openstack
/
kolla-ansible
Code Issues Proposed changes
kolla-ansible/ansible/roles/loadbalancer/tasks/precheck.yml

854 lines
25 KiB
YAML
Raw Blame History

---
- import_role:
name: service-precheck
vars:
service_precheck_services: "{{ loadbalancer_services }}"
service_name: "{{ project_name }}"
- name: Get container facts
become: true
kolla_container_facts:
container_engine: "{{ kolla_container_engine }}"
name:
- haproxy
- proxysql
- keepalived
check_mode: false
register: container_facts
- name: Group hosts by whether they are running keepalived
group_by:
key: "keepalived_running_{{ container_facts['keepalived'] is defined }}"
changed_when: false
check_mode: false
when:
- enable_keepalived | bool
- inventory_hostname in groups['loadbalancer']
- name: Group hosts by whether they are running HAProxy
group_by:
key: "haproxy_running_{{ container_facts['haproxy'] is defined }}"
changed_when: false
check_mode: false
when:
- enable_haproxy | bool
- inventory_hostname in groups['loadbalancer']
- name: Group hosts by whether they are running ProxySQL
group_by:
key: "proxysql_running_{{ container_facts['proxysql'] is defined }}"
changed_when: false
check_mode: false
when:
- enable_proxysql | bool
- inventory_hostname in groups['loadbalancer']
- name: Set facts about whether we can run HAProxy and keepalived VIP prechecks
vars:
# NOTE(mgoddard): We can only reliably run this precheck if all hosts in
# the haproxy group are included in the batch. This may not be the case if
# using --limit or --serial.
all_hosts_in_batch: "{{ groups['loadbalancer'] | difference(ansible_play_batch) | list | length == 0 }}"
set_fact:
keepalived_vip_prechecks: "{{ all_hosts_in_batch and groups['keepalived_running_True'] is not defined }}"
haproxy_vip_prechecks: "{{ all_hosts_in_batch and groups['haproxy_running_True'] is not defined }}"
proxysql_vip_prechecks: "{{ all_hosts_in_batch and groups['proxysql_running_True'] is not defined }}"
- name: Checking if external haproxy certificate exists
run_once: true
stat:
path: "{{ kolla_external_fqdn_cert }}"
delegate_to: localhost
register: haproxy_cert_file
changed_when: false
when:
- not kolla_externally_managed_cert | bool
- not enable_letsencrypt | bool
- kolla_enable_tls_external | bool
- name: Assert that external haproxy certificate exists
run_once: true
assert:
that: haproxy_cert_file.stat.exists
fail_msg: "External haproxy certificate file is not found. It is configured via 'kolla_external_fqdn_cert'"
when:
- not kolla_externally_managed_cert | bool
- not enable_letsencrypt | bool
- kolla_enable_tls_external | bool
- name: Checking if internal haproxy certificate exists
run_once: true
stat:
path: "{{ kolla_internal_fqdn_cert }}"
delegate_to: localhost
register: haproxy_internal_cert_file
changed_when: false
when:
- not kolla_externally_managed_cert | bool
- not enable_letsencrypt | bool
- kolla_enable_tls_internal | bool
- name: Assert that internal haproxy certificate exists
run_once: true
assert:
that: haproxy_internal_cert_file.stat.exists
fail_msg: "Internal haproxy certificate file is not found. It is configured via 'kolla_internal_fqdn_cert'"
when:
- not kolla_externally_managed_cert | bool
- not enable_letsencrypt | bool
- kolla_enable_tls_internal | bool
