Fix up config file permissions on the host
Several config file permissions are incorrect on the host. In general, files should be 0660, and directories and executables 0770. Change-Id: Id276ac1864f280554e98b937f2845bb424d521de Closes-Bug: #1821579
This commit is contained in:
Mark Goddard
parent
0b67ce93eb
commit
a4bb8567da
@ -20,6 +20,7 @@
|
|||||||
file:
|
file:
|
||||||
path: /etc/sudoers.d/kolla-ansible-users
|
path: /etc/sudoers.d/kolla-ansible-users
|
||||||
state: touch
|
state: touch
|
||||||
|
mode: "0640"
|
||||||
become: True
|
become: True
|
||||||
when: create_kolla_user_sudoers | bool
|
when: create_kolla_user_sudoers | bool
|
||||||
|
|
||||||
|
|||||||
@ -21,7 +21,7 @@
|
|||||||
src: "{{ node_custom_config }}/ceilometer/polling.yaml"
|
src: "{{ node_custom_config }}/ceilometer/polling.yaml"
|
||||||
dest: "{{ node_config_directory }}/{{ item.key }}/polling.yaml"
|
dest: "{{ node_config_directory }}/{{ item.key }}/polling.yaml"
|
||||||
force: True
|
force: True
|
||||||
mode: "0600"
|
mode: "0660"
|
||||||
become: true
|
become: true
|
||||||
register: ceilometer_polling_overwriting
|
register: ceilometer_polling_overwriting
|
||||||
when:
|
when:
|
||||||
@ -123,6 +123,7 @@
|
|||||||
template:
|
template:
|
||||||
src: "pipeline.yaml.j2"
|
src: "pipeline.yaml.j2"
|
||||||
dest: "{{ node_config_directory }}/{{ item.key }}/pipeline.yaml"
|
dest: "{{ node_config_directory }}/{{ item.key }}/pipeline.yaml"
|
||||||
|
mode: "0660"
|
||||||
become: true
|
become: true
|
||||||
register: ceilometer_pipelines
|
register: ceilometer_pipelines
|
||||||
when:
|
when:
|
||||||
@ -163,6 +164,7 @@
|
|||||||
copy:
|
copy:
|
||||||
src: "{{ node_custom_config }}/vmware_ca"
|
src: "{{ node_custom_config }}/vmware_ca"
|
||||||
dest: "{{ node_config_directory }}/ceilometer-compute/vmware_ca"
|
dest: "{{ node_config_directory }}/ceilometer-compute/vmware_ca"
|
||||||
|
mode: "0660"
|
||||||
register: vcenter_ca_file
|
register: vcenter_ca_file
|
||||||
when:
|
when:
|
||||||
- nova_compute_virt_type == "vmware"
|
- nova_compute_virt_type == "vmware"
|
||||||
|
|||||||
@ -60,7 +60,7 @@
|
|||||||
template:
|
template:
|
||||||
src: "{{ item }}"
|
src: "{{ item }}"
|
||||||
dest: "{{ node_config_directory }}/ceph-nfs/ganesha.conf"
|
dest: "{{ node_config_directory }}/ceph-nfs/ganesha.conf"
|
||||||
mode: 0600
|
mode: "0600"
|
||||||
become: true
|
become: true
|
||||||
when:
|
when:
|
||||||
- inventory_hostname in groups['ceph-nfs']
|
- inventory_hostname in groups['ceph-nfs']
|
||||||
|
|||||||
@ -35,7 +35,7 @@
|
|||||||
[mds.{{ item.item }}]
|
[mds.{{ item.item }}]
|
||||||
key = {{ item.keyring.key }}
|
key = {{ item.keyring.key }}
|
||||||
dest: "{{ node_config_directory }}/ceph-mds/ceph.mds.{{ inventory_hostname }}.keyring"
|
dest: "{{ node_config_directory }}/ceph-mds/ceph.mds.{{ inventory_hostname }}.keyring"
|
||||||
mode: 0600
|
mode: "0600"
|
||||||
when:
|
when:
|
||||||
- inventory_hostname == item.item
|
- inventory_hostname == item.item
|
||||||
with_items: "{{ ceph_mds_auth.results }}"
|
with_items: "{{ ceph_mds_auth.results }}"
|
||||||
|
|||||||
@ -15,7 +15,7 @@
|
|||||||
[mgr.{{ item.item }}]
|
[mgr.{{ item.item }}]
|
||||||
key = {{ item.keyring.key }}
|
key = {{ item.keyring.key }}
|
||||||
dest: "{{ node_config_directory }}/ceph-mgr/ceph.mgr.{{ inventory_hostname }}.keyring"
|
dest: "{{ node_config_directory }}/ceph-mgr/ceph.mgr.{{ inventory_hostname }}.keyring"
|
||||||
mode: 0600
|
mode: "0600"
|
||||||
when:
|
when:
|
||||||
- inventory_hostname == item.item
|
- inventory_hostname == item.item
|
||||||
with_items: "{{ ceph_mgr_keyring.results }}"
|
with_items: "{{ ceph_mgr_keyring.results }}"
|
||||||
|
|||||||
@ -68,6 +68,7 @@
|
|||||||
template:
|
template:
|
||||||
src: "{{ item }}"
|
src: "{{ item }}"
|
||||||
dest: "{{ node_config_directory }}/cinder-api/cinder-wsgi.conf"
|
dest: "{{ node_config_directory }}/cinder-api/cinder-wsgi.conf"
|
||||||
|
mode: "0660"
|
||||||
with_first_found:
|
with_first_found:
|
||||||
- "{{ node_custom_config }}/cinder/{{ inventory_hostname }}/cinder-wsgi.conf"
|
- "{{ node_custom_config }}/cinder/{{ inventory_hostname }}/cinder-wsgi.conf"
|
||||||
- "{{ node_custom_config }}/cinder/cinder-wsgi.conf"
|
- "{{ node_custom_config }}/cinder/cinder-wsgi.conf"
