octavia: Add support for disabling amphora provider
Change-Id: I1010ee42aaf1c650d9e3b5332ebf828646a6badf
This commit is contained in:
parent
93c4448365
commit
810c4d9471
@ -100,69 +100,67 @@
|
||||
notify:
|
||||
- "Restart {{ item.key }} container"
|
||||
|
||||
- name: Copying over Octavia SSH key
|
||||
copy:
|
||||
content: "{{ octavia_amp_ssh_key.private_key }}"
|
||||
dest: "{{ node_config_directory }}/octavia-worker/{{ octavia_amp_ssh_key_name }}"
|
||||
owner: "{{ config_owner_user }}"
|
||||
group: "{{ config_owner_group }}"
|
||||
mode: "0400"
|
||||
become: True
|
||||
when: inventory_hostname in groups[octavia_services['octavia-worker']['group']]
|
||||
- block:
|
||||
|
||||
- name: Copying certificate files for octavia-worker
|
||||
vars:
|
||||
service: "{{ octavia_services['octavia-worker'] }}"
|
||||
copy:
|
||||
src: "{{ node_custom_config }}/octavia/{{ item }}"
|
||||
dest: "{{ node_config_directory }}/octavia-worker/{{ item }}"
|
||||
mode: "0660"
|
||||
become: true
|
||||
when:
|
||||
- inventory_hostname in groups[service.group]
|
||||
- service.enabled | bool
|
||||
with_items:
|
||||
- client.cert-and-key.pem
|
||||
- client_ca.cert.pem
|
||||
- server_ca.cert.pem
|
||||
- server_ca.key.pem
|
||||
notify:
|
||||
- Restart octavia-worker container
|
||||
- name: Copying over Octavia SSH key
|
||||
copy:
|
||||
content: "{{ octavia_amp_ssh_key.private_key }}"
|
||||
dest: "{{ node_config_directory }}/octavia-worker/{{ octavia_amp_ssh_key_name }}"
|
||||
owner: "{{ config_owner_user }}"
|
||||
group: "{{ config_owner_group }}"
|
||||
mode: "0400"
|
||||
become: True
|
||||
when: inventory_hostname in groups[octavia_services['octavia-worker']['group']]
|
||||
|
||||
- name: Copying certificate files for octavia-housekeeping
|
||||
vars:
|
||||
service: "{{ octavia_services['octavia-housekeeping'] }}"
|
||||
copy:
|
||||
src: "{{ node_custom_config }}/octavia/{{ item }}"
|
||||
dest: "{{ node_config_directory }}/octavia-housekeeping/{{ item }}"
|
||||
mode: "0660"
|
||||
become: true
|
||||
when:
|
||||
- inventory_hostname in groups[service.group]
|
||||
- service.enabled | bool
|
||||
with_items:
|
||||
- client.cert-and-key.pem
|
||||
- client_ca.cert.pem
|
||||
- server_ca.cert.pem
|
||||
- server_ca.key.pem
|
||||
notify:
|
||||
- Restart octavia-housekeeping container
|
||||
- name: Copying certificate files for octavia-worker
|
||||
vars:
|
||||
service: "{{ octavia_services['octavia-worker'] }}"
|
||||
copy:
|
||||
src: "{{ node_custom_config }}/octavia/{{ item }}"
|
||||
dest: "{{ node_config_directory }}/octavia-worker/{{ item }}"
|
||||
mode: "0660"
|
||||
become: true
|
||||
when:
|
||||
- inventory_hostname in groups[service.group]
|
||||
- service.enabled | bool
|
||||
with_items: "{{ octavia_amphora_keys }}"
|
||||
notify:
|
||||
- Restart octavia-worker container
|
||||
|
||||
- name: Copying certificate files for octavia-health-manager
|
||||
- name: Copying certificate files for octavia-housekeeping
|
||||
vars:
|
||||
service: "{{ octavia_services['octavia-housekeeping'] }}"
|
||||
copy:
|
||||
src: "{{ node_custom_config }}/octavia/{{ item }}"
|
||||
dest: "{{ node_config_directory }}/octavia-housekeeping/{{ item }}"
|
||||
mode: "0660"
|
||||
become: true
|
||||
when:
|
||||
- inventory_hostname in groups[service.group]
|
||||
- service.enabled | bool
|
||||
with_items: "{{ octavia_amphora_keys }}"
|
||||
notify:
|
||||
- Restart octavia-housekeeping container
|
||||
|
||||
- name: Copying certificate files for octavia-health-manager
|
||||
vars:
|
||||
