Support policy.yaml file [part 3]
- Heat - Ironic - Magum - Manila - Mistral This will copy only yaml or json policy file if they exist. Change-Id: I1ab71e2758dc99dd6654d433ece79600f0c44ce8 Implements: blueprint support-custom-policy-yaml Co-authored-By: Duong Ha-Quang <duonghq@vn.fujitsu.com>
This commit is contained in:
parent
574c68b375
commit
35b165c5f1
@ -5,7 +5,7 @@
|
|||||||
service: "{{ heat_services[service_name] }}"
|
service: "{{ heat_services[service_name] }}"
|
||||||
config_json: "{{ heat_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
config_json: "{{ heat_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
heat_conf: "{{ heat_confs.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
heat_conf: "{{ heat_confs.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
policy_json: "{{ heat_policy_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
policy_overwriting: "{{ heat_policy_overwriting.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
heat_api_container: "{{ check_heat_containers.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
heat_api_container: "{{ check_heat_containers.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
kolla_docker:
|
kolla_docker:
|
||||||
action: "recreate_or_restart_container"
|
action: "recreate_or_restart_container"
|
||||||
@ -19,7 +19,7 @@
|
|||||||
- service.enabled | bool
|
- service.enabled | bool
|
||||||
- config_json.changed | bool
|
- config_json.changed | bool
|
||||||
or heat_conf.changed | bool
|
or heat_conf.changed | bool
|
||||||
or policy_json.changed | bool
|
or policy_overwriting.changed | bool
|
||||||
or heat_api_container.changed | bool
|
or heat_api_container.changed | bool
|
||||||
|
|
||||||
- name: Restart heat-api-cfn container
|
- name: Restart heat-api-cfn container
|
||||||
@ -28,7 +28,7 @@
|
|||||||
service: "{{ heat_services[service_name] }}"
|
service: "{{ heat_services[service_name] }}"
|
||||||
config_json: "{{ heat_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
config_json: "{{ heat_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
heat_conf: "{{ heat_confs.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
heat_conf: "{{ heat_confs.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
policy_json: "{{ heat_policy_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
policy_overwriting: "{{ heat_policy_overwriting.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
heat_api_cfn_container: "{{ check_heat_containers.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
heat_api_cfn_container: "{{ check_heat_containers.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
kolla_docker:
|
kolla_docker:
|
||||||
action: "recreate_or_restart_container"
|
action: "recreate_or_restart_container"
|
||||||
@ -42,7 +42,7 @@
|
|||||||
- service.enabled | bool
|
- service.enabled | bool
|
||||||
- config_json.changed | bool
|
- config_json.changed | bool
|
||||||
or heat_conf.changed | bool
|
or heat_conf.changed | bool
|
||||||
or policy_json.changed | bool
|
or policy_overwriting.changed | bool
|
||||||
or heat_api_cfn_container.changed | bool
|
or heat_api_cfn_container.changed | bool
|
||||||
|
|
||||||
- name: Restart heat-engine container
|
- name: Restart heat-engine container
|
||||||
@ -51,7 +51,7 @@
|
|||||||
service: "{{ heat_services[service_name] }}"
|
service: "{{ heat_services[service_name] }}"
|
||||||
config_json: "{{ heat_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
config_json: "{{ heat_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
heat_conf: "{{ heat_confs.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
heat_conf: "{{ heat_confs.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
policy_json: "{{ heat_policy_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
policy_overwriting: "{{ heat_policy_overwriting.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
heat_engine_container: "{{ check_heat_containers.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
heat_engine_container: "{{ check_heat_containers.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
kolla_docker:
|
kolla_docker:
|
||||||
action: "recreate_or_restart_container"
|
action: "recreate_or_restart_container"
|
||||||
@ -65,5 +65,5 @@
|
|||||||
- service.enabled | bool
|
- service.enabled | bool
|
||||||
- config_json.changed | bool
|
- config_json.changed | bool
|
||||||
or heat_conf.changed | bool
|
or heat_conf.changed | bool
|
||||||
or policy_json.changed | bool
|
or policy_overwriting.changed | bool
|
||||||
or heat_engine_container.changed | bool
|
or heat_engine_container.changed | bool
|
||||||
|
@ -13,6 +13,23 @@
|
|||||||
- item.value.enabled | bool
|
- item.value.enabled | bool
|
||||||
with_dict: "{{ heat_services }}"
|
with_dict: "{{ heat_services }}"
|
||||||
|
|
||||||
|
- name: Check if policies shall be overwritten
|
||||||
|
local_action: stat path="{{ item }}"
|
||||||
|
run_once: True
|
||||||
|
register: heat_policy
|
||||||
|
with_first_found:
|
||||||
|
- files: "{{ supported_policy_format_list }}"
|
||||||
|
paths:
|
||||||
|
- "{{ node_custom_config }}/heat/"
|
||||||
|
skip: true
|
||||||
|
|
||||||
|
- name: Set heat policy file
|
||||||
|
set_fact:
|
||||||
|
heat_policy_file: "{{ heat_policy.results.0.stat.path | basename }}"
|
||||||
|
heat_policy_file_path: "{{ heat_policy.results.0.stat.path }}"
|
||||||
|
when:
|
||||||
|
- heat_policy.results
|
||||||
|
|
||||||
