openstack/kolla-ansible
Code Issues Proposed changes

Merge "Separate per-service host configuration tasks"

Browse Source
This commit is contained in:
Zuul 2020-04-05 16:40:27 +00:00 committed by Gerrit Code Review
commit 7c92e56cfd
25 changed files with 132 additions and 96 deletions

12
ansible/roles/elasticsearch/tasks/config-host.yml Normal file

@ -0,0 +1,12 @@
---
- name: Setting sysctl values
become: true
sysctl:
name: "{{ item.name }}"
value: "{{ item.value }}"
sysctl_set: yes
with_items:
- { name: "vm.max_map_count", value: 262144}
when:
- set_sysctl | bool
- inventory_hostname in groups['elasticsearch']

9
ansible/roles/elasticsearch/tasks/config.yml

@ -1,13 +1,4 @@
--- ---
- name: Setting sysctl values
become: true
sysctl: name={{ item.name }} value={{ item.value }} sysctl_set=yes
with_items:
- { name: "vm.max_map_count", value: 262144}
when:
- set_sysctl | bool
- inventory_hostname in groups['elasticsearch']
- name: Ensuring config directories exist - name: Ensuring config directories exist
file: file:
path: "{{ node_config_directory }}/{{ item.key }}" path: "{{ node_config_directory }}/{{ item.key }}"

2
ansible/roles/elasticsearch/tasks/deploy.yml

@ -1,4 +1,6 @@
--- ---
- include_tasks: config-host.yml
- include_tasks: config.yml - include_tasks: config.yml
- name: Flush handlers - name: Flush handlers

20
ansible/roles/haproxy/tasks/config-host.yml Normal file

@ -0,0 +1,20 @@
---
- name: Setting sysctl values
sysctl:
name: "{{ item.name }}"
value: "{{ item.value }}"
sysctl_set: yes
become: true
with_items:
- { name: "net.ipv4.ip_nonlocal_bind", value: 1}
- { name: "net.ipv6.ip_nonlocal_bind", value: 1}
- { name: "net.unix.max_dgram_qlen", value: 128}
when:
- set_sysctl | bool
- name: Load and persist keepalived module
import_role:
name: module-load
vars:
modules:
- {'name': ip_vs }

17
ansible/roles/haproxy/tasks/config.yml

@ -1,14 +1,4 @@
--- ---
- name: Setting sysctl values
sysctl: name={{ item.name }} value={{ item.value }} sysctl_set=yes
become: true
with_items:
- { name: "net.ipv4.ip_nonlocal_bind", value: 1}
- { name: "net.ipv6.ip_nonlocal_bind", value: 1}
- { name: "net.unix.max_dgram_qlen", value: 128}
when:
- set_sysctl | bool
- name: Ensuring config directories exist - name: Ensuring config directories exist
file: file:
path: "{{ node_config_directory }}/{{ item.key }}" path: "{{ node_config_directory }}/{{ item.key }}"
@ -83,13 +73,6 @@
notify: notify:
- Restart haproxy container - Restart haproxy container
- name: Load and persist keepalived module
import_role:
name: module-load
vars:
modules:
- {'name': ip_vs }
- name: Copying over keepalived.conf - name: Copying over keepalived.conf
vars: vars:
service: "{{ haproxy_services['keepalived'] }}" service: "{{ haproxy_services['keepalived'] }}"

2
ansible/roles/haproxy/tasks/deploy.yml

@ -1,4 +1,6 @@
--- ---
- include_tasks: config-host.yml
- include_tasks: config.yml - include_tasks: config.yml
- name: Flush handlers - name: Flush handlers

8
ansible/roles/ironic/tasks/config-host.yml Normal file

@ -0,0 +1,8 @@
---
- name: Load and persist iscsi_tcp module
import_role:
name: module-load
vars:
modules:
- {'name': iscsi_tcp}
when: inventory_hostname in groups['ironic-conductor']

7
ansible/roles/ironic/tasks/config.yml

@ -1,11 +1,4 @@
--- ---
- name: Load and persist iscsi_tcp module
import_role:
name: module-load
vars:
modules:
- {'name': iscsi_tcp}
- name: Ensuring config directories exist - name: Ensuring config directories exist
file: file:
path: "{{ node_config_directory }}/{{ item.key }}" path: "{{ node_config_directory }}/{{ item.key }}"

2
ansible/roles/ironic/tasks/deploy.yml

@ -4,6 +4,8 @@
(inventory_hostname in groups['ironic-api'] or (inventory_hostname in groups['ironic-api'] or
inventory_hostname in groups['ironic-inspector']) inventory_hostname in groups['ironic-inspector'])
- include_tasks: config-host.yml
- include_tasks: config.yml - include_tasks: config.yml
when: inventory_hostname in groups['ironic-api'] or when: inventory_hostname in groups['ironic-api'] or
inventory_hostname in groups['ironic-conductor'] or inventory_hostname in groups['ironic-conductor'] or

