Support Neutron policy file in both .json and .yaml format
Change-Id: I22a995195a1d12bb759cba9777527c23475124f2
This commit is contained in:
parent
cee03f4b00
commit
92deddca88
@ -34,6 +34,39 @@
|
|||||||
notify:
|
notify:
|
||||||
- "Restart {{ item.key }} container"
|
- "Restart {{ item.key }} container"
|
||||||
|
|
||||||
|
- name: Check if policies shall be overwritten
|
||||||
|
stat:
|
||||||
|
path: "{{ item }}"
|
||||||
|
delegate_to: localhost
|
||||||
|
run_once: True
|
||||||
|
register: neutron_policy
|
||||||
|
with_first_found:
|
||||||
|
- files: "{{ supported_policy_format_list }}"
|
||||||
|
paths:
|
||||||
|
- "{{ node_custom_config }}/neutron/"
|
||||||
|
skip: true
|
||||||
|
|
||||||
|
- name: Set neutron policy file
|
||||||
|
set_fact:
|
||||||
|
neutron_policy_file: "{{ neutron_policy.results.0.stat.path | basename }}"
|
||||||
|
neutron_policy_file_path: "{{ neutron_policy.results.0.stat.path }}"
|
||||||
|
when:
|
||||||
|
- neutron_policy.results
|
||||||
|
|
||||||
|
- name: Copying over existing policy file
|
||||||
|
template:
|
||||||
|
src: "{{ neutron_policy_file_path }}"
|
||||||
|
dest: "{{ node_config_directory }}/{{ item.key }}/{{ neutron_policy_file }}"
|
||||||
|
mode: "0660"
|
||||||
|
become: true
|
||||||
|
when:
|
||||||
|
- neutron_policy_file is defined
|
||||||
|
- item.value.enabled | bool
|
||||||
|
- item.value.host_in_groups | bool
|
||||||
|
with_dict: "{{ neutron_services }}"
|
||||||
|
notify:
|
||||||
|
- "Restart {{ item.key }} container"
|
||||||
|
|
||||||
- name: Copying over config.json files for services
|
- name: Copying over config.json files for services
|
||||||
become: true
|
become: true
|
||||||
template:
|
template:
|
||||||
@ -351,13 +384,6 @@
|
|||||||
notify:
|
notify:
|
||||||
- "Restart {{ service_name }} container"
|
- "Restart {{ service_name }} container"
|
||||||
|
|
||||||
- name: Check if policies shall be overwritten
|
|
||||||
stat:
|
|
||||||
path: "{{ node_custom_config }}/neutron/policy.json"
|
|
||||||
delegate_to: localhost
|
|
||||||
run_once: True
|
|
||||||
register: neutron_policy
|
|
||||||
|
|
||||||
- name: Copying over nsx.ini
|
- name: Copying over nsx.ini
|
||||||
vars:
|
vars:
|
||||||
service_name: "neutron-server"
|
service_name: "neutron-server"
|
||||||
@ -376,33 +402,6 @@
|
|||||||
notify:
|
notify:
|
||||||
- "Restart {{ service_name }} container"
|
- "Restart {{ service_name }} container"
|
||||||
|
|
||||||
- name: Copying over existing policy.json
|
|
||||||
become: true
|
|
||||||
vars:
|
|
||||||
service_name: "{{ item.key }}"
|
|
||||||
services_need_policy_json:
|
|
||||||
- "neutron-dhcp-agent"
|
|
||||||
- "neutron-l3-agent"
|
|
||||||
- "neutron-linuxbridge-agent"
|
|
||||||
- "neutron-metadata-agent"
|
|
||||||
- "neutron-metering-agent"
|
|
||||||
- "neutron-openvswitch-agent"
|
|
||||||
- "neutron-openvswitch-agent-xenapi"
|
|
||||||
- "neutron-server"
|
|
||||||
- "neutron-bgp-dragent"
|
|
||||||
- "neutron-sriov-agent"
|
|
||||||
template:
|
|
||||||
src: "{{ node_custom_config }}/neutron/policy.json"
|
|
||||||
