From 5250cd4c0a0948627f5f31ce2cb7629b09275863 Mon Sep 17 00:00:00 2001 From: Logan V Date: Sun, 14 Aug 2016 00:55:07 -0500 Subject: [PATCH] Consolidate Neutron config path in to a single var This is a follow up from I8c4c7f513074fbd154ab253182b83227628d44ef where it was proposed to consolidate the various static /etc/neutron path entries in the role to a single var defined in the defaults. Change-Id: Id2e8e4965bf6bda396e54ec8fe9586d920dcca00 --- defaults/main.yml | 41 ++++++++++++++------------ tasks/neutron_post_install.yml | 32 ++++++++++---------- tasks/neutron_pre_install.yml | 8 ++--- tasks/plumgrid_config.yml | 4 +-- templates/dhcp_agent.ini.j2 | 2 +- templates/neutron.conf.j2 | 2 +- templates/plugins/plumgrid/plumlib.ini | 2 +- templates/rootwrap.conf.j2 | 2 +- 8 files changed, 48 insertions(+), 45 deletions(-) diff --git a/defaults/main.yml b/defaults/main.yml index 013509e2..4e9c5c81 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -51,6 +51,9 @@ neutron_venv_download_url: http://127.0.0.1/venvs/untagged/ubuntu/neutron.tgz # Set the lib dir path to that of the local python path where neutron is installed. neutron_lib_dir: "{{ neutron_bin | dirname }}/lib/python2.7/site-packages/" +# Set the Neutron configuration path +neutron_conf_dir: /etc/neutron + # Enable/Disable Ceilometer neutron_ceilometer_enabled: False @@ -67,8 +70,8 @@ neutron_system_home_folder: "/var/lib/{{ neutron_system_user_name }}" ## DB neutron_galera_user: neutron neutron_galera_database: neutron -neutron_db_config: /etc/neutron/neutron.conf -neutron_db_plugin: "/etc/neutron/{{ neutron_plugins[neutron_plugin_type].plugin_ini }}" +neutron_db_config: "{{ neutron_conf_dir }}/neutron.conf" +neutron_db_plugin: "{{ neutron_conf_dir }}/{{ neutron_plugins[neutron_plugin_type].plugin_ini }}" neutron_db_max_overflow: 20 neutron_db_pool_size: 120 neutron_db_pool_timeout: 30 @@ -155,85 +158,85 @@ neutron_services: group: neutron_dhcp_agent service_name: neutron-dhcp-agent service_en: "{{ neutron_dhcp | bool }}" - service_conf_path: "/etc/neutron" + service_conf_path: "{{ neutron_conf_dir }}" service_conf: dhcp_agent.ini service_rootwrap: rootwrap.d/dhcp.filters - config_options: --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/dhcp_agent.ini --log-file=/var/log/neutron/neutron-dhcp-agent.log + config_options: "--config-file {{ neutron_conf_dir }}/neutron.conf --config-file {{ neutron_conf_dir }}/dhcp_agent.ini --log-file=/var/log/neutron/neutron-dhcp-agent.log" config_overrides: "{{ neutron_dhcp_agent_ini_overrides }}" config_type: "ini" neutron-openvswitch-agent: group: neutron_openvswitch_agent service_name: neutron-openvswitch-agent service_en: "{{ 'ml2.ovs' in neutron_plugin_type }}" - service_conf_path: "/etc/neutron" + service_conf_path: "{{ neutron_conf_dir }}" service_conf: plugins/ml2/openvswitch_agent.ini service_rootwrap: rootwrap.d/openvswitch-plugin.filters - config_options: --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini --config-file /etc/neutron/plugins/ml2/openvswitch_agent.ini --log-file=/var/log/neutron/neutron-openvswitch-agent.log + config_options: "--config-file {{ neutron_conf_dir }}/neutron.conf --config-file {{ neutron_conf_dir }}/plugins/ml2/ml2_conf.ini --config-file {{ neutron_conf_dir }}/plugins/ml2/openvswitch_agent.ini --log-file=/var/log/neutron/neutron-openvswitch-agent.log" config_overrides: "{{ neutron_openvswitch_agent_ini_overrides }}" config_type: "ini" neutron-linuxbridge-agent: group: neutron_linuxbridge_agent service_name: neutron-linuxbridge-agent service_en: "{{ neutron_plugin_type == 'ml2.lxb' }}" - service_conf_path: "/etc/neutron" + service_conf_path: "{{ neutron_conf_dir }}" service_conf: plugins/ml2/linuxbridge_agent.ini service_rootwrap: rootwrap.d/linuxbridge-plugin.filters - config_options: --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini --config-file /etc/neutron/plugins/ml2/linuxbridge_agent.ini --log-file=/var/log/neutron/neutron-linuxbridge-agent.log + config_options: "--config-file {{ neutron_conf_dir }}/neutron.conf --config-file {{ neutron_conf_dir }}/plugins/ml2/ml2_conf.ini --config-file {{ neutron_conf_dir }}/plugins/ml2/linuxbridge_agent.ini --log-file=/var/log/neutron/neutron-linuxbridge-agent.log" config_overrides: "{{ neutron_linuxbridge_agent_ini_overrides }}" config_type: "ini" neutron-metadata-agent: group: neutron_metadata_agent service_name: neutron-metadata-agent service_en: "{{ neutron_metadata | bool }}" - service_conf_path: "/etc/neutron" + service_conf_path: "{{ neutron_conf_dir }}" service_conf: metadata_agent.ini - config_options: --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/metadata_agent.ini --log-file=/var/log/neutron/neutron-metadata-agent.log + config_options: "--config-file {{ neutron_conf_dir }}/neutron.conf --config-file {{ neutron_conf_dir }}/metadata_agent.ini --log-file=/var/log/neutron/neutron-metadata-agent.log" config_overrides: "{{ neutron_metadata_agent_ini_overrides }}" config_type: "ini" neutron-metering-agent: group: neutron_metering_agent service_name: neutron-metering-agent service_en: "{{ neutron_metering | bool }}" - service_conf_path: "/etc/neutron" + service_conf_path: "{{ neutron_conf_dir }}" service_conf: metering_agent.ini - config_options: --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/metering_agent.ini --log-file=/var/log/neutron/neutron-metering-agent.log + config_options: "--config-file {{ neutron_conf_dir }}/neutron.conf --config-file {{ neutron_conf_dir }}/metering_agent.ini --log-file=/var/log/neutron/neutron-metering-agent.log" config_overrides: "{{ neutron_metering_agent_ini_overrides }}" config_type: "ini" neutron-l3-agent: group: neutron_l3_agent service_name: neutron-l3-agent service_en: "{{ neutron_l3 | bool }}" - service_conf_path: "/etc/neutron" + service_conf_path: "{{ neutron_conf_dir }}" service_conf: l3_agent.ini service_rootwrap: rootwrap.d/l3.filters - config_options: --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/l3_agent.ini --log-file=/var/log/neutron/neutron-l3-agent.log + config_options: "--config-file {{ neutron_conf_dir }}/neutron.conf --config-file {{ neutron_conf_dir }}/l3_agent.ini --log-file=/var/log/neutron/neutron-l3-agent.log" config_overrides: "{{ neutron_l3_agent_ini_overrides }}" config_type: "ini" neutron-lbaasv2-agent: group: neutron_lbaasv2_agent service_name: neutron-lbaasv2-agent service_en: "{{ neutron_lbaasv2 | bool }}" - service_conf_path: "/etc/neutron" + service_conf_path: "{{ neutron_conf_dir }}" service_conf: lbaas_agent.ini service_rootwrap: rootwrap.d/lbaas-haproxy.filters - config_options: --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/lbaas_agent.ini --log-file=/var/log/neutron/neutron-lbaasv2-agent.log + config_options: "--config-file {{ neutron_conf_dir }}/neutron.conf --config-file {{ neutron_conf_dir }}/lbaas_agent.ini --log-file=/var/log/neutron/neutron-lbaasv2-agent.log" config_overrides: "{{ neutron_lbaas_agent_ini_overrides }}" config_type: "ini" neutron-vpnaas-agent: group: neutron_l3_agent service_name: neutron-vpn-agent service_en: "{{ neutron_vpnaas | bool }}" - service_conf_path: "/etc/neutron" + service_conf_path: "{{ neutron_conf_dir }}" service_conf: vpnaas_agent.ini service_rootwrap: rootwrap.d/vpnaas.filters - config_options: --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/vpnaas_agent.ini --log-file=/var/log/neutron/neutron-vpn-agent.log + config_options: "--config-file {{ neutron_conf_dir }}/neutron.conf --config-file {{ neutron_conf_dir }}/vpnaas_agent.ini --log-file=/var/log/neutron/neutron-vpn-agent.log" config_overrides: "{{ neutron_vpnaas_agent_ini_overrides }}" config_type: "ini" neutron-server: group: neutron_server service_name: neutron-server service_en: True - config_options: "--config-file /etc/neutron/neutron.conf --config-file /etc/neutron/{{ neutron_plugins[neutron_plugin_type].plugin_ini }} --log-file=/var/log/neutron/neutron-server.log" + config_options: "--config-file {{ neutron_conf_dir }}/neutron.conf --config-file {{ neutron_conf_dir }}/{{ neutron_plugins[neutron_plugin_type].plugin_ini }} --log-file=/var/log/neutron/neutron-server.log" ## Neutron DHCP Agent neutron_dhcp: "{% if neutron_plugin_type.split('.')[0] == 'ml2' %}True{% else %}False{% endif %}" diff --git a/tasks/neutron_post_install.yml b/tasks/neutron_post_install.yml index 9eef9a39..37d2ef53 100644 --- a/tasks/neutron_post_install.yml +++ b/tasks/neutron_post_install.yml @@ -24,25 +24,25 @@ config_type: "{{ item.config_type }}" with_items: - src: "neutron.conf.j2" - dest: "/etc/neutron/neutron.conf" + dest: "{{ neutron_conf_dir }}/neutron.conf" config_overrides: "{{ neutron_neutron_conf_overrides }}" config_type: "ini" - src: "{{ neutron_plugins[neutron_plugin_type].plugin_ini }}.j2" - dest: "/etc/neutron/{{ neutron_plugins[neutron_plugin_type].plugin_ini }}" + dest: "{{ neutron_conf_dir }}/{{ neutron_plugins[neutron_plugin_type].plugin_ini }}" config_overrides: "{{ neutron_plugins[neutron_plugin_type].plugin_conf_ini_overrides }}" config_type: "ini" - src: "api-paste.ini.j2" - dest: "/etc/neutron/api-paste.ini" + dest: "{{ neutron_conf_dir }}/api-paste.ini" config_overrides: "{{ neutron_api_paste_ini_overrides }}" config_type: "ini" - src: "rootwrap.conf.j2" - dest: "/etc/neutron/rootwrap.conf" + dest: "{{ neutron_conf_dir }}/rootwrap.conf" owner: "root" group: "root" config_overrides: "{{ neutron_rootwrap_conf_overrides }}" config_type: "ini" - src: "policy.json.j2" - dest: "/etc/neutron/policy.json" + dest: "{{ neutron_conf_dir }}/policy.json" config_overrides: "{{ neutron_policy_overrides }}" config_type: "json" notify: @@ -51,7 +51,7 @@ - name: Generate neutron dnsmasq Config config_template: src: "dnsmasq-neutron.conf.j2" - dest: "/etc/neutron/dnsmasq-neutron.conf" + dest: "{{ neutron_conf_dir }}/dnsmasq-neutron.conf" owner: "{{ neutron_system_user_name }}" group: "{{ neutron_system_group_name }}" mode: "0644" @@ -87,22 +87,22 @@ owner: "root" group: "root" with_items: - - { src: "rootwrap.d/debug.filters", dest: "/etc/neutron/rootwrap.d/debug.filters" } - - { src: "rootwrap.d/dibbler.filters", dest: "/etc/neutron/rootwrap.d/dibbler.filters" } - - { src: "rootwrap.d/ebtables.filters", dest: "/etc/neutron/rootwrap.d/ebtables.filters" } - - { src: "rootwrap.d/functional-testing.filters", dest: "/etc/neutron/rootwrap.d/functional-testing.filters" } - - { src: "rootwrap.d/ipset-firewall.filters", dest: "/etc/neutron/rootwrap.d/ipset-firewall.filters" } - - { src: "rootwrap.d/iptables-firewall.filters", dest: "/etc/neutron/rootwrap.d/iptables-firewall.filters" } - - { src: "rootwrap.d/openvswitch-plugin.filters", dest: "/etc/neutron/rootwrap.d/openvswitch-plugin.filters" } - - { src: "rootwrap.d/lbaas-haproxy.filters", dest: "/etc/neutron/rootwrap.d/lbaas-haproxy.filters" } - - { src: "rootwrap.d/vpnaas.filters", dest: "/etc/neutron/rootwrap.d/vpnaas.filters" } + - { src: "rootwrap.d/debug.filters", dest: "{{ neutron_conf_dir }}/rootwrap.d/debug.filters" } + - { src: "rootwrap.d/dibbler.filters", dest: "{{ neutron_conf_dir }}/rootwrap.d/dibbler.filters" } + - { src: "rootwrap.d/ebtables.filters", dest: "{{ neutron_conf_dir }}/rootwrap.d/ebtables.filters" } + - { src: "rootwrap.d/functional-testing.filters", dest: "{{ neutron_conf_dir }}/rootwrap.d/functional-testing.filters" } + - { src: "rootwrap.d/ipset-firewall.filters", dest: "{{ neutron_conf_dir }}/rootwrap.d/ipset-firewall.filters" } + - { src: "rootwrap.d/iptables-firewall.filters", dest: "{{ neutron_conf_dir }}/rootwrap.d/iptables-firewall.filters" } + - { src: "rootwrap.d/openvswitch-plugin.filters", dest: "{{ neutron_conf_dir }}/rootwrap.d/openvswitch-plugin.filters" } + - { src: "rootwrap.d/lbaas-haproxy.filters", dest: "{{ neutron_conf_dir }}/rootwrap.d/lbaas-haproxy.filters" } + - { src: "rootwrap.d/vpnaas.filters", dest: "{{ neutron_conf_dir }}/rootwrap.d/vpnaas.filters" } notify: - Restart neutron services - name: Drop neutron agent rootwrap filters copy: src: "{{ item.value.service_rootwrap }}" - dest: "/etc/neutron/{{ item.value.service_rootwrap }}" + dest: "{{ neutron_conf_dir }}/{{ item.value.service_rootwrap }}" owner: "root" group: "root" with_dict: "{{ neutron_services }}" diff --git a/tasks/neutron_pre_install.yml b/tasks/neutron_pre_install.yml index 668ecd7c..a5de8262 100644 --- a/tasks/neutron_pre_install.yml +++ b/tasks/neutron_pre_install.yml @@ -37,10 +37,10 @@ group: "{{ item.group|default(neutron_system_group_name) }}" with_items: - { path: "/openstack", owner: "root", group: "root" } - - { path: "/etc/neutron" } - - { path: "/etc/neutron/plugins" } - - { path: "/etc/neutron/plugins/{{ neutron_plugin_type.split('.')[0] }}" } - - { path: "/etc/neutron/rootwrap.d", owner: "root", group: "root" } + - { path: "{{ neutron_conf_dir }}" } + - { path: "{{ neutron_conf_dir }}/plugins" } + - { path: "{{ neutron_conf_dir }}/plugins/{{ neutron_plugin_type.split('.')