1c567515cf
This line snuck in with I41a360e6f99ecd0ca5e4c13888bff4f363d8bc33 probably to bring it in line with other OSA roles, but should already be covered by the distribution_major_version line above. Change-Id: Ic25f941542a4fe359aacd04a36b0cdc405849d91
269 lines
9.3 KiB
YAML
269 lines
9.3 KiB
YAML
---
|
|
# Copyright 2016 Internet Solutions (Pty) Ltd
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
# you may not use this file except in compliance with the License.
|
|
# You may obtain a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
# See the License for the specific language governing permissions and
|
|
# limitations under the License.
|
|
#
|
|
# (c) 2016 Donovan Francesco <donovan.francesco@is.co.za>
|
|
# (c) 2016 Paul Stevens <paul.stevens@is.co.za>
|
|
|
|
- name: Gather variables for each operating system
|
|
ansible.builtin.include_vars: "{{ lookup('first_found', params) }}"
|
|
vars:
|
|
params:
|
|
files:
|
|
- "{{ ansible_facts['distribution'] | lower }}-{{ ansible_facts['distribution_version'] | lower }}.yml"
|
|
- "{{ ansible_facts['distribution'] | lower }}-{{ ansible_facts['distribution_major_version'] | lower }}.yml"
|
|
- "{{ ansible_facts['os_family'] | lower }}-{{ ansible_facts['distribution_major_version'] | lower }}.yml"
|
|
- "{{ ansible_facts['distribution'] | lower }}.yml"
|
|
- "{{ ansible_facts['os_family'] | lower }}.yml"
|
|
paths:
|
|
- "{{ role_path }}/vars"
|
|
tags:
|
|
- always
|
|
|
|
- name: Fail if our required secrets are not present
|
|
ansible.builtin.fail:
|
|
msg: "Please set the {{ item }} variable prior to applying this role."
|
|
when: (item is undefined) or (item is none)
|
|
with_items: "{{ trove_required_secrets }}"
|
|
tags:
|
|
- always
|
|
|
|
- name: Including osa.db_setup role
|
|
ansible.builtin.include_role:
|
|
name: openstack.osa.db_setup
|
|
apply:
|
|
tags:
|
|
- common-db
|
|
- trove-config
|
|
when:
|
|
- _trove_is_first_play_host
|
|
vars:
|
|
_oslodb_setup_host: "{{ trove_db_setup_host }}"
|
|
_oslodb_ansible_python_interpreter: "{{ trove_db_setup_python_interpreter }}"
|
|
_oslodb_setup_endpoint: "{{ trove_galera_address }}"
|
|
_oslodb_setup_port: "{{ trove_galera_port }}"
|
|
_oslodb_databases:
|
|
- name: "{{ trove_galera_database_name }}"
|
|
users:
|
|
- username: "{{ trove_galera_user }}"
|
|
password: "{{ trove_galera_password }}"
|
|
tags:
|
|
- always
|
|
|
|
- name: Including osa.mq_setup role
|
|
ansible.builtin.include_role:
|
|
name: openstack.osa.mq_setup
|
|
apply:
|
|
tags:
|
|
- common-mq
|
|
- trove-config
|
|
when:
|
|
- _trove_is_first_play_host
|
|
vars:
|
|
_oslomsg_rpc_setup_host: "{{ trove_oslomsg_rpc_setup_host }}"
|
|
_oslomsg_rpc_userid: "{{ trove_oslomsg_rpc_userid }}"
|
|
_oslomsg_rpc_password: "{{ trove_oslomsg_rpc_password }}"
|
|
_oslomsg_rpc_vhost: "{{ trove_oslomsg_rpc_vhost }}"
|
|
_oslomsg_rpc_transport: "{{ trove_oslomsg_rpc_transport }}"
|
|
_oslomsg_rpc_policies: "{{ trove_oslomsg_rpc_policies }}"
|
|
_oslomsg_notify_setup_host: "{{ trove_oslomsg_notify_setup_host }}"
|
|
_oslomsg_notify_userid: "{{ trove_oslomsg_notify_userid }}"
|
|
_oslomsg_notify_password: "{{ trove_oslomsg_notify_password }}"
|
|
_oslomsg_notify_vhost: "{{ trove_oslomsg_notify_vhost }}"
