Fix linters and metadata
With update of ansible-lint to version >=6.0.0 a lot of new linters were added, that enabled by default. In order to comply with linter rules we're applying changes to the role. With that we also update metdata to reflect current state. Change-Id: Id8215882ee528d4c3055479e770c7432616649ba
This commit is contained in:
parent
048f9d548e
commit
d94e57f17b
@ -20,7 +20,11 @@ debug: False
|
||||
# for the service setup. The host must already have
|
||||
# clouds.yaml properly configured.
|
||||
octavia_service_setup_host: "{{ openstack_service_setup_host | default('localhost') }}"
|
||||
octavia_service_setup_host_python_interpreter: "{{ openstack_service_setup_host_python_interpreter | default((octavia_service_setup_host == 'localhost') | ternary(ansible_playbook_python, ansible_facts['python']['executable'])) }}"
|
||||
octavia_service_setup_host_python_interpreter: >-
|
||||
{{
|
||||
openstack_service_setup_host_python_interpreter | default(
|
||||
(octavia_service_setup_host == 'localhost') | ternary(ansible_playbook_python, ansible_facts['python']['executable']))
|
||||
}}
|
||||
|
||||
# Set installation method.
|
||||
octavia_install_method: "{{ service_install_method | default('source') }}"
|
||||
@ -42,7 +46,8 @@ octavia_package_state: "{{ package_state | default('latest') }}"
|
||||
|
||||
octavia_git_repo: https://opendev.org/openstack/octavia
|
||||
octavia_git_install_branch: master
|
||||
octavia_upper_constraints_url: "{{ requirements_git_url | default('https://releases.openstack.org/constraints/upper/' ~ requirements_git_install_branch | default('master')) }}"
|
||||
octavia_upper_constraints_url: >-
|
||||
{{ requirements_git_url | default('https://releases.openstack.org/constraints/upper/' ~ requirements_git_install_branch | default('master')) }}
|
||||
octavia_git_constraints:
|
||||
- "--constraint {{ octavia_upper_constraints_url }}"
|
||||
|
||||
@ -67,7 +72,11 @@ octavia_cinder_volume_type: "volumes-hdd"
|
||||
|
||||
## Database info
|
||||
octavia_db_setup_host: "{{ openstack_db_setup_host | default('localhost') }}"
|
||||
octavia_db_setup_python_interpreter: "{{ openstack_db_setup_python_interpreter | default((octavia_db_setup_host == 'localhost') | ternary(ansible_playbook_python, ansible_facts['python']['executable'])) }}"
|
||||
octavia_db_setup_python_interpreter: >-
|
||||
{{
|
||||
openstack_db_setup_python_interpreter | default(
|
||||
(octavia_db_setup_host == 'localhost') | ternary(ansible_playbook_python, ansible_facts['python']['executable']))
|
||||
}}
|
||||
octavia_galera_address: "{{ galera_address | default('127.0.0.1') }}"
|
||||
octavia_galera_user: octavia
|
||||
octavia_galera_database: octavia
|
||||
@ -106,7 +115,8 @@ octavia_oslomsg_rpc_ssl_ca_file: "{{ oslomsg_rpc_ssl_ca_file | default('') }}"
|
||||
|
||||
# Notify
|
||||
octavia_oslomsg_notify_host_group: "{{ oslomsg_notify_host_group | default('rabbitmq_all') }}"
|
||||
octavia_oslomsg_notify_setup_host: "{{ (octavia_oslomsg_notify_host_group in groups) | ternary(groups[octavia_oslomsg_notify_host_group][0], 'localhost') }}"
|
||||
octavia_oslomsg_notify_setup_host: >-
|
||||
{{ (octavia_oslomsg_notify_host_group in groups) | ternary(groups[octavia_oslomsg_notify_host_group][0], 'localhost') }}
