3035e25333
If operator needs to enter guest agent instance for troubleshooting, they need to create a keypair, upload it as Trove user specifically, create a security group and define it's UUID in trove.conf This process is quite cumbersome and time consuming, thus this patch implements mentioned fuctionality and can be enabled with a single variable. Process is alike to what we have and been using for Octavia for a while. Change-Id: I29984c565c808bca79ef39a02e79d9b015a70786
64 lines
2.5 KiB
YAML
64 lines
2.5 KiB
YAML
---
|
|
# Copyright 2016,2017 IBM Corp.
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
# you may not use this file except in compliance with the License.
|
|
# You may obtain a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
# See the License for the specific language governing permissions and
|
|
# limitations under the License.
|
|
|
|
- name: Get the service network ID
|
|
delegate_to: "{{ trove_service_setup_host }}"
|
|
vars:
|
|
ansible_python_interpreter: "{{ trove_service_setup_host_python_interpreter }}"
|
|
block:
|
|
- name: Get trove service net id
|
|
openstack.cloud.networks_info:
|
|
cloud: default
|
|
validate_certs: "{{ trove_service_net_validate_certs }}"
|
|
wait: true
|
|
name: "{{ trove_service_net_name }}"
|
|
endpoint_type: "{{ trove_service_net_endpoint_type }}"
|
|
register: _get_trove_service_net
|
|
run_once: true
|
|
|
|
- name: Fail if trove service network is not available
|
|
ansible.builtin.fail:
|
|
msg: >
|
|
"Trove service network {{ trove_service_net_name }} is not available. "
|
|
"For Trove to operate properly it needs a network created to allocate "
|
|
"to the deployed VMs. This network can be created prior to running this"
|
|
" playbook or can be setup by setting trove_service_net_setup to true."
|
|
when:
|
|
- _get_trove_service_net.networks is not defined or _get_trove_service_net.networks | length == 0
|
|
|
|
- name: Save trove service net id
|
|
ansible.builtin.set_fact:
|
|
trove_service_net_id: "{{ _get_trove_service_net.networks[0].id }}"
|
|
run_once: true
|
|
|
|
|
|
- name: Register created security group
|
|
run_once: true
|
|
when:
|
|
- trove_guest_ssh_enabled
|
|
block:
|
|
- name: Get trove guestagent SSH security group ID
|
|
openstack.cloud.security_group_info:
|
|
cloud: default
|
|
validate_certs: "{{ trove_service_net_validate_certs }}"
|
|
wait: true
|
|
endpoint_type: "{{ trove_service_net_endpoint_type }}"
|
|
name: "{{ trove_guest_ssh_security_group_name }}"
|
|
register: _get_trove_security_group
|
|
|
|
- name: Save security group as fact
|
|
ansible.builtin.set_fact:
|
|
trove_guest_ssh_security_group_id: "{{ _get_trove_security_group.security_groups[0].id | default('') }}"
|