Support policy.yaml file [part 4]
- Barbican - Ceilometer - Cloudkitty - Congress - Designate This will copy only yaml or json policy file if they exist. Change-Id: Iaa19f64073d8bdee948bc2de58e095ca72afc092 Implements: blueprint support-custom-policy-yaml Co-authored-By: Duong Ha-Quang <duonghq@vn.fujitsu.com>
This commit is contained in:
parent
574c68b375
commit
6b99f21341
@ -5,7 +5,7 @@
|
|||||||
service: "{{ barbican_services[service_name] }}"
|
service: "{{ barbican_services[service_name] }}"
|
||||||
config_json: "{{ barbican_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
config_json: "{{ barbican_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
barbican_conf: "{{ barbican_confs.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
barbican_conf: "{{ barbican_confs.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
policy_json: "{{ barbican_policy_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
policy_overwriting: "{{ barbican_policy_overwriting.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
barbican_api_container: "{{ check_barbican_containers.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
barbican_api_container: "{{ check_barbican_containers.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
kolla_docker:
|
kolla_docker:
|
||||||
action: "recreate_or_restart_container"
|
action: "recreate_or_restart_container"
|
||||||
@ -19,7 +19,7 @@
|
|||||||
- service.enabled | bool
|
- service.enabled | bool
|
||||||
- config_json.changed | bool
|
- config_json.changed | bool
|
||||||
or barbican_conf.changed | bool
|
or barbican_conf.changed | bool
|
||||||
or policy_json.changed | bool
|
or policy_overwriting.changed | bool
|
||||||
or barbican_api_ini.changed | bool
|
or barbican_api_ini.changed | bool
|
||||||
or barbican_api_paste.changed | bool
|
or barbican_api_paste.changed | bool
|
||||||
or barbican_api_container.changed | bool
|
or barbican_api_container.changed | bool
|
||||||
@ -30,7 +30,7 @@
|
|||||||
service: "{{ barbican_services[service_name] }}"
|
service: "{{ barbican_services[service_name] }}"
|
||||||
config_json: "{{ barbican_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
config_json: "{{ barbican_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
barbican_conf: "{{ barbican_confs.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
barbican_conf: "{{ barbican_confs.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
policy_json: "{{ barbican_policy_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
policy_overwriting: "{{ barbican_policy_overwriting.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
barbican_keystone_listener_container: "{{ check_barbican_containers.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
barbican_keystone_listener_container: "{{ check_barbican_containers.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
kolla_docker:
|
kolla_docker:
|
||||||
action: "recreate_or_restart_container"
|
action: "recreate_or_restart_container"
|
||||||
@ -44,7 +44,7 @@
|
|||||||
- service.enabled | bool
|
- service.enabled | bool
|
||||||
- config_json.changed | bool
|
- config_json.changed | bool
|
||||||
or barbican_conf.changed | bool
|
or barbican_conf.changed | bool
|
||||||
or policy_json.changed | bool
|
or policy_overwriting.changed | bool
|
||||||
or barbican_keystone_listener_container.changed | bool
|
or barbican_keystone_listener_container.changed | bool
|
||||||
|
|
||||||
- name: Restart barbican-worker container
|
- name: Restart barbican-worker container
|
||||||
@ -53,7 +53,7 @@
|
|||||||
service: "{{ barbican_services[service_name] }}"
|
service: "{{ barbican_services[service_name] }}"
|
||||||
config_json: "{{ barbican_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
config_json: "{{ barbican_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
barbican_conf: "{{ barbican_confs.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
barbican_conf: "{{ barbican_confs.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
policy_json: "{{ barbican_policy_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
policy_overwriting: "{{ barbican_policy_overwriting.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
barbican_worker_container: "{{ check_barbican_containers.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
barbican_worker_container: "{{ check_barbican_containers.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
kolla_docker:
|
kolla_docker:
|
||||||
action: "recreate_or_restart_container"
|
action: "recreate_or_restart_container"
|
||||||
@ -67,5 +67,5 @@
|
|||||||
- service.enabled | bool
|
- service.enabled | bool
|
||||||
- config_json.changed | bool
|
- config_json.changed | bool
|
||||||
or barbican_conf.changed | bool
|
or barbican_conf.changed | bool
|
||||||
or policy_json.changed | bool
|
or policy_overwriting.changed | bool
|
||||||
or barbican_worker_container.changed | bool
|
or barbican_worker_container.changed | bool
|
||||||
|
@ -9,6 +9,23 @@
|
|||||||
- "barbican-keystone-listener"
|
- "barbican-keystone-listener"
|
||||||
- "barbican-worker"
|
- "barbican-worker"
|
||||||
|
|
||||||
|
- name: Check if policies shall be overwritten
|
||||||
|
local_action: stat path="{{ item }}"
|
||||||
|
run_once: True
|
||||||
|
register: barbican_policy
|
||||||
|
with_first_found:
|
||||||
|
- files: "{{ supported_policy_format_list }}"
|
||||||
|
paths:
|
||||||
|
- "{{ node_custom_config }}/barbican/"
|
||||||
