From 9b9bc21121d55f9d433a9c97198ca2af34815d09 Mon Sep 17 00:00:00 2001 From: Dmitriy Rabotyagov Date: Mon, 17 Jul 2023 16:17:30 +0200 Subject: [PATCH] Fix linters and metadata With update of ansible-lint to version >=6.0.0 a lot of new linters were added, that enabled by default. In order to comply with linter rules we're applying changes to the role. With that we also update metdata to reflect current state. Depends-On: https://review.opendev.org/c/openstack/ansible-role-systemd_service/+/888223 Change-Id: I730ae569f199fc8542a5a61beb149f459465d7e2 --- defaults/main.yml | 63 ++++++++++++------- meta/main.yml | 12 ++-- tasks/consoles/nova_console_novnc_install.yml | 3 +- tasks/consoles/nova_console_novnc_ssl.yml | 2 +- tasks/drivers/kvm/nova_compute_kvm.yml | 18 +++--- .../drivers/kvm/nova_compute_kvm_install.yml | 3 +- .../kvm/nova_compute_kvm_virsh_net_remove.yml | 4 +- tasks/drivers/kvm/nova_enable_ksm.yml | 1 - tasks/main.yml | 46 +++++++++----- tasks/nova_compute.yml | 15 ++--- tasks/nova_db_post_setup.yml | 10 ++- tasks/nova_db_setup.yml | 3 +- tasks/nova_install.yml | 9 ++- tasks/nova_mdev_detect.yml | 4 +- tasks/nova_post_install.yml | 12 ++-- tasks/nova_pre_install.yml | 10 +-- tasks/nova_virt_detect.yml | 2 +- vars/main.yml | 8 ++- 18 files changed, 141 insertions(+), 84 deletions(-) diff --git a/defaults/main.yml b/defaults/main.yml index f7596a30..9ad6877b 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -37,7 +37,11 @@ debug: False # for the service setup. The host must already have # clouds.yaml properly configured. nova_service_setup_host: "{{ openstack_service_setup_host | default('localhost') }}" -nova_service_setup_host_python_interpreter: "{{ openstack_service_setup_host_python_interpreter | default((nova_service_setup_host == 'localhost') | ternary(ansible_playbook_python, ansible_facts['python']['executable'])) }}" +nova_service_setup_host_python_interpreter: >- + {{ + openstack_service_setup_host_python_interpreter | default( + (nova_service_setup_host == 'localhost') | ternary(ansible_playbook_python, ansible_facts['python']['executable'])) + }} # Set the host which will run compute initialization tasks such as checking # for a compute node to be up and running cell discovery. @@ -54,7 +58,8 @@ nova_venv_python_executable: "{{ openstack_venv_python_executable | default('pyt nova_git_repo: https://opendev.org/openstack/nova nova_git_install_branch: master -nova_upper_constraints_url: "{{ requirements_git_url | default('https://releases.openstack.org/constraints/upper/' ~ requirements_git_install_branch | default('master')) }}" +nova_upper_constraints_url: >- + {{ requirements_git_url | default('https://releases.openstack.org/constraints/upper/' ~ requirements_git_install_branch | default('master')) }} nova_git_constraints: - "--constraint {{ nova_upper_constraints_url }}" nova_pip_install_args: "{{ pip_install_options | default('') }}" @@ -90,7 +95,11 @@ nova_management_address: "127.0.0.1" ## Database info nova_db_setup_host: "{{ openstack_db_setup_host | default('localhost') }}" -nova_db_setup_python_interpreter: "{{ openstack_db_setup_python_interpreter | default((nova_db_setup_host == 'localhost') | ternary(ansible_playbook_python, ansible_facts['python']['executable'])) }}" +nova_db_setup_python_interpreter: >- + {{ + openstack_db_setup_python_interpreter | default( + (nova_db_setup_host == 'localhost') | ternary(ansible_playbook_python, ansible_facts['python']['executable'])) + }} nova_galera_address: "{{ galera_address | default('127.0.0.1') }}" nova_galera_user: nova nova_galera_database: nova @@ -176,12 +185,12 @@ nova_virt_types: # If this is not set, then the playbook will try to guess