|
|
_oslomsg_notify_transport: "{{ trove_oslomsg_notify_transport }}"
|
|
_oslomsg_notify_policies: "{{ trove_oslomsg_notify_policies }}"
|
|
_oslomsg_notify_configure: "{{ trove_oslomsg_notify_configure }}"
|
|
tags:
|
|
- always
|
|
|
|
- name: Including osa.mq_setup role
|
|
ansible.builtin.include_role:
|
|
name: openstack.osa.mq_setup
|
|
apply:
|
|
tags:
|
|
- common-mq
|
|
- trove-agent-config
|
|
when:
|
|
- _trove_is_first_play_host
|
|
- (trove_oslomsg_rpc_host_group != trove_guest_rpc_host_group) or
|
|
(trove_oslomsg_notify_host_group != trove_guest_notify_host_group and trove_guest_oslomsg_notify_configure)
|
|
vars:
|
|
_oslomsg_rpc_setup_host: "{{ trove_guest_oslomsg_rpc_setup_host }}"
|
|
_oslomsg_rpc_userid: "{{ trove_guest_oslomsg_rpc_userid }}"
|
|
_oslomsg_rpc_password: "{{ trove_guest_oslomsg_rpc_password }}"
|
|
_oslomsg_rpc_vhost: "{{ trove_guest_oslomsg_rpc_vhost }}"
|
|
_oslomsg_rpc_transport: "{{ trove_oslomsg_rpc_transport }}"
|
|
_oslomsg_rpc_policies: "{{ trove_guest_oslomsg_rpc_policies }}"
|
|
_oslomsg_notify_setup_host: "{{ trove_guest_notify_host_group }}"
|
|
_oslomsg_notify_userid: "{{ trove_guest_oslomsg_notify_userid }}"
|
|
_oslomsg_notify_password: "{{ trove_guest_oslomsg_notify_password }}"
|
|
_oslomsg_notify_vhost: "{{ trove_guest_oslomsg_notify_vhost }}"
|
|
_oslomsg_notify_transport: "{{ trove_oslomsg_notify_transport }}"
|
|
_oslomsg_notify_policies: "{{ trove_guest_oslomsg_notify_policies }}"
|
|
_oslomsg_notify_configure: "{{ trove_guest_oslomsg_notify_configure }}"
|
|
tags:
|
|
- always
|
|
|
|
- name: Importing trove_pre_install tasks
|
|
ansible.builtin.import_tasks: trove_pre_install.yml
|
|
tags:
|
|
- trove-install
|
|
|
|
- name: Create and install SSL certificates
|
|
ansible.builtin.include_role:
|
|
name: pki
|
|
tasks_from: main_certs.yml
|
|
apply:
|
|
tags:
|
|
- trove-config
|
|
- pki
|
|
vars:
|
|
pki_setup_host: "{{ trove_pki_setup_host }}"
|
|
pki_dir: "{{ trove_pki_dir }}"
|
|
pki_create_certificates: "{{ trove_user_ssl_cert is not defined and trove_user_ssl_key is not defined }}"
|
|
pki_regen_cert: "{{ trove_pki_regen_cert }}"
|
|
pki_certificates: "{{ trove_pki_certificates }}"
|
|
pki_install_certificates: "{{ trove_pki_install_certificates }}"
|
|
when:
|
|
- trove_backend_ssl
|
|
tags:
|
|
- always
|
|
|
|
- name: Install the python venv
|
|
ansible.builtin.import_role:
|
|
name: "python_venv_build"
|
|
vars:
|
|
venv_python_executable: "{{ trove_venv_python_executable }}"
|
|
venv_build_constraints: "{{ trove_git_constraints }}"
|
|
venv_install_destination_path: "{{ trove_bin | dirname }}"
|
|
venv_install_distro_package_list: "{{ trove_distro_packages }}"
|
|
venv_pip_install_args: "{{ trove_pip_install_args }}"
|
|
venv_pip_packages: "{{ trove_pip_packages | union(trove_user_pip_packages) }}"
|
|
venv_facts_when_changed:
|
|
- section: "trove"
|
|
option: "venv_tag"
|
|
value: "{{ trove_venv_tag }}"
|
|
tags:
|
|
- trove-install
|
|
|
|
- name: Including osa.service_setup role
|
|
ansible.builtin.include_role:
|
|
name: openstack.osa.service_setup
|
|
apply:
|
|
tags:
|
|
- trove-install
|
|
- common-service
|
|
vars:
|
|
_project_name: "{{ trove_service_project_name }}"
