kolla-ansible/ansible/roles/nova/tasks/config.yml
Duong Ha-Quang b5d1e4b457 Fix placement of policy.json
Currently, policy.json is put in
"{{ node_config_directory }}/{{ service_name }}"
in target nodes.

Relocation policy.json to "{{ node_config_directory }}/{{ item }}"
with item is corresponding service compoment config directory.

Currently, the policy.json is copied to all services, but it
should be reviewed and left only in neccesary service
(at many cases, only API service needs that).

Redundant files will be removed in follow up patchset.

Change-Id: I0e997dccf4ec438c9c0436db71ec2fd06650f50d
Closes-Bug: #1639686
2016-11-29 16:00:09 +07:00

106 lines
3.1 KiB
YAML

---
- name: Setting sysctl values
sysctl: name={{ item.name }} value={{ item.value }} sysctl_set=yes
with_items:
- { name: "net.bridge.bridge-nf-call-iptables", value: 1}
- { name: "net.bridge.bridge-nf-call-ip6tables", value: 1}
- { name: "net.ipv4.conf.all.rp_filter", value: 0}
- { name: "net.ipv4.conf.default.rp_filter", value: 0}
when:
- set_sysctl | bool
- inventory_hostname in groups['compute']
- name: Ensuring config directories exist
file:
path: "{{ node_config_directory }}/{{ item }}"
state: "directory"
recurse: yes
with_items:
- "nova-api"
- "nova-compute"
- "nova-compute-ironic"
- "nova-conductor"
- "nova-consoleauth"
- "nova-libvirt"
- "nova-novncproxy"
- "nova-scheduler"
- "nova-spicehtml5proxy"
- "nova-ssh"
- name: Copying over config.json files for services
template:
src: "{{ item }}.json.j2"
dest: "{{ node_config_directory }}/{{ item }}/config.json"
with_items:
- "nova-api"
- "nova-compute"
- "nova-compute-ironic"
- "nova-conductor"
- "nova-consoleauth"
- "nova-libvirt"
- "nova-novncproxy"
- "nova-scheduler"
- "nova-spicehtml5proxy"
- "nova-ssh"
- name: Copying over nova.conf
merge_configs:
vars:
service_name: "{{ item }}"
sources:
- "{{ role_path }}/templates/nova.conf.j2"
- "{{ node_custom_config }}/global.conf"
- "{{ node_custom_config }}/database.conf"
- "{{ node_custom_config }}/messaging.conf"
- "{{ node_custom_config }}/nova.conf"
- "{{ node_custom_config }}/nova/{{ item }}.conf"
- "{{ node_custom_config }}/nova/{{ inventory_hostname }}/nova.conf"
dest: "{{ node_config_directory }}/{{ item }}/nova.conf"
with_items:
- "nova-api"
- "nova-compute"
- "nova-compute-ironic"
- "nova-conductor"
- "nova-consoleauth"
- "nova-novncproxy"
- "nova-scheduler"
- "nova-spicehtml5proxy"
- name: Copying over libvirt configuration
template:
src: "{{ item.src }}"
dest: "{{ node_config_directory }}/nova-libvirt/{{ item.dest }}"
with_items:
- { src: "qemu.conf.j2", dest: "qemu.conf" }
- { src: "libvirtd.conf.j2", dest: "libvirtd.conf" }
- name: Copying files for nova-ssh
template:
src: "{{ item.src }}"
dest: "{{ node_config_directory }}/nova-ssh/{{ item.dest }}"
with_items:
- { src: "sshd_config.j2", dest: "sshd_config" }
- { src: "id_rsa", dest: "id_rsa" }
- { src: "id_rsa.pub", dest: "id_rsa.pub" }
- { src: "ssh_config.j2", dest: "ssh_config" }
- name: Check if policies shall be overwritten
local_action: stat path="{{ node_custom_config }}/nova/policy.json"
register: nova_policy
- name: Copying over existing policy.json
template:
src: "{{ node_custom_config }}/nova/policy.json"
dest: "{{ node_config_directory }}/{{ item }}/policy.json"
with_items:
- "nova-api"
- "nova-compute"
- "nova-compute-ironic"
- "nova-conductor"
- "nova-consoleauth"
- "nova-novncproxy"
- "nova-scheduler"
- "nova-spicehtml5proxy"
when:
nova_policy.stat.exists