Consolidate Neutron config path in to a single var
This is a follow up from I8c4c7f513074fbd154ab253182b83227628d44ef where it was proposed to consolidate the various static /etc/neutron path entries in the role to a single var defined in the defaults. Change-Id: Id2e8e4965bf6bda396e54ec8fe9586d920dcca00
This commit is contained in:
Logan V
parent
e604e86b21
commit
5250cd4c0a
@ -51,6 +51,9 @@ neutron_venv_download_url: http://127.0.0.1/venvs/untagged/ubuntu/neutron.tgz
|
||||
# Set the lib dir path to that of the local python path where neutron is installed.
|
||||
neutron_lib_dir: "{{ neutron_bin | dirname }}/lib/python2.7/site-packages/"
|
||||
|
||||
# Set the Neutron configuration path
|
||||
neutron_conf_dir: /etc/neutron
|
||||
|
||||
# Enable/Disable Ceilometer
|
||||
neutron_ceilometer_enabled: False
|
||||
|
||||
@ -67,8 +70,8 @@ neutron_system_home_folder: "/var/lib/{{ neutron_system_user_name }}"
|
||||
## DB
|
||||
neutron_galera_user: neutron
|
||||
neutron_galera_database: neutron
|
||||
neutron_db_config: /etc/neutron/neutron.conf
|
||||
neutron_db_plugin: "/etc/neutron/{{ neutron_plugins[neutron_plugin_type].plugin_ini }}"
|
||||
neutron_db_config: "{{ neutron_conf_dir }}/neutron.conf"
|
||||
neutron_db_plugin: "{{ neutron_conf_dir }}/{{ neutron_plugins[neutron_plugin_type].plugin_ini }}"
|
||||
neutron_db_max_overflow: 20
|
||||
neutron_db_pool_size: 120
|
||||
neutron_db_pool_timeout: 30
|
||||
@ -155,85 +158,85 @@ neutron_services:
|
||||
group: neutron_dhcp_agent
|
||||
service_name: neutron-dhcp-agent
|
||||
service_en: "{{ neutron_dhcp | bool }}"
|
||||
service_conf_path: "/etc/neutron"
|
||||
service_conf_path: "{{ neutron_conf_dir }}"
|
||||
service_conf: dhcp_agent.ini
|
||||
service_rootwrap: rootwrap.d/dhcp.filters
|
||||
config_options: --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/dhcp_agent.ini --log-file=/var/log/neutron/neutron-dhcp-agent.log
|
||||
config_options: "--config-file {{ neutron_conf_dir }}/neutron.conf --config-file {{ neutron_conf_dir }}/dhcp_agent.ini --log-file=/var/log/neutron/neutron-dhcp-agent.log"
|
||||
config_overrides: "{{ neutron_dhcp_agent_ini_overrides }}"
|
||||
config_type: "ini"
|
||||
neutron-openvswitch-agent:
|
||||
group: neutron_openvswitch_agent
|
||||
service_name: neutron-openvswitch-agent
|
||||
service_en: "{{ 'ml2.ovs' in neutron_plugin_type }}"
|
||||
service_conf_path: "/etc/neutron"
|
||||
service_conf_path: "{{ neutron_conf_dir }}"
|
||||
service_conf: plugins/ml2/openvswitch_agent.ini
|
||||
service_rootwrap: rootwrap.d/openvswitch-plugin.filters
|
||||
config_options: --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini --config-file /etc/neutron/plugins/ml2/openvswitch_agent.ini --log-file=/var/log/neutron/neutron-openvswitch-agent.log
|
||||
config_options: "--config-file {{ neutron_conf_dir }}/neutron.conf --config-file {{ neutron_conf_dir }}/plugins/ml2/ml2_conf.ini --config-file {{ neutron_conf_dir }}/plugins/ml2/openvswitch_agent.ini --log-file=/var/log/neutron/neutron-openvswitch-agent.log"
|
||||
config_overrides: "{{ neutron_openvswitch_agent_ini_overrides }}"
|
||||
config_type: "ini"
|
||||
neutron-linuxbridge-agent:
|
||||
group: neutron_linuxbridge_agent
|
||||
