diff --git a/.ansible-lint b/.ansible-lint
index ad9a30abbc..5c0c0640a1 100644
--- a/.ansible-lint
+++ b/.ansible-lint
@@ -1,10 +1,12 @@
---
exclude_paths:
- - etc
+ - releasenotes
- roles
- tests
- zuul.d
-strict: true
+# NOTE(mnasiadka): Switched to false due to rules skipped via .ansible-lint-ignore causing
+# failures
+strict: false
use_default_rules: true
skip_list:
# [E301] Commands should not change things if nothing needs doing
@@ -35,7 +37,4 @@ skip_list:
- var-naming[no-role-prefix]
- risky-file-permissions
- risky-shell-pipe
- - command-instead-of-shell
- - command-instead-of-module
- - yaml[truthy]
- yaml[line-length]
diff --git a/.ansible-lint-ignore b/.ansible-lint-ignore
new file mode 100644
index 0000000000..ab7637ed47
--- /dev/null
+++ b/.ansible-lint-ignore
@@ -0,0 +1 @@
+etc/kolla/globals.yml yaml[comments] skip
\ No newline at end of file
diff --git a/.gitignore b/.gitignore
index e3f52d7e81..480b0ad3f9 100644
--- a/.gitignore
+++ b/.gitignore
@@ -53,6 +53,7 @@ releasenotes/build
# Files generated by Ansible
ansible/*.retry
+.ansible/
# Others
.DS_Store
diff --git a/ansible/bifrost.yml b/ansible/bifrost.yml
index ad02f05398..a390ea5cb3 100644
--- a/ansible/bifrost.yml
+++ b/ansible/bifrost.yml
@@ -2,5 +2,5 @@
- name: Apply role bifrost
hosts: bifrost
roles:
- - { role: bifrost,
- tags: bifrost}
+ - role: bifrost
+ tags: bifrost
diff --git a/ansible/gather-facts.yml b/ansible/gather-facts.yml
index 468b5ae695..cb0040a743 100644
--- a/ansible/gather-facts.yml
+++ b/ansible/gather-facts.yml
@@ -50,7 +50,7 @@
setup:
filter: "{{ kolla_ansible_setup_filter }}"
gather_subset: "{{ kolla_ansible_setup_gather_subset }}"
- delegate_facts: True
+ delegate_facts: true
delegate_to: "{{ item }}"
with_items: "{{ delegate_hosts }}"
when:
diff --git a/ansible/group_vars/all/aodh.yml b/ansible/group_vars/all/aodh.yml
index 2e431e11eb..6cb9e28fce 100644
--- a/ansible/group_vars/all/aodh.yml
+++ b/ansible/group_vars/all/aodh.yml
@@ -1,5 +1,5 @@
---
-enable_aodh: "no"
+enable_aodh: false
# Ports
aodh_internal_fqdn: "{{ kolla_internal_fqdn }}"
diff --git a/ansible/group_vars/all/barbican.yml b/ansible/group_vars/all/barbican.yml
index 36e256a018..c7b6c10cee 100644
--- a/ansible/group_vars/all/barbican.yml
+++ b/ansible/group_vars/all/barbican.yml
@@ -1,5 +1,5 @@
---
-enable_barbican: "no"
+enable_barbican: false
#######################
# Barbican options
diff --git a/ansible/group_vars/all/blazar.yml b/ansible/group_vars/all/blazar.yml
index 10122ffdc4..f9463988b0 100644
--- a/ansible/group_vars/all/blazar.yml
+++ b/ansible/group_vars/all/blazar.yml
@@ -1,5 +1,5 @@
---
-enable_blazar: "no"
+enable_blazar: false
# Ports
blazar_internal_fqdn: "{{ kolla_internal_fqdn }}"
diff --git a/ansible/group_vars/all/ceilometer.yml b/ansible/group_vars/all/ceilometer.yml
index 19e99eee03..0b178a4704 100644
--- a/ansible/group_vars/all/ceilometer.yml
+++ b/ansible/group_vars/all/ceilometer.yml
@@ -1,4 +1,4 @@
---
-enable_ceilometer: "no"
-enable_ceilometer_ipmi: "no"
-enable_ceilometer_prometheus_pushgateway: "no"
+enable_ceilometer: false
+enable_ceilometer_ipmi: false
+enable_ceilometer_prometheus_pushgateway: false
diff --git a/ansible/group_vars/all/ceph-rgw.yml b/ansible/group_vars/all/ceph-rgw.yml
index 3d3d4802b7..dba16bae7f 100644
--- a/ansible/group_vars/all/ceph-rgw.yml
+++ b/ansible/group_vars/all/ceph-rgw.yml
@@ -1,5 +1,5 @@
---
-enable_ceph_rgw: "no"
+enable_ceph_rgw: false
enable_ceph_rgw_loadbalancer: "{{ enable_ceph_rgw | bool }}"
ceph_rgw_internal_fqdn: "{{ kolla_internal_fqdn }}"
diff --git a/ansible/group_vars/all/ceph.yml b/ansible/group_vars/all/ceph.yml
index 987717a65e..ab48f06fca 100644
--- a/ansible/group_vars/all/ceph.yml
+++ b/ansible/group_vars/all/ceph.yml
@@ -3,7 +3,7 @@
# External Ceph options
###################
# External Ceph - cephx auth enabled (this is the standard nowadays, defaults to yes)
-external_ceph_cephx_enabled: "yes"
+external_ceph_cephx_enabled: true
ceph_cluster: "ceph"
diff --git a/ansible/group_vars/all/cinder.yml b/ansible/group_vars/all/cinder.yml
index 51948a18ad..9418adcc9d 100644
--- a/ansible/group_vars/all/cinder.yml
+++ b/ansible/group_vars/all/cinder.yml
@@ -1,21 +1,21 @@
---
-enable_cinder: "no"
-enable_cinder_backup: "yes"
+enable_cinder: false
+enable_cinder_backup: true
enable_cinder_backend_iscsi: "{{ enable_cinder_backend_lvm | bool }}"
-enable_cinder_backend_lvm: "no"
-enable_cinder_backend_nfs: "no"
-enable_cinder_backend_quobyte: "no"
-enable_cinder_backend_pure_iscsi: "no"
-enable_cinder_backend_pure_fc: "no"
-enable_cinder_backend_pure_roce: "no"
-enable_cinder_backend_pure_nvme_tcp: "no"
-enable_cinder_backend_lightbits: "no"
+enable_cinder_backend_lvm: false
+enable_cinder_backend_nfs: false
+enable_cinder_backend_quobyte: false
+enable_cinder_backend_pure_iscsi: false
+enable_cinder_backend_pure_fc: false
+enable_cinder_backend_pure_roce: false
+enable_cinder_backend_pure_nvme_tcp: false
+enable_cinder_backend_lightbits: false
#################################
# Cinder options
#################################
-cinder_backend_ceph: "no"
-cinder_backend_huawei: "no"
+cinder_backend_ceph: false
+cinder_backend_huawei: false
cinder_backend_huawei_xml_files: []
cinder_volume_group: "cinder-volumes"
cinder_target_helper: "{{ 'lioadm' if ansible_facts.os_family == 'RedHat' else 'tgtadm' }}"
diff --git a/ansible/group_vars/all/cloudkitty.yml b/ansible/group_vars/all/cloudkitty.yml
index a657c3bd0b..23f06708ce 100644
--- a/ansible/group_vars/all/cloudkitty.yml
+++ b/ansible/group_vars/all/cloudkitty.yml
@@ -1,5 +1,5 @@
---
-enable_cloudkitty: "no"
+enable_cloudkitty: false
#######################
# Cloudkitty options
diff --git a/ansible/group_vars/all/collectd.yml b/ansible/group_vars/all/collectd.yml
index 8e62327160..03282eafe5 100644
--- a/ansible/group_vars/all/collectd.yml
+++ b/ansible/group_vars/all/collectd.yml
@@ -1,4 +1,4 @@
---
-enable_collectd: "no"
+enable_collectd: false
collectd_udp_port: "25826"
diff --git a/ansible/group_vars/all/common.yml b/ansible/group_vars/all/common.yml
index 2e03111176..4664430f22 100644
--- a/ansible/group_vars/all/common.yml
+++ b/ansible/group_vars/all/common.yml
@@ -31,13 +31,13 @@ docker_image_name_prefix: ""
docker_image_url: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ docker_image_name_prefix }}"
docker_registry_username:
# Please read the docs carefully before applying docker_registry_insecure.
-docker_registry_insecure: "no"
+docker_registry_insecure: false
docker_runtime_directory: ""
# Docker client timeout in seconds.
docker_client_timeout: 120
# Docker networking options
-docker_disable_default_iptables_rules: "yes"
+docker_disable_default_iptables_rules: true
docker_disable_default_network: "{{ docker_disable_default_iptables_rules }}"
docker_disable_ip_forward: "{{ docker_disable_default_iptables_rules }}"
@@ -79,14 +79,13 @@ container_engine_volumes_path: "{{ docker_volumes_path if kolla_container_engine
# Podman has problem with mounting whole /run directory
# described here: https://github.com/containers/podman/issues/16305
run_default_volumes_podman:
- - '/run/netns:/run/netns:shared'
- - '/run/lock/nova:/run/lock/nova:shared'
+ - "/run/netns:/run/netns:shared"
+ - "/run/lock/nova:/run/lock/nova:shared"
- "/run/libvirt:/run/libvirt:shared"
- "/run/nova:/run/nova:shared"
- "/run/openvswitch:/run/openvswitch:shared"
run_default_volumes_docker: []
-
####################
# Dimensions options
####################
@@ -112,7 +111,7 @@ default_podman_dimensions_el9:
#####################
# Healthcheck options
#####################
-enable_container_healthchecks: "yes"
+enable_container_healthchecks: true
# Healthcheck options for Docker containers
# interval/timeout/start_period are in seconds
default_container_healthcheck_interval: 30
@@ -125,7 +124,6 @@ default_container_healthcheck_start_period: 5
#######################
# Extra volumes for Docker Containers
default_extra_volumes: []
-
##################
# Firewall options
##################
@@ -174,8 +172,8 @@ kolla_external_fqdn: "{{ kolla_internal_fqdn if kolla_same_external_internal_vip
kolla_dev_repos_directory: "/opt/stack/"
kolla_dev_repos_git: "https://opendev.org/openstack"
-kolla_dev_repos_pull: "no"
-kolla_dev_mode: "no"
+kolla_dev_repos_pull: false
+kolla_dev_mode: false
kolla_source_version: "{% if openstack_release == 'master' %}master{% else %}stable/{{ openstack_release }}{% endif %}"
# Proxy settings for containers such as magnum that need internet access
@@ -202,7 +200,6 @@ api_interface_address: "{{ 'api' | kolla_address }}"
####################
kolla_container_engine: "docker"
-
#########################
# Internal Image options
#########################
@@ -213,8 +210,6 @@ kolla_base_distro_version_default_map: {
"ubuntu": "noble",
}
-distro_python_version: "3"
-
kolla_base_distro_version: "{{ kolla_base_distro_version_default_map[kolla_base_distro] }}"
####################
@@ -233,10 +228,10 @@ public_protocol: "{{ 'https' if kolla_enable_tls_external | bool else 'http' }}"
internal_protocol: "{{ 'https' if kolla_enable_tls_internal | bool else 'http' }}"
# Additional optional OpenStack features and services are specified here
-enable_central_logging: "no"
+enable_central_logging: false
# Clean images options are specified here
-enable_destroy_images: "no"
+enable_destroy_images: false
####################
# Global Options
@@ -246,7 +241,6 @@ enable_destroy_images: "no"
# - container1
# - container2
skip_stop_containers: []
-
###################
# Messaging options
###################
@@ -321,9 +315,9 @@ openstack_cacert: ""
# Enable core OpenStack services. This includes:
# glance, keystone, neutron, nova, heat, and horizon.
-enable_openstack_core: "yes"
+enable_openstack_core: true
-enable_osprofiler: "no"
+enable_osprofiler: false
####################
# Osprofiler options
@@ -336,8 +330,8 @@ osprofiler_backend_connection_string: "{{ valkey_connection_string if osprofiler
######################
# Backend TLS options
######################
-kolla_enable_tls_backend: "no"
-kolla_verify_tls_backend: "yes"
+kolla_enable_tls_backend: false
+kolla_verify_tls_backend: true
kolla_tls_backend_cert: "{{ kolla_certificates_dir }}/backend-cert.pem"
kolla_tls_backend_key: "{{ kolla_certificates_dir }}/backend-key.pem"
@@ -353,7 +347,7 @@ database_enable_tls_backend: "{{ 'yes' if ((kolla_enable_tls_backend | bool) and
database_enable_tls_internal: "{{ 'yes' if ((kolla_enable_tls_internal | bool) and (enable_proxysql | bool)) else 'no' }}"
# Optionally allow Kolla to set sysctl values
-set_sysctl: "yes"
+set_sysctl: true
# Optionally change the path to sysctl.conf modified by Kolla Ansible plays.
kolla_sysctl_conf_path: /etc/sysctl.conf
diff --git a/ansible/group_vars/all/cyborg.yml b/ansible/group_vars/all/cyborg.yml
index f8346b5ef2..19122bfbe7 100644
--- a/ansible/group_vars/all/cyborg.yml
+++ b/ansible/group_vars/all/cyborg.yml
@@ -1,5 +1,5 @@
---
-enable_cyborg: "no"
+enable_cyborg: false
cyborg_internal_fqdn: "{{ kolla_internal_fqdn }}"
cyborg_external_fqdn: "{{ kolla_external_fqdn }}"
diff --git a/ansible/group_vars/all/designate.yml b/ansible/group_vars/all/designate.yml
index 343472a165..c0287f436a 100644
--- a/ansible/group_vars/all/designate.yml
+++ b/ansible/group_vars/all/designate.yml
@@ -1,5 +1,5 @@
---
-enable_designate: "no"
+enable_designate: false
designate_keystone_user: "designate"
@@ -10,12 +10,12 @@ designate_keystone_user: "designate"
designate_backend: "bind9"
designate_ns_record:
- "ns1.example.org"
-designate_backend_external: "no"
+designate_backend_external: false
designate_backend_external_bind9_nameservers: ""
# Valid options are [ '', valkey ]
designate_coordination_backend: "{{ 'valkey' if enable_valkey | bool else '' }}"
-designate_enable_notifications_sink: "no"
+designate_enable_notifications_sink: false
designate_notifications_topic_name: "notifications_designate"
dns_interface: "{{ network_interface }}"
diff --git a/ansible/group_vars/all/etcd.yml b/ansible/group_vars/all/etcd.yml
index a6b1601196..fb3ae015c8 100644
--- a/ansible/group_vars/all/etcd.yml
+++ b/ansible/group_vars/all/etcd.yml
@@ -1,5 +1,5 @@
---
-enable_etcd: "no"
+enable_etcd: false
etcd_client_port: "2379"
etcd_peer_port: "2380"
diff --git a/ansible/group_vars/all/fluentd.yml b/ansible/group_vars/all/fluentd.yml
index 13f41522d0..1d9fcbb28c 100644
--- a/ansible/group_vars/all/fluentd.yml
+++ b/ansible/group_vars/all/fluentd.yml
@@ -1,5 +1,5 @@
---
-enable_fluentd: "yes"
+enable_fluentd: true
enable_fluentd_systemd: "{{ (enable_fluentd | bool) and (enable_central_logging | bool) }}"
fluentd_syslog_port: "5140"
diff --git a/ansible/group_vars/all/glance.yml b/ansible/group_vars/all/glance.yml
index baf705736b..11273e4f73 100644
--- a/ansible/group_vars/all/glance.yml
+++ b/ansible/group_vars/all/glance.yml
@@ -7,13 +7,13 @@ glance_keystone_user: "glance"
# Glance options
#######################
glance_backend_file: "{{ not (glance_backend_ceph | bool or glance_backend_s3 | bool) }}"
-glance_backend_ceph: "no"
-glance_backend_s3: "no"
-enable_glance_image_cache: "no"
+glance_backend_ceph: false
+glance_backend_s3: false
+enable_glance_image_cache: false
glance_file_datadir_volume: "glance"
-glance_enable_rolling_upgrade: "no"
-glance_enable_property_protection: "no"
-glance_enable_interoperable_image_import: "no"
+glance_enable_rolling_upgrade: false
+glance_enable_property_protection: false
+glance_enable_interoperable_image_import: false
glance_api_hosts: "{{ [groups['glance-api'] | first] if glance_backend_file | bool and glance_file_datadir_volume == 'glance' else groups['glance-api'] }}"
# NOTE(mnasiadka): For use in common role
glance_enable_tls_backend: "{{ kolla_enable_tls_backend }}"
diff --git a/ansible/group_vars/all/gnocchi.yml b/ansible/group_vars/all/gnocchi.yml
index 3792bf7d08..db066184d6 100644
--- a/ansible/group_vars/all/gnocchi.yml
+++ b/ansible/group_vars/all/gnocchi.yml
@@ -1,6 +1,6 @@
---
-enable_gnocchi: "no"
-enable_gnocchi_statsd: "no"
+enable_gnocchi: false
+enable_gnocchi_statsd: false
#################
# Gnocchi options
diff --git a/ansible/group_vars/all/grafana.yml b/ansible/group_vars/all/grafana.yml
index 97c7d12945..15f4301149 100644
--- a/ansible/group_vars/all/grafana.yml
+++ b/ansible/group_vars/all/grafana.yml
@@ -1,5 +1,5 @@
---
-enable_grafana: "no"
+enable_grafana: false
enable_grafana_external: "{{ enable_grafana | bool }}"
grafana_internal_fqdn: "{{ kolla_internal_fqdn }}"
diff --git a/ansible/group_vars/all/haproxy.yml b/ansible/group_vars/all/haproxy.yml
index d2e5a14a24..9566d7768c 100644
--- a/ansible/group_vars/all/haproxy.yml
+++ b/ansible/group_vars/all/haproxy.yml
@@ -1,20 +1,20 @@
---
-enable_haproxy: "yes"
+enable_haproxy: true
####################
# HAProxy options
####################
haproxy_user: "openstack"
haproxy_enable_external_vip: "{{ 'no' if kolla_same_external_internal_vip | bool else 'yes' }}"
-haproxy_enable_http2: "yes"
+haproxy_enable_http2: true
haproxy_http2_protocol: "alpn h2,http/1.1"
-kolla_enable_tls_internal: "no"
+kolla_enable_tls_internal: false
kolla_enable_tls_external: "{{ kolla_enable_tls_internal if kolla_same_external_internal_vip | bool else 'no' }}"
kolla_certificates_dir: "{{ node_config }}/certificates"
kolla_external_fqdn_cert: "{{ kolla_certificates_dir }}/haproxy.pem"
kolla_internal_fqdn_cert: "{{ kolla_certificates_dir }}/haproxy-internal.pem"
kolla_admin_openrc_cacert: ""
-kolla_copy_ca_into_containers: "no"
+kolla_copy_ca_into_containers: false
haproxy_backend_cacert: "{{ 'ca-certificates.crt' if kolla_base_distro in ['debian', 'ubuntu'] else 'ca-bundle.crt' }}"
haproxy_backend_cacert_dir: "/etc/ssl/certs"
haproxy_single_external_frontend: false
@@ -23,25 +23,26 @@ haproxy_single_external_frontend_public_port: "{{ '443' if kolla_enable_tls_exte
# configure SSL/TLS settings for haproxy config, one of [modern, intermediate, legacy]:
kolla_haproxy_ssl_settings: "modern"
-haproxy_ssl_settings: "{{ ssl_legacy_settings if kolla_haproxy_ssl_settings == 'legacy' else ssl_intermediate_settings if kolla_haproxy_ssl_settings == 'intermediate' else ssl_modern_settings | default(ssl_modern_settings) }}"
+haproxy_ssl_settings: "{{ ssl_legacy_settings if kolla_haproxy_ssl_settings == 'legacy' else ssl_intermediate_settings if kolla_haproxy_ssl_settings == 'intermediate'
+ else ssl_modern_settings | default(ssl_modern_settings) }}"
ssl_legacy_settings: |
- ssl-default-bind-ciphers DEFAULT:!MEDIUM:!3DES
- ssl-default-bind-options no-sslv3 no-tlsv10 no-tlsv11
+ ssl-default-bind-ciphers DEFAULT:!MEDIUM:!3DES
+ ssl-default-bind-options no-sslv3 no-tlsv10 no-tlsv11
ssl_intermediate_settings: |
- ssl-default-bind-ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-CHACHA20-POLY1305
- ssl-default-bind-ciphersuites TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256
- ssl-default-bind-options prefer-client-ciphers no-sslv3 no-tlsv10 no-tlsv11 no-tls-tickets
- ssl-default-server-ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-CHACHA20-POLY1305
- ssl-default-server-ciphersuites TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256
- ssl-default-server-options no-sslv3 no-tlsv10 no-tlsv11 no-tls-tickets
+ ssl-default-bind-ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-CHACHA20-POLY1305
+ ssl-default-bind-ciphersuites TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256
+ ssl-default-bind-options prefer-client-ciphers no-sslv3 no-tlsv10 no-tlsv11 no-tls-tickets
+ ssl-default-server-ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-CHACHA20-POLY1305
+ ssl-default-server-ciphersuites TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256
+ ssl-default-server-options no-sslv3 no-tlsv10 no-tlsv11 no-tls-tickets
ssl_modern_settings: |
- ssl-default-bind-ciphersuites TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256
- ssl-default-bind-options prefer-client-ciphers no-sslv3 no-tlsv10 no-tlsv11 no-tlsv12 no-tls-tickets
- ssl-default-server-ciphersuites TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256
- ssl-default-server-options no-sslv3 no-tlsv10 no-tlsv11 no-tlsv12 no-tls-tickets
+ ssl-default-bind-ciphersuites TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256
+ ssl-default-bind-options prefer-client-ciphers no-sslv3 no-tlsv10 no-tlsv11 no-tlsv12 no-tls-tickets
+ ssl-default-server-ciphersuites TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256
+ ssl-default-server-options no-sslv3 no-tlsv10 no-tlsv11 no-tlsv12 no-tls-tickets
haproxy_stats_port: "1984"
haproxy_monitor_port: "61313"
diff --git a/ansible/group_vars/all/ironic.yml b/ansible/group_vars/all/ironic.yml
index 97df0fe71d..9ea0376a27 100644
--- a/ansible/group_vars/all/ironic.yml
+++ b/ansible/group_vars/all/ironic.yml
@@ -1,9 +1,9 @@
---
-enable_ironic: "no"
+enable_ironic: false
enable_ironic_dnsmasq: "{{ enable_ironic | bool }}"
-enable_ironic_neutron_agent: "no"
+enable_ironic_neutron_agent: false
enable_ironic_prometheus_exporter: "{{ enable_ironic | bool and enable_prometheus | bool }}"
-enable_ironic_pxe_filter: "no"
+enable_ironic_pxe_filter: false
# Keystone user
ironic_keystone_user: "ironic"
diff --git a/ansible/group_vars/all/keystone.yml b/ansible/group_vars/all/keystone.yml
index 8a644bd82f..a4da55199f 100644
--- a/ansible/group_vars/all/keystone.yml
+++ b/ansible/group_vars/all/keystone.yml
@@ -77,7 +77,6 @@ keystone_default_user_role: "member"
# file: "/full/qualified/path/to/mapping/json/file/to/mappingId3"
keystone_identity_providers: []
keystone_identity_mappings: []
-
keystone_public_port: "{{ haproxy_single_external_frontend_public_port if haproxy_single_external_frontend | bool else keystone_public_listen_port }}"
keystone_public_listen_port: "5000"
keystone_internal_port: "5000"
diff --git a/ansible/group_vars/all/kuryr.yml b/ansible/group_vars/all/kuryr.yml
index 69464a0319..8d6fada178 100644
--- a/ansible/group_vars/all/kuryr.yml
+++ b/ansible/group_vars/all/kuryr.yml
@@ -1,4 +1,4 @@
---
-enable_kuryr: "no"
+enable_kuryr: false
kuryr_port: "23750"
diff --git a/ansible/group_vars/all/letsencrypt.yml b/ansible/group_vars/all/letsencrypt.yml
index 50007e8859..64b5ad9ef8 100644
--- a/ansible/group_vars/all/letsencrypt.yml
+++ b/ansible/group_vars/all/letsencrypt.yml
@@ -1,5 +1,5 @@
---
-enable_letsencrypt: "no"
+enable_letsencrypt: false
#####################
# ACME client options
diff --git a/ansible/group_vars/all/magnum.yml b/ansible/group_vars/all/magnum.yml
index 279e17d986..3d5f0d7c4d 100644
--- a/ansible/group_vars/all/magnum.yml
+++ b/ansible/group_vars/all/magnum.yml
@@ -1,5 +1,5 @@
---
-enable_magnum: "no"
+enable_magnum: false
magnum_internal_fqdn: "{{ kolla_internal_fqdn }}"
magnum_external_fqdn: "{{ kolla_external_fqdn }}"
diff --git a/ansible/group_vars/all/manila.yml b/ansible/group_vars/all/manila.yml
index 526707331b..5416e9c72c 100644
--- a/ansible/group_vars/all/manila.yml
+++ b/ansible/group_vars/all/manila.yml
@@ -1,11 +1,11 @@
---
-enable_manila: "no"
-enable_manila_backend_generic: "no"
-enable_manila_backend_hnas: "no"
-enable_manila_backend_cephfs_native: "no"
-enable_manila_backend_cephfs_nfs: "no"
-enable_manila_backend_glusterfs_nfs: "no"
-enable_manila_backend_flashblade: "no"
+enable_manila: false
+enable_manila_backend_generic: false
+enable_manila_backend_hnas: false
+enable_manila_backend_cephfs_native: false
+enable_manila_backend_cephfs_nfs: false
+enable_manila_backend_glusterfs_nfs: false
+enable_manila_backend_flashblade: false
ceph_manila_user: "manila"
diff --git a/ansible/group_vars/all/mariadb.yml b/ansible/group_vars/all/mariadb.yml
index 5a5439fea8..f53f48a870 100644
--- a/ansible/group_vars/all/mariadb.yml
+++ b/ansible/group_vars/all/mariadb.yml
@@ -1,18 +1,18 @@
---
-enable_mariadb: "yes"
-enable_mariabackup: "no"
+enable_mariadb: true
+enable_mariabackup: false
#############################################
# MariaDB component-specific database details
#############################################
# Whether to configure haproxy to load balance
# the external MariaDB server(s)
-enable_external_mariadb_load_balancer: "no"
+enable_external_mariadb_load_balancer: false
# Whether to use pre-configured databases / users
-use_preconfigured_databases: "no"
+use_preconfigured_databases: false
# whether to use a common, preconfigured user
# for all component databases
-use_common_mariadb_user: "no"
+use_common_mariadb_user: false
mariadb_port: "{{ database_port }}"
mariadb_wsrep_port: "4567"
diff --git a/ansible/group_vars/all/masakari.yml b/ansible/group_vars/all/masakari.yml
index 1f3d117e15..c1a29d9d24 100644
--- a/ansible/group_vars/all/masakari.yml
+++ b/ansible/group_vars/all/masakari.yml
@@ -1,5 +1,5 @@
---
-enable_masakari: "no"
+enable_masakari: false
enable_masakari_instancemonitor: "{{ enable_masakari | bool }}"
enable_masakari_hostmonitor: "{{ enable_masakari | bool }}"
diff --git a/ansible/group_vars/all/memcached.yml b/ansible/group_vars/all/memcached.yml
index 282138b418..fb2925bf50 100644
--- a/ansible/group_vars/all/memcached.yml
+++ b/ansible/group_vars/all/memcached.yml
@@ -1,10 +1,10 @@
---
-enable_memcached: "yes"
+enable_memcached: true
# NOTE: Most memcached clients handle load-balancing via client side
# hashing (consistent or not) logic, so going under the covers and messing
# with things that the clients are not aware of is generally wrong
-enable_haproxy_memcached: "no"
+enable_haproxy_memcached: false
memcached_port: "11211"
memcache_security_strategy: "ENCRYPT"
diff --git a/ansible/group_vars/all/mistral.yml b/ansible/group_vars/all/mistral.yml
index 2e72f3cc60..2fbce79137 100644
--- a/ansible/group_vars/all/mistral.yml
+++ b/ansible/group_vars/all/mistral.yml
@@ -1,5 +1,5 @@
---
-enable_mistral: "no"
+enable_mistral: false
mistral_internal_fqdn: "{{ kolla_internal_fqdn }}"
mistral_external_fqdn: "{{ kolla_external_fqdn }}"
diff --git a/ansible/group_vars/all/multipathd.yml b/ansible/group_vars/all/multipathd.yml
index bae55e51ca..d70afb87ef 100644
--- a/ansible/group_vars/all/multipathd.yml
+++ b/ansible/group_vars/all/multipathd.yml
@@ -1,2 +1,2 @@
---
-enable_multipathd: "no"
+enable_multipathd: false
diff --git a/ansible/group_vars/all/neutron.yml b/ansible/group_vars/all/neutron.yml
index 2c3b9ca948..8dad06f893 100644
--- a/ansible/group_vars/all/neutron.yml
+++ b/ansible/group_vars/all/neutron.yml
@@ -1,24 +1,24 @@
---
enable_neutron: "{{ enable_openstack_core | bool }}"
-enable_neutron_vpnaas: "no"
-enable_neutron_sriov: "no"
-enable_neutron_mlnx: "no"
-enable_neutron_dvr: "no"
-enable_neutron_fwaas: "no"
-enable_neutron_qos: "no"
-enable_neutron_agent_ha: "no"
-enable_neutron_bgp_dragent: "no"
-enable_neutron_provider_networks: "no"
-enable_neutron_segments: "no"
-enable_neutron_packet_logging: "no"
-enable_neutron_sfc: "no"
-enable_neutron_taas: "no"
-enable_neutron_trunk: "no"
-enable_neutron_metering: "no"
-enable_neutron_infoblox_ipam_agent: "no"
-enable_neutron_port_forwarding: "no"
-neutron_enable_ovn_agent: "no"
+enable_neutron_vpnaas: false
+enable_neutron_sriov: false
+enable_neutron_mlnx: false
+enable_neutron_dvr: false
+enable_neutron_fwaas: false
+enable_neutron_qos: false
+enable_neutron_agent_ha: false
+enable_neutron_bgp_dragent: false
+enable_neutron_provider_networks: false
+enable_neutron_segments: false
+enable_neutron_packet_logging: false
+enable_neutron_sfc: false
+enable_neutron_taas: false
+enable_neutron_trunk: false
+enable_neutron_metering: false
+enable_neutron_infoblox_ipam_agent: false
+enable_neutron_port_forwarding: false
+neutron_enable_ovn_agent: false
neutron_keystone_user: "neutron"
@@ -50,7 +50,7 @@ computes_need_external_bridge: "{{ (enable_neutron_dvr | bool and neutron_comput
neutron_dnsmasq_dns_servers: "1.1.1.1,8.8.8.8,8.8.4.4"
# Enable distributed floating ip for OVN deployments
-neutron_ovn_distributed_fip: "no"
+neutron_ovn_distributed_fip: false
# SRIOV physnet:interface mappings when SRIOV is enabled
# "sriovnet1" and tunnel_interface used here as placeholders
@@ -60,7 +60,6 @@ neutron_enable_tls_backend: "{{ kolla_enable_tls_backend }}"
# Set OVN network availability zones
neutron_ovn_availability_zones: []
-
neutron_internal_fqdn: "{{ kolla_internal_fqdn }}"
neutron_external_fqdn: "{{ kolla_external_fqdn }}"
neutron_internal_endpoint: "{{ neutron_internal_fqdn | kolla_url(internal_protocol, neutron_server_port) }}"
diff --git a/ansible/group_vars/all/nova.yml b/ansible/group_vars/all/nova.yml
index 48811be629..f1996cd73d 100644
--- a/ansible/group_vars/all/nova.yml
+++ b/ansible/group_vars/all/nova.yml
@@ -1,19 +1,19 @@
---
-enable_cells: "no"
+enable_cells: false
enable_nova: "{{ enable_openstack_core | bool }}"
enable_nova_libvirt_container: "{{ nova_compute_virt_type in ['kvm', 'qemu'] }}"
-enable_nova_serialconsole_proxy: "no"
-enable_nova_ssh: "yes"
+enable_nova_serialconsole_proxy: false
+enable_nova_ssh: true
#######################
# Nova options
#######################
-nova_backend_ceph: "no"
+nova_backend_ceph: false
nova_backend: "{{ 'rbd' if nova_backend_ceph | bool else 'default' }}"
# Valid options are [ kvm, qemu ]
nova_compute_virt_type: "kvm"
nova_instance_datadir_volume: "{{ 'nova_compute' if enable_nova_libvirt_container | bool else '/var/lib/nova' }}"
-nova_safety_upgrade: "no"
+nova_safety_upgrade: false
# Valid options are [ none, novnc, spice ]
nova_console: "novnc"
@@ -34,7 +34,7 @@ nova_cell0_database_address: "{{ nova_database_address }}"
nova_cell0_database_password: "{{ nova_database_password }}"
# Nova fake driver and the number of fake driver per compute node
-enable_nova_fake: "no"
+enable_nova_fake: false
num_nova_fake_per_node: 5
migration_interface: "{{ api_interface }}"
diff --git a/ansible/group_vars/all/octavia.yml b/ansible/group_vars/all/octavia.yml
index c0a152cf4c..eaff670bc8 100644
--- a/ansible/group_vars/all/octavia.yml
+++ b/ansible/group_vars/all/octavia.yml
@@ -1,5 +1,5 @@
---
-enable_octavia: "no"
+enable_octavia: false
enable_octavia_driver_agent: "{{ enable_octavia | bool and neutron_plugin_agent == 'ovn' }}"
enable_octavia_jobboard: "{{ enable_octavia | bool and 'amphora' in octavia_provider_drivers }}"
diff --git a/ansible/group_vars/all/openvswitch.yml b/ansible/group_vars/all/openvswitch.yml
index 731f99d00b..d3cbcd5fdd 100644
--- a/ansible/group_vars/all/openvswitch.yml
+++ b/ansible/group_vars/all/openvswitch.yml
@@ -1,6 +1,6 @@
---
enable_openvswitch: "{{ enable_neutron | bool }}"
-enable_ovs_dpdk: "no"
+enable_ovs_dpdk: false
ovs_datapath: "{{ 'netdev' if enable_ovs_dpdk | bool else 'system' }}"
diff --git a/ansible/group_vars/all/prometheus.yml b/ansible/group_vars/all/prometheus.yml
index e372bf6429..f240e0d1cc 100644
--- a/ansible/group_vars/all/prometheus.yml
+++ b/ansible/group_vars/all/prometheus.yml
@@ -1,5 +1,5 @@
---
-enable_prometheus: "no"
+enable_prometheus: false
############
# Prometheus
@@ -13,9 +13,9 @@ enable_prometheus_cadvisor: "{{ enable_prometheus | bool }}"
enable_prometheus_fluentd_integration: "{{ enable_prometheus | bool and enable_fluentd | bool }}"
enable_prometheus_alertmanager: "{{ enable_prometheus | bool }}"
enable_prometheus_alertmanager_external: "{{ enable_prometheus_alertmanager | bool }}"
-enable_prometheus_ceph_mgr_exporter: "no"
+enable_prometheus_ceph_mgr_exporter: false
enable_prometheus_openstack_exporter: "{{ enable_prometheus | bool }}"
-enable_prometheus_openstack_exporter_external: "no"
+enable_prometheus_openstack_exporter_external: false
enable_prometheus_elasticsearch_exporter: "{{ enable_prometheus | bool and enable_opensearch | bool }}"
enable_prometheus_blackbox_exporter: "{{ enable_prometheus | bool }}"
enable_prometheus_rabbitmq_exporter: "{{ enable_prometheus | bool and enable_rabbitmq | bool }}"
diff --git a/ansible/group_vars/all/rabbitmq.yml b/ansible/group_vars/all/rabbitmq.yml
index 4773c14445..9e18951874 100644
--- a/ansible/group_vars/all/rabbitmq.yml
+++ b/ansible/group_vars/all/rabbitmq.yml
@@ -7,7 +7,7 @@ enable_rabbitmq: "{{ 'yes' if om_rpc_transport == 'rabbit' or om_notify_transpor
rabbitmq_user: "openstack"
rabbitmq_monitoring_user: ""
