Fix prechecks in check mode

When running in check mode, some prechecks previously failed because
they use the command module which is silently not run in check mode.
Other prechecks were not running correctly in check mode due to e.g.
looking for a string in empty command output or not querying which
containers are running.

This change fixes these issues.

Closes-Bug: #2002657
Change-Id: I5219cb42c48d5444943a2d48106dc338aa08fa7c
This commit is contained in:
Mark Goddard 2023-01-11 16:04:55 +00:00
parent bea4535613
commit 46aeb9843f
53 changed files with 71 additions and 0 deletions
ansible/roles
aodh/tasks
barbican/tasks
blazar/tasks
cinder/tasks
cloudkitty/tasks
cyborg/tasks
designate/tasks
etcd/tasks
freezer/tasks
glance/tasks
gnocchi/tasks
grafana/tasks
hacluster/tasks
influxdb/tasks
ironic/tasks
iscsi/tasks
keystone/tasks
kuryr/tasks
loadbalancer/tasks
magnum/tasks
manila/tasks
mariadb/tasks
masakari/tasks
memcached/tasks
mistral/tasks
murano/tasks
neutron/tasks
nova-cell/tasks
nova/tasks
octavia/tasks
opensearch/tasks
openvswitch/tasks
ovn-db/tasks
placement/tasks
prechecks/tasks
prometheus/tasks
rabbitmq/tasks
redis/tasks
sahara/tasks
senlin/tasks
solum/tasks
swift/tasks
tacker/tasks
trove/tasks
venus/tasks
vitrage/tasks
watcher/tasks
zun/tasks
releasenotes/notes

@ -11,6 +11,7 @@
container_engine: "{{ kolla_container_engine }}"
name:
- aodh_api
check_mode: false
register: container_facts
- name: Checking free port for Aodh API

@ -11,6 +11,7 @@
container_engine: "{{ kolla_container_engine }}"
name:
- barbican_api
check_mode: false
register: container_facts
- name: Checking free port for Barbican API

@ -11,6 +11,7 @@
container_engine: "{{ kolla_container_engine }}"
name:
- blazar_api
check_mode: false
register: container_facts
- name: Checking free port for blazar API

@ -11,6 +11,7 @@
container_engine: "{{ kolla_container_engine }}"
name:
- cinder_api
check_mode: false
register: container_facts
- name: Checking free port for Cinder API
@ -48,6 +49,7 @@
register: result
changed_when: false
failed_when: result is failed
check_mode: false
when:
- enable_cinder | bool
- enable_cinder_backend_lvm | bool

@ -11,6 +11,7 @@
container_engine: "{{ kolla_container_engine }}"
name:
- cloudkitty_api
check_mode: false
register: container_facts
- name: Checking free port for Cloudkitty API

@ -11,6 +11,7 @@
container_engine: "{{ kolla_container_engine }}"
name:
- cyborg_api
check_mode: false
register: container_facts
- name: Checking free port for cyborg API

@ -13,6 +13,7 @@
- designate_api
- designate_backend_bind9
- designate_mdns
check_mode: false
register: container_facts
- name: Checking free port for designate API

@ -11,6 +11,7 @@
container_engine: "{{ kolla_container_engine }}"
name:
- etcd
check_mode: false
register: container_facts
- name: Checking free port for Etcd Peer

@ -11,6 +11,7 @@
container_engine: "{{ kolla_container_engine }}"
name:
- freezer_api
check_mode: false
register: container_facts
- name: Checking free port for Freezer API

@ -10,6 +10,7 @@
kolla_container_facts:
container_engine: "{{ kolla_container_engine }}"
name: "{{ glance_services.values() | map(attribute='container_name') | list }}"
check_mode: false
register: container_facts
- name: Checking free port for Glance API

@ -11,6 +11,7 @@
container_engine: "{{ kolla_container_engine }}"
name:
- gnocchi_api
check_mode: false
register: container_facts
- name: Checking free port for Gnocchi API

@ -11,6 +11,7 @@
container_engine: "{{ kolla_container_engine }}"
name:
- grafana
check_mode: false
register: container_facts
- name: Checking free port for Grafana server

@ -5,6 +5,7 @@
container_engine: "{{ kolla_container_engine }}"
name:
- hacluster_pacemaker_remote
check_mode: false
register: container_facts
# NOTE(yoctozepto): Corosync runs over UDP so one cannot use wait_for to check

@ -11,6 +11,7 @@
container_engine: "{{ kolla_container_engine }}"
name:
- influxdb
check_mode: false
register: container_facts
- name: Checking free port for Influxdb Http

@ -13,6 +13,7 @@
- ironic_api
- ironic_inspector
- ironic_http
check_mode: false
register: container_facts
- name: Checking free port for Ironic API

@ -11,6 +11,7 @@
container_engine: "{{ kolla_container_engine }}"
name:
- iscsid
check_mode: false
register: container_facts
- name: Checking free port for iscsi

@ -12,6 +12,7 @@
name:
- keystone
- keystone_ssh
check_mode: false
register: container_facts
- name: Checking free port for Keystone Public