- name: Checking the kolla_external_vip_interface is present
assert:
that: kolla_external_vip_interface in ansible_facts.interfaces
fail_msg: "Please check the kolla_external_vip_interface property - interface {{ kolla_external_vip_interface }} not found"
when:
- haproxy_enable_external_vip | bool
- name: Checking the kolla_external_vip_interface is active
assert:
that: hostvars[inventory_hostname].ansible_facts[kolla_external_vip_interface]['active']
fail_msg: "Please check the kolla_external_vip_interface settings - interface {{ kolla_external_vip_interface }} is not active"
when:
- haproxy_enable_external_vip | bool
# NOTE(hrw): let assume that each supported host OS has ping with ipv4/v6 support
- name: Checking if kolla_internal_vip_address and kolla_external_vip_address are not pingable from any node
command: "ping -c 3 {{ item }}"
register: ping_output
changed_when: false
failed_when: ping_output.rc != 1
check_mode: false
with_items:
- "{{ kolla_internal_vip_address }}"
- "{{ kolla_external_vip_address }}"
when:
- enable_keepalived | bool
- keepalived_vip_prechecks
- enable_haproxy | bool
- name: Checking free port for HAProxy stats
wait_for:
host: "{{ api_interface_address }}"
port: "{{ haproxy_stats_port }}"
connect_timeout: 1
timeout: 1
state: stopped
when:
- enable_haproxy | bool
- container_facts['haproxy'] is not defined
- inventory_hostname in groups['loadbalancer']
- name: Checking free port for HAProxy monitor (api interface)
wait_for:
host: "{{ api_interface_address }}"
port: "{{ haproxy_monitor_port }}"
connect_timeout: 1
timeout: 1
state: stopped
when:
- enable_haproxy | bool
- container_facts['haproxy'] is not defined
- inventory_hostname in groups['loadbalancer']
- name: Checking free port for HAProxy monitor (vip interface)
wait_for:
host: "{{ kolla_internal_vip_address }}"
port: "{{ haproxy_monitor_port }}"
connect_timeout: 1
timeout: 1
state: stopped
when:
- enable_haproxy | bool
- haproxy_vip_prechecks
- inventory_hostname in groups['loadbalancer']
- api_interface_address != kolla_internal_vip_address
- name: Checking free port for ProxySQL admin (api interface)
wait_for:
host: "{{ api_interface_address }}"
port: "{{ proxysql_admin_port }}"
connect_timeout: 1
timeout: 1
state: stopped
when:
- enable_proxysql | bool
- container_facts['proxysql'] is not defined
- inventory_hostname in groups['loadbalancer']
- name: Checking free port for ProxySQL admin (vip interface)
wait_for:
host: "{{ kolla_internal_vip_address }}"
port: "{{ proxysql_admin_port }}"
connect_timeout: 1
timeout: 1
state: stopped
when:
- enable_proxysql | bool
- proxysql_vip_prechecks
- inventory_hostname in groups['loadbalancer']
- api_interface_address != kolla_internal_vip_address
# FIXME(yoctozepto): this req seems arbitrary, they need not be, just routable is fine
- name: Checking if kolla_internal_vip_address is in the same network as api_interface on all nodes
become: true
command: ip -o addr show dev {{ api_interface }}
register: ip_addr_output
changed_when: false
failed_when: >-
( ip_addr_output is failed or
kolla_internal_vip_address | ipaddr(ip_addr_output.stdout.split()[3]) is none)
check_mode: false
when:
- enable_haproxy | bool
- enable_keepalived | bool
- container_facts['keepalived'] is not defined
- inventory_hostname in groups['loadbalancer']