- name: Copying over config.json files for services
|
- name: Copying over config.json files for services
|
||||||
become: true
|
become: true
|
||||||
template:
|
template:
|
||||||
@ -61,20 +78,15 @@
|
|||||||
- Restart heat-api-cfn container
|
- Restart heat-api-cfn container
|
||||||
- Restart heat-engine container
|
- Restart heat-engine container
|
||||||
|
|
||||||
- name: Check if policies shall be overwritten
|
- name: Copying over existing policy file
|
||||||
local_action: stat path="{{ node_custom_config }}/heat/policy.json"
|
|
||||||
run_once: True
|
|
||||||
register: heat_policy
|
|
||||||
|
|
||||||
- name: Copying over existing policy.json
|
|
||||||
become: true
|
become: true
|
||||||
template:
|
template:
|
||||||
src: "{{ node_custom_config }}/heat/policy.json"
|
src: "{{ heat_policy_file_path }}"
|
||||||
dest: "{{ node_config_directory }}/{{ item.key }}/policy.json"
|
dest: "{{ node_config_directory }}/{{ item.key }}/{{ heat_policy_file }}"
|
||||||
mode: "0660"
|
mode: "0660"
|
||||||
register: heat_policy_jsons
|
register: heat_policy_overwriting
|
||||||
when:
|
when:
|
||||||
- heat_policy.stat.exists
|
- heat_policy_file is defined
|
||||||
- inventory_hostname in groups[item.value.group]
|
- inventory_hostname in groups[item.value.group]
|
||||||
with_dict: "{{ heat_services }}"
|
with_dict: "{{ heat_services }}"
|
||||||
notify:
|
notify:
|
||||||
|
@ -6,14 +6,13 @@
|
|||||||
"dest": "/etc/heat/heat.conf",
|
"dest": "/etc/heat/heat.conf",
|
||||||
"owner": "heat",
|
"owner": "heat",
|
||||||
"perm": "0600"
|
"perm": "0600"
|
||||||
},
|
}{% if heat_policy_file is defined %},
|
||||||
{
|
{
|
||||||
"source": "{{ container_config_directory }}/policy.json",
|
"source": "{{ container_config_directory }}/{{ heat_policy_file }}",
|
||||||
"dest": "/etc/heat/policy.json",
|
"dest": "/etc/heat/{{ heat_policy_file }}",
|
||||||
"owner": "heat",
|
"owner": "heat",
|
||||||
"perm": "0600",
|
"perm": "0600"
|
||||||
"optional": true
|
}{% endif %}
|
||||||
}
|
|
||||||
],
|
],
|
||||||
"permissions": [
|
"permissions": [
|
||||||
{
|
{
|
||||||
|
@ -6,14 +6,13 @@
|
|||||||
"dest": "/etc/heat/heat.conf",
|
"dest": "/etc/heat/heat.conf",
|
||||||
"owner": "heat",
|
"owner": "heat",
|
||||||
"perm": "0600"
|
"perm": "0600"
|
||||||
},
|
}{% if heat_policy_file is defined %},
|
||||||
{
|
{
|
||||||
"source": "{{ container_config_directory }}/policy.json",
|
"source": "{{ container_config_directory }}/{{ heat_policy_file }}",
|
||||||
"dest": "/etc/heat/policy.json",
|
"dest": "/etc/heat/{{ heat_policy_file }}",
|
||||||
"owner": "heat",
|
"owner": "heat",
|
||||||
"perm": "0600",
|
"perm": "0600"
|
||||||
"optional": true
|
}{% endif %}
|
||||||
}
|
|
||||||
],
|
],
|
||||||
"permissions": [
|
"permissions": [
|
||||||
{
|
{
|
||||||
|
@ -12,14 +12,13 @@
|
|||||||
"dest": "/etc/heat/environment.d/_deprecated.yaml",
|
"dest": "/etc/heat/environment.d/_deprecated.yaml",
|
||||||
"owner": "heat",
|
"owner": "heat",
|
||||||
"perm": "0600"
|
"perm": "0600"
|
||||||
},
|
}{% if heat_policy_file is defined %},
|
||||||
{
|
{
|
||||||
"source": "{{ container_config_directory }}/policy.json",
|
"source": "{{ container_config_directory }}/{{ heat_policy_file }}",
|
||||||
"dest": "/etc/heat/policy.json",
|
"dest": "/etc/heat/{{ heat_policy_file }}",
|
||||||
"owner": "heat",
|
"owner": "heat",
|
||||||
"perm": "0600",
|
"perm": "0600"
|
||||||
"optional": true
|
}{% endif %}
|
||||||
}
|
|
||||||
],
|
],
|
||||||
"permissions": [
|
"permissions": [
|
||||||
{
|
{
|
||||||
|
@ -84,6 +84,11 @@ topics = 'notifications'
|
|||||||
driver = noop
|
driver = noop
|
||||||
{% endif %}
|
{% endif %}
|
||||||
|
|
||||||
|
{% if heat_policy_file is defined %}
|
||||||
|
[oslo_policy]
|
||||||
|
policy_file = {{ heat_policy_file }}
|
||||||
|
{% endif %}
|
||||||
|
|
||||||
[clients]
|
[clients]
|
||||||
endpoint_type = internalURL
|
endpoint_type = internalURL
|
||||||
|
|
||||||
|
@ -11,6 +11,23 @@
|
|||||||
- "ironic-pxe"
|
- "ironic-pxe"
|
||||||
- "ironic-dnsmasq"
|
- "ironic-dnsmasq"
|
||||||
|
|
||||||
|
- name: Check if policies shall be overwritten
|
||||||
|
local_action: stat path="{{ item }}"
|
||||||
|
run_once: True
|
||||||
|
register: ironic_policy
|
||||||
|
with_first_found:
|
||||||
|
- files: "{{ supported_policy_format_list }}"
|
||||||
|
paths:
|
||||||
|
- "{{ node_custom_config }}/ironic/"
|
||||||
|
skip: true
|
||||||
|
|
||||||
|
- name: Set ironic policy file
|
||||||
|
set_fact:
|
||||||
|
ironic_policy_file: "{{ ironic_policy.results.0.stat.path | basename }}"
|
||||||
|
ironic_policy_file_path: "{{ ironic_policy.results.0.stat.path }}"
|
||||||
|
when:
|
||||||
|
- ironic_policy.results
|
||||||
|
|
||||||
- name: Copying over config.json files for services
|
- name: Copying over config.json files for services
|
||||||
template:
|
template:
|
||||||
src: "{{ item }}.json.j2"
|
src: "{{ item }}.json.j2"
|
||||||
@ -99,19 +116,14 @@
|
|||||||
- inventory_hostname in groups['ironic-pxe']
|
- inventory_hostname in groups['ironic-pxe']
|
||||||
- not enable_ironic_pxe_uefi
|
- not enable_ironic_pxe_uefi
|
||||||
|
|
||||||
- name: Check if policies shall be overwritten
|
- name: Copying over existing policy file
|
||||||
local_action: stat path="{{ node_custom_config }}/ironic/policy.json"
|
|
||||||
run_once: True
|
|
||||||
register: ironic_policy
|
|
||||||
|
|
||||||
- name: Copying over existing policy.json
|
|
||||||
template:
|
template:
|
