a3dfdfc085
Actually Openstack services configuration can be overriden using many files: - /etc/kolla/config/<< service name >>/<< config file >> - /etc/kolla/config/<< service name >>/<<host>>/<< config file >> - /etc/kolla/config/global.conf - /etc/kolla/config/database.conf - /etc/kolla/config/messaging.conf Only per-service configuration is actually documented here: https://github.com/openstack/kolla-ansible/blob/master/doc/advanced-configuration.rst#L164 Allowing to globally modify service configuration can be perform too, but it can be done in 3 different manners, all not documented: - /etc/kolla/config/global.conf - /etc/kolla/config/database.conf - /etc/kolla/config/messaging.conf database.conf and messaging.conf seems redundant with global.conf. In order to simplify codebase it seems logical to remove them. Documentation has been added for overriding configuration globally and release note has been added too. Closes-Bug: #1682479 Change-Id: I5d922dfc0d938173bad34ac64e490b78db1b7e31
362 lines
12 KiB
YAML
362 lines
12 KiB
YAML
---
|
|
- name: Setting sysctl values
|
|
vars:
|
|
neutron_l3_agent: "{{ neutron_services['neutron-l3-agent'] }}"
|
|
neutron_vpnaas_agent: "{{ neutron_services['neutron-vpnaas-agent'] }}"
|
|
sysctl: name={{ item.name }} value={{ item.value }} sysctl_set=yes
|
|
with_items:
|
|
- { name: "net.ipv4.ip_forward", value: 1}
|
|
- { name: "net.ipv4.conf.all.rp_filter", value: 0}
|
|
- { name: "net.ipv4.conf.default.rp_filter", value: 0}
|
|
when:
|
|
- set_sysctl | bool
|
|
- (neutron_l3_agent.enabled | bool and neutron_l3_agent.host_in_groups | bool)
|
|
or (neutron_vpnaas_agent.enabled | bool and neutron_vpnaas_agent.host_in_groups | bool)
|
|
|
|
- name: Ensuring config directories exist
|
|
file:
|
|
path: "{{ node_config_directory }}/{{ item.key }}"
|
|
state: "directory"
|
|
recurse: yes
|
|
when:
|
|
- item.value.enabled | bool
|
|
- item.value.host_in_groups | bool
|
|
with_dict: "{{ neutron_services }}"
|
|
|
|
- name: Copying over config.json files for services
|
|
template:
|
|
src: "{{ item.key }}.json.j2"
|
|
dest: "{{ node_config_directory }}/{{ item.key }}/config.json"
|
|
register: neutron_config_jsons
|
|
when:
|
|
- item.value.enabled | bool
|
|
- item.value.host_in_groups | bool
|
|
with_dict: "{{ neutron_services }}"
|
|
notify:
|
|
- "Restart {{ item.key }} container"
|
|
|
|
- name: Copying over neutron.conf
|
|
vars:
|
|
service_name: "{{ item.key }}"
|
|
services_need_neutron_conf:
|
|
- "neutron-dhcp-agent"
|
|
- "neutron-l3-agent"
|
|
- "neutron-linuxbridge-agent"
|
|
- "neutron-metadata-agent"
|
|
- "neutron-openvswitch-agent"
|
|
- "neutron-server"
|
|
- "neutron-lbaas-agent"
|
|
- "neutron-vpnaas-agent"
|
|
- "neutron-bgp-dragent"
|
|
merge_configs:
|
|
sources:
|
|
- "{{ role_path }}/templates/neutron.conf.j2"
|
|
- "{{ node_custom_config }}/global.conf"
|
|
- "{{ node_custom_config }}/neutron.conf"
|
|
- "{{ node_custom_config }}/neutron/{{ item.key }}.conf"
|
|
- "{{ node_custom_config }}/neutron/{{ inventory_hostname }}/neutron.conf"
|
|
dest: "{{ node_config_directory }}/{{ item.key }}/neutron.conf"
|
|
register: neutron_confs
|
|
when:
|
|
- item.value.enabled | bool
|
|
- item.value.host_in_groups | bool
|
|
- item.key in services_need_neutron_conf
|
|
with_dict: "{{ neutron_services }}"
|
|
notify:
|
|
- "Restart {{ item.key }} container"
|
|
|
|
