--- - name: Ensuring config directories exist become: true file: path: "{{ node_config_directory }}/{{ item.key }}" state: "directory" owner: "{{ config_owner_user }}" group: "{{ config_owner_group }}" mode: "0770" when: - inventory_hostname in groups[item.value.group] - item.value.enabled | bool with_dict: "{{ nova_cell_services }}" - include_tasks: copy-certs.yml when: - kolla_copy_ca_into_containers | bool - include_tasks: external_ceph.yml when: - (nova_backend == "rbd" or cinder_backend_ceph | bool) - inventory_hostname in groups[nova_cell_compute_group] - name: Check if policies shall be overwritten stat: path: "{{ item }}" delegate_to: localhost run_once: True register: nova_policy with_first_found: - files: "{{ supported_policy_format_list }}" paths: - "{{ node_custom_config }}/nova/" skip: true - name: Set nova policy file set_fact: nova_policy_file: "{{ nova_policy.results.0.stat.path | basename }}" nova_policy_file_path: "{{ nova_policy.results.0.stat.path }}" when: - nova_policy.results - name: Copying over config.json files for services become: true template: src: "{{ item.key }}.json.j2" dest: "{{ node_config_directory }}/{{ item.key }}/config.json" mode: "0660" when: - inventory_hostname in groups[item.value.group] - item.value.enabled | bool with_dict: "{{ nova_cell_services }}" notify: - "Restart {{ item.key }} container" - name: Copying over nova.conf become: true vars: service_name: "{{ item.key }}" merge_configs: sources: - "{{ role_path }}/templates/nova.conf.j2" - "{{ node_custom_config }}/global.conf" - "{{ node_custom_config }}/nova.conf" - "{{ node_custom_config }}/nova/{{ item.key }}.conf" - "{{ node_custom_config }}/nova/{{ inventory_hostname }}/nova.conf" dest: "{{ node_config_directory }}/{{ item.key }}/nova.conf" mode: "0660" when: - inventory_hostname in groups[item.value.group] - item.value.enabled | bool - item.key in nova_cell_services_require_nova_conf with_dict: "{{ nova_cell_services }}" notify: - "Restart {{ item.key }} container" - name: Copying over libvirt configuration become: true vars: service: "{{ nova_cell_services['nova-libvirt'] }}" template: src: "{{ item.src }}" dest: "{{ node_config_directory }}/nova-libvirt/{{ item.dest }}" mode: "0660" when: - inventory_hostname in groups[service.group] - service.enabled | bool with_items: - { src: "qemu.conf.j2", dest: "qemu.conf" } - { src: "libvirtd.conf.j2", dest: "libvirtd.conf" } notify: - Restart nova-libvirt container - name: Copying over libvirt TLS keys include_tasks: config-libvirt-tls.yml when: - inventory_hostname in groups[nova_cell_compute_group] - libvirt_tls | bool - libvirt_tls_manage_certs | bool - name: Copying over libvirt SASL configuration become: true vars: service_name: "{{ item.service }}" service: "{{ nova_cell_services[service_name] }}" template: src: "{{ item.src }}" dest: "{{ node_config_directory }}/{{ service_name }}/{{ item.dest }}" mode: "0660" when: - libvirt_enable_sasl | bool - inventory_hostname in groups[service.group] - service.enabled | bool with_items: - { src: "auth.conf.j2", dest: "auth.conf", service: "nova-compute" } - { src: "auth.conf.j2", dest: "auth.conf", service: "nova-libvirt" } - { src: "sasl.conf.j2", dest: "sasl.conf", service: "nova-libvirt" } notify: - Restart {{ service_name }} container - name: Copying files for nova-ssh become: true vars: service: "{{ nova_cell_services['nova-ssh'] }}" template: src: "{{ item.src }}" dest: "{{ node_config_directory }}/nova-ssh/{{ item.dest }}" mode: "0660" when: - inventory_hostname in groups[service.group] - service.enabled | bool with_items: - { src: "sshd_config.j2", dest: "sshd_config" } - { src: "id_rsa", dest: "id_rsa" } - { src: "id_rsa.pub", dest: "id_rsa.pub" } - { src: "ssh_config.j2", dest: "ssh_config" } notify: - Restart nova-ssh container - name: Copying VMware vCenter CA file vars: service: "{{ nova_cell_services['nova-compute'] }}" copy: src: "{{ node_custom_config }}/vmware_ca" dest: "{{ node_config_directory }}/nova-compute/vmware_ca" mode: "0660" when: - nova_compute_virt_type == "vmware" - not vmware_vcenter_insecure | bool - inventory_hostname in groups[service.group] - service.enabled | bool notify: - Restart nova-compute container - name: Copying 'release' file for nova_compute vars: service: "{{ nova_cell_services['nova-compute'] }}" copy: src: "{{ item }}" dest: "{{ node_config_directory }}/nova-compute/release" mode: "0660" with_first_found: - files: - "{{ node_custom_config }}/nova_compute/{{ inventory_hostname }}/release" - "{{ node_custom_config }}/nova_compute/release" - "{{ node_custom_config }}/nova/release" skip: true when: - inventory_hostname in groups[service.group] - service.enabled | bool notify: - Restart nova-compute container - name: Copying over existing policy file become: true template: src: "{{ nova_policy_file_path }}" dest: "{{ node_config_directory }}/{{ item.key }}/{{ nova_policy_file }}" mode: "0660" when: - inventory_hostname in groups[item.value.group] - item.value.enabled | bool - nova_policy_file is defined - item.key in nova_cell_services_require_policy_json with_dict: "{{ nova_cell_services }}" notify: - "Restart {{ item.key }} container"