From 718f790a3722f0060866d760bf56649f04daa30e Mon Sep 17 00:00:00 2001 From: Logan V Date: Sat, 16 Sep 2017 12:57:20 -0500 Subject: [PATCH] Move resolvconf JIT execution to common tasks Use include_role in a common-tasks include to execute the resolvconf role when unbound is used. Change-Id: Id70f3d5dc66701a1fb593e6309b071d0e38ea282 --- group_vars/all/all.yml | 1 - host_vars/.placeholder | 0 host_vars/localhost.yml | 22 ++++++ playbooks/ceph-install.yml | 8 ++ playbooks/common-playbooks/cinder.yml | 5 ++ playbooks/common-playbooks/glance.yml | 5 ++ playbooks/common-playbooks/neutron.yml | 5 ++ playbooks/common-playbooks/nova.yml | 5 ++ .../common-playbooks/unbound-clients.yml | 77 ------------------- playbooks/common-tasks/unbound-clients.yml | 65 ++++++++++++++++ playbooks/etcd-install.yml | 10 +-- playbooks/galera-install.yml | 10 +-- playbooks/haproxy-install.yml | 10 +-- playbooks/inventory/localhost | 2 + playbooks/memcached-install.yml | 10 +-- playbooks/os-aodh-install.yml | 10 +-- playbooks/os-barbican-install.yml | 10 +-- playbooks/os-ceilometer-install.yml | 10 +-- playbooks/os-cinder-install.yml | 6 -- playbooks/os-designate-install.yml | 10 +-- playbooks/os-glance-install.yml | 6 -- playbooks/os-gnocchi-install.yml | 10 +-- playbooks/os-heat-install.yml | 10 +-- playbooks/os-horizon-install.yml | 10 +-- playbooks/os-ironic-install.yml | 10 +-- playbooks/os-keystone-install.yml | 11 ++- playbooks/os-magnum-install.yml | 10 +-- playbooks/os-molteniron-install.yml | 10 +-- playbooks/os-neutron-install.yml | 6 -- playbooks/os-nova-install.yml | 6 -- playbooks/os-octavia-install.yml | 10 +-- playbooks/os-rally-install.yml | 10 +-- playbooks/os-sahara-install.yml | 10 +-- playbooks/os-swift-install.yml | 10 +-- playbooks/os-trove-install.yml | 10 +-- playbooks/rabbitmq-install.yml | 10 +-- playbooks/repo-server.yml | 11 ++- playbooks/rsyslog-install.yml | 10 +-- playbooks/unbound-install.yml | 16 ++-- playbooks/utility-install.yml | 11 ++- 40 files changed, 227 insertions(+), 251 deletions(-) delete mode 100644 host_vars/.placeholder create mode 100644 host_vars/localhost.yml delete mode 100644 playbooks/common-playbooks/unbound-clients.yml create mode 100644 playbooks/common-tasks/unbound-clients.yml create mode 100644 playbooks/inventory/localhost diff --git a/group_vars/all/all.yml b/group_vars/all/all.yml index 69cefa4004..7ed9bf4495 100644 --- a/group_vars/all/all.yml +++ b/group_vars/all/all.yml @@ -119,4 +119,3 @@ ansible_ssh_extra_args: > # Toggle whether the service is deployed in a container or not is_metal: "{{ properties.is_metal | default(false) }}" - diff --git a/host_vars/.placeholder b/host_vars/.placeholder deleted file mode 100644 index e69de29bb2..0000000000 diff --git a/host_vars/localhost.yml b/host_vars/localhost.yml new file mode 100644 index 0000000000..e8aab7b994 --- /dev/null +++ b/host_vars/localhost.yml @@ -0,0 +1,22 @@ +--- +# Copyright 2017, Logan Vig +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +resolvconf_enabled: "{{ groups['unbound'] is defined and groups['unbound'] | length > 0 }}" +unbound_physical_hosts: >- + {{ groups[resolvconf_resolver_group] | + map('extract', hostvars, 'physical_host') | + select('defined') | + list + }} diff --git a/playbooks/ceph-install.yml b/playbooks/ceph-install.yml index e649bd2184..54e96810e0 100644 --- a/playbooks/ceph-install.yml +++ b/playbooks/ceph-install.yml @@ -26,6 +26,10 @@ - include: common-tasks/os-lxc-container-setup.yml vars: list_of_bind_mounts: "{{ ceph_container_bind_mounts }}" + - include: common-tasks/unbound-clients.yml + static: no + when: + - hostvars['localhost']['resolvconf_enabled'] | bool - include: common-tasks/package-cache-proxy.yml #TODO: mgariepy, revisit to use include_role when https://github.com/ansible/ansible/issues/20077 is fixed - name: install the ceph stable repository key @@ -130,6 +134,10 @@ log_dirs: - src: "/openstack/log/{{ inventory_hostname }}-ceph" dest: "/var/log/ceph" + - include: common-tasks/unbound-clients.yml + static: no + when: + - hostvars['localhost']['resolvconf_enabled'] | bool - include: common-tasks/package-cache-proxy.yml #TODO: mgariepy, revisit to use include_role when https://github.com/ansible/ansible/issues/20077 is fixed - name: install the ceph stable repository key diff --git a/playbooks/common-playbooks/cinder.yml b/playbooks/common-playbooks/cinder.yml index dac0674375..b4a1e5fd72 100644 --- a/playbooks/common-playbooks/cinder.yml +++ b/playbooks/common-playbooks/cinder.yml @@ -68,6 +68,11 @@ - src: "/openstack/log/{{ inventory_hostname }}-cinder" dest: "/var/log/cinder" + - include: ../common-tasks/unbound-clients.yml + static: no + when: + - hostvars['localhost']['resolvconf_enabled'] | bool + - name: Configure package proxy cache include: ../common-tasks/package-cache-proxy.yml diff --git a/playbooks/common-playbooks/glance.yml b/playbooks/common-playbooks/glance.yml index 4fba5b7444..7132bba21e 100644 --- a/playbooks/common-playbooks/glance.yml +++ b/playbooks/common-playbooks/glance.yml @@ -55,6 +55,11 @@ - src: "/openstack/log/{{ inventory_hostname }}-glance" dest: "/var/log/glance" + - include: ../common-tasks/unbound-clients.yml + static: no + when: + - hostvars['localhost']['resolvconf_enabled'] | bool + - name: Configure package proxy cache include: ../common-tasks/package-cache-proxy.yml diff --git a/playbooks/common-playbooks/neutron.yml b/playbooks/common-playbooks/neutron.yml index 99b97b0d9f..3a90d2886e 100644 --- a/playbooks/common-playbooks/neutron.yml +++ b/playbooks/common-playbooks/neutron.yml @@ -63,6 +63,11 @@ when: - "'neutron_calico_dhcp_agent' in group_names" + - include: ../common-tasks/unbound-clients.yml + static: no + when: + - hostvars['localhost']['resolvconf_enabled'] | bool + - name: Configure package proxy cache include: ../common-tasks/package-cache-proxy.yml diff --git a/playbooks/common-playbooks/nova.yml b/playbooks/common-playbooks/nova.yml index 0599b45a1e..b1f533f923 100644 --- a/playbooks/common-playbooks/nova.yml +++ b/playbooks/common-playbooks/nova.yml @@ -74,6 +74,11 @@ - src: "/openstack/log/{{ inventory_hostname }}-nova" dest: "/var/log/nova" + - include: ../common-tasks/unbound-clients.yml + static: no + when: + - hostvars['localhost']['resolvconf_enabled'] | bool + - name: Configure package proxy cache include: ../common-tasks/package-cache-proxy.yml diff --git a/playbooks/common-playbooks/unbound-clients.yml b/playbooks/common-playbooks/unbound-clients.yml deleted file mode 100644 index d09dd3db8d..0000000000 --- a/playbooks/common-playbooks/unbound-clients.yml +++ /dev/null @@ -1,77 +0,0 @@ ---- -# Copyright 2016, Logan Vig -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -- name: Install unbound DNS resolver client configurations - gather_facts: true - hosts: "{{ unbound_group }}" - user: root - pre_tasks: - #gather a list of physical_hosts containing unbound containers - - name: Set unbound physical hosts fact - set_fact: - unbound_physical_hosts: > - {% set _var = [] -%} - {% for i in groups[resolvconf_resolver_group] -%} - {% if hostvars[i]['physical_host'] is defined -%} - {% if _var.append(hostvars[i]['physical_host']) -%}{% endif -%} - {% endif -%} - {% endfor -%} - {{ _var }} - - #create a sorted resolver list with affinity toward unbound container(s) - #on the same physical_host - - name: Apply resolver sorting - set_fact: - resolver_list: > - {% set _var = [] -%} - {% for i in groups[resolvconf_resolver_group] -%} - {% if physical_host is defined - and hostvars[i]['physical_host'] is defined - and physical_host == hostvars[i]['physical_host'] -%} - {% if _var.append(dict(host=hostvars[i]['ansible_host'], priority=100)) -%}{% endif -%} - {% else -%} - {% if _var.append(dict(host=hostvars[i]['ansible_host'], priority=50)) -%}{% endif -%} - {% endif -%} - {% endfor -%} - {{ _var }} - when: - - physical_host is defined - - physical_host in unbound_physical_hosts - - - name: Set resolver IP list fact - set_fact: - resolvconf_resolver_ips: "{{ resolver_list | sort(reverse=true, attribute='priority') | map(attribute='host') | list }}" - resolvconf_options: - - 'timeout:1' - when: - - resolver_list is defined - - resolver_list | length > 0 - - #rotate is only used when no physical_host affinity is defined - - name: Set resolver rotate when physical_host is not an unbound host - set_fact: - resolvconf_options: - - 'timeout:1' - - 'rotate' - when: - - resolver_list is not defined - roles: - - role: "resolvconf" - tags: - - unbound_client - vars: - #Only run the resolvconf role when DNS containers are deployed to the env. - resolvconf_enabled: "{{ groups['unbound'] is defined and groups['unbound'] | length > 0 }}" - environment: "{{ deployment_environment_variables | default({}) }}" diff --git a/playbooks/common-tasks/unbound-clients.yml b/playbooks/common-tasks/unbound-clients.yml new file mode 100644 index 0000000000..c99885f453 --- /dev/null +++ b/playbooks/common-tasks/unbound-clients.yml @@ -0,0 +1,65 @@ +--- +# Copyright 2017, Logan Vig +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +#create a sorted resolver list with affinity toward unbound container(s) +#on the same physical_host +- name: Apply resolver sorting + set_fact: + resolver_list: |- + {% set _var = [] %} + {% for host in groups[resolvconf_resolver_group] %} + {% if physical_host is defined and + hostvars[host]['physical_host'] is defined + and physical_host == hostvars[host]['physical_host'] %} + {% set _prio = 100 %} + {% else %} + {% set _prio = 50 %} + {% endif %} + {% set _ = _var.append({ + 'host': hostvars[host]['ansible_host'], + 'priority': _prio + }) + %} + {% endfor %} + {{ _var | + sort(reverse=true, attribute='priority') | + map(attribute='host') | + list + }} + when: + - physical_host is defined + - physical_host in hostvars['localhost']['unbound_physical_hosts'] + +- name: Set resolver IP list fact + set_fact: + resolvconf_resolver_ips: "{{ resolver_list }}" + resolvconf_options: + - 'timeout:1' + when: + - resolver_list is defined + - resolver_list | length > 0 + +#rotate is only used when no physical_host affinity is defined +- name: Set resolver rotate when physical_host is not an unbound host + set_fact: + resolvconf_options: + - 'timeout:1' + - 'rotate' + when: + - resolver_list is not defined + +- name: Include the resolvconf role + include_role: + name: resolvconf diff --git a/playbooks/etcd-install.yml b/playbooks/etcd-install.yml index a1386b3e3f..05c18839ce 100644 --- a/playbooks/etcd-install.yml +++ b/playbooks/etcd-install.yml @@ -13,12 +13,6 @@ # See the License for the specific language governing permissions and # limitations under the License. -- include: common-playbooks/unbound-clients.yml - vars: - unbound_group: "etcd_all" - when: - - resolvconf_enabled | bool - - name: Install etcd server cluster hosts: etcd_all gather_facts: "{{ gather_facts | default(True) }}" @@ -26,6 +20,10 @@ user: root pre_tasks: - include: common-tasks/os-lxc-container-setup.yml + - include: common-tasks/unbound-clients.yml + static: no + when: + - hostvars['localhost']['resolvconf_enabled'] | bool - include: common-tasks/package-cache-proxy.yml roles: - role: "etcd" diff --git a/playbooks/galera-install.yml b/playbooks/galera-install.yml index 175b72698e..08fe9e2477 100644 --- a/playbooks/galera-install.yml +++ b/playbooks/galera-install.yml @@ -13,12 +13,6 @@ # See the License for the specific language governing permissions and # limitations under the License. -- include: common-playbooks/unbound-clients.yml - vars: - unbound_group: "galera_all" - when: - - resolvconf_enabled | bool - - name: Galera container config hosts: galera_all gather_facts: "{{ gather_facts | default(True) }}" @@ -36,6 +30,10 @@ list_of_bind_mounts: "{{ galera_container_bind_mounts }}" extra_container_config_no_restart: - "lxc.start.order=10" + - include: common-tasks/unbound-clients.yml + static: no + when: + - hostvars['localhost']['resolvconf_enabled'] | bool - include: common-tasks/package-cache-proxy.yml vars: is_metal: "{{ properties.is_metal|default(false) }}" diff --git a/playbooks/haproxy-install.yml b/playbooks/haproxy-install.yml index 0a71dc0818..3a0f8e3227 100644 --- a/playbooks/haproxy-install.yml +++ b/playbooks/haproxy-install.yml @@ -13,12 +13,6 @@ # See the License for the specific language governing permissions and # limitations under the License. -- include: common-playbooks/unbound-clients.yml - vars: - unbound_group: "haproxy" - when: - - resolvconf_enabled | bool - - name: haproxy base config hosts: haproxy gather_facts: "{{ gather_facts | default(True) }}" @@ -30,6 +24,10 @@ log_dirs: - src: "/openstack/log/{{ inventory_hostname }}-haproxy" dest: "/var/log/haproxy" + - include: common-tasks/unbound-clients.yml + static: no + when: + - hostvars['localhost']['resolvconf_enabled'] | bool roles: - role: "keepalived" when: haproxy_use_keepalived | bool diff --git a/playbooks/inventory/localhost b/playbooks/inventory/localhost new file mode 100644 index 0000000000..68b2dac3be --- /dev/null +++ b/playbooks/inventory/localhost @@ -0,0 +1,2 @@ +[all] +localhost diff --git a/playbooks/memcached-install.yml b/playbooks/memcached-install.yml index cc6fa26c33..0c5496c43b 100644 --- a/playbooks/memcached-install.yml +++ b/playbooks/memcached-install.yml @@ -13,12 +13,6 @@ # See the License for the specific language governing permissions and # limitations under the License. -- include: common-playbooks/unbound-clients.yml - vars: - unbound_group: "memcached" - when: - - resolvconf_enabled | bool - - name: Install memcached hosts: memcached gather_facts: "{{ gather_facts | default(True) }}" @@ -31,6 +25,10 @@ log_dirs: - src: "/openstack/log/{{ inventory_hostname }}-memcached" dest: "/var/log/memcached" + - include: common-tasks/unbound-clients.yml + static: no + when: + - hostvars['localhost']['resolvconf_enabled'] | bool - include: common-tasks/package-cache-proxy.yml roles: - role: "memcached_server" diff --git a/playbooks/os-aodh-install.yml b/playbooks/os-aodh-install.yml index ec77c92c37..3353b14474 100644 --- a/playbooks/os-aodh-install.yml +++ b/playbooks/os-aodh-install.yml @@ -13,12 +13,6 @@ # See the License for the specific language governing permissions and # limitations under the License. -- include: common-playbooks/unbound-clients.yml - vars: - unbound_group: "aodh_all" - when: - - resolvconf_enabled | bool - - name: Install the aodh components hosts: aodh_all gather_facts: "{{ gather_facts | default(True) }}" @@ -49,6 +43,10 @@ login_host: "{{ aodh_galera_address }}" db_name: "{{ aodh_galera_database }}" when: inventory_hostname == groups['aodh_all'][0] + - include: common-tasks/unbound-clients.yml + static: no + when: + - hostvars['localhost']['resolvconf_enabled'] | bool - include: common-tasks/package-cache-proxy.yml roles: - role: "os_aodh" diff --git a/playbooks/os-barbican-install.yml b/playbooks/os-barbican-install.yml index 7c08b5c495..8530113b6a 100644 --- a/playbooks/os-barbican-install.yml +++ b/playbooks/os-barbican-install.yml @@ -13,12 +13,6 @@ # See the License for the specific language governing permissions and # limitations under the License. -- include: common-playbooks/unbound-clients.yml - vars: - unbound_group: "barbican_all" - when: - - resolvconf_enabled | bool - - name: Installation and setup of barbican hosts: barbican_all gather_facts: "{{ gather_facts | default(True) }}" @@ -49,6 +43,10 @@ login_host: "{{ barbican_galera_address }}" db_name: "{{ barbican_galera_database }}" when: inventory_hostname == groups['barbican_all'][0] + - include: common-tasks/unbound-clients.yml + static: no + when: + - hostvars['localhost']['resolvconf_enabled'] | bool - include: common-tasks/package-cache-proxy.yml roles: - role: "os_barbican" diff --git a/playbooks/os-ceilometer-install.yml b/playbooks/os-ceilometer-install.yml index da4c705fc4..884fce10ee 100644 --- a/playbooks/os-ceilometer-install.yml +++ b/playbooks/os-ceilometer-install.yml @@ -13,12 +13,6 @@ # See the License for the specific language governing permissions and # limitations under the License. -- include: common-playbooks/unbound-clients.yml - vars: - unbound_group: "ceilometer_all" - when: - - resolvconf_enabled | bool - - name: Install the ceilometer components hosts: ceilometer_all gather_facts: "{{ gather_facts | default(True) }}" @@ -41,6 +35,10 @@ log_dirs: - src: "/openstack/log/{{ inventory_hostname }}-ceilometer" dest: "/var/log/ceilometer" + - include: common-tasks/unbound-clients.yml + static: no + when: + - hostvars['localhost']['resolvconf_enabled'] | bool - include: common-tasks/package-cache-proxy.yml roles: - role: "os_ceilometer" diff --git a/playbooks/os-cinder-install.yml b/playbooks/os-cinder-install.yml index a55563a2de..c7ced7ae1f 100644 --- a/playbooks/os-cinder-install.yml +++ b/playbooks/os-cinder-install.yml @@ -13,12 +13,6 @@ # See the License for the specific language governing permissions and # limitations under the License. -- include: common-playbooks/unbound-clients.yml - vars: - unbound_group: "cinder_all" - when: - - resolvconf_enabled | bool - - name: Prepare MQ/DB services hosts: cinder_all gather_facts: no diff --git a/playbooks/os-designate-install.yml b/playbooks/os-designate-install.yml index c2894654db..e612856371 100644 --- a/playbooks/os-designate-install.yml +++ b/playbooks/os-designate-install.yml @@ -16,12 +16,6 @@ # (c) 2016 Donovan Francesco # (c) 2016 Paul Stevens -- include: common-playbooks/unbound-clients.yml - vars: - unbound_group: "designate_all" - when: - - resolvconf_enabled | bool - - name: Install designate server hosts: designate_all gather_facts: "{{ gather_facts | default(True) }}" @@ -64,6 +58,10 @@ login_host: "{{ designate_galera_address }}" db_name: "{{ designate_galera_database_name }}" when: inventory_hostname == groups['designate_all'][0] + - include: common-tasks/unbound-clients.yml + static: no + when: + - hostvars['localhost']['resolvconf_enabled'] | bool - include: common-tasks/package-cache-proxy.yml roles: - role: "os_designate" diff --git a/playbooks/os-glance-install.yml b/playbooks/os-glance-install.yml index 333b019044..257f6dc03c 100644 --- a/playbooks/os-glance-install.yml +++ b/playbooks/os-glance-install.yml @@ -13,12 +13,6 @@ # See the License for the specific language governing permissions and # limitations under the License. -- include: common-playbooks/unbound-clients.yml - vars: - unbound_group: "glance_all" - when: - - resolvconf_enabled | bool - - name: Prepare MQ/DB services hosts: glance_all gather_facts: no diff --git a/playbooks/os-gnocchi-install.yml b/playbooks/os-gnocchi-install.yml index 14feccbc8b..f73a5b6393 100644 --- a/playbooks/os-gnocchi-install.yml +++ b/playbooks/os-gnocchi-install.yml @@ -13,12 +13,6 @@ # See the License for the specific language governing permissions and # limitations under the License. -- include: common-playbooks/unbound-clients.yml - vars: - unbound_group: "gnocchi_all" - when: - - resolvconf_enabled | bool - - name: Install Gnocchi components hosts: gnocchi_all max_fail_percentage: 20 @@ -47,6 +41,10 @@ login_host: "{{ gnocchi_galera_address }}" db_name: "{{ gnocchi_galera_database }}" when: inventory_hostname == groups['gnocchi_all'][0] + - include: common-tasks/unbound-clients.yml + static: no + when: + - hostvars['localhost']['resolvconf_enabled'] | bool - include: common-tasks/package-cache-proxy.yml roles: - role: "ceph_client" diff --git a/playbooks/os-heat-install.yml b/playbooks/os-heat-install.yml index 4c3697da66..314a266bb2 100644 --- a/playbooks/os-heat-install.yml +++ b/playbooks/os-heat-install.yml @@ -13,12 +13,6 @@ # See the License for the specific language governing permissions and # limitations under the License. -- include: common-playbooks/unbound-clients.yml - vars: - unbound_group: "heat_all" - when: - - resolvconf_enabled | bool - - name: Install heat server hosts: heat_all gather_facts: "{{ gather_facts | default(True) }}" @@ -62,6 +56,10 @@ login_host: "{{ heat_galera_address }}" db_name: "{{ heat_galera_database }}" when: inventory_hostname == groups['heat_all'][0] + - include: common-tasks/unbound-clients.yml + static: no + when: + - hostvars['localhost']['resolvconf_enabled'] | bool - include: common-tasks/package-cache-proxy.yml roles: - role: "os_heat" diff --git a/playbooks/os-horizon-install.yml b/playbooks/os-horizon-install.yml index b9abfb7b6f..6627dbcd48 100644 --- a/playbooks/os-horizon-install.yml +++ b/playbooks/os-horizon-install.yml @@ -13,12 +13,6 @@ # See the License for the specific language governing permissions and # limitations under the License. -- include: common-playbooks/unbound-clients.yml - vars: - unbound_group: "horizon_all" - when: - - resolvconf_enabled | bool - - name: Install horizon server hosts: horizon_all gather_facts: "{{ gather_facts | default(True) }}" @@ -39,6 +33,10 @@ login_host: "{{ horizon_galera_address }}" db_name: "{{ horizon_galera_database }}" when: inventory_hostname == groups['horizon_all'][0] + - include: common-tasks/unbound-clients.yml + static: no + when: + - hostvars['localhost']['resolvconf_enabled'] | bool - include: common-tasks/package-cache-proxy.yml roles: - role: "os_horizon" diff --git a/playbooks/os-ironic-install.yml b/playbooks/os-ironic-install.yml index ce3022739c..ef8c6972fe 100644 --- a/playbooks/os-ironic-install.yml +++ b/playbooks/os-ironic-install.yml @@ -13,12 +13,6 @@ # See the License for the specific language governing permissions and # limitations under the License. -- include: common-playbooks/unbound-clients.yml - vars: - unbound_group: "ironic_all" - when: - - resolvconf_enabled | bool - - name: Installation and setup of Ironic hosts: ironic_all gather_facts: "{{ gather_facts | default(True) }}" @@ -43,6 +37,10 @@ login_host: "{{ ironic_galera_address }}" db_name: "{{ ironic_galera_database }}" when: inventory_hostname == groups['ironic_all'][0] + - include: common-tasks/unbound-clients.yml + static: no + when: + - hostvars['localhost']['resolvconf_enabled'] | bool - include: common-tasks/package-cache-proxy.yml roles: - role: "os_ironic" diff --git a/playbooks/os-keystone-install.yml b/playbooks/os-keystone-install.yml index 64179054db..7e25967a61 100644 --- a/playbooks/os-keystone-install.yml +++ b/playbooks/os-keystone-install.yml @@ -13,12 +13,6 @@ # See the License for the specific language governing permissions and # limitations under the License. -- include: common-playbooks/unbound-clients.yml - vars: - unbound_group: "keystone_all" - when: - - resolvconf_enabled | bool - - name: Prepare MQ/DB services hosts: keystone_all gather_facts: no @@ -101,6 +95,11 @@ - src: "/openstack/log/{{ inventory_hostname }}-keystone" dest: "/var/log/keystone" + - include: common-tasks/unbound-clients.yml + static: no + when: + - hostvars['localhost']['resolvconf_enabled'] | bool + - name: Configure package proxy cache include: common-tasks/package-cache-proxy.yml diff --git a/playbooks/os-magnum-install.yml b/playbooks/os-magnum-install.yml index d89b908ccd..ba7fa639dc 100644 --- a/playbooks/os-magnum-install.yml +++ b/playbooks/os-magnum-install.yml @@ -16,12 +16,6 @@ # (c) 2016 Donovan Francesco # (c) 2016 Paul Stevens -- include: common-playbooks/unbound-clients.yml - vars: - unbound_group: "magnum_all" - when: - - resolvconf_enabled | bool - - name: Install magnum server hosts: magnum_all max_fail_percentage: 20 @@ -33,6 +27,10 @@ log_dirs: - src: "/openstack/log/{{ inventory_hostname }}-magnum" dest: "/var/log/magnum" + - include: common-tasks/unbound-clients.yml + static: no + when: + - hostvars['localhost']['resolvconf_enabled'] | bool - include: common-tasks/rabbitmq-vhost-user.yml static: no vars: diff --git a/playbooks/os-molteniron-install.yml b/playbooks/os-molteniron-install.yml index fcf39b7a0c..2a47393f71 100644 --- a/playbooks/os-molteniron-install.yml +++ b/playbooks/os-molteniron-install.yml @@ -13,12 +13,6 @@ # See the License for the specific language governing permissions and # limitations under the License. -- include: common-playbooks/unbound-clients.yml - vars: - unbound_group: "molteniron_all" - when: - - resolvconf_enabled | bool - - name: Installation and setup of molteniron hosts: molteniron_all gather_facts: "{{ gather_facts | default(True) }}" @@ -35,6 +29,10 @@ dest: "/var/log/molteniron" owner: "syslog" group: "syslog" + - include: common-tasks/unbound-clients.yml + static: no + when: + - hostvars['localhost']['resolvconf_enabled'] | bool roles: - role: "os_molteniron" molteniron_venv_tag: "{{ openstack_release }}" diff --git a/playbooks/os-neutron-install.yml b/playbooks/os-neutron-install.yml index 10849bf030..71e9ae73d5 100644 --- a/playbooks/os-neutron-install.yml +++ b/playbooks/os-neutron-install.yml @@ -13,12 +13,6 @@ # See the License for the specific language governing permissions and # limitations under the License. -- include: common-playbooks/unbound-clients.yml - vars: - unbound_group: "neutron_all" - when: - - resolvconf_enabled | bool - - name: Configure Neutron dynamic host groupings hosts: localhost gather_facts: no diff --git a/playbooks/os-nova-install.yml b/playbooks/os-nova-install.yml index fdb2d843fa..5ea0b71dab 100644 --- a/playbooks/os-nova-install.yml +++ b/playbooks/os-nova-install.yml @@ -13,12 +13,6 @@ # See the License for the specific language governing permissions and # limitations under the License. -- include: common-playbooks/unbound-clients.yml - vars: - unbound_group: "nova_all" - when: - - resolvconf_enabled | bool - - name: Prepare MQ/DB services hosts: nova_conductor gather_facts: no