Support policy.yaml file [part 3]

- Heat
- Ironic
- Magum
- Manila
- Mistral

This will copy only yaml or json policy file if they exist.

Change-Id: I1ab71e2758dc99dd6654d433ece79600f0c44ce8
Implements: blueprint support-custom-policy-yaml
Co-authored-By: Duong Ha-Quang <duonghq@vn.fujitsu.com>
This commit is contained in:
Dai Dang Van 2018-01-08 15:13:03 +07:00
parent 574c68b375
commit 35b165c5f1
31 changed files with 246 additions and 164 deletions

View File

@ -5,7 +5,7 @@
service: "{{ heat_services[service_name] }}"
config_json: "{{ heat_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
heat_conf: "{{ heat_confs.results|selectattr('item.key', 'equalto', service_name)|first }}"
policy_json: "{{ heat_policy_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
policy_overwriting: "{{ heat_policy_overwriting.results|selectattr('item.key', 'equalto', service_name)|first }}"
heat_api_container: "{{ check_heat_containers.results|selectattr('item.key', 'equalto', service_name)|first }}"
kolla_docker:
action: "recreate_or_restart_container"
@ -19,7 +19,7 @@
- service.enabled | bool
- config_json.changed | bool
or heat_conf.changed | bool
or policy_json.changed | bool
or policy_overwriting.changed | bool
or heat_api_container.changed | bool
- name: Restart heat-api-cfn container
@ -28,7 +28,7 @@
service: "{{ heat_services[service_name] }}"
config_json: "{{ heat_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
heat_conf: "{{ heat_confs.results|selectattr('item.key', 'equalto', service_name)|first }}"
policy_json: "{{ heat_policy_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
policy_overwriting: "{{ heat_policy_overwriting.results|selectattr('item.key', 'equalto', service_name)|first }}"
heat_api_cfn_container: "{{ check_heat_containers.results|selectattr('item.key', 'equalto', service_name)|first }}"
kolla_docker:
action: "recreate_or_restart_container"
@ -42,7 +42,7 @@
- service.enabled | bool
- config_json.changed | bool
or heat_conf.changed | bool
or policy_json.changed | bool
or policy_overwriting.changed | bool
or heat_api_cfn_container.changed | bool
- name: Restart heat-engine container
@ -51,7 +51,7 @@
service: "{{ heat_services[service_name] }}"
config_json: "{{ heat_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
heat_conf: "{{ heat_confs.results|selectattr('item.key', 'equalto', service_name)|first }}"
policy_json: "{{ heat_policy_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
policy_overwriting: "{{ heat_policy_overwriting.results|selectattr('item.key', 'equalto', service_name)|first }}"
heat_engine_container: "{{ check_heat_containers.results|selectattr('item.key', 'equalto', service_name)|first }}"
kolla_docker:
action: "recreate_or_restart_container"
@ -65,5 +65,5 @@
- service.enabled | bool
- config_json.changed | bool
or heat_conf.changed | bool
or policy_json.changed | bool
or policy_overwriting.changed | bool
or heat_engine_container.changed | bool

View File

@ -13,6 +13,23 @@
- item.value.enabled | bool
with_dict: "{{ heat_services }}"
- name: Check if policies shall be overwritten
local_action: stat path="{{ item }}"
run_once: True
register: heat_policy
with_first_found:
- files: "{{ supported_policy_format_list }}"
paths:
- "{{ node_custom_config }}/heat/"
skip: true
- name: Set heat policy file
set_fact:
heat_policy_file: "{{ heat_policy.results.0.stat.path | basename }}"
heat_policy_file_path: "{{ heat_policy.results.0.stat.path }}"
when:
- heat_policy.results
- name: Copying over config.json files for services
become: true
template:
@ -61,20 +78,15 @@
- Restart heat-api-cfn container
- Restart heat-engine container
- name: Check if policies shall be overwritten
local_action: stat path="{{ node_custom_config }}/heat/policy.json"
run_once: True
register: heat_policy
- name: Copying over existing policy.json
- name: Copying over existing policy file
become: true
template:
src: "{{ node_custom_config }}/heat/policy.json"
dest: "{{ node_config_directory }}/{{ item.key }}/policy.json"
src: "{{ heat_policy_file_path }}"
dest: "{{ node_config_directory }}/{{ item.key }}/{{ heat_policy_file }}"
mode: "0660"
register: heat_policy_jsons
register: heat_policy_overwriting
when:
- heat_policy.stat.exists
- heat_policy_file is defined
- inventory_hostname in groups[item.value.group]
with_dict: "{{ heat_services }}"
notify:

View File

@ -6,14 +6,13 @@
"dest": "/etc/heat/heat.conf",
"owner": "heat",
"perm": "0600"
},
}{% if heat_policy_file is defined %},
{
"source": "{{ container_config_directory }}/policy.json",
"dest": "/etc/heat/policy.json",
"source": "{{ container_config_directory }}/{{ heat_policy_file }}",
"dest": "/etc/heat/{{ heat_policy_file }}",
"owner": "heat",
"perm": "0600",
"optional": true
}
"perm": "0600"
}{% endif %}
],
"permissions": [
{

View File

@ -6,14 +6,13 @@
"dest": "/etc/heat/heat.conf",
"owner": "heat",
"perm": "0600"
},
}{% if heat_policy_file is defined %},
{
"source": "{{ container_config_directory }}/policy.json",
"dest": "/etc/heat/policy.json",
"source": "{{ container_config_directory }}/{{ heat_policy_file }}",
"dest": "/etc/heat/{{ heat_policy_file }}",
"owner": "heat",
"perm": "0600",
"optional": true
}
"perm": "0600"
}{% endif %}
],
"permissions": [
{

View File

@ -12,14 +12,13 @@
"dest": "/etc/heat/environment.d/_deprecated.yaml",
"owner": "heat",
"perm": "0600"
},
}{% if heat_policy_file is defined %},
{
"source": "{{ container_config_directory }}/policy.json",
"dest": "/etc/heat/policy.json",
"source": "{{ container_config_directory }}/{{ heat_policy_file }}",
"dest": "/etc/heat/{{ heat_policy_file }}",
"owner": "heat",
"perm": "0600",
"optional": true
}
"perm": "0600"
}{% endif %}
],
"permissions": [
{

View File

@ -84,6 +84,11 @@ topics = 'notifications'
driver = noop
{% endif %}
{% if heat_policy_file is defined %}
[oslo_policy]
policy_file = {{ heat_policy_file }}
{% endif %}
[clients]
endpoint_type = internalURL

View File

@ -11,6 +11,23 @@
- "ironic-pxe"
- "ironic-dnsmasq"
- name: Check if policies shall be overwritten
local_action: stat path="{{ item }}"
run_once: True
register: ironic_policy
with_first_found:
- files: "{{ supported_policy_format_list }}"
paths:
- "{{ node_custom_config }}/ironic/"
skip: true
- name: Set ironic policy file
set_fact:
ironic_policy_file: "{{ ironic_policy.results.0.stat.path | basename }}"
ironic_policy_file_path: "{{ ironic_policy.results.0.stat.path }}"
when:
- ironic_policy.results
- name: Copying over config.json files for services
template:
src: "{{ item }}.json.j2"
@ -99,19 +116,14 @@
- inventory_hostname in groups['ironic-pxe']
- not enable_ironic_pxe_uefi
- name: Check if policies shall be overwritten
local_action: stat path="{{ node_custom_config }}/ironic/policy.json"
run_once: True
register: ironic_policy
- name: Copying over existing policy.json
- name: Copying over existing policy file
template:
src: "{{ node_custom_config }}/ironic/policy.json"
dest: "{{ node_config_directory }}/{{ item }}/policy.json"
src: "{{ ironic_policy_file_path }}"
dest: "{{ node_config_directory }}/{{ item }}/{{ ironic_policy_file }}"
with_items:
- "ironic-api"
- "ironic-conductor"
- "ironic-inspector"
- "ironic-pxe"
when:
ironic_policy.stat.exists
ironic_policy_file is defined

View File

@ -6,14 +6,13 @@
"dest": "/etc/ironic/ironic.conf",
"owner": "ironic",
"perm": "0600"
},
}{% if ironic_policy_file is defined %},
{
"source": "{{ container_config_directory }}/policy.json",
"dest": "/etc/ironic/policy.json",
"source": "{{ container_config_directory }}/{{ ironic_policy_file }}",
"dest": "/etc/ironic/{{ ironic_policy_file }}",
"owner": "ironic",
"perm": "0600",
"optional": true
}
"perm": "0600"
}{% endif %}
],
"permissions": [
{

