Add var for environment used only inside playbooks
When global_environment_variables is set in user_variables.yml, this installs environment settings in /etc/environment on all hosts and containers. These remain in place after deployment is complete. This patch adds a similar variable deployment_environment_variables that defines environment strings applied only while the playbooks are running. They leave nothing behind on the hosts or containers. This may be used, for example, for proxy settings required only during deployment. A simpler no_proxy setting is adequate during deployment, so this provides a workaround to Bug #1691749. Change-Id: Ia15d2133c6749fa9496bbf9359b8bf075742d60e Related-Bug: #1691749
This commit is contained in:
parent
c9a96296d7
commit
77ac88197c
|
@ -118,6 +118,7 @@ debug: false
|
|||
# placed both on the hosts and inside the containers.
|
||||
|
||||
## Example environment variable setup:
|
||||
## (1) This sets up a permanent environment, used during and after deployment:
|
||||
# proxy_env_url: http://username:pa$$w0rd@10.10.10.9:9000/
|
||||
# no_proxy_env: "localhost,127.0.0.1,{{ internal_lb_vip_address }},{{ external_lb_vip_address }},{% for host in groups['all_containers'] %}{{ hostvars[host]['container_address'] }}{% if not loop.last %},{% endif %}{% endfor %}"
|
||||
# global_environment_variables:
|
||||
|
@ -127,6 +128,12 @@ debug: false
|
|||
# http_proxy: "{{ proxy_env_url }}"
|
||||
# https_proxy: "{{ proxy_env_url }}"
|
||||
# no_proxy: "{{ no_proxy_env }}"
|
||||
#
|
||||
## (2) This is applied only during deployment, nothing is left after deployment is complete:
|
||||
# deployment_environment_variables:
|
||||
# http_proxy: http://username:pa$$w0rd@10.10.10.9:9000/
|
||||
# https_proxy: http://username:pa$$w0rd@10.10.10.9:9000/
|
||||
# no_proxy: "localhost,127.0.0.1,{{ internal_lb_vip_address }},{{ external_lb_vip_address }}"
|
||||
|
||||
|
||||
## SSH connection wait time
|
||||
|
|
|
@ -73,6 +73,7 @@
|
|||
- crontab
|
||||
vars:
|
||||
is_metal: "{{ properties.is_metal|default(false) }}"
|
||||
environment: "{{ deployment_environment_variables | default({}) }}"
|
||||
tags:
|
||||
- ceph
|
||||
- ceph-mon
|
||||
|
@ -145,6 +146,7 @@
|
|||
- role: "system_crontab_coordination"
|
||||
tags:
|
||||
- crontab
|
||||
environment: "{{ deployment_environment_variables | default({}) }}"
|
||||
tags:
|
||||
- ceph
|
||||
- ceph-osd
|
||||
|
|
|
@ -29,3 +29,5 @@
|
|||
- role: "system_crontab_coordination"
|
||||
vars:
|
||||
is_metal: "{{ properties.is_metal|default(false) }}"
|
||||
environment: "{{ deployment_environment_variables | default({}) }}"
|
||||
|
||||
|
|
|
@ -33,6 +33,7 @@
|
|||
- include: common-tasks/package-cache-proxy.yml
|
||||
vars:
|
||||
is_metal: "{{ properties.is_metal|default(false) }}"
|
||||
environment: "{{ deployment_environment_variables | default({}) }}"
|
||||
tags:
|
||||
- galera
|
||||
|
||||
|
@ -64,5 +65,6 @@
|
|||
galera_address: 127.0.0.1
|
||||
galera_server_id: "{{ inventory_hostname | string_2_int }}"
|
||||
galera_wsrep_node_name: "{{ container_name }}"
|
||||
environment: "{{ deployment_environment_variables | default({}) }}"
|
||||
tags:
|
||||
- galera
|
||||
|
|
|
