Support policy.yaml file [part 3]
- Heat - Ironic - Magum - Manila - Mistral This will copy only yaml or json policy file if they exist. Change-Id: I1ab71e2758dc99dd6654d433ece79600f0c44ce8 Implements: blueprint support-custom-policy-yaml Co-authored-By: Duong Ha-Quang <duonghq@vn.fujitsu.com>
This commit is contained in:
parent
574c68b375
commit
35b165c5f1
@ -5,7 +5,7 @@
|
||||
service: "{{ heat_services[service_name] }}"
|
||||
config_json: "{{ heat_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||
heat_conf: "{{ heat_confs.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||
policy_json: "{{ heat_policy_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||
policy_overwriting: "{{ heat_policy_overwriting.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||
heat_api_container: "{{ check_heat_containers.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||
kolla_docker:
|
||||
action: "recreate_or_restart_container"
|
||||
@ -19,7 +19,7 @@
|
||||
- service.enabled | bool
|
||||
- config_json.changed | bool
|
||||
or heat_conf.changed | bool
|
||||
or policy_json.changed | bool
|
||||
or policy_overwriting.changed | bool
|
||||
or heat_api_container.changed | bool
|
||||
|
||||
- name: Restart heat-api-cfn container
|
||||
@ -28,7 +28,7 @@
|
||||
service: "{{ heat_services[service_name] }}"
|
||||
config_json: "{{ heat_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||
heat_conf: "{{ heat_confs.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||
policy_json: "{{ heat_policy_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||
policy_overwriting: "{{ heat_policy_overwriting.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||
heat_api_cfn_container: "{{ check_heat_containers.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||
kolla_docker:
|
||||
action: "recreate_or_restart_container"
|
||||
@ -42,7 +42,7 @@
|
||||
- service.enabled | bool
|
||||
- config_json.changed | bool
|
||||
or heat_conf.changed | bool
|
||||
or policy_json.changed | bool
|
||||
or policy_overwriting.changed | bool
|
||||
or heat_api_cfn_container.changed | bool
|
||||
|
||||
- name: Restart heat-engine container
|
||||
@ -51,7 +51,7 @@
|
||||
service: "{{ heat_services[service_name] }}"
|
||||
config_json: "{{ heat_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||
heat_conf: "{{ heat_confs.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||
policy_json: "{{ heat_policy_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||
policy_overwriting: "{{ heat_policy_overwriting.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||
heat_engine_container: "{{ check_heat_containers.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||
kolla_docker:
|
||||
action: "recreate_or_restart_container"
|
||||
@ -65,5 +65,5 @@
|
||||
- service.enabled | bool
|
||||
- config_json.changed | bool
|
||||
or heat_conf.changed | bool
|
||||
or policy_json.changed | bool
|
||||
or policy_overwriting.changed | bool
|
||||
or heat_engine_container.changed | bool
|
||||
|
@ -13,6 +13,23 @@
|
||||
- item.value.enabled | bool
|
||||
with_dict: "{{ heat_services }}"
|
||||
|
||||
- name: Check if policies shall be overwritten
|
||||
local_action: stat path="{{ item }}"
|
||||
run_once: True
|
||||
register: heat_policy
|
||||
with_first_found:
|
||||
- files: "{{ supported_policy_format_list }}"
|
||||
paths:
|
||||
- "{{ node_custom_config }}/heat/"
|
||||
skip: true
|
||||
|
||||
- name: Set heat policy file
|
||||
set_fact:
|
||||
heat_policy_file: "{{ heat_policy.results.0.stat.path | basename }}"
|
||||
heat_policy_file_path: "{{ heat_policy.results.0.stat.path }}"
|
||||
when:
|
||||
- heat_policy.results
|
||||
|
||||
- name: Copying over config.json files for services
|
||||
become: true
|
||||
template:
|
||||
@ -61,20 +78,15 @@
|
||||
- Restart heat-api-cfn container
|
||||
- Restart heat-engine container
|
||||
|
||||
- name: Check if policies shall be overwritten
