{"id":713,"sha1":"666298c03f41903952f6b0526ac710911e4929a4","playbook":{"id":4,"items":{"plays":107,"tasks":2438,"results":2413,"hosts":13,"files":511,"records":0},"arguments":{"version":null,"verbosity":0,"private_key_file":null,"remote_user":null,"connection":"openstack.osa.ssh","timeout":null,"ssh_common_args":null,"sftp_extra_args":null,"scp_extra_args":null,"ssh_extra_args":null,"ask_pass":false,"connection_password_file":null,"force_handlers":true,"flush_cache":false,"become":false,"become_method":"sudo","become_user":null,"become_ask_pass":false,"become_password_file":null,"tags":["all"],"skip_tags":[],"check":false,"diff":false,"inventory":["/home/zuul/src/opendev.org/openstack/openstack-ansible/inventory/dynamic_inventory.py","/home/zuul/src/opendev.org/openstack/openstack-ansible/inventory/inventory.ini","/etc/openstack_deploy/inventory.ini"],"listhosts":false,"subset":null,"extra_vars":"Not saved by ARA as configured by 'ignored_arguments'","vault_ids":[],"ask_vault_pass":false,"vault_password_files":[],"forks":4,"module_path":null,"syntax":false,"listtasks":false,"listtags":false,"step":false,"start_at_task":null,"args":["setup-openstack.yml"]},"labels":[{"id":1,"name":"check:False"},{"id":2,"name":"tags:all"}],"started":"2025-12-14T10:21:40.790759Z","ended":"2025-12-14T11:05:36.775743Z","duration":"00:43:55.984984","name":null,"ansible_version":"2.18.6","client_version":"1.7.4","python_version":"3.13.5","server_version":"1.7.4","status":"completed","path":"/home/zuul/src/opendev.org/openstack/openstack-ansible/playbooks/setup-openstack.yml","controller":"aio1.openstack.local","user":"root"},"content":"---\n# Copyright 2019, Rackspace US, Inc.\n#\n# Licensed under the Apache License, Version 2.0 (the \"License\");\n# you may not use this file except in compliance with the License.\n# You may obtain a copy of the License at\n#\n# http://www.apache.org/licenses/LICENSE-2.0\n#\n# Unless required by applicable law or agreed to in writing, software\n# distributed under the License is distributed on an \"AS IS\" BASIS,\n# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n# See the License for the specific language governing permissions and\n# limitations under the License.\n\n# Set the package install state for distribution packages\n# Options are 'present' and 'latest'\nmanila_package_state: \"{{ package_state | default('latest') }}\"\n\n# Set the host which will execute the shade modules\n# for the service setup. The host must already have\n# clouds.yaml properly configured.\nmanila_service_setup_host: \"{{ openstack_service_setup_host | default('localhost') }}\"\nmanila_service_setup_host_python_interpreter: >-\n {{\n openstack_service_setup_host_python_interpreter | default(\n (manila_service_setup_host == 'localhost') | ternary(ansible_playbook_python, ansible_facts['python']['executable']))\n }}\n\n# Set installation method.\nmanila_install_method: \"{{ service_install_method | default('source') }}\"\nmanila_venv_python_executable: \"{{ openstack_venv_python_executable | default('python3') }}\"\n\nmanila_git_repo: https://opendev.org/openstack/manila\nmanila_git_install_branch: master\nmanila_upper_constraints_url: >-\n {{ requirements_git_url | default('https://releases.openstack.org/constraints/upper/' ~ requirements_git_install_branch | default('master')) }}\nmanila_git_constraints:\n - \"--constraint {{ manila_upper_constraints_url }}\"\n\nmanila_pip_install_args: \"{{ pip_install_options | default('') }}\"\n\n# Name of the virtual env to deploy into\nmanila_venv_tag: \"{{ venv_tag | default('untagged') }}\"\nmanila_bin: \"{{ _manila_bin }}\"\n\n# Enable/Disable Ceilometer\nmanila_ceilometer_enabled: \"{{ (groups['ceilometer_all'] is