# Whether to enable TLS encryption for RabbitMQ client-server communication.
-rabbitmq_enable_tls: "no"
+rabbitmq_enable_tls: false
# CA certificate bundle in RabbitMQ container.
rabbitmq_cacert: "/etc/ssl/certs/{{ 'ca-certificates.crt' if kolla_base_distro in ['debian', 'ubuntu'] else 'ca-bundle.crt' }}"
rabbitmq_datadir_volume: "rabbitmq"
diff --git a/ansible/group_vars/all/skyline.yml b/ansible/group_vars/all/skyline.yml
index 56225268a0..d3b92446da 100644
--- a/ansible/group_vars/all/skyline.yml
+++ b/ansible/group_vars/all/skyline.yml
@@ -1,5 +1,5 @@
---
-enable_skyline: "no"
+enable_skyline: false
skyline_apiserver_internal_fqdn: "{{ kolla_internal_fqdn }}"
skyline_apiserver_external_fqdn: "{{ kolla_external_fqdn }}"
diff --git a/ansible/group_vars/all/tacker.yml b/ansible/group_vars/all/tacker.yml
index 936f5fbeab..66791e83f1 100644
--- a/ansible/group_vars/all/tacker.yml
+++ b/ansible/group_vars/all/tacker.yml
@@ -1,5 +1,5 @@
---
-enable_tacker: "no"
+enable_tacker: false
tacker_internal_fqdn: "{{ kolla_internal_fqdn }}"
tacker_external_fqdn: "{{ kolla_external_fqdn }}"
diff --git a/ansible/group_vars/all/telegraf.yml b/ansible/group_vars/all/telegraf.yml
index 1ad350fd98..00d9e4be48 100644
--- a/ansible/group_vars/all/telegraf.yml
+++ b/ansible/group_vars/all/telegraf.yml
@@ -1,9 +1,9 @@
---
-enable_telegraf: "no"
+enable_telegraf: false
##########
# Telegraf
##########
# Configure telegraf to use the docker daemon itself as an input for
# telemetry data.
-telegraf_enable_docker_input: "no"
+telegraf_enable_docker_input: false
diff --git a/ansible/group_vars/all/trove.yml b/ansible/group_vars/all/trove.yml
index 420efad5e5..1305065774 100644
--- a/ansible/group_vars/all/trove.yml
+++ b/ansible/group_vars/all/trove.yml
@@ -1,6 +1,6 @@
---
-enable_trove: "no"
-enable_trove_singletenant: "no"
+enable_trove: false
+enable_trove_singletenant: false
trove_internal_fqdn: "{{ kolla_internal_fqdn }}"
trove_external_fqdn: "{{ kolla_external_fqdn }}"
diff --git a/ansible/group_vars/all/valkey.yml b/ansible/group_vars/all/valkey.yml
index c970de6cec..8c69f70f89 100644
--- a/ansible/group_vars/all/valkey.yml
+++ b/ansible/group_vars/all/valkey.yml
@@ -1,5 +1,5 @@
---
-enable_valkey: "no"
+enable_valkey: false
valkey_connection_string: >-
redis://{%-
diff --git a/ansible/group_vars/all/watcher.yml b/ansible/group_vars/all/watcher.yml
index 87d919c8f6..723876bc3a 100644
--- a/ansible/group_vars/all/watcher.yml
+++ b/ansible/group_vars/all/watcher.yml
@@ -1,5 +1,5 @@
---
-enable_watcher: "no"
+enable_watcher: false
watcher_internal_fqdn: "{{ kolla_internal_fqdn }}"
watcher_external_fqdn: "{{ kolla_external_fqdn }}"
diff --git a/ansible/group_vars/all/zun.yml b/ansible/group_vars/all/zun.yml
index ed10ea5462..1d767401ce 100644
--- a/ansible/group_vars/all/zun.yml
+++ b/ansible/group_vars/all/zun.yml
@@ -1,16 +1,15 @@
---
-enable_zun: "no"
+enable_zun: false
# Extra docker options for Zun
-docker_configure_for_zun: "no"
+docker_configure_for_zun: false
docker_zun_options: -H tcp://{{ api_interface_address | put_address_in_context('url') }}:2375
docker_zun_config: {}
-
# Extra containerd options for Zun
-containerd_configure_for_zun: "no"
+containerd_configure_for_zun: false
# Enable Ceph backed Cinder Volumes for zun
-zun_configure_for_cinder_ceph: "no"
+zun_configure_for_cinder_ceph: false
# 42463 is the static group id of the zun user in the Zun image.
# If users customize this value on building the Zun images,
diff --git a/ansible/kolla-host.yml b/ansible/kolla-host.yml
index 37ab5cc1de..d50bd2f679 100644
--- a/ansible/kolla-host.yml
+++ b/ansible/kolla-host.yml
@@ -10,5 +10,5 @@
default(kolla_max_fail_percentage) |
default(100) }}
roles:
- - { role: openstack.kolla.baremetal,
- tags: baremetal }
+ - role: openstack.kolla.baremetal
+ tags: baremetal
diff --git a/ansible/mariadb.yml b/ansible/mariadb.yml
index ab1c90b0f7..2e63236ece 100644
--- a/ansible/mariadb.yml
+++ b/ansible/mariadb.yml
@@ -4,7 +4,7 @@
gather_facts: false
hosts:
- mariadb
- - '&enable_mariadb_True'
+ - "&enable_mariadb_True"
max_fail_percentage: >-
{{ mariadb_max_fail_percentage |
default(kolla_max_fail_percentage) |
@@ -19,7 +19,7 @@
gather_facts: false
hosts:
- mariadb_restart
- - '&enable_mariadb_True'
+ - "&enable_mariadb_True"
# Restart in batches
serial: "33%"
max_fail_percentage: >-
@@ -37,7 +37,7 @@
gather_facts: false
hosts:
- mariadb_start
- - '&enable_mariadb_True'
+ - "&enable_mariadb_True"
# Start in batches
serial: "33%"
max_fail_percentage: >-
@@ -55,7 +55,7 @@
gather_facts: false
hosts:
- mariadb_bootstrap_restart
- - '&enable_mariadb_True'
+ - "&enable_mariadb_True"
max_fail_percentage: >-
{{ mariadb_max_fail_percentage |
default(kolla_max_fail_percentage) |
@@ -71,7 +71,7 @@
gather_facts: false
hosts:
- mariadb
- - '&enable_mariadb_True'
+ - "&enable_mariadb_True"
max_fail_percentage: >-
{{ mariadb_max_fail_percentage |
default(kolla_max_fail_percentage) |
diff --git a/ansible/mariadb_backup.yml b/ansible/mariadb_backup.yml
index dbe6070c2f..371991c865 100644
--- a/ansible/mariadb_backup.yml
+++ b/ansible/mariadb_backup.yml
@@ -6,6 +6,6 @@
default(kolla_max_fail_percentage) |
default(100) }}
roles:
- - { role: mariadb,
- tags: mariadb,
- when: enable_mariabackup | bool }
+ - role: mariadb
+ tags: mariadb
+ when: enable_mariabackup | bool
diff --git a/ansible/mariadb_recovery.yml b/ansible/mariadb_recovery.yml
index a3d72d40dd..6f69867db6 100644
--- a/ansible/mariadb_recovery.yml
+++ b/ansible/mariadb_recovery.yml
@@ -6,8 +6,8 @@
default(kolla_max_fail_percentage) |
default(100) }}
roles:
- - { role: mariadb,
- tags: mariadb,
- when: enable_mariadb | bool }
+ - role: mariadb
+ tags: mariadb
+ when: enable_mariadb | bool
vars:
mariadb_recover: true
diff --git a/ansible/nova.yml b/ansible/nova.yml
index c41d854075..cff3a52c3b 100644
--- a/ansible/nova.yml
+++ b/ansible/nova.yml
@@ -30,7 +30,7 @@
gather_facts: false
hosts:
- nova-api
- - '&enable_nova_True'
+ - "&enable_nova_True"
tags:
- nova
- nova-bootstrap
@@ -68,7 +68,7 @@
gather_facts: false
hosts:
- nova-conductor
- - '&enable_nova_True'
+ - "&enable_nova_True"
tags:
- nova
- nova-bootstrap
@@ -106,7 +106,7 @@
- nova-api
- nova-scheduler
- nova-super-conductor
- - '&enable_nova_True'
+ - "&enable_nova_True"
tags:
- nova
- nova-api
@@ -131,7 +131,7 @@
- nova-novncproxy
- nova-serialproxy
- nova-spicehtml5proxy
- - '&enable_nova_True'
+ - "&enable_nova_True"
tags:
- nova
- nova-cell
@@ -153,7 +153,7 @@
gather_facts: false
hosts:
- nova-scheduler
- - '&enable_nova_True'
+ - "&enable_nova_True"
tags:
- nova
- nova-api
@@ -181,7 +181,7 @@
gather_facts: false
hosts:
- nova-super-conductor
- - '&enable_nova_True'
+ - "&enable_nova_True"
tags:
- nova
- nova-reload
@@ -209,7 +209,7 @@
- nova-novncproxy
- nova-serialproxy
- nova-spicehtml5proxy
- - '&enable_nova_True'
+ - "&enable_nova_True"
tags:
- nova
- nova-reload
@@ -233,7 +233,7 @@
hosts:
- nova-api
- nova-scheduler
- - '&enable_nova_True'
+ - "&enable_nova_True"
tags:
- nova
- nova-reload
@@ -259,7 +259,7 @@
gather_facts: false
hosts:
- nova-api
- - '&enable_nova_True'
+ - "&enable_nova_True"
tags:
- nova
- nova-api
@@ -284,7 +284,7 @@
gather_facts: false
hosts:
- nova-conductor
- - '&enable_nova_True'
+ - "&enable_nova_True"
tags:
- nova
- nova-cell
diff --git a/ansible/post-deploy.yml b/ansible/post-deploy.yml
index 3629b1d3dc..ba009aba04 100644
--- a/ansible/post-deploy.yml
+++ b/ansible/post-deploy.yml
@@ -1,7 +1,7 @@
---
- name: Determining whether we need become=true
hosts: localhost
- gather_facts: no
+ gather_facts: false
tasks:
- name: Get stats of {{ node_config }}
stat:
diff --git a/ansible/rabbitmq.yml b/ansible/rabbitmq.yml
index 6b405cc626..f21f6b9e83 100644
--- a/ansible/rabbitmq.yml
+++ b/ansible/rabbitmq.yml
@@ -4,7 +4,7 @@
gather_facts: false
hosts:
- rabbitmq
- - '&enable_rabbitmq_True'
+ - "&enable_rabbitmq_True"
max_fail_percentage: >-
{{ rabbitmq_max_fail_percentage |
default(kolla_max_fail_percentage) |
@@ -15,23 +15,23 @@
- import_role:
name: rabbitmq
vars:
- role_rabbitmq_cluster_cookie: '{{ rabbitmq_cluster_cookie }}'
- role_rabbitmq_cluster_port: '{{ rabbitmq_cluster_port }}'
- role_rabbitmq_epmd_port: '{{ rabbitmq_epmd_port }}'
+ role_rabbitmq_cluster_cookie: "{{ rabbitmq_cluster_cookie }}"
+ role_rabbitmq_cluster_port: "{{ rabbitmq_cluster_port }}"
+ role_rabbitmq_epmd_port: "{{ rabbitmq_epmd_port }}"
role_rabbitmq_groups: rabbitmq
- role_rabbitmq_management_port: '{{ rabbitmq_management_port }}'
- role_rabbitmq_monitoring_password: '{{ rabbitmq_monitoring_password }}'
- role_rabbitmq_monitoring_user: '{{ rabbitmq_monitoring_user }}'
- role_rabbitmq_password: '{{ rabbitmq_password }}'
- role_rabbitmq_port: '{{ rabbitmq_port }}'
- role_rabbitmq_prometheus_port: '{{ rabbitmq_prometheus_port }}'
- role_rabbitmq_user: '{{ rabbitmq_user }}'
+ role_rabbitmq_management_port: "{{ rabbitmq_management_port }}"
+ role_rabbitmq_monitoring_password: "{{ rabbitmq_monitoring_password }}"
+ role_rabbitmq_monitoring_user: "{{ rabbitmq_monitoring_user }}"
+ role_rabbitmq_password: "{{ rabbitmq_password }}"
+ role_rabbitmq_port: "{{ rabbitmq_port }}"
+ role_rabbitmq_prometheus_port: "{{ rabbitmq_prometheus_port }}"
+ role_rabbitmq_user: "{{ rabbitmq_user }}"
- name: Restart rabbitmq services
gather_facts: false
hosts:
- rabbitmq_restart
- - '&enable_rabbitmq_True'
+ - "&enable_rabbitmq_True"
# Restart in batches
serial: "33%"
max_fail_percentage: >-
@@ -45,14 +45,14 @@
name: rabbitmq
tasks_from: restart_services.yml
vars:
- role_rabbitmq_cluster_cookie: '{{ rabbitmq_cluster_cookie }}'
+ role_rabbitmq_cluster_cookie: "{{ rabbitmq_cluster_cookie }}"
role_rabbitmq_groups: rabbitmq
- name: Apply rabbitmq post-configuration
gather_facts: false
hosts:
- rabbitmq
- - '&enable_rabbitmq_True'
+ - "&enable_rabbitmq_True"
max_fail_percentage: >-
{{ rabbitmq_max_fail_percentage |
default(kolla_max_fail_percentage) |
@@ -66,5 +66,5 @@
tasks_from: post-deploy.yml
when: kolla_action in ['deploy', 'reconfigure', 'upgrade']
vars:
- role_rabbitmq_cluster_cookie: '{{ rabbitmq_cluster_cookie }}'
+ role_rabbitmq_cluster_cookie: "{{ rabbitmq_cluster_cookie }}"
role_rabbitmq_groups: rabbitmq
diff --git a/ansible/roles/cinder/defaults/main.yml b/ansible/roles/cinder/defaults/main.yml
index dfcd5c19fa..10112fc350 100644
--- a/ansible/roles/cinder/defaults/main.yml
+++ b/ansible/roles/cinder/defaults/main.yml
@@ -42,7 +42,7 @@ cinder_services:
group: cinder-volume
enabled: true
image: "{{ cinder_volume_image_full }}"
- privileged: True
+ privileged: true
ipc_mode: "host"
tmpfs: "{{ cinder_volume_tmpfs }}"
volumes: "{{ cinder_volume_default_volumes + cinder_volume_extra_volumes + lookup('vars', 'run_default_volumes_' + kolla_container_engine) }}"
diff --git a/ansible/roles/common/defaults/main.yml b/ansible/roles/common/defaults/main.yml
index 715b335897..0facf9f85c 100644
--- a/ansible/roles/common/defaults/main.yml
+++ b/ansible/roles/common/defaults/main.yml
@@ -3,13 +3,13 @@ common_services:
kolla-toolbox:
container_name: kolla_toolbox
group: kolla-toolbox
- enabled: True
+ enabled: true
image: "{{ kolla_toolbox_image_full }}"
environment:
ANSIBLE_NOCOLOR: "1"
ANSIBLE_LIBRARY: "/usr/share/ansible"
REQUESTS_CA_BUNDLE: "{{ openstack_cacert }}"
- privileged: True
+ privileged: true
volumes: "{{ kolla_toolbox_default_volumes + kolla_toolbox_extra_volumes + lookup('vars', 'run_default_volumes_' + kolla_container_engine) }}"
dimensions: "{{ kolla_toolbox_dimensions }}"
@@ -29,7 +29,7 @@ kolla_toolbox_default_volumes:
- "/etc/localtime:/etc/localtime:ro"
- "{{ '/etc/timezone:/etc/timezone:ro' if ansible_facts.os_family == 'Debian' else '' }}"
- "/dev/:/dev/"
- - "/run/:/run/{{ ':shared' if kolla_container_engine == 'docker' else '' }}" # see: https://github.com/containers/podman/issues/16305
+ - "/run/:/run/{{ ':shared' if kolla_container_engine == 'docker' else '' }}" # see: https://github.com/containers/podman/issues/16305
- "kolla_logs:/var/log/kolla/"
kolla_toolbox_extra_volumes: "{{ default_extra_volumes }}"
diff --git a/ansible/roles/etcd/handlers/main.yml b/ansible/roles/etcd/handlers/main.yml
index 539883fd2b..b1bb605e90 100644
--- a/ansible/roles/etcd/handlers/main.yml
+++ b/ansible/roles/etcd/handlers/main.yml
@@ -1,13 +1,13 @@
---
- name: Bootstrap etcd on new cluster
- include_tasks: 'bootstrap_cluster.yml'
+ include_tasks: "bootstrap_cluster.yml"
when:
- kolla_action != "config"
listen:
- Bootstrap etcd cluster
- name: Look up the cluster leader
- include_tasks: 'lookup_leader.yml'
+ include_tasks: "lookup_leader.yml"
listen:
- Restart etcd container
- Bootstrap etcd services
@@ -15,7 +15,7 @@
- Check for deleted members
- name: Bootstrap etcd on new services
- include_tasks: 'bootstrap_services.yml'
+ include_tasks: "bootstrap_services.yml"
when:
- groups.etcd_had_volume_False is defined
- inventory_hostname in groups.etcd_had_volume_False
@@ -25,7 +25,7 @@
# When upgrading an etcd cluster we have to do it one by one
- name: Upgrade etcd non-leaders
- include_tasks: 'restart_services.yml'
+ include_tasks: "restart_services.yml"
when:
- inventory_hostname not in (groups.etcd_is_leader_True | default([]))
- kolla_action == "upgrade"
@@ -36,7 +36,7 @@
# When there is no upgrade we can restart 25% of the services without
# losing quorum.
- name: Rolling restart of etcd non-leaders
- include_tasks: 'restart_services.yml'
+ include_tasks: "restart_services.yml"
when:
- inventory_hostname not in (groups.etcd_is_leader_True | default([]))
- groups.etcd.index(inventory_hostname) % 4 == item
@@ -52,7 +52,7 @@
- 3
- name: Restart etcd leader
- include_tasks: 'restart_services.yml'
+ include_tasks: "restart_services.yml"
when:
- inventory_hostname in (groups.etcd_is_leader_True | default([]))
listen:
@@ -61,7 +61,7 @@
- Bootstrap etcd cluster
- name: Remove deleted members
- include_tasks: 'remove_deleted_members.yml'
+ include_tasks: "remove_deleted_members.yml"
when:
- kolla_action != "config"
listen:
diff --git a/ansible/roles/heat/tasks/bootstrap.yml b/ansible/roles/heat/tasks/bootstrap.yml
index 72268b4fb1..556472e5d9 100644
--- a/ansible/roles/heat/tasks/bootstrap.yml
+++ b/ansible/roles/heat/tasks/bootstrap.yml
@@ -11,7 +11,7 @@
login_user: "{{ heat_database_shard_root_user }}"
login_password: "{{ database_password }}"
name: "{{ heat_database_name }}"
- run_once: True
+ run_once: true
delegate_to: "{{ groups['heat-api'][0] }}"
when:
- not use_preconfigured_databases | bool
@@ -32,7 +32,7 @@
host: "%"
priv: "{{ heat_database_name }}.*:ALL"
append_privs: "yes"
- run_once: True
+ run_once: true
delegate_to: "{{ groups['heat-api'][0] }}"
when:
- not use_preconfigured_databases | bool
diff --git a/ansible/roles/heat/tasks/bootstrap_service.yml b/ansible/roles/heat/tasks/bootstrap_service.yml
index 872c456f13..38fd5d777d 100644
--- a/ansible/roles/heat/tasks/bootstrap_service.yml
+++ b/ansible/roles/heat/tasks/bootstrap_service.yml
@@ -6,7 +6,7 @@
kolla_container:
action: "start_container"
common_options: "{{ docker_common_options }}"
- detach: False
+ detach: false
environment:
KOLLA_BOOTSTRAP:
KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}"
@@ -26,5 +26,5 @@
name: "bootstrap_heat"
restart_policy: oneshot
volumes: "{{ heat_api.volumes | reject('equalto', '') | list }}"
- run_once: True
+ run_once: true
delegate_to: "{{ groups[heat_api.group][0] }}"
diff --git a/ansible/roles/heat/tasks/config.yml b/ansible/roles/heat/tasks/config.yml
index 10271bd8d4..2d306f3fab 100644
--- a/ansible/roles/heat/tasks/config.yml
+++ b/ansible/roles/heat/tasks/config.yml
@@ -13,7 +13,7 @@
stat:
path: "{{ item }}"
delegate_to: localhost
- run_once: True
+ run_once: true
register: heat_policy
with_first_found:
- files: "{{ supported_policy_format_list }}"
diff --git a/ansible/roles/horizon/defaults/main.yml b/ansible/roles/horizon/defaults/main.yml
index 01a6e3082a..762899830b 100644
--- a/ansible/roles/horizon/defaults/main.yml
+++ b/ansible/roles/horizon/defaults/main.yml
@@ -162,7 +162,7 @@ horizon_source_version: "{{ kolla_source_version }}"
