openstack/kolla-ansible
Code Issues Proposed changes
kolla-ansible/ansible/roles/neutron/tasks/config.yml
Eduardo Gonzalez ef1fd6b8c0 Custom policy files 
Allow operators to use their custom policy files.
Avoid maintain policy files in kolla repos, only copying
the files when an operator add their custom config.

Implements: blueprint custom-policies
Change-Id: Icf3c961b87cbc7a1f1dd2ffbfffcf271d151d862
2016-10-28 10:47:05 +01:00

197 lines
6.1 KiB
YAML
Raw Blame History

---
- name: Setting sysctl values
sysctl: name={{ item.name }} value={{ item.value }} sysctl_set=yes
with_items:
- { name: "net.ipv4.ip_forward", value: 1}
- { name: "net.ipv4.conf.all.rp_filter", value: 0}
- { name: "net.ipv4.conf.default.rp_filter", value: 0}
when:
- set_sysctl | bool
- inventory_hostname in groups['neutron-l3-agent']
or inventory_hostname in groups['neutron-vpnaas-agent']
- name: Ensuring config directories exist
file:
path: "{{ node_config_directory }}/{{ item }}"
state: "directory"
recurse: yes
with_items:
- "neutron-dhcp-agent"
- "neutron-l3-agent"
- "neutron-linuxbridge-agent"
- "neutron-metadata-agent"
- "neutron-openvswitch-agent"
- "neutron-server"
- "openvswitch-db-server"
- "openvswitch-vswitchd"
- "neutron-lbaas-agent"
- "neutron-vpnaas-agent"
- name: Copying over config.json files for services
template:
src: "{{ item }}.json.j2"
dest: "{{ node_config_directory }}/{{ item }}/config.json"
with_items:
- "neutron-dhcp-agent"
- "neutron-l3-agent"
- "neutron-linuxbridge-agent"
- "neutron-metadata-agent"
- "neutron-openvswitch-agent"
- "neutron-server"
- "openvswitch-db-server"
- "openvswitch-vswitchd"
- "neutron-lbaas-agent"
- "neutron-vpnaas-agent"
- name: Copying over neutron.conf
merge_configs:
vars:
service_name: "{{ item }}"
sources:
- "{{ role_path }}/templates/neutron.conf.j2"
- "{{ node_custom_config }}/global.conf"
- "{{ node_custom_config }}/database.conf"
- "{{ node_custom_config }}/messaging.conf"
- "{{ node_custom_config }}/neutron.conf"
- "{{ node_custom_config }}/neutron/{{ item }}.conf"
- "{{ node_custom_config }}/neutron/{{ inventory_hostname }}/neutron.conf"
dest: "{{ node_config_directory }}/{{ item }}/neutron.conf"
with_items:
- "neutron-dhcp-agent"
- "neutron-l3-agent"
- "neutron-linuxbridge-agent"
- "neutron-metadata-agent"
- "neutron-openvswitch-agent"
- "neutron-server"
- "neutron-lbaas-agent"
- "neutron-vpnaas-agent"
- name: Copying over neutron_lbaas.conf
merge_configs:
vars:
service_name: "{{ item }}"
sources:
- "{{ role_path }}/templates/neutron_lbaas.conf.j2"
- "{{ node_custom_config }}/neutron/neutron_lbaas.conf"
- "{{ node_custom_config }}/neutron/{{ inventory_hostname }}/neutron_lbaas.conf"
dest: "{{ node_config_directory }}/{{ item }}/neutron_lbaas.conf"
with_items:
- "neutron-server"
- name: Copying over neutron_vpnaas.conf
merge_configs:
vars:
service_name: "{{ item }}"
sources:
- "{{ role_path }}/templates/neutron_vpnaas.conf.j2"
- "{{ node_custom_config }}/neutron/neutron_vpnaas.conf"
- "{{ node_custom_config }}/neutron/{{ inventory_hostname }}/neutron_vpnaas.conf"
