Browse Source

Cleanup files and templates using smart sources

The files and templates we carry are almost always in a state of
maintenance. The upstream services are maintaining these files and
there's really no reason we need to carry duplicate copies of them. This
change removes all of the files we expect to get from the upstream
service. while the focus of this change is to remove configuration file
maintenance burdens it also allows the role to execute faster.

  * Source installs have the configuration files within the venv at
    "<<VENV_PATH>>/etc/<<SERVICE_NAME>>". The role will now link the
    default configuration path to this directory. When the service is
    upgraded the link will move to the new venv path.
  * Distro installs package all of the required configuration files.

To maintain our current capabilities to override configuration the
role will fetch files from the disk whenever an override is provided and
then push the fetched file back to the target using `config_template`.

Change-Id: I3e7283bf778a9d686f3ae500b289c1fb43b42b92
Signed-off-by: cloudnull <kevin@cloudnull.com>
Kevin Carter 8 months ago
parent
commit
9748e6b154
No account linked to committer's email address

+ 1
- 2
defaults/main.yml View File

@@ -55,7 +55,7 @@ glance_bin: "{{ _glance_bin }}"
55 55
 #  This is used for role access to the db migrations.
56 56
 #  Example:
57 57
 #  glance_etc_dir: "/usr/local/etc/glance"
58
-glance_etc_dir: "{{ _glance_etc }}/glance"
58
+glance_etc_dir: "/etc/glance"
59 59
 
60 60
 # venv_download, even when true, will use the fallback method of building the
61 61
 # venv from scratch if the venv download fails.
@@ -313,6 +313,5 @@ glance_glance_registry_conf_overrides: {}
313 313
 glance_glance_scrubber_conf_overrides: {}
314 314
 glance_glance_scheme_json_overrides: {}
315 315
 glance_glance_swift_store_conf_overrides: {}
316
-glance_glance_rootwrap_conf_overrides: {}
317 316
 glance_policy_overrides: {}
318 317
 glance_api_uwsgi_ini_overrides: {}

+ 0
- 20
handlers/main.yml View File

@@ -82,26 +82,6 @@
82 82
     - "Restart glance services"
83 83
     - "venv changed"
84 84
 
85
-# Note (odyssey4me):
86
-# The policy.json file is currently read continually by the services
87
-# and is not only read on service start. We therefore cannot template
88
-# directly to the file read by the service because the new policies
89
-# may not be valid until the service restarts. This is particularly
90
-# important during a major upgrade. We therefore only put the policy
91
-# file in place after the service has been stopped.
92
-#
93
-- name: Copy new policy file into place
94
-  copy:
95
-    src: "/etc/glance/policy.json-{{ glance_venv_tag }}"
96
-    dest: "/etc/glance/policy.json"
97
-    owner: "root"
98
-    group: "{{ glance_system_group_name }}"
99
-    mode: "0640"
100
-    remote_src: yes
101
-  listen:
102
-    - "Restart glance services"
103
-    - "venv changed"
104
-
105 85
 - name: Start services
106 86
   service:
107 87
     name: "{{ item.service_name }}"

+ 43
- 7
tasks/glance_install.yml View File

@@ -52,22 +52,58 @@
52 52
     mode: "0755"
53 53
   with_items: "{{ glance_nfs_client }}"
54 54
 