|
||||||
@ -108,6 +109,7 @@
|
|||||||
template:
|
template:
|
||||||
src: "{{ cinder_policy_file_path }}"
|
src: "{{ cinder_policy_file_path }}"
|
||||||
dest: "{{ node_config_directory }}/{{ item.key }}/{{ cinder_policy_file }}"
|
dest: "{{ node_config_directory }}/{{ item.key }}/{{ cinder_policy_file }}"
|
||||||
|
mode: "0660"
|
||||||
register: cinder_policy_overwriting
|
register: cinder_policy_overwriting
|
||||||
when:
|
when:
|
||||||
- item.value.enabled | bool
|
- item.value.enabled | bool
|
||||||
@ -125,6 +127,7 @@
|
|||||||
template:
|
template:
|
||||||
src: "{{ item }}"
|
src: "{{ item }}"
|
||||||
dest: "{{ node_config_directory }}/cinder-volume/nfs_shares"
|
dest: "{{ node_config_directory }}/cinder-volume/nfs_shares"
|
||||||
|
mode: "0660"
|
||||||
with_first_found:
|
with_first_found:
|
||||||
- files:
|
- files:
|
||||||
- "{{ node_custom_config }}/nfs_shares.j2"
|
- "{{ node_custom_config }}/nfs_shares.j2"
|
||||||
|
|||||||
@ -16,6 +16,7 @@
|
|||||||
file:
|
file:
|
||||||
path: "{{ node_config_directory }}/{{ item }}"
|
path: "{{ node_config_directory }}/{{ item }}"
|
||||||
state: "directory"
|
state: "directory"
|
||||||
|
mode: "0770"
|
||||||
become: true
|
become: true
|
||||||
with_items:
|
with_items:
|
||||||
- "fluentd"
|
- "fluentd"
|
||||||
@ -72,6 +73,7 @@
|
|||||||
template:
|
template:
|
||||||
src: "{{ item.path }}"
|
src: "{{ item.path }}"
|
||||||
dest: "{{ node_config_directory }}/fluentd/input/{{ item.path | basename }}"
|
dest: "{{ node_config_directory }}/fluentd/input/{{ item.path | basename }}"
|
||||||
|
mode: "0660"
|
||||||
register: fluentd_input_custom
|
register: fluentd_input_custom
|
||||||
when:
|
when:
|
||||||
- enable_fluentd | bool
|
- enable_fluentd | bool
|
||||||
@ -172,6 +174,7 @@
|
|||||||
template:
|
template:
|
||||||
src: "{{ item.path }}"
|
src: "{{ item.path }}"
|
||||||
dest: "{{ node_config_directory }}/fluentd/format/{{ item.path | basename }}"
|
dest: "{{ node_config_directory }}/fluentd/format/{{ item.path | basename }}"
|
||||||
|
mode: "0660"
|
||||||
register: fluentd_format_custom
|
register: fluentd_format_custom
|
||||||
when:
|
when:
|
||||||
- enable_fluentd | bool
|
- enable_fluentd | bool
|
||||||
|
|||||||
@ -3,6 +3,7 @@
|
|||||||
template:
|
template:
|
||||||
src: "{{ node_custom_config }}/designate/rndc.conf"
|
src: "{{ node_custom_config }}/designate/rndc.conf"
|
||||||
dest: "{{ node_config_directory }}/{{ item.key }}/rndc.conf"
|
dest: "{{ node_config_directory }}/{{ item.key }}/rndc.conf"
|
||||||
|
mode: "0660"
|
||||||
register: designate_rndc_conf
|
register: designate_rndc_conf
|
||||||
when:
|
when:
|
||||||
- designate_backend_external == 'bind9'
|
- designate_backend_external == 'bind9'
|
||||||
@ -17,6 +18,7 @@
|
|||||||
template:
|
template:
|
||||||
src: "{{ node_custom_config }}/designate/rndc.key"
|
src: "{{ node_custom_config }}/designate/rndc.key"
|
||||||
dest: "{{ node_config_directory }}/{{ item.key }}/rndc.key"
|
dest: "{{ node_config_directory }}/{{ item.key }}/rndc.key"
|
||||||
|
mode: "0660"
|
||||||
register: designate_rndc_key_file
|
register: designate_rndc_key_file
|
||||||
when:
|
when:
|
||||||
- designate_backend_external == 'bind9'
|
- designate_backend_external == 'bind9'
|
||||||
|
|||||||
@ -160,7 +160,7 @@
|
|||||||
template:
|
template:
|
||||||
src: "{{ designate_policy_file_path }}"
|
src: "{{ designate_policy_file_path }}"
|
||||||
dest: "{{ node_config_directory }}/{{ item.key }}/{{ designate_policy_file }}"
|
dest: "{{ node_config_directory }}/{{ item.key }}/{{ designate_policy_file }}"
|
||||||
mode: "0770"
|
mode: "0660"
|
||||||
become: true
|
become: true
|
||||||
register: designate_policy_overwriting
|
register: designate_policy_overwriting
|
||||||
when:
|
when:
|
||||||
|
|||||||
@ -83,7 +83,7 @@
|
|||||||
template:
|
template:
|
||||||
src: "{{ freezer_policy_file_path }}"
|
src: "{{ freezer_policy_file_path }}"
|
||||||
dest: "{{ node_config_directory }}/{{ item.key }}/{{ freezer_policy_file }}"
|
dest: "{{ node_config_directory }}/{{ item.key }}/{{ freezer_policy_file }}"
|
||||||
mode: "0770"
|
mode: "0660"
|
||||||
become: true
|
become: true
|
||||||
register: freezer_policy_overwriting
|
register: freezer_policy_overwriting