||||||
src: "{{ node_custom_config }}/ironic/policy.json"
|
src: "{{ ironic_policy_file_path }}"
|
||||||
dest: "{{ node_config_directory }}/{{ item }}/policy.json"
|
dest: "{{ node_config_directory }}/{{ item }}/{{ ironic_policy_file }}"
|
||||||
with_items:
|
with_items:
|
||||||
- "ironic-api"
|
- "ironic-api"
|
||||||
- "ironic-conductor"
|
- "ironic-conductor"
|
||||||
- "ironic-inspector"
|
- "ironic-inspector"
|
||||||
- "ironic-pxe"
|
- "ironic-pxe"
|
||||||
when:
|
when:
|
||||||
ironic_policy.stat.exists
|
ironic_policy_file is defined
|
||||||
|
@ -6,14 +6,13 @@
|
|||||||
"dest": "/etc/ironic/ironic.conf",
|
"dest": "/etc/ironic/ironic.conf",
|
||||||
"owner": "ironic",
|
"owner": "ironic",
|
||||||
"perm": "0600"
|
"perm": "0600"
|
||||||
},
|
}{% if ironic_policy_file is defined %},
|
||||||
{
|
{
|
||||||
"source": "{{ container_config_directory }}/policy.json",
|
"source": "{{ container_config_directory }}/{{ ironic_policy_file }}",
|
||||||
"dest": "/etc/ironic/policy.json",
|
"dest": "/etc/ironic/{{ ironic_policy_file }}",
|
||||||
"owner": "ironic",
|
"owner": "ironic",
|
||||||
"perm": "0600",
|
"perm": "0600"
|
||||||
"optional": true
|
}{% endif %}
|
||||||
}
|
|
||||||
],
|
],
|
||||||
"permissions": [
|
"permissions": [
|
||||||
{
|
{
|
||||||
|
@ -6,14 +6,13 @@
|
|||||||
"dest": "/etc/ironic/ironic.conf",
|
"dest": "/etc/ironic/ironic.conf",
|
||||||
"owner": "ironic",
|
"owner": "ironic",
|
||||||
"perm": "0600"
|
"perm": "0600"
|
||||||
},
|
}{% if ironic_policy_file is defined %},
|
||||||
{
|
{
|
||||||
"source": "{{ container_config_directory }}/policy.json",
|
"source": "{{ container_config_directory }}/{{ ironic_policy_file }}",
|
||||||
"dest": "/etc/ironic/policy.json",
|
"dest": "/etc/ironic/{{ ironic_policy_file }}",
|
||||||
"owner": "ironic",
|
"owner": "ironic",
|
||||||
"perm": "0600",
|
"perm": "0600"
|
||||||
"optional": true
|
}{% endif %}
|
||||||
}
|
|
||||||
],
|
],
|
||||||
"permissions": [
|
"permissions": [
|
||||||
{
|
{
|
||||||
|
@ -29,6 +29,11 @@ memcache_security_strategy = ENCRYPT
|
|||||||
memcache_secret_key = {{ memcache_secret_key }}
|
memcache_secret_key = {{ memcache_secret_key }}
|
||||||
memcached_servers = {% for host in groups['memcached'] %}{{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ memcached_port }}{% if not loop.last %},{% endif %}{% endfor %}
|
memcached_servers = {% for host in groups['memcached'] %}{{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ memcached_port }}{% if not loop.last %},{% endif %}{% endfor %}
|
||||||
|
|
||||||
|
{% if ironic_policy_file is defined %}
|
||||||
|
[oslo_policy]
|
||||||
|
policy_file = {{ ironic_policy_file }}
|
||||||
|
{% endif %}
|
||||||
|
|
||||||
[firewall]
|
[firewall]
|
||||||
dnsmasq_interface = {{ ironic_dnsmasq_interface }}
|
dnsmasq_interface = {{ ironic_dnsmasq_interface }}
|
||||||
|
|
||||||
|
@ -6,13 +6,12 @@
|
|||||||
"dest": "/etc/ironic-inspector/inspector.conf",
|
"dest": "/etc/ironic-inspector/inspector.conf",
|
||||||
"owner": "ironic-inspector",
|
"owner": "ironic-inspector",
|
||||||
"perm": "0600"
|
"perm": "0600"
|
||||||
},
|
}{% if ironic_policy_file is defined %},
|
||||||
{
|
{
|
||||||
"source": "{{ container_config_directory }}/policy.json",
|
"source": "{{ container_config_directory }}/{{ ironic_policy_file }}",
|
||||||
"dest": "/etc/ironic-inspector/policy.json",
|
"dest": "/etc/ironic/{{ ironic_policy_file }}",
|
||||||
"owner": "ironic-inspector",
|
"owner": "ironic",
|
||||||
"perm": "0600",
|
"perm": "0600"
|
||||||
"optional": true
|
}{% endif %}
|
||||||
}
|
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
|
@ -20,6 +20,11 @@ transport_url = {{ rpc_transport_url }}
|
|||||||
[oslo_messaging_notifications]
|
[oslo_messaging_notifications]
|
||||||
transport_url = {{ notify_transport_url }}
|
transport_url = {{ notify_transport_url }}
|
||||||
|
|
||||||
|
{% if ironic_policy_file is defined %}
|
||||||
|
[oslo_policy]
|
||||||
|
policy_file = {{ ironic_policy_file }}
|
||||||
|
{% endif %}
|
||||||
|
|
||||||
{% if service_name == 'ironic-api' %}
|
{% if service_name == 'ironic-api' %}
|
||||||
[api]
|
[api]
|
||||||
host_ip = {{ api_interface_address }}
|
host_ip = {{ api_interface_address }}
|
||||||
|
@ -5,7 +5,7 @@
|
|||||||
service: "{{ magnum_services[service_name] }}"
|
service: "{{ magnum_services[service_name] }}"
|
||||||
config_json: "{{ magnum_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
config_json: "{{ magnum_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
magnum_conf: "{{ magnum_confs.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
magnum_conf: "{{ magnum_confs.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
policy_json: "{{ magnum_policy_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
policy_overwriting: "{{ magnum_policy_overwriting.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
magnum_api_container: "{{ check_magnum_containers.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
magnum_api_container: "{{ check_magnum_containers.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
kolla_docker:
|
kolla_docker:
|
||||||
action: "recreate_or_restart_container"
|
action: "recreate_or_restart_container"
|
||||||
@ -20,7 +20,7 @@
|
|||||||
- service.enabled | bool
|
- service.enabled | bool
|
||||||
- config_json.changed | bool
|
- config_json.changed | bool
|
||||||
or magnum_conf.changed | bool
|
or magnum_conf.changed | bool