defined) and (groups['ceilometer_all'] | length > 0) }}\"\n\nmanila_storage_availability_zone: nova\nmanila_default_availability_zone: \"{{ manila_storage_availability_zone }}\"\n\nmanila_management_address: 127.0.0.1\nmanila_uwsgi_bind_address: \"{{ openstack_service_bind_address | default('0.0.0.0') }}\"\n\nmanila_fatal_deprecations: false\n\n## Database info\nmanila_db_setup_host: \"{{ openstack_db_setup_host | default('localhost') }}\"\nmanila_db_setup_python_interpreter: >-\n {{\n openstack_db_setup_python_interpreter | default(\n (manila_db_setup_host == 'localhost') | ternary(ansible_playbook_python, ansible_facts['python']['executable']))\n }}\nmanila_galera_address: \"{{ galera_address | default('127.0.0.1') }}\"\nmanila_galera_user: manila\nmanila_galera_database: manila\nmanila_galera_use_ssl: \"{{ galera_use_ssl | default(False) }}\"\nmanila_galera_ssl_ca_cert: \"{{ galera_ssl_ca_cert | default('') }}\"\nmanila_galera_port: \"{{ galera_port | default('3306') }}\"\nmanila_db_max_overflow: \"{{ openstack_db_max_overflow | default('50') }}\"\nmanila_db_max_pool_size: \"{{ openstack_db_max_pool_size | default('5') }}\"\nmanila_db_pool_timeout: \"{{ openstack_db_pool_timeout | default('30') }}\"\nmanila_db_connection_recycle_time: \"{{ openstack_db_connection_recycle_time | default('600') }}\"\n\n## Oslo Messaging\n\n# RPC\nmanila_oslomsg_rpc_host_group: \"{{ oslomsg_rpc_host_group | default('rabbitmq_all') }}\"\nmanila_oslomsg_rpc_setup_host: \"{{ (manila_oslomsg_rpc_host_group in groups) | ternary(groups[manila_oslomsg_rpc_host_group][0], 'localhost') }}\"\nmanila_oslomsg_rpc_transport: \"{{ oslomsg_rpc_transport | default('rabbit') }}\"\nmanila_oslomsg_rpc_servers: \"{{ oslomsg_rpc_servers | default('127.0.0.1') }}\"\nmanila_oslomsg_rpc_port: \"{{ oslomsg_rpc_port | default('5672') }}\"\nmanila_oslomsg_rpc_use_ssl: \"{{ oslomsg_rpc_use_ssl | default(False) }}\"\nmanila_oslomsg_rpc_userid: manila\n# vhost name depends on value of oslomsg_rabbit_quorum_queues. In case quorum queues\n# are not used - vhost name will be prefixed with leading `/`.\nmanila_oslomsg_rpc_vhost:\n - name: /manila\n state: \"{{ manila_oslomsg_rabbit_quorum_queues | ternary('absent', 'present') }}\"\n - name: manila\n state: \"{{ manila_oslomsg_rabbit_quorum_queues | ternary('present', 'absent') }}\"\nmanila_oslomsg_rpc_ssl_version: \"{{ oslomsg_rpc_ssl_version | default('TLSv1_2') }}\"\nmanila_oslomsg_rpc_ssl_ca_file: \"{{ oslomsg_rpc_ssl_ca_file | default('') }}\"\nmanila_oslomsg_rpc_policies: []\n\n# Notify\nmanila_oslomsg_notify_configure: \"{{ oslomsg_notify_configure | default(manila_ceilometer_enabled) }}\"\nmanila_oslomsg_notify_host_group: \"{{ oslomsg_notify_host_group | default('rabbitmq_all') }}\"\nmanila_oslomsg_notify_setup_host: \"{{ (manila_oslomsg_notify_host_group in groups) | ternary(groups[manila_oslomsg_notify_host_group][0], 'localhost') }}\"\nmanila_oslomsg_notify_transport: \"{{ oslomsg_notify_transport | default('rabbit') }}\"\nmanila_oslomsg_notify_servers: \"{{ oslomsg_notify_servers | default('127.0.0.1') }}\"\nmanila_oslomsg_notify_port: \"{{ oslomsg_notify_port | default('5672') }}\"\nmanila_oslomsg_notify_use_ssl: \"{{ oslomsg_notify_use_ssl | default(False) }}\"\nmanila_oslomsg_notify_userid: \"{{ manila_oslomsg_rpc_userid }}\"\nmanila_oslomsg_notify_password: \"{{ manila_oslomsg_rpc_password }}\"\nmanila_oslomsg_notify_vhost: \"{{ manila_oslomsg_rpc_vhost }}\"\nmanila_oslomsg_notify_ssl_version: \"{{ oslomsg_notify_ssl_version | default('TLSv1_2') }}\"\nmanila_oslomsg_notify_ssl_ca_file: \"{{ oslomsg_notify_ssl_ca_file | default('') }}\"\nmanila_oslomsg_notify_policies: []\n\n## RabbitMQ integration\nmanila_oslomsg_rabbit_quorum_queues: \"{{ oslomsg_rabbit_quorum_queues | default(True) }}\"\nmanila_oslomsg_rabbit_stream_fanout: \"{{ oslomsg_rabbit_stream_fanout | default(manila_oslomsg_rabbit_quorum_queues) }}\"\nmanila_oslomsg_rabbit_transient_quorum_queues: \"{{ oslomsg_rabbit_transient_quorum_queues | default(manila_oslomsg_rabbit_stream_fanout) }}\"\nmanila_oslomsg_rabbit_qos_prefetch_count: \"{{ oslomsg_rabbit_qos_prefetch_count | default(manila_oslomsg_rabbit_stream_fanout | ternary(10, 0)) }}\"\nmanila_oslomsg_rabbit_queue_manager: \"{{ oslomsg_rabbit_queue_manager | default(manila_oslomsg_rabbit_quorum_queues) }}\"\nmanila_oslomsg_rabbit_quorum_delivery_limit: \"{{ oslomsg_rabbit_quorum_delivery_limit | default(0) }}\"\nmanila_oslomsg_rabbit_quorum_max_memory_bytes: \"{{ oslomsg_rabbit_quorum_max_memory_bytes | default(0) }}\"\n\n## Manila User / Group\nmanila_system_user_name: manila\nmanila_system_group_name: manila\nmanila_system_comment: manila system user\nmanila_system_shell: /bin/false\nmanila_system_home_folder: \"/var/lib/{{ manila_system_user_name }}\"\nmanila_system_slice_name: manila\n\n## Manually specified manila UID/GID\n# Deployers can specify a UID for the manila user as well as the GID for the\n# manila group if needed. This is commonly used in environments where shared\n# storage is used, such as NFS or GlusterFS, and manila UID/GID values must be\n# in sync between multiple servers.\n#\n# WARNING: Changing these values on an existing deployment can lead to\n# failures, errors, and instability.\n#\n# manila_system_user_uid = \n# manila_system_group_gid = \n\nmanila_lock_dir: \"{{ openstack_lock_dir | default('/run/lock') }}\"\n\n## Manila Auth\nmanila_service_admin_tenant_name: \"service\"\nmanila_service_admin_username: \"manila\"\n\n## Manila API's enabled\nmanila_enable_v2_api: true\n\n## Manila API check cert validation\nmanila_service_internaluri_insecure: false\n\n## Manila api service type and data\nmanila_service_name: manila\nmanila_service_project_domain_id: default\nmanila_service_user_domain_id: default\nmanila_service_user_name: manila\nmanila_service_project_name: service\nmanila_service_role_names:\n - admin\n - service\nmanila_service_token_roles:\n - service\nmanila_service_token_roles_required: \"{{ openstack_service_token_roles_required | default(True) }}\"\nmanila_service_region: \"{{ service_region | default('RegionOne') }}\"\nmanila_service_description: \"Openstack Shared File Systems\"\nmanila_service_port: 8786\nmanila_service_proto: http\nmanila_service_publicuri_proto: \"{{ openstack_service_publicuri_proto | default(manila_service_proto) }}\"\nmanila_service_adminuri_proto: \"{{ openstack_service_adminuri_proto | default(manila_service_proto) }}\"\nmanila_service_internaluri_proto: \"{{ openstack_service_internaluri_proto | default(manila_service_proto) }}\"\nmanila_service_type: share\nmanila_service_publicuri: \"{{ manila_service_publicuri_proto }}://{{ external_lb_vip_address }}:{{ manila_service_port }}\"\nmanila_service_publicurl: \"{{ manila_service_publicuri }}/v1/%(tenant_id)s\"\nmanila_service_adminuri: \"{{ manila_service_adminuri_proto }}://{{ internal_lb_vip_address }}:{{ manila_service_port }}\"\nmanila_service_adminurl: \"{{ manila_service_adminuri }}/v1/%(tenant_id)s\"\nmanila_service_internaluri: \"{{ manila_service_internaluri_proto }}://{{ internal_lb_vip_address }}:{{ manila_service_port }}\"\nmanila_service_internalurl: \"{{ manila_service_internaluri }}/v1/%(tenant_id)s\"\n\nmanila_service_v2_name: manilav2\nmanila_service_v2_port: 8786\nmanila_service_v2_proto: http\nmanila_service_v2_type: sharev2\nmanila_service_v2_description: \"Openstack Shared File Systems V2\"\nmanila_service_v2_publicuri: \"{{ manila_service_publicuri_proto }}://{{ external_lb_vip_address }}:{{ manila_service_port }}\"\nmanila_service_v2_publicurl: \"{{ manila_service_publicuri }}/v2/%(tenant_id)s\"\nmanila_service_v2_adminuri: \"{{ manila_service_adminuri_proto }}://{{ internal_lb_vip_address }}:{{ manila_service_port }}\"\nmanila_service_v2_adminurl: \"{{ manila_service_adminuri }}/v2/%(tenant_id)s\"\nmanila_service_v2_internaluri: \"{{ manila_service_internaluri_proto }}://{{ internal_lb_vip_address }}:{{ manila_service_port }}\"\nmanila_service_v2_internalurl: \"{{ manila_service_internaluri }}/v2/%(tenant_id)s\"\n\n## Keystone authentication middleware\nmanila_keystone_auth_plugin: \"{{ manila_keystone_auth_type }}\"\nmanila_keystone_auth_type: password\n\n## In order to enable the manila data you MUST set ``manila_service_data_program_enabled`` to \"true\"\nmanila_service_data_program_enabled: false\n\n## Cap the maximun number of threads / workers when a user value is unspecified.\nmanila_osapi_share_workers_max: 16\nmanila_osapi_share_workers: >-\n {{ [[(ansible_facts['processor_vcpus'] // ansible_facts['processor_threads_per_core']) | default(1), 1] | max * 2, manila_osapi_share_workers_max] | min }}\n\n## Manila RPC\nmanila_rpc_executor_thread_pool_size: 64\nmanila_rpc_response_timeout: 60\n\n# osprofiler\nmanila_profiler_enabled: false\n# manila_profiler_hmac_key is set in user_secrets.yml\nmanila_profiler_trace_sqlalchemy: false\n\n## Manila quota\nmanila_quota_shares: 50\nmanila_quota_snapshots: 50\nmanila_quota_gigabytes: 1000\nmanila_quota_snapshot_gigabytes: 1000\nmanila_quota_share_networks: 10\n\n## General configuration\n# manila_backends:\n# lvm:\n# share_backend_name: LVM\n# share_driver: manila.share.drivers.lvm.LVMShareDriver\n# driver_handles_share_servers: False\n# lvm_share_volume_group: manila_shares\n# lvm_share_export_ips: \nmanila_backends: {}\n\nmanila_enabled_share_protocols:\n - NFS\n - CEPHFS\n\nmanila_default_share_type: \"{{ _manila_default_share_type | default('') }}\"\n\nmanila_share_name_template: share-%s\n\n# manila_backend_lvm_inuse: True if current host has an lvm backend\nmanila_backend_lvm_inuse: \"{{ (manila_backends | to_json).find('lvm') != -1 }}\"\n# manila_backend_rbd_inuse: True if the current host has an rbd backend\nmanila_backend_rbd_inuse: \"{{ (manila_backends | to_json).find('manila.share.drivers.cephfs') != -1 }}\"\n\n## Policy vars\n# Provide a list of access controls to update the default policy.json with. These changes will be merged\n# with the access controls in the default policy.json. E.g.\n# manila_policy_overrides:\n# \"share:create\": \"\"\n# \"share:delete\": \"\"\n\nmanila_service_in_ldap: \"{{ service_ldap_backend_enabled | default(False) }}\"\n\n# Common pip packages\nmanila_pip_packages:\n - \"git+{{ manila_git_repo }}@{{ manila_git_install_branch }}#egg=manila\"\n - cryptography\n - ecdsa\n - httplib2\n - keystonemiddleware\n - osprofiler\n - PyMySQL\n - pymemcache\n - python-memcached\n - systemd-python\n\n# Memcached override\nmanila_memcached_servers: \"{{ memcached_servers }}\"\n\nmanila_user_pip_packages: []\n\nmanila_api_init_overrides: {}\nmanila_scheduler_init_overrides: {}\nmanila_share_init_overrides: {}\nmanila_data_init_overrides: {}\n\n## Service Name-Group Mapping\nmanila_services:\n manila-scheduler:\n group: manila_scheduler\n service_name: manila-scheduler\n init_config_overrides: \"{{ manila_scheduler_init_overrides }}\"\n start_order: 1\n execstarts: \"{{ manila_bin }}/manila-scheduler\"\n execreloads: \"/bin/kill -HUP $MAINPID\"\n manila-share:\n group: manila_share\n service_name: manila-share\n init_config_overrides: \"{{ manila_share_init_overrides }}\"\n start_order: 2\n execstarts: \"{{ manila_bin }}/manila-share\"\n execreloads: \"/bin/kill -HUP $MAINPID\"\n manila-data:\n group: manila_share\n service_name: manila-data\n init_config_overrides: \"{{ manila_data_init_overrides }}\"\n start_order: 3\n execstarts: \"{{ manila_bin }}/manila-data\"\n execreloads: \"/bin/kill -HUP $MAINPID\"\n manila-api:\n group: manila_api\n service_name: manila-api\n init_config_overrides: \"{{ manila_api_init_overrides }}\"\n start_order: 4\n wsgi_app: true\n wsgi: \"manila.wsgi.api:application\"\n uwsgi_overrides: \"{{ manila_api_uwsgi_ini_overrides }}\"\n uwsgi_port: \"{{ manila_service_port }}\"\n uwsgi_bind_address: \"{{ manila_uwsgi_bind_address }}\"\n uwsgi_tls: \"{{ manila_backend_ssl | ternary(manila_uwsgi_tls, {}) }}\"\n\n# Manila uWSGI settings\nmanila_wsgi_processes_max: 16\nmanila_wsgi_processes: \"{{ [[ansible_facts['processor_vcpus'] | default(1), 1] | max * 2, manila_wsgi_processes_max] | min }}\"\nmanila_wsgi_threads: 1\nmanila_wsgi_buffer_size: 65535\nmanila_uwsgi_tls:\n crt: \"{{ manila_ssl_cert }}\"\n key: \"{{ manila_ssl_key }}\"\n\n## Tunable overrides\nmanila_policy_overrides: {}\nmanila_rootwrap_conf_overrides: {}\nmanila_api_paste_ini_overrides: {}\nmanila_manila_conf_overrides: {}\nmanila_api_uwsgi_ini_overrides: {}\n\n# Manila keypair\n#\n# The following path ontains the keypair which will be used for SSH. It requires that\n# the same file with a trailing .pub exists as well if using an existing key. If this\n# is set and a key cannot be found it will generate one.\n#\n# manila_keypair_path: /etc/openstack_deploy/id_rsa\n\n###\n### Backend TLS\n###\n\n# Define if communication between haproxy and service backends should be\n# encrypted with TLS.\nmanila_backend_ssl: \"{{ openstack_service_backend_ssl | default(False) }}\"\n\n# Storage location for SSL certificate authority\nmanila_pki_dir: \"{{ openstack_pki_dir | default('/etc/openstack_deploy/pki') }}\"\n\n# Delegated host for operating the certificate authority\nmanila_pki_setup_host: \"{{ openstack_pki_setup_host | default('localhost') }}\"\n\n# manila server certificate\nmanila_pki_keys_path: \"{{ manila_pki_dir ~ '/certs/private/' }}\"\nmanila_pki_certs_path: \"{{ manila_pki_dir ~ '/certs/certs/' }}\"\nmanila_pki_intermediate_cert_name: \"{{ openstack_pki_service_intermediate_cert_name | default('ExampleCorpIntermediate') }}\"\nmanila_pki_regen_cert: \"\"\nmanila_pki_san: \"{{ openstack_pki_san | default('DNS:' ~ ansible_facts['hostname'] ~ ',IP:' ~ management_address) }}\"\nmanila_pki_certificates:\n - name: \"manila_{{ ansible_facts['hostname'] }}\"\n provider: ownca\n cn: \"{{ ansible_facts['hostname'] }}\"\n san: \"{{ manila_pki_san }}\"\n signed_by: \"{{ manila_pki_intermediate_cert_name }}\"\n\n# manila destination files for SSL certificates\nmanila_ssl_cert: /etc/manila/manila.pem\nmanila_ssl_key: /etc/manila/manila.key\n\n# Installation details for SSL certificates\nmanila_pki_install_certificates:\n - src: \"{{ manila_user_ssl_cert | default(manila_pki_certs_path ~ 'manila_' ~ ansible_facts['hostname'] ~ '-chain.crt') }}\"\n dest: \"{{ manila_ssl_cert }}\"\n owner: \"{{ manila_system_user_name }}\"\n group: \"{{ manila_system_user_name }}\"\n mode: \"0644\"\n - src: \"{{ manila_user_ssl_key | default(manila_pki_keys_path ~ 'manila_' ~ ansible_facts['hostname'] ~ '.key.pem') }}\"\n dest: \"{{ manila_ssl_key }}\"\n owner: \"{{ manila_system_user_name }}\"\n group: \"{{ manila_system_user_name }}\"\n mode: \"0600\"\n\n# Define user-provided SSL certificates\n# manila_user_ssl_cert: \n# manila_user_ssl_key: \n","created":"2025-12-14T10:21:56.004099Z","updated":"2025-12-14T10:21:56.004110Z","path":"/home/zuul/src/opendev.org/openstack/openstack-ansible-os_manila/defaults/main.yml"}