openstack/ansible-role-systemd_service
Code Issues Proposed changes
476d4a01d3
ansible-role-systemd_service/handlers/main.yml
Kevin Carter 6285b6c638 Build out the PrivateNetwork function for services 
This change adds the ability to effectively use the PrivateNetwork
functionality systemd provides for services. Now, if enabled, services
can be created in a network namespace which isolates it from the reset
of the host. Additional options have been added allowing access into the
network namespace over ephemeral devices as needed.

Highlights:
* Isolated private networking for services will sandbox using a stand
  alone namespace which has no access to anything via the network.
* Access into a private namespace can be provided over a single network
  interface which can be IP'd via local DHCP + NAT or using an upstream
  DHCP server.
* Tests have been added to exercise the new functionality.

All of the funcality has been documented in the defaults of this role.

Change-Id: I6751765131f32393a1605eb2100bec46199d980a
Signed-off-by: Kevin Carter <kevin@cloudnull.com>
2019-02-09 04:06:44 +00:00

35 lines
1.2 KiB
YAML
Raw Blame History

---
# Copyright 2018, Logan Vig <logan2211@gmail.com>
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Restart changed services
systemd:
name: "{{ item.item.service_name | replace(' ', '_') }}.{{ (item.item.timer is defined) | ternary('timer', 'service') }}"
state: restarted
listen: systemd service changed
with_items: "{{ systemd_services_result.results }}"
when:
- 'item.item.restart_changed | default(systemd_service_restart_changed) | bool'
- 'item.item.state is not defined'
- 'item.item.enabled | default(systemd_service_enabled) | bool'
- 'item is changed'
tags:
- systemd-service
- name: systemd networkd restart
systemd:
name: "systemd-networkd"
state: restarted
enabled: true
View Git Blame Copy Permalink