openstack
/
tripleo-ansible
Code Issues Proposed changes
tripleo-ansible/tripleo_ansible/roles/tripleo-ssh-known-hosts/tasks/main.yml

82 lines
2.9 KiB
YAML
Raw Blame History

---
# Copyright 2019 Red Hat, Inc.
# All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
- name: Add host keys in /etc/ssh/ssh_known_hosts for live/cold-migration
become: true
check_mode: false
block:
- name: Create temporary file for ssh_known_hosts
tempfile:
state: file
register: ssh_known_hosts_tmp
- name: Check for ssh_known_hosts file
stat:
path: /etc/ssh/ssh_known_hosts
register: _ssh_known_hosts
- name: Create a temporary copy of ssh_known_hosts
slurp:
src: "/etc/ssh/ssh_known_hosts"
register: existing_ssh_known_hosts
when:
- _ssh_known_hosts.stat.exists | bool
- name: Write temporary file
copy:
content: "{{ existing_ssh_known_hosts['content'] | b64decode }}"
dest: "{{ ssh_known_hosts_tmp.path }}"
when:
- _ssh_known_hosts.stat.exists | bool
- name: Set ssh_known_hosts fact
run_once: true
set_fact:
ssh_known_hosts_lines: |-
{%- for host in groups['overcloud'] | intersect(play_hosts) %}
[{{ ctlplane_ip }}]*,[{{ host }}.{{ cloud_domain }}]*,[{{ host }}]*
{%- if enabled_networks | length > 0 and role_networks and role_networks | length > 0 %},
{%- for network in enabled_networks %}
{%- if network in role_networks %}
[{{ hostvars[host][networks[network]['name'] ~ '_ip'] }}]*,[{{ host }}.{{ network.lower() }}]*,{% if 1 %}{% endif %}
[{{ host }}.{{ network.lower() }}.{{ cloud_domain }}]*{% if not loop.last %},{% endif %}
{%- endif -%}
{%- endfor -%}
{%- endif -%}
{{ ' ssh-rsa ' ~ hostvars[host]['ansible_ssh_host_key_rsa_public'] }}
{% endfor %}
- name: Add host keys to temporary ssh_known_hosts
blockinfile:
path: "{{ ssh_known_hosts_tmp.path }}"
block: "{{ ssh_known_hosts_lines }}"
create: true
# Workaround https://bugs.launchpad.net/tripleo/+bug/1810932
# Ansible modules perform a replace instead of in-place modification.
# This breaks propagation of changes to containers that bind mount ssh_known_hosts
- name: In-place update of /etc/ssh_known_hosts
shell: |-
cat '{{ ssh_known_hosts_tmp.path }}' > /etc/ssh/ssh_known_hosts
- name: Remove temp file
file:
path: "{{ ssh_known_hosts_tmp.path }}"
state: absent
tags:
- tripleo_ssh_known_hosts
View Git Blame Copy Permalink