|
skip: true
|
||||||
|
|
||||||
|
- name: Set barbican policy file
|
||||||
|
set_fact:
|
||||||
|
barbican_policy_file: "{{ barbican_policy.results.0.stat.path | basename }}"
|
||||||
|
barbican_policy_file_path: "{{ barbican_policy.results.0.stat.path }}"
|
||||||
|
when:
|
||||||
|
- barbican_policy.results
|
||||||
|
|
||||||
- name: Copying over config.json files for services
|
- name: Copying over config.json files for services
|
||||||
template:
|
template:
|
||||||
src: "{{ item.key }}.json.j2"
|
src: "{{ item.key }}.json.j2"
|
||||||
@ -79,18 +96,13 @@
|
|||||||
notify:
|
notify:
|
||||||
- Restart {{ item.key }} container
|
- Restart {{ item.key }} container
|
||||||
|
|
||||||
- name: Check if policies shall be overwritten
|
- name: Copying over existing policy file
|
||||||
local_action: stat path="{{ node_custom_config }}/barbican/policy.json"
|
|
||||||
run_once: True
|
|
||||||
register: barbican_policy
|
|
||||||
|
|
||||||
- name: Copying over existing policy.json
|
|
||||||
template:
|
template:
|
||||||
src: "{{ node_custom_config }}/barbican/policy.json"
|
src: "{{ barbican_policy_file_path }}"
|
||||||
dest: "{{ node_config_directory }}/{{ item.key }}/policy.json"
|
dest: "{{ node_config_directory }}/{{ item.key }}/{{ barbican_policy_file }}"
|
||||||
register: barbican_policy_jsons
|
register: barbican_policy_overwriting
|
||||||
when:
|
when:
|
||||||
- barbican_policy.stat.exists
|
- barbican_policy_file is defined
|
||||||
- inventory_hostname in groups[item.value.group]
|
- inventory_hostname in groups[item.value.group]
|
||||||
- item.value.enabled | bool
|
- item.value.enabled | bool
|
||||||
with_dict: "{{ barbican_services }}"
|
with_dict: "{{ barbican_services }}"
|
||||||
|
@ -19,14 +19,13 @@
|
|||||||
"owner": "barbican",
|
"owner": "barbican",
|
||||||
"perm": "0600",
|
"perm": "0600",
|
||||||
"optional": true
|
"optional": true
|
||||||
},
|
}{% if barbican_policy_file is defined %},
|
||||||
{
|
{
|
||||||
"source": "{{ container_config_directory }}/policy.json",
|
"source": "{{ container_config_directory }}/{{ barbican_policy_file }}",
|
||||||
"dest": "/etc/barbican/policy.json",
|
"dest": "/etc/barbican/{{ barbican_policy_file }}",
|
||||||
"owner": "barbican",
|
"owner": "barbican",
|
||||||
"perm": "0600",
|
"perm": "0600"
|
||||||
"optional": true
|
}{% endif %}
|
||||||
}
|
|
||||||
],
|
],
|
||||||
"permissions": [
|
"permissions": [
|
||||||
{
|
{
|
||||||
|
@ -6,14 +6,13 @@
|
|||||||
"dest": "/etc/barbican/barbican.conf",
|
"dest": "/etc/barbican/barbican.conf",
|
||||||
"owner": "barbican",
|
"owner": "barbican",
|
||||||
"perm": "0600"
|
"perm": "0600"
|
||||||
},
|
}{% if barbican_policy_file is defined %},
|
||||||
{
|
{
|
||||||
"source": "{{ container_config_directory }}/policy.json",
|
"source": "{{ container_config_directory }}/{{ barbican_policy_file }}",
|
||||||
"dest": "/etc/barbican/policy.json",
|
"dest": "/etc/barbican/{{ barbican_policy_file }}",
|
||||||
"owner": "barbican",
|
"owner": "barbican",
|
||||||
"perm": "0600",
|
"perm": "0600"
|
||||||
"optional": true
|
}{% endif %}
|
||||||
}
|
|
||||||
],
|
],
|
||||||
"permissions": [
|
"permissions": [
|
||||||
{
|
{
|
||||||
|
@ -6,14 +6,13 @@
|
|||||||
"dest": "/etc/barbican/barbican.conf",
|
"dest": "/etc/barbican/barbican.conf",
|
||||||
"owner": "barbican",
|
"owner": "barbican",
|
||||||
"perm": "0600"
|
"perm": "0600"
|
||||||
},
|
}{% if barbican_policy_file is defined %},
|
||||||
{
|
{
|
||||||
"source": "{{ container_config_directory }}/policy.json",
|
"source": "{{ container_config_directory }}/{{ barbican_policy_file }}",
|
||||||
"dest": "/etc/barbican/policy.json",
|
"dest": "/etc/barbican/{{ barbican_policy_file }}",
|
||||||
"owner": "barbican",
|
"owner": "barbican",
|
||||||
"perm": "0600",
|
"perm": "0600"
|
||||||
"optional": true
|
}{% endif %}
|
||||||
}
|
|
||||||
],
|
],
|
||||||
"permissions": [
|
"permissions": [
|
||||||
{
|
{
|
||||||
|
@ -73,3 +73,8 @@ auth_type = password
|
|||||||
|
|
||||||
[oslo_messaging_notifications]
|
[oslo_messaging_notifications]
|
||||||
transport_url = {{ notify_transport_url }}
|
transport_url = {{ notify_transport_url }}
|
||||||
|
|
||||||
|
{% if barbican_policy_file is defined %}
|
||||||
|
[oslo_policy]
|
||||||
|
policy_file = {{ barbican_policy_file }}
|
||||||
|
{% endif %}
|
||||||
|
@ -5,7 +5,7 @@
|
|||||||
service: "{{ cloudkitty_services[service_name] }}"
|
service: "{{ cloudkitty_services[service_name] }}"
|
||||||
config_json: "{{ cloudkitty_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
config_json: "{{ cloudkitty_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
cloudkitty_conf: "{{ cloudkitty_confs.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
cloudkitty_conf: "{{ cloudkitty_confs.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
policy_json: "{{ cloudkitty_policy_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
policy_overwriting: "{{ cloudkitty_policy_overwriting.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
cloudkitty_api_container: "{{ check_cloudkitty_containers.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
cloudkitty_api_container: "{{ check_cloudkitty_containers.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
kolla_docker:
|
kolla_docker:
|
||||||
action: "recreate_or_restart_container"
|
action: "recreate_or_restart_container"
|
||||||
@ -20,7 +20,7 @@
|
|||||||
- config_json.changed | bool