@ -33,6 +33,7 @@
|
|||
- "{{ haproxy_keepalived_vars_file | default('vars/configs/keepalived_haproxy.yml') }}"
|
||||
vars:
|
||||
is_metal: "{{ properties.is_metal|default(false) }}"
|
||||
environment: "{{ deployment_environment_variables | default({}) }}"
|
||||
tags:
|
||||
- haproxy-config
|
||||
- haproxy
|
||||
|
@ -73,5 +74,6 @@
|
|||
- vars/configs/haproxy_config.yml
|
||||
vars:
|
||||
is_metal: "{{ properties.is_metal|default(false) }}"
|
||||
environment: "{{ deployment_environment_variables | default({}) }}"
|
||||
tags:
|
||||
- haproxy
|
||||
|
|
|
@ -33,5 +33,6 @@
|
|||
timeout: "{{ lxc_container_wait_params.timeout | default(omit) }}"
|
||||
vars:
|
||||
is_metal: "{{ properties.is_metal|default(false) }}"
|
||||
environment: "{{ deployment_environment_variables | default({}) }}"
|
||||
tags:
|
||||
- lxc-containers-create
|
||||
|
|
|
@ -55,5 +55,6 @@
|
|||
- defaults/repo_packages/openstack_services.yml
|
||||
vars:
|
||||
pip_lock_to_internal_repo: False
|
||||
environment: "{{ deployment_environment_variables | default({}) }}"
|
||||
tags:
|
||||
- lxc-hosts
|
||||
|
|
|
@ -39,5 +39,6 @@
|
|||
- crontab
|
||||
vars:
|
||||
is_metal: "{{ properties.is_metal|default(false) }}"
|
||||
environment: "{{ deployment_environment_variables | default({}) }}"
|
||||
tags:
|
||||
- memcached
|
||||
|
|
|
@ -64,5 +64,6 @@
|
|||
msg: "The only supported platforms for this release are Ubuntu 16.04 LTS (Xenial) and CentOS 7 (WIP)"
|
||||
roles:
|
||||
- role: "openstack_hosts"
|
||||
environment: "{{ deployment_environment_variables | default({}) }}"
|
||||
tags:
|
||||
- openstack-hosts
|
||||
|
|
|
@ -62,5 +62,6 @@
|
|||
aodh_rabbitmq_servers: "{{ rabbitmq_servers }}"
|
||||
aodh_rabbitmq_port: "{{ rabbitmq_port }}"
|
||||
aodh_rabbitmq_use_ssl: "{{ rabbitmq_use_ssl }}"
|
||||
environment: "{{ deployment_environment_variables | default({}) }}"
|
||||
tags:
|
||||
- aodh
|
||||
|
|
|
@ -57,5 +57,6 @@
|
|||
- rsyslog
|
||||
vars:
|
||||
is_metal: "{{ properties.is_metal|default(false) }}"
|
||||
environment: "{{ deployment_environment_variables | default({}) }}"
|
||||
tags:
|
||||
- barbican
|
||||
|
|
|
@ -49,5 +49,6 @@
|
|||
- rsyslog
|
||||
vars:
|
||||
is_metal: "{{ properties.is_metal|default(false) }}"
|
||||
environment: "{{ deployment_environment_variables | default({}) }}"
|
||||
tags:
|
||||
- ceilometer
|
||||
|
|
|
@ -122,5 +122,6 @@
|
|||
cinder_galera_user: cinder
|
||||
cinder_galera_database: cinder
|
||||
cinder_galera_address: "{{ galera_address }}"
|
||||
environment: "{{ deployment_environment_variables | default({}) }}"
|
||||
tags:
|
||||
- cinder
|
||||
|
|
|
@ -72,5 +72,6 @@
|
|||
- rsyslog
|
||||
vars:
|
||||
is_metal: "{{ properties.is_metal|default(false) }}"
|
||||
environment: "{{ deployment_environment_variables | default({}) }}"
|
||||
tags:
|
||||
- designate
|
||||
|
|
|
@ -93,5 +93,6 @@
|
|||
glance_galera_user: glance
|
||||
glance_galera_database: glance
|
||||
glance_galera_address: "{{ galera_address }}"
|
||||
environment: "{{ deployment_environment_variables | default({}) }}"
|
||||
tags:
|
||||
- glance
|
||||
|
|
|
@ -66,5 +66,6 @@
|
|||
gnocchi_galera_user: gnocchi
|
||||
gnocchi_galera_database: gnocchi