|
||||||
when:
|
when:
|
||||||
|
|||||||
@ -6,6 +6,7 @@
|
|||||||
- "{{ node_custom_config }}/ceph.conf"
|
- "{{ node_custom_config }}/ceph.conf"
|
||||||
- "{{ node_custom_config }}/ceph/{{ inventory_hostname }}/ceph.conf"
|
- "{{ node_custom_config }}/ceph/{{ inventory_hostname }}/ceph.conf"
|
||||||
dest: "{{ node_config_directory }}/{{ item }}/ceph.conf"
|
dest: "{{ node_config_directory }}/{{ item }}/ceph.conf"
|
||||||
|
mode: "0660"
|
||||||
become: true
|
become: true
|
||||||
when: inventory_hostname in groups[item]
|
when: inventory_hostname in groups[item]
|
||||||
with_items:
|
with_items:
|
||||||
|
|||||||
@ -99,6 +99,7 @@
|
|||||||
template:
|
template:
|
||||||
src: "{{ gnocchi_policy_file_path }}"
|
src: "{{ gnocchi_policy_file_path }}"
|
||||||
dest: "{{ node_config_directory }}/{{ item.key }}/{{ gnocchi_policy_file }}"
|
dest: "{{ node_config_directory }}/{{ item.key }}/{{ gnocchi_policy_file }}"
|
||||||
|
mode: "0660"
|
||||||
register: gnocchi_policy_overwriting
|
register: gnocchi_policy_overwriting
|
||||||
when:
|
when:
|
||||||
- gnocchi_policy_file is defined
|
- gnocchi_policy_file is defined
|
||||||
|
|||||||
@ -3,6 +3,7 @@
|
|||||||
template:
|
template:
|
||||||
src: "{{ node_custom_config }}/gnocchi/ceph.conf"
|
src: "{{ node_custom_config }}/gnocchi/ceph.conf"
|
||||||
dest: "{{ node_config_directory }}/{{ item }}/ceph.conf"
|
dest: "{{ node_config_directory }}/{{ item }}/ceph.conf"
|
||||||
|
mode: "0660"
|
||||||
become: true
|
become: true
|
||||||
when: inventory_hostname in groups[item]
|
when: inventory_hostname in groups[item]
|
||||||
with_items:
|
with_items:
|
||||||
@ -18,6 +19,7 @@
|
|||||||
copy:
|
copy:
|
||||||
src: "{{ node_custom_config }}/gnocchi/ceph.client.gnocchi.keyring"
|
src: "{{ node_custom_config }}/gnocchi/ceph.client.gnocchi.keyring"
|
||||||
dest: "{{ node_config_directory }}/{{ item }}/ceph.client.gnocchi.keyring"
|
dest: "{{ node_config_directory }}/{{ item }}/ceph.client.gnocchi.keyring"
|
||||||
|
mode: "0660"
|
||||||
become: true
|
become: true
|
||||||
when: inventory_hostname in groups[item]
|
when: inventory_hostname in groups[item]
|
||||||
with_items:
|
with_items:
|
||||||
|
|||||||
@ -73,6 +73,7 @@
|
|||||||
template:
|
template:
|
||||||
src: "{{ node_custom_config }}/grafana/grafana_home_dashboard.json"
|
src: "{{ node_custom_config }}/grafana/grafana_home_dashboard.json"
|
||||||
dest: "{{ node_config_directory }}/grafana/grafana_home_dashboard.json"
|
dest: "{{ node_config_directory }}/grafana/grafana_home_dashboard.json"
|
||||||
|
mode: "0660"
|
||||||
register: grafana_home_dashboard
|
register: grafana_home_dashboard
|
||||||
when: grafana_custom_dashboard_file.stat.exists
|
when: grafana_custom_dashboard_file.stat.exists
|
||||||
notify:
|
notify:
|
||||||
|
|||||||
@ -245,7 +245,7 @@
|
|||||||
template:
|
template:
|
||||||
src: "{{ ironic_policy_file_path }}"
|
src: "{{ ironic_policy_file_path }}"
|
||||||
dest: "{{ node_config_directory }}/{{ item.key }}/{{ ironic_policy_file }}"
|
dest: "{{ node_config_directory }}/{{ item.key }}/{{ ironic_policy_file }}"
|
||||||
mode: "0770"
|
mode: "0660"
|
||||||
become: true
|
become: true
|
||||||
register: ironic_policy_jsons
|
register: ironic_policy_jsons
|
||||||
when:
|
when:
|
||||||
|
|||||||
@ -91,6 +91,7 @@
|
|||||||
file:
|
file:
|
||||||
dest: "{{ node_config_directory }}/keystone/domains/"
|
dest: "{{ node_config_directory }}/keystone/domains/"
|
||||||
state: "directory"
|
state: "directory"
|
||||||
|
mode: "0770"
|
||||||
become: true
|
become: true
|
||||||
when:
|
when:
|
||||||
- inventory_hostname in groups[keystone.group]
|
- inventory_hostname in groups[keystone.group]
|
||||||
|
|||||||
@ -110,6 +110,7 @@
|
|||||||
template:
|
template:
|
||||||
src: "{{ manila_policy_file_path }}"
|
src: "{{ manila_policy_file_path }}"
|
||||||
dest: "{{ node_config_directory }}/{{ item.key }}/{{ manila_policy_file }}"
|
dest: "{{ node_config_directory }}/{{ item.key }}/{{ manila_policy_file }}"
|
||||||
|
mode: "0660"
|
||||||
register: manila_policy_overwriting
|
register: manila_policy_overwriting
|
||||||
when:
|
when:
|
||||||
- manila_policy_file is defined
|
- manila_policy_file is defined
|
||||||
|
|||||||
@ -4,12 +4,17 @@
|
|||||||
