- name: Create and ensure setype for /var/log/containers directory become: true file: path: /var/log/containers state: directory setype: container_file_t selevel: s0 mode: 0750 tags: - host_config - name: Create ContainerLogStdoutPath directory become: true file: path: "{{ container_log_stdout_path }}" state: directory selevel: s0 tags: - host_config - name: Create /var/lib/tripleo-config directory become: true file: path: /var/lib/tripleo-config state: directory setype: container_file_t selevel: s0 recurse: true tags: - host_config - container_config - container_config_tasks - container_config_scripts - container_startup_configs - name: Delete existing /var/lib/tripleo-config/check-mode directory for check mode become: true file: path: /var/lib/tripleo-config/check-mode state: absent tags: - host_config - container_config - container_config_tasks - container_config_scripts - container_startup_configs when: - ansible_check_mode|bool check_mode: no - name: Create /var/lib/tripleo-config/check-mode directory for check mode become: true file: path: /var/lib/tripleo-config/check-mode state: directory setype: container_file_t selevel: s0 recurse: true tags: - host_config - container_config - container_config_tasks - container_config_scripts - container_startup_configs when: - ansible_check_mode|bool check_mode: no # Puppet manifest for baremetal host configuration - name: Write the puppet step_config manifest become: true no_log: True copy: content: "{{ lookup('file', tripleo_role_name + '/step_config.pp', errors='ignore') | default('', True) }}" dest: /var/lib/tripleo-config/{{ ansible_check_mode | bool | ternary('check-mode/', '') }}puppet_step_config.pp force: yes mode: '0600' tags: - host_config check_mode: no diff: no - name: Diff puppet step_config manifest changes for check mode command: diff -uN /var/lib/tripleo-config/puppet_step_config.pp /var/lib/tripleo-config/check-mode/puppet_step_config.pp register: diff_results tags: - host_config check_mode: no when: - ansible_check_mode|bool - ansible_diff_mode failed_when: false changed_when: diff_results.rc == 1 - name: Diff puppet step_config manifest changes for check mode debug: var: diff_results.stdout_lines changed_when: diff_results.rc == 1 when: - ansible_check_mode|bool - ansible_diff_mode tags: - host_config # Puppet Containers Config directory used to generate container configs - name: Create /var/lib/container-puppet become: true file: path: /var/lib/container-puppet state: directory setype: container_file_t selevel: s0 tags: - container_config - container_config_tasks - name: Delete existing /var/lib/container-puppet/check-mode for check mode become: true file: path: /var/lib/container-puppet/check-mode state: absent tags: - container_config check_mode: no when: - ansible_check_mode|bool - name: Create /var/lib/container-puppet/check-mode for check mode become: true file: path: /var/lib/container-puppet/check-mode state: directory setype: container_file_t selevel: s0 tags: - container_config check_mode: no when: - ansible_check_mode|bool - name: Write container-puppet.json file become: true no_log: True copy: content: "{{ lookup('file', tripleo_role_name + '/puppet_config.yaml', errors='ignore') | default([], True) | from_yaml | to_nice_json }}" dest: /var/lib/container-puppet/{{ ansible_check_mode | bool | ternary('check-mode/', '') }}container-puppet.json force: yes mode: '0600' tags: - container_config check_mode: no diff: no - name: Diff container-puppet.json changes for check mode command: diff -uN /var/lib/container-puppet/container-puppet.json /var/lib/container-puppet/check-mode/container-puppet.json register: diff_results tags: - container_config check_mode: no when: - ansible_check_mode|bool - ansible_diff_mode failed_when: false changed_when: diff_results.rc == 1 - name: Diff container-puppet.json changes for check mode debug: var: diff_results.stdout_lines changed_when: diff_results.rc == 1 when: - ansible_check_mode|bool - ansible_diff_mode tags: - container_config # The container config files # /var/lib/container-startup-configs.json is removed as we now write # per-step files instead - name: Clean old /var/lib/container-startup-configs.json file become: true file: path: /var/lib/container-startup-configs.json state: absent tags: - container_startup_configs # For legacy, can be removed in Train cycle - name: Clean old /var/lib/docker-container-startup-configs.json file become: true file: path: /var/lib/docker-container-startup-configs.json state: absent tags: - container_startup_configs - import_tasks: common_container_config_scripts.yaml # This file location is deprecated and the new location is now: # /var/lib/tripleo-config/container-startup-config/step_X/.json # Can be removed in V cycle - name: Write /var/lib/tripleo-config/container-startup-config-readme.txt become: true no_log: True copy: content: "Container startup configs moved to /var/lib/tripleo-config/container-startup-config" dest: /var/lib/tripleo-config/container-startup-config-readme.txt force: yes mode: '0600' tags: - container_startup_configs - name: Generate startup configs files per step and per container become: true container_startup_config: config_base_dir: /var/lib/tripleo-config/container-startup-config config_data: "{{ lookup('file', (tripleo_role_name + '/docker_config.yaml'), errors='ignore') | default({}, True) | from_yaml }}" tags: - container_startup_configs - name: Ensure config hashes are up-to-date for container startup configs become: true container_puppet_config: update_config_hash_only: true tags: - container_startup_configs - name: Create /var/lib/kolla/config_files directory become: true file: path: /var/lib/kolla/config_files state: directory setype: container_file_t selevel: s0 recurse: true tags: - container_startup_configs - name: Create /var/lib/config-data directory become: true file: path: /var/lib/config-data state: directory setype: container_file_t selevel: s0 - name: Write container config json files become: true tripleo_container_configs: config_data: "{{ lookup('file', tripleo_role_name + '/kolla_config.yaml', errors='ignore') | default({}, True) | from_yaml }}" tags: - container_startup_configs - name: gather facts needed by role setup: gather_subset: "!min,python" when: ansible_facts['python'] is not defined tags: - container_config_tasks - name: set python_cmd set_fact: python_cmd: "python{{ ansible_facts['python']['version']['major'] }}" cacheable: true when: python_cmd is not defined tags: - container_config_tasks - name: Set host puppet debugging fact string set_fact: host_puppet_config_debug: "--debug --verbose" when: - enable_puppet | bool - enable_debug | bool tags: - host_config - name: Check for /etc/puppet/check-mode directory for check mode stat: path: /etc/puppet/check-mode register: check_mode_dir when: ansible_check_mode|bool tags: - host_config - container_config - name: Create /etc/puppet/check-mode/hieradata directory for check mode become: true file: path: /etc/puppet/check-mode/hieradata state: directory setype: container_file_t selevel: s0 recurse: true check_mode: no when: - ansible_check_mode|bool - not check_mode_dir.stat.exists tags: - host_config - container_config - name: Create puppet check-mode files if they don't exist for check mode become: true shell: | cp -a /etc/puppet/hiera.yaml /etc/puppet/check-mode/hiera.yaml cp -a /etc/puppet/hieradata/* /etc/puppet/check-mode/hieradata/ sed -i 's/\/etc\/puppet\/hieradata/\/etc\/puppet\/check-mode\/hieradata/' /etc/puppet/check-mode/hiera.yaml when: - ansible_check_mode|bool - not check_mode_dir.stat.exists check_mode: no tags: - host_config - container_config