|
||||
octavia_oslomsg_notify_transport: "{{ oslomsg_notify_transport | default('rabbit') }}"
|
||||
octavia_oslomsg_notify_servers: "{{ oslomsg_notify_servers | default('127.0.0.1') }}"
|
||||
octavia_oslomsg_notify_port: "{{ oslomsg_notify_port | default('5672') }}"
|
||||
@ -279,17 +289,21 @@ octavia_security_group_rule_cidr: "{{ octavia_management_net_subnet_cidr }}"
|
||||
octavia_ssh_enabled: False
|
||||
octavia_ssh_key_name: octavia_key
|
||||
octavia_keypair_setup_host: "{{ openstack_service_setup_host | default('localhost') }}"
|
||||
octavia_keypair_setup_host_python_interpreter: "{{ openstack_service_setup_host_python_interpreter | default((octavia_keypair_setup_host == 'localhost') | ternary(ansible_playbook_python, ansible_facts['python']['executable'])) }}"
|
||||
octavia_keypair_setup_host_python_interpreter: >-
|
||||
{{
|
||||
openstack_service_setup_host_python_interpreter | default((octavia_keypair_setup_host == 'localhost') | ternary(
|
||||
ansible_playbook_python, ansible_facts['python']['executable']))
|
||||
}}
|
||||
# port the agent listens on
|
||||
octavia_agent_port: "9443"
|
||||
octavia_health_manager_port: 5555
|
||||
|
||||
#Octavia Nova flavor
|
||||
# Octavia Nova flavor
|
||||
octavia_amp_flavor_name: "m1.amphora"
|
||||
octavia_amp_ram: 1024
|
||||
octavia_amp_vcpu: 1
|
||||
octavia_amp_disk: 20
|
||||
#octavia_amp_extra_specs:
|
||||
# octavia_amp_extra_specs:
|
||||
|
||||
# only increase when it's a really busy system since this is by deployed host,
|
||||
# e.g. 3 hosts, 5 workers (this param) per host, results in 15 worker total
|
||||
@ -337,7 +351,7 @@ octavia_amp_availability_zone: nova
|
||||
# dest: "/etc/octavia/templates/macros.cfg.j2"
|
||||
octavia_user_haproxy_templates: {}
|
||||
# Path of custom haproxy template file
|
||||
#octavia_haproxy_amphora_template: /etc/octavia/templates/haproxy.cfg.j2
|
||||
# octavia_haproxy_amphora_template: /etc/octavia/templates/haproxy.cfg.j2
|
||||
|
||||
# Name of the Octavia management network in Neutron
|
||||
octavia_neutron_management_network_name: lbaas-mgmt
|
||||
@ -346,7 +360,7 @@ octavia_provider_network_name: lbaas
|
||||
# Network type
|
||||
octavia_provider_network_type: flat
|
||||
# Network segmentation ID if vlan, gre...
|
||||
#octavia_provider_segmentation_id:
|
||||
# octavia_provider_segmentation_id:
|
||||
# Network CIDR
|
||||
octavia_management_net_subnet_cidr: 172.29.232.0/22
|
||||
# Example allocation range:
|
||||
@ -359,13 +373,18 @@ octavia_service_net_setup: True
|
||||
# This should match net_name from provider_networks structure in openstack_user_config
|
||||
octavia_provider_inventory_net_name: "{{ octavia_provider_network_name }}"
|
||||
# This gets container managment network structure based on octavia_provider_inventory_net_name
|
||||
octavia_provider_network: "{{ provider_networks|map(attribute='network')|selectattr('net_name','defined')|selectattr('net_name', 'equalto', octavia_provider_inventory_net_name)|list|first }}"
|
||||
octavia_provider_network: >-
|
||||
{{ provider_networks | map(attribute='network') | selectattr('net_name', 'defined') | selectattr(
|
||||
'net_name', 'equalto', octavia_provider_inventory_net_name) | list | first
|
||||
}}
|
||||
# The name of the network address pool
|
