Modify unbound to JIT install clients

This change modifies the unbound playbook so that it follows a JIT
pattern allowing the playbooks to install what they need when they need
it. Prior to this change the unbound playbook would iterate through all
target hosts, including containers, and attempt to install the client
resource or simply execute the resolveconf role which would end in
failure should the target resource not be available at the time of
execution. Converting this to a JIT pattern should save general time
when installing with and without unbound on initial deployments and will
guarantee that the target hosts, including containers, have the most
up-to-date client code unpo deployment, or upgrade, of a given service.

Change-Id: I829747094cabc8027bad904cb822a6d265f48d73
Signed-off-by: Kevin Carter <kevin.carter@rackspace.com>

playbooks/common-playbooks/unbound-clients.yml

@@ -0,0 +1,77 @@
+---
+# Copyright 2016, Logan Vig <logan2211@gmail.com>
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+- name: Install unbound DNS resolver client configurations
+  gather_facts: true
+  hosts: "{{ unbound_group }}"
+  user: root
+  pre_tasks:
+    #gather a list of physical_hosts containing unbound containers
+    - name: Set unbound physical hosts fact
+      set_fact:
+        unbound_physical_hosts: >
+          {% set _var = [] -%}
+          {% for i in groups[resolvconf_resolver_group] -%}
+          {% if hostvars[i]['physical_host'] is defined -%}
+          {% if _var.append(hostvars[i]['physical_host']) -%}{% endif -%}
+          {% endif -%}
+          {% endfor -%}
+          {{ _var }}
+
+    #create a sorted resolver list with affinity toward unbound container(s)
+    #on the same physical_host
+    - name: Apply resolver sorting
+      set_fact:
+        resolver_list: >
+          {% set _var = [] -%}
+          {% for i in groups[resolvconf_resolver_group] -%}
+          {% if physical_host is defined
+            and hostvars[i]['physical_host'] is defined
+            and physical_host == hostvars[i]['physical_host'] -%}
+          {% if _var.append(dict(host=hostvars[i]['ansible_host'], priority=100)) -%}{% endif -%}
+          {% else -%}
+          {% if _var.append(dict(host=hostvars[i]['ansible_host'], priority=50)) -%}{% endif -%}
+          {% endif -%}
+          {% endfor -%}
+          {{ _var }}
+      when:
+        - physical_host is defined
+        - physical_host in unbound_physical_hosts
+
+    - name: Set resolver IP list fact
+      set_fact:
+        resolvconf_resolver_ips: "{{ resolver_list | sort(reverse=true, attribute='priority') | map(attribute='host') | list }}"
+        resolvconf_options:
+          - 'timeout:1'
+      when:
+        - resolver_list is defined
+        - resolver_list | length > 0
+
+    #rotate is only used when no physical_host affinity is defined
+    - name: Set resolver rotate when physical_host is not an unbound host
+      set_fact:
+        resolvconf_options:
+          - 'timeout:1'
+          - 'rotate'
+      when:
+        - resolver_list is not defined
+  roles:
+    - role: "resolvconf"
+      tags:
+        - unbound_client
+  vars:
+    #Only run the resolvconf role when DNS containers are deployed to the env.
+    resolvconf_enabled: "{{ groups['unbound'] is defined and groups['unbound'] | length > 0 }}"
+  environment: "{{ deployment_environment_variables | default({}) }}"

playbooks/etcd-install.yml

@@ -13,6 +13,12 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
+- include: common-playbooks/unbound-clients.yml
+  vars:
+    unbound_group: "etcd_all"
+  when:
+    - resolvconf_enabled | bool
+
 - name: Install etcd server cluster
   hosts: etcd_all
   gather_facts: "{{ gather_facts | default(True) }}"
@@ -30,4 +36,3 @@
   vars:
     is_metal: "{{ properties.is_metal|default(false) }}"
   environment: "{{ deployment_environment_variables | default({}) }}"
-

playbooks/galera-install.yml

@@ -13,6 +13,12 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
+- include: common-playbooks/unbound-clients.yml
+  vars:
+    unbound_group: "galera_all"
+  when:
+    - resolvconf_enabled | bool
+
 - name: Galera container config
   hosts: galera_all
   gather_facts: "{{ gather_facts | default(True) }}"

playbooks/haproxy-install.yml

@@ -13,6 +13,12 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
+- include: common-playbooks/unbound-clients.yml
+  vars:
+    unbound_group: "haproxy"
+  when:
+    - resolvconf_enabled | bool
+
 - name: haproxy base config
   hosts: haproxy
   gather_facts: "{{ gather_facts | default(True) }}"

