472 lines
15 KiB
YAML
Raw Normal View History

---
- name: Ensuring config directories exist
become: true
file:
path: "{{ node_config_directory }}/{{ item.key }}"
state: "directory"
owner: "{{ config_owner_user }}"
group: "{{ config_owner_group }}"
mode: "0770"
when:
- item.value.enabled | bool
- item.value.host_in_groups | bool
with_dict: "{{ neutron_services }}"
- name: Check if extra ml2 plugins exists
find:
path: "{{ node_custom_config }}/neutron/plugins/"
delegate_to: localhost
run_once: True
changed_when: False
register: check_extra_ml2_plugins
- include_tasks: copy-certs.yml
when:
- kolla_copy_ca_into_containers | bool or neutron_enable_tls_backend | bool
- name: Creating TLS backend PEM File
vars:
neutron_tls_proxy: "{{ neutron_services['neutron-tls-proxy'] }}"
assemble:
src: "{{ node_config_directory }}/neutron-tls-proxy/"
dest: "{{ node_config_directory }}/neutron-tls-proxy/neutron-cert-and-key.pem"
mode: "0660"
regexp: "^neutron-(cert|key)\\.pem$"
remote_src: true
become: true
when:
- neutron_tls_proxy.enabled | bool
- neutron_tls_proxy.host_in_groups | bool
- name: Check if policies shall be overwritten
stat:
path: "{{ item }}"
delegate_to: localhost
run_once: True
register: neutron_policy
with_first_found:
- files: "{{ supported_policy_format_list }}"
paths:
- "{{ node_custom_config }}/neutron/"
skip: true
- name: Set neutron policy file
set_fact:
neutron_policy_file: "{{ neutron_policy.results.0.stat.path | basename }}"
neutron_policy_file_path: "{{ neutron_policy.results.0.stat.path }}"
when:
- neutron_policy.results
- name: Copying over existing policy file
template:
src: "{{ neutron_policy_file_path }}"
dest: "{{ node_config_directory }}/{{ item.key }}/{{ neutron_policy_file }}"
mode: "0660"
become: true
when:
- neutron_policy_file is defined
- item.value.enabled | bool
- item.value.host_in_groups | bool
with_dict: "{{ neutron_services }}"
notify:
- "Restart {{ item.key }} container"
- name: Copying over config.json files for services
become: true
template:
src: "{{ item.key }}.json.j2"
dest: "{{ node_config_directory }}/{{ item.key }}/config.json"
mode: "0660"
when:
- item.value.enabled | bool
- item.value.host_in_groups | bool
with_dict: "{{ neutron_services }}"
notify:
- "Restart {{ item.key }} container"
- name: Copying over neutron.conf
become: true
vars:
service_name: "{{ item.key }}"
services_need_neutron_conf:
- "ironic-neutron-agent"
- "neutron-dhcp-agent"
- "neutron-l3-agent"
- "neutron-linuxbridge-agent"
- "neutron-metadata-agent"
- "neutron-ovn-metadata-agent"
- "neutron-metering-agent"
- "neutron-openvswitch-agent"
- "neutron-server"
- "neutron-bgp-dragent"
- "neutron-infoblox-ipam-agent"
- "neutron-sriov-agent"
- "neutron-mlnx-agent"
- "neutron-eswitchd"
merge_configs:
sources:
- "{{ role_path }}/templates/neutron.conf.j2"
- "{{ node_custom_config }}/global.conf"
- "{{ node_custom_config }}/neutron.conf"
- "{{ node_custom_config }}/neutron/{{ item.key }}.conf"
- "{{ node_custom_config }}/neutron/{{ inventory_hostname }}/neutron.conf"
dest: "{{ node_config_directory }}/{{ item.key }}/neutron.conf"
mode: "0660"
when:
- item.value.enabled | bool
- item.value.host_in_groups | bool
- item.key in services_need_neutron_conf
with_dict: "{{ neutron_services }}"
notify:
- "Restart {{ item.key }} container"
- name: Copying over neutron_vpnaas.conf
become: true
vars:
service_name: "{{ item.key }}"
services_need_neutron_vpnaas_conf:
- "neutron-server"
- "neutron-l3-agent"
merge_configs:
sources:
- "{{ role_path }}/templates/neutron_vpnaas.conf.j2"