55
+# NOTE(cloudnull): During an upgrade the local directory may exist on a source
56
+#                  install. If the directory does exist it will need to be
57
+#                  removed. This is required on source installs because the
58
+#                  config directory is a link.
59
+- name: Source config block
60
+  block:
61
+    - name: Stat config directory
62
+      stat:
63
+        path: "{{ glance_etc_dir }}"
64
+      register: glance_conf_dir_stat
65
+
66
+    - name: Remove the config directory
67
+      file:
68
+        path: "{{ glance_etc_dir }}"
69
+        state: absent
70
+      when:
71
+        - glance_conf_dir_stat.stat.isdir is defined and
72
+          glance_conf_dir_stat.stat.isdir
73
+  when:
74
+    - glance_install_method == 'source'
75
+
55 76
 - name: Create glance directories
56 77
   file:
57
-    path: "{{ item.path | realpath }}"
58
-    state: directory
59
-    owner: "{{ item.owner | default(glance_system_user_name) }}"
60
-    group: "{{ item.group | default(glance_system_group_name) }}"
78
+    path: "{{ item.path | default(omit) }}"
79
+    src: "{{ item.src | default(omit) }}"
80
+    dest: "{{ item.dest | default(omit) }}"
81
+    state: "{{ item.state | default('directory') }}"
82
+    owner: "{{ item.owner|default(glance_system_user_name) }}"
83
+    group: "{{ item.group|default(glance_system_group_name) }}"
61 84
     mode: "{{ item.mode | default(omit) }}"
85
+    force: "{{ item.force | default(omit) }}"
62 86
   when:
63
-    - "item.path not in glance_mount_points"
87
+    - (item.condition | default(true)) | bool
88
+    - (item.dest | default(item.path)) not in glance_mount_points
64 89
   with_items:
65 90
     - path: "/openstack"
66 91
       mode: "0755"
67 92
       owner: "root"
68 93
       group: "root"
69
-    - path: "/etc/glance"
70
-      mode: "0750"
94
+    - path: "{{ (glance_install_method == 'distro') | ternary(glance_etc_dir, (glance_bin | dirname) + glance_etc_dir) }}"
95
+      mode: "0755"
96
+    # NOTE(cloudnull): The "src" path is relative. This ensures all files remain
97
+    #                  within the host/container confines when connecting to
98
+    #                  them using the connection plugin or the root filesystem.
99
+    - dest: "{{ glance_etc_dir }}"
100
+      src: "{{ glance_bin | dirname | regex_replace('^/', '../') }}/etc/glance"
101
+      state: link
102
+      force: true
103
+      condition: "{{ glance_install_method == 'source' }}"
104
+    - path: "{{ glance_etc_dir }}/rootwrap.d"
105
+      owner: "root"
106
+      group: "root"
71 107
     - path: "/var/cache/glance"
72 108
     - path: "{{ glance_system_user_home }}"
73 109
     - path: "{{ glance_system_user_home }}/cache"

+ 6
- 0
tasks/glance_install_source.yml View File

@@ -51,3 +51,9 @@
51 51
       - section: "glance"
52 52
         option: "venv_tag"
53 53
         value: "{{ glance_venv_tag }}"
54
+
55
+- name: Link in the os-brick rootwrap filters
56
+  file:
57
+    src: "{{ glance_bin | dirname }}/etc/os-brick/rootwrap.d/os-brick.filters"
58
+    dest: "{{ glance_etc_dir }}/rootwrap.d/os-brick.filters"
59
+    state: link