|
- config_json.changed | bool
|
||||||
or cloudkitty_conf.changed | bool
|
or cloudkitty_conf.changed | bool
|
||||||
or cloudkitty_conf_wsgi.changed | bool
|
or cloudkitty_conf_wsgi.changed | bool
|
||||||
or policy_json.changed | bool
|
or policy_overwriting.changed | bool
|
||||||
or cloudkitty_api_container.changed | bool
|
or cloudkitty_api_container.changed | bool
|
||||||
|
|
||||||
- name: Restart cloudkitty-processor container
|
- name: Restart cloudkitty-processor container
|
||||||
@ -29,7 +29,7 @@
|
|||||||
service: "{{ cloudkitty_services[service_name] }}"
|
service: "{{ cloudkitty_services[service_name] }}"
|
||||||
config_json: "{{ cloudkitty_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
config_json: "{{ cloudkitty_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
cloudkitty_conf: "{{ cloudkitty_confs.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
cloudkitty_conf: "{{ cloudkitty_confs.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
policy_json: "{{ cloudkitty_policy_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
policy_overwriting: "{{ cloudkitty_policy_overwriting.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
cloudkitty_processor_container: "{{ check_cloudkitty_containers.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
cloudkitty_processor_container: "{{ check_cloudkitty_containers.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
kolla_docker:
|
kolla_docker:
|
||||||
action: "recreate_or_restart_container"
|
action: "recreate_or_restart_container"
|
||||||
@ -43,5 +43,5 @@
|
|||||||
- service.enabled | bool
|
- service.enabled | bool
|
||||||
- config_json.changed | bool
|
- config_json.changed | bool
|
||||||
or cloudkitty_conf.changed | bool
|
or cloudkitty_conf.changed | bool
|
||||||
or policy_json.changed | bool
|
or policy_overwriting.changed | bool
|
||||||
or cloudkitty_processor_container.changed | bool
|
or cloudkitty_processor_container.changed | bool
|
||||||
|
@ -9,6 +9,23 @@
|
|||||||
- item.value.enabled | bool
|
- item.value.enabled | bool
|
||||||
with_dict: "{{ cloudkitty_services }}"
|
with_dict: "{{ cloudkitty_services }}"
|
||||||
|
|
||||||
|
- name: Check if policies shall be overwritten
|
||||||
|
local_action: stat path="{{ item }}"
|
||||||
|
run_once: True
|
||||||
|
register: cloudkitty_policy
|
||||||
|
with_first_found:
|
||||||
|
- files: "{{ supported_policy_format_list }}"
|
||||||
|
paths:
|
||||||
|
- "{{ node_custom_config }}/cloudkitty/"
|
||||||
|
skip: true
|
||||||
|
|
||||||
|
- name: Set cloudkitty policy file
|
||||||
|
set_fact:
|
||||||
|
cloudkitty_policy_file: "{{ cloudkitty_policy.results.0.stat.path | basename }}"
|
||||||
|
cloudkitty_policy_file_path: "{{ cloudkitty_policy.results.0.stat.path }}"
|
||||||
|
when:
|
||||||
|
- cloudkitty_policy.results
|
||||||
|
|
||||||
- name: Copying over config.json files for services
|
- name: Copying over config.json files for services
|
||||||
template:
|
template:
|
||||||
src: "{{ item.key }}.json.j2"
|
src: "{{ item.key }}.json.j2"
|
||||||
@ -55,18 +72,13 @@
|
|||||||
notify:
|
notify:
|
||||||
- Restart cloudkitty-api container
|
- Restart cloudkitty-api container
|
||||||
|
|
||||||
- name: Check if policies shall be overwritten
|
- name: Copying over existing policy file
|
||||||
local_action: stat path="{{ node_custom_config }}/cloudkitty/policy.json"
|
|
||||||
run_once: True
|
|
||||||
register: cloudkitty_policy
|
|
||||||
|
|
||||||
- name: Copying over existing policy.json
|
|
||||||
template:
|
template:
|
||||||
src: "{{ node_custom_config }}/cloudkitty/policy.json"
|
src: "{{ cloudkitty_policy_file_path }}"
|
||||||
dest: "{{ node_config_directory }}/{{ item.key }}/policy.json"
|
dest: "{{ node_config_directory }}/{{ item.key }}/{{ cloudkitty_policy_file }}"
|
||||||
register: cloudkitty_policy_jsons
|
register: cloudkitty_policy_overwriting
|
||||||
when:
|
when:
|
||||||
- cloudkitty_policy.stat.exists
|
- cloudkitty_policy_file is defined
|
||||||
- inventory_hostname in groups[item.value.group]
|
- inventory_hostname in groups[item.value.group]
|
||||||
- item.value.enabled | bool
|
- item.value.enabled | bool
|
||||||
with_dict: "{{ cloudkitty_services }}"
|
with_dict: "{{ cloudkitty_services }}"
|
||||||
|
@ -14,14 +14,13 @@
|
|||||||
"dest": "/etc/{{ cloudkitty_dir }}/wsgi-cloudkitty.conf",
|
"dest": "/etc/{{ cloudkitty_dir }}/wsgi-cloudkitty.conf",
|
||||||
"owner": "cloudkitty",
|
"owner": "cloudkitty",
|
||||||
"perm": "0600"
|
"perm": "0600"
|
||||||
},
|
}{% if cloudkitty_policy_file is defined %},
|
||||||
{
|
{
|
||||||
"source": "{{ container_config_directory }}/policy.json",
|
"source": "{{ container_config_directory }}/{{ cloudkitty_policy_file }}",
|
||||||
"dest": "/etc/cloudkitty/policy.json",
|
"dest": "/etc/cloudkitty/{{ cloudkitty_policy_file }}",
|
||||||
"owner": "cloudkitty",
|
"owner": "cloudkitty",
|
||||||
"perm": "0600",
|
"perm": "0600"
|
||||||
"optional": true
|
}{% endif %}
|
||||||
}
|
|
||||||
],
|
],
|
||||||
"permissions": [
|
"permissions": [
|
||||||
{
|
{
|
||||||
|
@ -6,14 +6,13 @@
|
|||||||
"dest": "/etc/cloudkitty/cloudkitty.conf",
|
"dest": "/etc/cloudkitty/cloudkitty.conf",
|
||||||
"owner": "cloudkitty",
|
"owner": "cloudkitty",
|
||||||
"perm": "0600"
|
"perm": "0600"
|
||||||
},
|
}{% if cloudkitty_policy_file is defined %},
|
||||||
{
|
{
|
||||||
"source": "{{ container_config_directory }}/policy.json",
|