- "{{ node_custom_config }}/neutron/neutron_vpnaas.conf"
- "{{ node_custom_config }}/neutron/{{ inventory_hostname }}/neutron_vpnaas.conf"
dest: "{{ node_config_directory }}/{{ item.key }}/neutron_vpnaas.conf"
mode: "0660"
when:
- item.value.enabled | bool
- item.value.host_in_groups | bool
- item.key in services_need_neutron_vpnaas_conf
with_dict: "{{ neutron_services }}"
notify:
- "Restart {{ item.key }} container"
- name: Copying over ml2_conf.ini
become: true
vars:
service_name: "{{ item.key }}"
services_need_ml2_conf_ini:
- "neutron-infoblox-ipam-agent"
- "neutron-server"
merge_configs:
sources:
- "{{ role_path }}/templates/ml2_conf.ini.j2"
- "{{ node_custom_config }}/neutron/ml2_conf.ini"
- "{{ node_custom_config }}/neutron/{{ inventory_hostname }}/ml2_conf.ini"
dest: "{{ node_config_directory }}/{{ service_name }}/ml2_conf.ini"
mode: "0660"
when:
- item.key in services_need_ml2_conf_ini
- item.value.enabled | bool
- item.value.host_in_groups | bool
with_dict: "{{ neutron_services }}"
notify:
- "Restart {{ item.key }} container"
- name: Copying over linuxbridge_agent.ini
XenAPI: Support neutron configuration When using XenAPI as the compute virt driver, we need an OVS agent to manage the OVS running in XenServer dom0. This OVS agent uses the HIMN(Host Internal Management Network) to communicate with dom0's OVS. This commit includes the following changes: * Add a new ovs agent service - neutron-openvswitch-agent-xenapi This new agent service will run in the compute hosts and controls the OVS running in XenServer dom0; the existing agent service - neutron-openvswitch-agent will run in the network hosts and controls the OVS running in network hosts. * It retrieves XenAPI variables from the json file generated at XenAPI bootstrap. * Basing on the XenAPI variables, it will customize relative ml2_conf.ini's configure options in a new template which will override the default options. e.g. * of_listen_address: XenAPI use the local himn interface's IP as of_listen_address, so that the ovs running dom0 can receive OpenFlow rules from the service of neutron-openvswitch-agent-xenapi. * ovsdb_connection: XenAPI use XenServer dom0's HIMN IP as the OVS DB connection IP, so that neutron-openvswitch-agent-xenapi can connect to dom0's OVS DB. * host: Use the dom0's hostname. * At the moment, l2_population doesn't for for XenAPI. So disable it. References: * XenServer (and other XAPI based Xen variants): https://docs.openstack.org/nova/pike/admin/configuration/hypervisor-xen-api.html * XenCenter HIMN plugin (adding HIMN network which is used by XenAPI driver to communicate with XenServer): https://github.com/citrix-openstack/xencenter-himn-plugin * Neutron OVS agent configuration options: https://docs.openstack.org/neutron/latest/configuration/openvswitch-agent.html Change-Id: Iaee0a6c84069b3e6015b00de7aea880cdd33ab09 blueprint: xenserver-support
2017-12-06 05:46:28 +00:00
become: true
vars:
service_name: "neutron-linuxbridge-agent"
merge_configs:
sources:
- "{{ role_path }}/templates/linuxbridge_agent.ini.j2"
- "{{ node_custom_config }}/neutron/linuxbridge_agent.ini"
- "{{ node_custom_config }}/neutron/{{ inventory_hostname }}/linuxbridge_agent.ini"
dest: "{{ node_config_directory }}/{{ service_name }}/linuxbridge_agent.ini"
mode: "0660"
when:
- neutron_services[service_name].enabled | bool
- neutron_services[service_name].host_in_groups | bool
notify:
- "Restart {{ service_name }} container"
- name: Copying over openvswitch_agent.ini
become: true
vars:
service_name: "neutron-openvswitch-agent"