service: "{{ octavia_services['octavia-health-manager'] }}"
|
||||
copy:
|
||||
src: "{{ node_custom_config }}/octavia/{{ item }}"
|
||||
dest: "{{ node_config_directory }}/octavia-health-manager/{{ item }}"
|
||||
mode: "0660"
|
||||
become: true
|
||||
when:
|
||||
- inventory_hostname in groups[service.group]
|
||||
- service.enabled | bool
|
||||
with_items: "{{ octavia_amphora_keys }}"
|
||||
notify:
|
||||
- Restart octavia-health-manager container
|
||||
|
||||
when: "'amphora' in octavia_provider_drivers"
|
||||
vars:
|
||||
service: "{{ octavia_services['octavia-health-manager'] }}"
|
||||
copy:
|
||||
src: "{{ node_custom_config }}/octavia/{{ item }}"
|
||||
dest: "{{ node_config_directory }}/octavia-health-manager/{{ item }}"
|
||||
mode: "0660"
|
||||
become: true
|
||||
when:
|
||||
- inventory_hostname in groups[service.group]
|
||||
- service.enabled | bool
|
||||
with_items:
|
||||
- client.cert-and-key.pem
|
||||
- client_ca.cert.pem
|
||||
- server_ca.cert.pem
|
||||
- server_ca.key.pem
|
||||
notify:
|
||||
- Restart octavia-health-manager container
|
||||
octavia_amphora_keys:
|
||||
- client.cert-and-key.pem
|
||||
- client_ca.cert.pem
|
||||
- server_ca.cert.pem
|
||||
- server_ca.key.pem
|
||||
|
@ -41,6 +41,7 @@
|
||||
Octavia's certificate configuration has been changed since Train. The new
|
||||
configuration requires 4 PEM files. Please check certificate configuration
|
||||
guide at https://docs.openstack.org/octavia/latest/admin/guides/certificates.html
|
||||
when: "'amphora' in octavia_provider_drivers"
|
||||
|
||||
- name: Checking certificate files exist for octavia
|
||||
stat:
|
||||
@ -49,7 +50,9 @@
|
||||
run_once: True
|
||||
register: result
|
||||
failed_when: not result.stat.exists
|
||||
when: inventory_hostname in groups['octavia-worker']
|
||||
when:
|
||||
- inventory_hostname in groups['octavia-worker']
|
||||
- "'amphora' in octavia_provider_drivers"
|
||||
with_items:
|
||||
- client.cert-and-key.pem
|
||||
- client_ca.cert.pem
|
||||
|
@ -6,7 +6,7 @@
|
||||
"dest": "/etc/octavia/octavia.conf",
|
||||
"owner": "octavia",
|
||||
"perm": "0600"
|
||||
},
|
||||
}{% if 'amphora' in octavia_provider_drivers %},
|
||||
{
|
||||
"source": "{{ container_config_directory }}/client.cert-and-key.pem",
|
||||
"dest": "/etc/octavia/certs/client.cert-and-key.pem",
|
||||
@ -30,6 +30,6 @@
|
||||
"dest": "/etc/octavia/certs/server_ca.key.pem",
|
||||
"owner": "octavia",
|
||||
"perm": "0600"
|
||||
}
|
||||
}{% endif %}
|
||||
]
|
||||
}
|
||||
|
@ -6,7 +6,7 @@
|
||||
"dest": "/etc/octavia/octavia.conf",
|
||||
"owner": "octavia",
|
||||
"perm": "0600"
|
||||
},
|
||||
}{% if 'amphora' in octavia_provider_drivers %},
|
||||
{
|
||||
"source": "{{ container_config_directory }}/client.cert-and-key.pem",
|
||||
"dest": "/etc/octavia/certs/client.cert-and-key.pem",
|
||||
@ -30,6 +30,6 @@
|
||||
"dest": "/etc/octavia/certs/server_ca.key.pem",
|
||||
"owner": "octavia",
|
||||
"perm": "0600"
|
||||
}
|
||||
}{% endif %}
|
||||
]
|
||||
}
|
||||
|
@ -6,7 +6,7 @@
|
||||
"dest": "/etc/octavia/octavia.conf",
|
||||
"owner": "octavia",
|
||||
"perm": "0600"
|
||||
},
|
||||
}{% if 'amphora' in octavia_provider_drivers %},
|
||||
{
|
||||
"source": "{{ container_config_directory }}/client.cert-and-key.pem",
|
||||
"dest": "/etc/octavia/certs/client.cert-and-key.pem",
|
||||
@ -30,6 +30,6 @@
|
||||
"dest": "/etc/octavia/certs/server_ca.key.pem",
|
||||
"owner": "octavia",
|
||||
"perm": "0600"
|
||||
}
|
||||
}{% endif %}
|
||||
]
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user