|
||||
local_action: stat path="{{ node_custom_config }}/heat/policy.json"
|
||||
run_once: True
|
||||
register: heat_policy
|
||||
|
||||
- name: Copying over existing policy.json
|
||||
- name: Copying over existing policy file
|
||||
become: true
|
||||
template:
|
||||
src: "{{ node_custom_config }}/heat/policy.json"
|
||||
dest: "{{ node_config_directory }}/{{ item.key }}/policy.json"
|
||||
src: "{{ heat_policy_file_path }}"
|
||||
dest: "{{ node_config_directory }}/{{ item.key }}/{{ heat_policy_file }}"
|
||||
mode: "0660"
|
||||
register: heat_policy_jsons
|
||||
register: heat_policy_overwriting
|
||||
when:
|
||||
- heat_policy.stat.exists
|
||||
- heat_policy_file is defined
|
||||
- inventory_hostname in groups[item.value.group]
|
||||
with_dict: "{{ heat_services }}"
|
||||
notify:
|
||||
|
@ -6,14 +6,13 @@
|
||||
"dest": "/etc/heat/heat.conf",
|
||||
"owner": "heat",
|
||||
"perm": "0600"
|
||||
},
|
||||
}{% if heat_policy_file is defined %},
|
||||
{
|
||||
"source": "{{ container_config_directory }}/policy.json",
|
||||
"dest": "/etc/heat/policy.json",
|
||||
"source": "{{ container_config_directory }}/{{ heat_policy_file }}",
|
||||
"dest": "/etc/heat/{{ heat_policy_file }}",
|
||||
"owner": "heat",
|
||||
"perm": "0600",
|
||||
"optional": true
|
||||
}
|
||||
"perm": "0600"
|
||||
}{% endif %}
|
||||
],
|
||||
"permissions": [
|
||||
{
|
||||
|
@ -6,14 +6,13 @@
|
||||
"dest": "/etc/heat/heat.conf",
|
||||
"owner": "heat",
|
||||
"perm": "0600"
|
||||
},
|
||||
}{% if heat_policy_file is defined %},
|
||||
{
|
||||
"source": "{{ container_config_directory }}/policy.json",
|
||||
"dest": "/etc/heat/policy.json",
|
||||
"source": "{{ container_config_directory }}/{{ heat_policy_file }}",
|
||||
"dest": "/etc/heat/{{ heat_policy_file }}",
|
||||
"owner": "heat",
|
||||
"perm": "0600",
|
||||
"optional": true
|
||||
}
|
||||
"perm": "0600"
|
||||
}{% endif %}
|
||||
],
|
||||
"permissions": [
|
||||
{
|
||||
|
@ -12,14 +12,13 @@
|
||||
"dest": "/etc/heat/environment.d/_deprecated.yaml",
|
||||
"owner": "heat",
|
||||
"perm": "0600"
|
||||
},
|
||||
}{% if heat_policy_file is defined %},
|
||||
{
|
||||
"source": "{{ container_config_directory }}/policy.json",
|
||||
"dest": "/etc/heat/policy.json",
|
||||
"source": "{{ container_config_directory }}/{{ heat_policy_file }}",
|
||||
"dest": "/etc/heat/{{ heat_policy_file }}",
|
||||
"owner": "heat",
|
||||
"perm": "0600",
|
||||
"optional": true
|
||||
}
|
||||
"perm": "0600"
|
||||
}{% endif %}
|
||||
],
|
||||
"permissions": [
|
||||
{
|
||||
|
@ -84,6 +84,11 @@ topics = 'notifications'
|
||||
driver = noop
|
||||
{% endif %}
|
||||
|
||||
{% if heat_policy_file is defined %}
|
||||
[oslo_policy]
|
||||
policy_file = {{ heat_policy_file }}
|
||||
{% endif %}
|
||||
|
||||
[clients]
|
||||
endpoint_type = internalURL
|
||||
|
||||
|
@ -11,6 +11,23 @@
|
||||
- "ironic-pxe"
|
||||
- "ironic-dnsmasq"
|
||||
|
||||
- name: Check if policies shall be overwritten
|
||||
local_action: stat path="{{ item }}"
|
||||
run_once: True
|
||||
register: ironic_policy
|
||||
with_first_found:
|
||||
- files: "{{ supported_policy_format_list }}"
|
||||
paths:
|
||||
- "{{ node_custom_config }}/ironic/"
|
||||
skip: true
|
||||
|
||||
- name: Set ironic policy file
|
||||
set_fact:
|
||||
ironic_policy_file: "{{ ironic_policy.results.0.stat.path | basename }}"
|
||||
ironic_policy_file_path: "{{ ironic_policy.results.0.stat.path }}"
|
||||
when:
|
||||
- ironic_policy.results
|
||||
|
||||
- name: Copying over config.json files for services
|
||||
template:
|
||||
src: "{{ item }}.json.j2"
|
||||
@ -99,19 +116,14 @@
|
||||
- inventory_hostname in groups['ironic-pxe']
|
||||
- not enable_ironic_pxe_uefi
|
||||
|
||||
- name: Check if policies shall be overwritten
|
||||
local_action: stat path="{{ node_custom_config }}/ironic/policy.json"
|
||||
run_once: True
|
||||
register: ironic_policy
|
||||
|
||||