||||
octavia_container_network_name: "{{ octavia_provider_network['ip_from_q'] }}_address"
|
||||
octavia_hm_group: "octavia-health-manager"
|
||||
# Note: We use some heuristics here but if you do anything special make sure to use the
|
||||
# ip addresses on the right network. This will use the container networking to figure out the ip
|
||||
octavia_hm_hosts: "{% for host in groups[octavia_hm_group] %}{{ hostvars[host]['container_networks'][octavia_container_network_name]['address'] }}{% if not loop.last %},{% endif %}{% endfor %}"
|
||||
octavia_hm_hosts: >-
|
||||
{% for host in groups[octavia_hm_group] %}{{ hostvars[host]['container_networks'][octavia_container_network_name]['address'] }}{%
|
||||
if not loop.last %},{% endif %}{% endfor %}
|
||||
# Set this to the right container port aka the eth you connect to the octavia
|
||||
# management network
|
||||
octavia_container_interface: "{{ octavia_provider_network.container_interface }}"
|
||||
@ -429,7 +448,8 @@ octavia_iptables_rules:
|
||||
|
||||
# uWSGI Settings
|
||||
octavia_wsgi_processes_max: 16
|
||||
octavia_wsgi_processes: "{{ [[(ansible_facts['processor_vcpus']//ansible_facts['processor_threads_per_core'])|default(1), 1] | max * 2, octavia_wsgi_processes_max] | min }}"
|
||||
octavia_wsgi_processes: >-
|
||||
{{ [[(ansible_facts['processor_vcpus'] // ansible_facts['processor_threads_per_core']) | default(1), 1] | max * 2, octavia_wsgi_processes_max] | min }}
|
||||
octavia_wsgi_threads: 1
|
||||
octavia_uwsgi_bind_address: "{{ openstack_service_bind_address | default('0.0.0.0') }}"
|
||||
octavia_uwsgi_tls:
|
||||
@ -578,27 +598,27 @@ octavia_cert_install_certificates:
|
||||
condition: "{{ octavia_generate_certs | bool }}"
|
||||
|
||||
# Custom client CA
|
||||
#octavia_client_ca: "{{ octavia_cert_dir }}/ca_01.pem"
|
||||
# octavia_client_ca: "{{ octavia_cert_dir }}/ca_01.pem"
|
||||
## Custom client certs
|
||||
#octavia_client_cert: "{{ octavia_cert_dir }}/client.pem"
|
||||
#octavia_client_key: "{{ octavia_cert_dir }}/client.key.pem"
|
||||
# octavia_client_cert: "{{ octavia_cert_dir }}/client.pem"
|
||||
# octavia_client_key: "{{ octavia_cert_dir }}/client.key.pem"
|
||||
## server
|
||||
#octavia_server_ca: "{{ octavia_ca_certificate }}"
|
||||
# octavia_server_ca: "{{ octavia_ca_certificate }}"
|
||||
## ca certs
|
||||
#octavia_ca_private_key: "{{ octavia_cert_dir }}/private/cakey.pem"
|
||||
# octavia_ca_private_key: "{{ octavia_cert_dir }}/private/cakey.pem"
|
||||
octavia_ca_private_key_passphrase: "{{ octavia_cert_client_password }}"
|
||||
#octavia_ca_certificate: "{{ octavia_cert_dir }}/ca_server_01.pem"
|
||||
# octavia_ca_certificate: "{{ octavia_cert_dir }}/ca_server_01.pem"
|
||||
|
||||
|
||||
# Quotas for the Octavia user - assuming active/passive topology
|
||||
octavia_num_instances: 10000 # 5000 LB in active/passive
|
||||
octavia_ram: "{{ (octavia_num_instances|int)*1024 }}"
|
||||
octavia_num_server_groups: "{{ ((octavia_num_instances|int)*0.5)|int|abs }}"
|
||||
octavia_ram: "{{ (octavia_num_instances | int) * 1024 }}"
|
||||
octavia_num_server_groups: "{{ ((octavia_num_instances | int) * 0.5) | int | abs }}"
|
||||
octavia_num_server_group_members: 50
|
||||
octavia_num_cores: "{{ octavia_num_instances }}"
