openstack/openstack-ansible-os_glance
Code Issues Proposed changes
openstack-ansible-os_glance/handlers/main.yml
Kevin Carter 477d44cab9
Update glance NFS for systemd 
Systemd has the ability to manage mounts and ensure functionality
/ resource management. Using a systemd mount has the benifit of not
requiring writes to the legacy fstab file which can impact OS
functionality especially when deploying on baremetal. This change
moves the glance NFS mount to a systemd unit file allowing systemd
to manage it independently with no potentially breaking impact to
the underlying operating system.

Changes:
 - This PR corrects a long standing issue when using Glance+NFS where
   initial deployment would work but if the playbooks were run again
   it would fail due to the glance images location being an NFS mount
   point with a potentially different UID/GID. To correct this we stat
   the directory and if it does NOT exist it is created.
 - Following the nova pattern options have been provided to set the UID
   and GID of the glance user.
 - To ensure out NFS backend solution works with the installation of
   glance a test has been added to deploy glance using an NFS backend.
 - An upgrade task has been added to this commit to clean up legacy
   mounts, This task should be removed in R.

Change-Id: I716c9fe35391629532e67e212d45ea27a5422d1b
Signed-off-by: Kevin Carter <kevin.carter@rackspace.com>
2017-12-12 17:49:55 -06:00

121 lines
4.2 KiB
YAML
Raw Blame History

---
# Copyright 2015, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Start glance mount(s)
systemd:
daemon_reload: yes
name: "{{ item.local_path.lstrip('/') | replace('/', '-') }}.mount"
enabled: "yes"
state: "restarted"
with_items: "{{ glance_nfs_client }}"
- name: Stop services
service:
name: "{{ item.service_name }}"
enabled: yes
state: "stopped"
daemon_reload: "{{ (ansible_service_mgr == 'systemd') | ternary('yes', omit) }}"
with_items: "{{ filtered_glance_services }}"
register: _stop
until: _stop | success
retries: 5
delay: 2
listen: "Restart glance services"
# TODO(odyssey4me):
# Assuming glance-registry is removed in the S cycle as planned, this
# task can be removed in the T cycle.
# Note that this uses shell task because the unit may not exist. When it
# does not exist, the ansible task which stops/disables it fails and it
# is important that we see failures, but get failures in the right
# circumstances.
- name: Stop and disable glance-registry when it is no longer used
shell: |
return_code=0
if [[ "$(systemctl is-active {{ glance_services['glance-registry']['service_name'] }})" == "active" ]]; then
systemctl stop {{ glance_services['glance-registry']['service_name'] }}
return_code=2
fi
if [[ "$(systemctl is-enabled {{ glance_services['glance-registry']['service_name'] }})" == "enabled" ]]; then
systemctl disable {{ glance_services['glance-registry']['service_name'] }}
return_code=2
fi
exit ${return_code}
args:
executable: /bin/bash
when:
- not glance_services['glance-registry']['condition']
register: _remove_glance_service
changed_when: _remove_glance_service.rc == 2
failed_when: _remove_glance_service.rc not in [0, 2]
listen: "Restart glance services"
# This task causes ansible-lint to give a ANSIBLE0014
# error, which does not make much sense given how the
# environment variable is used in this case.
# TODO(odyssey4me):
# Try to understand the issue ansible-lint is trying
# to highlight and address it.
tags:
- skip_ansible_lint
# TODO(odyssey4me):
# Assuming glance-registry is removed in the S cycle as planned, this
# task can be removed in the T cycle.
- name: Clean up glance-registry init files when they are no longer needed
file:
path: "{{ item }}"
state: absent
with_items:
- "/etc/tmpfiles.d/openstack-{{ glance_services['glance-registry']['service_name'] }}.conf"
- "/etc/systemd/system/{{ glance_services['glance-registry']['service_name'] }}.service"
when:
- not glance_services['glance-registry']['condition']
listen: "Restart glance services"
# Note (odyssey4me):
# The policy.json file is currently read continually by the services
# and is not only read on service start. We therefore cannot template
# directly to the file read by the service because the new policies
# may not be valid until the service restarts. This is particularly
# important during a major upgrade. We therefore only put the policy
# file in place after the service has been stopped.
#
- name: Copy new policy file into place
copy:
src: "/etc/glance/policy.json-{{ glance_venv_tag }}"
dest: "/etc/glance/policy.json"
owner: "root"
group: "{{ glance_system_group_name }}"
mode: "0640"
remote_src: yes
listen: "Restart glance services"
- name: Start services
service:
name: "{{ item.service_name }}"
enabled: yes
state: "started"
daemon_reload: "{{ (ansible_service_mgr == 'systemd') | ternary('yes', omit) }}"
with_items: "{{ filtered_glance_services }}"
register: _start
until: _start | success
retries: 5
delay: 2
listen: "Restart glance services"
- meta: noop
listen: Manage LB
when: false
View Git Blame Copy Permalink