Refactor copy certificates task
Refactor service configuration to use the copy certificates task. This reduces code duplication and simplifies implementing encrypting backend HAProxy traffic for individual services. Change-Id: I0474324b60a5f792ef5210ab336639edf7a8cd9e
This commit is contained in:
parent
8cc58e3669
commit
4d155d69cd
@ -45,19 +45,9 @@
|
|||||||
notify:
|
notify:
|
||||||
- "Restart {{ item.key }} container"
|
- "Restart {{ item.key }} container"
|
||||||
|
|
||||||
- name: Copying over extra CA certificates
|
- include_tasks: copy-certs.yml
|
||||||
become: true
|
|
||||||
copy:
|
|
||||||
src: "{{ node_config }}/certificates/ca/"
|
|
||||||
dest: "{{ node_config_directory }}/{{ item.key }}/ca-certificates"
|
|
||||||
mode: "0644"
|
|
||||||
when:
|
when:
|
||||||
- item.value.enabled | bool
|
|
||||||
- inventory_hostname in groups[item.value.group]
|
|
||||||
- kolla_copy_ca_into_containers | bool
|
- kolla_copy_ca_into_containers | bool
|
||||||
with_dict: "{{ aodh_services }}"
|
|
||||||
notify:
|
|
||||||
- "Restart {{ item.key }} container"
|
|
||||||
|
|
||||||
- name: Copying over config.json files for services
|
- name: Copying over config.json files for services
|
||||||
template:
|
template:
|
||||||
|
6
ansible/roles/aodh/tasks/copy-certs.yml
Normal file
6
ansible/roles/aodh/tasks/copy-certs.yml
Normal file
@ -0,0 +1,6 @@
|
|||||||
|
---
|
||||||
|
- name: "Copy certificates and keys for {{ project_name }}"
|
||||||
|
import_role:
|
||||||
|
role: service-cert-copy
|
||||||
|
vars:
|
||||||
|
project_services: "{{ aodh_services }}"
|
@ -47,19 +47,9 @@
|
|||||||
when:
|
when:
|
||||||
- barbican_policy.results
|
- barbican_policy.results
|
||||||
|
|
||||||
- name: Copying over extra CA certificates
|
- include_tasks: copy-certs.yml
|
||||||
become: true
|
|
||||||
copy:
|
|
||||||
src: "{{ node_config }}/certificates/ca/"
|
|
||||||
dest: "{{ node_config_directory }}/{{ item.key }}/ca-certificates"
|
|
||||||
mode: "0644"
|
|
||||||
when:
|
when:
|
||||||
- inventory_hostname in groups[item.value.group]
|
|
||||||
- item.value.enabled | bool
|
|
||||||
- kolla_copy_ca_into_containers | bool
|
- kolla_copy_ca_into_containers | bool
|
||||||
with_dict: "{{ barbican_services }}"
|
|
||||||
notify:
|
|
||||||
- "Restart {{ item.key }} container"
|
|
||||||
|
|
||||||
- name: Copying over config.json files for services
|
- name: Copying over config.json files for services
|
||||||
template:
|
template:
|
||||||
|
6
ansible/roles/barbican/tasks/copy-certs.yml
Normal file
6
ansible/roles/barbican/tasks/copy-certs.yml
Normal file
@ -0,0 +1,6 @@
|
|||||||
|
---
|
||||||
|
- name: "Copy certificates and keys for {{ project_name }}"
|
||||||
|
import_role:
|
||||||
|
role: service-cert-copy
|
||||||
|
vars:
|
||||||
|
project_services: "{{ barbican_services }}"
|
@ -31,19 +31,9 @@
|
|||||||
when:
|
when:
|
||||||
- blazar_policy.results
|
- blazar_policy.results
|
||||||
|
|
||||||
- name: Copying over extra CA certificates
|
- include_tasks: copy-certs.yml
|
||||||
become: true
|
|
||||||
copy:
|
|
||||||
src: "{{ node_config }}/certificates/ca/"
|
|
||||||
dest: "{{ node_config_directory }}/{{ item.key }}/ca-certificates"
|
|
||||||
mode: "0644"
|
|
||||||
when:
|
when:
|
||||||
- inventory_hostname in groups[item.value.group]
|
|
||||||
- item.value.enabled | bool
|
|
||||||
- kolla_copy_ca_into_containers | bool
|
- kolla_copy_ca_into_containers | bool
|
||||||
with_dict: "{{ blazar_services }}"
|
|
||||||
notify:
|
|
||||||
- "Restart {{ item.key }} container"
|
|
||||||
|
|
||||||
- name: Copying over config.json files for services
|
- name: Copying over config.json files for services
|
||||||
template:
|
template:
|
||||||
|
6
ansible/roles/blazar/tasks/copy-certs.yml
Normal file
6
ansible/roles/blazar/tasks/copy-certs.yml
Normal file
@ -0,0 +1,6 @@
|
|||||||
|
---
|
||||||
|
- name: "Copy certificates and keys for {{ project_name }}"
|
||||||
|
import_role:
|
||||||
|
role: service-cert-copy
|
||||||
|
vars:
|
||||||
|
project_services: "{{ blazar_services }}"
|
@ -136,19 +136,9 @@
|
|||||||
when:
|
when:
|
||||||
- ceilometer_policy.results
|
- ceilometer_policy.results
|
||||||
|
|
||||||
- name: Copying over extra CA certificates
|
- include_tasks: copy-certs.yml
|
||||||
become: true
|
|
||||||
copy:
|
|
||||||
src: "{{ node_config }}/certificates/ca/"
|
|
||||||
dest: "{{ node_config_directory }}/{{ item.key }}/ca-certificates"
|
|
||||||
mode: "0644"
|
|
||||||
when:
|
when:
|
||||||
- inventory_hostname in groups[item.value.group]
|
|
||||||
- item.value.enabled | bool
|
|
||||||
- kolla_copy_ca_into_containers | bool
|
- kolla_copy_ca_into_containers | bool
|
||||||
with_dict: "{{ ceilometer_services }}"
|
|
||||||
notify:
|
|
||||||
- "Restart {{ item.key }} container"
|
|
||||||
|
|
||||||
- name: Copying over config.json files for services
|
- name: Copying over config.json files for services
|
||||||
template:
|
template:
|
||||||
|
6
ansible/roles/ceilometer/tasks/copy-certs.yml
Normal file
6
ansible/roles/ceilometer/tasks/copy-certs.yml
Normal file
@ -0,0 +1,6 @@
|
|||||||
|
---
|
||||||
|
- name: "Copy certificates and keys for {{ project_name }}"
|
||||||
|
import_role:
|
||||||
|
role: service-cert-copy
|
||||||
|
vars:
|
||||||
|
project_services: "{{ ceilometer_services }}"
|
@ -37,19 +37,9 @@
|
|||||||
when:
|
when:
|
||||||
- cinder_policy.results
|
- cinder_policy.results
|
||||||
|
|
||||||
- name: Copying over extra CA certificates
|
- include_tasks: copy-certs.yml
|
||||||
become: true
|
|
||||||
copy:
|
|
||||||
src: "{{ node_config }}/certificates/ca/"
|
|
||||||
dest: "{{ node_config_directory }}/{{ item.key }}/ca-certificates"
|
|
||||||
mode: "0644"
|
|
||||||
when:
|
when:
|
||||||
- inventory_hostname in groups[item.value.group]
|
|
||||||
- item.value.enabled | bool
|
|
||||||
- kolla_copy_ca_into_containers | bool
|
- kolla_copy_ca_into_containers | bool
|
||||||
with_dict: "{{ cinder_services }}"
|
|
||||||
notify:
|
|
||||||
- "Restart {{ item.key }} container"
|
|
||||||
|
|
||||||
- name: Copying over config.json files for services
|
- name: Copying over config.json files for services
|
||||||
template:
|
template:
|
||||||
|
6
ansible/roles/cinder/tasks/copy-certs.yml
Normal file
6
ansible/roles/cinder/tasks/copy-certs.yml
Normal file
@ -0,0 +1,6 @@
|
|||||||
|
---
|
||||||
|
- name: "Copy certificates and keys for {{ project_name }}"
|
||||||
|
import_role:
|
||||||
|
role: service-cert-copy
|
||||||
|
vars:
|
||||||
|
project_services: "{{ cinder_services }}"
|
@ -55,19 +55,9 @@
|
|||||||
set_fact:
|
set_fact:
|
||||||
cloudkitty_custom_metrics_used: "{{ cloudkitty_custom_metrics_file.stat.exists }}"
|
cloudkitty_custom_metrics_used: "{{ cloudkitty_custom_metrics_file.stat.exists }}"
|
||||||
|
|
||||||
- name: Copying over extra CA certificates
|
- include_tasks: copy-certs.yml
|
||||||
become: true
|
|
||||||
copy:
|
|
||||||
src: "{{ node_config }}/certificates/ca/"
|
|
||||||
dest: "{{ node_config_directory }}/{{ item.key }}/ca-certificates"
|
|
||||||
mode: "0644"
|
|
||||||
when:
|
when:
|
||||||
- item.value.enabled | bool
|
|
||||||
- inventory_hostname in groups[item.value.group]
|
|
||||||
- kolla_copy_ca_into_containers | bool
|
- kolla_copy_ca_into_containers | bool
|
||||||
with_dict: "{{ cloudkitty_services }}"
|
|
||||||
notify:
|
|
||||||
- "Restart {{ item.key }} container"
|
|
||||||
|
|
||||||
- name: Copying over config.json files for services
|
- name: Copying over config.json files for services
|
||||||
template:
|
template:
|
||||||
|
6
ansible/roles/cloudkitty/tasks/copy-certs.yml
Normal file
6
ansible/roles/cloudkitty/tasks/copy-certs.yml
Normal file
@ -0,0 +1,6 @@
|
|||||||
|
---
|
||||||
|
- name: "Copy certificates and keys for {{ project_name }}"
|
||||||
|
import_role:
|
||||||
|
role: service-cert-copy
|
