Strictly specify become to only neccesary Ansible task

Registered by Duong Ha-Quang on 2016-08-18

Add "become" (Ansbile way to privilege escalation) to only necessary Ansible tasks. So, users do not need to escalate whole host in Ansible inventory or CLI due to there are some but not every tasks in a playbook need root privilege.

Blueprint information

Status:
Started
Approver:
Steven Dake
Priority:
Essential
Drafter:
Duong Ha-Quang
Direction:
Approved
Assignee:
Duong Ha-Quang
Definition:
Approved
Series goal:
Accepted for ocata
Implementation:
Slow progress
Milestone target:
milestone icon pike-3
Started by
Duong Ha-Quang on 2016-08-22

Related branches

Sprints

Whiteboard

Related document:
http://docs.ansible.com/ansible/become.html

Gerrit topic: https://review.openstack.org/#q,topic:bp/ansible-specific-task-become,n,z

Addressed by: https://review.openstack.org/358374
    [wip] Add Ansible become to quick start guide

Addressed by: https://review.openstack.org/358432
    Check if ansible_user is in docker group

Addressed by: https://review.openstack.org/398682
    Specify 'become' to neccesary tasks (general roles)

Addressed by: https://review.openstack.org/398684
    Specify 'become' for only neccesary tasks (default roles)

Addressed by: https://review.openstack.org/398685
    Specify 'become' for only neccesary tasks (all other roles)

(?)

Work Items

Work items:
[duonghq] Update document: INPROGRESS
[duonghq] Make sure ansible_ssh_user in docker group (only check): DONE
[duonghq] General roles (common, prechecks): DONE
[duonghq] General modules (memcached, iscsi, mariadb, mongodb): DONE
[duonghq] Core modules: (nova, neutron, keystone): DONE
[duonghq] Other modules: DONE
[duonghq] Change owner of configuration file to kolla/kolla or user specify: DONE

This blueprint contains Public information 
Everyone can see this information.