86870bd7f8
Prevent the haproxy-config role from attempting to modify firewalld when running kolla-ansible genconfig. Closes-Bug: #2002522 Change-Id: Ie8a524cc944aa8cb9cf0999b1b8da79f30b40092
43 lines
1.5 KiB
YAML
43 lines
1.5 KiB
YAML
---
|
|
- name: "Copying over {{ project_name }} haproxy config"
|
|
vars:
|
|
service: "{{ item.value }}"
|
|
haproxy_templates:
|
|
- "{{ node_custom_config }}/haproxy-config/{{ inventory_hostname }}/{{ item.key }}.cfg"
|
|
- "{{ node_custom_config }}/haproxy-config/{{ item.key }}.cfg"
|
|
- "{{ node_custom_config }}/haproxy-config/{{ inventory_hostname }}/{{ haproxy_service_template }}"
|
|
- "{{ node_custom_config }}/haproxy-config/{{ haproxy_service_template }}"
|
|
- "templates/{{ haproxy_service_template }}"
|
|
template_file: "{{ query('first_found', haproxy_templates) | first }}"
|
|
template:
|
|
src: "{{ template_file }}"
|
|
dest: "{{ node_config_directory }}/haproxy/services.d/{{ item.key }}.cfg"
|
|
mode: "0660"
|
|
become: true
|
|
when:
|
|
- service.enabled | bool
|
|
- service.haproxy is defined
|
|
- enable_haproxy | bool
|
|
with_dict: "{{ project_services }}"
|
|
notify:
|
|
- Restart haproxy container
|
|
|
|
- name: "Configuring firewall for {{ project_name }}"
|
|
firewalld:
|
|
offline: "yes"
|
|
permanent: "yes"
|
|
port: "{{ item.value.port }}/tcp"
|
|
state: "enabled"
|
|
zone: "{{ external_api_firewalld_zone }}"
|
|
become: true
|
|
when:
|
|
- enable_haproxy | bool
|
|
- item.value.enabled | bool
|
|
- item.value.port is defined
|
|
- item.value.external | default('false') | bool
|
|
- enable_external_api_firewalld | bool
|
|
- kolla_action != "config"
|
|
with_dict: "{{ project_services | extract_haproxy_services }}"
|
|
notify:
|
|
- "Reload firewalld"
|