From 8ceea78a97b92d8a6bfe3401afb03d7bb435806e Mon Sep 17 00:00:00 2001 From: Dmitriy Rabotyagov Date: Mon, 17 Jul 2023 18:17:23 +0200 Subject: [PATCH] Fix linters and metadata With update of ansible-lint to version >=6.0.0 a lot of new linters were added, that enabled by default. In order to comply with linter rules we're applying changes to the role. With that we also update metdata to reflect current state. Depends-On: https://review.opendev.org/c/openstack/ansible-role-systemd_service/+/888223 Change-Id: I3905e334cfbeb7ccb976358016f81c5edd6cd284 --- defaults/main.yml | 72 +++++++++------- handlers/main.yml | 7 +- meta/main.yml | 12 +-- tasks/dependent_neutron_roles.yml | 4 +- tasks/main.yml | 46 +++++++---- tasks/neutron_apparmor.yml | 2 +- tasks/neutron_db_setup.yml | 3 + tasks/neutron_install.yml | 5 +- tasks/neutron_post_install.yml | 17 ++-- tasks/neutron_pre_install.yml | 3 +- tasks/providers/opendaylight_config.yml | 3 +- tasks/providers/ovn_cluster_setup.yml | 5 +- tasks/providers/ovn_config.yml | 6 +- tasks/providers/ovs_config.yml | 3 +- tasks/providers/setup_ovs_dpdk.yml | 12 ++- tasks/providers/setup_ovs_opendaylight.yml | 11 ++- tasks/providers/setup_ovs_ovn.yml | 15 +++- vars/main.yml | 95 ++++++++++++++++------ vars/redhat.yml | 2 +- 19 files changed, 222 insertions(+), 101 deletions(-) diff --git a/defaults/main.yml b/defaults/main.yml index e56db5d6..4e9727cc 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -28,7 +28,11 @@ debug: False # for the service setup. The host must already have # clouds.yaml properly configured. neutron_service_setup_host: "{{ openstack_service_setup_host | default('localhost') }}" -neutron_service_setup_host_python_interpreter: "{{ openstack_service_setup_host_python_interpreter | default((neutron_service_setup_host == 'localhost') | ternary(ansible_playbook_python, ansible_facts['python']['executable'])) }}" +neutron_service_setup_host_python_interpreter: >- + {{ + openstack_service_setup_host_python_interpreter | default( + (neutron_service_setup_host == 'localhost') | ternary(ansible_playbook_python, ansible_facts['python']['executable'])) + }} ### ### Packages Options @@ -76,7 +80,8 @@ networking_nsx_git_install_branch: master networking_nsxlib_git_repo: https://opendev.org/x/vmware-nsxlib networking_nsxlib_git_install_branch: master -neutron_upper_constraints_url: "{{ requirements_git_url | default('https://releases.openstack.org/constraints/upper/' ~ requirements_git_install_branch | default('master')) }}" +neutron_upper_constraints_url: >- + {{ requirements_git_url | default('https://releases.openstack.org/constraints/upper/' ~ requirements_git_install_branch | default('master')) }} neutron_git_constraints: - "--constraint {{ neutron_upper_constraints_url }}" @@ -98,7 +103,7 @@ neutron_fatal_deprecations: False ## Cap the maximun number of threads / workers when a user value is unspecified. neutron_api_threads_max: 16 -neutron_api_threads: "{{ [[ansible_facts['processor_vcpus']|default(2) // 2, 1] | max, neutron_api_threads_max] | min }}" +neutron_api_threads: "{{ [[ansible_facts['processor_vcpus'] | default(2) // 2, 1] | max, neutron_api_threads_max] | min }}" neutron_agent_down_time: 120 neutron_agent_polling_interval: 5 @@ -115,8 +120,8 @@ neutron_dns_domain: "{{ dhcp_domain | default('openstacklocal.') }}" ### # Dnsmasq doesn't work with config_template override, a deployer # should instead configure its own neutron_dhcp_config key/values like this: -#neutron_dhcp_config: -# dhcp-option-force: "26,1500" +# neutron_dhcp_config: +# dhcp-option-force: "26,1500" neutron_dhcp_config: {} # Dnsmasq has furthermore some options in its configuration that are not @@ -164,9 +169,9 @@ neutron_nsx_conf_ini_overrides: {} # Provide a list of access controls to update the default policy.json with. # These changes will be merged # with the access controls in the default policy.json. E.g. -#neutron_policy_overrides: -# "create_subnet": "rule:admin_or_network_owner" -# "get_subnet": "rule:admin_or_owner or rule:shared" +# neutron_policy_overrides: +# "create_subnet": "rule:admin_or_network_owner" +# "get_subnet": "rule:admin_or_owner or rule:shared" neutron_policy_overrides: {} _neutron_rootwrap_conf_overrides: DEFAULT: @@ -188,7 +193,7 @@ neutron_ovn_metadata_agent_init_overrides: {} # NOTE(noonedeadpunk): uWSGI is still not fully supported. See: https://bugs.launchpad.net/neutron/+bug/1912359 neutron_use_uwsgi: "{{ (neutron_plugin_type not in ['ml2.ovn']) }}" neutron_wsgi_processes_max: 16 -neutron_wsgi_processes: "{{ [[ansible_processor_vcpus|default(1), 1] | max * 2, neutron_wsgi_processes_max] | min }}" +neutron_wsgi_processes: "{{ [[ansible_processor_vcpus | default(1), 1] | max * 2, neutron_wsgi_processes_max] | min }}" neutron_wsgi_threads: 1 neutron_uwsgi_tls: crt: "{{ neutron_ssl_cert }}" @@ -221,7 +226,11 @@ neutron_quota_firewall_rule: 100 ### neutron_db_setup_host: "{{ openstack_db_setup_host | default('localhost') }}" -neutron_db_setup_python_interpreter: "{{ openstack_db_setup_python_interpreter | default((neutron_db_setup_host == 'localhost') | ternary(ansible_playbook_python, ansible_facts['python']['executable'])) }}" +neutron_db_setup_python_interpreter: >- + {{ + openstack_db_setup_python_interpreter | default( + (neutron_db_setup_host == 'localhost') | ternary(ansible_playbook_python, ansible_facts['python']['executable'])) + }} neutron_galera_address: "{{ galera_address | default('127.0.0.1') }}" neutron_galera_user: neutron neutron_galera_database: neutron @@ -261,7 +270,8 @@ neutron_oslomsg_rpc_ssl_ca_file: "{{ oslomsg_rpc_ssl_ca_file | default('') }}" # Notify neutron_oslomsg_notify_host_group: "{{ oslomsg_notify_host_group | default('rabbitmq_all') }}" -neutron_oslomsg_notify_setup_host: "{{ (neutron_oslomsg_notify_host_group in groups) | ternary(groups[neutron_oslomsg_notify_host_group][0], 'localhost') }}" +neutron_oslomsg_notify_setup_host: >- + {{ (neutron_oslomsg_notify_host_group