service_name: neutron-linuxbridge-agent
|
||||
service_en: "{{ neutron_plugin_type == 'ml2.lxb' }}"
|
||||
service_conf_path: "/etc/neutron"
|
||||
service_conf_path: "{{ neutron_conf_dir }}"
|
||||
service_conf: plugins/ml2/linuxbridge_agent.ini
|
||||
service_rootwrap: rootwrap.d/linuxbridge-plugin.filters
|
||||
config_options: --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini --config-file /etc/neutron/plugins/ml2/linuxbridge_agent.ini --log-file=/var/log/neutron/neutron-linuxbridge-agent.log
|
||||
config_options: "--config-file {{ neutron_conf_dir }}/neutron.conf --config-file {{ neutron_conf_dir }}/plugins/ml2/ml2_conf.ini --config-file {{ neutron_conf_dir }}/plugins/ml2/linuxbridge_agent.ini --log-file=/var/log/neutron/neutron-linuxbridge-agent.log"
|
||||
config_overrides: "{{ neutron_linuxbridge_agent_ini_overrides }}"
|
||||
config_type: "ini"
|
||||
neutron-metadata-agent:
|
||||
group: neutron_metadata_agent
|
||||
service_name: neutron-metadata-agent
|
||||
service_en: "{{ neutron_metadata | bool }}"
|
||||
service_conf_path: "/etc/neutron"
|
||||
service_conf_path: "{{ neutron_conf_dir }}"
|
||||
service_conf: metadata_agent.ini
|
||||
config_options: --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/metadata_agent.ini --log-file=/var/log/neutron/neutron-metadata-agent.log
|
||||
config_options: "--config-file {{ neutron_conf_dir }}/neutron.conf --config-file {{ neutron_conf_dir }}/metadata_agent.ini --log-file=/var/log/neutron/neutron-metadata-agent.log"
|
||||
config_overrides: "{{ neutron_metadata_agent_ini_overrides }}"
|
||||
config_type: "ini"
|
||||
neutron-metering-agent:
|
||||
group: neutron_metering_agent
|
||||
service_name: neutron-metering-agent
|
||||
service_en: "{{ neutron_metering | bool }}"
|
||||
service_conf_path: "/etc/neutron"
|
||||
service_conf_path: "{{ neutron_conf_dir }}"
|
||||
service_conf: metering_agent.ini
|
||||
config_options: --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/metering_agent.ini --log-file=/var/log/neutron/neutron-metering-agent.log
|
||||
config_options: "--config-file {{ neutron_conf_dir }}/neutron.conf --config-file {{ neutron_conf_dir }}/metering_agent.ini --log-file=/var/log/neutron/neutron-metering-agent.log"
|
||||
config_overrides: "{{ neutron_metering_agent_ini_overrides }}"
|
||||
config_type: "ini"
|
||||
neutron-l3-agent:
|
||||
group: neutron_l3_agent
|
||||
service_name: neutron-l3-agent
|
||||
service_en: "{{ neutron_l3 | bool }}"
|
||||
service_conf_path: "/etc/neutron"
|
||||
service_conf_path: "{{ neutron_conf_dir }}"
|
||||
service_conf: l3_agent.ini
|
||||
service_rootwrap: rootwrap.d/l3.filters
|
||||
config_options: --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/l3_agent.ini --log-file=/var/log/neutron/neutron-l3-agent.log
|
||||
config_options: "--config-file {{ neutron_conf_dir }}/neutron.conf --config-file {{ neutron_conf_dir }}/l3_agent.ini --log-file=/var/log/neutron/neutron-l3-agent.log"
|
||||
config_overrides: "{{ neutron_l3_agent_ini_overrides }}"
|
||||
config_type: "ini"
|
||||
neutron-lbaasv2-agent:
|
||||
group: neutron_lbaasv2_agent
|
||||
service_name: neutron-lbaasv2-agent
|
||||
service_en: "{{ neutron_lbaasv2 | bool }}"
|
||||
service_conf_path: "/etc/neutron"
|
||||