10
ansible/roles/iscsi/tasks/config-host.yml Normal file

@ -0,0 +1,10 @@
---
- name: Load and persist configfs module
import_role:
name: module-load
vars:
modules:
- name: configfs
when:
- inventory_hostname in groups[iscsi_services.iscsid.group]
- iscsi_services.iscsid.enabled | bool

10
ansible/roles/iscsi/tasks/config.yml

@ -1,14 +1,4 @@
--- ---
- name: Load and persist configfs module
import_role:
name: module-load
vars:
modules:
- name: configfs
when:
- inventory_hostname in groups[iscsi_services.iscsid.group]
- iscsi_services.iscsid.enabled | bool
- name: Ensuring config directories exist - name: Ensuring config directories exist
file: file:
path: "{{ node_config_directory }}/{{ item.key }}" path: "{{ node_config_directory }}/{{ item.key }}"

2
ansible/roles/iscsi/tasks/deploy.yml

@ -1,4 +1,6 @@
--- ---
- include_tasks: config-host.yml
- include_tasks: config.yml - include_tasks: config.yml
- name: Flush handlers - name: Flush handlers

7
ansible/roles/multipathd/tasks/config-host.yml Normal file

@ -0,0 +1,7 @@
---
- name: Load and persist dm-multipath module
import_role:
name: module-load
vars:
modules:
- {'name': dm-multipath}

7
ansible/roles/multipathd/tasks/config.yml

@ -1,11 +1,4 @@
--- ---
- name: Load and persist dm-multipath module
import_role:
name: module-load
vars:
modules:
- {'name': dm-multipath}
- name: Ensuring config directories exist - name: Ensuring config directories exist
file: file:
path: "{{ node_config_directory }}/{{ item.key }}" path: "{{ node_config_directory }}/{{ item.key }}"

2
ansible/roles/multipathd/tasks/deploy.yml

@ -1,4 +1,6 @@
--- ---
- include_tasks: config-host.yml
- include_tasks: config.yml - include_tasks: config.yml
- name: Flush handlers - name: Flush handlers

30
ansible/roles/neutron/tasks/config-host.yml Normal file

@ -0,0 +1,30 @@
---
- name: Load and persist ip6_tables module
include_role:
name: module-load
vars:
modules:
- {'name': ip6_tables}
when: neutron_services | select_services_enabled_and_mapped_to_host | list | intersect([ "neutron-l3-agent", "neutron-linuxbridge-agent", "neutron-openvswitch-agent" ]) | list | length > 0
- name: Setting sysctl values
become: true
vars:
neutron_l3_agent: "{{ neutron_services['neutron-l3-agent'] }}"
sysctl:
name: "{{ item.name }}"
value: "{{ item.value }}"
sysctl_set: yes
with_items:
- { name: "net.ipv4.ip_forward", value: 1}
- { name: "net.ipv4.conf.all.rp_filter", value: "{{ neutron_l3_agent_host_rp_filter_mode }}"}
- { name: "net.ipv4.conf.default.rp_filter", value: "{{ neutron_l3_agent_host_rp_filter_mode }}"}
- { name: "net.ipv4.neigh.default.gc_thresh1", value: "{{ neutron_l3_agent_host_ipv4_neigh_gc_thresh1 }}"}
- { name: "net.ipv4.neigh.default.gc_thresh2", value: "{{ neutron_l3_agent_host_ipv4_neigh_gc_thresh2 }}"}
- { name: "net.ipv4.neigh.default.gc_thresh3", value: "{{ neutron_l3_agent_host_ipv4_neigh_gc_thresh3 }}"}
- { name: "net.ipv6.neigh.default.gc_thresh1", value: "{{ neutron_l3_agent_host_ipv6_neigh_gc_thresh1 }}"}
- { name: "net.ipv6.neigh.default.gc_thresh2", value: "{{ neutron_l3_agent_host_ipv6_neigh_gc_thresh2 }}"}
- { name: "net.ipv6.neigh.default.gc_thresh3", value: "{{ neutron_l3_agent_host_ipv6_neigh_gc_thresh3 }}"}
when:
- set_sysctl | bool
- (neutron_l3_agent.enabled | bool and neutron_l3_agent.host_in_groups | bool)