||||||
|
vars:
|
||||||
|
project_services: "{{ cloudkitty_services }}"
|
@ -52,18 +52,9 @@
|
|||||||
fluentd_binary: "{{ fluentd_labels.images.0.ContainerConfig.Labels.fluentd_binary }}"
|
fluentd_binary: "{{ fluentd_labels.images.0.ContainerConfig.Labels.fluentd_binary }}"
|
||||||
when: enable_fluentd | bool
|
when: enable_fluentd | bool
|
||||||
|
|
||||||
- name: Copying over extra CA certificates
|
- include_tasks: copy-certs.yml
|
||||||
become: true
|
|
||||||
copy:
|
|
||||||
src: "{{ node_config }}/certificates/ca/"
|
|
||||||
dest: "{{ node_config_directory }}/{{ item.key }}/ca-certificates"
|
|
||||||
mode: "0644"
|
|
||||||
when:
|
when:
|
||||||
- item.value.enabled | bool
|
|
||||||
- kolla_copy_ca_into_containers | bool
|
- kolla_copy_ca_into_containers | bool
|
||||||
with_dict: "{{ common_services }}"
|
|
||||||
notify:
|
|
||||||
- "Restart {{ item.key }} container"
|
|
||||||
|
|
||||||
- name: Copying over config.json files for services
|
- name: Copying over config.json files for services
|
||||||
template:
|
template:
|
||||||
|
6
ansible/roles/common/tasks/copy-certs.yml
Normal file
6
ansible/roles/common/tasks/copy-certs.yml
Normal file
@ -0,0 +1,6 @@
|
|||||||
|
---
|
||||||
|
- name: "Copy certificates and keys for {{ project_name }}"
|
||||||
|
import_role:
|
||||||
|
role: service-cert-copy
|
||||||
|
vars:
|
||||||
|
project_services: "{{ common_services }}"
|
@ -31,19 +31,9 @@
|
|||||||
when:
|
when:
|
||||||
- congress_policy.results
|
- congress_policy.results
|
||||||
|
|
||||||
- name: Copying over extra CA certificates
|
- include_tasks: copy-certs.yml
|
||||||
become: true
|
|
||||||
copy:
|
|
||||||
src: "{{ node_config }}/certificates/ca/"
|
|
||||||
dest: "{{ node_config_directory }}/{{ item.key }}/ca-certificates"
|
|
||||||
mode: "0644"
|
|
||||||
when:
|
when:
|
||||||
- item.value.enabled | bool
|
|
||||||
- inventory_hostname in groups[item.value.group]
|
|
||||||
- kolla_copy_ca_into_containers | bool
|
- kolla_copy_ca_into_containers | bool
|
||||||
with_dict: "{{ congress_services }}"
|
|
||||||
notify:
|
|
||||||
- "Restart {{ item.key }} container"
|
|
||||||
|
|
||||||
- name: Copying over config.json files for services
|
- name: Copying over config.json files for services
|
||||||
template:
|
template:
|
||||||
|
6
ansible/roles/congress/tasks/copy-certs.yml
Normal file
6
ansible/roles/congress/tasks/copy-certs.yml
Normal file
@ -0,0 +1,6 @@
|
|||||||
|
---
|
||||||
|
- name: "Copy certificates and keys for {{ project_name }}"
|
||||||
|
import_role:
|
||||||
|
role: service-cert-copy
|
||||||
|
vars:
|
||||||
|
project_services: "{{ congress_services }}"
|
@ -45,19 +45,9 @@
|
|||||||
notify:
|
notify:
|
||||||
- Restart {{ item.key }} container
|
- Restart {{ item.key }} container
|
||||||
|
|
||||||
- name: Copying over extra CA certificates
|
- include_tasks: copy-certs.yml
|
||||||
become: true
|
|
||||||
copy:
|
|
||||||
src: "{{ node_config }}/certificates/ca/"
|
|
||||||
dest: "{{ node_config_directory }}/{{ item.key }}/ca-certificates"
|
|
||||||
mode: "0644"
|
|
||||||
when:
|
when:
|
||||||
- item.value.enabled | bool
|
|
||||||
- inventory_hostname in groups[item.value.group]
|
|
||||||
- kolla_copy_ca_into_containers | bool
|
- kolla_copy_ca_into_containers | bool
|
||||||
with_dict: "{{ cyborg_services }}"
|
|
||||||
notify:
|
|
||||||
- "Restart {{ item.key }} container"
|
|
||||||
|
|
||||||
- name: Copying over config.json files for services
|
- name: Copying over config.json files for services
|
||||||
template:
|
template:
|
||||||
|
6
ansible/roles/cyborg/tasks/copy-certs.yml
Normal file
6
ansible/roles/cyborg/tasks/copy-certs.yml
Normal file
@ -0,0 +1,6 @@
|
|||||||
|
---
|
||||||
|
- name: "Copy certificates and keys for {{ project_name }}"
|
||||||
|
import_role:
|
||||||
|
role: service-cert-copy
|
||||||
|
vars:
|
||||||
|
project_services: "{{ cyborg_services }}"
|
@ -31,19 +31,9 @@
|
|||||||
when:
|
when:
|
||||||
- designate_policy.results
|
- designate_policy.results
|
||||||
|
|
||||||
- name: Copying over extra CA certificates
|
- include_tasks: copy-certs.yml
|
||||||
become: true
|
|
||||||
copy:
|
|
||||||
src: "{{ node_config }}/certificates/ca/"
|
|
||||||
dest: "{{ node_config_directory }}/{{ item.key }}/ca-certificates"
|
|
||||||
mode: "0644"
|
|
||||||
when:
|
when:
|
||||||
- item.value.enabled | bool
|
|
||||||
- inventory_hostname in groups[item.value.group]
|
|
||||||
- kolla_copy_ca_into_containers | bool
|
- kolla_copy_ca_into_containers | bool
|
||||||
with_dict: "{{ designate_services }}"
|
|
||||||
notify:
|
|
||||||
- "Restart {{ item.key }} container"
|
|
||||||
|
|
||||||
- name: Copying over config.json files for services
|
- name: Copying over config.json files for services
|
||||||
template:
|
template:
|
||||||
|
6
ansible/roles/designate/tasks/copy-certs.yml
Normal file
6
ansible/roles/designate/tasks/copy-certs.yml
Normal file
@ -0,0 +1,6 @@
|
|||||||
|
---
|
||||||
|
- name: "Copy certificates and keys for {{ project_name }}"
|
||||||
|
import_role:
|
||||||
|
role: service-cert-copy
|
||||||
|
vars:
|
||||||
|
project_services: "{{ designate_services }}"
|
@ -12,18 +12,9 @@
|
|||||||
- item.value.enabled | bool
|
- item.value.enabled | bool
|
||||||
with_dict: "{{ elasticsearch_services }}"
|
with_dict: "{{ elasticsearch_services }}"
|
||||||
|
|
||||||
- name: Copying over extra CA certificates
|
- include_tasks: copy-certs.yml
|
||||||
become: true
|
|
||||||
copy:
|
|
||||||
src: "{{ node_config }}/certificates/ca/"
|
|
||||||
dest: "{{ node_config_directory }}/{{ item.key }}/ca-certificates"
|
|
||||||
mode: "0644"
|
|
||||||
when:
|
when:
|
||||||
- item.value.enabled | bool
|
|
||||||
- kolla_copy_ca_into_containers | bool
|
- kolla_copy_ca_into_containers | bool
|
||||||
with_dict: "{{ elasticsearch_services }}"
|
|
||||||
notify:
|
|
||||||
- "Restart {{ item.key }} container"
|
|
||||||
|
|
||||||
- name: Copying over config.json files for services
|
- name: Copying over config.json files for services
|
||||||
template:
|
template:
|
||||||
|
6
ansible/roles/elasticsearch/tasks/copy-certs.yml
Normal file
6
ansible/roles/elasticsearch/tasks/copy-certs.yml
Normal file
@ -0,0 +1,6 @@
|
|||||||
|
---
|
||||||
|
- name: "Copy certificates and keys for {{ project_name }}"
|
||||||
|
import_role:
|
||||||
|
role: service-cert-copy
|
||||||
|
vars:
|
||||||
|
project_services: "{{ elasticsearch_services }}"
|
@ -31,19 +31,9 @@
|
|||||||
when:
|
when:
|
||||||
- freezer_policy.results
|
- freezer_policy.results
|
||||||
|
|
||||||
- name: Copying over extra CA certificates
|
- include_tasks: copy-certs.yml
|
||||||
become: true
|
|
||||||
copy:
|
|
||||||
src: "{{ node_config }}/certificates/ca/"
|
|
||||||
dest: "{{ node_config_directory }}/{{ item.key }}/ca-certificates"
|
|
||||||
mode: "0644"
|
|
||||||
when:
|
when:
|
||||||
- item.value.enabled | bool
|
|
||||||
- inventory_hostname in groups[item.value.group]
|
|
||||||
- kolla_copy_ca_into_containers | bool
|
- kolla_copy_ca_into_containers | bool
|
||||||
with_dict: "{{ freezer_services }}"
|
|
||||||
notify:
|
|
||||||
- "Restart {{ item.key }} container"
|
|
||||||
|
|
||||||
- name: Copying over config.json files for services
|
- name: Copying over config.json files for services
|
||||||
template:
|
template:
|
||||||
|
6
ansible/roles/freezer/tasks/copy-certs.yml
Normal file
6
ansible/roles/freezer/tasks/copy-certs.yml
Normal file
@ -0,0 +1,6 @@
|
|||||||
|
---
|
||||||
|
- name: "Copy certificates and keys for {{ project_name }}"
|
||||||
|
import_role:
|
||||||
|
role: service-cert-copy
|
||||||
|
vars:
|
||||||
|
project_services: "{{ freezer_services }}"
|
@ -35,19 +35,9 @@
|
|||||||
when:
|
when:
|
||||||
- glance_policy.results
|
- glance_policy.results
|
||||||
|
|
||||||
- name: Copying over extra CA certificates
|