service_conf_path: "{{ neutron_conf_dir }}"
|
||||
service_conf: lbaas_agent.ini
|
||||
service_rootwrap: rootwrap.d/lbaas-haproxy.filters
|
||||
config_options: --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/lbaas_agent.ini --log-file=/var/log/neutron/neutron-lbaasv2-agent.log
|
||||
config_options: "--config-file {{ neutron_conf_dir }}/neutron.conf --config-file {{ neutron_conf_dir }}/lbaas_agent.ini --log-file=/var/log/neutron/neutron-lbaasv2-agent.log"
|
||||
config_overrides: "{{ neutron_lbaas_agent_ini_overrides }}"
|
||||
config_type: "ini"
|
||||
neutron-vpnaas-agent:
|
||||
group: neutron_l3_agent
|
||||
service_name: neutron-vpn-agent
|
||||
service_en: "{{ neutron_vpnaas | bool }}"
|
||||
service_conf_path: "/etc/neutron"
|
||||
service_conf_path: "{{ neutron_conf_dir }}"
|
||||
service_conf: vpnaas_agent.ini
|
||||
service_rootwrap: rootwrap.d/vpnaas.filters
|
||||
config_options: --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/vpnaas_agent.ini --log-file=/var/log/neutron/neutron-vpn-agent.log
|
||||
config_options: "--config-file {{ neutron_conf_dir }}/neutron.conf --config-file {{ neutron_conf_dir }}/vpnaas_agent.ini --log-file=/var/log/neutron/neutron-vpn-agent.log"
|
||||
config_overrides: "{{ neutron_vpnaas_agent_ini_overrides }}"
|
||||
config_type: "ini"
|
||||
neutron-server:
|
||||
group: neutron_server
|
||||
service_name: neutron-server
|
||||
service_en: True
|
||||
config_options: "--config-file /etc/neutron/neutron.conf --config-file /etc/neutron/{{ neutron_plugins[neutron_plugin_type].plugin_ini }} --log-file=/var/log/neutron/neutron-server.log"
|
||||
config_options: "--config-file {{ neutron_conf_dir }}/neutron.conf --config-file {{ neutron_conf_dir }}/{{ neutron_plugins[neutron_plugin_type].plugin_ini }} --log-file=/var/log/neutron/neutron-server.log"
|
||||
|
||||
## Neutron DHCP Agent
|
||||
neutron_dhcp: "{% if neutron_plugin_type.split('.')[0] == 'ml2' %}True{% else %}False{% endif %}"
|
||||
|
||||
@ -24,25 +24,25 @@
|
||||
config_type: "{{ item.config_type }}"
|
||||
with_items:
|
||||
- src: "neutron.conf.j2"
|
||||
dest: "/etc/neutron/neutron.conf"
|
||||
dest: "{{ neutron_conf_dir }}/neutron.conf"
|
||||
config_overrides: "{{ neutron_neutron_conf_overrides }}"
|
||||
config_type: "ini"
|
||||
- src: "{{ neutron_plugins[neutron_plugin_type].plugin_ini }}.j2"
|
||||
dest: "/etc/neutron/{{ neutron_plugins[neutron_plugin_type].plugin_ini }}"
|
||||
dest: "{{ neutron_conf_dir }}/{{ neutron_plugins[neutron_plugin_type].plugin_ini }}"
|
||||
config_overrides: "{{ neutron_plugins[neutron_plugin_type].plugin_conf_ini_overrides }}"
|
||||
config_type: "ini"
|
||||
- src: "api-paste.ini.j2"
|
||||
dest: "/etc/neutron/api-paste.ini"
|
||||
dest: "{{ neutron_conf_dir }}/api-paste.ini"
|
||||
config_overrides: "{{ neutron_api_paste_ini_overrides }}"
|
||||
config_type: "ini"
|
||||
- src: "rootwrap.conf.j2"
|
||||
dest: "/etc/neutron/rootwrap.conf"
|
||||
dest: "{{ neutron_conf_dir }}/rootwrap.conf"
|
||||
owner: "root"
|
||||
group: "root"
|
||||
config_overrides: "{{ neutron_rootwrap_conf_overrides }}"
|
||||
config_type: "ini"
|
||||
- src: "policy.json.j2"
|
||||
dest: "/etc/neutron/policy.json"
|
||||
dest: "{{ neutron_conf_dir }}/policy.json"