dest: "{{ node_config_directory }}/{{ service_name }}/policy.json"
|
|
||||||
mode: "0660"
|
|
||||||
when:
|
|
||||||
- neutron_policy.stat.exists
|
|
||||||
- item.value.enabled | bool
|
|
||||||
- item.value.host_in_groups | bool
|
|
||||||
with_dict: "{{ neutron_services }}"
|
|
||||||
notify:
|
|
||||||
- "Restart {{ item.key }} container"
|
|
||||||
|
|
||||||
- name: Copy neutron-l3-agent-wrapper script
|
- name: Copy neutron-l3-agent-wrapper script
|
||||||
become: true
|
become: true
|
||||||
vars:
|
vars:
|
||||||
|
@ -12,14 +12,13 @@
|
|||||||
"dest": "/etc/neutron/bgp_dragent.ini",
|
"dest": "/etc/neutron/bgp_dragent.ini",
|
||||||
"owner": "neutron",
|
"owner": "neutron",
|
||||||
"perm": "0600"
|
"perm": "0600"
|
||||||
},
|
}{% if neutron_policy_file is defined %},
|
||||||
{
|
{
|
||||||
"source": "{{ container_config_directory }}/policy.json",
|
"source": "{{ container_config_directory }}/{{ neutron_policy_file }}",
|
||||||
"dest": "/etc/neutron/policy.json",
|
"dest": "/etc/neutron/{{ neutron_policy_file }}",
|
||||||
"owner": "neutron",
|
"owner": "neutron",
|
||||||
"perm": "0600",
|
"perm": "0600"
|
||||||
"optional": true
|
}{% endif %}
|
||||||
}
|
|
||||||
],
|
],
|
||||||
"permissions": [
|
"permissions": [
|
||||||
{
|
{
|
||||||
|
@ -18,14 +18,13 @@
|
|||||||
"dest": "/etc/neutron/dnsmasq.conf",
|
"dest": "/etc/neutron/dnsmasq.conf",
|
||||||
"owner": "neutron",
|
"owner": "neutron",
|
||||||
"perm": "0600"
|
"perm": "0600"
|
||||||
},
|
}{% if neutron_policy_file is defined %},
|
||||||
{
|
{
|
||||||
"source": "{{ container_config_directory }}/policy.json",
|
"source": "{{ container_config_directory }}/{{ neutron_policy_file }}",
|
||||||
"dest": "/etc/neutron/policy.json",
|
"dest": "/etc/neutron/{{ neutron_policy_file }}",
|
||||||
"owner": "neutron",
|
"owner": "neutron",
|
||||||
"perm": "0600",
|
"perm": "0600"
|
||||||
"optional": true
|
}{% endif %}
|
||||||
}
|
|
||||||
],
|
],
|
||||||
"permissions": [
|
"permissions": [
|
||||||
{
|
{
|
||||||
|
@ -30,14 +30,13 @@
|
|||||||
"dest": "/etc/neutron/l3_agent.ini",
|
"dest": "/etc/neutron/l3_agent.ini",
|
||||||
"owner": "neutron",
|
"owner": "neutron",
|
||||||
"perm": "0600"
|
"perm": "0600"
|
||||||
},
|
}{% if neutron_policy_file is defined %},
|
||||||
{
|
{
|
||||||
"source": "{{ container_config_directory }}/policy.json",
|
"source": "{{ container_config_directory }}/{{ neutron_policy_file }}",
|
||||||
"dest": "/etc/neutron/policy.json",
|
"dest": "/etc/neutron/{{ neutron_policy_file }}",
|
||||||
"owner": "neutron",
|
"owner": "neutron",
|
||||||
"perm": "0600",
|
"perm": "0600"
|
||||||
"optional": true
|
}{% endif %}
|
||||||
}
|
|
||||||
],
|
],
|
||||||
"permissions": [
|
"permissions": [
|
||||||
{
|
{
|
||||||
|
@ -7,12 +7,12 @@
|
|||||||
"owner": "neutron",
|
"owner": "neutron",
|
||||||
"perm": "0600"
|
"perm": "0600"
|
||||||
},
|
},
|
||||||
{
|
{% if neutron_policy_file is defined %}{
|
||||||
"source": "{{ container_config_directory }}/linuxbridge_agent.ini",
|
"source": "{{ container_config_directory }}/{{ neutron_policy_file }}",
|
||||||
"dest": "/etc/neutron/plugins/ml2/linuxbridge_agent.ini",