- name: Getting haproxy stat
become: true
shell: echo "show stat" | {{ kolla_container_engine }} exec -i haproxy socat unix-connect:/var/lib/kolla/haproxy/haproxy.sock stdio # noqa risky-shell-pipe
register: haproxy_stat_shell
changed_when: false
check_mode: false
when: container_facts['haproxy'] is defined
- name: Setting haproxy stat fact
set_fact:
haproxy_stat: "{{ haproxy_stat_shell.stdout | default('') }}"
- name: Checking free port for Aodh API HAProxy
wait_for:
host: "{{ kolla_internal_vip_address }}"
port: "{{ aodh_api_port }}"
connect_timeout: 1
timeout: 1
state: stopped
when:
- enable_aodh | bool
- inventory_hostname in groups['loadbalancer']
- haproxy_stat.find('aodh_api') == -1
- haproxy_vip_prechecks
- name: Checking free port for Barbican API HAProxy
wait_for:
host: "{{ kolla_internal_vip_address }}"
port: "{{ barbican_api_port }}"
connect_timeout: 1
timeout: 1
state: stopped
when:
- enable_barbican | bool
- inventory_hostname in groups['loadbalancer']
- haproxy_stat.find('barbican_api') == -1
- haproxy_vip_prechecks
- name: Checking free port for Blazar API HAProxy
wait_for:
host: "{{ kolla_internal_vip_address }}"
port: "{{ blazar_api_port }}"
connect_timeout: 1
timeout: 1
state: stopped
when:
- enable_blazar | bool
- inventory_hostname in groups['loadbalancer']
- haproxy_stat.find('blazar_api') == -1
- haproxy_vip_prechecks
- name: Checking free port for Ceph RadosGW HAProxy
wait_for:
host: "{{ kolla_internal_vip_address }}"
port: "{{ ceph_rgw_port }}"
connect_timeout: 1
timeout: 1
state: stopped
when:
- enable_ceph_rgw | bool
- enable_ceph_rgw_loadbalancer | bool
- inventory_hostname in groups['loadbalancer']
- haproxy_stat.find('radosgw') == -1
- haproxy_vip_prechecks
- name: Checking free port for Cinder API HAProxy
wait_for:
host: "{{ kolla_internal_vip_address }}"
port: "{{ cinder_api_port }}"
connect_timeout: 1
timeout: 1
state: stopped
when:
- enable_cinder | bool
- inventory_hostname in groups['loadbalancer']
- haproxy_stat.find('cinder_api') == -1
- haproxy_vip_prechecks
- name: Checking free port for Cloudkitty API HAProxy
wait_for:
host: "{{ kolla_internal_vip_address }}"
port: "{{ cloudkitty_api_port }}"
connect_timeout: 1
timeout: 1
state: stopped
when:
- enable_cloudkitty | bool
- inventory_hostname in groups['loadbalancer']
- haproxy_stat.find('cloudkitty_api') == -1
- haproxy_vip_prechecks
- name: Checking free port for Cyborg API HAProxy
wait_for:
host: "{{ kolla_internal_vip_address }}"
port: "{{ cyborg_api_port }}"
connect_timeout: 1
timeout: 1
state: stopped
when:
- enable_cyborg | bool
- inventory_hostname in groups['loadbalancer']
- haproxy_stat.find('cyborg_api') == -1
- haproxy_vip_prechecks
- name: Checking free port for Designate API HAProxy
wait_for:
host: "{{ kolla_internal_vip_address }}"
port: "{{ designate_api_port }}"
connect_timeout: 1
timeout: 1
state: stopped
when:
- enable_designate | bool
- inventory_hostname in groups['loadbalancer']
- haproxy_stat.find('designate_api') == -1
- haproxy_vip_prechecks
- name: Checking free port for Glance API HAProxy
wait_for:
host: "{{ kolla_internal_vip_address }}"
port: "{{ glance_api_port }}"
connect_timeout: 1
timeout: 1
state: stopped
when:
- enable_glance | bool
- inventory_hostname in groups['loadbalancer']