+ 57
- 29
tasks/glance_post_install.yml View File

@@ -24,60 +24,88 @@
24 24
     config_type: "{{ item.config_type }}"
25 25
   when: item.condition | default(True)
26 26
   with_items:
27
-    - src: "glance-api-paste.ini.j2"
28
-      dest: "/etc/glance/glance-api-paste.ini"
29
-      config_overrides: "{{ glance_glance_api_paste_ini_overrides }}"
30
-      config_type: "ini"
31 27
     - src: "glance-api.conf.j2"
32
-      dest: "/etc/glance/glance-api.conf"
28
+      dest: "{{ glance_etc_dir }}/glance-api.conf"
33 29
       config_overrides: "{{ glance_glance_api_conf_overrides }}"
34 30
       config_type: "ini"
35 31
     - src: "glance-cache.conf.j2"
36
-      dest: "/etc/glance/glance-cache.conf"
32
+      dest: "{{ glance_etc_dir }}/glance-cache.conf"
37 33
       config_overrides: "{{ glance_glance_cache_conf_overrides }}"
38 34
       config_type: "ini"
39 35
     - src: "glance-manage.conf.j2"
40
-      dest: "/etc/glance/glance-manage.conf"
36
+      dest: "{{ glance_etc_dir }}/glance-manage.conf"
41 37
       config_overrides: "{{ glance_glance_manage_conf_overrides }}"
42 38
       config_type: "ini"
43
-    - src: "glance-registry-paste.ini.j2"
44
-      dest: "/etc/glance/glance-registry-paste.ini"
45
-      config_overrides: "{{ glance_glance_registry_paste_ini_overrides }}"
46
-      config_type: "ini"
47
-      condition: "{{ glance_services['glance-registry']['condition'] | bool }}"
48 39
     - src: "glance-registry.conf.j2"
49
-      dest: "/etc/glance/glance-registry.conf"
40
+      dest: "{{ glance_etc_dir }}/glance-registry.conf"
50 41
       config_overrides: "{{ glance_glance_registry_conf_overrides }}"
51 42
       config_type: "ini"
52 43
       condition: "{{ glance_services['glance-registry']['condition'] | bool }}"
53 44
     - src: "glance-scrubber.conf.j2"
54
-      dest: "/etc/glance/glance-scrubber.conf"
45
+      dest: "{{ glance_etc_dir }}/glance-scrubber.conf"
55 46
       config_overrides: "{{ glance_glance_scrubber_conf_overrides }}"
56 47
       config_type: "ini"
57 48
     - src: "glance-swift-store.conf.j2"
58
-      dest: "/etc/glance/glance-swift-store.conf"
49
+      dest: "{{ glance_etc_dir }}/glance-swift-store.conf"
59 50
       config_overrides: "{{ glance_glance_swift_store_conf_overrides }}"
60 51
       config_type: "ini"
61
-    - src: "policy.json.j2"
62
-      dest: "/etc/glance/policy.json-{{ glance_venv_tag }}"
63
-      config_overrides: "{{ glance_policy_overrides }}"
64
-      config_type: "json"
65
-    - src: "schema.json.j2"
66
-      dest: "/etc/glance/schema.json"
67
-      config_overrides: "{{ glance_glance_scheme_json_overrides }}"
68
-      config_type: "json"
69
-    - src: "schema.json.j2"
70
-      dest: "/etc/glance/schema-image.json"
52
+    - src: "schema-image.json.j2"
53
+      dest: "{{ glance_etc_dir }}/schema-image.json"
71 54
       config_overrides: "{{ glance_glance_scheme_json_overrides }}"
72 55
       config_type: "json"
73
-    - src: "rootwrap.conf.j2"
74
-      dest: "/etc/glance/rootwrap.conf"
75
-      config_overrides: "{{ glance_glance_rootwrap_conf_overrides }}"
76
-      config_type: "ini"
77 56
   notify:
78 57
     - Manage LB
79 58
     - Restart glance services
80 59
 
60
+# NOTE(cloudnull): This is using "cp" instead of copy with a remote_source
61
+#                  because we only want to copy the original files once. and we
62
+#                  don't want to need multiple tasks.
63
+- name: Preserve original configuration file(s)
64
+  command: "cp {{ item.target_f }} {{ item.target_f }}.original"
65
+  args:
66
+    creates: "{{ item.target_f }}.original"
67
+  with_items: "{{ glance_core_files }}"
68
+
69
+- name: Fetch override files
70
+  fetch:
71
+    src: "{{ item.target_f }}"
72
+    dest: "{{ item.tmp_f }}"
73
+    flat: yes
74
+  changed_when: false
75
+  run_once: true
76
+  with_items: "{{ glance_core_files }}"
77
+
78
+- name: Copy common config
79
+  config_template:
80
+    src: "{{ item.tmp_f }}"
81
+    dest: "{{ item.target_f_override | default(item.target_f) }}"
82
+    owner: "{{ item.owner | default('root') }}"
83
+    group: "{{ item.group | default(glance_system_group_name) }}"
84
+    mode: "{{ item.mode | default('0640') }}"
85
+    config_overrides: "{{ item.config_overrides }}"
86
+    config_type: "{{ item.config_type }}"
87
+  with_items: "{{ glance_core_files }}"
88
+  notify:
89
+    - Restart glance services
90
+
91
+- name: Cleanup fetched temp files
92
+  file:
93
+    path: "{{ item.tmp_f }}"
94
+    state: absent
95
+  changed_when: false
96
+  delegate_to: localhost
97
+  run_once: true
98
+  with_items: "{{ glance_core_files }}"
99
+
100
+# NOTE(cloudnull): This will ensure strong permissions on all rootwrap files.
101
+- name: Set rootwrap.d permissions
102
+  file:
103
+    path: "{{ glance_etc_dir }}/rootwrap.d"
104
+    owner: "root"
105
+    group: "root"
106
+    mode: "0640"
107
+    recurse: true
108
+
81 109
 - name: Run the systemd mount role
82 110
   include_role:
83 111
     name: systemd_mount

