Fix the (re)start logic for the services

We need to start the services in a specific order, e.g. 1. verifier -> 2. registrar -> 3. agent, and in some extra configuration/files are created, such as CA and/or certificates, so a service may take some time before it is ready. Let's now check whether the verifier is accesible -- via its port --, before starting the registrar. Signed-off-by: Sergio Correia <scorreia@redhat.com>
linux-system-roles · Jul 24, 2023 · b9845bf · b9845bf
1 parent dac5984
commit b9845bf
Show file tree

Hide file tree

Showing 4 changed files with 33 additions and 10 deletions.
diff --git a/handlers/main.yml b/handlers/main.yml
@@ -1,7 +1,4 @@
 # SPDX-License-Identifier: MIT
 ---
 - name: Restart services
-  service:
-    name: "{{ item }}"
-    state: restarted
-  loop: "{{ __keylime_server_services }}"
+  include_tasks: tasks/restart_services.yml
diff --git a/tasks/main.yml b/tasks/main.yml
@@ -24,9 +24,19 @@
   include_tasks: keylime-config.yml
   when: not __keylime_server_legacy_config
 
-- name: Ensure required services are enabled and started
+- name: Ensure the verifier is enabled and started
   service:
-    name: "{{ item }}"
+    name: "{{ __keylime_server_verifier_service }}"
+    state: started
+    enabled: true
+
+- name: Make sure the verifier is up and running
+  ansible.builtin.wait_for:
+    host: "{{ keylime_server_verifier_ip }}"
+    port: "{{ keylime_server_verifier_port }}"
+
+- name: Ensure the registrat is enabled and started
+  service:
+    name: "{{ __keylime_server_registrar_service }}"
     state: started
     enabled: true
-  loop: "{{ __keylime_server_services }}"
diff --git a/tasks/restart_services.yml b/tasks/restart_services.yml
@@ -0,0 +1,17 @@
+# SPDX-License-Identifier: MIT
+---
+
+- name: Restart the verifier
+  service:
+    name: "{{ __keylime_server_verifier_service }}"
+    state: restarted
+
+- name: Make sure the verifier is up and running
+  ansible.builtin.wait_for:
+    host: "{{ keylime_server_verifier_ip }}"
+    port: "{{ keylime_server_verifier_port }}"
+
+- name: Restart the registrar
+  service:
+    name: "{{ __keylime_server_registrar_service }}"
+    state: restarted
diff --git a/vars/main.yml b/vars/main.yml
@@ -20,9 +20,8 @@ __keylime_server_packages:
   - keylime-verifier
   - keylime-registrar
 
-__keylime_server_services:
-  - keylime_verifier
-  - keylime_registrar
+__keylime_server_verifier_service: keylime_verifier
+__keylime_server_registrar_service: keylime_registrar
 
 __keylime_server_user: keylime
 __keylime_server_group: keylime