fdea19a305
Currently there are a few services that perform host configuration tasks. This is done in config.yml. This means that these changes are performed during 'kolla-ansible genconfig', when we might expect not to be making any changes to the remote system. This change separates out these host configuration tasks into a config-host.yml file, which is included directly from deploy.yml. One change in behaviour is that this prevents these tasks from running during an upgrade or genconfig. This is probably what we want, but we should be careful when any of these host configuration tasks are changed, to ensure they are applied during an upgrade if necessary. Change-Id: I001defc75d1f1e6caa9b1e11246abc6ce17c775b Closes-Bug: #1860161
446 lines
15 KiB
YAML
446 lines
15 KiB
YAML
---
|
|
- name: Ensuring config directories exist
|
|
become: true
|
|
file:
|
|
path: "{{ node_config_directory }}/{{ item.key }}"
|
|
state: "directory"
|
|
owner: "{{ config_owner_user }}"
|
|
group: "{{ config_owner_group }}"
|
|
mode: "0770"
|
|
when:
|
|
- item.value.enabled | bool
|
|
- item.value.host_in_groups | bool
|
|
with_dict: "{{ neutron_services }}"
|
|
|
|
- name: Check if extra ml2 plugins exists
|
|
find:
|
|
path: "{{ node_custom_config }}/neutron/plugins/"
|
|
delegate_to: localhost
|
|
run_once: True
|
|
changed_when: False
|
|
register: check_extra_ml2_plugins
|
|
|
|
- name: Copying over extra CA certificates
|
|
become: true
|
|
copy:
|
|
src: "{{ node_config }}/certificates/ca/"
|
|
dest: "{{ node_config_directory }}/{{ item.key }}/ca-certificates"
|
|
mode: "0644"
|
|
when:
|
|
- item.value.enabled | bool
|
|
- item.value.host_in_groups | bool
|
|
- kolla_copy_ca_into_containers | bool
|
|
with_dict: "{{ neutron_services }}"
|
|
notify:
|
|
- "Restart {{ item.key }} container"
|
|
|
|
- name: Copying over config.json files for services
|
|
become: true
|
|
template:
|
|
src: "{{ item.key }}.json.j2"
|
|
dest: "{{ node_config_directory }}/{{ item.key }}/config.json"
|
|
mode: "0660"
|
|
when:
|
|
- item.value.enabled | bool
|
|
- item.value.host_in_groups | bool
|
|
with_dict: "{{ neutron_services }}"
|
|
notify:
|
|
- "Restart {{ item.key }} container"
|
|
|
|
- name: Copying over neutron.conf
|
|
become: true
|
|
vars:
|
|
service_name: "{{ item.key }}"
|
|
services_need_neutron_conf:
|
|
- "ironic-neutron-agent"
|
|
- "neutron-dhcp-agent"
|
|
- "neutron-l3-agent"
|
|
- "neutron-linuxbridge-agent"
|
|
- "neutron-metadata-agent"
|
|
- "neutron-metering-agent"
|
|
- "neutron-openvswitch-agent"
|
|
- "neutron-openvswitch-agent-xenapi"
|
|
- "neutron-server"
|
|
- "neutron-bgp-dragent"
|
|
- "neutron-infoblox-ipam-agent"
|
|
- "neutron-sriov-agent"
|
|
merge_configs:
|
|
sources:
|
|
- "{{ role_path }}/templates/neutron.conf.j2"
|
|
- "{{ node_custom_config }}/global.conf"
|
|
- "{{ node_custom_config }}/neutron.conf"
|
|
- "{{ node_custom_config }}/neutron/{{ item.key }}.conf"
|
|
- "{{ node_custom_config }}/neutron/{{ inventory_hostname }}/neutron.conf"
|
|
dest: "{{ node_config_directory }}/{{ item.key }}/neutron.conf"
|
|
mode: "0660"
|
|
when:
|
|
- item.value.enabled | bool
|
|
- item.value.host_in_groups | bool
|
|
- item.key in services_need_neutron_conf
