openstack-ansible-os_zun/tasks/main.yml
Dmitriy Rabotyagov 9c4ff72a6c Ensure that first/last host detection is deterministic
With ansible-core 2.16 a breaking changes landed [1] to some filters
making their result returned in arbitrary order. With that, we were
relying on them to always return exactly same ordered lists.

With that we need to ensure that we still have determenistic behaviour
where this is important.

[1] https://github.com/ansible/ansible/issues/82554

Depends-On: https://review.opendev.org/c/openstack/openstack-ansible/+/927841
Change-Id: I9b0c090d69bd9a86da9f8d877a4c561b22f8a028
2024-10-02 15:26:17 +00:00

214 lines
7.3 KiB
YAML

---
# Copyright 2018, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Gather variables for each operating system
include_vars: "{{ lookup('first_found', params) }}"
vars:
params:
files:
- "{{ ansible_facts['distribution'] | lower }}-{{ ansible_facts['distribution_version'] | lower }}.yml"
- "{{ ansible_facts['distribution'] | lower }}-{{ ansible_facts['distribution_major_version'] | lower }}.yml"
- "{{ ansible_facts['os_family'] | lower }}-{{ ansible_facts['distribution_major_version'] | lower }}.yml"
- "{{ ansible_facts['distribution'] | lower }}.yml"
- "{{ ansible_facts['os_family'] | lower }}-{{ ansible_facts['distribution_version'].split('.')[0] }}.yml"
- "{{ ansible_facts['os_family'] | lower }}.yml"
paths:
- "{{ role_path }}/vars"
tags:
- always
- name: Importing zun_pre_install tasks
import_tasks: zun_pre_install.yml
tags:
- zun-install
- name: Create and install SSL certificates
include_role:
name: pki
tasks_from: main_certs.yml
apply:
tags:
- zun-config
- pki
vars:
pki_setup_host: "{{ zun_pki_setup_host }}"
pki_dir: "{{ zun_pki_dir }}"
pki_create_certificates: "{{ zun_user_ssl_cert is not defined and zun_user_ssl_key is not defined }}"
pki_regen_cert: "{{ zun_pki_regen_cert }}"
pki_certificates: "{{ zun_pki_certificates }}"
pki_install_certificates: "{{ zun_pki_install_certificates }}"
when:
- zun_backend_ssl
tags:
- always
# NOTE(jrosser)
# kuryr-lib appears in u-c and the new pip resolver will fail to install
# if two contradictory constraints are given which will always happen
# with a source install and wheels built on the repo server. We must
# filter kuryr-lib out of u-c.
- name: Retrieve the constraints URL
uri:
url: "{{ zun_upper_constraints_url }}"
return_content: yes
register: _u_c_contents
- name: Install the python venv
import_role:
name: "python_venv_build"
vars:
venv_python_executable: "{{ zun_venv_python_executable }}"
venv_build_constraints: "{{ _u_c_contents.content.split('\n') | reject('match', '^kuryr-lib=') | list }}"
venv_install_destination_path: "{{ zun_bin | dirname }}"
venv_install_distro_package_list: "{{ zun_distro_packages }}"
venv_pip_install_args: "{{ zun_pip_install_args }}"
venv_pip_packages: "{{ zun_pip_packages | union((zun_oslomsg_amqp1_enabled | bool) | ternary(zun_optional_oslomsg_amqp1_pip_packages, [])) }}"
venv_facts_when_changed:
- section: "zun"
option: "venv_tag"
value: "{{ zun_venv_tag }}"
tags:
- zun-install
- name: Including osa.mq_setup role
include_role:
name: openstack.osa.mq_setup
apply:
tags:
- common-mq
- zun-config
when:
- _zun_is_first_play_host
vars:
_oslomsg_rpc_setup_host: "{{ zun_oslomsg_rpc_setup_host }}"
_oslomsg_rpc_userid: "{{ zun_oslomsg_rpc_userid }}"
_oslomsg_rpc_password: "{{ zun_oslomsg_rpc_password }}"