|
||||
gnocchi_galera_address: "{{ galera_address }}"
|
||||
environment: "{{ deployment_environment_variables | default({}) }}"
|
||||
tags:
|
||||
- gnocchi
|
||||
|
|
|
@ -75,5 +75,6 @@
|
|||
heat_galera_user: heat
|
||||
heat_galera_database: heat
|
||||
heat_galera_address: "{{ galera_address }}"
|
||||
environment: "{{ deployment_environment_variables | default({}) }}"
|
||||
tags:
|
||||
- heat
|
||||
|
|
|
@ -50,5 +50,6 @@
|
|||
horizon_galera_user: horizon
|
||||
horizon_galera_database: horizon
|
||||
horizon_galera_address: "{{ galera_address }}"
|
||||
environment: "{{ deployment_environment_variables | default({}) }}"
|
||||
tags:
|
||||
- horizon
|
||||
|
|
|
@ -57,5 +57,6 @@
|
|||
ironic_galera_user: ironic
|
||||
ironic_galera_database: ironic
|
||||
ironic_galera_address: "{{ galera_address }}"
|
||||
environment: "{{ deployment_environment_variables | default({}) }}"
|
||||
tags:
|
||||
- ironic
|
||||
|
|
|
@ -109,5 +109,6 @@
|
|||
keystone_galera_user: keystone
|
||||
keystone_galera_database: keystone
|
||||
keystone_galera_address: "{{ galera_address }}"
|
||||
environment: "{{ deployment_environment_variables | default({}) }}"
|
||||
tags:
|
||||
- keystone
|
||||
|
|
|
@ -58,5 +58,6 @@
|
|||
- rsyslog
|
||||
vars:
|
||||
is_metal: "{{ properties.is_metal|default(false) }}"
|
||||
environment: "{{ deployment_environment_variables | default({}) }}"
|
||||
tags:
|
||||
- "magnum"
|
||||
|
|
|
@ -47,5 +47,6 @@
|
|||
- crontab
|
||||
vars:
|
||||
is_metal: "{{ properties.is_metal|default(false) }}"
|
||||
environment: "{{ deployment_environment_variables | default({}) }}"
|
||||
tags:
|
||||
- molteniron
|
||||
|
|
|
@ -154,5 +154,6 @@
|
|||
vars:
|
||||
is_metal: "{{ properties.is_metal|default(false) }}"
|
||||
bind_prefix: "{{ provider_network_bind_prefix|default('') }}"
|
||||
environment: "{{ deployment_environment_variables | default({}) }}"
|
||||
tags:
|
||||
- neutron
|
||||
|
|
|
@ -180,5 +180,6 @@
|
|||
nova_api_galera_address: "{{ galera_address }}"
|
||||
nova_placement_galera_address: "{{ galera_address }}"
|
||||
glance_host: "{{ internal_lb_vip_address }}"
|
||||
environment: "{{ deployment_environment_variables | default({}) }}"
|
||||
tags:
|
||||
- nova
|
||||
|
|
|
@ -64,5 +64,6 @@
|
|||
octavia_galera_user: octavia
|
||||
octavia_galera_database: octavia
|
||||
octavia_galera_address: "{{ galera_address }}"
|
||||
environment: "{{ deployment_environment_variables | default({}) }}"
|
||||
tags:
|
||||
- octavia
|
||||
|
|
|
@ -28,3 +28,4 @@
|
|||
when: inventory_hostname == groups['utility_all'][0]
|
||||
roles:
|
||||
- role: "os_rally"
|
||||
environment: "{{ deployment_environment_variables | default({}) }}"
|
||||
|
|
|
@ -67,5 +67,6 @@
|
|||
- rsyslog
|
||||
vars:
|
||||
is_metal: "{{ properties.is_metal|default(false) }}"
|
||||
environment: "{{ deployment_environment_variables | default({}) }}"
|
||||
tags:
|
||||
- sahara
|
||||
|
|
|
@ -51,6 +51,7 @@
|
|||
swift_do_sync: True
|
||||
vars:
|
||||
is_metal: "{{ properties.is_metal|default(false) }}"
|
||||
environment: "{{ deployment_environment_variables | default({}) }}"
|
||||
tags:
|
||||
- swift
|
||||
|
||||
|
@ -70,5 +71,6 @@
|
|||
