diff options
Diffstat (limited to 'roles')
82 files changed, 253 insertions, 253 deletions
diff --git a/roles/calico/handlers/main.yml b/roles/calico/handlers/main.yml index 9cc0604a3..ed484c0dd 100644 --- a/roles/calico/handlers/main.yml +++ b/roles/calico/handlers/main.yml @@ -9,6 +9,6 @@ name: "{{ openshift_docker_service_name }}" state: restarted register: l_docker_restart_docker_in_calico_result - until: not l_docker_restart_docker_in_calico_result | failed + until: not (l_docker_restart_docker_in_calico_result is failed) retries: 3 delay: 30 diff --git a/roles/cockpit/tasks/main.yml b/roles/cockpit/tasks/main.yml index f63b3e49b..fc13afed3 100644 --- a/roles/cockpit/tasks/main.yml +++ b/roles/cockpit/tasks/main.yml @@ -12,7 +12,7 @@ - "{{ cockpit_plugins }}" when: not openshift.common.is_containerized | bool register: result - until: result | success + until: result is succeeded - name: Enable cockpit-ws systemd: diff --git a/roles/container_runtime/handlers/main.yml b/roles/container_runtime/handlers/main.yml index 67cd6d782..87c5de0e9 100644 --- a/roles/container_runtime/handlers/main.yml +++ b/roles/container_runtime/handlers/main.yml @@ -6,7 +6,7 @@ state: restarted daemon_reload: yes register: r_docker_restart_docker_result - until: not r_docker_restart_docker_result | failed + until: not (r_docker_restart_docker_result is failed) retries: 3 delay: 30 when: not docker_service_status_changed | default(false) | bool diff --git a/roles/container_runtime/tasks/common/syscontainer_packages.yml b/roles/container_runtime/tasks/common/syscontainer_packages.yml index 715ed492d..b41122880 100644 --- a/roles/container_runtime/tasks/common/syscontainer_packages.yml +++ b/roles/container_runtime/tasks/common/syscontainer_packages.yml @@ -6,7 +6,7 @@ state: present when: not openshift.common.is_atomic | bool register: result - until: result | success + until: result is succeeded # Used to pull and install the system container - name: Ensure atomic is installed @@ -15,7 +15,7 @@ state: present when: not openshift.common.is_atomic | bool register: result - until: result | success + until: result is succeeded # At the time of writing the atomic command requires runc for it's own use. This # task is here in the even that the atomic package ever removes the dependency. @@ -25,4 +25,4 @@ state: present when: not openshift.common.is_atomic | bool register: result - until: result | success + until: result is succeeded diff --git a/roles/container_runtime/tasks/docker_sanity.yml b/roles/container_runtime/tasks/docker_sanity.yml index e62cf5505..bc4da1cce 100644 --- a/roles/container_runtime/tasks/docker_sanity.yml +++ b/roles/container_runtime/tasks/docker_sanity.yml @@ -5,23 +5,38 @@ - name: Error out if Docker pre-installed but too old fail: msg: "Docker {{ curr_docker_version.stdout }} is installed, but >= 1.9.1 is required." - when: not curr_docker_version | skipped and curr_docker_version.stdout != '' and curr_docker_version.stdout | version_compare('1.9.1', '<') and not docker_version is defined + when: + - not (curr_docker_version is skipped) + - curr_docker_version.stdout != '' + - curr_docker_version.stdout is version_compare('1.9.1', '<') + - not (docker_version is defined) - name: Error out if requested Docker is too old fail: msg: "Docker {{ docker_version }} requested, but >= 1.9.1 is required." - when: docker_version is defined and docker_version | version_compare('1.9.1', '<') + when: + - docker_version is defined + - docker_version is version_compare('1.9.1', '<') # If a docker_version was requested, sanity check that we can install or upgrade to it, and # no downgrade is required. - name: Fail if Docker version requested but downgrade is required fail: msg: "Docker {{ curr_docker_version.stdout }} is installed, but version {{ docker_version }} was requested." - when: not curr_docker_version | skipped and curr_docker_version.stdout != '' and docker_version is defined and curr_docker_version.stdout | version_compare(docker_version, '>') + when: + - not (curr_docker_version is skipped) + - curr_docker_version.stdout != '' + - docker_version is defined + - curr_docker_version.stdout is version_compare(docker_version, '>') # This involves an extremely slow migration process, users should instead run the # Docker 1.10 upgrade playbook to accomplish this. - name: Error out if attempting to upgrade Docker across the 1.10 boundary fail: msg: "Cannot upgrade Docker to >= 1.10, please upgrade or remove Docker manually, or use the Docker upgrade playbook if OpenShift is already installed." - when: not curr_docker_version | skipped and curr_docker_version.stdout != '' and curr_docker_version.stdout | version_compare('1.10', '<') and docker_version is defined and docker_version | version_compare('1.10', '>=') + when: + - not (curr_docker_version is skipped) + - curr_docker_version.stdout != '' + - curr_docker_version.stdout is version_compare('1.10', '<') + - docker_version is defined + - docker_version is version_compare('1.10', '>=') diff --git a/roles/container_runtime/tasks/docker_upgrade_check.yml b/roles/container_runtime/tasks/docker_upgrade_check.yml index f29619f42..6731963dd 100644 --- a/roles/container_runtime/tasks/docker_upgrade_check.yml +++ b/roles/container_runtime/tasks/docker_upgrade_check.yml @@ -19,7 +19,7 @@ command: "{{ repoquery_installed }} --qf '%{version}' docker" register: curr_docker_version retries: 4 - until: curr_docker_version | succeeded + until: curr_docker_version is succeeded changed_when: false - name: Get latest available version of Docker @@ -27,7 +27,7 @@ {{ repoquery_cmd }} --qf '%{version}' "docker" register: avail_docker_version retries: 4 - until: avail_docker_version | succeeded + until: avail_docker_version is succeeded # Don't expect docker rpm to be available on hosts that don't already have it installed: when: pkg_check.rc == 0 failed_when: false @@ -36,7 +36,10 @@ - fail: msg: This playbook requires access to Docker 1.12 or later # Disable the 1.12 requirement if the user set a specific Docker version - when: docker_version is not defined and (docker_upgrade is not defined or docker_upgrade | bool == True) and (pkg_check.rc == 0 and (avail_docker_version.stdout == "" or avail_docker_version.stdout | version_compare('1.12','<'))) + when: + - docker_version is not defined + - docker_upgrade is not defined or docker_upgrade | bool == True + - (pkg_check.rc == 0 and (avail_docker_version.stdout == "" or avail_docker_version.stdout is version_compare('1.12','<'))) # Default l_docker_upgrade to False, we'll set to True if an upgrade is required: - set_fact: @@ -50,7 +53,9 @@ - name: Flag for Docker upgrade if necessary set_fact: l_docker_upgrade: True - when: pkg_check.rc == 0 and curr_docker_version.stdout | version_compare(docker_version,'<') + when: + - pkg_check.rc == 0 + - curr_docker_version.stdout is version_compare(docker_version,'<') # Additional checks for Atomic hosts: - name: Determine available Docker @@ -64,4 +69,6 @@ - fail: msg: This playbook requires access to Docker 1.12 or later - when: openshift.common.is_atomic | bool and l_docker_version.avail_version | default(l_docker_version.curr_version, true) | version_compare('1.12','<') + when: + - openshift.common.is_atomic | bool + - l_docker_version.avail_version | default(l_docker_version.curr_version, true) is version_compare('1.12','<') diff --git a/roles/container_runtime/tasks/package_docker.yml b/roles/container_runtime/tasks/package_docker.yml index 89899c9cf..d9d4037dd 100644 --- a/roles/container_runtime/tasks/package_docker.yml +++ b/roles/container_runtime/tasks/package_docker.yml @@ -6,7 +6,7 @@ when: not openshift.common.is_atomic | bool register: curr_docker_version retries: 4 - until: curr_docker_version | succeeded + until: curr_docker_version is succeeded changed_when: false # Some basic checks to ensure the role will complete @@ -19,9 +19,12 @@ package: name: "docker{{ '-' + docker_version if docker_version is defined else '' }}" state: present - when: not openshift.common.is_atomic | bool and not curr_docker_version | skipped and not curr_docker_version.stdout != '' + when: + - not (openshift.common.is_atomic | bool) + - not (curr_docker_version is skipped) + - not (curr_docker_version.stdout != '') register: result - until: result | success + until: result is succeeded - block: # Extend the default Docker service unit file when using iptables-services @@ -137,11 +140,11 @@ state: started daemon_reload: yes register: r_docker_package_docker_start_result - until: not r_docker_package_docker_start_result | failed + until: not (r_docker_package_docker_start_result is failed) retries: 3 delay: 30 - set_fact: - docker_service_status_changed: "{{ (r_docker_package_docker_start_result | changed) and (r_docker_already_running_result.stdout != 'ActiveState=active' ) }}" + docker_service_status_changed: "{{ (r_docker_package_docker_start_result is changed) and (r_docker_already_running_result.stdout != 'ActiveState=active' ) }}" - include_tasks: common/post.yml diff --git a/roles/container_runtime/tasks/systemcontainer_docker.yml b/roles/container_runtime/tasks/systemcontainer_docker.yml index 10570fe34..639585367 100644 --- a/roles/container_runtime/tasks/systemcontainer_docker.yml +++ b/roles/container_runtime/tasks/systemcontainer_docker.yml @@ -20,7 +20,7 @@ package: name=docker{{ '-' + docker_version if docker_version is defined else '' }} state=present when: not openshift.common.is_atomic | bool register: result - until: result | success + until: result is succeeded # Make sure docker is disabled. Errors are ignored. - name: Disable Docker @@ -31,7 +31,7 @@ daemon_reload: yes ignore_errors: True register: r_docker_systemcontainer_docker_stop_result - until: not r_docker_systemcontainer_docker_stop_result | failed + until: not (r_docker_systemcontainer_docker_stop_result is failed) retries: 3 delay: 30 @@ -87,12 +87,12 @@ state: started daemon_reload: yes register: r_docker_systemcontainer_docker_start_result - until: not r_docker_systemcontainer_docker_start_result | failed + until: not (r_docker_systemcontainer_docker_start_result is failed) retries: 3 delay: 30 - set_fact: - docker_service_status_changed: "{{ r_docker_systemcontainer_docker_start_result | changed }}" + docker_service_status_changed: "{{ r_docker_systemcontainer_docker_start_result is changed }}" # Since docker is running as a system container, docker login will fail to create # credentials. Use alternate method if requiring authenticated registries. diff --git a/roles/contiv/tasks/download_bins.yml b/roles/contiv/tasks/download_bins.yml index 741c1d1da..831fd360a 100644 --- a/roles/contiv/tasks/download_bins.yml +++ b/roles/contiv/tasks/download_bins.yml @@ -9,7 +9,7 @@ name: bzip2 state: installed register: result - until: result | success + until: result is succeeded - name: Download Bins | Download Contiv tar file get_url: diff --git a/roles/contiv/tasks/netplugin.yml b/roles/contiv/tasks/netplugin.yml index cf92a8cc0..540f6e4bc 100644 --- a/roles/contiv/tasks/netplugin.yml +++ b/roles/contiv/tasks/netplugin.yml @@ -101,15 +101,15 @@ - name: systemd reload command: systemctl daemon-reload - when: docker_updated|changed + when: docker_updated is changed - name: Docker | Restart docker service: name: "{{ openshift_docker_service_name }}" state: restarted - when: docker_updated|changed + when: docker_updated is changed register: l_docker_restart_docker_in_contiv_result - until: not l_docker_restart_docker_in_contiv_result | failed + until: not (l_docker_restart_docker_in_contiv_result is failed) retries: 3 delay: 30 diff --git a/roles/contiv/tasks/pkgMgrInstallers/centos-install.yml b/roles/contiv/tasks/pkgMgrInstallers/centos-install.yml index a4d260279..53c5b4099 100644 --- a/roles/contiv/tasks/pkgMgrInstallers/centos-install.yml +++ b/roles/contiv/tasks/pkgMgrInstallers/centos-install.yml @@ -4,7 +4,7 @@ pkg=net-tools state=latest register: result - until: result | success + until: result is succeeded - name: PkgMgr RHEL/CentOS | Get openstack ocata rpm get_url: @@ -23,7 +23,7 @@ tags: - ovs_install register: result - until: result | success + until: result is succeeded - name: PkgMgr RHEL/CentOS | Install ovs yum: @@ -36,4 +36,4 @@ tags: - ovs_install register: result - until: result | success + until: result is succeeded diff --git a/roles/contiv_facts/tasks/fedora-install.yml b/roles/contiv_facts/tasks/fedora-install.yml index a57f6eb19..932ff091a 100644 --- a/roles/contiv_facts/tasks/fedora-install.yml +++ b/roles/contiv_facts/tasks/fedora-install.yml @@ -4,7 +4,7 @@ name: dnf state: installed register: result - until: result | success + until: result is succeeded - name: Update repo cache command: dnf update -y diff --git a/roles/etcd/tasks/auxiliary/drop_etcdctl.yml b/roles/etcd/tasks/auxiliary/drop_etcdctl.yml index 603f2531f..ccfd9da14 100644 --- a/roles/etcd/tasks/auxiliary/drop_etcdctl.yml +++ b/roles/etcd/tasks/auxiliary/drop_etcdctl.yml @@ -3,7 +3,7 @@ package: name=etcd{{ '-' + etcd_version if etcd_version is defined else '' }} state=present when: not openshift.common.is_atomic | bool register: result - until: result | success + until: result is succeeded - name: Configure etcd profile.d aliases template: diff --git a/roles/etcd/tasks/backup/backup.yml b/roles/etcd/tasks/backup/backup.yml index 9da023dbd..acd1bb0bc 100644 --- a/roles/etcd/tasks/backup/backup.yml +++ b/roles/etcd/tasks/backup/backup.yml @@ -44,7 +44,7 @@ - r_etcd_common_embedded_etcd | bool - not l_ostree_booted.stat.exists | bool register: result - until: result | success + until: result is succeeded - name: Check selinux label of '{{ etcd_data_dir }}' command: > diff --git a/roles/etcd/tasks/certificates/deploy_ca.yml b/roles/etcd/tasks/certificates/deploy_ca.yml index bd4dafafd..ebaff353b 100644 --- a/roles/etcd/tasks/certificates/deploy_ca.yml +++ b/roles/etcd/tasks/certificates/deploy_ca.yml @@ -7,7 +7,7 @@ delegate_to: "{{ etcd_ca_host }}" run_once: true register: result - until: result | success + until: result is succeeded - file: path: "{{ item }}" diff --git a/roles/etcd/tasks/certificates/fetch_server_certificates_from_ca.yml b/roles/etcd/tasks/certificates/fetch_server_certificates_from_ca.yml index f4726940a..deb2301d7 100644 --- a/roles/etcd/tasks/certificates/fetch_server_certificates_from_ca.yml +++ b/roles/etcd/tasks/certificates/fetch_server_certificates_from_ca.yml @@ -5,7 +5,7 @@ state: present when: not etcd_is_containerized | bool register: result - until: result | success + until: result is succeeded - name: Check status of etcd certificates stat: diff --git a/roles/etcd/tasks/main.yml b/roles/etcd/tasks/main.yml index b2100801f..12e41667e 100644 --- a/roles/etcd/tasks/main.yml +++ b/roles/etcd/tasks/main.yml @@ -13,7 +13,7 @@ package: name=etcd{{ '-' + etcd_version if etcd_version is defined else '' }} state=present when: not etcd_is_containerized | bool register: result - until: result | success + until: result is succeeded - include_tasks: drop_etcdctl.yml when: @@ -93,7 +93,9 @@ daemon_reload: yes when: not l_is_etcd_system_container | bool register: task_result - failed_when: task_result|failed and 'could not' not in task_result.msg|lower + failed_when: + - task_result is failed + - ('could not' not in task_result.msg|lower) - name: Install etcd container service file template: @@ -131,4 +133,4 @@ - name: Set fact etcd_service_status_changed set_fact: - etcd_service_status_changed: "{{ start_result | changed }}" + etcd_service_status_changed: "{{ start_result is changed }}" diff --git a/roles/etcd/tasks/system_container.yml b/roles/etcd/tasks/system_container.yml index ca8b6a707..e37652536 100644 --- a/roles/etcd/tasks/system_container.yml +++ b/roles/etcd/tasks/system_container.yml @@ -29,7 +29,9 @@ masked: no daemon_reload: yes register: task_result - failed_when: task_result|failed and 'could not' not in task_result.msg|lower + failed_when: + - task_result is failed + - ('could not' not in task_result.msg|lower) when: "'etcd' not in etcd_result.stdout" - name: Disable etcd_container @@ -39,7 +41,9 @@ enabled: no daemon_reload: yes register: task_result - failed_when: task_result|failed and 'could not' not in task_result.msg|lower + failed_when: + - task_result is failed + - ('could not' not in task_result.msg|lower) - name: Remove etcd_container.service file: diff --git a/roles/etcd/tasks/upgrade/upgrade_image.yml b/roles/etcd/tasks/upgrade/upgrade_image.yml index 6e712ba74..13bb0faca 100644 --- a/roles/etcd/tasks/upgrade/upgrade_image.yml +++ b/roles/etcd/tasks/upgrade/upgrade_image.yml @@ -45,7 +45,7 @@ state: latest when: not l_ostree_booted.stat.exists | bool register: result - until: result | success + until: result is succeeded - name: Verify cluster is healthy command: "{{ etcdctlv2 }} cluster-health" diff --git a/roles/etcd/tasks/upgrade/upgrade_rpm.yml b/roles/etcd/tasks/upgrade/upgrade_rpm.yml index e98def46e..180ed4135 100644 --- a/roles/etcd/tasks/upgrade/upgrade_rpm.yml +++ b/roles/etcd/tasks/upgrade/upgrade_rpm.yml @@ -19,7 +19,7 @@ name: "{{ l_etcd_target_package }}" state: latest register: result - until: result | success + until: result is succeeded - lineinfile: destfile: "{{ etcd_conf_file }}" diff --git a/roles/flannel/handlers/main.yml b/roles/flannel/handlers/main.yml index 705d39f9a..7d79bd3d4 100644 --- a/roles/flannel/handlers/main.yml +++ b/roles/flannel/handlers/main.yml @@ -9,7 +9,7 @@ name: "{{ openshift_docker_service_name }}" state: restarted register: l_docker_restart_docker_in_flannel_result - until: not l_docker_restart_docker_in_flannel_result | failed + until: not (l_docker_restart_docker_in_flannel_result is failed) retries: 3 delay: 30 @@ -18,6 +18,6 @@ name: "{{ openshift_service_type }}-node" state: restarted register: l_restart_node_result - until: not l_restart_node_result | failed + until: not (l_restart_node_result is failed) retries: 3 delay: 30 diff --git a/roles/flannel/tasks/main.yml b/roles/flannel/tasks/main.yml index befe1b2e6..9b9250f31 100644 --- a/roles/flannel/tasks/main.yml +++ b/roles/flannel/tasks/main.yml @@ -4,7 +4,7 @@ package: name=flannel state=present when: not openshift.common.is_atomic | bool register: result - until: result | success + until: result is succeeded - name: Set flannel etcd options become: yes diff --git a/roles/nickhammond.logrotate/tasks/main.yml b/roles/nickhammond.logrotate/tasks/main.yml index 32d3acb86..677f206ea 100644 --- a/roles/nickhammond.logrotate/tasks/main.yml +++ b/roles/nickhammond.logrotate/tasks/main.yml @@ -3,7 +3,7 @@ package: name=logrotate state=present when: not openshift.common.is_atomic | bool register: result - until: result | success + until: result is succeeded - name: nickhammond.logrotate | Setup logrotate.d scripts template: diff --git a/roles/nuage_ca/tasks/main.yaml b/roles/nuage_ca/tasks/main.yaml index 46929fa1f..d96d0d802 100644 --- a/roles/nuage_ca/tasks/main.yaml +++ b/roles/nuage_ca/tasks/main.yaml @@ -3,7 +3,7 @@ package: name=openssl state=present when: not openshift.common.is_atomic | bool register: result - until: result | success + until: result is succeeded - name: Create CA directory file: path="{{ nuage_ca_dir }}" state=directory diff --git a/roles/openshift_ca/tasks/main.yml b/roles/openshift_ca/tasks/main.yml index eb00f13db..ea4702248 100644 --- a/roles/openshift_ca/tasks/main.yml +++ b/roles/openshift_ca/tasks/main.yml @@ -13,13 +13,13 @@ state: present when: not openshift.common.is_containerized | bool register: install_result - until: install_result | success + until: install_result is succeeded delegate_to: "{{ openshift_ca_host }}" run_once: true - name: Reload generated facts openshift_facts: - when: hostvars[openshift_ca_host].install_result | changed + when: hostvars[openshift_ca_host].install_result is changed - name: Create openshift_ca_config_dir if it does not exist file: diff --git a/roles/openshift_cli/tasks/main.yml b/roles/openshift_cli/tasks/main.yml index 888aa8f0c..68d82e436 100644 --- a/roles/openshift_cli/tasks/main.yml +++ b/roles/openshift_cli/tasks/main.yml @@ -3,7 +3,7 @@ package: name={{ openshift_service_type }}-clients{{ openshift_pkg_version | default('') }} state=present when: not openshift.common.is_containerized | bool register: result - until: result | success + until: result is succeeded - block: - name: Pull CLI Image @@ -44,4 +44,4 @@ package: name=bash-completion state=present when: not openshift.common.is_containerized | bool register: result - until: result | success + until: result is succeeded diff --git a/roles/openshift_clock/tasks/main.yaml b/roles/openshift_clock/tasks/main.yaml index 82c73b583..cdacdd042 100644 --- a/roles/openshift_clock/tasks/main.yaml +++ b/roles/openshift_clock/tasks/main.yaml @@ -10,7 +10,7 @@ - openshift_clock_enabled | bool - chrony_installed.rc != 0 register: result - until: result | success + until: result is succeeded - name: Start and enable ntpd/chronyd command: timedatectl set-ntp true diff --git a/roles/openshift_excluder/tasks/install.yml b/roles/openshift_excluder/tasks/install.yml index 3ac55894f..ad7c00d14 100644 --- a/roles/openshift_excluder/tasks/install.yml +++ b/roles/openshift_excluder/tasks/install.yml @@ -14,7 +14,7 @@ - r_openshift_excluder_enable_docker_excluder | bool - ansible_pkg_mgr == "yum" register: result - until: result | success + until: result is succeeded # For DNF we do not need the "*" and if we add it, it causes an error because @@ -29,7 +29,7 @@ - r_openshift_excluder_enable_docker_excluder | bool - ansible_pkg_mgr == "dnf" register: result - until: result | success + until: result is succeeded - name: Install openshift excluder - yum package: @@ -39,7 +39,7 @@ - r_openshift_excluder_enable_openshift_excluder | bool - ansible_pkg_mgr == "yum" register: result - until: result | success + until: result is succeeded # For DNF we do not need the "*" and if we add it, it causes an error because # it's not a valid pkg_spec @@ -53,7 +53,7 @@ - r_openshift_excluder_enable_openshift_excluder | bool - ansible_pkg_mgr == "dnf" register: result - until: result | success + until: result is succeeded - set_fact: r_openshift_excluder_install_ran: True diff --git a/roles/openshift_excluder/tasks/verify_excluder.yml b/roles/openshift_excluder/tasks/verify_excluder.yml index c35639c1b..4f5277fa2 100644 --- a/roles/openshift_excluder/tasks/verify_excluder.yml +++ b/roles/openshift_excluder/tasks/verify_excluder.yml @@ -29,4 +29,4 @@ msg: "Available {{ excluder }} version {{ excluder_version }} is higher than the upgrade target version" when: - excluder_version != '' - - excluder_version.split('.')[0:2] | join('.') | version_compare(r_openshift_excluder_upgrade_target.split('.')[0:2] | join('.'), '>', strict=True) + - excluder_version.split('.')[0:2] | join('.') is version_compare(r_openshift_excluder_upgrade_target.split('.')[0:2] | join('.'), '>', strict=True) diff --git a/roles/openshift_expand_partition/tasks/main.yml b/roles/openshift_expand_partition/tasks/main.yml index b7acb0c5a..c7e21ba99 100644 --- a/roles/openshift_expand_partition/tasks/main.yml +++ b/roles/openshift_expand_partition/tasks/main.yml @@ -3,7 +3,7 @@ package: name=cloud-utils-growpart state=present when: not openshift.common.is_containerized | bool register: result - until: result | success + until: result is succeeded - name: Determine if growpart is installed command: "rpm -q cloud-utils-growpart" diff --git a/roles/openshift_facts/library/openshift_facts.py b/roles/openshift_facts/library/openshift_facts.py index a10ba9310..58e64994f 100755 --- a/roles/openshift_facts/library/openshift_facts.py +++ b/roles/openshift_facts/library/openshift_facts.py @@ -536,8 +536,7 @@ def set_aggregate_facts(facts): def set_deployment_facts_if_unset(facts): """ Set Facts that vary based on deployment_type. This currently - includes master.registry_url, node.registry_url, - node.storage_plugin_deps + includes master.registry_url, node.registry_url Args: facts (dict): existing facts @@ -564,11 +563,6 @@ def set_deployment_facts_if_unset(facts): if facts['common']['deployment_subtype'] == 'registry': facts['master']['disabled_features'] = openshift_features - if 'node' in facts: - deployment_type = facts['common']['deployment_type'] - if 'storage_plugin_deps' not in facts['node']: - facts['node']['storage_plugin_deps'] = ['ceph', 'glusterfs', 'iscsi'] - return facts @@ -792,62 +786,6 @@ def get_current_config(facts): return current_config -def build_kubelet_args(facts): - """Build node kubelet_args - -In the node-config.yaml file, kubeletArgument sub-keys have their -values provided as a list. Hence the gratuitous use of ['foo'] below. - """ - cloud_cfg_path = os.path.join( - facts['common']['config_base'], - 'cloudprovider') - - # We only have to do this stuff on hosts that are nodes - if 'node' in facts: - # Any changes to the kubeletArguments parameter are stored - # here first. - kubelet_args = {} - - if 'cloudprovider' in facts: - # EVERY cloud is special <3 - if 'kind' in facts['cloudprovider']: - if facts['cloudprovider']['kind'] == 'aws': - kubelet_args['cloud-provider'] = ['aws'] - kubelet_args['cloud-config'] = [cloud_cfg_path + '/aws.conf'] - if facts['cloudprovider']['kind'] == 'openstack': - kubelet_args['cloud-provider'] = ['openstack'] - kubelet_args['cloud-config'] = [cloud_cfg_path + '/openstack.conf'] - if facts['cloudprovider']['kind'] == 'gce': - kubelet_args['cloud-provider'] = ['gce'] - kubelet_args['cloud-config'] = [cloud_cfg_path + '/gce.conf'] - - # Automatically add node-labels to the kubeletArguments - # parameter. See BZ1359848 for additional details. - # - # Ref: https://bugzilla.redhat.com/show_bug.cgi?id=1359848 - if 'labels' in facts['node'] and isinstance(facts['node']['labels'], dict): - # tl;dr: os_node_labels="{'foo': 'bar', 'a': 'b'}" turns - # into ['foo=bar', 'a=b'] - # - # On the openshift_node_labels inventory variable we loop - # over each key-value tuple (from .items()) and join the - # key to the value with an '=' character, this produces a - # list. - # - # map() seems to be returning an itertools.imap object - # instead of a list. We cast it to a list ourselves. - # pylint: disable=unnecessary-lambda - labels_str = list(map(lambda x: '='.join(x), facts['node']['labels'].items())) - if labels_str != '': - kubelet_args['node-labels'] = labels_str - - # If we've added items to the kubelet_args dict then we need - # to merge the new items back into the main facts object. - if kubelet_args != {}: - facts = merge_facts({'node': {'kubelet_args': kubelet_args}}, facts, []) - return facts - - def build_controller_args(facts): """ Build master controller_args """ cloud_cfg_path = os.path.join(facts['common']['config_base'], @@ -1367,7 +1305,6 @@ def set_container_facts_if_unset(facts): deployment_type = facts['common']['deployment_type'] if deployment_type == 'openshift-enterprise': master_image = 'openshift3/ose' - node_image = 'openshift3/node' ovs_image = 'openshift3/openvswitch' pod_image = 'openshift3/ose-pod' router_image = 'openshift3/ose-haproxy-router' @@ -1375,7 +1312,6 @@ def set_container_facts_if_unset(facts): deployer_image = 'openshift3/ose-deployer' else: master_image = 'openshift/origin' - node_image = 'openshift/node' ovs_image = 'openshift/openvswitch' pod_image = 'openshift/origin-pod' router_image = 'openshift/origin-haproxy-router' @@ -1398,9 +1334,6 @@ def set_container_facts_if_unset(facts): facts['master']['master_image'] = master_image facts['master']['master_system_image'] = master_image if 'node' in facts: - if 'node_image' not in facts['node']: - facts['node']['node_image'] = node_image - facts['node']['node_system_image'] = node_image if 'ovs_image' not in facts['node']: facts['node']['ovs_image'] = ovs_image facts['node']['ovs_system_image'] = ovs_image @@ -1545,7 +1478,6 @@ class OpenShiftFacts(object): facts = set_deployment_facts_if_unset(facts) facts = set_sdn_facts_if_unset(facts, self.system_facts) facts = set_container_facts_if_unset(facts) - facts = build_kubelet_args(facts) facts = build_controller_args(facts) facts = build_api_server_args(facts) facts = set_version_facts_if_unset(facts) @@ -1607,10 +1539,7 @@ class OpenShiftFacts(object): max_requests_inflight=500) if 'node' in roles: - defaults['node'] = dict(labels={}, annotations={}, - iptables_sync_period='30s', - local_quota_per_fsgroup="", - set_node_ip=False) + defaults['node'] = dict(labels={}, annotations={}) if 'cloudprovider' in roles: defaults['cloudprovider'] = dict(kind=None) diff --git a/roles/openshift_loadbalancer/tasks/main.yml b/roles/openshift_loadbalancer/tasks/main.yml index 79c5793d9..7d23ea6c8 100644 --- a/roles/openshift_loadbalancer/tasks/main.yml +++ b/roles/openshift_loadbalancer/tasks/main.yml @@ -6,7 +6,7 @@ package: name=haproxy state=present when: not openshift.common.is_containerized | bool register: result - until: result | success + until: result is succeeded - name: Pull haproxy image command: > @@ -70,4 +70,4 @@ register: start_result - set_fact: - haproxy_start_result_changed: "{{ start_result | changed }}" + haproxy_start_result_changed: "{{ start_result is changed }}" diff --git a/roles/openshift_logging_fluentd/templates/fluentd.j2 b/roles/openshift_logging_fluentd/templates/fluentd.j2 index 10283316c..c6256cf49 100644 --- a/roles/openshift_logging_fluentd/templates/fluentd.j2 +++ b/roles/openshift_logging_fluentd/templates/fluentd.j2 @@ -130,7 +130,7 @@ spec: containerName: "{{ daemonset_container_name }}" resource: limits.memory - name: "FILE_BUFFER_LIMIT" - value: "{{ openshift_logging_fluentd_file_buffer_limit | default('256i') }}" + value: "{{ openshift_logging_fluentd_file_buffer_limit | default('256Mi') }}" {% if openshift_logging_mux_client_mode is defined and ((openshift_logging_mux_allow_external is defined and openshift_logging_mux_allow_external | bool) or (openshift_logging_use_mux is defined and openshift_logging_use_mux | bool)) %} diff --git a/roles/openshift_logging_mux/defaults/main.yml b/roles/openshift_logging_mux/defaults/main.yml index 1e6c501bf..db6f23126 100644 --- a/roles/openshift_logging_mux/defaults/main.yml +++ b/roles/openshift_logging_mux/defaults/main.yml @@ -63,4 +63,4 @@ openshift_logging_mux_file_buffer_pvc_access_modes: ['ReadWriteOnce'] openshift_logging_mux_file_buffer_storage_group: '65534' openshift_logging_mux_file_buffer_pvc_prefix: "logging-mux" -openshift_logging_mux_file_buffer_limit: 256Mi +openshift_logging_mux_file_buffer_limit: 2Gi diff --git a/roles/openshift_manage_node/tasks/main.yml b/roles/openshift_manage_node/tasks/main.yml index 247757ca9..af22a1a03 100644 --- a/roles/openshift_manage_node/tasks/main.yml +++ b/roles/openshift_manage_node/tasks/main.yml @@ -41,7 +41,7 @@ retries: 10 delay: 5 register: node_schedulable - until: node_schedulable|succeeded + until: node_schedulable is succeeded when: "'nodename' in openshift.node" delegate_to: "{{ openshift_master_host }}" @@ -50,10 +50,9 @@ name: "{{ openshift.node.nodename }}" kind: node state: add - labels: "{{ openshift.node.labels | oo_dict_to_list_of_dict }}" + labels: "{{ openshift_node_labels | oo_dict_to_list_of_dict }}" namespace: default when: - "'nodename' in openshift.node" - - "'labels' in openshift.node" - - openshift.node.labels != {} + - openshift_node_labels | default({}) != {} delegate_to: "{{ openshift_master_host }}" diff --git a/roles/openshift_master/tasks/journald.yml b/roles/openshift_master/tasks/journald.yml index a16cbe78e..6166062ed 100644 --- a/roles/openshift_master/tasks/journald.yml +++ b/roles/openshift_master/tasks/journald.yml @@ -26,4 +26,4 @@ delay: 5 register: result until: result.rc == 0 - when: journald_update | changed + when: journald_update is changed diff --git a/roles/openshift_master/tasks/main.yml b/roles/openshift_master/tasks/main.yml index 9be5508aa..7bfc870d5 100644 --- a/roles/openshift_master/tasks/main.yml +++ b/roles/openshift_master/tasks/main.yml @@ -21,7 +21,7 @@ when: - not openshift.common.is_containerized | bool register: result - until: result | success + until: result is succeeded - name: Create r_openshift_master_data_dir file: @@ -72,7 +72,7 @@ - not openshift.common.is_atomic | bool with_items: "{{ openshift.master.identity_providers }}" register: result - until: result | success + until: result is succeeded - name: Ensure htpasswd directory exists file: @@ -147,7 +147,7 @@ register: l_already_set - set_fact: - openshift_push_via_dns: "{{ openshift.common.version_gte_3_6 or (l_already_set.stdout is defined and l_already_set.stdout | match('OPENSHIFT_DEFAULT_REGISTRY=docker-registry.default.svc:5000')) }}" + openshift_push_via_dns: "{{ openshift.common.version_gte_3_6 or (l_already_set.stdout is defined and l_already_set.stdout is match('OPENSHIFT_DEFAULT_REGISTRY=docker-registry.default.svc:5000')) }}" - name: Set fact of all etcd host IPs openshift_facts: @@ -209,17 +209,17 @@ when: - inventory_hostname == openshift_master_hosts[0] register: l_start_result - until: not l_start_result | failed + until: not (l_start_result is failed) retries: 1 delay: 60 - name: Dump logs from master-api if it failed command: journalctl --no-pager -n 100 -u {{ openshift_service_type }}-master-api when: - - l_start_result | failed + - l_start_result is failed - set_fact: - master_api_service_status_changed: "{{ l_start_result | changed }}" + master_api_service_status_changed: "{{ l_start_result is changed }}" when: - inventory_hostname == openshift_master_hosts[0] @@ -236,17 +236,17 @@ when: - inventory_hostname != openshift_master_hosts[0] register: l_start_result - until: not l_start_result | failed + until: not (l_start_result is failed) retries: 1 delay: 60 - name: Dump logs from master-api if it failed command: journalctl --no-pager -n 100 -u {{ openshift_service_type }}-master-api when: - - l_start_result | failed + - l_start_result is failed - set_fact: - master_api_service_status_changed: "{{ l_start_result | changed }}" + master_api_service_status_changed: "{{ l_start_result is changed }}" when: - inventory_hostname != openshift_master_hosts[0] @@ -262,18 +262,18 @@ enabled: yes state: started register: l_start_result - until: not l_start_result | failed + until: not (l_start_result is failed) retries: 1 delay: 60 - name: Dump logs from master-controllers if it failed command: journalctl --no-pager -n 100 -u {{ openshift_service_type }}-master-controllers when: - - l_start_result | failed + - l_start_result is failed - name: Set fact master_controllers_service_status_changed set_fact: - master_controllers_service_status_changed: "{{ l_start_result | changed }}" + master_controllers_service_status_changed: "{{ l_start_result is changed }}" - name: node bootstrap settings include_tasks: bootstrap.yml diff --git a/roles/openshift_master/tasks/set_loopback_context.yml b/roles/openshift_master/tasks/set_loopback_context.yml index 308b2f4cd..487fefb63 100644 --- a/roles/openshift_master/tasks/set_loopback_context.yml +++ b/roles/openshift_master/tasks/set_loopback_context.yml @@ -23,12 +23,12 @@ {{ openshift.master.loopback_context_name }} --config={{ openshift_master_loopback_config }} when: - - set_loopback_cluster | changed + - set_loopback_cluster is changed register: l_set_loopback_context - command: > {{ openshift.common.client_binary }} config use-context {{ openshift.master.loopback_context_name }} --config={{ openshift_master_loopback_config }} when: - - l_set_loopback_context | changed + - l_set_loopback_context is changed register: set_current_context