it. -#nova_virt_type: kvm +# nova_virt_type: kvm # Enable Kernel Shared Memory (KSM) nova_compute_ksm_enabled: False -#if set, nova_virt_type must be one of these: +# if set, nova_virt_type must be one of these: nova_supported_virt_types: - qemu - kvm @@ -265,7 +274,7 @@ nova_nested_virt_enabled: False # Uwsgi settings nova_wsgi_processes_max: 16 -nova_wsgi_processes: "{{ [[ansible_facts['processor_vcpus']|default(1), 1] | max * 2, nova_wsgi_processes_max] | min }}" +nova_wsgi_processes: "{{ [[ansible_facts['processor_vcpus'] | default(1), 1] | max * 2, nova_wsgi_processes_max] | min }}" nova_wsgi_threads: 1 nova_uwsgi_tls: crt: "{{ nova_ssl_cert }}" @@ -355,7 +364,7 @@ nova_nfs_client: [] # Nova Ceph rbd # Enble and define nova_libvirt_images_rbd_pool to use rbd as nova backend -#nova_libvirt_images_rbd_pool: vms +# nova_libvirt_images_rbd_pool: vms nova_libvirt_images_rbd_pool: '' nova_ceph_client: "{{ cinder_ceph_client }}" @@ -382,14 +391,15 @@ nova_rbd_inuse: "{{ (nova_libvirt_images_rbd_pool | length > 0) or (nova_cinder_ ## Cap the maximun number of threads / workers when a user value is unspecified. nova_api_threads_max: 16 -nova_api_threads: "{{ [[(ansible_facts['processor_vcpus']//ansible_facts['processor_threads_per_core'])|default(1), 1] | max * 2, nova_api_threads_max] | min }}" +nova_api_threads: >- + {{ [[(ansible_facts['processor_vcpus'] // ansible_facts['processor_threads_per_core']) | default(1), 1] | max * 2, nova_api_threads_max] | min }} ## Policy vars # Provide a list of access controls to update the default policy.json with. These changes will be merged # with the access controls in the default policy.json. E.g. -#nova_policy_overrides: -# "compute:create": "" -# "compute:create:attach_network": "" +# nova_policy_overrides: +# "compute:create": "" +# "compute:create:attach_network": "" ## Resource provider vars # Optionally specify a set of resource providers that a particular compute node exposes @@ -586,7 +596,8 @@ nova_pki_setup_host: "{{ openstack_pki_setup_host | default('localhost') }}" nova_pki_keys_path: "{{ nova_pki_dir ~ '/certs/private/' }}" nova_pki_certs_path: "{{ nova_pki_dir ~ '/certs/certs/' }}" nova_pki_intermediate_cert_name: "{{ openstack_pki_service_intermediate_cert_name }}" -nova_pki_intermediate_chain_path: "{{ nova_pki_dir ~ '/roots/' ~ nova_pki_intermediate_cert_name ~ '/certs/' ~ nova_pki_intermediate_cert_name ~ '-chain.crt' }}" +nova_pki_intermediate_chain_path: >- + {{ nova_pki_dir ~ '/roots/' ~ nova_pki_intermediate_cert_name ~ '/certs/' ~ nova_pki_intermediate_cert_name ~ '-chain.crt' }} nova_pki_regen_cert: '' nova_pki_san: "{{ openstack_pki_san | default('DNS:' ~ ansible_facts['hostname'] ~ ',IP:' ~ management_address) }}" # Create client and server cert for compute hosts @@ -595,7 +606,11 @@ nova_pki_compute_certificates: - name: "nova_{{ ansible_facts['hostname'] }}" provider: ownca cn: "{{ ansible_facts['nodename'] }}" - san: "{{ 'DNS:' ~ ansible_facts['hostname'] ~ ',DNS:' ~ ansible_facts['nodename'] ~ ',IP:' ~ (nova_management_address == 'localhost') | ternary('127.0.0.1', nova_management_address) }}" + san: >- + {{ + 'DNS:' ~ ansible_facts['hostname'] ~ ',DNS:' ~ ansible_facts['nodename'] ~ ',IP:' ~ (nova_management_address == 'localhost') | ternary( + '127.0.0.1', nova_management_address) + }} signed_by: "{{ nova_pki_intermediate_cert_name }}" key_usage: - digitalSignature @@ -678,9 +693,9 @@ nova_pki_compute_install_certificates: # Define user-provided SSL certificates in: # /etc/openstack_deploy/user_variables.yml -#nova_user_ssl_cert: -#nova_user_ssl_key: -#nova_user_ssl_ca_cert: +# nova_user_ssl_cert: +# nova_user_ssl_key: +# nova_user_ssl_ca_cert: # TLS