By default, Ansible injects a variable for every fact, prefixed with ansible_. This can result in a large number of variables for each host, which at scale can incur a performance penalty. Ansible provides a configuration option [0] that can be set to False to prevent this injection of facts. In this case, facts should be referenced via ansible_facts.<fact>. This change updates all references to Ansible facts within Kolla Ansible from using individual fact variables to using the items in the ansible_facts dictionary. This allows users to disable fact variable injection in their Ansible configuration, which may provide some performance improvement. This change disables fact variable injection in the ansible configuration used in CI, to catch any attempts to use the injected variables. [0] https://docs.ansible.com/ansible/latest/reference_appendices/config.html#inject-facts-as-vars Change-Id: I7e9d5c9b8b9164d4aee3abb4e37c8f28d98ff5d1 Partially-Implements: blueprint performance-improvements
161 lines
4.5 KiB
161 lines
4.5 KiB
- name: Update apt cache
update_cache: yes
become: True
when: ansible_facts.os_family == 'Debian'
# TODO(inc0): Gates don't seem to have ufw executable, check for it instead of ignore errors
- name: Set firewall default policy
become: True
state: disabled
policy: allow
when: ansible_facts.os_family == 'Debian'
ignore_errors: yes
- name: Check if firewalld is installed
command: rpm -q firewalld
register: firewalld_check
changed_when: false
failed_when: firewalld_check.rc > 1
warn: false
when: ansible_facts.os_family == 'RedHat'
- name: Disable firewalld
become: True
name: "{{ item }}"
enabled: false
state: stopped
- firewalld
- ansible_facts.os_family == 'RedHat'
- firewalld_check.rc == 0
# Upgrading docker engine may cause containers to stop. Take a snapshot of the
# running containers prior to a potential upgrade of Docker.
- name: Check which containers are running
command: docker ps -f 'status=running' -q
become: true
# If Docker is not installed this command may exit non-zero.
failed_when: false
changed_when: false
register: running_containers
# APT starts Docker engine right after installation, which creates
# iptables rules before we disable iptables in Docker config
- name: Check if docker systemd unit exists
path: /etc/systemd/system/docker.service
register: docker_unit_file
- name: Mask the docker systemd unit on Debian/Ubuntu
src: /dev/null
dest: /etc/systemd/system/docker.service
owner: root
group: root
state: link
become: true
- ansible_facts.os_family == 'Debian'
- not docker_unit_file.stat.exists
- name: Install apt packages
name: "{{ (debian_pkg_install | join(' ')).split() }}"
state: present
become: True
when: ansible_facts.os_family == 'Debian'
register: apt_install_result
- name: Install deltarpm packages
name: drpm
state: present
update_cache: yes
become: True
when: ansible_facts.os_family == 'RedHat'
- name: Install RPM packages
name: "{{ (redhat_pkg_install | join(' ')).split() }}"
state: present
update_cache: yes
become: True
when: ansible_facts.os_family == 'RedHat'
register: rpm_install_result
# If any packages were updated, and any containers were running, wait for the
# daemon to come up and start all previously running containers.
- block:
# At some point (at least on CentOS 7) Docker CE stopped starting
# automatically after an upgrade from legacy docker . Start it manually.
- name: Start docker
name: docker
state: started
enabled: yes
masked: no
become: True
- name: Wait for Docker to start
command: docker info
become: true
changed_when: false
register: result
until: result is success
retries: 6
delay: 10
- name: Ensure containers are running after Docker upgrade
command: "docker start {{ running_containers.stdout }}"
become: true
- install_result is changed
- running_containers.rc == 0
- running_containers.stdout != ''
install_result: "{{ rpm_install_result if ansible_facts.os_family == 'RedHat' else apt_install_result }}"
- name: Install latest pip in the virtualenv
# NOTE(hrw) pip 19.3 is first version complaining about being run with Python 2
name: pip>19.3
virtualenv: "{{ virtualenv }}"
virtualenv_site_packages: "{{ virtualenv_site_packages }}"
virtualenv_python: "python{{ host_python_version }}"
become: True
when: virtualenv is not none
- name: Install docker SDK for python
# NOTE(hrw) docker 2.4.2 is in kolla-ansible requirements
# NOTE(mnasiadka): docker 5.0.0 lacks six in deps but requires it
name: docker>=2.4.2,<5.0.0
executable: "{{ virtualenv is none | ternary('pip3', omit) }}"
virtualenv: "{{ virtualenv is none | ternary(omit, virtualenv) }}"
virtualenv_site_packages: "{{ virtualenv is none | ternary(omit, virtualenv_site_packages) }}"
virtualenv_python: "{{ virtualenv is none | ternary(omit, 'python' ~ host_python_version) }}"
become: True
- name: Remove packages
name: "{{ (ubuntu_pkg_removals | join(' ')).split() }}"
state: absent
become: True
when: ansible_facts.os_family == 'Debian'
- name: Remove packages
name: "{{ (redhat_pkg_removals | join(' ')).split() }}"
state: absent
become: True
when: ansible_facts.os_family == 'RedHat'