View File

@ -6,14 +6,13 @@
"dest": "/etc/ironic/ironic.conf",
"owner": "ironic",
"perm": "0600"
},
}{% if ironic_policy_file is defined %},
{
"source": "{{ container_config_directory }}/policy.json",
"dest": "/etc/ironic/policy.json",
"source": "{{ container_config_directory }}/{{ ironic_policy_file }}",
"dest": "/etc/ironic/{{ ironic_policy_file }}",
"owner": "ironic",
"perm": "0600",
"optional": true
}
"perm": "0600"
}{% endif %}
],
"permissions": [
{

View File

@ -29,6 +29,11 @@ memcache_security_strategy = ENCRYPT
memcache_secret_key = {{ memcache_secret_key }}
memcached_servers = {% for host in groups['memcached'] %}{{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ memcached_port }}{% if not loop.last %},{% endif %}{% endfor %}
{% if ironic_policy_file is defined %}
[oslo_policy]
policy_file = {{ ironic_policy_file }}
{% endif %}
[firewall]
dnsmasq_interface = {{ ironic_dnsmasq_interface }}

View File

@ -6,13 +6,12 @@
"dest": "/etc/ironic-inspector/inspector.conf",
"owner": "ironic-inspector",
"perm": "0600"
},
}{% if ironic_policy_file is defined %},
{
"source": "{{ container_config_directory }}/policy.json",
"dest": "/etc/ironic-inspector/policy.json",
"owner": "ironic-inspector",
"perm": "0600",
"optional": true
}
"source": "{{ container_config_directory }}/{{ ironic_policy_file }}",
"dest": "/etc/ironic/{{ ironic_policy_file }}",
"owner": "ironic",
"perm": "0600"
}{% endif %}
]
}

View File

@ -20,6 +20,11 @@ transport_url = {{ rpc_transport_url }}
[oslo_messaging_notifications]
transport_url = {{ notify_transport_url }}
{% if ironic_policy_file is defined %}
[oslo_policy]
policy_file = {{ ironic_policy_file }}
{% endif %}
{% if service_name == 'ironic-api' %}
[api]
host_ip = {{ api_interface_address }}

View File

@ -5,7 +5,7 @@
service: "{{ magnum_services[service_name] }}"
config_json: "{{ magnum_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
magnum_conf: "{{ magnum_confs.results|selectattr('item.key', 'equalto', service_name)|first }}"
policy_json: "{{ magnum_policy_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
policy_overwriting: "{{ magnum_policy_overwriting.results|selectattr('item.key', 'equalto', service_name)|first }}"
magnum_api_container: "{{ check_magnum_containers.results|selectattr('item.key', 'equalto', service_name)|first }}"
kolla_docker:
action: "recreate_or_restart_container"
@ -20,7 +20,7 @@
- service.enabled | bool
- config_json.changed | bool
or magnum_conf.changed | bool
or policy_json.changed | bool
or policy_overwriting.changed | bool
or magnum_api_container.changed | bool
- name: Restart magnum-conductor container
@ -29,7 +29,7 @@
service: "{{ magnum_services[service_name] }}"
config_json: "{{ magnum_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
magnum_conf: "{{ magnum_confs.results|selectattr('item.key', 'equalto', service_name)|first }}"
policy_json: "{{ magnum_policy_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
policy_overwriting: "{{ magnum_policy_overwriting.results|selectattr('item.key', 'equalto', service_name)|first }}"
magnum_conductor_container: "{{ check_magnum_containers.results|selectattr('item.key', 'equalto', service_name)|first }}"
kolla_docker:
action: "recreate_or_restart_container"
@ -44,5 +44,5 @@
- service.enabled | bool
- config_json.changed | bool
or magnum_conf.changed | bool
or policy_json.changed | bool
or policy_overwriting.changed | bool
or magnum_conductor_container.changed | bool

