39b3e9a934
The post up checksum script was being executed by the legacy networking To ensure we retain the same capabilities the checksum fix script has been moved into a systemd oneshot service. Change-Id: I58d393eb8c78a541142a29c5e0678cbd6ec18b65 Signed-off-by: Kevin Carter <kevin.carter@rackspace.com>
167 lines
5.3 KiB
YAML
167 lines
5.3 KiB
YAML
---
|
|
# Copyright 2014, Rackspace US, Inc.
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
# you may not use this file except in compliance with the License.
|
|
# You may obtain a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
# See the License for the specific language governing permissions and
|
|
# limitations under the License.
|
|
|
|
- name: Copy common neutron config
|
|
config_template:
|
|
src: "{{ item.src }}"
|
|
dest: "{{ item.dest }}"
|
|
owner: "root"
|
|
group: "{{ item.group|default(neutron_system_group_name) }}"
|
|
mode: "0640"
|
|
config_overrides: "{{ item.config_overrides }}"
|
|
config_type: "{{ item.config_type }}"
|
|
with_items:
|
|
- src: "neutron.conf.j2"
|
|
dest: "{{ neutron_conf_dir }}/neutron.conf"
|
|
config_overrides: "{{ neutron_neutron_conf_overrides }}"
|
|
config_type: "ini"
|
|
- src: "{{ neutron_plugins[neutron_plugin_type].plugin_ini }}.j2"
|
|
dest: "{{ neutron_conf_dir }}/{{ neutron_plugins[neutron_plugin_type].plugin_ini }}"
|
|
config_overrides: "{{ neutron_plugins[neutron_plugin_type].plugin_conf_ini_overrides }}"
|
|
config_type: "ini"
|
|
- src: "api-paste.ini.j2"
|
|
dest: "{{ neutron_conf_dir }}/api-paste.ini"
|
|
config_overrides: "{{ neutron_api_paste_ini_overrides }}"
|
|
config_type: "ini"
|
|
- src: "rootwrap.conf.j2"
|
|
dest: "{{ neutron_conf_dir }}/rootwrap.conf"
|
|
config_overrides: "{{ neutron_rootwrap_conf_overrides }}"
|
|
config_type: "ini"
|
|
- src: "policy.json.j2"
|
|
dest: "{{ neutron_conf_dir }}/policy.json-{{ neutron_venv_tag }}"
|
|
config_overrides: "{{ neutron_policy_overrides }}"
|
|
config_type: "json"
|
|
notify:
|
|
- Restart neutron services
|
|
|
|
- name: Copy neutron ml2 plugin config
|
|
config_template:
|
|
src: "{{ neutron_plugins[item].plugin_ini }}.j2"
|
|
dest: "{{ neutron_conf_dir }}/{{ neutron_plugins[item].plugin_ini }}"
|
|
owner: "root"
|
|
group: "{{ neutron_system_group_name }}"
|
|
mode: "0640"
|
|
config_overrides: "{{ neutron_plugins[item].plugin_conf_ini_overrides }}"
|
|
config_type: "ini"
|
|
with_items: "{{ neutron_plugin_types }}"
|
|
|
|
- name: Generate neutron dnsmasq Config
|
|
template:
|
|
src: "dnsmasq-neutron.conf.j2"
|
|
dest: "{{ neutron_conf_dir }}/dnsmasq-neutron.conf"
|
|
owner: "root"
|
|
group: "{{ neutron_system_group_name }}"
|
|
mode: "0640"
|
|
notify:
|
|
- Restart neutron services
|
|
when:
|
|
- neutron_services['neutron-dhcp-agent']['group'] in group_names
|
|
|
|
- name: Generate neutron agent only Config
|
|
config_template:
|
|
src: "{{ item.service_conf }}.j2"
|
|
dest: "{{ item.service_conf_path }}/{{ item.service_conf }}"
|
|
owner: "root"
|
|
group: "{{ neutron_system_group_name }}"
|
|
mode: "0640"
|
|
config_overrides: "{{ item.config_overrides }}"
|
|
config_type: "{{ item.config_type }}"
|
|
with_items: "{{ filtered_neutron_services }}"
|
|
notify:
|
|
- Restart neutron services
|
|
when:
|
|
- "'service_conf_path' in item"
|
|
- "'service_conf' in item"
|
|
|
|
- name: Generate neutron bgpvpn networking configuration
|
|
template:
|
|
src: "networking_bgpvpn.conf.j2"
|
|
dest: "{{ neutron_conf_dir }}/networking_bgpvpn.conf"
|
|
owner: "root"
|
|
group: "{{ neutron_system_group_name }}"
|
|
mode: "0640"
|
|
notify:
|
|
- Restart neutron services
|
|
when:
|
|
- "'bgpvpn' in neutron_plugin_base"
|
|
|
|
- name: Copy neutron rootwrap filters
|
|
copy:
|
|
src: "{{ item }}"
|
|
dest: "{{ neutron_conf_dir }}/rootwrap.d/"
|
|
owner: "root"
|
|
group: "root"
|
|
with_fileglob:
|
|
- rootwrap.d/*
|
|
notify:
|
|
- Restart neutron services
|
|
|
|
- name: Drop neutron agent rootwrap filters
|
|
copy:
|
|
src: "{{ item.service_rootwrap }}"
|
|
dest: "{{ neutron_conf_dir }}/{{ item.service_rootwrap }}"
|
|
owner: "root"
|
|
group: "root"
|
|
with_items: "{{ filtered_neutron_services }}"
|
|
when:
|
|
- "'service_rootwrap' in item"
|
|
notify:
|
|
- Restart neutron services
|
|
|
|
# NOTE: Remove this in S
|
|
# This option has been removed with the implementation of networkd within the
|
|
# host and container. Additionally the execution of this script is now
|
|
# controlled by a systemd oneshot service so the legacy configs are no longer
|
|
# needed.
|
|
- name: Remove legacy checksum fix script
|
|
file:
|
|
path: "{{ neutron_checksum_script }}"
|
|
state: absent
|
|
|
|
- name: Drop metadata iptables checksum fix
|
|
copy:
|
|
src: "post-up-metadata-checksum"
|
|
dest: "/usr/local/bin/post-up-metadata-checksum"
|
|
owner: "root"
|
|
group: "root"
|
|
mode: "0755"
|
|
when:
|
|
- neutron_metadata_checksum_fix | bool
|
|
- neutron_services['neutron-linuxbridge-agent']['group'] in group_names
|
|
|
|
- name: Run the systemd service role
|
|
include_role:
|
|
name: systemd_service
|
|
private: true
|
|
vars:
|
|
systemd_services:
|
|
- service_name: "neutron-post-up-metadata-checksum"
|
|
config_overrides:
|
|
Unit:
|
|
Description: networking-post-up
|
|
After: network-online.target
|
|
Wants: network-online.target
|
|
Service:
|
|
RemainAfterExit: yes
|
|
service_type: oneshot
|
|
execstarts:
|
|
- "/usr/local/bin/post-up-metadata-checksum"
|
|
enabled: yes
|
|
state: started
|
|
systemd_tempd_prefix: openstack
|
|
when:
|
|
- neutron_metadata_checksum_fix | bool
|
|
- neutron_services['neutron-linuxbridge-agent']['group'] in group_names
|