when: not has_cluster | bool
|
when: not has_cluster | bool
|
||||||
|
|
||||||
- name: Cleaning up temp file on mariadb hosts
|
- name: Cleaning up temp file on mariadb hosts
|
||||||
file: path=/tmp/kolla_mariadb_grastate.dat state=absent
|
file:
|
||||||
|
path: /tmp/kolla_mariadb_grastate.dat
|
||||||
|
state: absent
|
||||||
changed_when: false
|
changed_when: false
|
||||||
check_mode: no
|
check_mode: no
|
||||||
|
|
||||||
- name: Cleaning up temp file on localhost
|
- name: Cleaning up temp file on localhost
|
||||||
local_action: file path=/tmp/kolla_mariadb_recover_inventory_name state=absent
|
local_action:
|
||||||
|
module: file
|
||||||
|
path: /tmp/kolla_mariadb_recover_inventory_name
|
||||||
|
state: absent
|
||||||
changed_when: false
|
changed_when: false
|
||||||
check_mode: no
|
check_mode: no
|
||||||
run_once: true
|
run_once: true
|
||||||
@ -50,7 +55,9 @@
|
|||||||
register: wsrep_recovery_seqno
|
register: wsrep_recovery_seqno
|
||||||
|
|
||||||
- name: Removing MariaDB log file from /tmp
|
- name: Removing MariaDB log file from /tmp
|
||||||
file: path=/tmp/mariadb_tmp.log state=absent
|
file:
|
||||||
|
path: /tmp/mariadb_tmp.log
|
||||||
|
state: absent
|
||||||
changed_when: false
|
changed_when: false
|
||||||
check_mode: no
|
check_mode: no
|
||||||
|
|
||||||
|
|||||||
@ -86,6 +86,7 @@
|
|||||||
template:
|
template:
|
||||||
src: "{{ item }}"
|
src: "{{ item }}"
|
||||||
dest: "{{ node_config_directory }}/mistral-event-engine/event_definitions.yaml"
|
dest: "{{ node_config_directory }}/mistral-event-engine/event_definitions.yaml"
|
||||||
|
mode: "0660"
|
||||||
register: mistral_event_definitions_confs
|
register: mistral_event_definitions_confs
|
||||||
when:
|
when:
|
||||||
- inventory_hostname in groups[service.group]
|
- inventory_hostname in groups[service.group]
|
||||||
|
|||||||
@ -36,7 +36,7 @@
|
|||||||
template:
|
template:
|
||||||
src: "{{ item.key }}.json.j2"
|
src: "{{ item.key }}.json.j2"
|
||||||
dest: "{{ node_config_directory }}/{{ item.key }}/config.json"
|
dest: "{{ node_config_directory }}/{{ item.key }}/config.json"
|
||||||
mode: "0770"
|
mode: "0660"
|
||||||
register: neutron_config_jsons
|
register: neutron_config_jsons
|
||||||
when:
|
when:
|
||||||
- item.value.enabled | bool
|
- item.value.enabled | bool
|
||||||
@ -94,6 +94,7 @@
|
|||||||
- "{{ node_custom_config }}/neutron/neutron_lbaas.conf"
|
- "{{ node_custom_config }}/neutron/neutron_lbaas.conf"
|
||||||
- "{{ node_custom_config }}/neutron/{{ inventory_hostname }}/neutron_lbaas.conf"
|
- "{{ node_custom_config }}/neutron/{{ inventory_hostname }}/neutron_lbaas.conf"
|
||||||
dest: "{{ node_config_directory }}/{{ item.key }}/neutron_lbaas.conf"
|
dest: "{{ node_config_directory }}/{{ item.key }}/neutron_lbaas.conf"
|
||||||
|
mode: "0660"
|
||||||
register: neutron_lbaas_confs
|
register: neutron_lbaas_confs
|
||||||
when:
|
when:
|
||||||
- item.value.enabled | bool
|
- item.value.enabled | bool
|
||||||
@ -116,6 +117,7 @@
|
|||||||
- "{{ node_custom_config }}/neutron/neutron_vpnaas.conf"
|
- "{{ node_custom_config }}/neutron/neutron_vpnaas.conf"
|
||||||
- "{{ node_custom_config }}/neutron/{{ inventory_hostname }}/neutron_vpnaas.conf"
|
- "{{ node_custom_config }}/neutron/{{ inventory_hostname }}/neutron_vpnaas.conf"
|
||||||
dest: "{{ node_config_directory }}/{{ item.key }}/neutron_vpnaas.conf"
|
dest: "{{ node_config_directory }}/{{ item.key }}/neutron_vpnaas.conf"
|
||||||
|
mode: "0660"
|
||||||
register: neutron_vpnaas_confs
|
register: neutron_vpnaas_confs
|
||||||
when:
|
when:
|
||||||
- item.value.enabled | bool
|
- item.value.enabled | bool
|
||||||
@ -185,6 +187,7 @@
|
|||||||
- "{{ node_custom_config }}/neutron/sriov_agent.ini"
|
- "{{ node_custom_config }}/neutron/sriov_agent.ini"
|
||||||
- "{{ node_custom_config }}/neutron/{{ inventory_hostname }}/sriov_agent.ini"
|
- "{{ node_custom_config }}/neutron/{{ inventory_hostname }}/sriov_agent.ini"
|
||||||
dest: "{{ node_config_directory }}/{{ service_name }}/sriov_agent.ini"
|
dest: "{{ node_config_directory }}/{{ service_name }}/sriov_agent.ini"
|
||||||
|
mode: "0660"
|
||||||
register: neutron_sriov_agent_ini
|
register: neutron_sriov_agent_ini
|
||||||
when:
|
when:
|
||||||
- neutron_sriov_agent.enabled | bool