|
||||||
or policy_json.changed | bool
|
or policy_overwriting.changed | bool
|
||||||
or magnum_api_container.changed | bool
|
or magnum_api_container.changed | bool
|
||||||
|
|
||||||
- name: Restart magnum-conductor container
|
- name: Restart magnum-conductor container
|
||||||
@ -29,7 +29,7 @@
|
|||||||
service: "{{ magnum_services[service_name] }}"
|
service: "{{ magnum_services[service_name] }}"
|
||||||
config_json: "{{ magnum_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
config_json: "{{ magnum_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
magnum_conf: "{{ magnum_confs.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
magnum_conf: "{{ magnum_confs.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
policy_json: "{{ magnum_policy_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
policy_overwriting: "{{ magnum_policy_overwriting.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
magnum_conductor_container: "{{ check_magnum_containers.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
magnum_conductor_container: "{{ check_magnum_containers.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
kolla_docker:
|
kolla_docker:
|
||||||
action: "recreate_or_restart_container"
|
action: "recreate_or_restart_container"
|
||||||
@ -44,5 +44,5 @@
|
|||||||
- service.enabled | bool
|
- service.enabled | bool
|
||||||
- config_json.changed | bool
|
- config_json.changed | bool
|
||||||
or magnum_conf.changed | bool
|
or magnum_conf.changed | bool
|
||||||
or policy_json.changed | bool
|
or policy_overwriting.changed | bool
|
||||||
or magnum_conductor_container.changed | bool
|
or magnum_conductor_container.changed | bool
|
||||||
|
@ -9,6 +9,23 @@
|
|||||||
- item.value.enabled | bool
|
- item.value.enabled | bool
|
||||||
with_dict: "{{ magnum_services }}"
|
with_dict: "{{ magnum_services }}"
|
||||||
|
|
||||||
|
- name: Check if policies shall be overwritten
|
||||||
|
local_action: stat path="{{ item }}"
|
||||||
|
run_once: True
|
||||||
|
register: magnum_policy
|
||||||
|
with_first_found:
|
||||||
|
- files: "{{ supported_policy_format_list }}"
|
||||||
|
paths:
|
||||||
|
- "{{ node_custom_config }}/magnum/"
|
||||||
|
skip: true
|
||||||
|
|
||||||
|
- name: Set magnum policy file
|
||||||
|
set_fact:
|
||||||
|
magnum_policy_file: "{{ magnum_policy.results.0.stat.path | basename }}"
|
||||||
|
magnum_policy_file_path: "{{ magnum_policy.results.0.stat.path }}"
|
||||||
|
when:
|
||||||
|
- magnum_policy.results
|
||||||
|
|
||||||
- name: Copying over config.json files for services
|
- name: Copying over config.json files for services
|
||||||
template:
|
template:
|
||||||
src: "{{ item.key }}.json.j2"
|
src: "{{ item.key }}.json.j2"
|
||||||
@ -42,18 +59,13 @@
|
|||||||
- Restart magnum-api container
|
- Restart magnum-api container
|
||||||
- Restart magnum-conductor container
|
- Restart magnum-conductor container
|
||||||
|
|
||||||
- name: Check if policies shall be overwritten
|
- name: Copying over existing policy file
|
||||||
local_action: stat path="{{ node_custom_config }}/magnum/policy.json"
|
|
||||||
run_once: True
|
|
||||||
register: magnum_policy
|
|
||||||
|
|
||||||
- name: Copying over existing policy.json
|
|
||||||
template:
|
template:
|
||||||
src: "{{ node_custom_config }}/magnum/policy.json"
|
src: "{{ magnum_policy_file_path }}"
|
||||||
dest: "{{ node_config_directory }}/{{ item.key }}/policy.json"
|
dest: "{{ node_config_directory }}/{{ item.key }}/{{ magnum_policy_file }}"
|
||||||
register: magnum_policy_jsons
|
register: magnum_policy_overwriting
|
||||||
when:
|
when:
|
||||||
- magnum_policy.stat.exists
|
- magnum_policy_file is defined
|
||||||
- inventory_hostname in groups[item.value.group]
|
- inventory_hostname in groups[item.value.group]
|
||||||
- item.value.enabled | bool
|
- item.value.enabled | bool
|
||||||
with_dict: "{{ magnum_services }}"
|
with_dict: "{{ magnum_services }}"
|
||||||
|
@ -6,14 +6,13 @@
|
|||||||
"dest": "/etc/magnum/magnum.conf",
|
"dest": "/etc/magnum/magnum.conf",
|
||||||
"owner": "magnum",
|
"owner": "magnum",
|
||||||
"perm": "0600"
|
"perm": "0600"
|
||||||
},
|
}{% if magnum_policy_file is defined %},
|
||||||
{
|
{
|
||||||
"source": "{{ container_config_directory }}/policy.json",
|
"source": "{{ container_config_directory }}/{{ magnum_policy_file }}",
|
||||||
"dest": "/etc/magnum/policy.json",
|
"dest": "/etc/magnum/{{ magnum_policy_file }}",
|
||||||
"owner": "magnum",
|
"owner": "magnum",
|
||||||
"perm": "0600",
|
"perm": "0600"
|
||||||
"optional": true
|
}{% endif %}
|
||||||
}
|
|
||||||
],
|
],
|
||||||
"permissions": [
|
"permissions": [
|
||||||
{
|
{
|
||||||
|
@ -6,14 +6,13 @@
|
|||||||
"dest": "/etc/magnum/magnum.conf",
|
"dest": "/etc/magnum/magnum.conf",
|
||||||
"owner": "magnum",
|
"owner": "magnum",
|
||||||
"perm": "0600"
|
"perm": "0600"
|
||||||
},
|
}{% if magnum_policy_file is defined %},
|
||||||
{
|
{
|
||||||
"source": "{{ container_config_directory }}/policy.json",
|
"source": "{{ container_config_directory }}/{{ magnum_policy_file }}",
|
||||||
"dest": "/etc/magnum/policy.json",
|
"dest": "/etc/magnum/{{ magnum_policy_file }}",
|
||||||
"owner": "magnum",
|
"owner": "magnum",
|
||||||
"perm": "0600",
|
"perm": "0600"
|
||||||
"optional": true
|
}{% endif %}
|
||||||
}
|
|
||||||
],
|
],
|
||||||
"permissions": [
|
"permissions": [
|
||||||
{
|
{
|
||||||
|
@ -93,6 +93,11 @@ topics = 'notifications'
|
