Conditionally set UID/GID for nova user/group

Deployers with shared storage systems must ensure that the nova
user and group have consistent UID's and GID's respectively. This
patch adds a configurable option for deployers to set a UID/GID
for the nova user and group. Warnings are provided in the
default/main.yml about the potential dangers of adjusting this
value on a production system

Docs and a release note will be proposed separately in the
OpenStack-Ansible main repository for this change.

Closes-Bug: 1544889

Change-Id: I881555a896455ce3c897d56a143a8a25c088880b

defaults/main.yml

@@ -45,13 +45,25 @@ nova_venv_download_url: http://127.0.0.1/venvs/untagged/ubuntu/nova.tgz
 
 nova_fatal_deprecations: False
 
-## System info
+## Nova user information
 nova_system_user_name: nova
 nova_system_group_name: nova
 nova_system_shell: /bin/bash
 nova_system_comment: nova system user
 nova_system_home_folder: "/var/lib/{{ nova_system_user_name }}"
 
+## Manually specified nova UID/GID
+# Deployers can specify a UID for the nova user as well as the GID for the
+# nova group if needed. This is commonly used in environments where shared
+# storage is used, such as NFS or GlusterFS, and nova UID/GID values must be
+# in sync between multiple servers.
+#
+# WARNING: Changing these values on an existing deployment can lead to
+#          failures, errors, and instability.
+#
+# nova_system_user_uid = <UID>
+# nova_system_group_gid = <GID>
+
 ## DB
 nova_galera_user: nova
 nova_galera_database: nova

tasks/nova_pre_install.yml

@@ -16,6 +16,7 @@
 - name: create the system group
   group:
     name: "{{ nova_system_group_name }}"
+    gid: "{{ nova_system_group_uid|default(omit) }}"
     state: "present"
     system: "yes"
   tags:
@@ -37,6 +38,7 @@
 - name: Create the nova system user
   user:
     name: "{{ nova_system_user_name }}"
+    uid: "{{ nova_system_user_uid|default(omit) }}"
     group: "{{ nova_system_group_name }}"
     comment: "{{ nova_system_comment }}"
     shell: "{{ nova_system_shell }}"