{"id":511,"sha1":"7e391656acb128934a4fd3f6e949823a79170fbc","playbook":{"id":4,"items":{"plays":32,"tasks":1505,"results":1497,"hosts":12,"files":487,"records":0},"arguments":{"version":null,"verbosity":0,"private_key_file":null,"remote_user":null,"connection":"openstack.osa.ssh","timeout":null,"ssh_common_args":null,"sftp_extra_args":null,"scp_extra_args":null,"ssh_extra_args":null,"ask_pass":false,"connection_password_file":null,"force_handlers":true,"flush_cache":false,"become":false,"become_method":"sudo","become_user":null,"become_ask_pass":false,"become_password_file":null,"tags":["all"],"skip_tags":[],"check":false,"diff":false,"inventory":["/home/zuul/src/opendev.org/openstack/openstack-ansible/inventory/dynamic_inventory.py","/home/zuul/src/opendev.org/openstack/openstack-ansible/inventory/inventory.ini","/etc/openstack_deploy/inventory.ini"],"listhosts":false,"subset":null,"extra_vars":"Not saved by ARA as configured by 'ignored_arguments'","vault_ids":[],"ask_vault_pass":false,"vault_password_files":[],"forks":4,"module_path":null,"syntax":false,"listtasks":false,"listtags":false,"step":false,"start_at_task":null,"args":["setup-openstack.yml"]},"labels":[{"id":1,"name":"check:False"},{"id":2,"name":"tags:all"}],"started":"2025-12-08T13:57:07.871967Z","ended":"2025-12-08T14:21:54.049657Z","duration":"00:24:46.177690","name":null,"ansible_version":"2.18.6","client_version":"1.7.4","python_version":"3.12.11","server_version":"1.7.4","status":"failed","path":"/home/zuul/src/opendev.org/openstack/openstack-ansible/playbooks/setup-openstack.yml","controller":"aio1.openstack.local","user":"root"},"content":"---\n# Copyright 2014, Rackspace US, Inc.\n#\n# Licensed under the Apache License, Version 2.0 (the \"License\");\n# you may not use this file except in compliance with the License.\n# You may obtain a copy of the License at\n#\n# http://www.apache.org/licenses/LICENSE-2.0\n#\n# Unless required by applicable law or agreed to in writing, software\n# distributed under the License is distributed on an \"AS IS\" BASIS,\n# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n# See the License for the specific language governing permissions and\n# limitations under the License.\n\n# The variables file used by the playbooks in the Heat-api group.\n# These don't have to be explicitly imported by vars_files: they are autopopulated.\n\n# Enable/Disable Ceilometer\nheat_ceilometer_enabled: \"{{ (groups['ceilometer_all'] is defined) and (groups['ceilometer_all'] | length > 0) }}\"\n\n## Verbosity Options\ndebug: false\n\n# Set the host which will execute the shade modules\n# for the service setup. The host must already have\n# clouds.yaml properly configured.\nheat_service_setup_host: \"{{ openstack_service_setup_host | default('localhost') }}\"\nheat_service_setup_host_python_interpreter: >-\n {{\n openstack_service_setup_host_python_interpreter | default(\n (heat_service_setup_host == 'localhost') | ternary(ansible_playbook_python, ansible_facts['python']['executable']))\n }}\n\n# Set the package install state for distribution packages\n# Options are 'present' and 'latest'\nheat_package_state: \"{{ package_state | default('latest') }}\"\n\n# Set installation method.