- name: Copying over existing policy.json
|
||||
- name: Copying over existing policy file
|
||||
template:
|
||||
src: "{{ node_custom_config }}/ironic/policy.json"
|
||||
dest: "{{ node_config_directory }}/{{ item }}/policy.json"
|
||||
src: "{{ ironic_policy_file_path }}"
|
||||
dest: "{{ node_config_directory }}/{{ item }}/{{ ironic_policy_file }}"
|
||||
with_items:
|
||||
- "ironic-api"
|
||||
- "ironic-conductor"
|
||||
- "ironic-inspector"
|
||||
- "ironic-pxe"
|
||||
when:
|
||||
ironic_policy.stat.exists
|
||||
ironic_policy_file is defined
|
||||
|
@ -6,14 +6,13 @@
|
||||
"dest": "/etc/ironic/ironic.conf",
|
||||
"owner": "ironic",
|
||||
"perm": "0600"
|
||||
},
|
||||
}{% if ironic_policy_file is defined %},
|
||||
{
|
||||
"source": "{{ container_config_directory }}/policy.json",
|
||||
"dest": "/etc/ironic/policy.json",
|
||||
"source": "{{ container_config_directory }}/{{ ironic_policy_file }}",
|
||||
"dest": "/etc/ironic/{{ ironic_policy_file }}",
|
||||
"owner": "ironic",
|
||||
"perm": "0600",
|
||||
"optional": true
|
||||
}
|
||||
"perm": "0600"
|
||||
}{% endif %}
|
||||
],
|
||||
"permissions": [
|
||||
{
|
||||
|
@ -6,14 +6,13 @@
|
||||
"dest": "/etc/ironic/ironic.conf",
|
||||
"owner": "ironic",
|
||||
"perm": "0600"
|
||||
},
|
||||
}{% if ironic_policy_file is defined %},
|
||||
{
|
||||
"source": "{{ container_config_directory }}/policy.json",
|
||||
"dest": "/etc/ironic/policy.json",
|
||||
"source": "{{ container_config_directory }}/{{ ironic_policy_file }}",
|
||||
"dest": "/etc/ironic/{{ ironic_policy_file }}",
|
||||
"owner": "ironic",
|
||||
"perm": "0600",
|
||||
"optional": true
|
||||
}
|
||||
"perm": "0600"
|
||||
}{% endif %}
|
||||
],
|
||||
"permissions": [
|
||||
{
|
||||
|
@ -29,6 +29,11 @@ memcache_security_strategy = ENCRYPT
|
||||
memcache_secret_key = {{ memcache_secret_key }}
|
||||
memcached_servers = {% for host in groups['memcached'] %}{{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ memcached_port }}{% if not loop.last %},{% endif %}{% endfor %}
|
||||
|
||||
{% if ironic_policy_file is defined %}
|
||||
[oslo_policy]
|
||||
policy_file = {{ ironic_policy_file }}
|
||||
{% endif %}
|
||||
|
||||
[firewall]
|
||||
dnsmasq_interface = {{ ironic_dnsmasq_interface }}
|
||||
|
||||
|
@ -6,13 +6,12 @@
|
||||
"dest": "/etc/ironic-inspector/inspector.conf",
|
||||
"owner": "ironic-inspector",
|
||||
"perm": "0600"
|
||||
},
|
||||
}{% if ironic_policy_file is defined %},
|
||||
{
|
||||
"source": "{{ container_config_directory }}/policy.json",
|
||||
"dest": "/etc/ironic-inspector/policy.json",
|
||||
"owner": "ironic-inspector",
|
||||
"perm": "0600",
|
||||
"optional": true
|
||||
}
|
||||
"source": "{{ container_config_directory }}/{{ ironic_policy_file }}",
|
||||
"dest": "/etc/ironic/{{ ironic_policy_file }}",
|
||||
"owner": "ironic",
|
||||
"perm": "0600"
|
||||
}{% endif %}
|
||||
]
|
||||
}
|
||||
|
@ -20,6 +20,11 @@ transport_url = {{ rpc_transport_url }}
|
||||
[oslo_messaging_notifications]
|
||||
transport_url = {{ notify_transport_url }}
|
||||
|
||||
{% if ironic_policy_file is defined %}
|
||||
[oslo_policy]
|
||||
policy_file = {{ ironic_policy_file }}
|
||||
{% endif %}
|
||||
|
||||
{% if service_name == 'ironic-api' %}
|
||||
[api]
|
||||
host_ip = {{ api_interface_address }}
|
||||
|
@ -5,7 +5,7 @@
|
||||
service: "{{ magnum_services[service_name] }}"
|
||||
config_json: "{{ magnum_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||
magnum_conf: "{{ magnum_confs.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||
policy_json: "{{ magnum_policy_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||
policy_overwriting: "{{ magnum_policy_overwriting.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||
magnum_api_container: "{{ check_magnum_containers.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||
kolla_docker:
|
||||
action: "recreate_or_restart_container"
|
||||