|
- neutron_sriov_agent.enabled | bool
|
||||||
@ -353,6 +356,7 @@
|
|||||||
- "{{ role_path }}/templates/bgp_dragent.ini.j2"
|
- "{{ role_path }}/templates/bgp_dragent.ini.j2"
|
||||||
- "{{ node_custom_config }}/neutron/bgp_dragent.ini"
|
- "{{ node_custom_config }}/neutron/bgp_dragent.ini"
|
||||||
dest: "{{ node_config_directory }}/{{ service_name }}/bgp_dragent.ini"
|
dest: "{{ node_config_directory }}/{{ service_name }}/bgp_dragent.ini"
|
||||||
|
mode: "0660"
|
||||||
register: neutron_bgp_dragent_ini
|
register: neutron_bgp_dragent_ini
|
||||||
when:
|
when:
|
||||||
- neutron_bgp_dragent.enabled | bool
|
- neutron_bgp_dragent.enabled | bool
|
||||||
@ -375,6 +379,7 @@
|
|||||||
- "{{ node_custom_config }}/neutron/nsx.ini"
|
- "{{ node_custom_config }}/neutron/nsx.ini"
|
||||||
- "{{ node_custom_config }}/neutron/{{ inventory_hostname }}/nsx.ini"
|
- "{{ node_custom_config }}/neutron/{{ inventory_hostname }}/nsx.ini"
|
||||||
dest: "{{ node_config_directory }}/{{ service_name }}/nsx.ini"
|
dest: "{{ node_config_directory }}/{{ service_name }}/nsx.ini"
|
||||||
|
mode: "0660"
|
||||||
register: nsx_ini
|
register: nsx_ini
|
||||||
when:
|
when:
|
||||||
- neutron_server.enabled | bool
|
- neutron_server.enabled | bool
|
||||||
@ -420,6 +425,7 @@
|
|||||||
template:
|
template:
|
||||||
src: neutron-l3-agent-wrapper.sh.j2
|
src: neutron-l3-agent-wrapper.sh.j2
|
||||||
dest: "{{ node_config_directory }}/{{ service_name }}/neutron-l3-agent-wrapper.sh"
|
dest: "{{ node_config_directory }}/{{ service_name }}/neutron-l3-agent-wrapper.sh"
|
||||||
|
mode: "0770"
|
||||||
register: neutron_l3_agent_wrapper
|
register: neutron_l3_agent_wrapper
|
||||||
when:
|
when:
|
||||||
- service.enabled | bool
|
- service.enabled | bool
|
||||||
|
|||||||
@ -4,7 +4,7 @@
|
|||||||
file:
|
file:
|
||||||
path: "{{ node_config_directory }}/nova-compute-fake-{{ item }}"
|
path: "{{ node_config_directory }}/nova-compute-fake-{{ item }}"
|
||||||
state: "directory"
|
state: "directory"
|
||||||
recurse: yes
|
mode: "0770"
|
||||||
with_sequence: start=1 end={{ num_nova_fake_per_node }}
|
with_sequence: start=1 end={{ num_nova_fake_per_node }}
|
||||||
notify:
|
notify:
|
||||||
- Restart nova-compute-fake containers
|
- Restart nova-compute-fake containers
|
||||||
|
|||||||
@ -62,7 +62,7 @@
|
|||||||
template:
|
template:
|
||||||
src: "{{ item.key }}.json.j2"
|
src: "{{ item.key }}.json.j2"
|
||||||
dest: "{{ node_config_directory }}/{{ item.key }}/config.json"
|
dest: "{{ node_config_directory }}/{{ item.key }}/config.json"
|
||||||
mode: "0770"
|
mode: "0660"
|
||||||
register: config_jsons
|
register: config_jsons
|
||||||
when:
|
when:
|
||||||
- inventory_hostname in groups[item.value.group]
|
- inventory_hostname in groups[item.value.group]
|
||||||
@ -144,6 +144,7 @@
|
|||||||
copy:
|
copy:
|
||||||
src: "{{ node_custom_config }}/vmware_ca"
|
src: "{{ node_custom_config }}/vmware_ca"
|
||||||
dest: "{{ node_config_directory }}/nova-compute/vmware_ca"
|
dest: "{{ node_config_directory }}/nova-compute/vmware_ca"
|
||||||
|
mode: "0660"
|
||||||
register: vcenter_ca_file
|
register: vcenter_ca_file
|
||||||
when:
|
when:
|
||||||
- nova_compute_virt_type == "vmware"
|
- nova_compute_virt_type == "vmware"
|
||||||
@ -159,6 +160,7 @@
|
|||||||
copy:
|
copy:
|
||||||
src: "{{ item }}"
|
src: "{{ item }}"
|
||||||
dest: "{{ node_config_directory }}/nova-compute/release"
|
dest: "{{ node_config_directory }}/nova-compute/release"
|
||||||
|
mode: "0660"
|
||||||
with_first_found:
|
with_first_found:
|
||||||
- files:
|
- files:
|
||||||
- "{{ node_custom_config }}/nova_compute/{{ inventory_hostname }}/release"
|
- "{{ node_custom_config }}/nova_compute/{{ inventory_hostname }}/release"
|
||||||
@ -188,6 +190,7 @@
|
|||||||
template:
|
template:
|
||||||
src: "{{ nova_policy_file_path }}"
|
src: "{{ nova_policy_file_path }}"
|
||||||
dest: "{{ node_config_directory }}/{{ item.key }}/{{ nova_policy_file }}"
|
dest: "{{ node_config_directory }}/{{ item.key }}/{{ nova_policy_file }}"
|
||||||
|
mode: "0660"
|
||||||
register: nova_policy_overwriting
|
register: nova_policy_overwriting
|
||||||
when:
|
when:
|
||||||
- inventory_hostname in groups[item.value.group]
|