merge_configs:
sources:
- "{{ role_path }}/templates/openvswitch_agent.ini.j2"
- "{{ node_custom_config }}/neutron/openvswitch_agent.ini"
- "{{ node_custom_config }}/neutron/{{ inventory_hostname }}/openvswitch_agent.ini"
dest: "{{ node_config_directory }}/{{ service_name }}/openvswitch_agent.ini"
XenAPI: Support neutron configuration When using XenAPI as the compute virt driver, we need an OVS agent to manage the OVS running in XenServer dom0. This OVS agent uses the HIMN(Host Internal Management Network) to communicate with dom0's OVS. This commit includes the following changes: * Add a new ovs agent service - neutron-openvswitch-agent-xenapi This new agent service will run in the compute hosts and controls the OVS running in XenServer dom0; the existing agent service - neutron-openvswitch-agent will run in the network hosts and controls the OVS running in network hosts. * It retrieves XenAPI variables from the json file generated at XenAPI bootstrap. * Basing on the XenAPI variables, it will customize relative ml2_conf.ini's configure options in a new template which will override the default options. e.g. * of_listen_address: XenAPI use the local himn interface's IP as of_listen_address, so that the ovs running dom0 can receive OpenFlow rules from the service of neutron-openvswitch-agent-xenapi. * ovsdb_connection: XenAPI use XenServer dom0's HIMN IP as the OVS DB connection IP, so that neutron-openvswitch-agent-xenapi can connect to dom0's OVS DB. * host: Use the dom0's hostname. * At the moment, l2_population doesn't for for XenAPI. So disable it. References: * XenServer (and other XAPI based Xen variants): https://docs.openstack.org/nova/pike/admin/configuration/hypervisor-xen-api.html * XenCenter HIMN plugin (adding HIMN network which is used by XenAPI driver to communicate with XenServer): https://github.com/citrix-openstack/xencenter-himn-plugin * Neutron OVS agent configuration options: https://docs.openstack.org/neutron/latest/configuration/openvswitch-agent.html Change-Id: Iaee0a6c84069b3e6015b00de7aea880cdd33ab09 blueprint: xenserver-support
2017-12-06 05:46:28 +00:00
mode: "0660"
when:
- neutron_services[service_name].enabled | bool
- neutron_services[service_name].host_in_groups | bool
XenAPI: Support neutron configuration When using XenAPI as the compute virt driver, we need an OVS agent to manage the OVS running in XenServer dom0. This OVS agent uses the HIMN(Host Internal Management Network) to communicate with dom0's OVS. This commit includes the following changes: * Add a new ovs agent service - neutron-openvswitch-agent-xenapi This new agent service will run in the compute hosts and controls the OVS running in XenServer dom0; the existing agent service - neutron-openvswitch-agent will run in the network hosts and controls the OVS running in network hosts. * It retrieves XenAPI variables from the json file generated at XenAPI bootstrap. * Basing on the XenAPI variables, it will customize relative ml2_conf.ini's configure options in a new template which will override the default options. e.g. * of_listen_address: XenAPI use the local himn interface's IP as of_listen_address, so that the ovs running dom0 can receive OpenFlow rules from the service of neutron-openvswitch-agent-xenapi. * ovsdb_connection: XenAPI use XenServer dom0's HIMN IP as the OVS DB connection IP, so that neutron-openvswitch-agent-xenapi can connect to dom0's OVS DB. * host: Use the dom0's hostname. * At the moment, l2_population doesn't for for XenAPI. So disable it. References: * XenServer (and other XAPI based Xen variants): https://docs.openstack.org/nova/pike/admin/configuration/hypervisor-xen-api.html * XenCenter HIMN plugin (adding HIMN network which is used by XenAPI driver to communicate with XenServer): https://github.com/citrix-openstack/xencenter-himn-plugin * Neutron OVS agent configuration options: https://docs.openstack.org/neutron/latest/configuration/openvswitch-agent.html Change-Id: Iaee0a6c84069b3e6015b00de7aea880cdd33ab09 blueprint: xenserver-support