"source": "{{ container_config_directory }}/{{ cloudkitty_policy_file }}",
|
||||||
"dest": "/etc/cloudkitty/policy.json",
|
"dest": "/etc/cloudkitty/{{ cloudkitty_policy_file }}",
|
||||||
"owner": "cloudkitty",
|
"owner": "cloudkitty",
|
||||||
"perm": "0600",
|
"perm": "0600"
|
||||||
"optional": true
|
}{% endif %}
|
||||||
}
|
|
||||||
],
|
],
|
||||||
"permissions": [
|
"permissions": [
|
||||||
{
|
{
|
||||||
|
@ -31,6 +31,11 @@ memcached_servers = {% for host in groups['memcached'] %}{{ hostvars[host]['ansi
|
|||||||
[oslo_concurrency]
|
[oslo_concurrency]
|
||||||
lock_path = /var/lib/cloudkitty/tmp
|
lock_path = /var/lib/cloudkitty/tmp
|
||||||
|
|
||||||
|
{% if cloudkitty_policy_file is defined %}
|
||||||
|
[oslo_policy]
|
||||||
|
policy_file = {{ cloudkitty_policy_file }}
|
||||||
|
{% endif %}
|
||||||
|
|
||||||
[collect]
|
[collect]
|
||||||
collector = {{ cloudkitty_collector_backend }}
|
collector = {{ cloudkitty_collector_backend }}
|
||||||
services = compute,image{% if enable_cinder | bool %},volume{% endif %},network.bw.out,network.bw.in,network.floating
|
services = compute,image{% if enable_cinder | bool %},volume{% endif %},network.bw.out,network.bw.in,network.floating
|
||||||
|
@ -5,7 +5,7 @@
|
|||||||
service: "{{ congress_services[service_name] }}"
|
service: "{{ congress_services[service_name] }}"
|
||||||
config_json: "{{ congress_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
config_json: "{{ congress_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
congress_conf: "{{ congress_confs.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
congress_conf: "{{ congress_confs.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
policy_json: "{{ congress_policy_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
policy_overwriting: "{{ congress_policy_overwriting.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
congress_api_container: "{{ check_congress_containers.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
congress_api_container: "{{ check_congress_containers.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
kolla_docker:
|
kolla_docker:
|
||||||
action: "recreate_or_restart_container"
|
action: "recreate_or_restart_container"
|
||||||
@ -19,7 +19,7 @@
|
|||||||
- service.enabled | bool
|
- service.enabled | bool
|
||||||
- config_json.changed | bool
|
- config_json.changed | bool
|
||||||
or congress_conf.changed | bool
|
or congress_conf.changed | bool
|
||||||
or policy_json.changed | bool
|
or policy_overwriting.changed | bool
|
||||||
or congress_api_container.changed | bool
|
or congress_api_container.changed | bool
|
||||||
|
|
||||||
- name: Restart congress-policy-engine container
|
- name: Restart congress-policy-engine container
|
||||||
@ -28,7 +28,7 @@
|
|||||||
service: "{{ congress_services[service_name] }}"
|
service: "{{ congress_services[service_name] }}"
|
||||||
config_json: "{{ congress_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
config_json: "{{ congress_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
congress_conf: "{{ congress_confs.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
congress_conf: "{{ congress_confs.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
policy_json: "{{ congress_policy_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
policy_overwriting: "{{ congress_policy_overwriting.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
congress_policy_engin_container: "{{ check_congress_containers.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
congress_policy_engin_container: "{{ check_congress_containers.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
kolla_docker:
|
kolla_docker:
|
||||||
action: "recreate_or_restart_container"
|
action: "recreate_or_restart_container"
|
||||||
@ -42,7 +42,7 @@
|
|||||||
- service.enabled | bool
|
- service.enabled | bool
|
||||||
- config_json.changed | bool
|
- config_json.changed | bool
|
||||||
or congress_conf.changed | bool
|
or congress_conf.changed | bool
|
||||||
or policy_json.changed | bool
|
or policy_overwriting.changed | bool
|
||||||
or congress_policy_engin_container.changed | bool
|
or congress_policy_engin_container.changed | bool
|
||||||
|
|
||||||
- name: Restart congress-datasource container
|
- name: Restart congress-datasource container
|
||||||
@ -51,7 +51,7 @@
|
|||||||
service: "{{ congress_services[service_name] }}"
|
service: "{{ congress_services[service_name] }}"
|
||||||
config_json: "{{ congress_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
config_json: "{{ congress_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
congress_conf: "{{ congress_confs.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
congress_conf: "{{ congress_confs.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
policy_json: "{{ congress_policy_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
policy_overwriting: "{{ congress_policy_overwriting.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
congress_datasource_container: "{{ check_congress_containers.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
congress_datasource_container: "{{ check_congress_containers.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
kolla_docker:
|
kolla_docker:
|
||||||
action: "recreate_or_restart_container"
|
action: "recreate_or_restart_container"
|
||||||
@ -65,5 +65,5 @@
|
|||||||
- service.enabled | bool
|
- service.enabled | bool
|
||||||