+ 0
- 86
templates/glance-api-paste.ini.j2 View File

@@ -1,86 +0,0 @@
1
-# Use this pipeline for no auth or image caching - DEFAULT
2
-[pipeline:glance-api]
3
-pipeline = cors healthcheck http_proxy_to_wsgi versionnegotiation osprofiler unauthenticated-context rootapp
4
-
5
-# Use this pipeline for image caching and no auth
6
-[pipeline:glance-api-caching]
7
-pipeline = cors healthcheck http_proxy_to_wsgi versionnegotiation osprofiler unauthenticated-context cache rootapp
8
-
9
-# Use this pipeline for caching w/ management interface but no auth
10
-[pipeline:glance-api-cachemanagement]
11
-pipeline = cors healthcheck http_proxy_to_wsgi versionnegotiation osprofiler unauthenticated-context cache cachemanage rootapp
12
-
13
-# Use this pipeline for keystone auth
14
-[pipeline:glance-api-keystone]
15
-pipeline = cors healthcheck http_proxy_to_wsgi versionnegotiation osprofiler authtoken context  rootapp
16
-
17
-# Use this pipeline for keystone auth with image caching
18
-[pipeline:glance-api-keystone+caching]
19
-pipeline = cors healthcheck http_proxy_to_wsgi versionnegotiation osprofiler authtoken context cache rootapp
20
-
21
-# Use this pipeline for keystone auth with caching and cache management
22
-[pipeline:glance-api-keystone+cachemanagement]
23
-pipeline = cors healthcheck http_proxy_to_wsgi versionnegotiation osprofiler authtoken context cache cachemanage rootapp
24
-
25
-# Use this pipeline for authZ only. This means that the registry will treat a
26
-# user as authenticated without making requests to keystone to reauthenticate
27
-# the user.
28
-[pipeline:glance-api-trusted-auth]
29
-pipeline = cors healthcheck http_proxy_to_wsgi versionnegotiation osprofiler context rootapp
30
-
31
-# Use this pipeline for authZ only. This means that the registry will treat a
32
-# user as authenticated without making requests to keystone to reauthenticate
33
-# the user and uses cache management
34
-[pipeline:glance-api-trusted-auth+cachemanagement]
35
-pipeline = cors healthcheck http_proxy_to_wsgi versionnegotiation osprofiler context cache cachemanage rootapp
36
-
37
-[composite:rootapp]
38
-paste.composite_factory = glance.api:root_app_factory
39
-/: apiversions
40
-/v2: apiv2app
41
-
42
-[app:apiversions]
43
-paste.app_factory = glance.api.versions:create_resource
44
-
45
-[app:apiv2app]
46
-paste.app_factory = glance.api.v2.router:API.factory
47
-
48
-[filter:healthcheck]
49
-paste.filter_factory = oslo_middleware:Healthcheck.factory
50
-backends = disable_by_file
51
-disable_by_file_path = /etc/glance/healthcheck_disable
52
-
53
-[filter:versionnegotiation]
54
-paste.filter_factory = glance.api.middleware.version_negotiation:VersionNegotiationFilter.factory
55
-
56
-[filter:cache]
57
-paste.filter_factory = glance.api.middleware.cache:CacheFilter.factory
58
-
59
-[filter:cachemanage]
60
-paste.filter_factory = glance.api.middleware.cache_manage:CacheManageFilter.factory
61
-
62
-[filter:context]
63
-paste.filter_factory = glance.api.middleware.context:ContextMiddleware.factory
64
-
65
-[filter:unauthenticated-context]
66
-paste.filter_factory = glance.api.middleware.context:UnauthenticatedContextMiddleware.factory
67
-
68
-[filter:authtoken]
69
-paste.filter_factory = keystonemiddleware.auth_token:filter_factory
70
-delay_auth_decision = true
71
-
72
-[filter:gzip]
73
-paste.filter_factory = glance.api.middleware.gzip:GzipMiddleware.factory
74
-
75
-[filter:osprofiler]
76
-paste.filter_factory = osprofiler.web:WsgiMiddleware.factory
77
-hmac_keys = {{ glance_profiler_hmac_key }}  #DEPRECATED
78
-enabled = yes  #DEPRECATED
79
-
80
-[filter:cors]
81
-paste.filter_factory =  oslo_middleware.cors:filter_factory
82
-oslo_config_project = glance
83
-oslo_config_program = glance-api
84
-
85
-[filter:http_proxy_to_wsgi]
86
-paste.filter_factory = oslo_middleware:HTTPProxyToWSGI.factory