# In some cases, such as when using OIDC, horizon will need to be configured with Keystone's public URL.
# Therefore, instead of overriding the whole "horizon_keystone_url", this change allows an easier integration because
# the Keystone public URL is already defined with variable "keystone_public_url".
-horizon_use_keystone_public_url: False
+horizon_use_keystone_public_url: false
###################
# Copy certificates
diff --git a/ansible/roles/horizon/tasks/bootstrap.yml b/ansible/roles/horizon/tasks/bootstrap.yml
index d92ce12cdb..431a500643 100644
--- a/ansible/roles/horizon/tasks/bootstrap.yml
+++ b/ansible/roles/horizon/tasks/bootstrap.yml
@@ -11,7 +11,7 @@
login_user: "{{ horizon_database_shard_root_user }}"
login_password: "{{ database_password }}"
name: "{{ horizon_database_name }}"
- run_once: True
+ run_once: true
delegate_to: "{{ groups['horizon'][0] }}"
when:
- not use_preconfigured_databases | bool
@@ -32,7 +32,7 @@
host: "%"
priv: "{{ horizon_database_name }}.*:ALL"
append_privs: "yes"
- run_once: True
+ run_once: true
delegate_to: "{{ groups['horizon'][0] }}"
when:
- not use_preconfigured_databases | bool
diff --git a/ansible/roles/horizon/tasks/bootstrap_service.yml b/ansible/roles/horizon/tasks/bootstrap_service.yml
index 74454a9911..e956993558 100644
--- a/ansible/roles/horizon/tasks/bootstrap_service.yml
+++ b/ansible/roles/horizon/tasks/bootstrap_service.yml
@@ -6,7 +6,7 @@
kolla_container:
action: "start_container"
common_options: "{{ docker_common_options }}"
- detach: False
+ detach: false
environment:
KOLLA_BOOTSTRAP:
KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}"
@@ -16,5 +16,5 @@
name: "bootstrap_horizon"
restart_policy: oneshot
volumes: "{{ horizon.volumes }}"
- run_once: True
+ run_once: true
delegate_to: "{{ groups[horizon.group][0] }}"
diff --git a/ansible/roles/horizon/tasks/policy_item.yml b/ansible/roles/horizon/tasks/policy_item.yml
index 7b427108a3..ab3b222e38 100644
--- a/ansible/roles/horizon/tasks/policy_item.yml
+++ b/ansible/roles/horizon/tasks/policy_item.yml
@@ -1,5 +1,4 @@
---
-
- name: Update policy file name
set_fact:
supported_policy_files: "{{ supported_policy_format_list | map('regex_replace', '(.+)', project_name + '_\\1') | list }}"
@@ -8,7 +7,7 @@
stat:
path: "{{ fullpath }}"
delegate_to: localhost
- run_once: True
+ run_once: true
register: overwritten_files
with_first_found:
- files: "{{ supported_policy_files }}"
diff --git a/ansible/roles/horizon/templates/horizon.conf.j2 b/ansible/roles/horizon/templates/horizon.conf.j2
index e5f851aeba..2f6380da2e 100644
--- a/ansible/roles/horizon/templates/horizon.conf.j2
+++ b/ansible/roles/horizon/templates/horizon.conf.j2
@@ -1,5 +1,3 @@
-{% set python_path = '/var/lib/kolla/venv/lib/python' + distro_python_version + '/site-packages' %}
-
{% if horizon_enable_tls_backend | bool %}
{% if kolla_base_distro in ['centos', 'rocky'] %}
LoadModule ssl_module /usr/lib64/httpd/modules/mod_ssl.so
@@ -23,7 +21,7 @@ TraceEnable off
WSGIScriptReloading On
WSGIDaemonProcess horizon-http processes={{ horizon_wsgi_processes }} threads={{ horizon_wsgi_threads }} user=horizon group=horizon display-name=horizon
WSGIProcessGroup horizon-http
- WSGIScriptAlias / {{ python_path }}/openstack_dashboard/wsgi.py
+ WSGIScriptAlias / /var/lib/kolla/venv/lib/python3/site-packages/openstack_dashboard/wsgi.py
WSGIPassAuthorization On
WSGIApplicationGroup %{GLOBAL}
@@ -35,7 +33,7 @@ TraceEnable off
Require local
- Alias /static {{ python_path }}/static
+ Alias /static /var/lib/kolla/venv/lib/python3/site-packages/static
SetHandler None
diff --git a/ansible/roles/influxdb/defaults/main.yml b/ansible/roles/influxdb/defaults/main.yml
index 62b3505a59..59b6d14f01 100644
--- a/ansible/roles/influxdb/defaults/main.yml
+++ b/ansible/roles/influxdb/defaults/main.yml
@@ -21,7 +21,7 @@ influxdb_services:
# Enable the disk based time series index (recommended for all users). For
# more information see here:
# https://docs.influxdata.com/influxdb/v1.7/concepts/time-series-index/
-influxdb_enable_tsi: True
+influxdb_enable_tsi: true
####################
# Docker
diff --git a/ansible/roles/ironic/defaults/main.yml b/ansible/roles/ironic/defaults/main.yml
index 9c80ad6fea..02042aad6b 100644
--- a/ansible/roles/ironic/defaults/main.yml
+++ b/ansible/roles/ironic/defaults/main.yml
@@ -34,7 +34,7 @@ ironic_services:
group: ironic-conductor
enabled: true
image: "{{ ironic_conductor_image_full }}"
- privileged: True
+ privileged: true
volumes: "{{ ironic_conductor_default_volumes + ironic_conductor_extra_volumes + lookup('vars', 'run_default_volumes_' + kolla_container_engine) }}"
dimensions: "{{ ironic_conductor_dimensions }}"
healthcheck: "{{ ironic_conductor_healthcheck }}"
diff --git a/ansible/roles/ironic/tasks/bootstrap.yml b/ansible/roles/ironic/tasks/bootstrap.yml
index b6dc71a078..8ed261602e 100644
--- a/ansible/roles/ironic/tasks/bootstrap.yml
+++ b/ansible/roles/ironic/tasks/bootstrap.yml
@@ -11,7 +11,7 @@
login_user: "{{ ironic_database_shard_root_user }}"
login_password: "{{ database_password }}"
name: "{{ item.database_name }}"
- run_once: True
+ run_once: true
delegate_to: "{{ groups[item.group][0] }}"
with_items:
- database_name: "{{ ironic_database_name }}"
@@ -36,7 +36,7 @@
host: "%"
priv: "{{ item.database_name }}.*:ALL"
append_privs: "yes"
- run_once: True
+ run_once: true
delegate_to: "{{ groups[item.group][0] }}"
with_items:
- database_name: "{{ ironic_database_name }}"
diff --git a/ansible/roles/ironic/tasks/bootstrap_service.yml b/ansible/roles/ironic/tasks/bootstrap_service.yml
index 2374bae120..edf20fc476 100644
--- a/ansible/roles/ironic/tasks/bootstrap_service.yml
+++ b/ansible/roles/ironic/tasks/bootstrap_service.yml
@@ -12,7 +12,7 @@
kolla_container:
action: "start_container"
common_options: "{{ docker_common_options }}"
- detach: False
+ detach: false
environment: "{{ upgrade_environment if ironic_enable_rolling_upgrade | bool else bootstrap_environment }}"
image: "{{ ironic_api.image }}"
labels:
@@ -20,7 +20,7 @@
name: "bootstrap_ironic"
restart_policy: oneshot
volumes: "{{ ironic_api.volumes | reject('equalto', '') | list }}"
- run_once: True
+ run_once: true
delegate_to: "{{ groups[ironic_api.group][0] }}"
when: inventory_hostname in groups[ironic_api.group]
@@ -31,7 +31,7 @@
kolla_container:
action: "start_container"
common_options: "{{ docker_common_options }}"
- detach: False
+ detach: false
environment:
TFTPBOOT_PATH: /var/lib/ironic/tftpboot
HTTPBOOT_PATH: /var/lib/ironic/httpboot
diff --git a/ansible/roles/ironic/tasks/config.yml b/ansible/roles/ironic/tasks/config.yml
index 9b7627e189..9060fdd5af 100644
--- a/ansible/roles/ironic/tasks/config.yml
+++ b/ansible/roles/ironic/tasks/config.yml
@@ -13,7 +13,7 @@
stat:
path: "{{ item }}"
delegate_to: localhost
- run_once: True
+ run_once: true
register: ironic_policy
with_first_found:
- files: "{{ supported_policy_format_list }}"
diff --git a/ansible/roles/ironic/tasks/precheck.yml b/ansible/roles/ironic/tasks/precheck.yml
index cb5a21839f..c066c47b58 100644
--- a/ansible/roles/ironic/tasks/precheck.yml
+++ b/ansible/roles/ironic/tasks/precheck.yml
@@ -55,7 +55,7 @@
stat:
path: "{{ ironic_agent_files_directory }}/ironic/{{ item }}"
delegate_to: localhost
- run_once: True
+ run_once: true
register: result
failed_when: not result.stat.exists
when:
@@ -72,7 +72,7 @@
msg: >
ironic_dnsmasq_dhcp_ranges must be a list
connection: local
- run_once: True
+ run_once: true
when:
- enable_ironic_dnsmasq | bool
- not ironic_dnsmasq_dhcp_ranges is sequence
diff --git a/ansible/roles/ironic/tasks/rolling_upgrade.yml b/ansible/roles/ironic/tasks/rolling_upgrade.yml
index 6bda5569fb..673ab7d2bf 100644
--- a/ansible/roles/ironic/tasks/rolling_upgrade.yml
+++ b/ansible/roles/ironic/tasks/rolling_upgrade.yml
@@ -36,7 +36,7 @@
kolla_container:
action: "start_container"
common_options: "{{ docker_common_options }}"
- detach: False
+ detach: false
environment:
KOLLA_OSM:
KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}"
@@ -46,6 +46,6 @@
name: "bootstrap_ironic"
restart_policy: oneshot
volumes: "{{ ironic_api.volumes }}"
- run_once: True
+ run_once: true
delegate_to: "{{ groups[ironic_api.group][0] }}"
when: inventory_hostname in groups[ironic_api.group]
diff --git a/ansible/roles/ironic/templates/ironic-prometheus-exporter-wsgi.conf.j2 b/ansible/roles/ironic/templates/ironic-prometheus-exporter-wsgi.conf.j2
index ace7fd9a1d..319bf2f888 100644
--- a/ansible/roles/ironic/templates/ironic-prometheus-exporter-wsgi.conf.j2
+++ b/ansible/roles/ironic/templates/ironic-prometheus-exporter-wsgi.conf.j2
@@ -1,12 +1,11 @@
{% set ironic_log_dir = '/var/log/kolla/ironic' %}
-{% set python_path = '/var/lib/kolla/venv/lib/python' + distro_python_version + '/site-packages' %}
Listen {{ api_interface_address | put_address_in_context('url') }}:{{ ironic_prometheus_exporter_port }}
ServerSignature Off
ServerTokens Prod
TraceEnable off
-
+
AllowOverride None
Options None
@@ -28,9 +27,9 @@ LogLevel info
LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b %D \"%{Referer}i\" \"%{User-Agent}i\"" logformat
CustomLog "{{ ironic_log_dir }}/ironic-prometheus-exporter-wsgi-access.log" logformat
- WSGIDaemonProcess ironic-prometheus-exporter processes={{ openstack_service_workers }} threads=1 user=ironic display-name=%{GROUP} python-path={{ python_path }}
+ WSGIDaemonProcess ironic-prometheus-exporter processes={{ openstack_service_workers }} threads=1 user=ironic display-name=%{GROUP} python-path=/var/lib/kolla/venv/lib/python3/site-packages
WSGIProcessGroup ironic-prometheus-exporter
- WSGIScriptAlias / {{ python_path }}/ironic_prometheus_exporter/app/wsgi.py
+ WSGIScriptAlias / /var/lib/kolla/venv/lib/python3/site-packages/ironic_prometheus_exporter/app/wsgi.py
WSGIApplicationGroup %{GLOBAL}
Require all granted
diff --git a/ansible/roles/iscsi/defaults/main.yml b/ansible/roles/iscsi/defaults/main.yml
index 13aac3a889..f4d0ed1e8b 100644
--- a/ansible/roles/iscsi/defaults/main.yml
+++ b/ansible/roles/iscsi/defaults/main.yml
@@ -6,7 +6,7 @@ iscsi_services:
enabled: "{{ enable_iscsid_for_cinder or enable_iscsid_for_ironic }}"
image: "{{ iscsid_image_full }}"
ipc_mode: "host"
- privileged: True
+ privileged: true
volumes: "{{ iscsid_default_volumes + iscsid_extra_volumes + lookup('vars', 'run_default_volumes_' + kolla_container_engine) }}"
dimensions: "{{ iscsid_dimensions }}"
tgtd:
@@ -15,7 +15,7 @@ iscsi_services:
enabled: "{{ enable_tgtd }}"
image: "{{ tgtd_image_full }}"
ipc_mode: "host"
- privileged: True
+ privileged: true
volumes: "{{ tgtd_default_volumes + tgtd_extra_volumes + lookup('vars', 'run_default_volumes_' + kolla_container_engine) }}"
dimensions: "{{ tgtd_dimensions }}"
diff --git a/ansible/roles/keystone/defaults/main.yml b/ansible/roles/keystone/defaults/main.yml
index 0b98275f8c..86bf9094c9 100644
--- a/ansible/roles/keystone/defaults/main.yml
+++ b/ansible/roles/keystone/defaults/main.yml
@@ -274,8 +274,8 @@ horizon_trusted_dashboards: "{{ ['%s://%s/auth/websso/' % (public_protocol, koll
skyline_trusted_dashboards: "{{ ['%s/api/openstack/skyline/api/v1/websso' % (skyline_console_public_endpoint)] if enable_skyline | bool else [] }}"
keystone_trusted_dashboards: "{{ horizon_trusted_dashboards + skyline_trusted_dashboards }}"
keystone_enable_federation_openid: "{{ enable_keystone_federation | bool and keystone_identity_providers | selectattr('protocol', 'equalto', 'openid') | list | count > 0 }}"
-keystone_should_remove_attribute_mappings: False
-keystone_should_remove_identity_providers: False
+keystone_should_remove_attribute_mappings: false
+keystone_should_remove_identity_providers: false
keystone_federation_oidc_response_type: "id_token"
# can be set to any supported headers, according to
# https://github.com/OpenIDC/mod_auth_openidc/blob/ea3af872dcdbb4634a7e541c5e8c7326dafbb090/auth_openidc.conf
diff --git a/ansible/roles/keystone/handlers/main.yml b/ansible/roles/keystone/handlers/main.yml
index 8d5f1fd049..24ee0d520d 100644
--- a/ansible/roles/keystone/handlers/main.yml
+++ b/ansible/roles/keystone/handlers/main.yml
@@ -10,7 +10,7 @@
kolla_container:
action: "start_container"
common_options: "{{ docker_common_options }}"
- detach: False
+ detach: false
environment:
KOLLA_UPGRADE:
KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}"
@@ -21,7 +21,7 @@
restart_policy: oneshot
volumes: "{{ service.volumes | reject('equalto', '') | list }}"
dimensions: "{{ service.dimensions }}"
- run_once: True
+ run_once: true
when:
- kolla_action == "upgrade"
- inventory_hostname == groups[service.group][0]
@@ -90,7 +90,7 @@
kolla_container:
action: "start_container"
common_options: "{{ docker_common_options }}"
- detach: False
+ detach: false
environment:
KOLLA_FINISH_UPGRADE:
KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}"
@@ -101,6 +101,6 @@
restart_policy: oneshot
volumes: "{{ service.volumes | reject('equalto', '') | list }}"
dimensions: "{{ service.dimensions }}"
- run_once: True
+ run_once: true
when:
- kolla_action == "upgrade"
diff --git a/ansible/roles/keystone/tasks/bootstrap.yml b/ansible/roles/keystone/tasks/bootstrap.yml
index 7af22ddea5..89e4cdd004 100644
--- a/ansible/roles/keystone/tasks/bootstrap.yml
+++ b/ansible/roles/keystone/tasks/bootstrap.yml
@@ -11,7 +11,7 @@
login_user: "{{ keystone_database_shard_root_user }}"
login_password: "{{ database_password }}"
name: "{{ keystone_database_name }}"
- run_once: True
+ run_once: true
delegate_to: "{{ groups['keystone'][0] }}"
when:
- not use_preconfigured_databases | bool
@@ -32,7 +32,7 @@
host: "%"
priv: "{{ keystone_database_name }}.*:ALL"
append_privs: "yes"
- run_once: True
+ run_once: true
delegate_to: "{{ groups['keystone'][0] }}"
when:
- not use_preconfigured_databases | bool
diff --git a/ansible/roles/keystone/tasks/bootstrap_service.yml b/ansible/roles/keystone/tasks/bootstrap_service.yml
index 27e52f7901..f76d8f787d 100644
--- a/ansible/roles/keystone/tasks/bootstrap_service.yml
+++ b/ansible/roles/keystone/tasks/bootstrap_service.yml
@@ -38,7 +38,7 @@
kolla_container:
action: "start_container"
common_options: "{{ docker_common_options }}"
- detach: False
+ detach: false
environment:
KOLLA_BOOTSTRAP:
KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}"
@@ -48,7 +48,7 @@
name: "bootstrap_keystone"
restart_policy: oneshot
volumes: "{{ keystone.volumes | reject('equalto', '') | list }}"
- run_once: True
+ run_once: true
- name: Running Keystone fernet bootstrap container
vars:
@@ -57,7 +57,7 @@
kolla_container:
action: "start_container"
common_options: "{{ docker_common_options }}"
- detach: False
+ detach: false
environment:
KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}"
image: "{{ keystone_fernet.image }}"
@@ -70,7 +70,7 @@
name: "bootstrap_keystone_fernet"
restart_policy: oneshot
volumes: "{{ keystone_fernet.volumes | reject('equalto', '') | list }}"
- run_once: True
+ run_once: true
delegate_to: "{{ groups['keystone'][0] }}"
when:
- groups['keystone_fernet_running_True'] is not defined
diff --git a/ansible/roles/keystone/tasks/config.yml b/ansible/roles/keystone/tasks/config.yml
index 3ad2472810..f3f103dc2b 100644
--- a/ansible/roles/keystone/tasks/config.yml
+++ b/ansible/roles/keystone/tasks/config.yml
@@ -13,7 +13,7 @@
stat:
path: "{{ item }}"
delegate_to: localhost
- run_once: True
+ run_once: true
register: keystone_policy
with_first_found:
- files: "{{ supported_policy_format_list }}"
@@ -32,7 +32,7 @@
stat:
path: "{{ node_custom_config }}/keystone/domains"
delegate_to: localhost
- run_once: True
+ run_once: true
register: keystone_domain_directory
- include_tasks: copy-certs.yml
@@ -89,7 +89,7 @@
- name: Get file list in custom domains folder
find:
path: "{{ node_custom_config }}/keystone/domains"
- recurse: no
+ recurse: false
file_type: file
delegate_to: localhost
register: keystone_domains
@@ -184,7 +184,7 @@
stat:
path: "{{ node_custom_config }}/keystone/keystone-paste.ini"
delegate_to: localhost
- run_once: True
+ run_once: true
register: check_keystone_paste_ini
when: service | service_enabled_and_mapped_to_host
diff --git a/ansible/roles/keystone/tasks/distribute_fernet.yml b/ansible/roles/keystone/tasks/distribute_fernet.yml
index 91a2305ada..1991e7c453 100644
--- a/ansible/roles/keystone/tasks/distribute_fernet.yml
+++ b/ansible/roles/keystone/tasks/distribute_fernet.yml
@@ -12,7 +12,7 @@
- name: Run key distribution
become: true
command: "{{ kolla_container_engine }} exec -t {{ keystone_services['keystone-fernet']['container_name'] }} /usr/bin/fernet-push.sh"
- run_once: True
+ run_once: true
delegate_to: >-
{% if groups['keystone_fernet_running'] is defined -%}
{{ groups['keystone_fernet_running'][0] }}{%- else -%}{{ groups['keystone'][0] }}{%- endif %}
diff --git a/ansible/roles/keystone/tasks/register.yml b/ansible/roles/keystone/tasks/register.yml
index 733c3f903d..3789eb7216 100644
--- a/ansible/roles/keystone/tasks/register.yml
+++ b/ansible/roles/keystone/tasks/register.yml
@@ -8,7 +8,7 @@
register: keystone_bootstrap
changed_when: (keystone_bootstrap.stdout | from_json).changed
failed_when: (keystone_bootstrap.stdout | from_json).failed
- run_once: True
+ run_once: true
with_items: "{{ multiple_regions_names }}"
- import_role:
@@ -16,7 +16,7 @@
vars:
service_ks_register_auth: "{{ openstack_keystone_auth }}"
service_ks_register_services: "{{ keystone_ks_services }}"
- run_once: True
+ run_once: true
- name: Creating default user role
become: true
@@ -29,4 +29,4 @@
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
region_name: "{{ openstack_region_name }}"
- run_once: True
+ run_once: true
diff --git a/ansible/roles/keystone/tasks/register_identity_providers.yml b/ansible/roles/keystone/tasks/register_identity_providers.yml
index 75cd40aa9e..ced1d73dd6 100644
--- a/ansible/roles/keystone/tasks/register_identity_providers.yml
+++ b/ansible/roles/keystone/tasks/register_identity_providers.yml
@@ -12,9 +12,9 @@
--os-region-name={{ openstack_region_name }}
{% if openstack_cacert != '' %}--os-cacert={{ openstack_cacert }} {% endif %}
mapping list -c ID --format value
- run_once: True
- changed_when: False
- become: True
+ run_once: true
+ changed_when: false
+ become: true
register: existing_mappings_register
- name: Register existing mappings
@@ -34,7 +34,7 @@
--os-region-name={{ openstack_region_name }}
{% if openstack_cacert != '' %}--os-cacert={{ openstack_cacert }} {% endif %}
mapping delete {{ item }}
- run_once: True
+ run_once: true
become: true
with_items: "{{ existing_mappings }}"
when:
@@ -52,7 +52,7 @@
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
region_name: "{{ openstack_region_name }}"
- run_once: True
+ run_once: true
with_items: "{{ keystone_identity_providers }}"
- name: Register attribute mappings in OpenStack
@@ -71,7 +71,7 @@
mapping create
--rules "{{ keystone_container_federation_oidc_attribute_mappings_folder }}/{{ item.file | basename }}"
{{ item.name }}
- run_once: True
+ run_once: true
when:
- item.name not in existing_mappings
with_items: "{{ keystone_identity_mappings }}"
@@ -92,7 +92,7 @@
mapping set
--rules="{{ keystone_container_federation_oidc_attribute_mappings_folder }}/{{ item.file | basename }}"
{{ item.name }}
- run_once: True
+ run_once: true
when:
- item.name in existing_mappings
with_items: "{{ keystone_identity_mappings }}"
@@ -111,8 +111,8 @@
--os-region-name={{ openstack_region_name }}
{% if openstack_cacert != '' %}--os-cacert={{ openstack_cacert }} {% endif %}
identity provider list -c ID --format value
- run_once: True
- changed_when: False
+ run_once: true
+ changed_when: false
register: existing_idps_register
- name: Register existing idps
@@ -133,7 +133,7 @@
--os-region-name={ openstack_region_name }}
{% if openstack_cacert != '' %}--os-cacert={{ openstack_cacert }}{% endif %}
identity provider delete {{ item }}
- run_once: True
+ run_once: true
with_items: "{{ existing_idps }}"
when:
- item not in (keystone_identity_providers | map(attribute='name') | list)
@@ -157,7 +157,7 @@
--remote-id "{{ item.identifier }}"
--domain "{{ item.openstack_domain }}"
{{ item.name }}
- run_once: True
+ run_once: true
when:
- item.name not in existing_idps
with_items: "{{ keystone_identity_providers }}"
@@ -179,7 +179,7 @@
--description "{{ item.public_name }}"
--remote-id "{{ item.identifier }}"
"{{ item.name }}"
- run_once: True
+ run_once: true
when:
- item.name in existing_idps
with_items: "{{ keystone_identity_providers }}"
@@ -201,7 +201,7 @@
--mapping {{ item.attribute_mapping }}
--identity-provider {{ item.name }}
{{ item.protocol }}
- run_once: True
+ run_once: true
when:
- item.name not in existing_idps
with_items: "{{ keystone_identity_providers }}"
@@ -223,9 +223,9 @@
--identity-provider {{ item.name }}
--mapping {{ item.attribute_mapping }}
{{ item.protocol }}
- run_once: True
+ run_once: true
register: result
- failed_when: result.rc not in [0, 1] # This command returns RC 1 on success, so we need to add this to avoid fails.
+ failed_when: result.rc not in [0, 1] # This command returns RC 1 on success, so we need to add this to avoid fails.
when:
- item.name in existing_idps
with_items: "{{ keystone_identity_providers }}"
diff --git a/ansible/roles/keystone/tasks/upgrade.yml b/ansible/roles/keystone/tasks/upgrade.yml
index 2f1c64edea..88422c9287 100644
--- a/ansible/roles/keystone/tasks/upgrade.yml
+++ b/ansible/roles/keystone/tasks/upgrade.yml
@@ -16,7 +16,7 @@
login_password: "{{ database_password }}"
variable: log_bin_trust_function_creators
value: 1
- run_once: True
+ run_once: true
when:
- inventory_hostname == groups['keystone'][0]
- not use_preconfigured_databases | bool
@@ -47,6 +47,6 @@
login_password: "{{ database_password }}"
variable: log_bin_trust_function_creators
value: 0
- run_once: True
+ run_once: true
when:
- not use_preconfigured_databases | bool
diff --git a/ansible/roles/kuryr/defaults/main.yml b/ansible/roles/kuryr/defaults/main.yml
index 22edf3d03a..753e0abf58 100644
--- a/ansible/roles/kuryr/defaults/main.yml
+++ b/ansible/roles/kuryr/defaults/main.yml
@@ -11,9 +11,9 @@ kuryr_services:
kuryr:
container_name: kuryr
group: compute
- enabled: True
+ enabled: true
image: "{{ kuryr_image_full }}"
- privileged: True
+ privileged: true
cap_add:
- NET_ADMIN
volumes: "{{ kuryr_default_volumes + kuryr_extra_volumes + lookup('vars', 'run_default_volumes_' + kolla_container_engine) }}"
@@ -69,7 +69,6 @@ kuryr_keystone_user: "kuryr"
openstack_kuryr_auth: "{{ openstack_auth }}"
-
####################
# Kolla
####################
diff --git a/ansible/roles/kuryr/tasks/config.yml b/ansible/roles/kuryr/tasks/config.yml
index 10bfff47db..6f6099cbcb 100644
--- a/ansible/roles/kuryr/tasks/config.yml
+++ b/ansible/roles/kuryr/tasks/config.yml
@@ -13,7 +13,7 @@
stat:
path: "{{ item }}"
delegate_to: localhost
- run_once: True
+ run_once: true
register: kuryr_policy
with_first_found:
- files: "{{ supported_policy_format_list }}"
diff --git a/ansible/roles/letsencrypt/defaults/main.yml b/ansible/roles/letsencrypt/defaults/main.yml
index 089b8d944b..05afa1cd92 100644
--- a/ansible/roles/letsencrypt/defaults/main.yml
+++ b/ansible/roles/letsencrypt/defaults/main.yml
@@ -15,7 +15,6 @@ letsencrypt_services:
volumes: "{{ letsencrypt_webserver_default_volumes + letsencrypt_webserver_extra_volumes }}"
dimensions: "{{ letsencrypt_webserver_dimensions }}"
-
##############
# LetsEncrypt
##############
diff --git a/ansible/roles/loadbalancer/defaults/main.yml b/ansible/roles/loadbalancer/defaults/main.yml
index 995d85ebfe..9f7bd0b04f 100644
--- a/ansible/roles/loadbalancer/defaults/main.yml
+++ b/ansible/roles/loadbalancer/defaults/main.yml
@@ -5,7 +5,7 @@ loadbalancer_services:
group: loadbalancer
enabled: true
image: "{{ haproxy_image_full }}"
- privileged: True
+ privileged: true
volumes: "{{ haproxy_default_volumes + haproxy_extra_volumes }}"
dimensions: "{{ haproxy_dimensions }}"
healthcheck: "{{ haproxy_healthcheck }}"
@@ -14,7 +14,7 @@ loadbalancer_services:
group: loadbalancer
enabled: "{{ enable_proxysql | bool }}"
image: "{{ proxysql_image_full }}"
- privileged: False
+ privileged: false
volumes: "{{ proxysql_default_volumes + proxysql_extra_volumes }}"
dimensions: "{{ proxysql_dimensions }}"
healthcheck: "{{ proxysql_healthcheck }}"
@@ -23,7 +23,7 @@ loadbalancer_services:
group: loadbalancer
enabled: "{{ enable_keepalived | bool }}"
image: "{{ keepalived_image_full }}"
- privileged: True
+ privileged: true
volumes: "{{ keepalived_default_volumes + keepalived_extra_volumes }}"
dimensions: "{{ keepalived_dimensions }}"
haproxy-ssh:
@@ -183,11 +183,11 @@ haproxy_host_ipv4_tcp_retries2: "KOLLA_UNSET"
# HAProxy socket admin permissions enable
haproxy_socket_level_admin: "{{ enable_letsencrypt | bool }}"
-kolla_externally_managed_cert: False
+kolla_externally_managed_cert: false
# Allow to disable keepalived tracking script (e.g. for single node environments
# where this proves problematic in some cases)
-keepalived_track_script_enabled: True
+keepalived_track_script_enabled: true
# Default backend for single external frontend (for missing mappings)
haproxy_external_single_frontend_default_backend: "horizon_external_back"
diff --git a/ansible/roles/loadbalancer/tasks/config_validate.yml b/ansible/roles/loadbalancer/tasks/config_validate.yml
index cfb336919c..acb6f99128 100644
--- a/ansible/roles/loadbalancer/tasks/config_validate.yml
+++ b/ansible/roles/loadbalancer/tasks/config_validate.yml
@@ -2,7 +2,7 @@
- name: Validating haproxy config files
vars:
service: "{{ loadbalancer_services['haproxy'] }}"
- shell: >-
+ command: >-
{{ kolla_container_engine }} exec -i haproxy haproxy
-c -f /etc/haproxy/haproxy.cfg -f /etc/haproxy/services.d/
register: haproxy_config_validation_result
diff --git a/ansible/roles/magnum/defaults/main.yml b/ansible/roles/magnum/defaults/main.yml
index d723571ce5..c6d3a89993 100644
--- a/ansible/roles/magnum/defaults/main.yml
+++ b/ansible/roles/magnum/defaults/main.yml
@@ -72,7 +72,7 @@ magnum_database_shard:
####################
# Magnum
####################
-enable_cluster_user_trust: False
+enable_cluster_user_trust: false
# The default cinder volume type to be used for container storage volume in clusters
# that specify the docker-volume-size option. For example gp1, io1 etc
default_docker_volume_type: ""
diff --git a/ansible/roles/magnum/tasks/bootstrap.yml b/ansible/roles/magnum/tasks/bootstrap.yml
index 6d3da7609c..4fb78ea307 100644
--- a/ansible/roles/magnum/tasks/bootstrap.yml
+++ b/ansible/roles/magnum/tasks/bootstrap.yml
@@ -11,7 +11,7 @@
login_user: "{{ magnum_database_shard_root_user }}"
login_password: "{{ database_password }}"
name: "{{ magnum_database_name }}"
- run_once: True
+ run_once: true
delegate_to: "{{ groups['magnum-api'][0] }}"
when:
- not use_preconfigured_databases | bool
@@ -32,7 +32,7 @@
host: "%"
priv: "{{ magnum_database_name }}.*:ALL"
append_privs: "yes"
- run_once: True
+ run_once: true
delegate_to: "{{ groups['magnum-api'][0] }}"
when:
- not use_preconfigured_databases | bool
diff --git a/ansible/roles/magnum/tasks/bootstrap_service.yml b/ansible/roles/magnum/tasks/bootstrap_service.yml
index 9ebf3aefc4..dca4f632ce 100644
--- a/ansible/roles/magnum/tasks/bootstrap_service.yml
+++ b/ansible/roles/magnum/tasks/bootstrap_service.yml
@@ -6,7 +6,7 @@
kolla_container:
action: "start_container"
common_options: "{{ docker_common_options }}"
- detach: False
+ detach: false
environment:
KOLLA_BOOTSTRAP:
KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}"
@@ -16,5 +16,5 @@
name: "bootstrap_magnum"
restart_policy: oneshot
volumes: "{{ magnum_api.volumes | reject('equalto', '') | list }}"
- run_once: True
+ run_once: true
delegate_to: "{{ groups[magnum_api.group][0] }}"
diff --git a/ansible/roles/magnum/tasks/config.yml b/ansible/roles/magnum/tasks/config.yml
index 5921da31e0..d23065d853 100644
--- a/ansible/roles/magnum/tasks/config.yml
+++ b/ansible/roles/magnum/tasks/config.yml
@@ -13,7 +13,7 @@
stat:
path: "{{ item }}"
delegate_to: localhost
- run_once: True
+ run_once: true
register: magnum_policy
with_first_found:
- files: "{{ supported_policy_format_list }}"
@@ -32,7 +32,7 @@
stat:
path: "{{ node_custom_config }}/magnum/kubeconfig"
delegate_to: localhost
- run_once: True
+ run_once: true
register: magnum_kubeconfig_file
- name: Copying over kubeconfig file
diff --git a/ansible/roles/magnum/tasks/register.yml b/ansible/roles/magnum/tasks/register.yml
index 8d1d4aacf8..3cdf06be26 100644
--- a/ansible/roles/magnum/tasks/register.yml
+++ b/ansible/roles/magnum/tasks/register.yml
@@ -19,7 +19,7 @@
cacert: "{{ openstack_cacert }}"
region_name: "{{ openstack_region_name }}"
register: trustee_domain
- run_once: True
+ run_once: true
- name: Creating Magnum trustee user
become: true
@@ -35,7 +35,7 @@
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
region_name: "{{ openstack_region_name }}"
- run_once: True
+ run_once: true
- name: Creating Magnum trustee user role
become: true
@@ -50,5 +50,5 @@
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
region_name: "{{ openstack_region_name }}"
- run_once: True
+ run_once: true
when: not ansible_check_mode
diff --git a/ansible/roles/manila/defaults/main.yml b/ansible/roles/manila/defaults/main.yml
index 6435a5e462..1e973feb5d 100644
--- a/ansible/roles/manila/defaults/main.yml
+++ b/ansible/roles/manila/defaults/main.yml
@@ -4,7 +4,7 @@ manila_services:
container_name: "manila_api"
group: "manila-api"
image: "{{ manila_api_image_full }}"
- enabled: True
+ enabled: true
volumes: "{{ manila_api_default_volumes + manila_api_extra_volumes }}"
dimensions: "{{ manila_api_dimensions }}"
healthcheck: "{{ manila_api_healthcheck }}"
@@ -30,7 +30,7 @@ manila_services:
container_name: "manila_scheduler"
group: "manila-scheduler"
image: "{{ manila_scheduler_image_full }}"
- enabled: True
+ enabled: true
volumes: "{{ manila_scheduler_default_volumes + manila_scheduler_extra_volumes }}"
dimensions: "{{ manila_scheduler_dimensions }}"
healthcheck: "{{ manila_scheduler_healthcheck }}"
@@ -38,8 +38,8 @@ manila_services:
container_name: "manila_share"
group: "manila-share"
image: "{{ manila_share_image_full }}"
- enabled: True
- privileged: True
+ enabled: true
+ privileged: true
volumes: "{{ manila_share_default_volumes + manila_share_extra_volumes + lookup('vars', 'run_default_volumes_' + kolla_container_engine) }}"
dimensions: "{{ manila_share_dimensions }}"
healthcheck: "{{ manila_share_healthcheck }}"
@@ -47,8 +47,8 @@ manila_services:
container_name: "manila_data"
group: "manila-data"
image: "{{ manila_data_image_full }}"
- enabled: True
- privileged: True
+ enabled: true
+ privileged: true
volumes: "{{ manila_data_default_volumes + manila_data_extra_volumes + lookup('vars', 'run_default_volumes_' + kolla_container_engine) }}"
dimensions: "{{ manila_data_dimensions }}"
healthcheck: "{{ manila_data_healthcheck }}"
diff --git a/ansible/roles/manila/tasks/bootstrap.yml b/ansible/roles/manila/tasks/bootstrap.yml
index 9e1872cdfe..c04f95d97b 100644
--- a/ansible/roles/manila/tasks/bootstrap.yml
+++ b/ansible/roles/manila/tasks/bootstrap.yml
@@ -11,7 +11,7 @@
login_user: "{{ manila_database_shard_root_user }}"
login_password: "{{ database_password }}"
name: "{{ manila_database_name }}"
- run_once: True
+ run_once: true
delegate_to: "{{ groups['manila-api'][0] }}"
when:
- not use_preconfigured_databases | bool
@@ -32,7 +32,7 @@
host: "%"
priv: "{{ manila_database_name }}.*:ALL"
append_privs: "yes"
- run_once: True
+ run_once: true
delegate_to: "{{ groups['manila-api'][0] }}"
when:
- not use_preconfigured_databases | bool
diff --git a/ansible/roles/manila/tasks/bootstrap_service.yml b/ansible/roles/manila/tasks/bootstrap_service.yml
index f3e72da72d..fabcc5c5a3 100644
--- a/ansible/roles/manila/tasks/bootstrap_service.yml
+++ b/ansible/roles/manila/tasks/bootstrap_service.yml
@@ -6,7 +6,7 @@
kolla_container:
action: "start_container"
common_options: "{{ docker_common_options }}"
- detach: False
+ detach: false
environment:
KOLLA_BOOTSTRAP:
KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}"
@@ -16,5 +16,5 @@
name: "bootstrap_manila"
restart_policy: oneshot
volumes: "{{ manila_api.volumes | reject('equalto', '') | list }}"
- run_once: True
+ run_once: true
delegate_to: "{{ groups[manila_api.group][0] }}"
diff --git a/ansible/roles/manila/tasks/config.yml b/ansible/roles/manila/tasks/config.yml
index 1607316a26..0cb6ae9454 100644
--- a/ansible/roles/manila/tasks/config.yml
+++ b/ansible/roles/manila/tasks/config.yml
@@ -18,7 +18,7 @@
stat:
path: "{{ item }}"
delegate_to: localhost
- run_once: True
+ run_once: true
register: manila_policy
with_first_found:
- files: "{{ supported_policy_format_list }}"
diff --git a/ansible/roles/manila/tasks/external_ceph.yml b/ansible/roles/manila/tasks/external_ceph.yml
index 3b70b0ad4f..84851e6b78 100644
--- a/ansible/roles/manila/tasks/external_ceph.yml
+++ b/ansible/roles/manila/tasks/external_ceph.yml
@@ -39,7 +39,7 @@
become: true
file:
path: "{{ node_config_directory }}/{{ item }}"
- recurse: yes
+ recurse: true
owner: "{{ config_owner_user }}"
group: "{{ config_owner_group }}"
when: inventory_hostname in groups[item]
diff --git a/ansible/roles/mariadb/tasks/backup.yml b/ansible/roles/mariadb/tasks/backup.yml
index 0ddd8521d2..c07d7ded6f 100644
--- a/ansible/roles/mariadb/tasks/backup.yml
+++ b/ansible/roles/mariadb/tasks/backup.yml
@@ -17,14 +17,14 @@
action: "start_container"
command: "bash -c 'sudo -E kolla_set_configs && /usr/local/bin/{{ cmd }}'"
common_options: "{{ docker_common_options }}"