- include_tasks: copy-certs.yml
|
||||||
become: true
|
|
||||||
copy:
|
|
||||||
src: "{{ node_config }}/certificates/ca/"
|
|
||||||
dest: "{{ node_config_directory }}/{{ item.key }}/ca-certificates"
|
|
||||||
mode: "0644"
|
|
||||||
when:
|
when:
|
||||||
- item.value.enabled | bool
|
|
||||||
- inventory_hostname in groups[item.value.group]
|
|
||||||
- kolla_copy_ca_into_containers | bool
|
- kolla_copy_ca_into_containers | bool
|
||||||
with_dict: "{{ glance_services }}"
|
|
||||||
notify:
|
|
||||||
- "Restart {{ item.key }} container"
|
|
||||||
|
|
||||||
- name: Copying over config.json files for services
|
- name: Copying over config.json files for services
|
||||||
template:
|
template:
|
||||||
|
6
ansible/roles/glance/tasks/copy-certs.yml
Normal file
6
ansible/roles/glance/tasks/copy-certs.yml
Normal file
@ -0,0 +1,6 @@
|
|||||||
|
---
|
||||||
|
- name: "Copy certificates and keys for {{ project_name }}"
|
||||||
|
import_role:
|
||||||
|
role: service-cert-copy
|
||||||
|
vars:
|
||||||
|
project_services: "{{ glance_services }}"
|
@ -35,19 +35,9 @@
|
|||||||
when:
|
when:
|
||||||
- gnocchi_policy.results
|
- gnocchi_policy.results
|
||||||
|
|
||||||
- name: Copying over extra CA certificates
|
- include_tasks: copy-certs.yml
|
||||||
become: true
|
|
||||||
copy:
|
|
||||||
src: "{{ node_config }}/certificates/ca/"
|
|
||||||
dest: "{{ node_config_directory }}/{{ item.key }}/ca-certificates"
|
|
||||||
mode: "0644"
|
|
||||||
when:
|
when:
|
||||||
- item.value.enabled | bool
|
|
||||||
- inventory_hostname in groups[item.value.group]
|
|
||||||
- kolla_copy_ca_into_containers | bool
|
- kolla_copy_ca_into_containers | bool
|
||||||
with_dict: "{{ gnocchi_services }}"
|
|
||||||
notify:
|
|
||||||
- "Restart {{ item.key }} container"
|
|
||||||
|
|
||||||
- name: Copying over config.json files for services
|
- name: Copying over config.json files for services
|
||||||
template:
|
template:
|
||||||
|
6
ansible/roles/gnocchi/tasks/copy-certs.yml
Normal file
6
ansible/roles/gnocchi/tasks/copy-certs.yml
Normal file
@ -0,0 +1,6 @@
|
|||||||
|
---
|
||||||
|
- name: "Copy certificates and keys for {{ project_name }}"
|
||||||
|
import_role:
|
||||||
|
role: service-cert-copy
|
||||||
|
vars:
|
||||||
|
project_services: "{{ gnocchi_services }}"
|
@ -20,18 +20,9 @@
|
|||||||
run_once: True
|
run_once: True
|
||||||
register: check_extra_conf_grafana
|
register: check_extra_conf_grafana
|
||||||
|
|
||||||
- name: Copying over extra CA certificates
|
- include_tasks: copy-certs.yml
|
||||||
become: true
|
|
||||||
copy:
|
|
||||||
src: "{{ node_config }}/certificates/ca/"
|
|
||||||
dest: "{{ node_config_directory }}/{{ item.key }}/ca-certificates"
|
|
||||||
mode: "0644"
|
|
||||||
when:
|
when:
|
||||||
- item.value.enabled | bool
|
|
||||||
- kolla_copy_ca_into_containers | bool
|
- kolla_copy_ca_into_containers | bool
|
||||||
with_dict: "{{ grafana_services }}"
|
|
||||||
notify:
|
|
||||||
- "Restart {{ item.key }} container"
|
|
||||||
|
|
||||||
- name: Copying over config.json files
|
- name: Copying over config.json files
|
||||||
template:
|
template:
|
||||||
|
6
ansible/roles/grafana/tasks/copy-certs.yml
Normal file
6
ansible/roles/grafana/tasks/copy-certs.yml
Normal file
@ -0,0 +1,6 @@
|
|||||||
|
---
|
||||||
|
- name: "Copy certificates and keys for {{ project_name }}"
|
||||||
|
import_role:
|
||||||
|
role: service-cert-copy
|
||||||
|
vars:
|
||||||
|
project_services: "{{ grafana_services }}"
|
@ -125,19 +125,9 @@
|
|||||||
notify:
|
notify:
|
||||||
- Restart haproxy container
|
- Restart haproxy container
|
||||||
|
|
||||||
- name: Copying over extra CA certificates
|
- include_tasks: copy-certs.yml
|
||||||
vars:
|
|
||||||
service: "{{ haproxy_services['haproxy'] }}"
|
|
||||||
become: true
|
|
||||||
copy:
|
|
||||||
src: "{{ kolla_certificates_dir }}/ca/"
|
|
||||||
dest: "{{ node_config_directory }}/haproxy/ca-certificates"
|
|
||||||
mode: "0644"
|
|
||||||
when:
|
when:
|
||||||
- inventory_hostname in groups[service.group]
|
|
||||||
- kolla_copy_ca_into_containers | bool
|
- kolla_copy_ca_into_containers | bool
|
||||||
notify:
|
|
||||||
- Restart haproxy container
|
|
||||||
|
|
||||||
- name: Copying over haproxy start script
|
- name: Copying over haproxy start script
|
||||||
vars:
|
vars:
|
||||||
|
6
ansible/roles/haproxy/tasks/copy-certs.yml
Normal file
6
ansible/roles/haproxy/tasks/copy-certs.yml
Normal file
@ -0,0 +1,6 @@
|
|||||||
|
---
|
||||||
|
- name: "Copy certificates and keys for {{ project_name }}"
|
||||||
|
import_role:
|
||||||
|
role: service-cert-copy
|
||||||
|
vars:
|
||||||
|
project_services: "{{ haproxy_services }}"
|
@ -31,19 +31,9 @@
|
|||||||
when:
|
when:
|
||||||
- heat_policy.results
|
- heat_policy.results
|
||||||
|
|
||||||
- name: Copying over extra CA certificates
|
- include_tasks: copy-certs.yml
|
||||||
become: true
|
|
||||||
copy:
|
|
||||||
src: "{{ node_config }}/certificates/ca/"
|
|
||||||
dest: "{{ node_config_directory }}/{{ item.key }}/ca-certificates"
|
|
||||||
mode: "0644"
|
|
||||||
when:
|
when:
|
||||||
- inventory_hostname in groups[item.value.group]
|
|
||||||
- item.value.enabled | bool
|
|
||||||
- kolla_copy_ca_into_containers | bool
|
- kolla_copy_ca_into_containers | bool
|
||||||
with_dict: "{{ heat_services }}"
|
|
||||||
notify:
|
|
||||||
- "Restart {{ item.key }} container"
|
|
||||||
|
|
||||||
- name: Copying over config.json files for services
|
- name: Copying over config.json files for services
|
||||||
become: true
|
become: true
|
||||||
|
6
ansible/roles/heat/tasks/copy-certs.yml
Normal file
6
ansible/roles/heat/tasks/copy-certs.yml
Normal file
@ -0,0 +1,6 @@
|
|||||||
|
---
|
||||||
|
- name: "Copy certificates and keys for {{ project_name }}"
|
||||||
|
import_role:
|
||||||
|
role: service-cert-copy
|
||||||
|
vars:
|
||||||
|
project_services: "{{ heat_services }}"
|
@ -133,19 +133,9 @@
|
|||||||
notify:
|
notify:
|
||||||
- Restart horizon container
|
- Restart horizon container
|
||||||
|
|
||||||
- name: Copying over extra CA certificates
|
- include_tasks: copy-certs.yml
|
||||||
become: true
|
|
||||||
copy:
|
|
||||||
src: "{{ node_config }}/certificates/ca/"
|
|
||||||
dest: "{{ node_config_directory }}/{{ item.key }}/ca-certificates"
|
|
||||||
mode: "0644"
|
|
||||||
when:
|
when:
|
||||||
- inventory_hostname in groups[item.value.group]
|
|
||||||
- item.value.enabled | bool
|
|
||||||
- kolla_copy_ca_into_containers | bool
|
- kolla_copy_ca_into_containers | bool
|
||||||
with_dict: "{{ horizon_services }}"
|
|
||||||
notify:
|
|
||||||
- "Restart {{ item.key }} container"
|
|
||||||
|
|
||||||
- include_tasks: check-containers.yml
|
- include_tasks: check-containers.yml
|
||||||
when: kolla_action != "config"
|
when: kolla_action != "config"
|
||||||
|
6
ansible/roles/horizon/tasks/copy-certs.yml
Normal file
6
ansible/roles/horizon/tasks/copy-certs.yml
Normal file
@ -0,0 +1,6 @@
|
|||||||
|
---
|
||||||
|
- name: "Copy certificates and keys for {{ project_name }}"
|
||||||
|
import_role:
|
||||||
|
role: service-cert-copy
|
||||||
|
vars:
|
||||||
|
project_services: "{{ horizon_services }}"
|
@ -31,19 +31,9 @@
|
|||||||
when:
|
when:
|
||||||
- ironic_policy.results
|
- ironic_policy.results
|
||||||
|
|
||||||
- name: Copying over extra CA certificates
|
- include_tasks: copy-certs.yml
|
||||||
become: true
|
|
||||||
copy:
|
|
||||||
src: "{{ node_config }}/certificates/ca/"
|
|
||||||
dest: "{{ node_config_directory }}/{{ item.key }}/ca-certificates"
|
|
||||||
mode: "0644"
|
|
||||||
when:
|
when:
|
||||||
- item.value.enabled | bool
|
|
||||||
- inventory_hostname in groups[item.value.group]
|
|
||||||
- kolla_copy_ca_into_containers | bool
|
- kolla_copy_ca_into_containers | bool
|
||||||
with_dict: "{{ ironic_services }}"
|
|
||||||
notify:
|
|
||||||