- inventory_hostname in groups[item.value.group]
|
||||||
|
|||||||
@ -104,6 +104,7 @@
|
|||||||
copy:
|
copy:
|
||||||
src: "{{ node_custom_config }}/octavia/{{ item }}"
|
src: "{{ node_custom_config }}/octavia/{{ item }}"
|
||||||
dest: "{{ node_config_directory }}/octavia-housekeeping/{{ item }}"
|
dest: "{{ node_config_directory }}/octavia-housekeeping/{{ item }}"
|
||||||
|
mode: "0660"
|
||||||
become: true
|
become: true
|
||||||
register: octavia_housekeeping_certificate
|
register: octavia_housekeeping_certificate
|
||||||
when:
|
when:
|
||||||
@ -122,6 +123,7 @@
|
|||||||
copy:
|
copy:
|
||||||
src: "{{ node_custom_config }}/octavia/{{ item }}"
|
src: "{{ node_custom_config }}/octavia/{{ item }}"
|
||||||
dest: "{{ node_config_directory }}/octavia-health-manager/{{ item }}"
|
dest: "{{ node_config_directory }}/octavia-health-manager/{{ item }}"
|
||||||
|
mode: "0660"
|
||||||
become: true
|
become: true
|
||||||
register: octavia_health_manager_certificate
|
register: octavia_health_manager_certificate
|
||||||
when:
|
when:
|
||||||
|
|||||||
@ -198,6 +198,7 @@
|
|||||||
template:
|
template:
|
||||||
src: "{{ item }}"
|
src: "{{ item }}"
|
||||||
dest: "{{ node_config_directory }}/opendaylight/10-rest-connector.xml"
|
dest: "{{ node_config_directory }}/opendaylight/10-rest-connector.xml"
|
||||||
|
mode: "0660"
|
||||||
become: true
|
become: true
|
||||||
with_first_found:
|
with_first_found:
|
||||||
- "{{ node_custom_config }}/opendaylight/{{ inventory_hostname }}/10-rest-connector.xml"
|
- "{{ node_custom_config }}/opendaylight/{{ inventory_hostname }}/10-rest-connector.xml"
|
||||||
|
|||||||
@ -24,7 +24,7 @@
|
|||||||
template:
|
template:
|
||||||
src: "{{ item.key }}.json.j2"
|
src: "{{ item.key }}.json.j2"
|
||||||
dest: "{{ node_config_directory }}/{{ item.key }}/config.json"
|
dest: "{{ node_config_directory }}/{{ item.key }}/config.json"
|
||||||
mode: "0770"
|
mode: "0660"
|
||||||
register: openvswitch_config_jsons
|
register: openvswitch_config_jsons
|
||||||
when:
|
when:
|
||||||
- item.value.enabled | bool
|
- item.value.enabled | bool
|
||||||
@ -40,6 +40,7 @@
|
|||||||
template:
|
template:
|
||||||
src: "{{ role_path }}/templates/start-ovs.j2"
|
src: "{{ role_path }}/templates/start-ovs.j2"
|
||||||
dest: "{{ node_config_directory }}/openvswitch-vswitchd/start-ovs"
|
dest: "{{ node_config_directory }}/openvswitch-vswitchd/start-ovs"
|
||||||
|
mode: "0770"
|
||||||
register: openvswitch_start_ovs
|
register: openvswitch_start_ovs
|
||||||
when:
|
when:
|
||||||
- inventory_hostname in groups[service.group]
|
- inventory_hostname in groups[service.group]
|
||||||
@ -54,6 +55,7 @@
|
|||||||
template:
|
template:
|
||||||
src: "{{ role_path }}/templates/start-ovsdb-server.j2"
|
src: "{{ role_path }}/templates/start-ovsdb-server.j2"
|
||||||
dest: "{{ node_config_directory }}/openvswitch-db-server/start-ovsdb-server"
|
dest: "{{ node_config_directory }}/openvswitch-db-server/start-ovsdb-server"
|
||||||
|
mode: "0770"
|
||||||
register: openvswitch_start_ovsdb_server
|
register: openvswitch_start_ovsdb_server
|
||||||
when:
|
when:
|
||||||
- inventory_hostname in groups[service.group]
|
- inventory_hostname in groups[service.group]
|
||||||
|
|||||||
@ -15,6 +15,7 @@
|
|||||||
template:
|
template:
|
||||||
src: "{{ item.key }}.json.j2"
|
src: "{{ item.key }}.json.j2"
|
||||||
dest: "{{ node_config_directory }}/{{ item.key }}/config.json"
|
dest: "{{ node_config_directory }}/{{ item.key }}/config.json"
|
||||||
|
mode: "0660"
|
||||||
register: ovsdpdk_config_jsons
|
register: ovsdpdk_config_jsons
|
||||||
when:
|
when:
|
||||||
- item.value.enabled | bool
|
- item.value.enabled | bool
|
||||||
@ -27,7 +28,7 @@
|
|||||||
copy:
|
copy:
|
||||||
src: ../tools/ovs-dpdkctl.sh
|
src: ../tools/ovs-dpdkctl.sh
|
||||||
dest: "{{ node_config_directory }}/ovsdpdk-db/ovs-dpdkctl.sh"
|
dest: "{{ node_config_directory }}/ovsdpdk-db/ovs-dpdkctl.sh"
|
||||||
mode: 0777
|
mode: "0770"
|
||||||
|
|
||||||
- name: Install ovs-dpdkctl service and config
|
- name: Install ovs-dpdkctl service and config
|
||||||
become: True
|
become: True
|
||||||
|
|||||||
@ -34,7 +34,7 @@
|
|||||||
template:
|
template:
|
||||||
src: "{{ item.key }}.json.j2"
|
src: "{{ item.key }}.json.j2"
|
||||||