- name: Copying over neutron_lbaas.conf
|
|
vars:
|
|
service_name: "{{ item.key }}"
|
|
services_need_neutron_lbaas_conf:
|
|
- "neutron-server"
|
|
- "neutron-lbaas-agent"
|
|
merge_configs:
|
|
sources:
|
|
- "{{ role_path }}/templates/neutron_lbaas.conf.j2"
|
|
- "{{ node_custom_config }}/neutron/neutron_lbaas.conf"
|
|
- "{{ node_custom_config }}/neutron/{{ inventory_hostname }}/neutron_lbaas.conf"
|
|
dest: "{{ node_config_directory }}/{{ item.key }}/neutron_lbaas.conf"
|
|
register: neutron_lbaas_confs
|
|
when:
|
|
- item.value.enabled | bool
|
|
- item.value.host_in_groups | bool
|
|
- item.key in services_need_neutron_lbaas_conf
|
|
with_dict: "{{ neutron_services }}"
|
|
notify:
|
|
- "Restart {{ item.key }} container"
|
|
|
|
- name: Copying over neutron_vpnaas.conf
|
|
vars:
|
|
service_name: "{{ item.key }}"
|
|
services_need_neutron_vpnaas_conf:
|
|
- "neutron-server"
|
|
- "neutron-vpnaas-agent"
|
|
merge_configs:
|
|
sources:
|
|
- "{{ role_path }}/templates/neutron_vpnaas.conf.j2"
|
|
- "{{ node_custom_config }}/neutron/neutron_vpnaas.conf"
|
|
- "{{ node_custom_config }}/neutron/{{ inventory_hostname }}/neutron_vpnaas.conf"
|
|
dest: "{{ node_config_directory }}/{{ item.key }}/neutron_vpnaas.conf"
|
|
register: neutron_vpnaas_confs
|
|
when:
|
|
- item.value.enabled | bool
|
|
- item.value.host_in_groups | bool
|
|
- item.key in services_need_neutron_vpnaas_conf
|
|
with_dict: "{{ neutron_services }}"
|
|
notify:
|
|
- "Restart {{ item.key }} container"
|
|
|
|
- name: Copying over ml2_conf.ini
|
|
vars:
|
|
service_name: "{{ item.key }}"
|
|
services_need_ml2_conf_ini:
|
|
- "neutron-linuxbridge-agent"
|
|
- "neutron-openvswitch-agent"
|
|
- "neutron-server"
|
|
merge_configs:
|
|
sources:
|
|
- "{{ role_path }}/templates/ml2_conf.ini.j2"
|
|
- "{{ node_custom_config }}/neutron/ml2_conf.ini"
|
|
- "{{ node_custom_config }}/neutron/{{ inventory_hostname }}/ml2_conf.ini"
|
|
dest: "{{ node_config_directory }}/{{ service_name }}/ml2_conf.ini"
|
|
register: neutron_ml2_confs
|
|
when:
|
|
- item.key in services_need_ml2_conf_ini
|
|
- item.value.enabled | bool
|
|
- item.value.host_in_groups | bool
|
|
with_dict: "{{ neutron_services }}"
|
|
notify:
|
|
- "Restart {{ item.key }} container"
|
|
|
|
- name: Copying over dhcp_agent.ini
|
|
vars:
|
|
service_name: "neutron-dhcp-agent"
|
|
neutron_dhcp_agent: "{{ neutron_services[service_name] }}"
|
|
merge_configs:
|
|
sources:
|
|
- "{{ role_path }}/templates/dhcp_agent.ini.j2"
|
|
- "{{ node_custom_config }}/neutron/dhcp_agent.ini"
|
|
- "{{ node_custom_config }}/neutron/{{ inventory_hostname }}/dhcp_agent.ini"
|
|
dest: "{{ node_config_directory }}/{{ service_name }}/dhcp_agent.ini"
|
|
register: dhcp_agent_ini
|
|
when:
|
|
- neutron_dhcp_agent.enabled | bool
|
|
- neutron_dhcp_agent.host_in_groups | bool
|
|
notify:
|
|
- "Restart {{ service_name }} container"
|
|
|
|
- name: Copying over dnsmasq.conf
|
|
vars:
|
|
service_name: "neutron-dhcp-agent"
|
|
neutron_dhcp_agent: "{{ neutron_services[service_name] }}"
|
|
template:
|
|
src: "dnsmasq.conf.j2"
|
|
dest: "{{ node_config_directory }}/{{ service_name }}/dnsmasq.conf"
|
|
register: dnsmasq_conf
|
|
when:
|
|
- neutron_dhcp_agent.enabled | bool
|
|
- neutron_dhcp_agent.host_in_groups | bool
|
|
notify:
|
|
- "Restart {{ service_name }} container"
|
|
|
|
- name: Copying over l3_agent.ini
|
|
vars:
|
|
service_name: "{{ item.key }}"