diff --git a/roles/openshift_master/tasks/systemd_units.yml b/roles/openshift_master/tasks/systemd_units.yml index 76b6f46aa..1c9ecafaa 100644 --- a/roles/openshift_master/tasks/systemd_units.yml +++ b/roles/openshift_master/tasks/systemd_units.yml @@ -50,7 +50,7 @@ - command: systemctl daemon-reload when: - - l_create_ha_unit_files | changed + - l_create_ha_unit_files is changed # end workaround for missing systemd unit files - name: enable master services diff --git a/roles/openshift_master/tasks/upgrade/rpm_upgrade.yml b/roles/openshift_master/tasks/upgrade/rpm_upgrade.yml index f50b91ff5..f72710832 100644 --- a/roles/openshift_master/tasks/upgrade/rpm_upgrade.yml +++ b/roles/openshift_master/tasks/upgrade/rpm_upgrade.yml @@ -19,4 +19,4 @@ - "{{ openshift_service_type }}-clients{{ openshift_pkg_version }}" - "tuned-profiles-{{ openshift_service_type }}-node{{ openshift_pkg_version }}" register: result - until: result | success + until: result is succeeded diff --git a/roles/openshift_metrics/tasks/install_hawkular.yaml b/roles/openshift_metrics/tasks/install_hawkular.yaml index b63f5ca8c..a4ffa1890 100644 --- a/roles/openshift_metrics/tasks/install_hawkular.yaml +++ b/roles/openshift_metrics/tasks/install_hawkular.yaml @@ -23,15 +23,15 @@ - block: - set_fact: hawkular_key={{ lookup('file', openshift_metrics_hawkular_key) }} - when: openshift_metrics_hawkular_key | exists + when: openshift_metrics_hawkular_key is exists changed_when: false - set_fact: hawkular_cert={{ lookup('file', openshift_metrics_hawkular_cert) }} - when: openshift_metrics_hawkular_cert | exists + when: openshift_metrics_hawkular_cert is exists changed_when: false - set_fact: hawkular_ca={{ lookup('file', openshift_metrics_hawkular_ca) }} - when: openshift_metrics_hawkular_ca | exists + when: openshift_metrics_hawkular_ca is exists changed_when: false - name: generate the hawkular-metrics route diff --git a/roles/openshift_nfs/tasks/create_export.yml b/roles/openshift_nfs/tasks/create_export.yml index b0b888d56..5fcdbf76e 100644 --- a/roles/openshift_nfs/tasks/create_export.yml +++ b/roles/openshift_nfs/tasks/create_export.yml @@ -31,4 +31,4 @@ - name: Re-export NFS filesystems command: exportfs -ar when: - - created_export | changed + - created_export is changed diff --git a/roles/openshift_nfs/tasks/setup.yml b/roles/openshift_nfs/tasks/setup.yml index 1aa7e7079..bd8fb44a2 100644 --- a/roles/openshift_nfs/tasks/setup.yml +++ b/roles/openshift_nfs/tasks/setup.yml @@ -5,7 +5,7 @@ - name: Install nfs-utils package: name=nfs-utils state=present register: result - until: result | success + until: result is succeeded - name: Configure NFS lineinfile: @@ -16,7 +16,7 @@ - name: Restart nfs-config systemd: name=nfs-config state=restarted - when: nfs_config | changed + when: nfs_config is changed - name: Ensure exports directory exists file: diff --git a/roles/openshift_node/defaults/main.yml b/roles/openshift_node/defaults/main.yml index fff927944..906c76fba 100644 --- a/roles/openshift_node/defaults/main.yml +++ b/roles/openshift_node/defaults/main.yml @@ -1,6 +1,48 @@ --- openshift_node_debug_level: "{{ debug_level | default(2) }}" - +openshift_node_iptables_sync_period: '30s' +osn_storage_plugin_deps: +- ceph +- glusterfs +- iscsi +openshift_node_local_quota_per_fsgroup: "" +openshift_node_proxy_mode: iptables +openshift_set_node_ip: False +openshift_config_base: '/etc/origin' + +# Create list of 'k=v' pairs. +l_node_kubelet_node_labels: "{{ openshift_node_labels | default({}) | oo_dict_to_keqv_list }}" + +openshift_node_kubelet_args_dict: + aws: + cloud-provider: + - aws + cloud-config: + - "{{ openshift_config_base ~ '/aws.conf' }}" + node-labels: "{{ l_node_kubelet_node_labels }}" + openstack: + cloud-provider: + - openstack + cloud-config: + - "{{ openshift_config_base ~ '/openstack.conf' }}" + node-labels: "{{ l_node_kubelet_node_labels }}" + gce: + cloud-provider: + - gce + cloud-config: + - "{{ openshift_config_base ~ '/gce.conf' }}" + node-labels: "{{ l_node_kubelet_node_labels }}" + undefined: + node-labels: "{{ l_node_kubelet_node_labels }}" + +l_node_kubelet_args_default: "{{ openshift_node_kubelet_args_dict[openshift_cloudprovider_kind | default('undefined')] }}" + +l_openshift_node_kubelet_args: "{{ openshift_node_kubelet_args | default({}) }}" +# Combine the default kubelet_args dictionary (based on cloud provider, if provided) +# with user-supplied openshift_node_kubelet_args. +# openshift_node_kubelet_args will override the defaults, if keys and/or subkeys +# are present in both. +l2_openshift_node_kubelet_args: "{{ l_node_kubelet_args_default | combine(l_openshift_node_kubelet_args, recursive=True) }}" openshift_node_dnsmasq_install_network_manager_hook: true # lo must always be present in this list or dnsmasq will conflict with @@ -14,10 +56,15 @@ r_openshift_node_use_firewalld: "{{ os_firewall_use_firewalld | default(False) } l_is_node_system_container: "{{ (openshift_use_node_system_container | default(openshift_use_system_containers | default(false)) | bool) }}" openshift_deployment_type: "{{ openshift_deployment_type | default('origin') }}" + +openshift_node_image_dict: + origin: 'openshift/node' + openshift-enterprise: 'openshift3/node' +osn_image: "{{ openshift_node_image_dict[openshift_deployment_type] }}" + openshift_service_type_dict: origin: origin openshift-enterprise: atomic-openshift - openshift_service_type: "{{ openshift_service_type_dict[openshift_deployment_type] }}" system_images_registry_dict: diff --git a/roles/openshift_node/handlers/main.yml b/roles/openshift_node/handlers/main.yml index 1d9797f84..62e0e1341 100644 --- a/roles/openshift_node/handlers/main.yml +++ b/roles/openshift_node/handlers/main.yml @@ -24,7 +24,7 @@ - openshift_node_use_openshift_sdn | bool - not openshift_node_bootstrap register: l_openshift_node_stop_openvswitch_result - until: not l_openshift_node_stop_openvswitch_result | failed + until: not (l_openshift_node_stop_openvswitch_result is failed) retries: 3 delay: 30 notify: @@ -41,7 +41,7 @@ name: "{{ openshift_service_type }}-node" state: restarted register: l_openshift_node_restart_node_result - until: not l_openshift_node_restart_node_result | failed + until: not (l_openshift_node_restart_node_result is failed) retries: 3 delay: 30 when: diff --git a/roles/openshift_node/tasks/bootstrap.yml b/roles/openshift_node/tasks/bootstrap.yml index a042bc01b..1a6f209e0 100644 --- a/roles/openshift_node/tasks/bootstrap.yml +++ b/roles/openshift_node/tasks/bootstrap.yml @@ -5,7 +5,7 @@ state: present with_items: "{{ r_openshift_node_image_prep_packages }}" register: result - until: result | success + until: result is succeeded - name: create the directory for node file: diff --git a/roles/openshift_node/tasks/config.yml b/roles/openshift_node/tasks/config.yml index 5d66de0a3..a96785d5c 100644 --- a/roles/openshift_node/tasks/config.yml +++ b/roles/openshift_node/tasks/config.yml @@ -16,17 +16,17 @@ - openshift.common.is_containerized | bool - openshift_node_use_openshift_sdn | default(true) | bool register: ovs_start_result - until: not ovs_start_result | failed + until: not (ovs_start_result is failed) retries: 3 delay: 30 - set_fact: - ovs_service_status_changed: "{{ ovs_start_result | changed }}" + ovs_service_status_changed: "{{ ovs_start_result is changed }}" - file: - dest: "{{ (openshift_node_kubelet_args|default({'config':None})).config}}" + dest: "{{ l2_openshift_node_kubelet_args['config'] }}" state: directory - when: openshift_node_kubelet_args is defined and 'config' in openshift_node_kubelet_args + when: ('config' in l2_openshift_node_kubelet_args) | bool # TODO: add the validate parameter when there is a validation command to run - name: Create the Node config @@ -93,19 +93,19 @@ state: started daemon_reload: yes register: node_start_result - until: not node_start_result | failed + until: not node_start_result is failed retries: 1 delay: 30 ignore_errors: true - name: Dump logs from node service if it failed command: journalctl --no-pager -n 100 -u {{ openshift_service_type }}-node - when: node_start_result | failed + when: node_start_result is failed - name: Abort if node failed to start fail: msg: Node failed to start please inspect the logs and try again - when: node_start_result | failed + when: node_start_result is failed - set_fact: - node_service_status_changed: "{{ node_start_result | changed }}" + node_service_status_changed: "{{ node_start_result is changed }}" diff --git a/roles/openshift_node/tasks/dnsmasq/no-network-manager.yml b/roles/openshift_node/tasks/dnsmasq/no-network-manager.yml index 541c8115a..5d2c67b86 100644 --- a/roles/openshift_node/tasks/dnsmasq/no-network-manager.yml +++ b/roles/openshift_node/tasks/dnsmasq/no-network-manager.yml @@ -8,6 +8,6 @@ state: present notify: restart NetworkManager register: result - until: result | success + until: result