- haproxy_stat.find('glance_api') == -1
- haproxy_vip_prechecks
- name: Checking free port for Gnocchi API HAProxy
wait_for:
host: "{{ kolla_internal_vip_address }}"
port: "{{ gnocchi_api_port }}"
connect_timeout: 1
timeout: 1
state: stopped
when:
- enable_gnocchi | bool
- inventory_hostname in groups['loadbalancer']
- haproxy_stat.find('gnocchi_api') == -1
- haproxy_vip_prechecks
- name: Checking free port for Freezer API HAProxy
wait_for:
host: "{{ kolla_internal_vip_address }}"
port: "{{ freezer_api_port }}"
connect_timeout: 1
timeout: 1
state: stopped
when:
- enable_freezer | bool
- haproxy_stat.find('freezer_api') == -1
- inventory_hostname in groups['loadbalancer']
- haproxy_vip_prechecks
- name: Checking free port for Grafana server HAProxy
wait_for:
host: "{{ kolla_internal_vip_address }}"
port: "{{ grafana_server_port }}"
connect_timeout: 1
timeout: 1
state: stopped
when:
- enable_grafana | bool
- inventory_hostname in groups['loadbalancer']
- haproxy_stat.find('grafana_server') == -1
- haproxy_vip_prechecks
- name: Checking free port for Heat API HAProxy
wait_for:
host: "{{ kolla_internal_vip_address }}"
port: "{{ heat_api_port }}"
connect_timeout: 1
timeout: 1
state: stopped
when:
- enable_heat | bool
- inventory_hostname in groups['loadbalancer']
- haproxy_stat.find('heat_api') == -1
- haproxy_vip_prechecks
- name: Checking free port for Heat API CFN HAProxy
wait_for:
host: "{{ kolla_internal_vip_address }}"
port: "{{ heat_api_cfn_port }}"
connect_timeout: 1
timeout: 1
state: stopped
when:
- enable_heat | bool
- inventory_hostname in groups['loadbalancer']
- haproxy_stat.find('heat_api_cfn') == -1
- haproxy_vip_prechecks
- name: Checking free port for Horizon HAProxy
wait_for:
host: "{{ kolla_internal_vip_address }}"
port: "{{ horizon_port }}"
connect_timeout: 1
timeout: 1
state: stopped
when:
- enable_horizon | bool
- inventory_hostname in groups['loadbalancer']
- haproxy_stat.find('horizon') == -1
- haproxy_vip_prechecks
- name: Checking free port for Ironic API HAProxy
wait_for:
host: "{{ kolla_internal_vip_address }}"
port: "{{ ironic_api_port }}"
connect_timeout: 1
timeout: 1
state: stopped
when:
- enable_ironic | bool
- inventory_hostname in groups['loadbalancer']
- haproxy_stat.find('ironic_api') == -1
- haproxy_vip_prechecks
- name: Checking free port for Ironic Inspector HAProxy
wait_for:
host: "{{ kolla_internal_vip_address }}"
port: "{{ ironic_inspector_port }}"
connect_timeout: 1
timeout: 1
state: stopped
when:
- enable_ironic | bool
- inventory_hostname in groups['loadbalancer']
- haproxy_stat.find('ironic_inspector') == -1
- haproxy_vip_prechecks
- name: Checking free port for Keystone Internal HAProxy
wait_for:
host: "{{ kolla_internal_vip_address }}"
port: "{{ keystone_public_port }}"
connect_timeout: 1
timeout: 1
state: stopped
when:
- enable_keystone | bool
- inventory_hostname in groups['loadbalancer']
- haproxy_stat.find('keystone_internal') == -1
- haproxy_vip_prechecks
- name: Checking free port for Keystone Public HAProxy
wait_for:
host: "{{ kolla_external_vip_address }}"
port: "{{ keystone_public_port }}"
connect_timeout: 1
timeout: 1
state: stopped
when:
- haproxy_enable_external_vip | bool
- enable_keystone | bool
- inventory_hostname in groups['loadbalancer']