27
ansible/roles/neutron/tasks/config.yml

@ -1,31 +1,4 @@
--- ---
- name: Load and persist ip6_tables module
include_role:
name: module-load
vars:
modules:
- {'name': ip6_tables}
when: neutron_services | select_services_enabled_and_mapped_to_host | list | intersect([ "neutron-l3-agent", "neutron-linuxbridge-agent", "neutron-openvswitch-agent" ]) | list | length > 0
- name: Setting sysctl values
become: true
vars:
neutron_l3_agent: "{{ neutron_services['neutron-l3-agent'] }}"
sysctl: name={{ item.name }} value={{ item.value }} sysctl_set=yes
with_items:
- { name: "net.ipv4.ip_forward", value: 1}
- { name: "net.ipv4.conf.all.rp_filter", value: "{{ neutron_l3_agent_host_rp_filter_mode }}"}
- { name: "net.ipv4.conf.default.rp_filter", value: "{{ neutron_l3_agent_host_rp_filter_mode }}"}
- { name: "net.ipv4.neigh.default.gc_thresh1", value: "{{ neutron_l3_agent_host_ipv4_neigh_gc_thresh1 }}"}
- { name: "net.ipv4.neigh.default.gc_thresh2", value: "{{ neutron_l3_agent_host_ipv4_neigh_gc_thresh2 }}"}
- { name: "net.ipv4.neigh.default.gc_thresh3", value: "{{ neutron_l3_agent_host_ipv4_neigh_gc_thresh3 }}"}
- { name: "net.ipv6.neigh.default.gc_thresh1", value: "{{ neutron_l3_agent_host_ipv6_neigh_gc_thresh1 }}"}
- { name: "net.ipv6.neigh.default.gc_thresh2", value: "{{ neutron_l3_agent_host_ipv6_neigh_gc_thresh2 }}"}
- { name: "net.ipv6.neigh.default.gc_thresh3", value: "{{ neutron_l3_agent_host_ipv6_neigh_gc_thresh3 }}"}
when:
- set_sysctl | bool
- (neutron_l3_agent.enabled | bool and neutron_l3_agent.host_in_groups | bool)
- name: Ensuring config directories exist - name: Ensuring config directories exist
become: true become: true
file: file:

2
ansible/roles/neutron/tasks/deploy.yml

@ -5,6 +5,8 @@
- include_tasks: clone.yml - include_tasks: clone.yml
when: neutron_dev_mode | bool when: neutron_dev_mode | bool
- include_tasks: config-host.yml
- include_tasks: config.yml - include_tasks: config.yml
- include_tasks: config-neutron-fake.yml - include_tasks: config-neutron-fake.yml

15
ansible/roles/nova-cell/tasks/config-host.yml Normal file

@ -0,0 +1,15 @@
---
- name: Setting sysctl values
become: true
sysctl:
name: "{{ item.name }}"
value: "{{ item.value }}"
sysctl_set: yes
with_items:
- { name: "net.bridge.bridge-nf-call-iptables", value: 1}
- { name: "net.bridge.bridge-nf-call-ip6tables", value: 1}
- { name: "net.ipv4.conf.all.rp_filter", value: "{{ nova_compute_host_rp_filter_mode }}"}
- { name: "net.ipv4.conf.default.rp_filter", value: "{{ nova_compute_host_rp_filter_mode }}"}
when:
- set_sysctl | bool
- inventory_hostname in groups[nova_cell_compute_group]

12
ansible/roles/nova-cell/tasks/config.yml

@ -1,16 +1,4 @@
--- ---
- name: Setting sysctl values
become: true
sysctl: name={{ item.name }} value={{ item.value }} sysctl_set=yes
with_items:
- { name: "net.bridge.bridge-nf-call-iptables", value: 1}
- { name: "net.bridge.bridge-nf-call-ip6tables", value: 1}
- { name: "net.ipv4.conf.all.rp_filter", value: "{{ nova_compute_host_rp_filter_mode }}"}
- { name: "net.ipv4.conf.default.rp_filter", value: "{{ nova_compute_host_rp_filter_mode }}"}
when:
- set_sysctl | bool
- inventory_hostname in groups[nova_cell_compute_group]
- name: Ensuring config directories exist - name: Ensuring config directories exist
become: true become: true
file: file:

2
ansible/roles/nova-cell/tasks/deploy.yml

@ -7,6 +7,8 @@
- include_tasks: clone.yml - include_tasks: clone.yml
when: nova_dev_mode | bool when: nova_dev_mode | bool
- include_tasks: config-host.yml
- include_tasks: config.yml - include_tasks: config.yml
- include_tasks: config-nova-fake.yml - include_tasks: config-nova-fake.yml

7
ansible/roles/openvswitch/tasks/config-host.yml Normal file

@ -0,0 +1,7 @@
---
- name: Load and persist openvswitch module
import_role:
name: module-load
vars:
modules:
- {'name': openvswitch}

7
ansible/roles/openvswitch/tasks/config.yml

@ -1,11 +1,4 @@
--- ---
- name: Load and persist openvswitch module
import_role:
name: module-load
vars:
modules:
- {'name': openvswitch}
- name: Ensuring config directories exist - name: Ensuring config directories exist
become: true become: true
file: file:

2
ansible/roles/openvswitch/tasks/deploy.yml

@ -1,4 +1,6 @@
--- ---
- include_tasks: config-host.yml
- include_tasks: config.yml - include_tasks: config.yml
- name: Flush Handlers - name: Flush Handlers

7
releasenotes/notes/no-host-config-in-genconfig-7321f0dcfc9d728d.yaml Normal file

@ -0,0 +1,7 @@
---
fixes:
- |
Fixes an issue where host configuration tasks (``sysctl``, loading kernel
modules) could be performed during the ``kolla-ansible genconfig`` command.
See `bug 1860161 <https://bugs.launchpad.net/kolla-ansible/+bug/1860161>`__
for details.