{"id":112,"sha1":"bef5c7c63ac2e56b06e188c4fe6c486aa4463257","playbook":{"id":2,"items":{"plays":18,"tasks":608,"results":2412,"hosts":15,"files":158,"records":0},"arguments":{"version":null,"verbosity":0,"private_key_file":null,"remote_user":null,"connection":"openstack.osa.ssh","timeout":null,"ssh_common_args":null,"sftp_extra_args":null,"scp_extra_args":null,"ssh_extra_args":null,"ask_pass":false,"connection_password_file":null,"force_handlers":true,"flush_cache":false,"become":false,"become_method":"sudo","become_user":null,"become_ask_pass":false,"become_password_file":null,"tags":["all"],"skip_tags":[],"check":false,"diff":false,"inventory":["/home/zuul/src/opendev.org/openstack/openstack-ansible/inventory/dynamic_inventory.py","/home/zuul/src/opendev.org/openstack/openstack-ansible/inventory/inventory.ini","/etc/openstack_deploy/inventory.ini"],"listhosts":false,"subset":null,"extra_vars":"Not saved by ARA as configured by 'ignored_arguments'","vault_ids":[],"ask_vault_pass":false,"vault_password_files":[],"forks":4,"module_path":null,"syntax":false,"listtasks":false,"listtags":false,"step":false,"start_at_task":null,"args":["setup-hosts.yml"]},"labels":[{"id":1,"name":"check:False"},{"id":2,"name":"tags:all"}],"started":"2025-12-08T13:40:18.992997Z","ended":"2025-12-08T13:50:25.791366Z","duration":"00:10:06.798369","name":null,"ansible_version":"2.18.6","client_version":"1.7.4","python_version":"3.12.11","server_version":"1.7.4","status":"completed","path":"/home/zuul/src/opendev.org/openstack/openstack-ansible/playbooks/setup-hosts.yml","controller":"aio1.openstack.local","user":"root"},"content":"---\n# Copyright 2017, Rackspace US, Inc.\n#\n# Licensed under the Apache License, Version 2.0 (the \"License\");\n# you may not use this file except in compliance with the License.\n# You may obtain a copy of the License at\n#\n#     http://www.apache.org/licenses/LICENSE-2.0\n#\n# Unless required by applicable law or agreed to in writing, software\n# distributed under the License is distributed on an \"AS IS\" BASIS,\n# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n# See the License for the specific language governing permissions and\n# limitations under the License.\n\n- name: Gather variables for each operating system\n  ansible.builtin.include_vars: \"{{ lookup('first_found', params) }}\"\n  vars:\n    params:\n      files:\n        - \"{{ ansible_facts['distribution'] | lower }}-{{ ansible_facts['distribution_version'] | lower }}.yml\"\n        - \"{{ ansible_facts['distribution'] | lower }}-{{ ansible_facts['distribution_major_version'] | lower }}.yml\"\n        - \"{{ ansible_facts['os_family'] | lower }}-{{ ansible_facts['distribution_major_version'] | lower }}.yml\"\n        - \"{{ ansible_facts['distribution'] | lower }}.yml\"\n        - \"{{ ansible_facts['os_family'] | lower }}.yml\"\n      paths:\n        - \"{{ role_path }}/vars\"\n      skip: true # skip if no files are found\n  tags:\n    - always\n\n- name: Install required repos and packages\n  when:\n    - systemd_networkd_distro_packages | length > 0\n  block:\n    # Copy all factored-in GPG keys.\n    # KeyID 2F86D6A1 from https://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-8\n    - name: If a keyfile is provided, copy the gpg keyfile to the key location\n      ansible.builtin.copy:\n        src: \"{{ item.keyfile }}\"\n        dest: \"{{ item.key }}\"\n        mode: \"0644\"\n      with_items: \"{{ systemd_networkd_package_repos_keys | selectattr('keyfile', 'defined') | list }}\"\n      when:\n        - ansible_facts['os_family'] | lower == 'redhat'\n\n    - name: Ensure GPG keys have the correct SELinux contexts applied\n      ansible.builtin.command: restorecon -Rv /etc/pki/rpm-gpg/\n      # TODO(evrardjp): Be more idempotent\n      changed_when: false\n      when:\n        - ansible_facts['os_family'] | lower == 'redhat'\n\n    # Handle gpg keys manually\n    - name: Install gpg keys\n      ansible.builtin.rpm_key:\n        key: \"{{ key.key }}\"\n        validate_certs: \"{{ key.validate_certs | default(omit) }}\"\n        state: \"{{ key.state | default('present') }}\"\n      with_items: \"{{ systemd_networkd_package_repos_keys }}\"\n      loop_control:\n        loop_var: key\n      register: _add_yum_keys\n      until: _add_yum_keys  is success\n      retries: 5\n      delay: 2\n      when:\n        - ansible_facts['os_family'] | lower == 'redhat'\n\n    - name: Install the EPEL repository\n      ansible.builtin.yum_repository:\n        name: \"{{ item.name }}\"\n        baseurl: \"{{ item.baseurl }}\"\n        description: \"{{ item.description }}\"\n        gpgkey: \"{{ item.gpgkey }}\"\n        gpgcheck: \"{{ item.gpgcheck }}\"\n        enabled: \"{{ item.enabled }}\"\n        state: \"{{ item.state }}\"\n        includepkgs: \"{{ item.includepkgs | default([]) }}\"\n      loop: \"{{ systemd_networkd_repos | default([]) }}\"\n      loop_control:\n        label: \"{{ item.name }}\"\n      when:\n        - ansible_facts['os_family'] | lower == 'redhat'\n      register: install_epel_repo\n      until: install_epel_repo  is success\n      retries: 5\n      delay: 2\n\n    - name: Install networkd distro packages\n      ansible.builtin.package:\n        name: \"{{ systemd_networkd_distro_packages | select() }}\"\n        state: \"present\"\n        update_cache: \"{{ (ansible_facts['pkg_mgr'] == 'apt') | ternary('yes', omit) }}\"\n        cache_valid_time: \"{{ (ansible_facts['pkg_mgr'] == 'apt') | ternary(600, omit) }}\"\n        enablerepo: \"{{ systemd_networkd_enablerepo | default(omit) }}\"\n      register: install_packages\n      until: install_packages is success\n      retries: 3\n      delay: 2\n      notify:\n        - Restart systemd-networkd\n\n- name: Create systemd-networkd directory\n  ansible.builtin.file:\n    path: \"/etc/systemd/network\"\n    state: directory\n    mode: \"0755\"\n  tags:\n    - systemd-networkd\n\n- name: Create systemd-resolved config\n  ansible.builtin.template:\n    src: \"systemd-resolved.conf.j2\"\n    dest: \"/etc/systemd/resolved.conf\"\n    owner: \"root\"\n    group: \"root\"\n    mode: \"0644\"\n  when:\n    - systemd_resolved | length > 0\n    - systemd_resolved_available | bool\n  notify:\n    - Restart systemd-resolved\n  tags:\n    - systemd-resolved\n\n- name: Find prefixed netdev and network files\n  ansible.builtin.find:\n    paths: \"/etc/systemd/network\"\n    patterns: \"*{{ systemd_networkd_prefix }}*.netdev,*{{ systemd_networkd_prefix }}*.network\"\n  register: networkd_files\n  when:\n    - systemd_interface_cleanup | bool\n  tags:\n    - systemd-networkd\n\n- name: Remove prefixed network files\n  ansible.builtin.file:\n    path: \"{{ item.path }}\"\n    state: absent\n  with_items: \"{{ networkd_files.files }}\"\n  when:\n    - systemd_interface_cleanup | bool\n  notify:\n    - Restart systemd-networkd\n  tags:\n    - systemd-networkd\n\n- name: Create systemd-networkd network device(s)\n  ansible.builtin.template:\n    src: \"systemd-netdev.j2\"\n    dest: \"/etc/systemd/network/{{ item.1.filename }}.netdev\"\n    owner: \"root\"\n    group: \"root\"\n    mode: \"0644\"\n  with_indexed_items: \"{{ _systemd_netdevs_named }}\"\n  notify:\n    - Restart systemd-networkd\n  tags:\n    - systemd-networkd\n\n- name: Create systemd-networkd network link(s)\n  openstack.config_template.config_template:\n    src: \"systemd-link.j2\"\n    dest: \"/etc/systemd/network/{{ item.1.filename }}.link\"\n    