--- # Copyright 2014, Rackspace US, Inc. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. - name: create the system group group: name: "{{ glance_system_group_name }}" gid: "{{ glance_system_group_gid | default(omit) }}" state: "present" system: "yes" - name: Create the glance system user user: name: "{{ glance_system_user_name }}" uid: "{{ glance_system_user_uid | default(omit) }}" group: "{{ glance_system_group_name }}" comment: "{{ glance_system_comment }}" shell: "{{ glance_system_shell }}" system: "yes" createhome: "yes" home: "{{ glance_system_user_home }}" - name: Create glance NFS mount point(s) file: path: "{{ item.local_path }}" state: directory mode: "0755" with_items: "{{ glance_nfs_client }}" - name: Create glance dir file: path: "{{ item.path }}" state: directory owner: "{{ item.owner|default(glance_system_user_name) }}" group: "{{ item.group|default(glance_system_group_name) }}" mode: "{{ item.mode|default(omit) }}" with_items: - { path: "/openstack", mode: "0755", owner: "root", group: "root" } - { path: "/etc/glance", mode: "0750" } - { path: "/var/cache/glance" } - { path: "{{ glance_system_user_home }}" } - { path: "{{ glance_system_user_home }}/cache/api", mode: "0700" } - { path: "{{ glance_system_user_home }}/cache/registry" } - { path: "{{ glance_system_user_home }}/scrubber" } - name: Create glance images dir file: path: "{{ glance_system_user_home }}/images/" state: directory owner: "{{ glance_system_user_name }}" group: "{{ glance_system_group_name }}" mode: "0755" - name: Test for log directory or link shell: | if [ -h "/var/log/glance" ]; then chown -h {{ glance_system_user_name }}:{{ glance_system_group_name }} "/var/log/glance" chown -R {{ glance_system_user_name }}:{{ glance_system_group_name }} "$(readlink /var/log/glance)" else exit 1 fi register: log_dir failed_when: false changed_when: log_dir.rc != 0 - name: Create glance log dir file: path: "/var/log/glance" state: directory owner: "{{ glance_system_user_name }}" group: "{{ glance_system_group_name }}" mode: "0755" when: log_dir.rc != 0 - name: Install distro packages package: name: "{{ glance_distro_packages }}" state: "{{ glance_package_state }}" update_cache: "{{ (ansible_pkg_mgr in ['apt', 'zypper']) | ternary('yes', omit) }}" cache_valid_time: "{{ (ansible_pkg_mgr == 'apt') | ternary(cache_timeout, omit) }}" register: install_packages until: install_packages|success retries: 5 delay: 2 - name: Create developer mode constraint file copy: dest: "/opt/developer-pip-constraints.txt" content: | {% for item in glance_developer_constraints %} {{ item }} {% endfor %} when: glance_developer_mode | bool - name: Install requires pip packages pip: name: "{{ glance_requires_pip_packages }}" state: "{{ glance_pip_package_state }}" extra_args: >- {{ glance_developer_mode | ternary(pip_install_developer_constraints | default('--constraint /opt/developer-pip-constraints.txt'), '') }} {{ (pip_install_upper_constraints is defined) | ternary('--constraint ' + pip_install_upper_constraints | default(''),'') }} {{ pip_install_options | default('') }} register: install_packages until: install_packages|success retries: 5 delay: 2 - name: Retrieve checksum for venv download uri: url: "{{ glance_venv_download_url | replace('tgz', 'checksum') }}" return_content: yes register: glance_venv_checksum when: glance_venv_download | bool - name: Attempt venv download get_url: url: "{{ glance_venv_download_url }}" dest: "/var/cache/{{ glance_venv_download_url | basename }}" checksum: "sha1:{{ glance_venv_checksum.content | trim }}" register: glance_get_venv when: glance_venv_download | bool - name: Remove existing venv file: path: "{{ glance_bin | dirname }}" state: absent when: glance_get_venv | changed - name: Create glance venv dir file: path: "{{ glance_bin | dirname }}" state: directory register: glance_venv_dir when: glance_get_venv | changed - name: Unarchive pre-built venv unarchive: src: "/var/cache/{{ glance_venv_download_url | basename }}" dest: "{{ glance_bin | dirname }}" copy: "no" when: glance_get_venv | changed notify: - Manage LB - Restart glance services - name: Install pip packages pip: name: "{{ glance_pip_packages }}" state: "{{ glance_pip_package_state }}" virtualenv: "{{ glance_bin | dirname }}" virtualenv_site_packages: "no" extra_args: >- {{ glance_developer_mode | ternary(pip_install_developer_constraints | default('--constraint /opt/developer-pip-constraints.txt'), '') }} {{ (pip_install_upper_constraints is defined) | ternary('--constraint ' + pip_install_upper_constraints | default(''),'') }} {{ pip_install_options | default('') }} register: install_packages until: install_packages|success retries: 5 delay: 2 when: glance_get_venv | failed or glance_get_venv | skipped notify: - Manage LB - Restart glance services - name: Remove python from path first (CentOS, openSUSE) file: path: "{{ glance_bin | dirname }}/bin/python2.7" state: "absent" when: - ansible_pkg_mgr in ['yum', 'dnf', 'zypper'] - glance_get_venv | changed - name: Update virtualenv path shell: | find {{ glance_bin }} -name \*.pyc -delete sed -si '1s/^.*python.*$/#!{{ glance_bin | replace ('/','\/') }}\/python/' {{ glance_bin }}/* virtualenv {{ glance_bin | dirname }} when: glance_get_venv | changed tags: - skip_ansible_lint - name: Record the need for a service restart ini_file: dest: "/etc/ansible/facts.d/openstack_ansible.fact" section: glance option: need_service_restart value: True when: (glance_get_venv | changed) or (glance_venv_dir | changed) or (install_packages | changed) or (ansible_local is not defined) or ('openstack_ansible' not in ansible_local) or ('glance' not in ansible_local['openstack_ansible']) or ('need_service_restart' not in ansible_local['openstack_ansible']['glance']) - name: Record the venv tag deployed ini_file: dest: "/etc/ansible/facts.d/openstack_ansible.fact" section: glance option: venv_tag value: "{{ glance_venv_tag }}" - name: Create TEMP run dir file: path: "/var/run/{{ item.service_name }}" state: directory owner: "{{ glance_system_user_name }}" group: "{{ glance_system_group_name }}" mode: "02755" with_items: "{{ filtered_glance_services }}" - name: Create TEMP lock dir file: path: "/var/lock/{{ item.service_name }}" state: directory owner: "{{ glance_system_user_name }}" group: "{{ glance_system_group_name }}" mode: "02755" with_items: "{{ filtered_glance_services }}" - name: Create tmpfiles.d entry template: src: "glance-systemd-tmpfiles.j2" dest: "/etc/tmpfiles.d/openstack-{{ item.service_name }}.conf" mode: "0644" owner: "root" group: "root" with_items: "{{ filtered_glance_services }}" notify: - Manage LB - Restart glance services - name: Place the systemd init script config_template: src: "glance-systemd-init.j2" dest: "/etc/systemd/system/{{ item.service_name }}.service" mode: "0644" owner: "root" group: "root" config_overrides: "{{ item.init_config_overrides }}" config_type: "ini" with_items: "{{ filtered_glance_services }}" notify: - Manage LB - Restart glance services - name: Ensure uWSGI directory exists file: path: "/etc/uwsgi/" state: directory mode: "0711" - name: Apply uWSGI configuration config_template: src: "glance-uwsgi.ini.j2" dest: "/etc/uwsgi/{{ item.service_name }}.ini" mode: "0744" config_overrides: "{{ item.wsgi_overrides }}" config_type: ini with_items: "{{ filtered_glance_services }}" when: item.wsgi_app | default(False) notify: - Manage LB - Restart glance services