- "Restart {{ item.key }} container"
|
|
||||||
|
|
||||||
- name: Copying over config.json files for services
|
- name: Copying over config.json files for services
|
||||||
template:
|
template:
|
||||||
|
6
ansible/roles/ironic/tasks/copy-certs.yml
Normal file
6
ansible/roles/ironic/tasks/copy-certs.yml
Normal file
@ -0,0 +1,6 @@
|
|||||||
|
---
|
||||||
|
- name: "Copy certificates and keys for {{ project_name }}"
|
||||||
|
import_role:
|
||||||
|
role: service-cert-copy
|
||||||
|
vars:
|
||||||
|
project_services: "{{ ironic_services }}"
|
@ -12,19 +12,9 @@
|
|||||||
- item.value.enabled | bool
|
- item.value.enabled | bool
|
||||||
with_dict: "{{ karbor_services }}"
|
with_dict: "{{ karbor_services }}"
|
||||||
|
|
||||||
- name: Copying over extra CA certificates
|
- include_tasks: copy-certs.yml
|
||||||
become: true
|
|
||||||
copy:
|
|
||||||
src: "{{ node_config }}/certificates/ca/"
|
|
||||||
dest: "{{ node_config_directory }}/{{ item.key }}/ca-certificates"
|
|
||||||
mode: "0644"
|
|
||||||
when:
|
when:
|
||||||
- item.value.enabled | bool
|
|
||||||
- inventory_hostname in groups[item.value.group]
|
|
||||||
- kolla_copy_ca_into_containers | bool
|
- kolla_copy_ca_into_containers | bool
|
||||||
with_dict: "{{ karbor_services }}"
|
|
||||||
notify:
|
|
||||||
- "Restart {{ item.key }} container"
|
|
||||||
|
|
||||||
- name: Copying over config.json files for services
|
- name: Copying over config.json files for services
|
||||||
template:
|
template:
|
||||||
|
6
ansible/roles/karbor/tasks/copy-certs.yml
Normal file
6
ansible/roles/karbor/tasks/copy-certs.yml
Normal file
@ -0,0 +1,6 @@
|
|||||||
|
---
|
||||||
|
- name: "Copy certificates and keys for {{ project_name }}"
|
||||||
|
import_role:
|
||||||
|
role: service-cert-copy
|
||||||
|
vars:
|
||||||
|
project_services: "{{ karbor_services }}"
|
@ -12,19 +12,9 @@
|
|||||||
- item.value.enabled | bool
|
- item.value.enabled | bool
|
||||||
with_dict: "{{ kibana_services }}"
|
with_dict: "{{ kibana_services }}"
|
||||||
|
|
||||||
- name: Copying over extra CA certificates
|
- include_tasks: copy-certs.yml
|
||||||
become: true
|
|
||||||
copy:
|
|
||||||
src: "{{ node_config }}/certificates/ca/"
|
|
||||||
dest: "{{ node_config_directory }}/{{ item.key }}/ca-certificates"
|
|
||||||
mode: "0644"
|
|
||||||
when:
|
when:
|
||||||
- item.value.enabled | bool
|
|
||||||
- inventory_hostname in groups[item.value.group]
|
|
||||||
- kolla_copy_ca_into_containers | bool
|
- kolla_copy_ca_into_containers | bool
|
||||||
with_dict: "{{ kibana_services }}"
|
|
||||||
notify:
|
|
||||||
- "Restart {{ item.key }} container"
|
|
||||||
|
|
||||||
- name: Copying over config.json files for services
|
- name: Copying over config.json files for services
|
||||||
template:
|
template:
|
||||||
|
6
ansible/roles/kibana/tasks/copy-certs.yml
Normal file
6
ansible/roles/kibana/tasks/copy-certs.yml
Normal file
@ -0,0 +1,6 @@
|
|||||||
|
---
|
||||||
|
- name: "Copy certificates and keys for {{ project_name }}"
|
||||||
|
import_role:
|
||||||
|
role: service-cert-copy
|
||||||
|
vars:
|
||||||
|
project_services: "{{ kibana_services }}"
|
@ -31,19 +31,9 @@
|
|||||||
when:
|
when:
|
||||||
- kuryr_policy.results
|
- kuryr_policy.results
|
||||||
|
|
||||||
- name: Copying over extra CA certificates
|
- include_tasks: copy-certs.yml
|
||||||
become: true
|
|
||||||
copy:
|
|
||||||
src: "{{ node_config }}/certificates/ca/"
|
|
||||||
dest: "{{ node_config_directory }}/{{ item.key }}/ca-certificates"
|
|
||||||
mode: "0644"
|
|
||||||
when:
|
when:
|
||||||
- item.value.enabled | bool
|
|
||||||
- inventory_hostname in groups[item.value.group]
|
|
||||||
- kolla_copy_ca_into_containers | bool
|
- kolla_copy_ca_into_containers | bool
|
||||||
with_dict: "{{ kuryr_services }}"
|
|
||||||
notify:
|
|
||||||
- "Restart {{ item.key }} container"
|
|
||||||
|
|
||||||
- name: Copying over config.json files for services
|
- name: Copying over config.json files for services
|
||||||
template:
|
template:
|
||||||
|
6
ansible/roles/kuryr/tasks/copy-certs.yml
Normal file
6
ansible/roles/kuryr/tasks/copy-certs.yml
Normal file
@ -0,0 +1,6 @@
|
|||||||
|
---
|
||||||
|
- name: "Copy certificates and keys for {{ project_name }}"
|
||||||
|
import_role:
|
||||||
|
role: service-cert-copy
|
||||||
|
vars:
|
||||||
|
project_services: "{{ kuryr_services }}"
|
@ -31,19 +31,9 @@
|
|||||||
when:
|
when:
|
||||||
- magnum_policy.results
|
- magnum_policy.results
|
||||||
|
|
||||||
- name: Copying over extra CA certificates
|
- include_tasks: copy-certs.yml
|
||||||
become: true
|
|
||||||
copy:
|
|
||||||
src: "{{ node_config }}/certificates/ca/"
|
|
||||||
dest: "{{ node_config_directory }}/{{ item.key }}/ca-certificates"
|
|
||||||
mode: "0644"
|
|
||||||
when:
|
when:
|
||||||
- item.value.enabled | bool
|
|
||||||
- inventory_hostname in groups[item.value.group]
|
|
||||||
- kolla_copy_ca_into_containers | bool
|
- kolla_copy_ca_into_containers | bool
|
||||||
with_dict: "{{ magnum_services }}"
|
|
||||||
notify:
|
|
||||||
- "Restart {{ item.key }} container"
|
|
||||||
|
|
||||||
- name: Copying over config.json files for services
|
- name: Copying over config.json files for services
|
||||||
template:
|
template:
|
||||||
|
6
ansible/roles/magnum/tasks/copy-certs.yml
Normal file
6
ansible/roles/magnum/tasks/copy-certs.yml
Normal file
@ -0,0 +1,6 @@
|
|||||||
|
---
|
||||||
|
- name: "Copy certificates and keys for {{ project_name }}"
|
||||||
|
import_role:
|
||||||
|
role: service-cert-copy
|
||||||
|
vars:
|
||||||
|
project_services: "{{ magnum_services }}"
|
@ -36,19 +36,9 @@
|
|||||||
when:
|
when:
|
||||||
- manila_policy.results
|
- manila_policy.results
|
||||||
|
|
||||||
- name: Copying over extra CA certificates
|
- include_tasks: copy-certs.yml
|
||||||
become: true
|
|
||||||
copy:
|
|
||||||
src: "{{ node_config }}/certificates/ca/"
|
|
||||||
dest: "{{ node_config_directory }}/{{ item.key }}/ca-certificates"
|
|
||||||
mode: "0644"
|
|
||||||
when:
|
when:
|
||||||
- item.value.enabled | bool
|
|
||||||
- inventory_hostname in groups[item.value.group]
|
|
||||||
- kolla_copy_ca_into_containers | bool
|
- kolla_copy_ca_into_containers | bool
|
||||||
with_dict: "{{ manila_services }}"
|
|
||||||
notify:
|
|
||||||
- "Restart {{ item.key }} container"
|
|
||||||
|
|
||||||
- name: Copying over config.json files for services
|
- name: Copying over config.json files for services
|
||||||
template:
|
template:
|
||||||
|
6
ansible/roles/manila/tasks/copy-certs.yml
Normal file
6
ansible/roles/manila/tasks/copy-certs.yml
Normal file
@ -0,0 +1,6 @@
|
|||||||
|
---
|
||||||
|
- name: "Copy certificates and keys for {{ project_name }}"
|
||||||
|
import_role:
|
||||||
|
role: service-cert-copy
|
||||||
|
vars:
|
||||||
|
project_services: "{{ manila_services }}"
|
@ -31,19 +31,9 @@
|
|||||||
when:
|
when:
|
||||||
- mistral_policy.results
|
- mistral_policy.results
|
||||||
|
|
||||||
- name: Copying over extra CA certificates
|
- include_tasks: copy-certs.yml
|
||||||
become: true
|
|
||||||
copy:
|
|
||||||
src: "{{ node_config }}/certificates/ca/"
|
|
||||||
dest: "{{ node_config_directory }}/{{ item.key }}/ca-certificates"
|
|
||||||
mode: "0644"
|
|
||||||
when:
|
when:
|
||||||
- item.value.enabled | bool
|
|
||||||
- inventory_hostname in groups[item.value.group]
|
|
||||||
- kolla_copy_ca_into_containers | bool
|
- kolla_copy_ca_into_containers | bool
|
||||||
with_dict: "{{ mistral_services }}"
|
|
||||||
notify:
|
|
||||||
- "Restart {{ item.key }} container"
|
|
||||||
|
|
||||||
- name: Copying over config.json files for services
|
- name: Copying over config.json files for services
|
||||||
template:
|
template:
|
||||||
|
6
ansible/roles/mistral/tasks/copy-certs.yml
Normal file
6
ansible/roles/mistral/tasks/copy-certs.yml
Normal file
@ -0,0 +1,6 @@
|
