{"id":34,"sha1":"b887824458e5677beb029f596f4140a9ad64a609","playbook":{"id":2,"items":{"plays":18,"tasks":603,"results":2357,"hosts":15,"files":157,"records":0},"arguments":{"version":null,"verbosity":0,"private_key_file":null,"remote_user":null,"connection":"openstack.osa.ssh","timeout":null,"ssh_common_args":null,"sftp_extra_args":null,"scp_extra_args":null,"ssh_extra_args":null,"ask_pass":false,"connection_password_file":null,"force_handlers":true,"flush_cache":false,"become":false,"become_method":"sudo","become_user":null,"become_ask_pass":false,"become_password_file":null,"tags":["all"],"skip_tags":[],"check":false,"diff":false,"inventory":["/home/zuul/src/opendev.org/openstack/openstack-ansible/inventory/dynamic_inventory.py","/home/zuul/src/opendev.org/openstack/openstack-ansible/inventory/inventory.ini","/etc/openstack_deploy/inventory.ini"],"listhosts":false,"subset":null,"extra_vars":"Not saved by ARA as configured by 'ignored_arguments'","vault_ids":[],"ask_vault_pass":false,"vault_password_files":[],"forks":4,"module_path":null,"syntax":false,"listtasks":false,"listtags":false,"step":false,"start_at_task":null,"args":["setup-hosts.yml"]},"labels":[{"id":1,"name":"check:False"},{"id":2,"name":"tags:all"}],"started":"2025-12-14T10:04:43.190296Z","ended":"2025-12-14T10:14:53.851603Z","duration":"00:10:10.661307","name":null,"ansible_version":"2.18.6","client_version":"1.7.4","python_version":"3.13.5","server_version":"1.7.4","status":"completed","path":"/home/zuul/src/opendev.org/openstack/openstack-ansible/playbooks/setup-hosts.yml","controller":"aio1.openstack.local","user":"root"},"content":"---\n# Copyright 2014, Rackspace US, Inc.\n#\n# Licensed under the Apache License, Version 2.0 (the \"License\");\n# you may not use this file except in compliance with the License.\n# You may obtain a copy of the License at\n#\n#     http://www.apache.org/licenses/LICENSE-2.0\n#\n# Unless required by applicable law or agreed to in writing, software\n# distributed under the License is distributed on an \"AS IS\" BASIS,\n# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n# See the License for the specific language governing permissions and\n# limitations under the License.\n\n# Package cache\ncache_timeout: 600\n\n# /etc/openstack-release settings\nopenstack_distrib_id: \"OSA\"\nopenstack_distrib_release: \"{{ openstack_release | default('master') }}\"\nopenstack_distrib_code_name: \"Flamingo\"\nopenstack_distrib_description: \"OpenStack-Ansible\"\nopenstack_distrib_file: true\nopenstack_distrib_file_path: \"/etc/openstack-release\"\n\nopenstack_host_sysstat_enabled: true\nopenstack_host_sysstat_interval: 1\nopenstack_host_sysstat_statistics_hour: 23\n\n# Set the package install state for distribution packages\n# Options are 'present' and 'latest'\nopenstack_hosts_package_state: \"{{ package_state | default('present') }}\"\n\n## Enable/disable /etc/hosts file management on OSA managed hosts\n## You should make other arrangements for name resolution\n## of OSA containers and hosts if disabling these\nopenstack_host_manage_hosts_file: true\n## Enable/disable /etc/hosts file management on OSA deploy host\nopenstack_host_manage_deploy_hosts_file: true\n## Provide extra records to /etc/hosts file that would be added\n## to all hosts, if openstack_host_manage_hosts_file is true\n## Example:\n## openstack_host_custom_hosts_records:\n##   - '192.168.1.1 