dest: "{{ node_config_directory }}/{{ item }}/neutron_vpnaas.conf"
with_items:
- "neutron-server"
- name: Copying over ml2_conf.ini
merge_configs:
vars:
service_name: "{{ item }}"
sources:
- "{{ role_path }}/templates/ml2_conf.ini.j2"
- "{{ node_custom_config }}/neutron/ml2_conf.ini"
- "{{ node_custom_config }}/neutron/{{ inventory_hostname }}/ml2_conf.ini"
dest: "{{ node_config_directory }}/{{ item }}/ml2_conf.ini"
with_items:
- "neutron-dhcp-agent"
- "neutron-l3-agent"
- "neutron-linuxbridge-agent"
- "neutron-lbaas-agent"
- "neutron-metadata-agent"
- "neutron-openvswitch-agent"
- "neutron-server"
- "neutron-vpnaas-agent"
- name: Copying over dhcp_agent.ini
merge_configs:
vars:
service_name: "{{ item }}"
sources:
- "{{ role_path }}/templates/dhcp_agent.ini.j2"
- "{{ node_custom_config }}/neutron/dhcp_agent.ini"
dest: "{{ node_config_directory }}/{{ item }}/dhcp_agent.ini"
with_items:
- "neutron-dhcp-agent"
- name: Copying over dnsmasq.conf
template:
src: "dnsmasq.conf.j2"
dest: "{{ node_config_directory }}/{{ item }}/dnsmasq.conf"
with_items:
- "neutron-dhcp-agent"
- name: Copying over l3_agent.ini
merge_configs:
vars:
service_name: "{{ item }}"
sources:
- "{{ role_path }}/templates/l3_agent.ini.j2"
- "{{ node_custom_config }}/neutron/l3_agent.ini"
dest: "{{ node_config_directory }}/{{ item }}/l3_agent.ini"
with_items:
- "neutron-l3-agent"
- "neutron-vpnaas-agent"
- name: Copying over fwaas_driver.ini
merge_configs:
vars:
service_name: "{{ item }}"
sources:
- "{{ role_path }}/templates/fwaas_driver.ini.j2"
- "{{ node_custom_config }}/neutron/fwaas_driver.ini"
dest: "{{ node_config_directory }}/{{ item }}/fwaas_driver.ini"
with_items:
- "neutron-l3-agent"
- "neutron-vpnaas-agent"
- name: Copying over metadata_agent.ini
merge_configs:
vars:
service_name: "{{ item }}"
sources:
- "{{ role_path }}/templates/metadata_agent.ini.j2"
- "{{ node_custom_config }}/neutron/metadata_agent.ini"
dest: "{{ node_config_directory }}/{{ item }}/metadata_agent.ini"
with_items:
- "neutron-metadata-agent"
- name: Copying over lbaas_agent.ini
merge_configs:
vars:
service_name: "{{ item }}"
sources:
- "{{ role_path }}/templates/lbaas_agent.ini.j2"
- "{{ node_custom_config }}/neutron/lbaas_agent.ini"
dest: "{{ node_config_directory }}/{{ item }}/lbaas_agent.ini"
with_items:
- "neutron-lbaas-agent"
- name: Copying over vpnaas_agent.ini
merge_configs:
vars:
service_name: "{{ item }}"
sources:
- "{{ role_path }}/templates/vpnaas_agent.ini.j2"
- "/etc/kolla/config/neutron/vpnaas_agent.ini"
dest: "{{ node_config_directory }}/{{ item }}/vpnaas_agent.ini"
with_items:
- "neutron-vpnaas-agent"
- name: Check if policies shall be overwritten
local_action: stat path="{{ node_custom_config }}/neutron/policy.json"
register: neutron_policy
- name: Copying over existing policy.json
template:
src: "{{ node_custom_config }}/neutron/policy.json"
dest: "{{ node_config_directory }}/neutron/policy.json"
when:
neutron_policy.stat.exists
View Git Blame Copy Permalink