--- # Copyright 2014, Rackspace US, Inc. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. - name: Create the system group group: name: "{{ neutron_system_group_name }}" state: "present" system: "yes" - name: Create the neutron system user user: name: "{{ neutron_system_user_name }}" group: "{{ neutron_system_group_name }}" comment: "{{ neutron_system_comment }}" shell: "{{ neutron_system_shell }}" system: "yes" createhome: "yes" home: "/var/lib/{{ neutron_system_user_name }}" - name: Create neutron dir file: path: "{{ item.path }}" state: directory owner: "{{ item.owner|default(neutron_system_user_name) }}" group: "{{ item.group|default(neutron_system_group_name) }}" mode: "{{ item.mode | default(omit) }}" with_items: - { path: "/openstack", owner: "root", group: "root" } - { path: "{{ neutron_conf_dir }}", mode: "0750" } - { path: "{{ neutron_conf_dir }}/plugins", mode: "0750" } - { path: "{{ neutron_conf_dir }}/plugins/{{ neutron_plugin_type.split('.')[0] }}", mode: "0750" } - { path: "{{ neutron_conf_dir }}/rootwrap.d", owner: "root", group: "root" } - { path: "/etc/sudoers.d", mode: "0750", owner: "root", group: "root" } - { path: "/var/cache/neutron" } - { path: "{{ neutron_lock_path }}" } - { path: "/var/run/neutron" } - { path: "{{ neutron_system_home_folder }}", mode: "0755" } - { path: "{{ neutron_system_home_folder }}/ha_confs" } - name: Test for log directory or link shell: | if [ -h "{{ neutron_log_dir }}" ]; then chown -h {{ neutron_system_user_name }}:{{ neutron_system_group_name }} "{{ neutron_log_dir }}" chown -R {{ neutron_system_user_name }}:{{ neutron_system_group_name }} "$(readlink {{ neutron_log_dir }})" else exit 1 fi register: log_dir failed_when: false changed_when: log_dir.rc != 0 - name: Create neutron log dir file: path: "{{ item.path }}" state: directory owner: "{{ item.owner|default(neutron_system_user_name) }}" group: "{{ item.group|default(neutron_system_group_name) }}" mode: "{{ item.mode|default('0755') }}" with_items: - { path: "{{ neutron_log_dir }}" } when: log_dir.rc != 0 - name: Drop sudoers file template: src: "sudoers.j2" dest: "/etc/sudoers.d/{{ neutron_system_user_name }}_sudoers" mode: "0440" owner: "root" group: "root" - name: Add zypper repo for ovs-nsh package zypper_repository: repo: "{{ repo.repo }}" state: "{{ repo.state | default('present') }}" name: "{{ repo.name | default(omit) }}" enabled: "{{ repo.enabled | default(omit) }}" disable_gpg_check: "{{ repo.disable_gpg_check | default(omit) }}" description: "{{ repo.description | default(omit) }}" autorefresh: "{{ repo.autorefresh | default(omit) }}" auto_import_keys: "{{ repo.auto_import_keys | default(omit) }}" priority: "{{ repo.priority | default(omit) }}" with_items: "{{ neutron_repos }}" loop_control: loop_var: repo when: - ansible_pkg_mgr == 'zypper' - ovs_nsh_support | bool - name: Create ovs tempfiles directory block: - name: Create ovs tmpfiles file lineinfile: dest: "/etc/tmpfiles.d/openstack-openvswitch.conf" line: "D /var/run/openvswitch 2755 root root" create: true - name: Create ovs tmp directory file: path: "/var/run/openvswitch" state: directory mode: "02755" when: - "'ovs' in neutron_plugin_type | lower"