playbooks/lxc-hosts-setup.yml

@@ -13,6 +13,12 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
+- include: common-playbooks/unbound-clients.yml
+  vars:
+    unbound_group: "{{ lxc_host_group | default('lxc_hosts')}}"
+  when:
+    - resolvconf_enabled | bool
+
 - name: Basic lxc host setup
   hosts: "{{ lxc_host_group | default('lxc_hosts')}}"
   gather_facts: "{{ gather_facts | default(True) }}"

playbooks/memcached-install.yml

@@ -13,6 +13,12 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
+- include: common-playbooks/unbound-clients.yml
+  vars:
+    unbound_group: "memcached"
+  when:
+    - resolvconf_enabled | bool
+
 - name: Install memcached
   hosts: memcached
   gather_facts: "{{ gather_facts | default(True) }}"

playbooks/openstack-hosts-setup.yml

@@ -13,6 +13,12 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
+- include: common-playbooks/unbound-clients.yml
+  vars:
+    unbound_group: "{{ openstack_host_group|default('hosts') }}"
+  when:
+    - resolvconf_enabled | bool
+
 - name: Install Ansible prerequisites
   hosts: "{{ openstack_host_group|default('hosts') }}"
   gather_facts: false

playbooks/os-aodh-install.yml

@@ -13,6 +13,12 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
+- include: common-playbooks/unbound-clients.yml
+  vars:
+    unbound_group: "aodh_all"
+  when:
+    - resolvconf_enabled | bool
+
 - name: Install the aodh components
   hosts: aodh_all
   gather_facts: "{{ gather_facts | default(True) }}"

playbooks/os-barbican-install.yml

@@ -13,6 +13,12 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
+- include: common-playbooks/unbound-clients.yml
+  vars:
+    unbound_group: "barbican_all"
+  when:
+    - resolvconf_enabled | bool
+
 - name: Installation and setup of barbican
   hosts: barbican_all
   gather_facts: "{{ gather_facts | default(True) }}"

playbooks/os-ceilometer-install.yml

@@ -13,6 +13,12 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
+- include: common-playbooks/unbound-clients.yml
+  vars:
+    unbound_group: "ceilometer_all"
+  when:
+    - resolvconf_enabled | bool
+
 - name: Install the ceilometer components
   hosts: ceilometer_all
   gather_facts: "{{ gather_facts | default(True) }}"

playbooks/os-cinder-install.yml

@@ -13,6 +13,12 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
+- include: common-playbooks/unbound-clients.yml
+  vars:
+    unbound_group: "cinder_all"
+  when:
+    - resolvconf_enabled | bool
+
 - name: Prepare MQ/DB services
   hosts: cinder_all
   gather_facts: no
@@ -21,7 +27,6 @@
   tags:
     - cinder
   tasks:
-
     - name: Configure rabbitmq vhost/user
       include: common-tasks/rabbitmq-vhost-user.yml
       vars:
@@ -230,4 +235,3 @@
         value: False
       when:
         - data_migrations | succeeded
-

playbooks/os-designate-install.yml

@@ -16,6 +16,12 @@
 # (c) 2016 Donovan Francesco <donovan.francesco@is.co.za>
 # (c) 2016 Paul Stevens <paul.stevens@is.co.za>
 
+- include: common-playbooks/unbound-clients.yml
+  vars:
+    unbound_group: "designate_all"
+  when:
+    - resolvconf_enabled | bool
+
 - name: Install designate server
   hosts: designate_all
   gather_facts: "{{ gather_facts | default(True) }}"

playbooks/os-glance-install.yml

@@ -13,6 +13,12 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
+- include: common-playbooks/unbound-clients.yml
+  vars:
+    unbound_group: "glance_all"
+  when:
+    - resolvconf_enabled | bool
+
 - name: Prepare MQ/DB services
   hosts: glance_all
   gather_facts: no
@@ -21,7 +27,6 @@
   tags:
     - glance
   tasks:
-
     - name: Configure rabbitmq vhost/user
       include: common-tasks/rabbitmq-vhost-user.yml
       vars:

playbooks/os-gnocchi-install.yml

@@ -13,6 +13,12 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
+- include: common-playbooks/unbound-clients.yml
+  vars:
+    unbound_group: "gnocchi_all"
+  when:
+    - resolvconf_enabled | bool
+
 - name: Install Gnocchi components
   hosts: gnocchi_all
   max_fail_percentage: 20

playbooks/os-heat-install.yml

@@ -13,6 +13,12 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
+- include: common-playbooks/unbound-clients.yml
+  vars:
+    unbound_group: "heat_all"
+  when:
+    - resolvconf_enabled | bool
+
 - name: Install heat server
   hosts: heat_all
   gather_facts: "{{ gather_facts | default(True) }}"