|||||||
|
---
|
||||||
|
- name: "Copy certificates and keys for {{ project_name }}"
|
||||||
|
import_role:
|
||||||
|
role: service-cert-copy
|
||||||
|
vars:
|
||||||
|
project_services: "{{ mistral_services }}"
|
@ -12,19 +12,9 @@
|
|||||||
- item.value.enabled | bool
|
- item.value.enabled | bool
|
||||||
with_dict: "{{ monasca_services }}"
|
with_dict: "{{ monasca_services }}"
|
||||||
|
|
||||||
- name: Copying over extra CA certificates
|
- include_tasks: copy-certs.yml
|
||||||
become: true
|
|
||||||
copy:
|
|
||||||
src: "{{ node_config }}/certificates/ca/"
|
|
||||||
dest: "{{ node_config_directory }}/{{ item.key }}/ca-certificates"
|
|
||||||
mode: "0644"
|
|
||||||
when:
|
when:
|
||||||
- item.value.enabled | bool
|
|
||||||
- inventory_hostname in groups[item.value.group]
|
|
||||||
- kolla_copy_ca_into_containers | bool
|
- kolla_copy_ca_into_containers | bool
|
||||||
with_dict: "{{ monasca_services }}"
|
|
||||||
notify:
|
|
||||||
- "Restart {{ item.key }} container"
|
|
||||||
|
|
||||||
- name: Copying over config.json files for services
|
- name: Copying over config.json files for services
|
||||||
template:
|
template:
|
||||||
|
6
ansible/roles/monasca/tasks/copy-certs.yml
Normal file
6
ansible/roles/monasca/tasks/copy-certs.yml
Normal file
@ -0,0 +1,6 @@
|
|||||||
|
---
|
||||||
|
- name: "Copy certificates and keys for {{ project_name }}"
|
||||||
|
import_role:
|
||||||
|
role: service-cert-copy
|
||||||
|
vars:
|
||||||
|
project_services: "{{ monasca_services }}"
|
@ -31,19 +31,9 @@
|
|||||||
when:
|
when:
|
||||||
- murano_policy.results
|
- murano_policy.results
|
||||||
|
|
||||||
- name: Copying over extra CA certificates
|
- include_tasks: copy-certs.yml
|
||||||
become: true
|
|
||||||
copy:
|
|
||||||
src: "{{ node_config }}/certificates/ca/"
|
|
||||||
dest: "{{ node_config_directory }}/{{ item.key }}/ca-certificates"
|
|
||||||
mode: "0644"
|
|
||||||
when:
|
when:
|
||||||
- item.value.enabled | bool
|
|
||||||
- inventory_hostname in groups[item.value.group]
|
|
||||||
- kolla_copy_ca_into_containers | bool
|
- kolla_copy_ca_into_containers | bool
|
||||||
with_dict: "{{ murano_services }}"
|
|
||||||
notify:
|
|
||||||
- "Restart {{ item.key }} container"
|
|
||||||
|
|
||||||
- name: Copying over config.json files for services
|
- name: Copying over config.json files for services
|
||||||
template:
|
template:
|
||||||
|
6
ansible/roles/murano/tasks/copy-certs.yml
Normal file
6
ansible/roles/murano/tasks/copy-certs.yml
Normal file
@ -0,0 +1,6 @@
|
|||||||
|
---
|
||||||
|
- name: "Copy certificates and keys for {{ project_name }}"
|
||||||
|
import_role:
|
||||||
|
role: service-cert-copy
|
||||||
|
vars:
|
||||||
|
project_services: "{{ murano_services }}"
|
@ -20,19 +20,9 @@
|
|||||||
changed_when: False
|
changed_when: False
|
||||||
register: check_extra_ml2_plugins
|
register: check_extra_ml2_plugins
|
||||||
|
|
||||||
- name: Copying over extra CA certificates
|
- include_tasks: copy-certs.yml
|
||||||
become: true
|
|
||||||
copy:
|
|
||||||
src: "{{ node_config }}/certificates/ca/"
|
|
||||||
dest: "{{ node_config_directory }}/{{ item.key }}/ca-certificates"
|
|
||||||
mode: "0644"
|
|
||||||
when:
|
when:
|
||||||
- item.value.enabled | bool
|
|
||||||
- item.value.host_in_groups | bool
|
|
||||||
- kolla_copy_ca_into_containers | bool
|
- kolla_copy_ca_into_containers | bool
|
||||||
with_dict: "{{ neutron_services }}"
|
|
||||||
notify:
|
|
||||||
- "Restart {{ item.key }} container"
|
|
||||||
|
|
||||||
- name: Copying over config.json files for services
|
- name: Copying over config.json files for services
|
||||||
become: true
|
become: true
|
||||||
|
6
ansible/roles/neutron/tasks/copy-certs.yml
Normal file
6
ansible/roles/neutron/tasks/copy-certs.yml
Normal file
@ -0,0 +1,6 @@
|
|||||||
|
---
|
||||||
|
- name: "Copy certificates and keys for {{ project_name }}"
|
||||||
|
import_role:
|
||||||
|
role: service-cert-copy
|
||||||
|
vars:
|
||||||
|
project_services: "{{ neutron_services }}"
|
@ -12,19 +12,9 @@
|
|||||||
- item.value.enabled | bool
|
- item.value.enabled | bool
|
||||||
with_dict: "{{ nova_cell_services }}"
|
with_dict: "{{ nova_cell_services }}"
|
||||||
|
|
||||||
- name: Copying over extra CA certificates
|
- include_tasks: copy-certs.yml
|
||||||
become: true
|
|
||||||
copy:
|
|
||||||
src: "{{ node_config }}/certificates/ca/"
|
|
||||||
dest: "{{ node_config_directory }}/{{ item.key }}/ca-certificates"
|
|
||||||
mode: "0644"
|
|
||||||
when:
|
when:
|
||||||
- item.value.enabled | bool
|
|
||||||
- inventory_hostname in groups[item.value.group]
|
|
||||||
- kolla_copy_ca_into_containers | bool
|
- kolla_copy_ca_into_containers | bool
|
||||||
with_dict: "{{ nova_cell_services }}"
|
|
||||||
notify:
|
|
||||||
- "Restart {{ item.key }} container"
|
|
||||||
|
|
||||||
- include_tasks: external_ceph.yml
|
- include_tasks: external_ceph.yml
|
||||||
when:
|
when:
|
||||||
|
6
ansible/roles/nova-cell/tasks/copy-certs.yml
Normal file
6
ansible/roles/nova-cell/tasks/copy-certs.yml
Normal file
@ -0,0 +1,6 @@
|
|||||||
|
---
|
||||||
|
- name: "Copy certificates and keys for {{ project_name }}"
|
||||||
|
import_role:
|
||||||
|
role: service-cert-copy
|
||||||
|
vars:
|
||||||
|
project_services: "{{ nova_cell_services }}"
|
@ -34,13 +34,6 @@
|
|||||||
- "wsgate.ini.j2"
|
- "wsgate.ini.j2"
|
||||||
notify: Restart FreeRDP-WebConnect
|
notify: Restart FreeRDP-WebConnect
|
||||||
|
|
||||||
- name: Copying over extra CA certificates
|
- include_tasks: copy-certs.yml
|
||||||
become: true
|
|
||||||
copy:
|
|
||||||
src: "{{ node_config }}/certificates/ca/"
|
|
||||||
dest: "{{ node_custom_config }}/nova-hyperv/ca-certificates"
|
|
||||||
mode: "0644"
|
|
||||||
when:
|
when:
|
||||||
- item.value.enabled | bool
|
|
||||||
- inventory_hostname in groups[item.value.group]
|
|
||||||
- kolla_copy_ca_into_containers | bool
|
- kolla_copy_ca_into_containers | bool
|
||||||
|
6
ansible/roles/nova-hyperv/tasks/copy-certs.yml
Normal file
6
ansible/roles/nova-hyperv/tasks/copy-certs.yml
Normal file
@ -0,0 +1,6 @@
|
|||||||
|
---
|
||||||
|
- name: "Copy certificates and keys for {{ project_name }}"
|
||||||
|
import_role:
|
||||||
|
role: service-cert-copy
|
||||||
|
vars:
|
||||||
|
project_services: "{{ nova_hyperv_services }}"
|
@ -31,19 +31,9 @@
|
|||||||
when:
|
when:
|
||||||
- nova_policy.results
|
- nova_policy.results
|
||||||
|
|
||||||
- name: Copying over extra CA certificates
|
- include_tasks: copy-certs.yml
|
||||||
become: true
|
|
||||||
copy:
|
|
||||||
src: "{{ node_config }}/certificates/ca/"
|
|
||||||
dest: "{{ node_config_directory }}/{{ item.key }}/ca-certificates"
|
|
||||||
mode: "0644"
|
|
||||||
when:
|
when:
|
||||||
- item.value.enabled | bool
|
|
||||||
- inventory_hostname in groups[item.value.group]
|
|
||||||
- kolla_copy_ca_into_containers | bool
|
- kolla_copy_ca_into_containers | bool
|
||||||
with_dict: "{{ nova_services }}"
|
|
||||||
notify:
|
|
||||||
- "Restart {{ item.key }} container"
|
|
||||||
|
|
||||||
- name: Copying over config.json files for services
|
- name: Copying over config.json files for services
|
||||||
become: true
|
become: true
|
||||||
|
6
ansible/roles/nova/tasks/copy-certs.yml
Normal file
6
ansible/roles/nova/tasks/copy-certs.yml
Normal file
@ -0,0 +1,6 @@
|
|||||||
|
---
|
||||||
|
- name: "Copy certificates and keys for {{ project_name }}"
|
||||||
|
import_role:
|
||||||
|
role: service-cert-copy
|
||||||
|
vars:
|
||||||
|
project_services: "{{ nova_services }}"
|
@ -45,19 +45,9 @@
|
|||||||
notify:
|
notify:
|
||||||
- "Restart {{ item.key }} container"
|
- "Restart {{ item.key }} container"
|
||||||
|
|
||||||
- name: Copying over extra CA certificates
|
- include_tasks: copy-certs.yml
|
||||||
become: true
|
|
||||||
copy:
|
|
||||||
src: "{{ node_config }}/certificates/ca/"