+ 1
- 1
templates/glance-api.conf.j2 View File

@@ -88,7 +88,7 @@ filesystem_store_datadir = {{ glance_system_user_home }}/images/
88 88
 {% endif %}
89 89
 
90 90
 {% if 'swift' in glance_available_stores %}
91
-swift_store_config_file = /etc/glance/glance-swift-store.conf
91
+swift_store_config_file = {{ glance_etc_dir }}/glance-swift-store.conf
92 92
 default_swift_reference = swift1
93 93
 swift_store_auth_insecure = {{ glance_swift_store_auth_insecure | bool }}
94 94
 swift_store_region = {{ glance_swift_store_region }}

+ 0
- 35
templates/glance-registry-paste.ini.j2 View File

@@ -1,35 +0,0 @@
1
-# Use this pipeline for no auth - DEFAULT
2
-[pipeline:glance-registry]
3
-pipeline = healthcheck osprofiler unauthenticated-context registryapp
4
-
5
-# Use this pipeline for keystone auth
6
-[pipeline:glance-registry-keystone]
7
-pipeline = healthcheck osprofiler authtoken context registryapp
8
-
9
-# Use this pipeline for authZ only. This means that the registry will treat a
10
-# user as authenticated without making requests to keystone to reauthenticate
11
-# the user.
12
-[pipeline:glance-registry-trusted-auth]
13
-pipeline = healthcheck osprofiler context registryapp
14
-
15
-[app:registryapp]
16
-paste.app_factory = glance.registry.api:API.factory
17
-
18
-[filter:healthcheck]
19
-paste.filter_factory = oslo_middleware:Healthcheck.factory
20
-backends = disable_by_file
21
-disable_by_file_path = /etc/glance/healthcheck_disable
22
-
23
-[filter:context]
24
-paste.filter_factory = glance.api.middleware.context:ContextMiddleware.factory
25
-
26
-[filter:unauthenticated-context]
27
-paste.filter_factory = glance.api.middleware.context:UnauthenticatedContextMiddleware.factory
28
-
29
-[filter:authtoken]
30
-paste.filter_factory = keystonemiddleware.auth_token:filter_factory
31
-
32
-[filter:osprofiler]
33
-paste.filter_factory = osprofiler.web:WsgiMiddleware.factory
34
-hmac_keys = {{ glance_profiler_hmac_key }}  #DEPRECATED
35
-enabled = yes  #DEPRECATED

+ 0
- 63
templates/policy.json.j2 View File

@@ -1,63 +0,0 @@
1
-{
2
-    "context_is_admin":  "role:admin",
3
-    "default": "role:admin",
4
-
5
-    "add_image": "",
6
-    "delete_image": "",
7
-    "get_image": "",
8
-    "get_images": "",
9
-    "modify_image": "",
10
-    "publicize_image": "role:admin",
11
-    "communitize_image": "",
12
-    "copy_from": "",
13
-
14
-    "download_image": "",
15
-    "upload_image": "",
16
-
17
-    "delete_image_location": "",
18
-    "get_image_location": "",
19
-    "set_image_location": "",
20
-
21
-    "add_member": "",
22
-    "delete_member": "",
23
-    "get_member": "",
24
-    "get_members": "",
25
-    "modify_member": "",
26
-
27
-    "manage_image_cache": "role:admin",
28
-
29
-    "get_task": "",
30
-    "get_tasks": "",
31
-    "add_task": "",
32
-    "modify_task": "",
33
-    "tasks_api_access": "role:admin",
34
-
35
-    "deactivate": "",
36
-    "reactivate": "",
37
-
38
-    "get_metadef_namespace": "",
39
-    "get_metadef_namespaces":"",
40
-    "modify_metadef_namespace":"",
41
-    "add_metadef_namespace":"",
42
-
43
-    "get_metadef_object":"",
44
-    "get_metadef_objects":"",
45
-    "modify_metadef_object":"",
46
-    "add_metadef_object":"",
47
-
48
-    "list_metadef_resource_types":"",
49
-    "get_metadef_resource_type":"",
50
-    "add_metadef_resource_type_association":"",
51
-
52
-    "get_metadef_property":"",
53
-    "get_metadef_properties":"",
54
-    "modify_metadef_property":"",
55
-    "add_metadef_property":"",
56
-
57
-    "get_metadef_tag":"",
58
-    "get_metadef_tags":"",
59
-    "modify_metadef_tag":"",
60
-    "add_metadef_tag":"",
61
-    "add_metadef_tags":""
62
-
63
-}