my.fqdn'\nopenstack_host_custom_hosts_records: []\n\n## kernel modules for specific group hosts\nopenstack_host_specific_kernel_modules: []\n# If you want to include some specific modules per group\n# of hosts, override this with a group/host var, like below:\n# openstack_host_specific_kernel_modules:\n#   - name: \"ebtables\"\n#     pattern: \"CONFIG_BRIDGE_NF_EBTABLES\"\n#   - name: vfio-pci\n#     condition: \"{{ nova_device_spec is defined and nova_device_spec | length > 0 }}\"\n#     params: \"ids={% for spec in nova_device_spec | default([]) %}{{ spec.vendor_id }}:{{ spec.product_id }}{% if not loop.last %},{% endif %}{% endfor %}\"\n## Where:\n## :param name: name of the kernel module\n## :param pattern: pattern to grep for in /boot/config-$kernel_version to check how module is configured inside kernel\n## Our default overrides will be combined with your overrides.\n\n## A simple list of kernel modules to blacklist\nopenstack_host_blacklist_kernel_modules: []\n\n# Command to update initramfs\nopenstack_host_initramfs_command: \"{{ _openstack_host_initramfs_command | default('true') }}\"\n\n# Custom options to define in GRUB_CMDLINE_LINUX_DEFAULT\n# openstack_host_custom_grub_options:\n#   - key: hugepagesz\n#     value: 2MB\n#   - key: nomodeset\n#   - key: gfxpayload\n#     value: text\n#     state: absent\nopenstack_host_custom_grub_options: {}\nopenstack_host_update_grub_command: \"{{ _openstack_host_update_grub_command }}\"\n\n# Overridable package list is composed of the old override\n# named user_package_list and the standard defaults _openstack_hosts_package_list\nopenstack_hosts_package_list: \"{{ _openstack_hosts_package_list + (user_package_list | default([])) }}\"\n\n# Overridable package repo is composed of the old override\n# named user_external_repo_lists and the standard defaults _package_repos\nopenstack_hosts_package_repos: \"{{ _package_repos + (user_external_repos_list | default([])) }}\"\n\n# Overridable package vendors is composed of the old override named\n# user_external_vendors_lists and the standard defaults\n# _package_vendors\nopenstack_hosts_package_vendors: \"{{ (_package_vendors | default([])) + (user_external_vendors_list | default([])) }}\"\n\n# Overridable package repo gpg is composed of the old override\n# named user_external_repo_keys_list and the standard defaults _package_repos_keys\nopenstack_hosts_package_repos_keys: \"{{ _package_repos_keys + (user_external_repo_keys_list | default([])) }}\"\n\n# Mappings from Ansible reported architecture to distro release architecture\nopenstack_architecture_mapping:\n  x86_64: amd64\n  ppc64le: ppc64el\n  s390x: s390x\n  armv7l: armhf\n  aarch64: arm64\n\n# The following garbage collection values are set to better support lots of neutron networks/routers.\n#  Used for setting the net.ipv4/6.neigh.default.gc_thresh* values. This assumes that facts were\n#  gathered to obtain the total amount of memory available on a given host. If no facts are gathered\n#  the default set will be 1024 unless its defined by the user.\ngc_val: \"{{ ansible_facts['memtotal_mb'] | default(1024) | bit_length_power_of_2 }}\"\n# The ste value has a Max allowable value of 8192 unless set by the user.