|
|
with_dict: "{{ neutron_services }}"
|
|
notify:
|
|
- "Restart {{ item.key }} container"
|
|
|
|
- name: Copying over neutron_vpnaas.conf
|
|
become: true
|
|
vars:
|
|
service_name: "{{ item.key }}"
|
|
services_need_neutron_vpnaas_conf:
|
|
- "neutron-server"
|
|
- "neutron-l3-agent"
|
|
merge_configs:
|
|
sources:
|
|
- "{{ role_path }}/templates/neutron_vpnaas.conf.j2"
|
|
- "{{ node_custom_config }}/neutron/neutron_vpnaas.conf"
|
|
- "{{ node_custom_config }}/neutron/{{ inventory_hostname }}/neutron_vpnaas.conf"
|
|
dest: "{{ node_config_directory }}/{{ item.key }}/neutron_vpnaas.conf"
|
|
mode: "0660"
|
|
when:
|
|
- item.value.enabled | bool
|
|
- item.value.host_in_groups | bool
|
|
- item.key in services_need_neutron_vpnaas_conf
|
|
with_dict: "{{ neutron_services }}"
|
|
notify:
|
|
- "Restart {{ item.key }} container"
|
|
|
|
- name: Copying over ml2_conf.ini
|
|
become: true
|
|
vars:
|
|
service_name: "{{ item.key }}"
|
|
services_need_ml2_conf_ini:
|
|
- "neutron-infoblox-ipam-agent"
|
|
- "neutron-server"
|
|
merge_configs:
|
|
sources:
|
|
- "{{ role_path }}/templates/ml2_conf.ini.j2"
|
|
- "{{ node_custom_config }}/neutron/ml2_conf.ini"
|
|
- "{{ node_custom_config }}/neutron/{{ inventory_hostname }}/ml2_conf.ini"
|
|
dest: "{{ node_config_directory }}/{{ service_name }}/ml2_conf.ini"
|
|
mode: "0660"
|
|
when:
|
|
- item.key in services_need_ml2_conf_ini
|
|
- item.value.enabled | bool
|
|
- item.value.host_in_groups | bool
|
|
with_dict: "{{ neutron_services }}"
|
|
notify:
|
|
- "Restart {{ item.key }} container"
|
|
|
|
- name: Copying over linuxbridge_agent.ini
|
|
become: true
|
|
vars:
|
|
service_name: "neutron-linuxbridge-agent"
|
|
merge_configs:
|
|
sources:
|
|
- "{{ role_path }}/templates/linuxbridge_agent.ini.j2"
|
|
- "{{ node_custom_config }}/neutron/linuxbridge_agent.ini"
|
|
- "{{ node_custom_config }}/neutron/{{ inventory_hostname }}/linuxbridge_agent.ini"
|
|
# TODO(mnasiadka): Remove in V - left to not break existing deployments
|
|
- "{{ node_custom_config }}/neutron/ml2_conf.ini"
|
|
- "{{ node_custom_config }}/neutron/{{ inventory_hostname }}/ml2_conf.ini"
|
|
dest: "{{ node_config_directory }}/{{ service_name }}/linuxbridge_agent.ini"
|
|
mode: "0660"
|
|
when:
|
|
- neutron_services[service_name].enabled | bool
|
|
- neutron_services[service_name].host_in_groups | bool
|
|
notify:
|
|
- "Restart {{ service_name }} container"
|
|
|
|
- name: Copying over openvswitch_agent.ini
|
|
become: true
|
|
vars:
|
|
service_name: "neutron-openvswitch-agent"
|
|
merge_configs:
|
|
sources:
|
|
- "{{ role_path }}/templates/openvswitch_agent.ini.j2"
|
|
- "{{ node_custom_config }}/neutron/openvswitch_agent.ini"
|
|
- "{{ node_custom_config }}/neutron/{{ inventory_hostname }}/openvswitch_agent.ini"
|
|
# TODO(mnasiadka): Remove in V - left to not break existing deployments
|
|
- "{{ node_custom_config }}/neutron/ml2_conf.ini"
|
|
- "{{ node_custom_config }}/neutron/{{ inventory_hostname }}/ml2_conf.ini"
|
|
dest: "{{ node_config_directory }}/{{ service_name }}/openvswitch_agent.ini"
|
|
mode: "0660"
|
|
when:
|
|
- neutron_services[service_name].enabled | bool
|
|
- neutron_services[service_name].host_in_groups | bool