|
|
services_need_l3_agent_ini:
|
|
- "neutron-l3-agent"
|
|
- "neutron-vpnaas-agent"
|
|
merge_configs:
|
|
sources:
|
|
- "{{ role_path }}/templates/l3_agent.ini.j2"
|
|
- "{{ node_custom_config }}/neutron/l3_agent.ini"
|
|
- "{{ node_custom_config }}/neutron/{{ inventory_hostname }}/l3_agent.ini"
|
|
dest: "{{ node_config_directory }}/{{ service_name }}/l3_agent.ini"
|
|
register: neutron_l3_agent_inis
|
|
when:
|
|
- item.key in services_need_l3_agent_ini
|
|
- item.value.enabled | bool
|
|
- item.value.host_in_groups | bool
|
|
with_dict: "{{ neutron_services }}"
|
|
notify:
|
|
- "Restart {{ item.key }} container"
|
|
|
|
- name: Copying over fwaas_driver.ini
|
|
vars:
|
|
service_name: "{{ item.key }}"
|
|
services_need_fwaas_driver_ini:
|
|
- "neutron-server"
|
|
- "neutron-l3-agent"
|
|
- "neutron-vpnaas-agent"
|
|
merge_configs:
|
|
sources:
|
|
- "{{ role_path }}/templates/fwaas_driver.ini.j2"
|
|
- "{{ node_custom_config }}/neutron/fwaas_driver.ini"
|
|
dest: "{{ node_config_directory }}/{{ service_name }}/fwaas_driver.ini"
|
|
register: neutron_fwaas_driver_inis
|
|
when:
|
|
- item.key in services_need_fwaas_driver_ini
|
|
- item.value.enabled | bool
|
|
- item.value.host_in_groups | bool
|
|
with_dict: "{{ neutron_services }}"
|
|
notify:
|
|
- "Restart {{ item.key }} container"
|
|
|
|
- name: Copying over metadata_agent.ini
|
|
vars:
|
|
service_name: "neutron-metadata-agent"
|
|
neutron_metadata_agent: "{{ neutron_services[service_name] }}"
|
|
merge_configs:
|
|
sources:
|
|
- "{{ role_path }}/templates/metadata_agent.ini.j2"
|
|
- "{{ node_custom_config }}/neutron/metadata_agent.ini"
|
|
dest: "{{ node_config_directory }}/{{ service_name }}/metadata_agent.ini"
|
|
register: neutron_metadata_agent_ini
|
|
when:
|
|
- neutron_metadata_agent.enabled | bool
|
|
- neutron_metadata_agent.host_in_groups | bool
|
|
notify:
|
|
- "Restart {{ service_name }} container"
|
|
|
|
- name: Copying over lbaas_agent.ini
|
|
vars:
|
|
service_name: "neutron-lbaas-agent"
|
|
neutron_lbaas_agent: "{{ neutron_services[service_name] }}"
|
|
merge_configs:
|
|
sources:
|
|
- "{{ role_path }}/templates/lbaas_agent.ini.j2"
|
|
- "{{ node_custom_config }}/neutron/lbaas_agent.ini"
|
|
dest: "{{ node_config_directory }}/{{ service_name }}/lbaas_agent.ini"
|
|
register: neutron_lbaas_agent_ini
|
|
when:
|
|
- neutron_lbaas_agent.enabled | bool
|
|
- neutron_lbaas_agent.host_in_groups | bool
|
|
notify:
|
|
- "Restart {{ service_name }} container"
|
|
|
|
- name: Copying over vpnaas_agent.ini
|
|
vars:
|
|
service_name: "neutron-vpnaas-agent"
|
|
neutron_vpnaas_agent: "{{ neutron_services[service_name] }}"
|
|
merge_configs:
|
|
sources:
|
|
- "{{ role_path }}/templates/vpnaas_agent.ini.j2"
|
|
- "{{ node_custom_config }}/neutron/vpnaas_agent.ini"
|
|
dest: "{{ node_config_directory }}/{{ service_name }}/vpnaas_agent.ini"
|
|
register: neutron_vpnaas_agent_ini
|
|
when:
|
|
- neutron_vpnaas_agent.enabled | bool
|
|
- neutron_vpnaas_agent.host_in_groups | bool
|
|
notify:
|
|
- "Restart {{ service_name }} container"
|
|
|
|
- name: Copying over bgp_dragent.ini
|
|
vars:
|
|
service_name: "neutron-bgp-dragent"
|
|
neutron_bgp_dragent: "{{ neutron_services[service_name] }}"
|
|
merge_configs:
|
|
sources:
|
|
- "{{ role_path }}/templates/bgp_dragent.ini.j2"
|
|
- "{{ node_custom_config }}/neutron/bgp_dragent.ini"
|
|