View File

@ -9,6 +9,23 @@
- item.value.enabled | bool
with_dict: "{{ magnum_services }}"
- name: Check if policies shall be overwritten
local_action: stat path="{{ item }}"
run_once: True
register: magnum_policy
with_first_found:
- files: "{{ supported_policy_format_list }}"
paths:
- "{{ node_custom_config }}/magnum/"
skip: true
- name: Set magnum policy file
set_fact:
magnum_policy_file: "{{ magnum_policy.results.0.stat.path | basename }}"
magnum_policy_file_path: "{{ magnum_policy.results.0.stat.path }}"
when:
- magnum_policy.results
- name: Copying over config.json files for services
template:
src: "{{ item.key }}.json.j2"
@ -42,18 +59,13 @@
- Restart magnum-api container
- Restart magnum-conductor container
- name: Check if policies shall be overwritten
local_action: stat path="{{ node_custom_config }}/magnum/policy.json"
run_once: True
register: magnum_policy
- name: Copying over existing policy.json
- name: Copying over existing policy file
template:
src: "{{ node_custom_config }}/magnum/policy.json"
dest: "{{ node_config_directory }}/{{ item.key }}/policy.json"
register: magnum_policy_jsons
src: "{{ magnum_policy_file_path }}"
dest: "{{ node_config_directory }}/{{ item.key }}/{{ magnum_policy_file }}"
register: magnum_policy_overwriting
when:
- magnum_policy.stat.exists
- magnum_policy_file is defined
- inventory_hostname in groups[item.value.group]
- item.value.enabled | bool
with_dict: "{{ magnum_services }}"

View File

@ -6,14 +6,13 @@
"dest": "/etc/magnum/magnum.conf",
"owner": "magnum",
"perm": "0600"
},
}{% if magnum_policy_file is defined %},
{
"source": "{{ container_config_directory }}/policy.json",
"dest": "/etc/magnum/policy.json",
"source": "{{ container_config_directory }}/{{ magnum_policy_file }}",
"dest": "/etc/magnum/{{ magnum_policy_file }}",
"owner": "magnum",
"perm": "0600",
"optional": true
}
"perm": "0600"
}{% endif %}
],
"permissions": [
{

View File

@ -6,14 +6,13 @@
"dest": "/etc/magnum/magnum.conf",
"owner": "magnum",
"perm": "0600"
},
}{% if magnum_policy_file is defined %},
{
"source": "{{ container_config_directory }}/policy.json",
"dest": "/etc/magnum/policy.json",
"source": "{{ container_config_directory }}/{{ magnum_policy_file }}",
"dest": "/etc/magnum/{{ magnum_policy_file }}",
"owner": "magnum",
"perm": "0600",
"optional": true
}
"perm": "0600"
}{% endif %}
],
"permissions": [
{

View File

@ -93,6 +93,11 @@ topics = 'notifications'
driver = noop
{% endif %}
{% if magnum_policy_file is defined %}
[oslo_policy]
policy_file = {{ magnum_policy_file }}
{% endif %}
{% if enable_osprofiler | bool %}
[profiler]
enabled = true

