From e60dc97dcd808e8187e8d98a3387b29dc8eadc8c Mon Sep 17 00:00:00 2001 From: Michal Nasiadka Date: Tue, 23 Sep 2025 11:35:48 +0200 Subject: [PATCH 01/43] keystone: Add support for deploying httpd for federation Depends-On: https://review.opendev.org/c/openstack/kolla/+/954707 Change-Id: I1f519b3ce8b7f2ceee2eaef88e4afc8ca8fa2f6e Signed-off-by: Michal Nasiadka --- tests/templates/globals-default.j2 | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/tests/templates/globals-default.j2 b/tests/templates/globals-default.j2 index 65498f372e..c01871c00a 100644 --- a/tests/templates/globals-default.j2 +++ b/tests/templates/globals-default.j2 @@ -301,5 +301,9 @@ enable_keystone_federation: true enable_keystone_federation: true {% endif %} +{% if scenario == "federation" %} +enable_keystone_federation: true +{% endif %} + mariadb_monitor_read_only_interval: "30000" mariadb_monitor_galera_healthcheck_timeout: "30000" From 477ea56bab4c4a85afd588d27a94d2bfed11d724 Mon Sep 17 00:00:00 2001 From: Michal Nasiadka Date: Wed, 12 Nov 2025 14:23:07 +0100 Subject: [PATCH 02/43] ansible-lint: Fix yaml[truthy] in heat role Change-Id: Ic18b7c25a13955da572f98b2dbca7d673a35746f Signed-off-by: Michal Nasiadka --- ansible/roles/heat/tasks/bootstrap.yml | 4 ++-- ansible/roles/heat/tasks/bootstrap_service.yml | 4 ++-- ansible/roles/heat/tasks/config.yml | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/ansible/roles/heat/tasks/bootstrap.yml b/ansible/roles/heat/tasks/bootstrap.yml index 72268b4fb1..556472e5d9 100644 --- a/ansible/roles/heat/tasks/bootstrap.yml +++ b/ansible/roles/heat/tasks/bootstrap.yml @@ -11,7 +11,7 @@ login_user: "{{ heat_database_shard_root_user }}" login_password: "{{ database_password }}" name: "{{ heat_database_name }}" - run_once: True + run_once: true delegate_to: "{{ groups['heat-api'][0] }}" when: - not use_preconfigured_databases | bool @@ -32,7 +32,7 @@ host: "%" priv: "{{ heat_database_name }}.*:ALL" append_privs: "yes" - run_once: True + run_once: true delegate_to: "{{ groups['heat-api'][0] }}" when: - not use_preconfigured_databases | bool diff --git a/ansible/roles/heat/tasks/bootstrap_service.yml b/ansible/roles/heat/tasks/bootstrap_service.yml index 872c456f13..38fd5d777d 100644 --- a/ansible/roles/heat/tasks/bootstrap_service.yml +++ b/ansible/roles/heat/tasks/bootstrap_service.yml @@ -6,7 +6,7 @@ kolla_container: action: "start_container" common_options: "{{ docker_common_options }}" - detach: False + detach: false environment: KOLLA_BOOTSTRAP: KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}" @@ -26,5 +26,5 @@ name: "bootstrap_heat" restart_policy: oneshot volumes: "{{ heat_api.volumes | reject('equalto', '') | list }}" - run_once: True + run_once: true delegate_to: "{{ groups[heat_api.group][0] }}" diff --git a/ansible/roles/heat/tasks/config.yml b/ansible/roles/heat/tasks/config.yml index 10271bd8d4..2d306f3fab 100644 --- a/ansible/roles/heat/tasks/config.yml +++ b/ansible/roles/heat/tasks/config.yml @@ -13,7 +13,7 @@ stat: path: "{{ item }}" delegate_to: localhost - run_once: True + run_once: true register: heat_policy with_first_found: - files: "{{ supported_policy_format_list }}" From 9e9f72e51ac028d211837339b4cff8d73869cd81 Mon Sep 17 00:00:00 2001 From: Michal Nasiadka Date: Wed, 12 Nov 2025 14:23:48 +0100 Subject: [PATCH 03/43] ansible-lint: Fix yaml[truthy] in horizon role Change-Id: Ia3177178a177cd0c8fe434ba75b9af11bc998f8a Signed-off-by: Michal Nasiadka --- ansible/roles/horizon/tasks/bootstrap.yml | 4 ++-- ansible/roles/horizon/tasks/bootstrap_service.yml | 4 ++-- ansible/roles/horizon/tasks/policy_item.yml | 3 +-- 3 files changed, 5 insertions(+), 6 deletions(-) diff --git a/ansible/roles/horizon/tasks/bootstrap.yml b/ansible/roles/horizon/tasks/bootstrap.yml index d92ce12cdb..431a500643 100644 --- a/ansible/roles/horizon/tasks/bootstrap.yml +++ b/ansible/roles/horizon/tasks/bootstrap.yml @@ -11,7 +11,7 @@ login_user: "{{ horizon_database_shard_root_user }}" login_password: "{{ database_password }}" name: "{{ horizon_database_name }}" - run_once: True + run_once: true delegate_to: "{{ groups['horizon'][0] }}" when: - not use_preconfigured_databases | bool @@ -32,7 +32,7 @@ host: "%" priv: "{{ horizon_database_name }}.*:ALL" append_privs: "yes" - run_once: True + run_once: true delegate_to: "{{ groups['horizon'][0] }}" when: - not use_preconfigured_databases | bool diff --git a/ansible/roles/horizon/tasks/bootstrap_service.yml b/ansible/roles/horizon/tasks/bootstrap_service.yml index 74454a9911..e956993558 100644 --- a/ansible/roles/horizon/tasks/bootstrap_service.yml +++ b/ansible/roles/horizon/tasks/bootstrap_service.yml @@ -6,7 +6,7 @@ kolla_container: action: "start_container" common_options: "{{ docker_common_options }}" - detach: False + detach: false environment: KOLLA_BOOTSTRAP: KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}" @@ -16,5 +16,5 @@ name: "bootstrap_horizon" restart_policy: oneshot volumes: "{{ horizon.volumes }}" - run_once: True + run_once: true delegate_to: "{{ groups[horizon.group][0] }}" diff --git a/ansible/roles/horizon/tasks/policy_item.yml b/ansible/roles/horizon/tasks/policy_item.yml index 7b427108a3..ab3b222e38 100644 --- a/ansible/roles/horizon/tasks/policy_item.yml +++ b/ansible/roles/horizon/tasks/policy_item.yml @@ -1,5 +1,4 @@ --- - - name: Update policy file name set_fact: supported_policy_files: "{{ supported_policy_format_list | map('regex_replace', '(.+)', project_name + '_\\1') | list }}" @@ -8,7 +7,7 @@ stat: path: "{{ fullpath }}" delegate_to: localhost - run_once: True + run_once: true register: overwritten_files with_first_found: - files: "{{ supported_policy_files }}" From 9de7d4d63d62b83f01ff59324a1d8a8308eeb400 Mon Sep 17 00:00:00 2001 From: Michal Nasiadka Date: Wed, 12 Nov 2025 14:24:38 +0100 Subject: [PATCH 04/43] ansible-lint: Fix yaml[truthy] in influxdb role Change-Id: I1ad2a1371de9d0e1f36675871ac9e500888a2e82 Signed-off-by: Michal Nasiadka --- ansible/roles/influxdb/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ansible/roles/influxdb/defaults/main.yml b/ansible/roles/influxdb/defaults/main.yml index 62b3505a59..59b6d14f01 100644 --- a/ansible/roles/influxdb/defaults/main.yml +++ b/ansible/roles/influxdb/defaults/main.yml @@ -21,7 +21,7 @@ influxdb_services: # Enable the disk based time series index (recommended for all users). For # more information see here: # https://docs.influxdata.com/influxdb/v1.7/concepts/time-series-index/ -influxdb_enable_tsi: True +influxdb_enable_tsi: true #################### # Docker From 70e4fe94463a835fcfa0645ee8d4d4fe75cd979f Mon Sep 17 00:00:00 2001 From: Michal Nasiadka Date: Wed, 12 Nov 2025 14:25:19 +0100 Subject: [PATCH 05/43] ansible-lint: Fix yaml[truthy] in ironic role Change-Id: I8213b6fe13dac146ded0db903dd0b00123e22e43 Signed-off-by: Michal Nasiadka --- ansible/roles/ironic/defaults/main.yml | 2 +- ansible/roles/ironic/tasks/bootstrap.yml | 4 ++-- ansible/roles/ironic/tasks/bootstrap_service.yml | 6 +++--- ansible/roles/ironic/tasks/config.yml | 2 +- ansible/roles/ironic/tasks/precheck.yml | 2 +- ansible/roles/ironic/tasks/rolling_upgrade.yml | 4 ++-- 6 files changed, 10 insertions(+), 10 deletions(-) diff --git a/ansible/roles/ironic/defaults/main.yml b/ansible/roles/ironic/defaults/main.yml index 9c80ad6fea..02042aad6b 100644 --- a/ansible/roles/ironic/defaults/main.yml +++ b/ansible/roles/ironic/defaults/main.yml @@ -34,7 +34,7 @@ ironic_services: group: ironic-conductor enabled: true image: "{{ ironic_conductor_image_full }}" - privileged: True + privileged: true volumes: "{{ ironic_conductor_default_volumes + ironic_conductor_extra_volumes + lookup('vars', 'run_default_volumes_' + kolla_container_engine) }}" dimensions: "{{ ironic_conductor_dimensions }}" healthcheck: "{{ ironic_conductor_healthcheck }}" diff --git a/ansible/roles/ironic/tasks/bootstrap.yml b/ansible/roles/ironic/tasks/bootstrap.yml index b6dc71a078..8ed261602e 100644 --- a/ansible/roles/ironic/tasks/bootstrap.yml +++ b/ansible/roles/ironic/tasks/bootstrap.yml @@ -11,7 +11,7 @@ login_user: "{{ ironic_database_shard_root_user }}" login_password: "{{ database_password }}" name: "{{ item.database_name }}" - run_once: True + run_once: true delegate_to: "{{ groups[item.group][0] }}" with_items: - database_name: "{{ ironic_database_name }}" @@ -36,7 +36,7 @@ host: "%" priv: "{{ item.database_name }}.*:ALL" append_privs: "yes" - run_once: True + run_once: true delegate_to: "{{ groups[item.group][0] }}" with_items: - database_name: "{{ ironic_database_name }}" diff --git a/ansible/roles/ironic/tasks/bootstrap_service.yml b/ansible/roles/ironic/tasks/bootstrap_service.yml index 2374bae120..edf20fc476 100644 --- a/ansible/roles/ironic/tasks/bootstrap_service.yml +++ b/ansible/roles/ironic/tasks/bootstrap_service.yml @@ -12,7 +12,7 @@ kolla_container: action: "start_container" common_options: "{{ docker_common_options }}" - detach: False + detach: false environment: "{{ upgrade_environment if ironic_enable_rolling_upgrade | bool else bootstrap_environment }}" image: "{{ ironic_api.image }}" labels: @@ -20,7 +20,7 @@ name: "bootstrap_ironic" restart_policy: oneshot volumes: "{{ ironic_api.volumes | reject('equalto', '') | list }}" - run_once: True + run_once: true delegate_to: "{{ groups[ironic_api.group][0] }}" when: inventory_hostname in groups[ironic_api.group] @@ -31,7 +31,7 @@ kolla_container: action: "start_container" common_options: "{{ docker_common_options }}" - detach: False + detach: false environment: TFTPBOOT_PATH: /var/lib/ironic/tftpboot HTTPBOOT_PATH: /var/lib/ironic/httpboot diff --git a/ansible/roles/ironic/tasks/config.yml b/ansible/roles/ironic/tasks/config.yml index 9b7627e189..9060fdd5af 100644 --- a/ansible/roles/ironic/tasks/config.yml +++ b/ansible/roles/ironic/tasks/config.yml @@ -13,7 +13,7 @@ stat: path: "{{ item }}" delegate_to: localhost - run_once: True + run_once: true register: ironic_policy with_first_found: - files: "{{ supported_policy_format_list }}" diff --git a/ansible/roles/ironic/tasks/precheck.yml b/ansible/roles/ironic/tasks/precheck.yml index cb5a21839f..ec69c8f958 100644 --- a/ansible/roles/ironic/tasks/precheck.yml +++ b/ansible/roles/ironic/tasks/precheck.yml @@ -55,7 +55,7 @@ stat: path: "{{ ironic_agent_files_directory }}/ironic/{{ item }}" delegate_to: localhost - run_once: True + run_once: true register: result failed_when: not result.stat.exists when: diff --git a/ansible/roles/ironic/tasks/rolling_upgrade.yml b/ansible/roles/ironic/tasks/rolling_upgrade.yml index 6bda5569fb..673ab7d2bf 100644 --- a/ansible/roles/ironic/tasks/rolling_upgrade.yml +++ b/ansible/roles/ironic/tasks/rolling_upgrade.yml @@ -36,7 +36,7 @@ kolla_container: action: "start_container" common_options: "{{ docker_common_options }}" - detach: False + detach: false environment: KOLLA_OSM: KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}" @@ -46,6 +46,6 @@ name: "bootstrap_ironic" restart_policy: oneshot volumes: "{{ ironic_api.volumes }}" - run_once: True + run_once: true delegate_to: "{{ groups[ironic_api.group][0] }}" when: inventory_hostname in groups[ironic_api.group] From ccd4dca67f2b6c404639314567479f048ee90aa1 Mon Sep 17 00:00:00 2001 From: Michal Nasiadka Date: Wed, 12 Nov 2025 14:26:18 +0100 Subject: [PATCH 06/43] ansible-lint: Fix yaml[truthy] in iscsi role Change-Id: I18c29512f250494adae32de77ff44b9d46fa5a64 Signed-off-by: Michal Nasiadka --- ansible/roles/iscsi/defaults/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ansible/roles/iscsi/defaults/main.yml b/ansible/roles/iscsi/defaults/main.yml index 13aac3a889..f4d0ed1e8b 100644 --- a/ansible/roles/iscsi/defaults/main.yml +++ b/ansible/roles/iscsi/defaults/main.yml @@ -6,7 +6,7 @@ iscsi_services: enabled: "{{ enable_iscsid_for_cinder or enable_iscsid_for_ironic }}" image: "{{ iscsid_image_full }}" ipc_mode: "host" - privileged: True + privileged: true volumes: "{{ iscsid_default_volumes + iscsid_extra_volumes + lookup('vars', 'run_default_volumes_' + kolla_container_engine) }}" dimensions: "{{ iscsid_dimensions }}" tgtd: @@ -15,7 +15,7 @@ iscsi_services: enabled: "{{ enable_tgtd }}" image: "{{ tgtd_image_full }}" ipc_mode: "host" - privileged: True + privileged: true volumes: "{{ tgtd_default_volumes + tgtd_extra_volumes + lookup('vars', 'run_default_volumes_' + kolla_container_engine) }}" dimensions: "{{ tgtd_dimensions }}" From 8e20cfeea4e2c40ec252a12de7dc0dfc5888cbe4 Mon Sep 17 00:00:00 2001 From: Michal Nasiadka Date: Mon, 24 Nov 2025 09:39:12 +0100 Subject: [PATCH 07/43] CI: Add site.yml to all jobs trigger Change-Id: I20e8571464e20ea0e0981a52db3182402ff8f01c Signed-off-by: Michal Nasiadka --- zuul.d/base.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/zuul.d/base.yaml b/zuul.d/base.yaml index 7a9b481cbe..cd46c19679 100644 --- a/zuul.d/base.yaml +++ b/zuul.d/base.yaml @@ -12,6 +12,7 @@ - openstack/kolla-ansible - openstack/requirements files: + - ^ansible/site.yml - ^ansible/group_vars/all/common.yml - ^requirements-core.yml - ^roles/kolla-ansible-test-dashboard/ From daf67663d2cb193ca74452b5a802dc131131b820 Mon Sep 17 00:00:00 2001 From: Michal Nasiadka Date: Wed, 12 Nov 2025 14:27:10 +0100 Subject: [PATCH 08/43] ansible-lint: Fix yaml[truthy] in keystone role Change-Id: I0a2c6c4cbeacf1719db34cd5b8282fba13de04d1 Signed-off-by: Michal Nasiadka --- ansible/roles/keystone/handlers/main.yml | 8 ++--- ansible/roles/keystone/tasks/bootstrap.yml | 4 +-- .../keystone/tasks/bootstrap_service.yml | 8 ++--- ansible/roles/keystone/tasks/config.yml | 8 ++--- .../keystone/tasks/distribute_fernet.yml | 2 +- ansible/roles/keystone/tasks/register.yml | 6 ++-- .../tasks/register_identity_providers.yml | 30 +++++++++---------- ansible/roles/keystone/tasks/upgrade.yml | 4 +-- 8 files changed, 35 insertions(+), 35 deletions(-) diff --git a/ansible/roles/keystone/handlers/main.yml b/ansible/roles/keystone/handlers/main.yml index 8d5f1fd049..24ee0d520d 100644 --- a/ansible/roles/keystone/handlers/main.yml +++ b/ansible/roles/keystone/handlers/main.yml @@ -10,7 +10,7 @@ kolla_container: action: "start_container" common_options: "{{ docker_common_options }}" - detach: False + detach: false environment: KOLLA_UPGRADE: KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}" @@ -21,7 +21,7 @@ restart_policy: oneshot volumes: "{{ service.volumes | reject('equalto', '') | list }}" dimensions: "{{ service.dimensions }}" - run_once: True + run_once: true when: - kolla_action == "upgrade" - inventory_hostname == groups[service.group][0] @@ -90,7 +90,7 @@ kolla_container: action: "start_container" common_options: "{{ docker_common_options }}" - detach: False + detach: false environment: KOLLA_FINISH_UPGRADE: KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}" @@ -101,6 +101,6 @@ restart_policy: oneshot volumes: "{{ service.volumes | reject('equalto', '') | list }}" dimensions: "{{ service.dimensions }}" - run_once: True + run_once: true when: - kolla_action == "upgrade" diff --git a/ansible/roles/keystone/tasks/bootstrap.yml b/ansible/roles/keystone/tasks/bootstrap.yml index 7af22ddea5..89e4cdd004 100644 --- a/ansible/roles/keystone/tasks/bootstrap.yml +++ b/ansible/roles/keystone/tasks/bootstrap.yml @@ -11,7 +11,7 @@ login_user: "{{ keystone_database_shard_root_user }}" login_password: "{{ database_password }}" name: "{{ keystone_database_name }}" - run_once: True + run_once: true delegate_to: "{{ groups['keystone'][0] }}" when: - not use_preconfigured_databases | bool @@ -32,7 +32,7 @@ host: "%" priv: "{{ keystone_database_name }}.*:ALL" append_privs: "yes" - run_once: True + run_once: true delegate_to: "{{ groups['keystone'][0] }}" when: - not use_preconfigured_databases | bool diff --git a/ansible/roles/keystone/tasks/bootstrap_service.yml b/ansible/roles/keystone/tasks/bootstrap_service.yml index 27e52f7901..f76d8f787d 100644 --- a/ansible/roles/keystone/tasks/bootstrap_service.yml +++ b/ansible/roles/keystone/tasks/bootstrap_service.yml @@ -38,7 +38,7 @@ kolla_container: action: "start_container" common_options: "{{ docker_common_options }}" - detach: False + detach: false environment: KOLLA_BOOTSTRAP: KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}" @@ -48,7 +48,7 @@ name: "bootstrap_keystone" restart_policy: oneshot volumes: "{{ keystone.volumes | reject('equalto', '') | list }}" - run_once: True + run_once: true - name: Running Keystone fernet bootstrap container vars: @@ -57,7 +57,7 @@ kolla_container: action: "start_container" common_options: "{{ docker_common_options }}" - detach: False + detach: false environment: KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}" image: "{{ keystone_fernet.image }}" @@ -70,7 +70,7 @@ name: "bootstrap_keystone_fernet" restart_policy: oneshot volumes: "{{ keystone_fernet.volumes | reject('equalto', '') | list }}" - run_once: True + run_once: true delegate_to: "{{ groups['keystone'][0] }}" when: - groups['keystone_fernet_running_True'] is not defined diff --git a/ansible/roles/keystone/tasks/config.yml b/ansible/roles/keystone/tasks/config.yml index 3ad2472810..f3f103dc2b 100644 --- a/ansible/roles/keystone/tasks/config.yml +++ b/ansible/roles/keystone/tasks/config.yml @@ -13,7 +13,7 @@ stat: path: "{{ item }}" delegate_to: localhost - run_once: True + run_once: true register: keystone_policy with_first_found: - files: "{{ supported_policy_format_list }}" @@ -32,7 +32,7 @@ stat: path: "{{ node_custom_config }}/keystone/domains" delegate_to: localhost - run_once: True + run_once: true register: keystone_domain_directory - include_tasks: copy-certs.yml @@ -89,7 +89,7 @@ - name: Get file list in custom domains folder find: path: "{{ node_custom_config }}/keystone/domains" - recurse: no + recurse: false file_type: file delegate_to: localhost register: keystone_domains @@ -184,7 +184,7 @@ stat: path: "{{ node_custom_config }}/keystone/keystone-paste.ini" delegate_to: localhost - run_once: True + run_once: true register: check_keystone_paste_ini when: service | service_enabled_and_mapped_to_host diff --git a/ansible/roles/keystone/tasks/distribute_fernet.yml b/ansible/roles/keystone/tasks/distribute_fernet.yml index 91a2305ada..1991e7c453 100644 --- a/ansible/roles/keystone/tasks/distribute_fernet.yml +++ b/ansible/roles/keystone/tasks/distribute_fernet.yml @@ -12,7 +12,7 @@ - name: Run key distribution become: true command: "{{ kolla_container_engine }} exec -t {{ keystone_services['keystone-fernet']['container_name'] }} /usr/bin/fernet-push.sh" - run_once: True + run_once: true delegate_to: >- {% if groups['keystone_fernet_running'] is defined -%} {{ groups['keystone_fernet_running'][0] }}{%- else -%}{{ groups['keystone'][0] }}{%- endif %} diff --git a/ansible/roles/keystone/tasks/register.yml b/ansible/roles/keystone/tasks/register.yml index 733c3f903d..3789eb7216 100644 --- a/ansible/roles/keystone/tasks/register.yml +++ b/ansible/roles/keystone/tasks/register.yml @@ -8,7 +8,7 @@ register: keystone_bootstrap changed_when: (keystone_bootstrap.stdout | from_json).changed failed_when: (keystone_bootstrap.stdout | from_json).failed - run_once: True + run_once: true with_items: "{{ multiple_regions_names }}" - import_role: @@ -16,7 +16,7 @@ vars: service_ks_register_auth: "{{ openstack_keystone_auth }}" service_ks_register_services: "{{ keystone_ks_services }}" - run_once: True + run_once: true - name: Creating default user role become: true @@ -29,4 +29,4 @@ endpoint_type: "{{ openstack_interface }}" cacert: "{{ openstack_cacert }}" region_name: "{{ openstack_region_name }}" - run_once: True + run_once: true diff --git a/ansible/roles/keystone/tasks/register_identity_providers.yml b/ansible/roles/keystone/tasks/register_identity_providers.yml index 75cd40aa9e..ced1d73dd6 100644 --- a/ansible/roles/keystone/tasks/register_identity_providers.yml +++ b/ansible/roles/keystone/tasks/register_identity_providers.yml @@ -12,9 +12,9 @@ --os-region-name={{ openstack_region_name }} {% if openstack_cacert != '' %}--os-cacert={{ openstack_cacert }} {% endif %} mapping list -c ID --format value - run_once: True - changed_when: False - become: True + run_once: true + changed_when: false + become: true register: existing_mappings_register - name: Register existing mappings @@ -34,7 +34,7 @@ --os-region-name={{ openstack_region_name }} {% if openstack_cacert != '' %}--os-cacert={{ openstack_cacert }} {% endif %} mapping delete {{ item }} - run_once: True + run_once: true become: true with_items: "{{ existing_mappings }}" when: @@ -52,7 +52,7 @@ endpoint_type: "{{ openstack_interface }}" cacert: "{{ openstack_cacert }}" region_name: "{{ openstack_region_name }}" - run_once: True + run_once: true with_items: "{{ keystone_identity_providers }}" - name: Register attribute mappings in OpenStack @@ -71,7 +71,7 @@ mapping create --rules "{{ keystone_container_federation_oidc_attribute_mappings_folder }}/{{ item.file | basename }}" {{ item.name }} - run_once: True + run_once: true when: - item.name not in existing_mappings with_items: "{{ keystone_identity_mappings }}" @@ -92,7 +92,7 @@ mapping set --rules="{{ keystone_container_federation_oidc_attribute_mappings_folder }}/{{ item.file | basename }}" {{ item.name }} - run_once: True + run_once: true when: - item.name in existing_mappings with_items: "{{ keystone_identity_mappings }}" @@ -111,8 +111,8 @@ --os-region-name={{ openstack_region_name }} {% if openstack_cacert != '' %}--os-cacert={{ openstack_cacert }} {% endif %} identity provider list -c ID --format value - run_once: True - changed_when: False + run_once: true + changed_when: false register: existing_idps_register - name: Register existing idps @@ -133,7 +133,7 @@ --os-region-name={ openstack_region_name }} {% if openstack_cacert != '' %}--os-cacert={{ openstack_cacert }}{% endif %} identity provider delete {{ item }} - run_once: True + run_once: true with_items: "{{ existing_idps }}" when: - item not in (keystone_identity_providers | map(attribute='name') | list) @@ -157,7 +157,7 @@ --remote-id "{{ item.identifier }}" --domain "{{ item.openstack_domain }}" {{ item.name }} - run_once: True + run_once: true when: - item.name not in existing_idps with_items: "{{ keystone_identity_providers }}" @@ -179,7 +179,7 @@ --description "{{ item.public_name }}" --remote-id "{{ item.identifier }}" "{{ item.name }}" - run_once: True + run_once: true when: - item.name in existing_idps with_items: "{{ keystone_identity_providers }}" @@ -201,7 +201,7 @@ --mapping {{ item.attribute_mapping }} --identity-provider {{ item.name }} {{ item.protocol }} - run_once: True + run_once: true when: - item.name not in existing_idps with_items: "{{ keystone_identity_providers }}" @@ -223,9 +223,9 @@ --identity-provider {{ item.name }} --mapping {{ item.attribute_mapping }} {{ item.protocol }} - run_once: True + run_once: true register: result - failed_when: result.rc not in [0, 1] # This command returns RC 1 on success, so we need to add this to avoid fails. + failed_when: result.rc not in [0, 1] # This command returns RC 1 on success, so we need to add this to avoid fails. when: - item.name in existing_idps with_items: "{{ keystone_identity_providers }}" diff --git a/ansible/roles/keystone/tasks/upgrade.yml b/ansible/roles/keystone/tasks/upgrade.yml index 2f1c64edea..88422c9287 100644 --- a/ansible/roles/keystone/tasks/upgrade.yml +++ b/ansible/roles/keystone/tasks/upgrade.yml @@ -16,7 +16,7 @@ login_password: "{{ database_password }}" variable: log_bin_trust_function_creators value: 1 - run_once: True + run_once: true when: - inventory_hostname == groups['keystone'][0] - not use_preconfigured_databases | bool @@ -47,6 +47,6 @@ login_password: "{{ database_password }}" variable: log_bin_trust_function_creators value: 0 - run_once: True + run_once: true when: - not use_preconfigured_databases | bool From cfe1f449bdeee7fe892cdfe31fb0d14fbca541e9 Mon Sep 17 00:00:00 2001 From: Michal Nasiadka Date: Wed, 12 Nov 2025 14:27:54 +0100 Subject: [PATCH 09/43] ansible-lint: Fix yaml[truthy] in kuryr role Change-Id: I1ceeba74f13dc26d112d65d98bb1b3c2f2cabd1c Signed-off-by: Michal Nasiadka --- ansible/roles/kuryr/defaults/main.yml | 5 ++--- ansible/roles/kuryr/tasks/config.yml | 2 +- 2 files changed, 3 insertions(+), 4 deletions(-) diff --git a/ansible/roles/kuryr/defaults/main.yml b/ansible/roles/kuryr/defaults/main.yml index 22edf3d03a..753e0abf58 100644 --- a/ansible/roles/kuryr/defaults/main.yml +++ b/ansible/roles/kuryr/defaults/main.yml @@ -11,9 +11,9 @@ kuryr_services: kuryr: container_name: kuryr group: compute - enabled: True + enabled: true image: "{{ kuryr_image_full }}" - privileged: True + privileged: true cap_add: - NET_ADMIN volumes: "{{ kuryr_default_volumes + kuryr_extra_volumes + lookup('vars', 'run_default_volumes_' + kolla_container_engine) }}" @@ -69,7 +69,6 @@ kuryr_keystone_user: "kuryr" openstack_kuryr_auth: "{{ openstack_auth }}" - #################### # Kolla #################### diff --git a/ansible/roles/kuryr/tasks/config.yml b/ansible/roles/kuryr/tasks/config.yml index 10bfff47db..6f6099cbcb 100644 --- a/ansible/roles/kuryr/tasks/config.yml +++ b/ansible/roles/kuryr/tasks/config.yml @@ -13,7 +13,7 @@ stat: path: "{{ item }}" delegate_to: localhost - run_once: True + run_once: true register: kuryr_policy with_first_found: - files: "{{ supported_policy_format_list }}" From 76b59e9b1bb4d8e08e90e6892810266c00a2173c Mon Sep 17 00:00:00 2001 From: Michal Nasiadka Date: Wed, 12 Nov 2025 14:29:08 +0100 Subject: [PATCH 10/43] ansible-lint: Fix yaml[truthy] in loadbalancer role Change-Id: Ia3d5ddd102dfb4e34237bda0016b93e329fd1a86 Signed-off-by: Michal Nasiadka --- ansible/roles/loadbalancer/defaults/main.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/ansible/roles/loadbalancer/defaults/main.yml b/ansible/roles/loadbalancer/defaults/main.yml index 995d85ebfe..9f7bd0b04f 100644 --- a/ansible/roles/loadbalancer/defaults/main.yml +++ b/ansible/roles/loadbalancer/defaults/main.yml @@ -5,7 +5,7 @@ loadbalancer_services: group: loadbalancer enabled: true image: "{{ haproxy_image_full }}" - privileged: True + privileged: true volumes: "{{ haproxy_default_volumes + haproxy_extra_volumes }}" dimensions: "{{ haproxy_dimensions }}" healthcheck: "{{ haproxy_healthcheck }}" @@ -14,7 +14,7 @@ loadbalancer_services: group: loadbalancer enabled: "{{ enable_proxysql | bool }}" image: "{{ proxysql_image_full }}" - privileged: False + privileged: false volumes: "{{ proxysql_default_volumes + proxysql_extra_volumes }}" dimensions: "{{ proxysql_dimensions }}" healthcheck: "{{ proxysql_healthcheck }}" @@ -23,7 +23,7 @@ loadbalancer_services: group: loadbalancer enabled: "{{ enable_keepalived | bool }}" image: "{{ keepalived_image_full }}" - privileged: True + privileged: true volumes: "{{ keepalived_default_volumes + keepalived_extra_volumes }}" dimensions: "{{ keepalived_dimensions }}" haproxy-ssh: @@ -183,11 +183,11 @@ haproxy_host_ipv4_tcp_retries2: "KOLLA_UNSET" # HAProxy socket admin permissions enable haproxy_socket_level_admin: "{{ enable_letsencrypt | bool }}" -kolla_externally_managed_cert: False +kolla_externally_managed_cert: false # Allow to disable keepalived tracking script (e.g. for single node environments # where this proves problematic in some cases) -keepalived_track_script_enabled: True +keepalived_track_script_enabled: true # Default backend for single external frontend (for missing mappings) haproxy_external_single_frontend_default_backend: "horizon_external_back" From 47cd78fcdae781c779308045aca2925b9a2621a4 Mon Sep 17 00:00:00 2001 From: Michal Nasiadka Date: Wed, 12 Nov 2025 14:30:07 +0100 Subject: [PATCH 11/43] ansible-lint: Fix yaml[truthy] in magnum role Change-Id: I86dc2ff6de71034451f01bd2260226416b93c2ba Signed-off-by: Michal Nasiadka --- ansible/roles/magnum/tasks/bootstrap.yml | 4 ++-- ansible/roles/magnum/tasks/bootstrap_service.yml | 4 ++-- ansible/roles/magnum/tasks/config.yml | 4 ++-- ansible/roles/magnum/tasks/register.yml | 6 +++--- 4 files changed, 9 insertions(+), 9 deletions(-) diff --git a/ansible/roles/magnum/tasks/bootstrap.yml b/ansible/roles/magnum/tasks/bootstrap.yml index 6d3da7609c..4fb78ea307 100644 --- a/ansible/roles/magnum/tasks/bootstrap.yml +++ b/ansible/roles/magnum/tasks/bootstrap.yml @@ -11,7 +11,7 @@ login_user: "{{ magnum_database_shard_root_user }}" login_password: "{{ database_password }}" name: "{{ magnum_database_name }}" - run_once: True + run_once: true delegate_to: "{{ groups['magnum-api'][0] }}" when: - not use_preconfigured_databases | bool @@ -32,7 +32,7 @@ host: "%" priv: "{{ magnum_database_name }}.