---
- name: Setting sysctl values
vars:
neutron_l3_agent: "{{ neutron_services['neutron-l3-agent'] }}"
neutron_vpnaas_agent: "{{ neutron_services['neutron-vpnaas-agent'] }}"
sysctl: name={{ item.name }} value={{ item.value }} sysctl_set=yes
with_items:
- { name: "net.ipv4.ip_forward", value: 1}
- { name: "net.ipv4.conf.all.rp_filter", value: 0}
- { name: "net.ipv4.conf.default.rp_filter", value: 0}
when:
- set_sysctl | bool
- (neutron_l3_agent.enabled | bool and neutron_l3_agent.host_in_groups | bool)
or (neutron_vpnaas_agent.enabled | bool and neutron_vpnaas_agent.host_in_groups | bool)
- name: Ensuring config directories exist
file:
path: "{{ node_config_directory }}/{{ item.key }}"
state: "directory"
recurse: yes
when:
- item.value.enabled | bool
- item.value.host_in_groups | bool
with_dict: "{{ neutron_services }}"
- name: Copying over config.json files for services
template:
src: "{{ item.key }}.json.j2"
dest: "{{ node_config_directory }}/{{ item.key }}/config.json"
register: neutron_config_jsons
when:
- item.value.enabled | bool
- item.value.host_in_groups | bool
with_dict: "{{ neutron_services }}"
notify:
- "Restart {{ item.key }} container"
- name: Copying over neutron.conf
vars:
service_name: "{{ item.key }}"
services_need_neutron_conf:
- "neutron-dhcp-agent"
- "neutron-l3-agent"
- "neutron-linuxbridge-agent"
- "neutron-metadata-agent"
- "neutron-openvswitch-agent"
- "neutron-server"
- "neutron-lbaas-agent"
- "neutron-vpnaas-agent"
merge_configs:
sources:
- "{{ role_path }}/templates/neutron.conf.j2"
- "{{ node_custom_config }}/global.conf"
- "{{ node_custom_config }}/database.conf"
- "{{ node_custom_config }}/messaging.conf"
- "{{ node_custom_config }}/neutron.conf"
- "{{ node_custom_config }}/neutron/{{ item.key }}.conf"
- "{{ node_custom_config }}/neutron/{{ inventory_hostname }}/neutron.conf"
dest: "{{ node_config_directory }}/{{ item.key }}/neutron.conf"
register: neutron_confs
when:
- item.value.enabled | bool
- item.value.host_in_groups | bool
- item.key in services_need_neutron_conf
with_dict: "{{ neutron_services }}"
notify:
- "Restart {{ item.key }} container"
- name: Copying over neutron_lbaas.conf
vars:
service_name: "{{ item.key }}"
services_need_neutron_lbaas_conf:
- "neutron-server"
- "neutron-lbaas-agent"
merge_configs:
sources:
- "{{ role_path }}/templates/neutron_lbaas.conf.j2"
- "{{ node_custom_config }}/neutron/neutron_lbaas.conf"
- "{{ node_custom_config }}/neutron/{{ inventory_hostname }}/neutron_lbaas.conf"
dest: "{{ node_config_directory }}/{{ item.key }}/neutron_lbaas.conf"
register: neutron_lbaas_confs
when:
- item.value.enabled | bool
- item.value.host_in_groups | bool
- item.key in services_need_neutron_lbaas_conf
with_dict: "{{ neutron_services }}"
notify:
- "Restart {{ item.key }} container"
- name: Copying over neutron_vpnaas.conf
vars:
service_name: "neutron-server"
neutron_server: "{{ neutron_services[service_name] }}"
merge_configs:
sources:
- "{{ role_path }}/templates/neutron_vpnaas.conf.j2"
- "{{ node_custom_config }}/neutron/neutron_vpnaas.conf"
- "{{ node_custom_config }}/neutron/{{ inventory_hostname }}/neutron_vpnaas.conf"
dest: "{{ node_config_directory }}/{{ service_name }}/neutron_vpnaas.conf"
register: neutron_vpnaas_conf
when:
- neutron_server.enabled | bool
- neutron_server.host_in_groups | bool
notify:
- "Restart {{ service_name }} container"
- name: Copying over ml2_conf.ini
vars:
service_name: "{{ item.key }}"
services_need_ml2_conf_ini:
- "neutron-dhcp-agent"
- "neutron-l3-agent"
- "neutron-linuxbridge-agent"
- "neutron-lbaas-agent"
- "neutron-metadata-agent"
- "neutron-openvswitch-agent"
- "neutron-server"
- "neutron-vpnaas-agent"
merge_configs:
sources:
- "{{ role_path }}/templates/ml2_conf.ini.j2"
- "{{ node_custom_config }}/neutron/ml2_conf.ini"
- "{{ node_custom_config }}/neutron/{{ inventory_hostname }}/ml2_conf.ini"
dest: "{{ node_config_directory }}/{{ service_name }}/ml2_conf.ini"
register: neutron_ml2_confs
when:
- item.key in services_need_ml2_conf_ini
- item.value.enabled | bool
- item.value.host_in_groups | bool
with_dict: "{{ neutron_services }}"
notify:
- "Restart {{ item.key }} container"
- name: Copying over dhcp_agent.ini
vars:
service_name: "neutron-dhcp-agent"
neutron_dhcp_agent: "{{ neutron_services[service_name] }}"
merge_configs:
sources:
- "{{ role_path }}/templates/dhcp_agent.ini.j2"
- "{{ node_custom_config }}/neutron/dhcp_agent.ini"
- "{{ node_custom_config }}/neutron/{{ inventory_hostname }}/dhcp_agent.ini"
dest: "{{ node_config_directory }}/{{ service_name }}/dhcp_agent.ini"
register: dhcp_agent_ini
when:
- neutron_dhcp_agent.enabled | bool