|
||||
octavia_num_secgroups: "{{ (octavia_num_instances|int)*1.5|int|abs }}" # average 3 listener per lb
|
||||
octavia_num_ports: "{{ (octavia_num_instances|int)*10 }}" # at least instances * 10
|
||||
octavia_num_security_group_rules: "{{ (octavia_num_secgroups|int)*100 }}"
|
||||
octavia_num_secgroups: "{{ (octavia_num_instances | int) * 1.5 | int | abs }}" # average 3 listener per lb
|
||||
octavia_num_ports: "{{ (octavia_num_instances | int) * 10 }}" # at least instances * 10
|
||||
octavia_num_security_group_rules: "{{ (octavia_num_secgroups | int) * 100 }}"
|
||||
|
||||
## Tunable overrides
|
||||
octavia_octavia_conf_overrides: {}
|
||||
@ -623,5 +643,5 @@ octavia_api_ssl_cert: /etc/octavia/certs/octavia-api.pem
|
||||
octavia_api_ssl_key: /etc/octavia/certs/octavia-api.key
|
||||
|
||||
# Define user-provided SSL certificates
|
||||
#octavia_api_user_ssl_cert: <path to cert on ansible deployment host>
|
||||
#octavia_api_user_ssl_key: <path to cert on ansible deployment host>
|
||||
# octavia_api_user_ssl_cert: <path to cert on ansible deployment host>
|
||||
# octavia_api_user_ssl_key: <path to cert on ansible deployment host>
|
||||
|
@ -18,16 +18,21 @@ galaxy_info:
|
||||
description: Installation and setup of octavia
|
||||
company: Rackspace
|
||||
license: Apache2
|
||||
min_ansible_version: 2.2
|
||||
role_name: os_octavia
|
||||
namespace: openstack
|
||||
min_ansible_version: "2.10"
|
||||
platforms:
|
||||
- name: Debian
|
||||
versions:
|
||||
- buster
|
||||
- bullseye
|
||||
- name: Ubuntu
|
||||
versions:
|
||||
- bionic
|
||||
- focal
|
||||
categories:
|
||||
- jammy
|
||||
- name: EL
|
||||
versions:
|
||||
- "9"
|
||||
galaxy_tags:
|
||||
- cloud
|
||||
- development
|
||||
- octavia
|
||||
|
@ -51,7 +51,8 @@
|
||||
tags:
|
||||
- always
|
||||
|
||||
- include_role:
|
||||
- name: Including osa.db_setup role
|
||||
include_role:
|
||||
name: openstack.osa.db_setup
|
||||
apply:
|
||||
tags:
|
||||
@ -77,7 +78,8 @@
|
||||
tags:
|
||||
- always
|
||||
|
||||
- include_role:
|
||||
- name: Including osa.mq_setup role
|
||||
include_role:
|
||||
name: openstack.osa.mq_setup
|
||||
apply:
|
||||
tags:
|
||||
@ -104,7 +106,8 @@
|
||||
tags:
|
||||
- always
|
||||
|
||||
- import_tasks: octavia_pre_install.yml
|
||||
- name: Importing octavia_pre_install tasks
|
||||
import_tasks: octavia_pre_install.yml
|
||||
tags:
|
||||
- octavia-install
|
||||
|
||||
@ -135,6 +138,9 @@
|
||||
src: /etc/octavia/certs/
|
||||
dest: /etc/octavia/certs/client.pem
|
||||
regexp: '(client\.pem\.crt|client\.pem\.key)$'
|
||||
owner: "{{ octavia_system_user_name }}"
|
||||
group: "{{ octavia_system_group_name }}"
|
||||
mode: "0640"
|
||||
notify:
|
||||
- Restart octavia services
|
||||
- Restart uwsgi services
|
||||
@ -145,7 +151,8 @@
|
||||
- octavia-install
|
||||
|
||||
|
||||
- import_tasks: octavia_install.yml
|
||||
- name: Importing octavia_install tasks
|
||||
import_tasks: octavia_install.yml
|
||||
tags:
|
||||
- octavia-install
|
||||
|
||||
@ -169,16 +176,17 @@
|
||||
systemd_tempd_prefix: openstack
|
||||
systemd_slice_name: "{{ octavia_system_slice_name }}"
|
||||
systemd_lock_dir: "{{ octavia_lock_dir }}"
|
||||
systemd_CPUAccounting: true
|
||||
systemd_BlockIOAccounting: true
|
||||
systemd_MemoryAccounting: true
|
||||
systemd_TasksAccounting: true
|
||||
systemd_service_cpu_accounting: true
|
||||
systemd_service_block_io_accounting: true
|
||||
systemd_service_memory_accounting: true
|
||||
systemd_service_tasks_accounting: true
|
||||
systemd_services: "{{ filtered_octavia_services }}"
|
||||
tags:
|
||||
- octavia-config
|
||||
- systemd-service
|
||||
|
||||
- include_role:
|
||||
- name: Including osa.service_setup role
|
||||
include_role:
|
||||
name: openstack.osa.service_setup
|
||||
apply:
|
||||
tags:
|
||||
@ -218,7 +226,8 @@
|
||||
tags:
|
||||
- always
|
||||
|
||||
- include_tasks: octavia_mgmt_network.yml
|
||||
- name: Including octavia_mgmt_network tasks
|
||||
include_tasks: octavia_mgmt_network.yml
|
||||
args:
|
||||
apply:
|
||||
tags:
|
||||
@ -231,13 +240,15 @@
|
||||
tags:
|
||||
- always
|
||||
|
||||
- import_tasks: octavia_security_group.yml
|
||||
- name: Importing octavia_security_group tasks
|
||||
import_tasks: octavia_security_group.yml
|
||||
when:
|
||||
- _octavia_is_first_play_host
|
||||
tags:
|
||||
- octavia-install
|
||||
|
||||
- include_tasks: octavia_keypair.yml
|
||||
- name: Including octavia_keypair tasks
|
||||
include_tasks: octavia_keypair.yml
|
||||
args:
|
||||
apply:
|
||||
tags:
|
||||
@ -247,7 +258,8 @@
|
||||
tags:
|
||||
- always
|
||||
|
||||
- include_tasks: octavia_flavor_create.yml
|
||||
- name: Importing octavia_flavor_create tasks
|
||||
include_tasks: octavia_flavor_create.yml
|
||||
args:
|
||||
apply:
|
||||
tags:
|
||||
@ -259,24 +271,28 @@
|
||||
tags:
|
||||
- always
|
||||
|
||||
- import_tasks: octavia_post_install.yml
|
||||
- name: Importing octavia_post_install tasks
|
||||
import_tasks: octavia_post_install.yml
|
||||
tags:
|
||||
- octavia-install
|
||||
- octavia-config
|
||||
|
||||
- import_tasks: octavia_db_sync.yml
|
||||
- name: Importing octavia_db_sync tasks
|
||||
import_tasks: octavia_db_sync.yml
|
||||
when:
|
||||
- _octavia_is_first_play_host
|
||||
tags:
|
||||
- octavia-install
|
||||
|
||||
- import_tasks: octavia_policy.yml
|
||||
- name: Importing octavia_policy tasks
|
||||
import_tasks: octavia_policy.yml
|
||||
tags:
|
||||
- octavia-install
|
||||
- octavia-config
|
||||
- octavia-policy-override
|
||||
|
||||
- include_tasks: octavia_amp_image.yml
|
||||
- name: Including octavia_amp_image tasks
|
||||
include_tasks: octavia_amp_image.yml
|
||||
args:
|
||||
apply:
|
||||
tags:
|
||||
|
@ -34,6 +34,7 @@
|
||||
get_url:
|
||||
url: "{{ octavia_artefact_url }}"
|
||||
dest: "{{ octavia_amp_image_path }}"
|
||||
mode: "0644"
|
||||
retries: 10
|
||||
delay: 10
|
||||
register: octavia_download_result
|
||||
@ -74,6 +75,7 @@
|
||||
--private
|
||||
--project {{ octavia_service_project_name }}
|
||||
amphora-x64-haproxy
|
||||
changed_when: false
|
||||
|
||||
- name: Delete old image from glance
|
||||
openstack.cloud.image:
|
||||
|
@ -6,6 +6,7 @@
|
||||
section: "octavia"
|
||||
option: "install_method"
|
||||
value: "{{ octavia_install_method }}"
|
||||
mode: "0644"
|
||||
|
||||
- name: Refresh local facts to ensure the octavia section is present
|
||||
setup:
|
||||
@ -33,8 +34,11 @@
|
||||
venv_install_destination_path: "{{ octavia_bin | dirname }}"
|
||||
venv_install_distro_package_list: "{{ octavia_distro_packages }}"
|
||||
venv_pip_install_args: "{{ octavia_pip_install_args }}"
|
||||
venv_pip_packages: "{{ octavia_pip_packages | union(octavia_user_pip_packages) +
|
||||
(octavia_oslomsg_amqp1_enabled | bool) | ternary(octavia_optional_oslomsg_amqp1_pip_packages, []) }}"
|
||||
venv_pip_packages: >-
|
||||
{{
|
||||
octavia_pip_packages | union(octavia_user_pip_packages) +
|
||||
(octavia_oslomsg_amqp1_enabled | bool) | ternary(octavia_optional_oslomsg_amqp1_pip_packages, [])
|
||||
}}
|
||||
venv_facts_when_changed:
|
||||
- section: "octavia"
|
||||
option: "venv_tag"
|
||||
|
@ -35,6 +35,7 @@
|
||||
copy:
|
||||
content: "{{ _octavia_keypair['keypair']['private_key'] }}"
|
||||
dest: "{{ lookup('env', 'HOME') }}/.ssh/{{ octavia_ssh_key_name }}"
|
||||
mode: "0600"
|
||||
delegate_to: localhost
|
||||
when:
|
||||
- _octavia_keypair is changed
|
||||
|
@ -15,7 +15,7 @@
|
||||
|
||||
# iptables module doesn't see empty string as a null value so this is the only
|
||||
# way to get a configurable rule definition in right now
|
||||
- name: iptables rules
|
||||
- name: IPtables rules
|
||||
iptables: "{{ item }}"
|
||||
with_items: "{{ octavia_iptables_rules }}"
|
||||
when: octavia_ip_tables_fw | bool
|
||||
@ -23,13 +23,15 @@
|
||||
# This is totally odd: If you run the commands via run-parts (as the script
|
||||
# in the distro does) they return 1; but do their job. If you run them
|
||||
# directly they work. Ignoring errors for now --
|
||||
- name: save iptables rules (Debian/Ubuntu)
|
||||
- name: Save iptables rules (Debian/Ubuntu)
|
||||
command: netfilter-persistent save
|
||||
changed_when: false
|
||||
failed_when: false
|
||||
when: ansible_facts['os_family'] == 'Debian'
|
||||
|
||||
- name: save iptables rules (CentOS)
|
||||
- name: Save iptables rules (CentOS)
|
||||
shell: iptables-save > /etc/sysconfig/iptables
|
||||
changed_when: false
|
||||
when:
|
||||
- ansible_facts['distribution'] == 'CentOS'
|
||||
|
||||
|
@ -33,9 +33,9 @@
|
||||
file:
|
||||
path: "{{ item.path }}"
|
||||
state: directory
|
||||
owner: "{{ item.owner|default(octavia_system_user_name) }}"
|
||||
group: "{{ item.group|default(octavia_system_group_name) }}"
|
||||
mode: "{{ item.mode|default('0755') }}"
|
||||
owner: "{{ item.owner | default(octavia_system_user_name) }}"
|
||||
group: "{{ item.group | default(octavia_system_group_name) }}"
|
||||
mode: "{{ item.mode | default('0755') }}"
|
||||
with_items:
|
||||
- { path: "/openstack", owner: "root", group: "root" }
|
||||
- { path: "/openstack/venvs", owner: "root", group: "root" }
|
||||
|
@ -13,7 +13,11 @@
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
_octavia_is_first_play_host: "{{ (octavia_services['octavia-api']['group'] in group_names and inventory_hostname == (groups[octavia_services['octavia-api']['group']] | intersect(ansible_play_hosts)) | first) | bool }}"
|
||||
_octavia_is_first_play_host: >-
|
||||
{{
|
||||
(octavia_services['octavia-api']['group'] in group_names and
|
||||
inventory_hostname == (groups[octavia_services['octavia-api']['group']] | intersect(ansible_play_hosts)) | first) | bool
|
||||
}}
|
||||
|
||||
#
|
||||
# Compile a list of the services on a host based on whether
|
||||
|
Loading…
x
Reference in New Issue
Block a user