@ -11,6 +11,7 @@
container_engine: "{{ kolla_container_engine }}"
name:
- kuryr
check_mode: false
register: container_facts
- name: Checking free port for Kuryr

@ -13,12 +13,14 @@
- haproxy
- proxysql
- keepalived
check_mode: false
register: container_facts
- name: Group hosts by whether they are running keepalived
group_by:
key: "keepalived_running_{{ container_facts['keepalived'] is defined }}"
changed_when: false
check_mode: false
when:
- enable_keepalived | bool
- inventory_hostname in groups['loadbalancer']
@ -27,6 +29,7 @@
group_by:
key: "haproxy_running_{{ container_facts['haproxy'] is defined }}"
changed_when: false
check_mode: false
when:
- enable_haproxy | bool
- inventory_hostname in groups['loadbalancer']
@ -35,6 +38,7 @@
group_by:
key: "proxysql_running_{{ container_facts['proxysql'] is defined }}"
changed_when: false
check_mode: false
when:
- enable_proxysql | bool
- inventory_hostname in groups['loadbalancer']
@ -108,6 +112,7 @@
register: ping_output
changed_when: false
failed_when: ping_output.rc != 1
check_mode: false
with_items:
- "{{ kolla_internal_vip_address }}"
- "{{ kolla_external_vip_address }}"
@ -187,6 +192,7 @@
failed_when: >-
( ip_addr_output is failed or
kolla_internal_vip_address | ipaddr(ip_addr_output.stdout.split()[3]) is none)
check_mode: false
when:
- enable_haproxy | bool
- enable_keepalived | bool
@ -198,6 +204,7 @@
shell: echo "show stat" | {{ kolla_container_engine }} exec -i haproxy socat unix-connect:/var/lib/kolla/haproxy/haproxy.sock stdio # noqa risky-shell-pipe
register: haproxy_stat_shell
changed_when: false
check_mode: false
when: container_facts['haproxy'] is defined
- name: Setting haproxy stat fact
@ -827,6 +834,7 @@
register: firewalld_is_active
changed_when: false
failed_when: false
check_mode: false
- name: Fail if firewalld is not running
fail:

@ -11,6 +11,7 @@
container_engine: "{{ kolla_container_engine }}"
name:
- magnum_api
check_mode: false
register: container_facts
- name: Checking free port for Magnum API

@ -11,6 +11,7 @@
container_engine: "{{ kolla_container_engine }}"
name:
- manila_api
check_mode: false
register: container_facts
- name: Checking free port for Manila API

@ -11,6 +11,7 @@
container_engine: "{{ kolla_container_engine }}"
name:
- mariadb
check_mode: false
register: container_facts
- name: Checking free port for MariaDB

@ -11,6 +11,7 @@
container_engine: "{{ kolla_container_engine }}"
name:
- masakari_api
check_mode: false
register: container_facts
- name: Checking free port for Masakari API

@ -11,6 +11,7 @@
container_engine: "{{ kolla_container_engine }}"
name:
- memcached
check_mode: false
register: container_facts
- name: Checking free port for Memcached

@ -11,6 +11,7 @@
container_engine: "{{ kolla_container_engine }}"
name:
- mistral_api
check_mode: false
register: container_facts
- name: Checking free port for Mistral API

@ -11,6 +11,7 @@
container_engine: "{{ kolla_container_engine }}"
name:
- murano_api
check_mode: false
register: container_facts
- name: Checking free port for Murano API

@ -11,6 +11,7 @@
container_engine: "{{ kolla_container_engine }}"
name:
- neutron_server
check_mode: false
register: container_facts
- name: Checking free port for Neutron Server

@ -15,6 +15,7 @@
- nova_serialproxy
- nova_spicehtml5proxy
- nova_ssh
check_mode: false
register: container_facts
- name: Checking available compute nodes in inventory

@ -11,6 +11,7 @@
container_engine: "{{ kolla_container_engine }}"
name:
- nova_api
check_mode: false
register: container_facts
- name: Checking free port for Nova API

@ -12,6 +12,7 @@
name:
- octavia_api
- octavia_health_manager
check_mode: false
register: container_facts
- name: Checking free port for Octavia API

@ -12,6 +12,7 @@
name:
- opensearch
- elasticsearch
check_mode: false
register: container_facts
- name: Checking free port for Opensearch

@ -11,6 +11,7 @@
container_engine: "{{ kolla_container_engine }}"
name:
- openvswitch_db
check_mode: false
register: container_facts
- name: Checking free port for OVSDB

@ -6,6 +6,7 @@
name:
- ovn_nb_db
- ovn_sb_db
check_mode: false
register: container_facts
- name: Checking free port for OVN northbound db

@ -11,6 +11,7 @@
container_engine: "{{ kolla_container_engine }}"
name:
- placement_api
check_mode: false
register: container_facts
- name: Checking free port for Placement API

