openstack/openstack-ansible-openstack_hosts
Code Issues Proposed changes
openstack-ansible-openstack.../tasks/main.yml

192 lines
6.0 KiB
YAML
Raw Permalink Blame History

---
# Copyright 2014, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Gather variables for each operating system
ansible.builtin.include_vars: "{{ lookup('first_found', params) }}"
vars:
params:
files:
- "{{ ansible_facts['distribution'] | lower }}-{{ ansible_facts['distribution_version'] | lower }}.yml"
- "{{ ansible_facts['distribution'] | lower }}-{{ ansible_facts['distribution_major_version'] | lower }}.yml"
- "{{ ansible_facts['os_family'] | lower }}-{{ ansible_facts['distribution_major_version'] | lower }}.yml"
- "{{ ansible_facts['distribution'] | lower }}.yml"
- "{{ ansible_facts['os_family'] | lower }}.yml"
paths:
- "{{ role_path }}/vars"
tags:
- always
- name: Allow the usage of local facts
ansible.builtin.file:
path: /etc/ansible/facts.d/
state: directory
mode: "0755"
tags:
- openstack_hosts-install
# Deploy the release file everywhere
- name: Importing openstack_release tasks
ansible.builtin.import_tasks: openstack_release.yml
tags:
- openstack_hosts-install
# Proxy configuration applies to all nodes
- name: Add global_environment_variables to environment file
ansible.builtin.blockinfile:
dest: "/etc/environment"
state: present
marker: "# {mark} Managed by OpenStack-Ansible"
insertbefore: EOF
block: "{{ lookup('template', 'environment.j2') }}"
tags:
- openstack_hosts-config
- name: Ensure environement is applied during sudo
ansible.builtin.lineinfile:
path: /etc/pam.d/sudo
line: "session required pam_env.so readenv=1 user_readenv=0"
regexp: "session\\s+required\\s+pam_env\\.so"
insertbefore: "^@include"
when: ansible_facts['distribution'] | lower == 'debian'
- name: Create systemd global directory
ansible.builtin.file:
path: /etc/systemd/system.conf.d/
state: directory
owner: "root"
group: "root"
mode: "0755"
- name: Add DefaultEnvironment to systemd
openstack.config_template.config_template:
src: systemd-environment.j2
dest: /etc/systemd/system.conf.d/osa-default-environment.conf
owner: "root"
group: "root"
mode: "0644"
config_overrides: "{{ openstack_systemd_global_overrides }}"
config_type: ini
notify: Systemd daemon reload
# Configure host files should apply to all nodes
- name: Configure etc hosts files
ansible.builtin.include_tasks: openstack_update_hosts_file.yml
args:
apply:
tags:
- openstack_hosts-config
- openstack_hosts-file
when:
- (openstack_host_manage_hosts_file | bool) or (openstack_host_manage_deploy_hosts_file | bool)
tags:
- always
- name: Remove the blacklisted packages
ansible.builtin.package:
name: "{{ openstack_hosts_package_list | selectattr('state', 'equalto', 'absent') | map(attribute='name') | list }}"
state: absent
# This allows to include this role to get all the distro
# specific configuration for all the nodes.
# It is also used for installing common packages to
# all nodes
- name: Apply package management distro specific configuration
ansible.builtin.include_tasks: "openstack_hosts_configure_{{ ansible_facts['pkg_mgr'] | lower }}.yml"
# Configure bare metal nodes: Kernel, sysctl, sysstat, hosts files, metal packages
- name: Including configure_metal_hosts tasks
ansible.builtin.include_tasks: configure_metal_hosts.yml
args:
apply:
tags:
- openstack_hosts-install
when:
- is_metal
tags:
- always
- name: Decreasing tcp_retries2 sysctl
ansible.posix.sysctl:
name: "net.ipv4.tcp_retries2"
value: "{{ keepalived_sysctl_tcp_retries | default(8) }}"
sysctl_set: true
sysctl_file: "{{ openstack_hosts_sysctl_file }}"
state: "{{ (keepalived_sysctl_tcp_retries | default(8) > 0) | ternary('present', 'absent') }}"
reload: true
failed_when: false
- name: Install distro packages
ansible.builtin.package:
name: "{{ openstack_host_distro_packages }}"
state: "{{ openstack_hosts_package_state }}"
when:
- openstack_host_distro_packages | length > 0
register: install_packages
until: install_packages is success
retries: 5
delay: 2
- name: Install user defined extra distro packages
ansible.builtin.package:
name: "{{ openstack_host_extra_distro_packages }}"
state: "{{ openstack_hosts_package_state }}"
when:
- openstack_host_extra_distro_packages | length > 0
register: install_packages
until: install_packages is success
retries: 5
delay: 2
- name: Importing openstack_authorized_keys tasks
ansible.builtin.import_tasks: openstack_authorized_keys.yml
tags:
- openstack_hosts-config
- name: Including PKI role
ansible.builtin.include_role:
name: pki
tasks_from: main_ca_install.yml
apply:
tags:
- pki
vars:
pki_dir: "{{ openstack_pki_dir }}"
pki_install_ca: "{{ openstack_pki_install_ca | default([]) + openstack_host_ca_certificates }}"
tags:
- always
- name: Including openstack_gitconfig tasks
ansible.builtin.include_tasks: openstack_gitconfig.yml
args:
apply:
tags:
- openstack_hosts-config
- name: Including openstack_hosts_systemd tasks
ansible.builtin.include_tasks: openstack_hosts_systemd.yml
args:
apply:
tags:
- openstack_hosts-config
- openstack_hosts-systemd
when:
- openstack_hosts_systemd_networkd_devices or
openstack_hosts_systemd_networkd_networks or
openstack_hosts_systemd_services or
openstack_hosts_systemd_mounts or
openstack_hosts_journald_config
tags:
- always
View Git Blame Copy Permalink