Remove pip_get_pip_options override from group_vars

In the group_vars pip_get_pip_options is set with the intention
of restricting the initial pip install to using the local repo
server first, then reaching out to a set upstream repo.
The pip install role then has a fallback which ignores these
settings and goes to pypi to fetch the versions required.

While this works, it causes an initial failure to install pip
when the repo server is not yet available. This is OK considering
that there isa fallback, but when other pip install options
need to be used (eg: proxy options, certificate validation
disabling due to bad proxies) then circumstances are reached
where both tasks will fail and pip is uninstallable.

Going back to the original intent, the use of this setting in
group_vars is a logic flaw. If there's a repo server already,
then everywhere where it matters the pip_lock_down role would
have already restricted pip install options to make use of the
local repo server for the first task in pip_install anyway. In
other words we're double-doing the lock down unnecessarily.

This patch results in the following behaviour:

- The first pip install task will look for the versions specified
  in the local repo if there is one and the pip_lock_down task has
  run on the host in question.
- If there is no local pip.conf, the first pip install task will
  seek the packages from pypi.
- If the deployer chooses to set 'pip_get_pip_options' in
  user_variables, then those options will be honoured.

This patch paves the way for https://review.openstack.org/296114
to actually be something useful to have merged.

Closes-Bug: 1559619
Change-Id: I148e3628a75d81711b969eddee0c452e2ba16664
This commit is contained in:
Jesse Pretorius 2016-03-23 16:29:29 +00:00 committed by Jesse Pretorius (odyssey4me)
parent 0849367b62
commit 3cdac57fc8
2 changed files with 11 additions and 10 deletions

View File

@ -58,16 +58,6 @@ galera_wsrep_cluster_address: "{% for host in groups['galera_all'] %}{{ hostvars
galera_wsrep_address: "{{ ansible_ssh_host }}"
## Pip install
# Ensure that the pip_install role tries the local repo before looking
# for pip in alternative locations
pip_get_pip_options: >
--no-index
--find-links "{{ openstack_repo_url }}/os-releases/{{ openstack_release }}"
--find-links "{{ repo_pip_default_index | netorigin }}/os-releases/{{ openstack_release }}"
--trusted-host "{{ openstack_repo_url | netloc_no_port }}"
--trusted-host "{{ repo_pip_default_index | netloc_no_port }}"
pip_links:
- { name: "openstack_release", link: "{{ openstack_repo_url }}/os-releases/{{ openstack_release }}/" }

View File

@ -0,0 +1,11 @@
---
upgrade:
- The ``pip_get_pip_options`` override has been removed from group_vars,
resulting in the empty default being used. Previously this method was
used to lock the pip install source appropriately, but this has been
handled through the pip_lock_down role for several cycles. If a deployer
has implemented an override in user_variables based on the previous
group_vars settings then the settings should be reviewed. This override
may now be used for catering to situations where the pip installation
requires extra options set to allow installing through a proxy, or
disabling certificate validation.