@ -20,7 +20,7 @@
|
||||
- service.enabled | bool
|
||||
- config_json.changed | bool
|
||||
or magnum_conf.changed | bool
|
||||
or policy_json.changed | bool
|
||||
or policy_overwriting.changed | bool
|
||||
or magnum_api_container.changed | bool
|
||||
|
||||
- name: Restart magnum-conductor container
|
||||
@ -29,7 +29,7 @@
|
||||
service: "{{ magnum_services[service_name] }}"
|
||||
config_json: "{{ magnum_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||
magnum_conf: "{{ magnum_confs.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||
policy_json: "{{ magnum_policy_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||
policy_overwriting: "{{ magnum_policy_overwriting.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||
magnum_conductor_container: "{{ check_magnum_containers.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||
kolla_docker:
|
||||
action: "recreate_or_restart_container"
|
||||
@ -44,5 +44,5 @@
|
||||
- service.enabled | bool
|
||||
- config_json.changed | bool
|
||||
or magnum_conf.changed | bool
|
||||
or policy_json.changed | bool
|
||||
or policy_overwriting.changed | bool
|
||||
or magnum_conductor_container.changed | bool
|
||||
|
@ -9,6 +9,23 @@
|
||||
- item.value.enabled | bool
|
||||
with_dict: "{{ magnum_services }}"
|
||||
|
||||
- name: Check if policies shall be overwritten
|
||||
local_action: stat path="{{ item }}"
|
||||
run_once: True
|
||||
register: magnum_policy
|
||||
with_first_found:
|
||||
- files: "{{ supported_policy_format_list }}"
|
||||
paths:
|
||||
- "{{ node_custom_config }}/magnum/"
|
||||
skip: true
|
||||
|
||||
- name: Set magnum policy file
|
||||
set_fact:
|
||||
magnum_policy_file: "{{ magnum_policy.results.0.stat.path | basename }}"
|
||||
magnum_policy_file_path: "{{ magnum_policy.results.0.stat.path }}"
|
||||
when:
|
||||
- magnum_policy.results
|
||||
|
||||
- name: Copying over config.json files for services
|
||||
template:
|
||||
src: "{{ item.key }}.json.j2"
|
||||
@ -42,18 +59,13 @@
|
||||
- Restart magnum-api container
|
||||
- Restart magnum-conductor container
|
||||
|
||||
- name: Check if policies shall be overwritten
|
||||
local_action: stat path="{{ node_custom_config }}/magnum/policy.json"
|
||||
run_once: True
|
||||
register: magnum_policy
|
||||
|
||||
- name: Copying over existing policy.json
|
||||
- name: Copying over existing policy file
|
||||
template:
|
||||
src: "{{ node_custom_config }}/magnum/policy.json"
|
||||
dest: "{{ node_config_directory }}/{{ item.key }}/policy.json"
|
||||
register: magnum_policy_jsons
|
||||
src: "{{ magnum_policy_file_path }}"
|
||||
dest: "{{ node_config_directory }}/{{ item.key }}/{{ magnum_policy_file }}"
|
||||
register: magnum_policy_overwriting
|
||||
when:
|
||||
- magnum_policy.stat.exists
|
||||
- magnum_policy_file is defined
|
||||
- inventory_hostname in groups[item.value.group]
|
||||
- item.value.enabled | bool
|
||||
with_dict: "{{ magnum_services }}"
|
||||
|
@ -6,14 +6,13 @@
|
||||
"dest": "/etc/magnum/magnum.conf",
|
||||
"owner": "magnum",
|
||||
"perm": "0600"
|
||||
},
|
||||
}{% if magnum_policy_file is defined %},
|
||||
{
|
||||
"source": "{{ container_config_directory }}/policy.json",
|
||||
"dest": "/etc/magnum/policy.json",
|
||||
"source": "{{ container_config_directory }}/{{ magnum_policy_file }}",
|
||||
"dest": "/etc/magnum/{{ magnum_policy_file }}",
|
||||
"owner": "magnum",
|
||||
"perm": "0600",
|
||||
"optional": true
|
||||
}
|
||||
"perm": "0600"
|
||||
}{% endif %}
|
||||
],
|
||||
"permissions": [
|
||||
{
|
||||
|
@ -6,14 +6,13 @@
|
||||
"dest": "/etc/magnum/magnum.conf",
|
||||
"owner": "magnum",
|
||||
"perm": "0600"
|
||||
},
|
||||
}{% if magnum_policy_file is defined %},
|
||||
{
|
||||
"source": "{{ container_config_directory }}/policy.json",
|
||||
"dest": "/etc/magnum/policy.json",
|
||||
"source": "{{ container_config_directory }}/{{ magnum_policy_file }}",
|
||||
