diff --git a/defaults/main.yml b/defaults/main.yml index e52caac..ac9fdbc 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -21,7 +21,11 @@ manila_package_state: "{{ package_state | default('latest') }}" # for the service setup. The host must already have # clouds.yaml properly configured. manila_service_setup_host: "{{ openstack_service_setup_host | default('localhost') }}" -manila_service_setup_host_python_interpreter: "{{ openstack_service_setup_host_python_interpreter | default((manila_service_setup_host == 'localhost') | ternary(ansible_playbook_python, ansible_facts['python']['executable'])) }}" +manila_service_setup_host_python_interpreter: >- + {{ + openstack_service_setup_host_python_interpreter | default( + (manila_service_setup_host == 'localhost') | ternary(ansible_playbook_python, ansible_facts['python']['executable'])) + }} # Set installation method. manila_install_method: "{{ service_install_method | default('source') }}" @@ -29,7 +33,8 @@ manila_venv_python_executable: "{{ openstack_venv_python_executable | default('p manila_git_repo: https://opendev.org/openstack/manila manila_git_install_branch: master -manila_upper_constraints_url: "{{ requirements_git_url | default('https://releases.openstack.org/constraints/upper/' ~ requirements_git_install_branch | default('master')) }}" +manila_upper_constraints_url: >- + {{ requirements_git_url | default('https://releases.openstack.org/constraints/upper/' ~ requirements_git_install_branch | default('master')) }} manila_git_constraints: - "--constraint {{ manila_upper_constraints_url }}" @@ -52,7 +57,11 @@ manila_fatal_deprecations: False ## Database info manila_db_setup_host: "{{ openstack_db_setup_host | default('localhost') }}" -manila_db_setup_python_interpreter: "{{ openstack_db_setup_python_interpreter | default((manila_db_setup_host == 'localhost') | ternary(ansible_playbook_python, ansible_facts['python']['executable'])) }}" +manila_db_setup_python_interpreter: >- + {{ + openstack_db_setup_python_interpreter | default( + (manila_db_setup_host == 'localhost') | ternary(ansible_playbook_python, ansible_facts['python']['executable'])) + }} manila_galera_address: "{{ galera_address | default('127.0.0.1') }}" manila_galera_user: manila manila_galera_database: manila @@ -175,7 +184,8 @@ manila_service_data_program_enabled: false ## Cap the maximun number of threads / workers when a user value is unspecified. manila_osapi_share_workers_max: 16 -manila_osapi_share_workers: "{{ [[(ansible_facts['processor_vcpus']//ansible_facts['processor_threads_per_core'])|default(1), 1] | max * 2, manila_osapi_share_workers_max] | min }}" +manila_osapi_share_workers: >- + {{ [[(ansible_facts['processor_vcpus'] // ansible_facts['processor_threads_per_core']) | default(1), 1] | max * 2, manila_osapi_share_workers_max] | min }} ## Manila RPC manila_rpc_executor_thread_pool_size: 64 @@ -207,21 +217,21 @@ manila_enabled_share_protocols: - NFS - CEPHFS -manila_default_share_type: "{{ _manila_default_share_type | default('') }}" +manila_default_share_type: "{{ _manila_default_share_type | default('') }}" manila_share_name_template: share-%s # manila_backend_lvm_inuse: True if current host has an lvm backend manila_backend_lvm_inuse: "{{ (manila_backends | to_json).find('lvm') != -1 }}" # manila_backend_rbd_inuse: True if the current host has an rbd backend -manila_backend_rbd_inuse: "{{ (manila_backends |to_json).find('manila.share.drivers.cephfs') != -1 }}" +manila_backend_rbd_inuse: "{{ (manila_backends | to_json).find('manila.share.drivers.cephfs') != -1 }}" ## Policy vars # Provide a list of access controls to update the default policy.json with. These changes will be merged # with the access controls in the default policy.json. E.g. -#manila_policy_overrides: -# "share:create": "" -# "share:delete": "" +# manila_policy_overrides: +# "share:create": "" +# "share:delete": "" manila_service_in_ldap: "{{ service_ldap_backend_enabled | default(False) }}" @@ -286,10 +296,9 @@ manila_services: uwsgi_bind_address: "{{ manila_uwsgi_bind_address }}" uwsgi_tls: "{{ manila_backend_ssl | ternary(manila_uwsgi_tls, {}) }}" - #condition: "{{ manila_service_data_program_enabled | bool }}" # Manila uWSGI settings manila_wsgi_processes_max: 16 -manila_wsgi_processes: "{{ [[ansible_facts['processor_vcpus']|default(1), 1] | max * 2, manila_wsgi_processes_max] | min }}" +manila_wsgi_processes: "{{ [[ansible_facts['processor_vcpus'] | default(1), 1] | max * 2, manila_wsgi_processes_max] | min }}" manila_wsgi_threads: 1 manila_wsgi_buffer_size: 65535 manila_uwsgi_tls: @@ -356,5 +365,5 @@ manila_pki_install_certificates: mode: "0600" # Define user-provided SSL certificates -#manila_user_ssl_cert: -#manila_user_ssl_key: +# manila_user_ssl_cert: +# manila_user_ssl_key: diff --git a/meta/main.yml b/meta/main.yml index 89f171b..1036bc3 100644 --- a/meta/main.yml +++ b/meta/main.yml @@ -18,16 +18,18 @@ galaxy_info: description: Installation and setup of manila company: Rackspace license: Apache2 - min_ansible_version: 2.4 + role_name: os_manila + namespace: openstack + min_ansible_version: "2.10" platforms: - name: Debian versions: - - buster + - bullseye - name: Ubuntu versions: - - bionic - focal - categories: + - jammy + galaxy_tags: - cloud - python - manila diff --git a/tasks/main.yml b/tasks/main.yml index 9e727d3..df25090 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -65,14 +65,16 @@ tags: - always -- import_tasks: manila_lvm_config.yml +- name: Importing manila_lvm_config tasks + import_tasks: manila_lvm_config.yml when: - manila_services['manila-share']['group'] in group_names - manila_backend_lvm_inuse | bool tags: - manila-config -- include_role: +- name: Including osa.db_setup role + include_role: name: openstack.osa.db_setup apply: tags: @@ -93,7 +95,8 @@ tags: - always -- include_role: +- name: Including osa.mq_setup role + include_role: name: openstack.osa.mq_setup apply: tags: @@ -115,11 +118,13 @@ tags: - always -- import_tasks: manila_pre_install.yml +- name: Importing manila_pre_install tasks + import_tasks: manila_pre_install.yml tags: - manila-install -- import_tasks: manila_install.yml +- name: Importing manila_install tasks + import_tasks: manila_install.yml tags: - manila-install @@ -143,18 +148,21 @@ tags: - always -- import_tasks: manila_post_install.yml +- name: Importing manila_post_install tasks + import_tasks: manila_post_install.yml tags: - manila-config -- import_tasks: manila_keys.yml +- name: Importing manila_keys tasks + import_tasks: manila_keys.yml when: - manila_keypair_path is defined - manila_services['manila-share']['group'] in group_names tags: - manila-config -- include_tasks: manila_db_sync.yml +- name: Including manila_db_sync tasks + include_tasks: manila_db_sync.yml when: - _manila_is_first_play_host tags: @@ -172,7 +180,7 @@ - manila-config - uwsgi -- name: import_tasks ceph_client role +- name: Importing ceph_client role import_role: name: ceph_client vars: @@ -184,12 +192,13 @@ tags: - ceph -- include_role: +- name: Including osa.service_setup role + include_role: name: openstack.osa.service_setup apply: tags: - - common-service - - manila-config + - common-service + - manila-config vars: _service_adminuri_insecure: "{{ keystone_service_adminuri_insecure }}" _service_in_ldap: "{{ manila_service_in_ldap }}" @@ -224,7 +233,8 @@ tags: - manila-config -- import_tasks: manila_backends.yml +- name: Importing manila_backends tasks + import_tasks: manila_backends.yml when: - groups[manila_services['manila-share']['group']] | length > 0 - _manila_share_is_first_play_host diff --git a/tasks/manila_backends.yml b/tasks/manila_backends.yml index d8f11fc..33e0794 100644 --- a/tasks/manila_backends.yml +++ b/tasks/manila_backends.yml @@ -32,9 +32,12 @@ - name: Add in manila devices types shell: | . {{ ansible_facts['env']['HOME'] }}/openrc - CLI_OPTIONS="--os-interface internal {{ ((keystone_service_adminuri_insecure | bool) or (manila_service_internaluri_insecure | bool)) | ternary('--insecure','') }}" + CLI_OPTIONS="--os-interface internal {{ ((keystone_service_adminuri_insecure | bool) or (manila_service_internaluri_insecure | bool)) | ternary( + '--insecure', '') + }}" if ! openstack ${CLI_OPTIONS} share type list | grep -q "{{ item.key }}"; then - openstack ${CLI_OPTIONS} share type create "{{ item.key }}" "{{ item.value.driver_handles_share_servers }}" --extra-specs "share_backend_name={{ item.value.share_backend_name }}" + openstack ${CLI_OPTIONS} share type create "{{ item.key }}" "{{ item.value.driver_handles_share_servers }}" \ + --extra-specs "share_backend_name={{ item.value.share_backend_name }}" fi args: executable: /bin/bash diff --git a/tasks/manila_db_sync.yml b/tasks/manila_db_sync.yml index 5708a51..bd1ea48 100644 --- a/tasks/manila_db_sync.yml +++ b/tasks/manila_db_sync.yml @@ -35,6 +35,7 @@ section: manila option: need_online_data_migrations value: false + mode: "0644" when: - not data_migrations is skipped - data_migrations is succeeded diff --git a/tasks/manila_install.yml b/tasks/manila_install.yml index 342d111..0575a44 100644 --- a/tasks/manila_install.yml +++ b/tasks/manila_install.yml @@ -19,6 +19,7 @@ section: "manila" option: "install_method" value: "{{ manila_install_method }}" + mode: "0644" - name: Refresh local facts to ensure the manila section is present setup: @@ -63,11 +64,11 @@ systemd_group_name: "{{ manila_system_group_name }}" systemd_tempd_prefix: openstack systemd_slice_name: "{{ manila_system_slice_name }}" - systemd_lock_dir: "{{ manila_lock_dir }}" - systemd_CPUAccounting: true - systemd_BlockIOAccounting: true - systemd_MemoryAccounting: true - systemd_TasksAccounting: true + systemd_lock_dir: "{{ manila_lock_dir }}" + systemd_service_cpu_accounting: true + systemd_service_block_io_accounting: true + systemd_service_memory_accounting: true + systemd_service_tasks_accounting: true systemd_services: |- {% set services = [] %} {% for service in filtered_manila_services %} @@ -94,6 +95,7 @@ section: manila option: "{{ item }}" value: true + mode: "0644" with_items: - "need_online_data_migrations" - "need_service_restart" diff --git a/tasks/manila_keys.yml b/tasks/manila_keys.yml index ebc22a3..38471b7 100644 --- a/tasks/manila_keys.yml +++ b/tasks/manila_keys.yml @@ -11,7 +11,7 @@ dest: "/etc/manila/{{ item | basename }}" owner: "{{ manila_system_user_name }}" group: "{{ manila_system_group_name }}" - mode: 0600 + mode: "0600" loop: - "{{ manila_keypair_path }}.pub" - "{{ manila_keypair_path }}" diff --git a/tasks/manila_lvm_config.yml