View File

@ -5,7 +5,7 @@
service: "{{ manila_services[service_name] }}"
config_json: "{{ manila_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
manila_conf: "{{ manila_confs.results|selectattr('item.key', 'equalto', service_name)|first }}"
policy_json: "{{ policy_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
policy_overwriting: "{{ manila_policy_overwriting.results|selectattr('item.key', 'equalto', service_name)|first }}"
manila_api_container: "{{ check_manila_containers.results|selectattr('item.key', 'equalto', service_name)|first }}"
kolla_docker:
action: "recreate_or_restart_container"
@ -19,7 +19,7 @@
- service.enabled | bool
- config_json.changed | bool
or manila_conf.changed | bool
or policy_json.changed | bool
or policy_overwriting.changed | bool
or manila_api_container.changed | bool
- name: Restart manila-data container
@ -28,7 +28,7 @@
service: "{{ manila_services[service_name] }}"
config_json: "{{ manila_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
manila_conf: "{{ manila_confs.results|selectattr('item.key', 'equalto', service_name)|first }}"
policy_json: "{{ policy_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
policy_overwriting: "{{ manila_policy_overwriting.results|selectattr('item.key', 'equalto', service_name)|first }}"
manila_data_container: "{{ check_manila_containers.results|selectattr('item.key', 'equalto', service_name)|first }}"
kolla_docker:
action: "recreate_or_restart_container"
@ -43,7 +43,7 @@
- service.enabled | bool
- config_json.changed | bool
or manila_conf.changed | bool
or policy_json.changed | bool
or policy_overwriting.changed | bool
or manila_data_container.changed | bool
- name: Restart manila-scheduler container
@ -52,7 +52,7 @@
service: "{{ manila_services[service_name] }}"
config_json: "{{ manila_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
manila_conf: "{{ manila_confs.results|selectattr('item.key', 'equalto', service_name)|first }}"
policy_json: "{{ policy_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
policy_overwriting: "{{ manila_policy_overwriting.results|selectattr('item.key', 'equalto', service_name)|first }}"
manila_scheduler_container: "{{ check_manila_containers.results|selectattr('item.key', 'equalto', service_name)|first }}"
kolla_docker:
action: "recreate_or_restart_container"
@ -66,7 +66,7 @@
- service.enabled | bool
- config_json.changed | bool
or manila_conf.changed | bool
or policy_json.changed | bool
or policy_overwriting.changed | bool
or manila_scheduler_container.changed | bool
- name: Restart manila-share container
@ -74,7 +74,7 @@
service_name: "manila-share"
service: "{{ manila_services[service_name] }}"
config_json: "{{ manila_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
policy_json: "{{ policy_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
policy_overwriting: "{{ manila_policy_overwriting.results|selectattr('item.key', 'equalto', service_name)|first }}"
manila_share_container: "{{ check_manila_containers.results|selectattr('item.key', 'equalto', service_name)|first }}"
kolla_docker:
action: "recreate_or_restart_container"
@ -89,5 +89,5 @@
- service.enabled | bool
- config_json.changed | bool
or manila_conf_share.changed | bool
or policy_json.changed | bool
or policy_overwriting.changed | bool
or manila_share_container.changed | bool

View File

@ -9,6 +9,23 @@
- item.value.enabled | bool
with_dict: "{{ manila_services }}"
- name: Check if policies shall be overwritten
local_action: stat path="{{ item }}"
run_once: True
register: manila_policy
with_first_found:
- files: "{{ supported_policy_format_list }}"
paths:
- "{{ node_custom_config }}/manila/"
skip: true
- name: Set manila policy file
set_fact:
manila_policy_file: "{{ manila_policy.results.0.stat.path | basename }}"
manila_policy_file_path: "{{ manila_policy.results.0.stat.path }}"
when:
- manila_policy.results
- name: Copying over config.json files for services
template:
src: "{{ item.key }}.json.j2"
@ -66,18 +83,13 @@
notify:
- Restart manila-share container
- name: Check if policies shall be overwritten
local_action: stat path="{{ node_custom_config }}/manila/policy.json"
run_once: True
register: manila_policy
- name: Copying over existing policy.json
- name: Copying over existing policy file
template:
src: "{{ node_custom_config }}/manila/policy.json"
dest: "{{ node_config_directory }}/{{ item.key }}/policy.json"
register: policy_jsons
src: "{{ manila_policy_file_path }}"
dest: "{{ node_config_directory }}/{{ item.key }}/{{ manila_policy_file }}"
register: manila_policy_overwriting
when:
- manila_policy.stat.exists
- manila_policy_file is defined
- inventory_hostname in groups[item.value.group]
- item.value.enabled | bool
with_dict: "{{ manila_services }}"

View File

@ -6,14 +6,13 @@
"dest": "/etc/manila/manila.conf",
"owner": "manila",
"perm": "0600"
},
}{% if manila_policy_file is defined %},
{
"source": "{{ container_config_directory }}/policy.json",
"dest": "/etc/manila/policy.json",
"source": "{{ container_config_directory }}/{{ manila_policy_file }}",
"dest": "/etc/manila/{{ manila_policy_file }}",
"owner": "manila",
"perm": "0600",
"optional": true
}
"perm": "0600"
}{% endif %}
],
"permissions": [
{