2017-12-06 05:46:28 +00:00
notify:
- "Restart {{ service_name }} container"
XenAPI: Support neutron configuration When using XenAPI as the compute virt driver, we need an OVS agent to manage the OVS running in XenServer dom0. This OVS agent uses the HIMN(Host Internal Management Network) to communicate with dom0's OVS. This commit includes the following changes: * Add a new ovs agent service - neutron-openvswitch-agent-xenapi This new agent service will run in the compute hosts and controls the OVS running in XenServer dom0; the existing agent service - neutron-openvswitch-agent will run in the network hosts and controls the OVS running in network hosts. * It retrieves XenAPI variables from the json file generated at XenAPI bootstrap. * Basing on the XenAPI variables, it will customize relative ml2_conf.ini's configure options in a new template which will override the default options. e.g. * of_listen_address: XenAPI use the local himn interface's IP as of_listen_address, so that the ovs running dom0 can receive OpenFlow rules from the service of neutron-openvswitch-agent-xenapi. * ovsdb_connection: XenAPI use XenServer dom0's HIMN IP as the OVS DB connection IP, so that neutron-openvswitch-agent-xenapi can connect to dom0's OVS DB. * host: Use the dom0's hostname. * At the moment, l2_population doesn't for for XenAPI. So disable it. References: * XenServer (and other XAPI based Xen variants): https://docs.openstack.org/nova/pike/admin/configuration/hypervisor-xen-api.html * XenCenter HIMN plugin (adding HIMN network which is used by XenAPI driver to communicate with XenServer): https://github.com/citrix-openstack/xencenter-himn-plugin * Neutron OVS agent configuration options: https://docs.openstack.org/neutron/latest/configuration/openvswitch-agent.html Change-Id: Iaee0a6c84069b3e6015b00de7aea880cdd33ab09 blueprint: xenserver-support
2017-12-06 05:46:28 +00:00
- name: Copying over sriov_agent.ini
become: true
vars:
service_name: "neutron-sriov-agent"
neutron_sriov_agent: "{{ neutron_services[service_name] }}"
merge_configs:
sources:
- "{{ role_path }}/templates/sriov_agent.ini.j2"
- "{{ node_custom_config }}/neutron/sriov_agent.ini"
- "{{ node_custom_config }}/neutron/{{ inventory_hostname }}/sriov_agent.ini"
dest: "{{ node_config_directory }}/{{ service_name }}/sriov_agent.ini"
mode: "0660"
when:
- neutron_sriov_agent.enabled | bool
- neutron_sriov_agent.host_in_groups | bool
notify:
- "Restart {{ service_name }} container"
- name: Copying over mlnx_agent.ini
become: true
vars:
service_name: "neutron-mlnx-agent"
neutron_mlnx_agent: "{{ neutron_services[service_name] }}"
merge_configs:
sources:
- "{{ role_path }}/templates/mlnx_agent.ini.j2"
- "{{ node_custom_config }}/neutron/mlnx_agent.ini"
- "{{ node_custom_config }}/neutron/{{ inventory_hostname }}/mlnx_agent.ini"
dest: "{{ node_config_directory }}/{{ service_name }}/mlnx_agent.ini"
mode: "0660"
when:
- neutron_mlnx_agent.enabled | bool
- neutron_mlnx_agent.host_in_groups | bool
notify:
- "Restart {{ service_name }} container"