|
||||
config_overrides: "{{ neutron_policy_overrides }}"
|
||||
config_type: "json"
|
||||
notify:
|
||||
@ -51,7 +51,7 @@
|
||||
- name: Generate neutron dnsmasq Config
|
||||
config_template:
|
||||
src: "dnsmasq-neutron.conf.j2"
|
||||
dest: "/etc/neutron/dnsmasq-neutron.conf"
|
||||
dest: "{{ neutron_conf_dir }}/dnsmasq-neutron.conf"
|
||||
owner: "{{ neutron_system_user_name }}"
|
||||
group: "{{ neutron_system_group_name }}"
|
||||
mode: "0644"
|
||||
@ -87,22 +87,22 @@
|
||||
owner: "root"
|
||||
group: "root"
|
||||
with_items:
|
||||
- { src: "rootwrap.d/debug.filters", dest: "/etc/neutron/rootwrap.d/debug.filters" }
|
||||
- { src: "rootwrap.d/dibbler.filters", dest: "/etc/neutron/rootwrap.d/dibbler.filters" }
|
||||
- { src: "rootwrap.d/ebtables.filters", dest: "/etc/neutron/rootwrap.d/ebtables.filters" }
|
||||
- { src: "rootwrap.d/functional-testing.filters", dest: "/etc/neutron/rootwrap.d/functional-testing.filters" }
|
||||
- { src: "rootwrap.d/ipset-firewall.filters", dest: "/etc/neutron/rootwrap.d/ipset-firewall.filters" }
|
||||
- { src: "rootwrap.d/iptables-firewall.filters", dest: "/etc/neutron/rootwrap.d/iptables-firewall.filters" }
|
||||
- { src: "rootwrap.d/openvswitch-plugin.filters", dest: "/etc/neutron/rootwrap.d/openvswitch-plugin.filters" }
|
||||
- { src: "rootwrap.d/lbaas-haproxy.filters", dest: "/etc/neutron/rootwrap.d/lbaas-haproxy.filters" }
|
||||
- { src: "rootwrap.d/vpnaas.filters", dest: "/etc/neutron/rootwrap.d/vpnaas.filters" }
|
||||
- { src: "rootwrap.d/debug.filters", dest: "{{ neutron_conf_dir }}/rootwrap.d/debug.filters" }
|
||||
- { src: "rootwrap.d/dibbler.filters", dest: "{{ neutron_conf_dir }}/rootwrap.d/dibbler.filters" }
|
||||
- { src: "rootwrap.d/ebtables.filters", dest: "{{ neutron_conf_dir }}/rootwrap.d/ebtables.filters" }
|
||||
- { src: "rootwrap.d/functional-testing.filters", dest: "{{ neutron_conf_dir }}/rootwrap.d/functional-testing.filters" }
|
||||
- { src: "rootwrap.d/ipset-firewall.filters", dest: "{{ neutron_conf_dir }}/rootwrap.d/ipset-firewall.filters" }
|
||||
- { src: "rootwrap.d/iptables-firewall.filters", dest: "{{ neutron_conf_dir }}/rootwrap.d/iptables-firewall.filters" }
|
||||
- { src: "rootwrap.d/openvswitch-plugin.filters", dest: "{{ neutron_conf_dir }}/rootwrap.d/openvswitch-plugin.filters" }
|
||||
- { src: "rootwrap.d/lbaas-haproxy.filters", dest: "{{ neutron_conf_dir }}/rootwrap.d/lbaas-haproxy.filters" }
|
||||
- { src: "rootwrap.d/vpnaas.filters", dest: "{{ neutron_conf_dir }}/rootwrap.d/vpnaas.filters" }
|
||||
notify:
|
||||
- Restart neutron services
|
||||
|
||||
- name: Drop neutron agent rootwrap filters
|
||||
copy:
|
||||
src: "{{ item.value.service_rootwrap }}"
|
||||
dest: "/etc/neutron/{{ item.value.service_rootwrap }}"
|
||||
dest: "{{ neutron_conf_dir }}/{{ item.value.service_rootwrap }}"
|
||||
owner: "root"
|
||||
group: "root"
|
||||
with_dict: "{{ neutron_services }}"
|
||||
|
||||
@ -37,10 +37,10 @@
|
||||
group: "{{ item.group|default(neutron_system_group_name) }}"
|
||||
with_items:
|
||||
- { path: "/openstack", owner: "root", group: "root" }
|
||||
- { path: "/etc/neutron" }
|
||||
- { path: "/etc/neutron/plugins" }
|
||||
- { path: "/etc/neutron/plugins/{{ neutron_plugin_type.split('.')[0] }}" }