- detach: False
+ detach: false
# NOTE(mgoddard): Try to use the same image as the MariaDB server container
# to avoid compatibility issues. See
# https://bugs.launchpad.net/kolla-ansible/+bug/2058644.
image: "{{ container_facts.containers[mariadb_services.mariadb.container_name].Config.Image | default(mariadb_services.mariadb.image) }}"
name: "mariabackup"
restart_policy: oneshot
- remove_on_exit: True
+ remove_on_exit: true
environment:
BACKUP_TYPE: "{{ mariadb_backup_type }}"
volumes:
diff --git a/ansible/roles/mariadb/tasks/bootstrap_cluster.yml b/ansible/roles/mariadb/tasks/bootstrap_cluster.yml
index 9a412c3579..34c463cb83 100644
--- a/ansible/roles/mariadb/tasks/bootstrap_cluster.yml
+++ b/ansible/roles/mariadb/tasks/bootstrap_cluster.yml
@@ -7,7 +7,7 @@
kolla_container:
action: "start_container"
common_options: "{{ docker_common_options }}"
- detach: False
+ detach: false
environment:
KOLLA_BOOTSTRAP:
KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}"
diff --git a/ansible/roles/mariadb/tasks/check.yml b/ansible/roles/mariadb/tasks/check.yml
index c0296bd4c5..78d5e481d2 100644
--- a/ansible/roles/mariadb/tasks/check.yml
+++ b/ansible/roles/mariadb/tasks/check.yml
@@ -15,7 +15,7 @@
query: "SHOW DATABASES;"
register: result
until: result is success
- changed_when: False
+ changed_when: false
retries: 6
delay: 10
become: true
diff --git a/ansible/roles/mariadb/tasks/loadbalancer.yml b/ansible/roles/mariadb/tasks/loadbalancer.yml
index bc7439dfd8..9bfa2ac6c9 100644
--- a/ansible/roles/mariadb/tasks/loadbalancer.yml
+++ b/ansible/roles/mariadb/tasks/loadbalancer.yml
@@ -37,8 +37,8 @@
with_dict: "{{ mariadb_shards_info.shards }}"
loop_control:
label: "{{ host }}"
- failed_when: False
- run_once: True
+ failed_when: false
+ run_once: true
- name: "Configure loadbalancer for {{ project_name }}"
import_role:
diff --git a/ansible/roles/mariadb/tasks/lookup_cluster.yml b/ansible/roles/mariadb/tasks/lookup_cluster.yml
index 207e1f90b8..5103af0723 100644
--- a/ansible/roles/mariadb/tasks/lookup_cluster.yml
+++ b/ansible/roles/mariadb/tasks/lookup_cluster.yml
@@ -27,7 +27,7 @@
timeout: 10
search_regex: "MariaDB"
register: check_mariadb_port_liveness
- ignore_errors: yes
+ ignore_errors: true
- name: Divide hosts by their MariaDB service port liveness
group_by:
@@ -76,5 +76,5 @@
msg: MariaDB cluster is not synced. Please wait for WSREP sync before proceeding.
when:
- groups[mariadb_shard_group + '_port_alive_True'] is defined
- - groups[mariadb_shard_group + '_sync_status_Synced'] is not defined or
- groups[mariadb_shard_group + '_port_alive_True'] | sort != groups[mariadb_shard_group + '_sync_status_Synced'] | sort
+ - groups[mariadb_shard_group + '_sync_status_Synced'] is not defined or groups[mariadb_shard_group + '_port_alive_True'] | sort !=
+ groups[mariadb_shard_group + '_sync_status_Synced'] | sort
diff --git a/ansible/roles/mariadb/tasks/post-upgrade.yml b/ansible/roles/mariadb/tasks/post-upgrade.yml
index ac878bef6b..70a184812a 100644
--- a/ansible/roles/mariadb/tasks/post-upgrade.yml
+++ b/ansible/roles/mariadb/tasks/post-upgrade.yml
@@ -7,7 +7,7 @@
kolla_container:
action: "start_container"
common_options: "{{ docker_common_options }}"
- detach: False
+ detach: false
dimensions: "{{ service.dimensions }}"
environment:
KOLLA_UPGRADE:
diff --git a/ansible/roles/mariadb/tasks/recover_cluster.yml b/ansible/roles/mariadb/tasks/recover_cluster.yml
index 37877ae599..0f1f0f9de2 100644
--- a/ansible/roles/mariadb/tasks/recover_cluster.yml
+++ b/ansible/roles/mariadb/tasks/recover_cluster.yml
@@ -11,7 +11,7 @@
delegate_to: localhost
connection: local
changed_when: false
- check_mode: no
+ check_mode: false
run_once: true
with_fileglob: "/tmp/kolla_mariadb_recover_inventory_name_*"
@@ -61,7 +61,7 @@
path: /tmp/mariadb_tmp.log
state: absent
changed_when: false
- check_mode: no
+ check_mode: false
- name: Registering MariaDB seqno variable
set_fact:
@@ -102,10 +102,10 @@
- name: Set grastate.dat file from MariaDB container in bootstrap host
become: true
lineinfile:
- create: yes
+ create: true
dest: "{{ container_engine_volumes_path }}/mariadb/_data/grastate.dat"
- regexp: 'safe_to_bootstrap:(.*)$'
- line: 'safe_to_bootstrap: 1'
+ regexp: "safe_to_bootstrap:(.*)$"
+ line: "safe_to_bootstrap: 1"
state: present
when:
- bootstrap_host is defined
diff --git a/ansible/roles/mariadb/tasks/register.yml b/ansible/roles/mariadb/tasks/register.yml
index 1b733afa70..b7a73ce519 100644
--- a/ansible/roles/mariadb/tasks/register.yml
+++ b/ansible/roles/mariadb/tasks/register.yml
@@ -50,7 +50,7 @@
password: "{{ mariadb_backup_database_password }}"
host: "%"
priv: "*.*:RELOAD,PROCESS,LOCK TABLES,BINLOG MONITOR/{{ mariadb_backup_database_schema }}.mariadb_backup_history:CREATE,ALTER,INSERT"
- append_privs: True
+ append_privs: true
when:
- enable_mariabackup | bool
- inventory_hostname == mariadb_backup_host
@@ -70,7 +70,7 @@
password: "{{ mariadb_backup_database_password }}"
host: "%"
priv: "{{ mariadb_backup_database_schema }}.*:CREATE,INSERT,SELECT"
- append_privs: True
+ append_privs: true
when:
- enable_mariabackup | bool
- inventory_hostname == mariadb_backup_host
diff --git a/ansible/roles/masakari/defaults/main.yml b/ansible/roles/masakari/defaults/main.yml
index c0713b05cc..496a0f0191 100644
--- a/ansible/roles/masakari/defaults/main.yml
+++ b/ansible/roles/masakari/defaults/main.yml
@@ -39,7 +39,7 @@ masakari_services:
enabled: "{{ enable_masakari_instancemonitor | bool }}"
image: "{{ masakari_monitors_image_full }}"
volumes: "{{ masakari_instancemonitor_default_volumes + masakari_instancemonitor_extra_volumes }}"
- privileged: True
+ privileged: true
dimensions: "{{ masakari_instancemonitor_dimensions }}"
masakari-hostmonitor:
container_name: masakari_hostmonitor
diff --git a/ansible/roles/masakari/tasks/bootstrap.yml b/ansible/roles/masakari/tasks/bootstrap.yml
index 22eaa252e6..6b5f9d1b0c 100644
--- a/ansible/roles/masakari/tasks/bootstrap.yml
+++ b/ansible/roles/masakari/tasks/bootstrap.yml
@@ -11,7 +11,7 @@
login_user: "{{ masakari_database_shard_root_user }}"
login_password: "{{ database_password }}"
name: "{{ masakari_database_name }}"
- run_once: True
+ run_once: true
delegate_to: "{{ groups['masakari-api'][0] }}"
when:
- not use_preconfigured_databases | bool
@@ -32,7 +32,7 @@
host: "%"
priv: "{{ masakari_database_name }}.*:ALL"
append_privs: "yes"
- run_once: True
+ run_once: true
delegate_to: "{{ groups['masakari-api'][0] }}"
when:
- not use_preconfigured_databases | bool
diff --git a/ansible/roles/masakari/tasks/bootstrap_service.yml b/ansible/roles/masakari/tasks/bootstrap_service.yml
index 62f02128cf..40a11650d1 100644
--- a/ansible/roles/masakari/tasks/bootstrap_service.yml
+++ b/ansible/roles/masakari/tasks/bootstrap_service.yml
@@ -6,7 +6,7 @@
kolla_container:
action: "start_container"
common_options: "{{ docker_common_options }}"
- detach: False
+ detach: false
environment:
KOLLA_BOOTSTRAP:
KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}"
@@ -16,5 +16,5 @@
name: "bootstrap_masakari"
restart_policy: "oneshot"
volumes: "{{ masakari_api.volumes | reject('equalto', '') | list }}"
- run_once: True
+ run_once: true
delegate_to: "{{ groups[masakari_api.group][0] }}"
diff --git a/ansible/roles/masakari/tasks/config.yml b/ansible/roles/masakari/tasks/config.yml
index 16e14e99f4..2edbcdb355 100644
--- a/ansible/roles/masakari/tasks/config.yml
+++ b/ansible/roles/masakari/tasks/config.yml
@@ -13,7 +13,7 @@
stat:
path: "{{ item }}"
delegate_to: localhost
- run_once: True
+ run_once: true
register: masakari_policy
with_first_found:
- files: "{{ supported_policy_format_list }}"
diff --git a/ansible/roles/masakari/tasks/precheck.yml b/ansible/roles/masakari/tasks/precheck.yml
index 9db46ab9fb..a5486ac615 100644
--- a/ansible/roles/masakari/tasks/precheck.yml
+++ b/ansible/roles/masakari/tasks/precheck.yml
@@ -27,7 +27,7 @@
- inventory_hostname in groups['masakari-api']
- name: Checking for coordination backend if running in multinode setup
- run_once: True
+ run_once: true
fail:
msg: "Please enable Valkey or etcd when running in multinode scenario."
when:
diff --git a/ansible/roles/mistral/tasks/bootstrap.yml b/ansible/roles/mistral/tasks/bootstrap.yml
index 215bc09a5a..4e7cb2b2f9 100644
--- a/ansible/roles/mistral/tasks/bootstrap.yml
+++ b/ansible/roles/mistral/tasks/bootstrap.yml
@@ -11,7 +11,7 @@
login_user: "{{ mistral_database_shard_root_user }}"
login_password: "{{ database_password }}"
name: "{{ mistral_database_name }}"
- run_once: True
+ run_once: true
delegate_to: "{{ groups['mistral-api'][0] }}"
when:
- not use_preconfigured_databases | bool
@@ -32,7 +32,7 @@
host: "%"
priv: "{{ mistral_database_name }}.*:ALL"
append_privs: "yes"
- run_once: True
+ run_once: true
delegate_to: "{{ groups['mistral-api'][0] }}"
when:
- not use_preconfigured_databases | bool
diff --git a/ansible/roles/mistral/tasks/bootstrap_service.yml b/ansible/roles/mistral/tasks/bootstrap_service.yml
index 3fb1f2bb23..b2aa88c765 100644
--- a/ansible/roles/mistral/tasks/bootstrap_service.yml
+++ b/ansible/roles/mistral/tasks/bootstrap_service.yml
@@ -6,7 +6,7 @@
kolla_container:
action: "start_container"
common_options: "{{ docker_common_options }}"
- detach: False
+ detach: false
environment:
KOLLA_BOOTSTRAP:
KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}"
@@ -16,5 +16,5 @@
name: "bootstrap_mistral"
restart_policy: oneshot
volumes: "{{ mistral_api.volumes | reject('equalto', '') | list }}"
- run_once: True
+ run_once: true
delegate_to: "{{ groups[mistral_api.group][0] }}"
diff --git a/ansible/roles/mistral/tasks/config.yml b/ansible/roles/mistral/tasks/config.yml
index d9ea731db3..aba2fbf273 100644
--- a/ansible/roles/mistral/tasks/config.yml
+++ b/ansible/roles/mistral/tasks/config.yml
@@ -13,7 +13,7 @@
stat:
path: "{{ item }}"
delegate_to: localhost
- run_once: True
+ run_once: true
register: mistral_policy
with_first_found:
- files: "{{ supported_policy_format_list }}"
diff --git a/ansible/roles/multipathd/defaults/main.yml b/ansible/roles/multipathd/defaults/main.yml
index 60ade00f52..0e45239247 100644
--- a/ansible/roles/multipathd/defaults/main.yml
+++ b/ansible/roles/multipathd/defaults/main.yml
@@ -5,7 +5,7 @@ multipathd_services:
group: multipathd
enabled: true
ipc_mode: "host"
- privileged: True
+ privileged: true
image: "{{ multipathd_image_full }}"
volumes: "{{ multipathd_default_volumes + multipathd_extra_volumes + lookup('vars', 'run_default_volumes_' + kolla_container_engine) }}"
diff --git a/ansible/roles/neutron/defaults/main.yml b/ansible/roles/neutron/defaults/main.yml
index 8d3dcdcfd7..d9dacd4c25 100644
--- a/ansible/roles/neutron/defaults/main.yml
+++ b/ansible/roles/neutron/defaults/main.yml
@@ -61,7 +61,7 @@ neutron_services:
container_name: "neutron_openvswitch_agent"
image: "{{ neutron_openvswitch_agent_image_full }}"
enabled: "{{ neutron_plugin_agent == 'openvswitch' }}"
- privileged: True
+ privileged: true
host_in_groups: >-
{{
(inventory_hostname in groups['compute']
@@ -83,7 +83,7 @@ neutron_services:
cgroupns_mode: "{{ 'host' if neutron_agents_wrappers | bool else 'private' }}"
container_name: "neutron_dhcp_agent"
image: "{{ neutron_dhcp_agent_image_full }}"
- privileged: True
+ privileged: true
enabled: "{{ neutron_plugin_agent != 'ovn' or neutron_ovn_dhcp_agent | bool }}"
group: "neutron-dhcp-agent"
host_in_groups: "{{ inventory_hostname in groups['neutron-dhcp-agent'] }}"
@@ -99,7 +99,7 @@ neutron_services:
cgroupns_mode: "{{ 'host' if neutron_agents_wrappers | bool else 'private' }}"
container_name: "neutron_l3_agent"
image: "{{ neutron_l3_agent_image_full }}"
- privileged: True
+ privileged: true
enabled: "{{ neutron_plugin_agent != 'ovn' }}"
environment:
KOLLA_IMAGE: "{{ neutron_l3_agent_image_full }}"
@@ -117,7 +117,7 @@ neutron_services:
neutron-sriov-agent:
container_name: "neutron_sriov_agent"
image: "{{ neutron_sriov_agent_image_full }}"
- privileged: True
+ privileged: true
enabled: "{{ enable_neutron_sriov | bool }}"
host_in_groups: "{{ inventory_hostname in groups['compute'] }}"
volumes: "{{ neutron_sriov_agent_default_volumes + neutron_sriov_agent_extra_volumes }}"
@@ -133,7 +133,7 @@ neutron_services:
neutron-eswitchd:
container_name: "neutron_eswitchd"
image: "{{ neutron_eswitchd_image_full }}"
- privileged: True
+ privileged: true
enabled: "{{ enable_neutron_mlnx | bool }}"
host_in_groups: "{{ inventory_hostname in groups['compute'] }}"
volumes: "{{ neutron_eswitchd_default_volumes + neutron_eswitchd_extra_volumes }}"
@@ -141,7 +141,7 @@ neutron_services:
neutron-metadata-agent:
container_name: "neutron_metadata_agent"
image: "{{ neutron_metadata_agent_image_full }}"
- privileged: True
+ privileged: true
enabled: "{{ neutron_plugin_agent != 'ovn' }}"
host_in_groups: >-
{{
@@ -155,7 +155,7 @@ neutron_services:
cgroupns_mode: "{{ 'host' if neutron_agents_wrappers | bool else 'private' }}"
container_name: "neutron_ovn_metadata_agent"
image: "{{ neutron_ovn_metadata_agent_image_full }}"
- privileged: True
+ privileged: true
enabled: "{{ neutron_plugin_agent == 'ovn' }}"
host_in_groups: "{{ inventory_hostname in groups['neutron-ovn-metadata-agent'] }}"
volumes: "{{ neutron_ovn_metadata_agent_default_volumes + neutron_ovn_metadata_agent_extra_volumes }}"
@@ -169,7 +169,7 @@ neutron_services:
neutron-bgp-dragent:
container_name: "neutron_bgp_dragent"
image: "{{ neutron_bgp_dragent_image_full }}"
- privileged: True
+ privileged: true
enabled: "{{ enable_neutron_bgp_dragent | bool }}"
group: "neutron-bgp-dragent"
host_in_groups: "{{ inventory_hostname in groups['neutron-bgp-dragent'] }}"
@@ -179,7 +179,7 @@ neutron_services:
neutron-infoblox-ipam-agent:
container_name: "neutron_infoblox_ipam_agent"
image: "{{ neutron_infoblox_ipam_agent_image_full }}"
- privileged: True
+ privileged: true
enabled: "{{ enable_neutron_infoblox_ipam_agent | bool }}"
group: "neutron-infoblox-ipam-agent"
host_in_groups: "{{ inventory_hostname in groups['neutron-infoblox-ipam-agent'] }}"
@@ -188,7 +188,7 @@ neutron_services:
neutron-metering-agent:
container_name: "neutron_metering_agent"
image: "{{ neutron_metering_agent_image_full }}"
- privileged: True
+ privileged: true
enabled: "{{ enable_neutron_metering | bool }}"
group: "neutron-metering-agent"
host_in_groups: "{{ inventory_hostname in groups['neutron-metering-agent'] }}"
@@ -197,7 +197,7 @@ neutron_services:
ironic-neutron-agent:
container_name: "ironic_neutron_agent"
image: "{{ ironic_neutron_agent_image_full }}"
- privileged: False
+ privileged: false
enabled: "{{ enable_ironic_neutron_agent | bool }}"
group: "ironic-neutron-agent"
host_in_groups: "{{ inventory_hostname in groups['ironic-neutron-agent'] }}"
diff --git a/ansible/roles/neutron/tasks/bootstrap.yml b/ansible/roles/neutron/tasks/bootstrap.yml
index a58a07b570..b7afe8e98c 100644
--- a/ansible/roles/neutron/tasks/bootstrap.yml
+++ b/ansible/roles/neutron/tasks/bootstrap.yml
@@ -11,7 +11,7 @@
login_user: "{{ neutron_database_shard_root_user }}"
login_password: "{{ database_password }}"
name: "{{ neutron_database_name }}"
- run_once: True
+ run_once: true
delegate_to: "{{ groups['neutron-server'][0] }}"
when:
- not use_preconfigured_databases | bool
@@ -32,7 +32,7 @@
host: "%"
priv: "{{ neutron_database_name }}.*:ALL"
append_privs: "yes"
- run_once: True
+ run_once: true
delegate_to: "{{ groups['neutron-server'][0] }}"
when:
- not use_preconfigured_databases | bool
diff --git a/ansible/roles/neutron/tasks/bootstrap_service.yml b/ansible/roles/neutron/tasks/bootstrap_service.yml
index 094f4ca968..3ec0172c35 100644
--- a/ansible/roles/neutron/tasks/bootstrap_service.yml
+++ b/ansible/roles/neutron/tasks/bootstrap_service.yml
@@ -6,7 +6,7 @@
kolla_container:
action: "start_container"
common_options: "{{ docker_common_options }}"
- detach: False
+ detach: false
environment:
KOLLA_BOOTSTRAP:
KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}"
@@ -17,5 +17,5 @@
name: "bootstrap_neutron"
restart_policy: oneshot
volumes: "{{ neutron_server.volumes }}"
- run_once: True
+ run_once: true
delegate_to: "{{ groups[neutron_server.group][0] }}"
diff --git a/ansible/roles/neutron/tasks/config-neutron-fake.yml b/ansible/roles/neutron/tasks/config-neutron-fake.yml
index ea26ba7c5d..bd94dfd559 100644
--- a/ansible/roles/neutron/tasks/config-neutron-fake.yml
+++ b/ansible/roles/neutron/tasks/config-neutron-fake.yml
@@ -4,7 +4,7 @@
file:
path: "{{ node_config_directory }}/neutron-openvswitch-agent-fake-{{ item }}"
state: "directory"
- recurse: yes
+ recurse: true
mode: "0770"
with_sequence: start=1 end={{ num_nova_fake_per_node }}
when: inventory_hostname in groups['compute']
@@ -84,7 +84,7 @@
become: true
file:
path: "{{ node_config_directory }}/neutron-openvswitch-agent-fake-{{ item }}"
- recurse: yes
+ recurse: true
owner: "{{ config_owner_user }}"
group: "{{ config_owner_group }}"
when: inventory_hostname in groups['compute']
diff --git a/ansible/roles/neutron/tasks/config.yml b/ansible/roles/neutron/tasks/config.yml
index 9c5a9702b5..76705426e2 100644
--- a/ansible/roles/neutron/tasks/config.yml
+++ b/ansible/roles/neutron/tasks/config.yml
@@ -13,8 +13,8 @@
find:
path: "{{ node_custom_config }}/neutron/plugins/"
delegate_to: localhost
- run_once: True
- changed_when: False
+ run_once: true
+ changed_when: false
register: check_extra_ml2_plugins
- include_tasks: copy-certs.yml
@@ -25,7 +25,7 @@
stat:
path: "{{ item }}"
delegate_to: localhost
- run_once: True
+ run_once: true
register: neutron_policy
with_first_found:
- files: "{{ supported_policy_format_list }}"
diff --git a/ansible/roles/neutron/tasks/precheck.yml b/ansible/roles/neutron/tasks/precheck.yml
index 16f7b0db44..46ba3db3d2 100644
--- a/ansible/roles/neutron/tasks/precheck.yml
+++ b/ansible/roles/neutron/tasks/precheck.yml
@@ -33,7 +33,7 @@
- groups['neutron-l3-agent'] | length > 1
fail_msg: "Number of network agents are less than two when enabling agent ha"
changed_when: false
- run_once: True
+ run_once: true
when:
- enable_neutron_agent_ha | bool
@@ -51,7 +51,7 @@
assert:
that: enable_ironic | bool
fail_msg: "Ironic must be enabled when using networking-baremetal/ironic-neutron-agent"
- run_once: True
+ run_once: true
when:
- enable_ironic_neutron_agent | bool
@@ -64,7 +64,7 @@
- neutron_dns_domain != "openstacklocal"
fail_msg: "The neutron_dns_domain value has to be non-empty and must end with a period '.'"