*:ALL" append_privs: "yes" - run_once: True + run_once: true delegate_to: "{{ groups['magnum-api'][0] }}" when: - not use_preconfigured_databases | bool diff --git a/ansible/roles/magnum/tasks/bootstrap_service.yml b/ansible/roles/magnum/tasks/bootstrap_service.yml index 9ebf3aefc4..dca4f632ce 100644 --- a/ansible/roles/magnum/tasks/bootstrap_service.yml +++ b/ansible/roles/magnum/tasks/bootstrap_service.yml @@ -6,7 +6,7 @@ kolla_container: action: "start_container" common_options: "{{ docker_common_options }}" - detach: False + detach: false environment: KOLLA_BOOTSTRAP: KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}" @@ -16,5 +16,5 @@ name: "bootstrap_magnum" restart_policy: oneshot volumes: "{{ magnum_api.volumes | reject('equalto', '') | list }}" - run_once: True + run_once: true delegate_to: "{{ groups[magnum_api.group][0] }}" diff --git a/ansible/roles/magnum/tasks/config.yml b/ansible/roles/magnum/tasks/config.yml index 5921da31e0..d23065d853 100644 --- a/ansible/roles/magnum/tasks/config.yml +++ b/ansible/roles/magnum/tasks/config.yml @@ -13,7 +13,7 @@ stat: path: "{{ item }}" delegate_to: localhost - run_once: True + run_once: true register: magnum_policy with_first_found: - files: "{{ supported_policy_format_list }}" @@ -32,7 +32,7 @@ stat: path: "{{ node_custom_config }}/magnum/kubeconfig" delegate_to: localhost - run_once: True + run_once: true register: magnum_kubeconfig_file - name: Copying over kubeconfig file diff --git a/ansible/roles/magnum/tasks/register.yml b/ansible/roles/magnum/tasks/register.yml index 8d1d4aacf8..3cdf06be26 100644 --- a/ansible/roles/magnum/tasks/register.yml +++ b/ansible/roles/magnum/tasks/register.yml @@ -19,7 +19,7 @@ cacert: "{{ openstack_cacert }}" region_name: "{{ openstack_region_name }}" register: trustee_domain - run_once: True + run_once: true - name: Creating Magnum trustee user become: true @@ -35,7 +35,7 @@ endpoint_type: "{{ openstack_interface }}" cacert: "{{ openstack_cacert }}" region_name: "{{ openstack_region_name }}" - run_once: True + run_once: true - name: Creating Magnum trustee user role become: true @@ -50,5 +50,5 @@ endpoint_type: "{{ openstack_interface }}" cacert: "{{ openstack_cacert }}" region_name: "{{ openstack_region_name }}" - run_once: True + run_once: true when: not ansible_check_mode From f9945dc005867220a6a860eb642f97721fc0a13b Mon Sep 17 00:00:00 2001 From: Michal Nasiadka Date: Wed, 12 Nov 2025 14:30:58 +0100 Subject: [PATCH 12/43] ansible-lint: Fix yaml[truthy] in manila role Change-Id: I4e8a88d69654ca1f5665ed2db74279e82dbbf6b4 Signed-off-by: Michal Nasiadka --- ansible/roles/manila/defaults/main.yml | 12 ++++++------ ansible/roles/manila/tasks/bootstrap.yml | 4 ++-- ansible/roles/manila/tasks/bootstrap_service.yml | 4 ++-- ansible/roles/manila/tasks/config.yml | 2 +- ansible/roles/manila/tasks/external_ceph.yml | 2 +- 5 files changed, 12 insertions(+), 12 deletions(-) diff --git a/ansible/roles/manila/defaults/main.yml b/ansible/roles/manila/defaults/main.yml index 6435a5e462..1e973feb5d 100644 --- a/ansible/roles/manila/defaults/main.yml +++ b/ansible/roles/manila/defaults/main.yml @@ -4,7 +4,7 @@ manila_services: container_name: "manila_api" group: "manila-api" image: "{{ manila_api_image_full }}" - enabled: True + enabled: true volumes: "{{ manila_api_default_volumes + manila_api_extra_volumes }}" dimensions: "{{ manila_api_dimensions }}" healthcheck: "{{ manila_api_healthcheck }}" @@ -30,7 +30,7 @@ manila_services: container_name: "manila_scheduler" group: "manila-scheduler" image: "{{ manila_scheduler_image_full }}" - enabled: True + enabled: true volumes: "{{ manila_scheduler_default_volumes + manila_scheduler_extra_volumes }}" dimensions: "{{ manila_scheduler_dimensions }}" healthcheck: "{{ manila_scheduler_healthcheck }}" @@ -38,8 +38,8 @@ manila_services: container_name: "manila_share" group: "manila-share" image: "{{ manila_share_image_full }}" - enabled: True - privileged: True + enabled: true + privileged: true volumes: "{{ manila_share_default_volumes + manila_share_extra_volumes + lookup('vars', 'run_default_volumes_' + kolla_container_engine) }}" dimensions: "{{ manila_share_dimensions }}" healthcheck: "{{ manila_share_healthcheck }}" @@ -47,8 +47,8 @@ manila_services: container_name: "manila_data" group: "manila-data" image: "{{ manila_data_image_full }}" - enabled: True - privileged: True + enabled: true + privileged: true volumes: "{{ manila_data_default_volumes + manila_data_extra_volumes + lookup('vars', 'run_default_volumes_' + kolla_container_engine) }}" dimensions: "{{ manila_data_dimensions }}" healthcheck: "{{ manila_data_healthcheck }}" diff --git a/ansible/roles/manila/tasks/bootstrap.yml b/ansible/roles/manila/tasks/bootstrap.yml index 9e1872cdfe..c04f95d97b 100644 --- a/ansible/roles/manila/tasks/bootstrap.yml +++ b/ansible/roles/manila/tasks/bootstrap.yml @@ -11,7 +11,7 @@ login_user: "{{ manila_database_shard_root_user }}" login_password: "{{ database_password }}" name: "{{ manila_database_name }}" - run_once: True + run_once: true delegate_to: "{{ groups['manila-api'][0] }}" when: - not use_preconfigured_databases | bool @@ -32,7 +32,7 @@ host: "%" priv: "{{ manila_database_name }}.*:ALL" append_privs: "yes" - run_once: True + run_once: true delegate_to: "{{ groups['manila-api'][0] }}" when: - not use_preconfigured_databases | bool diff --git a/ansible/roles/manila/tasks/bootstrap_service.yml b/ansible/roles/manila/tasks/bootstrap_service.yml index f3e72da72d..fabcc5c5a3 100644 --- a/ansible/roles/manila/tasks/bootstrap_service.yml +++ b/ansible/roles/manila/tasks/bootstrap_service.yml @@ -6,7 +6,7 @@ kolla_container: action: "start_container" common_options: "{{ docker_common_options }}" - detach: False + detach: false environment: KOLLA_BOOTSTRAP: KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}" @@ -16,5 +16,5 @@ name: "bootstrap_manila" restart_policy: oneshot volumes: "{{ manila_api.volumes | reject('equalto', '') | list }}" - run_once: True + run_once: true delegate_to: "{{ groups[manila_api.group][0] }}" diff --git a/ansible/roles/manila/tasks/config.yml b/ansible/roles/manila/tasks/config.yml index 1607316a26..0cb6ae9454 100644 --- a/ansible/roles/manila/tasks/config.yml +++ b/ansible/roles/manila/tasks/config.yml @@ -18,7 +18,7 @@ stat: path: "{{ item }}" delegate_to: localhost - run_once: True + run_once: true register: manila_policy with_first_found: - files: "{{ supported_policy_format_list }}" diff --git a/ansible/roles/manila/tasks/external_ceph.yml b/ansible/roles/manila/tasks/external_ceph.yml index 3b70b0ad4f..84851e6b78 100644 --- a/ansible/roles/manila/tasks/external_ceph.yml +++ b/ansible/roles/manila/tasks/external_ceph.yml @@ -39,7 +39,7 @@ become: true file: path: "{{ node_config_directory }}/{{ item }}" - recurse: yes + recurse: true owner: "{{ config_owner_user }}" group: "{{ config_owner_group }}" when: inventory_hostname in groups[item] From d65c549dc8e1e302c8a96ceb5f7004f0af96e891 Mon Sep 17 00:00:00 2001 From: Michal Nasiadka Date: Wed, 12 Nov 2025 14:31:39 +0100 Subject: [PATCH 13/43] ansible-lint: Fix yaml[truthy] in mariadb role Change-Id: Iebf507ea4c970bbde896bd8fde344f433b6e6366 Signed-off-by: Michal Nasiadka --- ansible/roles/mariadb/tasks/backup.yml | 4 ++-- ansible/roles/mariadb/tasks/bootstrap_cluster.yml | 2 +- ansible/roles/mariadb/tasks/check.yml | 2 +- ansible/roles/mariadb/tasks/loadbalancer.yml | 4 ++-- ansible/roles/mariadb/tasks/lookup_cluster.yml | 6 +++--- ansible/roles/mariadb/tasks/post-upgrade.yml | 2 +- ansible/roles/mariadb/tasks/recover_cluster.yml | 10 +++++----- ansible/roles/mariadb/tasks/register.yml | 4 ++-- 8 files changed, 17 insertions(+), 17 deletions(-) diff --git a/ansible/roles/mariadb/tasks/backup.yml b/ansible/roles/mariadb/tasks/backup.yml index 0ddd8521d2..c07d7ded6f 100644 --- a/ansible/roles/mariadb/tasks/backup.yml +++ b/ansible/roles/mariadb/tasks/backup.yml @@ -17,14 +17,14 @@ action: "start_container" command: "bash -c 'sudo -E kolla_set_configs && /usr/local/bin/{{ cmd }}'" common_options: "{{ docker_common_options }}" - detach: False + detach: false # NOTE(mgoddard): Try to use the same image as the MariaDB server container # to avoid compatibility issues. See # https://bugs.launchpad.net/kolla-ansible/+bug/2058644. image: "{{ container_facts.containers[mariadb_services.mariadb.container_name].Config.Image | default(mariadb_services.mariadb.image) }}" name: "mariabackup" restart_policy: oneshot - remove_on_exit: True + remove_on_exit: true environment: BACKUP_TYPE: "{{ mariadb_backup_type }}" volumes: diff --git a/ansible/roles/mariadb/tasks/bootstrap_cluster.yml b/ansible/roles/mariadb/tasks/bootstrap_cluster.yml index 9a412c3579..34c463cb83 100644 --- a/ansible/roles/mariadb/tasks/bootstrap_cluster.yml +++ b/ansible/roles/mariadb/tasks/bootstrap_cluster.yml @@ -7,7 +7,7 @@ kolla_container: action: "start_container" common_options: "{{ docker_common_options }}" - detach: False + detach: false environment: KOLLA_BOOTSTRAP: KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}" diff --git a/ansible/roles/mariadb/tasks/check.yml b/ansible/roles/mariadb/tasks/check.yml index c0296bd4c5..78d5e481d2 100644 --- a/ansible/roles/mariadb/tasks/check.yml +++ b/ansible/roles/mariadb/tasks/check.yml @@ -15,7 +15,7 @@ query: "SHOW DATABASES;" register: result until: result is success - changed_when: False + changed_when: false retries: 6 delay: 10 become: true diff --git a/ansible/roles/mariadb/tasks/loadbalancer.yml b/ansible/roles/mariadb/tasks/loadbalancer.yml index bc7439dfd8..9bfa2ac6c9 100644 --- a/ansible/roles/mariadb/tasks/loadbalancer.yml +++ b/ansible/roles/mariadb/tasks/loadbalancer.yml @@ -37,8 +37,8 @@ with_dict: "{{ mariadb_shards_info.shards }}" loop_control: label: "{{ host }}" - failed_when: False - run_once: True + failed_when: false + run_once: true - name: "Configure loadbalancer for {{ project_name }}" import_role: diff --git a/ansible/roles/mariadb/tasks/lookup_cluster.yml b/ansible/roles/mariadb/tasks/lookup_cluster.yml index 207e1f90b8..5103af0723 100644 --- a/ansible/roles/mariadb/tasks/lookup_cluster.yml +++ b/ansible/roles/mariadb/tasks/lookup_cluster.yml @@ -27,7 +27,7 @@ timeout: 10 search_regex: "MariaDB" register: check_mariadb_port_liveness - ignore_errors: yes + ignore_errors: true - name: Divide hosts by their MariaDB service port liveness group_by: @@ -76,5 +76,5 @@ msg: MariaDB cluster is not synced. Please wait for WSREP sync before proceeding. when: - groups[mariadb_shard_group + '_port_alive_True'] is defined - - groups[mariadb_shard_group + '_sync_status_Synced'] is not defined or - groups[mariadb_shard_group + '_port_alive_True'] | sort != groups[mariadb_shard_group + '_sync_status_Synced'] | sort + - groups[mariadb_shard_group + '_sync_status_Synced'] is not defined or groups[mariadb_shard_group + '_port_alive_True'] | sort != + groups[mariadb_shard_group + '_sync_status_Synced'] | sort diff --git a/ansible/roles/mariadb/tasks/post-upgrade.yml b/ansible/roles/mariadb/tasks/post-upgrade.yml index ac878bef6b..70a184812a 100644 --- a/ansible/roles/mariadb/tasks/post-upgrade.yml +++ b/ansible/roles/mariadb/tasks/post-upgrade.yml @@ -7,7 +7,7 @@ kolla_container: action: "start_container" common_options: "{{ docker_common_options }}" - detach: False + detach: false dimensions: "{{ service.dimensions }}" environment: KOLLA_UPGRADE: diff --git a/ansible/roles/mariadb/tasks/recover_cluster.yml b/ansible/roles/mariadb/tasks/recover_cluster.yml index 37877ae599..0f1f0f9de2 100644 --- a/ansible/roles/mariadb/tasks/recover_cluster.yml +++ b/ansible/roles/mariadb/tasks/recover_cluster.yml @@ -11,7 +11,7 @@ delegate_to: localhost connection: local changed_when: false - check_mode: no + check_mode: false run_once: true with_fileglob: "/tmp/kolla_mariadb_recover_inventory_name_*" @@ -61,7 +61,7 @@ path: /tmp/mariadb_tmp.log state: absent changed_when: false - check_mode: no + check_mode: false - name: Registering MariaDB seqno variable set_fact: @@ -102,10 +102,10 @@ - name: Set grastate.dat file from MariaDB container in bootstrap host become: true lineinfile: - create: yes + create: true dest: "{{ container_engine_volumes_path }}/mariadb/_data/grastate.dat" - regexp: 'safe_to_bootstrap:(.*)$' - line: 'safe_to_bootstrap: 1' + regexp: "safe_to_bootstrap:(.*)$" + line: "safe_to_bootstrap: 1" state: present when: - bootstrap_host is defined diff --git a/ansible/roles/mariadb/tasks/register.yml b/ansible/roles/mariadb/tasks/register.yml index 1b733afa70..b7a73ce519 100644 --- a/ansible/roles/mariadb/tasks/register.yml +++ b/ansible/roles/mariadb/tasks/register.yml @@ -50,7 +50,7 @@ password: "{{ mariadb_backup_database_password }}" host: "%" priv: "*.*:RELOAD,PROCESS,LOCK TABLES,BINLOG MONITOR/{{ mariadb_backup_database_schema }}.mariadb_backup_history:CREATE,ALTER,INSERT" - append_privs: True + append_privs: true when: - enable_mariabackup | bool - inventory_hostname == mariadb_backup_host @@ -70,7 +70,7 @@ password: "{{ mariadb_backup_database_password }}" host: "%" priv: "{{ mariadb_backup_database_schema }}.*:CREATE,INSERT,SELECT" - append_privs: True + append_privs: true when: - enable_mariabackup | bool - inventory_hostname == mariadb_backup_host From 535c0f5c4e86f10a0dd8d328f70843103b666134 Mon Sep 17 00:00:00 2001 From: Michal Nasiadka Date: Wed, 12 Nov 2025 14:37:42 +0100 Subject: [PATCH 14/43] ansible-lint: Fix yaml[truthy] in masakari role Change-Id: I9c3da9d4e99f30947d3bdf4bca72c3e3f836a9a8 Signed-off-by: Michal Nasiadka --- ansible/roles/masakari/defaults/main.yml | 2 +- ansible/roles/masakari/tasks/bootstrap.yml | 4 ++-- ansible/roles/masakari/tasks/bootstrap_service.yml | 4 ++-- ansible/roles/masakari/tasks/config.yml | 2 +- ansible/roles/masakari/tasks/precheck.yml | 2 +- 5 files changed, 7 insertions(+), 7 deletions(-) diff --git a/ansible/roles/masakari/defaults/main.yml b/ansible/roles/masakari/defaults/main.yml index c0713b05cc..496a0f0191 100644 --- a/ansible/roles/masakari/defaults/main.yml +++ b/ansible/roles/masakari/defaults/main.yml @@ -39,7 +39,7 @@ masakari_services: enabled: "{{ enable_masakari_instancemonitor | bool }}" image: "{{ masakari_monitors_image_full }}" volumes: "{{ masakari_instancemonitor_default_volumes + masakari_instancemonitor_extra_volumes }}" - privileged: True + privileged: true dimensions: "{{ masakari_instancemonitor_dimensions }}" masakari-hostmonitor: container_name: masakari_hostmonitor diff --git a/ansible/roles/masakari/tasks/bootstrap.yml b/ansible/roles/masakari/tasks/bootstrap.yml index 22eaa252e6..6b5f9d1b0c 100644 --- a/ansible/roles/masakari/tasks/bootstrap.yml +++ b/ansible/roles/masakari/tasks/bootstrap.yml @@ -11,7 +11,7 @@ login_user: "{{ masakari_database_shard_root_user }}" login_password: "{{ database_password }}" name: "{{ masakari_database_name }}" - run_once: True + run_once: true delegate_to: "{{ groups['masakari-api'][0] }}" when: - not use_preconfigured_databases | bool @@ -32,7 +32,7 @@ host: "%" priv: "{{ masakari_database_name }}.*:ALL" append_privs: "yes" - run_once: True + run_once: true delegate_to: "{{ groups['masakari-api'][0] }}" when: - not use_preconfigured_databases | bool diff --git a/ansible/roles/masakari/tasks/bootstrap_service.yml b/ansible/roles/masakari/tasks/bootstrap_service.yml index 62f02128cf..40a11650d1 100644 --- a/ansible/roles/masakari/tasks/bootstrap_service.yml +++ b/ansible/roles/masakari/tasks/bootstrap_service.yml @@ -6,7 +6,7 @@ kolla_container: action: "start_container" common_options: "{{ docker_common_options }}" - detach: False + detach: false environment: KOLLA_BOOTSTRAP: KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}" @@ -16,5 +16,5 @@ name: "bootstrap_masakari" restart_policy: "oneshot" volumes: "{{ masakari_api.volumes | reject('equalto', '') | list }}" - run_once: True + run_once: true delegate_to: "{{ groups[masakari_api.group][0] }}" diff --git a/ansible/roles/masakari/tasks/config.yml b/ansible/roles/masakari/tasks/config.yml index 16e14e99f4..2edbcdb355 100644 --- a/ansible/roles/masakari/tasks/config.yml +++ b/ansible/roles/masakari/tasks/config.yml @@ -13,7 +13,7 @@ stat: path: "{{ item }}" delegate_to: localhost - run_once: True + run_once: true register: masakari_policy with_first_found: - files: "{{ supported_policy_format_list }}" diff --git a/ansible/roles/masakari/tasks/precheck.yml b/ansible/roles/masakari/tasks/precheck.yml index 9db46ab9fb..a5486ac615 100644 --- a/ansible/roles/masakari/tasks/precheck.yml +++ b/ansible/roles/masakari/tasks/precheck.yml @@ -27,7 +27,7 @@ - inventory_hostname in groups['masakari-api'] - name: Checking for coordination backend if running in multinode setup - run_once: True + run_once: true fail: msg: "Please enable Valkey or etcd when running in multinode scenario." when: From afa6ed30a1548e83add90811bd5bc9000a994124 Mon Sep 17 00:00:00 2001 From: Michal Nasiadka Date: Wed, 12 Nov 2025 14:39:50 +0100 Subject: [PATCH 15/43] ansible-lint: Fix yaml[truthy] in mistral role Change-Id: Ifcd30459b610bf37098eae0e2960b2e27715d5ab Signed-off-by: Michal Nasiadka --- ansible/roles/mistral/tasks/bootstrap.yml | 4 ++-- ansible/roles/mistral/tasks/bootstrap_service.yml | 4 ++-- ansible/roles/mistral/tasks/config.yml | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/ansible/roles/mistral/tasks/bootstrap.yml b/ansible/roles/mistral/tasks/bootstrap.yml index 215bc09a5a..4e7cb2b2f9 100644 --- a/ansible/roles/mistral/tasks/bootstrap.yml +++ b/ansible/roles/mistral/tasks/bootstrap.yml @@ -11,7 +11,7 @@ login_user: "{{ mistral_database_shard_root_user }}" login_password: "{{ database_password }}" name: "{{ mistral_database_name }}" - run_once: True + run_once: true delegate_to: "{{ groups['mistral-api'][0] }}" when: - not use_preconfigured_databases | bool @@ -32,7 +32,7 @@ host: "%" priv: "{{ mistral_database_name }}.*:ALL" append_privs: "yes" - run_once: True + run_once: true delegate_to: "{{ groups['mistral-api'][0] }}" when: - not use_preconfigured_databases | bool diff --git a/ansible/roles/mistral/tasks/bootstrap_service.yml b/ansible/roles/mistral/tasks/bootstrap_service.yml index 3fb1f2bb23..b2aa88c765 100644 --- a/ansible/roles/mistral/tasks/bootstrap_service.yml +++ b/ansible/roles/mistral/tasks/bootstrap_service.yml @@ -6,7 +6,7 @@ kolla_container: action: "start_container" common_options: "{{ docker_common_options }}" - detach: False + detach: false environment: KOLLA_BOOTSTRAP: KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}" @@ -16,5 +16,5 @@ name: "bootstrap_mistral" restart_policy: oneshot volumes: "{{ mistral_api.volumes | reject('equalto', '') | list }}" - run_once: True + run_once: true delegate_to: "{{ groups[mistral_api.group][0] }}" diff --git a/ansible/roles/mistral/tasks/config.yml b/ansible/roles/mistral/tasks/config.yml index d9ea731db3..aba2fbf273 100644 --- a/ansible/roles/mistral/tasks/config.yml +++ b/ansible/roles/mistral/tasks/config.yml @@ -13,7 +13,7 @@ stat: path: "{{ item }}" delegate_to: localhost - run_once: True + run_once: true register: mistral_policy with_first_found: - files: "{{ supported_policy_format_list }}" From 4f60e0d794bc154d5ad57552d33ef994f99c7172 Mon Sep 17 00:00:00 2001 From: Michal Nasiadka Date: Mon, 24 Nov 2025 08:56:30 +0100 Subject: [PATCH 16/43] fluentd: Fix running with enable_fluentd: no Since we broken out fluentd to it's own role - we removed the when guards that checked for enable_fluentd inside the role. That has effectively broken running with fluentd disabled. Closes-Bug: #2132288 Change-Id: If202d1a6c848515236e44664af8407dda8441328 Signed-off-by: Michal Nasiadka --- ansible/site.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/ansible/site.yml b/ansible/site.yml index 8d742462b4..ad7ac1854f 100644 --- a/ansible/site.yml +++ b/ansible/site.yml @@ -33,6 +33,7 @@ - enable_cyborg_{{ enable_cyborg | bool }} - enable_designate_{{ enable_designate | bool }} - enable_etcd_{{ enable_etcd | bool }} + - enable_fluentd_{{ enable_fluentd | bool }} - enable_glance_{{ enable_glance | bool }} - enable_gnocchi_{{ enable_gnocchi | bool }} - enable_grafana_{{ enable_grafana | bool }} @@ -116,6 +117,7 @@ gather_facts: false hosts: - fluentd + - '&enable_fluentd_True' serial: '{{ kolla_serial|default("0") }}' max_fail_percentage: >- {{ fluentd_max_fail_percentage | From 6edd8f9cdc3c3d2a703d67422ffcad5730097737 Mon Sep 17 00:00:00 2001 From: Michal Nasiadka Date: Wed, 12 Nov 2025 14:40:47 +0100 Subject: [PATCH 17/43] ansible-lint: Fix yaml[truthy] in multipathd role Change-Id: I69ec0f94e21a53f5c5f42a4c60a851c15f083aac Signed-off-by: Michal Nasiadka --- ansible/roles/multipathd/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ansible/roles/multipathd/defaults/main.yml b/ansible/roles/multipathd/defaults/main.yml index 60ade00f52..0e45239247 100644 --- a/ansible/roles/multipathd/defaults/main.yml +++ b/ansible/roles/multipathd/defaults/main.yml @@ -5,7 +5,7 @@ multipathd_services: group: multipathd enabled: true ipc_mode: "host" - privileged: True + privileged: true image: "{{ multipathd_image_full }}" volumes: "{{ multipathd_default_volumes + multipathd_extra_volumes + lookup('vars', 'run_default_volumes_' + kolla_container_engine) }}" From 552465f77fb8ac3541c27b121fe30582c1159f52 Mon Sep 17 00:00:00 2001 From: OpenStack Release Bot Date: Mon, 24 Nov 2025 16:15:23 +0000 Subject: [PATCH 18/43] reno: Update master for unmaintained/2024.1 Update the 2024.1 release notes configuration to build from unmaintained/2024.1. Change-Id: I221e2882a763103a56a995c81c8acf91c6326666 Signed-off-by: OpenStack Release Bot Generated-By: openstack/project-config:roles/copy-release-tools-scripts/files/release-tools/change_reno_branch_to_unmaintained.sh --- releasenotes/source/2024.1.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/releasenotes/source/2024.1.rst b/releasenotes/source/2024.1.rst index 4977a4f1a0..6896656be6 100644 --- a/releasenotes/source/2024.1.rst +++ b/releasenotes/source/2024.1.rst @@ -3,4 +3,4 @@ =========================== .. release-notes:: - :branch: stable/2024.1 + :branch: unmaintained/2024.1 From ed3564796e85575e0df1c3065853098476c4f6a5 Mon Sep 17 00:00:00 2001 From: Michal Nasiadka Date: Wed, 12 Nov 2025 14:41:38 +0100 Subject: [PATCH 19/43] ansible-lint: Fix yaml[truthy] in neutron role Change-Id: I93214d97b9d7911a4f8e6d947a04fd8cb7ebde21 Signed-off-by: Michal Nasiadka --- ansible/roles/neutron/defaults/main.yml | 22 +++++++++---------- ansible/roles/neutron/tasks/bootstrap.yml | 4 ++-- .../roles/neutron/tasks/bootstrap_service.yml | 4 ++-- .../neutron/tasks/config-neutron-fake.yml | 4 ++-- ansible/roles/neutron/tasks/config.yml | 6 ++--- ansible/roles/neutron/tasks/precheck.yml | 6 ++--- .../roles/neutron/tasks/rolling_upgrade.yml | 10 ++++----- 7 files changed, 28 insertions(+), 28 deletions(-) diff --git a/ansible/roles/neutron/defaults/main.yml b/ansible/roles/neutron/defaults/main.yml index 8d3dcdcfd7..d9dacd4c25 100644 --- a/ansible/roles/neutron/defaults/main.yml +++ b/ansible/roles/neutron/defaults/main.yml @@ -61,7 +61,7 @@ neutron_services: container_name: "neutron_openvswitch_agent" image: "{{ neutron_openvswitch_agent_image_full }}" enabled: "{{ neutron_plugin_agent == 'openvswitch' }}" - privileged: True + privileged: true host_in_groups: >- {{ (inventory_hostname in groups['compute'] @@ -83,7 +83,7 @@ neutron_services: cgroupns_mode: "{{ 'host' if neutron_agents_wrappers | bool else 'private' }}" container_name: "neutron_dhcp_agent" image: "{{ neutron_dhcp_agent_image_full }}" - privileged: True + privileged: true enabled: "{{ neutron_plugin_agent != 'ovn' or neutron_ovn_dhcp_agent | bool }}" group: "neutron-dhcp-agent" host_in_groups: "{{ inventory_hostname in groups['neutron-dhcp-agent'] }}" @@ -99,7 +99,7 @@ neutron_services: cgroupns_mode: "{{ 'host' if neutron_agents_wrappers | bool else 'private' }}" container_name: "neutron_l3_agent" image: "{{ neutron_l3_agent_image_full }}" - privileged: True + privileged: true enabled: "{{ neutron_plugin_agent != 'ovn' }}" environment: KOLLA_IMAGE: "{{ neutron_l3_agent_image_full }}" @@ -117,7 +117,7 @@ neutron_services: neutron-sriov-agent: container_name: "neutron_sriov_agent" image: "{{ neutron_sriov_agent_image_full }}" - privileged: True + privileged: true enabled: "{{ enable_neutron_sriov | bool }}" host_in_groups: "{{ inventory_hostname in groups['compute'] }}" volumes: "{{ neutron_sriov_agent_default_volumes + neutron_sriov_agent_extra_volumes }}" @@ -133,7 +133,7 @@ neutron_services: neutron-eswitchd: container_name: "neutron_eswitchd" image: "{{ neutron_eswitchd_image_full }}" - privileged: True + privileged: true enabled: "{{ enable_neutron_mlnx | bool }}" host_in_groups: "{{ inventory_hostname in groups['compute'] }}" volumes: "{{ neutron_eswitchd_default_volumes + neutron_eswitchd_extra_volumes }}" @@ -141,7 +141,7 @@ neutron_services: neutron-metadata-agent: container_name: "neutron_metadata_agent" image: "{{ neutron_metadata_agent_image_full }}" - privileged: True + privileged: true enabled: "{{ neutron_plugin_agent != 'ovn' }}" host_in_groups: >- {{ @@ -155,7 +155,7 @@ neutron_services: cgroupns_mode: "{{ 'host' if neutron_agents_wrappers | bool else 'private' }}" container_name: "neutron_ovn_metadata_agent" image: "{{ neutron_ovn_metadata_agent_image_full }}" - privileged: True + privileged: true enabled: "{{ neutron_plugin_agent == 'ovn' }}" host_in_groups: "{{ inventory_hostname in groups['neutron-ovn-metadata-agent'] }}" volumes: "{{ neutron_ovn_metadata_agent_default_volumes + neutron_ovn_metadata_agent_extra_volumes }}" @@ -169,7 +169,7 @@ neutron_services: neutron-bgp-dragent: container_name: "neutron_bgp_dragent" image: "{{ neutron_bgp_dragent_image_full }}" - privileged: True + privileged: true enabled: "{{ enable_neutron_bgp_dragent | bool }}" group: "neutron-bgp-dragent" host_in_groups: "{{ inventory_hostname in groups['neutron-bgp-dragent'] }}" @@ -179,7 +179,7 @@ neutron_services: neutron-infoblox-ipam-agent: container_name: "neutron_infoblox_ipam_agent" image: "{{ neutron_infoblox_ipam_agent_image_full }}" - privileged: True + privileged: true enabled: "{{ enable_neutron_infoblox_ipam_agent | bool }}" group: "neutron-infoblox-ipam-agent" host_in_groups: "{{ inventory_hostname in groups['neutron-infoblox-ipam-agent'] }}" @@ -188,7 +188,7 @@ neutron_services: neutron-metering-agent: container_name: "neutron_metering_agent" image: "{{ neutron_metering_agent_image_full }}" - privileged: True + privileged: true enabled: "{{ enable_neutron_metering | bool }}" group: "neutron-metering-agent" host_in_groups: "{{ inventory_hostname in groups['neutron-metering-agent'] }}" @@ -197,7 +197,7 @@ neutron_services: ironic-neutron-agent: container_name: "ironic_neutron_agent" image: "{{ ironic_neutron_agent_image_full }}" - privileged: False + privileged: false enabled: "{{ enable_ironic_neutron_agent | bool }}" group: "ironic-neutron-agent" host_in_groups: "{{ inventory_hostname in groups['ironic-neutron-agent'] }}" diff --git a/ansible/roles/neutron/tasks/bootstrap.yml b/ansible/roles/neutron/tasks/bootstrap.yml index a58a07b570..b7afe8e98c 100644 --- a/ansible/roles/neutron/tasks/bootstrap.yml +++ b/ansible/roles/neutron/tasks/bootstrap.yml @@ -11,7 +11,7 @@ login_user: "{{ neutron_database_shard_root_user }}" login_password: "{{ database_password }}" name: "{{ neutron_database_name }}" - run_once: True + run_once: true delegate_to: "{{ groups['neutron-server'][0] }}" when: - not use_preconfigured_databases | bool @@ -32,7 +32,7 @@ host: "%" priv: "{{ neutron_database_name }}.