in groups) | ternary(groups[neutron_oslomsg_notify_host_group][0], 'localhost') }} neutron_oslomsg_notify_transport: "{{ oslomsg_notify_transport | default('rabbit') }}" neutron_oslomsg_notify_servers: "{{ oslomsg_notify_servers | default('127.0.0.1') }}" neutron_oslomsg_notify_port: "{{ oslomsg_notify_port | default('5672') }}" @@ -288,7 +298,8 @@ neutron_rpc_thread_pool_size: 64 neutron_rpc_conn_pool_size: 30 neutron_rpc_response_timeout: 60 neutron_rpc_workers_max: 16 -neutron_rpc_workers: "{{ [[(ansible_facts['processor_vcpus']//ansible_facts['processor_threads_per_core'])|default(1), 1] | max * 2, neutron_rpc_workers_max] | min }}" +neutron_rpc_workers: >- + {{ [[(ansible_facts['processor_vcpus'] // ansible_facts['processor_threads_per_core']) | default(1), 1] | max * 2, neutron_rpc_workers_max] | min }} ### ### Identity (Keystone) integration @@ -469,7 +480,7 @@ neutron_fwaasv2_service_provider: FIREWALL_V2:fwaas_db:neutron_fwaas.services.fi neutron_driver_vpnaas: "{{ _neutron_driver_vpnaas }}" neutron_vpnaas_service_provider: "{{ _neutron_vpnaas_service_provider }}" -#Set this variable to use custom config file for strongswan/openswan +# Set this variable to use custom config file for strongswan/openswan # neutron_vpnaas_custom_config: # - src: "/etc/openstack_deploy/strongswan/strongswan.conf.template" # dest: "{{ neutron_conf_dir }}/strongswan.conf.template" @@ -479,13 +490,15 @@ neutron_vpnaas_custom_config: [] # OVN Defaults neutron_ovn_ssl: True -ovn_proto: "{{ (neutron_ovn_ssl) | ternary('ssl','tcp') }}" +ovn_proto: "{{ (neutron_ovn_ssl) | ternary('ssl', 'tcp') }}" neutron_ovn_primary_cluster_node: "{{ groups[neutron_services['neutron-ovn-northd']['group']] | first }}" neutron_ovn_northd_service_name: ovn-northd neutron_ovn_controller_service_name: ovn-controller neutron_ovn_l3_scheduler: leastloaded -neutron_ovn_nb_connection: "{{ ovn_proto }}:{{ groups['neutron_ovn_northd'] | map('extract', hostvars, ['ansible_host']) | join(':6641,'+ ovn_proto + ':') }}:6641" -neutron_ovn_sb_connection: "{{ ovn_proto }}:{{ groups['neutron_ovn_northd'] | map('extract', hostvars, ['ansible_host']) | join(':6642,' + ovn_proto + ':') }}:6642" +neutron_ovn_nb_connection: >- + {{ ovn_proto }}:{{ groups['neutron_ovn_northd'] | map('extract', hostvars, ['ansible_host']) | join(':6641,' + ovn_proto + ':') }}:6641 +neutron_ovn_sb_connection: >- + {{ ovn_proto }}:{{ groups['neutron_ovn_northd'] | map('extract', hostvars, ['ansible_host']) | join(':6642,' + ovn_proto + ':') }}:6642 neutron_ovsdb_manager: ptcp:6640:127.0.0.1 neutron_ovn_sb_inactivity_probe: 60000 neutron_ovn_nb_inactivity_probe: 60000 @@ -500,7 +513,8 @@ neutron_ovn_node_address: "{{ management_address | default('127.0.0.1') }}" neutron_ovn_pki_keys_path: "{{ neutron_ovn_pki_dir ~ '/certs/private/' }}" neutron_ovn_pki_certs_path: "{{ neutron_ovn_pki_dir ~ '/certs/certs/' }}" neutron_ovn_pki_intermediate_cert_name: "{{ openstack_pki_service_intermediate_cert_name }}" -neutron_ovn_pki_intermediate_chain_path: "{{ neutron_ovn_pki_dir ~ '/roots/' ~ neutron_ovn_pki_intermediate_cert_name ~ '/certs/' ~ neutron_ovn_pki_intermediate_cert_name ~ '-chain.crt' }}" +neutron_ovn_pki_intermediate_chain_path: >- + {{ neutron_ovn_pki_dir ~ '/roots/' ~ neutron_ovn_pki_intermediate_cert_name ~ '/certs/' ~ neutron_ovn_pki_intermediate_cert_name ~ '-chain.crt' }} neutron_ovn_pki_regen_cert: "" neutron_ovn_pki_certificates: - name: "neutron_ovn_{{ ansible_facts['hostname'] }}" @@ -530,9 +544,9 @@ neutron_ovn_pki_install_certificates: mode: "0600" condition: "{{ (neutron_ovn_ssl and neutron_needs_openvswitch) }}" - src: "{{ neutron_ovn_user_ssl_ca_cert | default(neutron_ovn_pki_intermediate_chain_path) }}" - dest: "{{ [neutron_ovn_conf_dir, neutron_ovn_ssl_ca_cert] | join('/') }}" - owner: "{{ (neutron_services['neutron-server']['group'] in group_names) | ternary( neutron_service_user_name, neutron_ovn_system_user_name) }}" - group: "{{ (neutron_services['neutron-server']['group'] in group_names) | ternary( neutron_service_user_name, neutron_ovn_system_user_name) }}" + dest: "{{ [neutron_ovn_conf_dir, neutron_ovn_ssl_ca_cert] | join('/') }}" + owner: "{{ (neutron_services['neutron-server']['group'] in group_names) | ternary(neutron_service_user_name, neutron_ovn_system_user_name) }}" + group: "{{ (neutron_services['neutron-server']['group'] in group_names) | ternary(neutron_service_user_name, neutron_ovn_system_user_name) }}" mode: "0644" condition: "{{ (neutron_ovn_ssl and neutron_needs_openvswitch and neutron_plugin_type == 'ml2.ovn') }}" - src: "{{ neutron_ovn_user_ssl_cert | default(neutron_ovn_pki_certs_path ~ 'neutron_ovn_' ~ ansible_facts['hostname'] ~ '-chain.crt') }}" @@ -540,26 +554,26 @@ neutron_ovn_pki_install_certificates: owner: "{{ neutron_service_user_name }}" group: "{{ neutron_service_user_name }}" mode: "0644" - condition: "{{ (neutron_ovn_ssl and neutron_plugin_type == 'ml2.ovn' and (filtered_neutron_services |length + uwsgi_neutron_services | length ) > 0) }}" + condition: "{{ (neutron_ovn_ssl and neutron_plugin_type == 'ml2.ovn' and (filtered_neutron_services | length + uwsgi_neutron_services | length) > 0) }}" - src: "{{ neutron_ovn_user_ssl_key | default(neutron_ovn_pki_keys_path ~ 'neutron_ovn_' ~ ansible_facts['hostname'] ~ '.key.pem') }}" dest: "{{ [neutron_conf_version_dir, neutron_ovn_ssl_key] | join('/') }}" owner: "{{ neutron_service_user_name }}" group: "{{ neutron_service_user_name }}" mode: "0600" - condition: "{{ (neutron_ovn_ssl and neutron_plugin_type == 'ml2.ovn' and (filtered_neutron_services |length + uwsgi_neutron_services | length ) > 0) }}" + condition: "{{ (neutron_ovn_ssl and neutron_plugin_type == 'ml2.ovn' and (filtered_neutron_services | length + uwsgi_neutron_services | length) > 0) }}" - src: "{{ neutron_ovn_user_ssl_ca_cert | default(neutron_ovn_pki_intermediate_chain_path) }}" dest: "{{ [neutron_conf_version_dir, neutron_ovn_ssl_ca_cert] | join('/') }}" owner: "{{ neutron_service_user_name }}" group: "{{ neutron_service_user_name }}" mode: "0644" - condition: "{{ (neutron_ovn_ssl and neutron_plugin_type == 'ml2.ovn' and (filtered_neutron_services |length + uwsgi_neutron_services | length ) > 0) }}" + condition: "{{ (neutron_ovn_ssl and neutron_plugin_type == 'ml2.ovn' and (filtered_neutron_services | length + uwsgi_neutron_services | length) > 0) }}" # Define user-provided SSL certificates in: # /etc/openstack_deploy/user_variables.yml -#neutron_ovnnb_user_ssl_cert: -#neutron_ovnnb_user_ssl_key: -#neutron_ovnsb_user_ssl_cert: -#neutron_ovnsb_user_ssl_key: +# neutron_ovnnb_user_ssl_cert: +# neutron_ovnnb_user_ssl_key: +# neutron_ovnsb_user_ssl_cert: +# neutron_ovnsb_user_ssl_key: ### ### DPDK Configuration @@ -620,5 +634,5 @@ neutron_pki_install_certificates: mode: "0600" # Define user-provided SSL certificates -#neutron_user_ssl_cert: -#neutron_user_ssl_key: +# neutron_user_ssl_cert: +# neutron_user_ssl_key: diff --git a/handlers/main.yml b/handlers/main.yml index b5656c67..f6807f47 100644 --- a/handlers/main.yml +++ b/handlers/main.yml @@ -47,6 +47,7 @@ fi done when: "'neutron-metadata-agent' in (filtered_neutron_services | map(attribute='service_key') | list)" + changed_when: false listen: - "Restart neutron services" - "venv changed" @@ -68,6 +69,7 @@ fi done when: "'neutron-l3-agent' in (filtered_neutron_services | map(attribute='service_key') | list)" + changed_when: false listen: - "Restart neutron services" - "venv changed" @@ -111,6 +113,7 @@ become: yes become_user: "{{ neutron_system_user_name }}" delegate_to: "{{ groups[neutron_services['neutron-server']['group']][0] }}" + changed_when: false when: - "ansible_local['openstack_ansible']['neutron']['need_db_contract'] | bool" - "_neutron_is_first_play_host" @@ -135,10 +138,12 @@ - "systemd service changed" - "cert installed" -- name: start ovn service +- name: Start ovn service service: name: "{{ neutron_ovn_northd_service_name }}" state: started + listen: + - start ovn service # (NOTE) Restarting twice to cleanup some pid. - name: Restart ovn northd diff --git a/meta/main.yml b/meta/main.yml index 9cc5efe8..99394565 100644 --- a/meta/main.yml +++ b/meta/main.yml @@ -18,19 +18,21 @@ galaxy_info: description: Installation and setup of neutron company: Rackspace license: Apache2 - min_ansible_version: 2.2 + role_name: os_neutron + namespace: openstack + min_ansible_version: "2.10" platforms: - name: Debian versions: - - buster + - bullseye - name: Ubuntu versions: - - bionic - focal + - jammy - name: EL versions: - - 8 - categories: + - "9" + galaxy_tags: - cloud - python - neutron diff --git a/tasks/dependent_neutron_roles.yml b/tasks/dependent_neutron_roles.yml index 2f30d27a..cb1038dc 100644 --- a/tasks/dependent_neutron_roles.yml +++ b/tasks/dependent_neutron_roles.yml @@ -21,5 +21,5 @@ extra_features: "{{ opendaylight_extra_features }}" nb_rest_port: "{{ opendaylight_port | default('8180') }}" when: - - neutron_plugin_type == "ml2.opendaylight" - - "'opendaylight' in group_names" + - neutron_plugin_type == "ml2.opendaylight" + - "'opendaylight' in group_names" diff --git a/tasks/main.yml b/tasks/main.yml index 0ca04ae3..015c3eb5 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -14,7 +14,8 @@ # limitations under the License. -- import_tasks: neutron_check.yml +- name: Importing neutron_check tasks + import_tasks: neutron_check.yml - name: Gather variables for each operating system include_vars: "{{ lookup('first_found', params) }}" @@ -36,7 +37,8 @@ tags: - always -- include_role: +- name: Including osa.db_setup role + include_role: name: openstack.osa.db_setup apply: tags: @@ -57,7 +59,8 @@ tags: - always -- include_role: +- name: Including osa.mq_setup role + include_role: name: openstack.osa.mq_setup apply: tags: @@ -106,17 +109,20 @@ tags: - always -- import_tasks: dependent_neutron_roles.yml +- name: Importing dependent_neutron_roles tasks + import_tasks: dependent_neutron_roles.yml -- import_tasks: neutron_pre_install.yml +- name: Importing neutron_pre_install tasks + import_tasks: neutron_pre_install.yml tags: - neutron-install -- import_tasks: neutron_install.yml +- name: Importing neutron_install tasks + import_tasks: neutron_install.yml tags: - neutron-install -- name: refresh local facts +- name: Refresh local facts setup: filter: ansible_local gather_subset: "!all" @@ -163,12 +169,15 @@ when: - neutron_plugin_type == 'ml2.ovn' - neutron_ovn_ssl - - (neutron_services['neutron-ovn-controller']['group'] in group_names) or (neutron_services['neutron-ovn-northd']['group'] in group_names) or (neutron_services['neutron-server']['group'] in group_names) + - (neutron_services['neutron-ovn-controller']['group'] in group_names) or + (neutron_services['neutron-ovn-northd']['group'] in group_names) or + (neutron_services['neutron-server']['group'] in group_names) tags: - always # Include provider specific config(s) -- include_tasks: "{{ item }}" +- name: Including plugin-specific tasks + include_tasks: "{{ item }}" with_first_found: - files: - "{{ neutron_plugin_type.split('.')