certficates for console hosts nova_pki_console_certificates: @@ -688,7 +703,11 @@ nova_pki_console_certificates: - name: "nova_{{ ansible_facts['hostname'] }}-client" provider: ownca cn: "{{ ansible_facts['nodename'] }}" - san: "{{ 'DNS:' ~ ansible_facts['hostname'] ~ ',DNS:' ~ ansible_facts['nodename'] ~ ',IP:' ~ (nova_management_address == 'localhost') | ternary('127.0.0.1', nova_management_address) }}" + san: >- + {{ + 'DNS:' ~ ansible_facts['hostname'] ~ ',DNS:' ~ ansible_facts['nodename'] ~ ',IP:' ~ (nova_management_address == 'localhost') | ternary( + '127.0.0.1', nova_management_address) + }} signed_by: "{{ nova_pki_intermediate_cert_name }}" key_usage: - digitalSignature @@ -720,12 +739,12 @@ nova_pki_console_install_certificates: condition: "{{ nova_qemu_vnc_tls == 1 and nova_console_type == 'novnc' }}" # host which holds the ssh certificate authority -nova_ssh_keypairs_setup_host: "{{ openstack_ssh_keypairs_setup_host | default('localhost') }}" +nova_ssh_keypairs_setup_host: "{{ openstack_ssh_keypairs_setup_host | default('localhost') }}" # directory on the deploy host to create and store SSH keypairs nova_ssh_keypairs_dir: "{{ openstack_ssh_keypairs_dir | default('/etc/openstack_deploy/ssh_keypairs') }}" -#Each compute host needs a signed ssh certificate to log into the others +# Each compute host needs a signed ssh certificate to log into the others nova_ssh_keypairs: - name: "nova-{{ inventory_hostname }}" cert: @@ -734,7 +753,7 @@ nova_ssh_keypairs: valid_from: "{{ nova_ssh_key_valid_from | default('always') }}" valid_to: "{{ nova_ssh_key_valid_to | default('forever') }}" -#Each compute host needs the signed ssh certificate installing to the nova user +# Each compute host needs the signed ssh certificate installing to the nova user nova_ssh_keypairs_install_keys: owner: "{{ nova_system_user_name }}" group: "{{ nova_system_group_name }}" @@ -742,10 +761,10 @@ nova_ssh_keypairs_install_keys: - cert: "nova-{{ inventory_hostname }}" dest: "{{ nova_system_home_folder }}/.ssh/id_rsa" -#Each compute host must trust the SSHD certificate authoritiy in the sshd configuration +# Each compute host must trust the SSHD certificate authoritiy in the sshd configuration nova_ssh_keypairs_install_ca: "{{ openstack_ssh_keypairs_authorities }}" -#Each compute host must allow SSH certificates with the appropriate principal to log into the nova user +# Each compute host must allow SSH certificates with the appropriate principal to log into the nova user nova_ssh_keypairs_principals: - user: "{{ nova_system_user_name }}" principals: "{{ nova_ssh_key_principals | default(['nova']) }}" diff --git a/meta/main.yml b/meta/main.yml index c1cbd95c..59f0cccc 100644 --- a/meta/main.yml +++ b/meta/main.yml @@ -18,19 +18,21 @@ galaxy_info: description: Installation and setup of nova company: Rackspace license: Apache2 - min_ansible_version: 2.4 + role_name: os_nova + namespace: openstack + min_ansible_version: "2.10" platforms: - name: Debian versions: - - buster + - bullseye - name: Ubuntu versions: - - bionic - focal + - jammy - name: EL versions: - - 8 - categories: + - "9" + galaxy_tags: - cloud - python - nova diff --git a/tasks/consoles/nova_console_novnc_install.yml b/tasks/consoles/nova_console_novnc_install.yml index fd19dbf9..56f39593 100644 --- a/tasks/consoles/nova_console_novnc_install.yml +++ b/tasks/consoles/nova_console_novnc_install.yml @@ -59,7 +59,8 @@ tags: - nova-novnc-git -- include_tasks: nova_console_novnc_ssl.yml +- name: Including nova_console_novnc_ssl tasks + include_tasks: nova_console_novnc_ssl.yml when: - nova_console_user_ssl_cert is defined - nova_console_user_ssl_key is defined diff --git