+ 0
- 27
templates/rootwrap.conf.j2 View File

@@ -1,27 +0,0 @@
1
-# Configuration for glance-rootwrap
2
-# This file should be owned by (and only-writable by) the root user
3
-
4
-[DEFAULT]
5
-# List of directories to load filter definitions from (separated by ',').
6
-# These directories MUST all be only writeable by root !
7
-filters_path=/etc/glance/rootwrap.d,/usr/share/glance/rootwrap
8
-
9
-# List of directories to search executables in, in case filters do not
10
-# explicitely specify a full path (separated by ',')
11
-# If not specified, defaults to system PATH environment variable.
12
-# These directories MUST all be only writeable by root !
13
-exec_dirs={{ glance_bin }},/sbin,/usr/sbin,/bin,/usr/bin
14
-
15
-# Enable logging to syslog
16
-# Default value is False
17
-use_syslog=False
18
-
19
-# Which syslog facility to use.
20
-# Valid values include auth, authpriv, syslog, local0, local1...
21
-# Default value is 'syslog'
22
-syslog_log_facility=syslog
23
-
24
-# Which messages to log.
25
-# INFO means log all usage
26
-# ERROR means only log unsuccessful attempts
27
-syslog_log_level=ERROR

templates/schema.json.j2 → templates/schema-image.json.j2 View File

@@ -1,28 +1,28 @@
1
-{
2
-    "kernel_id": {
3
-        "type": ["null", "string"],
4
-        "pattern": "^([0-9a-fA-F]){8}-([0-9a-fA-F]){4}-([0-9a-fA-F]){4}-([0-9a-fA-F]){4}-([0-9a-fA-F]){12}$",
5
-        "description": "ID of image stored in Glance that should be used as the kernel when booting an AMI-style image."
6
-    },
7
-    "ramdisk_id": {
8
-        "type": ["null", "string"],
9
-        "pattern": "^([0-9a-fA-F]){8}-([0-9a-fA-F]){4}-([0-9a-fA-F]){4}-([0-9a-fA-F]){4}-([0-9a-fA-F]){12}$",
10
-        "description": "ID of image stored in Glance that should be used as the ramdisk when booting an AMI-style image."
11
-    },
12
-    "instance_uuid": {
13
-        "type": "string",
14
-        "description": "ID of instance used to create this image."
15
-    },
16
-    "architecture": {
17
-        "description": "Operating system architecture as specified in http://docs.openstack.org/trunk/openstack-compute/admin/content/adding-images.html",
18
-        "type": "string"
19
-    },
20
-    "os_distro": {
21
-        "description": "Common name of operating system distribution as specified in http://docs.openstack.org/trunk/openstack-compute/admin/content/adding-images.html",
22
-        "type": "string"
23
-    },
24
-    "os_version": {
25
-        "description": "Operating system version as specified by the distributor",
26
-        "type": "string"
27
-    }
28
-}
1
+{
2
+    "kernel_id": {
3
+        "type": ["null", "string"],
4
+        "pattern": "^([0-9a-fA-F]){8}-([0-9a-fA-F]){4}-([0-9a-fA-F]){4}-([0-9a-fA-F]){4}-([0-9a-fA-F]){12}$",
5
+        "description": "ID of image stored in Glance that should be used as the kernel when booting an AMI-style image."
6
+    },
7
+    "ramdisk_id": {
8
+        "type": ["null", "string"],
9
+        "pattern": "^([0-9a-fA-F]){8}-([0-9a-fA-F]){4}-([0-9a-fA-F]){4}-([0-9a-fA-F]){4}-([0-9a-fA-F]){12}$",
10
+        "description": "ID of image stored in Glance that should be used as the ramdisk when booting an AMI-style image."
11
+    },
12
+    "instance_uuid": {
13
+        "type": "string",
14
+        "description": "Metadata which can be used to record which instance this image is associated with. (Informational only, does not create an instance snapshot.)"
15
+    },
16
+    "architecture": {
17
+        "description": "Operating system architecture as specified in https://docs.openstack.org/python-glanceclient/latest/cli/property-keys.html",
18
+        "type": "string"
19
+    },
20
+    "os_distro": {
21
+        "description": "Common name of operating system distribution as specified in https://docs.openstack.org/python-glanceclient/latest/cli/property-keys.html",
22
+        "type": "string"
23
+    },
24
+    "os_version": {
25
+        "description": "Operating system version as specified by the distributor",
26
+        "type": "string"
27
+    }
28
+}

