From a32869fc325787e7cc013c74d133c959ffa90f05 Mon Sep 17 00:00:00 2001 From: Major Hayden Date: Tue, 19 Sep 2017 11:20:47 -0500 Subject: [PATCH] Optimize pip_install for CentOS This patch does quite a few things to improve the performance of the CentOS tasks: 1) Configures RDO repos as repositories rather than reinstalling an RPM each time. 2) GPG keys are only installed if they're needed. 3) Yum repo configs are carefully modified if they already exist which avoids removing deployer configurations. 4) Repo priorities are now set in one shot. Change-Id: I0fe7f7ee0a9b580280c59f950277d2b9474e4210 --- tasks/pre_install_yum.yml | 136 +++++++++++++++++++++++--------------- vars/redhat-7.yml | 34 ++++++++++ 2 files changed, 118 insertions(+), 52 deletions(-) diff --git a/tasks/pre_install_yum.yml b/tasks/pre_install_yum.yml index d3bd5e9..3be24f9 100644 --- a/tasks/pre_install_yum.yml +++ b/tasks/pre_install_yum.yml @@ -18,32 +18,6 @@ # checking for local packages. The RDO repository package isn't signed, but the # repos it installs have GPG checking enabled. # Under CentOS, this will add the RDO repo and its key to the keyring -- name: Install RDO repository and key - package: - name: "{{ pip_install_external_repo_key_package }}" - state: "{{ pip_install_external_repo_key_package_state | default('present') }}" - disable_gpg_check: yes - when: - - user_external_repo_key is not defined - tags: - - add-repo-keys - -- name: Ensure RDO repositories are using the correct CentOS mirror - command: | - yum-config-manager - --save - --setopt="{{ item.repo_name }}.baseurl={{ item.baseurl }}" - changed_when: false - with_items: - - repo_name: rdo-qemu-ev - baseurl: "{{ pip_install_centos_mirror_url }}/7/virt/$basearch/kvm-common/" - - repo_name: openstack-pike - baseurl: "{{ pip_install_centos_mirror_url }}/7/cloud/$basearch/openstack-pike/" - when: - - user_external_repo_key is not defined - - pip_install_centos_mirror_url is defined - tags: - - add-repo-keys - name: Install EPEL and yum priorities plugin package: @@ -54,37 +28,95 @@ tags: - add-repo-keys -- name: Enable and set repo priorities - command: | - yum-config-manager - --enable {{ item.name }} - --setopt="{{ item.name }}.priority={{ item.priority }}" - --setopt="{{ item.name }}.keepcache={{ item.keepcache }}" - changed_when: false - with_items: - - name: base - priority: 50 - keepcache: 1 - - name: epel - priority: 99 - keepcache: 1 - - name: extras - priority: 50 - keepcache: 1 - - name: openstack-pike - priority: 50 - keepcache: 1 - - name: rdo-qemu-ev - priority: 50 - keepcache: 1 - - name: updates - priority: 50 - keepcache: 1 +- name: Get a list of RPM GPG keys + shell: "rpm -vv -q centos-release 2>&1 | grep 'to keyring'" + args: + warn: no + changed_when: False + register: current_rpm_keys when: - user_external_repo_key is not defined tags: - add-repo-keys +- block: + - name: Import GPG keys for repositories if needed + shell: "rpm --import 0x{{ item.keyid }}" + args: + warn: no + with_items: + - "{{ pip_install_rdo_repos_keys }}" + when: + - item.keyid | lower not in current_rpm_keys.stdout + - user_external_repo_key is not defined + tags: + - add-repo-keys + + rescue: + - name: Import GPG keys for repositories if needed + shell: "rpm --define'%_hkp_keyserver http://pool.sks-keyservers.net' --import 0x{{ item.keyid }}" + args: + warn: no + with_items: + - "{{ pip_install_rdo_repos_keys }}" + when: + - item.keyid | lower not in current_rpm_keys.stdout + - user_external_repo_key is not defined + tags: + - add-repo-keys + +- name: Check for existing yum repositories + shell: "yum-config-manager | grep 'repo:'" + changed_when: False + register: existing_yum_repos + when: + - user_external_repo_key is not defined + tags: + - add-repo-keys + +- name: Add yum repositories if they do not exist + yum_repository: + name: "{{ item.name }}" + description: "{{ item.description }}" + baseurl: "{{ item.baseurl }}" + file: "{{ item.file }}" + gpgcheck: "{{ item.gpgcheck }}" + enabled: "{{ item.enabled }}" + with_items: + - "{{ pip_install_rdo_repos }}" + when: + - item.name not in existing_yum_repos.stdout + - user_external_repo_key is not defined + tags: + - add-repo-keys + +- name: Update yum repositories if they already exist + command: > + yum-config-manager + --enable {{ item.name }} + {% for key in item.keys() if key != 'file' %} + --setopt="{{ item.name }}.{{ key }}={{ item[key] }}" + {% endfor %} + changed_when: False + with_items: + - "{{ pip_install_rdo_repos }}" + when: + - item.name in existing_yum_repos.stdout + - user_external_repo_key is not defined + tags: + - add-repo-keys + +- name: Enable and set repo priorities + command: > + yum-config-manager + {% for repo_priority in pip_install_repo_priorities %} + --enable {{ repo_priority['name'] }} \ + --setopt="{{ repo_priority['name'] }}.priority={{ repo_priority['priority'] }}" + {% endfor %} + changed_when: False + tags: + - add-repo-keys + - name: Install external repo key manually rpm_key: key: "{{ item.key }}" diff --git a/vars/redhat-7.yml b/vars/redhat-7.yml index 3a01789..f625c15 100644 --- a/vars/redhat-7.yml +++ b/vars/redhat-7.yml @@ -32,3 +32,37 @@ pip_install_remove_distro_packages: - centos-release-ceph-jewel - centos-release-qemu-ev - centos-release-storage-common + +pip_install_rdo_repos_keys: + - repo: openstack-pike + keyid: 764429E6 + - repo: rdo-qemu-ev + keyid: 61E8806C + +pip_install_rdo_repos: + - file: rdo-qemu-ev + name: rdo-qemu-ev + description: "RDO CentOS-7 - QEMU EV" + baseurl: "{{ openstack_hosts_centos_mirror_url | default('http://mirror.centos.org') }}/centos/7/virt/x86_64/kvm-common/" + gpgcheck: yes + enabled: yes + - file: rdo-release + name: openstack-ocata + description: "OpenStack Pike Repository" + baseurl: "{{ openstack_hosts_centos_mirror_url | default('http://mirror.centos.org') }}/centos/7/cloud/$basearch/openstack-pike/" + gpgcheck: yes + enabled: yes + +pip_install_repo_priorities: + - name: base + priority: 50 + - name: epel + priority: 99 + - name: extras + priority: 50 + - name: openstack-pike + priority: 50 + - name: rdo-qemu-ev + priority: 50 + - name: updates + priority: 50