"dest": "/etc/magnum/{{ magnum_policy_file }}",
|
||||
"owner": "magnum",
|
||||
"perm": "0600",
|
||||
"optional": true
|
||||
}
|
||||
"perm": "0600"
|
||||
}{% endif %}
|
||||
],
|
||||
"permissions": [
|
||||
{
|
||||
|
@ -93,6 +93,11 @@ topics = 'notifications'
|
||||
driver = noop
|
||||
{% endif %}
|
||||
|
||||
{% if magnum_policy_file is defined %}
|
||||
[oslo_policy]
|
||||
policy_file = {{ magnum_policy_file }}
|
||||
{% endif %}
|
||||
|
||||
{% if enable_osprofiler | bool %}
|
||||
[profiler]
|
||||
enabled = true
|
||||
|
@ -5,7 +5,7 @@
|
||||
service: "{{ manila_services[service_name] }}"
|
||||
config_json: "{{ manila_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||
manila_conf: "{{ manila_confs.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||
policy_json: "{{ policy_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||
policy_overwriting: "{{ manila_policy_overwriting.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||
manila_api_container: "{{ check_manila_containers.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||
kolla_docker:
|
||||
action: "recreate_or_restart_container"
|
||||
@ -19,7 +19,7 @@
|
||||
- service.enabled | bool
|
||||
- config_json.changed | bool
|
||||
or manila_conf.changed | bool
|
||||
or policy_json.changed | bool
|
||||
or policy_overwriting.changed | bool
|
||||
or manila_api_container.changed | bool
|
||||
|
||||
- name: Restart manila-data container
|
||||
@ -28,7 +28,7 @@
|
||||
service: "{{ manila_services[service_name] }}"
|
||||
config_json: "{{ manila_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||
manila_conf: "{{ manila_confs.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||
policy_json: "{{ policy_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||
policy_overwriting: "{{ manila_policy_overwriting.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||
manila_data_container: "{{ check_manila_containers.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||
kolla_docker:
|
||||
action: "recreate_or_restart_container"
|
||||
@ -43,7 +43,7 @@
|
||||
- service.enabled | bool
|
||||
- config_json.changed | bool
|
||||
or manila_conf.changed | bool
|
||||
or policy_json.changed | bool
|
||||
or policy_overwriting.changed | bool
|
||||
or manila_data_container.changed | bool
|
||||
|
||||
- name: Restart manila-scheduler container
|
||||
@ -52,7 +52,7 @@
|
||||
service: "{{ manila_services[service_name] }}"
|
||||
config_json: "{{ manila_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||
manila_conf: "{{ manila_confs.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||
policy_json: "{{ policy_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||
policy_overwriting: "{{ manila_policy_overwriting.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||
manila_scheduler_container: "{{ check_manila_containers.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||
kolla_docker:
|
||||
action: "recreate_or_restart_container"
|
||||
@ -66,7 +66,7 @@
|
||||
- service.enabled | bool
|
||||
- config_json.changed | bool
|
||||
or manila_conf.changed | bool
|
||||
or policy_json.changed | bool
|
||||
or policy_overwriting.changed | bool
|
||||
or manila_scheduler_container.changed | bool
|
||||
|
||||
- name: Restart manila-share container
|
||||
@ -74,7 +74,7 @@
|
||||
service_name: "manila-share"
|
||||
service: "{{ manila_services[service_name] }}"
|
||||
config_json: "{{ manila_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||
policy_json: "{{ policy_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||
policy_overwriting: "{{ manila_policy_overwriting.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||
manila_share_container: "{{ check_manila_containers.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||
kolla_docker:
|
||||
action: "recreate_or_restart_container"
|
||||
@ -89,5 +89,5 @@
|
||||
- service.enabled | bool
|
||||
- config_json.changed | bool
|
||||