[-1] }}_config.yml" @@ -178,7 +187,8 @@ tags: - neutron-install -- import_tasks: neutron_post_install.yml +- name: Importing neutron_post_install tasks + import_tasks: neutron_post_install.yml tags: - neutron-config @@ -192,7 +202,7 @@ service_facts: - name: Disable services if they present - service: + systemd: name: "{{ item['service_name'] }}" state: stopped enabled: False @@ -215,10 +225,10 @@ systemd_tempd_prefix: openstack systemd_slice_name: "{{ neutron_system_slice_name }}" systemd_lock_dir: "{{ neutron_lock_dir }}" - systemd_CPUAccounting: true - systemd_BlockIOAccounting: true - systemd_MemoryAccounting: true - systemd_TasksAccounting: true + systemd_service_cpu_accounting: true + systemd_service_block_io_accounting: true + systemd_service_memory_accounting: true + systemd_service_tasks_accounting: true systemd_services: |- {%- set services = [] -%} {%- for service in filtered_neutron_services -%} @@ -238,7 +248,8 @@ - neutron-config - systemd-service -- include_tasks: neutron_db_setup.yml +- name: Including neutron_db_setup role + include_tasks: neutron_db_setup.yml args: apply: tags: @@ -258,7 +269,8 @@ - neutron-config - uwsgi -- include_role: +- name: Including osa.service_setup role + include_role: name: openstack.osa.service_setup apply: tags: diff --git a/tasks/neutron_apparmor.yml b/tasks/neutron_apparmor.yml index 5f5e1cd1..f64f43d3 100644 --- a/tasks/neutron_apparmor.yml +++ b/tasks/neutron_apparmor.yml @@ -38,7 +38,7 @@ # https://github.com/willthames/ansible-lint/issues/275 set -o pipefail exit_code=0 - if aa-status | grep -q {{ item.process }} ; then + if aa-status | grep -q {{ item.process }} ; then aa-disable {{ item.profile }} if [[ $? == 0 ]]; then exit_code=2 diff --git a/tasks/neutron_db_setup.yml b/tasks/neutron_db_setup.yml index a36937e2..b72540ba 100644 --- a/tasks/neutron_db_setup.yml +++ b/tasks/neutron_db_setup.yml @@ -17,6 +17,7 @@ command: "{{ neutron_bin }}/neutron-db-manage --config-file {{ neutron_conf_version_dir }}/neutron.conf upgrade --expand" become: yes become_user: "{{ neutron_system_user_name }}" + changed_when: false when: - "ansible_local['openstack_ansible']['neutron']['need_db_expand'] | bool" - "_neutron_is_first_play_host" @@ -27,6 +28,7 @@ section: neutron option: "need_db_expand" value: "False" + mode: "0644" - name: Check for available offline migrations command: "{{ neutron_bin }}/neutron-db-manage --config-file {{ neutron_conf_version_dir }}/neutron.conf has_offline_migrations" @@ -48,6 +50,7 @@ section: neutron option: "need_db_contract" value: "True" + mode: "0644" when: - "'stdout' in _offline_migrations_check" - "'Need to apply migrations' in _offline_migrations_check.stdout" diff --git a/tasks/neutron_install.yml b/tasks/neutron_install.yml index 7a69b062..42c49c84 100644 --- a/tasks/neutron_install.yml +++ b/tasks/neutron_install.yml @@ -19,6 +19,7 @@ section: "neutron" option: "install_method" value: "{{ neutron_install_method }}" + mode: "0644" - name: Refresh local facts to ensure the neutron section is present setup: @@ -97,6 +98,7 @@ section: neutron option: "{{ item.name }}" value: "{{ item.state }}" + mode: "0644" with_items: - name: "need_db_expand" state: "True" @@ -140,7 +142,8 @@ {{ apparmor_hosts | unique }} when: ansible_facts['pkg_mgr'] == 'apt' -- import_tasks: neutron_apparmor.yml +- name: Importing neutron_apparmor tasks + import_tasks: neutron_apparmor.yml when: - ansible_facts['pkg_mgr'] == 'apt' - inventory_hostname in neutron_apparmor_hosts diff --git a/tasks/neutron_post_install.yml b/tasks/neutron_post_install.yml index c1965adf..7176f275 100644 --- a/tasks/neutron_post_install.yml +++ b/tasks/neutron_post_install.yml @@ -21,9 +21,9 @@ file: path: "{{ item.path | default(omit) }}" state: "directory" - owner: "{{ item.owner|default(neutron_system_user_name) }}" - group: "{{ item.group|default(neutron_system_group_name) }}" - mode: "{{ item.mode | default(omit) }}" + owner: "{{ item.owner | default(neutron_system_user_name) }}" + group: "{{ item.group | default(neutron_system_group_name) }}" + mode: "{{ item.mode | default('0755') }}" with_items: - path: "{{ neutron_conf_version_dir }}/plugins" mode: "0750" @@ -41,6 +41,7 @@ dest: "{{ neutron_conf_version_dir }}/rootwrap.d/" owner: "root" group: "root" + mode: "0644" with_fileglob: - rootwrap.d/* notify: @@ -52,7 +53,7 @@ src: "{{ item.src }}" dest: "{{ item.dest }}" owner: "root" - group: "{{ item.group|default(neutron_system_group_name) }}" + group: "{{ item.group | default(neutron_system_group_name) }}" mode: "0640" config_overrides: "{{ item.config_overrides }}" config_type: "{{ item.config_type }}" @@ -219,7 +220,7 @@ state: stopped enabled: false when: - - ansible_facts['pkg_mgr'] == 'apt' - - ansible_facts['hostname'] in groups['neutron_metadata_agent'] or ansible_facts['hostname'] in groups['neutron_ovn_controller'] - - groups['haproxy_all'] is defined - - ansible_facts['hostname'] not in groups['haproxy_all'] + - ansible_facts['pkg_mgr'] == 'apt' + - ansible_facts['hostname'] in groups['neutron_metadata_agent'] or ansible_facts['hostname'] in groups['neutron_ovn_controller'] + - groups['haproxy_all'] is defined + - ansible_facts['hostname'] not in groups['haproxy_all'] diff --git a/tasks/neutron_pre_install.yml b/tasks/neutron_pre_install.yml index 2f00ae33..a83e6de6 100644 --- a/tasks/neutron_pre_install.yml +++ b/tasks/neutron_pre_install.yml @@ -73,7 +73,7 @@ - path: "{{ neutron_system_home_folder }}" mode: "0755" - path: "{{ neutron_system_home_folder }}/ha_confs" - state: "{{ (neutron_plugin_type == 'ml2.ovn') | ternary('absent','directory') }}" + state: "{{ (neutron_plugin_type == 'ml2.ovn') | ternary('absent', 'directory') }}" - name: Add dependency repos for Neutron package: @@ -92,6 +92,7 @@ dest: "/etc/tmpfiles.d/openstack-openvswitch.conf" line: "D /var/run/openvswitch 2755 root root" create: true + mode: "0644" - name: Create ovs tmp directory file: diff --git a/tasks/providers/opendaylight_config.yml b/tasks/providers/opendaylight_config.yml index 1d7e46d6..6d4ae65d 100644 --- a/tasks/providers/opendaylight_config.yml +++ b/tasks/providers/opendaylight_config.yml @@ -13,5 +13,6 @@ # See the License for the specific language governing permissions and # limitations under the License. -- import_tasks: setup_ovs_opendaylight.yml +- name: Importing setup_ovs_opendaylight tasks + import_tasks: setup_ovs_opendaylight.yml when: neutron_services['neutron-server']['group'] not in group_names diff --git a/tasks/providers/ovn_cluster_setup.yml b/tasks/providers/ovn_cluster_setup.yml index 05548c15..e337d85e 100644 --- a/tasks/providers/ovn_cluster_setup.yml +++ b/tasks/providers/ovn_cluster_setup.yml @@ -58,13 +58,14 @@ # set leader_node variable - name: Set leader_node fact set_fact: - leader_node: "{{ (_find_leader.results | selectattr('stdout', 'search', 'leader')) | map(attribute='container') | list }}" + leader_node: "{{ (_find_leader.results | selectattr('stdout', 'search', 'leader')) | map(attribute='container') | list }}" # This play only run first time to build cluster using primary node. - name: Setup ovn cluster using primary node. template: src: ovn-northd-opts.j2 dest: "{{ neutron_ovn_northd_opts_file }}" + mode: "0644" when: - "inventory_hostname == neutron_ovn_primary_cluster_node" - _check_cluster_db.rc != 0 @@ -83,6 +84,7 @@ - name: Configure connection settings for ovn-nb and ovn-sb command: "{{ cmd }}" + changed_when: false with_items: - "ovn-nbctl --inactivity-probe={{ neutron_ovn_nb_inactivity_probe }} set-connection p{{ ovn_proto }}:6641" - "ovn-sbctl --inactivity-probe={{ neutron_ovn_sb_inactivity_probe }} set-connection p{{ ovn_proto }}:6642" @@ -101,6 +103,7 @@ template: src: ovn-northd-opts.j2 dest: "{{ neutron_ovn_northd_opts_file }}" + mode: "0644" when: - _check_cluster_db.rc != 0 notify: diff --git a/tasks/providers/ovn_config.yml b/tasks/providers/ovn_config.yml index 6f3d5c32..bc887bae 100644 --- a/tasks/providers/ovn_config.yml +++ b/tasks/providers/ovn_config.yml @@ -18,6 +18,7 @@ template: src: ovn-controller-opts.j2 dest: "{{ neutron_ovn_controller_opts_file }}" + mode: "0644" register: ovn_controller_config when: - neutron_services['neutron-ovn-controller']['group'] in group_names @@ -62,9 +63,10 @@ - name: Ensure ovn-controller service is started and enabled systemd: name: "{{ neutron_ovn_controller_service_name }}" - state: "{{ (ovn_controller_config.changed) | ternary('restarted','started') }}" + state: "{{ (ovn_controller_config.changed) | ternary('restarted', 'started') }}" enabled: yes when: - neutron_services['neutron-ovn-controller']['group'] in group_names -- ansible.builtin.include_tasks: setup_ovs_ovn.yml +- name: Including setup_ovs_ovn tasks + ansible.builtin.include_tasks: setup_ovs_ovn.yml diff --git a/tasks/providers/ovs_config.yml b/tasks/providers/ovs_config.yml index 31bda7d4..ea12e3af 100644 --- a/tasks/providers/ovs_config.yml +++ b/tasks/providers/ovs_config.yml @@ -41,6 +41,7 @@ - neutron_provider_networks.network_interface_mappings is defined and (neutron_provider_networks.network_interface_mappings|length > 0) - not ovs_dpdk_support -- ansible.builtin.include_tasks: setup_ovs_dpdk.yml +- name: Including setup_ovs_dpdk tasks + ansible.builtin.include_tasks: setup_ovs_dpdk.yml when: - ovs_dpdk_support diff --git a/tasks/providers/setup_ovs_dpdk.yml b/tasks/providers/setup_ovs_dpdk.yml index 93b67997..93d2a3c8 100644 --- a/tasks/providers/setup_ovs_dpdk.yml +++ b/tasks/providers/setup_ovs_dpdk.yml @@ -63,24 +63,28 @@ - name: Set DPDK lcore mask command: "ovs-vsctl --no-wait set Open_vSwitch . other_config:dpdk-lcore-mask={{ ovs_dpdk_lcore_mask }}" + changed_when: false when: - neutron_services['neutron-openvswitch-agent']['group'] in group_names - '"nova_compute" in group_names' - name: Set DPDK PMD cpu mask command: "ovs-vsctl --no-wait set Open_vSwitch . other_config:pmd-cpu-mask={{ ovs_dpdk_pmd_cpu_mask }}" + changed_when: false when: - neutron_services['neutron-openvswitch-agent']['group'] in group_names - '"nova_compute" in group_names' - name: Set DPDK socket memory command: "ovs-vsctl --no-wait set Open_vSwitch . other_config:dpdk-socket-mem={{ ovs_dpdk_socket_mem }}" + changed_when: false when: - neutron_services['neutron-openvswitch-agent']['group'] in group_names - '"nova_compute" in group_names' - name: Enable DPDK support for openvswitch command: "ovs-vsctl --no-wait set Open_vSwitch . other_config:dpdk-init=true" + changed_when: false when: - neutron_services['neutron-openvswitch-agent']['group'] in group_names - '"nova_compute" in group_names' @@ -117,8 +121,8 @@ - name: Add ports to Network Provider Bridges openvswitch_port: bridge: "{{ interface_mapping.split(':')[0] }}" - port: "{{ interface_mapping.split(':',1)[1] }}" - set: "Interface {{ interface_mapping.split(':',1)[1] }} type=dpdk options:dpdk-devargs='{{ interface_mapping.split(':',1)[1] }}'" + port: "{{ interface_mapping.split(':', 1)[1] }}" + set: "Interface {{ interface_mapping.split(':', 1)[1] }} type=dpdk options:dpdk-devargs='{{ interface_mapping.split(':', 1)[1] }}'" state: present with_items: "{{ neutron_provider_networks.network_interface_mappings.split(',') }}" loop_control: @@ -138,7 +142,9 @@ lacp: "{{ bond_interfaces_mapping.lacp | default('off') }}" bond_updelay: "{{ bond_interfaces_mapping.bond_updelay | default(100) }}" bond_downdelay: "{{ bond_interfaces_mapping.bond_downdelay | default(100) }}" - set: "{% for interface in bond_interfaces_mapping.interfaces %}interface {{ interface }} type=dpdk options:dpdk-devargs='{{ interface }}'{% if not loop.last %},{% endif %}{% endfor %}" + set: >- + {% for interface in bond_interfaces_mapping.interfaces %}interface {{ interface }} type=dpdk options:dpdk-devargs='{{ interface }}'{% + if not loop.last %},{% endif %}{% endfor %} state: present with_items: "{{ neutron_provider_networks.network_bond_interfaces_mappings }}" loop_control: diff --git a/tasks/providers/setup_ovs_opendaylight.yml b/tasks/providers/setup_ovs_opendaylight.yml index d8599a7b..61bfb45f 100644 --- a/tasks/providers/setup_ovs_opendaylight.yml +++ b/tasks/providers/setup_ovs_opendaylight.yml @@ -22,11 +22,16 @@ delay: 5 - name: Set ODL as OvS manager + changed_when: false command: ovs-vsctl set-manager {{ ovs_manager_list }} when: ovs_manager.stdout | length == 0 - name: Configure hosts for networking-odl, force kernel datapath - command: "{{ neutron_bin }}/neutron-odl-ovs-hostconfig --noovs_dpdk {% if neutron_provider_networks.network_mappings is defined and 'odl-router_v2' in neutron_plugin_base or 'odl-router' in neutron_plugin_base %}--datapath_type=system --bridge_mappings={{ neutron_provider_networks.network_mappings }} {% endif %}" + changed_when: false + command: >- + {{ neutron_bin }}/neutron-odl-ovs-hostconfig --noovs_dpdk + {% if neutron_provider_networks.network_mappings