--- - name: Update packages on compute and control nodes hosts: control, compute become: true tasks: - name: Update all packages ansible.builtin.package: name: '*' state: latest - name: Packages installed ansible.builtin.package: name: "{{ install_packages }}" state: present - name: Create stack user for admin ansible.builtin.user: name: stack shell: /bin/bash home: /opt/stack comment: Openstack Administration - name: Give passwordless sudo access to stack user community.general.sudoers: name: stack commands: ALL runas: root user: stack state: present - name: Install openstack admin ssh key ansible.posix.authorized_key: user: stack key: "{{ lookup('file', '{{ item }}') }}" state: present with_fileglob: - openstack_admin.pub - name: Prepare for openstack-ansible deployment hosts: control become: true tasks: - name: Disable and mask firewalld ansible.builtin.systemd: name: firewalld enabled: false masked: true state: stopped - name: Copy ssh key to .ssh directory ansible.builtin.copy: content: "{{ openssh_private_key }}" dest: /opt/stack/.ssh/openstack_admin owner: stack group: stack mode: '0600' - name: Copy public key to .ssh directory ansible.builtin.copy: src: openstack_admin.pub dest: /opt/stack/.ssh/id_rsa.pub owner: stack group: stack mode: '0600' - name: Clone openstack-ansible repo into /opt/openstack-ansible ansible.builtin.git: repo: https://opendev.org/openstack/openstack-ansible dest: /opt/openstack-ansible version: master force: true - name: Execute bootstrap script ansible.builtin.command: cmd: '/opt/openstack-ansible/scripts/bootstrap-ansible.sh' creates: /usr/local/bin/openstack-ansible - name: Prepare compute hosts hosts: compute become: true tasks: - name: Reduce kernel log level ansible.builtin.lineinfile: path: /etc/sysctl.conf line: kernel.printk='4 1 7 4'