|
|
notify:
|
|
- "Restart {{ service_name }} container"
|
|
|
|
- name: Copying over openvswitch_agent.ini for XenAPI
|
|
become: true
|
|
vars:
|
|
service_name: "neutron-openvswitch-agent-xenapi"
|
|
os_xenapi_variables: "{{ lookup('file', xenapi_facts_root + '/' + inventory_hostname + '/' + xenapi_facts_file) | from_json }}"
|
|
merge_configs:
|
|
sources:
|
|
- "{{ role_path }}/templates/openvswitch_agent_xenapi.ini.j2"
|
|
- "{{ node_custom_config }}/neutron/openvswitch_agent_xenapi.ini"
|
|
- "{{ node_custom_config }}/neutron/{{ inventory_hostname }}/openvswitch_agent_xenapi.ini"
|
|
- "{{ node_custom_config }}/neutron/{{ service_name }}/openvswitch_agent_xenapi.ini"
|
|
# TODO(mnasiadka): Remove in V - left to not break existing deployments
|
|
- "{{ node_custom_config }}/neutron/ml2_conf.ini"
|
|
- "{{ node_custom_config }}/neutron/{{ inventory_hostname }}/ml2_conf.ini"
|
|
dest: "{{ node_config_directory }}/{{ service_name }}/openvswitch_agent.ini"
|
|
mode: "0660"
|
|
when:
|
|
- neutron_services[service_name].enabled | bool
|
|
- neutron_services[service_name].host_in_groups | bool
|
|
notify:
|
|
- "Restart {{ service_name }} container"
|
|
|
|
- name: Copying over sriov_agent.ini
|
|
vars:
|
|
service_name: "neutron-sriov-agent"
|
|
neutron_sriov_agent: "{{ neutron_services[service_name] }}"
|
|
merge_configs:
|
|
sources:
|
|
- "{{ role_path }}/templates/sriov_agent.ini.j2"
|
|
- "{{ node_custom_config }}/neutron/sriov_agent.ini"
|
|
- "{{ node_custom_config }}/neutron/{{ inventory_hostname }}/sriov_agent.ini"
|
|
dest: "{{ node_config_directory }}/{{ service_name }}/sriov_agent.ini"
|
|
mode: "0660"
|
|
when:
|
|
- neutron_sriov_agent.enabled | bool
|
|
- neutron_sriov_agent.host_in_groups | bool
|
|
notify:
|
|
- "Restart {{ service_name }} container"
|
|
|
|
- name: Copying over dhcp_agent.ini
|
|
become: true
|
|
vars:
|
|
service_name: "neutron-dhcp-agent"
|
|
neutron_dhcp_agent: "{{ neutron_services[service_name] }}"
|
|
merge_configs:
|
|
sources:
|
|
- "{{ role_path }}/templates/dhcp_agent.ini.j2"
|
|
- "{{ node_custom_config }}/neutron/dhcp_agent.ini"
|
|
- "{{ node_custom_config }}/neutron/{{ inventory_hostname }}/dhcp_agent.ini"
|
|
dest: "{{ node_config_directory }}/{{ service_name }}/dhcp_agent.ini"
|
|
mode: "0660"
|
|
when:
|
|
- neutron_dhcp_agent.enabled | bool
|
|
- neutron_dhcp_agent.host_in_groups | bool
|
|
notify:
|
|
- "Restart {{ service_name }} container"
|
|
|
|
- name: Copying over dnsmasq.conf
|
|
become: true
|
|
vars:
|
|
service_name: "neutron-dhcp-agent"
|
|
neutron_dhcp_agent: "{{ neutron_services[service_name] }}"
|
|
template:
|
|
src: "{{ item }}"
|
|
dest: "{{ node_config_directory }}/{{ service_name }}/dnsmasq.conf"
|
|
mode: "0660"
|
|
with_first_found:
|
|
- "{{ node_custom_config }}/neutron/{{ inventory_hostname }}/dnsmasq.conf"
|
|
- "{{ node_custom_config }}/neutron/dnsmasq.conf"
|
|
- "dnsmasq.conf.j2"
|
|
when:
|
|
- neutron_dhcp_agent.enabled | bool
|
|
- neutron_dhcp_agent.host_in_groups | bool
|
|
notify:
|
|
- "Restart {{ service_name }} container"
|
|
|
|
- name: Copying over l3_agent.ini
|
|
become: true
|
|
vars:
|
|
service_name: "{{ item.key }}"
|
|
services_need_l3_agent_ini:
|
|