is succeeded - include_tasks: network-manager.yml diff --git a/roles/openshift_node/tasks/dnsmasq_install.yml b/roles/openshift_node/tasks/dnsmasq_install.yml index 9f66bf12d..0c8857b11 100644 --- a/roles/openshift_node/tasks/dnsmasq_install.yml +++ b/roles/openshift_node/tasks/dnsmasq_install.yml @@ -14,7 +14,7 @@ package: name=dnsmasq state=installed when: not openshift.common.is_atomic | bool register: result - until: result | success + until: result is succeeded - name: ensure origin/node directory exists file: diff --git a/roles/openshift_node/tasks/install.yml b/roles/openshift_node/tasks/install.yml index f93aed246..9f004e8dd 100644 --- a/roles/openshift_node/tasks/install.yml +++ b/roles/openshift_node/tasks/install.yml @@ -6,7 +6,7 @@ name: "{{ openshift_service_type }}-node{{ (openshift_pkg_version | default('')) | oo_image_tag_to_rpm_version(include_dash=True) }}" state: present register: result - until: result | success + until: result is succeeded - name: Install sdn-ovs package package: @@ -15,14 +15,14 @@ when: - openshift_node_use_openshift_sdn | bool register: result - until: result | success + until: result is succeeded - name: Install conntrack-tools package package: name: "conntrack-tools" state: present register: result - until: result | success + until: result is succeeded - when: - openshift.common.is_containerized | bool @@ -30,6 +30,6 @@ block: - name: Pre-pull node image when containerized command: > - docker pull {{ openshift.node.node_image }}:{{ openshift_image_tag }} + docker pull {{ osn_image }}:{{ openshift_image_tag }} register: pull_result changed_when: "'Downloaded newer image' in pull_result.stdout" diff --git a/roles/openshift_node/tasks/main.yml b/roles/openshift_node/tasks/main.yml index 946deb4d3..2daa6c75f 100644 --- a/roles/openshift_node/tasks/main.yml +++ b/roles/openshift_node/tasks/main.yml @@ -52,7 +52,9 @@ state: restarted when: openshift_use_crio register: task_result - failed_when: task_result|failed and 'could not find the requested service' not in task_result.msg|lower + failed_when: + - task_result is failed + - ('could not find the requested service' not in task_result.msg|lower) - name: restart NetworkManager to ensure resolv.conf is present systemd: @@ -83,15 +85,15 @@ - name: GlusterFS storage plugin configuration include_tasks: storage_plugins/glusterfs.yml - when: "'glusterfs' in openshift.node.storage_plugin_deps" + when: "'glusterfs' in osn_storage_plugin_deps" - name: Ceph storage plugin configuration include_tasks: storage_plugins/ceph.yml - when: "'ceph' in openshift.node.storage_plugin_deps" + when: "'ceph' in osn_storage_plugin_deps" - name: iSCSI storage plugin configuration include_tasks: storage_plugins/iscsi.yml - when: "'iscsi' in openshift.node.storage_plugin_deps" + when: "'iscsi' in osn_storage_plugin_deps" ##### END Storage ##### diff --git a/roles/openshift_node/tasks/node_system_container.yml b/roles/openshift_node/tasks/node_system_container.yml index 98978ec6f..06b879050 100644 --- a/roles/openshift_node/tasks/node_system_container.yml +++ b/roles/openshift_node/tasks/node_system_container.yml @@ -2,14 +2,14 @@ - name: Pre-pull node system container image command: > - atomic pull --storage=ostree {{ 'docker:' if system_images_registry == 'docker' else system_images_registry + '/' }}{{ openshift.node.node_system_image }}:{{ openshift_image_tag }} + atomic pull --storage=ostree {{ 'docker:' if system_images_registry == 'docker' else system_images_registry + '/' }}{{ osn_image }}:{{ openshift_image_tag }} register: pull_result changed_when: "'Pulling layer' in pull_result.stdout" - name: Install or Update node system container oc_atomic_container: name: "{{ openshift_service_type }}-node" - image: "{{ 'docker:' if system_images_registry == 'docker' else system_images_registry + '/' }}{{ openshift.node.node_system_image }}:{{ openshift_image_tag }}" + image: "{{ 'docker:' if system_images_registry == 'docker' else system_images_registry + '/' }}{{ osn_image }}:{{ openshift_image_tag }}" values: - "DNS_DOMAIN={{ openshift.common.dns_domain }}" - "DOCKER_SERVICE={{ openshift_docker_service_name }}.service" diff --git a/roles/openshift_node/tasks/storage_plugins/ceph.yml b/roles/openshift_node/tasks/storage_plugins/ceph.yml index 72a3b837f..52d80357e 100644 --- a/roles/openshift_node/tasks/storage_plugins/ceph.yml +++ b/roles/openshift_node/tasks/storage_plugins/ceph.yml @@ -3,4 +3,4 @@ package: name=ceph-common state=present when: not openshift.common.is_atomic | bool register: result - until: result | success + until: result is succeeded diff --git a/roles/openshift_node/tasks/storage_plugins/glusterfs.yml b/roles/openshift_node/tasks/storage_plugins/glusterfs.yml index 08ea71a0c..e60f57ae7 100644 --- a/roles/openshift_node/tasks/storage_plugins/glusterfs.yml +++ b/roles/openshift_node/tasks/storage_plugins/glusterfs.yml @@ -3,7 +3,7 @@ package: name=glusterfs-fuse state=present when: not openshift.common.is_atomic | bool register: result - until: result | success + until: result is succeeded - name: Check for existence of fusefs sebooleans command: getsebool {{ item }} @@ -31,7 +31,7 @@ # since getsebool prints the resolved name. (At some point Ansible's seboolean module # should learn to deal with aliases) - item.item in item.stdout # Boolean does not have an alias. - - ansible_python_version | version_compare('3', '<') + - ansible_python_version is version_compare('3', '<') with_items: "{{ fusefs_getsebool_status.results }}" # Workaround for https://github.com/openshift/openshift-ansible/issues/4438 @@ -52,5 +52,5 @@ # should learn to deal with aliases) - item.item in item.stdout # Boolean does not have an alias. - ('--> off' in item.stdout) # Boolean is currently off. - - ansible_python_version | version_compare('3', '>=') + - ansible_python_version is version_compare('3', '>=') with_items: "{{ fusefs_getsebool_status.results }}" diff --git a/roles/openshift_node/tasks/storage_plugins/iscsi.yml b/roles/openshift_node/tasks/storage_plugins/iscsi.yml index ece68dc71..d3a3668d5 100644 --- a/roles/openshift_node/tasks/storage_plugins/iscsi.yml +++ b/roles/openshift_node/tasks/storage_plugins/iscsi.yml @@ -3,4 +3,4 @@ package: name=iscsi-initiator-utils state=present when: not openshift.common.is_atomic | bool register: result - until: result | success + until: result is succeeded diff --git a/roles/openshift_node/tasks/storage_plugins/nfs.yml b/roles/openshift_node/tasks/storage_plugins/nfs.yml index 5eacf42e8..1484aa076 100644 --- a/roles/openshift_node/tasks/storage_plugins/nfs.yml +++ b/roles/openshift_node/tasks/storage_plugins/nfs.yml @@ -3,7 +3,7 @@ package: name=nfs-utils state=present when: not openshift.common.is_atomic | bool register: result - until: result | success + until: result is succeeded - name: Check for existence of nfs sebooleans command: getsebool {{ item }} @@ -31,7 +31,7 @@ # since getsebool prints the resolved name. (At some point Ansible's seboolean module # should learn to deal with aliases) - item.item in item.stdout # Boolean does not have an alias. - - ansible_python_version | version_compare('3', '<') + - ansible_python_version is version_compare('3', '<') with_items: "{{ nfs_getsebool_status.results }}" # Workaround for https://github.com/openshift/openshift-ansible/issues/4438 @@ -52,5 +52,5 @@ # should learn to deal with aliases) - item.item in item.stdout # Boolean does not have an alias. - ('--> off' in item.stdout) # Boolean is currently off. - - ansible_python_version | version_compare('3', '>=') + - ansible_python_version is version_compare('3', '>=') with_items: "{{ nfs_getsebool_status.results }}" diff --git a/roles/openshift_node/tasks/upgrade.yml b/roles/openshift_node/tasks/upgrade.yml index 87556533a..f0a013e45 100644 --- a/roles/openshift_node/tasks/upgrade.yml +++ b/roles/openshift_node/tasks/upgrade.yml @@ -17,7 +17,7 @@ - name: download docker upgrade rpm command: "{{ ansible_pkg_mgr }} install -C -y docker{{ '-' + docker_version }}" register: result - until: result | success + until: result is succeeded when: - l_docker_upgrade is defined - l_docker_upgrade | bool diff --git a/roles/openshift_node/tasks/upgrade/config_changes.yml b/roles/openshift_node/tasks/upgrade/config_changes.yml index e22018e6d..439700df6 100644 --- a/roles/openshift_node/tasks/upgrade/config_changes.yml +++ b/roles/openshift_node/tasks/upgrade/config_changes.yml @@ -74,4 +74,4 @@ # require a service to be part of the call. - name: Reload systemd units command: systemctl daemon-reload - when: l_node_unit | changed + when: l_node_unit is changed diff --git a/roles/openshift_node/tasks/upgrade/containerized_upgrade_pull.yml b/roles/openshift_node/tasks/upgrade/containerized_upgrade_pull.yml index 71f00dcd2..3e7455bbb 100644 --- a/roles/openshift_node/tasks/upgrade/containerized_upgrade_pull.yml +++ b/roles/openshift_node/tasks/upgrade/containerized_upgrade_pull.yml @@ -1,7 +1,7 @@ --- - name: Pre-pull node image command: > - docker pull {{ openshift.node.node_image }}:{{ openshift_image_tag }} + docker pull {{ osn_image }}:{{ openshift_image_tag }} register: pull_result changed_when: "'Downloaded newer image' in pull_result.stdout" diff --git a/roles/openshift_node/tasks/upgrade/restart.yml b/roles/openshift_node/tasks/upgrade/restart.yml index 717cfa712..45b0be0a0 100644 --- a/roles/openshift_node/tasks/upgrade/restart.yml +++ b/roles/openshift_node/tasks/upgrade/restart.yml @@ -27,7 +27,7 @@ name: "{{ openshift_docker_service_name }}" state: started register: docker_start_result - until: not docker_start_result | failed + until: not (docker_start_result is failed) retries: 3 delay: 30 diff --git a/roles/openshift_node/tasks/upgrade/rpm_upgrade.yml b/roles/openshift_node/tasks/upgrade/rpm_upgrade.yml index d2864e6b8..cc9a8f2d9 100644 --- a/roles/openshift_node/tasks/upgrade/rpm_upgrade.yml +++ b/roles/openshift_node/tasks/upgrade/rpm_upgrade.yml @@ -9,7 +9,7 @@ - name: download new node packages command: "{{ ansible_pkg_mgr }} install -y --downloadonly {{ openshift_node_upgrade_rpm_list | join(' ')}}" register: result - until: result | success + until: result is succeeded vars: openshift_node_upgrade_rpm_list: - "{{ openshift_service_type }}-node{{ openshift_pkg_version }}" @@ -21,4 +21,4 @@ - name: download openvswitch upgrade rpm command: "{{ ansible_pkg_mgr }} update -y --downloadonly openvswitch" register: result - until: result | success + until: result is succeeded diff --git a/roles/openshift_node/tasks/upgrade/rpm_upgrade_install.yml b/roles/openshift_node/tasks/upgrade/rpm_upgrade_install.yml index 6390be558..32eeb76c6 100644 --- a/roles/openshift_node/tasks/upgrade/rpm_upgrade_install.yml +++ b/roles/openshift_node/tasks/upgrade/rpm_upgrade_install.yml @@ -11,7 +11,7 @@ - name: download new node packages command: "{{ ansible_pkg_mgr }} install -C -y {{ openshift_node_upgrade_rpm_list | join(' ')}}" register: result - until: result | success + until: result is succeeded vars: openshift_node_upgrade_rpm_list: - "{{ openshift_service_type }}-node{{ openshift_pkg_version }}" diff --git a/roles/openshift_node/tasks/upgrade/stop_services.yml b/roles/openshift_node/tasks/upgrade/stop_services.yml index bbf1c5f25..2fff556e5 100644 --- a/roles/openshift_node/tasks/upgrade/stop_services.yml +++ b/roles/openshift_node/tasks/upgrade/stop_services.yml @@ -25,7 +25,7 @@ name: docker state: stopped register: l_openshift_node_upgrade_docker_stop_result - until: not l_openshift_node_upgrade_docker_stop_result | failed + until: not (l_openshift_node_upgrade_docker_stop_result is failed) retries: 3 delay: 30 when: diff --git a/roles/openshift_node/tasks/upgrade_pre.yml b/roles/openshift_node/tasks/upgrade_pre.yml index 3346b7c65..7f591996c 100644 --- a/roles/openshift_node/tasks/upgrade_pre.yml +++ b/roles/openshift_node/tasks/upgrade_pre.yml @@ -10,7 +10,7 @@ - name: update package meta data to speed install later. command: "{{ ansible_pkg_mgr }} makecache" register: result - until: result | success + until: result is succeeded when: not openshift.common.is_containerized | bool - name: Check Docker image count @@ -32,7 +32,7 @@ - name: download docker upgrade rpm command: "{{ ansible_pkg_mgr }} install -y --downloadonly docker{{ '-' + docker_version }}" register: result - until: result | success + until: result is succeeded when: - l_docker_upgrade is defined - l_docker_upgrade | bool diff --git a/roles/openshift_node/templates/node.yaml.v1.j2 b/roles/openshift_node/templates/node.yaml.v1.j2 index 261cac6f1..b673733df 100644 --- a/roles/openshift_node/templates/node.yaml.v1.j2 +++ b/roles/openshift_node/templates/node.yaml.v1.j2 @@ -10,12 +10,12 @@ dnsIP: {{ openshift.node.dns_ip }} {% endif %} dockerConfig: execHandlerName: "" -iptablesSyncPeriod: "{{ openshift.node.iptables_sync_period }}" +iptablesSyncPeriod: "{{ openshift_node_iptables_sync_period }}" imageConfig: format: {{ openshift.node.registry_url }} latest: {{ openshift_node_image_config_latest }} kind: NodeConfig -kubeletArguments: {{ openshift.node.kubelet_args | default(None) | to_padded_yaml(level=1) }} +kubeletArguments: {{ l2_openshift_node_kubelet_args | default(None) | to_padded_yaml(level=1) }} {% if openshift_use_crio %} container-runtime: - remote @@ -45,7 +45,7 @@ networkConfig: {% if openshift_node_use_openshift_sdn | bool or openshift_node_use_nuage | bool or openshift_node_use_contiv | bool or openshift_node_use_kuryr | bool or openshift_node_sdn_network_plugin_name == 'cni' %} networkPluginName: {{ openshift_node_sdn_network_plugin_name }} {% endif %} -{% if openshift.node.set_node_ip | bool %} +{% if openshift_set_node_ip | bool %} nodeIP: {{ openshift.common.ip }} {% endif %} nodeName: {{ openshift.node.nodename }} @@ -68,8 +68,8 @@ volumeDirectory: {{ openshift_node_data_dir }}/openshift.local.volumes {% if not (openshift_node_use_kuryr | default(False)) | bool %} proxyArguments: proxy-mode: - - {{ openshift.node.proxy_mode }} + - {{ openshift_node_proxy_mode }} {% endif %} volumeConfig: localQuota: - perFSGroup: {{ openshift.node.local_quota_per_fsgroup }} + perFSGroup: {{ openshift_node_local_quota_per_fsgroup }} diff --git a/roles/openshift_node/templates/openshift.docker.node.service b/roles/openshift_node/templates/openshift.docker.node.service index b174c7023..ae7b147a6 100644 --- a/roles/openshift_node/templates/openshift.docker.node.service +++ b/roles/openshift_node/templates/openshift.docker.node.service @@ -38,7 +38,7 @@ ExecStart=/usr/bin/docker run --name {{ openshift_service_type }}-node \ {% if openshift_use_nuage | default(false) -%} $NUAGE_ADDTL_BIND_MOUNTS {% endif -%} \ -v /dev:/dev $DOCKER_ADDTL_BIND_MOUNTS -v /etc/pki:/etc/pki:ro \ {% if l_bind_docker_reg_auth %} -v {{ oreg_auth_credentials_path }}:/root/.docker:ro{% endif %}\ - {{ openshift.node.node_image }}:${IMAGE_VERSION} + {{ osn_image }}:${IMAGE_VERSION} ExecStartPost=/usr/bin/sleep 10 ExecStop=/usr/bin/docker stop {{ openshift_service_type }}-node ExecStopPost=/usr/bin/rm /etc/dnsmasq.d/node-dnsmasq.conf diff --git a/roles/openshift_node_certificates/handlers/main.yml b/roles/openshift_node_certificates/handlers/main.yml index 0686ac101..3531e30b8 100644 --- a/roles/openshift_node_certificates/handlers/main.yml +++ b/roles/openshift_node_certificates/handlers/main.yml @@ -22,6 +22,6 @@ state: restarted when: not openshift_certificates_redeploy | default(false) | bool register: l_docker_restart_docker_in_cert_result - until: not l_docker_restart_docker_in_cert_result | failed + until: not (l_docker_restart_docker_in_cert_result is failed) retries: 3 delay: 30 diff --git a/roles/openshift_node_facts/tasks/main.yml b/roles/openshift_node_facts/tasks/main.yml index c234a3000..2ea7a4cec 100644 --- a/roles/openshift_node_facts/tasks/main.yml +++ b/roles/openshift_node_facts/tasks/main.yml @@ -4,22 +4,10 @@ role: "{{ item.role }}" local_facts: "{{ item.local_facts }}" with_items: - # Reset node labels to an empty dictionary. - - role: node - local_facts: - labels: {} - role: node local_facts: annotations: "{{ openshift_node_annotations | default(none) }}" - iptables_sync_period: "{{ openshift_node_iptables_sync_period | default(None) }}" - kubelet_args: "{{ openshift_node_kubelet_args | default(None) }}" - labels: "{{ openshift_node_labels | default(None) }}" registry_url: "{{ oreg_url_node | default(oreg_url) | default(None) }}" - storage_plugin_deps: "{{ osn_storage_plugin_deps | default(None) }}" - set_node_ip: "{{ openshift_set_node_ip | default(None) }}" - node_image: "{{ osn_image | default(None) }}" ovs_image: "{{ osn_ovs_image | default(None) }}" - proxy_mode: "{{ openshift_node_proxy_mode | default('iptables') }}" - local_quota_per_fsgroup: "{{ openshift_node_local_quota_per_fsgroup | default(None) }}" dns_ip: "{{ openshift_dns_ip | default(none) | node_get_dns_ip(hostvars[inventory_hostname])}}" env_vars: "{{ openshift_node_env_vars | default(None) }}" diff --git a/roles/openshift_openstack/tasks/container-storage-setup.yml b/roles/openshift_openstack/tasks/container-storage-setup.yml index 82307b208..be73d18be 100644 --- a/roles/openshift_openstack/tasks/container-storage-setup.yml +++ b/roles/openshift_openstack/tasks/container-storage-setup.yml @@ -8,7 +8,7 @@ group: root mode: 0644 when: - - ansible_distribution_version | version_compare('7.4', '>=') + - ansible_distribution_version is version_compare('7.4', '>=') - ansible_distribution == "RedHat" - block: @@ -20,7 +20,7 @@ group: root mode: 0644 when: - - ansible_distribution_version | version_compare('7.4', '<') + - ansible_distribution_version is version_compare('7.4', '<') - ansible_distribution == "RedHat" - block: diff --git a/roles/openshift_openstack/tasks/node-packages.yml b/roles/openshift_openstack/tasks/node-packages.yml