or manila_conf_share.changed | bool
|
||||
or policy_json.changed | bool
|
||||
or policy_overwriting.changed | bool
|
||||
or manila_share_container.changed | bool
|
||||
|
@ -9,6 +9,23 @@
|
||||
- item.value.enabled | bool
|
||||
with_dict: "{{ manila_services }}"
|
||||
|
||||
- name: Check if policies shall be overwritten
|
||||
local_action: stat path="{{ item }}"
|
||||
run_once: True
|
||||
register: manila_policy
|
||||
with_first_found:
|
||||
- files: "{{ supported_policy_format_list }}"
|
||||
paths:
|
||||
- "{{ node_custom_config }}/manila/"
|
||||
skip: true
|
||||
|
||||
- name: Set manila policy file
|
||||
set_fact:
|
||||
manila_policy_file: "{{ manila_policy.results.0.stat.path | basename }}"
|
||||
manila_policy_file_path: "{{ manila_policy.results.0.stat.path }}"
|
||||
when:
|
||||
- manila_policy.results
|
||||
|
||||
- name: Copying over config.json files for services
|
||||
template:
|
||||
src: "{{ item.key }}.json.j2"
|
||||
@ -66,18 +83,13 @@
|
||||
notify:
|
||||
- Restart manila-share container
|
||||
|
||||
- name: Check if policies shall be overwritten
|
||||
local_action: stat path="{{ node_custom_config }}/manila/policy.json"
|
||||
run_once: True
|
||||
register: manila_policy
|
||||
|
||||
- name: Copying over existing policy.json
|
||||
- name: Copying over existing policy file
|
||||
template:
|
||||
src: "{{ node_custom_config }}/manila/policy.json"
|
||||
dest: "{{ node_config_directory }}/{{ item.key }}/policy.json"
|
||||
register: policy_jsons
|
||||
src: "{{ manila_policy_file_path }}"
|
||||
dest: "{{ node_config_directory }}/{{ item.key }}/{{ manila_policy_file }}"
|
||||
register: manila_policy_overwriting
|
||||
when:
|
||||
- manila_policy.stat.exists
|
||||
- manila_policy_file is defined
|
||||
- inventory_hostname in groups[item.value.group]
|
||||
- item.value.enabled | bool
|
||||
with_dict: "{{ manila_services }}"
|
||||
|
@ -6,14 +6,13 @@
|
||||
"dest": "/etc/manila/manila.conf",
|
||||
"owner": "manila",
|
||||
"perm": "0600"
|
||||
},
|
||||
}{% if manila_policy_file is defined %},
|
||||
{
|
||||
"source": "{{ container_config_directory }}/policy.json",
|
||||
"dest": "/etc/manila/policy.json",
|
||||
"source": "{{ container_config_directory }}/{{ manila_policy_file }}",
|
||||
"dest": "/etc/manila/{{ manila_policy_file }}",
|
||||
"owner": "manila",
|
||||
"perm": "0600",
|
||||
"optional": true
|
||||
}
|
||||
"perm": "0600"
|
||||
}{% endif %}
|
||||
],
|
||||
"permissions": [
|
||||
{
|
||||
|
@ -6,14 +6,13 @@
|
||||
"dest": "/etc/manila/manila.conf",
|
||||
"owner": "manila",
|
||||
"perm": "0600"
|
||||
},
|
||||
}{% if manila_policy_file is defined %},
|
||||
{
|
||||
"source": "{{ container_config_directory }}/policy.json",
|
||||
"dest": "/etc/manila/policy.json",
|
||||
"source": "{{ container_config_directory }}/{{ manila_policy_file }}",
|
||||
"dest": "/etc/manila/{{ manila_policy_file }}",
|
||||
"owner": "manila",
|
||||
"perm": "0600",
|
||||
"optional": true
|
||||
}
|
||||
"perm": "0600"
|
||||
}{% endif %}
|
||||
],
|
||||
"permissions": [
|
||||
{
|
||||
|
@ -6,14 +6,13 @@
|
||||
"dest": "/etc/manila/manila.conf",
|
||||
"owner": "manila",
|
||||
"perm": "0600"
|
||||
},
|
||||
}{% if manila_policy_file is defined %},
|
||||
{
|
||||
"source": "{{ container_config_directory }}/policy.json",
|
||||
"dest": "/etc/manila/policy.json",
|
||||
"source": "{{ container_config_directory }}/{{ manila_policy_file }}",
|
||||
"dest": "/etc/manila/{{ manila_policy_file }}",
|
||||
"owner": "manila",
|
||||
"perm": "0600",
|
||||
"optional": true
|
||||
}
|
||||
"perm": "0600"
|
||||
}{% endif %}
|
||||
],
|
||||
"permissions": [
|
||||
{
|
||||
|
@ -72,6 +72,11 @@ service_image_name = manila-service-image
|
||||
share_backend_name = GENERIC
|
||||
{% endif %}
|
||||
|
||||
{% if manila_policy_file is defined %}
|
||||
[oslo_policy]
|
||||
policy_file = {{ manila_policy_file }}
|
||||
{% endif %}
