--- - name: Ensuring config directories exist become: true file: path: "{{ node_config_directory }}/{{ item.key }}" state: "directory" owner: "{{ config_owner_user }}" group: "{{ config_owner_group }}" mode: "0770" when: - item.value.enabled | bool - item.value.host_in_groups | bool with_dict: "{{ neutron_services }}" - name: Check if extra ml2 plugins exists find: path: "{{ node_custom_config }}/neutron/plugins/" delegate_to: localhost run_once: True changed_when: False register: check_extra_ml2_plugins - include_tasks: copy-certs.yml when: - kolla_copy_ca_into_containers | bool or neutron_enable_tls_backend | bool - name: Creating TLS backend PEM File vars: neutron_tls_proxy: "{{ neutron_services['neutron-tls-proxy'] }}" assemble: src: "{{ node_config_directory }}/neutron-tls-proxy/" dest: "{{ node_config_directory }}/neutron-tls-proxy/neutron-cert-and-key.pem" mode: "0660" regexp: "^neutron-(cert|key)\\.pem$" remote_src: true become: true when: - neutron_tls_proxy.enabled | bool - neutron_tls_proxy.host_in_groups | bool - name: Check if policies shall be overwritten stat: path: "{{ item }}" delegate_to: localhost run_once: True register: neutron_policy with_first_found: - files: "{{ supported_policy_format_list }}" paths: - "{{ node_custom_config }}/neutron/" skip: true - name: Set neutron policy file set_fact: neutron_policy_file: "{{ neutron_policy.results.0.stat.path | basename }}" neutron_policy_file_path: "{{ neutron_policy.results.0.stat.path }}" when: - neutron_policy.results - name: Copying over existing policy file template: src: "{{ neutron_policy_file_path }}" dest: "{{ node_config_directory }}/{{ item.key }}/{{ neutron_policy_file }}" mode: "0660" become: true when: - neutron_policy_file is defined - item.value.enabled | bool - item.value.host_in_groups | bool with_dict: "{{ neutron_services }}" notify: - "Restart {{ item.key }} container" - name: Copying over config.json files for services become: true template: src: "{{ item.key }}.json.j2" dest: "{{ node_config_directory }}/{{ item.key }}/config.json" mode: "0660" when: - item.value.enabled | bool - item.value.host_in_groups | bool with_dict: "{{ neutron_services }}" notify: - "Restart {{ item.key }} container" - name: Copying over neutron.conf become: true vars: service_name: "{{ item.key }}" services_need_neutron_conf: - "ironic-neutron-agent" - "neutron-dhcp-agent" - "neutron-l3-agent" - "neutron-linuxbridge-agent" - "neutron-metadata-agent" - "neutron-ovn-metadata-agent" - "neutron-metering-agent" - "neutron-openvswitch-agent" - "neutron-server" - "neutron-bgp-dragent" - "neutron-infoblox-ipam-agent" - "neutron-sriov-agent" - "neutron-mlnx-agent" - "neutron-eswitchd" - "neutron-ovn-agent" merge_configs: sources: - "{{ role_path }}/templates/neutron.conf.j2" - "{{ node_custom_config }}/global.conf" - "{{ node_custom_config }}/neutron.conf" - "{{ node_custom_config }}/neutron/{{ item.key }}.conf" - "{{ node_custom_config }}/neutron/{{ inventory_hostname }}/neutron.conf" dest: "{{ node_config_directory }}/{{ item.key }}/neutron.conf" mode: "0660" when: - item.value.enabled | bool - item.value.host_in_groups | bool - item.key in services_need_neutron_conf with_dict: "{{ neutron_services }}" notify: - "Restart {{ item.key }} container" - name: Copying over neutron_vpnaas.conf become: true vars: service_name: "{{ item.key }}" services_need_neutron_vpnaas_conf: - "neutron-server" - "neutron-l3-agent" merge_configs: sources: - "{{ role_path }}/templates/neutron_vpnaas.conf.j2" - "{{ node_custom_config }}/neutron/neutron_vpnaas.conf" - "{{ node_custom_config }}/neutron/{{ inventory_hostname }}/neutron_vpnaas.conf" dest: "{{ node_config_directory }}/{{ item.key }}/neutron_vpnaas.conf" mode: "0660" when: - item.value.enabled | bool - item.value.host_in_groups | bool - item.key in services_need_neutron_vpnaas_conf