- config_json.changed | bool
|
- config_json.changed | bool
|
||||||
or congress_conf.changed | bool
|
or congress_conf.changed | bool
|
||||||
or policy_json.changed | bool
|
or policy_overwriting.changed | bool
|
||||||
or congress_datasource_container.changed | bool
|
or congress_datasource_container.changed | bool
|
||||||
|
@ -7,6 +7,23 @@
|
|||||||
when: inventory_hostname in groups[item.value.group]
|
when: inventory_hostname in groups[item.value.group]
|
||||||
with_dict: "{{ congress_services }}"
|
with_dict: "{{ congress_services }}"
|
||||||
|
|
||||||
|
- name: Check if policies shall be overwritten
|
||||||
|
local_action: stat path="{{ item }}"
|
||||||
|
run_once: True
|
||||||
|
register: congress_policy
|
||||||
|
with_first_found:
|
||||||
|
- files: "{{ supported_policy_format_list }}"
|
||||||
|
paths:
|
||||||
|
- "{{ node_custom_config }}/congress/"
|
||||||
|
skip: true
|
||||||
|
|
||||||
|
- name: Set congress policy file
|
||||||
|
set_fact:
|
||||||
|
congress_policy_file: "{{ congress_policy.results.0.stat.path | basename }}"
|
||||||
|
congress_policy_file_path: "{{ congress_policy.results.0.stat.path }}"
|
||||||
|
when:
|
||||||
|
- congress_policy.results
|
||||||
|
|
||||||
- name: Copying over config.json files for services
|
- name: Copying over config.json files for services
|
||||||
template:
|
template:
|
||||||
src: "{{ item.key }}.json.j2"
|
src: "{{ item.key }}.json.j2"
|
||||||
@ -43,13 +60,13 @@
|
|||||||
run_once: True
|
run_once: True
|
||||||
register: congress_policy
|
register: congress_policy
|
||||||
|
|
||||||
- name: Copying over existing policy.json
|
- name: Copying over existing policy file
|
||||||
template:
|
template:
|
||||||
src: "{{ node_custom_config }}/congress/policy.json"
|
src: "{{ congress_policy_file_path }}"
|
||||||
dest: "{{ node_config_directory }}/{{ item.key }}/policy.json"
|
dest: "{{ node_config_directory }}/{{ item.key }}/{{ congress_policy_file }}"
|
||||||
register: congress_policy_jsons
|
register: congress_policy_overwriting
|
||||||
when:
|
when:
|
||||||
- congress_policy.stat.exists
|
- congress_policy_file is defined
|
||||||
- inventory_hostname in groups[item.value.group]
|
- inventory_hostname in groups[item.value.group]
|
||||||
- item.value.enabled | bool
|
- item.value.enabled | bool
|
||||||
with_dict: "{{ congress_services }}"
|
with_dict: "{{ congress_services }}"
|
||||||
|
@ -6,14 +6,13 @@
|
|||||||
"dest": "/etc/congress/congress.conf",
|
"dest": "/etc/congress/congress.conf",
|
||||||
"owner": "congress",
|
"owner": "congress",
|
||||||
"perm": "0600"
|
"perm": "0600"
|
||||||
},
|
}{% if congress_policy_file is defined %},
|
||||||
{
|
{
|
||||||
"source": "{{ container_config_directory }}/policy.json",
|
"source": "{{ container_config_directory }}/{{ congress_policy_file }}",
|
||||||
"dest": "/etc/congress/policy.json",
|
"dest": "/etc/congress/{{ congress_policy_file }}",
|
||||||
"owner": "congress",
|
"owner": "congress",
|
||||||
"perm": "0600",
|
"perm": "0600"
|
||||||
"optional": true
|
}{% endif %}
|
||||||
}
|
|
||||||
],
|
],
|
||||||
"permissions": [
|
"permissions": [
|
||||||
{
|
{
|
||||||
|
@ -6,14 +6,13 @@
|
|||||||
"dest": "/etc/congress/congress.conf",
|
"dest": "/etc/congress/congress.conf",
|
||||||
"owner": "congress",
|
"owner": "congress",
|
||||||
"perm": "0600"
|
"perm": "0600"
|
||||||
},
|
}{% if congress_policy_file is defined %},
|
||||||
{
|
{
|
||||||
"source": "{{ container_config_directory }}/policy.json",
|
"source": "{{ container_config_directory }}/{{ congress_policy_file }}",
|
||||||
"dest": "/etc/congress/policy.json",
|
"dest": "/etc/congress/{{ congress_policy_file }}",
|
||||||
"owner": "congress",
|
"owner": "congress",
|
||||||
"perm": "0600",
|
"perm": "0600"
|
||||||
"optional": true
|
}{% endif %}
|
||||||
}
|
|
||||||
],
|
],
|
||||||
"permissions": [
|
"permissions": [
|
||||||
{
|
{
|
||||||
|
@ -6,14 +6,13 @@
|
|||||||
"dest": "/etc/congress/congress.conf",
|
"dest": "/etc/congress/congress.conf",
|
||||||
"owner": "congress",
|
"owner": "congress",
|
||||||
"perm": "0600"
|
"perm": "0600"
|
||||||
},
|
}{% if congress_policy_file is defined %},
|
||||||
{
|
{
|
||||||
"source": "{{ container_config_directory }}/policy.json",
|
"source": "{{ container_config_directory }}/{{ congress_policy_file }}",
|
||||||
"dest": "/etc/congress/policy.json",
|
"dest": "/etc/congress/{{ congress_policy_file }}",
|
||||||
"owner": "congress",
|
"owner": "congress",
|
||||||
"perm": "0600",
|
"perm": "0600"
|
||||||
"optional": true
|
}{% endif %}
|
||||||
}
|
|
||||||
],
|
],
|
||||||
"permissions": [
|
"permissions": [
|
||||||
{
|
{
|
||||||
|
@ -45,5 +45,10 @@ memcached_servers = {% for host in groups['memcached'] %}{{ hostvars[host]['ansi
|
|||||||
[oslo_messaging_notifications]
|
[oslo_messaging_notifications]
|
||||||
transport_url = {{ notify_transport_url }}
|
transport_url = {{ notify_transport_url }}
|
||||||
|
|
||||||
|
{% if congress_policy_file is defined %}
|
||||||
|
[oslo_policy]
|
||||||
|
policy_file = {{ congress_policy_file }}
|
||||||
|
{% endif %}
|
||||||
|
|
||||||
[congress]
|
[congress]
|
||||||
url = {{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ congress_api_port }}
|
url = {{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ congress_api_port }}
|
||||||
|
@ -27,7 +27,7 @@
|
|||||||
service: "{{ designate_services[service_name] }}"
|
service: "{{ designate_services[service_name] }}"