\nset_gc_val: \"{{ gc_val if (gc_val | int <= 8192) else 8192 }}\"\n\n# Controls the shell search PATH environment variable dropped in\n# /etc/environment\nopenstack_host_environment_path:\n  - /usr/local/sbin\n  - /usr/local/bin\n  - /usr/sbin\n  - /usr/bin\n  - /sbin\n  - /bin\n  - /usr/games\n  - /usr/local/games\n\n# Allows the ability to override or add extra parameters to the systemd global config\n# that will be applied by default to all units\nopenstack_systemd_global_overrides: {}\n\n# Set the level of reverse path filtering to use\nopenstack_host_rp_filter_all: 0\nopenstack_host_rp_filter_default: 0\n\n# Set the maximum size of the connection tracking table.\nopenstack_host_nf_conntrack_max: 262144\n\n# System control kernel tuning\nopenstack_kernel_options:\n  - { key: \"fs.inotify.max_user_watches\", value: 1048576 }\n  - { key: \"net.ipv4.conf.all.rp_filter\", value: \"{{ openstack_host_rp_filter_all }}\" }\n  - { key: \"net.ipv4.conf.default.rp_filter\", value: \"{{ openstack_host_rp_filter_default }}\" }\n  - { key: \"net.ipv4.ip_forward\", value: 1 }\n  - { key: \"net.netfilter.nf_conntrack_max\", value: \"{{ openstack_host_nf_conntrack_max }}\" }\n  - { key: \"vm.dirty_background_ratio\", value: 5 }\n  - { key: \"vm.dirty_ratio\", value: 10 }\n  - { key: \"vm.swappiness\", value: 5 }\n  - { key: \"net.bridge.bridge-nf-call-ip6tables\", value: 1 }\n  - { key: \"net.bridge.bridge-nf-call-iptables\", value: 1 }\n  - { key: \"net.bridge.bridge-nf-call-arptables\", value: 1 }\n  - { key: \"net.ipv4.igmp_max_memberships\", value: 1024 }\n  - { key: \"net.ipv4.neigh.default.gc_thresh1\", value: \"{{ set_gc_val | int // 2 }}\" }\n  - { key: \"net.ipv4.neigh.default.gc_thresh2\", value: \"{{ set_gc_val | int }}\" }\n  - { key: \"net.ipv4.neigh.default.gc_thresh3\", value: \"{{ set_gc_val | int * 2 }}\" }\n  - { key: \"net.ipv4.route.gc_thresh\", value: \"{{ set_gc_val | int * 2 }}\" }\n  - { key: \"net.ipv4.neigh.default.gc_interval\", value: 60 }\n  - { key: \"net.ipv4.neigh.default.gc_stale_time\", value: 120 }\n  - { key: \"net.ipv6.neigh.default.gc_thresh1\", value: \"{{ set_gc_val | int // 2 }}\" }\n  - { key: \"net.ipv6.neigh.default.gc_thresh2\", value: \"{{ set_gc_val | int }}\" }\n  - { key: \"net.ipv6.neigh.default.gc_thresh3\", value: \"{{ set_gc_val | int * 2 }}\" }\n  - { key: \"net.ipv6.route.gc_thresh\", value: \"{{ set_gc_val | int * 2 }}\" }\n  - { key: \"net.ipv6.neigh.default.gc_interval\", value: 60 }\n  - { key: \"net.ipv6.neigh.default.gc_stale_time\", value: 120 }\n  - { key: \"net.ipv6.conf.lo.disable_ipv6\", value: 0 }\n  - { key: \"fs.aio-max-nr\", value: 131072 }\n\n# Optional user defined list of sysctl options in the same dict item format as\n# above.\nopenstack_user_kernel_options: []\n\n# User defined list of extra packages to install on all hosts and containers\nopenstack_host_extra_distro_packages: []\n\n# Overridable set of packages to install on all hosts and containers.\nopenstack_host_distro_packages: \"{{ _openstack_host_distro_packages }}\"\n\n# User defined list of extra packages to install on the host\nopenstack_host_extra_metal_distro_packages: []\n\n# Overridable set of packages to install on the host.\nopenstack_host_metal_distro_packages: \"{{ _openstack_host_metal_distro_packages }}\"\n\n# Set the openstack domain name\nopenstack_domain: openstack.local\n\n# Global environment variables should be empty by default\nglobal_environment_variables: {}\n\n# Set the default mode for the /etc/cron.d/sysstat file\nopenstack_host_sysstat_cron_mode: \"0755\"\n\n## Default repositories data\n# Set default mirror for CentOS repositories\n# NOTE(mhayden): Ensure that the full path to the 'centos' directory is used.