View File

@ -6,14 +6,13 @@
"dest": "/etc/manila/manila.conf",
"owner": "manila",
"perm": "0600"
},
}{% if manila_policy_file is defined %},
{
"source": "{{ container_config_directory }}/policy.json",
"dest": "/etc/manila/policy.json",
"source": "{{ container_config_directory }}/{{ manila_policy_file }}",
"dest": "/etc/manila/{{ manila_policy_file }}",
"owner": "manila",
"perm": "0600",
"optional": true
}
"perm": "0600"
}{% endif %}
],
"permissions": [
{

View File

@ -6,14 +6,13 @@
"dest": "/etc/manila/manila.conf",
"owner": "manila",
"perm": "0600"
},
}{% if manila_policy_file is defined %},
{
"source": "{{ container_config_directory }}/policy.json",
"dest": "/etc/manila/policy.json",
"source": "{{ container_config_directory }}/{{ manila_policy_file }}",
"dest": "/etc/manila/{{ manila_policy_file }}",
"owner": "manila",
"perm": "0600",
"optional": true
}
"perm": "0600"
}{% endif %}
],
"permissions": [
{

View File

@ -72,6 +72,11 @@ service_image_name = manila-service-image
share_backend_name = GENERIC
{% endif %}
{% if manila_policy_file is defined %}
[oslo_policy]
policy_file = {{ manila_policy_file }}
{% endif %}
{% if enable_manila_backend_hnas | bool %}
[hnas1]
share_backend_name = HNAS1

View File

@ -12,14 +12,13 @@
"dest": "/etc/ceph/",
"owner": "manila",
"perm": "0600"
}{% endif %},
}{% endif %}{% if manila_policy_file is defined %},
{
"source": "{{ container_config_directory }}/policy.json",
"dest": "/etc/manila/policy.json",
"source": "{{ container_config_directory }}/{{ manila_policy_file }}",
"dest": "/etc/manila/{{ manila_policy_file }}",
"owner": "manila",
"perm": "0600",
"optional": true
}
"perm": "0600"
}{% endif %}
],
"permissions": [
{

View File

@ -44,3 +44,8 @@ memcached_servers = {% for host in groups['memcached'] %}{{ hostvars[host]['ansi
[oslo_messaging_notifications]
transport_url = {{ notify_transport_url }}
{% if manila_policy_file is defined %}
[oslo_policy]
policy_file = {{ manila_policy_file }}
{% endif %}

View File

@ -5,7 +5,7 @@
service: "{{ mistral_services[service_name] }}"
config_json: "{{ mistral_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
mistral_conf: "{{ mistral_confs.results|selectattr('item.key', 'equalto', service_name)|first }}"
policy_json: "{{ mistral_policy_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
policy_overwriting: "{{ mistral_policy_overwriting.results|selectattr('item.key', 'equalto', service_name)|first }}"
mistral_api_container: "{{ check_mistral_containers.results|selectattr('item.key', 'equalto', service_name)|first }}"
kolla_docker:
action: "recreate_or_restart_container"
@ -19,7 +19,7 @@
- service.enabled | bool
- config_json.changed | bool
or mistral_conf.changed | bool
or policy_json.changed | bool
or policy_overwriting.changed | bool
or mistral_api_container.changed | bool
- name: Restart mistral-engine container
@ -28,7 +28,7 @@
service: "{{ mistral_services[service_name] }}"
config_json: "{{ mistral_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
mistral_conf: "{{ mistral_confs.results|selectattr('item.key', 'equalto', service_name)|first }}"
policy_json: "{{ mistral_policy_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
policy_overwriting: "{{ mistral_policy_overwriting.results|selectattr('item.key', 'equalto', service_name)|first }}"
mistral_engine_container: "{{ check_mistral_containers.results|selectattr('item.key', 'equalto', service_name)|first }}"
kolla_docker:
action: "recreate_or_restart_container"
@ -42,7 +42,7 @@
- service.enabled | bool
- config_json.changed | bool
or mistral_conf.changed | bool
or policy_json.changed | bool
or policy_overwriting.changed | bool
or mistral_engine_container.changed | bool
- name: Restart mistral-executor container
@ -51,7 +51,7 @@
service: "{{ mistral_services[service_name] }}"
config_json: "{{ mistral_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
mistral_conf: "{{ mistral_confs.results|selectattr('item.key', 'equalto', service_name)|first }}"
policy_json: "{{ mistral_policy_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
policy_overwriting: "{{ mistral_policy_overwriting.results|selectattr('item.key', 'equalto', service_name)|first }}"
mistral_executor_container: "{{ check_mistral_containers.results|selectattr('item.key', 'equalto', service_name)|first }}"
kolla_docker:
action: "recreate_or_restart_container"
@ -65,5 +65,5 @@
- service.enabled | bool
- config_json.changed | bool
or mistral_conf.changed | bool
or policy_json.changed | bool
or policy_overwriting.changed | bool
or mistral_executor_container.changed | bool

