ed2df25ebc
Add copy ca file to horizon container. because: Could not find a suitable TLS CA certificate bundle, invalid path: /etc/pki/ca-trust/source/anchors/kolla-customca-haproxy-internal.crt Closes-Bug: #1867121 Change-Id: I64d4dbeebd53048705005b61eb3c5b2104e8f2ed Signed-off-by: yj.bai <bai.yongjun@99cloud.net>
152 lines
5.3 KiB
YAML
152 lines
5.3 KiB
YAML
---
|
|
- name: Ensuring config directories exist
|
|
become: true
|
|
file:
|
|
path: "{{ node_config_directory }}/{{ item.key }}"
|
|
state: "directory"
|
|
owner: "{{ config_owner_user }}"
|
|
group: "{{ config_owner_group }}"
|
|
mode: "0770"
|
|
when:
|
|
- inventory_hostname in groups[item.value.group]
|
|
- item.value.enabled | bool
|
|
with_dict: "{{ horizon_services }}"
|
|
|
|
- name: Set empty custom policy
|
|
set_fact:
|
|
custom_policy: []
|
|
|
|
- include_tasks: policy_item.yml
|
|
vars:
|
|
project_name: "{{ item.name }}"
|
|
when: item.enabled | bool
|
|
with_items:
|
|
- { name: "ceilometer", enabled: "{{ enable_ceilometer_horizon_policy_file }}" }
|
|
- { name: "cinder", enabled: "{{ enable_cinder_horizon_policy_file }}" }
|
|
- { name: "congress", enabled: "{{ enable_congress_horizon_policy_file }}" }
|
|
- { name: "cloudkitty", enabled: "{{ enable_horizon_cloudkitty }}" }
|
|
- { name: "designate", enabled: "{{ enable_horizon_designate }}" }
|
|
- { name: "freezer", enabled: "{{ enable_horizon_freezer }}" }
|
|
- { name: "glance", enabled: "{{ enable_glance_horizon_policy_file }}" }
|
|
- { name: "heat", enabled: "{{ enable_heat_horizon_policy_file }}" }
|
|
- { name: "ironic", enabled: "{{ enable_horizon_ironic }}" }
|
|
- { name: "keystone", enabled: "{{ enable_keystone_horizon_policy_file }}" }
|
|
- { name: "karbor", enabled: "{{ enable_horizon_karbor }}" }
|
|
- { name: "magnum", enabled: "{{ enable_horizon_magnum }}" }
|
|
- { name: "manila", enabled: "{{ enable_horizon_manila }}" }
|
|
- { name: "masakari", enabled: "{{ enable_horizon_masakari }}" }
|
|
- { name: "mistral", enabled: "{{ enable_horizon_mistral }}" }
|
|
- { name: "monasca", enabled: "{{ enable_horizon_monasca }}" }
|
|
- { name: "murano", enabled: "{{ enable_horizon_murano }}" }
|
|
- { name: "neutron", enabled: "{{ enable_neutron_horizon_policy_file }}" }
|
|
- { name: "nova", enabled: "{{ enable_nova_horizon_policy_file }}" }
|
|
- { name: "octavia", enabled: "{{ enable_horizon_octavia }}" }
|
|
- { name: "qinling", enabled: "{{ enable_horizon_qinling }}" }
|
|
- { name: "sahara", enabled: "{{ enable_horizon_sahara }}" }
|
|
- { name: "searchlight", enabled: "{{ enable_horizon_searchlight }}" }
|
|
- { name: "senlin", enabled: "{{ enable_horizon_senlin }}" }
|
|
- { name: "solum", enabled: "{{ enable_horizon_solum }}" }
|
|
- { name: "tacker", enabled: "{{ enable_horizon_tacker }}" }
|
|
- { name: "trove", enabled: "{{ enable_horizon_trove }}" }
|
|
- { name: "watcher", enabled: "{{ enable_horizon_watcher }}" }
|
|
|
|
- name: Copying over config.json files for services
