Playbook #4
/home/zuul/src/opendev.org/openstack/openstack-ansible/playbooks/setup-openstack.yml
Execution
Date 08 Dec 2025 13:57:07 +0000
Duration 00:24:46.17
Controller aio1.openstack.local
User root
Versions
Ansible 2.18.6
ara 1.7.4 / 1.7.4
Python 3.12.11
Summary
12 Hosts
1505 Tasks
1497 Results
32 Plays
487 Files
0 Records
check:False tags:all

File: /home/zuul/src/opendev.org/openstack/openstack-ansible-os_keystone/tasks/keystone_db_sync.yml

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
---
# Copyright 2014, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

- name: Check current state of Keystone DB
  ansible.builtin.command: "{{ keystone_bin }}/keystone-manage db_sync --check"
  become: true
  become_user: "{{ keystone_system_user_name }}"
  register: keystone_db_sync_check
  failed_when: "keystone_db_sync_check.rc == 1"
  changed_when: "keystone_db_sync_check.rc not in [2, 3, 4]"
  run_once: true

- name: Set the db sync local facts
  community.general.ini_file:
    dest: "/etc/ansible/facts.d/openstack_ansible.fact"
    section: keystone
    option: "{{ item.name }}"
    value: "{{ item.state }}"
    mode: "0644"
  with_items:
    - name: "need_db_expand"
      state: "{{ (keystone_db_sync_check.rc | int == 2) | bool }}"
    - name: "need_db_contract"
      state: "{{ (keystone_db_sync_check.rc | int in [2, 3, 4]) | bool }}"

- name: Refresh local facts
  ansible.builtin.setup:
    filter: ansible_local
    gather_subset: "!all"
  tags:
    - keystone-config

# When keystone is initially built, the service does not yet exist on the
# host this task is executed on. Detect the presence of the services.
- name: Test if keystone service exists
  ansible.builtin.service: # noqa: args[module]
    name: "{{ item }}"
  check_mode: true
  register: keystone_service_exists
  with_items: "{{ keystone_services.keys() | list }}"

- name: Ensure keystone service is stopped
  ansible.builtin.service:
    name: "{{ item.name }}"
    state: stopped
  register: _stop
  until: _stop is success
  retries: 5
  delay: 2
  with_items: "{{ keystone_service_exists.results }}"
  when:
    - "(ansible_local['openstack_ansible']['keystone']['need_db_expand'] | bool)"
    - "(item.status['LoadState'] == 'loaded' | bool)"
  notify:
    - Restart uWSGI

- name: Perform a Keystone DB sync expand
  ansible.builtin.command: "{{ keystone_bin }}/keystone-manage db_sync --expand"
  changed_when: false
  become: true
  become_user: "{{ keystone_system_user_name }}"
  when:
    - "ansible_local['openstack_ansible']['keystone']['need_db_expand'] | bool"
  run_once: true
  notify: flush cache

- name: Perform a Keystone DB sync contract
  ansible.builtin.command: "{{ keystone_bin }}/keystone-manage db_sync --contract"
  changed_when: false
  become: true
  become_user: "{{ keystone_system_user_name }}"
  when:
    - "(keystone_all_software_updated | default('no')) | bool"
    - "ansible_local['openstack_ansible']['keystone']['need_db_contract'] | bool"
  run_once: true
  notify: flush cache