{"id":566,"sha1":"912cd852329bf0df2f611e1c142e02267f22558a","playbook":{"id":4,"items":{"plays":32,"tasks":1505,"results":1497,"hosts":12,"files":487,"records":0},"arguments":{"version":null,"verbosity":0,"private_key_file":null,"remote_user":null,"connection":"openstack.osa.ssh","timeout":null,"ssh_common_args":null,"sftp_extra_args":null,"scp_extra_args":null,"ssh_extra_args":null,"ask_pass":false,"connection_password_file":null,"force_handlers":true,"flush_cache":false,"become":false,"become_method":"sudo","become_user":null,"become_ask_pass":false,"become_password_file":null,"tags":["all"],"skip_tags":[],"check":false,"diff":false,"inventory":["/home/zuul/src/opendev.org/openstack/openstack-ansible/inventory/dynamic_inventory.py","/home/zuul/src/opendev.org/openstack/openstack-ansible/inventory/inventory.ini","/etc/openstack_deploy/inventory.ini"],"listhosts":false,"subset":null,"extra_vars":"Not saved by ARA as configured by 'ignored_arguments'","vault_ids":[],"ask_vault_pass":false,"vault_password_files":[],"forks":4,"module_path":null,"syntax":false,"listtasks":false,"listtags":false,"step":false,"start_at_task":null,"args":["setup-openstack.yml"]},"labels":[{"id":1,"name":"check:False"},{"id":2,"name":"tags:all"}],"started":"2025-12-08T13:57:07.871967Z","ended":"2025-12-08T14:21:54.049657Z","duration":"00:24:46.177690","name":null,"ansible_version":"2.18.6","client_version":"1.7.4","python_version":"3.12.11","server_version":"1.7.4","status":"failed","path":"/home/zuul/src/opendev.org/openstack/openstack-ansible/playbooks/setup-openstack.yml","controller":"aio1.openstack.local","user":"root"},"content":"---\n# Copyright 2016, Rackspace US, Inc.\n#\n# Licensed under the Apache License, Version 2.0 (the \"License\");\n# you may not use this file except in compliance with the License.\n# You may obtain a copy of the License at\n#\n#     http://www.apache.org/licenses/LICENSE-2.0\n#\n# Unless required by applicable law or agreed to in writing, software\n# distributed under the License is distributed on an \"AS IS\" BASIS,\n# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n# See the License for the specific language governing permissions and\n# limitations under the License.\n\n## Verbosity Options\ndebug: false\n\n# Set the package install state for distribution packages\n# Options are 'present' and 'latest'\nadjutant_package_state: \"{{ package_state | default('latest') }}\"\n\nadjutant_service_user_name: adjutant\n\nadjutant_system_group_name: adjutant\nadjutant_system_user_name: adjutant\nadjutant_system_comment: adjutant system user\nadjutant_system_shell: /bin/false\nadjutant_system_home_folder: \"/var/lib/{{ adjutant_system_user_name }}\"\n\nadjutant_venv_tag: \"{{ venv_tag | default('untagged') }}\"\nadjutant_bin: \"/openstack/venvs/adjutant-{{ adjutant_venv_tag }}/bin\"\n\nadjutant_git_repo: https://opendev.org/openstack/adjutant\nadjutant_git_install_branch: master\nadjutant_upper_constraints_url: >-\n  {{ requirements_git_url | default('https://releases.openstack.org/constraints/upper/' ~ requirements_git_install_branch | default('master')) }}\nadjutant_git_constraints:\n  - \"--constraint {{ adjutant_upper_constraints_url }}\"\n\nadjutant_user_domain_name: Default\nadjutant_user_domain_id: default\nadjutant_keystone_auth_plugin: password\n\nadjutant_galera_address: \"{{ galera_address | default('127.0.0.1') }}\"\nadjutant_galera_database: adjutant\nadjutant_galera_user: adjutant\nadjutant_galera_use_ssl: \"{{ galera_use_ssl | default(False) }}\"\nadjutant_galera_ssl_ca_cert: \"{{ galera_ssl_ca_cert | default('/etc/ssl/certs/galera-ca.pem') }}\"\nadjutant_galera_port: \"{{ galera_port | default('3306') }}\"\nadjutant_galera_setup_host: \"{{ openstack_db_setup_host | default('localhost') }}\"\nadjutant_galera_setup_python_interpreter: >-\n  {{\n    openstack_db_setup_python_interpreter | default(\n      (adjutant_galera_setup_host == 'localhost') | ternary(ansible_playbook_python, ansible_python['executable']))\n  }}\n\n## Service Type and Data\nadjutant_role_name: admin\nadjutant_service_region: \"{{ service_region | default('RegionOne') }}\"\nadjutant_service_name: adjutant\nadjutant_service_type: registration\nadjutant_service_description: \"Adjutant Registration Service\"\nadjutant_service_port: 5050\nadjutant_service_project_name: service\nadjutant_service_in_ldap: \"{{ service_ldap_backend_enabled | default(False) }}\"\nadjutant_service_setup_host: \"{{ openstack_service_setup_host | default('localhost') }}\"\nadjutant_service_setup_host_python_interpreter: >-\n  {{\n    openstack_service_setup_host_python_interpreter | default(\n      (adjutant_service_setup_host == 'localhost') | ternary(ansible_playbook_python, ansible_python['executable']))\n  }}\nadjutant_bind_address: \"{{ openstack_service_bind_address | default('0.0.0.0') }}\"\nadjutant_service_proto: http\nadjutant_service_publicuri_proto: \"{{ openstack_service_publicuri_proto | default(adjutant_service_proto) }}\"\nadjutant_service_adminuri_proto: \"{{ openstack_service_adminuri_proto | default(adjutant_service_proto) }}\"\nadjutant_service_internaluri_proto: \"{{ openstack_service_internaluri_proto | default(adjutant_service_proto) }}\"\nadjutant_service_publicuri: \"{{ adjutant_service_publicuri_proto }}://{{ external_lb_vip_address }}:{{ adjutant_service_port }}\"\nadjutant_service_publicurl: \"{{ adjutant_service_publicuri }}/v1/\"\nadjutant_service_adminuri: \"{{ adjutant_service_adminuri_proto }}://{{ internal_lb_vip_address }}:{{ adjutant_service_port }}\"\nadjutant_service_adminurl: \"{{ adjutant_service_adminuri }}/v1/\"\nadjutant_service_internaluri: \"{{ adjutant_service_internaluri_proto }}://{{ internal_lb_vip_address }}:{{ adjutant_service_port }}\"\nadjutant_service_internalurl: \"{{ adjutant_service_internaluri }}/v1/\"\nadjutant_horizon_publicurl: \"{{ openstack_service_publicuri_proto | default(adjutant_service_proto) }}://{{ external_lb_vip_address }}/\"\n\n# uWSGI settings\nadjutant_wsgi_threads: 1\nadjutant_wsgi_processes_max: 16\nadjutant_wsgi_processes: >-\n  {{ [[(ansible_facts['processor_vcpus'] // ansible_facts['processor_threads_per_core']) | default(1), 1] | max * 2, adjutant_wsgi_processes_max] | min }}\nadjutant_use_uwsgi: true\nadjutant_uwsgi_tls:\n  crt: \"{{ adjutant_ssl_cert }}\"\n  key: \"{{ adjutant_ssl_key }}\"\n\nadjutant_email_backend: django.core.mail.backends.smtp.EmailBackend\nadjutant_email_host: localhost\nadjutant_email_port: 587\nadjutant_email_host_user: adjutant\nadjutant_email_use_tls: true\nadjutant_email_use_ssl: false\nadjutant_email_reply_address: no-reply@example.com\nadjutant_email_from_address: bounce+%(task_uuid)s@example.com\nadjutant_email_notification_address: example@example.com\nadjutant_email_signups_notification_address: signups@example.com\nadjutant_active_delegate_apis:\n  - RoleList\n  - SignUp\n  - UpdateProjectQuotas\n  - UserDetail\n  - UserList\n  - UserResetPassword\n  - UserRoles\n  - UserUpdateEmail\nadjutant_role_mapping:\n  admin:\n    - project_admin\n    - project_mod\n    - heat_stack_owner\n    - member\n  project_admin:\n    - project_admin\n    - project_mod\n    - heat_stack_owner\n    - member\n  project_mod:\n    - project_mod\n    - heat_stack_owner\n    - member\nadjutant_blacklisted_roles:\n  - admin\n  - rating\nadjutant_default_users_to_project_action: []\nadjutant_default_roles_to_project_action: []\nadjutant_default_quota_size: small\nadjutant_signup_allow_auto_approve: false\nadjutant_quota_allow_auto_approve: false\nadjutant_quota_size_difference_threshold: 0.1\nadjutant_quota_auto_approve_days: 30\nadjutant_quota_sizes:\n  small:\n    cinder:\n      gigabytes: 5000\n      snapshots: 50\n      volumes: 20\n    neutron:\n      floatingip: 10\n      network: 3\n      port: 50\n      router: 3\n      security_group: 20\n      security_group_rule: 100\n      subnet: 3\n    nova:\n      cores: 20\n      fixed_ips: 0\n      floating_ips: 10\n      injected_file_content_bytes: 10240\n      injected_files: 5\n      instances: 10\n      key_pairs: 50\n      metadata_items: 128\n      ram: 65536\n      security_group_rules: 100\n      security_groups: 20\n    octavia:\n      health_monitor: 5\n      listener: 1\n      load_balancer: 1\n      member: 2\n      pool: 1\n  medium:\n    cinder:\n      gigabytes: 10000\n      snapshots: 300\n      volumes: 100\n    neutron:\n      floatingip: 25\n      network: 5\n      port: 250\n      router: 5\n      security_group: 50\n      security_group_rule: 400\n      subnet: 5\n    nova:\n      cores: 100\n      fixed_ips: 0\n      floating_ips: 25\n      injected_file_content_bytes: 10240\n      injected_files: 5\n      instances: 50\n      key_pairs: 50\n      metadata_items: 128\n      ram: 327680\n      security_group_rules: 400\n      security_groups: 50\n    octavia:\n      health_monitor: 50\n      listener: 5\n      load_balancer: 5\n      member: 5\n      pool: 5\n  large:\n    cinder:\n      gigabytes: 50000\n      snapshots: 600\n      volumes: 200\n    neutron:\n      floatingip: 50\n      network: 10\n      port: 500\n      router: 10\n      security_group: 100\n      security_group_rule: 800\n      subnet: 10\n    nova:\n      cores: 200\n      fixed_ips: 0\n      floating_ips: 50\n      injected_file_content_bytes: 10240\n      injected_files: 5\n      instances: 100\n      key_pairs: 50\n      metadata_items: 128\n      ram: 655360\n      security_group_rules: 800\n      security_groups: 100\n    octavia:\n      health_monitor: 100\n      listener: 10\n      load_balancer: 10\n      member: 10\n      pool: 10\n\nadjutant_quota_sizes_asc:\n  - small\n  - medium\n  - large\n\nadjutant_quota_services:\n  \"*\":\n    - cinder\n    - neutron\n    - nova\n    # Additonal Quota Service\n    # - octavia\n\nadjutant_adjutant_conf_overrides: {}\nadjutant_api_uwsgi_ini_overrides: {}\nadjutant_api_init_overrides: {}\n\n## Service Name-Group