|
|
||||||
dest: "{{ node_config_directory }}/{{ item.key }}/ca-certificates"
|
|
||||||
mode: "0644"
|
|
||||||
when:
|
when:
|
||||||
- item.value.enabled | bool
|
|
||||||
- inventory_hostname in groups[item.value.group]
|
|
||||||
- kolla_copy_ca_into_containers | bool
|
- kolla_copy_ca_into_containers | bool
|
||||||
with_dict: "{{ octavia_services }}"
|
|
||||||
notify:
|
|
||||||
- "Restart {{ item.key }} container"
|
|
||||||
|
|
||||||
- name: Copying over config.json files for services
|
- name: Copying over config.json files for services
|
||||||
template:
|
template:
|
||||||
|
6
ansible/roles/octavia/tasks/copy-certs.yml
Normal file
6
ansible/roles/octavia/tasks/copy-certs.yml
Normal file
@ -0,0 +1,6 @@
|
|||||||
|
---
|
||||||
|
- name: "Copy certificates and keys for {{ project_name }}"
|
||||||
|
import_role:
|
||||||
|
role: service-cert-copy
|
||||||
|
vars:
|
||||||
|
project_services: "{{ octavia_services }}"
|
@ -31,19 +31,9 @@
|
|||||||
when:
|
when:
|
||||||
- panko_policy.results
|
- panko_policy.results
|
||||||
|
|
||||||
- name: Copying over extra CA certificates
|
- include_tasks: copy-certs.yml
|
||||||
become: true
|
|
||||||
copy:
|
|
||||||
src: "{{ node_config }}/certificates/ca/"
|
|
||||||
dest: "{{ node_config_directory }}/{{ item.key }}/ca-certificates"
|
|
||||||
mode: "0644"
|
|
||||||
when:
|
when:
|
||||||
- item.value.enabled | bool
|
|
||||||
- inventory_hostname in groups[item.value.group]
|
|
||||||
- kolla_copy_ca_into_containers | bool
|
- kolla_copy_ca_into_containers | bool
|
||||||
with_dict: "{{ panko_services }}"
|
|
||||||
notify:
|
|
||||||
- "Restart {{ item.key }} container"
|
|
||||||
|
|
||||||
- name: Copying over config.json files for services
|
- name: Copying over config.json files for services
|
||||||
template:
|
template:
|
||||||
|
6
ansible/roles/panko/tasks/copy-certs.yml
Normal file
6
ansible/roles/panko/tasks/copy-certs.yml
Normal file
@ -0,0 +1,6 @@
|
|||||||
|
---
|
||||||
|
- name: "Copy certificates and keys for {{ project_name }}"
|
||||||
|
import_role:
|
||||||
|
role: service-cert-copy
|
||||||
|
vars:
|
||||||
|
project_services: "{{ panko_services }}"
|
@ -31,19 +31,9 @@
|
|||||||
when:
|
when:
|
||||||
- placement_policy.results
|
- placement_policy.results
|
||||||
|
|
||||||
- name: Copying over extra CA certificates
|
- include_tasks: copy-certs.yml
|
||||||
become: true
|
|
||||||
copy:
|
|
||||||
src: "{{ node_config }}/certificates/ca/"
|
|
||||||
dest: "{{ node_config_directory }}/{{ item.key }}/ca-certificates"
|
|
||||||
mode: "0644"
|
|
||||||
when:
|
when:
|
||||||
- item.value.enabled | bool
|
|
||||||
- inventory_hostname in groups[item.value.group]
|
|
||||||
- kolla_copy_ca_into_containers | bool
|
- kolla_copy_ca_into_containers | bool
|
||||||
with_dict: "{{ placement_services }}"
|
|
||||||
notify:
|
|
||||||
- "Restart {{ item.key }} container"
|
|
||||||
|
|
||||||
- name: Copying over config.json files for services
|
- name: Copying over config.json files for services
|
||||||
become: true
|
become: true
|
||||||
|
6
ansible/roles/placement/tasks/copy-certs.yml
Normal file
6
ansible/roles/placement/tasks/copy-certs.yml
Normal file
@ -0,0 +1,6 @@
|
|||||||
|
---
|
||||||
|
- name: "Copy certificates and keys for {{ project_name }}"
|
||||||
|
import_role:
|
||||||
|
role: service-cert-copy
|
||||||
|
vars:
|
||||||
|
project_services: "{{ placement_services }}"
|
@ -12,19 +12,9 @@
|
|||||||
- item.value.enabled | bool
|
- item.value.enabled | bool
|
||||||
with_dict: "{{ prometheus_services }}"
|
with_dict: "{{ prometheus_services }}"
|
||||||
|
|
||||||
- name: Copying over extra CA certificates
|
- include_tasks: copy-certs.yml
|
||||||
become: true
|
|
||||||
copy:
|
|
||||||
src: "{{ node_config }}/certificates/ca/"
|
|
||||||
dest: "{{ node_config_directory }}/{{ item.key }}/ca-certificates"
|
|
||||||
mode: "0644"
|
|
||||||
when:
|
when:
|
||||||
- item.value.enabled | bool
|
|
||||||
- inventory_hostname in groups[item.value.group]
|
|
||||||
- kolla_copy_ca_into_containers | bool
|
- kolla_copy_ca_into_containers | bool
|
||||||
with_dict: "{{ prometheus_services }}"
|
|
||||||
notify:
|
|
||||||
- "Restart {{ item.key }} container"
|
|
||||||
|
|
||||||
- name: Copying over config.json files
|
- name: Copying over config.json files
|
||||||
become: true
|
become: true
|
||||||
|
6
ansible/roles/prometheus/tasks/copy-certs.yml
Normal file
6
ansible/roles/prometheus/tasks/copy-certs.yml
Normal file
@ -0,0 +1,6 @@
|
|||||||
|
---
|
||||||
|
- name: "Copy certificates and keys for {{ project_name }}"
|
||||||
|
import_role:
|
||||||
|
role: service-cert-copy
|
||||||
|
vars:
|
||||||
|
project_services: "{{ prometheus_services }}"
|
@ -36,19 +36,9 @@
|
|||||||
when:
|
when:
|
||||||
- qinling_policy.results
|
- qinling_policy.results
|
||||||
|
|
||||||
- name: Copying over extra CA certificates
|
- include_tasks: copy-certs.yml
|
||||||
become: true
|
|
||||||
copy:
|
|
||||||
src: "{{ node_config }}/certificates/ca/"
|
|
||||||
dest: "{{ node_config_directory }}/{{ item.key }}/ca-certificates"
|
|
||||||
mode: "0644"
|
|
||||||
when:
|
when:
|
||||||
- item.value.enabled | bool
|
|
||||||
- inventory_hostname in groups[item.value.group]
|
|
||||||
- kolla_copy_ca_into_containers | bool
|
- kolla_copy_ca_into_containers | bool
|
||||||
with_dict: "{{ qinling_services }}"
|
|
||||||
notify:
|
|
||||||
- "Restart {{ item.key }} container"
|
|
||||||
|
|
||||||
- name: Copying over config.json files for services
|
- name: Copying over config.json files for services
|
||||||
template:
|
template:
|
||||||
|
6
ansible/roles/qinling/tasks/copy-certs.yml
Normal file
6
ansible/roles/qinling/tasks/copy-certs.yml
Normal file
@ -0,0 +1,6 @@
|
|||||||
|
---
|
||||||
|
- name: "Copy certificates and keys for {{ project_name }}"
|
||||||
|
import_role:
|
||||||
|
role: service-cert-copy
|
||||||
|
vars:
|
||||||
|
project_services: "{{ qinling_services }}"
|
@ -31,19 +31,9 @@
|
|||||||
when:
|
when:
|
||||||
- rally_policy.results
|
- rally_policy.results
|
||||||
|
|
||||||
- name: Copying over extra CA certificates
|
- include_tasks: copy-certs.yml
|
||||||
become: true
|
|
||||||
copy:
|
|
||||||
src: "{{ node_config }}/certificates/ca/"
|
|
||||||
dest: "{{ node_config_directory }}/{{ item.key }}/ca-certificates"
|
|
||||||
mode: "0644"
|
|
||||||
when:
|
when:
|
||||||
- item.value.enabled | bool
|
|
||||||
- inventory_hostname in groups[item.value.group]
|
|
||||||
- kolla_copy_ca_into_containers | bool
|
- kolla_copy_ca_into_containers | bool
|
||||||
with_dict: "{{ rally_services }}"
|
|
||||||
notify:
|
|
||||||
- "Restart {{ item.key }} container"
|
|
||||||
|
|
||||||
- name: Copying over config.json files for services
|
- name: Copying over config.json files for services
|
||||||
template:
|
template:
|
||||||
|
6
ansible/roles/rally/tasks/copy-certs.yml
Normal file
6
ansible/roles/rally/tasks/copy-certs.yml
Normal file
@ -0,0 +1,6 @@
|
|||||||
|
---
|
||||||
|
- name: "Copy certificates and keys for {{ project_name }}"
|
||||||
|
import_role:
|
||||||
|
role: service-cert-copy
|
||||||
|
vars:
|
||||||
|
project_services: "{{ rally_services }}"
|
@ -31,19 +31,9 @@
|
|||||||
when:
|
when:
|
||||||
- sahara_policy.results
|
- sahara_policy.results
|
||||||
|
|
||||||
- name: Copying over extra CA certificates
|
- include_tasks: copy-certs.yml
|
||||||
become: true
|
|
||||||
copy:
|
|
||||||
src: "{{ node_config }}/certificates/ca/"
|
|
||||||
dest: "{{ node_config_directory }}/{{ item.key }}/ca-certificates"
|
|
||||||
mode: "0644"
|
|
||||||
when:
|
when:
|
||||||
- item.value.enabled | bool
|
|
||||||
- inventory_hostname in groups[item.value.group]
|
|
||||||
- kolla_copy_ca_into_containers | bool
|
- kolla_copy_ca_into_containers | bool
|
||||||
with_dict: "{{ sahara_services }}"
|