@ -23,6 +23,7 @@
command: grep -q Stream /etc/os-release
register: stream_status
changed_when: false
check_mode: false
when:
- ansible_facts.distribution == 'CentOS'

@ -3,6 +3,7 @@
command: "{{ ansible_facts.python.executable }} -c \"import docker; print(docker.__version__)\""
register: result
changed_when: false
check_mode: false
when:
- inventory_hostname in groups['baremetal']
- kolla_container_engine == 'docker'

@ -4,6 +4,7 @@
command: "{{ kolla_container_engine }} --version"
register: result
changed_when: false
check_mode: false
when: inventory_hostname in groups['baremetal']
failed_when: result is failed
or result.stdout | regex_replace('.*\\b(\\d+\\.\\d+\\.\\d+)\\b.*', '\\1') is version(docker_version_min, '<')
@ -19,12 +20,14 @@
register: result
changed_when: false
failed_when: result.stdout | regex_replace('(.*ssh_key.*)', '') is search(":")
check_mode: false
- name: Check if nscd is running
command: pgrep nscd
ignore_errors: yes
failed_when: false
changed_when: false
check_mode: false
register: nscd_status
- name: Fail if nscd is running

@ -14,6 +14,7 @@
register: systemctl_is_active
changed_when: false
failed_when: false
check_mode: false
- name: Fail if a host NTP daemon is not running
fail:
@ -31,6 +32,7 @@
command: timedatectl status
register: timedatectl_status
changed_when: false
check_mode: false
- name: Fail if the clock is not synchronized
fail:

@ -17,3 +17,4 @@
register: result
failed_when: result is failed
changed_when: False
check_mode: false

@ -22,6 +22,7 @@
- prometheus_blackbox_exporter
- prometheus_libvirt_exporter
- prometheus_msteams
check_mode: false
register: container_facts
- name: Checking free port for Prometheus server

@ -12,6 +12,7 @@
name:
- rabbitmq
- outward_rabbitmq
check_mode: false
register: container_facts
- name: Checking free port for RabbitMQ
@ -63,6 +64,7 @@
nss_database: "{{ 'ahostsv4' if api_address_family == 'ipv4' else 'ahostsv6' }}"
command: "getent {{ nss_database }} {{ hostvars[item].ansible_facts.hostname }}"
changed_when: false
check_mode: false
register: rabbitmq_hostnames
with_items: "{{ groups['rabbitmq'] }}"
@ -150,6 +152,7 @@
nss_database: "{{ 'ahostsv4' if api_address_family == 'ipv4' else 'ahostsv6' }}"
command: "getent {{ nss_database }} {{ hostvars[item].ansible_facts.hostname }}"
changed_when: false
check_mode: false
register: outward_rabbitmq_hostnames
with_items: "{{ groups['outward-rabbitmq'] }}"
when:

@ -11,6 +11,7 @@
container_engine: "{{ kolla_container_engine }}"
name:
- redis
check_mode: false
register: container_facts
- name: Checking free port for Redis

@ -11,6 +11,7 @@
container_engine: "{{ kolla_container_engine }}"
name:
- sahara_api
check_mode: false
register: container_facts
- name: Checking free port for Sahara API

@ -11,6 +11,7 @@
container_engine: "{{ kolla_container_engine }}"
name:
- senlin_api
check_mode: false
register: container_facts
- name: Checking free port for Senlin API

@ -11,6 +11,7 @@
container_engine: "{{ kolla_container_engine }}"
name:
- solum_api
check_mode: false
register: container_facts
- name: Checking free port for Solum Application Deployment

@ -14,6 +14,7 @@
- swift_container_server
- swift_object_server
- swift_proxy_server
check_mode: false
register: container_facts
- name: Checking free port for Swift Account Server

@ -11,6 +11,7 @@
container_engine: "{{ kolla_container_engine }}"
name:
- tacker_server
check_mode: false
register: container_facts
- name: Checking free port for Tacker Server

@ -11,6 +11,7 @@
container_engine: "{{ kolla_container_engine }}"
name:
- trove_api
check_mode: false
register: container_facts
- name: Checking free port for Trove API

@ -11,6 +11,7 @@
container_engine: "{{ kolla_container_engine }}"
name:
- venus_api
check_mode: false
register: container_facts
- name: Checking free port for Venus API

@ -11,6 +11,7 @@
container_engine: "{{ kolla_container_engine }}"
name:
- vitrage_api
check_mode: false
register: container_facts
- name: Checking free port for vitrage API

@ -11,6 +11,7 @@
container_engine: "{{ kolla_container_engine }}"
name:
- watcher_api
check_mode: false
register: container_facts
- name: Checking free port for watcher API

@ -13,6 +13,7 @@
- zun_api
- zun_wsproxy
- zun_cni_daemon
check_mode: false
register: container_facts
- name: Checking free port for Zun API

@ -0,0 +1,6 @@
---
fixes:
- |
Fixes an issue where some prechecks would fail or not run when running in
check mode. `LP#2002657
<https://bugs.launchpad.net/kolla-ansible/+bug/2002657>`__