Systemd service element does contain quite bug dictionary and
output of it is not really useful for most tasks. To make output smaller
and at the same time more informative we leverage loop labels.
With that we convert all with_items to be proper loops.
Change-Id: I90d2fb4110d2a47af184e90382538e015eb87b13
With update of ansible-lint to version >=6.0.0 a lot of new
linters were added, that enabled by default. In order to comply
with linter rules we're applying changes to the role.
With that we also update metdata to reflect current state.
Change-Id: I4aab8ba621228d3fbf79b1da8227be41f3258b5f
With usage of include_tasks tags must be applied accordingly,
which was missing. That prevented running service load whenever
systemd-service tag was used.
Change-Id: Id48457c43e38e19f781bfe11d1fb6eaeb9fdde6f
At the moment it's possible only to forcefully restart sockets under
each run, which is not idempotent and may cause interruptions for
service. To avoid that we add a way to restart socket just on config
change with same logic applied as for service.
Change-Id: Ifb6fd9461d7b6a65191b918c0863406cf4de6725
This functionality is pretty neat and used widely if you need to pass
specific argument to the unit service, but rest of the parameters can
be left intact.
Change-Id: I6eb80ac0f9f0257402697a255518bb2c66d0dfd5
This reverts commit 6285b6c638.
There is no use made of this functionality anywhere outside the tests
for this role, so revert the code. The intention is to reduce general
overhead in systemd_service and reduce the number of skipped tasks
in an OSA deployment.
Conflicts: tests/test.yml
Change-Id: I3d28967a64ea9d91219294bdc30d337c9c6d2e50
This change adds the ability to effectively use the PrivateNetwork
functionality systemd provides for services. Now, if enabled, services
can be created in a network namespace which isolates it from the reset
of the host. Additional options have been added allowing access into the
network namespace over ephemeral devices as needed.
Highlights:
* Isolated private networking for services will sandbox using a stand
alone namespace which has no access to anything via the network.
* Access into a private namespace can be provided over a single network
interface which can be IP'd via local DHCP + NAT or using an upstream
DHCP server.
* Tests have been added to exercise the new functionality.
All of the funcality has been documented in the defaults of this role.
Change-Id: I6751765131f32393a1605eb2100bec46199d980a
Signed-off-by: Kevin Carter <kevin@cloudnull.com>
Ansible is now warning users to stop using a pipe when testing a
variable. This updates the syntaxt to be the latest recommended syntax.
This also corrects two tags that were misplaced.
Change-Id: I6aa855c5fdc57812b1a8ec5dd185941f82847103
Signed-off-by: Kevin Carter <kevin.carter@rackspace.com>
Systemd provides for "timers" which is replacing cron. This change
implements timers as an option to any created service.
Change-Id: I8fdca58fcb43726560521c7c25f7e57cfb61353b
Signed-off-by: Kevin Carter <kevin.carter@rackspace.com>
A global var systemd_service_restart_changed is added which toggles
restart on unit file change for all systemd_services.
A systemd_services var 'restart_changed' is added to toggle restarts
on a per-service basis.
systemd daemon is not reloaded in a loop anymore, it is only
reloaded once, in a handler, when unit files change.
Consumer roles of systemd_service can listen to the handler
'systemd service changed' to implement additional orchestration when
service units are modified.
Change-Id: I803bca638c30696004f934ad1e28920786948f38
Dmitriy Rabotyagov