changed_when: false
- run_once: True
+ run_once: true
when:
- neutron_dns_integration | bool
diff --git a/ansible/roles/neutron/tasks/rolling_upgrade.yml b/ansible/roles/neutron/tasks/rolling_upgrade.yml
index d0a98f94ad..6b66ef5d99 100644
--- a/ansible/roles/neutron/tasks/rolling_upgrade.yml
+++ b/ansible/roles/neutron/tasks/rolling_upgrade.yml
@@ -17,7 +17,7 @@
kolla_container:
action: "start_container"
common_options: "{{ docker_common_options }}"
- detach: False
+ detach: false
environment:
KOLLA_UPGRADE:
NEUTRON_DB_EXPAND:
@@ -29,7 +29,7 @@
name: "bootstrap_neutron"
restart_policy: oneshot
volumes: "{{ neutron_server.volumes }}"
- run_once: True
+ run_once: true
delegate_to: "{{ groups['neutron-server'][0] }}"
- name: Flush Handlers
@@ -39,7 +39,7 @@
become: true
command: "{{ kolla_container_engine }} exec -t neutron_server neutron-db-manage --subproject {{ item }} has_offline_migrations"
register: neutron_check_contract_db_stdout
- ignore_errors: yes
+ ignore_errors: true
with_items: "{{ neutron_rolling_upgrade_services }}"
when: inventory_hostname == groups['neutron-server'][0]
@@ -69,7 +69,7 @@
kolla_container:
action: "start_container"
common_options: "{{ docker_common_options }}"
- detach: False
+ detach: false
environment:
KOLLA_UPGRADE:
NEUTRON_DB_CONTRACT:
@@ -81,7 +81,7 @@
name: "bootstrap_neutron"
restart_policy: oneshot
volumes: "{{ neutron_server.volumes }}"
- run_once: True
+ run_once: true
delegate_to: "{{ groups['neutron-server'][0] }}"
# Flush handlers here to ensure neutron-server containers are started
diff --git a/ansible/roles/nova-cell/defaults/main.yml b/ansible/roles/nova-cell/defaults/main.yml
index 88f35ff73e..1cc4a04aa8 100644
--- a/ansible/roles/nova-cell/defaults/main.yml
+++ b/ansible/roles/nova-cell/defaults/main.yml
@@ -9,7 +9,7 @@ nova_cell_services:
image: "{{ nova_libvirt_image_full }}"
pid_mode: "host"
cgroupns_mode: "host"
- privileged: True
+ privileged: true
volumes: "{{ nova_libvirt_default_volumes + nova_libvirt_extra_volumes + lookup('vars', 'run_default_volumes_' + kolla_container_engine) }}"
dimensions: "{{ nova_libvirt_dimensions }}"
healthcheck: "{{ nova_libvirt_healthcheck }}"
@@ -47,7 +47,7 @@ nova_cell_services:
nova-conductor:
container_name: "nova_conductor"
group: "{{ nova_cell_conductor_group }}"
- enabled: True
+ enabled: true
image: "{{ nova_conductor_image_full }}"
volumes: "{{ nova_conductor_default_volumes + nova_conductor_extra_volumes }}"
dimensions: "{{ nova_conductor_dimensions }}"
@@ -58,7 +58,7 @@ nova_cell_services:
image: "{{ nova_compute_image_full }}"
environment:
LIBGUESTFS_BACKEND: "direct"
- privileged: True
+ privileged: true
enabled: "{{ not enable_nova_fake | bool }}"
ipc_mode: "host"
volumes: "{{ nova_compute_default_volumes + nova_compute_extra_volumes + lookup('vars', 'run_default_volumes_' + kolla_container_engine) }}"
@@ -307,7 +307,7 @@ nova_libvirt_default_dimensions:
soft: 67108864 # 64 MiB
hard: 67108864 # 64 MiB
-nova_libvirt_dimensions: "{{ default_container_dimensions | combine(nova_libvirt_default_dimensions, recursive=True) }}"
+nova_libvirt_dimensions: "{{ default_container_dimensions | combine(nova_libvirt_default_dimensions, recursive=true) }}"
nova_ssh_dimensions: "{{ default_container_dimensions }}"
nova_novncproxy_dimensions: "{{ default_container_dimensions }}"
nova_spicehtml5proxy_dimensions: "{{ default_container_dimensions }}"
@@ -583,7 +583,7 @@ qemu_max_files: 32768
qemu_max_processes: 131072
# Use TLS for libvirt connections and live migration
libvirt_tls: false
-# Should kolla-ansible manage/copy the certs. False, assumes the deployer is
+# Should kolla-ansible manage/copy the certs. False, assumes the deployer is
# responsible for making the TLS certs show up in the config directories
# also means the deployer is responsible for restarting the nova_compute and
# nova_libvirt containers when the key changes, as we can't know when to do that
diff --git a/ansible/roles/nova-cell/handlers/main.yml b/ansible/roles/nova-cell/handlers/main.yml
index 17658ef2ed..2dcca1546f 100644
--- a/ansible/roles/nova-cell/handlers/main.yml
+++ b/ansible/roles/nova-cell/handlers/main.yml
@@ -107,7 +107,7 @@
until: restart_nova_libvirt is success
notify: "{{ nova_libvirt_notify }}"
- # need to wait kolla_set_configs script to overwrite sasl config file
+# need to wait kolla_set_configs script to overwrite sasl config file
- name: Checking libvirt container is ready
become: true
shell:
@@ -181,7 +181,7 @@
common_options: "{{ docker_common_options }}"
name: "nova_compute_fake_{{ item }}"
image: "{{ nova_compute_image_full }}"
- privileged: True
+ privileged: true
volumes:
- "{{ node_config_directory }}/nova-compute-fake-{{ item }}/:{{ container_config_directory }}/:ro"
- "/etc/localtime:/etc/localtime:ro"
diff --git a/ansible/roles/nova-cell/tasks/bootstrap_service.yml b/ansible/roles/nova-cell/tasks/bootstrap_service.yml
index e4a4d2b2c7..a886211de9 100644
--- a/ansible/roles/nova-cell/tasks/bootstrap_service.yml
+++ b/ansible/roles/nova-cell/tasks/bootstrap_service.yml
@@ -6,7 +6,7 @@
kolla_container:
action: "start_container"
common_options: "{{ docker_common_options }}"
- detach: False
+ detach: false
environment:
KOLLA_UPGRADE:
KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}"
diff --git a/ansible/roles/nova-cell/tasks/config-nova-fake.yml b/ansible/roles/nova-cell/tasks/config-nova-fake.yml
index 8959dfa149..45702ff01b 100644
--- a/ansible/roles/nova-cell/tasks/config-nova-fake.yml
+++ b/ansible/roles/nova-cell/tasks/config-nova-fake.yml
@@ -38,7 +38,7 @@
become: true
file:
path: "{{ node_config_directory }}/nova-compute-fake-{{ item }}"
- recurse: yes
+ recurse: true
owner: "{{ config_owner_user }}"
group: "{{ config_owner_group }}"
with_sequence: start=1 end={{ num_nova_fake_per_node }}
@@ -52,7 +52,7 @@
common_options: "{{ docker_common_options }}"
name: "nova_compute_fake_{{ item }}"
image: "{{ nova_compute_image_full }}"
- privileged: True
+ privileged: true
volumes:
- "{{ node_config_directory }}/nova-compute-fake-{{ item }}/:{{ container_config_directory }}/:ro"
- "/etc/localtime:/etc/localtime:ro"
diff --git a/ansible/roles/nova-cell/tasks/config.yml b/ansible/roles/nova-cell/tasks/config.yml
index 7783d5ee09..c2da1e528f 100644
--- a/ansible/roles/nova-cell/tasks/config.yml
+++ b/ansible/roles/nova-cell/tasks/config.yml
@@ -22,7 +22,7 @@
stat:
path: "{{ item }}"
delegate_to: localhost
- run_once: True
+ run_once: true
register: nova_policy
with_first_found:
- files: "{{ supported_policy_format_list }}"
@@ -41,7 +41,7 @@
stat:
path: "{{ node_custom_config }}/nova/vendordata.json"
delegate_to: localhost
- run_once: True
+ run_once: true
register: vendordata_file
- name: Set vendordata file path
@@ -184,7 +184,7 @@
src: "{{ vendordata_file_path }}"
dest: "{{ node_config_directory }}/{{ item }}/vendordata.json"
mode: "0660"
- become: True
+ become: true
when:
- vendordata_file_path is defined
- service | service_enabled_and_mapped_to_host
diff --git a/ansible/roles/nova-cell/tasks/config_bootstrap.yml b/ansible/roles/nova-cell/tasks/config_bootstrap.yml
index 59ce1eb9f8..442320ecf3 100644
--- a/ansible/roles/nova-cell/tasks/config_bootstrap.yml
+++ b/ansible/roles/nova-cell/tasks/config_bootstrap.yml
@@ -41,7 +41,7 @@
project_services:
nova-cell-bootstrap:
group: "{{ nova_cell_conductor_group }}"
- enabled: True
+ enabled: true
when:
- nova_cell_copy_certs | bool
- inventory_hostname == groups[nova_cell_conductor_group][0]
diff --git a/ansible/roles/nova-cell/tasks/create_cells.yml b/ansible/roles/nova-cell/tasks/create_cells.yml
index 66c7f18759..0d6f0fafec 100644
--- a/ansible/roles/nova-cell/tasks/create_cells.yml
+++ b/ansible/roles/nova-cell/tasks/create_cells.yml
@@ -11,7 +11,7 @@
action: "start_container"
command: bash -c 'sudo -E kolla_set_configs && sudo kolla_copy_cacerts && nova-manage cell_v2 create_cell{% if nova_cell_name %} --name {{ nova_cell_name }}{% endif %}'
common_options: "{{ docker_common_options }}"
- detach: False
+ detach: false
image: "{{ nova_conductor.image }}"
labels:
BOOTSTRAP:
@@ -37,7 +37,7 @@
action: "start_container"
command: "bash -c 'sudo -E kolla_set_configs && sudo kolla_copy_cacerts && nova-manage cell_v2 update_cell --cell_uuid {{ nova_cell_settings.cell_uuid }}'"
common_options: "{{ docker_common_options }}"
- detach: False
+ detach: false
image: "{{ nova_conductor.image }}"
labels:
BOOTSTRAP:
diff --git a/ansible/roles/nova-cell/tasks/discover_computes.yml b/ansible/roles/nova-cell/tasks/discover_computes.yml
index b49285b7e6..99a2b0627f 100644
--- a/ansible/roles/nova-cell/tasks/discover_computes.yml
+++ b/ansible/roles/nova-cell/tasks/discover_computes.yml
@@ -19,4 +19,4 @@
become: true
command: >
{{ kolla_container_engine }} exec -t nova_conductor nova-manage cell_v2 discover_hosts --by-service --cell_uuid {{ nova_cell_settings.cell_uuid }}
- changed_when: False
+ changed_when: false
diff --git a/ansible/roles/nova-cell/tasks/external_ceph.yml b/ansible/roles/nova-cell/tasks/external_ceph.yml
index 9f4fe9cbc6..dc20c6ad1e 100644
--- a/ansible/roles/nova-cell/tasks/external_ceph.yml
+++ b/ansible/roles/nova-cell/tasks/external_ceph.yml
@@ -202,4 +202,4 @@
result: "{{ cinder_cephx_raw_key | default }}"
enabled: "{{ cinder_backend_ceph }}"
notify: "{{ libvirt_restart_handlers }}"
- no_log: True
+ no_log: true
diff --git a/ansible/roles/nova-cell/tasks/get_cell_settings.yml b/ansible/roles/nova-cell/tasks/get_cell_settings.yml
index 301f3e4034..30706663e5 100644
--- a/ansible/roles/nova-cell/tasks/get_cell_settings.yml
+++ b/ansible/roles/nova-cell/tasks/get_cell_settings.yml
@@ -7,7 +7,7 @@
action: "start_container"
command: bash -c 'sudo -E kolla_set_configs && sudo -E kolla_copy_cacerts && nova-manage cell_v2 list_cells --verbose'
common_options: "{{ docker_common_options }}"
- detach: False
+ detach: false
image: "{{ nova_conductor.image }}"
labels:
BOOTSTRAP:
diff --git a/ansible/roles/nova-cell/tasks/online_data_migrations.yml b/ansible/roles/nova-cell/tasks/online_data_migrations.yml
index 9240c14e0d..c9e0a0cccd 100644
--- a/ansible/roles/nova-cell/tasks/online_data_migrations.yml
+++ b/ansible/roles/nova-cell/tasks/online_data_migrations.yml
@@ -6,7 +6,7 @@
kolla_container:
action: "start_container"
common_options: "{{ docker_common_options }}"
- detach: False
+ detach: false
environment:
KOLLA_OSM:
KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}"
diff --git a/ansible/roles/nova/defaults/main.yml b/ansible/roles/nova/defaults/main.yml
index dec9d06146..9845b41b08 100644
--- a/ansible/roles/nova/defaults/main.yml
+++ b/ansible/roles/nova/defaults/main.yml
@@ -4,8 +4,8 @@ nova_services:
container_name: "nova_api"
group: "nova-api"
image: "{{ nova_api_image_full }}"
- enabled: True
- privileged: True
+ enabled: true
+ privileged: true
volumes: "{{ nova_api_default_volumes + nova_api_extra_volumes }}"
dimensions: "{{ nova_api_dimensions }}"
healthcheck: "{{ nova_api_healthcheck }}"
@@ -34,7 +34,7 @@ nova_services:
container_name: "nova_metadata"
group: "nova-metadata"
image: "{{ nova_api_image_full }}"
- enabled: True
+ enabled: true
volumes: "{{ nova_metadata_default_volumes + nova_metadata_extra_volumes }}"
dimensions: "{{ nova_metadata_dimensions }}"
healthcheck: "{{ nova_metadata_healthcheck }}"
@@ -63,7 +63,7 @@ nova_services:
container_name: "nova_scheduler"
group: "nova-scheduler"
image: "{{ nova_scheduler_image_full }}"
- enabled: True
+ enabled: true
volumes: "{{ nova_scheduler_default_volumes + nova_scheduler_extra_volumes }}"
dimensions: "{{ nova_scheduler_dimensions }}"
healthcheck: "{{ nova_scheduler_healthcheck }}"
diff --git a/ansible/roles/nova/tasks/bootstrap.yml b/ansible/roles/nova/tasks/bootstrap.yml
index cde4c04f2e..53b65cb4ab 100644
--- a/ansible/roles/nova/tasks/bootstrap.yml
+++ b/ansible/roles/nova/tasks/bootstrap.yml
@@ -11,7 +11,7 @@
login_user: "{{ nova_database_shard_root_user }}"
login_password: "{{ database_password }}"
name: "{{ item }}"
- run_once: True
+ run_once: true
with_items:
- "{{ nova_cell0_database_name }}"
- "{{ nova_api_database_name }}"
@@ -43,7 +43,7 @@
database_password: "{{ nova_api_database_password }}"
loop_control:
label: "{{ item.database_name }}"
- run_once: True
+ run_once: true
when:
- not use_preconfigured_databases | bool
no_log: true
diff --git a/ansible/roles/nova/tasks/bootstrap_service.yml b/ansible/roles/nova/tasks/bootstrap_service.yml
index 0719ee96ef..9ca46365ed 100644
--- a/ansible/roles/nova/tasks/bootstrap_service.yml
+++ b/ansible/roles/nova/tasks/bootstrap_service.yml
@@ -6,7 +6,7 @@
kolla_container:
action: "start_container"
common_options: "{{ docker_common_options }}"
- detach: False
+ detach: false
environment:
KOLLA_UPGRADE:
KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}"
diff --git a/ansible/roles/nova/tasks/config.yml b/ansible/roles/nova/tasks/config.yml
index 6666d1a3e3..8df855380c 100644
--- a/ansible/roles/nova/tasks/config.yml
+++ b/ansible/roles/nova/tasks/config.yml
@@ -13,7 +13,7 @@
stat:
path: "{{ item }}"
delegate_to: localhost
- run_once: True
+ run_once: true
register: nova_policy
with_first_found:
- files: "{{ supported_policy_format_list }}"
@@ -32,7 +32,7 @@
stat:
path: "{{ node_custom_config }}/nova/vendordata.json"
delegate_to: localhost
- run_once: True
+ run_once: true
register: vendordata_file
- name: Set vendordata file path
@@ -110,7 +110,7 @@
src: "{{ vendordata_file_path }}"
dest: "{{ node_config_directory }}/{{ item }}/vendordata.json"
mode: "0660"
- become: True
+ become: true
when:
- vendordata_file_path is defined
- service | service_enabled_and_mapped_to_host
diff --git a/ansible/roles/nova/tasks/config_bootstrap.yml b/ansible/roles/nova/tasks/config_bootstrap.yml
index aa62d437a6..f6ecd4e75e 100644
--- a/ansible/roles/nova/tasks/config_bootstrap.yml
+++ b/ansible/roles/nova/tasks/config_bootstrap.yml
@@ -18,7 +18,7 @@
project_services:
nova-api-bootstrap:
group: "nova-api"
- enabled: True
+ enabled: true
run_once: true
when:
- nova_copy_certs | bool
diff --git a/ansible/roles/nova/tasks/map_cell0.yml b/ansible/roles/nova/tasks/map_cell0.yml
index 69a1204fd8..e9acab03dc 100644
--- a/ansible/roles/nova/tasks/map_cell0.yml
+++ b/ansible/roles/nova/tasks/map_cell0.yml
@@ -1,5 +1,5 @@
---
-- run_once: True
+- run_once: true
delegate_to: "{{ groups[nova_api.group][0] }}"
block:
- name: Create cell0 mappings
@@ -11,7 +11,7 @@
action: "start_container"
command: bash -c 'sudo -E kolla_set_configs && sudo -E kolla_copy_cacerts && nova-manage cell_v2 map_cell0 --database_connection {{ nova_cell0_connection }}'
common_options: "{{ docker_common_options }}"
- detach: False
+ detach: false
image: "{{ nova_api.image }}"
labels:
BOOTSTRAP:
@@ -48,7 +48,7 @@
--database_connection {{ nova_cell0_connection }}
--transport-url {{ nova_cell0_transport_url }}'
common_options: "{{ docker_common_options }}"
- detach: False
+ detach: false
image: "{{ nova_api.image }}"
labels:
BOOTSTRAP:
diff --git a/ansible/roles/nova/tasks/online_data_migrations.yml b/ansible/roles/nova/tasks/online_data_migrations.yml
index cd9f69bafe..6a6b465a90 100644
--- a/ansible/roles/nova/tasks/online_data_migrations.yml
+++ b/ansible/roles/nova/tasks/online_data_migrations.yml
@@ -6,7 +6,7 @@
kolla_container:
action: "start_container"
common_options: "{{ docker_common_options }}"
- detach: False
+ detach: false
environment:
KOLLA_OSM:
KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}"
diff --git a/ansible/roles/nova/tasks/upgrade.yml b/ansible/roles/nova/tasks/upgrade.yml
index 538b548b72..005959c271 100644
--- a/ansible/roles/nova/tasks/upgrade.yml
+++ b/ansible/roles/nova/tasks/upgrade.yml
@@ -9,7 +9,7 @@
kolla_container:
action: "start_container"
common_options: "{{ docker_common_options }}"
- detach: False
+ detach: false
environment:
KOLLA_UPGRADE_CHECK:
KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}"
@@ -19,7 +19,7 @@
name: "nova_upgrade_checks"
restart_policy: oneshot
volumes: "{{ nova_api_default_volumes + nova_api_extra_volumes }}"
- run_once: True
+ run_once: true
register: nova_upgrade_check_stdout
delegate_to: "{{ groups['nova-api'][0] }}"
failed_when: false
diff --git a/ansible/roles/octavia-certificates/tasks/check_expiry.yml b/ansible/roles/octavia-certificates/tasks/check_expiry.yml
index 66ed8e4b0c..0f2ee4041d 100644
--- a/ansible/roles/octavia-certificates/tasks/check_expiry.yml
+++ b/ansible/roles/octavia-certificates/tasks/check_expiry.yml
@@ -17,7 +17,7 @@
- item.valid_at.point_1
fail_msg: "{{ item.item }} will expire within {{ octavia_certs_expiry_limit }} days, on {{ item.not_after }}"
success_msg: "{{ item.item }} will not expire within {{ octavia_certs_expiry_limit }} days. It expires on {{ item.not_after }}"
- quiet: True
+ quiet: true
loop: "{{ cert_info.results }}"
loop_control:
label: "{{ item.item }}"
diff --git a/ansible/roles/octavia-certificates/tasks/client_ca.yml b/ansible/roles/octavia-certificates/tasks/client_ca.yml
index 08c0214746..87917c48e4 100644
--- a/ansible/roles/octavia-certificates/tasks/client_ca.yml
+++ b/ansible/roles/octavia-certificates/tasks/client_ca.yml
@@ -1,17 +1,16 @@
---
-
- name: Create client_ca index.txt
copy:
content: ''
dest: "{{ octavia_certs_work_dir }}/client_ca/index.txt"
- force: no
+ force: false
mode: "0660"
- name: Create client_ca serial
copy:
content: "1000\n"
dest: "{{ octavia_certs_work_dir }}/client_ca/serial"
- force: no
+ force: false
mode: "0660"
- name: Create client_ca private key
diff --git a/ansible/roles/octavia-certificates/tasks/client_cert.yml b/ansible/roles/octavia-certificates/tasks/client_cert.yml
index 384c7d81b0..5040a1809a 100644
--- a/ansible/roles/octavia-certificates/tasks/client_cert.yml
+++ b/ansible/roles/octavia-certificates/tasks/client_cert.yml
@@ -1,5 +1,4 @@
---
-
# NOTE(yoctozepto): This should ideally be per controller, i.e. controller
# generates its key&CSR and this CA signs it.
diff --git a/ansible/roles/octavia-certificates/tasks/server_ca.yml b/ansible/roles/octavia-certificates/tasks/server_ca.yml
index 15c30f8934..6e46c51a60 100644
--- a/ansible/roles/octavia-certificates/tasks/server_ca.yml
+++ b/ansible/roles/octavia-certificates/tasks/server_ca.yml
@@ -1,5 +1,4 @@
---
-
- name: Generate server_ca private key
command: >
openssl genrsa -aes256 -out server_ca.key.pem
diff --git a/ansible/roles/octavia/defaults/main.yml b/ansible/roles/octavia/defaults/main.yml
index e683e67669..4930a07688 100644
--- a/ansible/roles/octavia/defaults/main.yml
+++ b/ansible/roles/octavia/defaults/main.yml
@@ -326,7 +326,7 @@ octavia_user_auth:
# - vcpus
octavia_amp_flavor:
name: "amphora"
- is_public: no
+ is_public: false
vcpus: 1
ram: 1024
disk: 5
@@ -380,8 +380,8 @@ octavia_amp_network:
subnet:
name: lb-mgmt-subnet
cidr: "{{ octavia_amp_network_cidr }}"
- no_gateway_ip: yes
- enable_dhcp: yes
+ no_gateway_ip: true
+ enable_dhcp: true
# Octavia management network subnet CIDR.
octavia_amp_network_cidr: 10.1.0.0/24
diff --git a/ansible/roles/octavia/tasks/bootstrap.yml b/ansible/roles/octavia/tasks/bootstrap.yml
index ee2b4f1398..e51746de5a 100644
--- a/ansible/roles/octavia/tasks/bootstrap.yml
+++ b/ansible/roles/octavia/tasks/bootstrap.yml
@@ -11,7 +11,7 @@
login_user: "{{ octavia_database_shard_root_user }}"
login_password: "{{ database_password }}"
name: "{{ octavia_database_name }}"
- run_once: True
+ run_once: true
delegate_to: "{{ groups['octavia-api'][0] }}"
when:
- not use_preconfigured_databases | bool
@@ -28,7 +28,7 @@
login_user: "{{ octavia_persistence_database_shard_root_user }}"
login_password: "{{ database_password }}"
name: "{{ octavia_persistence_database_name }}"
- run_once: True
+ run_once: true
delegate_to: "{{ groups['octavia-api'][0] }}"
when:
- not use_preconfigured_databases | bool
@@ -49,7 +49,7 @@
host: "%"
priv: "{{ octavia_database_name }}.*:ALL"
append_privs: "yes"
- run_once: True
+ run_once: true
delegate_to: "{{ groups['octavia-api'][0] }}"
when:
- not use_preconfigured_databases | bool
@@ -70,7 +70,7 @@
host: "%"
priv: "{{ octavia_persistence_database_name }}.*:ALL"
append_privs: "yes"
- run_once: True
+ run_once: true
delegate_to: "{{ groups['octavia-api'][0] }}"
when:
- not use_preconfigured_databases | bool
diff --git a/ansible/roles/octavia/tasks/bootstrap_service.yml b/ansible/roles/octavia/tasks/bootstrap_service.yml
index c1c7b95010..c8e7113bd4 100644
--- a/ansible/roles/octavia/tasks/bootstrap_service.yml
+++ b/ansible/roles/octavia/tasks/bootstrap_service.yml
@@ -6,7 +6,7 @@
kolla_container:
action: "start_container"
common_options: "{{ docker_common_options }}"
- detach: False
+ detach: false
environment:
KOLLA_BOOTSTRAP:
KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}"
@@ -16,5 +16,5 @@
name: "bootstrap_octavia"
restart_policy: oneshot
volumes: "{{ octavia_api.volumes | reject('equalto', '') | list }}"
- run_once: True
+ run_once: true
delegate_to: "{{ groups[octavia_api.group][0] }}"
diff --git a/ansible/roles/octavia/tasks/config.yml b/ansible/roles/octavia/tasks/config.yml
index c5c581240f..774203e59a 100644
--- a/ansible/roles/octavia/tasks/config.yml
+++ b/ansible/roles/octavia/tasks/config.yml
@@ -16,7 +16,7 @@
stat:
path: "{{ item }}"
delegate_to: localhost
- run_once: True
+ run_once: true
register: octavia_policy
with_first_found:
- files: "{{ supported_policy_format_list }}"
@@ -117,7 +117,7 @@
owner: "{{ config_owner_user }}"
group: "{{ config_owner_group }}"
mode: "0400"
- become: True
+ become: true
when:
- inventory_hostname in groups[octavia_services['octavia-worker']['group']]
- octavia_auto_configure | bool
diff --git a/ansible/roles/octavia/tasks/get_resources_info.yml b/ansible/roles/octavia/tasks/get_resources_info.yml
index ce6841d544..71576360c7 100644
--- a/ansible/roles/octavia/tasks/get_resources_info.yml
+++ b/ansible/roles/octavia/tasks/get_resources_info.yml
@@ -10,13 +10,13 @@
endpoint_type: "{{ openstack_interface }}"
region_name: "{{ openstack_region_name }}"
name: "{{ octavia_amp_flavor.name }}"
- run_once: True
+ run_once: true
check_mode: false
delegate_to: "{{ groups['octavia-api'][0] }}"
register: flavor_results
- name: Get {{ octavia_service_auth_project }} project id
- become: True
+ become: true
kolla_toolbox:
container_engine: "{{ kolla_container_engine }}"
module_name: openstack.cloud.project_info
@@ -26,7 +26,7 @@
endpoint_type: "{{ openstack_interface }}"
region_name: "{{ openstack_region_name }}"
name: "{{ octavia_service_auth_project }}"
- run_once: True
+ run_once: true
delegate_to: "{{ groups['octavia-api'][0] }}"
check_mode: false
register: project_info
@@ -48,7 +48,7 @@
loop: "{{ octavia_amp_security_groups.values() | list }}"
loop_control:
label: "{{ item.name }}"
- run_once: True
+ run_once: true
delegate_to: "{{ groups['octavia-api'][0] }}"
check_mode: false
register: sec_grp_info
@@ -65,7 +65,7 @@
region_name: "{{ openstack_region_name }}"
name: "{{ octavia_amp_network['name'] }}"
register: network_results
- run_once: True
+ run_once: true
delegate_to: "{{ groups['octavia-api'][0] }}"
check_mode: false
diff --git a/ansible/roles/octavia/tasks/hm-interface.yml b/ansible/roles/octavia/tasks/hm-interface.yml
index 2a547ffd07..279261957b 100644
--- a/ansible/roles/octavia/tasks/hm-interface.yml
+++ b/ansible/roles/octavia/tasks/hm-interface.yml
@@ -12,7 +12,7 @@
state: present
network: "{{ octavia_amp_network['name'] }}"
security_groups: "{{ octavia_amp_security_groups['health-mgr-sec-grp']['name'] }}"
- device_owner: 'Octavia:health-mgr'
+ device_owner: "Octavia:health-mgr"
name: "octavia-listen-port-{{ ansible_facts.nodename }}"
register: port_info
@@ -20,7 +20,7 @@
# value to {{ ansible_facts.nodename }}, once os_port support this parameter, remove the task below
# https://docs.ansible.com/ansible/latest/modules/os_port_module.html#parameters
- name: Update Octavia health manager port host_id
- become: True
+ become: true
vars:
port_id: "{{ port_info.port.id }}"
command: >
@@ -42,7 +42,7 @@
vars:
port_mac: "{{ port_info.port.mac_address }}"
port_id: "{{ port_info.port.id }}"
- become: True
+ become: true
command: >
{{ kolla_container_engine }} exec openvswitch_vswitchd ovs-vsctl --may-exist \
add-port br-int {{ octavia_network_interface }} \
@@ -62,25 +62,25 @@
mode: "0664"
- name: Create octavia-interface service
- become: True
+ become: true
template:
src: octavia-interface.service.j2
dest: /etc/systemd/system/octavia-interface.service
register: octavia_interface
- name: Restart octavia-interface.service if required
- become: True
+ become: true
systemd:
name: octavia-interface
- daemon_reload: yes
+ daemon_reload: true
state: restarted
when: octavia_interface.changed
- name: Enable and start octavia-interface.service
- become: True
+ become: true
service:
name: octavia-interface
- enabled: yes
+ enabled: true
state: started
- name: Wait for interface {{ octavia_network_interface }} ip appear
diff --git a/ansible/roles/octavia/tasks/precheck.yml b/ansible/roles/octavia/tasks/precheck.yml
index 23cf4d431b..6dbe9aef51 100644
--- a/ansible/roles/octavia/tasks/precheck.yml
+++ b/ansible/roles/octavia/tasks/precheck.yml
@@ -42,7 +42,7 @@
stat:
path: "{{ node_custom_config }}/octavia/{{ item }}"
delegate_to: localhost
- run_once: True
+ run_once: true
register: result
failed_when: not result.stat.exists
when:
@@ -59,7 +59,7 @@
msg: >
Neutron plugin agent {{ neutron_plugin_agent }} is not supported when
octavia_network_type is tenant, only openvswitch is supported currently
- run_once: True
+ run_once: true
when:
- octavia_auto_configure | bool
- octavia_network_type == "tenant"
@@ -69,6 +69,6 @@
assert:
that: enable_valkey | bool
fail_msg: "Valkey must be enabled when using Octavia Jobboard"
- run_once: True
+ run_once: true
when:
- enable_octavia_jobboard | bool
diff --git a/ansible/roles/octavia/tasks/prepare.yml b/ansible/roles/octavia/tasks/prepare.yml
index b75bcd548b..817008e25c 100644
--- a/ansible/roles/octavia/tasks/prepare.yml
+++ b/ansible/roles/octavia/tasks/prepare.yml
@@ -19,12 +19,12 @@
ephemeral: "{{ octavia_amp_flavor.ephemeral | default(omit, true) }}"
swap: "{{ octavia_amp_flavor.swap | default(omit, true) }}"
extra_specs: "{{ octavia_amp_flavor.extra_specs | default(omit, true) }}"
- run_once: True
+ run_once: true
delegate_to: "{{ groups['octavia-api'][0] }}"
register: amphora_flavor_info
- name: Create nova keypair for amphora
- become: True
+ become: true
kolla_toolbox:
container_engine: "{{ kolla_container_engine }}"
module_name: openstack.cloud.keypair
@@ -36,11 +36,11 @@
state: present
name: "{{ octavia_amp_ssh_key_name }}"
public_key: "{{ octavia_amp_ssh_key.public_key }}"
- run_once: True
+ run_once: true
delegate_to: "{{ groups['octavia-api'][0] }}"
- name: Get {{ octavia_service_auth_project }} project id
- become: True
+ become: true
kolla_toolbox:
container_engine: "{{ kolla_container_engine }}"
module_name: openstack.cloud.project_info
@@ -50,7 +50,7 @@
endpoint_type: "{{ openstack_interface }}"
region_name: "{{ openstack_region_name }}"
name: "{{ octavia_service_auth_project }}"
- run_once: True
+ run_once: true
delegate_to: "{{ groups['octavia-api'][0] }}"
register: project_info
@@ -70,7 +70,7 @@
loop_control:
label: "{{ item.name }}"
when: item.enabled | bool
- run_once: True
+ run_once: true
delegate_to: "{{ groups['octavia-api'][0] }}"
register: sec_grp_info
@@ -93,7 +93,7 @@
- "{{ octavia_amp_security_groups }}"
- rules
when: item.0.enabled | bool
- run_once: True
+ run_once: true
delegate_to: "{{ groups['octavia-api'][0] }}"
- name: Create loadbalancer management network
@@ -115,7 +115,7 @@
external: "{{ octavia_amp_network['external'] | default(omit) }}"
shared: "{{ octavia_amp_network['shared'] | default(omit) }}"
register: network_info
- run_once: True
+ run_once: true
delegate_to: "{{ groups['octavia-api'][0] }}"
- name: Create loadbalancer management subnet
@@ -140,7 +140,7 @@
ip_version: "{{ octavia_amp_network['subnet']['ip_version'] | default(omit) }}"
ipv6_address_mode: "{{ octavia_amp_network['subnet']['ipv6_address_mode'] | default(omit) }}"
ipv6_ra_mode: "{{ octavia_amp_network['subnet']['ipv6_ra_mode'] | default(omit) }}"
- run_once: True
+ run_once: true
delegate_to: "{{ groups['octavia-api'][0] }}"
- name: Create loadbalancer management router for IPv6
@@ -156,6 +156,6 @@
state: present
name: "{{ octavia_amp_router['name'] }}"
interfaces: "{{ octavia_amp_router['subnet'] }}"
- run_once: True
+ run_once: true
when: octavia_network_address_family == "ipv6"
delegate_to: "{{ groups['octavia-api'][0] }}"
diff --git a/ansible/roles/octavia/tasks/register.yml b/ansible/roles/octavia/tasks/register.yml
index 7bf995e765..c01154c24a 100644
--- a/ansible/roles/octavia/tasks/register.yml
+++ b/ansible/roles/octavia/tasks/register.yml
@@ -17,5 +17,5 @@
endpoint_type: "{{ openstack_interface }}"
cacert: "{{ openstack_cacert }}"
region_name: "{{ openstack_region_name }}"
- run_once: True
+ run_once: true
with_items: "{{ octavia_required_roles }}"
diff --git a/ansible/roles/opensearch/defaults/main.yml b/ansible/roles/opensearch/defaults/main.yml
index f8b45f5b83..f2c13bf686 100644
--- a/ansible/roles/opensearch/defaults/main.yml
+++ b/ansible/roles/opensearch/defaults/main.yml
@@ -58,7 +58,7 @@ opensearch_services:
####################
# Register Opensearch internal endpoint in the Keystone service catalogue
-opensearch_enable_keystone_registration: False
+opensearch_enable_keystone_registration: false
opensearch_cluster_name: "kolla_logging"
opensearch_heap_size: "1g"
diff --git a/ansible/roles/opensearch/handlers/main.yml b/ansible/roles/opensearch/handlers/main.yml
index 9791d1b82e..0a279a9b0f 100644
--- a/ansible/roles/opensearch/handlers/main.yml
+++ b/ansible/roles/opensearch/handlers/main.yml
@@ -10,8 +10,8 @@
url: "{{ opensearch_internal_endpoint }}/_cluster/settings"
method: PUT
status_code: 200
- return_content: yes
- body: "{{ opensearch_shard_body | to_json }}" # noqa jinja[invalid]
+ return_content: true
+ body: "{{ opensearch_shard_body | to_json }}" # noqa jinja[invalid]
body_format: json
ca_path: "{{ openstack_cacert }}"
delegate_to: "{{ groups['opensearch'][0] }}"
@@ -29,7 +29,7 @@
url: "{{ opensearch_internal_endpoint }}/_flush"
method: POST
status_code: 200
- return_content: yes
+ return_content: true
body_format: json
ca_path: "{{ openstack_cacert }}"
delegate_to: "{{ groups['opensearch'][0] }}"
diff --git a/ansible/roles/opensearch/tasks/post-config.yml b/ansible/roles/opensearch/tasks/post-config.yml
index 4a79104339..27e0271eb1 100644
--- a/ansible/roles/opensearch/tasks/post-config.yml
+++ b/ansible/roles/opensearch/tasks/post-config.yml
@@ -24,7 +24,7 @@
url: "{{ opensearch_internal_endpoint }}/_plugins/_ism/policies/retention"
method: GET
status_code: 200, 404
- return_content: yes
+ return_content: true
ca_path: "{{ openstack_cacert }}"
register: opensearch_retention_policy_check
delegate_to: "{{ groups['opensearch'][0] }}"
@@ -39,7 +39,7 @@
url: "{{ opensearch_internal_endpoint }}/_plugins/_ism/policies/retention"
method: PUT
status_code: 201
- return_content: yes
+ return_content: true
body: "{{ opensearch_retention_policy | from_yaml | to_json }}"
body_format: json
ca_path: "{{ openstack_cacert }}"
@@ -62,7 +62,7 @@
url: "{{ opensearch_internal_endpoint }}/_plugins/_ism/add/{{ opensearch_log_index_prefix }}-*"
method: POST
status_code: 200
- return_content: yes
+ return_content: true
body: "{{ opensearch_set_policy_body | to_json }}"
body_format: json
ca_path: "{{ openstack_cacert }}"
diff --git a/ansible/roles/openvswitch/defaults/main.yml b/ansible/roles/openvswitch/defaults/main.yml
index 4857ab4c3b..284ba0e70e 100644
--- a/ansible/roles/openvswitch/defaults/main.yml
+++ b/ansible/roles/openvswitch/defaults/main.yml
@@ -29,7 +29,7 @@ openvswitch_services:
or inventory_hostname in groups['neutron-l3-agent']
or inventory_hostname in groups['neutron-metadata-agent']
}}
- privileged: True
+ privileged: true
volumes: "{{ openvswitch_vswitchd_default_volumes + openvswitch_vswitchd_extra_volumes }}"
dimensions: "{{ openvswitch_vswitchd_dimensions }}"
healthcheck: "{{ openvswitch_vswitchd_healthcheck }}"
diff --git a/ansible/roles/openvswitch/handlers/main.yml b/ansible/roles/openvswitch/handlers/main.yml
index 7cad1a7d4b..653aed93d0 100644
--- a/ansible/roles/openvswitch/handlers/main.yml
+++ b/ansible/roles/openvswitch/handlers/main.yml
@@ -20,7 +20,7 @@
command: "{{ kolla_container_engine }} exec openvswitch_db ovs-vsctl --no-wait show"
register: check_result
until: check_result is success
- changed_when: False
+ changed_when: false
retries: 30
delay: 2
diff --git a/ansible/roles/openvswitch/tasks/config-host.yml b/ansible/roles/openvswitch/tasks/config-host.yml