+ 0
- 1
vars/distro_install.yml View File

@@ -21,4 +21,3 @@ glance_package_list: |-
21 21
   {{ packages }}
22 22
 
23 23
 _glance_bin: "/usr/bin"
24
-_glance_etc: "/etc"

+ 15
- 0
vars/main.yml View File

@@ -39,3 +39,18 @@ glance_mount_points: |-
39 39
   {%   set _ = mps.append(mp.local_path) %}
40 40
   {% endfor %}
41 41
   {{ mps }}
42
+
43
+glance_core_files:
44
+  - tmp_f: "/tmp/policy.json"
45
+    target_f: "{{ glance_etc_dir }}/policy.json"
46
+    config_overrides: "{{ glance_policy_overrides }}"
47
+    config_type: "json"
48
+    condition: true
49
+  - tmp_f: "/tmp/glance-registry-paste.ini"
50
+    target_f: "{{ glance_etc_dir }}/glance-registry-paste.ini"
51
+    config_overrides: "{{ glance_glance_registry_paste_ini_overrides }}"
52
+    config_type: "ini"
53
+  - tmp_f: "/tmp/glance-api-paste.ini"
54
+    target_f: "{{ glance_etc_dir }}/glance-api-paste.ini"
55
+    config_overrides: "{{ glance_glance_api_paste_ini_overrides }}"
56
+    config_type: "ini"

+ 17
- 0
vars/redhat-7.yml View File

@@ -34,3 +34,20 @@ glance_oslomsg_amqp1_distro_packages:
34 34
   - cyrus-sasl-md5
35 35
 
36 36
 glance_uwsgi_bin: '/usr/sbin'
37
+
38
+glance_core_files:
39
+  - tmp_f: "/tmp/policy.json"
40
+    target_f: "{{ glance_etc_dir }}/policy.json"
41
+    config_overrides: "{{ glance_policy_overrides }}"
42
+    config_type: "json"
43
+    condition: true
44
+  - tmp_f: "/tmp/glance-registry-dist-paste.ini"
45
+    target_f: "{{ (glance_install_method == 'source') | ternary((glance_etc_dir ~ '/glance-registry-paste.ini'), '/usr/share/glance/glance-registry-dist-paste.ini') }}"
46
+    target_f_override: "{{ glance_etc_dir }}/glance-registry-paste.ini"
47
+    config_overrides: "{{ glance_glance_registry_paste_ini_overrides }}"
48
+    config_type: "ini"
49
+  - tmp_f: "/tmp/glance-api-dist-paste.ini"
50
+    target_f: "{{ (glance_install_method == 'source') | ternary((glance_etc_dir ~ '/glance-api-paste.ini'), '/usr/share/glance/glance-api-dist-paste.ini') }}"
51
+    target_f_override: "{{ glance_etc_dir }}/glance-api-paste.ini"
52
+    config_overrides: "{{ glance_glance_api_paste_ini_overrides }}"
53
+    config_type: "ini"

+ 0
- 1
vars/source_install.yml View File

@@ -21,5 +21,4 @@ glance_package_list: |-
21 21
   {{ packages }}
22 22
 
23 23
 _glance_bin: "/openstack/venvs/glance-{{ glance_venv_tag }}/bin"
24
-_glance_etc: "{{ _glance_bin | dirname + '/etc' }}"
25 24
 glance_uwsgi_bin: "{{ _glance_bin }}"

Loading…
Cancel
Save