is defined and 'odl-router_v2' in neutron_plugin_base or + 'odl-router' in neutron_plugin_base %}--datapath_type=system --bridge_mappings={{ neutron_provider_networks.network_mappings }} {% endif %} when: ovs_manager.stdout | length == 0 - name: Retrieve current OvS local ip @@ -36,17 +41,19 @@ changed_when: False - name: Set local ip for OpenvSwitch + changed_when: false command: "ovs-vsctl set Open_vSwitch . other_config:local_ip={{ neutron_local_ip }}" when: ovs_local_ip.rc != 0 - name: Set the bridge mappings + changed_when: false command: "ovs-vsctl set Open_vSwitch . other_config:provider_mappings={{ neutron_provider_networks.network_mappings }}" when: - neutron_provider_networks.network_mappings is defined - (neutron_plugin_base == 'odl-router' or neutron_plugin_base == 'odl-router_v2') - name: Set the of-tunnel to true + changed_when: false command: "ovs-vsctl set Open_vSwitch . external_ids:of-tunnel=true" when: - neutron_plugin_base == 'sfc' - diff --git a/tasks/providers/setup_ovs_ovn.yml b/tasks/providers/setup_ovs_ovn.yml index 2302fee7..6ec7b2d4 100644 --- a/tasks/providers/setup_ovs_ovn.yml +++ b/tasks/providers/setup_ovs_ovn.yml @@ -15,26 +15,33 @@ # limitations under the License. - name: Set openvswitch hostname + changed_when: false command: "ovs-vsctl set open_vswitch . external-ids:hostname='{{ ansible_facts['nodename'] }}'" when: - (neutron_services['neutron-ovn-controller']['group'] in group_names) - name: Set CMS Options for Gateway Scheduling + changed_when: false command: "ovs-vsctl set open . external-ids:ovn-cms-options=enable-chassis-as-gw" when: - '"neutron_ovn_gateway" in group_names' - name: Configure OVN Southbound Connection + changed_when: false command: "ovs-vsctl set open . external-ids:ovn-remote={{ neutron_ovn_sb_connection }}" when: - neutron_services['neutron-ovn-controller']['group'] in group_names - name: Configure Supported OVN Overlay Protocols - command: "ovs-vsctl set open . external-ids:ovn-encap-type={{ neutron_provider_networks.network_types.split(',') | intersect(['geneve', 'vxlan', 'stt']) | join(',') }}" + changed_when: false + command: >- + ovs-vsctl set open . external-ids:ovn-encap-type={{ neutron_provider_networks.network_types.split(',') | intersect( + ['geneve', 'vxlan', 'stt']) | join(',') }} when: - neutron_services['neutron-ovn-controller']['group'] in group_names - name: Configure Encapsulation Address for Overlay Traffic + changed_when: false command: "ovs-vsctl set open . external-ids:ovn-encap-ip={{ neutron_local_ip }}" when: - neutron_services['neutron-ovn-controller']['group'] in group_names @@ -42,12 +49,14 @@ # Create an ovsdb manager for Nova (os-vif) - name: Register existing OVSDB Manager(s) command: ovs-vsctl get-manager + changed_when: false register: existing_ovsdb_manager when: - neutron_services['neutron-ovn-controller']['group'] in group_names - name: Create OVSDB Manager command: ovs-vsctl --id @manager create Manager "target=\"{{ neutron_ovsdb_manager }}\"" -- add Open_vSwitch . manager_options @manager + changed_when: false when: - neutron_services['neutron-ovn-controller']['group'] in group_names - neutron_ovsdb_manager not in existing_ovsdb_manager.stdout_lines @@ -78,10 +87,12 @@ - name: Set the OVN Bridge Mappings in OVS command: "ovs-vsctl set open . external-ids:ovn-bridge-mappings={{ neutron_provider_networks.network_mappings }}" + changed_when: false when: - neutron_provider_networks.network_mappings is defined - neutron_services['neutron-ovn-controller']['group'] in group_names -- include_tasks: ovn_cluster_setup.yml +- name: Including ovn_cluster_setup tasks + include_tasks: ovn_cluster_setup.yml when: - neutron_services['neutron-ovn-northd']['group'] in group_names diff --git a/vars/main.yml b/vars/main.yml index cecd5407..5aa846e6 100644 --- a/vars/main.yml +++ b/vars/main.yml @@ -13,9 +13,21 @@ # See the License for the specific language governing permissions and # limitations under the License. -_neutron_is_first_play_host: "{{ (neutron_services['neutron-server']['group'] in group_names and inventory_hostname == (groups[neutron_services['neutron-server']['group']] | intersect(ansible_play_hosts)) | first) | bool }}" -_neutron_oslomsg_rpc_vhost_conf: "{{ (neutron_oslomsg_rpc_vhost is string) | ternary(neutron_oslomsg_rpc_vhost, neutron_oslomsg_rpc_vhost | selectattr('state', 'eq', 'present') | map(attribute='name') | first) }}" -_neutron_oslomsg_notify_vhost_conf: "{{ (neutron_oslomsg_notify_vhost is string) | ternary(neutron_oslomsg_notify_vhost, neutron_oslomsg_notify_vhost | selectattr('state', 'eq', 'present') | map(attribute='name') | first) }}" +_neutron_is_first_play_host: >- + {{ + (neutron_services['neutron-server']['group'] in group_names and inventory_hostname == ( + groups[neutron_services['neutron-server']['group']] | intersect(ansible_play_hosts)) | first) | bool + }} +_neutron_oslomsg_rpc_vhost_conf: >- + {{ + (neutron_oslomsg_rpc_vhost is string) | ternary( + neutron_oslomsg_rpc_vhost, neutron_oslomsg_rpc_vhost | selectattr('state', 'eq', 'present') | map(attribute='name') | first) + }} +_neutron_oslomsg_notify_vhost_conf: >- + {{ + (neutron_oslomsg_notify_vhost is string) | ternary( + neutron_oslomsg_notify_vhost, neutron_oslomsg_notify_vhost | selectattr('state', 'eq', 'present') | map(attribute='name') | first) + }} ### ### Open vSwitch @@ -233,11 +245,11 @@ neutron_plugins: neutron_ml2_mechanism_drivers: >- {%- set _var = [] -%} - {%- for plugin in [neutron_plugin_type]|union(neutron_plugin_types) -%} - {%- if _var.append(neutron_plugins[plugin].mechanisms) -%}{%- endif -%} + {%- for plugin in [neutron_plugin_type] | union(neutron_plugin_types) -%} + {%- if _var.append(neutron_plugins[plugin].mechanisms) -%}{%- endif -%} {%- endfor -%} {%- if neutron_l2_population | bool -%} - {%- if _var.append('l2population') -%}{%- endif -%} + {%- if _var.append('l2population') -%}{%- endif -%} {%- endif -%} {{ _var | join(',') }} @@ -247,7 +259,11 @@ _neutron_non_tunnel_types: - vlan - local -_neutron_ovs_disabled: "{{ (neutron_services['neutron-ovn-northd']['group'] or neutron_services['neutron-server']['group'] in group_names) and (neutron_services['neutron-ovn-controller']['group'] not in group_names) and (neutron_plugin_type == 'ml2.ovn') }}" +_neutron_ovs_disabled: >- + {{ + (neutron_services['neutron-ovn-northd']['group'] or neutron_services['neutron-server']['group'] in group_names) and + (neutron_services['neutron-ovn-controller']['group'] not in group_names) and (neutron_plugin_type == 'ml2.ovn') + }} # Tunnel network types used by the OVS agent neutron_tunnel_types: "{{ neutron_ml2_drivers_type.split(',') | difference(_neutron_non_tunnel_types) | join(',') }}" @@ -260,7 +276,7 @@ opendaylight_extra_features: |- {%- endif -%} {{ features }} -opendaylight_install_method: "{{ (ansible_facts['os_family']=='Debian') | ternary('deb_repo', 'rpm_repo') }}" +opendaylight_install_method: "{{ (ansible_facts['os_family'] == 'Debian') | ternary('deb_repo', 'rpm_repo') }}" ovs_manager_list: |- {% set ovs_managers_odls = [] %} @@ -273,15 +289,20 @@ ovs_manager_list: |- ### ## Please add 'router' to the neutron_plugin_base list -#TODO(odyssey4me): Remove the class path from this conditional in the Newton cycle +# TODO(odyssey4me): Remove the class path from this conditional in the Newton cycle # Should the neutron-l3-agent service should be enabled on the host -neutron_l3: "{% if 'router' in neutron_plugin_base or 'neutron.services.l3_router.l3_router_plugin.L3RouterPlugin' in neutron_plugin_base or 'df-l3' in neutron_plugin_base %}True{% else %}False{% endif %}" +neutron_l3: >- + {% + if 'router' in neutron_plugin_base or + 'neutron.services.l3_router.l3_router_plugin.L3RouterPlugin' in neutron_plugin_base or + 'df-l3' in neutron_plugin_base + %}True{% else %}False{% endif %} ### ### DHCP Agent Plugin Configuration ### -neutron_dhcp: "{% if (neutron_plugin_type.split('.')[0] == 'ml2') and (neutron_plugin_type != 'ml2.ovn') %}True{% else %}False{% endif %}" +neutron_dhcp: "{% if (neutron_plugin_type.split('.')[0] == 'ml2') and (neutron_plugin_type != 'ml2.ovn') %}True{% else %}False{% endif %}" ### ### Metadata Agent Plugin Configuration @@ -387,7 +408,8 @@ neutron_services: service_conf_path: "{{ neutron_conf_version_dir }}" service_conf: dhcp_agent.ini service_rootwrap: rootwrap.d/dhcp.filters - execstarts: "{{ neutron_bin }}/neutron-dhcp-agent --config-file {{ neutron_conf_dir }}/neutron.conf --config-file {{ neutron_conf_dir }}/dhcp_agent.ini" + execstarts: >- + {{ neutron_bin }}/neutron-dhcp-agent --config-file {{ neutron_conf_dir }}/neutron.conf --config-file {{ neutron_conf_dir }}/dhcp_agent.ini config_overrides: "{{ neutron_dhcp_agent_ini_overrides }}" config_type: "ini" init_config_overrides: "{{ neutron_dhcp_agent_init_overrides }}" @@ -399,7 +421,9 @@ neutron_services: service_conf_path: "{{ neutron_conf_version_dir }}" service_conf: plugins/ml2/openvswitch_agent.ini service_rootwrap: rootwrap.d/openvswitch-plugin.filters - execstarts: "{{ neutron_bin }}/neutron-openvswitch-agent --config-file {{ neutron_conf_dir }}/neutron.conf --config-file {{ neutron_conf_dir }}/plugins/ml2/ml2_conf.ini --config-file {{ neutron_conf_dir }}/plugins/ml2/openvswitch_agent.ini" + execstarts: >- + {{ neutron_bin }}/neutron-openvswitch-agent --config-file {{ neutron_conf_dir }}/neutron.conf + --config-file {{ neutron_conf_dir }}/plugins/ml2/ml2_conf.ini --config-file {{ neutron_conf_dir }}/plugins/ml2/openvswitch_agent.ini config_overrides: "{{ neutron_openvswitch_agent_ini_overrides }}" config_type: "ini" init_config_overrides: "{{ neutron_openvswitch_agent_init_overrides }}" @@ -411,7 +435,9 @@ neutron_services: service_conf_path: "{{ neutron_conf_version_dir }}" service_conf: plugins/ml2/linuxbridge_agent.ini service_rootwrap: rootwrap.d/linuxbridge-plugin.filters - execstarts: "{{ neutron_bin }}/neutron-linuxbridge-agent --config-file {{ neutron_conf_dir }}/neutron.conf --config-file {{ neutron_conf_dir }}/plugins/ml2/ml2_conf.ini --config-file {{ neutron_conf_dir }}/plugins/ml2/linuxbridge_agent.ini" + execstarts: >- + {{ neutron_bin }}/neutron-linuxbridge-agent --config-file {{ neutron_conf_dir }}/neutron.conf + --config-file {{ neutron_conf_dir }}/plugins/ml2/ml2_conf.ini --config-file {{ neutron_conf_dir }}/plugins/ml2/linuxbridge_agent.ini config_overrides: "{{ neutron_linuxbridge_agent_ini_overrides }}" config_type: "ini" init_config_overrides: "{{ neutron_linuxbridge_agent_init_overrides }}" @@ -422,7 +448,8 @@ neutron_services: service_en: "{{ neutron_metadata | bool }}" service_conf_path: "{{ neutron_conf_version_dir }}" service_conf: metadata_agent.ini - execstarts: "{{ neutron_bin }}/neutron-metadata-agent --config-file {{ neutron_conf_dir }}/neutron.conf --config-file {{ neutron_conf_dir }}/metadata_agent.ini" + execstarts: >- + {{ neutron_bin }}/neutron-metadata-agent --config-file {{ neutron_conf_dir }}/neutron.conf --config-file {{ neutron_conf_dir }}/metadata_agent.ini config_overrides: "{{ neutron_metadata_agent_ini_overrides }}" config_type: "ini" init_config_overrides: "{{ neutron_metadata_agent_init_overrides }}" @@ -433,7 +460,8 @@ neutron_services: service_en: "{{ neutron_metering | bool }}" service_conf_path: "{{ neutron_conf_version_dir }}" service_conf: metering_agent.ini - execstarts: "{{ neutron_bin }}/neutron-metering-agent --config-file {{ neutron_conf_dir }}/neutron.conf --config-file {{ neutron_conf_dir }}/metering_agent.ini" + execstarts: >- + {{ neutron_bin }}/neutron-metering-agent --config-file {{ neutron_conf_dir }}/neutron.conf --config-file {{ neutron_conf_dir }}/metering_agent.ini config_overrides: "{{ neutron_metering_agent_ini_overrides }}" config_type: "ini" init_config_overrides: "{{ neutron_metering_agent_init_overrides }}" @@ -458,7 +486,8 @@ neutron_services: service_en: "{{ neutron_bgp | bool }}" service_conf_path: "{{ neutron_conf_version_dir }}" service_conf: bgp_dragent.ini - execstarts: "{{ neutron_bin }}/neutron-bgp-dragent --config-file {{ neutron_conf_dir }}/neutron.conf --config-file {{ neutron_conf_dir }}/bgp_dragent.ini" + execstarts: >- + {{ neutron_bin }}/neutron-bgp-dragent --config-file {{ neutron_conf_dir }}/neutron.conf --config-file {{ neutron_conf_dir }}/bgp_dragent.ini config_overrides: "{{ neutron_bgp_dragent_ini_overrides }}" config_type: "ini" init_config_overrides: "{{ neutron_bgp_dragent_init_overrides }}" @@ -473,9 +502,18 @@ neutron_services: uwsgi_bind_address: "{{ neutron_api_bind_address }}" uwsgi_port: "{{ neutron_service_port }}" uwsgi_tls: "{{ neutron_backend_ssl | ternary(neutron_uwsgi_tls, {}) }}" - uwsgi_pyargv: "--config-file {{ neutron_conf_dir }}/neutron.conf --config-file {{ neutron_conf_dir }}/{{ neutron_plugins[neutron_plugin_type].plugin_ini }}{%- if ('ml2.genericswitch' in neutron_plugin_types) %} --config-file {{ neutron_conf_dir }}/{{ neutron_plugins['ml2.genericswitch'].plugin_ini }}{%- endif %}" + uwsgi_pyargv: >- + --config-file {{ neutron_conf_dir }}/neutron.conf --config-file {{ neutron_conf_dir }}/{{ neutron_plugins[neutron_plugin_type].plugin_ini -}} + {% if ('ml2.genericswitch' in neutron_plugin_types) -%} + --config-file {{ neutron_conf_dir }}/{{ neutron_plugins['ml2.genericswitch'].plugin_ini }} + {% endif %} wsgi_name: "neutron-api" - execstarts: "{{ neutron_bin }}/neutron-server --config-file {{ neutron_conf_dir }}/neutron.conf --config-file {{ neutron_conf_dir }}/{{ neutron_plugins[neutron_plugin_type].plugin_ini }}{%- if ('ml2.genericswitch' in neutron_plugin_types) %} --config-file {{ neutron_conf_dir }}/{{ neutron_plugins['ml2.genericswitch'].plugin_ini }}{%- endif %}" + execstarts: >- + {{ neutron_bin }}/neutron-server --config-file {{ neutron_conf_dir }}/neutron.conf + --config-file {{ neutron_conf_dir }}/{{ neutron_plugins[neutron_plugin_type].plugin_ini }} + {% if ('ml2.genericswitch' in neutron_plugin_types) -%} + --config-file {{ neutron_conf_dir }}/{{ neutron_plugins['ml2.genericswitch'].plugin_ini }} + {% endif %} init_config_overrides: "{{ neutron_server_init_overrides }}" neutron-rpc-server: group: neutron_server @@ -483,14 +521,21 @@ neutron_services: service_en: "{{ neutron_use_uwsgi }}" init_config_overrides: "{{ neutron_rpc_server_init_overrides | combine(neutron_server_init_overrides) }}" start_order: 2 - execstarts: "{{ neutron_bin }}/neutron-rpc-server --config-file {{ neutron_conf_dir }}/neutron.conf --config-file {{ neutron_conf_dir }}/{{ neutron_plugins[neutron_plugin_type].plugin_ini }}{%- if ('ml2.genericswitch' in neutron_plugin_types) %} --config-file {{ neutron_conf_dir }}/{{ neutron_plugins['ml2.genericswitch'].plugin_ini }}{%- endif %}" + execstarts: >- + {{ neutron_bin }}/neutron-rpc-server --config-file {{ neutron_conf_dir }}/neutron.conf + --config-file {{ neutron_conf_dir }}/{{ neutron_plugins[neutron_plugin_type].plugin_ini }} + {% if ('ml2.genericswitch' in neutron_plugin_types) -%} + --config-file {{ neutron_conf_dir }}/{{ neutron_plugins['ml2.genericswitch'].plugin_ini }} + {% endif %} neutron-sriov-nic-agent: group: neutron_sriov_nic_agent service_name: neutron-sriov-nic-agent service_en: "{{ 'ml2.sriov' in neutron_plugin_types }}" service_conf_path: "{{ neutron_conf_version_dir }}" service_conf: plugins/ml2/sriov_nic_agent.ini - execstarts: "{{ neutron_bin }}/neutron-sriov-nic-agent --config-file {{ neutron_conf_dir }}/neutron.conf --config-file {{ neutron_conf_dir }}/plugins/ml2/ml2_conf.ini --config-file {{ neutron_conf_dir }}/plugins/ml2/sriov_nic_agent.ini" + execstarts: >- + {{ neutron_bin }}/neutron-sriov-nic-agent --config-file {{ neutron_conf_dir }}/neutron.conf + --config-file {{ neutron_conf_dir }}/plugins/ml2/ml2_conf.ini --config-file {{ neutron_conf_dir }}/plugins/ml2/sriov_nic_agent.ini config_overrides: "{{ neutron_sriov_nic_agent_ini_overrides }}" config_type: "ini" init_config_overrides: "{{ neutron_sriov_nic_agent_init_overrides }}" @@ -511,7 +556,9 @@ neutron_services: service_conf_path: "{{ neutron_conf_version_dir }}" service_conf: neutron_ovn_metadata_agent.ini service_rootwrap: rootwrap.d/ovn-plugin.filters - execstarts: "{{ neutron_bin }}/neutron-ovn-metadata-agent --config-file {{ neutron_conf_dir }}/neutron.conf --config-file {{ neutron_conf_dir }}/plugins/ml2/ml2_conf.ini --config-file {{ neutron_conf_dir }}/neutron_ovn_metadata_agent.ini" + execstarts: >- + {{ neutron_bin }}/neutron-ovn-metadata-agent --config-file {{ neutron_conf_dir }}/neutron.conf + --config-file {{ neutron_conf_dir }}/plugins/ml2/ml2_conf.ini --config-file {{ neutron_conf_dir }}/neutron_ovn_metadata_agent.ini config_overrides: "{{ neutron_ovn_metadata_agent_ini_overrides }}" config_type: "ini" init_config_overrides: "{{ neutron_ovn_metadata_agent_init_overrides }}" @@ -522,7 +569,9 @@ neutron_services: service_en: "{{ 'ml2.baremetal' in neutron_plugin_types }}" service_conf_path: "{{ neutron_conf_version_dir }}" service_conf: plugins/ml2/ironic_neutron_agent.ini - execstarts: "{{ neutron_bin }}/ironic-neutron-agent --config-file {{ neutron_conf_dir }}/neutron.conf --config-file {{ neutron_conf_dir }}/plugins/ml2/ml2_conf.ini --config-file {{ neutron_conf_dir }}/plugins/ml2/ironic_neutron_agent.ini" + execstarts: >- + {{ neutron_bin }}/ironic-neutron-agent --config-file {{ neutron_conf_dir }}/neutron.conf + --config-file {{ neutron_conf_dir }}/plugins/ml2/ml2_conf.ini --config-file {{ neutron_conf_dir }}/plugins/ml2/ironic_neutron_agent.ini config_overrides: "{{ neutron_ironic_neutron_agent_ini_overrides }}" config_type: "ini" init_config_overrides: "{{ neutron_ironic_neutron_agent_init_overrides }}" diff --git a/vars/redhat.yml b/vars/redhat.yml index 070d7a44..116b48b2 100644 --- a/vars/redhat.yml +++ b/vars/redhat.yml @@ -57,7 +57,7 @@ neutron_distro_packages: - which neutron_ovn_distro_packages: - - openvswitch-ovn-common + - openvswitch-ovn-common neutron_ovn_controller_distro_packages: - openvswitch-ovn-host