|
||||
|
||||
{% if enable_manila_backend_hnas | bool %}
|
||||
[hnas1]
|
||||
share_backend_name = HNAS1
|
||||
|
@ -12,14 +12,13 @@
|
||||
"dest": "/etc/ceph/",
|
||||
"owner": "manila",
|
||||
"perm": "0600"
|
||||
}{% endif %},
|
||||
}{% endif %}{% if manila_policy_file is defined %},
|
||||
{
|
||||
"source": "{{ container_config_directory }}/policy.json",
|
||||
"dest": "/etc/manila/policy.json",
|
||||
"source": "{{ container_config_directory }}/{{ manila_policy_file }}",
|
||||
"dest": "/etc/manila/{{ manila_policy_file }}",
|
||||
"owner": "manila",
|
||||
"perm": "0600",
|
||||
"optional": true
|
||||
}
|
||||
"perm": "0600"
|
||||
}{% endif %}
|
||||
],
|
||||
"permissions": [
|
||||
{
|
||||
|
@ -44,3 +44,8 @@ memcached_servers = {% for host in groups['memcached'] %}{{ hostvars[host]['ansi
|
||||
|
||||
[oslo_messaging_notifications]
|
||||
transport_url = {{ notify_transport_url }}
|
||||
|
||||
{% if manila_policy_file is defined %}
|
||||
[oslo_policy]
|
||||
policy_file = {{ manila_policy_file }}
|
||||
{% endif %}
|
||||
|
@ -5,7 +5,7 @@
|
||||
service: "{{ mistral_services[service_name] }}"
|
||||
config_json: "{{ mistral_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||
mistral_conf: "{{ mistral_confs.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||
policy_json: "{{ mistral_policy_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||
policy_overwriting: "{{ mistral_policy_overwriting.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||
mistral_api_container: "{{ check_mistral_containers.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||
kolla_docker:
|
||||
action: "recreate_or_restart_container"
|
||||
@ -19,7 +19,7 @@
|
||||
- service.enabled | bool
|
||||
- config_json.changed | bool
|
||||
or mistral_conf.changed | bool
|
||||
or policy_json.changed | bool
|
||||
or policy_overwriting.changed | bool
|
||||
or mistral_api_container.changed | bool
|
||||
|
||||
- name: Restart mistral-engine container
|
||||
@ -28,7 +28,7 @@
|
||||
service: "{{ mistral_services[service_name] }}"
|
||||
config_json: "{{ mistral_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||
mistral_conf: "{{ mistral_confs.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||
policy_json: "{{ mistral_policy_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||
policy_overwriting: "{{ mistral_policy_overwriting.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||
mistral_engine_container: "{{ check_mistral_containers.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||
kolla_docker:
|
||||
action: "recreate_or_restart_container"
|
||||
@ -42,7 +42,7 @@
|
||||
- service.enabled | bool
|
||||
- config_json.changed | bool
|
||||
or mistral_conf.changed | bool
|
||||
or policy_json.changed | bool
|
||||
or policy_overwriting.changed | bool
|
||||
or mistral_engine_container.changed | bool
|
||||
|
||||
- name: Restart mistral-executor container
|
||||
@ -51,7 +51,7 @@
|
||||
service: "{{ mistral_services[service_name] }}"
|
||||
config_json: "{{ mistral_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||
mistral_conf: "{{ mistral_confs.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||
policy_json: "{{ mistral_policy_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||
policy_overwriting: "{{ mistral_policy_overwriting.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||
mistral_executor_container: "{{ check_mistral_containers.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||
kolla_docker:
|
||||
action: "recreate_or_restart_container"
|
||||
@ -65,5 +65,5 @@
|
||||
- service.enabled | bool
|
||||
- config_json.changed | bool
|
||||
or mistral_conf.changed | bool
|
||||
or policy_json.changed | bool
|
||||
or policy_overwriting.changed | bool
|
||||
or mistral_executor_container.changed | bool
|
||||
|
@ -7,6 +7,23 @@
|
||||
when: inventory_hostname in groups[item.value.group]
|
||||
with_dict: "{{ mistral_services }}"
