fix: use workdir variable instead of ansible_env.HOME prefix#2
Open
prakhar1985 wants to merge 10 commits into
Open
fix: use workdir variable instead of ansible_env.HOME prefix#2prakhar1985 wants to merge 10 commits into
prakhar1985 wants to merge 10 commits into
Conversation
Introduce ocp4_workload_rhoso_deployment_workdir computed from ansible_facts env HOME to avoid double-slash when an absolute path is used and to fix deprecation warnings. Replace all ansible_env.HOME references across task files with the new variable.
ansible_facts['env']['HOME'] resolves to the EE container HOME (/root), not the bastion connection user's home. Using /tmp avoids permission issues regardless of who the SSH connection user is on the bastion.
Hardcoded delegate_to: nfs-server and delegate_to: compute01 don't match the AgnosticD inventory which uses nfsserver and compute01 respectively. Add configurable hostname variables with correct defaults.
…ypto dep - handlers/main.yml: use nfs_host variable instead of hardcoded nfs-server - remove_workload.yml: use workdir variable instead of ansible_env.HOME - galaxy.yml: add community.crypto dependency (used by openssh_keypair in data_plane)
The EE container cannot resolve nfsserver hostname (cluster-internal DNS). Route all nfs commands through the bastion which has cluster DNS and direct network access to the nfsserver VM. Add nfs_ssh_user and nfs_ssh_key vars.
compute01 is also a cluster-internal VM unreachable by hostname from the EE. Proxy all compute01 tasks through the bastion using the cluster SSH key.
…_host AgnosticD sets ansible_host to the VM short name (e.g. nfsserver) which resolves inside the cluster but not from the EE container. Use add_host to resolve the IP via bastion DNS and update ansible_host + ProxyJump so delegate_to works natively without SSH command hacks.
AgnosticD already sets public_ip_address, bastion_ssh_port and ansible_user on isolated VM hosts. ProxyJump resolves the destination hostname from the bastion (not the EE), so no getent needed. Just add ansible_ssh_common_args. Remove unneeded nfs_ssh_user/key and compute_ssh_user/key variables.
AgnosticD does NOT configure SSH proxy for isolated hosts — they are excluded from direct SSH plays (hosts: all:!isolated). We must configure the proxy ourselves. Use ProxyCommand (not ProxyJump) so StrictHostKeyChecking=no applies to both the bastion hop and final destination.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Problem
All task files constructed the working directory path as:
This caused two issues:
files_directory(e.g./home/lab-user/openstack-files→/root//home/lab-user/openstack-files)ansible_envis deprecated in favour ofansible_facts['env']Fix
Introduce
ocp4_workload_rhoso_deployment_workdirindefaults/main.yml:Replace all
{{ ansible_env.HOME }}/{{ ..._files_directory }}references across 5 task files with{{ ocp4_workload_rhoso_deployment_workdir }}. Users can overrideworkdirdirectly for custom paths.Also moves nova migration key into the workdir for consistency.
Files changed
defaults/main.yml— addworkdirvariabletasks/install_operators.yml— 6 occurrences fixedtasks/security.yml— 2 occurrences fixedtasks/network_isolation.yml— 5 occurrences fixedtasks/control_plane.yml— 2 occurrences fixedtasks/data_plane.yml— 4 occurrences fixed