|
||||||
config_json: "{{ designate_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
config_json: "{{ designate_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
designate_conf: "{{ designate_confs.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
designate_conf: "{{ designate_confs.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
policy_json: "{{ designate_policy_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
policy_overwriting: "{{ designate_policy_overwriting.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
designate_api_container: "{{ check_designate_containers.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
designate_api_container: "{{ check_designate_containers.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
kolla_docker:
|
kolla_docker:
|
||||||
action: "recreate_or_restart_container"
|
action: "recreate_or_restart_container"
|
||||||
@ -41,7 +41,7 @@
|
|||||||
- service.enabled | bool
|
- service.enabled | bool
|
||||||
- config_json.changed | bool
|
- config_json.changed | bool
|
||||||
or designate_conf.changed | bool
|
or designate_conf.changed | bool
|
||||||
or policy_json.changed | bool
|
or policy_overwriting.changed | bool
|
||||||
or designate_api_container.changed | bool
|
or designate_api_container.changed | bool
|
||||||
|
|
||||||
- name: Restart designate-central container
|
- name: Restart designate-central container
|
||||||
@ -50,7 +50,7 @@
|
|||||||
service: "{{ designate_services[service_name] }}"
|
service: "{{ designate_services[service_name] }}"
|
||||||
config_json: "{{ designate_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
config_json: "{{ designate_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
designate_conf: "{{ designate_confs.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
designate_conf: "{{ designate_confs.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
policy_json: "{{ designate_policy_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
policy_overwriting: "{{ designate_policy_overwriting.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
designate_central_container: "{{ check_designate_containers.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
designate_central_container: "{{ check_designate_containers.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
kolla_docker:
|
kolla_docker:
|
||||||
action: "recreate_or_restart_container"
|
action: "recreate_or_restart_container"
|
||||||
@ -64,7 +64,7 @@
|
|||||||
- service.enabled | bool
|
- service.enabled | bool
|
||||||
- config_json.changed | bool
|
- config_json.changed | bool
|
||||||
or designate_conf.changed | bool
|
or designate_conf.changed | bool
|
||||||
or policy_json.changed | bool
|
or policy_overwriting.changed | bool
|
||||||
or designate_central_container.changed | bool
|
or designate_central_container.changed | bool
|
||||||
|
|
||||||
- name: Restart designate-producer container
|
- name: Restart designate-producer container
|
||||||
@ -73,7 +73,7 @@
|
|||||||
service: "{{ designate_services[service_name] }}"
|
service: "{{ designate_services[service_name] }}"
|
||||||
config_json: "{{ designate_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
config_json: "{{ designate_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
designate_conf: "{{ designate_confs.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
designate_conf: "{{ designate_confs.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
policy_json: "{{ designate_policy_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
policy_overwriting: "{{ designate_policy_overwriting.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
designate_producer_container: "{{ check_designate_containers.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
designate_producer_container: "{{ check_designate_containers.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
kolla_docker:
|
kolla_docker:
|
||||||
action: "recreate_or_restart_container"
|
action: "recreate_or_restart_container"
|
||||||
@ -87,7 +87,7 @@
|
|||||||
- service.enabled | bool
|
- service.enabled | bool
|
||||||
- config_json.changed | bool
|
- config_json.changed | bool
|
||||||
or designate_conf.changed | bool
|
or designate_conf.changed | bool
|
||||||
or policy_json.changed | bool
|
or policy_overwriting.changed | bool
|
||||||
or designate_producer_container.changed | bool
|
or designate_producer_container.changed | bool
|
||||||
|
|
||||||
- name: Restart designate-mdns container
|
- name: Restart designate-mdns container
|
||||||
@ -96,7 +96,7 @@
|
|||||||
service: "{{ designate_services[service_name] }}"
|
service: "{{ designate_services[service_name] }}"
|
||||||
config_json: "{{ designate_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
config_json: "{{ designate_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
designate_conf: "{{ designate_confs.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
designate_conf: "{{ designate_confs.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
policy_json: "{{ designate_policy_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
policy_overwriting: "{{ designate_policy_overwriting.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
designate_mdns_container: "{{ check_designate_containers.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
designate_mdns_container: "{{ check_designate_containers.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
kolla_docker:
|
kolla_docker:
|
||||||
action: "recreate_or_restart_container"
|
action: "recreate_or_restart_container"
|
||||||
@ -110,7 +110,7 @@
|
|||||||
- service.enabled | bool
|
- service.enabled | bool
|
||||||
- config_json.changed | bool
|
- config_json.changed | bool
|
||||||
or designate_conf.changed | bool
|
or designate_conf.changed | bool
|
||||||
or policy_json.changed | bool
|
or policy_overwriting.changed | bool
|
||||||
or designate_mdns_container.changed | bool
|
or designate_mdns_container.changed | bool
|
||||||
|
|
||||||
- name: Restart designate-worker container
|
- name: Restart designate-worker container
|
||||||
@ -119,7 +119,7 @@
|
|||||||
service: "{{ designate_services[service_name] }}"
|
service: "{{ designate_services[service_name] }}"
|
||||||
config_json: "{{ designate_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
config_json: "{{ designate_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
designate_conf: "{{ designate_confs.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
designate_conf: "{{ designate_confs.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
policy_json: "{{ designate_policy_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
policy_overwriting: "{{ designate_policy_overwriting.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
designate_worker_container: "{{ check_designate_containers.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
designate_worker_container: "{{ check_designate_containers.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
kolla_docker:
|
kolla_docker:
|
||||||
action: "recreate_or_restart_container"
|
action: "recreate_or_restart_container"
|
||||||
@ -135,7 +135,7 @@
|
|||||||
or designate_conf.changed | bool
|
or designate_conf.changed | bool
|
||||||
or designate_rndc_conf.changed | bool
|
or designate_rndc_conf.changed | bool
|
||||||
or designate_rndc_key_file.changed | bool
|
or designate_rndc_key_file.changed | bool
|
||||||
or policy_json.changed | bool
|
or policy_overwriting.changed | bool
|
||||||
or designate_worker_container.changed | bool
|
or designate_worker_container.changed | bool
|
||||||
|
|
||||||
- name: Restart designate-sink container
|
- name: Restart designate-sink container
|
||||||
@ -144,7 +144,7 @@
|
|||||||
service: "{{ designate_services[service_name] }}"
|
service: "{{ designate_services[service_name] }}"
|
||||||
config_json: "{{ designate_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
config_json: "{{ designate_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
designate_conf: "{{ designate_confs.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
designate_conf: "{{ designate_confs.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
policy_json: "{{ designate_policy_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
policy_overwriting: "{{ designate_policy_overwriting.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
designate_sink_container: "{{ check_designate_containers.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
designate_sink_container: "{{ check_designate_containers.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
kolla_docker:
|
kolla_docker:
|
||||||
action: "recreate_or_restart_container"
|
action: "recreate_or_restart_container"
|
||||||
@ -158,5 +158,5 @@
|
|||||||
- service.enabled | bool
|
- service.enabled | bool
|
||||||
- config_json.changed | bool
|
- config_json.changed | bool
|
||||||
or designate_conf.changed | bool
|
or designate_conf.changed | bool
|
||||||
or policy_json.changed | bool
|
or policy_overwriting.changed | bool
|
||||||
or designate_sink_container.changed | bool
|
or designate_sink_container.changed | bool
|
||||||
|
@ -9,6 +9,23 @@
|
|||||||
- item.value.enabled | bool
|
- item.value.enabled | bool
|
||||||
with_dict: "{{ designate_services }}"
|
with_dict: "{{ designate_services }}"
|
||||||
|
|
||||||
|
- name: Check if policies shall be overwritten
|
||||||
|
local_action: stat path="{{ item }}"
|
||||||
|
run_once: True
|
||||||
|
register: designate_policy
|
||||||
|
with_first_found:
|
||||||
|
- files: "{{ supported_policy_format_list }}"
|
||||||
|
paths:
|
||||||
|
- "{{ node_custom_config }}/designate/"
|
||||||
|
skip: true
|
||||||
|
|
||||||
|
- name: Set designate policy file
|
||||||
|
set_fact:
|
||||||
|
designate_policy_file: "{{ designate_policy.results.0.stat.path | basename }}"
|
||||||
|
designate_policy_file_path: "{{ designate_policy.results.0.stat.path }}"
|
||||||
|
when:
|
||||||
|
- designate_policy.results
|
||||||
|
|
||||||
- name: Copying over config.json files for services
|
- name: Copying over config.json files for services
|
||||||
template:
|
template:
|
||||||
src: "{{ item.key }}.json.j2"
|
src: "{{ item.key }}.json.j2"
|
||||||
@ -124,13 +141,13 @@
|
|||||||
run_once: True
|
run_once: True
|
||||||
register: designate_policy
|
register: designate_policy
|
||||||
|
|
||||||
- name: Copying over existing policy.json
|
- name: Copying over existing policy file
|
||||||
template:
|
template:
|
||||||
src: "{{ node_custom_config }}/designate/policy.json"
|
src: "{{ designate_policy_file_path }}"
|
||||||
dest: "{{ node_config_directory }}/{{ item.key }}/policy.json"
|
dest: "{{ node_config_directory }}/{{ item.key }}/{{ designate_policy_file }}"
|
||||||
register: designate_policy_jsons
|
register: designate_policy_overwriting
|
||||||
when:
|
when:
|
||||||
- designate_policy.stat.exists
|