dest: "{{ node_config_directory }}/{{ item.key }}/config.json"
|
dest: "{{ node_config_directory }}/{{ item.key }}/config.json"
|
||||||
mode: "0770"
|
mode: "0660"
|
||||||
when:
|
when:
|
||||||
- inventory_hostname in groups[item.value.group]
|
- inventory_hostname in groups[item.value.group]
|
||||||
- item.value.enabled | bool
|
- item.value.enabled | bool
|
||||||
@ -69,6 +69,7 @@
|
|||||||
template:
|
template:
|
||||||
src: "placement-api-wsgi.conf.j2"
|
src: "placement-api-wsgi.conf.j2"
|
||||||
dest: "{{ node_config_directory }}/placement-api/placement-api-wsgi.conf"
|
dest: "{{ node_config_directory }}/placement-api/placement-api-wsgi.conf"
|
||||||
|
mode: "0660"
|
||||||
when:
|
when:
|
||||||
- inventory_hostname in groups[service.group]
|
- inventory_hostname in groups[service.group]
|
||||||
- service.enabled | bool
|
- service.enabled | bool
|
||||||
@ -82,6 +83,7 @@
|
|||||||
template:
|
template:
|
||||||
src: "migrate-db.rc.j2"
|
src: "migrate-db.rc.j2"
|
||||||
dest: "{{ node_config_directory }}/placement-api/migrate-db.rc"
|
dest: "{{ node_config_directory }}/placement-api/migrate-db.rc"
|
||||||
|
mode: "0660"
|
||||||
when:
|
when:
|
||||||
- inventory_hostname in groups[service.group]
|
- inventory_hostname in groups[service.group]
|
||||||
- service.enabled | bool
|
- service.enabled | bool
|
||||||
@ -93,6 +95,7 @@
|
|||||||
template:
|
template:
|
||||||
src: "{{ placement_policy_file_path }}"
|
src: "{{ placement_policy_file_path }}"
|
||||||
dest: "{{ placement_config_directory }}/{{ item.key }}/{{ placement_policy_file }}"
|
dest: "{{ placement_config_directory }}/{{ item.key }}/{{ placement_policy_file }}"
|
||||||
|
mode: "0660"
|
||||||
when:
|
when:
|
||||||
- inventory_hostname in groups[item.value.group]
|
- inventory_hostname in groups[item.value.group]
|
||||||
- item.value.enabled | bool
|
- item.value.enabled | bool
|
||||||
|
|||||||
@ -17,6 +17,7 @@
|
|||||||
template:
|
template:
|
||||||
src: "{{ item.key }}.json.j2"
|
src: "{{ item.key }}.json.j2"
|
||||||
dest: "{{ node_config_directory }}/{{ item.key }}/config.json"
|
dest: "{{ node_config_directory }}/{{ item.key }}/config.json"
|
||||||
|
mode: "0660"
|
||||||
register: prometheus_config_jsons
|
register: prometheus_config_jsons
|
||||||
when:
|
when:
|
||||||
- inventory_hostname in groups[item.value.group]
|
- inventory_hostname in groups[item.value.group]
|
||||||
@ -60,6 +61,7 @@
|
|||||||
template:
|
template:
|
||||||
src: "{{ item }}"
|
src: "{{ item }}"
|
||||||
dest: "{{ node_config_directory }}/prometheus-server/prometheus.yml"
|
dest: "{{ node_config_directory }}/prometheus-server/prometheus.yml"
|
||||||
|
mode: "0660"
|
||||||
register: prometheus_confs
|
register: prometheus_confs
|
||||||
when:
|
when:
|
||||||
- inventory_hostname in groups[service.group]
|
- inventory_hostname in groups[service.group]
|
||||||
@ -78,6 +80,7 @@
|
|||||||
template:
|
template:
|
||||||
src: "{{ item }}"
|
src: "{{ item }}"
|
||||||
dest: "{{ node_config_directory }}/prometheus-alertmanager/prometheus-alertmanager.yml"
|
dest: "{{ node_config_directory }}/prometheus-alertmanager/prometheus-alertmanager.yml"
|
||||||
|
mode: "0660"
|
||||||
register: prometheus_alertmanager_confs
|
register: prometheus_alertmanager_confs
|
||||||
when:
|
when:
|
||||||
- inventory_hostname in groups[service.group]
|
- inventory_hostname in groups[service.group]
|
||||||
@ -99,6 +102,7 @@
|
|||||||
- "{{ node_custom_config }}/prometheus-mysqld-exporter/my.cnf"
|
- "{{ node_custom_config }}/prometheus-mysqld-exporter/my.cnf"
|
||||||
- "{{ role_path }}/templates/my.cnf.j2"
|
- "{{ role_path }}/templates/my.cnf.j2"
|
||||||
dest: "{{ node_config_directory }}/prometheus-mysqld-exporter/my.cnf"
|
dest: "{{ node_config_directory }}/prometheus-mysqld-exporter/my.cnf"
|
||||||
|
mode: "0660"
|
||||||
register: prometheus_conf_mycnf
|
register: prometheus_conf_mycnf
|
||||||
when:
|
when:
|
||||||
- inventory_hostname in groups[service.group]
|
- inventory_hostname in groups[service.group]
|
||||||
@ -112,6 +116,7 @@
|
|||||||
template:
|
template:
|
||||||
src: "{{ item }}"
|
src: "{{ item }}"
|
||||||
dest: "{{ node_config_directory }}/prometheus-openstack-exporter/clouds.yml"
|
dest: "{{ node_config_directory }}/prometheus-openstack-exporter/clouds.yml"
