---
- name: Ensuring config directories exist
file:
path: "{{ node_config_directory }}/{{ item.key }}"
state: "directory"
owner: "{{ config_owner_user }}"
group: "{{ config_owner_group }}"
mode: "0770"
become: true
when:
- inventory_hostname in groups[item.value.group]
- item.value.enabled | bool
with_dict: "{{ ironic_services }}"
- name: Check if Ironic policies shall be overwritten
stat:
path: "{{ item }}"
delegate_to: localhost
run_once: True
register: ironic_policy
with_first_found:
- files: "{{ supported_policy_format_list }}"
paths:
- "{{ node_custom_config }}/ironic/"
skip: true
- name: Check if Ironic Inspector policies shall be overwritten
stat:
path: "{{ item }}"
delegate_to: localhost
run_once: True
register: ironic_inspector_policy
with_first_found:
- files: "{{ supported_policy_format_list }}"
paths:
- "{{ node_custom_config }}/ironic/inspector/"
skip: true
- name: Set ironic policy file
set_fact:
ironic_policy_file: "{{ ironic_policy.results.0.stat.path | basename }}"
ironic_policy_file_path: "{{ ironic_policy.results.0.stat.path }}"
when:
- ironic_policy.results
- name: Set ironic-inspector policy file
set_fact:
ironic_inspector_policy_file: "{{ ironic_inspector_policy.results.0.stat.path | basename }}"
ironic_inspector_policy_file_path: "{{ ironic_inspector_policy.results.0.stat.path }}"
when:
- ironic_inspector_policy.results
- include_tasks: copy-certs.yml
when:
- kolla_copy_ca_into_containers | bool or ironic_enable_tls_backend | bool
- name: Copying over config.json files for services
template:
src: "{{ item.key }}.json.j2"
dest: "{{ node_config_directory }}/{{ item.key }}/config.json"
mode: "0660"
become: true
when:
- inventory_hostname in groups[item.value.group]
- item.value.enabled | bool
with_dict: "{{ ironic_services }}"
notify:
- "Restart {{ item.key }} container"
- name: Copying over ironic.conf
vars:
service_name: "{{ item.key }}"
merge_configs:
sources:
- "{{ role_path }}/templates/ironic.conf.j2"
- "{{ node_custom_config }}/global.conf"
- "{{ node_custom_config }}/ironic.conf"
- "{{ node_custom_config }}/ironic/{{ item.key }}.conf"
- "{{ node_custom_config }}/ironic/{{ inventory_hostname }}/ironic.conf"
dest: "{{ node_config_directory }}/{{ item.key }}/ironic.conf"
mode: "0660"
become: true
when:
- item.key in [ "ironic-api", "ironic-conductor" ]
- inventory_hostname in groups[item.value.group]
- item.value.enabled | bool
with_dict: "{{ ironic_services }}"
notify:
- "Restart {{ item.key }} container"
- name: Copying over inspector.conf
vars:
service: "{{ ironic_services['ironic-inspector'] }}"
merge_configs:
sources:
- "{{ role_path }}/templates/ironic-inspector.conf.j2"
- "{{ node_custom_config }}/global.conf"
- "{{ node_custom_config }}/ironic-inspector.conf"
- "{{ node_custom_config }}/ironic-inspector/inspector.conf"
- "{{ node_custom_config }}/ironic-inspector/{{ inventory_hostname }}/inspector.conf"
dest: "{{ node_config_directory }}/ironic-inspector/inspector.conf"
mode: "0660"
become: true
when:
- inventory_hostname in groups[service.group]
- service.enabled | bool
notify:
- Restart ironic-inspector container
- name: Copying over dnsmasq.conf
vars:
service: "{{ ironic_services['ironic-dnsmasq'] }}"
template:
src: "{{ item }}"
dest: "{{ node_config_directory }}/ironic-dnsmasq/dnsmasq.conf"
mode: "0660"
become: true
when:
- inventory_hostname in groups[service.group]
- service.enabled | bool
with_first_found:
- "{{ node_custom_config }}/ironic/ironic-dnsmasq.conf"
- "{{ node_custom_config }}/ironic/{{ inventory_hostname }}/ironic-dnsmasq.conf"
- "ironic-dnsmasq.conf.j2"
notify:
- Restart ironic-dnsmasq container
- name: Copying pxelinux.cfg default
vars:
service: "{{ ironic_services['ironic-tftp'] }}"
template:
src: "{{ item }}"
dest: "{{ node_config_directory }}/ironic-tftp/default"
mode: "0660"
become: true
with_first_found:
- "{{ node_custom_config }}/ironic/pxelinux.default"
- "{{ node_custom_config }}/ironic/{{ inventory_hostname }}/pxelinux.default"
- "pxelinux.default.j2"
when:
# Only required when Ironic inspector is in use.
- groups['ironic-inspector'] | length > 0
- inventory_hostname in groups[service.group]
- service.enabled | bool
- not enable_ironic_pxe_uefi | bool
- not ironic_dnsmasq_serve_ipxe | bool
notify:
- Restart ironic-tftp container
- name: Copying ironic_pxe_uefi.cfg default
vars:
service: "{{ ironic_services['ironic-tftp'] }}"
template:
src: "{{ item }}"
dest: "{{ node_config_directory }}/ironic-tftp/default"
mode: "0660"
become: true
with_first_found:
- "{{ node_custom_config }}/ironic/ironic_pxe_uefi.default"
- "{{ node_custom_config }}/ironic/{{ inventory_hostname }}/ironic_pxe_uefi.default"
- "ironic_pxe_uefi.default.j2"
when:
- inventory_hostname in groups[service.group]
- service.enabled | bool
- enable_ironic_pxe_uefi | bool
notify:
- Restart ironic-tftp container
- name: Copying ironic-agent kernel and initramfs (PXE)
vars:
service: "{{ ironic_services['ironic-tftp'] }}"
copy:
src: "{{ node_custom_config }}/ironic/{{ item }}"
dest: "{{ node_config_directory }}/ironic-tftp/{{ item }}"
mode: "0660"
become: true
with_items:
- "ironic-agent.kernel"
- "ironic-agent.initramfs"
when:
# Only required when Ironic inspector is in use.
- groups['ironic-inspector'] | length > 0
- inventory_hostname in groups[service.group]
- service.enabled | bool
- not enable_ironic_pxe_uefi | bool
- not ironic_dnsmasq_serve_ipxe | bool
notify:
- Restart ironic-tftp container
- name: Copying ironic-agent kernel and initramfs (iPXE)
vars:
service: "{{ ironic_services['ironic-http'] }}"
copy:
src: "{{ node_custom_config }}/ironic/{{ item }}"
dest: "{{ node_config_directory }}/ironic-http/{{ item }}"
mode: "0660"
become: true
with_items:
- "ironic-agent.kernel"
- "ironic-agent.initramfs"
when:
# Only required when Ironic inspector is in use.
- groups['ironic-inspector'] | length > 0
- inventory_hostname in groups[service.group]
- service.enabled | bool
notify:
- Restart ironic-http container
- name: Copying inspector.ipxe
vars:
service: "{{ ironic_services['ironic-http'] }}"
template:
src: "{{ item }}"
dest: "{{ node_config_directory }}/ironic-http/inspector.ipxe"
mode: "0660"
become: true
with_first_found:
- "{{ node_custom_config }}/ironic/{{ inventory_hostname }}/inspector.ipxe"
- "{{ node_custom_config }}/ironic/inspector.ipxe"
- "inspector.ipxe.j2"
when:
# Only required when Ironic inspector is in use.
- groups['ironic-inspector'] | length > 0
- inventory_hostname in groups[service.group]
- service.enabled | bool
notify:
- Restart ironic-http container
- name: Copying ironic-http-httpd.conf
vars:
service: "{{ ironic_services['ironic-http'] }}"
template:
src: "{{ item }}"
dest: "{{ node_config_directory }}/ironic-http/httpd.conf"
mode: "0660"
become: true
with_first_found:
- "{{ node_custom_config }}/ironic/ironic-http-httpd.conf"
- "ironic-http-httpd.conf.j2"
when:
- service.enabled | bool
- inventory_hostname in groups[service.group]
notify:
- Restart ironic-http container
- name: Copying over existing Ironic policy file
vars:
services_require_policy_json:
- ironic-api
- ironic-conductor
template:
src: "{{ ironic_policy_file_path }}"
dest: "{{ node_config_directory }}/{{ item.key }}/{{ ironic_policy_file }}"
mode: "0660"
become: true
when:
- ironic_policy_file is defined
- item.key in services_require_policy_json
- inventory_hostname in groups[item.value.group]
- item.value.enabled | bool
with_dict: "{{ ironic_services }}"
notify:
- "Restart {{ item.key }} container"
- name: Copying over existing Ironic Inspector policy file
vars:
services_require_inspector_policy_json:
- ironic-inspector
template:
src: "{{ ironic_inspector_policy_file_path }}"
dest: "{{ node_config_directory }}/{{ item.key }}/{{ ironic_inspector_policy_file }}"
mode: "0660"
become: true
when:
- ironic_inspector_policy_file is defined
- item.key in services_require_inspector_policy_json
- inventory_hostname in groups[item.value.group]
- item.value.enabled | bool
with_dict: "{{ ironic_services }}"
notify:
- "Restart {{ item.key }} container"
- name: Copying over ironic-api-wsgi.conf
template:
src: "ironic-api-wsgi.conf.j2"
dest: "{{ node_config_directory }}/ironic-api/ironic-api-wsgi.conf"
mode: "0660"
become: true
when:
- inventory_hostname in groups["ironic-api"]
- ironic_services["ironic-api"].enabled | bool
notify:
- "Restart ironic-api container"