From d3a0bfb728a75db4c3cc79d4604c8555a472dc6f Mon Sep 17 00:00:00 2001
From: Kevin Carter <kevin.carter@rackspace.com>
Date: Thu, 28 Jun 2018 10:59:38 -0500
Subject: [PATCH] Remove inline jinja case statements where possible

The inline jinja case statements have known performance impacts and can
be generally simplified by using filters and will greatly improve
performance at runtime.

Change-Id: Iad014646c25c1af5ae1964130bc8e047ad8bd685
Signed-off-by: Kevin Carter <kevin.carter@rackspace.com>
---
 inventory/group_vars/all/infra.yml       | 15 ++++++++--
 inventory/group_vars/all/keystone.yml    | 36 ++++++++++++------------
 inventory/group_vars/galera_all.yml      |  8 +++++-
 inventory/group_vars/haproxy/haproxy.yml |  4 +--
 inventory/group_vars/keystone_all.yml    |  3 +-
 5 files changed, 42 insertions(+), 24 deletions(-)

diff --git a/inventory/group_vars/all/infra.yml b/inventory/group_vars/all/infra.yml
index ef06fa0da6..eb5ddb9963 100644
--- a/inventory/group_vars/all/infra.yml
+++ b/inventory/group_vars/all/infra.yml
@@ -18,7 +18,12 @@ rabbitmq_host_group: "rabbitmq_all"
 rabbitmq_port: "{{ (rabbitmq_use_ssl | bool) | ternary(5671, 5672) }}"
 
 rabbitmq_use_ssl: True
-rabbitmq_servers: "{% for host in groups[rabbitmq_host_group] %}{{ hostvars[host]['ansible_host'] }}{% if not loop.last %},{% endif %}{% endfor %}"
+rabbitmq_servers: >-
+  {{
+    groups[rabbitmq_host_group]
+      | map('extract', hostvars, 'ansible_host')
+      | list | join(',')
+  }}
 
 ## Galera options
 galera_client_package_state: "{{ package_state }}"
@@ -27,4 +32,10 @@ galera_root_user: "root"
 
 ## Memcached options
 memcached_port: 11211
-memcached_servers: "{% for host in groups['memcached'] %}{{ hostvars[host]['ansible_host'] }}:{{ memcached_port }}{% if not loop.last %},{% endif %}{% endfor %}"
+memcached_servers: >-
+  {{
+    (groups['memcached_all'] | map('extract', hostvars, 'ansible_host') | list)
+      | map('regex_replace', '(.*)' ,'\\1:' ~ memcached_port)
+      | list
+      | join(',')
+  }}
diff --git a/inventory/group_vars/all/keystone.yml b/inventory/group_vars/all/keystone.yml
index bbd1238b6c..b6a24464c0 100644
--- a/inventory/group_vars/all/keystone.yml
+++ b/inventory/group_vars/all/keystone.yml
@@ -24,31 +24,31 @@ keystone_service_proto: http
 keystone_service_region: "{{ service_region }}"
 
 keystone_service_adminuri_proto: "{{ openstack_service_adminuri_proto | default(keystone_service_proto) }}"
-keystone_service_adminuri_insecure: |-
-  {% set _insecure = false %}
-  {% if keystone_service_adminuri_proto == 'https' %}
-  {% set _insecure = not (keystone_user_ssl_cert is defined or haproxy_user_ssl_cert is defined) %}
-  {% endif %}
-  {{ _insecure }}
+keystone_service_adminuri_insecure: >-
+  {{
+    (keystone_service_adminuri_proto == 'https') and
+    (not (keystone_user_ssl_cert is defined or haproxy_user_ssl_cert is defined))
+  }}
+
 keystone_service_adminuri: "{{ keystone_service_adminuri_proto }}://{{ internal_lb_vip_address }}:{{ keystone_admin_port }}"
 keystone_service_adminurl: "{{ keystone_service_adminuri }}/v3"
 