a/tasks/consoles/nova_console_novnc_ssl.yml b/tasks/consoles/nova_console_novnc_ssl.yml index cc20513f..8fa12ad4 100644 --- a/tasks/consoles/nova_console_novnc_ssl.yml +++ b/tasks/consoles/nova_console_novnc_ssl.yml @@ -22,7 +22,7 @@ mode: "0755" - name: Prepare combined nova-console SSL and CA certs - command: cat {{ nova_console_user_ssl_cert }} {{ nova_console_user_ssl_ca_cert is defined | ternary(nova_console_user_ssl_ca_cert,'') }} + command: cat {{ nova_console_user_ssl_cert }} {{ nova_console_user_ssl_ca_cert is defined | ternary(nova_console_user_ssl_ca_cert, '') }} changed_when: false register: nova_console_user_ssl_combined tags: diff --git a/tasks/drivers/kvm/nova_compute_kvm.yml b/tasks/drivers/kvm/nova_compute_kvm.yml index cb663200..a401194a 100644 --- a/tasks/drivers/kvm/nova_compute_kvm.yml +++ b/tasks/drivers/kvm/nova_compute_kvm.yml @@ -13,7 +13,8 @@ # See the License for the specific language governing permissions and # limitations under the License. -- include_tasks: nova_compute_kvm_install.yml +- name: Including nova_compute_kvm_install tasks + include_tasks: nova_compute_kvm_install.yml args: apply: tags: @@ -27,7 +28,7 @@ dest: /etc/modprobe.d/kvm.conf owner: root group: root - mode: 0644 + mode: "0644" when: - nova_nested_virt_enabled | bool tags: @@ -70,7 +71,7 @@ dest: /etc/libvirt/libvirtd.conf owner: "root" group: "root" - mode: 0644 + mode: "0644" notify: Restart libvirt-bin tags: - nova-config @@ -125,7 +126,7 @@ - name: Set qemu-kvm KSM config (Ubuntu) lineinfile: dest: "/etc/default/qemu-kvm" - line: "KSM_ENABLED={{ nova_compute_ksm_enabled | ternary('1','0') }}" + line: "KSM_ENABLED={{ nova_compute_ksm_enabled | ternary('1', '0') }}" regexp: "^KSM_ENABLED=*" backup: yes when: @@ -136,7 +137,8 @@ - nova-kvm - nova-libvirt -- include_tasks: nova_disable_smt.yml +- name: Including nova_disable_smt tasks + include_tasks: nova_disable_smt.yml when: - ansible_facts['architecture'] == 'ppc64le' args: @@ -146,7 +148,8 @@ tags: - always -- include_tasks: nova_enable_ksm.yml +- name: Including nova_enable_ksm tasks + include_tasks: nova_enable_ksm.yml when: - nova_compute_ksm_enabled | bool args: @@ -156,7 +159,8 @@ tags: - always -- include_tasks: nova_compute_kvm_virsh_net_remove.yml +- name: Including nova_compute_kvm_virsh_net_remove tasks + include_tasks: nova_compute_kvm_virsh_net_remove.yml args: apply: tags: diff --git a/tasks/drivers/kvm/nova_compute_kvm_install.yml b/tasks/drivers/kvm/nova_compute_kvm_install.yml index 57607262..4b60fc7a 100644 --- a/tasks/drivers/kvm/nova_compute_kvm_install.yml +++ b/tasks/drivers/kvm/nova_compute_kvm_install.yml @@ -37,7 +37,7 @@ - _qemu_save_dir.stat.isdir | bool - name: Move the existing save directory to nova_libvirt_save_path - command: "mv /var/lib/libvirt/qemu/save {{ nova_libvirt_save_path }}" + command: "mv /var/lib/libvirt/qemu/save {{ nova_libvirt_save_path }}" # noqa: no-changed-when when: - _qemu_save_dir.stat.isdir is defined - _qemu_save_dir.stat.isdir | bool @@ -47,6 +47,7 @@ file: path: "{{ nova_libvirt_save_path }}" state: directory + mode: "0755" - name: Symlink qemu save dir to nova_libvirt_save_path file: diff --git a/tasks/drivers/kvm/nova_compute_kvm_virsh_net_remove.yml b/tasks/drivers/kvm/nova_compute_kvm_virsh_net_remove.yml index 3ab2330d..926803b7 100644 --- a/tasks/drivers/kvm/nova_compute_kvm_virsh_net_remove.yml +++ b/tasks/drivers/kvm/nova_compute_kvm_virsh_net_remove.yml @@ -18,11 +18,11 @@ changed_when: false register: default_net -- name: Disable libvirt default network +- name: Disable libvirt default network # noqa: no-changed-when command: "virsh net-autostart default --disable" failed_when: false when: default_net.stdout.find('default') != -1 -- name: Destroy libvirt default network +- name: Destroy libvirt default network # noqa: no-changed-when command: "virsh net-destroy default" when: default_net.stdout.find('default') != -1 diff --git a/tasks/drivers/kvm/nova_enable_ksm.yml b/tasks/drivers/kvm/nova_enable_ksm.yml index 3bebfc78..beb5b571 100644 --- a/tasks/drivers/kvm/nova_enable_ksm.yml +++ b/tasks/drivers/kvm/nova_enable_ksm.yml @@ -12,4 +12,3 @@ state: started when: - ansible_facts['pkg_mgr'] in ['dnf', 'apt'] - diff --git a/tasks/main.yml b/tasks/main.yml index 8878548f..c6731f0c 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -52,7 +52,8 @@ tags: - always -- include_role: +- name: Including osa.db_setup role + include_role: name: openstack.osa.db_setup apply: tags: @@ -81,7 +82,8 @@ tags: - always -- include_role: +- name: Including osa.mq_setup role + include_role: name: openstack.osa.mq_setup apply: tags: @@ -103,7 +105,8 @@ tags: - always -- include_tasks: nova_virt_detect.yml +- name: Including nova_virt_detect tasks + include_tasks: nova_virt_detect.yml args: apply: tags: @@ -113,19 +116,22 @@ tags: - always -- import_tasks: nova_mdev_detect.yml +- name: Importing nova_mdev_detect tasks + import_tasks: nova_mdev_detect.yml tags: - always -- import_tasks: nova_pre_install.yml +- name: Importing nova_pre_install tasks + import_tasks: nova_pre_install.yml tags: - nova-install -- import_tasks: nova_install.yml +- name: Importing nova_install tasks + import_tasks: nova_install.yml tags: - nova-install -- name: refresh local facts +- name: Refresh local facts setup: filter: ansible_local gather_subset: "!all" @@ -195,11 +201,13 @@ tags: - always -- import_tasks: nova_post_install.yml +- name: Including nova_post_install tasks + import_tasks: nova_post_install.yml tags: - nova-config -- include_role: +- name: Including osa.service_setup tasks + include_role: name: openstack.osa.service_setup apply: tags: @@ -235,7 +243,8 @@ tags: - always -- include_tasks: nova_db_setup.yml +- name: Including nova_db_setup tasks + include_tasks: nova_db_setup.yml args: apply: tags: @@ -266,10 +275,10 @@ systemd_tempd_prefix: openstack systemd_slice_name: "{{ nova_system_slice_name }}" systemd_lock_dir: "{{ nova_lock_dir }}" - systemd_CPUAccounting: true - systemd_BlockIOAccounting: true - systemd_MemoryAccounting: true - systemd_TasksAccounting: true + systemd_service_cpu_accounting: true + systemd_service_block_io_accounting: true + systemd_service_memory_accounting: true + systemd_service_tasks_accounting: true systemd_services: |- {% set services = [] %} {% for service in filtered_nova_services %} @@ -290,7 +299,8 @@ - nova-config - systemd-service -- include_tasks: nova_compute.yml +- name: Including nova_compute tasks + include_tasks: nova_compute.yml args: apply: tags: @@ -320,7 +330,8 @@ - name: Flush handlers meta: flush_handlers -- import_tasks: nova_compute_wait.yml +- name: Importing nova_compute_wait tasks + import_tasks: nova_compute_wait.yml when: - "nova_services['nova-compute']['group'] in group_names" - "nova_discover_hosts_in_cells_interval | int < 1" @@ -333,7 +344,8 @@ # because the compute hosts do not have access to # the database connection string and therefore # cannot run nova-manage. -- import_tasks: nova_db_post_setup.yml +- name: Importing nova_db_post_setup tasks + import_tasks: nova_db_post_setup.yml delegate_to: "{{ nova_conductor_setup_host }}" run_once: true when: diff --git a/tasks/nova_compute.yml b/tasks/nova_compute.yml index ece86af0..5d6f05e9 100644 --- a/tasks/nova_compute.yml +++ b/tasks/nova_compute.yml @@ -13,7 +13,8 @@ # See the License for the specific language governing permissions and # limitations under the