feat: add ansible execution environment for playbooks #806
Conversation
cardoe
force-pushed
the
ansible-start
branch
2 times, most recently
from
c30a353 to
8953184
Compare
cardoe
force-pushed
the
ansible-start
branch
4 times, most recently
from
2ab114b to
e26c3b0
Compare
cardoe
force-pushed
the
ansible-start
branch
14 times, most recently
from
0a050b6 to
56ac014
Compare
|
So this would require a all:
vars:
keystone_bootstrap_dex_url: "https://dex.dns.zone" |
There was a problem hiding this comment.
overall LGTM, I would probably feel better if we enforced that variables are set. Something like this should help (untested):
pre_tasks:
- name: Fail if ENV variables are not set
fail:
msg: "Environment variable {{ item }} is not set. Exiting playbook."
when: lookup('env', item) == ''
loop:
- DNS_ZONE
- OS_USERNAME
- OS_DEFAULT_DOMAIN
Good point. Should add this. |
|
I started to fix the role piece upstream. The first part is to use the service proxy and have cross domain support. That PR is https://review.opendev.org/c/openstack/ansible-collections-openstack/+/947285 The ultimate bug we need to fix is https://bugs.launchpad.net/ansible-collections-openstack/+bug/2107410 |
|
@haseebsyed12 this is the PR that needs to be finished up and then the network piece added to it. Another thing that might be interesting to use for bootstrapping would be https://k-orc.cloud |
This creates an ansible based container that has ansible-runner as the executor inside which can then be loaded with playbooks and roles so that we can have a consistent way to configure different parts of the system or react to events in the system and execute a series of steps. To provide a consistent way to configure the overall system and react to events in the system. Some areas where this might be useful is for OpenStack Helm has a bootstrap bash script that executes on deployment. This is a big hardcoded blob and will be easier to be configurable via ansible.
cardoe
force-pushed
the
ansible-start
branch
2 times, most recently
from
4e34aa5 to
882247a
Compare
The current keystone bootstrap is a bash script which makes it hard to ensure that everything has been setup. By making it Ansible we can ensure that things are consistent. Unfortunately the openstack's role module does not support cross-domain or inherited like the CLI does so this hacks around it with ansible.builtin.command that then needs some hoops to avoid lint errors. Bump the keystone chart version which fixes volume mounts so that our inventory can be mounted into the bootstrap container.
This value is not used anywhere.
cardoe
force-pushed
the
ansible-start
branch
2 times, most recently
from
055f49d to
9d86d74
Compare
This creates an ansible based container that has ansible-runner as the executor inside which can then be loaded with playbooks and roles so that we can have a consistent way to configure different parts of the system or react to events in the system and execute a series of steps. To provide a consistent way to configure the overall system and react to events in the system. Some areas where this might be useful is for OpenStack Helm has a bootstrap bash script that executes on deployment. This is a big hardcoded blob and will be easier to be configurable via ansible.