 keystone_service_internaluri_proto: "{{ openstack_service_internaluri_proto | default(keystone_service_proto) }}"
-keystone_service_internaluri_insecure: |-
-  {% set _insecure = false %}
-  {% if keystone_service_internaluri_proto == 'https' %}
-  {% set _insecure = not (keystone_user_ssl_cert is defined or haproxy_user_ssl_cert is defined) %}
-  {% endif %}
-  {{ _insecure }}
+keystone_service_internaluri_insecure: >-
+  {{
+    (keystone_service_internaluri_proto == 'https') and
+    (not (keystone_user_ssl_cert is defined or haproxy_user_ssl_cert is defined))
+  }}
+
 keystone_service_internaluri: "{{ keystone_service_internaluri_proto }}://{{ internal_lb_vip_address }}:{{ keystone_service_port }}"
 keystone_service_internalurl: "{{ keystone_service_internaluri }}/v3"
 
 keystone_service_publicuri_proto: "{{ openstack_service_publicuri_proto | default(keystone_service_proto) }}"
-keystone_service_publicuri_insecure: |-
-  {% set _insecure = false %}
-  {% if keystone_service_publicuri_proto == 'https' %}
-  {% set _insecure = not (keystone_user_ssl_cert is defined or haproxy_user_ssl_cert is defined) %}
-  {% endif %}
-  {{ _insecure }}
+keystone_service_publicuri_insecure: >-
+  {{
+    (keystone_service_publicuri_proto == 'https') and
+    (not (keystone_user_ssl_cert is defined or haproxy_user_ssl_cert is defined))
+  }}
+
 keystone_service_publicuri: "{{ keystone_service_publicuri_proto }}://{{ external_lb_vip_address }}:{{ keystone_service_port }}"
 keystone_service_publicurl: "{{ keystone_service_publicuri }}/v3"
diff --git a/inventory/group_vars/galera_all.yml b/inventory/group_vars/galera_all.yml
index e70a42d97f..08a8da382b 100644
--- a/inventory/group_vars/galera_all.yml
+++ b/inventory/group_vars/galera_all.yml
@@ -30,7 +30,13 @@ galera_disable_privatedevices: "{{ ((properties.is_metal | default(false)) | boo
 # By default galera_monitoring xinetd app is open to 0.0.0.0/0
 # This makes sure the monitoring is only restricted to the necessary nodes:
 # the load balancers, and the galera nodes.
-galera_monitoring_allowed_source: "{% for node in groups['galera_all'] + groups['haproxy_all'] %}{{ hostvars[node]['ansible_host'] }} {% endfor %} 127.0.0.1"
+galera_monitoring_allowed_source: >-
+  {{
+    groups['galera_all'] | union(groups['haproxy_all'])
+      | map('extract', hostvars, 'ansible_host')
+      | list
+      | join(' ') ~ ' 127.0.0.1'
+  }}
 
 # Galera sessions are long lived, so if we do endpoint maintenance we will
 # force kill the sessions to force a failover to the active endpoint.
diff --git a/inventory/group_vars/haproxy/haproxy.yml b/inventory/group_vars/haproxy/haproxy.yml
index 6227d9e9cd..dada5477e1 100644
--- a/inventory/group_vars/haproxy/haproxy.yml
+++ b/inventory/group_vars/haproxy/haproxy.yml
@@ -13,8 +13,8 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-haproxy_bind_on_non_local: "{% if groups.haproxy|length > 1 %}True{% else %}False{% endif %}"
-haproxy_use_keepalived: "{% if groups.haproxy|length > 1 %}True{% else %}False{% endif %}"
+haproxy_bind_on_non_local: "{{ (groups.haproxy | length) > 1 }}"
+haproxy_use_keepalived: "{{ (groups.haproxy | length) > 1 }}"
 keepalived_selinux_compile_rules:
   - keepalived_ping
   - keepalived_haproxy_pid_file
diff --git a/inventory/group_vars/keystone_all.yml b/inventory/group_vars/keystone_all.yml
index 40e395293b..1056ab415e 100644
--- a/inventory/group_vars/keystone_all.yml
+++ b/inventory/group_vars/keystone_all.yml
@@ -24,7 +24,8 @@ keystone_system_user_name: keystone
 
 keystone_external_ssl: "{{ openstack_external_ssl }}"
 
-keystone_cache_servers: "[{% for host in groups['memcached_all'] %}\"{{ hostvars[host]['container_address'] }}:{{ memcached_port }}\"{% if not loop.last %},{% endif %}{% endfor %}]"
+keystone_cache_servers: "{{ memcached_servers.split(',') }}"
+
 keystone_service_in_ldap: "{{ service_ldap_backend_enabled }}"
 
 # Hosts allowed to override remote IP with X-Forwarded-For