--- - name: Ensure docker service directory exists file: path: /etc/systemd/system/docker.service.d state: directory recurse: yes become: True - name: Configure docker service become: True template: src: docker_systemd_service.j2 dest: /etc/systemd/system/docker.service.d/kolla.conf register: docker_configured - name: Reload docker service file become: True command: systemctl daemon-reload - name: Get stat of libvirtd apparmor profile stat: path: /etc/apparmor.d/usr.sbin.libvirtd register: apparmor_libvirtd_profile when: ansible_distribution == "Ubuntu" - name: Remove apparmor profile for libvirt command: apparmor_parser -R /etc/apparmor.d/usr.sbin.libvirtd become: True when: - ansible_distribution == "Ubuntu" - apparmor_libvirtd_profile.stat.exists - name: Create docker group group: name: docker become: True - name: Add kolla user to docker group user: name: kolla append: yes groups: docker become: True when: create_kolla_user | bool - name: Start docker service: name: docker state: started become: True - name: Restart docker service: name: docker state: restarted become: True when: docker_configured.changed - name: Enable docker service: name: docker enabled: yes become: True - name: Stop time service service: name: ntp state: stopped become: True when: - ansible_os_family == "Debian" - enable_host_ntp | bool - name: Stop time service service: name: ntpd state: stopped become: True when: - ansible_os_family == "RedHat" - enable_host_ntp | bool - name: Synchronizing time one-time command: ntpd -gq become: True when: enable_host_ntp | bool - name: Start time sync service service: name: ntp state: started enabled: yes become: True when: - ansible_os_family == "Debian" - enable_host_ntp | bool - name: Start time sync service service: name: ntpd state: started enabled: yes become: True when: - ansible_os_family == "RedHat" - enable_host_ntp | bool - name: Disable selinux selinux: policy: target state: permissive become: true when: - disable_selinux | bool - ansible_os_family == "RedHat" - name: Reboot command: reboot -f become: True when: - reboot_required is defined - reboot_required | bool