- name: Copying over eswitchd.conf
become: true
vars:
service_name: "neutron-eswitchd"
neutron_eswitchd: "{{ neutron_services[service_name] }}"
merge_configs:
sources:
- "{{ role_path }}/templates/eswitchd.conf.j2"
- "{{ node_custom_config }}/neutron/eswitchd.conf"
- "{{ node_custom_config }}/neutron/{{ inventory_hostname }}/eswitchd.conf"
dest: "{{ node_config_directory }}/{{ service_name }}/eswitchd.conf"
mode: "0660"
when:
- neutron_eswitchd.enabled | bool
- neutron_eswitchd.host_in_groups | bool
notify:
- "Restart {{ service_name }} container"
- name: Copying over dhcp_agent.ini
become: true
vars:
service_name: "neutron-dhcp-agent"
neutron_dhcp_agent: "{{ neutron_services[service_name] }}"
merge_configs:
sources:
- "{{ role_path }}/templates/dhcp_agent.ini.j2"
- "{{ node_custom_config }}/neutron/dhcp_agent.ini"
- "{{ node_custom_config }}/neutron/{{ inventory_hostname }}/dhcp_agent.ini"
dest: "{{ node_config_directory }}/{{ service_name }}/dhcp_agent.ini"
mode: "0660"
when:
- neutron_dhcp_agent.enabled | bool
- neutron_dhcp_agent.host_in_groups | bool
notify:
- "Restart {{ service_name }} container"
- name: Copying over dnsmasq.conf
become: true
vars:
service_name: "neutron-dhcp-agent"
neutron_dhcp_agent: "{{ neutron_services[service_name] }}"
template:
src: "{{ item }}"
dest: "{{ node_config_directory }}/{{ service_name }}/dnsmasq.conf"
mode: "0660"
with_first_found:
- "{{ node_custom_config }}/neutron/{{ inventory_hostname }}/dnsmasq.conf"
- "{{ node_custom_config }}/neutron/dnsmasq.conf"
- "dnsmasq.conf.j2"
when:
- neutron_dhcp_agent.enabled | bool
- neutron_dhcp_agent.host_in_groups | bool
notify:
- "Restart {{ service_name }} container"
- name: Copying over l3_agent.ini
become: true
vars:
service_name: "{{ item.key }}"
services_need_l3_agent_ini:
- "neutron-l3-agent"
merge_configs:
sources:
- "{{ role_path }}/templates/l3_agent.ini.j2"
- "{{ node_custom_config }}/neutron/l3_agent.ini"
- "{{ node_custom_config }}/neutron/{{ inventory_hostname }}/l3_agent.ini"
dest: "{{ node_config_directory }}/{{ service_name }}/l3_agent.ini"
mode: "0660"
when:
- item.key in services_need_l3_agent_ini
- item.value.enabled | bool
- item.value.host_in_groups | bool
with_dict: "{{ neutron_services }}"
notify:
- "Restart {{ item.key }} container"
- name: Copying over metadata_agent.ini
become: true
vars:
service_name: "neutron-metadata-agent"
neutron_metadata_agent: "{{ neutron_services[service_name] }}"
merge_configs:
sources:
- "{{ role_path }}/templates/metadata_agent.ini.j2"
- "{{ node_custom_config }}/neutron/metadata_agent.ini"
dest: "{{ node_config_directory }}/{{ service_name }}/metadata_agent.ini"
mode: "0660"
when:
- neutron_metadata_agent.enabled | bool
- neutron_metadata_agent.host_in_groups | bool
notify:
- "Restart {{ service_name }} container"
- name: Copying over neutron_ovn_metadata_agent.ini
become: true
vars:
service_name: "neutron-ovn-metadata-agent"
neutron_ovn_metadata_agent: "{{ neutron_services[service_name] }}"
merge_configs:
sources:
- "{{ role_path }}/templates/neutron_ovn_metadata_agent.ini.j2"
- "{{ node_custom_config }}/neutron/neutron_ovn_metadata_agent.ini"
dest: "{{ node_config_directory }}/{{ service_name }}/neutron_ovn_metadata_agent.ini"
mode: "0660"
when:
- neutron_ovn_metadata_agent.enabled | bool
- neutron_ovn_metadata_agent.host_in_groups | bool
notify:
- "Restart {{ service_name }} container"
- name: Copying over metering_agent.ini
become: true
vars:
service_name: "neutron-metering-agent"
neutron_metering_agent: "{{ neutron_services[service_name] }}"