|
|
become: true
|
|
vars:
|
|
horizon: "{{ horizon_services['horizon'] }}"
|
|
template:
|
|
src: "horizon.json.j2"
|
|
dest: "{{ node_config_directory }}/horizon/config.json"
|
|
mode: "0660"
|
|
when:
|
|
- horizon.enabled | bool
|
|
- inventory_hostname in groups[horizon.group]
|
|
notify:
|
|
- Restart horizon container
|
|
|
|
- name: Copying over horizon.conf
|
|
become: true
|
|
vars:
|
|
horizon: "{{ horizon_services['horizon'] }}"
|
|
template:
|
|
src: "{{ item }}"
|
|
dest: "{{ node_config_directory }}/horizon/horizon.conf"
|
|
mode: "0660"
|
|
with_first_found:
|
|
- "{{ node_custom_config }}/horizon/{{ inventory_hostname }}/horizon.conf"
|
|
- "{{ node_custom_config }}/horizon/horizon.conf"
|
|
- "horizon.conf.j2"
|
|
when:
|
|
- horizon.enabled | bool
|
|
- inventory_hostname in groups[horizon.group]
|
|
notify:
|
|
- Restart horizon container
|
|
|
|
- name: Copying over local_settings
|
|
become: true
|
|
vars:
|
|
horizon: "{{ horizon_services['horizon'] }}"
|
|
template:
|
|
src: "{{ item }}"
|
|
dest: "{{ node_config_directory }}/horizon/local_settings"
|
|
mode: "0660"
|
|
with_first_found:
|
|
- "{{ node_custom_config }}/horizon/{{ inventory_hostname }}/local_settings"
|
|
- "{{ node_custom_config }}/horizon/local_settings"
|
|
- "local_settings.j2"
|
|
when:
|
|
- horizon.enabled | bool
|
|
- inventory_hostname in groups[horizon.group]
|
|
notify:
|
|
- Restart horizon container
|
|
|
|
- name: Copying over custom_local_settings
|
|
become: true
|
|
vars:
|
|
horizon: "{{ horizon_services['horizon'] }}"
|
|
template:
|
|
src: "{{ item }}"
|
|
dest: "{{ node_config_directory }}/horizon/custom_local_settings"
|
|
mode: "0660"
|
|
with_first_found:
|
|
- "{{ node_custom_config }}/horizon/{{ inventory_hostname }}/custom_local_settings"
|
|
- "{{ node_custom_config }}/horizon/custom_local_settings"
|
|
- "custom_local_settings.j2"
|
|
when:
|
|
- horizon.enabled | bool
|
|
- inventory_hostname in groups[horizon.group]
|
|
notify:
|
|
- Restart horizon container
|
|
|
|
- name: Copying over existing policy file
|
|
become: true
|
|
vars:
|
|
horizon: "{{ horizon_services['horizon'] }}"
|
|
template:
|
|
src: "{{ item }}"
|
|
dest: "{{ node_config_directory }}/horizon/{{ item | basename }}"
|
|
mode: "0660"
|
|
when:
|
|
- horizon.enabled | bool
|
|
- inventory_hostname in groups[horizon.group]
|
|
with_items: "{{ custom_policy }}"
|
|
notify:
|
|
- Restart horizon container
|
|
|
|
- name: Copying over extra CA certificates
|
|
become: true
|
|
copy:
|
|
src: "{{ node_config }}/certificates/ca/"
|
|
dest: "{{ node_config_directory }}/{{ item.key }}/ca-certificates"
|
|
mode: "0644"
|
|
when:
|
|
- inventory_hostname in groups[item.value.group]
|
|
- item.value.enabled | bool
|
|
- kolla_copy_ca_into_containers | bool
|
|
with_dict: "{{ horizon_services }}"
|
|
notify:
|
|
- "Restart {{ item.key }} container"
|
|
|
|
- include_tasks: check-containers.yml
|
|
when: kolla_action != "config"
|