openstack
/
openstack-ansible-openstack_hosts
Code Issues Proposed changes

Fix linters issue and metadata 

With update of ansible-lint to version >=6.0.0 a lot of new
linters were added, that enabled by default. In order to comply
with linter rules we're applying changes to the role.

With that we also update metdata to reflect current state.

Change-Id: Ide0ca8cf60f3a92c98543465d53bc4720067b153
This commit is contained in:
Dmitriy Rabotyagov 2023-07-13 13:58:50 +02:00 committed by Dmitriy Rabotyagov
parent f1de9887b5
commit 3cf5320038
12 changed files with 71 additions and 37 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
defaults/main.yml
View File

@ -49,9 +49,9 @@ openstack_host_custom_hosts_records: []
openstack_host_specific_kernel_modules: []
# If you want to include some specific modules per group
# of hosts, override this with a group/host var, like below:
#openstack_host_specific_kernel_modules:
# - name: "ebtables"
# pattern: "CONFIG_BRIDGE_NF_EBTABLES"
# openstack_host_specific_kernel_modules:
# - name: "ebtables"
# pattern: "CONFIG_BRIDGE_NF_EBTABLES"
## Where:
## :param name: name of the kernel module
## :param pattern: pattern to grep for in /boot/config-$kernel_version to check how module is configured inside kernel
@ -168,7 +168,8 @@ openstack_hosts_rdo_repo_type: trunk
openstack_hosts_rdo_mirror_url: 'https://trunk.rdoproject.org'
openstack_hosts_rdo_repo_url: "{{ _openstack_hosts_rdo_repo_url }}"
openstack_hosts_rdo_deps_url: "{{ _openstack_hosts_rdo_deps_url }}"
openstack_hosts_power_tool_enable: "{{ ('repo_all' in groups or 'manila_all' in groups or 'gnocchi_all' in groups or install_method | default('source') == 'distro') }}"
openstack_hosts_power_tool_enable: >-
{{ ('repo_all' in groups or 'manila_all' in groups or 'gnocchi_all' in groups or install_method | default('source') == 'distro') }}
# Keep a history of systemd journals on disk after reboots
openstack_host_keep_journals: yes
@ -176,7 +177,7 @@ openstack_host_keep_journals: yes
# Enable/Disable the yum fastestmirror plugin
openstack_hosts_enable_yum_fastestmirror: yes
#user supplied list of CA certificates to copy to hosts from the deploy host
# user supplied list of CA certificates to copy to hosts from the deploy host
# example:
# - name: SnakeOilCorp.crt #the filename created on the target host (must be .crt on Ubuntu)
# src: /etc/ssl/certs/snake-oil-cert-latest.pem #the source file on the deploy host

12
meta/main.yml
View File

@ -18,19 +18,21 @@ galaxy_info:
description: Base host setup for a OpenStack Private Cloud host
company: Rackspace
license: Apache2
min_ansible_version: 2.9
role_name: openstack_hosts
namespace: openstack
min_ansible_version: "2.10"
platforms:
- name: Debian
versions:
- buster
- bullseye
- name: Ubuntu
versions:
- bionic
- focal
- jammy
- name: EL
versions:
- 8
categories:
- "9"
galaxy_tags:
- cloud
- host
- development

12
tasks/configure_metal_hosts.yml
View File

@ -42,7 +42,7 @@
retries: 5
delay: 2
- name: check how kernel modules are implemented (statically builtin, dynamic, not set)
- name: Check how kernel modules are implemented (statically builtin, dynamic, not set)
slurp:
src: "/boot/config-{{ ansible_facts['kernel'] }}"
register: modules
@ -52,7 +52,7 @@
- name: Fail fast if we can't load a module
fail:
msg: "{{ item.pattern }} is not set"
with_items: "{{ openstack_host_specific_kernel_modules }}"
with_items: "{{ openstack_host_specific_kernel_modules }}"
when:
- item.pattern is defined
- (modules.content | b64decode).find(item.pattern + ' is not set') != -1
@ -69,13 +69,14 @@
template:
src: modprobe.conf.j2
dest: "{{ openstack_host_module_file }}"
mode: "0644"
- name: Adding new system tuning
sysctl:
name: "{{ item.key }}"
value: "{{ item.value }}"
sysctl_set: "{{ item.set|default('yes') }}"
state: "{{ item.state|default('present') }}"
sysctl_set: "{{ item.set | default('yes') }}"
state: "{{ item.state | default('present') }}"
reload: no
with_items: "{{ openstack_kernel_options + openstack_user_kernel_options }}"
failed_when: false
@ -89,6 +90,9 @@
file:
path: /var/log/journal
state: directory
owner: root
group: systemd-journal
mode: "2755"
register: journald_directory
when:
- openstack_host_keep_journals | bool