dest: "{{ node_config_directory }}/{{ service_name }}/bgp_dragent.ini"
|
|
register: neutron_bgp_dragent_ini
|
|
when:
|
|
- neutron_bgp_dragent.enabled | bool
|
|
- neutron_bgp_dragent.host_in_groups | bool
|
|
notify:
|
|
- "Restart {{ service_name }} container"
|
|
|
|
- name: Check if policies shall be overwritten
|
|
local_action: stat path="{{ node_custom_config }}/neutron/policy.json"
|
|
run_once: True
|
|
register: neutron_policy
|
|
|
|
- name: Copying over nsx.ini
|
|
vars:
|
|
service_name: "neutron-server"
|
|
neutron_server: "{{ neutron_services[service_name] }}"
|
|
merge_configs:
|
|
sources:
|
|
- "{{ role_path }}/templates/nsx.ini.j2"
|
|
- "{{ node_custom_config }}/neutron/nsx.ini"
|
|
- "{{ node_custom_config }}/neutron/{{ inventory_hostname }}/nsx.ini"
|
|
dest: "{{ node_config_directory }}/{{ service_name }}/nsx.ini"
|
|
register: nsx_ini
|
|
when:
|
|
- neutron_server.enabled | bool
|
|
- neutron_server.host_in_groups | bool
|
|
- neutron_plugin_agent in ['vmware_nsxv', 'vmware_dvs']
|
|
notify:
|
|
- "Restart {{ service_name }} container"
|
|
|
|
- name: Copying over existing policy.json
|
|
vars:
|
|
service_name: "{{ item.key }}"
|
|
services_need_policy_json:
|
|
- "neutron-dhcp-agent"
|
|
- "neutron-l3-agent"
|
|
- "neutron-linuxbridge-agent"
|
|
- "neutron-metadata-agent"
|
|
- "neutron-openvswitch-agent"
|
|
- "neutron-server"
|
|
- "neutron-lbaas-agent"
|
|
- "neutron-vpnaas-agent"
|
|
- "neutron-bgp-dragent"
|
|
template:
|
|
src: "{{ node_custom_config }}/neutron/policy.json"
|
|
dest: "{{ node_config_directory }}/{{ service_name }}/policy.json"
|
|
register: policy_jsons
|
|
when:
|
|
- neutron_policy.stat.exists
|
|
- item.value.enabled | bool
|
|
- item.value.host_in_groups | bool
|
|
with_dict: "{{ neutron_services }}"
|
|
notify:
|
|
- "Restart {{ item.key }} container"
|
|
|
|
- name: Copy neutron-l3-agent-wrapper script
|
|
vars:
|
|
service_name: "neutron-l3-agent"
|
|
service: "{{ neutron_services[service_name] }}"
|
|
template:
|
|
src: neutron-l3-agent-wrapper.sh.j2
|
|
dest: "{{ node_config_directory }}/{{ service_name }}/neutron-l3-agent-wrapper.sh"
|
|
register: neutron_l3_agent_wrapper
|
|
when:
|
|
- service.enabled | bool
|
|
- service.host_in_groups | bool
|
|
notify:
|
|
- "Restart {{ service_name }} container"
|
|
|
|
- name: Copy neutron-vpnaas-agent-wrapper script
|
|
vars:
|
|
service_name: "neutron-vpnaas-agent"
|
|
service: "{{ neutron_services[service_name] }}"
|
|
template:
|
|
src: neutron-vpnaas-agent-wrapper.sh.j2
|
|
dest: "{{ node_config_directory }}/{{ service_name }}/neutron-vpnaas-agent-wrapper.sh"
|
|
register: neutron_vpnaas_agent_wrapper
|
|
when:
|
|
- service.enabled | bool
|
|
- service.host_in_groups | bool
|
|
notify:
|
|
- "Restart {{ service_name }} container"
|
|
|
|
# TODO check the environment change
|
|
- name: Check neutron containers
|
|
kolla_docker:
|
|
action: "compare_container"
|
|
common_options: "{{ docker_common_options }}"
|
|
name: "{{ item.value.container_name }}"
|
|
image: "{{ item.value.image }}"
|
|
privileged: "{{ item.value.privileged | default(False) }}"
|
|
volumes: "{{ item.value.volumes }}"
|
|
register: check_neutron_containers
|
|
when:
|
|
- action != "config"
|
|
- item.value.enabled | bool
|
|
- item.value.host_in_groups | bool
|
|
with_dict: "{{ neutron_services }}"
|
|
notify:
|
|
- "Restart {{ item.key }} container"
|