Make sure role_networks is used from current processed node

When e.g. ceph storage role is used and a ceph storage node is the first node to run on during deployment [1] the facts get set using this host. As a result role_networks [2] will always only contain Storage and StorageMgmt : TASK [tripleo-ssh-known-hosts : Set ssh_known_hosts fact] ****************************************************************************** Thursday 28 November 2019 14:16:00 +0000 (0:00:00.747) 0:00:13.681 ***** ok: [ceph-0] Therefore all nodes will only get additional hostnames set in the ssh_known_hosts file for the Storage and StorageMgmt network even if the they don't have this network in their role, like the compute [4] StorageMgmt: [192.168.24.42]*,[compute-0.redhat.local]*,[compute-0]*,[172.17.3.29]*,[compute-0.storage]*,[compute-0.storage.redhat.local]*,[192.168.24.8]*,[compute-0.storagemgmt]*,[compute-0.storagemgmt.redhat.local]*, ssh-rsa In such a situation live migration is broken due to host key verification failure [1] https://github.com/openstack/tripleo-ansible/blob/master/tripleo_ansible/roles/tripleo-ssh-known-hosts/tasks/main.yml#L47 [2] https://github.com/openstack/tripleo-ansible/blob/master/tripleo_ansible/roles/tripleo-ssh-known-hosts/tasks/main.yml#L54 [3] https://github.com/openstack/tripleo-heat-templates/blob/master/roles/CephStorage.yaml#L7-L11 [4] https://github.com/openstack/tripleo-heat-templates/blob/master/roles/Compute.yaml#L11-L17 Change-Id: I2491ccd9f1bbe1d9cd2848301956803c5935a6f3 Closes-Bug: #1854368
2019-11-28 15:30:12 +01:00 · 2019-11-28 15:30:12 +01:00 · bc570e74f2
parent d4ec96a09c
commit bc570e74f2
1 changed files with 2 additions and 2 deletions
--- a/tripleo_ansible/roles/tripleo-ssh-known-hosts/tasks/main.yml
+++ b/tripleo_ansible/roles/tripleo-ssh-known-hosts/tasks/main.yml
@ -49,9 +49,9 @@
        ssh_known_hosts_lines: |-
          {%- for host in groups['overcloud'] | intersect(play_hosts) %}
          [{{ ctlplane_ip }}]*,[{{ host }}.{{ cloud_domain }}]*,[{{ host }}]*
-          {%- if enabled_networks | length > 0 and role_networks and role_networks | length > 0 %},
+          {%- if enabled_networks | length > 0 and hostvars[host]['role_networks'] is defined and hostvars[host]['role_networks'] | length > 0 %},
          {%- for network in enabled_networks %}
-          {%- if network in role_networks %}
+          {%- if network in hostvars[host]['role_networks'] %}
          [{{ hostvars[host][networks[network]['name'] ~ '_ip'] }}]*,[{{ host }}.{{ network.lower() }}]*,{% if 1 %}{% endif %}
          [{{ host }}.{{ network.lower() }}.{{ cloud_domain }}]*{% if not loop.last %},{% endif %}
          {%- endif -%}