27
tasks/main.yml
View File

@ -32,11 +32,13 @@
file:
path: /etc/ansible/facts.d/
state: directory
mode: "0755"
tags:
- openstack_hosts-install
# Deploy the release file everywhere
- import_tasks: openstack_release.yml
- name: Importing openstack_release tasks
import_tasks: openstack_release.yml
tags:
- openstack_hosts-install
@ -93,7 +95,7 @@
- name: Remove the blacklisted packages
package:
name: "{{ openstack_hosts_package_list | selectattr('state','equalto','absent') | map(attribute='name') | list }}"
name: "{{ openstack_hosts_package_list | selectattr('state', 'equalto', 'absent') | map(attribute='name') | list }}"
state: absent
# This allows to include this role to get all the distro
@ -104,7 +106,8 @@
include_tasks: "openstack_hosts_configure_{{ ansible_facts['pkg_mgr'] | lower }}.yml"
# Configure bare metal nodes: Kernel, sysctl, sysstat, hosts files, metal packages
- include_tasks: configure_metal_hosts.yml
- name: Including configure_metal_hosts tasks
include_tasks: configure_metal_hosts.yml
args:
apply:
tags:
@ -145,11 +148,13 @@
retries: 5
delay: 2
- import_tasks: openstack_authorized_keys.yml
- name: Importing openstack_authorized_keys tasks
import_tasks: openstack_authorized_keys.yml
tags:
- openstack_hosts-config
- include_role:
- name: Including PKI role
include_role:
name: pki
tasks_from: main_ca_install.yml
vars:
@ -158,19 +163,25 @@
tags:
- always
- include_tasks: openstack_gitconfig.yml
- name: Including openstack_gitconfig tasks
include_tasks: openstack_gitconfig.yml
args:
apply:
tags:
- openstack_hosts-config
when: ansible_facts['hostname'] != 'aio1'
- include_tasks: openstack_hosts_systemd.yml
- name: Including openstack_hosts_systemd tasks
include_tasks: openstack_hosts_systemd.yml
args:
apply:
tags:
- openstack_hosts-config
- openstack_hosts-systemd
when: openstack_hosts_systemd_networkd_devices or openstack_hosts_systemd_networkd_networks or openstack_hosts_systemd_services or openstack_hosts_systemd_mounts
when:
- openstack_hosts_systemd_networkd_devices or
openstack_hosts_systemd_networkd_networks or
openstack_hosts_systemd_services or
openstack_hosts_systemd_mounts
tags:
- always

1
tasks/openstack_gitconfig.yml
View File

@ -33,4 +33,5 @@
template:
src: gitconfig.j2
dest: /etc/gitconfig
mode: "0644"
when: _git_version.rc != 0

3
tasks/openstack_hosts_configure_apt.yml
View File

@ -41,7 +41,7 @@
- name: Add requirement packages (repositories gpg keys, toolkits...)
apt:
name: "{{ openstack_hosts_package_list | rejectattr('state','equalto','absent') | map(attribute='name') | list }}"
name: "{{ openstack_hosts_package_list | rejectattr('state', 'equalto', 'absent') | map(attribute='name') | list }}"
state: "{{ openstack_hosts_package_state }}"
update_cache: yes
cache_valid_time: "{{ cache_timeout }}"
@ -77,6 +77,7 @@
copy:
content: "{{ openstack_hosts_package_manager_default_conf + openstack_hosts_package_manager_extra_conf }}"
dest: /etc/apt/apt.conf.d/99openstack-ansible
mode: "0644"
when:
- openstack_hosts_package_manager_extra_conf | length > 0 or openstack_hosts_package_manager_default_conf | length > 0