index e41104af1..c95c9e607 100644 --- a/roles/openshift_openstack/tasks/node-packages.yml +++ b/roles/openshift_openstack/tasks/node-packages.yml @@ -7,7 +7,7 @@ state: latest with_items: "{{ openshift_openstack_required_packages }}" register: result - until: result | success + until: result is succeeded - name: Install debug packages (optional) yum: @@ -16,4 +16,4 @@ with_items: "{{ openshift_openstack_debug_packages }}" when: openshift_openstack_install_debug_packages|bool register: result - until: result | success + until: result is succeeded diff --git a/roles/openshift_openstack/tasks/populate-dns.yml b/roles/openshift_openstack/tasks/populate-dns.yml index cf2ead5c3..858dd9e57 100644 --- a/roles/openshift_openstack/tasks/populate-dns.yml +++ b/roles/openshift_openstack/tasks/populate-dns.yml @@ -116,6 +116,6 @@ - "{{ openshift_openstack_dns_records_add | default([]) }}" - entries register: nsupdate_add_result - until: nsupdate_add_result|succeeded + until: nsupdate_add_result is succeeded retries: 10 delay: 1 diff --git a/roles/openshift_repos/tasks/main.yaml b/roles/openshift_repos/tasks/main.yaml index 3a6667863..35206049f 100644 --- a/roles/openshift_repos/tasks/main.yaml +++ b/roles/openshift_repos/tasks/main.yaml @@ -10,7 +10,7 @@ - name: Ensure libselinux-python is installed package: name=libselinux-python state=present register: result - until: result | success + until: result is succeeded - name: Remove openshift_additional.repo file file: @@ -42,7 +42,7 @@ - ansible_distribution == 'RedHat' - deployment_type == 'openshift-enterprise' - rhsub_user is defined - - rhsub_password is defined + - rhsub_pass is defined - include_tasks: centos_repos.yml when: diff --git a/roles/openshift_sanitize_inventory/tasks/main.yml b/roles/openshift_sanitize_inventory/tasks/main.yml index 77428272c..651d896cf 100644 --- a/roles/openshift_sanitize_inventory/tasks/main.yml +++ b/roles/openshift_sanitize_inventory/tasks/main.yml @@ -47,7 +47,7 @@ - name: Abort when openshift_release is invalid when: - openshift_release is defined - - not openshift_release | match('^\d+(\.\d+){1,3}$') + - not (openshift_release is match('^\d+(\.\d+){1,3}$')) fail: msg: |- openshift_release is "{{ openshift_release }}" which is not a valid version string. diff --git a/roles/openshift_storage_glusterfs/tasks/glusterfs_common.yml b/roles/openshift_storage_glusterfs/tasks/glusterfs_common.yml index 315bc5614..d11023a39 100644 --- a/roles/openshift_storage_glusterfs/tasks/glusterfs_common.yml +++ b/roles/openshift_storage_glusterfs/tasks/glusterfs_common.yml @@ -5,7 +5,7 @@ - not openshift.common.is_atomic | bool - not glusterfs_heketi_is_native | bool register: result - until: result | success + until: result is succeeded - name: Verify heketi-cli is installed shell: "command -v {{ glusterfs_heketi_cli }} >/dev/null 2>&1 || { echo >&2 'ERROR: Make sure heketi-cli is available, then re-run the installer'; exit 1; }" diff --git a/roles/openshift_storage_glusterfs/tasks/kernel_modules.yml b/roles/openshift_storage_glusterfs/tasks/kernel_modules.yml index 030fa81c9..3bdfa183f 100644 --- a/roles/openshift_storage_glusterfs/tasks/kernel_modules.yml +++ b/roles/openshift_storage_glusterfs/tasks/kernel_modules.yml @@ -9,4 +9,4 @@ systemd: name: systemd-modules-load.service state: restarted - when: km | changed + when: km is changed diff --git a/roles/openshift_storage_nfs/tasks/main.yml b/roles/openshift_storage_nfs/tasks/main.yml index 55e4024ec..5c043bc14 100644 --- a/roles/openshift_storage_nfs/tasks/main.yml +++ b/roles/openshift_storage_nfs/tasks/main.yml @@ -5,7 +5,7 @@ - name: Install nfs-utils package: name=nfs-utils state=present register: result - until: result | success + until: result is succeeded - name: Configure NFS lineinfile: @@ -16,7 +16,7 @@ - name: Restart nfs-config systemd: name=nfs-config state=restarted - when: nfs_config | changed + when: nfs_config is changed - name: Ensure exports directory exists file: @@ -70,4 +70,4 @@ register: start_result - set_fact: - nfs_service_status_changed: "{{ start_result | changed }}" + nfs_service_status_changed: "{{ start_result is changed }}" diff --git a/roles/openshift_storage_nfs_lvm/tasks/nfs.yml b/roles/openshift_storage_nfs_lvm/tasks/nfs.yml index bee786a90..94dc63bd2 100644 --- a/roles/openshift_storage_nfs_lvm/tasks/nfs.yml +++ b/roles/openshift_storage_nfs_lvm/tasks/nfs.yml @@ -3,7 +3,7 @@ package: name=nfs-utils state=present when: not openshift.common.is_containerized | bool register: result - until: result | success + until: result is succeeded - name: Start rpcbind systemd: diff --git a/roles/openshift_version/tasks/main.yml b/roles/openshift_version/tasks/main.yml index ae0f68a5b..e50d5371e 100644 --- a/roles/openshift_version/tasks/main.yml +++ b/roles/openshift_version/tasks/main.yml @@ -49,7 +49,7 @@ when: openshift.common.deployment_type == 'origin' assert: that: - - "{{ openshift_image_tag|match('(^v?\\d+\\.\\d+\\.\\d+(-[\\w\\-\\.]*)?$)') }}" + - "{{ openshift_image_tag is match('(^v?\\d+\\.\\d+\\.\\d+(-[\\w\\-\\.]*)?$)') }}" msg: |- openshift_image_tag must be in the format v#.#.#[-optional.#]. Examples: v1.2.3, v3.5.1-alpha.1 You specified openshift_image_tag={{ openshift_image_tag }} @@ -66,7 +66,7 @@ when: openshift.common.deployment_type == 'openshift-enterprise' assert: that: - - "{{ openshift_image_tag|match('(^v\\d+\\.\\d+(\\.\\d+)*(-\\d+(\\.\\d+)*)?$)') }}" + - "{{ openshift_image_tag is match('(^v\\d+\\.\\d+(\\.\\d+)*(-\\d+(\\.\\d+)*)?$)') }}" msg: |- openshift_image_tag must be in the format v#.#[.#[.#]]. Examples: v1.2, v3.4.1, v3.5.1.3, v3.5.1.3.4, v1.2-1, v1.2.3-4, v1.2.3-4.5, v1.2.3-4.5.6 diff --git a/roles/os_firewall/tasks/firewalld.yml b/roles/os_firewall/tasks/firewalld.yml index 1e27ebaf9..4eae31596 100644 --- a/roles/os_firewall/tasks/firewalld.yml +++ b/roles/os_firewall/tasks/firewalld.yml @@ -9,7 +9,7 @@ name: firewalld state: present register: result - until: result | success + until: result is succeeded - name: Ensure iptables services are not enabled systemd: @@ -21,12 +21,14 @@ - iptables - ip6tables register: task_result - failed_when: task_result|failed and 'could not' not in task_result.msg|lower + failed_when: + - task_result is failed + - ('could not' not in task_result.msg|lower) - name: Wait 10 seconds after disabling iptables pause: seconds: 10 - when: task_result | changed + when: task_result is changed - name: Start and enable firewalld service systemd: @@ -40,13 +42,13 @@ - name: need to pause here, otherwise the firewalld service starting can sometimes cause ssh to fail pause: seconds: 10 - when: result | changed + when: result is changed - name: Restart polkitd systemd: name: polkit state: restarted - when: result | changed + when: result is changed # Fix suspected race between firewalld and polkit BZ1436964 - name: Wait for polkit action to have been created diff --git a/roles/os_firewall/tasks/iptables.yml b/roles/os_firewall/tasks/iptables.yml index a7c13e487..49d658d37 100644 --- a/roles/os_firewall/tasks/iptables.yml +++ b/roles/os_firewall/tasks/iptables.yml @@ -7,12 +7,14 @@ enabled: no masked: yes register: task_result - failed_when: task_result|failed and 'could not' not in task_result.msg|lower + failed_when: + - task_result is failed + - ('could not' not in task_result.msg|lower) - name: Wait 10 seconds after disabling firewalld pause: seconds: 10 - when: task_result | changed + when: task_result is changed - name: Install iptables packages package: @@ -23,7 +25,7 @@ - iptables-services when: not r_os_firewall_is_atomic | bool register: result - until: result | success + until: result is succeeded - name: Start and enable iptables service systemd: @@ -40,4 +42,4 @@ - name: need to pause here, otherwise the iptables service starting can sometimes cause ssh to fail pause: seconds: 10 - when: result | changed + when: result is changed diff --git a/roles/os_update_latest/tasks/main.yml b/roles/os_update_latest/tasks/main.yml index 60d665587..9d8ec7887 100644 --- a/roles/os_update_latest/tasks/main.yml +++ b/roles/os_update_latest/tasks/main.yml @@ -2,4 +2,4 @@ - name: Update all packages package: name=* state=latest register: result - until: result | success + until: result is succeeded diff --git a/roles/rhel_subscribe/tasks/main.yml b/roles/rhel_subscribe/tasks/main.yml index 6337cd644..e7eb6c572 100644 --- a/roles/rhel_subscribe/tasks/main.yml +++ b/roles/rhel_subscribe/tasks/main.yml @@ -8,7 +8,7 @@ name: subscription-manager state: present register: result - until: result | success + until: result is succeeded - name: Is host already registered? command: "subscription-manager version" @@ -20,7 +20,7 @@ username: "{{ rhsub_user }}" password: "{{ rhsub_pass }}" register: rh_subscription - until: rh_subscription | succeeded + until: rh_subscription is succeeded when: - "'not registered' in rh_subscribed.stdout" |