- role: "system_crontab_coordination"
|
||||
tags:
|
||||
- crontab
|
||||
environment: "{{ deployment_environment_variables | default({}) }}"
|
||||
tags:
|
||||
- swift
|
||||
|
|
|
@ -26,5 +26,6 @@
|
|||
swift_do_sync: True
|
||||
vars:
|
||||
is_metal: "{{ properties.is_metal|default(false) }}"
|
||||
environment: "{{ deployment_environment_variables | default({}) }}"
|
||||
tags:
|
||||
- swift
|
||||
|
|
|
@ -33,5 +33,6 @@
|
|||
- defaults/repo_packages/openstack_testing.yml
|
||||
vars:
|
||||
is_metal: "{{ properties.is_metal|default(false) }}"
|
||||
environment: "{{ deployment_environment_variables | default({}) }}"
|
||||
tags:
|
||||
- tempest
|
||||
|
|
|
@ -72,5 +72,6 @@
|
|||
- rsyslog
|
||||
vars:
|
||||
is_metal: "{{ properties.is_metal|default(false) }}"
|
||||
environment: "{{ deployment_environment_variables | default({}) }}"
|
||||
tags:
|
||||
- trove
|
||||
|
|
|
@ -30,6 +30,7 @@
|
|||
- role: "system_crontab_coordination"
|
||||
vars:
|
||||
is_metal: "{{ properties.is_metal|default(false) }}"
|
||||
environment: "{{ deployment_environment_variables | default({}) }}"
|
||||
tags:
|
||||
- rabbitmq
|
||||
|
||||
|
@ -60,6 +61,7 @@
|
|||
rsyslog_client_config_name: "99-rabbitmq-rsyslog-client.conf"
|
||||
tags:
|
||||
- rsyslog
|
||||
environment: "{{ deployment_environment_variables | default({}) }}"
|
||||
tags:
|
||||
- rabbitmq
|
||||
|
||||
|
@ -73,6 +75,7 @@
|
|||
password: "{{ rabbitmq_monitoring_password }}"
|
||||
state: "present"
|
||||
when: rabbitmq_monitoring_password is defined
|
||||
environment: "{{ deployment_environment_variables | default({}) }}"
|
||||
tags:
|
||||
- rabbitmq-config
|
||||
- rabbitmq
|
||||
|
|
|
@ -131,5 +131,6 @@
|
|||
- "{{ playbook_dir }}/../"
|
||||
- /etc/ansible/roles
|
||||
- /etc/openstack_deploy
|
||||
environment: "{{ deployment_environment_variables | default({}) }}"
|
||||
tags:
|
||||
- repo-build
|
||||
|
|
|
@ -66,5 +66,6 @@
|
|||
- defaults/repo_packages/openstack_services.yml
|
||||
vars:
|
||||
is_metal: "{{ properties.is_metal|default(false) }}"
|
||||
environment: "{{ deployment_environment_variables | default({}) }}"
|
||||
tags:
|
||||
- repo-server
|
||||
|
|
|
@ -36,5 +36,6 @@
|
|||
- crontab
|
||||
vars:
|
||||
is_metal: "{{ properties.is_metal|default(false) }}"
|
||||
environment: "{{ deployment_environment_variables | default({}) }}"
|
||||
tags:
|
||||
- rsyslog
|
||||
|
|
|
@ -24,5 +24,6 @@
|
|||
roles:
|
||||
- role: "openstack-ansible-security"
|
||||
when: apply_security_hardening | bool
|
||||
environment: "{{ deployment_environment_variables | default({}) }}"
|
||||
tags:
|
||||
- security
|
||||
|
|
|
@ -97,3 +97,4 @@
|
|||
vars:
|
||||
#Only run the resolvconf role when DNS containers are deployed to the env.
|
||||
resolvconf_enabled: "{{ groups['unbound'] is defined and groups['unbound'] | length > 0 }}"
|
||||
environment: "{{ deployment_environment_variables | default({}) }}"
|
||||
|
|
|
@ -85,5 +85,6 @@
|
|||
when: utility_ssh_private_key is defined
|
||||
vars:
|
||||
is_metal: "{{ properties.is_metal|default(false) }}"
|
||||
environment: "{{ deployment_environment_variables | default({}) }}"
|
||||
tags:
|
||||
- utility
|
||||
|
|
Loading…
Reference in New Issue