openstack/kolla-ansible
Code Issues Proposed changes
Files
46aeb9843f3702f7300dc8627d98a7af8d24cfb1
kolla-ansible/ansible/roles/prechecks/tasks/service_checks.yml
Mark Goddard 46aeb9843f Fix prechecks in check mode 
When running in check mode, some prechecks previously failed because
they use the command module which is silently not run in check mode.
Other prechecks were not running correctly in check mode due to e.g.
looking for a string in empty command output or not querying which
containers are running.

This change fixes these issues.

Closes-Bug: #2002657
Change-Id: I5219cb42c48d5444943a2d48106dc338aa08fa7c
2023-01-12 14:27:36 +00:00

57 lines
2.0 KiB
YAML
Raw Blame History

---
- name: Checking Docker version
become: true
command: "{{ kolla_container_engine }} --version"
register: result
changed_when: false
check_mode: false
when: inventory_hostname in groups['baremetal']
failed_when: result is failed
or result.stdout | regex_replace('.*\\b(\\d+\\.\\d+\\.\\d+)\\b.*', '\\1') is version(docker_version_min, '<')
# NOTE(mgoddard): If passwords.yml is encrypted using ansible-vault, this check
# will pass, but only because nothing in the vault file has the format of a
# YAML dict item.
- name: Checking empty passwords in passwords.yml. Run kolla-genpwd if this task fails
command:
cmd: grep '^[^#].*:\s*$' "{{ node_config }}/passwords.yml"
delegate_to: localhost
run_once: True
register: result
changed_when: false
failed_when: result.stdout | regex_replace('(.*ssh_key.*)', '') is search(":")
check_mode: false
- name: Check if nscd is running
command: pgrep nscd
ignore_errors: yes
failed_when: false
changed_when: false
check_mode: false
register: nscd_status
- name: Fail if nscd is running
fail:
msg: |
Service nscd is running. This is known to cause issues with Docker's user namespaces in
Kolla. Please disable it before proceeding.
when:
- nscd_status.rc == 0
- name: Validate that internal and external vip address are different when TLS is enabled only on either the internal and external network
run_once: True
fail:
msg: 'kolla_external_vip_address and kolla_internal_vip_address must not be the same when only one network has TLS enabled'
changed_when: false
when:
- kolla_enable_tls_external | bool or kolla_enable_tls_internal | bool
- not (kolla_enable_tls_external | bool and kolla_enable_tls_internal | bool)
- kolla_same_external_internal_vip | bool
- name: Validate that enable_ceph is disabled
run_once: True
fail:
msg: "We are sorry but enable_ceph is no longer supported. Please use external ceph support."
when:
- (enable_ceph | default()) | bool
View Git Blame Copy Permalink