|
"dest": "/etc/neutron/{{ neutron_policy_file }}",
|
||||||
"owner": "neutron",
|
"owner": "neutron",
|
||||||
"perm": "0600"
|
"perm": "0600"
|
||||||
},
|
},{% endif %}
|
||||||
{% if check_extra_ml2_plugins is defined and check_extra_ml2_plugins.matched > 0 %}{% for plugin in check_extra_ml2_plugins.files %}
|
{% if check_extra_ml2_plugins is defined and check_extra_ml2_plugins.matched > 0 %}{% for plugin in check_extra_ml2_plugins.files %}
|
||||||
{
|
{
|
||||||
"source": "{{ container_config_directory }}/{{ plugin.path | basename }}",
|
"source": "{{ container_config_directory }}/{{ plugin.path | basename }}",
|
||||||
@ -22,11 +22,10 @@
|
|||||||
},
|
},
|
||||||
{% endfor %}{% endif %}
|
{% endfor %}{% endif %}
|
||||||
{
|
{
|
||||||
"source": "{{ container_config_directory }}/policy.json",
|
"source": "{{ container_config_directory }}/linuxbridge_agent.ini",
|
||||||
"dest": "/etc/neutron/policy.json",
|
"dest": "/etc/neutron/plugins/ml2/linuxbridge_agent.ini",
|
||||||
"owner": "neutron",
|
"owner": "neutron",
|
||||||
"perm": "0600",
|
"perm": "0600"
|
||||||
"optional": true
|
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
"permissions": [
|
"permissions": [
|
||||||
|
@ -12,14 +12,13 @@
|
|||||||
"dest": "/etc/neutron/metadata_agent.ini",
|
"dest": "/etc/neutron/metadata_agent.ini",
|
||||||
"owner": "neutron",
|
"owner": "neutron",
|
||||||
"perm": "0600"
|
"perm": "0600"
|
||||||
},
|
}{% if neutron_policy_file is defined %},
|
||||||
{
|
{
|
||||||
"source": "{{ container_config_directory }}/policy.json",
|
"source": "{{ container_config_directory }}/{{ neutron_policy_file }}",
|
||||||
"dest": "/etc/neutron/policy.json",
|
"dest": "/etc/neutron/{{ neutron_policy_file }}",
|
||||||
"owner": "neutron",
|
"owner": "neutron",
|
||||||
"perm": "0600",
|
"perm": "0600"
|
||||||
"optional": true
|
}{% endif %}
|
||||||
}
|
|
||||||
],
|
],
|
||||||
"permissions": [
|
"permissions": [
|
||||||
{
|
{
|
||||||
|
@ -12,14 +12,13 @@
|
|||||||
"dest": "/etc/neutron/metering_agent.ini",
|
"dest": "/etc/neutron/metering_agent.ini",
|
||||||
"owner": "neutron",
|
"owner": "neutron",
|
||||||
"perm": "0600"
|
"perm": "0600"
|
||||||
},
|
}{% if neutron_policy_file is defined %},
|
||||||
{
|
{
|
||||||
"source": "{{ container_config_directory }}/policy.json",
|
"source": "{{ container_config_directory }}/{{ neutron_policy_file }}",
|
||||||
"dest": "/etc/neutron/policy.json",
|
"dest": "/etc/neutron/{{ neutron_policy_file }}",
|
||||||
"owner": "neutron",
|
"owner": "neutron",
|
||||||
"perm": "0600",
|
"perm": "0600"
|
||||||
"optional": true
|
}{% endif %}
|
||||||
}
|
|
||||||
],
|
],
|
||||||
"permissions": [
|
"permissions": [
|
||||||
{
|
{
|
||||||
|
@ -12,14 +12,13 @@
|
|||||||
"dest": "/etc/neutron/plugins/ml2/openvswitch_agent.ini",
|
"dest": "/etc/neutron/plugins/ml2/openvswitch_agent.ini",
|
||||||
"owner": "neutron",
|
"owner": "neutron",
|
||||||
"perm": "0600"
|
"perm": "0600"
|
||||||
},
|
}{% if neutron_policy_file is defined %},
|
||||||
{
|
{
|
||||||
"source": "{{ container_config_directory }}/policy.json",
|