View File

@ -7,6 +7,23 @@
when: inventory_hostname in groups[item.value.group]
with_dict: "{{ mistral_services }}"
- name: Check if policies shall be overwritten
local_action: stat path="{{ item }}"
run_once: True
register: mistral_policy
with_first_found:
- files: "{{ supported_policy_format_list }}"
paths:
- "{{ node_custom_config }}/mistral/"
skip: true
- name: Set mistral policy file
set_fact:
mistral_policy_file: "{{ mistral_policy.results.0.stat.path | basename }}"
mistral_policy_file_path: "{{ mistral_policy.results.0.stat.path }}"
when:
- mistral_policy.results
- name: Copying over config.json files for services
template:
src: "{{ item.key }}.json.j2"
@ -38,18 +55,15 @@
notify:
- Restart {{ item.key }} container
- name: Check if policies shall be overwritten
local_action: stat path="{{ node_custom_config }}/mistral/policy.json"
run_once: True
register: mistral_policy
- name: Copying over existing policy.json
- name: Copying over existing policy file
template:
src: "{{ node_custom_config }}/mistral/policy.json"
dest: "{{ node_config_directory }}/{{ item.key }}/policy.json"
register: mistral_policy_jsons
src: "{{ mistral_policy_file_path }}"
dest: "{{ node_config_directory }}/{{ item.key }}/{{ mistral_policy_file }}"
mode: "0660"
become: true
register: mistral_policy_overwriting
when:
- mistral_policy.stat.exists
- mistral_policy_file is defined
- inventory_hostname in groups[item.value.group]
- item.value.enabled | bool
with_dict: "{{ mistral_services }}"

View File

@ -6,14 +6,13 @@
"dest": "/etc/mistral/mistral.conf",
"owner": "mistral",
"perm": "0600"
},
}{% if mistral_policy_file is defined %},
{
"source": "{{ container_config_directory }}/policy.json",
"dest": "/etc/mistral/policy.json",
"source": "{{ container_config_directory }}/{{ mistral_policy_file }}",
"dest": "/etc/mistral/{{ mistral_policy_file }}",
"owner": "mistral",
"perm": "0600",
"optional": true
}
"perm": "0600"
}{% endif %}
],
"permissions": [
{

View File

@ -6,14 +6,13 @@
"dest": "/etc/mistral/mistral.conf",
"owner": "mistral",
"perm": "0600"
},
}{% if mistral_policy_file is defined %},
{
"source": "{{ container_config_directory }}/policy.json",
"dest": "/etc/mistral/policy.json",
"source": "{{ container_config_directory }}/{{ mistral_policy_file }}",
"dest": "/etc/mistral/{{ mistral_policy_file }}",
"owner": "mistral",
"perm": "0600",
"optional": true
}
"perm": "0600"
}{% endif %}
],
"permissions": [
{

View File

@ -6,14 +6,13 @@
"dest": "/etc/mistral/mistral.conf",
"owner": "mistral",
"perm": "0600"
},
}{% if mistral_policy_file is defined %},
{
"source": "{{ container_config_directory }}/policy.json",
"dest": "/etc/mistral/policy.json",
"source": "{{ container_config_directory }}/{{ mistral_policy_file }}",
"dest": "/etc/mistral/{{ mistral_policy_file }}",
"owner": "mistral",
"perm": "0600",
"optional": true
}
"perm": "0600"
}{% endif %}
],
"permissions": [
{

View File

@ -57,6 +57,11 @@ default_region = {{ openstack_region_name }}
transport_url = {{ notify_transport_url }}
driver = noop
{% if mistral_policy_file is defined %}
[oslo_policy]
policy_file = {{ mistral_policy_file }}
{% endif %}
{% if enable_osprofiler | bool %}
[profiler]
enabled = true