diff --git a/defaults/main.yml b/defaults/main.yml index f7596a30..9ad6877b 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -37,7 +37,11 @@ debug: False # for the service setup. The host must already have # clouds.yaml properly configured. nova_service_setup_host: "{{ openstack_service_setup_host | default('localhost') }}" -nova_service_setup_host_python_interpreter: "{{ openstack_service_setup_host_python_interpreter | default((nova_service_setup_host == 'localhost') | ternary(ansible_playbook_python, ansible_facts['python']['executable'])) }}" +nova_service_setup_host_python_interpreter: >- + {{ + openstack_service_setup_host_python_interpreter | default( + (nova_service_setup_host == 'localhost') | ternary(ansible_playbook_python, ansible_facts['python']['executable'])) + }} # Set the host which will run compute initialization tasks such as checking # for a compute node to be up and running cell discovery. @@ -54,7 +58,8 @@ nova_venv_python_executable: "{{ openstack_venv_python_executable | default('pyt nova_git_repo: https://opendev.org/openstack/nova nova_git_install_branch: master -nova_upper_constraints_url: "{{ requirements_git_url | default('https://releases.openstack.org/constraints/upper/' ~ requirements_git_install_branch | default('master')) }}" +nova_upper_constraints_url: >- + {{ requirements_git_url | default('https://releases.openstack.org/constraints/upper/' ~ requirements_git_install_branch | default('master')) }} nova_git_constraints: - "--constraint {{ nova_upper_constraints_url }}" nova_pip_install_args: "{{ pip_install_options | default('') }}" @@ -90,7 +95,11 @@ nova_management_address: "127.0.0.1" ## Database info nova_db_setup_host: "{{ openstack_db_setup_host | default('localhost') }}" -nova_db_setup_python_interpreter: "{{ openstack_db_setup_python_interpreter | default((nova_db_setup_host == 'localhost') | ternary(ansible_playbook_python, ansible_facts['python']['executable'])) }}" +nova_db_setup_python_interpreter: >- + {{ + openstack_db_setup_python_interpreter | default( + (nova_db_setup_host == 'localhost') | ternary(ansible_playbook_python, ansible_facts['python']['executable'])) + }} nova_galera_address: "{{ galera_address | default('127.0.0.1') }}" nova_galera_user: nova nova_galera_database: nova @@ -176,12 +185,12 @@ nova_virt_types: # If this is not set, then the playbook will try to guess it. -#nova_virt_type: kvm +# nova_virt_type: kvm # Enable Kernel Shared Memory (KSM) nova_compute_ksm_enabled: False -#if set, nova_virt_type must be one of these: +# if set, nova_virt_type must be one of these: nova_supported_virt_types: - qemu - kvm @@ -265,7 +274,7 @@ nova_nested_virt_enabled: False # Uwsgi settings nova_wsgi_processes_max: 16 -nova_wsgi_processes: "{{ [[ansible_facts['processor_vcpus']|default(1), 1] | max * 2, nova_wsgi_processes_max] | min }}" +nova_wsgi_processes: "{{ [[ansible_facts['processor_vcpus'] | default(1), 1] | max * 2, nova_wsgi_processes_max] | min }}" nova_wsgi_threads: 1 nova_uwsgi_tls: crt: "{{ nova_ssl_cert }}" @@ -355,7 +364,7 @@ nova_nfs_client: [] # Nova Ceph rbd # Enble and define nova_libvirt_images_rbd_pool to use rbd as nova backend -#nova_libvirt_images_rbd_pool: vms +# nova_libvirt_images_rbd_pool: vms nova_libvirt_images_rbd_pool: '' nova_ceph_client: "{{ cinder_ceph_client }}" @@ -382,14 +391,15 @@ nova_rbd_inuse: "{{ (nova_libvirt_images_rbd_pool | length > 0) or (nova_cinder_ ## Cap the maximun number of threads / workers when a user value is unspecified. nova_api_threads_max: 16 -nova_api_threads: "{{ [[(ansible_facts['processor_vcpus']//ansible_facts['processor_threads_per_core'])|default(1), 1] | max * 2, nova_api_threads_max] | min }}" +nova_api_threads: >- + {{ [[(ansible_facts['processor_vcpus'] // ansible_facts['processor_threads_per_core']) | default(1), 1] | max * 2, nova_api_threads_max] | min }} ## Policy vars # Provide a list of access controls to update the default policy.json with. These changes will be merged # with the access controls in the default policy.json. E.g. -#nova_policy_overrides: -# "compute:create": "" -# "compute:create:attach_network": "" +# nova_policy_overrides: +# "compute:create": "" +# "compute:create:attach_network": "" ## Resource provider vars # Optionally specify a set of resource providers that a particular compute node exposes @@ -586,7 +596,8 @@ nova_pki_setup_host: "{{ openstack_pki_setup_host | default('localhost') }}" nova_pki_keys_path: "{{ nova_pki_dir ~ '/certs/private/' }}" nova_pki_certs_path: "{{ nova_pki_dir ~ '/certs/certs/' }}" nova_pki_intermediate_cert_name: "{{ openstack_pki_service_intermediate_cert_name }}" -nova_pki_intermediate_chain_path: "{{ nova_pki_dir ~ '/roots/' ~ nova_pki_intermediate_cert_name ~ '/certs/' ~ nova_pki_intermediate_cert_name ~ '-chain.crt' }}" +nova_pki_intermediate_chain_path: >- + {{ nova_pki_dir ~ '/roots/' ~ nova_pki_intermediate_cert_name ~ '/certs/' ~ nova_pki_intermediate_cert_name ~ '-chain.crt' }} nova_pki_regen_cert: '' nova_pki_san: "{{ openstack_pki_san | default('DNS:' ~ ansible_facts['hostname'] ~ ',IP:' ~ management_address) }}" # Create client and server cert for compute hosts @@ -595,7 +606,11 @@ nova_pki_compute_certificates: - name: "nova_{{ ansible_facts['hostname'] }}" provider: ownca cn: "{{ ansible_facts['nodename'] }}" - san: "{{ 'DNS:' ~ ansible_facts['hostname'] ~ ',DNS:' ~ ansible_facts['nodename'] ~ ',IP:' ~ (nova_management_address == 'localhost') | ternary('127.0.0.1', nova_management_address) }}" + san: >- + {{ + 'DNS:' ~ ansible_facts['hostname'] ~ ',DNS:' ~ ansible_facts['nodename'] ~ ',IP:' ~ (nova_management_address == 'localhost') | ternary( + '127.0.0.1', nova_management_address) + }} signed_by: "{{ nova_pki_intermediate_cert_name }}" key_usage: - digitalSignature @@ -678,9 +693,9 @@ nova_pki_compute_install_certificates: # Define user-provided SSL certificates in: # /etc/openstack_deploy/user_variables.yml -#nova_user_ssl_cert: -#nova_user_ssl_key: -#nova_user_ssl_ca_cert: +# nova_user_ssl_cert: +# nova_user_ssl_key: +# nova_user_ssl_ca_cert: # TLS certficates for console hosts nova_pki_console_certificates: @@ -688,7 +703,11 @@ nova_pki_console_certificates: - name: "nova_{{ ansible_facts['hostname'] }}-client" provider: ownca cn: "{{ ansible_facts['nodename'] }}" - san: "{{ 'DNS:' ~ ansible_facts['hostname'] ~ ',DNS:' ~ ansible_facts['nodename'] ~ ',IP:' ~ (nova_management_address == 'localhost') | ternary('127.0.0.1', nova_management_address) }}" + san: >- + {{ + 'DNS:' ~ ansible_facts['hostname'] ~ ',DNS:' ~ ansible_facts['nodename'] ~ ',IP:' ~ (nova_management_address == 'localhost') | ternary( + '127.0.0.1', nova_management_address) + }} signed_by: "{{ nova_pki_intermediate_cert_name }}" key_usage: - digitalSignature @@ -720,12 +739,12 @@ nova_pki_console_install_certificates: condition: "{{ nova_qemu_vnc_tls == 1 and nova_console_type == 'novnc' }}" # host which holds the ssh certificate authority -nova_ssh_keypairs_setup_host: "{{ openstack_ssh_keypairs_setup_host | default('localhost') }}" +nova_ssh_keypairs_setup_host: "{{ openstack_ssh_keypairs_setup_host | default('localhost') }}" # directory on the deploy host to create and store SSH keypairs nova_ssh_keypairs_dir: "{{ openstack_ssh_keypairs_dir | default('/etc/openstack_deploy/ssh_keypairs') }}" -#Each compute host needs a signed ssh certificate to log into the others +# Each compute host needs a signed ssh certificate to log into the others nova_ssh_keypairs: - name: "nova-{{ inventory_hostname }}" cert: @@ -734,7 +753,7 @@ nova_ssh_keypairs: valid_from: "{{ nova_ssh_key_valid_from | default('always') }}" valid_to: "{{ nova_ssh_key_valid_to | default('forever') }}" -#Each compute host needs the signed ssh certificate installing to the nova user +# Each compute host needs the signed ssh certificate installing to the nova user nova_ssh_keypairs_install_keys: owner: "{{ nova_system_user_name }}" group: "{{ nova_system_group_name }}" @@ -742,10 +761,10 @@ nova_ssh_keypairs_install_keys: - cert: "nova-{{ inventory_hostname }}" dest: "{{ nova_system_home_folder }}/.ssh/id_rsa" -#Each compute host must trust the SSHD certificate authoritiy in the sshd configuration +# Each compute host must trust the SSHD certificate authoritiy in the sshd configuration nova_ssh_keypairs_install_ca: "{{ openstack_ssh_keypairs_authorities }}" -#Each compute host must allow SSH certificates with the appropriate principal to log into the nova user +# Each compute host must allow SSH certificates with the appropriate principal to log into the nova user nova_ssh_keypairs_principals: - user: "{{ nova_system_user_name }}" principals: "{{ nova_ssh_key_principals | default(['nova']) }}" diff --git a/meta/main.yml b/meta/main.yml index c1cbd95c..59f0cccc 100644 --- a/meta/main.yml +++ b/meta/main.yml @@ -18,19 +18,21 @@ galaxy_info: description: Installation and setup of nova company: Rackspace license: Apache2 - min_ansible_version: 2.4 + role_name: os_nova + namespace: openstack + min_ansible_version: "2.10" platforms: - name: Debian versions: - - buster + - bullseye - name: Ubuntu versions: - - bionic - focal + - jammy - name: EL versions: - - 8 - categories: + - "9" + galaxy_tags: - cloud - python - nova diff --git a/tasks/consoles/nova_console_novnc_install.yml b/tasks/consoles/nova_console_novnc_install.yml index fd19dbf9..56f39593 100644 --- a/tasks/consoles/nova_console_novnc_install.yml +++ b/tasks/consoles/nova_console_novnc_install.yml @@ -59,7 +59,8 @@ tags: - nova-novnc-git -- include_tasks: nova_console_novnc_ssl.yml +- name: Including nova_console_novnc_ssl tasks + include_tasks: nova_console_novnc_ssl.yml when: - nova_console_user_ssl_cert is defined - nova_console_user_ssl_key is defined diff --git a/tasks/consoles/nova_console_novnc_ssl.yml b/tasks/consoles/nova_console_novnc_ssl.yml index cc20513f..8fa12ad4 100644 --- a/tasks/consoles/nova_console_novnc_ssl.yml +++ b/tasks/consoles/nova_console_novnc_ssl.yml @@ -22,7 +22,7 @@ mode: "0755" - name: Prepare combined nova-console SSL and CA certs - command: cat {{ nova_console_user_ssl_cert }} {{ nova_console_user_ssl_ca_cert is defined | ternary(nova_console_user_ssl_ca_cert,'') }} + command: cat {{ nova_console_user_ssl_cert }} {{ nova_console_user_ssl_ca_cert is defined | ternary(nova_console_user_ssl_ca_cert, '') }} changed_when: false register: nova_console_user_ssl_combined tags: diff --git a/tasks/drivers/kvm/nova_compute_kvm.yml b/tasks/drivers/kvm/nova_compute_kvm.yml index cb663200..a401194a 100644 --- a/tasks/drivers/kvm/nova_compute_kvm.yml +++ b/tasks/drivers/kvm/nova_compute_kvm.yml @@ -13,7 +13,8 @@ # See the License for the specific language governing permissions and # limitations under the License. -- include_tasks: nova_compute_kvm_install.yml +- name: Including nova_compute_kvm_install tasks + include_tasks: nova_compute_kvm_install.yml args: apply: tags: @@ -27,7 +28,7 @@ dest: /etc/modprobe.d/kvm.conf owner: root group: root - mode: 0644 + mode: "0644" when: - nova_nested_virt_enabled | bool tags: @@ -70,7 +71,7 @@ dest: /etc/libvirt/libvirtd.conf owner: "root" group: "root" - mode: 0644 + mode: "0644" notify: Restart libvirt-bin tags: - nova-config @@ -125,7 +126,7 @@ - name: Set qemu-kvm KSM config (Ubuntu) lineinfile: dest: "/etc/default/qemu-kvm" - line: "KSM_ENABLED={{ nova_compute_ksm_enabled | ternary('1','0') }}" + line: "KSM_ENABLED={{ nova_compute_ksm_enabled | ternary('1', '0') }}" regexp: "^KSM_ENABLED=*" backup: yes when: @@ -136,7 +137,8 @@ - nova-kvm - nova-libvirt -- include_tasks: nova_disable_smt.yml +- name: Including nova_disable_smt tasks + include_tasks: nova_disable_smt.yml when: - ansible_facts['architecture'] == 'ppc64le' args: @@ -146,7 +148,8 @@ tags: - always -- include_tasks: nova_enable_ksm.yml +- name: Including nova_enable_ksm tasks + include_tasks: nova_enable_ksm.yml when: - nova_compute_ksm_enabled | bool args: @@ -156,7 +159,8 @@ tags: - always -- include_tasks: nova_compute_kvm_virsh_net_remove.yml +- name: Including nova_compute_kvm_virsh_net_remove tasks + include_tasks: nova_compute_kvm_virsh_net_remove.yml args: apply: tags: diff --git a/tasks/drivers/kvm/nova_compute_kvm_install.yml b/tasks/drivers/kvm/nova_compute_kvm_install.yml index 57607262..4b60fc7a 100644 --- a/tasks/drivers/kvm/nova_compute_kvm_install.yml +++ b/tasks/drivers/kvm/nova_compute_kvm_install.yml @@ -37,7 +37,7 @@ - _qemu_save_dir.stat.isdir | bool - name: Move the existing save directory to nova_libvirt_save_path - command: "mv /var/lib/libvirt/qemu/save {{ nova_libvirt_save_path }}" + command: "mv /var/lib/libvirt/qemu/save {{ nova_libvirt_save_path }}" # noqa: no-changed-when when: - _qemu_save_dir.stat.isdir is defined - _qemu_save_dir.stat.isdir | bool @@ -47,6 +47,7 @@ file: path: "{{ nova_libvirt_save_path }}" state: directory + mode: "0755" - name: Symlink qemu save dir to nova_libvirt_save_path file: diff --git a/tasks/drivers/kvm/nova_compute_kvm_virsh_net_remove.yml b/tasks/drivers/kvm/nova_compute_kvm_virsh_net_remove.yml index 3ab2330d..926803b7 100644 --- a/tasks/drivers/kvm/nova_compute_kvm_virsh_net_remove.yml +++ b/tasks/drivers/kvm/nova_compute_kvm_virsh_net_remove.yml @@ -18,11 +18,11 @@ changed_when: false register: default_net -- name: Disable libvirt default network +- name: Disable libvirt default network # noqa: no-changed-when command: "virsh net-autostart default --disable" failed_when: false when: default_net.stdout.find('default') != -1 -- name: Destroy libvirt default network +- name: Destroy libvirt default network # noqa: no-changed-when command: "virsh net-destroy default" when: default_net.stdout.find('default') != -1 diff --git a/tasks/drivers/kvm/nova_enable_ksm.yml b/tasks/drivers/kvm/nova_enable_ksm.yml index 3bebfc78..beb5b571 100644 --- a/tasks/drivers/kvm/nova_enable_ksm.yml +++ b/tasks/drivers/kvm/nova_enable_ksm.yml @@ -12,4 +12,3 @@ state: started when: - ansible_facts['pkg_mgr'] in ['dnf', 'apt'] - diff --git a/tasks/main.yml b/tasks/main.yml index 8878548f..c6731f0c 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -52,7 +52,8 @@ tags: - always -- include_role: +- name: Including osa.db_setup role + include_role: name: openstack.osa.db_setup apply: tags: @@ -81,7 +82,8 @@ tags: - always -- include_role: +- name: Including osa.mq_setup role + include_role: name: openstack.osa.mq_setup apply: tags: @@ -103,7 +105,8 @@ tags: - always -- include_tasks: nova_virt_detect.yml +- name: Including nova_virt_detect tasks + include_tasks: nova_virt_detect.yml args: apply: tags: @@ -113,19 +116,22 @@ tags: - always -- import_tasks: nova_mdev_detect.yml +- name: Importing nova_mdev_detect tasks + import_tasks: nova_mdev_detect.yml tags: - always -- import_tasks: nova_pre_install.yml +- name: Importing nova_pre_install tasks + import_tasks: nova_pre_install.yml tags: - nova-install -- import_tasks: nova_install.yml +- name: Importing nova_install tasks + import_tasks: nova_install.yml tags: - nova-install -- name: refresh local facts +- name: Refresh local facts setup: filter: ansible_local gather_subset: "!all" @@ -195,11 +201,13 @@ tags: - always -- import_tasks: nova_post_install.yml +- name: Including nova_post_install tasks + import_tasks: nova_post_install.yml tags: - nova-config -- include_role: +- name: Including osa.service_setup tasks + include_role: name: openstack.osa.service_setup apply: tags: @@ -235,7 +243,8 @@ tags: - always -- include_tasks: nova_db_setup.yml +- name: Including nova_db_setup tasks + include_tasks: nova_db_setup.yml args: apply: tags: @@ -266,10 +275,10 @@ systemd_tempd_prefix: openstack systemd_slice_name: "{{ nova_system_slice_name }}" systemd_lock_dir: "{{ nova_lock_dir }}" - systemd_CPUAccounting: true - systemd_BlockIOAccounting: true - systemd_MemoryAccounting: true - systemd_TasksAccounting: true + systemd_service_cpu_accounting: true + systemd_service_block_io_accounting: true + systemd_service_memory_accounting: true + systemd_service_tasks_accounting: true systemd_services: |- {% set services = [] %} {% for service in filtered_nova_services %} @@ -290,7 +299,8 @@ - nova-config - systemd-service -- include_tasks: nova_compute.yml +- name: Including nova_compute tasks + include_tasks: nova_compute.yml args: apply: tags: @@ -320,7 +330,8 @@ - name: Flush handlers meta: flush_handlers -- import_tasks: nova_compute_wait.yml +- name: Importing nova_compute_wait tasks + import_tasks: nova_compute_wait.yml when: - "nova_services['nova-compute']['group'] in group_names" - "nova_discover_hosts_in_cells_interval | int < 1" @@ -333,7 +344,8 @@ # because the compute hosts do not have access to # the database connection string and therefore # cannot run nova-manage. -- import_tasks: nova_db_post_setup.yml +- name: Importing nova_db_post_setup tasks + import_tasks: nova_db_post_setup.yml delegate_to: "{{ nova_conductor_setup_host }}" run_once: true when: diff --git a/tasks/nova_compute.yml b/tasks/nova_compute.yml index ece86af0..5d6f05e9 100644 --- a/tasks/nova_compute.yml +++ b/tasks/nova_compute.yml @@ -13,7 +13,8 @@ # See the License for the specific language governing permissions and # limitations under the License. -- include_tasks: "drivers/{{ nova_virt_type }}/nova_compute_{{ nova_virt_type }}.yml" +- name: Including nova_compute tasks for {{ nova_virt_type }} + include_tasks: "drivers/{{ nova_virt_type }}/nova_compute_{{ nova_virt_type }}.yml" args: apply: tags: @@ -50,12 +51,12 @@ tags: - nova-key vars: - ssh_keypairs_setup_host: "{{ nova_ssh_keypairs_setup_host }}" - ssh_keypairs_dir: "{{ nova_ssh_keypairs_dir }}" - ssh_keypairs: "{{ nova_ssh_keypairs }}" - ssh_keypairs_install_keys: "{{ nova_ssh_keypairs_install_keys }}" - ssh_keypairs_install_ca: "{{ nova_ssh_keypairs_install_ca }}" - ssh_keypairs_principals: "{{ nova_ssh_keypairs_principals }}" + ssh_keypairs_setup_host: "{{ nova_ssh_keypairs_setup_host }}" + ssh_keypairs_dir: "{{ nova_ssh_keypairs_dir }}" + ssh_keypairs: "{{ nova_ssh_keypairs }}" + ssh_keypairs_install_keys: "{{ nova_ssh_keypairs_install_keys }}" + ssh_keypairs_install_ca: "{{ nova_ssh_keypairs_install_ca }}" + ssh_keypairs_principals: "{{ nova_ssh_keypairs_principals }}" tags: - always diff --git a/tasks/nova_db_post_setup.yml b/tasks/nova_db_post_setup.yml index 406b50da..097c49d1 100644 --- a/tasks/nova_db_post_setup.yml +++ b/tasks/nova_db_post_setup.yml @@ -20,7 +20,9 @@ # This needs to be done after Compute hosts are added. - name: Perform a cell_v2 discover - command: "{{ _db_nova_bin }}/nova-manage cell_v2 discover_hosts{{ (debug | bool) | ternary(' --verbose', '') }}{{ (nova_virt_type == 'ironic') | ternary(' --by-service', '') }}" + command: >- + {{ _db_nova_bin }}/nova-manage cell_v2 discover_hosts{{ (debug | bool) | ternary(' --verbose', '') }}{{ + (nova_virt_type == 'ironic') | ternary(' --by-service', '') }} become: yes become_user: "{{ _db_nova_system_user_name }}" changed_when: false @@ -35,6 +37,7 @@ command: "{{ _db_nova_bin }}/nova-manage db online_data_migrations" become: yes become_user: "{{ _db_nova_system_user_name }}" + changed_when: false when: - hostvars[nova_conductor_setup_host]['ansible_local']['openstack_ansible']['nova']['need_online_data_migrations'] | bool retries: 5 @@ -49,6 +52,7 @@ section: nova option: need_online_data_migrations value: False + mode: "0644" with_items: "{{ groups[nova_services['nova-conductor']['group']] }}" when: - data_migrations is not skipped @@ -67,7 +71,7 @@ systemd_services: - service_name: "nova-archive-deleted" execstarts: - - /bin/sh -c "{{ _db_nova_bin }}/nova-manage db archive_deleted_rows --until-complete --all-cells --before \"$(date -d '{{ nova_archive_deleted_before }}' +'%%Y-%%m-%%d %%H:%%M')\" {{ (nova_archive_deleted_purge) | ternary('--purge', '') }} {{ (nova_archive_task_log) | ternary('--task-log', '') }}" + - /bin/sh -c "{{ _db_nova_bin }}/nova-manage db archive_deleted_rows --until-complete --all-cells --before \"$(date -d '{{ nova_archive_deleted_before }}' +'%%Y-%%m-%%d %%H:%%M')\" {{ (nova_archive_deleted_purge) | ternary('--purge', '') }} {{ (nova_archive_task_log) | ternary('--task-log', '') }}" # noqa: yaml[line-length] environment: UMASK: '0640' UMASK_DIR: '0750' @@ -84,7 +88,7 @@ Unit: "nova-archive-deleted.service" - service_name: "nova-purge-deleted" execstarts: - - /bin/sh -c "{{ _db_nova_bin }}/nova-manage db purge --until-complete --all-cells --before \"$(date -d '{{ nova_purge_deleted_before }}' +'%%Y-%%m-%%d %%H:%%M')\"" + - /bin/sh -c "{{ _db_nova_bin }}/nova-manage db purge --until-complete --all-cells --before \"$(date -d '{{ nova_purge_deleted_before }}' +'%%Y-%%m-%%d %%H:%%M')\"" # noqa: yaml[line-length] environment: UMASK: '0640' UMASK_DIR: '0750' diff --git a/tasks/nova_db_setup.yml b/tasks/nova_db_setup.yml index 6b0712e1..21331b76 100644 --- a/tasks/nova_db_setup.yml +++ b/tasks/nova_db_setup.yml @@ -24,7 +24,8 @@ - name: Create the cell0 mapping entry in the nova API DB command: >- {{ nova_bin }}/nova-manage cell_v2 map_cell0 - --database_connection mysql+pymysql://{{ nova_api_galera_user }}:{{ nova_api_container_mysql_password }}@{{ nova_api_galera_address }}/{{ nova_cell0_database }}?charset=utf8{% if nova_galera_use_ssl | bool %}&ssl_ca={{ nova_galera_ssl_ca_cert }}{% endif %} + --database_connection mysql+pymysql://{{ nova_api_galera_user }}:{{ nova_api_container_mysql_password }}@{{ nova_api_galera_address }}/{{ + nova_cell0_database }}?charset=utf8{% if nova_galera_use_ssl | bool %}&ssl_ca={{ nova_galera_ssl_ca_cert }}{% endif %} become: yes become_user: "{{ nova_system_user_name }}" changed_when: false diff --git a/tasks/nova_install.yml b/tasks/nova_install.yml index be692cf6..60a40c4a 100644 --- a/tasks/nova_install.yml +++ b/tasks/nova_install.yml @@ -19,6 +19,7 @@ section: "nova" option: "install_method" value: "{{ nova_install_method }}" + mode: "0644" - name: Refresh local facts to ensure the nova section is present setup: @@ -59,7 +60,8 @@ venv_build_distro_package_list: "{{ nova_devel_distro_packages }}" venv_install_destination_path: "{{ nova_bin | dirname }}" venv_pip_install_args: "{{ nova_pip_install_args }}" - venv_packages_to_symlink: "{{ (nova_services['nova-compute']['group'] in group_names and nova_virt_type != 'ironic') | ternary(nova_compute_kvm_packages_to_symlink, []) }}" + venv_packages_to_symlink: >- + {{ (nova_services['nova-compute']['group'] in group_names and nova_virt_type != 'ironic') | ternary(nova_compute_kvm_packages_to_symlink, []) }} venv_pip_packages: "{{ nova_venv_packages }}" venv_facts_when_changed: - section: "nova" @@ -73,7 +75,8 @@ value: "{{ nova_venv_tag }}" when: nova_install_method == 'source' -- include_tasks: "consoles/nova_console_{{ nova_console_type }}_install.yml" +- name: Including nova_console tasks + include_tasks: "consoles/nova_console_{{ nova_console_type }}_install.yml" when: - "nova_services['nova-novncproxy']['group'] in group_names or nova_services['nova-spicehtml5proxy']['group'] in group_names or @@ -144,6 +147,7 @@ section: nova option: venv_tag value: "{{ nova_venv_tag }}" + mode: "0644" - name: Initialise the upgrade facts ini_file: @@ -151,6 +155,7 @@ section: nova option: "{{ item.name }}" value: "{{ item.state }}" + mode: "0644" with_items: - name: "need_service_restart" state: "True" diff --git a/tasks/nova_mdev_detect.yml b/tasks/nova_mdev_detect.yml index 80579ec3..ebeb9379 100644 --- a/tasks/nova_mdev_detect.yml +++ b/tasks/nova_mdev_detect.yml @@ -14,12 +14,14 @@ # limitations under the License. - name: Check if the mdev folder exist - stat: path=/sys/class/mdev_bus + stat: + path: /sys/class/mdev_bus register: mdev_folder - name: Get mdev info content and store as var command: "/bin/sh -c 'ls -1 /sys/class/mdev_bus/*/mdev_supported_types'" register: mdev + changed_when: false when: mdev_folder.stat.exists - name: Register a fact for nova enabled_mdev_types diff --git a/tasks/nova_post_install.yml b/tasks/nova_post_install.yml index 211d344a..665dd27f 100644 --- a/tasks/nova_post_install.yml +++ b/tasks/nova_post_install.yml @@ -17,7 +17,8 @@ # dynamically loading facts from the nova_virt_types based on the # nova_virt_type setting. - name: Set nova config facts - set_fact: '{{ item.key }}="{{ item.value }}"' + set_fact: + "{{ item.key }}": "{{ item.value }}" # noqa: var-naming[no-jinja] with_dict: "{{ nova_virt_types[nova_virt_type] }}" when: - item.key not in hostvars[inventory_hostname] or item.key is undefined @@ -31,8 +32,8 @@ file: path: "{{ item.path | default(omit) }}" state: "directory" - owner: "{{ item.owner|default(nova_system_user_name) }}" - group: "{{ item.group|default(nova_system_group_name) }}" + owner: "{{ item.owner | default(nova_system_user_name) }}" + group: "{{ item.group | default(nova_system_group_name) }}" mode: "{{ item.mode | default(omit) }}" with_items: - path: "/etc/nova/rootwrap.d" @@ -45,6 +46,7 @@ dest: "/etc/nova/rootwrap.d/" owner: "root" group: "root" + mode: "0644" with_fileglob: - rootwrap.d/* notify: @@ -59,7 +61,7 @@ src: "{{ item.src }}" dest: "{{ item.dest }}" owner: "root" - group: "{{ item.group|default(nova_system_group_name) }}" + group: "{{ item.group | default(nova_system_group_name) }}" mode: "0640" config_overrides: "{{ item.config_overrides }}" config_type: "{{ item.config_type }}" @@ -99,7 +101,7 @@ dest: "/etc/nova/provider_config/{{ item.name }}.yaml" owner: "root" group: "{{ nova_system_group_name }}" - mode: 0640 + mode: "0640" config_type: yaml with_items: - "{{ nova_provider_overrides }}" diff --git a/tasks/nova_pre_install.yml b/tasks/nova_pre_install.yml index 9fea883e..f7dce3c4 100644 --- a/tasks/nova_pre_install.yml +++ b/tasks/nova_pre_install.yml @@ -13,10 +13,10 @@ # See the License for the specific language governing permissions and # limitations under the License. -- name: create the system group +- name: Create the system group group: name: "{{ nova_system_group_name }}" - gid: "{{ nova_system_group_gid|default(omit) }}" + gid: "{{ nova_system_group_gid | default(omit) }}" state: "present" system: "yes" tags: @@ -25,7 +25,7 @@ - name: Create the nova system user user: name: "{{ nova_system_user_name }}" - uid: "{{ nova_system_user_uid|default(omit) }}" + uid: "{{ nova_system_user_uid | default(omit) }}" group: "{{ nova_system_group_name }}" comment: "{{ nova_system_comment }}" shell: "{{ nova_system_shell }}" @@ -72,8 +72,8 @@ path: "{{ item.path }}" src: "{{ item.src | default(omit) }}" state: "{{ item.state | default('directory') }}" - owner: "{{ item.owner|default(nova_system_user_name) }}" - group: "{{ item.group|default(nova_system_group_name) }}" + owner: "{{ item.owner | default(nova_system_user_name) }}" + group: "{{ item.group | default(nova_system_group_name) }}" mode: "{{ item.mode | default('0755') }}" force: "{{ item.force | default(omit) }}" when: diff --git a/tasks/nova_virt_detect.yml b/tasks/nova_virt_detect.yml index 96362cb9..45e8c12e 100644 --- a/tasks/nova_virt_detect.yml +++ b/tasks/nova_virt_detect.yml @@ -40,4 +40,4 @@ set_fact: nova_virt_type: "qemu" when: - - nova_virt_type is not defined \ No newline at end of file + - nova_virt_type is not defined diff --git a/vars/main.yml b/vars/main.yml index 7ec1ded0..617a07a3 100644 --- a/vars/main.yml +++ b/vars/main.yml @@ -13,7 +13,11 @@ # See the License for the specific language governing permissions and # limitations under the License. -_nova_is_first_play_host: "{{ (nova_services['nova-conductor']['group'] in group_names and inventory_hostname == (groups[nova_services['nova-conductor']['group']] | intersect(ansible_play_hosts)) | first) | bool }}" +_nova_is_first_play_host: >- + {{ + (nova_services['nova-conductor']['group'] in group_names and + inventory_hostname == (groups[nova_services['nova-conductor']['group']] | intersect(ansible_play_hosts)) | first) | bool + }} nova_venv_packages: |- {%- set pkg_list = nova_pip_packages | union(nova_user_pip_packages) %} @@ -106,7 +110,7 @@ nova_core_files: _nova_scheduler_filters: |- {% set default_filters = nova_scheduler_default_filters %} {% if default_filters is not iterable and default_filters is string %} - {% set filters = default_filters.split(',') %} + {% set filters = default_filters.split(',') %} {% else %} {% set filters = default_filters %} {% endif %}