b/tasks/manila_lvm_config.yml index dbc92a3..1ff2d3f 100644 --- a/tasks/manila_lvm_config.yml +++ b/tasks/manila_lvm_config.yml @@ -24,6 +24,7 @@ file: state: "directory" path: "/etc/lvm" + mode: "0755" when: - lvm_devices.rc == 0 @@ -34,5 +35,6 @@ owner: "root" group: "root" backup: "yes" + mode: "0644" when: - lvm_devices.rc == 0 diff --git a/tasks/manila_post_install.yml b/tasks/manila_post_install.yml index 581f496..fedd0eb 100644 --- a/tasks/manila_post_install.yml +++ b/tasks/manila_post_install.yml @@ -27,8 +27,8 @@ src: "{{ item.src }}" dest: "{{ item.dest }}" owner: "root" - group: "{{ item.group|default(manila_system_group_name) }}" - mode: "{{ item.mode |default('0640') }}" + group: "{{ item.group | default(manila_system_group_name) }}" + mode: "{{ item.mode | default('0640') }}" config_overrides: "{{ item.config_overrides | default({}) }}" config_type: "{{ item.config_type }}" when: item.condition | default(True) diff --git a/tasks/manila_pre_install.yml b/tasks/manila_pre_install.yml index 1668033..3103adf 100644 --- a/tasks/manila_pre_install.yml +++ b/tasks/manila_pre_install.yml @@ -13,7 +13,7 @@ # See the License for the specific language governing permissions and # limitations under the License. -- name: create the system group +- name: Create the system group group: name: "{{ manila_system_group_name }}" gid: "{{ manila_system_group_gid | default(omit) }}" @@ -23,7 +23,7 @@ - name: Create the manila system user user: name: "{{ manila_system_user_name }}" - uid: "{{ manila_system_user_uid|default(omit) }}" + uid: "{{ manila_system_user_uid | default(omit) }}" group: "{{ manila_system_group_name }}" comment: "{{ manila_system_comment }}" shell: "{{ manila_system_shell }}" diff --git a/vars/main.yml b/vars/main.yml index df55a80..422ecb4 100644 --- a/vars/main.yml +++ b/vars/main.yml @@ -13,8 +13,16 @@ # See the License for the specific language governing permissions and # limitations under the License. -_manila_is_first_play_host: "{{ (manila_services['manila-api']['group'] in group_names and inventory_hostname == (groups[manila_services['manila-api']['group']] | intersect(ansible_play_hosts)) | first) | bool }}" -_manila_share_is_first_play_host: "{{ (manila_services['manila-share']['group'] in group_names and inventory_hostname == (groups[manila_services['manila-share']['group']] | intersect(ansible_play_hosts)) | first) | bool }}" +_manila_is_first_play_host: >- + {{ + (manila_services['manila-api']['group'] in group_names and + inventory_hostname == (groups[manila_services['manila-api']['group']] | intersect(ansible_play_hosts)) | first) | bool + }} +_manila_share_is_first_play_host: >- + {{ + (manila_services['manila-share']['group'] in group_names and + inventory_hostname == (groups[manila_services['manila-share']['group']] | intersect(ansible_play_hosts)) | first) | bool + }} _manila_default_share_type_list: "{{ manila_backends.keys() | list }}" _manila_default_share_type: "{{ ((_manila_default_share_type_list | length) > 0) | ternary(_manila_default_share_type_list[0], '') }}" diff --git a/zuul.d/project.yaml b/zuul.d/project.yaml index ae506d0..502a434 100644 --- a/zuul.d/project.yaml +++ b/zuul.d/project.yaml @@ -23,7 +23,7 @@ jobs: - openstack-ansible-deploy-aio_metal-ubuntu-jammy # NOTE(noonedeadpunk): Fails with OOM - - openstack-ansible-deploy-aio_metal-centos-8-stream: + - openstack-ansible-deploy-aio_metal-centos-9-stream: voting: false - openstack-ansible-deploy-aio_lxc-ubuntu-jammy: voting: false