openstack/kolla-ansible
Code Issues Proposed changes
1bb4acbf9a
kolla-ansible/ansible/roles/nova-cell/tasks/config.yml
Mark Goddard 4e41acd8f0 libvirt: make it possible to run libvirt on the host 
In some cases it may be desirable to run the libvirt daemon on the host.
For example, when mixing host and container OS distributions or
versions.

This change makes it possible to disable the nova_libvirt container, by
setting enable_nova_libvirt_container to false. The default values of
some Docker mounts and other paths have been updated to point to default
host directories rather than Docker volumes when using a host libvirt
daemon.

This change does not handle migration of existing systems from using
a nova_libvirt container to libvirt on the host.

Depends-On: https://review.opendev.org/c/openstack/ansible-collection-kolla/+/830504

Change-Id: Ia1239069ccee39416b20959cbabad962c56693cf
2022-03-21 11:54:31 +00:00

188 lines
5.6 KiB
YAML
Raw Blame History

---
- name: Ensuring config directories exist
become: true
file:
path: "{{ node_config_directory }}/{{ item.key }}"
state: "directory"
owner: "{{ config_owner_user }}"
group: "{{ config_owner_group }}"
mode: "0770"
when:
- inventory_hostname in groups[item.value.group]
- item.value.enabled | bool
with_dict: "{{ nova_cell_services }}"
- include_tasks: copy-certs.yml
when:
- kolla_copy_ca_into_containers | bool
- include_tasks: external_ceph.yml
when:
- (nova_backend == "rbd" or cinder_backend_ceph | bool)
- inventory_hostname in groups[nova_cell_compute_group]
- name: Check if policies shall be overwritten
stat:
path: "{{ item }}"
delegate_to: localhost
run_once: True
register: nova_policy
with_first_found:
- files: "{{ supported_policy_format_list }}"
paths:
- "{{ node_custom_config }}/nova/"
skip: true
- name: Set nova policy file
set_fact:
nova_policy_file: "{{ nova_policy.results.0.stat.path | basename }}"
nova_policy_file_path: "{{ nova_policy.results.0.stat.path }}"
when:
- nova_policy.results
- name: Copying over config.json files for services
become: true
template:
src: "{{ item.key }}.json.j2"
dest: "{{ node_config_directory }}/{{ item.key }}/config.json"
mode: "0660"
when:
- inventory_hostname in groups[item.value.group]
- item.value.enabled | bool
with_dict: "{{ nova_cell_services }}"
notify:
- "Restart {{ item.key }} container"
- name: Copying over nova.conf
become: true
vars:
service_name: "{{ item.key }}"
merge_configs:
sources:
- "{{ role_path }}/templates/nova.conf.j2"
- "{{ node_custom_config }}/global.conf"
- "{{ node_custom_config }}/nova.conf"
- "{{ node_custom_config }}/nova/{{ item.key }}.conf"
- "{{ node_custom_config }}/nova/{{ inventory_hostname }}/nova.conf"
dest: "{{ node_config_directory }}/{{ item.key }}/nova.conf"
mode: "0660"
when:
- inventory_hostname in groups[item.value.group]
- item.value.enabled | bool
- item.key in nova_cell_services_require_nova_conf
with_dict: "{{ nova_cell_services }}"
notify:
- "Restart {{ item.key }} container"
- name: Copying over libvirt configuration
become: true
vars:
service: "{{ nova_cell_services['nova-libvirt'] }}"
template:
src: "{{ item.src }}"
dest: "{{ node_config_directory }}/nova-libvirt/{{ item.dest }}"
mode: "0660"
when:
- inventory_hostname in groups[service.group]
- service.enabled | bool
with_items:
- { src: "qemu.conf.j2", dest: "qemu.conf" }
- { src: "libvirtd.conf.j2", dest: "libvirtd.conf" }
notify:
- Restart nova-libvirt container
- name: Copying over libvirt TLS keys
include_tasks: config-libvirt-tls.yml
when:
- inventory_hostname in groups[nova_cell_compute_group]
- libvirt_tls | bool
- libvirt_tls_manage_certs | bool
- name: Copying over libvirt SASL configuration
become: true
vars:
service_name: "{{ item.service }}"
service: "{{ nova_cell_services[service_name] }}"
template:
src: "{{ item.src }}"
dest: "{{ node_config_directory }}/{{ service_name }}/{{ item.dest }}"
mode: "0660"
when:
- libvirt_enable_sasl | bool
- inventory_hostname in groups[service.group]
- service.enabled | bool
with_items:
- { src: "auth.conf.j2", dest: "auth.conf", service: "nova-compute" }
- { src: "auth.conf.j2", dest: "auth.conf", service: "nova-libvirt" }
- { src: "sasl.conf.j2", dest: "sasl.conf", service: "nova-libvirt" }
notify:
- Restart {{ service_name }} container
- name: Copying files for nova-ssh
become: true
vars:
service: "{{ nova_cell_services['nova-ssh'] }}"
template:
src: "{{ item.src }}"
dest: "{{ node_config_directory }}/nova-ssh/{{ item.dest }}"
mode: "0660"
when:
- inventory_hostname in groups[service.group]
- service.enabled | bool
with_items:
- { src: "sshd_config.j2", dest: "sshd_config" }
- { src: "id_rsa", dest: "id_rsa" }
- { src: "id_rsa.pub", dest: "id_rsa.pub" }
- { src: "ssh_config.j2", dest: "ssh_config" }
notify:
- Restart nova-ssh container
- name: Copying VMware vCenter CA file
vars:
service: "{{ nova_cell_services['nova-compute'] }}"
copy:
src: "{{ node_custom_config }}/vmware_ca"
dest: "{{ node_config_directory }}/nova-compute/vmware_ca"
mode: "0660"
when:
- nova_compute_virt_type == "vmware"
- not vmware_vcenter_insecure | bool
- inventory_hostname in groups[service.group]
- service.enabled | bool
notify:
- Restart nova-compute container
- name: Copying 'release' file for nova_compute
vars:
service: "{{ nova_cell_services['nova-compute'] }}"
copy:
src: "{{ item }}"
dest: "{{ node_config_directory }}/nova-compute/release"
mode: "0660"
with_first_found:
- files:
- "{{ node_custom_config }}/nova_compute/{{ inventory_hostname }}/release"
- "{{ node_custom_config }}/nova_compute/release"
- "{{ node_custom_config }}/nova/release"
skip: true
when:
- inventory_hostname in groups[service.group]
- service.enabled | bool
notify:
- Restart nova-compute container
- name: Copying over existing policy file
become: true
template:
src: "{{ nova_policy_file_path }}"
dest: "{{ node_config_directory }}/{{ item.key }}/{{ nova_policy_file }}"
mode: "0660"
when:
- inventory_hostname in groups[item.value.group]
- item.value.enabled | bool
- nova_policy_file is defined
- item.key in nova_cell_services_require_policy_json
with_dict: "{{ nova_cell_services }}"
notify:
- "Restart {{ item.key }} container"
View Git Blame Copy Permalink