owner: \"root\"\n    group: \"root\"\n    mode: \"0644\"\n    config_overrides: \"{{ item.1.link_config_overrides | default(systemd_link_config_overrides) }}\"\n    config_type: \"ini\"\n  with_indexed_items: >-\n    {{\n      _systemd_networks_named | rejectattr('network_overrides_only', 'defined') +\n      _systemd_networks_named | selectattr('network_overrides_only', 'defined') | selectattr('network_overrides_only', 'false')\n    }}\n  notify:\n    - Update initramfs\n    - Restart systemd-networkd\n  tags:\n    - systemd-networkd\n\n- name: Create systemd-networkd network network(s)\n  openstack.config_template.config_template:\n    src: \"systemd-network.j2\"\n    dest: \"/etc/systemd/network/{{ item.1.filename }}.network\"\n    owner: \"root\"\n    group: \"root\"\n    mode: \"0644\"\n    config_overrides: \"{{ item.1.config_overrides | default({}) }}\"\n    config_type: \"ini\"\n  with_indexed_items: >-\n    {{\n      _systemd_networks_named | rejectattr('network_overrides_only', 'defined') +\n      _systemd_networks_named | selectattr('network_overrides_only', 'defined') | selectattr('network_overrides_only', 'false')\n    }}\n  notify:\n    - Restart systemd-networkd\n  tags:\n    - systemd-networkd\n\n- name: Create systemd-networkd extra config folder\n  ansible.builtin.file:\n    path: \"/etc/systemd/network/{{ item }}.network.d\"\n    owner: \"root\"\n    group: \"root\"\n    mode: \"0755\"\n    state: directory\n  loop: >-\n    {{\n      (\n        _systemd_networks_named | selectattr('static_routes', 'defined') +\n        _systemd_networks_named | selectattr('network_overrides_only', 'defined') | selectattr('network_overrides_only', 'true')\n      ) | map(attribute='filename')\n    }}\n\n- name: Create overrides files for network_overrides_only networks\n  openstack.config_template.config_template:\n    dest: \"/etc/systemd/network/{{ item.1.filename }}.network.d/overrides.conf\"\n    owner: \"root\"\n    group: \"root\"\n    mode: \"0644\"\n    config_overrides: \"{{ item.1.config_overrides | default({}) }}\"\n    config_type: \"ini\"\n  with_indexed_items: >-\n    {{ _systemd_networks_named | selectattr('network_overrides_only', 'defined') | selectattr('network_overrides_only', 'true') }}\n  notify:\n    - Restart systemd-networkd\n  tags:\n    - systemd-networkd\n\n- name: Place systemd-networkd routing policy rules\n  ansible.builtin.template:\n    src: systemd-network-rules.j2\n    dest: \"/etc/systemd/network/{{ item['filename'] }}.network.d/rules.conf\"\n    owner: \"root\"\n    group: \"root\"\n    mode: \"0644\"\n  loop: \"{{ _systemd_networks_named | selectattr('routing_rules', 'defined') }}\"\n  notify:\n    - Restart systemd-networkd\n\n- name: Place systemd-networkd network routes\n  ansible.builtin.template:\n    src: systemd-network-routes.j2\n    dest: \"/etc/systemd/network/{{ item['filename'] }}.network.d/routes.conf\"\n    owner: \"root\"\n    group: \"root\"\n    mode: \"0644\"\n  loop: \"{{ _systemd_networks_named | selectattr('static_routes', 'defined') }}\"\n  notify:\n    - Restart systemd-networkd\n\n- name: Restart systemd_networkd prior to applying sysctl changes\n  ansible.builtin.meta: flush_handlers\n\n- name: Add IP Forward for interface\n  ansible.posix.sysctl:\n    name: \"net.ipv4.conf.{{ item.1.interface }}.forwarding\"\n    value: 1\n    sysctl_set: true\n    state: present\n    reload: true\n  with_indexed_items: \"{{ _systemd_networks_named }}\"\n  when:\n    - (ansible_facts['os_family'] | lower) == 'redhat'\n    - item.1.ipforward | default(false) | bool\n","created":"2025-12-08T13:41:34.492962Z","updated":"2025-12-08T13:41:34.492974Z","path":"/home/zuul/src/opendev.org/openstack/ansible-role-systemd_networkd/tasks/main.yml"}