|||||||
driver = noop
|
driver = noop
|
||||||
{% endif %}
|
{% endif %}
|
||||||
|
|
||||||
|
{% if magnum_policy_file is defined %}
|
||||||
|
[oslo_policy]
|
||||||
|
policy_file = {{ magnum_policy_file }}
|
||||||
|
{% endif %}
|
||||||
|
|
||||||
{% if enable_osprofiler | bool %}
|
{% if enable_osprofiler | bool %}
|
||||||
[profiler]
|
[profiler]
|
||||||
enabled = true
|
enabled = true
|
||||||
|
@ -5,7 +5,7 @@
|
|||||||
service: "{{ manila_services[service_name] }}"
|
service: "{{ manila_services[service_name] }}"
|
||||||
config_json: "{{ manila_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
config_json: "{{ manila_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
manila_conf: "{{ manila_confs.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
manila_conf: "{{ manila_confs.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
policy_json: "{{ policy_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
policy_overwriting: "{{ manila_policy_overwriting.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
manila_api_container: "{{ check_manila_containers.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
manila_api_container: "{{ check_manila_containers.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
kolla_docker:
|
kolla_docker:
|
||||||
action: "recreate_or_restart_container"
|
action: "recreate_or_restart_container"
|
||||||
@ -19,7 +19,7 @@
|
|||||||
- service.enabled | bool
|
- service.enabled | bool
|
||||||
- config_json.changed | bool
|
- config_json.changed | bool
|
||||||
or manila_conf.changed | bool
|
or manila_conf.changed | bool
|
||||||
or policy_json.changed | bool
|
or policy_overwriting.changed | bool
|
||||||
or manila_api_container.changed | bool
|
or manila_api_container.changed | bool
|
||||||
|
|
||||||
- name: Restart manila-data container
|
- name: Restart manila-data container
|
||||||
@ -28,7 +28,7 @@
|
|||||||
service: "{{ manila_services[service_name] }}"
|
service: "{{ manila_services[service_name] }}"
|
||||||
config_json: "{{ manila_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
config_json: "{{ manila_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
manila_conf: "{{ manila_confs.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
manila_conf: "{{ manila_confs.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
policy_json: "{{ policy_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
policy_overwriting: "{{ manila_policy_overwriting.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
manila_data_container: "{{ check_manila_containers.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
manila_data_container: "{{ check_manila_containers.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
kolla_docker:
|
kolla_docker:
|
||||||
action: "recreate_or_restart_container"
|
action: "recreate_or_restart_container"
|
||||||
@ -43,7 +43,7 @@
|
|||||||
- service.enabled | bool
|
- service.enabled | bool
|
||||||
- config_json.changed | bool
|
- config_json.changed | bool
|
||||||
or manila_conf.changed | bool
|
or manila_conf.changed | bool
|
||||||
or policy_json.changed | bool
|
or policy_overwriting.changed | bool
|
||||||
or manila_data_container.changed | bool
|
or manila_data_container.changed | bool
|
||||||
|
|
||||||
- name: Restart manila-scheduler container
|
- name: Restart manila-scheduler container
|
||||||
@ -52,7 +52,7 @@
|
|||||||
service: "{{ manila_services[service_name] }}"
|
service: "{{ manila_services[service_name] }}"
|
||||||
config_json: "{{ manila_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
config_json: "{{ manila_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
manila_conf: "{{ manila_confs.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
manila_conf: "{{ manila_confs.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
policy_json: "{{ policy_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
policy_overwriting: "{{ manila_policy_overwriting.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
manila_scheduler_container: "{{ check_manila_containers.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
manila_scheduler_container: "{{ check_manila_containers.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
kolla_docker:
|
kolla_docker:
|
||||||
action: "recreate_or_restart_container"
|
action: "recreate_or_restart_container"
|
||||||
@ -66,7 +66,7 @@
|
|||||||
- service.enabled | bool
|
- service.enabled | bool
|
||||||
- config_json.changed | bool
|
- config_json.changed | bool
|
||||||
or manila_conf.changed | bool
|
or manila_conf.changed | bool
|
||||||
or policy_json.changed | bool
|
or policy_overwriting.changed | bool
|
||||||
or manila_scheduler_container.changed | bool
|
or manila_scheduler_container.changed | bool
|
||||||
|
|
||||||
- name: Restart manila-share container
|
- name: Restart manila-share container
|
||||||
@ -74,7 +74,7 @@
|
|||||||
service_name: "manila-share"
|
service_name: "manila-share"
|
||||||
service: "{{ manila_services[service_name] }}"
|
service: "{{ manila_services[service_name] }}"
|
||||||
config_json: "{{ manila_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
config_json: "{{ manila_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
policy_json: "{{ policy_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
policy_overwriting: "{{ manila_policy_overwriting.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
manila_share_container: "{{ check_manila_containers.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
