undercloud_debug¶
About the role¶
An Ansible role to check if debug is enabled on Undercloud services.
Requirements¶
This role needs to be run against an installed Undercloud. The tested services must use one of the specified configuration files to set their debug status.
Role Variables¶
debug_check: <True>
services_conf_files: List of paths for configuration files of services you want to check
Dependencies¶
‘validations_read_ini’ custom plugin
Example Playbook¶
- hosts: undercloud
roles:
- { role: undercloud-debug }
License¶
Apache
Full Description¶
Role Documentation¶
Welcome to the “undercloud_debug” role documentation.
Role Defaults¶
This section highlights all of the defaults and variables set within the “undercloud_debug” role.
# Fail if the 'debug' key is set to value of 'debug_check'
debug_check: true
# Parse following ini files, retrieving value of the 'debug' key
services_conf_files:
- /var/lib/config-data/puppet-generated/nova/etc/nova/nova.conf
- /var/lib/config-data/puppet-generated/neutron/etc/neutron/neutron.conf
- /var/lib/config-data/puppet-generated/ceilometer/etc/ceilometer/ceilometer.conf
- /var/lib/config-data/puppet-generated/heat/etc/heat/heat.conf
- /var/lib/config-data/puppet-generated/ironic/etc/ironic/ironic.conf
Role Variables: main.yaml¶
metadata:
name: Undercloud Services Debug Check
description: >
The undercloud's openstack services should _not_ have debug enabled.
This will check if debug is enabled on undercloud services.
If debug is enabled, the root filesystem can fill up quickly, and
is not a good thing.
This role needs to be run against an installed Undercloud.
The tested services must use one of the specified configuration files
to set their debug status.
groups:
- pre-deployment
Molecule Scenarios¶
Molecule is being used to test the “undercloud_debug” role. The following section highlights the drivers in service and provides an example playbook showing how the role is leveraged.
- Driver: podman
Scenario: default¶
Molecule Platform(s)¶
- name: centos
hostname: centos
image: centos/centos:stream8
registry:
url: quay.io
dockerfile: ../../../../.config/molecule/Dockerfile
pkg_extras: python*-setuptools python*-pyyaml
volumes:
- /etc/ci/mirror_info.sh:/etc/ci/mirror_info.sh:ro
privileged: true
environment:
http_proxy: "{{ lookup('env', 'http_proxy') }}"
https_proxy: "{{ lookup('env', 'https_proxy') }}"
ulimits:
- host
Molecule Inventory¶
hosts:
all:
hosts:
centos:
ansible_python_interpreter: /usr/bin/python3
Example default playbook¶
- name: Converge
hosts: all
gather_facts: false
vars:
services_conf_files:
- /tmp/debug_true_1.conf
tasks:
- name: prepare fake config file
copy:
dest: /tmp/debug_true_1.conf
content: |
[DEFAULT]
debug: true
- name: Checking good value
include_role:
name: undercloud_debug
vars:
debug_check: true
- name: Should fail due to bad value
block:
- include_role:
name: undercloud_debug
vars:
debug_check: false
rescue:
- name: Clear host errors
meta: clear_host_errors
- debug:
msg: The validation works! End the playbook run
- name: End play
meta: end_play
- name: Fail the test
fail:
msg: |
The undercloud_debug should have detected a configuration issue