openstack/kolla-ansible
Code Issues Proposed changes

Horizon custom policies

Browse Source 
Apply custom policies for different OpenStack services.

Change-Id: I26df2d0d7c52215ffbedbfa66acd352063e885ae
Partially-Implements: blueprint custom-policies
This commit is contained in:
Eduardo Gonzalez 2016-11-18 17:26:17 +00:00
parent 09a0319a92
commit bba32efdae
2 changed files with 67 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

42
ansible/roles/horizon/tasks/config.yml
View File

@ -31,3 +31,45 @@
- "{{ node_custom_config }}/horizon/{{ inventory_hostname }}/local_settings"
- "{{ node_custom_config }}/horizon/local_settings"
- "local_settings.j2"
- name: Check if policies shall be overwritten
local_action: stat path="{{ node_custom_config }}/horizon/{{ item.name }}_policy.json"
register: custom_policy
when: item.enabled | bool
with_items:
- { name: "ceilometer", enabled: "{{ enable_ceilometer }}" }
- { name: "cinder", enabled: "{{ enable_cinder }}" }
- { name: "cloudkitty", enabled: "{{ enable_cloudkitty }}" }
- { name: "glance", enabled: "{{ enable_glance }}" }
- { name: "heat", enabled: "{{ enable_heat }}" }
- { name: "ironic", enabled: "{{ enable_ironic }}" }
- { name: "keystone", enabled: "{{ enable_keystone }}" }
- { name: "manila", enabled" "{{ enable_manila }}" }
- { name: "neutron", enabled: "{{ enable_neutron }}" }
- { name: "nova", enabled: "{{ enable_nova }}" }
- { name: "sahara", enabled: "{{ enable_sahara }}" }
- { name: "senlin", enabled: "{{ enable_senlin }}" }
- { name: "trove", enabled: "{{ enable_trove }}" }
- name: Copying over existing policy.json
template:
src: "{{ node_custom_config }}/horizon/{{ item[0]['name'] }}_policy.json"
dest: "{{ node_config_directory }}/horizon/{{ item[0]['name'] }}_policy.json"
when:
- item[0]['enabled'] | bool
- item[1]['stat']['exists']
with_together:
- [{ name: "ceilometer", enabled: "{{ enable_ceilometer }}" },
{ name: "cinder", enabled: "{{ enable_cinder }}" },
{ name: "cloudkitty", enabled: "{{ enable_cloudkitty }}" },
{ name: "glance", enabled: "{{ enable_glance }}" },
{ name: "heat", enabled: "{{ enable_heat }}" },
{ name: "ironic", enabled: "{{ enable_ironic }}" },
{ name: "keystone", enabled: "{{ enable_keystone }}" },
{ name: "manila", enabled" "{{ enable_manila }}" },
{ name: "neutron", enabled: "{{ enable_neutron }}" },
{ name: "nova", enabled: "{{ enable_nova }}" },
{ name: "sahara", enabled: "{{ enable_sahara }}" },
{ name: "senlin", enabled: "{{ enable_senlin }}" },
{ name: "trove", enabled: "{{ enable_trove }}" }]
- "{{ custom_policy.results }}"

25
ansible/roles/horizon/templates/horizon.json.j2
View File

@ -1,6 +1,22 @@
{% set apache_cmd = 'apache2' if kolla_base_distro in ['ubuntu', 'debian'] else 'httpd' %}
{% set apache_dir = 'apache2/conf-enabled' if kolla_base_distro in ['ubuntu', 'debian'] else 'httpd/conf.d' %}
{% set apache_file = '000-default.conf' if kolla_base_distro in ['ubuntu', 'debian'] else 'horizon.conf' %}
{% set services = [
( 'ceilometer', enable_ceilometer ),
( 'cinder', enable_cinder ),
( 'cloudkitty', enable_cloudkitty ),
( 'glance', enable_glance ),
( 'heat', enable_heat ),
( 'ironic', enable_ironic ),
( 'keystone', enable_keystone ),
( 'manila', enable_manila ),
( 'neutron', enable_neutron ),
( 'nova', enable_nova ),
( 'sahara', enable_sahara ),
( 'senlin', enable_senlin ),
( 'trove', enable_trove )
] %}
{
"command": "/usr/sbin/{{ apache_cmd }} -DFOREGROUND",
"config_files": [
@ -10,6 +26,15 @@
"owner": "horizon",
"perm": "0644"
},
{% for service, enabled in services if enabled | bool %}
{
"source": "{{ container_config_directory }}/horizon/{{ service }}_policy.json",
"dest": "/etc/openstack-dashboard/{{ service }}_policy.json",
"owner": "horizon",
"perm": "0600",
"optional": true
},
{% endfor %}
{
"source": "{{ container_config_directory }}/local_settings",
"dest": "/etc/openstack-dashboard/local_settings",