15
tasks/openstack_hosts_configure_dnf.yml
View File

@ -25,6 +25,7 @@
option: enabled
value: "{{ (openstack_hosts_enable_yum_fastestmirror | bool) | ternary('1', '0') }}"
no_extra_spaces: yes
mode: "0644"
when:
- fastestmirror_plugin_check.stat.exists
@ -44,7 +45,7 @@
src: "{{ item.keyfile }}"
dest: "{{ item.key }}"
mode: '0644'
with_items: "{{ openstack_hosts_package_repos_keys | selectattr('keyfile','defined') | list }}"
with_items: "{{ openstack_hosts_package_repos_keys | selectattr('keyfile', 'defined') | list }}"
- name: Ensure GPG keys have the correct SELinux contexts applied
command: restorecon -Rv /etc/pki/rpm-gpg/
@ -67,7 +68,7 @@
- name: Add requirement packages (repositories gpg keys packages, toolkits...)
package:
name: "{{ openstack_hosts_package_list | rejectattr('state','equalto','absent') | map(attribute='name') | list }}"
name: "{{ openstack_hosts_package_list | rejectattr('state', 'equalto', 'absent') | map(attribute='name') | list }}"
state: "{{ openstack_hosts_package_state }}"
- name: Add yum repositories if they do not exist
@ -84,7 +85,7 @@
priority: "{{ repo.priority | default(99) }}"
state: "{{ repo.state | default(omit) }}"
module_hotfixes: "{{ repo.module_hotfixes | default(omit) }}"
with_items: "{{ openstack_hosts_package_repos }}"
with_items: "{{ openstack_hosts_package_repos }}"
loop_control:
loop_var: repo
register: _adding_repo
@ -98,6 +99,7 @@
path: /etc/dnf/dnf.conf
marker: "# {mark} OPENSTACK-ANSIBLE-OPENSTACK_HOSTS MANAGED BLOCK"
create: yes
mode: "0644"
when:
- openstack_hosts_package_manager_extra_conf | length > 0 or openstack_hosts_package_manager_default_conf | length > 0
@ -105,6 +107,7 @@
get_url:
url: "{{ openstack_hosts_rdo_repo_url }}/delorean.repo"
dest: /etc/yum.repos.d/rdo.repo
mode: "0640"
register: _get_repo
until: _get_repo is success
retries: 5
@ -139,9 +142,9 @@
file:
path: "{{ item.path }}"
state: directory
owner: "{{ item.owner|default(root) }}"
group: "{{ item.group|default(root) }}"
mode: "{{ item.mode|default('0755') }}"
owner: "{{ item.owner | default(root) }}"
group: "{{ item.group | default(root) }}"
mode: "{{ item.mode | default('0755') }}"
with_items:
- { path: "/etc/pki/tls/certs", owner: "root", group: "root" }
- { path: "/etc/pki/tls/private", owner: "root", group: "root" }

