Skip to content

Commit

Permalink
Specify 'become' for only neccesary tasks (all other roles)
Browse files Browse the repository at this point in the history 
Add become to only neccesary tasks in roles:

- aodh
- barbican
- bifrost
- ceilometer
- ceph
- chrony
- cinder
- cloudkitty
- collectd
- congress
- designate
- elasticsearch
- etcd
- freezer
- gnocchi
- grafana
- influxdb
- ironic
- iscsi
- karbor
- kibana
- kuryr
- magnum
- manila
- mistral
- mongodb
- multipathd
- murano
- octavia
- panko
- qdrouterd
- rally
- sahara
- searchlight
- senlin
- skydive
- solum
- swift
- swift
- tacker
- telegraf
- tempest
- trove
- vmtp
- watcher
- zun

Change-Id: I6e32d94d4172dd96d09d8609e8a5221ab5586a31
Partial-Implements: blueprint ansible-specific-task-become
  • Loading branch information
Duong Ha-Quang committed Mar 12, 2018
1 parent 6092391 commit 9965cc4
Show file tree
Hide file tree
Showing 51 changed files with 491 additions and 50 deletions.
13 changes: 12 additions & 1 deletion ansible/roles/aodh/tasks/config.yml
View file
Expand Up @@ -3,7 +3,10 @@
file:
path: "{{ node_config_directory }}/{{ item.key }}"
state: "directory"
recurse: yes
owner: "{{ config_owner_user }}"
group: "{{ config_owner_group }}"
mode: "0770"
become: true
when:
- item.value.enabled | bool
- inventory_hostname in groups[item.value.group]
Expand All @@ -30,6 +33,8 @@
template:
src: "{{ aodh_policy_file_path }}"
dest: "{{ node_config_directory }}/{{ item.key }}/{{ aodh_policy_file }}"
mode: "0660"
become: true
register: aodh_policy_overwriting
when:
- aodh_policy_file is defined
Expand All @@ -46,6 +51,8 @@
template:
src: "{{ item.key }}.json.j2"
dest: "{{ node_config_directory }}/{{ item.key }}/config.json"
mode: "0660"
become: true
register: aodh_config_jsons
when:
- item.value.enabled | bool
Expand All @@ -68,6 +75,8 @@
- "{{ node_custom_config }}/aodh/{{ item.key }}.conf"
- "{{ node_custom_config }}/aodh/{{ inventory_hostname }}/aodh.conf"
dest: "{{ node_config_directory }}/{{ item.key }}/aodh.conf"
mode: "0660"
become: true
register: aodh_confs
when:
- item.value.enabled | bool
Expand All @@ -85,6 +94,8 @@
template:
src: "wsgi-aodh.conf.j2"
dest: "{{ node_config_directory }}/aodh-api/wsgi-aodh.conf"
mode: "0660"
become: true
register: aodh_conf_wsgi
when:
- inventory_hostname in groups[service.group]
Expand Down
15 changes: 14 additions & 1 deletion ansible/roles/barbican/tasks/config.yml
View file
Expand Up @@ -3,7 +3,10 @@
file:
path: "{{ node_config_directory }}/{{ item }}"
state: "directory"
recurse: yes
owner: "{{ config_owner_user }}"
group: "{{ config_owner_group }}"
mode: "0770"
become: true
with_items:
- "barbican-api/vassals"
- "barbican-keystone-listener"
Expand All @@ -30,6 +33,8 @@
template:
src: "{{ item.key }}.json.j2"
dest: "{{ node_config_directory }}/{{ item.key }}/config.json"
mode: "0660"
become: true
register: barbican_config_jsons
when:
- inventory_hostname in groups[item.value.group]
Expand All @@ -47,6 +52,8 @@
- "{{ node_custom_config }}/barbican-api/barbican-api.ini"
- "{{ node_custom_config }}/barbican-api/{{ inventory_hostname }}/barbican-api.ini"
dest: "{{ node_config_directory }}/barbican-api/vassals/barbican-api.ini"
mode: "0660"
become: true
register: barbican_api_ini
when:
- inventory_hostname in groups['barbican-api']
Expand All @@ -69,6 +76,8 @@
template:
src: "{{ node_custom_config }}/barbican/barbican-api-paste.ini"
dest: "{{ node_config_directory }}/barbican-api/barbican-api-paste.ini"
mode: "0660"
become: true
when:
- inventory_hostname in groups['barbican-api']
- service.enabled | bool
Expand All @@ -88,6 +97,8 @@
- "{{ node_custom_config }}/barbican/{{ item.key }}.conf"
- "{{ node_custom_config }}/barbican/{{ inventory_hostname }}/barbican.conf"
dest: "{{ node_config_directory }}/{{ item.key }}/barbican.conf"
mode: "0660"
become: true
register: barbican_confs
when:
- item.value.enabled | bool
Expand All @@ -100,6 +111,8 @@
template:
src: "{{ barbican_policy_file_path }}"
dest: "{{ node_config_directory }}/{{ item.key }}/{{ barbican_policy_file }}"
mode: "0660"
become: true
register: barbican_policy_overwriting
when:
- barbican_policy_file is defined
Expand Down
11 changes: 10 additions & 1 deletion ansible/roles/bifrost/tasks/config.yml
View file
Expand Up @@ -3,7 +3,10 @@
file:
path: "{{ node_config_directory }}/{{ item }}"
state: "directory"
recurse: yes
owner: "{{ config_owner_user }}"
group: "{{ config_owner_group }}"
mode: "0770"
become: true
with_items:
- "bifrost"

Expand All @@ -14,6 +17,8 @@
- "{{ node_custom_config }}/{{ item }}.yml"
- "{{ node_custom_config }}/bifrost/{{ item }}.yml"
dest: "{{ node_config_directory }}/bifrost/{{ item }}.yml"
mode: "0660"
become: true
with_items:
- "bifrost"
- "dib"
Expand All @@ -23,13 +28,17 @@
template:
src: "{{ item }}"
dest: "{{ node_config_directory }}/bifrost/{{ item }}"
mode: "0660"
become: true
with_items:
- "rabbitmq-env.conf"

- name: Template ssh keys
template:
src: "{{ item.src }}"
dest: "{{ node_config_directory }}/bifrost/{{ item.dest }}"
mode: "0660"
become: true
with_items:
- { src: "id_rsa", dest: "id_rsa" }
- { src: "id_rsa.pub", dest: "id_rsa.pub" }
Expand Down
15 changes: 14 additions & 1 deletion ansible/roles/ceilometer/tasks/config.yml
View file
Expand Up @@ -3,7 +3,10 @@
file:
path: "{{ node_config_directory }}/{{ item.key }}"
state: "directory"
recurse: yes
owner: "{{ config_owner_user }}"
group: "{{ config_owner_group }}"
mode: "0770"
become: true
when:
- inventory_hostname in groups[item.value.group]
- item.value.enabled | bool
Expand All @@ -30,6 +33,8 @@
template:
src: "{{ item.key }}.json.j2"
dest: "{{ node_config_directory }}/{{ item.key }}/config.json"
mode: "0660"
become: true
register: ceilometer_config_jsons
when:
- inventory_hostname in groups[item.value.group]
Expand All @@ -51,6 +56,8 @@
- "{{ node_custom_config }}/ceilometer/{{ item.key }}.conf"
- "{{ node_custom_config }}/ceilometer/{{ inventory_hostname }}/ceilometer.conf"
dest: "{{ node_config_directory }}/{{ item.key }}/ceilometer.conf"
mode: "0660"
become: true
register: ceilometer_confs
when:
- item.value.enabled | bool
Expand All @@ -67,6 +74,8 @@
template:
src: "{{ item }}.j2"
dest: "{{ node_config_directory }}/ceilometer-notification/{{ item }}"
mode: "0660"
become: true
register: ceilometer_events
when:
- inventory_hostname in groups[service.group]
Expand Down Expand Up @@ -107,6 +116,8 @@
- "{{ node_custom_config }}/panko/panko.conf"
- "{{ node_custom_config }}/panko/{{ inventory_hostname }}/panko.conf"
dest: "{{ node_config_directory }}/{{ item.key }}/panko.conf"
mode: "0660"
become: true
register: panko_confs
when:
- enable_panko | bool
Expand Down Expand Up @@ -136,6 +147,8 @@
template:
src: "{{ ceilometer_policy_file_path }}"
dest: "{{ node_config_directory }}/{{ item.key }}/{{ ceilometer_policy_file }}"
mode: "0660"
become: true
register: policy_jsons
when:
- ceilometer_policy_file is defined
Expand Down
9 changes: 8 additions & 1 deletion ansible/roles/ceph/tasks/config.yml
View file
Expand Up @@ -3,7 +3,10 @@
file:
path: "{{ node_config_directory }}/{{ item }}"
state: "directory"
recurse: yes
owner: "{{ config_owner_user }}"
group: "{{ config_owner_group }}"
mode: "0770"
become: true
with_items:
- "ceph-mon"
- "ceph-osd"
Expand All @@ -16,6 +19,8 @@
template:
src: "{{ item.name }}.json.j2"
dest: "{{ node_config_directory }}/{{ item.name }}/config.json"
mode: "0660"
become: true
when:
- inventory_hostname in groups[item.group]
with_items:
Expand All @@ -41,6 +46,8 @@
- "{{ node_custom_config }}/ceph.conf"
- "{{ node_custom_config }}/ceph/{{ inventory_hostname }}/ceph.conf"
dest: "{{ node_config_directory }}/{{ item }}/ceph.conf"
mode: "0660"
become: true
with_items:
- "ceph-mon"
- "ceph-osd"
Expand Down
12 changes: 9 additions & 3 deletions ansible/roles/ceph/tasks/distribute_keyrings.yml
View file
Expand Up @@ -12,21 +12,25 @@
ceph_files: "{{ (ceph_files_json.stdout | from_json) }}"

- name: Pushing Ceph keyring for OSDs
become: true
bslurp:
src: "{{ item.content }}"
dest: "{{ node_config_directory }}/ceph-osd/{{ item.filename }}"
mode: 0600
sha1: "{{ item.sha1 }}"
mode: 0600
become: true
with_items:
- "{{ ceph_files['ceph.client.admin.keyring'] }}"
when: inventory_hostname in groups['ceph-osd']

- name: Pushing Ceph keyrings for Mons
become: true
bslurp:
src: "{{ item.content }}"
dest: "{{ node_config_directory }}/ceph-mon/{{ item.filename }}"
mode: 0600
sha1: "{{ item.sha1 }}"
mode: 0600
become: true
with_items:
- "{{ ceph_files['ceph.client.admin.keyring'] }}"
- "{{ ceph_files['ceph.client.mon.keyring'] }}"
Expand All @@ -35,11 +39,13 @@
when: inventory_hostname in groups['ceph-mon']

- name: Pushing Ceph keyrings for RGWs
become: true
bslurp:
src: "{{ item.content }}"
dest: "{{ node_config_directory }}/ceph-rgw/{{ item.filename }}"
mode: 0600
sha1: "{{ item.sha1 }}"
mode: 0600
become: true
with_items:
- "{{ ceph_files['ceph.client.admin.keyring'] }}"
- "{{ ceph_files['ceph.client.radosgw.keyring'] }}"
Expand Down
2 changes: 2 additions & 0 deletions ansible/roles/ceph/tasks/start_osds.yml
View file
Expand Up @@ -12,6 +12,7 @@
osds: "{{ (osd_lookup.stdout.split('localhost | SUCCESS => ')[1]|from_json).disks|from_json }}"

- name: Mounting Ceph OSD volumes
become: true
mount:
src: "UUID={{ item.fs_uuid }}"
fstype: "{{ ceph_osd_filesystem }}"
Expand All @@ -23,6 +24,7 @@
become_method: sudo

- name: Gathering OSD IDs
become: true
command: "cat /var/lib/ceph/osd/{{ item['fs_uuid'] }}/whoami"
with_items: "{{ osds }}"
register: id
Expand Down
9 changes: 8 additions & 1 deletion ansible/roles/chrony/tasks/config.yml
View file
Expand Up @@ -3,14 +3,19 @@
file:
path: "{{ node_config_directory }}/{{ item }}"
state: "directory"
recurse: yes
owner: "{{ config_owner_user }}"
group: "{{ config_owner_group }}"
mode: "0770"
become: true
with_items:
- "chrony"

- name: Copying over config.json files for services
template:
src: "{{ item }}.json.j2"
dest: "{{ node_config_directory }}/{{ item }}/config.json"
mode: "0660"
become: true
with_items:
- "chrony"
notify:
Expand All @@ -20,6 +25,8 @@
template:
src: "{{ item }}"
dest: "{{ node_config_directory }}/chrony/chrony.conf"
mode: "0660"
become: true
with_first_found:
- "{{ node_custom_config }}/chrony/{{ inventory_hostname }}/chrony.conf"
- "{{ node_custom_config }}/chrony/chrony.conf"
Expand Down
7 changes: 7 additions & 0 deletions ansible/roles/cinder/tasks/ceph.yml
View file
Expand Up @@ -7,6 +7,10 @@
file:
path: "{{ node_config_directory }}/{{ item.key }}"
state: "directory"
owner: "{{ config_owner_user }}"
group: "{{ config_owner_group }}"
mode: "0770"
become: true
when:
- item.value.enabled | bool
- inventory_hostname in groups[item.value.group]
Expand All @@ -24,6 +28,8 @@
- "{{ node_custom_config }}/ceph.conf"
- "{{ node_custom_config }}/ceph/{{ inventory_hostname }}/ceph.conf"
dest: "{{ node_config_directory }}/{{ item.key }}/ceph.conf"
mode: "0660"
become: true
when:
- item.value.enabled | bool
- inventory_hostname in groups[item.value.group]
Expand Down Expand Up @@ -67,6 +73,7 @@
content: "{{ item.content }}\n\r"
dest: "{{ node_config_directory }}/{{ item.service_name }}/ceph.client.{{ item.key_name }}.keyring"
mode: "0600"
become: true
with_items:
- { service_name: "cinder-volume", key_name: "cinder", content: "{{ cephx_key_cinder.stdout }}" }
- { service_name: "cinder-backup", key_name: "cinder", content: "{{ cephx_key_cinder.stdout }}" }
Expand Down
9 changes: 8 additions & 1 deletion ansible/roles/cinder/tasks/config.yml
View file
Expand Up @@ -3,7 +3,10 @@
file:
path: "{{ node_config_directory }}/{{ item.key }}"
state: "directory"
recurse: yes
owner: "{{ config_owner_user }}"
group: "{{ config_owner_group }}"
mode: "0770"
become: true
when:
- inventory_hostname in groups[item.value.group]
- item.value.enabled | bool
Expand All @@ -30,6 +33,8 @@
template:
src: "{{ item.key }}.json.j2"
dest: "{{ node_config_directory }}/{{ item.key }}/config.json"
mode: "0660"
become: true
register: cinder_config_jsons
when:
- inventory_hostname in groups[item.value.group]
Expand Down Expand Up @@ -69,6 +74,8 @@
- "{{ node_custom_config }}/cinder/{{ item.key }}.conf"
- "{{ node_custom_config }}/cinder/{{ inventory_hostname }}/cinder.conf"
dest: "{{ node_config_directory }}/{{ item.key }}/cinder.conf"
mode: "0660"
become: true
register: cinder_confs
when:
- item.value.enabled | bool
Expand Down

0 comments on commit 9965cc4

Please sign in to comment.