- haproxy_stat.find('keystone_external') == -1
- haproxy_vip_prechecks
- name: Checking free port for Magnum API HAProxy
wait_for:
host: "{{ kolla_internal_vip_address }}"
port: "{{ magnum_api_port }}"
connect_timeout: 1
timeout: 1
state: stopped
when:
- enable_magnum | bool
- inventory_hostname in groups['loadbalancer']
- haproxy_stat.find('magnum_api') == -1
- haproxy_vip_prechecks
- name: Checking free port for Manila API HAProxy
wait_for:
host: "{{ kolla_internal_vip_address }}"
port: "{{ manila_api_port }}"
connect_timeout: 1
timeout: 1
state: stopped
when:
- enable_manila | bool
- inventory_hostname in groups['loadbalancer']
- haproxy_stat.find('manila_api') == -1
- haproxy_vip_prechecks
- name: Checking free port for MariaDB HAProxy/ProxySQL
wait_for:
host: "{{ kolla_internal_vip_address }}"
port: "{{ database_port }}"
connect_timeout: 1
timeout: 1
state: stopped
when:
- enable_mariadb | bool
- inventory_hostname in groups['loadbalancer']
- haproxy_stat.find('mariadb') == -1
- haproxy_vip_prechecks or proxysql_vip_prechecks
- name: Checking free port for Masakari API HAProxy
wait_for:
host: "{{ kolla_internal_vip_address }}"
port: "{{ masakari_api_port }}"
connect_timeout: 1
timeout: 1
state: stopped
when:
- enable_masakari | bool
- inventory_hostname in groups['loadbalancer']
- haproxy_stat.find('masakari_api') == -1
- haproxy_vip_prechecks
- name: Checking free port for Mistral API HAProxy
wait_for:
host: "{{ kolla_internal_vip_address }}"
port: "{{ mistral_api_port }}"
connect_timeout: 1
timeout: 1
state: stopped
when:
- enable_mistral | bool
- inventory_hostname in groups['loadbalancer']
- haproxy_stat.find('mistral_api') == -1
- haproxy_vip_prechecks
- name: Checking free port for Murano API HAProxy
wait_for:
host: "{{ kolla_internal_vip_address }}"
port: "{{ murano_api_port }}"
connect_timeout: 1
timeout: 1
state: stopped
when:
- enable_murano | bool
- inventory_hostname in groups['loadbalancer']
- haproxy_stat.find('murano_api') == -1
- haproxy_vip_prechecks
- name: Checking free port for Neutron Server HAProxy
wait_for:
host: "{{ kolla_internal_vip_address }}"
port: "{{ neutron_server_port }}"
connect_timeout: 1
timeout: 1
state: stopped
when:
- enable_neutron | bool
- inventory_hostname in groups['loadbalancer']
- haproxy_stat.find('neutron_server') == -1
- haproxy_vip_prechecks
- name: Checking free port for Nova API HAProxy
wait_for:
host: "{{ kolla_internal_vip_address }}"
port: "{{ nova_api_port }}"
connect_timeout: 1
timeout: 1
state: stopped
when:
- enable_nova | bool
- inventory_hostname in groups['loadbalancer']
- haproxy_stat.find('nova_api') == -1
- haproxy_vip_prechecks
- name: Checking free port for Nova Metadata HAProxy
wait_for:
host: "{{ kolla_internal_vip_address }}"
port: "{{ nova_metadata_port }}"
connect_timeout: 1
timeout: 1
state: stopped
when:
- enable_nova | bool
- inventory_hostname in groups['loadbalancer']
- haproxy_stat.find('nova_metadata') == -1
- haproxy_vip_prechecks
- name: Checking free port for Nova NoVNC HAProxy
wait_for:
host: "{{ kolla_internal_vip_address }}"
port: "{{ nova_novncproxy_port }}"
connect_timeout: 1
timeout: 1
state: stopped
when:
- enable_nova | bool
- nova_console == 'novnc'
- inventory_hostname in groups['loadbalancer']
- haproxy_stat.find('nova_novncproxy') == -1