"source": "{{ container_config_directory }}/{{ neutron_policy_file }}",
|
||||||
"dest": "/etc/neutron/policy.json",
|
"dest": "/etc/neutron/{{ neutron_policy_file }}",
|
||||||
"owner": "neutron",
|
"owner": "neutron",
|
||||||
"perm": "0600",
|
"perm": "0600"
|
||||||
"optional": true
|
}{% endif %}
|
||||||
}
|
|
||||||
],
|
],
|
||||||
"permissions": [
|
"permissions": [
|
||||||
{
|
{
|
||||||
|
@ -7,12 +7,6 @@
|
|||||||
"owner": "neutron",
|
"owner": "neutron",
|
||||||
"perm": "0600"
|
"perm": "0600"
|
||||||
},
|
},
|
||||||
{
|
|
||||||
"source": "{{ container_config_directory }}/openvswitch_agent.ini",
|
|
||||||
"dest": "/etc/neutron/plugins/ml2/openvswitch_agent.ini",
|
|
||||||
"owner": "neutron",
|
|
||||||
"perm": "0600"
|
|
||||||
},
|
|
||||||
{% if check_extra_ml2_plugins is defined and check_extra_ml2_plugins.matched > 0 %}{% for plugin in check_extra_ml2_plugins.files %}
|
{% if check_extra_ml2_plugins is defined and check_extra_ml2_plugins.matched > 0 %}{% for plugin in check_extra_ml2_plugins.files %}
|
||||||
{
|
{
|
||||||
"source": "{{ container_config_directory }}/{{ plugin.path | basename }}",
|
"source": "{{ container_config_directory }}/{{ plugin.path | basename }}",
|
||||||
@ -21,12 +15,17 @@
|
|||||||
"perm": "0600"
|
"perm": "0600"
|
||||||
},
|
},
|
||||||
{% endfor %}{% endif %}
|
{% endfor %}{% endif %}
|
||||||
{
|
{% if neutron_policy_file is defined %}{
|
||||||
"source": "{{ container_config_directory }}/policy.json",
|
"source": "{{ container_config_directory }}/{{ neutron_policy_file }}",
|
||||||
"dest": "/etc/neutron/policy.json",
|
"dest": "/etc/neutron/{{ neutron_policy_file }}",
|
||||||
"owner": "neutron",
|
"owner": "neutron",
|
||||||
"perm": "0600",
|
"perm": "0600"
|
||||||
"optional": true
|
},{% endif %}
|
||||||
|
{
|
||||||
|
"source": "{{ container_config_directory }}/openvswitch_agent.ini",
|
||||||
|
"dest": "/etc/neutron/plugins/ml2/openvswitch_agent.ini",
|
||||||
|
"owner": "neutron",
|
||||||
|
"perm": "0600"
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
"permissions": [
|
"permissions": [
|
||||||
|
@ -19,27 +19,13 @@
|
|||||||
"owner": "neutron",
|
"owner": "neutron",
|
||||||
"perm": "0600"
|
"perm": "0600"
|
||||||
},
|
},
|
||||||
{
|
{% if neutron_policy_file is defined %}{
|
||||||
"source": "{{ container_config_directory }}/ml2_conf.ini",
|
"source": "{{ container_config_directory }}/{{ neutron_policy_file }}",
|
||||||
"dest": "/etc/neutron/plugins/ml2/ml2_conf.ini",
|
"dest": "/etc/neutron/{{ neutron_policy_file }}",
|
||||||
"owner": "neutron",
|
"owner": "neutron",
|
||||||
"perm": "0600"
|
"perm": "0600"
|
||||||
},
|
},{% endif %}
|
||||||
{% if check_extra_ml2_plugins is defined and check_extra_ml2_plugins.matched > 0 %}{% for plugin in check_extra_ml2_plugins.files %}
|
{% if neutron_plugin_agent in ['vmware_nsxv', 'vmware_nsxv3', 'vmware_dvs'] -%}
|
||||||
{
|
|
||||||
"source": "{{ container_config_directory }}/{{ plugin.path | basename }}",
|
|
||||||
"dest": "/etc/neutron/plugins/ml2/{{ plugin.path | basename }}",
|
|
||||||
"owner": "neutron",
|
|
||||||
"perm": "0600"
|
|