|
||||||
|
mode: "0660"
|
||||||
register: prometheus_openstack_exporter_confs
|
register: prometheus_openstack_exporter_confs
|
||||||
when:
|
when:
|
||||||
- inventory_hostname in groups[service.group]
|
- inventory_hostname in groups[service.group]
|
||||||
|
|||||||
@ -16,7 +16,7 @@
|
|||||||
template:
|
template:
|
||||||
src: "{{ item.key }}.json.j2"
|
src: "{{ item.key }}.json.j2"
|
||||||
dest: "{{ node_config_directory }}/{{ project_name }}/config.json"
|
dest: "{{ node_config_directory }}/{{ project_name }}/config.json"
|
||||||
mode: "0770"
|
mode: "0660"
|
||||||
become: true
|
become: true
|
||||||
when:
|
when:
|
||||||
- inventory_hostname in groups[item.value.group]
|
- inventory_hostname in groups[item.value.group]
|
||||||
@ -33,7 +33,7 @@
|
|||||||
template:
|
template:
|
||||||
src: "{{ item }}"
|
src: "{{ item }}"
|
||||||
dest: "{{ node_config_directory }}/{{ project_name }}/rabbitmq-env.conf"
|
dest: "{{ node_config_directory }}/{{ project_name }}/rabbitmq-env.conf"
|
||||||
mode: "0770"
|
mode: "0660"
|
||||||
with_first_found:
|
with_first_found:
|
||||||
- "{{ node_custom_config }}/rabbitmq/{{ inventory_hostname }}/rabbitmq-env.conf"
|
- "{{ node_custom_config }}/rabbitmq/{{ inventory_hostname }}/rabbitmq-env.conf"
|
||||||
- "{{ node_custom_config }}/rabbitmq/rabbitmq-env.conf"
|
- "{{ node_custom_config }}/rabbitmq/rabbitmq-env.conf"
|
||||||
@ -53,7 +53,7 @@
|
|||||||
template:
|
template:
|
||||||
src: "{{ item }}"
|
src: "{{ item }}"
|
||||||
dest: "{{ node_config_directory }}/{{ project_name }}/rabbitmq.conf"
|
dest: "{{ node_config_directory }}/{{ project_name }}/rabbitmq.conf"
|
||||||
mode: "0770"
|
mode: "0660"
|
||||||
with_first_found:
|
with_first_found:
|
||||||
- "{{ node_custom_config }}/rabbitmq/{{ inventory_hostname }}/rabbitmq.conf"
|
- "{{ node_custom_config }}/rabbitmq/{{ inventory_hostname }}/rabbitmq.conf"
|
||||||
- "{{ node_custom_config }}/rabbitmq/rabbitmq.conf"
|
- "{{ node_custom_config }}/rabbitmq/rabbitmq.conf"
|
||||||
@ -72,7 +72,7 @@
|
|||||||
template:
|
template:
|
||||||
src: "{{ item }}"
|
src: "{{ item }}"
|
||||||
dest: "{{ node_config_directory }}/{{ project_name }}/definitions.json"
|
dest: "{{ node_config_directory }}/{{ project_name }}/definitions.json"
|
||||||
mode: "0770"
|
mode: "0660"
|
||||||
with_first_found:
|
with_first_found:
|
||||||
- "{{ node_custom_config }}/rabbitmq/{{ inventory_hostname }}/definitions.json"
|
- "{{ node_custom_config }}/rabbitmq/{{ inventory_hostname }}/definitions.json"
|
||||||
- "{{ node_custom_config }}/rabbitmq/definitions.json"
|
- "{{ node_custom_config }}/rabbitmq/definitions.json"
|
||||||
|
|||||||
@ -193,6 +193,7 @@
|
|||||||
template:
|
template:
|
||||||
src: "{{ node_custom_config }}/swift/policy.json"
|
src: "{{ node_custom_config }}/swift/policy.json"
|
||||||
dest: "{{ node_config_directory }}/{{ item }}/policy.json"
|
dest: "{{ node_config_directory }}/{{ item }}/policy.json"
|
||||||
|
mode: "0660"
|
||||||
with_items:
|
with_items:
|
||||||
- "swift-account-auditor"
|
- "swift-account-auditor"
|
||||||
- "swift-account-reaper"
|
- "swift-account-reaper"
|
||||||
|
|||||||
@ -92,6 +92,7 @@
|
|||||||
template:
|
template:
|
||||||
src: "{{ trove_policy_file_path }}"
|
src: "{{ trove_policy_file_path }}"
|
||||||
dest: "{{ node_config_directory }}/{{ item.key }}/{{ trove_policy_file }}"
|
dest: "{{ node_config_directory }}/{{ item.key }}/{{ trove_policy_file }}"
|
||||||
|
mode: "0660"
|
||||||
register: trove_policy_overwriting
|
register: trove_policy_overwriting
|
||||||
when:
|
when:
|
||||||
- trove_policy_file is defined
|
- trove_policy_file is defined
|
||||||
|
|||||||
@ -70,6 +70,7 @@
|
|||||||
template:
|
template:
|
||||||
src: "{{ watcher_policy_file_path }}"
|
src: "{{ watcher_policy_file_path }}"
|
||||||
dest: "{{ node_config_directory }}/{{ item.key }}/{{ watcher_policy_file }}"
|
dest: "{{ node_config_directory }}/{{ item.key }}/{{ watcher_policy_file }}"
|
||||||
|
mode: "0660"
|
||||||
register: watcher_policy_overwriting
|
register: watcher_policy_overwriting
|
||||||
when:
|
when:
|
||||||
- watcher_policy_file is defined
|
- watcher_policy_file is defined
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user