3411b9e420
Config plays do not need to check containers. This avoids skipping tasks during the genconfig action. Ironic and Glance rolling upgrades are handled specially. Swift and Bifrost do not use the handlers at all. Partially-Implements: blueprint performance-improvements Change-Id: I140bf71d62e8f0932c96270d1f08940a5ba4542a
144 lines
4.3 KiB
YAML
144 lines
4.3 KiB
YAML
---
|
|
- name: Ensuring config directories exist
|
|
file:
|
|
path: "{{ node_config_directory }}/{{ item.key }}"
|
|
state: "directory"
|
|
owner: "{{ config_owner_user }}"
|
|
group: "{{ config_owner_group }}"
|
|
mode: "0770"
|
|
become: true
|
|
when:
|
|
- inventory_hostname in groups[item.value.group]
|
|
- item.value.enabled | bool
|
|
with_dict: "{{ barbican_services }}"
|
|
|
|
- name: Ensuring vassals config directories exist
|
|
vars:
|
|
service: "{{ barbican_services['barbican-api'] }}"
|
|
file:
|
|
path: "{{ node_config_directory }}/{{ item }}"
|
|
state: "directory"
|
|
owner: "{{ config_owner_user }}"
|
|
group: "{{ config_owner_group }}"
|
|
mode: "0770"
|
|
become: true
|
|
when:
|
|
- inventory_hostname in groups[service.group]
|
|
- service.enabled | bool
|
|
with_items:
|
|
- "barbican-api/vassals"
|
|
|
|
- name: Check if policies shall be overwritten
|
|
stat:
|
|
path: "{{ item }}"
|
|
run_once: True
|
|
delegate_to: localhost
|
|
register: barbican_policy
|
|
with_first_found:
|
|
- files: "{{ supported_policy_format_list }}"
|
|
paths:
|
|
- "{{ node_custom_config }}/barbican/"
|
|
skip: true
|
|
|
|
- name: Set barbican policy file
|
|
set_fact:
|
|
barbican_policy_file: "{{ barbican_policy.results.0.stat.path | basename }}"
|
|
barbican_policy_file_path: "{{ barbican_policy.results.0.stat.path }}"
|
|
when:
|
|
- barbican_policy.results
|
|
|
|
- include_tasks: copy-certs.yml
|
|
when:
|
|
- kolla_copy_ca_into_containers | bool or barbican_enable_tls_backend | bool
|
|
|
|
- name: Copying over config.json files for services
|
|
template:
|
|
src: "{{ item.key }}.json.j2"
|
|
dest: "{{ node_config_directory }}/{{ item.key }}/config.json"
|
|
mode: "0660"
|
|
become: true
|
|
when:
|
|
- inventory_hostname in groups[item.value.group]
|
|
- item.value.enabled | bool
|
|
with_dict: "{{ barbican_services }}"
|
|
notify:
|
|
- Restart {{ item.key }} container
|
|
|
|
- name: Copying over barbican-api.ini
|
|
vars:
|
|
service: "{{ barbican_services['barbican-api'] }}"
|
|
merge_configs:
|
|
sources:
|
|
- "{{ role_path }}/templates/barbican-api.ini.j2"
|
|
- "{{ node_custom_config }}/barbican-api/barbican-api.ini"
|
|
- "{{ node_custom_config }}/barbican-api/{{ inventory_hostname }}/barbican-api.ini"
|
|
dest: "{{ node_config_directory }}/barbican-api/vassals/barbican-api.ini"
|
|
mode: "0660"
|
|
become: true
|
|
when:
|
|
- inventory_hostname in groups[service.group]
|
|
- service.enabled | bool
|
|
notify:
|
|
- Restart barbican-api container
|
|
|
|
- name: Checking whether barbican-api-paste.ini file exists
|
|
vars:
|
|
service: "{{ barbican_services['barbican-api'] }}"
|
|
stat:
|
|
path: "{{ node_custom_config }}/barbican/barbican-api-paste.ini"
|
|
run_once: True
|
|
delegate_to: localhost
|
|
register: check_barbican_api_paste_ini
|
|
when:
|
|
- inventory_hostname in groups[service.group]
|
|
- service.enabled | bool
|
|
|
|
- name: Copying over barbican-api-paste.ini
|
|
vars:
|
|
service: "{{ barbican_services['barbican-api'] }}"
|
|
template:
|
|
src: "{{ node_custom_config }}/barbican/barbican-api-paste.ini"
|
|
dest: "{{ node_config_directory }}/barbican-api/barbican-api-paste.ini"
|
|
mode: "0660"
|
|
become: true
|
|
when:
|
|
- inventory_hostname in groups[service.group]
|
|
- service.enabled | bool
|
|
- check_barbican_api_paste_ini.stat.exists
|
|
notify:
|
|
- Restart barbican-api container
|
|
|
|
- name: Copying over barbican.conf
|
|
vars:
|
|
service_name: "{{ item.key }}"
|
|
merge_configs:
|
|
sources:
|
|
- "{{ role_path }}/templates/barbican.conf.j2"
|
|
- "{{ node_custom_config }}/global.conf"
|
|
- "{{ node_custom_config }}/barbican.conf"
|
|
- "{{ node_custom_config }}/barbican/{{ item.key }}.conf"
|
|
- "{{ node_custom_config }}/barbican/{{ inventory_hostname }}/barbican.conf"
|
|
dest: "{{ node_config_directory }}/{{ item.key }}/barbican.conf"
|
|
mode: "0660"
|
|
become: true
|
|
when:
|
|
- item.value.enabled | bool
|
|
- inventory_hostname in groups[item.value.group]
|
|
with_dict: "{{ barbican_services }}"
|
|
notify:
|
|
- Restart {{ item.key }} container
|
|
|
|
- name: Copying over existing policy file
|
|
template:
|
|
src: "{{ barbican_policy_file_path }}"
|
|
dest: "{{ node_config_directory }}/{{ item.key }}/{{ barbican_policy_file }}"
|
|
mode: "0660"
|
|
become: true
|
|
when:
|
|
- barbican_policy_file is defined
|
|
- inventory_hostname in groups[item.value.group]
|
|
- item.value.enabled | bool
|
|
with_dict: "{{ barbican_services }}"
|
|
notify:
|
|
- Restart {{ item.key }} container
|