Mapping\nadjutant_services:\n  adjutant-api:\n    group: adjutant_api\n    service_name: adjutant-api\n    service_enabled: true\n    init_config_overrides: \"{{ adjutant_api_init_overrides }}\"\n    execstarts: \"{{ adjutant_bin }}/adjutant-api\"\n    wsgi_app: \"{{ adjutant_use_uwsgi }}\"\n    wsgi_name: adjutant-api-wsgi\n    uwsgi_overrides: \"{{ adjutant_api_uwsgi_ini_overrides }}\"\n    uwsgi_bind_address: \"{{ adjutant_bind_address }}\"\n    uwsgi_port: \"{{ adjutant_service_port }}\"\n    uwsgi_tls: \"{{ adjutant_backend_ssl | ternary(adjutant_uwsgi_tls, {}) }}\"\n\nadjutant_pip_install_args: \"{{ pip_install_options | default('') }}\"\nadjutant_venv_python_executable: \"{{ openstack_venv_python_executable | default('python3') }}\"\n\nadjutant_pip_packages:\n  - \"git+{{ adjutant_git_repo }}@{{ adjutant_git_install_branch }}#egg=python-adjutant\"\n  - cryptography\n  - systemd-python\n\nadjutant_pip_extra_packages:\n  - mysqlclient\n\n###\n### Backend TLS\n###\n\n# Define if communication between haproxy and service backends should be\n# encrypted with TLS.\nadjutant_backend_ssl: \"{{ openstack_service_backend_ssl | default(False) }}\"\n\n# Storage location for SSL certificate authority\nadjutant_pki_dir: \"{{ openstack_pki_dir | default('/etc/openstack_deploy/pki') }}\"\n\n# Delegated host for operating the certificate authority\nadjutant_pki_setup_host: \"{{ openstack_pki_setup_host | default('localhost') }}\"\n\n# adjutant server certificate\nadjutant_pki_keys_path: \"{{ adjutant_pki_dir ~ '/certs/private/' }}\"\nadjutant_pki_certs_path: \"{{ adjutant_pki_dir ~ '/certs/certs/' }}\"\nadjutant_pki_intermediate_cert_name: \"{{ openstack_pki_service_intermediate_cert_name | default('ExampleCorpIntermediate') }}\"\nadjutant_pki_regen_cert: \"\"\nadjutant_pki_san: \"{{ openstack_pki_san | default('DNS:' ~ ansible_facts['hostname'] ~ ',IP:' ~ management_address) }}\"\nadjutant_pki_certificates:\n  - name: \"adjutant_{{ ansible_facts['hostname'] }}\"\n    provider: ownca\n    cn: \"{{ ansible_facts['hostname'] }}\"\n    san: \"{{ adjutant_pki_san }}\"\n    signed_by: \"{{ adjutant_pki_intermediate_cert_name }}\"\n\n# adjutant destination files for SSL certificates\nadjutant_ssl_cert: /etc/adjutant/adjutant.pem\nadjutant_ssl_key: /etc/adjutant/adjutant.key\n\n# Installation details for SSL certificates\nadjutant_pki_install_certificates:\n  - src: \"{{ adjutant_user_ssl_cert | default(adjutant_pki_certs_path ~ 'adjutant_' ~ ansible_facts['hostname'] ~ '-chain.crt') }}\"\n    dest: \"{{ adjutant_ssl_cert }}\"\n    owner: \"{{ adjutant_system_user_name }}\"\n    group: \"{{ adjutant_system_user_name }}\"\n    mode: \"0644\"\n  - src: \"{{ adjutant_user_ssl_key | default(adjutant_pki_keys_path ~ 'adjutant_' ~ ansible_facts['hostname'] ~ '.key.pem') }}\"\n    dest: \"{{ adjutant_ssl_key }}\"\n    owner: \"{{ adjutant_system_user_name }}\"\n    group: \"{{ adjutant_system_user_name }}\"\n    mode: \"0600\"\n\n# Define user-provided SSL certificates\n# adjutant_user_ssl_cert: <path to cert on ansible deployment host>\n# adjutant_user_ssl_key: <path to cert on ansible deployment host>\n","created":"2025-12-08T13:57:15.619605Z","updated":"2025-12-08T13:57:15.619627Z","path":"/home/zuul/src/opendev.org/openstack/openstack-ansible-os_adjutant/defaults/main.yml"}