--- - name: Setting sysctl values become: true sysctl: name={{ item.name }} value={{ item.value }} sysctl_set=yes with_items: - { name: "net.bridge.bridge-nf-call-iptables", value: 1} - { name: "net.bridge.bridge-nf-call-ip6tables", value: 1} - { name: "net.ipv4.conf.all.rp_filter", value: 0} - { name: "net.ipv4.conf.default.rp_filter", value: 0} when: - set_sysctl | bool - inventory_hostname in groups['compute'] - name: Ensuring config directories exist become: true file: path: "{{ node_config_directory }}/{{ item.key }}" state: "directory" owner: "{{ config_owner_user }}" group: "{{ config_owner_group }}" mode: "0770" when: - inventory_hostname in groups[item.value.group] - item.value.enabled | bool with_dict: "{{ nova_services }}" - name: Check if policies shall be overwritten local_action: stat path="{{ item }}" run_once: True register: nova_policy with_first_found: - files: "{{ supported_policy_format_list }}" paths: - "{{ node_custom_config }}/nova/" skip: true - name: Set nova policy file set_fact: nova_policy_file: "{{ nova_policy.results.0.stat.path | basename }}" nova_policy_file_path: "{{ nova_policy.results.0.stat.path }}" when: - nova_policy.results - name: Copying over config.json files for services become: true template: src: "{{ item.key }}.json.j2" dest: "{{ node_config_directory }}/{{ item.key }}/config.json" mode: "0770" register: config_jsons when: - inventory_hostname in groups[item.value.group] - item.value.enabled | bool with_dict: "{{ nova_services }}" notify: - "Restart {{ item.key }} container" - name: Copying over nova.conf become: true vars: services_require_nova_conf: - placement-api - nova-api - nova-compute - nova-compute-ironic - nova-conductor - nova-consoleauth - nova-novncproxy - nova-serialproxy - nova-scheduler - nova-spicehtml5proxy service_name: "{{ item.key }}" merge_configs: sources: - "{{ role_path }}/templates/nova.conf.j2" - "{{ node_custom_config }}/global.conf" - "{{ node_custom_config }}/nova.conf" - "{{ node_custom_config }}/nova/{{ item.key }}.conf" - "{{ node_custom_config }}/nova/{{ inventory_hostname }}/nova.conf" dest: "{{ node_config_directory }}/{{ item.key }}/nova.conf" mode: "0660" register: nova_confs when: - inventory_hostname in groups[item.value.group] - item.value.enabled | bool - item.key in services_require_nova_conf with_dict: "{{ nova_services }}" notify: - "Restart {{ item.key }} container" - name: Copying over libvirt configuration become: true vars: service: "{{ nova_services['nova-libvirt'] }}" template: src: "{{ item.src }}" dest: "{{ node_config_directory }}/nova-libvirt/{{ item.dest }}" mode: "0660" register: nova_libvirt_confs when: - inventory_hostname in groups[service.group] - service.enabled | bool with_items: - { src: "qemu.conf.j2", dest: "qemu.conf" } - { src: "libvirtd.conf.j2", dest: "libvirtd.conf" } notify: - Restart nova-libvirt container - name: Copying over placement-api wsgi configuration become: true vars: service: "{{ nova_services['placement-api'] }}" template: src: "placement-api-wsgi.conf.j2" dest: "{{ node_config_directory }}/placement-api/placement-api-wsgi.conf" register: placement_api_wsgi_conf when: - inventory_hostname in groups[service.group] - service.enabled | bool notify: - Restart placement-api container - name: Copying files for nova-ssh become: true vars: service: "{{ nova_services['nova-ssh'] }}" template: src: "{{ item.src }}" dest: "{{ node_config_directory }}/nova-ssh/{{ item.dest }}" mode: "0660" register: nova_ssh_confs when: - inventory_hostname in groups[service.group] - service.enabled | bool with_items: - { src: "sshd_config.j2", dest: "sshd_config" } - { src: "id_rsa", dest: "id_rsa" } - { src: "id_rsa.pub", dest: "id_rsa.pub" } - { src: "ssh_config.j2", dest: "ssh_config" } notify: - Restart nova-ssh container - name: Copying VMware vCenter CA file vars: service: "{{ nova_services['nova-compute'] }}" copy: src: "{{ node_custom_config }}/vmware_ca" dest: "{{ node_config_directory }}/nova-compute/vmware_ca" register: vcenter_ca_file when: - nova_compute_virt_type == "vmware" - not vmware_vcenter_insecure | bool - inventory_hostname in groups[service.group] - service.enabled | bool notify: - Restart nova-compute container - name: Copying over existing policy file become: true vars: services_require_policy_json: - placement-api - nova-api - nova-compute - nova-compute-ironic - nova-conductor - nova-consoleauth - nova-novncproxy - nova-serialproxy - nova-scheduler - nova-spicehtml5proxy template: src: "{{ nova_policy_file_path }}" dest: "{{ node_config_directory }}/{{ item.key }}/{{ nova_policy_file }}" register: nova_policy_overwriting when: - inventory_hostname in groups[item.value.group] - item.value.enabled | bool - nova_policy_file is defined - item.key in services_require_policy_json with_dict: "{{ nova_services }}" notify: - "Restart {{ item.key }} container" # check whether the containers parameter is changed. If yes, trigger the handler - name: Check nova containers become: true kolla_docker: action: "compare_container" common_options: "{{ docker_common_options }}" name: "{{ item.value.container_name }}" image: "{{ item.value.image }}" environment: "{{ item.value.environment|default(omit) }}" pid_mode: "{{ item.value.pid_mode|default('') }}" ipc_mode: "{{ item.value.ipc_mode|default(omit) }}" privileged: "{{ item.value.privileged|default(False) }}" volumes: "{{ item.value.volumes|reject('equalto', '')|list }}" register: check_nova_containers when: - action != "config" - inventory_hostname in groups[item.value.group] - item.value.enabled | bool with_dict: "{{ nova_services }}" notify: - "Restart {{ item.key }} container"