manila_share_container: "{{ check_manila_containers.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
kolla_docker:
|
kolla_docker:
|
||||||
action: "recreate_or_restart_container"
|
action: "recreate_or_restart_container"
|
||||||
@ -89,5 +89,5 @@
|
|||||||
- service.enabled | bool
|
- service.enabled | bool
|
||||||
- config_json.changed | bool
|
- config_json.changed | bool
|
||||||
or manila_conf_share.changed | bool
|
or manila_conf_share.changed | bool
|
||||||
or policy_json.changed | bool
|
or policy_overwriting.changed | bool
|
||||||
or manila_share_container.changed | bool
|
or manila_share_container.changed | bool
|
||||||
|
@ -9,6 +9,23 @@
|
|||||||
- item.value.enabled | bool
|
- item.value.enabled | bool
|
||||||
with_dict: "{{ manila_services }}"
|
with_dict: "{{ manila_services }}"
|
||||||
|
|
||||||
|
- name: Check if policies shall be overwritten
|
||||||
|
local_action: stat path="{{ item }}"
|
||||||
|
run_once: True
|
||||||
|
register: manila_policy
|
||||||
|
with_first_found:
|
||||||
|
- files: "{{ supported_policy_format_list }}"
|
||||||
|
paths:
|
||||||
|
- "{{ node_custom_config }}/manila/"
|
||||||
|
skip: true
|
||||||
|
|
||||||
|
- name: Set manila policy file
|
||||||
|
set_fact:
|
||||||
|
manila_policy_file: "{{ manila_policy.results.0.stat.path | basename }}"
|
||||||
|
manila_policy_file_path: "{{ manila_policy.results.0.stat.path }}"
|
||||||
|
when:
|
||||||
|
- manila_policy.results
|
||||||
|
|
||||||
- name: Copying over config.json files for services
|
- name: Copying over config.json files for services
|
||||||
template:
|
template:
|
||||||
src: "{{ item.key }}.json.j2"
|
src: "{{ item.key }}.json.j2"
|
||||||
@ -66,18 +83,13 @@
|
|||||||
notify:
|
notify:
|
||||||
- Restart manila-share container
|
- Restart manila-share container
|
||||||
|
|
||||||
- name: Check if policies shall be overwritten
|
- name: Copying over existing policy file
|
||||||
local_action: stat path="{{ node_custom_config }}/manila/policy.json"
|
|
||||||
run_once: True
|
|
||||||
register: manila_policy
|
|
||||||
|
|
||||||
- name: Copying over existing policy.json
|
|
||||||
template:
|
template:
|
||||||
src: "{{ node_custom_config }}/manila/policy.json"
|
src: "{{ manila_policy_file_path }}"
|
||||||
dest: "{{ node_config_directory }}/{{ item.key }}/policy.json"
|
dest: "{{ node_config_directory }}/{{ item.key }}/{{ manila_policy_file }}"
|
||||||
register: policy_jsons
|
register: manila_policy_overwriting
|
||||||
when:
|
when:
|
||||||
- manila_policy.stat.exists
|
- manila_policy_file is defined
|
||||||
- inventory_hostname in groups[item.value.group]
|
- inventory_hostname in groups[item.value.group]
|
||||||
- item.value.enabled | bool
|
- item.value.enabled | bool
|
||||||
with_dict: "{{ manila_services }}"
|
with_dict: "{{ manila_services }}"
|
||||||
|
@ -6,14 +6,13 @@
|
|||||||
"dest": "/etc/manila/manila.conf",
|
"dest": "/etc/manila/manila.conf",
|
||||||
"owner": "manila",
|
"owner": "manila",
|
||||||
"perm": "0600"
|
"perm": "0600"
|
||||||
},
|
}{% if manila_policy_file is defined %},
|
||||||
{
|
{
|
||||||
"source": "{{ container_config_directory }}/policy.json",
|
"source": "{{ container_config_directory }}/{{ manila_policy_file }}",
|
||||||
"dest": "/etc/manila/policy.json",
|
"dest": "/etc/manila/{{ manila_policy_file }}",
|
||||||
"owner": "manila",
|
"owner": "manila",
|
||||||
"perm": "0600",
|
"perm": "0600"
|
||||||
"optional": true
|
}{% endif %}
|
||||||
}
|
|
||||||
],
|
],
|
||||||
"permissions": [
|
"permissions": [
|
||||||
{
|
{
|
||||||
|
@ -6,14 +6,13 @@
|
|||||||
"dest": "/etc/manila/manila.conf",
|
"dest": "/etc/manila/manila.conf",
|
||||||
"owner": "manila",
|
"owner": "manila",
|
||||||
"perm": "0600"
|
"perm": "0600"
|
||||||
},
|
}{% if manila_policy_file is defined %},
|
||||||
{
|
{
|
||||||
"source": "{{ container_config_directory }}/policy.json",
|
"source": "{{ container_config_directory }}/{{ manila_policy_file }}",
|
||||||
"dest": "/etc/manila/policy.json",
|
"dest": "/etc/manila/{{ manila_policy_file }}",
|
||||||
"owner": "manila",
|
"owner": "manila",
|
||||||
"perm": "0600",
|
"perm": "0600"
|
||||||
"optional": true
|
}{% endif %}
|
||||||
}
|
|
||||||
],
|
],
|
||||||
"permissions": [
|
"permissions": [
|
||||||
{
|
{
|
||||||
|
@ -6,14 +6,13 @@
|
|||||||
"dest": "/etc/manila/manila.conf",
|
"dest": "/etc/manila/manila.conf",
|
||||||
"owner": "manila",
|
"owner": "manila",
|
||||||
"perm": "0600"
|
"perm": "0600"
|
||||||
},
|
}{% if manila_policy_file is defined %},
|
||||||
{
|
{
|
||||||
"source": "{{ container_config_directory }}/policy.json",
|
"source": "{{ container_config_directory }}/{{ manila_policy_file }}",
|
||||||
"dest": "/etc/manila/policy.json",
|
"dest": "/etc/manila/{{ manila_policy_file }}",
|
||||||
"owner": "manila",
|
"owner": "manila",
|
||||||
"perm": "0600",
|
"perm": "0600"
|
||||||
"optional": true
|
}{% endif %}
|
||||||
}
|
|
||||||
],
|
],
|
||||||
"permissions": [
|
"permissions": [
|
||||||
{
|
{
|
||||||
|
@ -72,6 +72,11 @@ service_image_name = manila-service-image
|
|||||||
share_backend_name = GENERIC
|
share_backend_name = GENERIC
|
||||||
{% endif %}
|
{% endif %}
|
||||||
|
|
||||||
|
{% if manila_policy_file is defined %}
|
||||||
|
[oslo_policy]
|
||||||
|
policy_file = {{ manila_policy_file }}
|
||||||
|
{% endif %}
|
||||||
|
|
||||||
{% if enable_manila_backend_hnas | bool %}