with_dict: "{{ neutron_services }}" notify: - "Restart {{ item.key }} container" - name: Copying over ssh key become: true vars: neutron_server: "{{ neutron_services['neutron-server'] }}" template: src: "id_rsa" dest: "{{ node_config_directory }}/neutron-server/id_rsa" mode: 0600 when: - neutron_server.enabled | bool - neutron_server.host_in_groups | bool - name: Copying over ml2_conf.ini become: true vars: service_name: "{{ item.key }}" services_need_ml2_conf_ini: - "neutron-infoblox-ipam-agent" - "neutron-server" merge_configs: sources: - "{{ role_path }}/templates/ml2_conf.ini.j2" - "{{ node_custom_config }}/neutron/ml2_conf.ini" - "{{ node_custom_config }}/neutron/{{ inventory_hostname }}/ml2_conf.ini" dest: "{{ node_config_directory }}/{{ service_name }}/ml2_conf.ini" mode: "0660" when: - item.key in services_need_ml2_conf_ini - item.value.enabled | bool - item.value.host_in_groups | bool with_dict: "{{ neutron_services }}" notify: - "Restart {{ item.key }} container" - name: Copying over linuxbridge_agent.ini become: true vars: service_name: "neutron-linuxbridge-agent" merge_configs: sources: - "{{ role_path }}/templates/linuxbridge_agent.ini.j2" - "{{ node_custom_config }}/neutron/linuxbridge_agent.ini" - "{{ node_custom_config }}/neutron/{{ inventory_hostname }}/linuxbridge_agent.ini" dest: "{{ node_config_directory }}/{{ service_name }}/linuxbridge_agent.ini" mode: "0660" when: - neutron_services[service_name].enabled | bool - neutron_services[service_name].host_in_groups | bool notify: - "Restart {{ service_name }} container" - name: Copying over openvswitch_agent.ini become: true vars: service_name: "neutron-openvswitch-agent" merge_configs: sources: - "{{ role_path }}/templates/openvswitch_agent.ini.j2" - "{{ node_custom_config }}/neutron/openvswitch_agent.ini" - "{{ node_custom_config }}/neutron/{{ inventory_hostname }}/openvswitch_agent.ini" dest: "{{ node_config_directory }}/{{ service_name }}/openvswitch_agent.ini" mode: "0660" when: - neutron_services[service_name].enabled | bool - neutron_services[service_name].host_in_groups | bool notify: - "Restart {{ service_name }} container" - name: Copying over sriov_agent.ini become: true vars: service_name: "neutron-sriov-agent" neutron_sriov_agent: "{{ neutron_services[service_name] }}" merge_configs: sources: - "{{ role_path }}/templates/sriov_agent.ini.j2" - "{{ node_custom_config }}/neutron/sriov_agent.ini" - "{{ node_custom_config }}/neutron/{{ inventory_hostname }}/sriov_agent.ini" dest: "{{ node_config_directory }}/{{ service_name }}/sriov_agent.ini" mode: "0660" when: - neutron_sriov_agent.enabled | bool - neutron_sriov_agent.host_in_groups | bool notify: - "Restart {{ service_name }} container" - name: Copying over mlnx_agent.ini become: true vars: service_name: "neutron-mlnx-agent" neutron_mlnx_agent: "{{ neutron_services[service_name] }}" merge_configs: sources: - "{{ role_path }}/templates/mlnx_agent.ini.j2" - "{{ node_custom_config }}/neutron/mlnx_agent.ini" - "{{ node_custom_config }}/neutron/{{ inventory_hostname }}/mlnx_agent.ini" dest: "{{ node_config_directory }}/{{ service_name }}/mlnx_agent.ini" mode: "0660" when: - neutron_mlnx_agent.enabled | bool - neutron_mlnx_agent.host_in_groups | bool notify: - "Restart {{ service_name }} container" - name: Copying over eswitchd.conf become: true vars: service_name: "neutron-eswitchd" neutron_eswitchd: "{{ neutron_services[service_name] }}" merge_configs: sources: - "{{ role_path }}/templates/eswitchd.conf.j2" - "{{ node_custom_config }}/neutron/eswitchd.conf" - "{{ node_custom_config }}/neutron/{{ inventory_hostname }}/eswitchd.conf" dest: "{{ node_config_directory }}/{{ service_name }}/eswitchd.conf" mode: "0660" when: - neutron_eswitchd.enabled | bool - neutron_eswitchd.host_in_groups | bool notify: - "Restart {{ service_name }} container" - name: Copying