License. -- include_tasks: "drivers/{{ nova_virt_type }}/nova_compute_{{ nova_virt_type }}.yml" +- name: Including nova_compute tasks for {{ nova_virt_type }} + include_tasks: "drivers/{{ nova_virt_type }}/nova_compute_{{ nova_virt_type }}.yml" args: apply: tags: @@ -50,12 +51,12 @@ tags: - nova-key vars: - ssh_keypairs_setup_host: "{{ nova_ssh_keypairs_setup_host }}" - ssh_keypairs_dir: "{{ nova_ssh_keypairs_dir }}" - ssh_keypairs: "{{ nova_ssh_keypairs }}" - ssh_keypairs_install_keys: "{{ nova_ssh_keypairs_install_keys }}" - ssh_keypairs_install_ca: "{{ nova_ssh_keypairs_install_ca }}" - ssh_keypairs_principals: "{{ nova_ssh_keypairs_principals }}" + ssh_keypairs_setup_host: "{{ nova_ssh_keypairs_setup_host }}" + ssh_keypairs_dir: "{{ nova_ssh_keypairs_dir }}" + ssh_keypairs: "{{ nova_ssh_keypairs }}" + ssh_keypairs_install_keys: "{{ nova_ssh_keypairs_install_keys }}" + ssh_keypairs_install_ca: "{{ nova_ssh_keypairs_install_ca }}" + ssh_keypairs_principals: "{{ nova_ssh_keypairs_principals }}" tags: - always diff --git a/tasks/nova_db_post_setup.yml b/tasks/nova_db_post_setup.yml index 406b50da..097c49d1 100644 --- a/tasks/nova_db_post_setup.yml +++ b/tasks/nova_db_post_setup.yml @@ -20,7 +20,9 @@ # This needs to be done after Compute hosts are added. - name: Perform a cell_v2 discover - command: "{{ _db_nova_bin }}/nova-manage cell_v2 discover_hosts{{ (debug | bool) | ternary(' --verbose', '') }}{{ (nova_virt_type == 'ironic') | ternary(' --by-service', '') }}" + command: >- + {{ _db_nova_bin }}/nova-manage cell_v2 discover_hosts{{ (debug | bool) | ternary(' --verbose', '') }}{{ + (nova_virt_type == 'ironic') | ternary(' --by-service', '') }} become: yes become_user: "{{ _db_nova_system_user_name }}" changed_when: false @@ -35,6 +37,7 @@ command: "{{ _db_nova_bin }}/nova-manage db online_data_migrations" become: yes become_user: "{{ _db_nova_system_user_name }}" + changed_when: false when: - hostvars[nova_conductor_setup_host]['ansible_local']['openstack_ansible']['nova']['need_online_data_migrations'] | bool retries: 5 @@ -49,6 +52,7 @@ section: nova option: need_online_data_migrations value: False + mode: "0644" with_items: "{{ groups[nova_services['nova-conductor']['group']] }}" when: - data_migrations is not skipped @@ -67,7 +71,7 @@ systemd_services: - service_name: "nova-archive-deleted" execstarts: - - /bin/sh -c "{{ _db_nova_bin }}/nova-manage db archive_deleted_rows --until-complete --all-cells --before \"$(date -d '{{ nova_archive_deleted_before }}' +'%%Y-%%m-%%d %%H:%%M')\" {{ (nova_archive_deleted_purge) | ternary('--purge', '') }} {{ (nova_archive_task_log) | ternary('--task-log', '') }}" + - /bin/sh -c "{{ _db_nova_bin }}/nova-manage db archive_deleted_rows --until-complete --all-cells --before \"$(date -d '{{ nova_archive_deleted_before }}' +'%%Y-%%m-%%d %%H:%%M')\" {{ (nova_archive_deleted_purge) | ternary('--purge', '') }} {{ (nova_archive_task_log) | ternary('--task-log', '') }}" # noqa: yaml[line-length] environment: UMASK: '0640' UMASK_DIR: '0750' @@ -84,7 +88,7 @@ Unit: "nova-archive-deleted.service" - service_name: "nova-purge-deleted" execstarts: - - /bin/sh -c "{{ _db_nova_bin }}/nova-manage db purge --until-complete --all-cells --before \"$(date -d '{{ nova_purge_deleted_before }}' +'%%Y-%%m-%%d %%H:%%M')\"" + - /bin/sh -c "{{ _db_nova_bin }}/nova-manage db purge --until-complete --all-cells --before \"$(date -d '{{ nova_purge_deleted_before }}' +'%%Y-%%m-%%d %%H:%%M')\"" # noqa: yaml[line-length] environment: UMASK: '0640' UMASK_DIR: '0750' diff --git a/tasks/nova_db_setup.yml b/tasks/nova_db_setup.yml index 6b0712e1..21331b76 100644 --- a/tasks/nova_db_setup.yml +++ b/tasks/nova_db_setup.yml @@ -24,7 +24,8 @@ - name: Create the cell0 mapping entry in the nova API DB command: >- {{ nova_bin }}/nova-manage cell_v2 map_cell0 - --database_connection mysql+pymysql://{{ nova_api_galera_user }}:{{ nova_api_container_mysql_password }}@{{ nova_api_galera_address }}/{{ nova_cell0_database }}?charset=utf8{% if nova_galera_use_ssl | bool %}&ssl_ca={{ nova_galera_ssl_ca_cert }}{% endif %} + --database_connection mysql+pymysql://{{ nova_api_galera_user }}:{{ nova_api_container_mysql_password }}@{{ nova_api_galera_address }}/{{ + nova_cell0_database }}?charset=utf8{% if nova_galera_use_ssl | bool %}&ssl_ca={{ nova_galera_ssl_ca_cert }}{% endif %} become: yes become_user: "{{ nova_system_user_name }}" changed_when: false diff --git a/tasks/nova_install.yml b/tasks/nova_install.yml index be692cf6..60a40c4a 100644 --- a/tasks/nova_install.yml +++ b/tasks/nova_install.yml @@ -19,6 +19,7 @@ section: "nova" option: "install_method" value: "{{ nova_install_method }}" + mode: "0644" - name: Refresh local facts to ensure the nova section is present setup: @@ -59,7 +60,8 @@ venv_build_distro_package_list: "{{ nova_devel_distro_packages }}" venv_install_destination_path: "{{ nova_bin | dirname }}" venv_pip_install_args: "{{ nova_pip_install_args }}" - venv_packages_to_symlink: "{{ (nova_services['nova-compute']['group'] in group_names and nova_virt_type != 'ironic') | ternary(nova_compute_kvm_packages_to_symlink, []) }}" + venv_packages_to_symlink: >- + {{ (nova_services['nova-compute']['group'] in group_names and nova_virt_type != 'ironic') | ternary(nova_compute_kvm_packages_to_symlink, []) }} venv_pip_packages: "{{ nova_venv_packages }}" venv_facts_when_changed: - section: "nova" @@ -73,7 +75,8 @@ value: "{{ nova_venv_tag }}" when: nova_install_method == 'source' -- include_tasks: "consoles/nova_console_{{ nova_console_type }}_install.yml" +- name: Including nova_console tasks + include_tasks: "consoles/nova_console_{{ nova_console_type }}_install.yml" when: - "nova_services['nova-novncproxy']['group'] in group_names or nova_services['nova-spicehtml5proxy']['group'] in group_names or @@ -144,6 +147,7 @@ section: nova option: venv_tag value: "{{ nova_venv_tag }}" + mode: "0644" - name: Initialise the upgrade facts ini_file: @@ -151,6 +155,7 @@ section: nova option: "{{ item.name }}" value: "{{ item.state }}" + mode: "0644" with_items: - name: "need_service_restart" state: "True" diff --git a/tasks/nova_mdev_detect.yml b/tasks/nova_mdev_detect.yml index 80579ec3..ebeb9379 100644 --- a/tasks/nova_mdev_detect.yml +++ b/tasks/nova_mdev_detect.yml @@ -14,12 +14,14 @@ # limitations under the License. - name: Check if the mdev folder exist - stat: path=/sys/class/mdev_bus + stat: + path: /sys/class/mdev_bus register: mdev_folder - name: Get mdev info content and store as var command: "/bin/sh -c 'ls -1 /sys/class/mdev_bus/*/mdev_supported_types'" register: mdev + changed_when: false when: mdev_folder.stat.exists - name: Register a fact for nova enabled_mdev_types diff --git a/tasks/nova_post_install.yml b/tasks/nova_post_install.yml index 211d344a..665dd27f 100644 --- a/tasks/nova_post_install.yml +++ b/tasks/nova_post_install.yml @@ -17,7 +17,8 @@ # dynamically loading facts from the nova_virt_types based on the # nova_virt_type setting. - name: Set nova config facts - set_fact: '{{ item.key }}="{{ item.value }}"' + set_fact: + "{{ item.key }}": "{{ item.value }}" # noqa: var-naming[no-jinja] with_dict: "{{ nova_virt_types[nova_virt_type] }}" when: - item.key not in hostvars[inventory_hostname] or item.key is undefined @@ -31,8 +32,8 @@ file: path: "{{ item.path | default(omit) }}" state: "directory" - owner: "{{ item.owner|default(nova_system_user_name) }}" - group: "{{ item.group|default(nova_system_group_name) }}" + owner: "{{ item.owner | default(nova_system_user_name) }}" + group: "{{ item.group | default(nova_system_group_name) }}" mode: "{{ item.mode | default(omit) }}" with_items: - path: "/etc/nova/rootwrap.d" @@ -45,6 +46,7 @@ dest: "/etc/nova/rootwrap.d/" owner: "root" group: "root" + mode: "0644" with_fileglob: - rootwrap.d/* notify: @@ -59,7 +61,7 @@ src: "{{ item.src }}" dest: "{{ item.dest }}" owner: "root" - group: "{{ item.group|default(nova_system_group_name) }}" + group: "{{ item.group | default(nova_system_group_name) }}" mode: "0640" config_overrides: "{{ item.config_overrides }}" config_type: "{{ item.config_type }}" @@ -99,7 +101,7 @@ dest: "/etc/nova/provider_config/{{ item.name }}.yaml" owner: "root" group: "{{ nova_system_group_name }}" - mode: 0640 + mode: "0640" config_type: yaml with_items: - "{{ nova_provider_overrides }}" diff --git a/tasks/nova_pre_install.yml b/tasks/nova_pre_install.yml index 9fea883e..f7dce3c4 100644 --- a/tasks/nova_pre_install.yml +++ b/tasks/nova_pre_install.yml @@ -13,10 +13,10 @@ # See the License for the specific language governing permissions and # limitations under the License. -- name: create the system group +- name: Create the system group group: name: "{{ nova_system_group_name }}" - gid: "{{ nova_system_group_gid|default(omit) }}" + gid: "{{ nova_system_group_gid | default(omit) }}" state: "present" system: "yes" tags: @@ -25,7 +25,7 @@ - name: Create the nova system user user: name: "{{ nova_system_user_name }}" - uid: "{{ nova_system_user_uid|default(omit) }}" + uid: "{{ nova_system_user_uid | default(omit) }}" group: "{{ nova_system_group_name }}" comment: "{{ nova_system_comment }}" shell: "{{ nova_system_shell }}" @@ -72,8 +72,8 @@ path: "{{ item.path }}" src: "{{ item.src | default(omit) }}" state: "{{ item.state | default('directory') }}" - owner: "{{ item.owner|default(nova_system_user_name) }}" - group: "{{ item.group|default(nova_system_group_name) }}" + owner: "{{ item.owner | default(nova_system_user_name) }}" + group: "{{ item.group | default(nova_system_group_name) }}" mode: "{{ item.mode | default('0755') }}" force: "{{ item.force | default(omit) }}" when: diff --git a/tasks/nova_virt_detect.yml b/tasks/nova_virt_detect.yml index 96362cb9..45e8c12e 100644 --- a/tasks/nova_virt_detect.yml +++ b/tasks/nova_virt_detect.yml @@ -40,4 +40,4 @@ set_fact: nova_virt_type: "qemu" when: - - nova_virt_type is not defined \ No newline at end of file + - nova_virt_type is not defined diff --git a/vars/main.yml b/vars/main.yml index 7ec1ded0..617a07a3 100644 --- a/vars/main.yml +++ b/vars/main.yml @@ -13,7 +13,11 @@ # See the License for the specific language governing permissions and # limitations under the License. -_nova_is_first_play_host: "{{ (nova_services['nova-conductor']['group'] in group_names and inventory_hostname == (groups[nova_services['nova-conductor']['group']] | intersect(ansible_play_hosts)) | first) | bool }}" +_nova_is_first_play_host: >- + {{ + (nova_services['nova-conductor']['group'] in group_names and + inventory_hostname == (groups[nova_services['nova-conductor']['group']] | intersect(ansible_play_hosts)) | first) | bool + }} nova_venv_packages: |- {%- set pkg_list = nova_pip_packages | union(nova_user_pip_packages) %} @@ -106,7 +110,7 @@ nova_core_files: _nova_scheduler_filters: |- {% set default_filters = nova_scheduler_default_filters %} {% if default_filters is not iterable and default_filters is string %} - {% set filters = default_filters.split(',') %} + {% set filters = default_filters.split(',') %} {% else %} {% set filters = default_filters %} {% endif %}