index dfd4f8cff4..250a7b66a0 100644
--- a/ansible/roles/openvswitch/tasks/config-host.yml
+++ b/ansible/roles/openvswitch/tasks/config-host.yml
@@ -10,7 +10,7 @@
# as a error, so it has to be created beforehand.
# See: https://github.com/containers/podman/issues/14781
- name: Create /run/openvswitch directory on host
- become: True
+ become: true
file:
path: /run/openvswitch
state: directory
diff --git a/ansible/roles/ovn-controller/tasks/setup-ovs.yml b/ansible/roles/ovn-controller/tasks/setup-ovs.yml
index 49325aa0c3..5c037b4c72 100644
--- a/ansible/roles/ovn-controller/tasks/setup-ovs.yml
+++ b/ansible/roles/ovn-controller/tasks/setup-ovs.yml
@@ -15,13 +15,15 @@
# Format: physnet1:br1,physnet2:br2
ovn_mappings: "{{ neutron_physical_networks.split(',') | zip(neutron_bridge_name.split(',')) | map('join', ':') | join(',') }}"
# Format: physnet1:00:11:22:33:44:55,physnet2:00:11:22:33:44:56
- ovn_macs: "{% for physnet, bridge in neutron_physical_networks.split(',') | zip(neutron_bridge_name.split(',')) %}{{ physnet }}:{{ ovn_base_mac | random_mac(seed=inventory_hostname + bridge) }}{% if not loop.last %},{% endif %}{% endfor %}"
+ ovn_macs: "{% for physnet, bridge in neutron_physical_networks.split(',') | zip(neutron_bridge_name.split(',')) %}{{ physnet }}:{{ ovn_base_mac | random_mac(seed=inventory_hostname
+ + bridge) }}{% if not loop.last %},{% endif %}{% endfor %}"
ovn_cms_opts: >-
{{
(
[]
+ ( ['enable-chassis-as-gw'] if inventory_hostname in groups['ovn-controller-network'] else [] )
- + ( ['availability-zones=' + neutron_ovn_availability_zones | join(':')] if inventory_hostname in groups['ovn-controller-network'] and neutron_ovn_availability_zones else [] )
+ + ( ['availability-zones=' + neutron_ovn_availability_zones | join(':')] if inventory_hostname in groups['ovn-controller-network'] and neutron_ovn_availability_zones
+ else [] )
) | join(',')
}}
become: true
@@ -43,7 +45,11 @@
- { name: ovn-remote-probe-interval, value: "{{ ovn_remote_probe_interval }}" }
- { name: ovn-openflow-probe-interval, value: "{{ ovn_openflow_probe_interval }}" }
- { name: ovn-monitor-all, value: "{{ ovn_monitor_all | bool }}" }
- - { name: ovn-bridge-mappings, value: "{{ ovn_mappings }}", state: "{{ 'present' if (inventory_hostname in groups['ovn-controller-network'] or computes_need_external_bridge | bool) else 'absent' }}" }
- - { name: ovn-chassis-mac-mappings, value: "{{ ovn_macs }}", state: "{{ 'present' if inventory_hostname in groups['ovn-controller-compute'] else 'absent' }}" }
+ - name: ovn-bridge-mappings
+ value: "{{ ovn_mappings }}"
+ state: "{{ 'present' if (inventory_hostname in groups['ovn-controller-network'] or computes_need_external_bridge | bool) else 'absent' }}"
+ - name: ovn-chassis-mac-mappings
+ value: "{{ ovn_macs }}"
+ state: "{{ 'present' if inventory_hostname in groups['ovn-controller-compute'] else 'absent' }}"
- { name: ovn-cms-options, value: "{{ ovn_cms_opts }}", state: "{{ 'present' if ovn_cms_opts != '' else 'absent' }}" }
when: inventory_hostname in groups.get('ovn-controller', [])
diff --git a/ansible/roles/ovn-db/tasks/bootstrap-db.yml b/ansible/roles/ovn-db/tasks/bootstrap-db.yml
index afeda55c2b..290101850f 100644
--- a/ansible/roles/ovn-db/tasks/bootstrap-db.yml
+++ b/ansible/roles/ovn-db/tasks/bootstrap-db.yml
@@ -15,7 +15,7 @@
{{ kolla_container_engine }} exec ovn_nb_db
ovs-appctl -t /var/run/ovn/ovnnb_db.ctl
cluster/status OVN_Northbound
- changed_when: False
+ changed_when: false
register: ovn_nb_cluster_status
- name: Configure OVN NB connection settings
@@ -40,7 +40,7 @@
{{ kolla_container_engine }} exec ovn_sb_db
ovs-appctl -t /var/run/ovn/ovnsb_db.ctl
cluster/status OVN_Southbound
- changed_when: False
+ changed_when: false
register: ovn_sb_cluster_status
- name: Configure OVN SB connection settings
diff --git a/ansible/roles/ovn-db/tasks/lookup_cluster.yml b/ansible/roles/ovn-db/tasks/lookup_cluster.yml
index c387aaf3b3..7f8e16e66d 100644
--- a/ansible/roles/ovn-db/tasks/lookup_cluster.yml
+++ b/ansible/roles/ovn-db/tasks/lookup_cluster.yml
@@ -50,7 +50,7 @@
connect_timeout: 1
timeout: 10
register: check_ovn_nb_db_port_liveness
- ignore_errors: yes
+ ignore_errors: true
- name: Divide hosts by their OVN NB service port liveness
group_by:
@@ -101,7 +101,7 @@
connect_timeout: 1
timeout: 10
register: check_ovn_sb_db_port_liveness
- ignore_errors: yes
+ ignore_errors: true
- name: Divide hosts by their OVN SB service port liveness
group_by:
diff --git a/ansible/roles/ovs-dpdk/defaults/main.yml b/ansible/roles/ovs-dpdk/defaults/main.yml
index 5a6955c031..0ce66ff2ab 100644
--- a/ansible/roles/ovs-dpdk/defaults/main.yml
+++ b/ansible/roles/ovs-dpdk/defaults/main.yml
@@ -22,7 +22,7 @@ ovsdpdk_services:
container_name: "ovsdpdk_vswitchd"
image: "{{ ovsdpdk_vswitchd_image_full }}"
enabled: "{{ neutron_plugin_agent in ['openvswitch'] }}"
- privileged: True
+ privileged: true
host_in_groups: >-
{{
inventory_hostname in groups['compute']
diff --git a/ansible/roles/ovs-dpdk/handlers/main.yml b/ansible/roles/ovs-dpdk/handlers/main.yml
index 9d1b1e343d..25573806d6 100644
--- a/ansible/roles/ovs-dpdk/handlers/main.yml
+++ b/ansible/roles/ovs-dpdk/handlers/main.yml
@@ -27,7 +27,7 @@
command: "{{ kolla_container_engine }} exec {{ service.container_name }} ovs-vsctl --no-wait show"
register: check_result
until: check_result is success
- changed_when: False
+ changed_when: false
retries: 30
delay: 2
@@ -60,7 +60,7 @@
name: "{{ service.container_name }}"
image: "{{ service.image }}"
volumes: "{{ service.volumes }}"
- privileged: "{{ service.privileged | default(True) }}"
+ privileged: "{{ service.privileged | default(true) }}"
dimensions: "{{ service.dimensions }}"
- name: Ensuring ovsdpdk bridges are properly setup named
diff --git a/ansible/roles/ovs-dpdk/tasks/config.yml b/ansible/roles/ovs-dpdk/tasks/config.yml
index 2c563d75eb..d17911b61e 100644
--- a/ansible/roles/ovs-dpdk/tasks/config.yml
+++ b/ansible/roles/ovs-dpdk/tasks/config.yml
@@ -1,6 +1,6 @@
---
- name: Ensuring config directories exist
- become: True
+ become: true
file:
path: "{{ node_config_directory }}/{{ item.key }}"
state: "directory"
@@ -25,7 +25,7 @@
mode: "0770"
- name: Install ovs-dpdkctl service and config
- become: True
+ become: true
command: "{{ node_config_directory }}/ovsdpdk-db/ovs-dpdkctl.sh install"
environment:
CONFIG_FILE: "{{ node_config_directory }}/ovsdpdk-db/ovs-dpdkctl.conf"
@@ -38,7 +38,7 @@
ovs_physical_port_policy: "{{ ovs_physical_port_policy }}"
- name: Binds the interface to the target driver specified in the config
- become: True
+ become: true
command: "{{ node_config_directory }}/ovsdpdk-db/ovs-dpdkctl.sh bind_nics"
environment:
CONFIG_FILE: "{{ node_config_directory }}/ovsdpdk-db/ovs-dpdkctl.conf"
diff --git a/ansible/roles/placement/defaults/main.yml b/ansible/roles/placement/defaults/main.yml
index 8a36139ad0..ff1b9d1685 100644
--- a/ansible/roles/placement/defaults/main.yml
+++ b/ansible/roles/placement/defaults/main.yml
@@ -4,7 +4,7 @@ placement_services:
container_name: "placement_api"
group: "placement-api"
image: "{{ placement_api_image_full }}"
- enabled: True
+ enabled: true
volumes: "{{ placement_api_default_volumes + placement_api_extra_volumes }}"
dimensions: "{{ placement_api_dimensions }}"
healthcheck: "{{ placement_api_healthcheck }}"
diff --git a/ansible/roles/placement/tasks/bootstrap.yml b/ansible/roles/placement/tasks/bootstrap.yml
index 310c6c1252..109dd307ab 100644
--- a/ansible/roles/placement/tasks/bootstrap.yml
+++ b/ansible/roles/placement/tasks/bootstrap.yml
@@ -11,7 +11,7 @@
login_user: "{{ placement_database_shard_root_user }}"
login_password: "{{ database_password }}"
name: "{{ placement_database_name }}"
- run_once: True
+ run_once: true
delegate_to: "{{ groups['placement-api'][0] }}"
when:
- not use_preconfigured_databases | bool
@@ -32,7 +32,7 @@
host: "%"
priv: "{{ placement_database_name }}.*:ALL"
append_privs: "yes"
- run_once: True
+ run_once: true
delegate_to: "{{ groups['placement-api'][0] }}"
when:
- not use_preconfigured_databases | bool
diff --git a/ansible/roles/placement/tasks/bootstrap_service.yml b/ansible/roles/placement/tasks/bootstrap_service.yml
index 9a9ded8e0f..9375f2ff24 100644
--- a/ansible/roles/placement/tasks/bootstrap_service.yml
+++ b/ansible/roles/placement/tasks/bootstrap_service.yml
@@ -6,7 +6,7 @@
kolla_container:
action: "start_container"
common_options: "{{ docker_common_options }}"
- detach: False
+ detach: false
environment:
KOLLA_BOOTSTRAP:
KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}"
@@ -16,5 +16,5 @@
name: "bootstrap_placement"
restart_policy: oneshot
volumes: "{{ placement_api.volumes | reject('equalto', '') | list }}"
- run_once: True
+ run_once: true
delegate_to: "{{ groups[placement_api.group][0] }}"
diff --git a/ansible/roles/placement/tasks/config.yml b/ansible/roles/placement/tasks/config.yml
index 8926746825..585f78693d 100644
--- a/ansible/roles/placement/tasks/config.yml
+++ b/ansible/roles/placement/tasks/config.yml
@@ -13,7 +13,7 @@
stat:
path: "{{ item }}"
delegate_to: localhost
- run_once: True
+ run_once: true
register: placement_policy
with_first_found:
- files: "{{ supported_policy_format_list }}"
diff --git a/ansible/roles/placement/tasks/upgrade.yml b/ansible/roles/placement/tasks/upgrade.yml
index 8853cd9f13..ee01b0d93d 100644
--- a/ansible/roles/placement/tasks/upgrade.yml
+++ b/ansible/roles/placement/tasks/upgrade.yml
@@ -20,7 +20,7 @@
kolla_container:
action: "start_container"
common_options: "{{ docker_common_options }}"
- detach: False
+ detach: false
environment:
KOLLA_OSM:
KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}"
@@ -30,5 +30,5 @@
name: "bootstrap_placement"
restart_policy: oneshot
volumes: "{{ placement_api.volumes }}"
- run_once: True
+ run_once: true
delegate_to: "{{ groups[placement_api.group][0] }}"
diff --git a/ansible/roles/prechecks/tasks/service_checks.yml b/ansible/roles/prechecks/tasks/service_checks.yml
index 3f2a711da1..20b6e34480 100644
--- a/ansible/roles/prechecks/tasks/service_checks.yml
+++ b/ansible/roles/prechecks/tasks/service_checks.yml
@@ -25,7 +25,7 @@
command:
cmd: grep '^[^#].*:\s*$' "{{ node_config }}/passwords.yml"
delegate_to: localhost
- run_once: True
+ run_once: true
register: result
changed_when: false
failed_when: result.stdout | regex_replace('(.*ssh_key.*)', '') is search(":")
@@ -33,7 +33,7 @@
- name: Check if nscd is running
command: pgrep nscd
- ignore_errors: yes
+ ignore_errors: true
failed_when: false
changed_when: false
check_mode: false
@@ -48,7 +48,7 @@
- nscd_status.rc == 0
- name: Validate that internal and external vip address are different when TLS is enabled only on either the internal and external network
- run_once: True
+ run_once: true
fail:
msg: 'kolla_external_vip_address and kolla_internal_vip_address must not be the same when only one network has TLS enabled'
changed_when: false
@@ -58,14 +58,14 @@
- kolla_same_external_internal_vip | bool
- name: Validate that enable_ceph is disabled
- run_once: True
+ run_once: true
fail:
msg: "We are sorry but enable_ceph is no longer supported. Please use external ceph support."
when:
- (enable_ceph | default()) | bool
- name: Validate that enable_redis is disabled
- run_once: True
+ run_once: true
assert:
that:
- not (enable_redis | default(false)) | bool
diff --git a/ansible/roles/prechecks/tasks/user_checks.yml b/ansible/roles/prechecks/tasks/user_checks.yml
index 94fd5b4668..bdf9617701 100644
--- a/ansible/roles/prechecks/tasks/user_checks.yml
+++ b/ansible/roles/prechecks/tasks/user_checks.yml
@@ -13,8 +13,8 @@
# NOTE(duonghq): it's only a basic check, should be refined later
- name: Check if ansible user can do passwordless sudo
command: "true"
- become: yes
+ become: true
register: result
failed_when: result is failed
- changed_when: False
+ changed_when: false
check_mode: false
diff --git a/ansible/roles/prometheus/tasks/bootstrap.yml b/ansible/roles/prometheus/tasks/bootstrap.yml
index 9cc8e2634c..c6c4ffc270 100644
--- a/ansible/roles/prometheus/tasks/bootstrap.yml
+++ b/ansible/roles/prometheus/tasks/bootstrap.yml
@@ -22,7 +22,7 @@
with_dict: "{{ mariadb_shards_info.shards }}"
loop_control:
label: "{{ shard_host }}"
- run_once: True
+ run_once: true
when:
- enable_prometheus_mysqld_exporter | bool
- prometheus_services['prometheus-mysqld-exporter'] | service_enabled_and_mapped_to_host
diff --git a/ansible/roles/prometheus/tasks/config.yml b/ansible/roles/prometheus/tasks/config.yml
index 3bbc497b72..1b98f40c81 100644
--- a/ansible/roles/prometheus/tasks/config.yml
+++ b/ansible/roles/prometheus/tasks/config.yml
@@ -25,7 +25,7 @@
find:
path: "{{ node_custom_config }}/prometheus/"
pattern: "*.rules"
- run_once: True
+ run_once: true
delegate_to: localhost
register: prometheus_alert_rules
when:
@@ -115,7 +115,7 @@
find:
path: "{{ node_custom_config }}/prometheus/"
pattern: "*.tmpl"
- run_once: True
+ run_once: true
delegate_to: localhost
register: alertmanager_notification_templates
when:
diff --git a/ansible/roles/prune-images/tasks/prune_images.yml b/ansible/roles/prune-images/tasks/prune_images.yml
index c1cea204fd..29519fea35 100644
--- a/ansible/roles/prune-images/tasks/prune_images.yml
+++ b/ansible/roles/prune-images/tasks/prune_images.yml
@@ -2,7 +2,7 @@
- name: Pruning Kolla images
become: true
docker_prune:
- images: yes
+ images: true
images_filters:
label: kolla_version
timeout: "{{ docker_image_prune_timeout }}"
diff --git a/ansible/roles/rabbitmq/defaults/main.yml b/ansible/roles/rabbitmq/defaults/main.yml
index f6f3e4069b..3a329b187a 100644
--- a/ansible/roles/rabbitmq/defaults/main.yml
+++ b/ansible/roles/rabbitmq/defaults/main.yml
@@ -91,13 +91,13 @@ rabbitmq_extra_config: {}
rabbitmq_enable_prometheus_plugin: "{{ enable_prometheus }}"
rabbitmq_plugins:
- name: "rabbitmq_management"
- enabled: True
+ enabled: true
- name: "rabbitmq_prometheus"
enabled: "{{ rabbitmq_enable_prometheus_plugin | bool }}"
rabbitmq_enabled_plugins: "{{ rabbitmq_plugins | selectattr('enabled', 'equalto', true) | list }}"
-kolla_externally_managed_cert: False
+kolla_externally_managed_cert: false
rabbitmq_version_suffix: ""
diff --git a/ansible/roles/rabbitmq/tasks/bootstrap.yml b/ansible/roles/rabbitmq/tasks/bootstrap.yml
index a63e2073c9..97822c2aae 100644
--- a/ansible/roles/rabbitmq/tasks/bootstrap.yml
+++ b/ansible/roles/rabbitmq/tasks/bootstrap.yml
@@ -15,7 +15,7 @@
kolla_container:
action: "start_container"
common_options: "{{ docker_common_options }}"
- detach: False
+ detach: false
environment: "{{ service.bootstrap_environment }}"
image: "{{ service.image }}"
labels:
diff --git a/ansible/roles/rabbitmq/tasks/restart_services.yml b/ansible/roles/rabbitmq/tasks/restart_services.yml
index 017fb5a4e0..9f5e8765ba 100644
--- a/ansible/roles/rabbitmq/tasks/restart_services.yml
+++ b/ansible/roles/rabbitmq/tasks/restart_services.yml
@@ -1,6 +1,6 @@
---
- name: Get info on RabbitMQ container
- become: True
+ become: true
kolla_container_facts:
action: get_containers
container_engine: "{{ kolla_container_engine }}"
diff --git a/ansible/roles/service-cert-copy/defaults/main.yml b/ansible/roles/service-cert-copy/defaults/main.yml
index 24b97c760a..cda28bf1d3 100644
--- a/ansible/roles/service-cert-copy/defaults/main.yml
+++ b/ansible/roles/service-cert-copy/defaults/main.yml
@@ -1,4 +1,4 @@
---
-kolla_externally_managed_cert: False
+kolla_externally_managed_cert: false
kolla_copy_backend_tls_files: "{{ lookup('vars', (kolla_role_name | default(project_name)) + '_enable_tls_backend', default=false) }}"
diff --git a/ansible/roles/service-config-validate/tasks/validate.yml b/ansible/roles/service-config-validate/tasks/validate.yml
index 7a522645b3..9cf956ed7c 100644
--- a/ansible/roles/service-config-validate/tasks/validate.yml
+++ b/ansible/roles/service-config-validate/tasks/validate.yml
@@ -1,6 +1,6 @@
---
- name: "{{ project_name }} : {{ service.container_name }} | Get info on container"
- become: True
+ become: true
kolla_container_facts:
action: get_containers
container_engine: "{{ kolla_container_engine }}"
@@ -9,7 +9,7 @@
register: container_info
- name: "{{ project_name }} : {{ service.container_name }} | Validate configurations"
- become: True
+ become: true
command: >
{{ kolla_container_engine }} exec {{ service.container_name }}
bash -c "[[ -f {{ inner_item['config'] }} ]] && oslo-config-validator --config-file {{ inner_item['generator'] }} --input-file {{ inner_item['config'] }}"
@@ -21,10 +21,10 @@
loop_control:
label: "{{ inner_item['config'] | basename }}"
loop_var: inner_item
- changed_when: False
+ changed_when: false
- name: "{{ project_name }} : {{ service.container_name }} | Ensure log directory exists"
- become: True
+ become: true
file:
path: "{{ output_dir }}"
state: directory
@@ -34,7 +34,7 @@
delegate_to: localhost
- name: "{{ project_name }} : {{ service.container_name }} | Log configuration errors"
- become: True
+ become: true
copy:
content: "{{ inner_item.stderr }}"
dest: "{{ output_dir }}/{{ inner_item.inner_item.config | basename }}.err"
diff --git a/ansible/roles/service-rabbitmq/tasks/main.yml b/ansible/roles/service-rabbitmq/tasks/main.yml
index dcdc7d5da3..415d988ef9 100644
--- a/ansible/roles/service-rabbitmq/tasks/main.yml
+++ b/ansible/roles/service-rabbitmq/tasks/main.yml
@@ -41,4 +41,4 @@
until: service_rabbitmq_result is success
retries: "{{ service_rabbitmq_retries }}"
delay: "{{ service_rabbitmq_delay }}"
- no_log: True
+ no_log: true
diff --git a/ansible/roles/skyline/tasks/bootstrap.yml b/ansible/roles/skyline/tasks/bootstrap.yml
index 57893c3412..7b1168ebcd 100644
--- a/ansible/roles/skyline/tasks/bootstrap.yml
+++ b/ansible/roles/skyline/tasks/bootstrap.yml
@@ -11,7 +11,7 @@
login_user: "{{ skyline_database_shard_root_user }}"
login_password: "{{ database_password }}"
name: "{{ skyline_database_name }}"
- run_once: True
+ run_once: true
delegate_to: "{{ groups['skyline-apiserver'][0] }}"
when:
- not use_preconfigured_databases | bool
@@ -32,7 +32,7 @@
host: "%"
priv: "{{ skyline_database_name }}.*:ALL"
append_privs: "yes"
- run_once: True
+ run_once: true
delegate_to: "{{ groups['skyline-apiserver'][0] }}"
when:
- not use_preconfigured_databases | bool
diff --git a/ansible/roles/skyline/tasks/bootstrap_service.yml b/ansible/roles/skyline/tasks/bootstrap_service.yml
index 61831b2c33..4536684262 100644
--- a/ansible/roles/skyline/tasks/bootstrap_service.yml
+++ b/ansible/roles/skyline/tasks/bootstrap_service.yml
@@ -6,7 +6,7 @@
kolla_container:
action: "start_container"
common_options: "{{ docker_common_options }}"
- detach: False
+ detach: false
environment:
KOLLA_BOOTSTRAP:
KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}"
@@ -16,5 +16,5 @@
name: "bootstrap_skyline"
restart_policy: oneshot
volumes: "{{ skyline_apiserver.volumes | reject('equalto', '') | list }}"
- run_once: True
+ run_once: true
delegate_to: "{{ groups[skyline_apiserver.group][0] }}"
diff --git a/ansible/roles/skyline/templates/nginx.conf.j2 b/ansible/roles/skyline/templates/nginx.conf.j2
index 944480464b..711c7fbe63 100644
--- a/ansible/roles/skyline/templates/nginx.conf.j2
+++ b/ansible/roles/skyline/templates/nginx.conf.j2
@@ -68,7 +68,7 @@ http {
server {
listen {{ api_interface_address | put_address_in_context('url') }}:{{ skyline_console_listen_port }}{% if skyline_ssl_certfile and skyline_ssl_keyfile %} ssl http2{% endif %} default_server;
- root /var/lib/kolla/venv/lib/python{{ distro_python_version }}/site-packages/skyline_console/static;
+ root /var/lib/kolla/venv/lib/python3/site-packages/skyline_console/static;
# Add index.php to the list if you are using PHP
index index.html;
diff --git a/ansible/roles/skyline/templates/skyline-console.json.j2 b/ansible/roles/skyline/templates/skyline-console.json.j2
index 6d9e0a0822..3cab049059 100644
--- a/ansible/roles/skyline/templates/skyline-console.json.j2
+++ b/ansible/roles/skyline/templates/skyline-console.json.j2
@@ -15,7 +15,7 @@
}{% if skyline_custom_logos | length > 0 %},
{
"source": "{{ container_config_directory}}/logos",
- "dest": "/var/lib/kolla/venv/lib/python{{ distro_python_version }}/site-packages/skyline_console/static",
+ "dest": "/var/lib/kolla/venv/lib/python3/site-packages/skyline_console/static",
"owner": "root",
"perm": "0644",
"merge": true
diff --git a/ansible/roles/tacker/tasks/bootstrap.yml b/ansible/roles/tacker/tasks/bootstrap.yml
index 1f0ae366e2..aa4effcf01 100644
--- a/ansible/roles/tacker/tasks/bootstrap.yml
+++ b/ansible/roles/tacker/tasks/bootstrap.yml
@@ -11,7 +11,7 @@
login_user: "{{ tacker_database_shard_root_user }}"
login_password: "{{ database_password }}"
name: "{{ tacker_database_name }}"
- run_once: True
+ run_once: true
delegate_to: "{{ groups['tacker-server'][0] }}"
when:
- not use_preconfigured_databases | bool
@@ -32,7 +32,7 @@
host: "%"
priv: "{{ tacker_database_name }}.*:ALL"
append_privs: "yes"
- run_once: True
+ run_once: true
delegate_to: "{{ groups['tacker-server'][0] }}"
when:
- not use_preconfigured_databases | bool
diff --git a/ansible/roles/tacker/tasks/bootstrap_service.yml b/ansible/roles/tacker/tasks/bootstrap_service.yml
index 7075bd44f4..9e6d872e5c 100644
--- a/ansible/roles/tacker/tasks/bootstrap_service.yml
+++ b/ansible/roles/tacker/tasks/bootstrap_service.yml
@@ -6,7 +6,7 @@
kolla_container:
action: "start_container"
common_options: "{{ docker_common_options }}"
- detach: False
+ detach: false
environment:
KOLLA_BOOTSTRAP:
KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}"
@@ -16,5 +16,5 @@
name: "bootstrap_tacker"
restart_policy: oneshot
volumes: "{{ tacker_server.volumes | reject('equalto', '') | list }}"
- run_once: True
+ run_once: true
delegate_to: "{{ groups[tacker_server.group][0] }}"
diff --git a/ansible/roles/tacker/tasks/config.yml b/ansible/roles/tacker/tasks/config.yml
index f6473b0d31..255494273c 100644
--- a/ansible/roles/tacker/tasks/config.yml
+++ b/ansible/roles/tacker/tasks/config.yml
@@ -12,7 +12,7 @@
- name: Check if policies shall be overwritten
stat:
path: "{{ item }}"
- run_once: True
+ run_once: true
delegate_to: localhost
register: tacker_policy
with_first_found:
diff --git a/ansible/roles/trove/tasks/bootstrap.yml b/ansible/roles/trove/tasks/bootstrap.yml
index ef820d1bf2..2c3711bcd7 100644
--- a/ansible/roles/trove/tasks/bootstrap.yml
+++ b/ansible/roles/trove/tasks/bootstrap.yml
@@ -11,7 +11,7 @@
login_user: "{{ trove_database_shard_root_user }}"
login_password: "{{ database_password }}"
name: "{{ trove_database_name }}"
- run_once: True
+ run_once: true
delegate_to: "{{ groups['trove-api'][0] }}"
when:
- not use_preconfigured_databases | bool
@@ -32,7 +32,7 @@
host: "%"
priv: "{{ trove_database_name }}.*:ALL"
append_privs: "yes"
- run_once: True
+ run_once: true
delegate_to: "{{ groups['trove-api'][0] }}"
when:
- not use_preconfigured_databases | bool
diff --git a/ansible/roles/trove/tasks/bootstrap_service.yml b/ansible/roles/trove/tasks/bootstrap_service.yml
index 74766ed07a..d30eaf7cf9 100644
--- a/ansible/roles/trove/tasks/bootstrap_service.yml
+++ b/ansible/roles/trove/tasks/bootstrap_service.yml
@@ -6,7 +6,7 @@
kolla_container:
action: "start_container"
common_options: "{{ docker_common_options }}"
- detach: False
+ detach: false
environment:
KOLLA_BOOTSTRAP:
KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}"
@@ -16,5 +16,5 @@
name: "bootstrap_trove"
restart_policy: oneshot
volumes: "{{ trove_api.volumes | reject('equalto', '') | list }}"
- run_once: True
+ run_once: true
delegate_to: "{{ groups[trove_api.group][0] }}"
diff --git a/ansible/roles/trove/tasks/config.yml b/ansible/roles/trove/tasks/config.yml
index 8427d0079b..459b71c404 100644
--- a/ansible/roles/trove/tasks/config.yml
+++ b/ansible/roles/trove/tasks/config.yml
@@ -12,7 +12,7 @@
- name: Check if policies shall be overwritten
stat:
path: "{{ item }}"
- run_once: True
+ run_once: true
delegate_to: localhost
register: trove_policy
with_first_found:
diff --git a/ansible/roles/valkey/tasks/check.yml b/ansible/roles/valkey/tasks/check.yml
index d7531527ac..1e3c863623 100644
--- a/ansible/roles/valkey/tasks/check.yml
+++ b/ansible/roles/valkey/tasks/check.yml
@@ -5,7 +5,7 @@
- name: Valkey ping pong check
become: true
- shell: >-
+ command: >-
{{ kolla_container_engine }} exec valkey_server valkey-cli -h {{ api_interface_address }}
-a {{ valkey_master_password }} ping
register: valkey_check
diff --git a/ansible/roles/valkey/tasks/upgrade.yml b/ansible/roles/valkey/tasks/upgrade.yml
index 0fa7338875..5a7499dedf 100644
--- a/ansible/roles/valkey/tasks/upgrade.yml
+++ b/ansible/roles/valkey/tasks/upgrade.yml
@@ -17,7 +17,6 @@
- name: Perform Redis to Valkey migration steps
when: redis_container_facts.containers['redis'] is defined
block:
-
- name: Set temporary Valkey migration vars
set_fact:
valkey_server_port: "6380"
@@ -37,7 +36,7 @@
become: true
delegate_to: "{{ valkey_master_host }}"
run_once: true
- shell: >-
+ command: >-
{{ kolla_container_engine }} exec valkey_server
valkey-cli -h {{ api_interface_address }} -p {{ valkey_server_port }} info replication
register: valkey_replication
@@ -82,7 +81,7 @@
become: true
delegate_to: "{{ valkey_master_host }}"
run_once: true
- shell: >-
+ command: >-
{{ kolla_container_engine }} exec valkey_server
valkey-cli -h {{ api_interface_address }} -p {{ valkey_server_port }} info replication
register: valkey_role
@@ -120,7 +119,6 @@