||||||
},
|
|
||||||
{% endfor %}{% endif %}
|
|
||||||
{
|
|
||||||
"source": "{{ container_config_directory }}/policy.json",
|
|
||||||
"dest": "/etc/neutron/policy.json",
|
|
||||||
"owner": "neutron",
|
|
||||||
"perm": "0600",
|
|
||||||
"optional": true
|
|
||||||
}{% if neutron_plugin_agent in ['vmware_nsxv', 'vmware_nsxv3', 'vmware_dvs'] -%},
|
|
||||||
{
|
{
|
||||||
"source": "{{ container_config_directory }}/nsx.ini",
|
"source": "{{ container_config_directory }}/nsx.ini",
|
||||||
"dest": "/etc/neutron/plugins/vmware/nsx.ini",
|
"dest": "/etc/neutron/plugins/vmware/nsx.ini",
|
||||||
@ -47,6 +33,19 @@
|
|||||||
"optional": {{ (neutron_plugin_agent not in ['vmware_nsxv', 'vmware_nsxv3', 'vmware_dvs']) | string | lower }},
|
"optional": {{ (neutron_plugin_agent not in ['vmware_nsxv', 'vmware_nsxv3', 'vmware_dvs']) | string | lower }},
|
||||||
"perm": "0600"
|
"perm": "0600"
|
||||||
}{% endif %}
|
}{% endif %}
|
||||||
|
{% if check_extra_ml2_plugins is defined and check_extra_ml2_plugins.matched > 0 %}{% for plugin in check_extra_ml2_plugins.files %}
|
||||||
|
{
|
||||||
|
"source": "{{ container_config_directory }}/{{ plugin.path | basename }}",
|
||||||
|
"dest": "/etc/neutron/plugins/ml2/{{ plugin.path | basename }}",
|
||||||
|
"owner": "neutron",
|
||||||
|
"perm": "0600"
|
||||||
|
},{% endfor %}{% endif %}
|
||||||
|
{
|
||||||
|
"source": "{{ container_config_directory }}/ml2_conf.ini",
|
||||||
|
"dest": "/etc/neutron/plugins/ml2/ml2_conf.ini",
|
||||||
|
"owner": "neutron",
|
||||||
|
"perm": "0600"
|
||||||
|
}
|
||||||
],
|
],
|
||||||
"permissions": [
|
"permissions": [
|
||||||
{
|
{
|
||||||
|
@ -12,14 +12,13 @@
|
|||||||
"dest": "/etc/neutron/plugins/ml2/sriov_agent.ini",
|
"dest": "/etc/neutron/plugins/ml2/sriov_agent.ini",
|
||||||
"owner": "neutron",
|
"owner": "neutron",
|
||||||
"perm": "0600"
|
"perm": "0600"
|
||||||
},
|
}{% if neutron_policy_file is defined %},
|
||||||
{
|
{
|
||||||
"source": "{{ container_config_directory }}/policy.json",
|
"source": "{{ container_config_directory }}/{{ neutron_policy_file }}",
|
||||||
"dest": "/etc/neutron/policy.json",
|
"dest": "/etc/neutron/{{ neutron_policy_file }}",
|
||||||
"owner": "neutron",
|
"owner": "neutron",
|
||||||
"perm": "0600",
|
"perm": "0600"
|
||||||
"optional": true
|
}{% endif %}
|
||||||
}
|
|
||||||
],
|
],
|
||||||
"permissions": [
|
"permissions": [
|
||||||
{
|
{
|
||||||
|
@ -124,6 +124,11 @@ topics = {{ neutron_enabled_notification_topics | map(attribute='name') | join('
|
|||||||
driver = noop
|
driver = noop
|
||||||
{% endif %}
|
{% endif %}
|
||||||
|
|
||||||
|
{% if neutron_policy_file is defined %}
|
||||||
|
[oslo_policy]
|
||||||
|
policy_file = {{ neutron_policy_file }}
|
||||||
|
{% endif %}
|
||||||
|
|
||||||
{% if enable_neutron_sfc | bool %}
|
{% if enable_neutron_sfc | bool %}
|
||||||
[sfc]
|
[sfc]
|
||||||
drivers = ovs
|
drivers = ovs
|
||||||
|
@ -0,0 +1,4 @@
|
|||||||
|
---
|
||||||
|
features:
|
||||||
|
- |
|
||||||
|
Adds support for the Neutron policy file in both .json and .yaml format.
|
Loading…
Reference in New Issue
Block a user