*:ALL" append_privs: "yes" - run_once: True + run_once: true delegate_to: "{{ groups['neutron-server'][0] }}" when: - not use_preconfigured_databases | bool diff --git a/ansible/roles/neutron/tasks/bootstrap_service.yml b/ansible/roles/neutron/tasks/bootstrap_service.yml index 094f4ca968..3ec0172c35 100644 --- a/ansible/roles/neutron/tasks/bootstrap_service.yml +++ b/ansible/roles/neutron/tasks/bootstrap_service.yml @@ -6,7 +6,7 @@ kolla_container: action: "start_container" common_options: "{{ docker_common_options }}" - detach: False + detach: false environment: KOLLA_BOOTSTRAP: KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}" @@ -17,5 +17,5 @@ name: "bootstrap_neutron" restart_policy: oneshot volumes: "{{ neutron_server.volumes }}" - run_once: True + run_once: true delegate_to: "{{ groups[neutron_server.group][0] }}" diff --git a/ansible/roles/neutron/tasks/config-neutron-fake.yml b/ansible/roles/neutron/tasks/config-neutron-fake.yml index ea26ba7c5d..bd94dfd559 100644 --- a/ansible/roles/neutron/tasks/config-neutron-fake.yml +++ b/ansible/roles/neutron/tasks/config-neutron-fake.yml @@ -4,7 +4,7 @@ file: path: "{{ node_config_directory }}/neutron-openvswitch-agent-fake-{{ item }}" state: "directory" - recurse: yes + recurse: true mode: "0770" with_sequence: start=1 end={{ num_nova_fake_per_node }} when: inventory_hostname in groups['compute'] @@ -84,7 +84,7 @@ become: true file: path: "{{ node_config_directory }}/neutron-openvswitch-agent-fake-{{ item }}" - recurse: yes + recurse: true owner: "{{ config_owner_user }}" group: "{{ config_owner_group }}" when: inventory_hostname in groups['compute'] diff --git a/ansible/roles/neutron/tasks/config.yml b/ansible/roles/neutron/tasks/config.yml index 9c5a9702b5..76705426e2 100644 --- a/ansible/roles/neutron/tasks/config.yml +++ b/ansible/roles/neutron/tasks/config.yml @@ -13,8 +13,8 @@ find: path: "{{ node_custom_config }}/neutron/plugins/" delegate_to: localhost - run_once: True - changed_when: False + run_once: true + changed_when: false register: check_extra_ml2_plugins - include_tasks: copy-certs.yml @@ -25,7 +25,7 @@ stat: path: "{{ item }}" delegate_to: localhost - run_once: True + run_once: true register: neutron_policy with_first_found: - files: "{{ supported_policy_format_list }}" diff --git a/ansible/roles/neutron/tasks/precheck.yml b/ansible/roles/neutron/tasks/precheck.yml index 16f7b0db44..46ba3db3d2 100644 --- a/ansible/roles/neutron/tasks/precheck.yml +++ b/ansible/roles/neutron/tasks/precheck.yml @@ -33,7 +33,7 @@ - groups['neutron-l3-agent'] | length > 1 fail_msg: "Number of network agents are less than two when enabling agent ha" changed_when: false - run_once: True + run_once: true when: - enable_neutron_agent_ha | bool @@ -51,7 +51,7 @@ assert: that: enable_ironic | bool fail_msg: "Ironic must be enabled when using networking-baremetal/ironic-neutron-agent" - run_once: True + run_once: true when: - enable_ironic_neutron_agent | bool @@ -64,7 +64,7 @@ - neutron_dns_domain != "openstacklocal" fail_msg: "The neutron_dns_domain value has to be non-empty and must end with a period '.'" changed_when: false - run_once: True + run_once: true when: - neutron_dns_integration | bool diff --git a/ansible/roles/neutron/tasks/rolling_upgrade.yml b/ansible/roles/neutron/tasks/rolling_upgrade.yml index d0a98f94ad..6b66ef5d99 100644 --- a/ansible/roles/neutron/tasks/rolling_upgrade.yml +++ b/ansible/roles/neutron/tasks/rolling_upgrade.yml @@ -17,7 +17,7 @@ kolla_container: action: "start_container" common_options: "{{ docker_common_options }}" - detach: False + detach: false environment: KOLLA_UPGRADE: NEUTRON_DB_EXPAND: @@ -29,7 +29,7 @@ name: "bootstrap_neutron" restart_policy: oneshot volumes: "{{ neutron_server.volumes }}" - run_once: True + run_once: true delegate_to: "{{ groups['neutron-server'][0] }}" - name: Flush Handlers @@ -39,7 +39,7 @@ become: true command: "{{ kolla_container_engine }} exec -t neutron_server neutron-db-manage --subproject {{ item }} has_offline_migrations" register: neutron_check_contract_db_stdout - ignore_errors: yes + ignore_errors: true with_items: "{{ neutron_rolling_upgrade_services }}" when: inventory_hostname == groups['neutron-server'][0] @@ -69,7 +69,7 @@ kolla_container: action: "start_container" common_options: "{{ docker_common_options }}" - detach: False + detach: false environment: KOLLA_UPGRADE: NEUTRON_DB_CONTRACT: @@ -81,7 +81,7 @@ name: "bootstrap_neutron" restart_policy: oneshot volumes: "{{ neutron_server.volumes }}" - run_once: True + run_once: true delegate_to: "{{ groups['neutron-server'][0] }}" # Flush handlers here to ensure neutron-server containers are started From 45058bfa074cbc5f383e6ec62dd4c3a6ea124fa8 Mon Sep 17 00:00:00 2001 From: Michal Nasiadka Date: Wed, 12 Nov 2025 14:43:23 +0100 Subject: [PATCH 20/43] ansible-lint: Fix yaml[truthy] in nova role Change-Id: Ia653bfbbf04e25f5bd002526247645dffef95b2b Signed-off-by: Michal Nasiadka --- ansible/roles/nova-cell/defaults/main.yml | 10 +++++----- ansible/roles/nova-cell/handlers/main.yml | 4 ++-- ansible/roles/nova-cell/tasks/bootstrap_service.yml | 2 +- ansible/roles/nova-cell/tasks/config-nova-fake.yml | 4 ++-- ansible/roles/nova-cell/tasks/config.yml | 6 +++--- ansible/roles/nova-cell/tasks/config_bootstrap.yml | 2 +- ansible/roles/nova-cell/tasks/get_cell_settings.yml | 2 +- .../roles/nova-cell/tasks/online_data_migrations.yml | 2 +- ansible/roles/nova/defaults/main.yml | 8 ++++---- ansible/roles/nova/tasks/bootstrap.yml | 4 ++-- ansible/roles/nova/tasks/bootstrap_service.yml | 2 +- ansible/roles/nova/tasks/config.yml | 6 +++--- ansible/roles/nova/tasks/config_bootstrap.yml | 2 +- ansible/roles/nova/tasks/online_data_migrations.yml | 2 +- ansible/roles/nova/tasks/upgrade.yml | 4 ++-- ansible/roles/service-rabbitmq/tasks/main.yml | 2 +- 16 files changed, 31 insertions(+), 31 deletions(-) diff --git a/ansible/roles/nova-cell/defaults/main.yml b/ansible/roles/nova-cell/defaults/main.yml index 88f35ff73e..1cc4a04aa8 100644 --- a/ansible/roles/nova-cell/defaults/main.yml +++ b/ansible/roles/nova-cell/defaults/main.yml @@ -9,7 +9,7 @@ nova_cell_services: image: "{{ nova_libvirt_image_full }}" pid_mode: "host" cgroupns_mode: "host" - privileged: True + privileged: true volumes: "{{ nova_libvirt_default_volumes + nova_libvirt_extra_volumes + lookup('vars', 'run_default_volumes_' + kolla_container_engine) }}" dimensions: "{{ nova_libvirt_dimensions }}" healthcheck: "{{ nova_libvirt_healthcheck }}" @@ -47,7 +47,7 @@ nova_cell_services: nova-conductor: container_name: "nova_conductor" group: "{{ nova_cell_conductor_group }}" - enabled: True + enabled: true image: "{{ nova_conductor_image_full }}" volumes: "{{ nova_conductor_default_volumes + nova_conductor_extra_volumes }}" dimensions: "{{ nova_conductor_dimensions }}" @@ -58,7 +58,7 @@ nova_cell_services: image: "{{ nova_compute_image_full }}" environment: LIBGUESTFS_BACKEND: "direct" - privileged: True + privileged: true enabled: "{{ not enable_nova_fake | bool }}" ipc_mode: "host" volumes: "{{ nova_compute_default_volumes + nova_compute_extra_volumes + lookup('vars', 'run_default_volumes_' + kolla_container_engine) }}" @@ -307,7 +307,7 @@ nova_libvirt_default_dimensions: soft: 67108864 # 64 MiB hard: 67108864 # 64 MiB -nova_libvirt_dimensions: "{{ default_container_dimensions | combine(nova_libvirt_default_dimensions, recursive=True) }}" +nova_libvirt_dimensions: "{{ default_container_dimensions | combine(nova_libvirt_default_dimensions, recursive=true) }}" nova_ssh_dimensions: "{{ default_container_dimensions }}" nova_novncproxy_dimensions: "{{ default_container_dimensions }}" nova_spicehtml5proxy_dimensions: "{{ default_container_dimensions }}" @@ -583,7 +583,7 @@ qemu_max_files: 32768 qemu_max_processes: 131072 # Use TLS for libvirt connections and live migration libvirt_tls: false -# Should kolla-ansible manage/copy the certs. False, assumes the deployer is +# Should kolla-ansible manage/copy the certs. False, assumes the deployer is # responsible for making the TLS certs show up in the config directories # also means the deployer is responsible for restarting the nova_compute and # nova_libvirt containers when the key changes, as we can't know when to do that diff --git a/ansible/roles/nova-cell/handlers/main.yml b/ansible/roles/nova-cell/handlers/main.yml index 17658ef2ed..2dcca1546f 100644 --- a/ansible/roles/nova-cell/handlers/main.yml +++ b/ansible/roles/nova-cell/handlers/main.yml @@ -107,7 +107,7 @@ until: restart_nova_libvirt is success notify: "{{ nova_libvirt_notify }}" - # need to wait kolla_set_configs script to overwrite sasl config file +# need to wait kolla_set_configs script to overwrite sasl config file - name: Checking libvirt container is ready become: true shell: @@ -181,7 +181,7 @@ common_options: "{{ docker_common_options }}" name: "nova_compute_fake_{{ item }}" image: "{{ nova_compute_image_full }}" - privileged: True + privileged: true volumes: - "{{ node_config_directory }}/nova-compute-fake-{{ item }}/:{{ container_config_directory }}/:ro" - "/etc/localtime:/etc/localtime:ro" diff --git a/ansible/roles/nova-cell/tasks/bootstrap_service.yml b/ansible/roles/nova-cell/tasks/bootstrap_service.yml index e4a4d2b2c7..a886211de9 100644 --- a/ansible/roles/nova-cell/tasks/bootstrap_service.yml +++ b/ansible/roles/nova-cell/tasks/bootstrap_service.yml @@ -6,7 +6,7 @@ kolla_container: action: "start_container" common_options: "{{ docker_common_options }}" - detach: False + detach: false environment: KOLLA_UPGRADE: KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}" diff --git a/ansible/roles/nova-cell/tasks/config-nova-fake.yml b/ansible/roles/nova-cell/tasks/config-nova-fake.yml index 8959dfa149..45702ff01b 100644 --- a/ansible/roles/nova-cell/tasks/config-nova-fake.yml +++ b/ansible/roles/nova-cell/tasks/config-nova-fake.yml @@ -38,7 +38,7 @@ become: true file: path: "{{ node_config_directory }}/nova-compute-fake-{{ item }}" - recurse: yes + recurse: true owner: "{{ config_owner_user }}" group: "{{ config_owner_group }}" with_sequence: start=1 end={{ num_nova_fake_per_node }} @@ -52,7 +52,7 @@ common_options: "{{ docker_common_options }}" name: "nova_compute_fake_{{ item }}" image: "{{ nova_compute_image_full }}" - privileged: True + privileged: true volumes: - "{{ node_config_directory }}/nova-compute-fake-{{ item }}/:{{ container_config_directory }}/:ro" - "/etc/localtime:/etc/localtime:ro" diff --git a/ansible/roles/nova-cell/tasks/config.yml b/ansible/roles/nova-cell/tasks/config.yml index 7783d5ee09..c2da1e528f 100644 --- a/ansible/roles/nova-cell/tasks/config.yml +++ b/ansible/roles/nova-cell/tasks/config.yml @@ -22,7 +22,7 @@ stat: path: "{{ item }}" delegate_to: localhost - run_once: True + run_once: true register: nova_policy with_first_found: - files: "{{ supported_policy_format_list }}" @@ -41,7 +41,7 @@ stat: path: "{{ node_custom_config }}/nova/vendordata.json" delegate_to: localhost - run_once: True + run_once: true register: vendordata_file - name: Set vendordata file path @@ -184,7 +184,7 @@ src: "{{ vendordata_file_path }}" dest: "{{ node_config_directory }}/{{ item }}/vendordata.json" mode: "0660" - become: True + become: true when: - vendordata_file_path is defined - service | service_enabled_and_mapped_to_host diff --git a/ansible/roles/nova-cell/tasks/config_bootstrap.yml b/ansible/roles/nova-cell/tasks/config_bootstrap.yml index 59ce1eb9f8..442320ecf3 100644 --- a/ansible/roles/nova-cell/tasks/config_bootstrap.yml +++ b/ansible/roles/nova-cell/tasks/config_bootstrap.yml @@ -41,7 +41,7 @@ project_services: nova-cell-bootstrap: group: "{{ nova_cell_conductor_group }}" - enabled: True + enabled: true when: - nova_cell_copy_certs | bool - inventory_hostname == groups[nova_cell_conductor_group][0] diff --git a/ansible/roles/nova-cell/tasks/get_cell_settings.yml b/ansible/roles/nova-cell/tasks/get_cell_settings.yml index 301f3e4034..30706663e5 100644 --- a/ansible/roles/nova-cell/tasks/get_cell_settings.yml +++ b/ansible/roles/nova-cell/tasks/get_cell_settings.yml @@ -7,7 +7,7 @@ action: "start_container" command: bash -c 'sudo -E kolla_set_configs && sudo -E kolla_copy_cacerts && nova-manage cell_v2 list_cells --verbose' common_options: "{{ docker_common_options }}" - detach: False + detach: false image: "{{ nova_conductor.image }}" labels: BOOTSTRAP: diff --git a/ansible/roles/nova-cell/tasks/online_data_migrations.yml b/ansible/roles/nova-cell/tasks/online_data_migrations.yml index 9240c14e0d..c9e0a0cccd 100644 --- a/ansible/roles/nova-cell/tasks/online_data_migrations.yml +++ b/ansible/roles/nova-cell/tasks/online_data_migrations.yml @@ -6,7 +6,7 @@ kolla_container: action: "start_container" common_options: "{{ docker_common_options }}" - detach: False + detach: false environment: KOLLA_OSM: KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}" diff --git a/ansible/roles/nova/defaults/main.yml b/ansible/roles/nova/defaults/main.yml index dec9d06146..9845b41b08 100644 --- a/ansible/roles/nova/defaults/main.yml +++ b/ansible/roles/nova/defaults/main.yml @@ -4,8 +4,8 @@ nova_services: container_name: "nova_api" group: "nova-api" image: "{{ nova_api_image_full }}" - enabled: True - privileged: True + enabled: true + privileged: true volumes: "{{ nova_api_default_volumes + nova_api_extra_volumes }}" dimensions: "{{ nova_api_dimensions }}" healthcheck: "{{ nova_api_healthcheck }}" @@ -34,7 +34,7 @@ nova_services: container_name: "nova_metadata" group: "nova-metadata" image: "{{ nova_api_image_full }}" - enabled: True + enabled: true volumes: "{{ nova_metadata_default_volumes + nova_metadata_extra_volumes }}" dimensions: "{{ nova_metadata_dimensions }}" healthcheck: "{{ nova_metadata_healthcheck }}" @@ -63,7 +63,7 @@ nova_services: container_name: "nova_scheduler" group: "nova-scheduler" image: "{{ nova_scheduler_image_full }}" - enabled: True + enabled: true volumes: "{{ nova_scheduler_default_volumes + nova_scheduler_extra_volumes }}" dimensions: "{{ nova_scheduler_dimensions }}" healthcheck: "{{ nova_scheduler_healthcheck }}" diff --git a/ansible/roles/nova/tasks/bootstrap.yml b/ansible/roles/nova/tasks/bootstrap.yml index cde4c04f2e..53b65cb4ab 100644 --- a/ansible/roles/nova/tasks/bootstrap.yml +++ b/ansible/roles/nova/tasks/bootstrap.yml @@ -11,7 +11,7 @@ login_user: "{{ nova_database_shard_root_user }}" login_password: "{{ database_password }}" name: "{{ item }}" - run_once: True + run_once: true with_items: - "{{ nova_cell0_database_name }}" - "{{ nova_api_database_name }}" @@ -43,7 +43,7 @@ database_password: "{{ nova_api_database_password }}" loop_control: label: "{{ item.database_name }}" - run_once: True + run_once: true when: - not use_preconfigured_databases | bool no_log: true diff --git a/ansible/roles/nova/tasks/bootstrap_service.yml b/ansible/roles/nova/tasks/bootstrap_service.yml index 0719ee96ef..9ca46365ed 100644 --- a/ansible/roles/nova/tasks/bootstrap_service.yml +++ b/ansible/roles/nova/tasks/bootstrap_service.yml @@ -6,7 +6,7 @@ kolla_container: action: "start_container" common_options: "{{ docker_common_options }}" - detach: False + detach: false environment: KOLLA_UPGRADE: KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}" diff --git a/ansible/roles/nova/tasks/config.yml b/ansible/roles/nova/tasks/config.yml index 6666d1a3e3..8df855380c 100644 --- a/ansible/roles/nova/tasks/config.yml +++ b/ansible/roles/nova/tasks/config.yml @@ -13,7 +13,7 @@ stat: path: "{{ item }}" delegate_to: localhost - run_once: True + run_once: true register: nova_policy with_first_found: - files: "{{ supported_policy_format_list }}" @@ -32,7 +32,7 @@ stat: path: "{{ node_custom_config }}/nova/vendordata.json" delegate_to: localhost - run_once: True + run_once: true register: vendordata_file - name: Set vendordata file path @@ -110,7 +110,7 @@ src: "{{ vendordata_file_path }}" dest: "{{ node_config_directory }}/{{ item }}/vendordata.json" mode: "0660" - become: True + become: true when: - vendordata_file_path is defined - service | service_enabled_and_mapped_to_host diff --git a/ansible/roles/nova/tasks/config_bootstrap.yml b/ansible/roles/nova/tasks/config_bootstrap.yml index aa62d437a6..f6ecd4e75e 100644 --- a/ansible/roles/nova/tasks/config_bootstrap.yml +++ b/ansible/roles/nova/tasks/config_bootstrap.yml @@ -18,7 +18,7 @@ project_services: nova-api-bootstrap: group: "nova-api" - enabled: True + enabled: true run_once: true when: - nova_copy_certs | bool diff --git a/ansible/roles/nova/tasks/online_data_migrations.yml b/ansible/roles/nova/tasks/online_data_migrations.yml index cd9f69bafe..6a6b465a90 100644 --- a/ansible/roles/nova/tasks/online_data_migrations.yml +++ b/ansible/roles/nova/tasks/online_data_migrations.yml @@ -6,7 +6,7 @@ kolla_container: action: "start_container" common_options: "{{ docker_common_options }}" - detach: False + detach: false environment: KOLLA_OSM: KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}" diff --git a/ansible/roles/nova/tasks/upgrade.yml b/ansible/roles/nova/tasks/upgrade.yml index 538b548b72..005959c271 100644 --- a/ansible/roles/nova/tasks/upgrade.yml +++ b/ansible/roles/nova/tasks/upgrade.yml @@ -9,7 +9,7 @@ kolla_container: action: "start_container" common_options: "{{ docker_common_options }}" - detach: False + detach: false environment: KOLLA_UPGRADE_CHECK: KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}" @@ -19,7 +19,7 @@ name: "nova_upgrade_checks" restart_policy: oneshot volumes: "{{ nova_api_default_volumes + nova_api_extra_volumes }}" - run_once: True + run_once: true register: nova_upgrade_check_stdout delegate_to: "{{ groups['nova-api'][0] }}" failed_when: false diff --git a/ansible/roles/service-rabbitmq/tasks/main.yml b/ansible/roles/service-rabbitmq/tasks/main.yml index dcdc7d5da3..415d988ef9 100644 --- a/ansible/roles/service-rabbitmq/tasks/main.yml +++ b/ansible/roles/service-rabbitmq/tasks/main.yml @@ -41,4 +41,4 @@ until: service_rabbitmq_result is success retries: "{{ service_rabbitmq_retries }}" delay: "{{ service_rabbitmq_delay }}" - no_log: True + no_log: true From 038d7726cc2a14d3e793e59fd5a911a899ea0e07 Mon Sep 17 00:00:00 2001 From: Michal Nasiadka Date: Wed, 12 Nov 2025 14:44:41 +0100 Subject: [PATCH 21/43] ansible-lint: Fix yaml[truthy] in octavia role Change-Id: Ib22ea26475cb0d23a8ac164da7887e041930a24a Signed-off-by: Michal Nasiadka --- ansible/roles/octavia/tasks/bootstrap.yml | 8 ++++---- .../roles/octavia/tasks/bootstrap_service.yml | 4 ++-- ansible/roles/octavia/tasks/config.yml | 4 ++-- .../octavia/tasks/get_resources_info.yml | 10 +++++----- ansible/roles/octavia/tasks/hm-interface.yml | 16 +++++++-------- ansible/roles/octavia/tasks/precheck.yml | 6 +++--- ansible/roles/octavia/tasks/prepare.yml | 20 +++++++++---------- ansible/roles/octavia/tasks/register.yml | 2 +- 8 files changed, 35 insertions(+), 35 deletions(-) diff --git a/ansible/roles/octavia/tasks/bootstrap.yml b/ansible/roles/octavia/tasks/bootstrap.yml index ee2b4f1398..e51746de5a 100644 --- a/ansible/roles/octavia/tasks/bootstrap.yml +++ b/ansible/roles/octavia/tasks/bootstrap.yml @@ -11,7 +11,7 @@ login_user: "{{ octavia_database_shard_root_user }}" login_password: "{{ database_password }}" name: "{{ octavia_database_name }}" - run_once: True + run_once: true delegate_to: "{{ groups['octavia-api'][0] }}" when: - not use_preconfigured_databases | bool @@ -28,7 +28,7 @@ login_user: "{{ octavia_persistence_database_shard_root_user }}" login_password: "{{ database_password }}" name: "{{ octavia_persistence_database_name }}" - run_once: True + run_once: true delegate_to: "{{ groups['octavia-api'][0] }}" when: - not use_preconfigured_databases | bool @@ -49,7 +49,7 @@ host: "%" priv: "{{ octavia_database_name }}.*:ALL" append_privs: "yes" - run_once: True + run_once: true delegate_to: "{{ groups['octavia-api'][0] }}" when: - not use_preconfigured_databases | bool @@ -70,7 +70,7 @@ host: "%" priv: "{{ octavia_persistence_database_name }}.*:ALL" append_privs: "yes" - run_once: True + run_once: true delegate_to: "{{ groups['octavia-api'][0] }}" when: - not use_preconfigured_databases | bool diff --git a/ansible/roles/octavia/tasks/bootstrap_service.yml b/ansible/roles/octavia/tasks/bootstrap_service.yml index c1c7b95010..c8e7113bd4 100644 --- a/ansible/roles/octavia/tasks/bootstrap_service.yml +++ b/ansible/roles/octavia/tasks/bootstrap_service.yml @@ -6,7 +6,7 @@ kolla_container: action: "start_container" common_options: "{{ docker_common_options }}" - detach: False + detach: false environment: KOLLA_BOOTSTRAP: KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}" @@ -16,5 +16,5 @@ name: "bootstrap_octavia" restart_policy: oneshot volumes: "{{ octavia_api.volumes | reject('equalto', '') | list }}" - run_once: True + run_once: true delegate_to: "{{ groups[octavia_api.group][0] }}" diff --git a/ansible/roles/octavia/tasks/config.yml b/ansible/roles/octavia/tasks/config.yml index c5c581240f..774203e59a 100644 --- a/ansible/roles/octavia/tasks/config.yml +++ b/ansible/roles/octavia/tasks/config.yml @@ -16,7 +16,7 @@ stat: path: "{{ item }}" delegate_to: localhost - run_once: True + run_once: true register: octavia_policy with_first_found: - files: "{{ supported_policy_format_list }}" @@ -117,7 +117,7 @@ owner: "{{ config_owner_user }}" group: "{{ config_owner_group }}" mode: "0400" - become: True + become: true when: - inventory_hostname in groups[octavia_services['octavia-worker']['group']] - octavia_auto_configure | bool diff --git a/ansible/roles/octavia/tasks/get_resources_info.yml b/ansible/roles/octavia/tasks/get_resources_info.yml index ce6841d544..71576360c7 100644 --- a/ansible/roles/octavia/tasks/get_resources_info.yml +++ b/ansible/roles/octavia/tasks/get_resources_info.yml @@ -10,13 +10,13 @@ endpoint_type: "{{ openstack_interface }}" region_name: "{{ openstack_region_name }}" name: "{{ octavia_amp_flavor.name }}" - run_once: True + run_once: true check_mode: false delegate_to: "{{ groups['octavia-api'][0] }}" register: flavor_results - name: Get {{ octavia_service_auth_project }} project id - become: True + become: true kolla_toolbox: container_engine: "{{ kolla_container_engine }}" module_name: openstack.cloud.project_info @@ -26,7 +26,7 @@ endpoint_type: "{{ openstack_interface }}" region_name: "{{ openstack_region_name }}" name: "{{ octavia_service_auth_project }}" - run_once: True + run_once: true delegate_to: "{{ groups['octavia-api'][0] }}" check_mode: false register: project_info @@ -48,7 +48,7 @@ loop: "{{ octavia_amp_security_groups.values() | list }}" loop_control: label: "{{ item.name }}" - run_once: True + run_once: true delegate_to: "{{ groups['octavia-api'][0] }}" check_mode: false register: sec_grp_info @@ -65,7 +65,7 @@ region_name: "{{ openstack_region_name }}" name: "{{ octavia_amp_network['name'] }}" register: network_results - run_once: True + run_once: true delegate_to: "{{ groups['octavia-api'][0] }}" check_mode: false diff --git a/ansible/roles/octavia/tasks/hm-interface.yml b/ansible/roles/octavia/tasks/hm-interface.yml index 2a547ffd07..279261957b 100644 --- a/ansible/roles/octavia/tasks/hm-interface.yml +++ b/ansible/roles/octavia/tasks/hm-interface.yml @@ -12,7 +12,7 @@ state: present network: "{{ octavia_amp_network['name'] }}" security_groups: "{{ octavia_amp_security_groups['health-mgr-sec-grp']['name'] }}" - device_owner: 'Octavia:health-mgr' + device_owner: "Octavia:health-mgr" name: "octavia-listen-port-{{ ansible_facts.nodename }}" register: port_info @@ -20,7 +20,7 @@ # value to {{ ansible_facts.nodename }}, once os_port support this parameter, remove the task below # https://docs.ansible.com/ansible/latest/modules/os_port_module.html#parameters - name: Update Octavia health manager port host_id - become: True + become: true vars: port_id: "{{ port_info.port.id }}" command: > @@ -42,7 +42,7 @@ vars: port_mac: "{{ port_info.port.mac_address }}" port_id: "{{ port_info.port.id }}" - become: True + become: true command: > {{ kolla_container_engine }} exec openvswitch_vswitchd ovs-vsctl --may-exist \ add-port br-int {{ octavia_network_interface }} \ @@ -62,25 +62,25 @@ mode: "0664" - name: Create octavia-interface service - become: True + become: true template: src: octavia-interface.service.j2 dest: /etc/systemd/system/octavia-interface.service register: octavia_interface - name: Restart octavia-interface.service if required - become: True + become: true systemd: name: octavia-interface - daemon_reload: yes + daemon_reload: true state: restarted when: octavia_interface.changed - name: Enable and start octavia-interface.service - become: True + become: true service: name: octavia-interface - enabled: yes + enabled: true state: started - name: Wait for interface {{ octavia_network_interface }} ip appear diff --git a/ansible/roles/octavia/tasks/precheck.yml b/ansible/roles/octavia/tasks/precheck.yml index 23cf4d431b..6dbe9aef51 100644 --- a/ansible/roles/octavia/tasks/precheck.yml +++ b/ansible/roles/octavia/tasks/precheck.yml @@ -42,7 +42,7 @@ stat: path: "{{ node_custom_config }}/octavia/{{ item }}" delegate_to: localhost - run_once: True + run_once: true register: result failed_when: not result.stat.exists when: @@ -59,7 +59,7 @@ msg: > Neutron plugin agent {{ neutron_plugin_agent }} is not supported when octavia_network_type is tenant, only openvswitch is supported currently - run_once: True + run_once: true when: - octavia_auto_configure | bool - octavia_network_type == "tenant" @@ -69,6 +69,6 @@ assert: that: enable_valkey | bool fail_msg: "Valkey must be enabled when using Octavia Jobboard" - run_once: True + run_once: true when: - enable_octavia_jobboard | bool diff --git a/ansible/roles/octavia/tasks/prepare.yml b/ansible/roles/octavia/tasks/prepare.yml index b75bcd548b..817008e25c 100644 --- a/ansible/roles/octavia/tasks/prepare.yml +++ b/ansible/roles/octavia/tasks/prepare.yml @@ -19,12 +19,12 @@ ephemeral: "{{ octavia_amp_flavor.ephemeral | default(omit, true) }}" swap: "{{ octavia_amp_flavor.swap | default(omit, true) }}" extra_specs: "{{ octavia_amp_flavor.extra_specs | default(omit, true) }}" - run_once: True + run_once: true delegate_to: "{{ groups['octavia-api'][0] }}" register: amphora_flavor_info - name: Create nova keypair for amphora - become: True + become: true kolla_toolbox: container_engine: "{{ kolla_container_engine }}" module_name: openstack.cloud.keypair @@ -36,11 +36,11 @@ state: present name: "{{ octavia_amp_ssh_key_name }}" public_key: "{{ octavia_amp_ssh_key.public_key }}" - run_once: True + run_once: true delegate_to: "{{ groups['octavia-api'][0] }}" - name: Get {{ octavia_service_auth_project }} project id - become: True + become: true kolla_toolbox: container_engine: "{{ kolla_container_engine }}" module_name: openstack.cloud.project_info @@ -50,7 +50,7 @@ endpoint_type: "{{ openstack_interface }}" region_name: "{{ openstack_region_name }}" name: "{{ octavia_service_auth_project }}" - run_once: True + run_once: true delegate_to: "{{ groups['octavia-api'][0] }}" register: project_info @@ -70,7 +70,7 @@ loop_control: label: "{{ item.name }}" when: item.enabled | bool - run_once: True + run_once: true delegate_to: "{{ groups['octavia-api'][0] }}" register: sec_grp_info @@ -93,7 +93,7 @@ - "{{ octavia_amp_security_groups }}" - rules when: item.0.enabled | bool - run_once: True + run_once: true delegate_to: "{{ groups['octavia-api'][0] }}" - name: Create loadbalancer management network @@ -115,7 +115,7 @@ external: "{{ octavia_amp_network['external'] | default(omit) }}" shared: "{{ octavia_amp_network['shared'] | default(omit) }}" register: network_info - run_once: True + run_once: true delegate_to: "{{ groups['octavia-api'][0] }}" - name: Create loadbalancer management subnet @@ -140,7 +140,7 @@ ip_version: "{{ octavia_amp_network['subnet']['ip_version'] | default(omit) }}" ipv6_address_mode: "{{ octavia_amp_network['subnet']['ipv6_address_mode'] | default(omit) }}" ipv6_ra_mode: "{{ octavia_amp_network['subnet']['ipv6_ra_mode'] | default(omit) }}" - run_once: True + run_once: true delegate_to: "{{ groups['octavia-api'][0] }}" - name: Create loadbalancer management router for IPv6 @@ -156,6 +156,6 @@ state: present name: "{{ octavia_amp_router['name'] }}" interfaces: "{{ octavia_amp_router['subnet'] }}" - run_once: True + run_once: true when: octavia_network_address_family == "ipv6" delegate_to: "{{ groups['octavia-api'][0] }}" diff --git a/ansible/roles/octavia/tasks/register.yml b/ansible/roles/octavia/tasks/register.yml index 7bf995e765..c01154c24a 100644 --- a/ansible/roles/octavia/tasks/register.yml +++ b/ansible/roles/octavia/tasks/register.yml @@ -17,5 +17,5 @@ endpoint_type: "{{ openstack_interface }}" cacert: "{{ openstack_cacert }}" region_name: "{{ openstack_region_name }}" - run_once: True + run_once: true with_items: "{{ octavia_required_roles }}" From 11aaca5088758fa420dadee7ca80d25791f45378 Mon Sep 17 00:00:00 2001 From: Michal Nasiadka Date: Wed, 12 Nov 2025 14:45:34 +0100 Subject: [PATCH 22/43] ansible-lint: Fix yaml[truthy] in octavia-certificates role Change-Id: Ia1422d985ce53697b4020642fa5e131be6260b46 Signed-off-by: Michal Nasiadka --- ansible/roles/octavia-certificates/tasks/check_expiry.yml | 2 +- ansible/roles/octavia-certificates/tasks/client_ca.yml | 5 ++--- ansible/roles/octavia-certificates/tasks/client_cert.yml | 1 - ansible/roles/octavia-certificates/tasks/server_ca.yml | 1 - 4 files changed, 3 insertions(+), 6 deletions(-) diff --git a/ansible/roles/octavia-certificates/tasks/check_expiry.yml b/ansible/roles/octavia-certificates/tasks/check_expiry.yml index 66ed8e4b0c..0f2ee4041d 100644 --- a/ansible/roles/octavia-certificates/tasks/check_expiry.yml +++ b/ansible/roles/octavia-certificates/tasks/check_expiry.yml @@ -17,7 +17,7 @@ - item.valid_at.point_1 fail_msg: "{{ item.item }} will expire within {{ octavia_certs_expiry_limit }} days, on {{ item.not_after }}" success_msg: "{{ item.item }} will not expire within {{ octavia_certs_expiry_limit }} days. It expires on {{ item.not_after }}" - quiet: True + quiet: true loop: "{{ cert_info.results }}" loop_control: label: "{{ item.item }}" diff --git a/ansible/roles/octavia-certificates/tasks/client_ca.yml b/ansible/roles/octavia-certificates/tasks/client_ca.yml index 08c0214746..87917c48e4 100644 --- a/ansible/roles/octavia-certificates/tasks/client_ca.yml +++ b/ansible/roles/octavia-certificates/tasks/client_ca.yml @@ -1,17 +1,16 @@ --- - - name: Create client_ca index.txt copy: content: '' dest: "{{ octavia_certs_work_dir }}/client_ca/index.txt" - force: no + force: false mode: "0660" - name: Create client_ca serial copy: content: "1000\n" dest: "{{ octavia_certs_work_dir }}/client_ca/serial" - force: no + force: false mode: "0660" - name: Create client_ca private key diff --git a/ansible/roles/octavia-certificates/tasks/client_cert.yml b/ansible/roles/octavia-certificates/tasks/client_cert.yml index 384c7d81b0..5040a1809a 100644 --- a/ansible/roles/octavia-certificates/tasks/client_cert.yml +++ b/ansible/roles/octavia-certificates/tasks/client_cert.yml @@ -1,5 +1,4 @@ --- - # NOTE(yoctozepto): This should ideally be per controller, i.e. controller # generates its key&CSR and this CA signs it. diff --git a/ansible/roles/octavia-certificates/tasks/server_ca.yml b/ansible/roles/octavia-certificates/tasks/server_ca.yml index 15c30f8934..6e46c51a60 100644 --- a/ansible/roles/octavia-certificates/tasks/server_ca.yml +++ b/ansible/roles/octavia-certificates/tasks/server_ca.yml @@ -1,5 +1,4 @@ --- - - name: Generate server_ca private key command: > openssl genrsa -aes256 -out server_ca.key.pem From f6b6b9feee1a7404ce0fd73335c116cf02c95267 Mon Sep 17 00:00:00 2001 From: Michal Nasiadka Date: Wed, 12 Nov 2025 14:48:33 +0100 Subject: [PATCH 23/43] ansible-lint: Fix yaml[truthy] in opensearch role Change-Id: I12857ee0d5f66b9c9eaa8ff9e3a4655d665eb8a8 Signed-off-by: Michal Nasiadka --- ansible/roles/opensearch/handlers/main.yml | 6 +++--- ansible/roles/opensearch/tasks/post-config.yml | 6 +++--- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/ansible/roles/opensearch/handlers/main.yml b/ansible/roles/opensearch/handlers/main.yml index 9791d1b82e..0a279a9b0f 100644 --- a/ansible/roles/opensearch/handlers/main.yml +++ b/ansible/roles/opensearch/handlers/main.yml @@ -10,8 +10,8 @@ url: "{{ opensearch_internal_endpoint }}/_cluster/settings" method: PUT status_code: 200 - return_content: yes - body: "{{ opensearch_shard_body | to_json }}" # noqa jinja[invalid] + return_content: true + body: "{{ opensearch_shard_body | to_json }}" # noqa jinja[invalid] body_format: json ca_path: "{{ openstack_cacert }}" delegate_to: "{{ groups['opensearch'][0] }}" @@ -29,7 +29,7 @@ url: "{{ opensearch_internal_endpoint }}/_flush" method: POST status_code: 200 - return_content: yes + return_content: true body_format: json ca_path: "{{ openstack_cacert }}" delegate_to: "{{ groups['opensearch'][0] }}" diff --git a/ansible/roles/opensearch/tasks/post-config.yml b/ansible/roles/opensearch/tasks/post-config.yml index 4a79104339..27e0271eb1 100644 --- a/ansible/roles/opensearch/tasks/post-config.yml +++ b/ansible/roles/opensearch/tasks/post-config.yml @@ -24,7 +24,7 @@ url: "{{ opensearch_internal_endpoint }}/_plugins/_ism/policies/retention" method: GET status_code: 200, 404 - return_content: yes + return_content: true ca_path: "{{ openstack_cacert }}" register: opensearch_retention_policy_check delegate_to: "{{ groups['opensearch'][0] }}" @@ -39,7 +39,7 @@ url: "{{ opensearch_internal_endpoint }}/_plugins/_ism/policies/retention" method: PUT status_code: 201 - return_content: yes + return_content: true body: "{{ opensearch_retention_policy | from_yaml | to_json }}" body_format: json ca_path: "{{ openstack_cacert }}" @@ -62,7 +62,7 @@ url: "{{ opensearch_internal_endpoint }}/_plugins/_ism/add/{{ opensearch_log_index_prefix }}-*" method: POST status_code: 200 - return_content: yes + return_content: true body: "{{ opensearch_set_policy_body | to_json }}" body_format: json ca_path: "{{ openstack_cacert }}" From 67a04cc7aad24e9d28ad316176f8fbf52331a2cf Mon Sep 17 00:00:00 2001 From: Michal Nasiadka Date: Wed, 12 Nov 2025 14:49:22 +0100 Subject: [PATCH 24/43] ansible-lint: Fix yaml[truthy] in openvswitch role Change-Id: Iaaac66afa529d060cb64b3d97dd53fb93f37e4d9 Signed-off-by: Michal Nasiadka --- ansible/roles/openvswitch/defaults/main.yml | 2 +- ansible/roles/openvswitch/handlers/main.