_oslomsg_rpc_vhost: "{{ zun_oslomsg_rpc_vhost }}"
_oslomsg_rpc_transport: "{{ zun_oslomsg_rpc_transport }}"
_oslomsg_rpc_policies: "{{ zun_oslomsg_rpc_policies }}"
_oslomsg_notify_setup_host: "{{ zun_oslomsg_notify_setup_host }}"
_oslomsg_notify_userid: "{{ zun_oslomsg_notify_userid }}"
_oslomsg_notify_password: "{{ zun_oslomsg_notify_password }}"
_oslomsg_notify_vhost: "{{ zun_oslomsg_notify_vhost }}"
_oslomsg_notify_transport: "{{ zun_oslomsg_notify_transport }}"
_oslomsg_configure_notify: "{{ (zun_ceilometer_enabled | bool) or (zun_designate_enabled | bool) }}"
_oslomsg_notify_policies: "{{ zun_oslomsg_notify_policies }}"
_oslomsg_notify_configure: "{{ zun_oslomsg_notify_configure }}"
tags:
- always
- name: Including osa.db_setup role
include_role:
name: openstack.osa.db_setup
apply:
tags:
- common-db
- zun-config
vars:
_oslodb_setup_host: "{{ zun_db_setup_host }}"
_oslodb_ansible_python_interpreter: "{{ zun_db_setup_python_interpreter }}"
_oslodb_setup_endpoint: "{{ zun_galera_address }}"
_oslodb_setup_port: "{{ zun_galera_port }}"
_oslodb_databases:
- name: "{{ zun_galera_database }}"
users:
- username: "{{ zun_galera_user }}"
password: "{{ zun_galera_password }}"
when:
- _zun_is_first_play_host
tags:
- always
- name: Including osa.service_setup role
include_role:
name: openstack.osa.service_setup
apply:
tags:
- common-service
- zun-config
vars:
_service_adminuri_insecure: "{{ keystone_service_adminuri_insecure }}"
_service_in_ldap: "{{ zun_service_in_ldap }}"
_service_setup_host: "{{ zun_service_setup_host }}"
_service_setup_host_python_interpreter: "{{ zun_service_setup_host_python_interpreter }}"
_service_project_name: "{{ zun_service_project_name }}"
_service_region: "{{ zun_service_region }}"
_service_users:
- name: "{{ zun_service_user_name }}"
password: "{{ zun_service_password }}"
role: "{{ zun_service_role_names }}"
- name: "{{ zun_kuryr_service_username }}"
password: "{{ zun_kuryr_service_password }}"
role: "{{ zun_service_role_names }}"
_service_endpoints:
- service: "{{ zun_service_name }}"
interface: "public"
url: "{{ zun_service_publicurl }}"
- service: "{{ zun_service_name }}"
interface: "internal"
url: "{{ zun_service_internalurl }}"
- service: "{{ zun_service_name }}"
interface: "admin"
url: "{{ zun_service_adminurl }}"
_service_catalog:
- name: "{{ zun_service_name }}"
type: "{{ zun_service_type }}"
description: "{{ zun_service_description }}"
when:
- _zun_is_first_play_host
tags:
- always
- name: Importing zun_post_install tasks
import_tasks: zun_compute.yml
when:
- "zun_services['zun-compute']['group'] in group_names"
tags:
- zun-compute
- name: Importing zun_post_install tasks
import_tasks: zun_post_install.yml
tags:
- zun-config
- post-install
- name: Import uwsgi role
import_role:
name: uwsgi
vars:
uwsgi_services: "{{ uwsgi_zun_services }}"
uwsgi_install_method: "source"
tags:
- zun-config
- uwsgi
- name: Run the systemd service role
import_role:
name: systemd_service
vars:
systemd_user_name: "{{ zun_system_user_name }}"
systemd_group_name: "{{ zun_system_group_name }}"
systemd_tempd_prefix: openstack
systemd_slice_name: "{{ zun_system_slice_name }}"
systemd_lock_dir: "{{ zun_lock_dir }}"
systemd_service_cpu_accounting: true
systemd_service_block_io_accounting: true
systemd_service_memory_accounting: true
systemd_service_tasks_accounting: true
systemd_services: "{{ filtered_zun_services }}"
tags:
- zun-config
- systemd-service