baremetal: refactor docker_sdk installation to a separate role

Use become_user=kolla to create the virtualenv. This ensures that the
virtualenv is owned by the kolla user.

Change-Id: Ifeaa766a48588179b66470fdac9216e2a1b4330d

roles/baremetal/defaults/main.yml

@@ -60,23 +60,15 @@ docker_no_proxy: ""
 git_http_proxy: ""
 git_https_proxy: ""
 
-# Version of python used to execute Ansible modules.
-host_python_version: "{{ ansible_facts.python.version.major }}.{{ ansible_facts.python.version.minor }}"
-
 debian_pkg_install:
  - "{{ docker_apt_package }}"
  - git
- - "python3-setuptools"
- - "python3-pip"
- - "{% if virtualenv is not none %}python3-virtualenv{% endif %}"
  - "{% if enable_multipathd|bool %}sg3-utils-udev{% endif %}"
  - "{% if not docker_disable_default_iptables_rules | bool %}iptables{% endif %}"
 
 redhat_pkg_install:
  - "{{ docker_yum_package }}"
  - git
- - "python3-pip"
- - "{% if virtualenv is not none %}python3-virtualenv{% endif %}"
  - sudo
  - "{% if not docker_disable_default_iptables_rules | bool %}iptables{% endif %}"
 
@@ -91,15 +83,6 @@ redhat_pkg_removals:
  - "{% if enable_nova_libvirt_container | bool %}libvirt-daemon{% endif %}"
  - iscsi-initiator-utils
 
-# Path to a virtualenv in which to install python packages. If None, a
-# virtualenv will not be used.
-virtualenv:
-
-# Whether the virtualenv will inherit packages from the global site-packages
-# directory. This is typically required for modules such as yum and apt which
-# are not available on PyPI.
-virtualenv_site_packages: True
-
 # From group_vars/all.yml:
 docker_log_max_file: "5"
 docker_log_max_size: "50m"

roles/baremetal/tasks/install.yml

@@ -126,27 +126,6 @@
   vars:
     install_result: "{{ rpm_install_result if ansible_facts.os_family == 'RedHat' else apt_install_result }}"
 
-- name: Install latest pip in the virtualenv
-  pip:
-    # NOTE(hrw) pip 19.3 is first version complaining about being run with Python 2
-    name: pip>19.3
-    virtualenv: "{{ virtualenv }}"
-    virtualenv_site_packages: "{{ virtualenv_site_packages }}"
-    virtualenv_python: "python{{ host_python_version }}"
-  become: True
-  when: virtualenv is not none
-
-- name: Install docker SDK for python
-  pip:
-    # NOTE(hrw) docker 2.4.2 is in kolla-ansible requirements
-    # NOTE(mnasiadka): docker 5.0.0 lacks six in deps but requires it
-    name: docker>=2.4.2,<5.0.0
-    executable: "{{ virtualenv is none | ternary('pip3', omit) }}"
-    virtualenv: "{{ virtualenv is none | ternary(omit, virtualenv) }}"
-    virtualenv_site_packages: "{{ virtualenv is none | ternary(omit, virtualenv_site_packages) }}"
-    virtualenv_python: "{{ virtualenv is none | ternary(omit, 'python' ~ host_python_version) }}"
-  become: True
-
 - name: Remove packages
   package:
     name: "{{ (ubuntu_pkg_removals | join(' ')).split() }}"

roles/baremetal/tasks/post-install.yml

@@ -3,17 +3,8 @@
     name: openstack.kolla.kolla_user
   when: create_kolla_user | bool
 
-- name: Ensure virtualenv has correct ownership
-  file:
-    path: "{{ virtualenv }}"
-    recurse: True
-    state: directory
-    owner: "{{ kolla_user }}"
-    group: "{{ kolla_group }}"
-  become: True
-  when:
-    - create_kolla_user | bool
-    - virtualenv is not none
+- import_role:
+    name: openstack.kolla.docker_sdk
 
 - name: Ensure node_config_directory directory exists
   file:

roles/docker_sdk/defaults/main.yml

@@ -0,0 +1,33 @@
+---
+# List of RPM/Apt packages to install.
+docker_sdk_packages:
+  - "python3-setuptools"
+  - "python3-pip"
+  - "{% if virtualenv is not none %}python3-virtualenv{% endif %}"
+
+# List of Python packages to install via Pip.
+# NOTE(hrw) docker 2.4.2 is in kolla-ansible requirements
+# NOTE(mnasiadka): docker 5.0.0 lacks six in deps but requires it
+docker_sdk_pip_packages:
+  - "docker>=2.4.2,<5.0.0"
+
+# Version of python used to execute Ansible modules.
+host_python_version: "{{ ansible_facts.python.version.major }}.{{ ansible_facts.python.version.minor }}"
+
+# Path to a virtualenv in which to install python packages. If None, a
+# virtualenv will not be used.
+virtualenv:
+
+# Whether the virtualenv will inherit packages from the global site-packages
+# directory. This is typically required for modules such as yum and apt which
+# are not available on PyPI.
+virtualenv_site_packages: True
+
+create_kolla_user: True
+kolla_user: "kolla"
+
+# Owner of the virtualenv.
+docker_sdk_virtualenv_owner: "{{ kolla_user if create_kolla_user | bool else omit }}"
+
+# A pip constraints file to use when installing the Docker SDK.
+docker_sdk_upper_constraints_file:

roles/docker_sdk/tasks/main.yml

@@ -0,0 +1,28 @@
+---
+- name: Install packages
+  package:
+    name: "{{ docker_sdk_packages | select | list }}"
+    state: present
+  become: true
+
+- name: Install latest pip in the virtualenv
+  pip:
+    # NOTE(hrw) pip 19.3 is first version complaining about being run with Python 2
+    name: pip>19.3
+    virtualenv: "{{ virtualenv }}"
+    virtualenv_site_packages: "{{ virtualenv_site_packages }}"
+    virtualenv_python: "python{{ host_python_version }}"
+  become: true
+  become_user: "{{ docker_sdk_virtualenv_owner }}"
+  when: virtualenv is not none
+
+- name: Install docker SDK for python
+  pip:
+    name: "{{ docker_sdk_pip_packages }}"
+    executable: "{{ virtualenv is none | ternary('pip3', omit) }}"
+    extra_args: "{% if docker_sdk_upper_constraints_file %}-c {{ docker_sdk_upper_constraints_file }}{% endif %}"
+    virtualenv: "{{ virtualenv is none | ternary(omit, virtualenv) }}"
+    virtualenv_site_packages: "{{ virtualenv is none | ternary(omit, virtualenv_site_packages) }}"
+    virtualenv_python: "{{ virtualenv is none | ternary(omit, 'python' ~ host_python_version) }}"
+  become: true
+  become_user: "{{ virtualenv is none | ternary(omit, docker_sdk_virtualenv_owner) }}"