- designate_policy_file is defined
|
||||||
- inventory_hostname in groups[item.value.group]
|
- inventory_hostname in groups[item.value.group]
|
||||||
- item.value.enabled | bool
|
- item.value.enabled | bool
|
||||||
with_dict: "{{ designate_services }}"
|
with_dict: "{{ designate_services }}"
|
||||||
|
@ -6,14 +6,13 @@
|
|||||||
"dest": "/etc/designate/designate.conf",
|
"dest": "/etc/designate/designate.conf",
|
||||||
"owner": "designate",
|
"owner": "designate",
|
||||||
"perm": "0600"
|
"perm": "0600"
|
||||||
},
|
}{% if designate_policy_file is defined %},
|
||||||
{
|
{
|
||||||
"source": "{{ container_config_directory }}/policy.json",
|
"source": "{{ container_config_directory }}/{{ designate_policy_file }}",
|
||||||
"dest": "/etc/designate/policy.json",
|
"dest": "/etc/designate/{{ designate_policy_file }}",
|
||||||
"owner": "designate",
|
"owner": "designate",
|
||||||
"perm": "0600",
|
"perm": "0600"
|
||||||
"optional": true
|
}{% endif %}
|
||||||
}
|
|
||||||
],
|
],
|
||||||
"permissions": [
|
"permissions": [
|
||||||
{
|
{
|
||||||
|
@ -6,14 +6,13 @@
|
|||||||
"dest": "/etc/designate/designate.conf",
|
"dest": "/etc/designate/designate.conf",
|
||||||
"owner": "designate",
|
"owner": "designate",
|
||||||
"perm": "0600"
|
"perm": "0600"
|
||||||
},
|
}{% if designate_policy_file is defined %},
|
||||||
{
|
{
|
||||||
"source": "{{ container_config_directory }}/policy.json",
|
"source": "{{ container_config_directory }}/{{ designate_policy_file }}",
|
||||||
"dest": "/etc/designate/policy.json",
|
"dest": "/etc/designate/{{ designate_policy_file }}",
|
||||||
"owner": "designate",
|
"owner": "designate",
|
||||||
"perm": "0600",
|
"perm": "0600"
|
||||||
"optional": true
|
}{% endif %}
|
||||||
}
|
|
||||||
],
|
],
|
||||||
"permissions": [
|
"permissions": [
|
||||||
{
|
{
|
||||||
|
@ -6,14 +6,13 @@
|
|||||||
"dest": "/etc/designate/designate.conf",
|
"dest": "/etc/designate/designate.conf",
|
||||||
"owner": "designate",
|
"owner": "designate",
|
||||||
"perm": "0600"
|
"perm": "0600"
|
||||||
},
|
}{% if designate_policy_file is defined %},
|
||||||
{
|
{
|
||||||
"source": "{{ container_config_directory }}/policy.json",
|
"source": "{{ container_config_directory }}/{{ designate_policy_file }}",
|
||||||
"dest": "/etc/designate/policy.json",
|
"dest": "/etc/designate/{{ designate_policy_file }}",
|
||||||
"owner": "designate",
|
"owner": "designate",
|
||||||
"perm": "0600",
|
"perm": "0600"
|
||||||
"optional": true
|
}{% endif %}
|
||||||
}
|
|
||||||
],
|
],
|
||||||
"permissions": [
|
"permissions": [
|
||||||
{
|
{
|
||||||
|
@ -6,14 +6,13 @@
|
|||||||
"dest": "/etc/designate/designate.conf",
|
"dest": "/etc/designate/designate.conf",
|
||||||
"owner": "designate",
|
"owner": "designate",
|
||||||
"perm": "0600"
|
"perm": "0600"
|
||||||
},
|
}{% if designate_policy_file is defined %},
|
||||||
{
|
{
|
||||||
"source": "{{ container_config_directory }}/policy.json",
|
"source": "{{ container_config_directory }}/{{ designate_policy_file }}",
|
||||||
"dest": "/etc/designate/policy.json",
|
"dest": "/etc/designate/{{ designate_policy_file }}",
|
||||||
"owner": "designate",
|
"owner": "designate",
|
||||||
"perm": "0600",
|
"perm": "0600"
|
||||||
"optional": true
|
}{% endif %}
|
||||||
}
|
|
||||||
],
|
],
|
||||||
"permissions": [
|
"permissions": [
|
||||||
{
|
{
|
||||||
|
@ -6,14 +6,13 @@
|
|||||||
"dest": "/etc/designate/designate.conf",
|
"dest": "/etc/designate/designate.conf",
|
||||||
"owner": "designate",
|
"owner": "designate",
|
||||||
"perm": "0600"
|
"perm": "0600"
|
||||||
},
|
}{% if designate_policy_file is defined %},
|
||||||
{
|
{
|
||||||
"source": "{{ container_config_directory }}/policy.json",
|
"source": "{{ container_config_directory }}/{{ designate_policy_file }}",
|
||||||
"dest": "/etc/designate/policy.json",
|
"dest": "/etc/designate/{{ designate_policy_file }}",
|
||||||
"owner": "designate",
|
"owner": "designate",
|
||||||
"perm": "0600",
|
"perm": "0600"
|
||||||
"optional": true
|
}{% endif %}
|
||||||
}
|
|
||||||
],
|
],
|
||||||
"permissions": [
|
"permissions": [
|
||||||
{
|
{
|
||||||
|
@ -6,14 +6,13 @@
|
|||||||
"dest": "/etc/designate/designate.conf",
|
"dest": "/etc/designate/designate.conf",
|
||||||
"owner": "designate",
|
"owner": "designate",
|
||||||
"perm": "0600"
|
"perm": "0600"
|
||||||
},
|
}{% if designate_policy_file is defined %},
|
||||||
{
|
{
|
||||||
"source": "{{ container_config_directory }}/policy.json",
|
"source": "{{ container_config_directory }}/{{ designate_policy_file }}",
|
||||||
"dest": "/etc/designate/policy.json",
|
"dest": "/etc/designate/{{ designate_policy_file }}",
|
||||||
"owner": "designate",
|
"owner": "designate",
|
||||||
"perm": "0600",
|
"perm": "0600"
|
||||||
"optional": true
|
}{% endif %},
|
||||||
},
|
|
||||||
{
|
{
|
||||||
"source": "{{ container_config_directory }}/pools.yaml",
|
"source": "{{ container_config_directory }}/pools.yaml",
|
||||||
"dest": "/etc/designate/pools.yaml",
|
"dest": "/etc/designate/pools.yaml",
|
||||||
|
@ -105,3 +105,8 @@ driver = messagingv2
|
|||||||
|
|
||||||
[oslo_concurrency]
|
[oslo_concurrency]
|
||||||
lock_path = /var/lib/designate/tmp
|
lock_path = /var/lib/designate/tmp
|
||||||
|
|
||||||
|
{% if designate_policy_file is defined %}
|
||||||
|
[oslo_policy]
|
||||||
|
policy_file = {{ designate_policy_file }}
|
||||||
|
{% endif %}
|
||||||
|
Loading…
Reference in New Issue
Block a user