f639ad0b35
By default, Ansible injects a variable for every fact, prefixed with ansible_. This can result in a large number of variables for each host, which at scale can incur a performance penalty. Ansible provides a configuration option [0] that can be set to False to prevent this injection of facts. In this case, facts should be referenced via ansible_facts.<fact>. This change updates all references to Ansible facts within Kayobe from using individual fact variables to using the items in the ansible_facts dictionary. This allows users to disable fact variable injection in their Ansible configuration, which may provide some performance improvement. This change disables fact variable injection in the ansible configuration used in CI, to catch any attempts to use the injected variables. [0] https://docs.ansible.com/ansible/latest/reference_appendices/config.html#inject-facts-as-vars Story: 2007993 Task: 42464 Depends-On: https://review.opendev.org/c/openstack/kolla-ansible/+/791276 Change-Id: I14db53ed6e57d37bbd28dd5819e432e3fe6628b2
53 lines
1.7 KiB
YAML
53 lines
1.7 KiB
YAML
---
|
|
- name: Set a fact about the virtualenv on the remote system
|
|
set_fact:
|
|
virtualenv: "{{ ansible_python_interpreter | dirname | dirname }}"
|
|
when:
|
|
- ansible_python_interpreter is defined
|
|
- not ansible_python_interpreter.startswith('/bin/')
|
|
- not ansible_python_interpreter.startswith('/usr/bin/')
|
|
|
|
- name: Ensure docker SDK for python is installed
|
|
pip:
|
|
name: docker
|
|
state: latest
|
|
extra_args: "{% if docker_upper_constraints_file %}-c {{ docker_upper_constraints_file }}{% endif %}"
|
|
virtualenv: "{{ virtualenv is defined | ternary(virtualenv, omit) }}"
|
|
become: "{{ virtualenv is not defined }}"
|
|
|
|
- name: Ensure user is in the docker group
|
|
user:
|
|
name: "{{ ansible_facts.user_id }}"
|
|
groups: docker
|
|
append: yes
|
|
register: group_result
|
|
become: True
|
|
|
|
# After adding the user to the docker group, we need to log out and in again to
|
|
# pick up the group membership. We do this by resetting the SSH connection.
|
|
|
|
- name: Reset connection to activate new group membership
|
|
meta: reset_connection
|
|
when: group_result is changed
|
|
|
|
- name: Ensure Docker daemon is started
|
|
service:
|
|
name: docker
|
|
state: started
|
|
become: True
|
|
|
|
- name: Ensure the path for CA file for private registry exists
|
|
file:
|
|
path: "/etc/docker/certs.d/{{ docker_registry }}"
|
|
state: directory
|
|
become: True
|
|
when: docker_registry is not none and docker_registry_ca is not none
|
|
|
|
- name: Ensure the CA file for private registry exists
|
|
copy:
|
|
src: "{{ docker_registry_ca }}"
|
|
dest: "/etc/docker/certs.d/{{ docker_registry }}/ca.crt"
|
|
become: True
|
|
when: docker_registry is not none and docker_registry_ca is not none
|
|
notify: reload docker service
|