|
{% if enable_manila_backend_hnas | bool %}
|
||||||
[hnas1]
|
[hnas1]
|
||||||
share_backend_name = HNAS1
|
share_backend_name = HNAS1
|
||||||
|
@ -12,14 +12,13 @@
|
|||||||
"dest": "/etc/ceph/",
|
"dest": "/etc/ceph/",
|
||||||
"owner": "manila",
|
"owner": "manila",
|
||||||
"perm": "0600"
|
"perm": "0600"
|
||||||
}{% endif %},
|
}{% endif %}{% if manila_policy_file is defined %},
|
||||||
{
|
{
|
||||||
"source": "{{ container_config_directory }}/policy.json",
|
"source": "{{ container_config_directory }}/{{ manila_policy_file }}",
|
||||||
"dest": "/etc/manila/policy.json",
|
"dest": "/etc/manila/{{ manila_policy_file }}",
|
||||||
"owner": "manila",
|
"owner": "manila",
|
||||||
"perm": "0600",
|
"perm": "0600"
|
||||||
"optional": true
|
}{% endif %}
|
||||||
}
|
|
||||||
],
|
],
|
||||||
"permissions": [
|
"permissions": [
|
||||||
{
|
{
|
||||||
|
@ -44,3 +44,8 @@ memcached_servers = {% for host in groups['memcached'] %}{{ hostvars[host]['ansi
|
|||||||
|
|
||||||
[oslo_messaging_notifications]
|
[oslo_messaging_notifications]
|
||||||
transport_url = {{ notify_transport_url }}
|
transport_url = {{ notify_transport_url }}
|
||||||
|
|
||||||
|
{% if manila_policy_file is defined %}
|
||||||
|
[oslo_policy]
|
||||||
|
policy_file = {{ manila_policy_file }}
|
||||||
|
{% endif %}
|
||||||
|
@ -5,7 +5,7 @@
|
|||||||
service: "{{ mistral_services[service_name] }}"
|
service: "{{ mistral_services[service_name] }}"
|
||||||
config_json: "{{ mistral_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
config_json: "{{ mistral_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
mistral_conf: "{{ mistral_confs.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
mistral_conf: "{{ mistral_confs.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
policy_json: "{{ mistral_policy_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
policy_overwriting: "{{ mistral_policy_overwriting.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
mistral_api_container: "{{ check_mistral_containers.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
mistral_api_container: "{{ check_mistral_containers.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
kolla_docker:
|
kolla_docker:
|
||||||
action: "recreate_or_restart_container"
|
action: "recreate_or_restart_container"
|
||||||
@ -19,7 +19,7 @@
|
|||||||
- service.enabled | bool
|
- service.enabled | bool
|
||||||
- config_json.changed | bool
|
- config_json.changed | bool
|
||||||
or mistral_conf.changed | bool
|
or mistral_conf.changed | bool
|
||||||
or policy_json.changed | bool
|
or policy_overwriting.changed | bool
|
||||||
or mistral_api_container.changed | bool
|
or mistral_api_container.changed | bool
|
||||||
|
|
||||||
- name: Restart mistral-engine container
|
- name: Restart mistral-engine container
|
||||||
@ -28,7 +28,7 @@
|
|||||||
service: "{{ mistral_services[service_name] }}"
|
service: "{{ mistral_services[service_name] }}"
|
||||||
config_json: "{{ mistral_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
config_json: "{{ mistral_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
mistral_conf: "{{ mistral_confs.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
mistral_conf: "{{ mistral_confs.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
policy_json: "{{ mistral_policy_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
policy_overwriting: "{{ mistral_policy_overwriting.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
mistral_engine_container: "{{ check_mistral_containers.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
mistral_engine_container: "{{ check_mistral_containers.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
kolla_docker:
|
kolla_docker:
|
||||||
action: "recreate_or_restart_container"
|
action: "recreate_or_restart_container"
|
||||||
@ -42,7 +42,7 @@
|
|||||||
- service.enabled | bool
|
- service.enabled | bool
|
||||||
- config_json.changed | bool
|
- config_json.changed | bool
|
||||||
or mistral_conf.changed | bool
|
or mistral_conf.changed | bool
|
||||||
or policy_json.changed | bool
|
or policy_overwriting.changed | bool
|
||||||
or mistral_engine_container.changed | bool
|
or mistral_engine_container.changed | bool
|
||||||
|
|
||||||
- name: Restart mistral-executor container
|
- name: Restart mistral-executor container
|
||||||
@ -51,7 +51,7 @@
|
|||||||
service: "{{ mistral_services[service_name] }}"
|
service: "{{ mistral_services[service_name] }}"
|
||||||
config_json: "{{ mistral_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
config_json: "{{ mistral_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
mistral_conf: "{{ mistral_confs.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
mistral_conf: "{{ mistral_confs.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
policy_json: "{{ mistral_policy_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
policy_overwriting: "{{ mistral_policy_overwriting.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
mistral_executor_container: "{{ check_mistral_containers.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
mistral_executor_container: "{{ check_mistral_containers.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
kolla_docker:
|
kolla_docker:
|
||||||
action: "recreate_or_restart_container"
|
action: "recreate_or_restart_container"
|
||||||
@ -65,5 +65,5 @@
|
|||||||
- service.enabled | bool
|
- service.enabled | bool
|
||||||