- haproxy_vip_prechecks
- name: Checking free port for Nova Serial Proxy HAProxy
wait_for:
host: "{{ kolla_internal_vip_address }}"
port: "{{ nova_serialproxy_port }}"
connect_timeout: 1
timeout: 1
state: stopped
when:
- enable_nova | bool
- haproxy_stat.find('nova_serialconsole_proxy') == -1
- enable_nova_serialconsole_proxy | bool
- inventory_hostname in groups['loadbalancer']
- haproxy_vip_prechecks
- name: Checking free port for Nova Spice HTML5 HAProxy
wait_for:
host: "{{ kolla_internal_vip_address }}"
port: "{{ nova_spicehtml5proxy_port }}"
connect_timeout: 1
timeout: 1
state: stopped
when:
- enable_nova | bool
- nova_console == 'spice'
- inventory_hostname in groups['loadbalancer']
- haproxy_stat.find('nova_spicehtml5proxy') == -1
- haproxy_vip_prechecks
- name: Checking free port for Nova Placement API HAProxy
wait_for:
host: "{{ kolla_internal_vip_address }}"
port: "{{ placement_api_port }}"
connect_timeout: 1
timeout: 1
state: stopped
when:
- enable_nova | bool
- inventory_hostname in groups['loadbalancer']
- haproxy_stat.find('placement_api') == -1
- haproxy_vip_prechecks
- name: Checking free port for Octavia API HAProxy
wait_for:
host: "{{ kolla_internal_vip_address }}"
port: "{{ octavia_api_port }}"
connect_timeout: 1
timeout: 1
state: stopped
when:
- enable_octavia | bool
- inventory_hostname in groups['loadbalancer']
- haproxy_stat.find('octavia_api') == -1
- haproxy_vip_prechecks
- name: Checking free port for OpenSearch HAProxy
wait_for:
host: "{{ kolla_internal_vip_address }}"
port: "{{ opensearch_port }}"
connect_timeout: 1
timeout: 1
state: stopped
when:
- enable_opensearch | bool
- inventory_hostname in groups['loadbalancer']
- haproxy_stat.find('opensearch') == -1
- haproxy_vip_prechecks
- name: Checking free port for OpenSearch Dashboards HAProxy
wait_for:
host: "{{ kolla_internal_vip_address }}"
port: "{{ opensearch_dashboards_port }}"
connect_timeout: 1
timeout: 1
state: stopped
when:
- enable_opensearch_dashboards | bool
- inventory_hostname in groups['loadbalancer']
- haproxy_stat.find('opensearch_dashboards') == -1
- haproxy_vip_prechecks
- name: Checking free port for RabbitMQ Management HAProxy
wait_for:
host: "{{ kolla_internal_vip_address }}"
port: "{{ rabbitmq_management_port }}"
connect_timeout: 1
timeout: 1
state: stopped
when:
- enable_rabbitmq | bool
- inventory_hostname in groups['loadbalancer']
- haproxy_stat.find('rabbitmq_management') == -1
- haproxy_vip_prechecks
- name: Checking free port for outward RabbitMQ Management HAProxy
wait_for:
host: "{{ kolla_internal_vip_address }}"
port: "{{ outward_rabbitmq_management_port }}"
connect_timeout: 1
state: stopped
when:
- enable_outward_rabbitmq | bool
- inventory_hostname in groups['loadbalancer']
- haproxy_stat.find('outward_rabbitmq_management') == -1
- haproxy_vip_prechecks
- name: Checking free port for Sahara API HAProxy
wait_for:
host: "{{ kolla_internal_vip_address }}"
port: "{{ sahara_api_port }}"
connect_timeout: 1
timeout: 1
state: stopped
when:
- enable_sahara | bool
- inventory_hostname in groups['loadbalancer']
- haproxy_stat.find('sahara_api') == -1
- haproxy_vip_prechecks
- name: Checking free port for Senlin API HAProxy
wait_for:
host: "{{ kolla_internal_vip_address }}"
port: "{{ senlin_api_port }}"