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/ansible/roles/openvswitch/defaults/main.yml b/ansible/roles/openvswitch/defaults/main.yml index 4857ab4c3b..284ba0e70e 100644 --- a/ansible/roles/openvswitch/defaults/main.yml +++ b/ansible/roles/openvswitch/defaults/main.yml @@ -29,7 +29,7 @@ openvswitch_services: or inventory_hostname in groups['neutron-l3-agent'] or inventory_hostname in groups['neutron-metadata-agent'] }} - privileged: True + privileged: true volumes: "{{ openvswitch_vswitchd_default_volumes + openvswitch_vswitchd_extra_volumes }}" dimensions: "{{ openvswitch_vswitchd_dimensions }}" healthcheck: "{{ openvswitch_vswitchd_healthcheck }}" diff --git a/ansible/roles/openvswitch/handlers/main.yml b/ansible/roles/openvswitch/handlers/main.yml index 7cad1a7d4b..653aed93d0 100644 --- a/ansible/roles/openvswitch/handlers/main.yml +++ b/ansible/roles/openvswitch/handlers/main.yml @@ -20,7 +20,7 @@ command: "{{ kolla_container_engine }} exec openvswitch_db ovs-vsctl --no-wait show" register: check_result until: check_result is success - changed_when: False + changed_when: false retries: 30 delay: 2 From ec61bd575e33973b135eb9bf411e43f698fa1478 Mon Sep 17 00:00:00 2001 From: Michal Nasiadka Date: Wed, 12 Nov 2025 14:50:20 +0100 Subject: [PATCH 25/43] ansible-lint: Fix yaml[truthy] in ovn-db role Change-Id: Ibe411b7e3b7f99f1f723e5cebb33e9ad586074ae Signed-off-by: Michal Nasiadka --- ansible/roles/ovn-db/tasks/bootstrap-db.yml | 4 ++-- ansible/roles/ovn-db/tasks/lookup_cluster.yml | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/ansible/roles/ovn-db/tasks/bootstrap-db.yml b/ansible/roles/ovn-db/tasks/bootstrap-db.yml index afeda55c2b..290101850f 100644 --- a/ansible/roles/ovn-db/tasks/bootstrap-db.yml +++ b/ansible/roles/ovn-db/tasks/bootstrap-db.yml @@ -15,7 +15,7 @@ {{ kolla_container_engine }} exec ovn_nb_db ovs-appctl -t /var/run/ovn/ovnnb_db.ctl cluster/status OVN_Northbound - changed_when: False + changed_when: false register: ovn_nb_cluster_status - name: Configure OVN NB connection settings @@ -40,7 +40,7 @@ {{ kolla_container_engine }} exec ovn_sb_db ovs-appctl -t /var/run/ovn/ovnsb_db.ctl cluster/status OVN_Southbound - changed_when: False + changed_when: false register: ovn_sb_cluster_status - name: Configure OVN SB connection settings diff --git a/ansible/roles/ovn-db/tasks/lookup_cluster.yml b/ansible/roles/ovn-db/tasks/lookup_cluster.yml index c387aaf3b3..7f8e16e66d 100644 --- a/ansible/roles/ovn-db/tasks/lookup_cluster.yml +++ b/ansible/roles/ovn-db/tasks/lookup_cluster.yml @@ -50,7 +50,7 @@ connect_timeout: 1 timeout: 10 register: check_ovn_nb_db_port_liveness - ignore_errors: yes + ignore_errors: true - name: Divide hosts by their OVN NB service port liveness group_by: @@ -101,7 +101,7 @@ connect_timeout: 1 timeout: 10 register: check_ovn_sb_db_port_liveness - ignore_errors: yes + ignore_errors: true - name: Divide hosts by their OVN SB service port liveness group_by: From 45a05dc32e70c2db2aaa4d80d9f79f14b99a4cbb Mon Sep 17 00:00:00 2001 From: Michal Nasiadka Date: Wed, 12 Nov 2025 14:51:28 +0100 Subject: [PATCH 26/43] ansible-lint: Fix yaml[truthy] in ovs-dpdk role Change-Id: I2cec7cdf67e2e7446f2f60dfb2a67621c79ee702 Signed-off-by: Michal Nasiadka --- ansible/roles/ovs-dpdk/defaults/main.yml | 2 +- ansible/roles/ovs-dpdk/handlers/main.yml | 4 ++-- ansible/roles/ovs-dpdk/tasks/config.yml | 6 +++--- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/ansible/roles/ovs-dpdk/defaults/main.yml b/ansible/roles/ovs-dpdk/defaults/main.yml index 5a6955c031..0ce66ff2ab 100644 --- a/ansible/roles/ovs-dpdk/defaults/main.yml +++ b/ansible/roles/ovs-dpdk/defaults/main.yml @@ -22,7 +22,7 @@ ovsdpdk_services: container_name: "ovsdpdk_vswitchd" image: "{{ ovsdpdk_vswitchd_image_full }}" enabled: "{{ neutron_plugin_agent in ['openvswitch'] }}" - privileged: True + privileged: true host_in_groups: >- {{ inventory_hostname in groups['compute'] diff --git a/ansible/roles/ovs-dpdk/handlers/main.yml b/ansible/roles/ovs-dpdk/handlers/main.yml index 9d1b1e343d..25573806d6 100644 --- a/ansible/roles/ovs-dpdk/handlers/main.yml +++ b/ansible/roles/ovs-dpdk/handlers/main.yml @@ -27,7 +27,7 @@ command: "{{ kolla_container_engine }} exec {{ service.container_name }} ovs-vsctl --no-wait show" register: check_result until: check_result is success - changed_when: False + changed_when: false retries: 30 delay: 2 @@ -60,7 +60,7 @@ name: "{{ service.container_name }}" image: "{{ service.image }}" volumes: "{{ service.volumes }}" - privileged: "{{ service.privileged | default(True) }}" + privileged: "{{ service.privileged | default(true) }}" dimensions: "{{ service.dimensions }}" - name: Ensuring ovsdpdk bridges are properly setup named diff --git a/ansible/roles/ovs-dpdk/tasks/config.yml b/ansible/roles/ovs-dpdk/tasks/config.yml index 2c563d75eb..d17911b61e 100644 --- a/ansible/roles/ovs-dpdk/tasks/config.yml +++ b/ansible/roles/ovs-dpdk/tasks/config.yml @@ -1,6 +1,6 @@ --- - name: Ensuring config directories exist - become: True + become: true file: path: "{{ node_config_directory }}/{{ item.key }}" state: "directory" @@ -25,7 +25,7 @@ mode: "0770" - name: Install ovs-dpdkctl service and config - become: True + become: true command: "{{ node_config_directory }}/ovsdpdk-db/ovs-dpdkctl.sh install" environment: CONFIG_FILE: "{{ node_config_directory }}/ovsdpdk-db/ovs-dpdkctl.conf" @@ -38,7 +38,7 @@ ovs_physical_port_policy: "{{ ovs_physical_port_policy }}" - name: Binds the interface to the target driver specified in the config - become: True + become: true command: "{{ node_config_directory }}/ovsdpdk-db/ovs-dpdkctl.sh bind_nics" environment: CONFIG_FILE: "{{ node_config_directory }}/ovsdpdk-db/ovs-dpdkctl.conf" From 9c482e8cb26c1d7c37ab07b35cf761cafadb606e Mon Sep 17 00:00:00 2001 From: Michal Nasiadka Date: Wed, 12 Nov 2025 14:52:19 +0100 Subject: [PATCH 27/43] ansible-lint: Fix yaml[truthy] in placement role Change-Id: I6c2e59b798804e62f09effc7875c8f25fe930158 Signed-off-by: Michal Nasiadka --- ansible/roles/placement/defaults/main.yml | 2 +- ansible/roles/placement/tasks/bootstrap.yml | 4 ++-- ansible/roles/placement/tasks/bootstrap_service.yml | 4 ++-- ansible/roles/placement/tasks/config.yml | 2 +- ansible/roles/placement/tasks/upgrade.yml | 4 ++-- 5 files changed, 8 insertions(+), 8 deletions(-) diff --git a/ansible/roles/placement/defaults/main.yml b/ansible/roles/placement/defaults/main.yml index 8a36139ad0..ff1b9d1685 100644 --- a/ansible/roles/placement/defaults/main.yml +++ b/ansible/roles/placement/defaults/main.yml @@ -4,7 +4,7 @@ placement_services: container_name: "placement_api" group: "placement-api" image: "{{ placement_api_image_full }}" - enabled: True + enabled: true volumes: "{{ placement_api_default_volumes + placement_api_extra_volumes }}" dimensions: "{{ placement_api_dimensions }}" healthcheck: "{{ placement_api_healthcheck }}" diff --git a/ansible/roles/placement/tasks/bootstrap.yml b/ansible/roles/placement/tasks/bootstrap.yml index 310c6c1252..109dd307ab 100644 --- a/ansible/roles/placement/tasks/bootstrap.yml +++ b/ansible/roles/placement/tasks/bootstrap.yml @@ -11,7 +11,7 @@ login_user: "{{ placement_database_shard_root_user }}" login_password: "{{ database_password }}" name: "{{ placement_database_name }}" - run_once: True + run_once: true delegate_to: "{{ groups['placement-api'][0] }}" when: - not use_preconfigured_databases | bool @@ -32,7 +32,7 @@ host: "%" priv: "{{ placement_database_name }}.*:ALL" append_privs: "yes" - run_once: True + run_once: true delegate_to: "{{ groups['placement-api'][0] }}" when: - not use_preconfigured_databases | bool diff --git a/ansible/roles/placement/tasks/bootstrap_service.yml b/ansible/roles/placement/tasks/bootstrap_service.yml index 9a9ded8e0f..9375f2ff24 100644 --- a/ansible/roles/placement/tasks/bootstrap_service.yml +++ b/ansible/roles/placement/tasks/bootstrap_service.yml @@ -6,7 +6,7 @@ kolla_container: action: "start_container" common_options: "{{ docker_common_options }}" - detach: False + detach: false environment: KOLLA_BOOTSTRAP: KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}" @@ -16,5 +16,5 @@ name: "bootstrap_placement" restart_policy: oneshot volumes: "{{ placement_api.volumes | reject('equalto', '') | list }}" - run_once: True + run_once: true delegate_to: "{{ groups[placement_api.group][0] }}" diff --git a/ansible/roles/placement/tasks/config.yml b/ansible/roles/placement/tasks/config.yml index 8926746825..585f78693d 100644 --- a/ansible/roles/placement/tasks/config.yml +++ b/ansible/roles/placement/tasks/config.yml @@ -13,7 +13,7 @@ stat: path: "{{ item }}" delegate_to: localhost - run_once: True + run_once: true register: placement_policy with_first_found: - files: "{{ supported_policy_format_list }}" diff --git a/ansible/roles/placement/tasks/upgrade.yml b/ansible/roles/placement/tasks/upgrade.yml index 8853cd9f13..ee01b0d93d 100644 --- a/ansible/roles/placement/tasks/upgrade.yml +++ b/ansible/roles/placement/tasks/upgrade.yml @@ -20,7 +20,7 @@ kolla_container: action: "start_container" common_options: "{{ docker_common_options }}" - detach: False + detach: false environment: KOLLA_OSM: KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}" @@ -30,5 +30,5 @@ name: "bootstrap_placement" restart_policy: oneshot volumes: "{{ placement_api.volumes }}" - run_once: True + run_once: true delegate_to: "{{ groups[placement_api.group][0] }}" From ce718d47fd43d8a6a2a31502cb4c70eb12bfb467 Mon Sep 17 00:00:00 2001 From: Michal Nasiadka Date: Wed, 12 Nov 2025 14:53:16 +0100 Subject: [PATCH 28/43] ansible-lint: Fix yaml[truthy] in prechecks role Change-Id: I376d9b09dff64a49c1961ff4aa7e3db8bf8b285d Signed-off-by: Michal Nasiadka --- ansible/roles/prechecks/tasks/service_checks.yml | 10 +++++----- ansible/roles/prechecks/tasks/user_checks.yml | 4 ++-- 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/ansible/roles/prechecks/tasks/service_checks.yml b/ansible/roles/prechecks/tasks/service_checks.yml index 3f2a711da1..20b6e34480 100644 --- a/ansible/roles/prechecks/tasks/service_checks.yml +++ b/ansible/roles/prechecks/tasks/service_checks.yml @@ -25,7 +25,7 @@ command: cmd: grep '^[^#].*:\s*$' "{{ node_config }}/passwords.yml" delegate_to: localhost - run_once: True + run_once: true register: result changed_when: false failed_when: result.stdout | regex_replace('(.*ssh_key.*)', '') is search(":") @@ -33,7 +33,7 @@ - name: Check if nscd is running command: pgrep nscd - ignore_errors: yes + ignore_errors: true failed_when: false changed_when: false check_mode: false @@ -48,7 +48,7 @@ - nscd_status.rc == 0 - name: Validate that internal and external vip address are different when TLS is enabled only on either the internal and external network - run_once: True + run_once: true fail: msg: 'kolla_external_vip_address and kolla_internal_vip_address must not be the same when only one network has TLS enabled' changed_when: false @@ -58,14 +58,14 @@ - kolla_same_external_internal_vip | bool - name: Validate that enable_ceph is disabled - run_once: True + run_once: true fail: msg: "We are sorry but enable_ceph is no longer supported. Please use external ceph support." when: - (enable_ceph | default()) | bool - name: Validate that enable_redis is disabled - run_once: True + run_once: true assert: that: - not (enable_redis | default(false)) | bool diff --git a/ansible/roles/prechecks/tasks/user_checks.yml b/ansible/roles/prechecks/tasks/user_checks.yml index 94fd5b4668..bdf9617701 100644 --- a/ansible/roles/prechecks/tasks/user_checks.yml +++ b/ansible/roles/prechecks/tasks/user_checks.yml @@ -13,8 +13,8 @@ # NOTE(duonghq): it's only a basic check, should be refined later - name: Check if ansible user can do passwordless sudo command: "true" - become: yes + become: true register: result failed_when: result is failed - changed_when: False + changed_when: false check_mode: false From 615ab596d0739f656fff9a55634ed1c609284d4a Mon Sep 17 00:00:00 2001 From: Michal Nasiadka Date: Wed, 12 Nov 2025 14:54:34 +0100 Subject: [PATCH 29/43] ansible-lint: Fix yaml[truthy] in prometheus role Change-Id: I9af1f767782904ce3eddd997a225b01f82bda3af Signed-off-by: Michal Nasiadka --- ansible/roles/prometheus/tasks/bootstrap.yml | 2 +- ansible/roles/prometheus/tasks/config.yml | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/ansible/roles/prometheus/tasks/bootstrap.yml b/ansible/roles/prometheus/tasks/bootstrap.yml index 9cc8e2634c..c6c4ffc270 100644 --- a/ansible/roles/prometheus/tasks/bootstrap.yml +++ b/ansible/roles/prometheus/tasks/bootstrap.yml @@ -22,7 +22,7 @@ with_dict: "{{ mariadb_shards_info.shards }}" loop_control: label: "{{ shard_host }}" - run_once: True + run_once: true when: - enable_prometheus_mysqld_exporter | bool - prometheus_services['prometheus-mysqld-exporter'] | service_enabled_and_mapped_to_host diff --git a/ansible/roles/prometheus/tasks/config.yml b/ansible/roles/prometheus/tasks/config.yml index 3bbc497b72..1b98f40c81 100644 --- a/ansible/roles/prometheus/tasks/config.yml +++ b/ansible/roles/prometheus/tasks/config.yml @@ -25,7 +25,7 @@ find: path: "{{ node_custom_config }}/prometheus/" pattern: "*.rules" - run_once: True + run_once: true delegate_to: localhost register: prometheus_alert_rules when: @@ -115,7 +115,7 @@ find: path: "{{ node_custom_config }}/prometheus/" pattern: "*.tmpl" - run_once: True + run_once: true delegate_to: localhost register: alertmanager_notification_templates when: From 3eab20ea13c8e967cb08ccde61deefde6406aa2a Mon Sep 17 00:00:00 2001 From: Michal Nasiadka Date: Wed, 12 Nov 2025 14:55:43 +0100 Subject: [PATCH 30/43] ansible-lint: Fix yaml[truthy] in prune-images role Change-Id: I9b4d3aa66e9e42d6d7816e3a1aeb619368ac3041 Signed-off-by: Michal Nasiadka --- ansible/roles/prune-images/tasks/prune_images.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ansible/roles/prune-images/tasks/prune_images.yml b/ansible/roles/prune-images/tasks/prune_images.yml index c1cea204fd..29519fea35 100644 --- a/ansible/roles/prune-images/tasks/prune_images.yml +++ b/ansible/roles/prune-images/tasks/prune_images.yml @@ -2,7 +2,7 @@ - name: Pruning Kolla images become: true docker_prune: - images: yes + images: true images_filters: label: kolla_version timeout: "{{ docker_image_prune_timeout }}" From bbf2b77b0ce2b146a2dde110c543a02a4357ae3b Mon Sep 17 00:00:00 2001 From: Michal Nasiadka Date: Wed, 12 Nov 2025 14:56:31 +0100 Subject: [PATCH 31/43] ansible-lint: Fix yaml[truthy] in rabbitmq role Change-Id: I4d4bfd90124e61bdd3fc68be0b6211d8d8f64849 Signed-off-by: Michal Nasiadka --- ansible/roles/rabbitmq/defaults/main.yml | 4 ++-- ansible/roles/rabbitmq/tasks/bootstrap.yml | 2 +- ansible/roles/rabbitmq/tasks/restart_services.yml | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/ansible/roles/rabbitmq/defaults/main.yml b/ansible/roles/rabbitmq/defaults/main.yml index f6f3e4069b..3a329b187a 100644 --- a/ansible/roles/rabbitmq/defaults/main.yml +++ b/ansible/roles/rabbitmq/defaults/main.yml @@ -91,13 +91,13 @@ rabbitmq_extra_config: {} rabbitmq_enable_prometheus_plugin: "{{ enable_prometheus }}" rabbitmq_plugins: - name: "rabbitmq_management" - enabled: True + enabled: true - name: "rabbitmq_prometheus" enabled: "{{ rabbitmq_enable_prometheus_plugin | bool }}" rabbitmq_enabled_plugins: "{{ rabbitmq_plugins | selectattr('enabled', 'equalto', true) | list }}" -kolla_externally_managed_cert: False +kolla_externally_managed_cert: false rabbitmq_version_suffix: "" diff --git a/ansible/roles/rabbitmq/tasks/bootstrap.yml b/ansible/roles/rabbitmq/tasks/bootstrap.yml index a63e2073c9..97822c2aae 100644 --- a/ansible/roles/rabbitmq/tasks/bootstrap.yml +++ b/ansible/roles/rabbitmq/tasks/bootstrap.yml @@ -15,7 +15,7 @@ kolla_container: action: "start_container" common_options: "{{ docker_common_options }}" - detach: False + detach: false environment: "{{ service.bootstrap_environment }}" image: "{{ service.image }}" labels: diff --git a/ansible/roles/rabbitmq/tasks/restart_services.yml b/ansible/roles/rabbitmq/tasks/restart_services.yml index 017fb5a4e0..9f5e8765ba 100644 --- a/ansible/roles/rabbitmq/tasks/restart_services.yml +++ b/ansible/roles/rabbitmq/tasks/restart_services.yml @@ -1,6 +1,6 @@ --- - name: Get info on RabbitMQ container - become: True + become: true kolla_container_facts: action: get_containers container_engine: "{{ kolla_container_engine }}" From 04985bec8cddcd1e04b5008c424382bee03558c8 Mon Sep 17 00:00:00 2001 From: Michal Nasiadka Date: Wed, 12 Nov 2025 14:57:16 +0100 Subject: [PATCH 32/43] ansible-lint: Fix yaml[truthy] in service-cert-copy role Change-Id: Iab3ecd94083434f47e4589f72424cf283b4803fb Signed-off-by: Michal Nasiadka --- ansible/roles/service-cert-copy/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ansible/roles/service-cert-copy/defaults/main.yml b/ansible/roles/service-cert-copy/defaults/main.yml index 24b97c760a..cda28bf1d3 100644 --- a/ansible/roles/service-cert-copy/defaults/main.yml +++ b/ansible/roles/service-cert-copy/defaults/main.yml @@ -1,4 +1,4 @@ --- -kolla_externally_managed_cert: False +kolla_externally_managed_cert: false kolla_copy_backend_tls_files: "{{ lookup('vars', (kolla_role_name | default(project_name)) + '_enable_tls_backend', default=false) }}" From 2f686b4c9306c94096c46c7427d445d95e1cb70e Mon Sep 17 00:00:00 2001 From: Michal Nasiadka Date: Wed, 12 Nov 2025 14:58:30 +0100 Subject: [PATCH 33/43] ansible-lint: Fix yaml[truthy] in service-config-validate role Change-Id: I8285a0518e66f5f0b679ae69a985a78dba7d4b68 Signed-off-by: Michal Nasiadka --- .../roles/service-config-validate/tasks/validate.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/ansible/roles/service-config-validate/tasks/validate.yml b/ansible/roles/service-config-validate/tasks/validate.yml index 7a522645b3..9cf956ed7c 100644 --- a/ansible/roles/service-config-validate/tasks/validate.yml +++ b/ansible/roles/service-config-validate/tasks/validate.yml @@ -1,6 +1,6 @@ --- - name: "{{ project_name }} : {{ service.container_name }} | Get info on container" - become: True + become: true kolla_container_facts: action: get_containers container_engine: "{{ kolla_container_engine }}" @@ -9,7 +9,7 @@ register: container_info - name: "{{ project_name }} : {{ service.container_name }} | Validate configurations" - become: True + become: true command: > {{ kolla_container_engine }} exec {{ service.container_name }} bash -c "[[ -f {{ inner_item['config'] }} ]] && oslo-config-validator --config-file {{ inner_item['generator'] }} --input-file {{ inner_item['config'] }}" @@ -21,10 +21,10 @@ loop_control: label: "{{ inner_item['config'] | basename }}" loop_var: inner_item - changed_when: False + changed_when: false - name: "{{ project_name }} : {{ service.container_name }} | Ensure log directory exists" - become: True + become: true file: path: "{{ output_dir }}" state: directory @@ -34,7 +34,7 @@ delegate_to: localhost - name: "{{ project_name }} : {{ service.container_name }} | Log configuration errors" - become: True + become: true copy: content: "{{ inner_item.stderr }}" dest: "{{ output_dir }}/{{ inner_item.inner_item.config | basename }}.err" From 5379ce7ef5b3890dec0705c0820197f37707ba1a Mon Sep 17 00:00:00 2001 From: Michal Nasiadka Date: Wed, 12 Nov 2025 15:01:10 +0100 Subject: [PATCH 34/43] ansible-lint: Fix yaml[truthy] in skyline role Change-Id: I91f20053ddc40e6b08d1d80bf84ecdb215e69496 Signed-off-by: Michal Nasiadka --- ansible/roles/skyline/tasks/bootstrap.yml | 4 ++-- ansible/roles/skyline/tasks/bootstrap_service.yml | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/ansible/roles/skyline/tasks/bootstrap.yml b/ansible/roles/skyline/tasks/bootstrap.yml index 57893c3412..7b1168ebcd 100644 --- a/ansible/roles/skyline/tasks/bootstrap.yml +++ b/ansible/roles/skyline/tasks/bootstrap.yml @@ -11,7 +11,7 @@ login_user: "{{ skyline_database_shard_root_user }}" login_password: "{{ database_password }}" name: "{{ skyline_database_name }}" - run_once: True + run_once: true delegate_to: "{{ groups['skyline-apiserver'][0] }}" when: - not use_preconfigured_databases | bool @@ -32,7 +32,7 @@ host: "%" priv: "{{ skyline_database_name }}.*:ALL" append_privs: "yes" - run_once: True + run_once: true delegate_to: "{{ groups['skyline-apiserver'][0] }}" when: - not use_preconfigured_databases | bool diff --git a/ansible/roles/skyline/tasks/bootstrap_service.yml b/ansible/roles/skyline/tasks/bootstrap_service.yml index 61831b2c33..4536684262 100644 --- a/ansible/roles/skyline/tasks/bootstrap_service.yml +++ b/ansible/roles/skyline/tasks/bootstrap_service.yml @@ -6,7 +6,7 @@ kolla_container: action: "start_container" common_options: "{{ docker_common_options }}" - detach: False + detach: false environment: KOLLA_BOOTSTRAP: KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}" @@ -16,5 +16,5 @@ name: "bootstrap_skyline" restart_policy: oneshot volumes: "{{ skyline_apiserver.volumes | reject('equalto', '') | list }}" - run_once: True + run_once: true delegate_to: "{{ groups[skyline_apiserver.group][0] }}" From 3a6ef12c57cdad5919705b80a4c182a50c24c074 Mon Sep 17 00:00:00 2001 From: Michal Nasiadka Date: Wed, 12 Nov 2025 15:02:09 +0100 Subject: [PATCH 35/43] ansible-lint: Fix yaml[truthy] in tacker role Change-Id: Ie04247f7db1eb9fd66d2fc9e6058b76e0296db20 Signed-off-by: Michal Nasiadka --- ansible/roles/tacker/tasks/bootstrap.yml | 4 ++-- ansible/roles/tacker/tasks/bootstrap_service.yml | 4 ++-- ansible/roles/tacker/tasks/config.yml | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/ansible/roles/tacker/tasks/bootstrap.yml b/ansible/roles/tacker/tasks/bootstrap.yml index 1f0ae366e2..aa4effcf01 100644 --- a/ansible/roles/tacker/tasks/bootstrap.yml +++ b/ansible/roles/tacker/tasks/bootstrap.yml @@ -11,7 +11,7 @@ login_user: "{{ tacker_database_shard_root_user }}" login_password: "{{ database_password }}" name: "{{ tacker_database_name }}" - run_once: True + run_once: true delegate_to: "{{ groups['tacker-server'][0] }}" when: - not use_preconfigured_databases | bool @@ -32,7 +32,7 @@ host: "%" priv: "{{ tacker_database_name }}.*:ALL" append_privs: "yes" - run_once: True + run_once: true delegate_to: "{{ groups['tacker-server'][0] }}" when: - not use_preconfigured_databases | bool diff --git a/ansible/roles/tacker/tasks/bootstrap_service.yml b/ansible/roles/tacker/tasks/bootstrap_service.yml index 7075bd44f4..9e6d872e5c 100644 --- a/ansible/roles/tacker/tasks/bootstrap_service.yml +++ b/ansible/roles/tacker/tasks/bootstrap_service.yml @@ -6,7 +6,7 @@ kolla_container: action: "start_container" common_options: "{{ docker_common_options }}" - detach: False + detach: false environment: KOLLA_BOOTSTRAP: KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}" @@ -16,5 +16,5 @@ name: "bootstrap_tacker" restart_policy: oneshot volumes: "{{ tacker_server.volumes | reject('equalto', '') | list }}" - run_once: True + run_once: true delegate_to: "{{ groups[tacker_server.group][0] }}" diff --git a/ansible/roles/tacker/tasks/config.yml b/ansible/roles/tacker/tasks/config.yml index f6473b0d31..255494273c 100644 --- a/ansible/roles/tacker/tasks/config.yml +++ b/ansible/roles/tacker/tasks/config.yml @@ -12,7 +12,7 @@ - name: Check if policies shall be overwritten stat: path: "{{ item }}" - run_once: True + run_once: true delegate_to: localhost register: tacker_policy with_first_found: From 7f2a2cf8cb1fcb50496e42e5876635ce28a89a9e Mon Sep 17 00:00:00 2001 From: Michal Nasiadka Date: Wed, 12 Nov 2025 15:06:50 +0100 Subject: [PATCH 36/43] ansible-lint: Fix yaml[truthy] in trove role Change-Id: Ica1a6a89d42b5fec8e4f07f28f24176442e01b15 Signed-off-by: Michal Nasiadka --- ansible/roles/trove/tasks/bootstrap.yml | 4 ++-- ansible/roles/trove/tasks/bootstrap_service.yml | 4 ++-- ansible/roles/trove/tasks/config.yml | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/ansible/roles/trove/tasks/bootstrap.yml b/ansible/roles/trove/tasks/bootstrap.yml index ef820d1bf2..2c3711bcd7 100644 --- a/ansible/roles/trove/tasks/bootstrap.yml +++ b/ansible/roles/trove/tasks/bootstrap.yml @@ -11,7 +11,7 @@ login_user: "{{ trove_database_shard_root_user }}" login_password: "{{ database_password }}" name: "{{ trove_database_name }}" - run_once: True + run_once: true delegate_to: "{{ groups['trove-api'][0] }}" when: - not use_preconfigured_databases | bool @@ -32,7 +32,7 @@ host: "%" priv: "{{ trove_database_name }}.