Execution
Date
08 Dec 2025 13:57:07 +0000
Duration
00:24:46.17
Controller
aio1.openstack.local
User
root
Versions
Ansible
2.18.6
ara
1.7.4 / 1.7.4
Python
3.12.11
Summary
12
Hosts
1505
Tasks
1497
Results
32
Plays
487
Files
0
Records
File: /home/zuul/src/opendev.org/openstack/openstack-ansible-os_keystone/tasks/keystone_install.yml
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 | --- # Copyright 2014, Rackspace US, Inc. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. - name: Create keystone dir ansible.builtin.file: path: "{{ item.path }}" state: directory owner: "{{ item.owner | default(keystone_system_user_name) }}" group: "{{ item.group | default(keystone_system_group_name) }}" mode: "{{ item.mode | default('0755') }}" with_items: - { path: "/var/lock/keystone", mode: "2755" } when: - ansible_facts['pkg_mgr'] == 'dnf' - name: Create system links ansible.builtin.file: src: "{{ item.src }}" dest: "{{ item.dest }}" state: "link" with_items: - { src: "/var/log/httpd", dest: "/var/log/apache2" } when: - ansible_facts['pkg_mgr'] == 'dnf' - name: Add shibboleth repo ansible.builtin.yum_repository: name: "shibboleth" description: "shibboleth Repo" baseurl: "{{ keystone_centos_shibboleth_mirror }}" gpgkey: "{{ keystone_centos_shibboleth_key }}" gpgcheck: true when: - ansible_facts['pkg_mgr'] == 'dnf' - keystone_sp != {} - name: Install distro packages ansible.builtin.package: name: "{{ keystone_package_list }}" state: "{{ keystone_package_state }}" update_cache: "{{ (ansible_facts['pkg_mgr'] == 'apt') | ternary('yes', omit) }}" cache_valid_time: "{{ (ansible_facts['pkg_mgr'] == 'apt') | ternary(cache_timeout, omit) }}" register: install_packages until: install_packages is success retries: 5 delay: 2 notify: - Restart uWSGI - name: Install the python venv ansible.builtin.import_role: name: "python_venv_build" vars: venv_python_executable: "{{ keystone_venv_python_executable }}" venv_build_constraints: "{{ keystone_git_constraints }}" venv_build_distro_package_list: "{{ keystone_devel_distro_packages }}" venv_install_destination_path: "{{ keystone_bin | dirname }}" venv_pip_install_args: "{{ keystone_pip_install_args }}" venv_pip_packages: "{{ keystone_pip_packages | union(keystone_user_pip_packages) }}" venv_facts_when_changed: - section: "keystone" option: "need_db_expand" value: "True" - section: "keystone" option: "need_db_contract" value: "True" - section: "keystone" option: "venv_tag" value: "{{ keystone_venv_tag }}" - section: "keystone" option: "install_method" value: "{{ keystone_install_method }}" when: keystone_install_method == 'source' # TODO(hwoarang): We need to have a venv_tag local fact deployed since we use it in the # integration repo to determine if keystone software is the same across all nodes in the # keystone_all group so we can safely run the DB migration. See # https://github.com/openstack/openstack-ansible/blob/master/playbooks/os-keystone-install.yml - name: Record local facts for distro path when: keystone_install_method == 'distro' block: - name: Record the osa version deployed community.general.ini_file: dest: "/etc/ansible/facts.d/openstack_ansible.fact" section: keystone option: venv_tag value: "{{ keystone_venv_tag }}" mode: "0644" # NOTE(noonedeadpunk): Ubuntu packages does recursively chmod all files # for keystone user $HOME: # https://bugs.launchpad.net/cloud-archive/+bug/2060235 - name: Ensure SSH keys has right permissions ansible.builtin.file: path: "{{ keystone_system_user_home }}/.ssh/id_rsa" mode: "0600" when: - install_packages is changed - ansible_facts['distribution'] | lower == 'ubuntu' - name: Initialise the upgrade facts community.general.ini_file: dest: "/etc/ansible/facts.d/openstack_ansible.fact" section: keystone option: "{{ item.name }}" value: "{{ item.state }}" mode: "0644" with_items: - name: "need_db_expand" state: "True" - name: "need_db_contract" state: "True" - name: "install_method" state: "{{ keystone_install_method }}" when: (install_packages is changed) or (ansible_local is not defined) or ('openstack_ansible' not in ansible_local) or ('keystone' not in ansible_local['openstack_ansible']) or ('need_db_expand' not in ansible_local['openstack_ansible']['keystone']) or ('need_db_contract' not in ansible_local['openstack_ansible']['keystone']) - name: Create WSGI symlinks ansible.builtin.file: src: "{{ keystone_bin }}/keystone-wsgi-public" dest: "/var/www/cgi-bin/keystone/main" state: link force: true |