: "{{ zun_service_publicurl }}"
|
|
- service: "{{ zun_service_name }}"
|
|
interface: "internal"
|
|
url: "{{ zun_service_internalurl }}"
|
|
- service: "{{ zun_service_name }}"
|
|
interface: "admin"
|
|
url: "{{ zun_service_adminurl }}"
|
|
_service_catalog:
|
|
- name: "{{ zun_service_name }}"
|
|
type: "{{ zun_service_type }}"
|
|
description: "{{ zun_service_description }}"
|
|
when:
|
|
- _zun_is_first_play_host
|
|
tags:
|
|
- always
|
|
|
|
- name: Importing zun_post_install tasks
|
|
import_tasks: zun_compute.yml
|
|
when:
|
|
- "zun_services['zun-compute']['group'] in group_names"
|
|
tags:
|
|
- zun-compute
|
|
|
|
- name: Importing zun_post_install tasks
|
|
import_tasks: zun_post_install.yml
|
|
tags:
|
|
- zun-config
|
|
- post-install
|
|
|
|
- name: Import uwsgi role
|
|
import_role:
|
|
name: uwsgi
|
|
vars:
|
|
uwsgi_services: "{{ uwsgi_zun_services }}"
|
|
uwsgi_install_method: "source"
|
|
tags:
|
|
- zun-config
|
|
- uwsgi
|
|
|
|
- name: Run the systemd service role
|
|
import_role:
|
|
name: systemd_service
|
|
vars:
|
|
systemd_user_name: "{{ zun_system_user_name }}"
|
|
systemd_group_name: "{{ zun_system_group_name }}"
|
|
systemd_tempd_prefix: openstack
|
|
systemd_slice_name: "{{ zun_system_slice_name }}"
|
|
systemd_lock_dir: "{{ zun_lock_dir }}"
|
|
systemd_service_cpu_accounting: true
|
|
systemd_service_block_io_accounting: true
|
|
systemd_service_memory_accounting: true
|
|
systemd_service_tasks_accounting: true
|
|
systemd_services: "{{ filtered_zun_services }}"
|
|
tags:
|
|
- zun-config
|
|
- systemd-service
|