\nheat_install_method: \"{{ service_install_method | default('source') }}\"\nheat_venv_python_executable: \"{{ openstack_venv_python_executable | default('python3') }}\"\n\nheat_git_repo: https://opendev.org/openstack/heat\nheat_git_install_branch: master\nheat_upper_constraints_url: >-\n {{ requirements_git_url | default('https://releases.openstack.org/constraints/upper/' ~ requirements_git_install_branch | default('master')) }}\nheat_git_constraints:\n - \"--constraint {{ heat_upper_constraints_url }}\"\n\nheat_pip_install_args: \"{{ pip_install_options | default('') }}\"\n\n# Name of the virtual env to deploy into\nheat_venv_tag: \"{{ venv_tag | default('untagged') }}\"\nheat_bin: \"{{ _heat_bin }}\"\n\nheat_fatal_deprecations: false\n\nheat_clients_endpoint: internalURL\nheat_clients_heat_endpoint: publicURL\n\n## Database info\nheat_db_setup_host: \"{{ openstack_db_setup_host | default('localhost') }}\"\nheat_db_setup_python_interpreter: >-\n {{\n openstack_db_setup_python_interpreter | default(\n (heat_db_setup_host == 'localhost') | ternary(ansible_playbook_python, ansible_facts['python']['executable']))\n }}\nheat_galera_address: \"{{ galera_address | default('127.0.0.1') }}\"\nheat_galera_user: heat\nheat_galera_database: heat\nheat_galera_use_ssl: \"{{ galera_use_ssl | default(False) }}\"\nheat_galera_ssl_ca_cert: \"{{ galera_ssl_ca_cert | default('') }}\"\nheat_galera_port: \"{{ galera_port | default('3306') }}\"\nheat_db_max_overflow: \"{{ openstack_db_max_overflow | default('50') }}\"\nheat_db_max_pool_size: \"{{ openstack_db_max_pool_size | default('5') }}\"\nheat_db_pool_timeout: \"{{ openstack_db_pool_timeout | default('30') }}\"\nheat_db_connection_recycle_time: \"{{ openstack_db_connection_recycle_time | default('600') }}\"\n\n## Oslo Messaging Info\n# RPC\nheat_oslomsg_rpc_host_group: \"{{ oslomsg_rpc_host_group | default('rabbitmq_all') }}\"\nheat_oslomsg_rpc_setup_host: \"{{ (heat_oslomsg_rpc_host_group in groups) | ternary(groups[heat_oslomsg_rpc_host_group][0], 'localhost') }}\"\nheat_oslomsg_rpc_transport: \"{{ oslomsg_rpc_transport | default('rabbit') }}\"\nheat_oslomsg_rpc_servers: \"{{ oslomsg_rpc_servers | default('127.0.0.1') }}\"\nheat_oslomsg_rpc_port: \"{{ oslomsg_rpc_port | default('5672') }}\"\nheat_oslomsg_rpc_use_ssl: \"{{ oslomsg_rpc_use_ssl | default(False) }}\"\nheat_oslomsg_rpc_userid: heat\nheat_oslomsg_rpc_policies: []\nheat_oslomsg_rpc_vhost:\n - name: /heat\n state: \"{{ heat_oslomsg_rabbit_quorum_queues | ternary('absent', 'present') }}\"\n - name: heat\n state: \"{{ heat_oslomsg_rabbit_quorum_queues | ternary('present', 'absent') }}\"\n\nheat_oslomsg_rpc_ssl_version: \"{{ oslomsg_rpc_ssl_version | default('TLSv1_2') }}\"\nheat_oslomsg_rpc_ssl_ca_file: \"{{ oslomsg_rpc_ssl_ca_file | default('') }}\"\n\n# Notify\nheat_oslomsg_notify_configure: \"{{ oslomsg_notify_configure | default(heat_ceilometer_enabled) }}\"\nheat_oslomsg_notify_host_group: \"{{ oslomsg_notify_host_group | default('rabbitmq_all') }}\"\nheat_oslomsg_notify_setup_host: \"{{ (heat_oslomsg_notify_host_group in groups) | ternary(groups[heat_oslomsg_notify_host_group][0], 'localhost') }}\"\nheat_oslomsg_notify_transport: \"{{ oslomsg_notify_transport | default('rabbit') }}\"\nheat_oslomsg_notify_servers: \"{{ oslomsg_notify_servers | default('127.0.0.1') }}\"\nheat_oslomsg_notify_port: \"{{ oslomsg_notify_port | default('5672') }}\"\nheat_oslomsg_notify_use_ssl: \"{{ oslomsg_notify_use_ssl | default(False) }}\"\nheat_oslomsg_notify_userid: \"{{ heat_oslomsg_rpc_userid }}\"\nheat_oslomsg_notify_password: \"{{ heat_oslomsg_rpc_password }}\"\nheat_oslomsg_notify_vhost: \"{{ heat_oslomsg_rpc_vhost }}\"\nheat_oslomsg_notify_ssl_version: \"{{ oslomsg_notify_ssl_version | default('TLSv1_2') }}\"\nheat_oslomsg_notify_ssl_ca_file: \"{{ oslomsg_notify_ssl_ca_file | default('') }}\"\nheat_oslomsg_notify_policies: []\n\n## RabbitMQ integration\nheat_oslomsg_rabbit_quorum_queues: \"{{ oslomsg_rabbit_quorum_queues | default(True) }}\"\nheat_oslomsg_rabbit_stream_fanout: \"{{ oslomsg_rabbit_stream_fanout | default(heat_oslomsg_rabbit_quorum_queues) }}\"\nheat_oslomsg_rabbit_transient_quorum_queues: \"{{ oslomsg_rabbit_transient_quorum_queues | default(heat_oslomsg_rabbit_stream_fanout) }}\"\nheat_oslomsg_rabbit_qos_prefetch_count: \"{{ oslomsg_rabbit_qos_prefetch_count | default(heat_oslomsg_rabbit_stream_fanout | ternary(10, 0)) }}\"\nheat_oslomsg_rabbit_queue_manager: \"{{ oslomsg_rabbit_queue_manager | default(heat_oslomsg_rabbit_quorum_queues) }}\"\nheat_oslomsg_rabbit_quorum_delivery_limit: \"{{ oslomsg_rabbit_quorum_delivery_limit | default(0) }}\"\nheat_oslomsg_rabbit_quorum_max_memory_bytes: \"{{ oslomsg_rabbit_quorum_max_memory_bytes | default(0) }}\"\n\n## Heat User / Group\nheat_system_user_name: heat\nheat_system_group_name: heat\nheat_system_shell: /bin/false\nheat_system_comment: heat system user\nheat_system_home_folder: \"/var/lib/{{ heat_system_user_name }}\"\n\n## Default domain\nheat_project_domain_name: Default\nheat_project_name: admin\nheat_user_domain_name: Default\n\n## Stack\nheat_stack_domain_admin: stack_domain_admin\nheat_stack_owner_name: heat_stack_owner\nheat_stack_domain_description: Owns users and projects created by heat\nheat_stack_user_domain_name: heat\nheat_max_nested_stack_depth: 5\n\nheat_trusts_delegated_roles: []\n\n## Cinder backups\nheat_cinder_backups_enabled: false\n\n# osprofiler\nheat_profiler_enabled: false\nheat_profiler_trace_sqlalchemy: false\n\n## Auth\nheat_service_region: \"{{ service_region | default('RegionOne') }}\"\nheat_service_project_name: \"service\"\nheat_service_user_name: \"heat\"\nheat_service_role_names:\n - admin\n - service\nheat_service_token_roles:\n - service\nheat_service_token_roles_required: \"{{ openstack_service_token_roles_required | default(True) }}\"\nheat_service_project_domain_id: default\nheat_service_user_domain_id: default\nheat_keystone_auth_plugin: password\n\n## Trustee Auth\nheat_service_trustee_project_name: \"service\"\nheat_service_trustee_user_name: \"heat\"\nheat_service_trustee_password: \"{{ heat_service_password }}\"\nheat_service_trustee_project_domain_id: \"default\"\nheat_service_trustee_user_domain_id: \"default\"\nheat_keystone_trustee_auth_plugin: \"{{ heat_keystone_trustee_auth_type }}\"\nheat_keystone_trustee_auth_type: password\n\n## Heat api service type and data\nheat_service_name: heat\nheat_service_description: \"Heat Orchestration Service\"\nheat_service_port: 8004\nheat_service_proto: http\nheat_service_publicuri_proto: \"{{ openstack_service_publicuri_proto | default(heat_service_proto) }}\"\nheat_service_adminuri_proto: \"{{ openstack_service_adminuri_proto | default(heat_service_proto) }}\"\nheat_service_internaluri_proto: \"{{ openstack_service_internaluri_proto | default(heat_service_proto) }}\"\nheat_service_type: orchestration\nheat_service_publicuri: \"{{ heat_service_publicuri_proto }}://{{ external_lb_vip_address }}:{{ heat_service_port }}\"\nheat_service_publicurl: \"{{ heat_service_publicuri }}/v1/%(tenant_id)s\"\nheat_service_adminuri: \"{{ heat_service_adminuri_proto }}://{{ internal_lb_vip_address }}:{{ heat_service_port }}\"\nheat_service_adminurl: \"{{ heat_service_adminuri }}/v1/%(tenant_id)s\"\nheat_service_internaluri: \"{{ heat_service_internaluri_proto }}://{{ internal_lb_vip_address }}:{{ heat_service_port }}\"\nheat_service_internalurl: \"{{ heat_service_internaluri }}/v1/%(tenant_id)s\"\n\n## Heat api cfn service type and data\nheat_cfn_service_name: heat-cfn\nheat_cfn_service_description: \"Heat CloudFormation Service\"\nheat_cfn_service_port: 8000\nheat_cfn_service_proto: http\nheat_cfn_service_publicuri_proto: \"{{ openstack_service_publicuri_proto | default(heat_cfn_service_proto) }}\"\nheat_cfn_service_adminuri_proto: \"{{ openstack_service_adminuri_proto | default(heat_cfn_service_proto) }}\"\nheat_cfn_service_internaluri_proto: \"{{ openstack_service_internaluri_proto | default(heat_cfn_service_proto) }}\"\nheat_cfn_service_type: cloudformation\nheat_cfn_service_publicuri: \"{{ heat_cfn_service_publicuri_proto }}://{{ external_lb_vip_address }}:{{ heat_cfn_service_port }}\"\nheat_cfn_service_publicurl: \"{{ heat_cfn_service_publicuri }}/v1\"\nheat_cfn_service_adminuri: \"{{ heat_cfn_service_adminuri_proto }}://{{ internal_lb_vip_address }}:{{ heat_cfn_service_port }}\"\nheat_cfn_service_adminurl: \"{{ heat_cfn_service_adminuri }}/v1\"\nheat_cfn_service_internaluri: \"{{ heat_cfn_service_internaluri_proto }}://{{ internal_lb_vip_address }}:{{ heat_cfn_service_port }}\"\nheat_cfn_service_internalurl: \"{{ heat_cfn_service_internaluri }}/v1\"\n\n## Heat wait and metadata server\nheat_waitcondition_server_uri: \"{{ heat_cfn_service_publicuri_proto }}://{{ external_lb_vip_address }}:{{ heat_cfn_service_port }}\"\nheat_waitcondition_server_url: \"{{ heat_waitcondition_server_uri }}/v1/waitcondition\"\nheat_metadata_server_url: \"{{ heat_cfn_service_publicuri_proto }}://{{ external_lb_vip_address }}:{{ heat_cfn_service_port }}\"\n\n# If the following variables are unset in user_variables, the value set will be half the number of available VCPUs\n# heat_engine_workers: 4\n# heat_api_workers: 4\n\n## Cap the maximum number of threads / workers when a user value is unspecified.\nheat_api_threads_max: 16\nheat_api_threads: >-\n {{ [[(ansible_facts['processor_vcpus'] // ansible_facts['processor_threads_per_core']) | default(1), 1] | max * 2, heat_api_threads_max] | min }}\n\nheat_service_in_ldap: \"{{ service_ldap_backend_enabled | default(False) }}\"\n\n## Plugin dirs\nheat_plugin_dirs:\n - /usr/lib/heat\n - /usr/local/lib/heat\n\n## Policy vars\n# Provide a list of access controls to update the default policy.json with. These changes will be merged\n# with the access controls in the default policy.json. E.g.\n# heat_policy_overrides:\n# \"cloudformation:ListStacks\": \"rule:deny_stack_user\"\n# \"cloudformation:CreateStack\": \"rule:deny_stack_user\"\n\n# Common pip packages\nheat_pip_packages:\n - cryptography\n - \"git+{{ heat_git_repo }}@{{ heat_git_install_branch }}#egg=openstack-heat\"\n - keystonemiddleware\n - osprofiler\n - PyMySQL\n - pymemcache\n - python-glanceclient\n - python-heatclient\n - python-keystoneclient\n - python-memcached\n - python-neutronclient\n - python-novaclient\n - python-openstackclient\n - python-swiftclient\n - python-troveclient\n - systemd-python\n\n# Memcached override\nheat_memcached_servers: \"{{ memcached_servers }}\"\n\n# Specific pip packages provided by the user\nheat_user_pip_packages: []\n\nheat_api_init_overrides: {}\nheat_api_cfn_init_overrides: {}\nheat_engine_init_overrides: {}\n## Service Name-Group Mapping\nheat_services:\n heat-api:\n group: heat_api\n service_name: heat-api\n init_config_overrides: \"{{ heat_api_init_overrides }}\"\n start_order: 2\n wsgi_app: true\n wsgi: \"heat.wsgi.api:application\"\n uwsgi_overrides: \"{{ heat_api_uwsgi_ini_overrides }}\"\n uwsgi_port: \"{{ heat_service_port }}\"\n uwsgi_bind_address: \"{{ heat_api_uwsgi_bind_address }}\"\n uwsgi_tls: \"{{ heat_backend_ssl | ternary(heat_uwsgi_tls, {}) }}\"\n heat-api-cfn:\n group: heat_api_cfn\n service_name: heat-api-cfn\n init_config_overrides: \"{{ heat_api_cfn_init_overrides }}\"\n start_order: 