- "neutron-l3-agent"
|
|
merge_configs:
|
|
sources:
|
|
- "{{ role_path }}/templates/l3_agent.ini.j2"
|
|
- "{{ node_custom_config }}/neutron/l3_agent.ini"
|
|
- "{{ node_custom_config }}/neutron/{{ inventory_hostname }}/l3_agent.ini"
|
|
dest: "{{ node_config_directory }}/{{ service_name }}/l3_agent.ini"
|
|
mode: "0660"
|
|
when:
|
|
- item.key in services_need_l3_agent_ini
|
|
- item.value.enabled | bool
|
|
- item.value.host_in_groups | bool
|
|
with_dict: "{{ neutron_services }}"
|
|
notify:
|
|
- "Restart {{ item.key }} container"
|
|
|
|
- name: Copying over fwaas_driver.ini
|
|
become: true
|
|
vars:
|
|
service_name: "{{ item.key }}"
|
|
services_need_fwaas_driver_ini:
|
|
- "neutron-server"
|
|
- "neutron-l3-agent"
|
|
merge_configs:
|
|
sources:
|
|
- "{{ role_path }}/templates/fwaas_driver.ini.j2"
|
|
- "{{ node_custom_config }}/neutron/fwaas_driver.ini"
|
|
dest: "{{ node_config_directory }}/{{ service_name }}/fwaas_driver.ini"
|
|
mode: "0660"
|
|
when:
|
|
- item.key in services_need_fwaas_driver_ini
|
|
- item.value.enabled | bool
|
|
- item.value.host_in_groups | bool
|
|
with_dict: "{{ neutron_services }}"
|
|
notify:
|
|
- "Restart {{ item.key }} container"
|
|
|
|
- name: Copying over metadata_agent.ini
|
|
become: true
|
|
vars:
|
|
service_name: "neutron-metadata-agent"
|
|
neutron_metadata_agent: "{{ neutron_services[service_name] }}"
|
|
merge_configs:
|
|
sources:
|
|
- "{{ role_path }}/templates/metadata_agent.ini.j2"
|
|
- "{{ node_custom_config }}/neutron/metadata_agent.ini"
|
|
dest: "{{ node_config_directory }}/{{ service_name }}/metadata_agent.ini"
|
|
mode: "0660"
|
|
when:
|
|
- neutron_metadata_agent.enabled | bool
|
|
- neutron_metadata_agent.host_in_groups | bool
|
|
notify:
|
|
- "Restart {{ service_name }} container"
|
|
|
|
- name: Copying over metering_agent.ini
|
|
become: true
|
|
vars:
|
|
service_name: "neutron-metering-agent"
|
|
neutron_metering_agent: "{{ neutron_services[service_name] }}"
|
|
merge_configs:
|
|
sources:
|
|
- "{{ role_path }}/templates/metering_agent.ini.j2"
|
|
- "{{ node_custom_config }}/neutron/metering_agent.ini"
|
|
dest: "{{ node_config_directory }}/{{ service_name }}/metering_agent.ini"
|
|
mode: "0660"
|
|
when:
|
|
- neutron_metering_agent.enabled | bool
|
|
- neutron_metering_agent.host_in_groups | bool
|
|
notify:
|
|
- "Restart {{ service_name }} container"
|
|
|
|
- name: Copying over ironic_neutron_agent.ini
|
|
become: true
|
|
vars:
|
|
service_name: "ironic-neutron-agent"
|
|
ironic_neutron_agent: "{{ neutron_services[service_name] }}"
|
|
merge_configs:
|
|
sources:
|
|
- "{{ role_path }}/templates/ironic_neutron_agent.ini.j2"
|
|
- "{{ node_custom_config }}/neutron/ironic_neutron_agent.ini"
|
|
dest: "{{ node_config_directory }}/{{ service_name }}/ironic_neutron_agent.ini"
|
|
mode: "0660"
|
|
when:
|
|
- ironic_neutron_agent.enabled | bool
|
|
- ironic_neutron_agent.host_in_groups | bool
|
|
notify:
|
|
- "Restart {{ service_name }} container"
|
|
|
|
- name: Copying over bgp_dragent.ini
|
|
become: true
|
|
vars:
|
|
service_name: "neutron-bgp-dragent"
|
|
neutron_bgp_dragent: "{{ neutron_services[service_name] }}"
|
|
merge_configs:
|
|
sources:
|
|