- neutron_dhcp_agent.host_in_groups | bool
notify:
- "Restart {{ service_name }} container"
- name: Copying over dnsmasq.conf
vars:
service_name: "neutron-dhcp-agent"
neutron_dhcp_agent: "{{ neutron_services[service_name] }}"
template:
src: "dnsmasq.conf.j2"
dest: "{{ node_config_directory }}/{{ service_name }}/dnsmasq.conf"
register: dnsmasq_conf
when:
- neutron_dhcp_agent.enabled | bool
- neutron_dhcp_agent.host_in_groups | bool
notify:
- "Restart {{ service_name }} container"
- name: Copying over l3_agent.ini
vars:
service_name: "{{ item.key }}"
services_need_l3_agent_ini:
- "neutron-l3-agent"
- "neutron-vpnaas-agent"
merge_configs:
sources:
- "{{ role_path }}/templates/l3_agent.ini.j2"
- "{{ node_custom_config }}/neutron/l3_agent.ini"
- "{{ node_custom_config }}/neutron/{{ inventory_hostname }}/l3_agent.ini"
dest: "{{ node_config_directory }}/{{ service_name }}/l3_agent.ini"
register: neutron_l3_agent_inis
when:
- item.key in services_need_l3_agent_ini
- item.value.enabled | bool
- item.value.host_in_groups | bool
with_dict: "{{ neutron_services }}"
notify:
- "Restart {{ item.key }} container"
- name: Copying over fwaas_driver.ini
vars:
service_name: "{{ item.key }}"
services_need_fwaas_driver_ini:
- "neutron-l3-agent"
- "neutron-vpnaas-agent"
merge_configs:
sources:
- "{{ role_path }}/templates/fwaas_driver.ini.j2"
- "{{ node_custom_config }}/neutron/fwaas_driver.ini"
dest: "{{ node_config_directory }}/{{ service_name }}/fwaas_driver.ini"
register: neutron_fwaas_driver_inis
when:
- item.key in services_need_fwaas_driver_ini
- item.value.enabled | bool
- item.value.host_in_groups | bool
with_dict: "{{ neutron_services }}"
notify:
- "Restart {{ item.key }} container"
- name: Copying over metadata_agent.ini
vars:
service_name: "neutron-metadata-agent"
neutron_metadata_agent: "{{ neutron_services[service_name] }}"
merge_configs:
sources:
- "{{ role_path }}/templates/metadata_agent.ini.j2"
- "{{ node_custom_config }}/neutron/metadata_agent.ini"
dest: "{{ node_config_directory }}/{{ service_name }}/metadata_agent.ini"
register: neutron_metadata_agent_ini
when:
- neutron_metadata_agent.enabled | bool
- neutron_metadata_agent.host_in_groups | bool
notify:
- "Restart {{ service_name }} container"
- name: Copying over lbaas_agent.ini
vars:
service_name: "neutron-lbaas-agent"
neutron_lbaas_agent: "{{ neutron_services['neutron-lbaas-agent'] }}"
merge_configs:
sources:
- "{{ role_path }}/templates/lbaas_agent.ini.j2"
- "{{ node_custom_config }}/neutron/lbaas_agent.ini"
dest: "{{ node_config_directory }}/{{ service_name }}/lbaas_agent.ini"
register: neutron_lbaas_agent_ini
when:
- neutron_lbaas_agent.enabled | bool
- neutron_lbaas_agent.host_in_groups | bool
notify:
- "Restart {{ service_name }} container"
- name: Copying over vpnaas_agent.ini
vars:
service_name: "neutron-vpnaas-agent"
neutron_vpnaas_agent: "{{ neutron_services['neutron-vpnaas-agent'] }}"
merge_configs:
sources:
- "{{ role_path }}/templates/vpnaas_agent.ini.j2"
- "{{ node_custom_config }}/config/neutron/vpnaas_agent.ini"
dest: "{{ node_config_directory }}/{{ service_name }}/vpnaas_agent.ini"
register: neutron_vpnaas_agent_ini
when:
- neutron_vpnaas_agent.enabled | bool
- neutron_vpnaas_agent.host_in_groups | bool
notify:
- "Restart {{ service_name }} container"
- name: Check if policies shall be overwritten
local_action: stat path="{{ node_custom_config }}/neutron/policy.json"
register: neutron_policy
- name: Copying over existing policy.json
vars:
service_name: "{{ item.key }}"
services_need_policy_json:
- "neutron-dhcp-agent"
- "neutron-l3-agent"
- "neutron-linuxbridge-agent"
- "neutron-metadata-agent"
- "neutron-openvswitch-agent"
- "neutron-server"
- "neutron-lbaas-agent"
- "neutron-vpnaas-agent"
template:
src: "{{ node_custom_config }}/neutron/policy.json"
dest: "{{ node_config_directory }}/{{ service_name }}/policy.json"
register: policy_jsons
when:
- neutron_policy.stat.exists | bool
- item.value.enabled | bool
- item.value.host_in_groups | bool
with_dict: "{{ neutron_services }}"
notify:
- "Restart {{ item.key }} container"
# TODO check the environment change
- name: Check neutron containers
kolla_docker:
action: "compare_container"
common_options: "{{ docker_common_options }}"
name: "{{ item.value.container_name }}"
image: "{{ item.value.image }}"
privileged: "{{ item.value.privileged | default(False) }}"
volumes: "{{ item.value.volumes }}"
register: check_neutron_containers
when:
- action != "config"
- item.value.enabled | bool
- item.value.host_in_groups | bool
with_dict: "{{ neutron_services }}"
notify:
- "Restart {{ item.key }} container"