connect_timeout: 1
timeout: 1
state: stopped
when:
- enable_senlin | bool
- inventory_hostname in groups['loadbalancer']
- haproxy_stat.find('senlin_api') == -1
- haproxy_vip_prechecks
- name: Checking free port for Solum Application Deployment HAProxy
wait_for:
host: "{{ kolla_internal_vip_address }}"
port: "{{ solum_application_deployment_port }}"
connect_timeout: 1
timeout: 1
state: stopped
when:
- enable_solum | bool
- inventory_hostname in groups['loadbalancer']
- haproxy_stat.find('solum_application_deployment') == -1
- haproxy_vip_prechecks
- name: Checking free port for Solum Image Builder HAProxy
wait_for:
host: "{{ kolla_internal_vip_address }}"
port: "{{ solum_image_builder_port }}"
connect_timeout: 1
timeout: 1
state: stopped
when:
- enable_solum | bool
- inventory_hostname in groups['loadbalancer']
- haproxy_stat.find('solum_image_builder') == -1
- haproxy_vip_prechecks
- name: Checking free port for Swift Proxy Server HAProxy
wait_for:
host: "{{ kolla_internal_vip_address }}"
port: "{{ swift_proxy_server_port }}"
connect_timeout: 1
timeout: 1
state: stopped
when:
- enable_swift | bool
- inventory_hostname in groups['loadbalancer']
- haproxy_stat.find('swift_api') == -1
- haproxy_vip_prechecks
- name: Checking free port for Tacker Server HAProxy
wait_for:
host: "{{ kolla_internal_vip_address }}"
port: "{{ tacker_server_port }}"
connect_timeout: 1
timeout: 1
state: stopped
when:
- enable_tacker | bool
- inventory_hostname in groups['loadbalancer']
- haproxy_stat.find('tacker_server') == -1
- haproxy_vip_prechecks
- name: Checking free port for Trove API HAProxy
wait_for:
host: "{{ kolla_internal_vip_address }}"
port: "{{ trove_api_port }}"
connect_timeout: 1
timeout: 1
state: stopped
when:
- enable_trove | bool
- inventory_hostname in groups['loadbalancer']
- haproxy_stat.find('trove_api') == -1
- haproxy_vip_prechecks
- name: Checking free port for Watcher API HAProxy
wait_for:
host: "{{ kolla_internal_vip_address }}"
port: "{{ watcher_api_port }}"
connect_timeout: 1
timeout: 1
state: stopped
when:
- enable_watcher | bool
- inventory_hostname in groups['loadbalancer']
- haproxy_stat.find('watcher_api') == -1
- haproxy_vip_prechecks
- name: Checking free port for Zun API HAProxy
wait_for:
host: "{{ kolla_internal_vip_address }}"
port: "{{ zun_api_port }}"
connect_timeout: 1
timeout: 1
state: stopped
when:
- enable_zun | bool
- inventory_hostname in groups['loadbalancer']
- haproxy_stat.find('zun_api') == -1
- haproxy_vip_prechecks
- name: Checking free port for Vitrage API HAProxy
wait_for:
host: "{{ kolla_internal_vip_address }}"
port: "{{ vitrage_api_port }}"
connect_timeout: 1
state: stopped
when:
- enable_vitrage | bool
- inventory_hostname in groups['loadbalancer']
- haproxy_stat.find('vitrage_api') == -1
- haproxy_vip_prechecks
- name: Firewalld checks
block:
- name: Check if firewalld is running # noqa command-instead-of-module
become: true
command:
cmd: "systemctl is-active firewalld"
register: firewalld_is_active
changed_when: false
failed_when: false
check_mode: false
- name: Fail if firewalld is not running
fail:
msg: >-
firewalld is not running.
Please install and configure firewalld.
when:
- firewalld_is_active.rc != 0
when:
- enable_external_api_firewalld | bool
View Git Blame Copy Permalink