|
||||
|
||||
- name: Check if policies shall be overwritten
|
||||
local_action: stat path="{{ item }}"
|
||||
run_once: True
|
||||
register: mistral_policy
|
||||
with_first_found:
|
||||
- files: "{{ supported_policy_format_list }}"
|
||||
paths:
|
||||
- "{{ node_custom_config }}/mistral/"
|
||||
skip: true
|
||||
|
||||
- name: Set mistral policy file
|
||||
set_fact:
|
||||
mistral_policy_file: "{{ mistral_policy.results.0.stat.path | basename }}"
|
||||
mistral_policy_file_path: "{{ mistral_policy.results.0.stat.path }}"
|
||||
when:
|
||||
- mistral_policy.results
|
||||
|
||||
- name: Copying over config.json files for services
|
||||
template:
|
||||
src: "{{ item.key }}.json.j2"
|
||||
@ -38,18 +55,15 @@
|
||||
notify:
|
||||
- Restart {{ item.key }} container
|
||||
|
||||
- name: Check if policies shall be overwritten
|
||||
local_action: stat path="{{ node_custom_config }}/mistral/policy.json"
|
||||
run_once: True
|
||||
register: mistral_policy
|
||||
|
||||
- name: Copying over existing policy.json
|
||||
- name: Copying over existing policy file
|
||||
template:
|
||||
src: "{{ node_custom_config }}/mistral/policy.json"
|
||||
dest: "{{ node_config_directory }}/{{ item.key }}/policy.json"
|
||||
register: mistral_policy_jsons
|
||||
src: "{{ mistral_policy_file_path }}"
|
||||
dest: "{{ node_config_directory }}/{{ item.key }}/{{ mistral_policy_file }}"
|
||||
mode: "0660"
|
||||
become: true
|
||||
register: mistral_policy_overwriting
|
||||
when:
|
||||
- mistral_policy.stat.exists
|
||||
- mistral_policy_file is defined
|
||||
- inventory_hostname in groups[item.value.group]
|
||||
- item.value.enabled | bool
|
||||
with_dict: "{{ mistral_services }}"
|
||||
|
@ -6,14 +6,13 @@
|
||||
"dest": "/etc/mistral/mistral.conf",
|
||||
"owner": "mistral",
|
||||
"perm": "0600"
|
||||
},
|
||||
}{% if mistral_policy_file is defined %},
|
||||
{
|
||||
"source": "{{ container_config_directory }}/policy.json",
|
||||
"dest": "/etc/mistral/policy.json",
|
||||
"source": "{{ container_config_directory }}/{{ mistral_policy_file }}",
|
||||
"dest": "/etc/mistral/{{ mistral_policy_file }}",
|
||||
"owner": "mistral",
|
||||
"perm": "0600",
|
||||
"optional": true
|
||||
}
|
||||
"perm": "0600"
|
||||
}{% endif %}
|
||||
],
|
||||
"permissions": [
|
||||
{
|
||||
|
@ -6,14 +6,13 @@
|
||||
"dest": "/etc/mistral/mistral.conf",
|
||||
"owner": "mistral",
|
||||
"perm": "0600"
|
||||
},
|
||||
}{% if mistral_policy_file is defined %},
|
||||
{
|
||||
"source": "{{ container_config_directory }}/policy.json",
|
||||
"dest": "/etc/mistral/policy.json",
|
||||
"source": "{{ container_config_directory }}/{{ mistral_policy_file }}",
|
||||
"dest": "/etc/mistral/{{ mistral_policy_file }}",
|
||||
"owner": "mistral",
|
||||
"perm": "0600",
|
||||
"optional": true
|
||||
}
|
||||
"perm": "0600"
|
||||
}{% endif %}
|
||||
],
|
||||
"permissions": [
|
||||
{
|
||||
|
@ -6,14 +6,13 @@
|
||||
"dest": "/etc/mistral/mistral.conf",
|
||||
"owner": "mistral",
|
||||
"perm": "0600"
|
||||
},
|
||||
}{% if mistral_policy_file is defined %},
|
||||
{
|
||||
"source": "{{ container_config_directory }}/policy.json",
|
||||
"dest": "/etc/mistral/policy.json",
|
||||
"source": "{{ container_config_directory }}/{{ mistral_policy_file }}",
|
||||
"dest": "/etc/mistral/{{ mistral_policy_file }}",
|
||||
"owner": "mistral",
|
||||
"perm": "0600",
|
||||
"optional": true
|
||||
}
|
||||
"perm": "0600"
|
||||
}{% endif %}
|
||||
],
|
||||
"permissions": [
|
||||
{
|
||||
|
@ -57,6 +57,11 @@ default_region = {{ openstack_region_name }}
|
||||
transport_url = {{ notify_transport_url }}
|
||||
driver = noop
|
||||
|
||||
{% if mistral_policy_file is defined %}
|
||||
[oslo_policy]
|
||||
policy_file = {{ mistral_policy_file }}
|
||||
{% endif %}
|
||||
|
||||
{% if enable_osprofiler | bool %}
|
||||
[profiler]
|
||||
enabled = true
|
||||
|
Loading…
x
Reference in New Issue
Block a user