playbooks/os-horizon-install.yml

@@ -13,6 +13,12 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
+- include: common-playbooks/unbound-clients.yml
+  vars:
+    unbound_group: "horizon_all"
+  when:
+    - resolvconf_enabled | bool
+
 - name: Install horizon server
   hosts: horizon_all
   gather_facts: "{{ gather_facts | default(True) }}"

playbooks/os-ironic-install.yml

@@ -13,6 +13,12 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
+- include: common-playbooks/unbound-clients.yml
+  vars:
+    unbound_group: "ironic_all"
+  when:
+    - resolvconf_enabled | bool
+
 - name: Installation and setup of Ironic
   hosts: ironic_all
   gather_facts: "{{ gather_facts | default(True) }}"

playbooks/os-keystone-install.yml

@@ -13,6 +13,12 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
+- include: common-playbooks/unbound-clients.yml
+  vars:
+    unbound_group: "keystone_all"
+  when:
+    - resolvconf_enabled | bool
+
 - name: Prepare MQ/DB services
   hosts: keystone_all
   gather_facts: no

playbooks/os-magnum-install.yml

@@ -16,6 +16,12 @@
 # (c) 2016 Donovan Francesco <donovan.francesco@is.co.za>
 # (c) 2016 Paul Stevens <paul.stevens@is.co.za>
 
+- include: common-playbooks/unbound-clients.yml
+  vars:
+    unbound_group: "magnum_all"
+  when:
+    - resolvconf_enabled | bool
+
 - name: Install magnum server
   hosts: magnum_all
   max_fail_percentage: 20

playbooks/os-molteniron-install.yml

@@ -13,6 +13,12 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
+- include: common-playbooks/unbound-clients.yml
+  vars:
+    unbound_group: "molteniron_all"
+  when:
+    - resolvconf_enabled | bool
+
 - name: Installation and setup of molteniron
   hosts: molteniron_all
   gather_facts: "{{ gather_facts | default(True) }}"

playbooks/os-neutron-install.yml

@@ -13,6 +13,12 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
+- include: common-playbooks/unbound-clients.yml
+  vars:
+    unbound_group: "neutron_all"
+  when:
+    - resolvconf_enabled | bool
+
 - name: Configure Neutron dynamic host groupings
   hosts: localhost
   gather_facts: no

playbooks/os-nova-install.yml

@@ -13,6 +13,12 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
+- include: common-playbooks/unbound-clients.yml
+  vars:
+    unbound_group: "nova_all"
+  when:
+    - resolvconf_enabled | bool
+
 - name: Prepare MQ/DB services
   hosts: nova_conductor
   gather_facts: no

playbooks/os-octavia-install.yml

@@ -13,6 +13,12 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
+- include: common-playbooks/unbound-clients.yml
+  vars:
+    unbound_group: "octavia_all"
+  when:
+    - resolvconf_enabled | bool
+
 - name: Install octavia server
   hosts: octavia_all
   gather_facts: "{{ gather_facts | default(True) }}"

playbooks/os-rally-install.yml

@@ -13,6 +13,12 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
+- include: common-playbooks/unbound-clients.yml
+  vars:
+    unbound_group: "utility_all"
+  when:
+    - resolvconf_enabled | bool
+
 - name: Installation and setup of Rally
   hosts: utility_all
   gather_facts: "{{ gather_facts | default(True) }}"

playbooks/os-sahara-install.yml

@@ -11,6 +11,12 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
+- include: common-playbooks/unbound-clients.yml
+  vars:
+    unbound_group: "sahara_all"
+  when:
+    - resolvconf_enabled | bool
+
 - name: Install sahara server
   hosts: sahara_all
   gather_facts: "{{ gather_facts | default(True) }}"

playbooks/os-swift-install.yml

@@ -13,6 +13,12 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
+- include: common-playbooks/unbound-clients.yml
+  vars:
+    unbound_group: "swift_all"
+  when:
+    - resolvconf_enabled | bool
+
 - name: Installation and setup of Swift
   hosts: swift_all:swift_remote_all
   gather_facts: "{{ gather_facts | default(True) }}"

playbooks/os-trove-install.yml

@@ -16,6 +16,12 @@
 # (c) 2016 Donovan Francesco <donovan.francesco@is.co.za>
 # (c) 2016 Paul Stevens <paul.stevens@is.co.za>
 
