All the supported platforms are now using more modern systemd versions
than detected with the logic in this role, so remove
the redundant tasks and conditions.
Change-Id: I0ddaefc575f1b0cbf85696cde25aa69907fede9f
Systemd service element does contain quite bug dictionary and
output of it is not really useful for most tasks. To make output smaller
and at the same time more informative we leverage loop labels.
With that we convert all with_items to be proper loops.
Change-Id: I90d2fb4110d2a47af184e90382538e015eb87b13
With update of ansible-lint to version >=6.0.0 a lot of new
linters were added, that enabled by default. In order to comply
with linter rules we're applying changes to the role.
With that we also update metdata to reflect current state.
Change-Id: I4aab8ba621228d3fbf79b1da8227be41f3258b5f
With usage of include_tasks tags must be applied accordingly,
which was missing. That prevented running service load whenever
systemd-service tag was used.
Change-Id: Id48457c43e38e19f781bfe11d1fb6eaeb9fdde6f
At the moment it's possible only to forcefully restart sockets under
each run, which is not idempotent and may cause interruptions for
service. To avoid that we add a way to restart socket just on config
change with same logic applied as for service.
Change-Id: Ifb6fd9461d7b6a65191b918c0863406cf4de6725
At the moment our verification if socket has been changed
is not valid, since we're checking if string 'true' is presnet in the
list, while list consist of only boolean variables. So we replace
map filter with selectattr as it can apply truthy test to the elements
while selecting them and checking list length.
Change-Id: Ib456b4dc2d631bf81633035820444f13ec0f06cb
Related-Bug: #2003631
If systemd_service is used to install only an override for an existing
unit it is necessary to reload the systemd daemon for the override
to take effect.
Change-Id: I64c0203ee13b3abbc441274c9304b7103a0bb23c
In order to pass check mode we should get get_systemd_version
regardles of mode with command. It is not a breaking change and safe to
run anytime.
Depends-On: https://review.opendev.org/c/openstack/openstack-ansible/+/837706
Change-Id: I9ce85a091e3328d7215665ac308f2980537ce921
This functionality is pretty neat and used widely if you need to pass
specific argument to the unit service, but rest of the parameters can
be left intact.
Change-Id: I6eb80ac0f9f0257402697a255518bb2c66d0dfd5
Since we still use ceph-ansible that has their own implementation of
config_template module it's worth to use mentioned module as a collection
explicitly.
Depends-On: https://review.opendev.org/c/openstack/openstack-ansible/+/819814
Change-Id: I2e32017b48f9143ff0e42175cc10feebf342f2f3
To remove complexity from the code we remove variable systemd_lock_path
since variable systemd_lock_dir with common functionality has been
introduced.
Change-Id: I61bb44450a7fb1cface2b93302e02c8fd358a034
Since /var/run is a symlink to /run and /var/lock is a symlink to
/run/lock for all modern operationg systems, it makes sense to
change default paths that are used.
To make such changes more flexible, ``systemd_run_dir`` and
``systemd_lock_dir`` are introduced.
Change-Id: I60d321fcdce3d3a94233cc25c92898d9e9f2a9b8
Since there might be a necessity to override already existing in the
system services, like provided ones by system packages, which we
just want to adjust, we need option to create service overrides in
systemd.servce.d directory.
Change-Id: Ic7488edbc0487fe932c706dc26f2f8adb36cb427
We need to be able to configure systemd-sockets. Since they are attached
to the service it make sense to make it as an element to the service.
Change-Id: Ic481921151fc8d7af7f1ca9b003adb8e3c967e16
This reverts commit 6285b6c638.
There is no use made of this functionality anywhere outside the tests
for this role, so revert the code. The intention is to reduce general
overhead in systemd_service and reduce the number of skipped tasks
in an OSA deployment.
Conflicts: tests/test.yml
Change-Id: I3d28967a64ea9d91219294bdc30d337c9c6d2e50
Assume that the operator knows what they are doing. These tasks
are skipped for every service which bumps up the number of tasks
and runtime.
Change-Id: I73f38d6b9cc897537053d810d5cdd61ed74671fb
This change adds the ability to effectively use the PrivateNetwork
functionality systemd provides for services. Now, if enabled, services
can be created in a network namespace which isolates it from the reset
of the host. Additional options have been added allowing access into the
network namespace over ephemeral devices as needed.
Highlights:
* Isolated private networking for services will sandbox using a stand
alone namespace which has no access to anything via the network.
* Access into a private namespace can be provided over a single network
interface which can be IP'd via local DHCP + NAT or using an upstream
DHCP server.
* Tests have been added to exercise the new functionality.
All of the funcality has been documented in the defaults of this role.
Change-Id: I6751765131f32393a1605eb2100bec46199d980a
Signed-off-by: Kevin Carter <kevin@cloudnull.com>
The option `systemd_lock_path` is intended to be set globally
and locally however the global implementation has never been
implemented.
* The global option will ensure the run and lock path is setup
for all services within the `systemd_services` array.
* The local option provices a way to override a global lock path
based on specific service needs.
Change-Id: I373b8905c01ff666b5705bd3bb3c76c3e74a64ab
The default systemd service template was using the PrivateUsers
directive by default which was only implemented in systemd version 232.
Because we're running on older versions of systemd in a lot of cases the
this option was creating a log of journal spam. To correct the issue the
version of systemd is now detected and this default option will only be
used when the version of systemd is greater than or equal to version
232.
Change-Id: Ief1a2e155892ab7df821fbf049787e705da91b40
Closes-Bug: #1776818
Signed-off-by: Kevin Carter <kevin.carter@rackspace.com>
The custom lock path conditional was getting in the way of laying down
general temp directories for services. This change removes the
conditional so the template will always be rendered as-is expected.
Change-Id: Id61bc748f3a1b5a7c43413347e6783105d62a2eb
Signed-off-by: Kevin Carter <kevin.carter@rackspace.com>
Ansible is now warning users to stop using a pipe when testing a
variable. This updates the syntaxt to be the latest recommended syntax.
This also corrects two tags that were misplaced.
Change-Id: I6aa855c5fdc57812b1a8ec5dd185941f82847103
Signed-off-by: Kevin Carter <kevin.carter@rackspace.com>
Systemd provides for "timers" which is replacing cron. This change
implements timers as an option to any created service.
Change-Id: I8fdca58fcb43726560521c7c25f7e57cfb61353b
Signed-off-by: Kevin Carter <kevin.carter@rackspace.com>
A global var systemd_service_restart_changed is added which toggles
restart on unit file change for all systemd_services.
A systemd_services var 'restart_changed' is added to toggle restarts
on a per-service basis.
systemd daemon is not reloaded in a loop anymore, it is only
reloaded once, in a handler, when unit files change.
Consumer roles of systemd_service can listen to the handler
'systemd service changed' to implement additional orchestration when
service units are modified.
Change-Id: I803bca638c30696004f934ad1e28920786948f38
* Document the optionality in the defaults
* validate the input in the tasks before it's templated
* Standardize on the exec(starts,stops,reloads} interface
* Update the readme
* Add functional test
Change-Id: Icae36f970178b1cc79d069a94321afb1732a8c5c
Signed-off-by: Kevin Carter <kevin.carter@rackspace.com>