valkey_sentinel_monitor_name: "kolla"
_valkey_migration: false
-
- name: Reconfigure/Redeploy Valkey on default ports
import_tasks: reconfigure.yml
diff --git a/ansible/roles/watcher/tasks/bootstrap.yml b/ansible/roles/watcher/tasks/bootstrap.yml
index ffa029e522..c1e7f14c79 100644
--- a/ansible/roles/watcher/tasks/bootstrap.yml
+++ b/ansible/roles/watcher/tasks/bootstrap.yml
@@ -11,7 +11,7 @@
login_user: "{{ watcher_database_shard_root_user }}"
login_password: "{{ database_password }}"
name: "{{ watcher_database_name }}"
- run_once: True
+ run_once: true
delegate_to: "{{ groups['watcher-api'][0] }}"
when:
- not use_preconfigured_databases | bool
@@ -32,7 +32,7 @@
host: "%"
priv: "{{ watcher_database_name }}.*:ALL"
append_privs: "yes"
- run_once: True
+ run_once: true
delegate_to: "{{ groups['watcher-api'][0] }}"
when:
- not use_preconfigured_databases | bool
diff --git a/ansible/roles/watcher/tasks/bootstrap_service.yml b/ansible/roles/watcher/tasks/bootstrap_service.yml
index 36a72f3831..36374689ef 100644
--- a/ansible/roles/watcher/tasks/bootstrap_service.yml
+++ b/ansible/roles/watcher/tasks/bootstrap_service.yml
@@ -6,7 +6,7 @@
kolla_container:
action: "start_container"
common_options: "{{ docker_common_options }}"
- detach: False
+ detach: false
environment:
KOLLA_BOOTSTRAP:
KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}"
@@ -16,5 +16,5 @@
name: "bootstrap_watcher"
restart_policy: oneshot
volumes: "{{ watcher_api.volumes | reject('equalto', '') | list }}"
- run_once: True
+ run_once: true
delegate_to: "{{ groups[watcher_api.group][0] }}"
diff --git a/ansible/roles/watcher/tasks/config.yml b/ansible/roles/watcher/tasks/config.yml
index 1b21a5202d..fdaefc185f 100644
--- a/ansible/roles/watcher/tasks/config.yml
+++ b/ansible/roles/watcher/tasks/config.yml
@@ -12,7 +12,7 @@
- name: Check if policies shall be overwritten
stat:
path: "{{ item }}"
- run_once: True
+ run_once: true
delegate_to: localhost
register: watcher_policy
with_first_found:
diff --git a/ansible/roles/zun/defaults/main.yml b/ansible/roles/zun/defaults/main.yml
index 094f40fbe9..c418f88b07 100644
--- a/ansible/roles/zun/defaults/main.yml
+++ b/ansible/roles/zun/defaults/main.yml
@@ -50,7 +50,7 @@ zun_services:
group: zun-compute
enabled: true
image: "{{ zun_compute_image_full }}"
- privileged: True
+ privileged: true
volumes: "{{ zun_compute_default_volumes + zun_compute_extra_volumes + lookup('vars', 'run_default_volumes_' + kolla_container_engine) }}"
dimensions: "{{ zun_compute_dimensions }}"
healthcheck: "{{ zun_compute_healthcheck }}"
@@ -59,7 +59,7 @@ zun_services:
group: zun-cni-daemon
enabled: true
image: "{{ zun_cni_daemon_image_full }}"
- privileged: True
+ privileged: true
volumes: "{{ zun_cni_daemon_default_volumes + zun_cni_daemon_extra_volumes + lookup('vars', 'run_default_volumes_' + kolla_container_engine) }}"
dimensions: "{{ zun_cni_daemon_dimensions }}"
healthcheck: "{{ zun_cni_daemon_healthcheck }}"
diff --git a/ansible/roles/zun/tasks/bootstrap.yml b/ansible/roles/zun/tasks/bootstrap.yml
index a18acdea7f..3ec453be6e 100644
--- a/ansible/roles/zun/tasks/bootstrap.yml
+++ b/ansible/roles/zun/tasks/bootstrap.yml
@@ -11,7 +11,7 @@
login_user: "{{ zun_database_shard_root_user }}"
login_password: "{{ database_password }}"
name: "{{ zun_database_name }}"
- run_once: True
+ run_once: true
delegate_to: "{{ groups['zun-api'][0] }}"
when:
- not use_preconfigured_databases | bool
@@ -32,7 +32,7 @@
host: "%"
priv: "{{ zun_database_name }}.*:ALL"
append_privs: "yes"
- run_once: True
+ run_once: true
delegate_to: "{{ groups['zun-api'][0] }}"
when:
- not use_preconfigured_databases | bool
diff --git a/ansible/roles/zun/tasks/bootstrap_service.yml b/ansible/roles/zun/tasks/bootstrap_service.yml
index d618b07c23..b68dc002a4 100644
--- a/ansible/roles/zun/tasks/bootstrap_service.yml
+++ b/ansible/roles/zun/tasks/bootstrap_service.yml
@@ -6,7 +6,7 @@
kolla_container:
action: "start_container"
common_options: "{{ docker_common_options }}"
- detach: False
+ detach: false
environment:
KOLLA_BOOTSTRAP:
KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}"
@@ -16,5 +16,5 @@
name: "bootstrap_zun"
restart_policy: oneshot
volumes: "{{ zun_api.volumes | reject('equalto', '') | list }}"
- run_once: True
+ run_once: true
delegate_to: "{{ groups[zun_api.group][0] }}"
diff --git a/ansible/roles/zun/tasks/config.yml b/ansible/roles/zun/tasks/config.yml
index 7ef4c7e3b5..850f353d72 100644
--- a/ansible/roles/zun/tasks/config.yml
+++ b/ansible/roles/zun/tasks/config.yml
@@ -17,7 +17,7 @@
- name: Check if policies shall be overwritten
stat:
path: "{{ item }}"
- run_once: True
+ run_once: true
delegate_to: localhost
register: zun_policy
with_first_found:
diff --git a/ansible/roles/zun/tasks/external_ceph.yml b/ansible/roles/zun/tasks/external_ceph.yml
index e57410b6bb..1afe869cf4 100644
--- a/ansible/roles/zun/tasks/external_ceph.yml
+++ b/ansible/roles/zun/tasks/external_ceph.yml
@@ -18,6 +18,6 @@
become: true
file:
path: "{{ node_config_directory }}/zun-compute"
- recurse: yes
+ recurse: true
owner: "{{ config_owner_user }}"
group: "{{ config_owner_group }}"
diff --git a/ansible/roles/zun/tasks/precheck.yml b/ansible/roles/zun/tasks/precheck.yml
index 780a78aa09..cd727ebe3b 100644
--- a/ansible/roles/zun/tasks/precheck.yml
+++ b/ansible/roles/zun/tasks/precheck.yml
@@ -54,6 +54,6 @@
assert:
that: enable_kuryr | bool
fail_msg: "kuryr is required but not enabled"
- run_once: True
+ run_once: true
when:
- enable_zun | bool
diff --git a/ansible/site.yml b/ansible/site.yml
index 8d742462b4..1a05fbc56a 100644
--- a/ansible/site.yml
+++ b/ansible/site.yml
@@ -33,6 +33,7 @@
- enable_cyborg_{{ enable_cyborg | bool }}
- enable_designate_{{ enable_designate | bool }}
- enable_etcd_{{ enable_etcd | bool }}
+ - enable_fluentd_{{ enable_fluentd | bool }}
- enable_glance_{{ enable_glance | bool }}
- enable_gnocchi_{{ enable_gnocchi | bool }}
- enable_grafana_{{ enable_grafana | bool }}
@@ -116,6 +117,7 @@
gather_facts: false
hosts:
- fluentd
+ - '&enable_fluentd_True'
serial: '{{ kolla_serial|default("0") }}'
max_fail_percentage: >-
{{ fluentd_max_fail_percentage |
@@ -130,7 +132,7 @@
gather_facts: false
hosts:
- loadbalancer
- - '&enable_loadbalancer_True'
+ - "&enable_loadbalancer_True"
serial: '{{ kolla_serial|default("0") }}'
max_fail_percentage: >-
{{ loadbalancer_max_fail_percentage |
@@ -349,85 +351,79 @@
gather_facts: false
hosts:
- opensearch
- - '&enable_opensearch_True'
+ - "&enable_opensearch_True"
serial: '{{ kolla_serial|default("0") }}'
max_fail_percentage: >-
{{ opensearch_max_fail_percentage |
default(kolla_max_fail_percentage) |
default(100) }}
roles:
- - { role: opensearch,
- tags: opensearch }
+ - { role: opensearch, tags: opensearch }
- name: Apply role letsencrypt
gather_facts: false
hosts:
- letsencrypt
- - '&enable_letsencrypt_True'
+ - "&enable_letsencrypt_True"
serial: '{{ kolla_serial|default("0") }}'
max_fail_percentage: >-
{{ letsencrypt_max_fail_percentage |
default(kolla_max_fail_percentage) |
default(100) }}
roles:
- - { role: letsencrypt,
- tags: letsencrypt }
+ - { role: letsencrypt, tags: letsencrypt }
- name: Apply role collectd
gather_facts: false
hosts:
- collectd
- - '&enable_collectd_True'
+ - "&enable_collectd_True"
serial: '{{ kolla_serial|default("0") }}'
max_fail_percentage: >-
{{ collectd_max_fail_percentage |
default(kolla_max_fail_percentage) |
default(100) }}
roles:
- - { role: collectd,
- tags: collectd }
+ - { role: collectd, tags: collectd }
- name: Apply role influxdb
gather_facts: false
hosts:
- influxdb
- - '&enable_influxdb_True'
+ - "&enable_influxdb_True"
serial: '{{ kolla_serial|default("0") }}'
max_fail_percentage: >-
{{ influxdb_max_fail_percentage |
default(kolla_max_fail_percentage) |
default(100) }}
roles:
- - { role: influxdb,
- tags: influxdb }
+ - { role: influxdb, tags: influxdb }
- name: Apply role telegraf
gather_facts: false
hosts:
- telegraf
- - '&enable_telegraf_True'
+ - "&enable_telegraf_True"
serial: '{{ kolla_serial|default("0") }}'
max_fail_percentage: >-
{{ telegraf_max_fail_percentage |
default(kolla_max_fail_percentage) |
default(100) }}
roles:
- - { role: telegraf,
- tags: telegraf }
+ - { role: telegraf, tags: telegraf }
- name: Apply role valkey
gather_facts: false
hosts:
- valkey
- - '&enable_valkey_True'
+ - "&enable_valkey_True"
serial: '{{ kolla_serial|default("0") }}'
max_fail_percentage: >-
{{ valkey_max_fail_percentage |
default(kolla_max_fail_percentage) |
default(100) }}
roles:
- - { role: valkey,
- tags: valkey }
+ - { role: valkey, tags: valkey }
# MariaDB deployment is more complicated than other services, so is covered in
# its own playbook.
@@ -437,15 +433,14 @@
gather_facts: false
hosts:
- memcached
- - '&enable_memcached_True'
+ - "&enable_memcached_True"
serial: '{{ kolla_serial|default("0") }}'
max_fail_percentage: >-
{{ memcached_max_fail_percentage |
default(kolla_max_fail_percentage) |
default(100) }}
roles:
- - { role: memcached,
- tags: [memcache, memcached] }
+ - { role: memcached, tags: [memcache, memcached] }
- name: Apply role prometheus
gather_facts: false
@@ -458,60 +453,55 @@
- prometheus-elasticsearch-exporter
- prometheus-blackbox-exporter
- prometheus-libvirt-exporter
- - '&enable_prometheus_True'
+ - "&enable_prometheus_True"
serial: '{{ kolla_serial|default("0") }}'
max_fail_percentage: >-
{{ prometheus_max_fail_percentage |
default(kolla_max_fail_percentage) |
default(100) }}
roles:
- - { role: prometheus,
- tags: prometheus }
+ - { role: prometheus, tags: prometheus }
- name: Apply role prometheus-node-exporters
gather_facts: false
hosts:
- prometheus-node-exporter
- prometheus-cadvisor
- - '&enable_prometheus_True'
+ - "&enable_prometheus_True"
serial: '{{ kolla_serial|default("0") }}'
max_fail_percentage: >-
{{ prometheus_node_exporters_max_fail_percentage |
default(kolla_max_fail_percentage) |
default(100) }}
roles:
- - { role: prometheus-node-exporters,
- tags: [prometheus, prometheus-node-exporters],
- when: enable_prometheus | bool }
+ - { role: prometheus-node-exporters, tags: [prometheus, prometheus-node-exporters], when: enable_prometheus | bool }
- name: Apply role iscsi
gather_facts: false
hosts:
- iscsid
- tgtd
- - '&enable_iscsid_True'
+ - "&enable_iscsid_True"
serial: '{{ kolla_serial|default("0") }}'
max_fail_percentage: >-
{{ iscsid_max_fail_percentage |
default(kolla_max_fail_percentage) |
default(100) }}
roles:
- - { role: iscsi,
- tags: iscsi }
+ - { role: iscsi, tags: iscsi }
- name: Apply role multipathd
gather_facts: false
hosts:
- multipathd
- - '&enable_multipathd_True'
+ - "&enable_multipathd_True"
serial: '{{ kolla_serial|default("0") }}'
max_fail_percentage: >-
{{ multipathd_max_fail_percentage |
default(kolla_max_fail_percentage) |
default(100) }}
roles:
- - { role: multipathd,
- tags: multipathd }
+ - { role: multipathd, tags: multipathd }
- import_playbook: rabbitmq.yml
@@ -519,28 +509,26 @@
gather_facts: false
hosts:
- etcd
- - '&enable_etcd_True'
+ - "&enable_etcd_True"
max_fail_percentage: >-
{{ etcd_max_fail_percentage |
default(kolla_max_fail_percentage) |
default(100) }}
roles:
- - { role: etcd,
- tags: etcd }
+ - { role: etcd, tags: etcd }
- name: Apply role keystone
gather_facts: false
hosts:
- keystone
- - '&enable_keystone_True'
+ - "&enable_keystone_True"
serial: '{{ kolla_serial|default("0") }}'
max_fail_percentage: >-
{{ keystone_max_fail_percentage |
default(kolla_max_fail_percentage) |
default(100) }}
roles:
- - { role: keystone,
- tags: keystone }
+ - { role: keystone, tags: keystone }
- name: Apply role ceph-rgw
gather_facts: false
@@ -548,29 +536,27 @@
# NOTE(mgoddard): This is only used to register Keystone services, and
# can run on any host running kolla-toolbox.
- kolla-toolbox
- - '&enable_ceph_rgw_True'
+ - "&enable_ceph_rgw_True"
serial: '{{ kolla_serial|default("0") }}'
max_fail_percentage: >-
{{ ceph_rgw_max_fail_percentage |
default(kolla_max_fail_percentage) |
default(100) }}
roles:
- - { role: ceph-rgw,
- tags: ceph-rgw }
+ - { role: ceph-rgw, tags: ceph-rgw }
- name: Apply role glance
gather_facts: false
hosts:
- glance-api
- - '&enable_glance_True'
+ - "&enable_glance_True"
serial: '{{ kolla_serial|default("0") }}'
max_fail_percentage: >-
{{ glance_max_fail_percentage |
default(kolla_max_fail_percentage) |
default(100) }}
roles:
- - { role: glance,
- tags: glance }
+ - { role: glance, tags: glance }
- name: Apply role ironic
gather_facts: false
@@ -579,15 +565,14 @@
- ironic-conductor
- ironic-tftp
- ironic-http
- - '&enable_ironic_True'
+ - "&enable_ironic_True"
serial: '{{ kolla_serial|default("0") }}'
max_fail_percentage: >-
{{ ironic_max_fail_percentage |
default(kolla_max_fail_percentage) |
default(100) }}
roles:
- - { role: ironic,
- tags: ironic }
+ - { role: ironic, tags: ironic }
- name: Apply role cinder
gather_facts: false
@@ -596,73 +581,66 @@
- cinder-backup
- cinder-scheduler
- cinder-volume
- - '&enable_cinder_True'
+ - "&enable_cinder_True"
serial: '{{ kolla_serial|default("0") }}'
max_fail_percentage: >-
{{ cinder_max_fail_percentage |
default(kolla_max_fail_percentage) |
default(100) }}
roles:
- - { role: cinder,
- tags: cinder }
+ - { role: cinder, tags: cinder }
- name: Apply role placement
gather_facts: false
hosts:
- placement-api
- - '&enable_placement_True'
+ - "&enable_placement_True"
serial: '{{ kolla_serial|default("0") }}'
max_fail_percentage: >-
{{ placement_max_fail_percentage |
default(kolla_max_fail_percentage) |
default(100) }}
roles:
- - { role: placement,
- tags: placement }
+ - { role: placement, tags: placement }
- name: Apply role openvswitch
gather_facts: false
hosts:
- openvswitch
- - '&enable_openvswitch_True_enable_ovs_dpdk_False'
+ - "&enable_openvswitch_True_enable_ovs_dpdk_False"
serial: '{{ kolla_serial|default("0") }}'
max_fail_percentage: >-
{{ openvswitch_max_fail_percentage |
default(kolla_max_fail_percentage) |
default(100) }}
roles:
- - { role: openvswitch,
- tags: openvswitch,
- when: "(enable_openvswitch | bool) and not (enable_ovs_dpdk | bool)"}
+ - { role: openvswitch, tags: openvswitch, when: "(enable_openvswitch | bool) and not (enable_ovs_dpdk | bool)" }
- name: Apply role ovs-dpdk
gather_facts: false
hosts:
- openvswitch
- - '&enable_openvswitch_True_enable_ovs_dpdk_True'
+ - "&enable_openvswitch_True_enable_ovs_dpdk_True"
serial: '{{ kolla_serial|default("0") }}'
max_fail_percentage: >-
{{ ovs_dpdk_max_fail_percentage |
default(kolla_max_fail_percentage) |
default(100) }}
roles:
- - { role: ovs-dpdk,
- tags: ovs-dpdk,
- when: "(enable_openvswitch | bool) and (enable_ovs_dpdk | bool)"}
+ - { role: ovs-dpdk, tags: ovs-dpdk, when: "(enable_openvswitch | bool) and (enable_ovs_dpdk | bool)" }
- name: Apply role ovn-controller
gather_facts: false
hosts:
- ovn-controller
- - '&enable_ovn_True'
+ - "&enable_ovn_True"
serial: '{{ kolla_serial|default("0") }}'
max_fail_percentage: >-
{{ ovn_controller_max_fail_percentage |
default(kolla_max_fail_percentage) |
default(100) }}
roles:
- - { role: ovn-controller,
- tags: [ovn, ovn-controller] }
+ - { role: ovn-controller, tags: [ovn, ovn-controller] }
- name: Apply role ovn-db
gather_facts: false
@@ -670,15 +648,14 @@
- ovn-nb-db
- ovn-northd
- ovn-sb-db
- - '&enable_ovn_True'
+ - "&enable_ovn_True"
serial: '{{ kolla_serial|default("0") }}'
max_fail_percentage: >-
{{ ovn_db_max_fail_percentage |
default(kolla_max_fail_percentage) |
default(100) }}
roles:
- - { role: ovn-db,
- tags: [ovn, ovn-db] }
+ - { role: ovn-db, tags: [ovn, ovn-db] }
# Nova deployment is more complicated than other services, so is covered in its
# own playbook.
@@ -698,44 +675,41 @@
- neutron-infoblox-ipam-agent
- compute
- manila-share
- - '&enable_neutron_True'
+ - "&enable_neutron_True"
serial: '{{ kolla_serial|default("0") }}'
max_fail_percentage: >-
{{ neutron_max_fail_percentage |
default(kolla_max_fail_percentage) |
default(100) }}
roles:
- - { role: neutron,
- tags: neutron }
+ - { role: neutron, tags: neutron }
- name: Apply role kuryr
gather_facts: false
hosts:
- compute
- - '&enable_kuryr_True'
+ - "&enable_kuryr_True"
serial: '{{ kolla_serial|default("0") }}'
max_fail_percentage: >-
{{ kuryr_max_fail_percentage |
default(kolla_max_fail_percentage) |
default(100) }}
roles:
- - { role: kuryr,
- tags: kuryr }
+ - { role: kuryr, tags: kuryr }
- name: Apply role hacluster
gather_facts: false
hosts:
- hacluster
- hacluster-remote
- - '&enable_hacluster_True'
+ - "&enable_hacluster_True"
serial: '{{ kolla_serial|default("0") }}'
max_fail_percentage: >-
{{ hacluster_max_fail_percentage |
default(kolla_max_fail_percentage) |
default(100) }}
roles:
- - { role: hacluster,
- tags: hacluster }
+ - { role: hacluster, tags: hacluster }
- name: Apply role heat
gather_facts: false
@@ -743,44 +717,41 @@
- heat-api
- heat-api-cfn
- heat-engine
- - '&enable_heat_True'
+ - "&enable_heat_True"
serial: '{{ kolla_serial|default("0") }}'
max_fail_percentage: >-
{{ heat_max_fail_percentage |
default(kolla_max_fail_percentage) |
default(100) }}
roles:
- - { role: heat,
- tags: heat }
+ - { role: heat, tags: heat }
- name: Apply role horizon
gather_facts: false
hosts:
- horizon
- - '&enable_horizon_True'
+ - "&enable_horizon_True"
serial: '{{ kolla_serial|default("0") }}'
max_fail_percentage: >-
{{ horizon_max_fail_percentage |
default(kolla_max_fail_percentage) |
default(100) }}
roles:
- - { role: horizon,
- tags: horizon }
+ - { role: horizon, tags: horizon }
- name: Apply role magnum
gather_facts: false
hosts:
- magnum-api
- magnum-conductor
- - '&enable_magnum_True'
+ - "&enable_magnum_True"
serial: '{{ kolla_serial|default("0") }}'
max_fail_percentage: >-
{{ magnum_max_fail_percentage |
default(kolla_max_fail_percentage) |
default(100) }}
roles:
- - { role: magnum,
- tags: magnum }
+ - { role: magnum, tags: magnum }
- name: Apply role mistral
gather_facts: false
@@ -789,15 +760,14 @@
- mistral-engine
- mistral-executor
- mistral-event-engine
- - '&enable_mistral_True'
+ - "&enable_mistral_True"
serial: '{{ kolla_serial|default("0") }}'
max_fail_percentage: >-
{{ mistral_max_fail_percentage |
default(kolla_max_fail_percentage) |
default(100) }}
roles:
- - { role: mistral,
- tags: mistral }
+ - { role: mistral, tags: mistral }
- name: Apply role manila
gather_facts: false
@@ -806,15 +776,14 @@
- manila-data
- manila-share
- manila-scheduler
- - '&enable_manila_True'
+ - "&enable_manila_True"
serial: '{{ kolla_serial|default("0") }}'
max_fail_percentage: >-
{{ manila_max_fail_percentage |
default(kolla_max_fail_percentage) |
default(100) }}
roles:
- - { role: manila,
- tags: manila }
+ - { role: manila, tags: manila }
- name: Apply role gnocchi
gather_facts: false
@@ -822,15 +791,14 @@
- gnocchi-api
- gnocchi-metricd
- gnocchi-statsd
- - '&enable_gnocchi_True'
+ - "&enable_gnocchi_True"
serial: '{{ kolla_serial|default("0") }}'
max_fail_percentage: >-
{{ gnocchi_max_fail_percentage |
default(kolla_max_fail_percentage) |
default(100) }}
roles:
- - { role: gnocchi,
- tags: gnocchi }
+ - { role: gnocchi, tags: gnocchi }
- name: Apply role ceilometer
gather_facts: false
@@ -839,15 +807,14 @@
- ceilometer-notification
- ceilometer-compute
- ceilometer-ipmi
- - '&enable_ceilometer_True'
+ - "&enable_ceilometer_True"
serial: '{{ kolla_serial|default("0") }}'
max_fail_percentage: >-
{{ ceilometer_max_fail_percentage |
default(kolla_max_fail_percentage) |
default(100) }}
roles:
- - { role: ceilometer,
- tags: ceilometer }
+ - { role: ceilometer, tags: ceilometer }
- name: Apply role aodh
gather_facts: false
@@ -856,15 +823,14 @@
- aodh-evaluator
- aodh-listener
- aodh-notifier
- - '&enable_aodh_True'
+ - "&enable_aodh_True"
serial: '{{ kolla_serial|default("0") }}'
max_fail_percentage: >-
{{ aodh_max_fail_percentage |
default(kolla_max_fail_percentage) |
default(100) }}
roles:
- - { role: aodh,
- tags: aodh }
+ - { role: aodh, tags: aodh }
- name: Apply role barbican
gather_facts: false
@@ -872,15 +838,14 @@
- barbican-api
- barbican-keystone-listener
- barbican-worker
- - '&enable_barbican_True'
+ - "&enable_barbican_True"
serial: '{{ kolla_serial|default("0") }}'
max_fail_percentage: >-
{{ barbican_max_fail_percentage |
default(kolla_max_fail_percentage) |
default(100) }}
roles:
- - { role: barbican,
- tags: barbican }
+ - { role: barbican, tags: barbican }
- name: Apply role cyborg
gather_facts: false
@@ -888,15 +853,14 @@
- cyborg-api
- cyborg-agent
- cyborg-conductor
- - '&enable_cyborg_True'
+ - "&enable_cyborg_True"
serial: '{{ serial|default("0") }}'
max_fail_percentage: >-
{{ cyborg_max_fail_percentage |
default(kolla_max_fail_percentage) |
default(100) }}
roles:
- - { role: cyborg,
- tags: cyborg }
+ - { role: cyborg, tags: cyborg }
- name: Apply role designate
gather_facts: false
@@ -908,15 +872,14 @@
- designate-worker
- designate-sink
- designate-backend-bind9
- - '&enable_designate_True'
+ - "&enable_designate_True"
serial: '{{ kolla_serial|default("0") }}'
max_fail_percentage: >-
{{ designate_max_fail_percentage |
default(kolla_max_fail_percentage) |
default(100) }}
roles:
- - { role: designate,
- tags: designate }
+ - { role: designate, tags: designate }
- name: Apply role trove
gather_facts: false
@@ -924,15 +887,14 @@
- trove-api
- trove-conductor
- trove-taskmanager
- - '&enable_trove_True'
+ - "&enable_trove_True"
serial: '{{ kolla_serial|default("0") }}'
max_fail_percentage: >-
{{ trove_max_fail_percentage |
default(kolla_max_fail_percentage) |
default(100) }}
roles:
- - { role: trove,
- tags: trove }
+ - { role: trove, tags: trove }
- name: Apply role watcher
gather_facts: false
@@ -940,59 +902,55 @@
- watcher-api
- watcher-engine
- watcher-applier
- - '&enable_watcher_True'
+ - "&enable_watcher_True"
serial: '{{ kolla_serial|default("0") }}'
max_fail_percentage: >-
{{ watcher_max_fail_percentage |
default(kolla_max_fail_percentage) |
default(100) }}
roles:
- - { role: watcher,
- tags: watcher }
+ - { role: watcher, tags: watcher }
- name: Apply role grafana
gather_facts: false
hosts:
- grafana
- - '&enable_grafana_True'
+ - "&enable_grafana_True"
serial: '{{ kolla_serial|default("0") }}'
max_fail_percentage: >-
{{ grafana_max_fail_percentage |
default(kolla_max_fail_percentage) |
default(100) }}
roles:
- - { role: grafana,
- tags: grafana }
+ - { role: grafana, tags: grafana }
- name: Apply role cloudkitty
gather_facts: false
hosts:
- cloudkitty-api
- cloudkitty-processor
- - '&enable_cloudkitty_True'
+ - "&enable_cloudkitty_True"
serial: '{{ kolla_serial|default("0") }}'
max_fail_percentage: >-
{{ cloudkitty_max_fail_percentage |
default(kolla_max_fail_percentage) |
default(100) }}
roles:
- - { role: cloudkitty,
- tags: cloudkitty }
+ - { role: cloudkitty, tags: cloudkitty }
- name: Apply role tacker
gather_facts: false
hosts:
- tacker-server
- tacker-conductor
- - '&enable_tacker_True'
+ - "&enable_tacker_True"
serial: '{{ kolla_serial|default("0") }}'
max_fail_percentage: >-
{{ tacker_max_fail_percentage |
default(kolla_max_fail_percentage) |
default(100) }}
roles:
- - { role: tacker,
- tags: tacker }
+ - { role: tacker, tags: tacker }
- name: Apply role octavia
gather_facts: false
@@ -1001,15 +959,14 @@
- octavia-health-manager
- octavia-housekeeping
- octavia-worker
- - '&enable_octavia_True'
+ - "&enable_octavia_True"
serial: '{{ kolla_serial|default("0") }}'
max_fail_percentage: >-
{{ octavia_max_fail_percentage |
default(kolla_max_fail_percentage) |
default(100) }}
roles:
- - { role: octavia,
- tags: octavia }
+ - { role: octavia, tags: octavia }
- name: Apply role zun
gather_facts: false
@@ -1018,30 +975,28 @@
- zun-wsproxy
- zun-compute
- zun-cni-daemon
- - '&enable_zun_True'
+ - "&enable_zun_True"
serial: '{{ kolla_serial|default("0") }}'
max_fail_percentage: >-
{{ zun_max_fail_percentage |
default(kolla_max_fail_percentage) |
default(100) }}
roles:
- - { role: zun,
- tags: zun }
+ - { role: zun, tags: zun }
- name: Apply role blazar
gather_facts: false
hosts:
- blazar-api
- blazar-manager
- - '&enable_blazar_True'
+ - "&enable_blazar_True"
serial: '{{ kolla_serial|default("0") }}'
max_fail_percentage: >-
{{ blazar_max_fail_percentage |
default(kolla_max_fail_percentage) |
default(100) }}
roles:
- - { role: blazar,
- tags: blazar }
+ - { role: blazar, tags: blazar }
- name: Apply role masakari
gather_facts: false
@@ -1050,26 +1005,24 @@
- masakari-engine
- masakari-hostmonitor
- masakari-instancemonitor
- - '&enable_masakari_True'
+ - "&enable_masakari_True"
serial: '{{ kolla_serial|default("0") }}'
max_fail_percentage: >-
{{ masakari_max_fail_percentage |
default(kolla_max_fail_percentage) |
default(100) }}
roles:
- - { role: masakari,
- tags: masakari }
+ - { role: masakari, tags: masakari }
- name: Apply role skyline
gather_facts: false
hosts:
- skyline
- - '&enable_skyline_True'
+ - "&enable_skyline_True"
serial: '{{ kolla_serial|default("0") }}'
max_fail_percentage: >-
{{ skyline_max_fail_percentage |
default(kolla_max_fail_percentage) |
default(100) }}
roles:
- - { role: skyline,
- tags: skyline }
+ - { role: skyline, tags: skyline }
diff --git a/doc/source/contributor/contributing.rst b/doc/source/contributor/contributing.rst
index 36e798561b..7e9bff16a9 100644
--- a/doc/source/contributor/contributing.rst
+++ b/doc/source/contributor/contributing.rst
@@ -56,9 +56,13 @@ directly, you can find the lists in Gerrit:
New Feature Planning
~~~~~~~~~~~~~~~~~~~~
-New features are discussed via IRC or mailing list (with [kolla] prefix).