+- include: common-playbooks/unbound-clients.yml
+  vars:
+    unbound_group: "trove_all"
+  when:
+    - resolvconf_enabled | bool
+
 - name: Install trove server
   hosts: trove_all
   gather_facts: "{{ gather_facts | default(True) }}"

playbooks/rabbitmq-install.yml

@@ -13,6 +13,12 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
+- include: common-playbooks/unbound-clients.yml
+  vars:
+    unbound_group: "rabbitmq_all"
+  when:
+    - resolvconf_enabled | bool
+
 - name: Create and configure rabbitmq container
   hosts: "{{ rabbitmq_host_group | default('rabbitmq_all') }}"
   serial: 1

playbooks/repo-server.yml

@@ -13,6 +13,12 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
+- include: common-playbooks/unbound-clients.yml
+  vars:
+    unbound_group: "repo_all"
+  when:
+    - resolvconf_enabled | bool
+
 - name: Setup repo servers
   hosts: repo_all
   gather_facts: "{{ gather_facts | default(True) }}"

playbooks/rsyslog-install.yml

@@ -13,6 +13,12 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
+- include: common-playbooks/unbound-clients.yml
+  vars:
+    unbound_group: "rsyslog"
+  when:
+    - resolvconf_enabled | bool
+
 - name: Install rsyslog
   hosts: rsyslog
   gather_facts: "{{ gather_facts | default(True) }}"

playbooks/unbound-install.yml

@@ -33,70 +33,3 @@
     - defaults/repo_packages/openstack_services.yml
   vars:
     is_metal: "{{ properties.is_metal|default(false) }}"
-
-- name: Install unbound DNS resolver client configurations
-  hosts:
-    - "!unbound"
-    - "{{ openstack_host_group|default('hosts') }}"
-    - "{{ container_group|default('all_containers') }}"
-  user: root
-  pre_tasks:
-    #gather a list of physical_hosts containing unbound containers
-    - name: Set unbound physical hosts fact
-      set_fact:
-        unbound_physical_hosts: >
-          {% set _var = [] -%}
-          {% for i in groups[resolvconf_resolver_group] -%}
-          {% if hostvars[i]['physical_host'] is defined -%}
-          {% if _var.append(hostvars[i]['physical_host']) -%}{% endif -%}
-          {% endif -%}
-          {% endfor -%}
-          {{ _var }}
-      when: resolvconf_enabled | bool
-    #create a sorted resolver list with affinity toward unbound container(s)
-    #on the same physical_host
-    - name: Apply resolver sorting
-      set_fact:
-        resolver_list: >
-          {% set _var = [] -%}
-          {% for i in groups[resolvconf_resolver_group] -%}
-          {% if physical_host is defined
-            and hostvars[i]['physical_host'] is defined
-            and physical_host == hostvars[i]['physical_host'] -%}
-          {% if _var.append(dict(host=hostvars[i]['ansible_host'], priority=100)) -%}{% endif -%}
-          {% else -%}
-          {% if _var.append(dict(host=hostvars[i]['ansible_host'], priority=50)) -%}{% endif -%}
-          {% endif -%}
-          {% endfor -%}
-          {{ _var }}
-      when:
-        - resolvconf_enabled | bool
-        - physical_host is defined
-        - physical_host in unbound_physical_hosts
-    - name: Set resolver IP list fact
-      set_fact:
-        resolvconf_resolver_ips: "{{ resolver_list | sort(reverse=true, attribute='priority') | map(attribute='host') | list }}"
-        resolvconf_options:
-          - 'timeout:1'
-      when:
-        - resolvconf_enabled | bool
-        - resolver_list is defined
-        - resolver_list | length > 0
-    #rotate is only used when no physical_host affinity is defined
-    - name: Set resolver rotate when physical_host is not an unbound host
-      set_fact:
-        resolvconf_options:
-          - 'timeout:1'
-          - 'rotate'
-      when:
-        - resolvconf_enabled | bool
-        - resolver_list is not defined
-  roles:
-    - role: "resolvconf"
-      when: resolvconf_enabled | bool
-      tags:
-        - unbound_client
-  vars:
-    #Only run the resolvconf role when DNS containers are deployed to the env.
-    resolvconf_enabled: "{{ groups['unbound'] is defined and groups['unbound'] | length > 0 }}"
-  environment: "{{ deployment_environment_variables | default({}) }}"

playbooks/utility-install.yml

@@ -13,12 +13,17 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
+- include: common-playbooks/unbound-clients.yml
+  vars:
+    unbound_group: "utility_all"
+  when:
+    - resolvconf_enabled | bool
+
 - name: Setup the utility location(s)
   hosts: utility_all
   max_fail_percentage: 20
   user: root
   pre_tasks:
-
     - include: common-tasks/os-lxc-container-setup.yml
 
     - include: common-tasks/os-log-dir-setup.yml