- config_json.changed | bool
|
- config_json.changed | bool
|
||||||
or mistral_conf.changed | bool
|
or mistral_conf.changed | bool
|
||||||
or policy_json.changed | bool
|
or policy_overwriting.changed | bool
|
||||||
or mistral_executor_container.changed | bool
|
or mistral_executor_container.changed | bool
|
||||||
|
@ -7,6 +7,23 @@
|
|||||||
when: inventory_hostname in groups[item.value.group]
|
when: inventory_hostname in groups[item.value.group]
|
||||||
with_dict: "{{ mistral_services }}"
|
with_dict: "{{ mistral_services }}"
|
||||||
|
|
||||||
|
- name: Check if policies shall be overwritten
|
||||||
|
local_action: stat path="{{ item }}"
|
||||||
|
run_once: True
|
||||||
|
register: mistral_policy
|
||||||
|
with_first_found:
|
||||||
|
- files: "{{ supported_policy_format_list }}"
|
||||||
|
paths:
|
||||||
|
- "{{ node_custom_config }}/mistral/"
|
||||||
|
skip: true
|
||||||
|
|
||||||
|
- name: Set mistral policy file
|
||||||
|
set_fact:
|
||||||
|
mistral_policy_file: "{{ mistral_policy.results.0.stat.path | basename }}"
|
||||||
|
mistral_policy_file_path: "{{ mistral_policy.results.0.stat.path }}"
|
||||||
|
when:
|
||||||
|
- mistral_policy.results
|
||||||
|
|
||||||
- name: Copying over config.json files for services
|
- name: Copying over config.json files for services
|
||||||
template:
|
template:
|
||||||
src: "{{ item.key }}.json.j2"
|
src: "{{ item.key }}.json.j2"
|
||||||
@ -38,18 +55,15 @@
|
|||||||
notify:
|
notify:
|
||||||
- Restart {{ item.key }} container
|
- Restart {{ item.key }} container
|
||||||
|
|
||||||
- name: Check if policies shall be overwritten
|
- name: Copying over existing policy file
|
||||||
local_action: stat path="{{ node_custom_config }}/mistral/policy.json"
|
|
||||||
run_once: True
|
|
||||||
register: mistral_policy
|
|
||||||
|
|
||||||
- name: Copying over existing policy.json
|
|
||||||
template:
|
template:
|
||||||
src: "{{ node_custom_config }}/mistral/policy.json"
|
src: "{{ mistral_policy_file_path }}"
|
||||||
dest: "{{ node_config_directory }}/{{ item.key }}/policy.json"
|
dest: "{{ node_config_directory }}/{{ item.key }}/{{ mistral_policy_file }}"
|
||||||
register: mistral_policy_jsons
|
mode: "0660"
|
||||||
|
become: true
|
||||||
|
register: mistral_policy_overwriting
|
||||||
when:
|
when:
|
||||||
- mistral_policy.stat.exists
|
- mistral_policy_file is defined
|
||||||
- inventory_hostname in groups[item.value.group]
|
- inventory_hostname in groups[item.value.group]
|
||||||
- item.value.enabled | bool
|
- item.value.enabled | bool
|
||||||
with_dict: "{{ mistral_services }}"
|
with_dict: "{{ mistral_services }}"
|
||||||
|
@ -6,14 +6,13 @@
|
|||||||
"dest": "/etc/mistral/mistral.conf",
|
"dest": "/etc/mistral/mistral.conf",
|
||||||
"owner": "mistral",
|
"owner": "mistral",
|
||||||
"perm": "0600"
|
"perm": "0600"
|
||||||
},
|
}{% if mistral_policy_file is defined %},
|
||||||
{
|
{
|
||||||
"source": "{{ container_config_directory }}/policy.json",
|
"source": "{{ container_config_directory }}/{{ mistral_policy_file }}",
|
||||||
"dest": "/etc/mistral/policy.json",
|
"dest": "/etc/mistral/{{ mistral_policy_file }}",
|
||||||
"owner": "mistral",
|
"owner": "mistral",
|
||||||
"perm": "0600",
|
"perm": "0600"
|
||||||
"optional": true
|
}{% endif %}
|
||||||
}
|
|
||||||
],
|
],
|
||||||
"permissions": [
|
"permissions": [
|
||||||
{
|
{
|
||||||
|
@ -6,14 +6,13 @@
|
|||||||
"dest": "/etc/mistral/mistral.conf",
|
"dest": "/etc/mistral/mistral.conf",
|
||||||
"owner": "mistral",
|
"owner": "mistral",
|
||||||
"perm": "0600"
|
"perm": "0600"
|
||||||
},
|
}{% if mistral_policy_file is defined %},
|
||||||
{
|
{
|
||||||
"source": "{{ container_config_directory }}/policy.json",
|
"source": "{{ container_config_directory }}/{{ mistral_policy_file }}",
|
||||||
"dest": "/etc/mistral/policy.json",
|
"dest": "/etc/mistral/{{ mistral_policy_file }}",
|
||||||
"owner": "mistral",
|
"owner": "mistral",
|
||||||
"perm": "0600",
|
"perm": "0600"
|
||||||
"optional": true
|
}{% endif %}
|
||||||
}
|
|
||||||
],
|
],
|
||||||
"permissions": [
|
"permissions": [
|
||||||
{
|
{
|
||||||
|
@ -6,14 +6,13 @@
|
|||||||
"dest": "/etc/mistral/mistral.conf",
|
"dest": "/etc/mistral/mistral.conf",
|
||||||
"owner": "mistral",
|
"owner": "mistral",
|
||||||
"perm": "0600"
|
"perm": "0600"
|
||||||
},
|
}{% if mistral_policy_file is defined %},
|
||||||
{
|
{
|
||||||
"source": "{{ container_config_directory }}/policy.json",
|
"source": "{{ container_config_directory }}/{{ mistral_policy_file }}",
|
||||||
"dest": "/etc/mistral/policy.json",
|
"dest": "/etc/mistral/{{ mistral_policy_file }}",
|
||||||
"owner": "mistral",
|
"owner": "mistral",
|
||||||
"perm": "0600",
|
"perm": "0600"
|
||||||
"optional": true
|
}{% endif %}
|
||||||
}
|
|
||||||
],
|
],
|
||||||
"permissions": [
|
"permissions": [
|
||||||
{
|
{
|
||||||
|
@ -57,6 +57,11 @@ default_region = {{ openstack_region_name }}
|
|||||||
transport_url = {{ notify_transport_url }}
|
transport_url = {{ notify_transport_url }}
|
||||||
driver = noop
|
driver = noop
|
||||||
|
|
||||||
|
{% if mistral_policy_file is defined %}
|
||||||
|
[oslo_policy]
|
||||||
|
policy_file = {{ mistral_policy_file }}
|
||||||
|
{% endif %}
|
||||||
|
|
||||||
{% if enable_osprofiler | bool %}
|
{% if enable_osprofiler | bool %}
|
||||||
[profiler]
|
[profiler]
|
||||||
enabled = true
|
enabled = true
|
||||||
|
Loading…
Reference in New Issue
Block a user