{"id":682,"sha1":"143c38d955047293e6d8a365d88a5d6492ee8ac2","playbook":{"id":4,"items":{"plays":107,"tasks":2438,"results":2413,"hosts":13,"files":511,"records":0},"arguments":{"version":null,"verbosity":0,"private_key_file":null,"remote_user":null,"connection":"openstack.osa.ssh","timeout":null,"ssh_common_args":null,"sftp_extra_args":null,"scp_extra_args":null,"ssh_extra_args":null,"ask_pass":false,"connection_password_file":null,"force_handlers":true,"flush_cache":false,"become":false,"become_method":"sudo","become_user":null,"become_ask_pass":false,"become_password_file":null,"tags":["all"],"skip_tags":[],"check":false,"diff":false,"inventory":["/home/zuul/src/opendev.org/openstack/openstack-ansible/inventory/dynamic_inventory.py","/home/zuul/src/opendev.org/openstack/openstack-ansible/inventory/inventory.ini","/etc/openstack_deploy/inventory.ini"],"listhosts":false,"subset":null,"extra_vars":"Not saved by ARA as configured by 'ignored_arguments'","vault_ids":[],"ask_vault_pass":false,"vault_password_files":[],"forks":4,"module_path":null,"syntax":false,"listtasks":false,"listtags":false,"step":false,"start_at_task":null,"args":["setup-openstack.yml"]},"labels":[{"id":1,"name":"check:False"},{"id":2,"name":"tags:all"}],"started":"2025-12-14T10:21:40.790759Z","ended":"2025-12-14T11:05:36.775743Z","duration":"00:43:55.984984","name":null,"ansible_version":"2.18.6","client_version":"1.7.4","python_version":"3.13.5","server_version":"1.7.4","status":"completed","path":"/home/zuul/src/opendev.org/openstack/openstack-ansible/playbooks/setup-openstack.yml","controller":"aio1.openstack.local","user":"root"},"content":"---\n\n- name: Ensure all pre-requisites are installed\n  package:\n    name: gnupg2\n    state: present\n\n- name: Ensure config-manager is present for dnf\n  package:\n    name: dnf-plugins-core\n    state: present\n  when:\n    - ansible_facts['os_family'] | lower == 'redhat'\n    - ansible_facts['distribution_major_version'] is version('8', '>=')\n\n- name: Enable HighAvailability repository\n  command: \"dnf config-manager --enable {{ _centos_ha_repo_name[ansible_facts['distribution_major_version']] }}\"\n  changed_when: false\n  when:\n    - ansible_facts['os_family'] | lower == 'redhat'\n\n- name: Installs corosync\n  package:\n    name: \"{{ item }}\"\n    state: present\n  with_items:\n    - corosync\n\n- name: Installs pacemaker\n  package:\n    name: \"{{ item }}\"\n    state: present\n  with_items:\n    - pacemaker\n  when: \"inventory_hostname in groups[pacemaker_corosync_group]\"\n\n- name: Installs pacemaker-remote\n  package:\n    name: \"{{ item }}\"\n    state: present\n  with_items:\n    - pacemaker-remote\n  when:\n    - _pacemaker_remote_group_exists\n    - \"inventory_hostname in groups[pacemaker_remote_group]\"\n\n- name: Install EPEL repo for CentOS\n  block:\n    - name: Download EPEL gpg keys\n      get_url:\n        url: \"{{ pacemaker_corosync_centos_epel_key }}\"\n        dest: /etc/pki/rpm-gpg\n      register: _get_yum_keys\n      until: _get_yum_keys is success\n      retries: 5\n      delay: 2\n\n    - name: Install EPEL gpg keys\n      rpm_key:\n        key: \"/etc/pki/rpm-gpg/{{ pacemaker_corosync_centos_epel_key.split('/')[-1] }}\"\n        state: present\n\n    - name: Install the EPEL repository\n      yum_repository:\n        name: epel-haveged\n        baseurl: \"{{ pacemaker_corosync_centos_epel_mirror ~ '/' ~ ansible_facts['distribution_major_version'] ~ (ansible_facts['distribution_major_version'] is version('8', '>=')) | ternary('/Everything/', '/') ~ ansible_facts['architecture'] }}\"\n        description: \"Extra Packages for Enterprise Linux {{ ansible_facts['distribution_major_version'] }} - $basearch\"\n        gpgcheck: yes\n        enabled: yes\n        state: present\n        includepkgs: \"haveged\"\n      register: install_epel_repo\n      until: install_epel_repo is success\n      retries: 5\n      delay: 2\n  when:\n    - pacemaker_corosync_haveged_enabled | bool\n    - ansible_facts['os_family'] | lower == 'redhat'\n\n- name: Install haveged\n  package:\n    name: haveged\n    state: present\n  when: pacemaker_corosync_haveged_enabled | bool\n\n- name: Generates corosync key\n  command: corosync-keygen\n  args:\n    creates: /etc/corosync/authkey\n  when: inventory_hostname == groups[pacemaker_corosync_group][0]\n  notify: Restart corosync\n\n- name: Generate tmpfile for authkey\n  tempfile:\n    state: file\n  register: authkey_tempfile\n  changed_when: False\n  check_mode: no\n  delegate_to: localhost\n  when: inventory_hostname != groups[pacemaker_corosync_group][0]\n\n- name: Fetch authkey for other nodes\n  fetch:\n    src: /etc/corosync/authkey\n    dest: \"{{ authkey_tempfile.path }}\"\n    flat: yes\n  delegate_to: \"{{ groups[pacemaker_corosync_group][0] }}\"\n  changed_when: False\n  check_mode: no\n  when: inventory_hostname != groups[pacemaker_corosync_group][0]\n\n- name: Copy authkey to other nodes\n  copy:\n    src: \"{{ authkey_tempfile.path }}\"\n    dest: /etc/corosync/authkey\n    mode: \"0400\"\n  when: inventory_hostname != groups[pacemaker_corosync_group][0]\n  notify: Restart corosync\n\n- name: Clean up tmpdir\n  file:\n    path: \"{{ authkey_tempfile.path }}\"\n    state: \"absent\"\n  changed_when: False\n  check_mode: no\n  delegate_to: localhost\n  when: inventory_hostname != groups[pacemaker_corosync_group][0]\n\n- name: Chowns authkeys\n  file:\n    path: /etc/corosync/authkey\n    mode: \"0400\"\n    owner: root\n  notify: Restart corosync\n\n- name: Creates corosync config\n  template:\n    src: corosync.conf.j2\n    dest: /etc/corosync/corosync.conf\n    mode: \"0400\"\n    owner: root\n  notify: Restart corosync\n\n- name: Creates log directory\n  file:\n    path: /var/log/corosync\n    state: directory\n    mode: \"0775\"\n  when: pacemaker_corosync_use_logfile | bool\n\n- name: Adds logrotate config for corosync\n  template:\n    src: corosync_logrotate.conf.j2\n    dest: /etc/logrotate.d/corosync\n    mode: \"0644\"\n    owner: root\n  when: pacemaker_corosync_use_logfile | bool\n\n- name: Creates services directory\n  file:\n    path: /etc/corosync/service.d/\n    state: directory\n    mode: \"0755\"\n\n- name: Adds pacemaker service\n  copy:\n    src: pcmk\n    dest: /etc/corosync/service.d/pcmk\n    owner: root\n    mode: \"0400\"\n  notify: Restart corosync\n\n- name: Adds ferm filtering\n  template:\n    src: \"ferm.j2\"\n    dest: /etc/ferm/filter-input.d/60_corosync.conf\n    mode: \"0640\"\n  when: ferm_enabled | default(false)\n  tags: ferm\n  notify: Restart ferm\n","created":"2025-12-14T10:21:54.515867Z","updated":"2025-12-14T10:21:54.515878Z","path":"/etc/ansible/roles/pacemaker_corosync/tasks/pacemaker.yml"}