[0] }}" } + - { path: "{{ neutron_conf_dir }}/rootwrap.d", owner: "root", group: "root" } - { path: "/etc/sudoers.d", mode: "0750", owner: "root", group: "root" } - { path: "/var/cache/neutron" } - { path: "/var/lock/neutron" } diff --git a/tasks/plumgrid_config.yml b/tasks/plumgrid_config.yml index 6c03ea60..611773bb 100644 --- a/tasks/plumgrid_config.yml +++ b/tasks/plumgrid_config.yml @@ -15,7 +15,7 @@ - name: Setup PLUMlib Neutron Config config_template: src: plugins/plumgrid/plumlib.ini - dest: /etc/neutron/plugins/plumgrid/plumlib.ini + dest: "{{ neutron_conf_dir }}/plugins/plumgrid/plumlib.ini" owner: "{{ neutron_system_user_name }}" group: "{{ neutron_system_group_name }}" config_overrides: "{{ neutron_plumlib_ini_overrides }}" @@ -24,7 +24,7 @@ - name: Place pgrc file template: src: plugins/plumgrid/pgrc - dest: /etc/neutron/plugins/plumgrid/pgrc + dest: "{{ neutron_conf_dir }}/plugins/plumgrid/pgrc" owner: "{{ neutron_system_user_name }}" group: "{{ neutron_system_group_name }}" diff --git a/templates/dhcp_agent.ini.j2 b/templates/dhcp_agent.ini.j2 index 364b492a..80195a0a 100644 --- a/templates/dhcp_agent.ini.j2 +++ b/templates/dhcp_agent.ini.j2 @@ -17,7 +17,7 @@ dhcp_driver = {{ neutron_driver_dhcp }} dhcp_domain = {{ neutron_dhcp_domain }} # Dnsmasq options -dnsmasq_config_file = /etc/neutron/dnsmasq-neutron.conf +dnsmasq_config_file = {{ neutron_conf_dir }}/dnsmasq-neutron.conf dnsmasq_dns_servers = {{ neutron_dnsmasq_dns_servers }} dnsmasq_lease_max = {{ neutron_dnsmasq_lease_max }} diff --git a/templates/neutron.conf.j2 b/templates/neutron.conf.j2 index 5436c230..a9e36e9d 100644 --- a/templates/neutron.conf.j2 +++ b/templates/neutron.conf.j2 @@ -173,7 +173,7 @@ driver = neutron_fwaas.services.firewall.drivers.linux.iptables_fwaas.IptablesFw [agent] polling_interval = {{ neutron_agent_polling_interval|default(5) }} report_interval = {{ neutron_report_interval|int }} -root_helper = sudo {{ neutron_bin }}/neutron-rootwrap /etc/neutron/rootwrap.conf +root_helper = sudo {{ neutron_bin }}/neutron-rootwrap {{ neutron_conf_dir }}/rootwrap.conf # Messaging [oslo_messaging_rabbit] diff --git a/templates/plugins/plumgrid/plumlib.ini b/templates/plugins/plumgrid/plumlib.ini index 8b9bf770..c5333b92 100644 --- a/templates/plugins/plumgrid/plumlib.ini +++ b/templates/plugins/plumgrid/plumlib.ini @@ -40,7 +40,7 @@ ns_proxy_name = neutron-ns-metadata-proxy # should be done before bringing up the system metadata_mode = local -# Use "sudo neutron-rootwrap /etc/neutron/rootwrap.conf" to use the real +# Use "sudo neutron-rootwrap {{ neutron_conf_dir }}/rootwrap.conf" to use the real # root filter facility. # Change to "sudo" to skip the filtering and just run the comand directly root_helper_name = {{ neutron_bin }}/neutron-rootwrap diff --git a/templates/rootwrap.conf.j2 b/templates/rootwrap.conf.j2 index 9ce7c606..f4160f19 100644 --- a/templates/rootwrap.conf.j2 +++ b/templates/rootwrap.conf.j2 @@ -4,7 +4,7 @@ [DEFAULT] # List of directories to load filter definitions from (separated by ','). # These directories MUST all be only writeable by root ! -filters_path=/etc/neutron/rootwrap.d,/usr/share/neutron/rootwrap +filters_path={{ neutron_conf_dir }}/rootwrap.d,/usr/share/neutron/rootwrap # List of directories to search executables in, in case filters do not # explicitely specify a full path (separated by ',')