- "{{ role_path }}/templates/bgp_dragent.ini.j2"
|
|
- "{{ node_custom_config }}/neutron/bgp_dragent.ini"
|
|
dest: "{{ node_config_directory }}/{{ service_name }}/bgp_dragent.ini"
|
|
mode: "0660"
|
|
when:
|
|
- neutron_bgp_dragent.enabled | bool
|
|
- neutron_bgp_dragent.host_in_groups | bool
|
|
notify:
|
|
- "Restart {{ service_name }} container"
|
|
|
|
- name: Check if policies shall be overwritten
|
|
stat:
|
|
path: "{{ node_custom_config }}/neutron/policy.json"
|
|
delegate_to: localhost
|
|
run_once: True
|
|
register: neutron_policy
|
|
|
|
- name: Copying over nsx.ini
|
|
vars:
|
|
service_name: "neutron-server"
|
|
neutron_server: "{{ neutron_services[service_name] }}"
|
|
merge_configs:
|
|
sources:
|
|
- "{{ role_path }}/templates/nsx.ini.j2"
|
|
- "{{ node_custom_config }}/neutron/nsx.ini"
|
|
- "{{ node_custom_config }}/neutron/{{ inventory_hostname }}/nsx.ini"
|
|
dest: "{{ node_config_directory }}/{{ service_name }}/nsx.ini"
|
|
mode: "0660"
|
|
when:
|
|
- neutron_server.enabled | bool
|
|
- neutron_server.host_in_groups | bool
|
|
- neutron_plugin_agent in ['vmware_nsxv', 'vmware_nsxv3', 'vmware_dvs']
|
|
notify:
|
|
- "Restart {{ service_name }} container"
|
|
|
|
- name: Copying over existing policy.json
|
|
become: true
|
|
vars:
|
|
service_name: "{{ item.key }}"
|
|
services_need_policy_json:
|
|
- "neutron-dhcp-agent"
|
|
- "neutron-l3-agent"
|
|
- "neutron-linuxbridge-agent"
|
|
- "neutron-metadata-agent"
|
|
- "neutron-metering-agent"
|
|
- "neutron-openvswitch-agent"
|
|
- "neutron-openvswitch-agent-xenapi"
|
|
- "neutron-server"
|
|
- "neutron-bgp-dragent"
|
|
- "neutron-sriov-agent"
|
|
template:
|
|
src: "{{ node_custom_config }}/neutron/policy.json"
|
|
dest: "{{ node_config_directory }}/{{ service_name }}/policy.json"
|
|
mode: "0660"
|
|
when:
|
|
- neutron_policy.stat.exists
|
|
- item.value.enabled | bool
|
|
- item.value.host_in_groups | bool
|
|
with_dict: "{{ neutron_services }}"
|
|
notify:
|
|
- "Restart {{ item.key }} container"
|
|
|
|
- name: Copy neutron-l3-agent-wrapper script
|
|
become: true
|
|
vars:
|
|
service_name: "neutron-l3-agent"
|
|
service: "{{ neutron_services[service_name] }}"
|
|
template:
|
|
src: neutron-l3-agent-wrapper.sh.j2
|
|
dest: "{{ node_config_directory }}/{{ service_name }}/neutron-l3-agent-wrapper.sh"
|
|
mode: "0770"
|
|
when:
|
|
- service.enabled | bool
|
|
- service.host_in_groups | bool
|
|
notify:
|
|
- "Restart {{ service_name }} container"
|
|
|
|
- name: Copying over extra ml2 plugins
|
|
become: true
|
|
vars:
|
|
service_name: "{{ item.0 }}"
|
|
services_need_ml2_conf_ini:
|
|
- "neutron-linuxbridge-agent"
|
|
- "neutron-openvswitch-agent"
|
|
- "neutron-server"
|
|
template:
|
|
src: "{{ item.2.path }}"
|
|
dest: "{{ node_config_directory }}/{{ service_name }}/{{ item.2.path | basename }}"
|
|
mode: "0660"
|
|
when:
|
|
- item.2 is defined
|
|
- item.1.enabled | bool
|
|
- item.1.host_in_groups | bool
|
|
- service_name in services_need_ml2_conf_ini
|
|
with_nested:
|
|
- "{{ neutron_services | dictsort }}"
|
|
- "{{ check_extra_ml2_plugins.files }}"
|
|
notify:
|
|
- "Restart {{ item.0 }} container"
|
|
|
|
- include_tasks: check-containers.yml
|
|
when: kolla_action != "config"
|