over dhcp_agent.ini become: true vars: service_name: "neutron-dhcp-agent" neutron_dhcp_agent: "{{ neutron_services[service_name] }}" merge_configs: sources: - "{{ role_path }}/templates/dhcp_agent.ini.j2" - "{{ node_custom_config }}/neutron/dhcp_agent.ini" - "{{ node_custom_config }}/neutron/{{ inventory_hostname }}/dhcp_agent.ini" dest: "{{ node_config_directory }}/{{ service_name }}/dhcp_agent.ini" mode: "0660" when: - neutron_dhcp_agent.enabled | bool - neutron_dhcp_agent.host_in_groups | bool notify: - "Restart {{ service_name }} container" - name: Copying over dnsmasq.conf become: true vars: service_name: "neutron-dhcp-agent" neutron_dhcp_agent: "{{ neutron_services[service_name] }}" template: src: "{{ item }}" dest: "{{ node_config_directory }}/{{ service_name }}/dnsmasq.conf" mode: "0660" with_first_found: - "{{ node_custom_config }}/neutron/{{ inventory_hostname }}/dnsmasq.conf" - "{{ node_custom_config }}/neutron/dnsmasq.conf" - "dnsmasq.conf.j2" when: - neutron_dhcp_agent.enabled | bool - neutron_dhcp_agent.host_in_groups | bool notify: - "Restart {{ service_name }} container" - name: Copying over l3_agent.ini become: true vars: service_name: "{{ item.key }}" services_need_l3_agent_ini: - "neutron-l3-agent" merge_configs: sources: - "{{ role_path }}/templates/l3_agent.ini.j2" - "{{ node_custom_config }}/neutron/l3_agent.ini" - "{{ node_custom_config }}/neutron/{{ inventory_hostname }}/l3_agent.ini" dest: "{{ node_config_directory }}/{{ service_name }}/l3_agent.ini" mode: "0660" when: - item.key in services_need_l3_agent_ini - item.value.enabled | bool - item.value.host_in_groups | bool with_dict: "{{ neutron_services }}" notify: - "Restart {{ item.key }} container" - name: Copying over metadata_agent.ini become: true vars: service_name: "neutron-metadata-agent" neutron_metadata_agent: "{{ neutron_services[service_name] }}" merge_configs: sources: - "{{ role_path }}/templates/metadata_agent.ini.j2" - "{{ node_custom_config }}/neutron/metadata_agent.ini" dest: "{{ node_config_directory }}/{{ service_name }}/metadata_agent.ini" mode: "0660" when: - neutron_metadata_agent.enabled | bool - neutron_metadata_agent.host_in_groups | bool notify: - "Restart {{ service_name }} container" - name: Copying over neutron_ovn_metadata_agent.ini become: true vars: service_name: "neutron-ovn-metadata-agent" neutron_ovn_metadata_agent: "{{ neutron_services[service_name] }}" merge_configs: sources: - "{{ role_path }}/templates/neutron_ovn_metadata_agent.ini.j2" - "{{ node_custom_config }}/neutron/neutron_ovn_metadata_agent.ini" dest: "{{ node_config_directory }}/{{ service_name }}/neutron_ovn_metadata_agent.ini" mode: "0660" when: - neutron_ovn_metadata_agent.enabled | bool - neutron_ovn_metadata_agent.host_in_groups | bool notify: - "Restart {{ service_name }} container" - name: Copying over metering_agent.ini become: true vars: service_name: "neutron-metering-agent" neutron_metering_agent: "{{ neutron_services[service_name] }}" merge_configs: sources: - "{{ role_path }}/templates/metering_agent.ini.j2" - "{{ node_custom_config }}/neutron/metering_agent.ini" dest: "{{ node_config_directory }}/{{ service_name }}/metering_agent.ini" mode: "0660" when: - neutron_metering_agent.enabled | bool - neutron_metering_agent.host_in_groups | bool notify: - "Restart {{ service_name }} container" - name: Copying over ironic_neutron_agent.ini become: true vars: service_name: "ironic-neutron-agent" ironic_neutron_agent: "{{ neutron_services[service_name] }}" merge_configs: sources: - "{{ role_path }}/templates/ironic_neutron_agent.ini.j2" - "{{ node_custom_config }}/neutron/ironic_neutron_agent.ini" dest: "{{ node_config_directory }}/{{ service_name }}/ironic_neutron_agent.ini" mode: "0660" when: - ironic_neutron_agent.enabled | bool - ironic_neutron_agent.host_in_groups | bool notify: - "Restart {{ service_name }} container" - name: Copying over bgp_dragent.ini become: true vars: service_name: "neutron-bgp-dragent" neutron_bgp_dragent: "{{ neutron_services[service_name] }}" merge_configs: sources: - "{{ role_path }}/templates/bgp_dragent.ini.j2" - "{{ node_custom_config }}/neutron/bgp_dragent.ini" dest: "{{ node_config_directory }}/{{ service_name }}/bgp_dragent.ini" mode: "0660" when: - neutron_bgp_dragent.enabled | bool - neutron_bgp_dragent.host_in_groups | bool notify: - "Restart {{ service_name }} container" - name: Copying over ovn_agent.ini become: true vars: service_name: "neutron-ovn-agent" neutron_ovn_agent: "{{ neutron_services[service_name] }}" merge_configs: sources: - "{{ role_path }}/templates/ovn_agent.ini.j2" - "{{ node_custom_config }}/neutron/ovn_agent.ini" dest: "{{ node_config_directory }}/{{ service_name }}/ovn_agent.ini" mode: "0660" when: - neutron_ovn_agent.enabled | bool - neutron_ovn_agent.host_in_groups | bool notify: - "Restart {{ service_name }} container" - name: Copying over nsx.ini become: true vars: service_name: "neutron-server" neutron_server: "{{ neutron_services[service_name] }}" merge_configs: sources: - "{{ role_path }}/templates/nsx.ini.j2" - "{{ node_custom_config }}/neutron/nsx.ini" - "{{ node_custom_config }}/neutron/{{ inventory_hostname }}/nsx.ini" dest: "{{ node_config_directory }}/{{ service_name }}/nsx.ini" mode: "0660" when: - neutron_server.enabled | bool - neutron_server.host_in_groups | bool - neutron_plugin_agent in ['vmware_nsxv', 'vmware_nsxv3', 'vmware_nsxp', 'vmware_dvs'] notify: - "Restart {{ service_name }} container" - name: Copy neutron-l3-agent-wrapper script become: true vars: service_name: "neutron-l3-agent" service: "{{ neutron_services[service_name] }}" template: src: neutron-l3-agent-wrapper.sh.j2 dest: "{{ node_config_directory }}/{{ service_name }}/neutron-l3-agent-wrapper.sh" mode: "0770" when: - service.enabled | bool - service.host_in_groups | bool notify: - "Restart {{ service_name }} container" - name: Copying over extra ml2 plugins become: true vars: service_name: "{{ item.0 }}" services_need_ml2_conf_ini: - "neutron-linuxbridge-agent" - "neutron-openvswitch-agent" - "neutron-server" template: src: "{{ item.2.path }}" dest: "{{ node_config_directory }}/{{ service_name }}/{{ item.2.path | basename }}" mode: "0660" when: - item.2 is defined - item.1.enabled | bool - item.1.host_in_groups | bool - service_name in services_need_ml2_conf_ini with_nested: - "{{ neutron_services | dictsort }}" - "{{ check_extra_ml2_plugins.files }}" notify: - "Restart {{ item.0 }} container" - name: Copying over neutron-tls-proxy.cfg vars: neutron_tls_proxy: "{{ neutron_services['neutron-tls-proxy'] }}" template: src: "{{ item }}" dest: "{{ node_config_directory }}/neutron-tls-proxy/neutron-tls-proxy.cfg" mode: "0660" become: true with_first_found: - "{{ node_custom_config }}/neutron/{{ inventory_hostname }}/neutron-tls-proxy.cfg" - "{{ node_custom_config }}/neutron/neutron-tls-proxy.cfg" - "neutron-tls-proxy.cfg.j2" when: - neutron_tls_proxy.enabled | bool - neutron_tls_proxy.host_in_groups | bool notify: - Restart neutron-tls-proxy container - name: Copying over neutron_taas.conf become: true vars: service_name: "{{ item.key }}" services_need_neutron_taas_conf: - "neutron-server" - "neutron-openvswitch-agent" merge_configs: sources: - "{{ role_path }}/templates/neutron_taas.conf.j2" - "{{ node_custom_config }}/neutron/neutron_taas.conf" - "{{ node_custom_config }}/neutron/{{ inventory_hostname }}/neutron_taas.conf" dest: "{{ node_config_directory }}/{{ item.key }}/neutron_taas.conf" mode: "0660" when: - enable_neutron_taas | bool - item.value.enabled | bool - item.value.host_in_groups | bool - item.key in services_need_neutron_taas_conf with_dict: "{{ neutron_services }}" notify: - "Restart {{ item.key }} container"