diff --git a/playbooks/os-octavia-install.yml b/playbooks/os-octavia-install.yml index 6234b1de09..c0e7770f50 100644 --- a/playbooks/os-octavia-install.yml +++ b/playbooks/os-octavia-install.yml @@ -13,12 +13,6 @@ # See the License for the specific language governing permissions and # limitations under the License. -- include: common-playbooks/unbound-clients.yml - vars: - unbound_group: "octavia_all" - when: - - resolvconf_enabled | bool - - name: Install octavia server hosts: octavia_all gather_facts: "{{ gather_facts | default(True) }}" @@ -50,6 +44,10 @@ login_host: "{{ octavia_galera_address }}" db_name: "{{ octavia_galera_database }}" when: inventory_hostname == groups['octavia_all'][0] + - include: common-tasks/unbound-clients.yml + static: no + when: + - hostvars['localhost']['resolvconf_enabled'] | bool - include: common-tasks/package-cache-proxy.yml roles: - role: "os_octavia" diff --git a/playbooks/os-rally-install.yml b/playbooks/os-rally-install.yml index 3d07e21570..549c4d0006 100644 --- a/playbooks/os-rally-install.yml +++ b/playbooks/os-rally-install.yml @@ -13,17 +13,15 @@ # See the License for the specific language governing permissions and # limitations under the License. -- include: common-playbooks/unbound-clients.yml - vars: - unbound_group: "utility_all" - when: - - resolvconf_enabled | bool - - name: Installation and setup of Rally hosts: utility_all gather_facts: "{{ gather_facts | default(True) }}" user: root pre_tasks: + - include: common-tasks/unbound-clients.yml + static: no + when: + - hostvars['localhost']['resolvconf_enabled'] | bool - include: common-tasks/mysql-db-user.yml static: no vars: diff --git a/playbooks/os-sahara-install.yml b/playbooks/os-sahara-install.yml index db70bba129..dc4a9dd544 100644 --- a/playbooks/os-sahara-install.yml +++ b/playbooks/os-sahara-install.yml @@ -11,12 +11,6 @@ # See the License for the specific language governing permissions and # limitations under the License. -- include: common-playbooks/unbound-clients.yml - vars: - unbound_group: "sahara_all" - when: - - resolvconf_enabled | bool - - name: Install sahara server hosts: sahara_all gather_facts: "{{ gather_facts | default(True) }}" @@ -59,6 +53,10 @@ login_host: "{{ sahara_galera_address }}" db_name: "{{ sahara_galera_database }}" when: inventory_hostname == groups['sahara_all'][0] + - include: common-tasks/unbound-clients.yml + static: no + when: + - hostvars['localhost']['resolvconf_enabled'] | bool - include: common-tasks/package-cache-proxy.yml roles: - role: "os_sahara" diff --git a/playbooks/os-swift-install.yml b/playbooks/os-swift-install.yml index ed712d121b..b83c550835 100644 --- a/playbooks/os-swift-install.yml +++ b/playbooks/os-swift-install.yml @@ -13,12 +13,6 @@ # See the License for the specific language governing permissions and # limitations under the License. -- include: common-playbooks/unbound-clients.yml - vars: - unbound_group: "swift_all" - when: - - resolvconf_enabled | bool - - name: Installation and setup of Swift hosts: swift_all:swift_remote_all gather_facts: "{{ gather_facts | default(True) }}" @@ -38,6 +32,10 @@ # NOTE(hwoarang) The syslog user on openSUSE belongs to the 'users' # group. There is no dedicated syslog group. group: "{{ (ansible_pkg_mgr == 'zypper') | ternary ('users', 'syslog') }}" + - include: common-tasks/unbound-clients.yml + static: no + when: + - hostvars['localhost']['resolvconf_enabled'] | bool - include: common-tasks/package-cache-proxy.yml # If we're using ceilometer then swift needs a rabbitmq/vhost & usera diff --git a/playbooks/os-trove-install.yml b/playbooks/os-trove-install.yml index 2637531af6..6612841b97 100644 --- a/playbooks/os-trove-install.yml +++ b/playbooks/os-trove-install.yml @@ -16,12 +16,6 @@ # (c) 2016 Donovan Francesco # (c) 2016 Paul Stevens -- include: common-playbooks/unbound-clients.yml - vars: - unbound_group: "trove_all" - when: - - resolvconf_enabled | bool - - name: Install trove server hosts: trove_all gather_facts: "{{ gather_facts | default(True) }}" @@ -64,6 +58,10 @@ login_host: "{{ trove_galera_address }}" db_name: "{{ trove_galera_database_name }}" when: inventory_hostname == groups['trove_all'][0] + - include: common-tasks/unbound-clients.yml + static: no + when: + - hostvars['localhost']['resolvconf_enabled'] | bool - include: common-tasks/package-cache-proxy.yml roles: - role: "os_trove" diff --git a/playbooks/rabbitmq-install.yml b/playbooks/rabbitmq-install.yml index 862bc44b7b..adb5fb430e 100644 --- a/playbooks/rabbitmq-install.yml +++ b/playbooks/rabbitmq-install.yml @@ -13,12 +13,6 @@ # See the License for the specific language governing permissions and # limitations under the License. -- include: common-playbooks/unbound-clients.yml - vars: - unbound_group: "rabbitmq_all" - when: - - resolvconf_enabled | bool - - name: Create and configure rabbitmq container hosts: "{{ rabbitmq_host_group | default('rabbitmq_all') }}" serial: 1 @@ -31,6 +25,10 @@ vars: extra_container_config_no_restart: - "lxc.start.order=19" + - include: common-tasks/unbound-clients.yml + static: no + when: + - hostvars['localhost']['resolvconf_enabled'] | bool - include: common-tasks/package-cache-proxy.yml roles: - role: "system_crontab_coordination" diff --git a/playbooks/repo-server.yml b/playbooks/repo-server.yml index 684684b91f..d32c1eb2a6 100644 --- a/playbooks/repo-server.yml +++ b/playbooks/repo-server.yml @@ -13,12 +13,6 @@ # See the License for the specific language governing permissions and # limitations under the License. -- include: common-playbooks/unbound-clients.yml - vars: - unbound_group: "repo_all" - when: - - resolvconf_enabled | bool - - name: Setup repo servers hosts: repo_all gather_facts: "{{ gather_facts | default(True) }}" @@ -52,6 +46,11 @@ when: - repo_build_git_cache is defined - _local_git_cache.stat.exists + + - include: common-tasks/unbound-clients.yml + static: no + when: + - hostvars['localhost']['resolvconf_enabled'] | bool roles: - role: "repo_server" - role: "rsyslog_client" diff --git a/playbooks/rsyslog-install.yml b/playbooks/rsyslog-install.yml index 41b8d543fb..f64bd0c7be 100644 --- a/playbooks/rsyslog-install.yml +++ b/playbooks/rsyslog-install.yml @@ -13,12 +13,6 @@ # See the License for the specific language governing permissions and # limitations under the License. -- include: common-playbooks/unbound-clients.yml - vars: - unbound_group: "rsyslog" - when: - - resolvconf_enabled | bool - - name: Install rsyslog hosts: rsyslog gather_facts: "{{ gather_facts | default(True) }}" @@ -32,6 +26,10 @@ mount_path: "/openstack/{{ inventory_hostname }}/log-storage" extra_container_config_no_restart: - "lxc.start.order=19" + - include: common-tasks/unbound-clients.yml + static: no + when: + - hostvars['localhost']['resolvconf_enabled'] | bool - include: common-tasks/package-cache-proxy.yml roles: - role: "rsyslog_server" diff --git a/playbooks/unbound-install.yml b/playbooks/unbound-install.yml index f2d147dae8..03580ddff5 100644 --- a/playbooks/unbound-install.yml +++ b/playbooks/unbound-install.yml @@ -34,8 +34,14 @@ vars: is_metal: "{{ properties.is_metal|default(false) }}" -- include: common-playbooks/unbound-clients.yml - vars: - unbound_group: "{{ openstack_host_group|default('hosts') }}:{{ lxc_host_group | default('lxc_hosts') }}" - when: - - resolvconf_enabled | bool +- name: Install unbound DNS resolver client configurations + hosts: + - "!unbound" + - "{{ openstack_host_group|default('hosts') }}" + user: root + tasks: + - include: common-tasks/unbound-clients.yml + static: no + when: + - hostvars['localhost']['resolvconf_enabled'] | bool + environment: "{{ deployment_environment_variables | default({}) }}" diff --git a/playbooks/utility-install.yml b/playbooks/utility-install.yml index b80b9633ed..0f7d29a98b 100644 --- a/playbooks/utility-install.yml +++ b/playbooks/utility-install.yml @@ -13,12 +13,6 @@ # See the License for the specific language governing permissions and # limitations under the License. -- include: common-playbooks/unbound-clients.yml - vars: - unbound_group: "utility_all" - when: - - resolvconf_enabled | bool - - name: Setup the utility location(s) hosts: utility_all max_fail_percentage: 20 @@ -32,6 +26,11 @@ - src: "/openstack/log/{{ inventory_hostname }}-utility" dest: "/var/log/utility" + - include: common-tasks/unbound-clients.yml + static: no + when: + - hostvars['localhost']['resolvconf_enabled'] | bool + - include: common-tasks/package-cache-proxy.yml - name: Create log directory (not is_metal)