Execution
Date
05 Dec 2025 13:22:31 +0000
Duration
00:00:50.80
Controller
aio1.openstack.local
User
root
Versions
Ansible
2.18.6
ara
1.7.4 / 1.7.4
Python
3.12.11
Summary
2
Hosts
72
Tasks
71
Results
7
Plays
97
Files
0
Records
File: /home/zuul/src/opendev.org/openstack/openstack-ansible-openstack_hosts/tasks/openstack_hosts_configure_dnf.yml
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 | --- # Copyright 2014, Rackspace US, Inc. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. - name: Configure dnf fastestmirror community.general.ini_file: path: /etc/dnf/dnf.conf section: main option: fastestmirror value: "{{ (openstack_hosts_enable_yum_fastestmirror | bool) | ternary('True', 'False') }}" no_extra_spaces: true mode: "0644" - name: Disable requiretty for root sudo on RHEL ansible.builtin.template: dest: /etc/sudoers.d/openstack-ansible owner: root group: root mode: "0440" src: sudoers.j2 # Copy all factored-in GPG keys. # KeyID 764429E6 from https://raw.githubusercontent.com/rdo-infra/centos-release-openstack/ocata-rdo/RPM-GPG-KEY-CentOS-SIG-Cloud # KeyID 61E8806C from keyserver for rdo-qemu-ev - name: If a keyfile is provided, copy the gpg keyfile to the key location ansible.builtin.copy: src: "{{ item.keyfile }}" dest: "{{ item.key }}" mode: "0644" with_items: "{{ openstack_hosts_package_repos_keys | selectattr('keyfile', 'defined') | list }}" - name: Ensure GPG keys have the correct SELinux contexts applied ansible.builtin.command: restorecon -Rv /etc/pki/rpm-gpg/ changed_when: false # Handle gpg keys manually - name: Install gpg keys ansible.builtin.rpm_key: key: "{{ key.key }}" validate_certs: "{{ key.validate_certs | default(omit) }}" state: "{{ key.state | default('present') }}" with_items: "{{ openstack_hosts_package_repos_keys }}" loop_control: loop_var: key register: _add_yum_keys until: _add_yum_keys is success retries: 5 delay: 2 - name: Add requirement packages (repositories gpg keys packages, toolkits...) ansible.builtin.package: name: "{{ openstack_hosts_package_list | rejectattr('state', 'equalto', 'absent') | map(attribute='name') | list }}" state: "{{ openstack_hosts_package_state }}" - name: Add dnf repositories if they do not exist ansible.builtin.yum_repository: name: "{{ repo.name }}" file: "{{ repo.file | default(omit) }}" description: "{{ repo.description | default(omit) }}" baseurl: "{{ repo.baseurl | default(omit) }}" mirrorlist: "{{ repo.mirrorlist | default(omit) }}" gpgkey: "{{ repo.gpgkey | default(omit) }}" gpgcheck: "{{ repo.gpgcheck | default(omit) }}" enabled: "{{ repo.enabled | default('yes') }}" exclude: "{{ repo.exclude | default(omit) }}" priority: "{{ repo.priority | default(99) }}" state: "{{ repo.state | default(omit) }}" module_hotfixes: "{{ repo.module_hotfixes | default(omit) }}" with_items: "{{ openstack_hosts_package_repos }}" loop_control: loop_var: repo register: _adding_repo until: _adding_repo is success retries: 5 delay: 2 - name: Add dnf extra conf ansible.builtin.blockinfile: block: "{{ openstack_hosts_package_manager_default_conf + openstack_hosts_package_manager_extra_conf }}" path: /etc/dnf/dnf.conf marker: "# {mark} OPENSTACK-ANSIBLE-OPENSTACK_HOSTS MANAGED BLOCK" create: true mode: "0644" when: - openstack_hosts_package_manager_extra_conf | length > 0 or openstack_hosts_package_manager_default_conf | length > 0 - name: Add rdo repositories via url for trunk based installation ansible.builtin.get_url: url: "{{ openstack_hosts_rdo_repo_url }}/delorean.repo" dest: /etc/yum.repos.d/rdo.repo mode: "0640" register: _get_repo until: _get_repo is success retries: 5 delay: 2 when: - (install_method | default('source')) == 'distro' - openstack_hosts_rdo_repo_type == 'trunk' - name: Install centos-release-openstack package for cloudsig based installation ansible.builtin.package: name: - centos-release-openstack-{{ openstack_distrib_code_name | lower }} when: - (install_method | default('source')) == 'distro' - openstack_hosts_rdo_repo_type == 'cloudsig' - name: Enable CodeReady Builder repository ansible.builtin.command: dnf config-manager --set-enabled "crb" changed_when: false when: - openstack_hosts_power_tool_enable | bool - ansible_facts['distribution_major_version'] | int >= 9 - name: Create SSL certificate and key directories ansible.builtin.file: path: "{{ item.path }}" state: directory owner: "{{ item.owner | default(root) }}" group: "{{ item.group | default(root) }}" mode: "{{ item.mode | default('0755') }}" with_items: - { path: "/etc/pki/tls/certs", owner: "root", group: "root" } - { path: "/etc/pki/tls/private", owner: "root", group: "root" } - name: Create SSL certificate and key directory symlinks ansible.builtin.file: src: "{{ item.src }}" dest: "{{ item.dest }}" state: "link" with_items: - { src: "/etc/pki/tls/certs", dest: "/etc/ssl/certs" } - { src: "/etc/pki/tls/private", dest: "/etc/ssl/private" } |