-Kolla project keeps blueprints in `Launchpad `__.
-Specs are welcome but not strictly required.
+New features are discussed via IRC or on the openstack-discuss mailing list
+(please include the [kolla] prefix to your subject line).
+
+Kolla has previously used Launchpad blueprints, but now simply uses tracking
+bugs for new feature work. Please tag any such bugs with a "[RFE]" prefix,
+which indicates the bug is a Request For Enhancement. Bugs are discussed in
+more detail in the next section.
Task Tracking
~~~~~~~~~~~~~
diff --git a/doc/source/contributor/release-notes.rst b/doc/source/contributor/release-notes.rst
index 5c783b9b84..766c64a39a 100644
--- a/doc/source/contributor/release-notes.rst
+++ b/doc/source/contributor/release-notes.rst
@@ -22,9 +22,12 @@ Kolla Ansible (just like Kolla) uses the following release notes sections:
* ``prelude`` --- filled in by the PTL before each release or RC.
Other release note types may be applied per common sense.
-Each change should include a release note unless being a ``TrivialFix``
-change or affecting only docs or CI. Such changes should `not` include
-a release note to avoid confusion.
+
+When a release note is required:
+
+- ``feature`` - best included with docs change (if separate from the code)
+- ``user impacting`` - to improve visibility of the change for users
+
Remember release notes are mostly for end users which, in case of Kolla,
are OpenStack administrators/operators.
In case of doubt, the core team will let you know what is required.
diff --git a/etc/kolla/globals.yml b/etc/kolla/globals.yml
index 36f5b4806e..6bf2b9e267 100644
--- a/etc/kolla/globals.yml
+++ b/etc/kolla/globals.yml
@@ -6,7 +6,7 @@
# the parameter and change its value.
# Dummy variable to allow Ansible to accept this file.
-workaround_ansible_issue_8743: yes
+workaround_ansible_issue_8743: true
###################
# Ansible options
@@ -99,7 +99,7 @@ workaround_ansible_issue_8743: yes
# Custom docker registry settings:
#docker_registry:
# Please read the docs carefully before applying docker_registry_insecure.
-#docker_registry_insecure: "no"
+#docker_registry_insecure: false
#docker_registry_username:
# docker_registry_password is set in the passwords.yml file.
@@ -109,15 +109,15 @@ workaround_ansible_issue_8743: yes
# Docker client timeout in seconds.
#docker_client_timeout: 120
-#docker_configure_for_zun: "no"
-#containerd_configure_for_zun: "no"
+#docker_configure_for_zun: false
+#containerd_configure_for_zun: false
#containerd_grpc_gid: 42463
###################
# Messaging options
###################
# Whether to enable TLS for oslo.messaging communication with RabbitMQ.
-#om_enable_rabbitmq_tls: "{{ rabbitmq_enable_tls | bool }}"
+# om_enable_rabbitmq_tls: "{{ rabbitmq_enable_tls | bool }}"
# CA certificate bundle in containers using oslo.messaging with RabbitMQ TLS.
#om_rabbitmq_cacert: "{{ rabbitmq_cacert }}"
@@ -168,18 +168,18 @@ workaround_ansible_issue_8743: yes
# Configure Neutron upgrade option, currently Kolla support
# two upgrade ways for Neutron: legacy_upgrade and rolling_upgrade
-# The variable "neutron_enable_rolling_upgrade: yes" is meaning rolling_upgrade
+# The variable "neutron_enable_rolling_upgrade: true" is meaning rolling_upgrade
# were enabled and opposite
# Neutron rolling upgrade were enable by default
-#neutron_enable_rolling_upgrade: "yes"
+#neutron_enable_rolling_upgrade: true
# Enable wrapper containers to keep Neutron agent restarts isolated from the main service containers
-#neutron_agents_wrappers: "yes"
+#neutron_agents_wrappers: true
# Configure neutron logging framework to log ingress/egress connections to instances
# for security groups rules. More information can be found here:
# https://docs.openstack.org/neutron/latest/admin/config-logging.html
-#enable_neutron_packet_logging: "no"
+#enable_neutron_packet_logging: false
####################
# keepalived options
@@ -215,7 +215,7 @@ workaround_ansible_issue_8743: yes
#####################
# Healthcheck options
#####################
-#enable_container_healthchecks: "yes"
+#enable_container_healthchecks: true
# Healthcheck options for Docker containers
# interval/timeout/start_period are in seconds
#default_container_healthcheck_interval: 30
@@ -229,9 +229,9 @@ workaround_ansible_issue_8743: yes
# Configures firewalld on both ubuntu and centos systems
# for enabled services.
# firewalld should be installed beforehand.
-# disable_firewall: "true"
-# enable_external_api_firewalld: "false"
-# external_api_firewalld_zone: "public"
+#disable_firewall: "true"
+#enable_external_api_firewalld: "false"
+#external_api_firewalld_zone: "public"
#############
# TLS options
@@ -239,16 +239,16 @@ workaround_ansible_issue_8743: yes
# To provide encryption and authentication on the kolla_external_vip_interface,
# TLS can be enabled. When TLS is enabled, certificates must be provided to
# allow clients to perform authentication.
-#kolla_enable_tls_internal: "no"
+#kolla_enable_tls_internal: false
#kolla_enable_tls_external: "{{ kolla_enable_tls_internal if kolla_same_external_internal_vip | bool else 'no' }}"
#kolla_certificates_dir: "{{ node_config }}/certificates"
#kolla_external_fqdn_cert: "{{ kolla_certificates_dir }}/haproxy.pem"
#kolla_internal_fqdn_cert: "{{ kolla_certificates_dir }}/haproxy-internal.pem"
#kolla_admin_openrc_cacert: ""
-#kolla_copy_ca_into_containers: "no"
+#kolla_copy_ca_into_containers: false
#haproxy_backend_cacert: "{{ 'ca-certificates.crt' if kolla_base_distro in ['debian', 'ubuntu'] else 'ca-bundle.trust.crt' }}"
#haproxy_backend_cacert_dir: "/etc/ssl/certs"
-#database_enable_tls_backend: "{{ 'yes' if kolla_enable_tls_backend | bool and enable_proxysql | bool else 'no' }}"
+#database_enable_tls_backend: "{{ 'true' if kolla_enable_tls_backend | bool and enable_proxysql | bool else 'false' }}"
##################
# Backend options
##################
@@ -258,8 +258,8 @@ workaround_ansible_issue_8743: yes
#####################
# Backend TLS options
#####################
-#kolla_enable_tls_backend: "no"
-#kolla_verify_tls_backend: "yes"
+#kolla_enable_tls_backend: false
+#kolla_verify_tls_backend: true
#kolla_tls_backend_cert: "{{ kolla_certificates_dir }}/backend-cert.pem"
#kolla_tls_backend_key: "{{ kolla_certificates_dir }}/backend-key.pem"
@@ -286,13 +286,13 @@ workaround_ansible_issue_8743: yes
# LetsEncrypt certificate server options
####################
#letsencrypt_cert_server: "https://acme-v02.api.letsencrypt.org/directory"
-# attempt to renew Let's Encrypt certificate every 12 hours
+# Attempt to renew Let's Encrypt certificate every 12 hours
#letsencrypt_cron_renew_schedule: "0 */12 * * *"
####################
# LetsEncrypt external account binding options
####################
-#letsencrypt_external_account_binding: "no"
+#letsencrypt_external_account_binding: false
#letsencrypt_eab_hmac: ""
#letsencrypt_eab_key_id: ""
@@ -315,53 +315,53 @@ workaround_ansible_issue_8743: yes
# Enable core OpenStack services. This includes:
# glance, keystone, neutron, nova, heat, and horizon.
-#enable_openstack_core: "yes"
+#enable_openstack_core: true
# These roles are required for Kolla to be operation, however a savvy deployer
# could disable some of these required roles and run their own services.
#enable_glance: "{{ enable_openstack_core | bool }}"
-#enable_hacluster: "no"
-#enable_haproxy: "yes"
+#enable_hacluster: false
+#enable_haproxy: true
#enable_keepalived: "{{ enable_haproxy | bool }}"
#enable_keystone: "{{ enable_openstack_core | bool }}"
-#enable_mariadb: "yes"
-#enable_memcached: "yes"
+#enable_mariadb: true
+#enable_memcached: true
#enable_neutron: "{{ enable_openstack_core | bool }}"
#enable_nova: "{{ enable_openstack_core | bool }}"
-#enable_rabbitmq: "{{ 'yes' if om_rpc_transport == 'rabbit' or om_notify_transport == 'rabbit' else 'no' }}"
+#enable_rabbitmq: "{{ 'true' if om_rpc_transport == 'rabbit' or om_notify_transport == 'rabbit' else 'false' }}"
# OpenStack services can be enabled or disabled with these options
-#enable_aodh: "no"
-#enable_barbican: "no"
-#enable_blazar: "no"
-#enable_ceilometer: "no"
-#enable_ceilometer_ipmi: "no"
-#enable_cells: "no"
-#enable_central_logging: "no"
-#enable_ceph_rgw: "no"
+#enable_aodh: false
+#enable_barbican: false
+#enable_blazar: false
+#enable_ceilometer: false
+#enable_ceilometer_ipmi: false
+#enable_cells: false
+#enable_central_logging: false
+#enable_ceph_rgw: false
#enable_ceph_rgw_loadbalancer: "{{ enable_ceph_rgw | bool }}"
-#enable_cinder: "no"
-#enable_cinder_backup: "yes"
+#enable_cinder: false
+#enable_cinder_backup: true
#enable_cinder_backend_iscsi: "{{ enable_cinder_backend_lvm | bool }}"
-#enable_cinder_backend_lvm: "no"
-#enable_cinder_backend_nfs: "no"
-#enable_cinder_backend_quobyte: "no"
-#enable_cinder_backend_pure_iscsi: "no"
-#enable_cinder_backend_pure_fc: "no"
-#enable_cinder_backend_pure_roce: "no"
-#enable_cinder_backend_pure_nvme_tcp: "no"
-#enable_cinder_backend_lightbits: "no"
-#enable_cloudkitty: "no"
-#enable_collectd: "no"
-#enable_cyborg: "no"
-#enable_designate: "no"
-#enable_destroy_images: "no"
-#enable_etcd: "no"
-#enable_fluentd: "yes"
+#enable_cinder_backend_lvm: false
+#enable_cinder_backend_nfs: false
+#enable_cinder_backend_quobyte: false
+#enable_cinder_backend_pure_iscsi: false
+#enable_cinder_backend_pure_fc: false
+#enable_cinder_backend_pure_roce: false
+#enable_cinder_backend_pure_nvme_tcp: false
+#enable_cinder_backend_lightbits: false
+#enable_cloudkitty: false
+#enable_collectd: false
+#enable_cyborg: false
+#enable_designate: false
+#enable_destroy_images: false
+#enable_etcd: false
+#enable_fluentd: true
#enable_fluentd_systemd: "{{ (enable_fluentd | bool) and (enable_central_logging | bool) }}"
-#enable_gnocchi: "no"
-#enable_gnocchi_statsd: "no"
-#enable_grafana: "no"
+#enable_gnocchi: false
+#enable_gnocchi_statsd: false
+#enable_grafana: false
#enable_grafana_external: "{{ enable_grafana | bool }}"
#enable_heat: "{{ enable_openstack_core | bool }}"
#enable_horizon: "{{ enable_openstack_core | bool }}"
@@ -382,41 +382,41 @@ workaround_ansible_issue_8743: yes
#enable_horizon_watcher: "{{ enable_watcher | bool }}"
#enable_horizon_zun: "{{ enable_zun | bool }}"
#enable_influxdb: "{{ enable_cloudkitty | bool and cloudkitty_storage_backend == 'influxdb' }}"
-#enable_ironic: "no"
-#enable_ironic_neutron_agent: "no"
+#enable_ironic: false
+#enable_ironic_neutron_agent: false
#enable_ironic_prometheus_exporter: "{{ enable_ironic | bool and enable_prometheus | bool }}"
-#enable_ironic_pxe_filter: "no"
+#enable_ironic_pxe_filter: false
#enable_iscsid: "{{ enable_cinder | bool and enable_cinder_backend_iscsi | bool }}"
-#enable_kuryr: "no"
-#enable_magnum: "no"
-#enable_manila: "no"
-#enable_manila_backend_generic: "no"
-#enable_manila_backend_hnas: "no"
-#enable_manila_backend_cephfs_native: "no"
-#enable_manila_backend_cephfs_nfs: "no"
-#enable_manila_backend_glusterfs_nfs: "no"
-#enable_manila_backend_flashblade: "no"
-#enable_mariabackup: "no"
-#enable_masakari: "no"
-#enable_mistral: "no"
-#enable_multipathd: "no"
-#enable_neutron_vpnaas: "no"
-#enable_neutron_sriov: "no"
-#enable_neutron_dvr: "no"
-#enable_neutron_fwaas: "no"
-#enable_neutron_qos: "no"
-#enable_neutron_agent_ha: "no"
-#enable_neutron_bgp_dragent: "no"
-#enable_neutron_provider_networks: "no"
-#enable_neutron_segments: "no"
-#enable_neutron_sfc: "no"
-#enable_neutron_trunk: "no"
-#enable_neutron_metering: "no"
-#enable_neutron_infoblox_ipam_agent: "no"
-#enable_neutron_port_forwarding: "no"
-#enable_nova_serialconsole_proxy: "no"
-#enable_nova_ssh: "yes"
-#enable_octavia: "no"
+#enable_kuryr: false
+#enable_magnum: false
+#enable_manila: false
+#enable_manila_backend_generic: false
+#enable_manila_backend_hnas: false
+#enable_manila_backend_cephfs_native: false
+#enable_manila_backend_cephfs_nfs: false
+#enable_manila_backend_glusterfs_nfs: false
+#enable_manila_backend_flashblade: false
+#enable_mariabackup: false
+#enable_masakari: false
+#enable_mistral: false
+#enable_multipathd: false
+#enable_neutron_vpnaas: false
+#enable_neutron_sriov: false
+#enable_neutron_dvr: false
+#enable_neutron_fwaas: false
+#enable_neutron_qos: false
+#enable_neutron_agent_ha: false
+#enable_neutron_bgp_dragent: false
+#enable_neutron_provider_networks: false
+#enable_neutron_segments: false
+#enable_neutron_sfc: false
+#enable_neutron_trunk: false
+#enable_neutron_metering: false
+#enable_neutron_infoblox_ipam_agent: false
+#enable_neutron_port_forwarding: false
+#enable_nova_serialconsole_proxy: false
+#enable_nova_ssh: true
+#enable_octavia: false
#enable_octavia_driver_agent: "{{ enable_octavia | bool and neutron_plugin_agent == 'ovn' }}"
#enable_octavia_jobboard: "{{ enable_octavia | bool and 'amphora' in octavia_provider_drivers }}"
#enable_opensearch: "{{ enable_central_logging | bool or enable_osprofiler | bool or (enable_cloudkitty | bool and cloudkitty_storage_backend == 'opensearch') }}"
@@ -424,19 +424,19 @@ workaround_ansible_issue_8743: yes
#enable_opensearch_dashboards_external: "{{ enable_opensearch_dashboards | bool }}"
#enable_openvswitch: "{{ enable_neutron }}"
#enable_ovn: "{{ enable_neutron | bool and neutron_plugin_agent == 'ovn' }}"
-#enable_ovs_dpdk: "no"
-#enable_osprofiler: "no"
+#enable_ovs_dpdk: false
+#enable_osprofiler: false
#enable_placement: "{{ enable_nova | bool or enable_zun | bool }}"
-#enable_prometheus: "no"
-#enable_proxysql: "yes"
-#enable_valkey: "no"
-#enable_skyline: "no"
-#enable_tacker: "no"
-#enable_telegraf: "no"
-#enable_trove: "no"
-#enable_trove_singletenant: "no"
-#enable_watcher: "no"
-#enable_zun: "no"
+#enable_prometheus: false
+#enable_proxysql: true
+#enable_valkey: false
+#enable_skyline: false
+#enable_tacker: false
+#enable_telegraf: false
+#enable_trove: false
+#enable_trove_singletenant: false
+#enable_watcher: false
+#enable_zun: false
#############
# S3 options
@@ -462,7 +462,7 @@ workaround_ansible_issue_8743: yes
# and not to busy wait (+sbwt none +sbwtdcpu none +sbwtdio none):
#rabbitmq_server_additional_erl_args: "+S 2:2 +sbwt none +sbwtdcpu none +sbwtdio none"
# Whether to enable TLS encryption for RabbitMQ client-server communication.
-#rabbitmq_enable_tls: "no"
+#rabbitmq_enable_tls: false
# CA certificate bundle in RabbitMQ container.
#rabbitmq_cacert: "/etc/ssl/certs/{{ 'ca-certificates.crt' if kolla_base_distro in ['debian', 'ubuntu'] else 'ca-bundle.trust.crt' }}"
@@ -476,7 +476,7 @@ workaround_ansible_issue_8743: yes
# External Ceph options
#######################
# External Ceph - cephx auth enabled (this is the standard nowadays, defaults to yes)
-#external_ceph_cephx_enabled: "yes"
+#external_ceph_cephx_enabled: true
# Glance
#ceph_glance_user: "glance"
@@ -518,16 +518,16 @@ workaround_ansible_issue_8743: yes
# Glance - Image Options
########################
# Configure image backend.
-#glance_backend_ceph: "no"
-#glance_backend_file: "yes"
-#glance_backend_s3: "no"
-#enable_glance_image_cache: "no"
-#glance_enable_property_protection: "no"
-#glance_enable_interoperable_image_import: "no"
+#glance_backend_ceph: false
+#glance_backend_file: true
+#glance_backend_s3: false
+#enable_glance_image_cache: false
+#glance_enable_property_protection: false
+#glance_enable_interoperable_image_import: false
# Configure glance upgrade option.
# Due to this feature being experimental in glance,
-# the default value is "no".
-#glance_enable_rolling_upgrade: "no"
+# the default value is false.
+#glance_enable_rolling_upgrade: false
####################
# Glance S3 Backend
@@ -563,7 +563,7 @@ workaround_ansible_issue_8743: yes
# Cinder - Block Storage Options
################################
# Enable / disable Cinder backends
-#cinder_backend_ceph: "no"
+#cinder_backend_ceph: false
#cinder_volume_group: "cinder-volumes"
# Valid options are [ '', valkey, etcd ]
#cinder_coordination_backend: "{{ 'valkey' if enable_valkey | bool else 'etcd' if enable_etcd | bool else '' }}"
@@ -604,7 +604,7 @@ workaround_ansible_issue_8743: yes
########################
# Nova - Compute Options
########################
-#nova_backend_ceph: "no"
+#nova_backend_ceph: false
# Valid options are [ qemu, kvm ]
#nova_compute_virt_type: "kvm"
@@ -614,10 +614,10 @@ workaround_ansible_issue_8743: yes
# The "nova_safety_upgrade" controls whether the nova services
# are all stopped before rolling upgrade to the new version,
-# for the safety and availability. If "nova_safety_upgrade" is "yes",
+# for the safety and availability. If "nova_safety_upgrade" is true,
# that will stop all nova services (except nova-compute) for no failed
# API operations before upgrade to the new version. And opposite.
-#nova_safety_upgrade: "no"
+#nova_safety_upgrade: false
# Valid options are [ none, novnc, spice ]
#nova_console: "novnc"
@@ -626,10 +626,10 @@ workaround_ansible_issue_8743: yes
# Neutron - networking options
##############################
# Enable distributed floating ip for OVN deployments
-#neutron_ovn_distributed_fip: "no"
+#neutron_ovn_distributed_fip: false
# Enable DHCP agent(s) to use with OVN
-#neutron_ovn_dhcp_agent: "no"
+#neutron_ovn_dhcp_agent: false
#############################
# Horizon - Dashboard Options
@@ -645,7 +645,7 @@ workaround_ansible_issue_8743: yes
# list of ranges - at least one must be configured, for example:
# - range: 192.168.0.10,192.168.0.100
# See Kolla Ansible docs on Ironic for details.
-#ironic_dnsmasq_dhcp_ranges:
+# ironic_dnsmasq_dhcp_ranges:
# PXE bootloader file for Ironic inspection, relative to /var/lib/ironic/tftpboot.
#ironic_dnsmasq_boot_file: "pxelinux.0"
@@ -654,7 +654,7 @@ workaround_ansible_issue_8743: yes
# The variable "ironic_enable_rolling_upgrade: yes" is meaning rolling_upgrade
# were enabled and opposite
# Rolling upgrade were enable by default
-#ironic_enable_rolling_upgrade: "yes"
+#ironic_enable_rolling_upgrade: true
# List of extra kernel parameters passed to the kernel used during inspection
#ironic_kernel_cmdline_extras: []
@@ -726,7 +726,7 @@ workaround_ansible_issue_8743: yes
#enable_prometheus_memcached_exporter: "{{ enable_prometheus | bool }}"
#enable_prometheus_alertmanager: "{{ enable_prometheus | bool }}"
#enable_prometheus_alertmanager_external: "{{ enable_prometheus_alertmanager | bool }}"
-#enable_prometheus_ceph_mgr_exporter: "no"
+#enable_prometheus_ceph_mgr_exporter: false
#enable_prometheus_openstack_exporter: "{{ enable_prometheus | bool }}"
#enable_prometheus_elasticsearch_exporter: "{{ enable_prometheus | bool and enable_elasticsearch | bool }}"
#enable_prometheus_blackbox_exporter: "{{ enable_prometheus | bool }}"
@@ -765,7 +765,7 @@ workaround_ansible_issue_8743: yes
##########
# Configure telegraf to use the docker daemon itself as an input for
# telemetry data.
-#telegraf_enable_docker_input: "no"
+#telegraf_enable_docker_input: false
##########################################
# Octavia - openstack loadbalancer Options
@@ -795,16 +795,16 @@ workaround_ansible_issue_8743: yes
# Octavia security groups. lb-mgmt-sec-grp is for amphorae.
#octavia_amp_security_groups:
-# mgmt-sec-grp:
-# name: "lb-mgmt-sec-grp"
-# rules:
-# - protocol: icmp
-# - protocol: tcp
-# src_port: 22
-# dst_port: 22
-# - protocol: tcp
-# src_port: "{{ octavia_amp_listen_port }}"
-# dst_port: "{{ octavia_amp_listen_port }}"
+# mgmt-sec-grp:
+# name: "lb-mgmt-sec-grp"
+# rules:
+# - protocol: icmp
+# - protocol: tcp
+# src_port: 22
+# dst_port: 22
+# - protocol: tcp
+# src_port: "{{ octavia_amp_listen_port }}"
+# dst_port: "{{ octavia_amp_listen_port }}"
# Octavia management network.
# See os_network and os_subnet for details. Supported parameters:
@@ -862,4 +862,4 @@ workaround_ansible_issue_8743: yes
##############
# If `etcd_remove_deleted_members` is enabled, Kolla Ansible will automatically
# remove etcd members from the cluster that are no longer in the inventory.
-#etcd_remove_deleted_members: "no"
+#etcd_remove_deleted_members: false
diff --git a/releasenotes/notes/remove-distro-python-version-09adac8895cb87d1.yaml b/releasenotes/notes/remove-distro-python-version-09adac8895cb87d1.yaml
new file mode 100644
index 0000000000..6f19718c39
--- /dev/null
+++ b/releasenotes/notes/remove-distro-python-version-09adac8895cb87d1.yaml
@@ -0,0 +1,4 @@
+---
+upgrade:
+ - |
+ The global variable ``distro_python_version`` has been removed
diff --git a/releasenotes/source/2024.1.rst b/releasenotes/source/2024.1.rst
index 4977a4f1a0..6896656be6 100644
--- a/releasenotes/source/2024.1.rst
+++ b/releasenotes/source/2024.1.rst
@@ -3,4 +3,4 @@
===========================
.. release-notes::
- :branch: stable/2024.1
+ :branch: unmaintained/2024.1
diff --git a/tests/templates/globals-default.j2 b/tests/templates/globals-default.j2
index 65498f372e..c01871c00a 100644
--- a/tests/templates/globals-default.j2
+++ b/tests/templates/globals-default.j2
@@ -301,5 +301,9 @@ enable_keystone_federation: true
enable_keystone_federation: true
{% endif %}
+{% if scenario == "federation" %}
+enable_keystone_federation: true
+{% endif %}
+
mariadb_monitor_read_only_interval: "30000"
mariadb_monitor_galera_healthcheck_timeout: "30000"
diff --git a/tools/setup-compute-libvirt.yml b/tools/setup-compute-libvirt.yml
index 9df033bec9..d544d26261 100644
--- a/tools/setup-compute-libvirt.yml
+++ b/tools/setup-compute-libvirt.yml
@@ -18,7 +18,7 @@
- name: Enable/start systemd artifacts
systemd:
- enabled: yes
+ enabled: true
state: started
name: "{{ item }}"
with_items: "{{ systemd_artifacts }}"
diff --git a/zuul.d/base.yaml b/zuul.d/base.yaml
index 7a9b481cbe..cd46c19679 100644
--- a/zuul.d/base.yaml
+++ b/zuul.d/base.yaml
@@ -12,6 +12,7 @@
- openstack/kolla-ansible
- openstack/requirements
files:
+ - ^ansible/site.yml
- ^ansible/group_vars/all/common.yml
- ^requirements-core.yml
- ^roles/kolla-ansible-test-dashboard/