3\n wsgi_app: true\n wsgi: \"heat.wsgi.cfn:application\"\n uwsgi_overrides: \"{{ heat_api_cfn_uwsgi_ini_overrides }}\"\n uwsgi_port: \"{{ heat_cfn_service_port }}\"\n uwsgi_bind_address: \"{{ heat_api_cfn_uwsgi_bind_address }}\"\n uwsgi_tls: \"{{ heat_backend_ssl | ternary(heat_uwsgi_tls, {}) }}\"\n heat-engine:\n group: heat_engine\n service_name: heat-engine\n execstarts: \"{{ heat_bin }}/heat-engine\"\n init_config_overrides: \"{{ heat_engine_init_overrides }}\"\n start_order: 1\n\n# Required secrets for the role\nheat_required_secrets:\n - keystone_auth_admin_password\n - heat_stack_domain_admin_password\n - heat_auth_encryption_key\n - heat_container_mysql_password\n - heat_rabbitmq_password\n - heat_service_password\n - memcached_encryption_key\n\n# uWSGI Settings\nheat_api_uwsgi_ini_overrides: {}\nheat_api_cfn_uwsgi_ini_overrides: {}\nheat_wsgi_processes_max: 16\nheat_wsgi_processes: \"{{ [[ansible_facts['processor_vcpus'] | default(1), 1] | max * 2, heat_wsgi_processes_max] | min }}\"\nheat_wsgi_threads: 1\nheat_api_uwsgi_bind_address: \"{{ openstack_service_bind_address | default('0.0.0.0') }}\"\nheat_api_cfn_uwsgi_bind_address: \"{{ openstack_service_bind_address | default('0.0.0.0') }}\"\nheat_uwsgi_tls:\n crt: \"{{ heat_ssl_cert }}\"\n key: \"{{ heat_ssl_key }}\"\n\n## Tunable overrides\nheat_heat_conf_overrides: {}\nheat_api_paste_ini_overrides: {}\nheat_default_yaml_overrides: {}\nheat_aws_cloudwatch_alarm_yaml_overrides: {}\nheat_aws_rds_dbinstance_yaml_overrides: {}\nheat_policy_overrides: {}\n\n###\n### Backend TLS\n###\n\n# Define if communication between haproxy and service backends should be\n# encrypted with TLS.\nheat_backend_ssl: \"{{ openstack_service_backend_ssl | default(False) }}\"\n\n# Storage location for SSL certificate authority\nheat_pki_dir: \"{{ openstack_pki_dir | default('/etc/openstack_deploy/pki') }}\"\n\n# Delegated host for operating the certificate authority\nheat_pki_setup_host: \"{{ openstack_pki_setup_host | default('localhost') }}\"\n\n# heat server certificate\nheat_pki_keys_path: \"{{ heat_pki_dir ~ '/certs/private/' }}\"\nheat_pki_certs_path: \"{{ heat_pki_dir ~ '/certs/certs/' }}\"\nheat_pki_intermediate_cert_name: \"{{ openstack_pki_service_intermediate_cert_name | default('ExampleCorpIntermediate') }}\"\nheat_pki_regen_cert: \"\"\nheat_pki_san: \"{{ openstack_pki_san | default('DNS:' ~ ansible_facts['hostname'] ~ ',IP:' ~ management_address) }}\"\nheat_pki_certificates:\n - name: \"heat_{{ ansible_facts['hostname'] }}\"\n provider: ownca\n cn: \"{{ ansible_facts['hostname'] }}\"\n san: \"{{ heat_pki_san }}\"\n signed_by: \"{{ heat_pki_intermediate_cert_name }}\"\n\n# heat destination files for SSL certificates\nheat_ssl_cert: /etc/heat/heat.pem\nheat_ssl_key: /etc/heat/heat.key\n\n# Installation details for SSL certificates\nheat_pki_install_certificates:\n - src: \"{{ heat_user_ssl_cert | default(heat_pki_certs_path ~ 'heat_' ~ ansible_facts['hostname'] ~ '-chain.crt') }}\"\n dest: \"{{ heat_ssl_cert }}\"\n owner: \"{{ heat_system_user_name }}\"\n group: \"{{ heat_system_user_name }}\"\n mode: \"0644\"\n - src: \"{{ heat_user_ssl_key | default(heat_pki_keys_path ~ 'heat_' ~ ansible_facts['hostname'] ~ '.key.pem') }}\"\n dest: \"{{ heat_ssl_key }}\"\n owner: \"{{ heat_system_user_name }}\"\n group: \"{{ heat_system_user_name }}\"\n mode: \"0600\"\n\n# Define user-provided SSL certificates\n# heat_user_ssl_cert: \n# heat_user_ssl_key: \n","created":"2025-12-08T13:57:13.017040Z","updated":"2025-12-08T13:57:13.017052Z","path":"/home/zuul/src/opendev.org/openstack/openstack-ansible-os_heat/defaults/main.yml"}