|
|
_project_domain: "{{ trove_service_project_domain_id }}"
|
|
_service_adminuri_insecure: "{{ keystone_service_adminuri_insecure }}"
|
|
_service_setup_host: "{{ trove_service_setup_host }}"
|
|
_service_setup_host_python_interpreter: "{{ trove_service_setup_host_python_interpreter }}"
|
|
_service_in_ldap: "{{ trove_service_in_ldap }}"
|
|
_service_project_name: "{{ trove_service_project_name }}"
|
|
_service_region: "{{ trove_service_region }}"
|
|
_service_users:
|
|
- name: "{{ trove_service_user_name }}"
|
|
password: "{{ trove_service_password }}"
|
|
role: "{{ trove_service_admin_role_names }}"
|
|
_service_endpoints:
|
|
- service: "{{ trove_service_name }}"
|
|
interface: "public"
|
|
url: "{{ trove_service_publicurl }}"
|
|
- service: "{{ trove_service_name }}"
|
|
interface: "internal"
|
|
url: "{{ trove_service_internalurl }}"
|
|
- service: "{{ trove_service_name }}"
|
|
interface: "admin"
|
|
url: "{{ trove_service_adminurl }}"
|
|
_service_catalog:
|
|
- name: "{{ trove_service_name }}"
|
|
type: "{{ trove_service_type }}"
|
|
description: "{{ trove_service_description }}"
|
|
when: _trove_is_first_play_host
|
|
tags:
|
|
- always
|
|
|
|
- name: Including trove_resources tasks
|
|
ansible.builtin.include_tasks: trove_resources.yml
|
|
when:
|
|
- trove_service_net_setup or trove_guestagent_images
|
|
- _trove_is_first_play_host
|
|
args:
|
|
apply:
|
|
tags:
|
|
- trove-install
|
|
tags:
|
|
- trove-install
|
|
|
|
- name: Importing trove_service_network tasks
|
|
ansible.builtin.import_tasks: trove_service_network.yml
|
|
tags:
|
|
- trove-install
|
|
- trove-config
|
|
|
|
- name: Importing trove_post_install tasks
|
|
ansible.builtin.import_tasks: trove_post_install.yml
|
|
tags:
|
|
- trove-install
|
|
- trove-config
|
|
- post-install
|
|
|
|
- name: Run the systemd service role
|
|
ansible.builtin.include_role:
|
|
name: systemd_service
|
|
vars:
|
|
systemd_user_name: "{{ trove_system_user_name }}"
|
|
systemd_group_name: "{{ trove_system_group_name }}"
|
|
systemd_tempd_prefix: openstack
|
|
systemd_slice_name: trove
|
|
systemd_lock_path: /var/lock/trove
|
|
systemd_service_cpu_accounting: true
|
|
systemd_service_block_io_accounting: true
|
|
systemd_service_memory_accounting: true
|
|
systemd_service_tasks_accounting: true
|
|
systemd_services:
|
|
- service_name: "{{ service_var.service_name }}"
|
|
enabled: true
|
|
state: started
|
|
execstarts: "{{ service_var.execstarts }}"
|
|
execreloads: "{{ service_var.execreloads | default([]) }}"
|
|
config_overrides: "{{ service_var.init_config_overrides }}"
|
|
with_items: "{{ filtered_trove_services }}"
|
|
loop_control:
|
|
loop_var: service_var
|
|
tags:
|
|
- trove-config
|
|
- systemd-service
|
|
|
|
- name: Import uwsgi role
|
|
ansible.builtin.import_role:
|
|
name: uwsgi
|
|
vars:
|
|
uwsgi_services: "{{ uwsgi_trove_services }}"
|
|
uwsgi_install_method: "source"
|
|
tags:
|
|
- trove-install
|
|
- trove-config
|
|
- uwsgi
|
|
|
|
- name: Importing trove_db_sync tasks
|
|
ansible.builtin.import_tasks: trove_db_sync.yml
|
|
when: _trove_conductor_is_first_play_host
|
|
tags:
|
|
- trove-install
|
|
|
|
- name: Flush handlers
|
|
ansible.builtin.meta: flush_handlers
|