|
||||||
notify:
|
|
||||||
- "Restart {{ item.key }} container"
|
|
||||||
|
|
||||||
- name: Copying over config.json files for services
|
- name: Copying over config.json files for services
|
||||||
template:
|
template:
|
||||||
|
6
ansible/roles/sahara/tasks/copy-certs.yml
Normal file
6
ansible/roles/sahara/tasks/copy-certs.yml
Normal file
@ -0,0 +1,6 @@
|
|||||||
|
---
|
||||||
|
- name: "Copy certificates and keys for {{ project_name }}"
|
||||||
|
import_role:
|
||||||
|
role: service-cert-copy
|
||||||
|
vars:
|
||||||
|
project_services: "{{ sahara_services }}"
|
@ -31,19 +31,9 @@
|
|||||||
when:
|
when:
|
||||||
- searchlight_policy.results
|
- searchlight_policy.results
|
||||||
|
|
||||||
- name: Copying over extra CA certificates
|
- include_tasks: copy-certs.yml
|
||||||
become: true
|
|
||||||
copy:
|
|
||||||
src: "{{ node_config }}/certificates/ca/"
|
|
||||||
dest: "{{ node_config_directory }}/{{ item.key }}/ca-certificates"
|
|
||||||
mode: "0644"
|
|
||||||
when:
|
when:
|
||||||
- item.value.enabled | bool
|
|
||||||
- inventory_hostname in groups[item.value.group]
|
|
||||||
- kolla_copy_ca_into_containers | bool
|
- kolla_copy_ca_into_containers | bool
|
||||||
with_dict: "{{ searchlight_config_jsons }}"
|
|
||||||
notify:
|
|
||||||
- "Restart {{ item.key }} container"
|
|
||||||
|
|
||||||
- name: Copying over config.json files for services
|
- name: Copying over config.json files for services
|
||||||
template:
|
template:
|
||||||
|
6
ansible/roles/searchlight/tasks/copy-certs.yml
Normal file
6
ansible/roles/searchlight/tasks/copy-certs.yml
Normal file
@ -0,0 +1,6 @@
|
|||||||
|
---
|
||||||
|
- name: "Copy certificates and keys for {{ project_name }}"
|
||||||
|
import_role:
|
||||||
|
role: service-cert-copy
|
||||||
|
vars:
|
||||||
|
project_services: "{{ searchlight_services }}"
|
@ -31,19 +31,9 @@
|
|||||||
when:
|
when:
|
||||||
- senlin_policy.results
|
- senlin_policy.results
|
||||||
|
|
||||||
- name: Copying over extra CA certificates
|
- include_tasks: copy-certs.yml
|
||||||
become: true
|
|
||||||
copy:
|
|
||||||
src: "{{ node_config }}/certificates/ca/"
|
|
||||||
dest: "{{ node_config_directory }}/{{ item.key }}/ca-certificates"
|
|
||||||
mode: "0644"
|
|
||||||
when:
|
when:
|
||||||
- item.value.enabled | bool
|
|
||||||
- inventory_hostname in groups[item.value.group]
|
|
||||||
- kolla_copy_ca_into_containers | bool
|
- kolla_copy_ca_into_containers | bool
|
||||||
with_dict: "{{ senlin_services }}"
|
|
||||||
notify:
|
|
||||||
- "Restart {{ item.key }} container"
|
|
||||||
|
|
||||||
- name: Copying over config.json files for services
|
- name: Copying over config.json files for services
|
||||||
template:
|
template:
|
||||||
|
6
ansible/roles/senlin/tasks/copy-certs.yml
Normal file
6
ansible/roles/senlin/tasks/copy-certs.yml
Normal file
@ -0,0 +1,6 @@
|
|||||||
|
---
|
||||||
|
- name: "Copy certificates and keys for {{ project_name }}"
|
||||||
|
import_role:
|
||||||
|
role: service-cert-copy
|
||||||
|
vars:
|
||||||
|
project_services: "{{ senlin_services }}"
|
@ -12,19 +12,9 @@
|
|||||||
- item.value.enabled | bool
|
- item.value.enabled | bool
|
||||||
with_dict: "{{ skydive_services }}"
|
with_dict: "{{ skydive_services }}"
|
||||||
|
|
||||||
- name: Copying over extra CA certificates
|
- include_tasks: copy-certs.yml
|
||||||
become: true
|
|
||||||
copy:
|
|
||||||
src: "{{ node_config }}/certificates/ca/"
|
|
||||||
dest: "{{ node_config_directory }}/{{ item.key }}/ca-certificates"
|
|
||||||
mode: "0644"
|
|
||||||
when:
|
when:
|
||||||
- item.value.enabled | bool
|
|
||||||
- inventory_hostname in groups[item.value.group]
|
|
||||||
- kolla_copy_ca_into_containers | bool
|
- kolla_copy_ca_into_containers | bool
|
||||||
with_dict: "{{ skydive_services }}"
|
|
||||||
notify:
|
|
||||||
- "Restart {{ item.key }} container"
|
|
||||||
|
|
||||||
- name: Copying over default config.json files
|
- name: Copying over default config.json files
|
||||||
template:
|
template:
|
||||||
|
6
ansible/roles/skydive/tasks/copy-certs.yml
Normal file
6
ansible/roles/skydive/tasks/copy-certs.yml
Normal file
@ -0,0 +1,6 @@
|
|||||||
|
---
|
||||||
|
- name: "Copy certificates and keys for {{ project_name }}"
|
||||||
|
import_role:
|
||||||
|
role: service-cert-copy
|
||||||
|
vars:
|
||||||
|
project_services: "{{ skydive_services }}"
|
@ -12,19 +12,9 @@
|
|||||||
- item.value.enabled | bool
|
- item.value.enabled | bool
|
||||||
with_dict: "{{ solum_services }}"
|
with_dict: "{{ solum_services }}"
|
||||||
|
|
||||||
- name: Copying over extra CA certificates
|
- include_tasks: copy-certs.yml
|
||||||
become: true
|
|
||||||
copy:
|
|
||||||
src: "{{ node_config }}/certificates/ca/"
|
|
||||||
dest: "{{ node_config_directory }}/{{ item.key }}/ca-certificates"
|
|
||||||
mode: "0644"
|
|
||||||
when:
|
when:
|
||||||
- item.value.enabled | bool
|
|
||||||
- inventory_hostname in groups[item.value.group]
|
|
||||||
- kolla_copy_ca_into_containers | bool
|
- kolla_copy_ca_into_containers | bool
|
||||||
with_dict: "{{ solum_services }}"
|
|
||||||
notify:
|
|
||||||
- "Restart {{ item.key }} container"
|
|
||||||
|
|
||||||
- name: Copying over config.json files for services
|
- name: Copying over config.json files for services
|
||||||
template:
|
template:
|
||||||
|
6
ansible/roles/solum/tasks/copy-certs.yml
Normal file
6
ansible/roles/solum/tasks/copy-certs.yml
Normal file
@ -0,0 +1,6 @@
|
|||||||
|
---
|
||||||
|
- name: "Copy certificates and keys for {{ project_name }}"
|
||||||
|
import_role:
|
||||||
|
role: service-cert-copy
|
||||||
|
vars:
|
||||||
|
project_services: "{{ solum_services }}"
|
@ -28,19 +28,9 @@
|
|||||||
- "swift-proxy-server"
|
- "swift-proxy-server"
|
||||||
- "swift-rsyncd"
|
- "swift-rsyncd"
|
||||||
|
|
||||||
- name: Copying over extra CA certificates
|
- include_tasks: copy-certs.yml
|
||||||
become: true
|
|
||||||
copy:
|
|
||||||
src: "{{ node_config }}/certificates/ca/"
|
|
||||||
dest: "{{ node_config_directory }}/{{ item.key }}/ca-certificates"
|
|
||||||
mode: "0644"
|
|
||||||
when:
|
when:
|
||||||
- item.value.enabled | bool
|
|
||||||
- inventory_hostname in groups[item.value.group]
|
|
||||||
- kolla_copy_ca_into_containers | bool
|
- kolla_copy_ca_into_containers | bool
|
||||||
with_dict: "{{ swift_services }}"
|
|
||||||
notify:
|
|
||||||
- "Restart {{ item.key }} container"
|
|
||||||
|
|
||||||
- name: Copying over config.json files for services
|
- name: Copying over config.json files for services
|
||||||
template:
|
template:
|
||||||
|
6
ansible/roles/swift/tasks/copy-certs.yml
Normal file
6
ansible/roles/swift/tasks/copy-certs.yml
Normal file
@ -0,0 +1,6 @@
|
|||||||
|
---
|
||||||
|
- name: "Copy certificates and keys for {{ project_name }}"
|
||||||
|
import_role:
|
||||||
|
role: service-cert-copy
|
||||||
|
vars:
|
||||||
|
project_services: "{{ swift_services }}"
|
@ -31,19 +31,9 @@
|
|||||||
when:
|
when:
|
||||||
- tacker_policy.results
|
- tacker_policy.results
|
||||||
|
|
||||||
- name: Copying over extra CA certificates
|
- include_tasks: copy-certs.yml
|
||||||
become: true
|
|
||||||
copy:
|
|
||||||
src: "{{ node_config }}/certificates/ca/"
|
|
||||||
dest: "{{ node_config_directory }}/{{ item.key }}/ca-certificates"
|
|
||||||
mode: "0644"
|
|
||||||
when:
|
when:
|
||||||
- item.value.enabled | bool
|
|
||||||
- inventory_hostname in groups[item.value.group]
|
|
||||||
- kolla_copy_ca_into_containers | bool
|
- kolla_copy_ca_into_containers | bool
|
||||||
with_dict: "{{ tacker_services }}"
|
|
||||||
notify:
|
|
||||||
- "Restart {{ item.key }} container"
|
|
||||||
|
|
||||||
- name: Copying over config.json files for services
|
- name: Copying over config.json files for services
|
||||||
template:
|
template:
|
||||||
|
6
ansible/roles/tacker/tasks/copy-certs.yml
Normal file
