From aefb58080337633e6d4c10bb2709c8d73ab9564d Mon Sep 17 00:00:00 2001 From: Jesse Pretorius Date: Wed, 3 Oct 2018 10:54:00 +0100 Subject: [PATCH] Only do sshd enablement task on the first play host We only need to do this task once in the play because it delegates to all the hosts already. Currently it will do the sshd enablement 9 times for 3 hosts. We also add a comment to explain why this is being done for future reference. Change-Id: I201101f6d2bf733b375577b6af138272b9d0ce6b --- tasks/keystone_post_install.yml | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/tasks/keystone_post_install.yml b/tasks/keystone_post_install.yml index 18fc4462..bb3ab064 100644 --- a/tasks/keystone_post_install.yml +++ b/tasks/keystone_post_install.yml @@ -13,7 +13,10 @@ # See the License for the specific language governing permissions and # limitations under the License. -- name: Enable SSHD +# If SSH is not running on all nodes immediately, then +# the key rotation script will not be able to copy the +# keys to the other nodes when they rotate. +- name: Enable SSHD on all keystone hosts systemd: name: "{{ keystone_sshd }}" state: started @@ -22,6 +25,7 @@ daemon_reload: yes delegate_to: "{{ item }}" with_items: "{{ ansible_play_hosts }}" + when: "inventory_hostname == ansible_play_hosts[0]" - name: Generate the keystone system user ssh key user: