diff --git a/tasks/main.yml b/tasks/main.yml index 2c42e74..c2900fa 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -60,6 +60,7 @@ - octavia-install - include: octavia_mgmt_network.yml + run_once: true when: - octavia_neutron_management_network_uuid is not defined - octavia_neutron_management_network_name is defined diff --git a/tasks/octavia_mgmt_network.yml b/tasks/octavia_mgmt_network.yml index c2803d5..09cae20 100644 --- a/tasks/octavia_mgmt_network.yml +++ b/tasks/octavia_mgmt_network.yml @@ -13,70 +13,58 @@ # See the License for the specific language governing permissions and # limitations under the License. -- name: Create mgmt network - os_network: - auth: - auth_url: "{{ keystone_service_adminurl }}" - username: "{{ octavia_service_user_name }}" - password: "{{ octavia_service_password }}" - project_name: "{{ octavia_service_project_name }}" - user_domain_name: "{{ octavia_service_user_domain_id }}" - project_domain_name: "{{ octavia_service_project_domain_id }}" - endpoint_type: "{{ octavia_ansible_endpoint_type }}" - region_name: "{{ octavia_service_region }}" - validate_certs: "{{ keystone_service_adminuri_insecure }}" - auth_type: "{{ octavia_keystone_auth_plugin }}" - state: present - name: "{{ octavia_neutron_management_network_name }}" - provider_network_type: "{{ octavia_provider_network_type }}" - provider_physical_network: "{{ octavia_provider_network_name }}" - provider_segmentation_id: "{{ octavia_provider_segmentation_id | default(omit) }}" - run_once: True - when: - - octavia_service_net_setup +# We set the python interpreter to the ansible runtime venv if +# the delegation is to localhost so that we get access to the +# appropriate python libraries in that venv. If the delegation +# is to another host, we assume that it is accessible by the +# system python instead. +- name: Setup the network + delegate_to: "{{ octavia_service_setup_host }}" + vars: + ansible_python_interpreter: >- + {{ (octavia_service_setup_host == 'localhost') | ternary(ansible_playbook_python, ansible_python['executable']) }} + block: + - name: Create mgmt network + os_network: + cloud: default + state: present + region_name: "{{ octavia_service_region }}" + name: "{{ octavia_neutron_management_network_name }}" + provider_network_type: "{{ octavia_provider_network_type }}" + provider_physical_network: "{{ octavia_provider_network_name }}" + provider_segmentation_id: "{{ octavia_provider_segmentation_id | default(omit) }}" + endpoint_type: admin + verify: "{{ not keystone_service_adminuri_insecure }}" + when: + - octavia_service_net_setup | bool -- name: Ensure mgmt subnet exists - os_subnet: - auth: - auth_url: "{{ keystone_service_adminurl }}" - username: "{{ octavia_service_user_name }}" - password: "{{ octavia_service_password }}" - project_name: "{{ octavia_service_project_name }}" - user_domain_name: "{{ octavia_service_user_domain_id }}" - project_domain_name: "{{ octavia_service_project_domain_id }}" - endpoint_type: "{{ octavia_ansible_endpoint_type }}" - region_name: "{{ octavia_service_region }}" - validate_certs: "{{ keystone_service_adminuri_insecure }}" - auth_type: "{{ octavia_keystone_auth_plugin }}" - state: present - network_name: "{{ octavia_neutron_management_network_name }}" - name: "{{ octavia_neutron_management_network_name }}-subnet" - cidr: "{{ octavia_management_net_subnet_cidr }}" - enable_dhcp: "{{ octavia_management_net_dhcp }}" - allocation_pool_start: "{{ octavia_management_net_subnet_allocation_pools.split('-')[0] | default(omit) }}" - allocation_pool_end: "{{ octavia_management_net_subnet_allocation_pools.split('-')[1] | default(omit) }}" - run_once: True - when: - - octavia_service_net_setup + - name: Ensure mgmt subnet exists + os_subnet: + cloud: default + state: present + region_name: "{{ octavia_service_region }}" + network_name: "{{ octavia_neutron_management_network_name }}" + name: "{{ octavia_neutron_management_network_name }}-subnet" + cidr: "{{ octavia_management_net_subnet_cidr }}" + enable_dhcp: "{{ octavia_management_net_dhcp }}" + allocation_pool_start: "{{ octavia_management_net_subnet_allocation_pools.split('-')[0] | default(omit) }}" + allocation_pool_end: "{{ octavia_management_net_subnet_allocation_pools.split('-')[1] | default(omit) }}" + endpoint_type: admin + verify: "{{ not keystone_service_adminuri_insecure }}" + when: + - octavia_service_net_setup | bool -- name: Get neutron network - os_networks_facts: - auth: - auth_url: "{{ keystone_service_adminurl }}" - username: "{{ octavia_service_user_name }}" - password: "{{ octavia_service_password }}" - project_name: "{{ octavia_service_project_name }}" - user_domain_name: "{{ octavia_service_user_domain_id }}" - project_domain_name: "{{ octavia_service_project_domain_id }}" - endpoint_type: "{{ octavia_ansible_endpoint_type }}" - region_name: "{{ octavia_service_region }}" - validate_certs: "{{ keystone_service_adminuri_insecure }}" - auth_type: "{{ octavia_keystone_auth_plugin }}" - name: "{{ octavia_neutron_management_network_name }}" + - name: Get neutron network + os_networks_facts: + cloud: default + region_name: "{{ octavia_service_region }}" + name: "{{ octavia_neutron_management_network_name }}" + endpoint_type: admin + verify: "{{ not keystone_service_adminuri_insecure }}" -- name: Set provisioning UUID fact - set_fact: - octavia_neutron_management_network_uuid: "{{ openstack_networks[0].id }}" - when: - - octavia_neutron_management_network_uuid is not defined - - octavia_neutron_management_network_name is defined + - name: Set provisioning UUID fact + set_fact: + octavia_neutron_management_network_uuid: "{{ openstack_networks[0].id }}" + when: + - octavia_neutron_management_network_uuid is not defined + - octavia_neutron_management_network_name is defined