*:ALL" append_privs: "yes" - run_once: True + run_once: true delegate_to: "{{ groups['trove-api'][0] }}" when: - not use_preconfigured_databases | bool diff --git a/ansible/roles/trove/tasks/bootstrap_service.yml b/ansible/roles/trove/tasks/bootstrap_service.yml index 74766ed07a..d30eaf7cf9 100644 --- a/ansible/roles/trove/tasks/bootstrap_service.yml +++ b/ansible/roles/trove/tasks/bootstrap_service.yml @@ -6,7 +6,7 @@ kolla_container: action: "start_container" common_options: "{{ docker_common_options }}" - detach: False + detach: false environment: KOLLA_BOOTSTRAP: KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}" @@ -16,5 +16,5 @@ name: "bootstrap_trove" restart_policy: oneshot volumes: "{{ trove_api.volumes | reject('equalto', '') | list }}" - run_once: True + run_once: true delegate_to: "{{ groups[trove_api.group][0] }}" diff --git a/ansible/roles/trove/tasks/config.yml b/ansible/roles/trove/tasks/config.yml index 8427d0079b..459b71c404 100644 --- a/ansible/roles/trove/tasks/config.yml +++ b/ansible/roles/trove/tasks/config.yml @@ -12,7 +12,7 @@ - name: Check if policies shall be overwritten stat: path: "{{ item }}" - run_once: True + run_once: true delegate_to: localhost register: trove_policy with_first_found: From d56f23d331c894f310a9653e87ec587bb2eb4003 Mon Sep 17 00:00:00 2001 From: Michal Nasiadka Date: Wed, 12 Nov 2025 15:09:28 +0100 Subject: [PATCH 37/43] ansible-lint: Fix yaml[truthy] in watcher role Change-Id: Ib1cf619c742f2d37b5cc22134a7d68e53e70e573 Signed-off-by: Michal Nasiadka --- ansible/roles/watcher/tasks/bootstrap.yml | 4 ++-- ansible/roles/watcher/tasks/bootstrap_service.yml | 4 ++-- ansible/roles/watcher/tasks/config.yml | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/ansible/roles/watcher/tasks/bootstrap.yml b/ansible/roles/watcher/tasks/bootstrap.yml index ffa029e522..c1e7f14c79 100644 --- a/ansible/roles/watcher/tasks/bootstrap.yml +++ b/ansible/roles/watcher/tasks/bootstrap.yml @@ -11,7 +11,7 @@ login_user: "{{ watcher_database_shard_root_user }}" login_password: "{{ database_password }}" name: "{{ watcher_database_name }}" - run_once: True + run_once: true delegate_to: "{{ groups['watcher-api'][0] }}" when: - not use_preconfigured_databases | bool @@ -32,7 +32,7 @@ host: "%" priv: "{{ watcher_database_name }}.*:ALL" append_privs: "yes" - run_once: True + run_once: true delegate_to: "{{ groups['watcher-api'][0] }}" when: - not use_preconfigured_databases | bool diff --git a/ansible/roles/watcher/tasks/bootstrap_service.yml b/ansible/roles/watcher/tasks/bootstrap_service.yml index 36a72f3831..36374689ef 100644 --- a/ansible/roles/watcher/tasks/bootstrap_service.yml +++ b/ansible/roles/watcher/tasks/bootstrap_service.yml @@ -6,7 +6,7 @@ kolla_container: action: "start_container" common_options: "{{ docker_common_options }}" - detach: False + detach: false environment: KOLLA_BOOTSTRAP: KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}" @@ -16,5 +16,5 @@ name: "bootstrap_watcher" restart_policy: oneshot volumes: "{{ watcher_api.volumes | reject('equalto', '') | list }}" - run_once: True + run_once: true delegate_to: "{{ groups[watcher_api.group][0] }}" diff --git a/ansible/roles/watcher/tasks/config.yml b/ansible/roles/watcher/tasks/config.yml index 1b21a5202d..fdaefc185f 100644 --- a/ansible/roles/watcher/tasks/config.yml +++ b/ansible/roles/watcher/tasks/config.yml @@ -12,7 +12,7 @@ - name: Check if policies shall be overwritten stat: path: "{{ item }}" - run_once: True + run_once: true delegate_to: localhost register: watcher_policy with_first_found: From a075abeb7a22f282367a500f73ce75edc4b37777 Mon Sep 17 00:00:00 2001 From: Michal Nasiadka Date: Wed, 12 Nov 2025 15:11:23 +0100 Subject: [PATCH 38/43] ansible-lint: Fix yaml[truthy] in zun role Change-Id: I53d4e293ab946bbef7ae9ee70869411a9e2e20cc Signed-off-by: Michal Nasiadka --- ansible/roles/zun/defaults/main.yml | 4 ++-- ansible/roles/zun/tasks/bootstrap.yml | 4 ++-- ansible/roles/zun/tasks/bootstrap_service.yml | 4 ++-- ansible/roles/zun/tasks/config.yml | 2 +- ansible/roles/zun/tasks/external_ceph.yml | 2 +- ansible/roles/zun/tasks/precheck.yml | 2 +- 6 files changed, 9 insertions(+), 9 deletions(-) diff --git a/ansible/roles/zun/defaults/main.yml b/ansible/roles/zun/defaults/main.yml index 094f40fbe9..c418f88b07 100644 --- a/ansible/roles/zun/defaults/main.yml +++ b/ansible/roles/zun/defaults/main.yml @@ -50,7 +50,7 @@ zun_services: group: zun-compute enabled: true image: "{{ zun_compute_image_full }}" - privileged: True + privileged: true volumes: "{{ zun_compute_default_volumes + zun_compute_extra_volumes + lookup('vars', 'run_default_volumes_' + kolla_container_engine) }}" dimensions: "{{ zun_compute_dimensions }}" healthcheck: "{{ zun_compute_healthcheck }}" @@ -59,7 +59,7 @@ zun_services: group: zun-cni-daemon enabled: true image: "{{ zun_cni_daemon_image_full }}" - privileged: True + privileged: true volumes: "{{ zun_cni_daemon_default_volumes + zun_cni_daemon_extra_volumes + lookup('vars', 'run_default_volumes_' + kolla_container_engine) }}" dimensions: "{{ zun_cni_daemon_dimensions }}" healthcheck: "{{ zun_cni_daemon_healthcheck }}" diff --git a/ansible/roles/zun/tasks/bootstrap.yml b/ansible/roles/zun/tasks/bootstrap.yml index a18acdea7f..3ec453be6e 100644 --- a/ansible/roles/zun/tasks/bootstrap.yml +++ b/ansible/roles/zun/tasks/bootstrap.yml @@ -11,7 +11,7 @@ login_user: "{{ zun_database_shard_root_user }}" login_password: "{{ database_password }}" name: "{{ zun_database_name }}" - run_once: True + run_once: true delegate_to: "{{ groups['zun-api'][0] }}" when: - not use_preconfigured_databases | bool @@ -32,7 +32,7 @@ host: "%" priv: "{{ zun_database_name }}.*:ALL" append_privs: "yes" - run_once: True + run_once: true delegate_to: "{{ groups['zun-api'][0] }}" when: - not use_preconfigured_databases | bool diff --git a/ansible/roles/zun/tasks/bootstrap_service.yml b/ansible/roles/zun/tasks/bootstrap_service.yml index d618b07c23..b68dc002a4 100644 --- a/ansible/roles/zun/tasks/bootstrap_service.yml +++ b/ansible/roles/zun/tasks/bootstrap_service.yml @@ -6,7 +6,7 @@ kolla_container: action: "start_container" common_options: "{{ docker_common_options }}" - detach: False + detach: false environment: KOLLA_BOOTSTRAP: KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}" @@ -16,5 +16,5 @@ name: "bootstrap_zun" restart_policy: oneshot volumes: "{{ zun_api.volumes | reject('equalto', '') | list }}" - run_once: True + run_once: true delegate_to: "{{ groups[zun_api.group][0] }}" diff --git a/ansible/roles/zun/tasks/config.yml b/ansible/roles/zun/tasks/config.yml index 7ef4c7e3b5..850f353d72 100644 --- a/ansible/roles/zun/tasks/config.yml +++ b/ansible/roles/zun/tasks/config.yml @@ -17,7 +17,7 @@ - name: Check if policies shall be overwritten stat: path: "{{ item }}" - run_once: True + run_once: true delegate_to: localhost register: zun_policy with_first_found: diff --git a/ansible/roles/zun/tasks/external_ceph.yml b/ansible/roles/zun/tasks/external_ceph.yml index e57410b6bb..1afe869cf4 100644 --- a/ansible/roles/zun/tasks/external_ceph.yml +++ b/ansible/roles/zun/tasks/external_ceph.yml @@ -18,6 +18,6 @@ become: true file: path: "{{ node_config_directory }}/zun-compute" - recurse: yes + recurse: true owner: "{{ config_owner_user }}" group: "{{ config_owner_group }}" diff --git a/ansible/roles/zun/tasks/precheck.yml b/ansible/roles/zun/tasks/precheck.yml index 780a78aa09..cd727ebe3b 100644 --- a/ansible/roles/zun/tasks/precheck.yml +++ b/ansible/roles/zun/tasks/precheck.yml @@ -54,6 +54,6 @@ assert: that: enable_kuryr | bool fail_msg: "kuryr is required but not enabled" - run_once: True + run_once: true when: - enable_zun | bool From 6a37f1ff884ee172e1302cff2c3e506d02596eef Mon Sep 17 00:00:00 2001 From: Michael Still Date: Tue, 18 Nov 2025 21:01:42 +1100 Subject: [PATCH 39/43] Drop requirement for blueprints. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Update contributor guide per conversation with Michał Nasiadka (mnasiadka) on IRC. Change-Id: I9bd8c46b084ff0ffce6c3abce972508fd9d59d69 Signed-off-by: Michael Still --- doc/source/contributor/contributing.rst | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/doc/source/contributor/contributing.rst b/doc/source/contributor/contributing.rst index 36e798561b..7e9bff16a9 100644 --- a/doc/source/contributor/contributing.rst +++ b/doc/source/contributor/contributing.rst @@ -56,9 +56,13 @@ directly, you can find the lists in Gerrit: New Feature Planning ~~~~~~~~~~~~~~~~~~~~ -New features are discussed via IRC or mailing list (with [kolla] prefix). -Kolla project keeps blueprints in `Launchpad `__. -Specs are welcome but not strictly required. +New features are discussed via IRC or on the openstack-discuss mailing list +(please include the [kolla] prefix to your subject line). + +Kolla has previously used Launchpad blueprints, but now simply uses tracking +bugs for new feature work. Please tag any such bugs with a "[RFE]" prefix, +which indicates the bug is a Request For Enhancement. Bugs are discussed in +more detail in the next section. Task Tracking ~~~~~~~~~~~~~ From 5d851266464bb1a63f098bf4f0b2208bd10bee38 Mon Sep 17 00:00:00 2001 From: Michal Arbet Date: Tue, 1 Apr 2025 15:15:41 +0200 Subject: [PATCH 40/43] Remove distro_python_version variable This patch drops the ``distro_python_version`` variable from Kolla Ansible, as it is no longer needed, the paths have already been handled at the image level. More details can be found in [1]. [1] https://review.opendev.org/q/topic:%22kolla-distro-python-version%22 Change-Id: I1b972c607c1d9fd387e977b73a7529c3e2574387 Signed-off-by: Michal Nasiadka --- ansible/group_vars/all/common.yml | 2 -- ansible/roles/horizon/templates/horizon.conf.j2 | 6 ++---- .../templates/ironic-prometheus-exporter-wsgi.conf.j2 | 7 +++---- ansible/roles/skyline/templates/nginx.conf.j2 | 2 +- ansible/roles/skyline/templates/skyline-console.json.j2 | 2 +- .../remove-distro-python-version-09adac8895cb87d1.yaml | 4 ++++ 6 files changed, 11 insertions(+), 12 deletions(-) create mode 100644 releasenotes/notes/remove-distro-python-version-09adac8895cb87d1.yaml diff --git a/ansible/group_vars/all/common.yml b/ansible/group_vars/all/common.yml index 2e03111176..9846af85cf 100644 --- a/ansible/group_vars/all/common.yml +++ b/ansible/group_vars/all/common.yml @@ -213,8 +213,6 @@ kolla_base_distro_version_default_map: { "ubuntu": "noble", } -distro_python_version: "3" - kolla_base_distro_version: "{{ kolla_base_distro_version_default_map[kolla_base_distro] }}" #################### diff --git a/ansible/roles/horizon/templates/horizon.conf.j2 b/ansible/roles/horizon/templates/horizon.conf.j2 index e5f851aeba..2f6380da2e 100644 --- a/ansible/roles/horizon/templates/horizon.conf.j2 +++ b/ansible/roles/horizon/templates/horizon.conf.j2 @@ -1,5 +1,3 @@ -{% set python_path = '/var/lib/kolla/venv/lib/python' + distro_python_version + '/site-packages' %} - {% if horizon_enable_tls_backend | bool %} {% if kolla_base_distro in ['centos', 'rocky'] %} LoadModule ssl_module /usr/lib64/httpd/modules/mod_ssl.so @@ -23,7 +21,7 @@ TraceEnable off WSGIScriptReloading On WSGIDaemonProcess horizon-http processes={{ horizon_wsgi_processes }} threads={{ horizon_wsgi_threads }} user=horizon group=horizon display-name=horizon WSGIProcessGroup horizon-http - WSGIScriptAlias / {{ python_path }}/openstack_dashboard/wsgi.py + WSGIScriptAlias / /var/lib/kolla/venv/lib/python3/site-packages/openstack_dashboard/wsgi.py WSGIPassAuthorization On WSGIApplicationGroup %{GLOBAL} @@ -35,7 +33,7 @@ TraceEnable off Require local - Alias /static {{ python_path }}/static + Alias /static /var/lib/kolla/venv/lib/python3/site-packages/static SetHandler None diff --git a/ansible/roles/ironic/templates/ironic-prometheus-exporter-wsgi.conf.j2 b/ansible/roles/ironic/templates/ironic-prometheus-exporter-wsgi.conf.j2 index ace7fd9a1d..319bf2f888 100644 --- a/ansible/roles/ironic/templates/ironic-prometheus-exporter-wsgi.conf.j2 +++ b/ansible/roles/ironic/templates/ironic-prometheus-exporter-wsgi.conf.j2 @@ -1,12 +1,11 @@ {% set ironic_log_dir = '/var/log/kolla/ironic' %} -{% set python_path = '/var/lib/kolla/venv/lib/python' + distro_python_version + '/site-packages' %} Listen {{ api_interface_address | put_address_in_context('url') }}:{{ ironic_prometheus_exporter_port }} ServerSignature Off ServerTokens Prod TraceEnable off - + AllowOverride None Options None @@ -28,9 +27,9 @@ LogLevel info LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b %D \"%{Referer}i\" \"%{User-Agent}i\"" logformat CustomLog "{{ ironic_log_dir }}/ironic-prometheus-exporter-wsgi-access.log" logformat - WSGIDaemonProcess ironic-prometheus-exporter processes={{ openstack_service_workers }} threads=1 user=ironic display-name=%{GROUP} python-path={{ python_path }} + WSGIDaemonProcess ironic-prometheus-exporter processes={{ openstack_service_workers }} threads=1 user=ironic display-name=%{GROUP} python-path=/var/lib/kolla/venv/lib/python3/site-packages WSGIProcessGroup ironic-prometheus-exporter - WSGIScriptAlias / {{ python_path }}/ironic_prometheus_exporter/app/wsgi.py + WSGIScriptAlias / /var/lib/kolla/venv/lib/python3/site-packages/ironic_prometheus_exporter/app/wsgi.py WSGIApplicationGroup %{GLOBAL} Require all granted diff --git a/ansible/roles/skyline/templates/nginx.conf.j2 b/ansible/roles/skyline/templates/nginx.conf.j2 index 944480464b..711c7fbe63 100644 --- a/ansible/roles/skyline/templates/nginx.conf.j2 +++ b/ansible/roles/skyline/templates/nginx.conf.j2 @@ -68,7 +68,7 @@ http { server { listen {{ api_interface_address | put_address_in_context('url') }}:{{ skyline_console_listen_port }}{% if skyline_ssl_certfile and skyline_ssl_keyfile %} ssl http2{% endif %} default_server; - root /var/lib/kolla/venv/lib/python{{ distro_python_version }}/site-packages/skyline_console/static; + root /var/lib/kolla/venv/lib/python3/site-packages/skyline_console/static; # Add index.php to the list if you are using PHP index index.html; diff --git a/ansible/roles/skyline/templates/skyline-console.json.j2 b/ansible/roles/skyline/templates/skyline-console.json.j2 index 6d9e0a0822..3cab049059 100644 --- a/ansible/roles/skyline/templates/skyline-console.json.j2 +++ b/ansible/roles/skyline/templates/skyline-console.json.j2 @@ -15,7 +15,7 @@ }{% if skyline_custom_logos | length > 0 %}, { "source": "{{ container_config_directory}}/logos", - "dest": "/var/lib/kolla/venv/lib/python{{ distro_python_version }}/site-packages/skyline_console/static", + "dest": "/var/lib/kolla/venv/lib/python3/site-packages/skyline_console/static", "owner": "root", "perm": "0644", "merge": true diff --git a/releasenotes/notes/remove-distro-python-version-09adac8895cb87d1.yaml b/releasenotes/notes/remove-distro-python-version-09adac8895cb87d1.yaml new file mode 100644 index 0000000000..6f19718c39 --- /dev/null +++ b/releasenotes/notes/remove-distro-python-version-09adac8895cb87d1.yaml @@ -0,0 +1,4 @@ +--- +upgrade: + - | + The global variable ``distro_python_version`` has been removed From 28eb9a388d4204d4fd27db61d8d871173a2beef2 Mon Sep 17 00:00:00 2001 From: Michal Nasiadka Date: Wed, 12 Nov 2025 15:24:01 +0100 Subject: [PATCH 41/43] ansible-lint: Remove yaml[truthy] from excludes Normalize quotes and some other easy fixes done by ansible-lint --fix Also drop etc from excludes and ignore comment check in etc/kolla/globals.yml Pinning to ansible-lint<25.11.0 because 25.11.1 is breaking without any messages Change-Id: I7dee3866191cef84cd12b1816cdab0a02380ec7f Signed-off-by: Michal Nasiadka --- .ansible-lint | 7 +- .ansible-lint-ignore | 1 + .gitignore | 1 + ansible/bifrost.yml | 4 +- ansible/gather-facts.yml | 2 +- ansible/group_vars/all/aodh.yml | 2 +- ansible/group_vars/all/barbican.yml | 2 +- ansible/group_vars/all/blazar.yml | 2 +- ansible/group_vars/all/ceilometer.yml | 6 +- ansible/group_vars/all/ceph-rgw.yml | 2 +- ansible/group_vars/all/ceph.yml | 2 +- ansible/group_vars/all/cinder.yml | 24 +- ansible/group_vars/all/cloudkitty.yml | 2 +- ansible/group_vars/all/collectd.yml | 2 +- ansible/group_vars/all/common.yml | 32 +-- ansible/group_vars/all/cyborg.yml | 2 +- ansible/group_vars/all/designate.yml | 6 +- ansible/group_vars/all/etcd.yml | 2 +- ansible/group_vars/all/fluentd.yml | 2 +- ansible/group_vars/all/glance.yml | 12 +- ansible/group_vars/all/gnocchi.yml | 4 +- ansible/group_vars/all/grafana.yml | 2 +- ansible/group_vars/all/haproxy.yml | 35 +-- ansible/group_vars/all/ironic.yml | 6 +- ansible/group_vars/all/keystone.yml | 1 - ansible/group_vars/all/kuryr.yml | 2 +- ansible/group_vars/all/letsencrypt.yml | 2 +- ansible/group_vars/all/magnum.yml | 2 +- ansible/group_vars/all/manila.yml | 14 +- ansible/group_vars/all/mariadb.yml | 10 +- ansible/group_vars/all/masakari.yml | 2 +- ansible/group_vars/all/memcached.yml | 4 +- ansible/group_vars/all/mistral.yml | 2 +- ansible/group_vars/all/multipathd.yml | 2 +- ansible/group_vars/all/neutron.yml | 39 ++- ansible/group_vars/all/nova.yml | 12 +- ansible/group_vars/all/octavia.yml | 2 +- ansible/group_vars/all/openvswitch.yml | 2 +- ansible/group_vars/all/prometheus.yml | 6 +- ansible/group_vars/all/rabbitmq.yml | 2 +- ansible/group_vars/all/skyline.yml | 2 +- ansible/group_vars/all/tacker.yml | 2 +- ansible/group_vars/all/telegraf.yml | 4 +- ansible/group_vars/all/trove.yml | 4 +- ansible/group_vars/all/valkey.yml | 2 +- ansible/group_vars/all/watcher.yml | 2 +- ansible/group_vars/all/zun.yml | 9 +- ansible/kolla-host.yml | 4 +- ansible/mariadb.yml | 10 +- ansible/mariadb_backup.yml | 6 +- ansible/mariadb_recovery.yml | 6 +- ansible/nova.yml | 20 +- ansible/post-deploy.yml | 2 +- ansible/rabbitmq.yml | 30 +- ansible/roles/cinder/defaults/main.yml | 2 +- ansible/roles/common/defaults/main.yml | 6 +- ansible/roles/etcd/handlers/main.yml | 14 +- ansible/roles/horizon/defaults/main.yml | 2 +- ansible/roles/ironic/tasks/precheck.yml | 2 +- ansible/roles/keystone/defaults/main.yml | 4 +- ansible/roles/letsencrypt/defaults/main.yml | 1 - ansible/roles/magnum/defaults/main.yml | 2 +- .../roles/nova-cell/tasks/create_cells.yml | 4 +- .../nova-cell/tasks/discover_computes.yml | 2 +- .../roles/nova-cell/tasks/external_ceph.yml | 2 +- ansible/roles/nova/tasks/map_cell0.yml | 6 +- ansible/roles/octavia/defaults/main.yml | 6 +- ansible/roles/opensearch/defaults/main.yml | 2 +- .../roles/openvswitch/tasks/config-host.yml | 2 +- .../roles/ovn-controller/tasks/setup-ovs.yml | 14 +- ansible/roles/valkey/tasks/upgrade.yml | 2 - ansible/site.yml | 235 +++++++--------- etc/kolla/globals.yml | 260 +++++++++--------- tools/setup-compute-libvirt.yml | 2 +- 74 files changed, 445 insertions(+), 494 deletions(-) create mode 100644 .ansible-lint-ignore diff --git a/.ansible-lint b/.ansible-lint index ad9a30abbc..8a566c1335 100644 --- a/.ansible-lint +++ b/.ansible-lint @@ -1,10 +1,12 @@ --- exclude_paths: - - etc + - releasenotes - roles - tests - zuul.d -strict: true +# NOTE(mnasiadka): Switched to false due to rules skipped via .ansible-lint-ignore causing +# failures +strict: false use_default_rules: true skip_list: # [E301] Commands should not change things if nothing needs doing @@ -37,5 +39,4 @@ skip_list: - risky-shell-pipe - command-instead-of-shell - command-instead-of-module - - yaml[truthy] - yaml[line-length] diff --git a/.ansible-lint-ignore b/.ansible-lint-ignore new file mode 100644 index 0000000000..ab7637ed47 --- /dev/null +++ b/.ansible-lint-ignore @@ -0,0 +1 @@ +etc/kolla/globals.yml yaml[comments] skip \ No newline at end of file diff --git a/.gitignore b/.gitignore index e3f52d7e81..480b0ad3f9 100644 --- a/.gitignore +++ b/.gitignore @@ -53,6 +53,7 @@ releasenotes/build # Files generated by Ansible ansible/*.retry +.ansible/ # Others .DS_Store diff --git a/ansible/bifrost.yml b/ansible/bifrost.yml index ad02f05398..a390ea5cb3 100644 --- a/ansible/bifrost.yml +++ b/ansible/bifrost.yml @@ -2,5 +2,5 @@ - name: Apply role bifrost hosts: bifrost roles: - - { role: bifrost, - tags: bifrost} + - role: bifrost + tags: bifrost diff --git a/ansible/gather-facts.yml b/ansible/gather-facts.yml index 468b5ae695..cb0040a743 100644 --- a/ansible/gather-facts.yml +++ b/ansible/gather-facts.yml @@ -50,7 +50,7 @@ setup: filter: "{{ kolla_ansible_setup_filter }}" gather_subset: "{{ kolla_ansible_setup_gather_subset }}" - delegate_facts: True + delegate_facts: true delegate_to: "{{ item }}" with_items: "{{ delegate_hosts }}" when: diff --git a/ansible/group_vars/all/aodh.yml b/ansible/group_vars/all/aodh.yml index 2e431e11eb..6cb9e28fce 100644 --- a/ansible/group_vars/all/aodh.yml +++ b/ansible/group_vars/all/aodh.yml @@ -1,5 +1,5 @@ --- -enable_aodh: "no" +enable_aodh: false # Ports aodh_internal_fqdn: "{{ kolla_internal_fqdn }}" diff --git a/ansible/group_vars/all/barbican.yml b/ansible/group_vars/all/barbican.yml index 36e256a018..c7b6c10cee 100644 --- a/ansible/group_vars/all/barbican.yml +++ b/ansible/group_vars/all/barbican.yml @@ -1,5 +1,5 @@ --- -enable_barbican: "no" +enable_barbican: false ####################### # Barbican options diff --git a/ansible/group_vars/all/blazar.yml b/ansible/group_vars/all/blazar.yml index 10122ffdc4..f9463988b0 100644 --- a/ansible/group_vars/all/blazar.yml +++ b/ansible/group_vars/all/blazar.yml @@ -1,5 +1,5 @@ --- -enable_blazar: "no" +enable_blazar: false # Ports blazar_internal_fqdn: "{{ kolla_internal_fqdn }}" diff --git a/ansible/group_vars/all/ceilometer.yml b/ansible/group_vars/all/ceilometer.yml index 19e99eee03..0b178a4704 100644 --- a/ansible/group_vars/all/ceilometer.yml +++ b/ansible/group_vars/all/ceilometer.yml @@ -1,4 +1,4 @@ --- -enable_ceilometer: "no" -enable_ceilometer_ipmi: "no" -enable_ceilometer_prometheus_pushgateway: "no" +enable_ceilometer: false +enable_ceilometer_ipmi: false +enable_ceilometer_prometheus_pushgateway: false diff --git a/ansible/group_vars/all/ceph-rgw.yml b/ansible/group_vars/all/ceph-rgw.yml index 3d3d4802b7..dba16bae7f 100644 --- a/ansible/group_vars/all/ceph-rgw.yml +++ b/ansible/group_vars/all/ceph-rgw.yml @@ -1,5 +1,5 @@ --- -enable_ceph_rgw: "no" +enable_ceph_rgw: false enable_ceph_rgw_loadbalancer: "{{ enable_ceph_rgw | bool }}" ceph_rgw_internal_fqdn: "{{ kolla_internal_fqdn }}" diff --git a/ansible/group_vars/all/ceph.yml b/ansible/group_vars/all/ceph.yml index 987717a65e..ab48f06fca 100644 --- a/ansible/group_vars/all/ceph.yml +++ b/ansible/group_vars/all/ceph.yml @@ -3,7 +3,7 @@ # External Ceph options ################### # External Ceph - cephx auth enabled (this is the standard nowadays, defaults to yes) -external_ceph_cephx_enabled: "yes" +external_ceph_cephx_enabled: true ceph_cluster: "ceph" diff --git a/ansible/group_vars/all/cinder.yml b/ansible/group_vars/all/cinder.yml index 51948a18ad..9418adcc9d 100644 --- a/ansible/group_vars/all/cinder.yml +++ b/ansible/group_vars/all/cinder.yml @@ -1,21 +1,21 @@ --- -enable_cinder: "no" -enable_cinder_backup: "yes" +enable_cinder: false +enable_cinder_backup: true enable_cinder_backend_iscsi: "{{ enable_cinder_backend_lvm | bool }}" -enable_cinder_backend_lvm: "no" -enable_cinder_backend_nfs: "no" -enable_cinder_backend_quobyte: "no" -enable_cinder_backend_pure_iscsi: "no" -enable_cinder_backend_pure_fc: "no" -enable_cinder_backend_pure_roce: "no" -enable_cinder_backend_pure_nvme_tcp: "no" -enable_cinder_backend_lightbits: "no" +enable_cinder_backend_lvm: false +enable_cinder_backend_nfs: false +enable_cinder_backend_quobyte: false +enable_cinder_backend_pure_iscsi: false +enable_cinder_backend_pure_fc: false +enable_cinder_backend_pure_roce: false +enable_cinder_backend_pure_nvme_tcp: false +enable_cinder_backend_lightbits: false ################################# # Cinder options ################################# -cinder_backend_ceph: "no" -cinder_backend_huawei: "no" +cinder_backend_ceph: false +cinder_backend_huawei: false cinder_backend_huawei_xml_files: [] cinder_volume_group: "cinder-volumes" cinder_target_helper: "{{ 'lioadm' if ansible_facts.os_family == 'RedHat' else 'tgtadm' }}" diff --git a/ansible/group_vars/all/cloudkitty.yml b/ansible/group_vars/all/cloudkitty.yml index a657c3bd0b..23f06708ce 100644 --- a/ansible/group_vars/all/cloudkitty.yml +++ b/ansible/group_vars/all/cloudkitty.yml @@ -1,5 +1,5 @@ --- -enable_cloudkitty: "no" +enable_cloudkitty: false ####################### # Cloudkitty options diff --git a/ansible/group_vars/all/collectd.yml b/ansible/group_vars/all/collectd.yml index 8e62327160..03282eafe5 100644 --- a/ansible/group_vars/all/collectd.yml +++ b/ansible/group_vars/all/collectd.yml @@ -1,4 +1,4 @@ --- -enable_collectd: "no" +enable_collectd: false collectd_udp_port: "25826" diff --git a/ansible/group_vars/all/common.yml b/ansible/group_vars/all/common.yml index 9846af85cf..4664430f22 100644 --- a/ansible/group_vars/all/common.yml +++ b/ansible/group_vars/all/common.yml @@ -31,13 +31,13 @@ docker_image_name_prefix: "" docker_image_url: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ docker_image_name_prefix }}" docker_registry_username: # Please read the docs carefully before applying docker_registry_insecure. -docker_registry_insecure: "no" +docker_registry_insecure: false docker_runtime_directory: "" # Docker client timeout in seconds. docker_client_timeout: 120 # Docker networking options -docker_disable_default_iptables_rules: "yes" +docker_disable_default_iptables_rules: true docker_disable_default_network: "{{ docker_disable_default_iptables_rules }}" docker_disable_ip_forward: "{{ docker_disable_default_iptables_rules }}" @@ -79,14 +79,13 @@ container_engine_volumes_path: "{{ docker_volumes_path if kolla_container_engine # Podman has problem with mounting whole /run directory # described here: https://github.com/containers/podman/issues/16305 run_default_volumes_podman: - - '/run/netns:/run/netns:shared' - - '/run/lock/nova:/run/lock/nova:shared' + - "/run/netns:/run/netns:shared" + - "/run/lock/nova:/run/lock/nova:shared" - "/run/libvirt:/run/libvirt:shared" - "/run/nova:/run/nova:shared" - "/run/openvswitch:/run/openvswitch:shared" run_default_volumes_docker: [] - #################### # Dimensions options #################### @@ -112,7 +111,7 @@ default_podman_dimensions_el9: ##################### # Healthcheck options ##################### -enable_container_healthchecks: "yes" +enable_container_healthchecks: true # Healthcheck options for Docker containers # interval/timeout/start_period are in seconds default_container_healthcheck_interval: 30 @@ -125,7 +124,6 @@ default_container_healthcheck_start_period: 5 ####################### # Extra volumes for Docker Containers default_extra_volumes: [] - ################## # Firewall options ################## @@ -174,8 +172,8 @@ kolla_external_fqdn: "{{ kolla_internal_fqdn if kolla_same_external_internal_vip kolla_dev_repos_directory: "/opt/stack/" kolla_dev_repos_git: "https://opendev.org/openstack" -kolla_dev_repos_pull: "no" -kolla_dev_mode: "no" +kolla_dev_repos_pull: false +kolla_dev_mode: false kolla_source_version: "{% if openstack_release == 'master' %}master{% else %}stable/{{ openstack_release }}{% endif %}" # Proxy settings for containers such as magnum that need internet access @@ -202,7 +200,6 @@ api_interface_address: "{{ 'api' | kolla_address }}" #################### kolla_container_engine: "docker" - ######################### # Internal Image options ######################### @@ -231,10 +228,10 @@ public_protocol: "{{ 'https' if kolla_enable_tls_external | bool else 'http' }}" internal_protocol: "{{ 'https' if kolla_enable_tls_internal | bool else 'http' }}" # Additional optional OpenStack features and services are specified here -enable_central_logging: "no" +enable_central_logging: false # Clean images options are specified here -enable_destroy_images: "no" +enable_destroy_images: false #################### # Global Options @@ -244,7 +241,6 @@ enable_destroy_images: "no" # - container1 # - container2 skip_stop_containers: [] - ################### # Messaging options ################### @@ -319,9 +315,9 @@ openstack_cacert: "" # Enable core OpenStack services. This includes: # glance, keystone, neutron, nova, heat, and horizon. -enable_openstack_core: "yes" +enable_openstack_core: true -enable_osprofiler: "no" +enable_osprofiler: false #################### # Osprofiler options @@ -334,8 +330,8 @@ osprofiler_backend_connection_string: "{{ valkey_connection_string if osprofiler ###################### # Backend TLS options ###################### -kolla_enable_tls_backend: "no" -kolla_verify_tls_backend: "yes" +kolla_enable_tls_backend: false +kolla_verify_tls_backend: true kolla_tls_backend_cert: "{{ kolla_certificates_dir }}/backend-cert.pem" kolla_tls_backend_key: "{{ kolla_certificates_dir }}/backend-key.pem" @@ -351,7 +347,7 @@ database_enable_tls_backend: "{{ 'yes' if ((kolla_enable_tls_backend | bool) and database_enable_tls_internal: "{{ 'yes' if ((kolla_enable_tls_internal | bool) and (enable_proxysql | bool)) else 'no' }}" # Optionally allow Kolla to set sysctl values -set_sysctl: "yes" +set_sysctl: true # Optionally change the path to sysctl.conf modified by Kolla Ansible plays. kolla_sysctl_conf_path: /etc/sysctl.conf diff --git a/ansible/group_vars/all/cyborg.yml b/ansible/group_vars/all/cyborg.yml index f8346b5ef2..19122bfbe7 100644 --- a/ansible/group_vars/all/cyborg.yml +++ b/ansible/group_vars/all/cyborg.yml @@ -1,5 +1,5 @@ --- -enable_cyborg: "no" +enable_cyborg: false cyborg_internal_fqdn: "{{ kolla_internal_fqdn }}" cyborg_external_fqdn: "{{ kolla_external_fqdn }}" diff --git a/ansible/group_vars/all/designate.yml b/ansible/group_vars/all/designate.yml index 343472a165..c0287f436a 100644 --- a/ansible/group_vars/all/designate.yml +++ b/ansible/group_vars/all/designate.yml @@ -1,5 +1,5 @@ --- -enable_designate: "no" +enable_designate: false designate_keystone_user: "designate" @@ -10,12 +10,12 @@ designate_keystone_user: "designate" designate_backend: "bind9" designate_ns_record: - "ns1.example.org" -designate_backend_external: "no" +designate_backend_external: false designate_backend_external_bind9_nameservers: "" # Valid options are [ '', valkey ] designate_coordination_backend: "{{ 'valkey' if enable_valkey | bool else '' }}" -designate_enable_notifications_sink: "no" +designate_enable_notifications_sink: false designate_notifications_topic_name: "notifications_designate" dns_interface: "{{ network_interface }}" diff --git a/ansible/group_vars/all/etcd.yml b/ansible/group_vars/all/etcd.yml index a6b1601196..fb3ae015c8 100644 --- a/ansible/group_vars/all/etcd.yml +++ b/ansible/group_vars/all/etcd.yml @@ -1,5 +1,5 @@ --- -enable_etcd: "no" +enable_etcd: false etcd_client_port: "2379" etcd_peer_port: "2380" diff --git a/ansible/group_vars/all/fluentd.yml b/ansible/group_vars/all/fluentd.yml index 13f41522d0..1d9fcbb28c 100644 --- a/ansible/group_vars/all/fluentd.yml +++ b/ansible/group_vars/all/fluentd.yml @@ -1,5 +1,5 @@ --- -enable_fluentd: "yes" +enable_fluentd: true enable_fluentd_systemd: "{{ (enable_fluentd | bool) and (enable_central_logging | bool) }}" fluentd_syslog_port: "5140" diff --git a/ansible/group_vars/all/glance.yml b/ansible/group_vars/all/glance.yml index baf705736b..11273e4f73 100644 --- a/ansible/group_vars/all/glance.yml +++ b/ansible/group_vars/all/glance.yml @@ -7,13 +7,13 @@ glance_keystone_user: "glance" # Glance options ####################### glance_backend_file: "{{ not (glance_backend_ceph | bool or glance_backend_s3 | bool) }}" -glance_backend_ceph: "no" -glance_backend_s3: "no" -enable_glance_image_cache: "no" +glance_backend_ceph: false +glance_backend_s3: false +enable_glance_image_cache: false glance_file_datadir_volume: "glance" -glance_enable_rolling_upgrade: "no" -glance_enable_property_protection: "no" -glance_enable_interoperable_image_import: "no" +glance_enable_rolling_upgrade: false +glance_enable_property_protection: false +glance_enable_interoperable_image_import: false glance_api_hosts: "{{ [groups['glance-api'] | first] if glance_backend_file | bool and glance_file_datadir_volume == 'glance' else groups['glance-api'] }}" # NOTE(mnasiadka): For use in common role glance_enable_tls_backend: "{{ kolla_enable_tls_backend }}" diff --git a/ansible/group_vars/all/gnocchi.yml b/ansible/group_vars/all/gnocchi.yml index 3792bf7d08..db066184d6 100644 --- a/ansible/group_vars/all/gnocchi.yml +++ b/ansible/group_vars/all/gnocchi.yml @@ -1,6 +1,6 @@ --- -enable_gnocchi: "no" -enable_gnocchi_statsd: "no" +enable_gnocchi: false +enable_gnocchi_statsd: false ################# # Gnocchi options diff --git a/ansible/group_vars/all/grafana.yml b/ansible/group_vars/all/grafana.yml index 97c7d12945..15f4301149 100644 --- a/ansible/group_vars/all/grafana.yml +++ b/ansible/group_vars/all/grafana.yml @@ -1,5 +1,5 @@ --- -enable_grafana: "no" +enable_grafana: false enable_grafana_external: "{{ enable_grafana | bool }}" grafana_internal_fqdn: "{{ kolla_internal_fqdn }}" diff --git a/ansible/group_vars/all/haproxy.yml b/ansible/group_vars/all/haproxy.yml index d2e5a14a24..9566d7768c 100644 --- a/ansible/group_vars/all/haproxy.yml +++ b/ansible/group_vars/all/haproxy.yml @@ -1,20 +1,20 @@ --- -enable_haproxy: "yes" +enable_haproxy: true #################### # HAProxy options #################### haproxy_user: "openstack" haproxy_enable_external_vip: "{{ 'no' if kolla_same_external_internal_vip | bool else 'yes' }}" -haproxy_enable_http2: "yes" +haproxy_enable_http2: true haproxy_http2_protocol: "alpn h2,http/1.1" -kolla_enable_tls_internal: "no" +kolla_enable_tls_internal: false kolla_enable_tls_external: "{{ kolla_enable_tls_internal if kolla_same_external_internal_vip | bool else 'no' }}" kolla_certificates_dir: "{{ node_config }}/certificates" kolla_external_fqdn_cert: "{{ kolla_certificates_dir }}/haproxy.pem" kolla_internal_fqdn_cert: "{{ kolla_certificates_dir }}/haproxy-internal.pem" kolla_admin_openrc_cacert: "" -kolla_copy_ca_into_containers: "no" +kolla_copy_ca_into_containers: false haproxy_backend_cacert: "{{ 'ca-certificates.crt' if kolla_base_distro in ['debian', 'ubuntu'] else 'ca-bundle.crt' }}" haproxy_backend_cacert_dir: "/etc/ssl/certs" haproxy_single_external_frontend: false @@ -23,25 +23,26 @@ haproxy_single_external_frontend_public_port: "{{ '443' if kolla_enable_tls_exte # configure SSL/TLS settings for haproxy config, one of [modern, intermediate, legacy]: kolla_haproxy_ssl_settings: "modern" -haproxy_ssl_settings: "{{ ssl_legacy_settings if kolla_haproxy_ssl_settings == 'legacy' else ssl_intermediate_settings if kolla_haproxy_ssl_settings == 'intermediate' else ssl_modern_settings | default(ssl_modern_settings) }}" +haproxy_ssl_settings: "{{ ssl_legacy_settings if kolla_haproxy_ssl_settings == 'legacy' else ssl_intermediate_settings if kolla_haproxy_ssl_settings == 'intermediate' + else ssl_modern_settings | default(ssl_modern_settings) }}" ssl_legacy_settings: | - ssl-default-bind-ciphers DEFAULT:!MEDIUM:!3DES - ssl-default-bind-options no-sslv3 no-tlsv10 no-tlsv11 + ssl-default-bind-ciphers DEFAULT:!MEDIUM:!3DES + ssl-default-bind-options no-sslv3 no-tlsv10 no-tlsv11 ssl_intermediate_settings: | - ssl-default-bind-ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-CHACHA20-POLY1305 - ssl-default-bind-ciphersuites TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256 - ssl-default-bind-options prefer-client-ciphers no-sslv3 no-tlsv10 no-tlsv11 no-tls-tickets - ssl-default-server-ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-CHACHA20-POLY1305 - ssl-default-server-ciphersuites TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256 - ssl-default-server-options no-sslv3 no-tlsv10 no-tlsv11 no-tls-tickets + ssl-default-bind-ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-CHACHA20-POLY1305 + ssl-default-bind-ciphersuites TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256 + ssl-default-bind-options prefer-client-ciphers no-sslv3 no-tlsv10 no-tlsv11 no-tls-tickets + ssl-default-server-ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-CHACHA20-POLY1305 + ssl-default-server-ciphersuites TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256 + ssl-default-server-options no-sslv3 no-tlsv10 no-tlsv11 no-tls-tickets ssl_modern_settings: | - ssl-default-bind-ciphersuites TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256 - ssl-default-bind-options prefer-client-ciphers no-sslv3 no-tlsv10 no-tlsv11 no-tlsv12 no-tls-tickets - ssl-default-server-ciphersuites TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256 - ssl-default-server-options no-sslv3 no-tlsv10 no-tlsv11 no-tlsv12 no-tls-tickets + ssl-default-bind-ciphersuites TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256 + ssl-default-bind-options prefer-client-ciphers no-sslv3 no-tlsv10 no-tlsv11 no-tlsv12 no-tls-tickets + ssl-default-server-ciphersuites TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256 + ssl-default-server-options no-sslv3 no-tlsv10 no-tlsv11 no-tlsv12 no-tls-tickets haproxy_stats_port: "1984" haproxy_monitor_port: "61313" diff --git a/ansible/group_vars/all/ironic.yml b/ansible/group_vars/all/ironic.yml index 97df0fe71d..9ea0376a27 100644 --- a/ansible/group_vars/all/ironic.yml +++ b/ansible/group_vars/all/ironic.yml @@ -1,9 +1,9 @@ --- -enable_ironic: "no" +enable_ironic: false enable_ironic_dnsmasq: "{{ enable_ironic | bool }}" -enable_ironic_neutron_agent: "no" +enable_ironic_neutron_agent: false enable_ironic_prometheus_exporter: "{{ enable_ironic | bool and enable_prometheus | bool }}" -enable_ironic_pxe_filter: "no" +enable_ironic_pxe_filter: false # Keystone user ironic_keystone_user: "ironic" diff --git a/ansible/group_vars/all/keystone.yml b/ansible/group_vars/all/keystone.yml index 8a644bd82f..a4da55199f 100644 --- a/ansible/group_vars/all/keystone.yml +++ b/ansible/group_vars/all/keystone.yml @@ -77,7 +77,6 @@ keystone_default_user_role: "member" # file: "/full/qualified/path/to/mapping/json/file/to/mappingId3" keystone_identity_providers: [] keystone_identity_mappings: [] - keystone_public_port: "{{ haproxy_single_external_frontend_public_port if haproxy_single_external_frontend | bool else keystone_public_listen_port }}" keystone_public_listen_port: "5000" keystone_internal_port: "5000" diff --git a/ansible/group_vars/all/kuryr.yml b/ansible/group_vars/all/kuryr.yml index 69464a0319..8d6fada178 100644 --- a/ansible/group_vars/all/kuryr.yml +++ b/ansible/group_vars/all/kuryr.yml @@ -1,4 +1,4 @@ --- -enable_kuryr: "no" +enable_kuryr: false kuryr_port: "23750" diff --git a/ansible/group_vars/all/letsencrypt.yml b/ansible/group_vars/all/letsencrypt.yml index 50007e8859..64b5ad9ef8 100644 --- a/ansible/group_vars/all/letsencrypt.yml +++ b/ansible/group_vars/all/letsencrypt.yml @@ -1,5 +1,5 @@ --- -enable_letsencrypt: "no" +enable_letsencrypt: false ##################### # ACME client options diff --git a/ansible/group_vars/all/magnum.yml b/ansible/group_vars/all/magnum.yml index 279e17d986..3d5f0d7c4d 100644 --- a/ansible/group_vars/all/magnum.yml +++ b/ansible/group_vars/all/magnum.yml @@ -1,5 +1,5 @@ --- -enable_magnum: "no" +enable_magnum: false magnum_internal_fqdn: "{{ kolla_internal_fqdn }}" magnum_external_fqdn: "{{ kolla_external_fqdn }}" diff --git a/ansible/group_vars/all/manila.yml b/ansible/group_vars/all/manila.yml index 526707331b..5416e9c72c 100644 --- a/ansible/group_vars/all/manila.yml +++ b/ansible/group_vars/all/manila.yml @@ -1,11 +1,11 @@ --- -enable_manila: "no" -enable_manila_backend_generic: "no" -enable_manila_backend_hnas: "no" -enable_manila_backend_cephfs_native: "no" -enable_manila_backend_cephfs_nfs: "no" -enable_manila_backend_glusterfs_nfs: "no" -enable_manila_backend_flashblade: "no" +enable_manila: false +enable_manila_backend_generic: false +enable_manila_backend_hnas: false +enable_manila_backend_cephfs_native: false +enable_manila_backend_cephfs_nfs: false +enable_manila_backend_glusterfs_nfs: false +enable_manila_backend_flashblade: false ceph_manila_user: "manila" diff --git a/ansible/group_vars/all/mariadb.yml b/ansible/group_vars/all/mariadb.yml index 5a5439fea8..f53f48a870 100644 --- a/ansible/group_vars/all/mariadb.yml +++ b/ansible/group_vars/all/mariadb.yml @@ -1,18 +1,18 @@ --- -enable_mariadb: "yes" -enable_mariabackup: "no" +enable_mariadb: true +enable_mariabackup: false ############################################# # MariaDB component-specific database details ############################################# # Whether to configure haproxy to load balance # the external MariaDB server(s) -enable_external_mariadb_load_balancer: "no" +enable_external_mariadb_load_balancer: false # Whether to use pre-configured databases / users -use_preconfigured_databases: "no" +use_preconfigured_databases: false # whether to use a common, preconfigured user # for all component databases -use_common_mariadb_user: "no" +use_common_mariadb_user: false mariadb_port: "{{ database_port }}" mariadb_wsrep_port: "4567" diff --git a/ansible/group_vars/all/masakari.yml b/ansible/group_vars/all/masakari.yml index 1f3d117e15..c1a29d9d24 100644 --- a/ansible/group_vars/all/masakari.yml +++ b/ansible/group_vars/all/masakari.yml @@ -1,5 +1,5 @@ --- -enable_masakari: "no" +enable_masakari: false enable_masakari_instancemonitor: "{{ enable_masakari | bool }}" enable_masakari_hostmonitor: "{{ enable_masakari | bool }}" diff --git a/ansible/group_vars/all/memcached.yml b/ansible/group_vars/all/memcached.yml index 282138b418..fb2925bf50 100644 --- a/ansible/group_vars/all/memcached.yml +++ b/ansible/group_vars/all/memcached.yml @@ -1,10 +1,10 @@ --- -enable_memcached: "yes" +enable_memcached: true # NOTE: Most memcached clients handle load-balancing via client side # hashing (consistent or not) logic, so going under the covers and messing # with things that the clients are not aware of is generally wrong -enable_haproxy_memcached: "no" +enable_haproxy_memcached: false memcached_port: "11211" memcache_security_strategy: "ENCRYPT" diff --git a/ansible/group_vars/all/mistral.yml b/ansible/group_vars/all/mistral.yml index 2e72f3cc60..2fbce79137 100644 --- a/ansible/group_vars/all/mistral.yml +++ b/ansible/group_vars/all/mistral.yml @@ -1,5 +1,5 @@ --- -enable_mistral: "no" +enable_mistral: false mistral_internal_fqdn: "{{ kolla_internal_fqdn }}" mistral_external_fqdn: "{{ kolla_external_fqdn }}" diff --git a/ansible/group_vars/all/multipathd.yml b/ansible/group_vars/all/multipathd.yml index bae55e51ca..d70afb87ef 100644 --- a/ansible/group_vars/all/multipathd.yml +++ b/ansible/group_vars/all/multipathd.yml @@ -1,2 +1,2 @@ --- -enable_multipathd: "no" +enable_multipathd: false diff --git a/ansible/group_vars/all/neutron.yml b/ansible/group_vars/all/neutron.yml index 2c3b9ca948..8dad06f893 100644 --- a/ansible/group_vars/all/neutron.yml +++ b/ansible/group_vars/all/neutron.yml @@ -1,24 +1,24 @@ --- enable_neutron: "{{ enable_openstack_core | bool }}" -enable_neutron_vpnaas: "no" -enable_neutron_sriov: "no" -enable_neutron_mlnx: "no" -enable_neutron_dvr: "no" -enable_neutron_fwaas: "no" -enable_neutron_qos: "no" -enable_neutron_agent_ha: "no" -enable_neutron_bgp_dragent: "no" -enable_neutron_provider_networks: "no" -enable_neutron_segments: "no" -enable_neutron_packet_logging: "no" -enable_neutron_sfc: "no" -enable_neutron_taas: "no" -enable_neutron_trunk: "no" -enable_neutron_metering: "no" -enable_neutron_infoblox_ipam_agent: "no" -enable_neutron_port_forwarding: "no" -neutron_enable_ovn_agent: "no" +enable_neutron_vpnaas: false +enable_neutron_sriov: false +enable_neutron_mlnx: false +enable_neutron_dvr: false +enable_neutron_fwaas: false +enable_neutron_qos: false +enable_neutron_agent_ha: false +enable_neutron_bgp_dragent: false +enable_neutron_provider_networks: false +enable_neutron_segments: false +enable_neutron_packet_logging: false +enable_neutron_sfc: false +enable_neutron_taas: false +enable_neutron_trunk: false +enable_neutron_metering: false +enable_neutron_infoblox_ipam_agent: false +enable_neutron_port_forwarding: false +neutron_enable_ovn_agent: false neutron_keystone_user: "neutron" @@ -50,7 +50,7 @@ computes_need_external_bridge: "{{ (enable_neutron_dvr | bool and neutron_comput neutron_dnsmasq_dns_servers: "1.1.1.1,8.8.8.8,8.8.4.4" # Enable distributed floating ip for OVN deployments -neutron_ovn_distributed_fip: "no" +neutron_ovn_distributed_fip: false # SRIOV physnet:interface mappings when SRIOV is enabled # "sriovnet1" and tunnel_interface used here as placeholders @@ -60,7 +60,6 @@ neutron_enable_tls_backend: "{{ kolla_enable_tls_backend }}" # Set OVN network availability zones neutron_ovn_availability_zones: [] - neutron_internal_fqdn: "{{ kolla_internal_fqdn }}" neutron_external_fqdn: "{{ kolla_external_fqdn }}" neutron_internal_endpoint: "{{ neutron_internal_fqdn | kolla_url(internal_protocol, neutron_server_port) }}" diff --git a/ansible/group_vars/all/nova.yml b/ansible/group_vars/all/nova.yml index 48811be629..f1996cd73d 100644 --- a/ansible/group_vars/all/nova.yml +++ b/ansible/group_vars/all/nova.yml @@ -1,19 +1,19 @@ --- -enable_cells: "no" +enable_cells: false enable_nova: "{{ enable_openstack_core | bool }}" enable_nova_libvirt_container: "{{ nova_compute_virt_type in ['kvm', 'qemu'] }}" -enable_nova_serialconsole_proxy: "no" -enable_nova_ssh: "yes" +enable_nova_serialconsole_proxy: false +enable_nova_ssh: true ####################### # Nova options ####################### -nova_backend_ceph: "no" +nova_backend_ceph: false nova_backend: "{{ 'rbd' if nova_backend_ceph | bool else 'default' }}" # Valid options are [ kvm, qemu ] nova_compute_virt_type: "kvm" nova_instance_datadir_volume: "{{ 'nova_compute' if enable_nova_libvirt_container | bool else '/var/lib/nova' }}" -nova_safety_upgrade: "no" +nova_safety_upgrade: false # Valid options are [ none, novnc, spice ] nova_console: "novnc" @@ -34,7 +34,7 @@ nova_cell0_database_address: "{{ nova_database_address }}" nova_cell0_database_password: "{{ nova_database_password }}" # Nova fake driver and the number of fake driver per compute node -enable_nova_fake: "no" +enable_nova_fake: false num_nova_fake_per_node: 5 migration_interface: "{{ api_interface }}" diff --git a/ansible/group_vars/all/octavia.yml b/ansible/group_vars/all/octavia.yml index c0a152cf4c..eaff670bc8 100644 --- a/ansible/group_vars/all/octavia.yml +++ b/ansible/group_vars/all/octavia.yml @@ -1,5 +1,5 @@ --- -enable_octavia: "no" +enable_octavia: false enable_octavia_driver_agent: "{{ enable_octavia | bool and neutron_plugin_agent == 'ovn' }}" enable_octavia_jobboard: "{{ enable_octavia | bool and 'amphora' in octavia_provider_drivers }}" diff --git a/ansible/group_vars/all/openvswitch.yml b/ansible/group_vars/all/openvswitch.yml index 731f99d00b..d3cbcd5fdd 100644 --- a/ansible/group_vars/all/openvswitch.yml +++ b/ansible/group_vars/all/openvswitch.yml @@ -1,6 +1,6 @@ --- enable_openvswitch: "{{ enable_neutron | bool }}" -enable_ovs_dpdk: "no" +enable_ovs_dpdk: false ovs_datapath: "{{ 'netdev' if enable_ovs_dpdk | bool else 'system' }}" diff --git a/ansible/group_vars/all/prometheus.yml b/ansible/group_vars/all/prometheus.yml index e372bf6429..f240e0d1cc 100644 --- a/ansible/group_vars/all/prometheus.yml +++ b/ansible/group_vars/all/prometheus.yml @@ -1,5 +1,5 @@ --- -enable_prometheus: "no" +enable_prometheus: false ############ # Prometheus @@ -13,9 +13,9 @@ enable_prometheus_cadvisor: "{{ enable_prometheus | bool }}" enable_prometheus_fluentd_integration: "{{ enable_prometheus | bool and enable_fluentd | bool }}" enable_prometheus_alertmanager: "{{ enable_prometheus | bool }}" enable_prometheus_alertmanager_external: "{{ enable_prometheus_alertmanager | bool }}" -enable_prometheus_ceph_mgr_exporter: "no" +enable_prometheus_ceph_mgr_exporter: false enable_prometheus_openstack_exporter: "{{ enable_prometheus | bool }}" -enable_prometheus_openstack_exporter_external: "no" +enable_prometheus_openstack_exporter_external: false enable_prometheus_elasticsearch_exporter: "{{ enable_prometheus | bool and enable_opensearch | bool }}" enable_prometheus_blackbox_exporter: "{{ enable_prometheus | bool }}" enable_prometheus_rabbitmq_exporter: "{{ enable_prometheus | bool and enable_rabbitmq | bool }}" diff --git a/ansible/group_vars/all/rabbitmq.yml b/ansible/group_vars/all/rabbitmq.yml index 4773c14445..9e18951874 100644 --- a/ansible/group_vars/all/rabbitmq.yml +++ b/ansible/group_vars/all/rabbitmq.yml @@ -7,7 +7,7 @@ enable_rabbitmq: "{{ 'yes' if om_rpc_transport == 'rabbit' or om_notify_transpor rabbitmq_user: "openstack" rabbitmq_monitoring_user: "" # Whether to enable TLS encryption for RabbitMQ client-server communication. -rabbitmq_enable_tls: "no" +rabbitmq_enable_tls: false # CA certificate bundle in RabbitMQ container. rabbitmq_cacert: "/etc/ssl/certs/{{ 'ca-certificates.crt' if kolla_base_distro in ['debian', 'ubuntu'] else 'ca-bundle.crt' }}" rabbitmq_datadir_volume: "rabbitmq" diff --git a/ansible/group_vars/all/skyline.yml b/ansible/group_vars/all/skyline.yml index 56225268a0..d3b92446da 100644 --- a/ansible/group_vars/all/skyline.yml +++ b/ansible/group_vars/all/skyline.yml @@ -1,5 +1,5 @@ --- -enable_skyline: "no" +enable_skyline: false skyline_apiserver_internal_fqdn: "{{ kolla_internal_fqdn }}" skyline_apiserver_external_fqdn: "{{ kolla_external_fqdn }}" diff --git a/ansible/group_vars/all/tacker.yml b/ansible/group_vars/all/tacker.yml index 936f5fbeab..66791e83f1 100644 --- a/ansible/group_vars/all/tacker.yml +++ b/ansible/group_vars/all/tacker.yml @@ -1,5 +1,5 @@ --- -enable_tacker: "no" +enable_tacker: false tacker_internal_fqdn: "{{ kolla_internal_fqdn }}" tacker_external_fqdn: "{{ kolla_external_fqdn }}" diff --git a/ansible/group_vars/all/telegraf.yml b/ansible/group_vars/all/telegraf.yml index 1ad350fd98..00d9e4be48 100644 --- a/ansible/group_vars/all/telegraf.yml +++ b/ansible/group_vars/all/telegraf.yml @@ -1,9 +1,9 @@ --- -enable_telegraf: "no" +enable_telegraf: false ########## # Telegraf ########## # Configure telegraf to use the docker daemon itself as an input for # telemetry data. -telegraf_enable_docker_input: "no" +telegraf_enable_docker_input: false diff --git a/ansible/group_vars/all/trove.yml b/ansible/group_vars/all/trove.yml index 420efad5e5..1305065774 100644 --- a/ansible/group_vars/all/trove.yml +++ b/ansible/group_vars/all/trove.yml @@ -1,6 +1,6 @@ --- -enable_trove: "no" -enable_trove_singletenant: "no" +enable_trove: false +enable_trove_singletenant: false trove_internal_fqdn: "{{ kolla_internal_fqdn }}" trove_external_fqdn: "{{ kolla_external_fqdn }}" diff --git a/ansible/group_vars/all/valkey.yml b/ansible/group_vars/all/valkey.yml index c970de6cec..8c69f70f89 100644 --- a/ansible/group_vars/all/valkey.yml +++ b/ansible/group_vars/all/valkey.yml @@ -1,5 +1,5 @@ --- -enable_valkey: "no" +enable_valkey: false valkey_connection_string: >- redis://{%- diff --git a/ansible/group_vars/all/watcher.yml b/ansible/group_vars/all/watcher.yml index 87d919c8f6..723876bc3a 100644 --- a/ansible/group_vars/all/watcher.yml +++ b/ansible/group_vars/all/watcher.yml @@ -1,5 +1,5 @@ --- -enable_watcher: "no" +enable_watcher: false watcher_internal_fqdn: "{{ kolla_internal_fqdn }}" watcher_external_fqdn: "{{ kolla_external_fqdn }}" diff --git a/ansible/group_vars/all/zun.yml b/ansible/group_vars/all/zun.yml index ed10ea5462..1d767401ce 100644 --- a/ansible/group_vars/all/zun.yml +++ b/ansible/group_vars/all/zun.yml @@ -1,16 +1,15 @@ --- -enable_zun: "no" +enable_zun: false # Extra docker options for Zun -docker_configure_for_zun: "no" +docker_configure_for_zun: false docker_zun_options: -H tcp://{{ api_interface_address | put_address_in_context('url') }}:2375 docker_zun_config: {} - # Extra containerd options for Zun -containerd_configure_for_zun: "no" +containerd_configure_for_zun: false # Enable Ceph backed Cinder Volumes for zun -zun_configure_for_cinder_ceph: "no" +zun_configure_for_cinder_ceph: false # 42463 is the static group id of the zun user in the Zun image. # If users customize this value on building the Zun images, diff --git a/ansible/kolla-host.yml b/ansible/kolla-host.yml index 37ab5cc1de..d50bd2f679 100644 --- a/ansible/kolla-host.yml +++ b/ansible/kolla-host.yml @@ -10,5 +10,5 @@ default(kolla_max_fail_percentage) | default(100) }} roles: - - { role: openstack.kolla.baremetal, - tags: baremetal } + - role: openstack.kolla.baremetal + tags: baremetal diff --git a/ansible/mariadb.yml b/ansible/mariadb.yml index ab1c90b0f7..2e63236ece 100644 --- a/ansible/mariadb.yml +++ b/ansible/mariadb.yml @@ -4,7 +4,7 @@ gather_facts: false hosts: - mariadb - - '&enable_mariadb_True' + - "&enable_mariadb_True" max_fail_percentage: >- {{ mariadb_max_fail_percentage | default(kolla_max_fail_percentage) | @@ -19,7 +19,7 @@ gather_facts: false hosts: - mariadb_restart - - '&enable_mariadb_True' + - "&enable_mariadb_True" # Restart in batches serial: "33%" max_fail_percentage: >- @@ -37,7 +37,7 @@ gather_facts: false hosts: - mariadb_start - - '&enable_mariadb_True' + - "&enable_mariadb_True" # Start in batches serial: "33%" max_fail_percentage: >- @@ -55,7 +55,7 @@ gather_facts: false hosts: - mariadb_bootstrap_restart - - '&enable_mariadb_True' + - "&enable_mariadb_True" max_fail_percentage: >- {{ mariadb_max_fail_percentage | default(kolla_max_fail_percentage) | @@ -71,7 +71,7 @@ gather_facts: false hosts: - mariadb - - '&enable_mariadb_True' + - "&enable_mariadb_True" max_fail_percentage: >- {{ mariadb_max_fail_percentage | default(kolla_max_fail_percentage) | diff --git a/ansible/mariadb_backup.yml b/ansible/mariadb_backup.yml index dbe6070c2f..371991c865 100644 --- a/ansible/mariadb_backup.yml +++ b/ansible/mariadb_backup.yml @@ -6,6 +6,6 @@ default(kolla_max_fail_percentage) | default(100) }} roles: - - { role: mariadb, - tags: mariadb, - when: enable_mariabackup | bool } + - role: mariadb + tags: mariadb + when: enable_mariabackup | bool diff --git a/ansible/mariadb_recovery.yml b/ansible/mariadb_recovery.yml index a3d72d40dd..6f69867db6 100644 --- a/ansible/mariadb_recovery.yml +++ b/ansible/mariadb_recovery.yml @@ -6,8 +6,8 @@ default(kolla_max_fail_percentage) | default(100) }} roles: - - { role: mariadb, - tags: mariadb, - when: enable_mariadb | bool } + - role: mariadb + tags: mariadb + when: enable_mariadb | bool vars: mariadb_recover: true diff --git a/ansible/nova.yml b/ansible/nova.yml index c41d854075..cff3a52c3b 100644 --- a/ansible/nova.yml +++ b/ansible/nova.yml @@ -30,7 +30,7 @@ gather_facts: false hosts: - nova-api - - '&enable_nova_True' + - "&enable_nova_True" tags: - nova - nova-bootstrap @@ -68,7 +68,7 @@ gather_facts: false hosts: - nova-conductor - - '&enable_nova_True' + - "&enable_nova_True" tags: - nova - nova-bootstrap @@ -106,7 +106,7 @@ - nova-api - nova-scheduler - nova-super-conductor - - '&enable_nova_True' + - "&enable_nova_True" tags: - nova - nova-api @@ -131,7 +131,7 @@ - nova-novncproxy - nova-serialproxy - nova-spicehtml5proxy - - '&enable_nova_True' + - "&enable_nova_True" tags: - nova - nova-cell @@ -153,7 +153,7 @@ gather_facts: false hosts: - nova-scheduler - - '&enable_nova_True' + - "&enable_nova_True" tags: - nova - nova-api @@ -181,7 +181,7 @@ gather_facts: false hosts: - nova-super-conductor - - '&enable_nova_True' + - "&enable_nova_True" tags: - nova - nova-reload @@ -209,7 +209,7 @@ - nova-novncproxy - nova-serialproxy - nova-spicehtml5proxy - - '&enable_nova_True' + - "&enable_nova_True" tags: - nova - nova-reload @@ -233,7 +233,7 @@ hosts: - nova-api - nova-scheduler - - '&enable_nova_True' + - "&enable_nova_True" tags: - nova - nova-reload @@ -259,7 +259,7 @@ gather_facts: false hosts: - nova-api - - '&enable_nova_True' + - "&enable_nova_True" tags: - nova - nova-api @@ -284,7 +284,7 @@ gather_facts: false hosts: - nova-conductor - - '&enable_nova_True' + - "&enable_nova_True" tags: - nova - nova-cell diff --git a/ansible/post-deploy.yml b/ansible/post-deploy.yml index 3629b1d3dc..ba009aba04 100644 --- a/ansible/post-deploy.yml +++ b/ansible/post-deploy.yml @@ -1,7 +1,7 @@ --- - name: Determining whether we need become=true hosts: localhost - gather_facts: no + gather_facts: false tasks: - name: Get stats of {{ node_config }} stat: diff --git a/ansible/rabbitmq.yml b/ansible/rabbitmq.yml index 6b405cc626..f21f6b9e83 100644 --- a/ansible/rabbitmq.yml +++ b/ansible/rabbitmq.yml @@ -4,7 +4,7 @@ gather_facts: false hosts: - rabbitmq - - '&enable_rabbitmq_True' + - "&enable_rabbitmq_True" max_fail_percentage: >- {{ rabbitmq_max_fail_percentage | default(kolla_max_fail_percentage) | @@ -15,23 +15,23 @@ - import_role: name: rabbitmq vars: - role_rabbitmq_cluster_cookie: '{{ rabbitmq_cluster_cookie }}' - role_rabbitmq_cluster_port: '{{ rabbitmq_cluster_port }}' - role_rabbitmq_epmd_port: '{{ rabbitmq_epmd_port }}' + role_rabbitmq_cluster_cookie: "{{ rabbitmq_cluster_cookie }}" + role_rabbitmq_cluster_port: "{{ rabbitmq_cluster_port }}" + role_rabbitmq_epmd_port: "{{ rabbitmq_epmd_port }}" role_rabbitmq_groups: rabbitmq - role_rabbitmq_management_port: '{{ rabbitmq_management_port }}' - role_rabbitmq_monitoring_password: '{{ rabbitmq_monitoring_password }}' - role_rabbitmq_monitoring_user: '{{ rabbitmq_monitoring_user }}' - role_rabbitmq_password: '{{ rabbitmq_password }}' - role_rabbitmq_port: '{{ rabbitmq_port }}' - role_rabbitmq_prometheus_port: '{{ rabbitmq_prometheus_port }}' - role_rabbitmq_user: '{{ rabbitmq_user }}' + role_rabbitmq_management_port: "{{ rabbitmq_management_port }}" + role_rabbitmq_monitoring_password: "{{ rabbitmq_monitoring_password }}" + role_rabbitmq_monitoring_user: "{{ rabbitmq_monitoring_user }}" + role_rabbitmq_password: "{{ rabbitmq_password }}" + role_rabbitmq_port: "{{ rabbitmq_port }}" + role_rabbitmq_prometheus_port: "{{ rabbitmq_prometheus_port }}" + role_rabbitmq_user: "{{ rabbitmq_user }}" - name: Restart rabbitmq services gather_facts: false hosts: - rabbitmq_restart - - '&enable_rabbitmq_True' + - "&enable_rabbitmq_True" # Restart in batches serial: "33%" max_fail_percentage: >- @@ -45,14 +45,14 @@ name: rabbitmq tasks_from: restart_services.yml vars: - role_rabbitmq_cluster_cookie: '{{ rabbitmq_cluster_cookie }}' + role_rabbitmq_cluster_cookie: "{{ rabbitmq_cluster_cookie }}" role_rabbitmq_groups: rabbitmq - name: Apply rabbitmq post-configuration gather_facts: false hosts: - rabbitmq - - '&enable_rabbitmq_True' + - "&enable_rabbitmq_True" max_fail_percentage: >- {{ rabbitmq_max_fail_percentage | default(kolla_max_fail_percentage) | @@ -66,5 +66,5 @@ tasks_from: post-deploy.yml when: kolla_action in ['deploy', 'reconfigure', 'upgrade'] vars: - role_rabbitmq_cluster_cookie: '{{ rabbitmq_cluster_cookie }}' + role_rabbitmq_cluster_cookie: "{{ rabbitmq_cluster_cookie }}" role_rabbitmq_groups: rabbitmq diff --git a/ansible/roles/cinder/defaults/main.yml b/ansible/roles/cinder/defaults/main.yml index dfcd5c19fa..10112fc350 100644 --- a/ansible/roles/cinder/defaults/main.yml +++ b/ansible/roles/cinder/defaults/main.yml @@ -42,7 +42,7 @@ cinder_services: group: cinder-volume enabled: true image: "{{ cinder_volume_image_full }}" - privileged: True + privileged: true ipc_mode: "host" tmpfs: "{{ cinder_volume_tmpfs }}" volumes: "{{ cinder_volume_default_volumes + cinder_volume_extra_volumes + lookup('vars', 'run_default_volumes_' + kolla_container_engine) }}" diff --git a/ansible/roles/common/defaults/main.yml b/ansible/roles/common/defaults/main.yml index 715b335897..0facf9f85c 100644 --- a/ansible/roles/common/defaults/main.yml +++ b/ansible/roles/common/defaults/main.yml @@ -3,13 +3,13 @@ common_services: kolla-toolbox: container_name: kolla_toolbox group: kolla-toolbox - enabled: True + enabled: true image: "{{ kolla_toolbox_image_full }}" environment: ANSIBLE_NOCOLOR: "1" ANSIBLE_LIBRARY: "/usr/share/ansible" REQUESTS_CA_BUNDLE: "{{ openstack_cacert }}" - privileged: True + privileged: true volumes: "{{ kolla_toolbox_default_volumes + kolla_toolbox_extra_volumes + lookup('vars', 'run_default_volumes_' + kolla_container_engine) }}" dimensions: "{{ kolla_toolbox_dimensions }}" @@ -29,7 +29,7 @@ kolla_toolbox_default_volumes: - "/etc/localtime:/etc/localtime:ro" - "{{ '/etc/timezone:/etc/timezone:ro' if ansible_facts.os_family == 'Debian' else '' }}" - "/dev/:/dev/" - - "/run/:/run/{{ ':shared' if kolla_container_engine == 'docker' else '' }}" # see: https://github.com/containers/podman/issues/16305 + - "/run/:/run/{{ ':shared' if kolla_container_engine == 'docker' else '' }}" # see: https://github.com/containers/podman/issues/16305 - "kolla_logs:/var/log/kolla/" kolla_toolbox_extra_volumes: "{{ default_extra_volumes }}" diff --git a/ansible/roles/etcd/handlers/main.yml b/ansible/roles/etcd/handlers/main.yml index 539883fd2b..b1bb605e90 100644 --- a/ansible/roles/etcd/handlers/main.yml +++ b/ansible/roles/etcd/handlers/main.yml @@ -1,13 +1,13 @@ --- - name: Bootstrap etcd on new cluster - include_tasks: 'bootstrap_cluster.yml' + include_tasks: "bootstrap_cluster.yml" when: - kolla_action != "config" listen: - Bootstrap etcd cluster - name: Look up the cluster leader - include_tasks: 'lookup_leader.yml' + include_tasks: "lookup_leader.yml" listen: - Restart etcd container - Bootstrap etcd services @@ -15,7 +15,7 @@ - Check for deleted members - name: Bootstrap etcd on new services - include_tasks: 'bootstrap_services.yml' + include_tasks: "bootstrap_services.yml" when: - groups.etcd_had_volume_False is defined - inventory_hostname in groups.etcd_had_volume_False @@ -25,7 +25,7 @@ # When upgrading an etcd cluster we have to do it one by one - name: Upgrade etcd non-leaders - include_tasks: 'restart_services.yml' + include_tasks: "restart_services.yml" when: - inventory_hostname not in (groups.etcd_is_leader_True | default([])) - kolla_action == "upgrade" @@ -36,7 +36,7 @@ # When there is no upgrade we can restart 25% of the services without # losing quorum. - name: Rolling restart of etcd non-leaders - include_tasks: 'restart_services.yml' + include_tasks: "restart_services.yml" when: - inventory_hostname not in (groups.etcd_is_leader_True | default([])) - groups.etcd.index(inventory_hostname) % 4 == item @@ -52,7 +52,7 @@ - 3 - name: Restart etcd leader - include_tasks: 'restart_services.yml' + include_tasks: "restart_services.yml" when: - inventory_hostname in (groups.etcd_is_leader_True | default([])) listen: @@ -61,7 +61,7 @@ - Bootstrap etcd cluster - name: Remove deleted members - include_tasks: 'remove_deleted_members.yml' + include_tasks: "remove_deleted_members.yml" when: - kolla_action != "config" listen: diff --git a/ansible/roles/horizon/defaults/main.yml b/ansible/roles/horizon/defaults/main.yml index 01a6e3082a..762899830b 100644 --- a/ansible/roles/horizon/defaults/main.yml +++ b/ansible/roles/horizon/defaults/main.yml @@ -162,7 +162,7 @@ horizon_source_version: "{{ kolla_source_version }}" # In some cases, such as when using OIDC, horizon will need to be configured with Keystone's public URL. # Therefore, instead of overriding the whole "horizon_keystone_url", this change allows an easier integration because # the Keystone public URL is already defined with variable "keystone_public_url". -horizon_use_keystone_public_url: False +horizon_use_keystone_public_url: false ################### # Copy certificates diff --git a/ansible/roles/ironic/tasks/precheck.yml b/ansible/roles/ironic/tasks/precheck.yml index ec69c8f958..c066c47b58 100644 --- a/ansible/roles/ironic/tasks/precheck.yml +++ b/ansible/roles/ironic/tasks/precheck.yml @@ -72,7 +72,7 @@ msg: > ironic_dnsmasq_dhcp_ranges must be a list connection: local - run_once: True + run_once: true when: - enable_ironic_dnsmasq | bool - not ironic_dnsmasq_dhcp_ranges is sequence diff --git a/ansible/roles/keystone/defaults/main.yml b/ansible/roles/keystone/defaults/main.yml index 0b98275f8c..86bf9094c9 100644 --- a/ansible/roles/keystone/defaults/main.yml +++ b/ansible/roles/keystone/defaults/main.yml @@ -274,8 +274,8 @@ horizon_trusted_dashboards: "{{ ['%s://%s/auth/websso/' % (public_protocol, koll skyline_trusted_dashboards: "{{ ['%s/api/openstack/skyline/api/v1/websso' % (skyline_console_public_endpoint)] if enable_skyline | bool else [] }}" keystone_trusted_dashboards: "{{ horizon_trusted_dashboards + skyline_trusted_dashboards }}" keystone_enable_federation_openid: "{{ enable_keystone_federation | bool and keystone_identity_providers | selectattr('protocol', 'equalto', 'openid') | list | count > 0 }}" -keystone_should_remove_attribute_mappings: False -keystone_should_remove_identity_providers: False +keystone_should_remove_attribute_mappings: false +keystone_should_remove_identity_providers: false keystone_federation_oidc_response_type: "id_token" # can be set to any supported headers, according to # https://github.com/OpenIDC/mod_auth_openidc/blob/ea3af872dcdbb4634a7e541c5e8c7326dafbb090/auth_openidc.conf diff --git a/ansible/roles/letsencrypt/defaults/main.yml b/ansible/roles/letsencrypt/defaults/main.yml index 089b8d944b..05afa1cd92 100644 --- a/ansible/roles/letsencrypt/defaults/main.yml +++ b/ansible/roles/letsencrypt/defaults/main.yml @@ -15,7 +15,6 @@ letsencrypt_services: volumes: "{{ letsencrypt_webserver_default_volumes + letsencrypt_webserver_extra_volumes }}" dimensions: "{{ letsencrypt_webserver_dimensions }}" - ############## # LetsEncrypt ############## diff --git a/ansible/roles/magnum/defaults/main.yml b/ansible/roles/magnum/defaults/main.yml index d723571ce5..c6d3a89993 100644 --- a/ansible/roles/magnum/defaults/main.yml +++ b/ansible/roles/magnum/defaults/main.yml @@ -72,7 +72,7 @@ magnum_database_shard: #################### # Magnum #################### -enable_cluster_user_trust: False +enable_cluster_user_trust: false # The default cinder volume type to be used for container storage volume in clusters # that specify the docker-volume-size option. For example gp1, io1 etc default_docker_volume_type: "" diff --git a/ansible/roles/nova-cell/tasks/create_cells.yml b/ansible/roles/nova-cell/tasks/create_cells.yml index 66c7f18759..0d6f0fafec 100644 --- a/ansible/roles/nova-cell/tasks/create_cells.yml +++ b/ansible/roles/nova-cell/tasks/create_cells.yml @@ -11,7 +11,7 @@ action: "start_container" command: bash -c 'sudo -E kolla_set_configs && sudo kolla_copy_cacerts && nova-manage cell_v2 create_cell{% if nova_cell_name %} --name {{ nova_cell_name }}{% endif %}' common_options: "{{ docker_common_options }}" - detach: False + detach: false image: "{{ nova_conductor.image }}" labels: BOOTSTRAP: @@ -37,7 +37,7 @@ action: "start_container" command: "bash -c 'sudo -E kolla_set_configs && sudo kolla_copy_cacerts && nova-manage cell_v2 update_cell --cell_uuid {{ nova_cell_settings.cell_uuid }}'" common_options: "{{ docker_common_options }}" - detach: False + detach: false image: "{{ nova_conductor.image }}" labels: BOOTSTRAP: diff --git a/ansible/roles/nova-cell/tasks/discover_computes.yml b/ansible/roles/nova-cell/tasks/discover_computes.yml index b49285b7e6..99a2b0627f 100644 --- a/ansible/roles/nova-cell/tasks/discover_computes.yml +++ b/ansible/roles/nova-cell/tasks/discover_computes.yml @@ -19,4 +19,4 @@ become: true command: > {{ kolla_container_engine }} exec -t nova_conductor nova-manage cell_v2 discover_hosts --by-service --cell_uuid {{ nova_cell_settings.cell_uuid }} - changed_when: False + changed_when: false diff --git a/ansible/roles/nova-cell/tasks/external_ceph.yml b/ansible/roles/nova-cell/tasks/external_ceph.yml index 9f4fe9cbc6..dc20c6ad1e 100644 --- a/ansible/roles/nova-cell/tasks/external_ceph.yml +++ b/ansible/roles/nova-cell/tasks/external_ceph.yml @@ -202,4 +202,4 @@ result: "{{ cinder_cephx_raw_key | default }}" enabled: "{{ cinder_backend_ceph }}" notify: "{{ libvirt_restart_handlers }}" - no_log: True + no_log: true diff --git a/ansible/roles/nova/tasks/map_cell0.yml b/ansible/roles/nova/tasks/map_cell0.yml index 69a1204fd8..e9acab03dc 100644 --- a/ansible/roles/nova/tasks/map_cell0.yml +++ b/ansible/roles/nova/tasks/map_cell0.yml @@ -1,5 +1,5 @@ --- -- run_once: True +- run_once: true delegate_to: "{{ groups[nova_api.group][0] }}" block: - name: Create cell0 mappings @@ -11,7 +11,7 @@ action: "start_container" command: bash -c 'sudo -E kolla_set_configs && sudo -E kolla_copy_cacerts && nova-manage cell_v2 map_cell0 --database_connection {{ nova_cell0_connection }}' common_options: "{{ docker_common_options }}" - detach: False + detach: false image: "{{ nova_api.image }}" labels: BOOTSTRAP: @@ -48,7 +48,7 @@ --database_connection {{ nova_cell0_connection }} --transport-url {{ nova_cell0_transport_url }}' common_options: "{{ docker_common_options }}" - detach: False + detach: false image: "{{ nova_api.image }}" labels: BOOTSTRAP: diff --git a/ansible/roles/octavia/defaults/main.yml b/ansible/roles/octavia/defaults/main.yml index e683e67669..4930a07688 100644 --- a/ansible/roles/octavia/defaults/main.yml +++ b/ansible/roles/octavia/defaults/main.yml @@ -326,7 +326,7 @@ octavia_user_auth: # - vcpus octavia_amp_flavor: name: "amphora" - is_public: no + is_public: false vcpus: 1 ram: 1024 disk: 5 @@ -380,8 +380,8 @@ octavia_amp_network: subnet: name: lb-mgmt-subnet cidr: "{{ octavia_amp_network_cidr }}" - no_gateway_ip: yes - enable_dhcp: yes + no_gateway_ip: true + enable_dhcp: true # Octavia management network subnet CIDR. octavia_amp_network_cidr: 10.1.0.0/24 diff --git a/ansible/roles/opensearch/defaults/main.yml b/ansible/roles/opensearch/defaults/main.yml index f8b45f5b83..f2c13bf686 100644 --- a/ansible/roles/opensearch/defaults/main.yml +++ b/ansible/roles/opensearch/defaults/main.yml @@ -58,7 +58,7 @@ opensearch_services: #################### # Register Opensearch internal endpoint in the Keystone service catalogue -opensearch_enable_keystone_registration: False +opensearch_enable_keystone_registration: false opensearch_cluster_name: "kolla_logging" opensearch_heap_size: "1g" diff --git a/ansible/roles/openvswitch/tasks/config-host.yml b/ansible/roles/openvswitch/tasks/config-host.yml index dfd4f8cff4..250a7b66a0 100644 --- a/ansible/roles/openvswitch/tasks/config-host.yml +++ b/ansible/roles/openvswitch/tasks/config-host.yml @@ -10,7 +10,7 @@ # as a error, so it has to be created beforehand. # See: https://github.com/containers/podman/issues/14781 - name: Create /run/openvswitch directory on host - become: True + become: true file: path: /run/openvswitch state: directory diff --git a/ansible/roles/ovn-controller/tasks/setup-ovs.yml b/ansible/roles/ovn-controller/tasks/setup-ovs.yml index 49325aa0c3..5c037b4c72 100644 --- a/ansible/roles/ovn-controller/tasks/setup-ovs.yml +++ b/ansible/roles/ovn-controller/tasks/setup-ovs.yml @@ -15,13 +15,15 @@ # Format: physnet1:br1,physnet2:br2 ovn_mappings: "{{ neutron_physical_networks.split(',') | zip(neutron_bridge_name.split(',')) | map('join', ':') | join(',') }}" # Format: physnet1:00:11:22:33:44:55,physnet2:00:11:22:33:44:56 - ovn_macs: "{% for physnet, bridge in neutron_physical_networks.split(',') | zip(neutron_bridge_name.split(',')) %}{{ physnet }}:{{ ovn_base_mac | random_mac(seed=inventory_hostname + bridge) }}{% if not loop.last %},{% endif %}{% endfor %}" + ovn_macs: "{% for physnet, bridge in neutron_physical_networks.split(',') | zip(neutron_bridge_name.split(',')) %}{{ physnet }}:{{ ovn_base_mac | random_mac(seed=inventory_hostname + + bridge) }}{% if not loop.last %},{% endif %}{% endfor %}" ovn_cms_opts: >- {{ ( [] + ( ['enable-chassis-as-gw'] if inventory_hostname in groups['ovn-controller-network'] else [] ) - + ( ['availability-zones=' + neutron_ovn_availability_zones | join(':')] if inventory_hostname in groups['ovn-controller-network'] and neutron_ovn_availability_zones else [] ) + + ( ['availability-zones=' + neutron_ovn_availability_zones | join(':')] if inventory_hostname in groups['ovn-controller-network'] and neutron_ovn_availability_zones + else [] ) ) | join(',') }} become: true @@ -43,7 +45,11 @@ - { name: ovn-remote-probe-interval, value: "{{ ovn_remote_probe_interval }}" } - { name: ovn-openflow-probe-interval, value: "{{ ovn_openflow_probe_interval }}" } - { name: ovn-monitor-all, value: "{{ ovn_monitor_all | bool }}" } - - { name: ovn-bridge-mappings, value: "{{ ovn_mappings }}", state: "{{ 'present' if (inventory_hostname in groups['ovn-controller-network'] or computes_need_external_bridge | bool) else 'absent' }}" } - - { name: ovn-chassis-mac-mappings, value: "{{ ovn_macs }}", state: "{{ 'present' if inventory_hostname in groups['ovn-controller-compute'] else 'absent' }}" } + - name: ovn-bridge-mappings + value: "{{ ovn_mappings }}" + state: "{{ 'present' if (inventory_hostname in groups['ovn-controller-network'] or computes_need_external_bridge | bool) else 'absent' }}" + - name: ovn-chassis-mac-mappings + value: "{{ ovn_macs }}" + state: "{{ 'present' if inventory_hostname in groups['ovn-controller-compute'] else 'absent' }}" - { name: ovn-cms-options, value: "{{ ovn_cms_opts }}", state: "{{ 'present' if ovn_cms_opts != '' else 'absent' }}" } when: inventory_hostname in groups.get('ovn-controller', []) diff --git a/ansible/roles/valkey/tasks/upgrade.yml b/ansible/roles/valkey/tasks/upgrade.yml index 0fa7338875..0de57486a5 100644 --- a/ansible/roles/valkey/tasks/upgrade.yml +++ b/ansible/roles/valkey/tasks/upgrade.yml @@ -17,7 +17,6 @@ - name: Perform Redis to Valkey migration steps when: redis_container_facts.containers['redis'] is defined block: - - name: Set temporary Valkey migration vars set_fact: valkey_server_port: "6380" @@ -120,7 +119,6 @@ valkey_sentinel_monitor_name: "kolla" _valkey_migration: false - - name: Reconfigure/Redeploy Valkey on default ports import_tasks: reconfigure.yml diff --git a/ansible/site.yml b/ansible/site.yml index ad7ac1854f..1a05fbc56a 100644 --- a/ansible/site.yml +++ b/ansible/site.yml @@ -132,7 +132,7 @@ gather_facts: false hosts: - loadbalancer - - '&enable_loadbalancer_True' + - "&enable_loadbalancer_True" serial: '{{ kolla_serial|default("0") }}' max_fail_percentage: >- {{ loadbalancer_max_fail_percentage | @@ -351,85 +351,79 @@ gather_facts: false hosts: - opensearch - - '&enable_opensearch_True' + - "&enable_opensearch_True" serial: '{{ kolla_serial|default("0") }}' max_fail_percentage: >- {{ opensearch_max_fail_percentage | default(kolla_max_fail_percentage) | default(100) }} roles: - - { role: opensearch, - tags: opensearch } + - { role: opensearch, tags: opensearch } - name: Apply role letsencrypt gather_facts: false hosts: - letsencrypt - - '&enable_letsencrypt_True' + - "&enable_letsencrypt_True" serial: '{{ kolla_serial|default("0") }}' max_fail_percentage: >- {{ letsencrypt_max_fail_percentage | default(kolla_max_fail_percentage) | default(100) }} roles: - - { role: letsencrypt, - tags: letsencrypt } + - { role: letsencrypt, tags: letsencrypt } - name: Apply role collectd gather_facts: false hosts: - collectd - - '&enable_collectd_True' + - "&enable_collectd_True" serial: '{{ kolla_serial|default("0") }}' max_fail_percentage: >- {{ collectd_max_fail_percentage | default(kolla_max_fail_percentage) | default(100) }} roles: - - { role: collectd, - tags: collectd } + - { role: collectd, tags: collectd } - name: Apply role influxdb gather_facts: false hosts: - influxdb - - '&enable_influxdb_True' + - "&enable_influxdb_True" serial: '{{ kolla_serial|default("0") }}' max_fail_percentage: >- {{ influxdb_max_fail_percentage | default(kolla_max_fail_percentage) | default(100) }} roles: - - { role: influxdb, - tags: influxdb } + - { role: influxdb, tags: influxdb } - name: Apply role telegraf gather_facts: false hosts: - telegraf - - '&enable_telegraf_True' + - "&enable_telegraf_True" serial: '{{ kolla_serial|default("0") }}' max_fail_percentage: >- {{ telegraf_max_fail_percentage | default(kolla_max_fail_percentage) | default(100) }} roles: - - { role: telegraf, - tags: telegraf } + - { role: telegraf, tags: telegraf } - name: Apply role valkey gather_facts: false hosts: - valkey - - '&enable_valkey_True' + - "&enable_valkey_True" serial: '{{ kolla_serial|default("0") }}' max_fail_percentage: >- {{ valkey_max_fail_percentage | default(kolla_max_fail_percentage) | default(100) }} roles: - - { role: valkey, - tags: valkey } + - { role: valkey, tags: valkey } # MariaDB deployment is more complicated than other services, so is covered in # its own playbook. @@ -439,15 +433,14 @@ gather_facts: false hosts: - memcached - - '&enable_memcached_True' + - "&enable_memcached_True" serial: '{{ kolla_serial|default("0") }}' max_fail_percentage: >- {{ memcached_max_fail_percentage | default(kolla_max_fail_percentage) | default(100) }} roles: - - { role: memcached, - tags: [memcache, memcached] } + - { role: memcached, tags: [memcache, memcached] } - name: Apply role prometheus gather_facts: false @@ -460,60 +453,55 @@ - prometheus-elasticsearch-exporter - prometheus-blackbox-exporter - prometheus-libvirt-exporter - - '&enable_prometheus_True' + - "&enable_prometheus_True" serial: '{{ kolla_serial|default("0") }}' max_fail_percentage: >- {{ prometheus_max_fail_percentage | default(kolla_max_fail_percentage) | default(100) }} roles: - - { role: prometheus, - tags: prometheus } + - { role: prometheus, tags: prometheus } - name: Apply role prometheus-node-exporters gather_facts: false hosts: - prometheus-node-exporter - prometheus-cadvisor - - '&enable_prometheus_True' + - "&enable_prometheus_True" serial: '{{ kolla_serial|default("0") }}' max_fail_percentage: >- {{ prometheus_node_exporters_max_fail_percentage | default(kolla_max_fail_percentage) | default(100) }} roles: - - { role: prometheus-node-exporters, - tags: [prometheus, prometheus-node-exporters], - when: enable_prometheus | bool } + - { role: prometheus-node-exporters, tags: [prometheus, prometheus-node-exporters], when: enable_prometheus | bool } - name: Apply role iscsi gather_facts: false hosts: - iscsid - tgtd - - '&enable_iscsid_True' + - "&enable_iscsid_True" serial: '{{ kolla_serial|default("0") }}' max_fail_percentage: >- {{ iscsid_max_fail_percentage | default(kolla_max_fail_percentage) | default(100) }} roles: - - { role: iscsi, - tags: iscsi } + - { role: iscsi, tags: iscsi } - name: Apply role multipathd gather_facts: false hosts: - multipathd - - '&enable_multipathd_True' + - "&enable_multipathd_True" serial: '{{ kolla_serial|default("0") }}' max_fail_percentage: >- {{ multipathd_max_fail_percentage | default(kolla_max_fail_percentage) | default(100) }} roles: - - { role: multipathd, - tags: multipathd } + - { role: multipathd, tags: multipathd } - import_playbook: rabbitmq.yml @@ -521,28 +509,26 @@ gather_facts: false hosts: - etcd - - '&enable_etcd_True' + - "&enable_etcd_True" max_fail_percentage: >- {{ etcd_max_fail_percentage | default(kolla_max_fail_percentage) | default(100) }} roles: - - { role: etcd, - tags: etcd } + - { role: etcd, tags: etcd } - name: Apply role keystone gather_facts: false hosts: - keystone - - '&enable_keystone_True' + - "&enable_keystone_True" serial: '{{ kolla_serial|default("0") }}' max_fail_percentage: >- {{ keystone_max_fail_percentage | default(kolla_max_fail_percentage) | default(100) }} roles: - - { role: keystone, - tags: keystone } + - { role: keystone, tags: keystone } - name: Apply role ceph-rgw gather_facts: false @@ -550,29 +536,27 @@ # NOTE(mgoddard): This is only used to register Keystone services, and # can run on any host running kolla-toolbox. - kolla-toolbox - - '&enable_ceph_rgw_True' + - "&enable_ceph_rgw_True" serial: '{{ kolla_serial|default("0") }}' max_fail_percentage: >- {{ ceph_rgw_max_fail_percentage | default(kolla_max_fail_percentage) | default(100) }} roles: - - { role: ceph-rgw, - tags: ceph-rgw } + - { role: ceph-rgw, tags: ceph-rgw } - name: Apply role glance gather_facts: false hosts: - glance-api - - '&enable_glance_True' + - "&enable_glance_True" serial: '{{ kolla_serial|default("0") }}' max_fail_percentage: >- {{ glance_max_fail_percentage | default(kolla_max_fail_percentage) | default(100) }} roles: - - { role: glance, - tags: glance } + - { role: glance, tags: glance } - name: Apply role ironic gather_facts: false @@ -581,15 +565,14 @@ - ironic-conductor - ironic-tftp - ironic-http - - '&enable_ironic_True' + - "&enable_ironic_True" serial: '{{ kolla_serial|default("0") }}' max_fail_percentage: >- {{ ironic_max_fail_percentage | default(kolla_max_fail_percentage) | default(100) }} roles: - - { role: ironic, - tags: ironic } + - { role: ironic, tags: ironic } - name: Apply role cinder gather_facts: false @@ -598,73 +581,66 @@ - cinder-backup - cinder-scheduler - cinder-volume - - '&enable_cinder_True' + - "&enable_cinder_True" serial: '{{ kolla_serial|default("0") }}' max_fail_percentage: >- {{ cinder_max_fail_percentage | default(kolla_max_fail_percentage) | default(100) }} roles: - - { role: cinder, - tags: cinder } + - { role: cinder, tags: cinder } - name: Apply role placement gather_facts: false hosts: - placement-api - - '&enable_placement_True' + - "&enable_placement_True" serial: '{{ kolla_serial|default("0") }}' max_fail_percentage: >- {{ placement_max_fail_percentage | default(kolla_max_fail_percentage) | default(100) }} roles: - - { role: placement, - tags: placement } + - { role: placement, tags: placement } - name: Apply role openvswitch gather_facts: false hosts: - openvswitch - - '&enable_openvswitch_True_enable_ovs_dpdk_False' + - "&enable_openvswitch_True_enable_ovs_dpdk_False" serial: '{{ kolla_serial|default("0") }}' max_fail_percentage: >- {{ openvswitch_max_fail_percentage | default(kolla_max_fail_percentage) | default(100) }} roles: - - { role: openvswitch, - tags: openvswitch, - when: "(enable_openvswitch | bool) and not (enable_ovs_dpdk | bool)"} + - { role: openvswitch, tags: openvswitch, when: "(enable_openvswitch | bool) and not (enable_ovs_dpdk | bool)" } - name: Apply role ovs-dpdk gather_facts: false hosts: - openvswitch - - '&enable_openvswitch_True_enable_ovs_dpdk_True' + - "&enable_openvswitch_True_enable_ovs_dpdk_True" serial: '{{ kolla_serial|default("0") }}' max_fail_percentage: >- {{ ovs_dpdk_max_fail_percentage | default(kolla_max_fail_percentage) | default(100) }} roles: - - { role: ovs-dpdk, - tags: ovs-dpdk, - when: "(enable_openvswitch | bool) and (enable_ovs_dpdk | bool)"} + - { role: ovs-dpdk, tags: ovs-dpdk, when: "(enable_openvswitch | bool) and (enable_ovs_dpdk | bool)" } - name: Apply role ovn-controller gather_facts: false hosts: - ovn-controller - - '&enable_ovn_True' + - "&enable_ovn_True" serial: '{{ kolla_serial|default("0") }}' max_fail_percentage: >- {{ ovn_controller_max_fail_percentage | default(kolla_max_fail_percentage) | default(100) }} roles: - - { role: ovn-controller, - tags: [ovn, ovn-controller] } + - { role: ovn-controller, tags: [ovn, ovn-controller] } - name: Apply role ovn-db gather_facts: false @@ -672,15 +648,14 @@ - ovn-nb-db - ovn-northd - ovn-sb-db - - '&enable_ovn_True' + - "&enable_ovn_True" serial: '{{ kolla_serial|default("0") }}' max_fail_percentage: >- {{ ovn_db_max_fail_percentage | default(kolla_max_fail_percentage) | default(100) }} roles: - - { role: ovn-db, - tags: [ovn, ovn-db] } + - { role: ovn-db, tags: [ovn, ovn-db] } # Nova deployment is more complicated than other services, so is covered in its # own playbook. @@ -700,44 +675,41 @@ - neutron-infoblox-ipam-agent - compute - manila-share - - '&enable_neutron_True' + - "&enable_neutron_True" serial: '{{ kolla_serial|default("0") }}' max_fail_percentage: >- {{ neutron_max_fail_percentage | default(kolla_max_fail_percentage) | default(100) }} roles: - - { role: neutron, - tags: neutron } + - { role: neutron, tags: neutron } - name: Apply role kuryr gather_facts: false hosts: - compute - - '&enable_kuryr_True' + - "&enable_kuryr_True" serial: '{{ kolla_serial|default("0") }}' max_fail_percentage: >- {{ kuryr_max_fail_percentage | default(kolla_max_fail_percentage) | default(100) }} roles: - - { role: kuryr, - tags: kuryr } + - { role: kuryr, tags: kuryr } - name: Apply role hacluster gather_facts: false hosts: - hacluster - hacluster-remote - - '&enable_hacluster_True' + - "&enable_hacluster_True" serial: '{{ kolla_serial|default("0") }}' max_fail_percentage: >- {{ hacluster_max_fail_percentage | default(kolla_max_fail_percentage) | default(100) }} roles: - - { role: hacluster, - tags: hacluster } + - { role: hacluster, tags: hacluster } - name: Apply role heat gather_facts: false @@ -745,44 +717,41 @@ - heat-api - heat-api-cfn - heat-engine - - '&enable_heat_True' + - "&enable_heat_True" serial: '{{ kolla_serial|default("0") }}' max_fail_percentage: >- {{ heat_max_fail_percentage | default(kolla_max_fail_percentage) | default(100) }} roles: - - { role: heat, - tags: heat } + - { role: heat, tags: heat } - name: Apply role horizon gather_facts: false hosts: - horizon - - '&enable_horizon_True' + - "&enable_horizon_True" serial: '{{ kolla_serial|default("0") }}' max_fail_percentage: >- {{ horizon_max_fail_percentage | default(kolla_max_fail_percentage) | default(100) }} roles: - - { role: horizon, - tags: horizon } + - { role: horizon, tags: horizon } - name: Apply role magnum gather_facts: false hosts: - magnum-api - magnum-conductor - - '&enable_magnum_True' + - "&enable_magnum_True" serial: '{{ kolla_serial|default("0") }}' max_fail_percentage: >- {{ magnum_max_fail_percentage | default(kolla_max_fail_percentage) | default(100) }} roles: - - { role: magnum, - tags: magnum } + - { role: magnum, tags: magnum } - name: Apply role mistral gather_facts: false @@ -791,15 +760,14 @@ - mistral-engine - mistral-executor - mistral-event-engine - - '&enable_mistral_True' + - "&enable_mistral_True" serial: '{{ kolla_serial|default("0") }}' max_fail_percentage: >- {{ mistral_max_fail_percentage | default(kolla_max_fail_percentage) | default(100) }} roles: - - { role: mistral, - tags: mistral } + - { role: mistral, tags: mistral } - name: Apply role manila gather_facts: false @@ -808,15 +776,14 @@ - manila-data - manila-share - manila-scheduler - - '&enable_manila_True' + - "&enable_manila_True" serial: '{{ kolla_serial|default("0") }}' max_fail_percentage: >- {{ manila_max_fail_percentage | default(kolla_max_fail_percentage) | default(100) }} roles: - - { role: manila, - tags: manila } + - { role: manila, tags: manila } - name: Apply role gnocchi gather_facts: false @@ -824,15 +791,14 @@ - gnocchi-api - gnocchi-metricd - gnocchi-statsd - - '&enable_gnocchi_True' + - "&enable_gnocchi_True" serial: '{{ kolla_serial|default("0") }}' max_fail_percentage: >- {{ gnocchi_max_fail_percentage | default(kolla_max_fail_percentage) | default(100) }} roles: - - { role: gnocchi, - tags: gnocchi } + - { role: gnocchi, tags: gnocchi } - name: Apply role ceilometer gather_facts: false @@ -841,15 +807,14 @@ - ceilometer-notification - ceilometer-compute - ceilometer-ipmi - - '&enable_ceilometer_True' + - "&enable_ceilometer_True" serial: '{{ kolla_serial|default("0") }}' max_fail_percentage: >- {{ ceilometer_max_fail_percentage | default(kolla_max_fail_percentage) | default(100) }} roles: - - { role: ceilometer, - tags: ceilometer } + - { role: ceilometer, tags: ceilometer } - name: Apply role aodh gather_facts: false @@ -858,15 +823,14 @@ - aodh-evaluator - aodh-listener - aodh-notifier - - '&enable_aodh_True' + - "&enable_aodh_True" serial: '{{ kolla_serial|default("0") }}' max_fail_percentage: >- {{ aodh_max_fail_percentage | default(kolla_max_fail_percentage) | default(100) }} roles: - - { role: aodh, - tags: aodh } + - { role: aodh, tags: aodh } - name: Apply role barbican gather_facts: false @@ -874,15 +838,14 @@ - barbican-api - barbican-keystone-listener - barbican-worker - - '&enable_barbican_True' + - "&enable_barbican_True" serial: '{{ kolla_serial|default("0") }}' max_fail_percentage: >- {{ barbican_max_fail_percentage | default(kolla_max_fail_percentage) | default(100) }} roles: - - { role: barbican, - tags: barbican } + - { role: barbican, tags: barbican } - name: Apply role cyborg gather_facts: false @@ -890,15 +853,14 @@ - cyborg-api - cyborg-agent - cyborg-conductor - - '&enable_cyborg_True' + - "&enable_cyborg_True" serial: '{{ serial|default("0") }}' max_fail_percentage: >- {{ cyborg_max_fail_percentage | default(kolla_max_fail_percentage) | default(100) }} roles: - - { role: cyborg, - tags: cyborg } + - { role: cyborg, tags: cyborg } - name: Apply role designate gather_facts: false @@ -910,15 +872,14 @@ - designate-worker - designate-sink - designate-backend-bind9 - - '&enable_designate_True' + - "&enable_designate_True" serial: '{{ kolla_serial|default("0") }}' max_fail_percentage: >- {{ designate_max_fail_percentage | default(kolla_max_fail_percentage) | default(100) }} roles: - - { role: designate, - tags: designate } + - { role: designate, tags: designate } - name: Apply role trove gather_facts: false @@ -926,15 +887,14 @@ - trove-api - trove-conductor - trove-taskmanager - - '&enable_trove_True' + - "&enable_trove_True" serial: '{{ kolla_serial|default("0") }}' max_fail_percentage: >- {{ trove_max_fail_percentage | default(kolla_max_fail_percentage) | default(100) }} roles: - - { role: trove, - tags: trove } + - { role: trove, tags: trove } - name: Apply role watcher gather_facts: false @@ -942,59 +902,55 @@ - watcher-api - watcher-engine - watcher-applier - - '&enable_watcher_True' + - "&enable_watcher_True" serial: '{{ kolla_serial|default("0") }}' max_fail_percentage: >- {{ watcher_max_fail_percentage | default(kolla_max_fail_percentage) | default(100) }} roles: - - { role: watcher, - tags: watcher } + - { role: watcher, tags: watcher } - name: Apply role grafana gather_facts: false hosts: - grafana - - '&enable_grafana_True' + - "&enable_grafana_True" serial: '{{ kolla_serial|default("0") }}' max_fail_percentage: >- {{ grafana_max_fail_percentage | default(kolla_max_fail_percentage) | default(100) }} roles: - - { role: grafana, - tags: grafana } + - { role: grafana, tags: grafana } - name: Apply role cloudkitty gather_facts: false hosts: - cloudkitty-api - cloudkitty-processor - - '&enable_cloudkitty_True' + - "&enable_cloudkitty_True" serial: '{{ kolla_serial|default("0") }}' max_fail_percentage: >- {{ cloudkitty_max_fail_percentage | default(kolla_max_fail_percentage) | default(100) }} roles: - - { role: cloudkitty, - tags: cloudkitty } + - { role: cloudkitty, tags: cloudkitty } - name: Apply role tacker gather_facts: false hosts: - tacker-server - tacker-conductor - - '&enable_tacker_True' + - "&enable_tacker_True" serial: '{{ kolla_serial|default("0") }}' max_fail_percentage: >- {{ tacker_max_fail_percentage | default(kolla_max_fail_percentage) | default(100) }} roles: - - { role: tacker, - tags: tacker } + - { role: tacker, tags: tacker } - name: Apply role octavia gather_facts: false @@ -1003,15 +959,14 @@ - octavia-health-manager - octavia-housekeeping - octavia-worker - - '&enable_octavia_True' + - "&enable_octavia_True" serial: '{{ kolla_serial|default("0") }}' max_fail_percentage: >- {{ octavia_max_fail_percentage | default(kolla_max_fail_percentage) | default(100) }} roles: - - { role: octavia, - tags: octavia } + - { role: octavia, tags: octavia } - name: Apply role zun gather_facts: false @@ -1020,30 +975,28 @@ - zun-wsproxy - zun-compute - zun-cni-daemon - - '&enable_zun_True' + - "&enable_zun_True" serial: '{{ kolla_serial|default("0") }}' max_fail_percentage: >- {{ zun_max_fail_percentage | default(kolla_max_fail_percentage) | default(100) }} roles: - - { role: zun, - tags: zun } + - { role: zun, tags: zun } - name: Apply role blazar gather_facts: false hosts: - blazar-api - blazar-manager - - '&enable_blazar_True' + - "&enable_blazar_True" serial: '{{ kolla_serial|default("0") }}' max_fail_percentage: >- {{ blazar_max_fail_percentage | default(kolla_max_fail_percentage) | default(100) }} roles: - - { role: blazar, - tags: blazar } + - { role: blazar, tags: blazar } - name: Apply role masakari gather_facts: false @@ -1052,26 +1005,24 @@ - masakari-engine - masakari-hostmonitor - masakari-instancemonitor - - '&enable_masakari_True' + - "&enable_masakari_True" serial: '{{ kolla_serial|default("0") }}' max_fail_percentage: >- {{ masakari_max_fail_percentage | default(kolla_max_fail_percentage) | default(100) }} roles: - - { role: masakari, - tags: masakari } + - { role: masakari, tags: masakari } - name: Apply role skyline gather_facts: false hosts: - skyline - - '&enable_skyline_True' + - "&enable_skyline_True" serial: '{{ kolla_serial|default("0") }}' max_fail_percentage: >- {{ skyline_max_fail_percentage | default(kolla_max_fail_percentage) | default(100) }} roles: - - { role: skyline, - tags: skyline } + - { role: skyline, tags: skyline } diff --git a/etc/kolla/globals.yml b/etc/kolla/globals.yml index 36f5b4806e..6bf2b9e267 100644 --- a/etc/kolla/globals.yml +++ b/etc/kolla/globals.yml @@ -6,7 +6,7 @@ # the parameter and change its value. # Dummy variable to allow Ansible to accept this file. -workaround_ansible_issue_8743: yes +workaround_ansible_issue_8743: true ################### # Ansible options @@ -99,7 +99,7 @@ workaround_ansible_issue_8743: yes # Custom docker registry settings: #docker_registry: # Please read the docs carefully before applying docker_registry_insecure. -#docker_registry_insecure: "no" +#docker_registry_insecure: false #docker_registry_username: # docker_registry_password is set in the passwords.yml file. @@ -109,15 +109,15 @@ workaround_ansible_issue_8743: yes # Docker client timeout in seconds. #docker_client_timeout: 120 -#docker_configure_for_zun: "no" -#containerd_configure_for_zun: "no" +#docker_configure_for_zun: false +#containerd_configure_for_zun: false #containerd_grpc_gid: 42463 ################### # Messaging options ################### # Whether to enable TLS for oslo.messaging communication with RabbitMQ. -#om_enable_rabbitmq_tls: "{{ rabbitmq_enable_tls | bool }}" +# om_enable_rabbitmq_tls: "{{ rabbitmq_enable_tls | bool }}" # CA certificate bundle in containers using oslo.messaging with RabbitMQ TLS. #om_rabbitmq_cacert: "{{ rabbitmq_cacert }}" @@ -168,18 +168,18 @@ workaround_ansible_issue_8743: yes # Configure Neutron upgrade option, currently Kolla support # two upgrade ways for Neutron: legacy_upgrade and rolling_upgrade -# The variable "neutron_enable_rolling_upgrade: yes" is meaning rolling_upgrade +# The variable "neutron_enable_rolling_upgrade: true" is meaning rolling_upgrade # were enabled and opposite # Neutron rolling upgrade were enable by default -#neutron_enable_rolling_upgrade: "yes" +#neutron_enable_rolling_upgrade: true # Enable wrapper containers to keep Neutron agent restarts isolated from the main service containers -#neutron_agents_wrappers: "yes" +#neutron_agents_wrappers: true # Configure neutron logging framework to log ingress/egress connections to instances # for security groups rules. More information can be found here: # https://docs.openstack.org/neutron/latest/admin/config-logging.html -#enable_neutron_packet_logging: "no" +#enable_neutron_packet_logging: false #################### # keepalived options @@ -215,7 +215,7 @@ workaround_ansible_issue_8743: yes ##################### # Healthcheck options ##################### -#enable_container_healthchecks: "yes" +#enable_container_healthchecks: true # Healthcheck options for Docker containers # interval/timeout/start_period are in seconds #default_container_healthcheck_interval: 30 @@ -229,9 +229,9 @@ workaround_ansible_issue_8743: yes # Configures firewalld on both ubuntu and centos systems # for enabled services. # firewalld should be installed beforehand. -# disable_firewall: "true" -# enable_external_api_firewalld: "false" -# external_api_firewalld_zone: "public" +#disable_firewall: "true" +#enable_external_api_firewalld: "false" +#external_api_firewalld_zone: "public" ############# # TLS options @@ -239,16 +239,16 @@ workaround_ansible_issue_8743: yes # To provide encryption and authentication on the kolla_external_vip_interface, # TLS can be enabled. When TLS is enabled, certificates must be provided to # allow clients to perform authentication. -#kolla_enable_tls_internal: "no" +#kolla_enable_tls_internal: false #kolla_enable_tls_external: "{{ kolla_enable_tls_internal if kolla_same_external_internal_vip | bool else 'no' }}" #kolla_certificates_dir: "{{ node_config }}/certificates" #kolla_external_fqdn_cert: "{{ kolla_certificates_dir }}/haproxy.pem" #kolla_internal_fqdn_cert: "{{ kolla_certificates_dir }}/haproxy-internal.pem" #kolla_admin_openrc_cacert: "" -#kolla_copy_ca_into_containers: "no" +#kolla_copy_ca_into_containers: false #haproxy_backend_cacert: "{{ 'ca-certificates.crt' if kolla_base_distro in ['debian', 'ubuntu'] else 'ca-bundle.trust.crt' }}" #haproxy_backend_cacert_dir: "/etc/ssl/certs" -#database_enable_tls_backend: "{{ 'yes' if kolla_enable_tls_backend | bool and enable_proxysql | bool else 'no' }}" +#database_enable_tls_backend: "{{ 'true' if kolla_enable_tls_backend | bool and enable_proxysql | bool else 'false' }}" ################## # Backend options ################## @@ -258,8 +258,8 @@ workaround_ansible_issue_8743: yes ##################### # Backend TLS options ##################### -#kolla_enable_tls_backend: "no" -#kolla_verify_tls_backend: "yes" +#kolla_enable_tls_backend: false +#kolla_verify_tls_backend: true #kolla_tls_backend_cert: "{{ kolla_certificates_dir }}/backend-cert.pem" #kolla_tls_backend_key: "{{ kolla_certificates_dir }}/backend-key.pem" @@ -286,13 +286,13 @@ workaround_ansible_issue_8743: yes # LetsEncrypt certificate server options #################### #letsencrypt_cert_server: "https://acme-v02.api.letsencrypt.org/directory" -# attempt to renew Let's Encrypt certificate every 12 hours +# Attempt to renew Let's Encrypt certificate every 12 hours #letsencrypt_cron_renew_schedule: "0 */12 * * *" #################### # LetsEncrypt external account binding options #################### -#letsencrypt_external_account_binding: "no" +#letsencrypt_external_account_binding: false #letsencrypt_eab_hmac: "" #letsencrypt_eab_key_id: "" @@ -315,53 +315,53 @@ workaround_ansible_issue_8743: yes # Enable core OpenStack services. This includes: # glance, keystone, neutron, nova, heat, and horizon. -#enable_openstack_core: "yes" +#enable_openstack_core: true # These roles are required for Kolla to be operation, however a savvy deployer # could disable some of these required roles and run their own services. #enable_glance: "{{ enable_openstack_core | bool }}" -#enable_hacluster: "no" -#enable_haproxy: "yes" +#enable_hacluster: false +#enable_haproxy: true #enable_keepalived: "{{ enable_haproxy | bool }}" #enable_keystone: "{{ enable_openstack_core | bool }}" -#enable_mariadb: "yes" -#enable_memcached: "yes" +#enable_mariadb: true +#enable_memcached: true #enable_neutron: "{{ enable_openstack_core | bool }}" #enable_nova: "{{ enable_openstack_core | bool }}" -#enable_rabbitmq: "{{ 'yes' if om_rpc_transport == 'rabbit' or om_notify_transport == 'rabbit' else 'no' }}" +#enable_rabbitmq: "{{ 'true' if om_rpc_transport == 'rabbit' or om_notify_transport == 'rabbit' else 'false' }}" # OpenStack services can be enabled or disabled with these options -#enable_aodh: "no" -#enable_barbican: "no" -#enable_blazar: "no" -#enable_ceilometer: "no" -#enable_ceilometer_ipmi: "no" -#enable_cells: "no" -#enable_central_logging: "no" -#enable_ceph_rgw: "no" +#enable_aodh: false +#enable_barbican: false +#enable_blazar: false +#enable_ceilometer: false +#enable_ceilometer_ipmi: false +#enable_cells: false +#enable_central_logging: false +#enable_ceph_rgw: false #enable_ceph_rgw_loadbalancer: "{{ enable_ceph_rgw | bool }}" -#enable_cinder: "no" -#enable_cinder_backup: "yes" +#enable_cinder: false +#enable_cinder_backup: true #enable_cinder_backend_iscsi: "{{ enable_cinder_backend_lvm | bool }}" -#enable_cinder_backend_lvm: "no" -#enable_cinder_backend_nfs: "no" -#enable_cinder_backend_quobyte: "no" -#enable_cinder_backend_pure_iscsi: "no" -#enable_cinder_backend_pure_fc: "no" -#enable_cinder_backend_pure_roce: "no" -#enable_cinder_backend_pure_nvme_tcp: "no" -#enable_cinder_backend_lightbits: "no" -#enable_cloudkitty: "no" -#enable_collectd: "no" -#enable_cyborg: "no" -#enable_designate: "no" -#enable_destroy_images: "no" -#enable_etcd: "no" -#enable_fluentd: "yes" +#enable_cinder_backend_lvm: false +#enable_cinder_backend_nfs: false +#enable_cinder_backend_quobyte: false +#enable_cinder_backend_pure_iscsi: false +#enable_cinder_backend_pure_fc: false +#enable_cinder_backend_pure_roce: false +#enable_cinder_backend_pure_nvme_tcp: false +#enable_cinder_backend_lightbits: false +#enable_cloudkitty: false +#enable_collectd: false +#enable_cyborg: false +#enable_designate: false +#enable_destroy_images: false +#enable_etcd: false +#enable_fluentd: true #enable_fluentd_systemd: "{{ (enable_fluentd | bool) and (enable_central_logging | bool) }}" -#enable_gnocchi: "no" -#enable_gnocchi_statsd: "no" -#enable_grafana: "no" +#enable_gnocchi: false +#enable_gnocchi_statsd: false +#enable_grafana: false #enable_grafana_external: "{{ enable_grafana | bool }}" #enable_heat: "{{ enable_openstack_core | bool }}" #enable_horizon: "{{ enable_openstack_core | bool }}" @@ -382,41 +382,41 @@ workaround_ansible_issue_8743: yes #enable_horizon_watcher: "{{ enable_watcher | bool }}" #enable_horizon_zun: "{{ enable_zun | bool }}" #enable_influxdb: "{{ enable_cloudkitty | bool and cloudkitty_storage_backend == 'influxdb' }}" -#enable_ironic: "no" -#enable_ironic_neutron_agent: "no" +#enable_ironic: false +#enable_ironic_neutron_agent: false #enable_ironic_prometheus_exporter: "{{ enable_ironic | bool and enable_prometheus | bool }}" -#enable_ironic_pxe_filter: "no" +#enable_ironic_pxe_filter: false #enable_iscsid: "{{ enable_cinder | bool and enable_cinder_backend_iscsi | bool }}" -#enable_kuryr: "no" -#enable_magnum: "no" -#enable_manila: "no" -#enable_manila_backend_generic: "no" -#enable_manila_backend_hnas: "no" -#enable_manila_backend_cephfs_native: "no" -#enable_manila_backend_cephfs_nfs: "no" -#enable_manila_backend_glusterfs_nfs: "no" -#enable_manila_backend_flashblade: "no" -#enable_mariabackup: "no" -#enable_masakari: "no" -#enable_mistral: "no" -#enable_multipathd: "no" -#enable_neutron_vpnaas: "no" -#enable_neutron_sriov: "no" -#enable_neutron_dvr: "no" -#enable_neutron_fwaas: "no" -#enable_neutron_qos: "no" -#enable_neutron_agent_ha: "no" -#enable_neutron_bgp_dragent: "no" -#enable_neutron_provider_networks: "no" -#enable_neutron_segments: "no" -#enable_neutron_sfc: "no" -#enable_neutron_trunk: "no" -#enable_neutron_metering: "no" -#enable_neutron_infoblox_ipam_agent: "no" -#enable_neutron_port_forwarding: "no" -#enable_nova_serialconsole_proxy: "no" -#enable_nova_ssh: "yes" -#enable_octavia: "no" +#enable_kuryr: false +#enable_magnum: false +#enable_manila: false +#enable_manila_backend_generic: false +#enable_manila_backend_hnas: false +#enable_manila_backend_cephfs_native: false +#enable_manila_backend_cephfs_nfs: false +#enable_manila_backend_glusterfs_nfs: false +#enable_manila_backend_flashblade: false +#enable_mariabackup: false +#enable_masakari: false +#enable_mistral: false +#enable_multipathd: false +#enable_neutron_vpnaas: false +#enable_neutron_sriov: false +#enable_neutron_dvr: false +#enable_neutron_fwaas: false +#enable_neutron_qos: false +#enable_neutron_agent_ha: false +#enable_neutron_bgp_dragent: false +#enable_neutron_provider_networks: false +#enable_neutron_segments: false +#enable_neutron_sfc: false +#enable_neutron_trunk: false +#enable_neutron_metering: false +#enable_neutron_infoblox_ipam_agent: false +#enable_neutron_port_forwarding: false +#enable_nova_serialconsole_proxy: false +#enable_nova_ssh: true +#enable_octavia: false #enable_octavia_driver_agent: "{{ enable_octavia | bool and neutron_plugin_agent == 'ovn' }}" #enable_octavia_jobboard: "{{ enable_octavia | bool and 'amphora' in octavia_provider_drivers }}" #enable_opensearch: "{{ enable_central_logging | bool or enable_osprofiler | bool or (enable_cloudkitty | bool and cloudkitty_storage_backend == 'opensearch') }}" @@ -424,19 +424,19 @@ workaround_ansible_issue_8743: yes #enable_opensearch_dashboards_external: "{{ enable_opensearch_dashboards | bool }}" #enable_openvswitch: "{{ enable_neutron }}" #enable_ovn: "{{ enable_neutron | bool and neutron_plugin_agent == 'ovn' }}" -#enable_ovs_dpdk: "no" -#enable_osprofiler: "no" +#enable_ovs_dpdk: false +#enable_osprofiler: false #enable_placement: "{{ enable_nova | bool or enable_zun | bool }}" -#enable_prometheus: "no" -#enable_proxysql: "yes" -#enable_valkey: "no" -#enable_skyline: "no" -#enable_tacker: "no" -#enable_telegraf: "no" -#enable_trove: "no" -#enable_trove_singletenant: "no" -#enable_watcher: "no" -#enable_zun: "no" +#enable_prometheus: false +#enable_proxysql: true +#enable_valkey: false +#enable_skyline: false +#enable_tacker: false +#enable_telegraf: false +#enable_trove: false +#enable_trove_singletenant: false +#enable_watcher: false +#enable_zun: false ############# # S3 options @@ -462,7 +462,7 @@ workaround_ansible_issue_8743: yes # and not to busy wait (+sbwt none +sbwtdcpu none +sbwtdio none): #rabbitmq_server_additional_erl_args: "+S 2:2 +sbwt none +sbwtdcpu none +sbwtdio none" # Whether to enable TLS encryption for RabbitMQ client-server communication. -#rabbitmq_enable_tls: "no" +#rabbitmq_enable_tls: false # CA certificate bundle in RabbitMQ container. #rabbitmq_cacert: "/etc/ssl/certs/{{ 'ca-certificates.crt' if kolla_base_distro in ['debian', 'ubuntu'] else 'ca-bundle.trust.crt' }}" @@ -476,7 +476,7 @@ workaround_ansible_issue_8743: yes # External Ceph options ####################### # External Ceph - cephx auth enabled (this is the standard nowadays, defaults to yes) -#external_ceph_cephx_enabled: "yes" +#external_ceph_cephx_enabled: true # Glance #ceph_glance_user: "glance" @@ -518,16 +518,16 @@ workaround_ansible_issue_8743: yes # Glance - Image Options ######################## # Configure image backend. -#glance_backend_ceph: "no" -#glance_backend_file: "yes" -#glance_backend_s3: "no" -#enable_glance_image_cache: "no" -#glance_enable_property_protection: "no" -#glance_enable_interoperable_image_import: "no" +#glance_backend_ceph: false +#glance_backend_file: true +#glance_backend_s3: false +#enable_glance_image_cache: false +#glance_enable_property_protection: false +#glance_enable_interoperable_image_import: false # Configure glance upgrade option. # Due to this feature being experimental in glance, -# the default value is "no". -#glance_enable_rolling_upgrade: "no" +# the default value is false. +#glance_enable_rolling_upgrade: false #################### # Glance S3 Backend @@ -563,7 +563,7 @@ workaround_ansible_issue_8743: yes # Cinder - Block Storage Options ################################ # Enable / disable Cinder backends -#cinder_backend_ceph: "no" +#cinder_backend_ceph: false #cinder_volume_group: "cinder-volumes" # Valid options are [ '', valkey, etcd ] #cinder_coordination_backend: "{{ 'valkey' if enable_valkey | bool else 'etcd' if enable_etcd | bool else '' }}" @@ -604,7 +604,7 @@ workaround_ansible_issue_8743: yes ######################## # Nova - Compute Options ######################## -#nova_backend_ceph: "no" +#nova_backend_ceph: false # Valid options are [ qemu, kvm ] #nova_compute_virt_type: "kvm" @@ -614,10 +614,10 @@ workaround_ansible_issue_8743: yes # The "nova_safety_upgrade" controls whether the nova services # are all stopped before rolling upgrade to the new version, -# for the safety and availability. If "nova_safety_upgrade" is "yes", +# for the safety and availability. If "nova_safety_upgrade" is true, # that will stop all nova services (except nova-compute) for no failed # API operations before upgrade to the new version. And opposite. -#nova_safety_upgrade: "no" +#nova_safety_upgrade: false # Valid options are [ none, novnc, spice ] #nova_console: "novnc" @@ -626,10 +626,10 @@ workaround_ansible_issue_8743: yes # Neutron - networking options ############################## # Enable distributed floating ip for OVN deployments -#neutron_ovn_distributed_fip: "no" +#neutron_ovn_distributed_fip: false # Enable DHCP agent(s) to use with OVN -#neutron_ovn_dhcp_agent: "no" +#neutron_ovn_dhcp_agent: false ############################# # Horizon - Dashboard Options @@ -645,7 +645,7 @@ workaround_ansible_issue_8743: yes # list of ranges - at least one must be configured, for example: # - range: 192.168.0.10,192.168.0.100 # See Kolla Ansible docs on Ironic for details. -#ironic_dnsmasq_dhcp_ranges: +# ironic_dnsmasq_dhcp_ranges: # PXE bootloader file for Ironic inspection, relative to /var/lib/ironic/tftpboot. #ironic_dnsmasq_boot_file: "pxelinux.0" @@ -654,7 +654,7 @@ workaround_ansible_issue_8743: yes # The variable "ironic_enable_rolling_upgrade: yes" is meaning rolling_upgrade # were enabled and opposite # Rolling upgrade were enable by default -#ironic_enable_rolling_upgrade: "yes" +#ironic_enable_rolling_upgrade: true # List of extra kernel parameters passed to the kernel used during inspection #ironic_kernel_cmdline_extras: [] @@ -726,7 +726,7 @@ workaround_ansible_issue_8743: yes #enable_prometheus_memcached_exporter: "{{ enable_prometheus | bool }}" #enable_prometheus_alertmanager: "{{ enable_prometheus | bool }}" #enable_prometheus_alertmanager_external: "{{ enable_prometheus_alertmanager | bool }}" -#enable_prometheus_ceph_mgr_exporter: "no" +#enable_prometheus_ceph_mgr_exporter: false #enable_prometheus_openstack_exporter: "{{ enable_prometheus | bool }}" #enable_prometheus_elasticsearch_exporter: "{{ enable_prometheus | bool and enable_elasticsearch | bool }}" #enable_prometheus_blackbox_exporter: "{{ enable_prometheus | bool }}" @@ -765,7 +765,7 @@ workaround_ansible_issue_8743: yes ########## # Configure telegraf to use the docker daemon itself as an input for # telemetry data. -#telegraf_enable_docker_input: "no" +#telegraf_enable_docker_input: false ########################################## # Octavia - openstack loadbalancer Options @@ -795,16 +795,16 @@ workaround_ansible_issue_8743: yes # Octavia security groups. lb-mgmt-sec-grp is for amphorae. #octavia_amp_security_groups: -# mgmt-sec-grp: -# name: "lb-mgmt-sec-grp" -# rules: -# - protocol: icmp -# - protocol: tcp -# src_port: 22 -# dst_port: 22 -# - protocol: tcp -# src_port: "{{ octavia_amp_listen_port }}" -# dst_port: "{{ octavia_amp_listen_port }}" +# mgmt-sec-grp: +# name: "lb-mgmt-sec-grp" +# rules: +# - protocol: icmp +# - protocol: tcp +# src_port: 22 +# dst_port: 22 +# - protocol: tcp +# src_port: "{{ octavia_amp_listen_port }}" +# dst_port: "{{ octavia_amp_listen_port }}" # Octavia management network. # See os_network and os_subnet for details. Supported parameters: @@ -862,4 +862,4 @@ workaround_ansible_issue_8743: yes ############## # If `etcd_remove_deleted_members` is enabled, Kolla Ansible will automatically # remove etcd members from the cluster that are no longer in the inventory. -#etcd_remove_deleted_members: "no" +#etcd_remove_deleted_members: false diff --git a/tools/setup-compute-libvirt.yml b/tools/setup-compute-libvirt.yml index 9df033bec9..d544d26261 100644 --- a/tools/setup-compute-libvirt.yml +++ b/tools/setup-compute-libvirt.yml @@ -18,7 +18,7 @@ - name: Enable/start systemd artifacts systemd: - enabled: yes + enabled: true state: started name: "{{ item }}" with_items: "{{ systemd_artifacts }}" From 48afd582e1c73d606e6746fff6fc0b92d3e07f17 Mon Sep 17 00:00:00 2001 From: Michal Nasiadka Date: Thu, 20 Oct 2022 14:07:38 +0200 Subject: [PATCH 42/43] docs: when reno is required In Zed PTG we decided to limit the amount of release notes this change adds the criteria when reno is required to the docs [1]: https://etherpad.opendev.org/p/kolla-zed-ptg#L149 Change-Id: I4f153a619eb57a75ebdb1aba4b71e422b30d74fe Signed-off-by: Michal Nasiadka --- doc/source/contributor/release-notes.rst | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/doc/source/contributor/release-notes.rst b/doc/source/contributor/release-notes.rst index 5c783b9b84..766c64a39a 100644 --- a/doc/source/contributor/release-notes.rst +++ b/doc/source/contributor/release-notes.rst @@ -22,9 +22,12 @@ Kolla Ansible (just like Kolla) uses the following release notes sections: * ``prelude`` --- filled in by the PTL before each release or RC. Other release note types may be applied per common sense. -Each change should include a release note unless being a ``TrivialFix`` -change or affecting only docs or CI. Such changes should `not` include -a release note to avoid confusion. + +When a release note is required: + +- ``feature`` - best included with docs change (if separate from the code) +- ``user impacting`` - to improve visibility of the change for users + Remember release notes are mostly for end users which, in case of Kolla, are OpenStack administrators/operators. In case of doubt, the core team will let you know what is required. From f9814ca57bb5ca91b2a96053bbfac54965dbb0e4 Mon Sep 17 00:00:00 2001 From: Michal Nasiadka Date: Tue, 25 Nov 2025 07:51:16 +0100 Subject: [PATCH 43/43] ansible-lint: Fix command-instead-of-module/shell Change-Id: I4099b338b0d16bedf5731a3a63eeaad27a321d9b Signed-off-by: Michal Nasiadka --- .ansible-lint | 2 -- ansible/roles/loadbalancer/tasks/config_validate.yml | 2 +- ansible/roles/valkey/tasks/check.yml | 2 +- ansible/roles/valkey/tasks/upgrade.yml | 4 ++-- 4 files changed, 4 insertions(+), 6 deletions(-) diff --git a/.ansible-lint b/.ansible-lint index 8a566c1335..5c0c0640a1 100644 --- a/.ansible-lint +++ b/.ansible-lint @@ -37,6 +37,4 @@ skip_list: - var-naming[no-role-prefix] - risky-file-permissions - risky-shell-pipe - - command-instead-of-shell - - command-instead-of-module - yaml[line-length] diff --git a/ansible/roles/loadbalancer/tasks/config_validate.yml b/ansible/roles/loadbalancer/tasks/config_validate.yml index cfb336919c..acb6f99128 100644 --- a/ansible/roles/loadbalancer/tasks/config_validate.yml +++ b/ansible/roles/loadbalancer/tasks/config_validate.yml @@ -2,7 +2,7 @@ - name: Validating haproxy config files vars: service: "{{ loadbalancer_services['haproxy'] }}" - shell: >- + command: >- {{ kolla_container_engine }} exec -i haproxy haproxy -c -f /etc/haproxy/haproxy.cfg -f /etc/haproxy/services.d/ register: haproxy_config_validation_result diff --git a/ansible/roles/valkey/tasks/check.yml b/ansible/roles/valkey/tasks/check.yml index d7531527ac..1e3c863623 100644 --- a/ansible/roles/valkey/tasks/check.yml +++ b/ansible/roles/valkey/tasks/check.yml @@ -5,7 +5,7 @@ - name: Valkey ping pong check become: true - shell: >- + command: >- {{ kolla_container_engine }} exec valkey_server valkey-cli -h {{ api_interface_address }} -a {{ valkey_master_password }} ping register: valkey_check diff --git a/ansible/roles/valkey/tasks/upgrade.yml b/ansible/roles/valkey/tasks/upgrade.yml index 0de57486a5..5a7499dedf 100644 --- a/ansible/roles/valkey/tasks/upgrade.yml +++ b/ansible/roles/valkey/tasks/upgrade.yml @@ -36,7 +36,7 @@ become: true delegate_to: "{{ valkey_master_host }}" run_once: true - shell: >- + command: >- {{ kolla_container_engine }} exec valkey_server valkey-cli -h {{ api_interface_address }} -p {{ valkey_server_port }} info replication register: valkey_replication @@ -81,7 +81,7 @@ become: true delegate_to: "{{ valkey_master_host }}" run_once: true - shell: >- + command: >- {{ kolla_container_engine }} exec valkey_server valkey-cli -h {{ api_interface_address }} -p {{ valkey_server_port }} info replication register: valkey_role