merge_configs:
sources:
- "{{ role_path }}/templates/metering_agent.ini.j2"
- "{{ node_custom_config }}/neutron/metering_agent.ini"
dest: "{{ node_config_directory }}/{{ service_name }}/metering_agent.ini"
mode: "0660"
when:
- neutron_metering_agent.enabled | bool
- neutron_metering_agent.host_in_groups | bool
notify:
- "Restart {{ service_name }} container"
- name: Copying over ironic_neutron_agent.ini
become: true
vars:
service_name: "ironic-neutron-agent"
ironic_neutron_agent: "{{ neutron_services[service_name] }}"
merge_configs:
sources:
- "{{ role_path }}/templates/ironic_neutron_agent.ini.j2"
- "{{ node_custom_config }}/neutron/ironic_neutron_agent.ini"
dest: "{{ node_config_directory }}/{{ service_name }}/ironic_neutron_agent.ini"
mode: "0660"
when:
- ironic_neutron_agent.enabled | bool
- ironic_neutron_agent.host_in_groups | bool
notify:
- "Restart {{ service_name }} container"
- name: Copying over bgp_dragent.ini
become: true
vars:
service_name: "neutron-bgp-dragent"
neutron_bgp_dragent: "{{ neutron_services[service_name] }}"
merge_configs:
sources:
- "{{ role_path }}/templates/bgp_dragent.ini.j2"
- "{{ node_custom_config }}/neutron/bgp_dragent.ini"
dest: "{{ node_config_directory }}/{{ service_name }}/bgp_dragent.ini"
mode: "0660"
when:
- neutron_bgp_dragent.enabled | bool
- neutron_bgp_dragent.host_in_groups | bool
notify:
- "Restart {{ service_name }} container"
- name: Copying over nsx.ini
become: true
vars:
service_name: "neutron-server"
neutron_server: "{{ neutron_services[service_name] }}"
merge_configs:
sources:
- "{{ role_path }}/templates/nsx.ini.j2"
- "{{ node_custom_config }}/neutron/nsx.ini"
- "{{ node_custom_config }}/neutron/{{ inventory_hostname }}/nsx.ini"
dest: "{{ node_config_directory }}/{{ service_name }}/nsx.ini"
mode: "0660"
when:
- neutron_server.enabled | bool
- neutron_server.host_in_groups | bool
- neutron_plugin_agent in ['vmware_nsxv', 'vmware_nsxv3', 'vmware_dvs']
notify:
- "Restart {{ service_name }} container"
- name: Copy neutron-l3-agent-wrapper script
become: true
vars:
service_name: "neutron-l3-agent"
service: "{{ neutron_services[service_name] }}"
template:
src: neutron-l3-agent-wrapper.sh.j2
dest: "{{ node_config_directory }}/{{ service_name }}/neutron-l3-agent-wrapper.sh"
mode: "0770"
when:
- service.enabled | bool
- service.host_in_groups | bool
notify:
- "Restart {{ service_name }} container"
- name: Copying over extra ml2 plugins
become: true
vars:
service_name: "{{ item.0 }}"
services_need_ml2_conf_ini:
- "neutron-linuxbridge-agent"
- "neutron-openvswitch-agent"
- "neutron-server"
template:
src: "{{ item.2.path }}"
dest: "{{ node_config_directory }}/{{ service_name }}/{{ item.2.path | basename }}"
mode: "0660"
when:
- item.2 is defined
- item.1.enabled | bool
- item.1.host_in_groups | bool
- service_name in services_need_ml2_conf_ini
with_nested:
- "{{ neutron_services | dictsort }}"
- "{{ check_extra_ml2_plugins.files }}"
notify:
- "Restart {{ item.0 }} container"
- name: Copying over neutron-tls-proxy.cfg
vars:
neutron_tls_proxy: "{{ neutron_services['neutron-tls-proxy'] }}"
template:
src: "{{ item }}"
dest: "{{ node_config_directory }}/neutron-tls-proxy/neutron-tls-proxy.cfg"
mode: "0660"
become: true
with_first_found:
- "{{ node_custom_config }}/neutron/{{ inventory_hostname }}/neutron-tls-proxy.cfg"
- "{{ node_custom_config }}/neutron/neutron-tls-proxy.cfg"
- "neutron-tls-proxy.cfg.j2"
when:
- neutron_tls_proxy.enabled | bool
- neutron_tls_proxy.host_in_groups | bool
notify:
- Restart neutron-tls-proxy container