\nopenstack_hosts_centos_mirror_url: \"{{ centos_mirror_url | default('http://mirror.centos.org/centos') }}\"\n# openstack_hosts_rdo_repo_type can be trunk or cloudsig\nopenstack_hosts_rdo_repo_type: trunk\nopenstack_hosts_rdo_mirror_url: \"https://trunk.rdoproject.org\"\nopenstack_hosts_rdo_repo_url: \"{{ _openstack_hosts_rdo_repo_url }}\"\nopenstack_hosts_rdo_deps_url: \"{{ _openstack_hosts_rdo_deps_url }}\"\nopenstack_hosts_power_tool_enable: >-\n  {{ ('repo_all' in groups or 'manila_all' in groups or 'gnocchi_all' in groups or install_method | default('source') == 'distro') }}\n\n# Keep a history of systemd journals on disk after reboots\nopenstack_host_keep_journals: true\n# Define arbitrary configration for systemd-journald\n# openstack_hosts_journald_config:\n#   SystemMaxFileSize: 100M\n#   SystemMaxUse: 4G\nopenstack_hosts_journald_config: {}\n# Enable/Disable the yum fastestmirror plugin\nopenstack_hosts_enable_yum_fastestmirror: true\n\n# user supplied list of CA certificates to copy to hosts from the deploy host\n# example:\n# - name: SnakeOilCorp.crt                             #the filename created on the target host (must be .crt on Ubuntu)\n#    src: /etc/ssl/certs/snake-oil-cert-latest.pem     #the source file on the deploy host\nopenstack_host_ca_certificates: []\n\n# Path to the file with trusted CA that will be used by python requests module\nopenstack_ca_bundle_path: \"{{ _openstack_ca_bundle_path }}\"\n\n# extra configuration for OS package manager\nopenstack_hosts_package_manager_default_conf: \"{{ _openstack_hosts_package_manager_default_conf | default('') }}\"\nopenstack_hosts_package_manager_extra_conf: \"\"\n\n# apt pins to apply to all hosts in the deployment\n# the default is to make ceph packages from UCA lower priority than those from the ubuntu distro repo\nopenstack_hosts_apt_pinned_packages:\n  - package: \"src:ceph\"\n    origin: \"ubuntu-cloud.archive.canonical.com\"\n    priority: 400\n  # NOTE(noonedeadpunk): Remove once https://bugs.launchpad.net/cloud-archive/+bug/2064798 sorted out\n  - package: \"python3-pluggy\"\n    release: Canonical,n={{ ansible_facts['lsb']['codename'] }}-updates/{{ openstack_distrib_code_name | lower }}\n    priority: 400\n\n# Define extra systemd services/networks/mounts\nopenstack_hosts_systemd_mounts: []\n# Systemd networks can be configured only on bare metal hosts\n# systemd-networkd role won't run inside containers.\nopenstack_hosts_systemd_networkd_devices: []\nopenstack_hosts_systemd_networkd_networks: []\nopenstack_hosts_systemd_networkd_prefix: openstack-net\nopenstack_hosts_systemd_services: []\nopenstack_hosts_systemd_slice: \"openstack-hosts\"\n\n# define this variable to specify directories that are 'safe' for git clone\n# during pip install, typically only required for CI jobs or when the\n# openstack service repos are pre-staged/bind-mounted into LXC containers\n# and referenced using the file:// method.\n# openstack_hosts_git_safe_directories:\n#   - \"*\"\n\nopenstack_hosts_sysctl_file: \"{{ openstack_sysctl_file | default('/etc/sysctl.conf') }}\"\n","created":"2025-12-14T10:04:43.792933Z","updated":"2025-12-14T10:04:43.792944Z","path":"/home/zuul/src/opendev.org/openstack/openstack-ansible-openstack_hosts/defaults/main.yml"}