6
ansible/roles/tacker/tasks/copy-certs.yml
Normal file
@ -0,0 +1,6 @@
|
|||||||
|
---
|
||||||
|
- name: "Copy certificates and keys for {{ project_name }}"
|
||||||
|
import_role:
|
||||||
|
role: service-cert-copy
|
||||||
|
vars:
|
||||||
|
project_services: "{{ tacker_services }}"
|
@ -12,19 +12,9 @@
|
|||||||
- item.value.enabled | bool
|
- item.value.enabled | bool
|
||||||
with_dict: "{{ telegraf_services }}"
|
with_dict: "{{ telegraf_services }}"
|
||||||
|
|
||||||
- name: Copying over extra CA certificates
|
- include_tasks: copy-certs.yml
|
||||||
become: true
|
|
||||||
copy:
|
|
||||||
src: "{{ node_config }}/certificates/ca/"
|
|
||||||
dest: "{{ node_config_directory }}/{{ item.key }}/ca-certificates"
|
|
||||||
mode: "0644"
|
|
||||||
when:
|
when:
|
||||||
- item.value.enabled | bool
|
|
||||||
- inventory_hostname in groups[item.value.group]
|
|
||||||
- kolla_copy_ca_into_containers | bool
|
- kolla_copy_ca_into_containers | bool
|
||||||
with_dict: "{{ telegraf_services }}"
|
|
||||||
notify:
|
|
||||||
- "Restart {{ item.key }} container"
|
|
||||||
|
|
||||||
- name: Copying over default config.json files
|
- name: Copying over default config.json files
|
||||||
template:
|
template:
|
||||||
|
6
ansible/roles/telegraf/tasks/copy-certs.yml
Normal file
6
ansible/roles/telegraf/tasks/copy-certs.yml
Normal file
@ -0,0 +1,6 @@
|
|||||||
|
---
|
||||||
|
- name: "Copy certificates and keys for {{ project_name }}"
|
||||||
|
import_role:
|
||||||
|
role: service-cert-copy
|
||||||
|
vars:
|
||||||
|
project_services: "{{ telegraf_services }}"
|
@ -12,19 +12,9 @@
|
|||||||
- item.value.enabled | bool
|
- item.value.enabled | bool
|
||||||
with_dict: "{{ tempest_services }}"
|
with_dict: "{{ tempest_services }}"
|
||||||
|
|
||||||
- name: Copying over extra CA certificates
|
- include_tasks: copy-certs.yml
|
||||||
become: true
|
|
||||||
copy:
|
|
||||||
src: "{{ node_config }}/certificates/ca/"
|
|
||||||
dest: "{{ node_config_directory }}/{{ item.key }}/ca-certificates"
|
|
||||||
mode: "0644"
|
|
||||||
when:
|
when:
|
||||||
- item.value.enabled | bool
|
|
||||||
- inventory_hostname in groups[item.value.group]
|
|
||||||
- kolla_copy_ca_into_containers | bool
|
- kolla_copy_ca_into_containers | bool
|
||||||
with_dict: "{{ tempest_services }}"
|
|
||||||
notify:
|
|
||||||
- "Restart {{ item.key }} container"
|
|
||||||
|
|
||||||
- name: Copying over config.json files for services
|
- name: Copying over config.json files for services
|
||||||
template:
|
template:
|
||||||
|
6
ansible/roles/tempest/tasks/copy-certs.yml
Normal file
6
ansible/roles/tempest/tasks/copy-certs.yml
Normal file
@ -0,0 +1,6 @@
|
|||||||
|
---
|
||||||
|
- name: "Copy certificates and keys for {{ project_name }}"
|
||||||
|
import_role:
|
||||||
|
role: service-cert-copy
|
||||||
|
vars:
|
||||||
|
project_services: "{{ tempest_services }}"
|
@ -31,19 +31,9 @@
|
|||||||
when:
|
when:
|
||||||
- trove_policy.results
|
- trove_policy.results
|
||||||
|
|
||||||
- name: Copying over extra CA certificates
|
- include_tasks: copy-certs.yml
|
||||||
become: true
|
|
||||||
copy:
|
|
||||||
src: "{{ node_config }}/certificates/ca/"
|
|
||||||
dest: "{{ node_config_directory }}/{{ item.key }}/ca-certificates"
|
|
||||||
mode: "0644"
|
|
||||||
when:
|
when:
|
||||||
- item.value.enabled | bool
|
|
||||||
- inventory_hostname in groups[item.value.group]
|
|
||||||
- kolla_copy_ca_into_containers | bool
|
- kolla_copy_ca_into_containers | bool
|
||||||
with_dict: "{{ trove_services }}"
|
|
||||||
notify:
|
|
||||||
- "Restart {{ item.key }} container"
|
|
||||||
|
|
||||||
- name: Copying over config.json files for services
|
- name: Copying over config.json files for services
|
||||||
template:
|
template:
|
||||||
|
6
ansible/roles/trove/tasks/copy-certs.yml
Normal file
6
ansible/roles/trove/tasks/copy-certs.yml
Normal file
@ -0,0 +1,6 @@
|
|||||||
|
---
|
||||||
|
- name: "Copy certificates and keys for {{ project_name }}"
|
||||||
|
import_role:
|
||||||
|
role: service-cert-copy
|
||||||
|
vars:
|
||||||
|
project_services: "{{ trove_services }}"
|
@ -31,19 +31,9 @@
|
|||||||
when:
|
when:
|
||||||
- vitrage_policy.results
|
- vitrage_policy.results
|
||||||
|
|
||||||
- name: Copying over extra CA certificates
|
- include_tasks: copy-certs.yml
|
||||||
become: true
|
|
||||||
copy:
|
|
||||||
src: "{{ node_config }}/certificates/ca/"
|
|
||||||
dest: "{{ node_config_directory }}/{{ item.key }}/ca-certificates"
|
|
||||||
mode: "0644"
|
|
||||||
when:
|
when:
|
||||||
- item.value.enabled | bool
|
|
||||||
- inventory_hostname in groups[item.value.group]
|
|
||||||
- kolla_copy_ca_into_containers | bool
|
- kolla_copy_ca_into_containers | bool
|
||||||
with_dict: "{{ vitrage_services }}"
|
|
||||||
notify:
|
|
||||||
- "Restart {{ item.key }} container"
|
|
||||||
|
|
||||||
- name: Copying over config.json files for services
|
- name: Copying over config.json files for services
|
||||||
template:
|
template:
|
||||||
|
6
ansible/roles/vitrage/tasks/copy-certs.yml
Normal file
6
ansible/roles/vitrage/tasks/copy-certs.yml
Normal file
@ -0,0 +1,6 @@
|
|||||||
|
---
|
||||||
|
- name: "Copy certificates and keys for {{ project_name }}"
|
||||||
|
import_role:
|
||||||
|
role: service-cert-copy
|
||||||
|
vars:
|
||||||
|
project_services: "{{ vitrage_services }}"
|
@ -31,19 +31,9 @@
|
|||||||
when:
|
when:
|
||||||
- watcher_policy.results
|
- watcher_policy.results
|
||||||
|
|
||||||
- name: Copying over extra CA certificates
|
- include_tasks: copy-certs.yml
|
||||||
become: true
|
|
||||||
copy:
|
|
||||||
src: "{{ node_config }}/certificates/ca/"
|
|
||||||
dest: "{{ node_config_directory }}/{{ item.key }}/ca-certificates"
|
|
||||||
mode: "0644"
|
|
||||||
when:
|
when:
|
||||||
- item.value.enabled | bool
|
|
||||||
- inventory_hostname in groups[item.value.group]
|
|
||||||
- kolla_copy_ca_into_containers | bool
|
- kolla_copy_ca_into_containers | bool
|
||||||
with_dict: "{{ watcher_services }}"
|
|
||||||
notify:
|
|
||||||
- "Restart {{ item.key }} container"
|
|
||||||
|
|
||||||
- name: Copying over config.json files for services
|
- name: Copying over config.json files for services
|
||||||
template:
|
template:
|
||||||
|
6
ansible/roles/watcher/tasks/copy-certs.yml
Normal file
6
ansible/roles/watcher/tasks/copy-certs.yml
Normal file
@ -0,0 +1,6 @@
|
|||||||
|
---
|
||||||
|
- name: "Copy certificates and keys for {{ project_name }}"
|
||||||
|
import_role:
|
||||||
|
role: service-cert-copy
|
||||||
|
vars:
|
||||||
|
project_services: "{{ watcher_services }}"
|
@ -31,19 +31,9 @@
|
|||||||
when:
|
when:
|
||||||
- zun_policy.results
|
- zun_policy.results
|
||||||
|
|
||||||
- name: Copying over extra CA certificates
|
- include_tasks: copy-certs.yml
|
||||||
become: true
|
|
||||||
copy:
|
|
||||||
src: "{{ node_config }}/certificates/ca/"
|
|
||||||
dest: "{{ node_config_directory }}/{{ item.key }}/ca-certificates"
|
|
||||||
mode: "0644"
|
|
||||||
when:
|
when:
|
||||||
- item.value.enabled | bool
|
|
||||||
- inventory_hostname in groups[item.value.group]
|
|
||||||
- kolla_copy_ca_into_containers | bool
|
- kolla_copy_ca_into_containers | bool
|
||||||
with_dict: "{{ zun_services }}"
|
|
||||||
notify:
|
|
||||||
- "Restart {{ item.key }} container"
|
|
||||||
|
|
||||||
- name: Copying over config.json files for services
|
- name: Copying over config.json files for services
|
||||||
template:
|
template:
|
||||||
|
6
ansible/roles/zun/tasks/copy-certs.yml
Normal file
6
ansible/roles/zun/tasks/copy-certs.yml
Normal file
@ -0,0 +1,6 @@
|
|||||||
|
---
|
||||||
|
- name: "Copy certificates and keys for {{ project_name }}"
|
||||||
|
import_role:
|
||||||
|
role: service-cert-copy
|
||||||
|
vars:
|
||||||
|
project_services: "{{ zun_services }}"
|
Loading…
Reference in New Issue
Block a user