|
||||
- { path: "/etc/neutron/rootwrap.d", owner: "root", group: "root" }
|
||||
- { path: "{{ neutron_conf_dir }}" }
|
||||
- { path: "{{ neutron_conf_dir }}/plugins" }
|
||||
- { path: "{{ neutron_conf_dir }}/plugins/{{ neutron_plugin_type.split('.')[0] }}" }
|
||||
- { path: "{{ neutron_conf_dir }}/rootwrap.d", owner: "root", group: "root" }
|
||||
- { path: "/etc/sudoers.d", mode: "0750", owner: "root", group: "root" }
|
||||
- { path: "/var/cache/neutron" }
|
||||
- { path: "/var/lock/neutron" }
|
||||
|
||||
@ -15,7 +15,7 @@
|
||||
- name: Setup PLUMlib Neutron Config
|
||||
config_template:
|
||||
src: plugins/plumgrid/plumlib.ini
|
||||
dest: /etc/neutron/plugins/plumgrid/plumlib.ini
|
||||
dest: "{{ neutron_conf_dir }}/plugins/plumgrid/plumlib.ini"
|
||||
owner: "{{ neutron_system_user_name }}"
|
||||
group: "{{ neutron_system_group_name }}"
|
||||
config_overrides: "{{ neutron_plumlib_ini_overrides }}"
|
||||
@ -24,7 +24,7 @@
|
||||
- name: Place pgrc file
|
||||
template:
|
||||
src: plugins/plumgrid/pgrc
|
||||
dest: /etc/neutron/plugins/plumgrid/pgrc
|
||||
dest: "{{ neutron_conf_dir }}/plugins/plumgrid/pgrc"
|
||||
owner: "{{ neutron_system_user_name }}"
|
||||
group: "{{ neutron_system_group_name }}"
|
||||
|
||||
|
||||
@ -17,7 +17,7 @@ dhcp_driver = {{ neutron_driver_dhcp }}
|
||||
dhcp_domain = {{ neutron_dhcp_domain }}
|
||||
|
||||
# Dnsmasq options
|
||||
dnsmasq_config_file = /etc/neutron/dnsmasq-neutron.conf
|
||||
dnsmasq_config_file = {{ neutron_conf_dir }}/dnsmasq-neutron.conf
|
||||
dnsmasq_dns_servers = {{ neutron_dnsmasq_dns_servers }}
|
||||
dnsmasq_lease_max = {{ neutron_dnsmasq_lease_max }}
|
||||
|
||||
|
||||
@ -173,7 +173,7 @@ driver = neutron_fwaas.services.firewall.drivers.linux.iptables_fwaas.IptablesFw
|
||||
[agent]
|
||||
polling_interval = {{ neutron_agent_polling_interval|default(5) }}
|
||||
report_interval = {{ neutron_report_interval|int }}
|
||||
root_helper = sudo {{ neutron_bin }}/neutron-rootwrap /etc/neutron/rootwrap.conf
|
||||
root_helper = sudo {{ neutron_bin }}/neutron-rootwrap {{ neutron_conf_dir }}/rootwrap.conf
|
||||
|
||||
# Messaging
|
||||
[oslo_messaging_rabbit]
|
||||
|
||||
@ -40,7 +40,7 @@ ns_proxy_name = neutron-ns-metadata-proxy
|
||||
# should be done before bringing up the system
|
||||
metadata_mode = local
|
||||
|
||||
# Use "sudo neutron-rootwrap /etc/neutron/rootwrap.conf" to use the real
|
||||
# Use "sudo neutron-rootwrap {{ neutron_conf_dir }}/rootwrap.conf" to use the real
|
||||
# root filter facility.
|
||||
# Change to "sudo" to skip the filtering and just run the comand directly
|
||||
root_helper_name = {{ neutron_bin }}/neutron-rootwrap
|
||||
|
||||
@ -4,7 +4,7 @@
|
||||
[DEFAULT]
|
||||
# List of directories to load filter definitions from (separated by ',').
|
||||
# These directories MUST all be only writeable by root !
|
||||
filters_path=/etc/neutron/rootwrap.d,/usr/share/neutron/rootwrap
|
||||
filters_path={{ neutron_conf_dir }}/rootwrap.d,/usr/share/neutron/rootwrap
|
||||
|
||||
# List of directories to search executables in, in case filters do not
|
||||
# explicitely specify a full path (separated by ',')
|
||||
|
||||
Loading…
Reference in New Issue
Block a user