8
tasks/openstack_hosts_configure_yum.yml
View File

@ -25,6 +25,7 @@
option: enabled
value: "{{ (openstack_hosts_enable_yum_fastestmirror | bool) | ternary('1', '0') }}"
no_extra_spaces: yes
mode: "0644"
when:
- fastestmirror_plugin_check.stat.exists
@ -44,7 +45,7 @@
src: "{{ item.keyfile }}"
dest: "{{ item.key }}"
mode: '0644'
with_items: "{{ openstack_hosts_package_repos_keys | selectattr('keyfile','defined') | list }}"
with_items: "{{ openstack_hosts_package_repos_keys | selectattr('keyfile', 'defined') | list }}"
- name: Ensure GPG keys have the correct SELinux contexts applied
command: restorecon -Rv /etc/pki/rpm-gpg/
@ -67,7 +68,7 @@
- name: Add requirement packages (repositories gpg keys packages, toolkits...)
package:
name: "{{ openstack_hosts_package_list | rejectattr('state','equalto','absent') | map(attribute='name') | list }}"
name: "{{ openstack_hosts_package_list | rejectattr('state', 'equalto', 'absent') | map(attribute='name') | list }}"
state: "{{ openstack_hosts_package_state }}"
- name: Add yum repositories if they do not exist
@ -82,7 +83,7 @@
enabled: "{{ repo.enabled | default('yes') }}"
exclude: "{{ repo.exclude | default(omit) }}"
priority: "{{ repo.priority | default(99) }}"
with_items: "{{ openstack_hosts_package_repos }}"
with_items: "{{ openstack_hosts_package_repos }}"
loop_control:
loop_var: repo
register: _adding_repo
@ -96,5 +97,6 @@
path: /etc/yum.conf
marker: "# {mark} OPENSTACK-ANSIBLE-OPENSTACK_HOSTS MANAGED BLOCK"
create: yes
mode: "0644"
when:
- openstack_hosts_package_manager_extra_conf | length > 0 or openstack_hosts_package_manager_default_conf | length > 0

1
tasks/openstack_release.yml
View File

@ -19,6 +19,7 @@
dest: "{{ openstack_distrib_file_path }}"
owner: "root"
group: "root"
mode: "0644"
when:
- openstack_distrib_file | bool

8
vars/debian.yml
View File

@ -83,10 +83,14 @@ _package_list:
_osbpo_release: "zed"
_package_repos:
- repo: "deb {{ apt_repo_url | default('http://osbpo.debian.net/osbpo/ ' ~ ansible_facts['distribution_release'] ~ '-' ~ _osbpo_release ~ '-backports main') }}"
- repo: >-
deb {{ apt_repo_url | default('http://osbpo.debian.net/osbpo/ ' ~ ansible_facts['distribution_release'] ~ '-' ~ _osbpo_release ~ '-backports main') }}
state: present
filename: "osbpo"
- repo: "deb {{ apt_repo_url | default('http://osbpo.debian.net/osbpo/ ' ~ ansible_facts['distribution_release'] ~ '-' ~ _osbpo_release ~ '-backports-nochange main') }}"
- repo: >-
deb {{ apt_repo_url | default(
'http://osbpo.debian.net/osbpo/ ' ~ ansible_facts['distribution_release'] ~ '-' ~ _osbpo_release ~ '-backports-nochange main'
) }}
state: present
filename: "osbpo"

6
vars/redhat-9.yml
View File

@ -89,8 +89,10 @@ _package_list:
- name: ca-certificates
state: latest
_openstack_hosts_rdo_repo_url: "{{ openstack_hosts_rdo_mirror_url }}/centos{{ ansible_facts['distribution_major_version'] }}-{{ openstack_distrib_code_name | lower }}/current/"
_openstack_hosts_rdo_deps_url: "{{ openstack_hosts_rdo_mirror_url }}/centos{{ ansible_facts['distribution_major_version'] }}-{{ openstack_distrib_code_name | lower }}/deps/latest/"
_openstack_hosts_rdo_repo_url: >-
{{ openstack_hosts_rdo_mirror_url }}/centos{{ ansible_facts['distribution_major_version'] }}-{{ openstack_distrib_code_name | lower }}/current/
_openstack_hosts_rdo_deps_url: >-
{{ openstack_hosts_rdo_mirror_url }}/centos{{ ansible_facts['distribution_major_version'] }}-{{ openstack_distrib_code_name | lower }}/deps/latest/
_package_repos_trunk:
- name: rdo-deps

4
vars/ubuntu-22.04.yml
View File

@ -87,7 +87,9 @@ _package_list:
state: latest
_package_repos:
- repo: "deb {{ apt_repo_url | default('http://ubuntu-cloud.archive.canonical.com/ubuntu') }} {{ ansible_facts['lsb']['codename'] }}-updates/{{ openstack_distrib_code_name | lower }} main"
- repo: >-
deb {{ apt_repo_url | default('http://ubuntu-cloud.archive.canonical.com/ubuntu') }}
{{ ansible_facts['lsb']['codename'] }}-updates/{{ openstack_distrib_code_name | lower }} main
state: present
filename: "uca"