diff --git a/defaults/main.yml b/defaults/main.yml index 96dc91eb..2a8bd239 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -44,6 +44,9 @@ nova_service_tenant_name: "service" nova_service_user_name: "nova" nova_service_role_name: "admin" +## Nova enabled apis +nova_enabled_apis: "osapi_compute,metadata" + ## Nova s3 nova_s3_service_name: s3 nova_s3_service_type: s3 @@ -57,6 +60,7 @@ nova_s3_service_adminurl: "{{ nova_s3_service_adminuri }}" nova_s3_service_internaluri: "{{ nova_s3_service_proto }}://{{ internal_lb_vip_address }}:{{ nova_s3_service_port }}" nova_s3_service_internalurl: "{{ nova_s3_service_internaluri }}" nova_s3_program_name: nova-api-ec2 +nova_s3_deprecated_but_enabled: false ## Nova v3 nova_v3_service_name: novav3 @@ -86,6 +90,8 @@ nova_service_internalurl: "{{ nova_service_internaluri }}/v2/%(tenant_id)s" nova_program_name: nova-api-os-compute ## Nova ec2 +# WARNNING: The EC2 api in the nova tree has been deprecated. To consume this API you'll need to +# uncomment the EC2 section found within the nova `api-paste.ini` file. nova_ec2_service_name: ec2 nova_ec2_service_type: ec2 nova_ec2_service_proto: http @@ -98,6 +104,7 @@ nova_ec2_service_adminurl: "{{ nova_ec2_service_adminuri }}/services/Admin" nova_ec2_service_internaluri: "{{ nova_ec2_service_proto }}://{{ internal_lb_vip_address }}:{{ nova_ec2_service_port }}" nova_ec2_service_internalurl: "{{ nova_ec2_service_internaluri }}/services/Cloud" nova_ec2_program_name: nova-api-ec2 +nova_ec2_deprecated_but_enabled: false ## Nova spice nova_spice_html5proxy_base_proto: http @@ -207,6 +214,7 @@ nova_compute_kvm_apt_packages: - kpartx - libvirt-bin - open-iscsi + - python-libguestfs - python-libvirt - qemu - qemu-utils diff --git a/files/api-paste.ini b/files/api-paste.ini index 2a825a5b..0d5598a8 100644 --- a/files/api-paste.ini +++ b/files/api-paste.ini @@ -6,7 +6,8 @@ use = egg:Paste#urlmap /: meta [pipeline:meta] -pipeline = ec2faultwrap logrequest metaapp +pipeline = metaapp +# pipeline = ec2faultwrap logrequest metaapp [app:metaapp] paste.app_factory = nova.api.metadata.handler:MetadataRequestHandler.factory @@ -15,42 +16,44 @@ paste.app_factory = nova.api.metadata.handler:MetadataRequestHandler.factory # EC2 # ####### -[composite:ec2] -use = egg:Paste#urlmap -/services/Cloud: ec2cloud +# [composite:ec2] +# use = egg:Paste#urlmap +# /: ec2cloud -[composite:ec2cloud] -use = call:nova.api.auth:pipeline_factory -noauth = ec2faultwrap logrequest ec2noauth cloudrequest validator ec2executor -keystone = ec2faultwrap logrequest ec2keystoneauth cloudrequest validator ec2executor +# [composite:ec2cloud] +# use = call:nova.api.auth:pipeline_factory +# noauth = ec2faultwrap logrequest ec2noauth cloudrequest validator ec2executor +# noauth2 = ec2faultwrap logrequest ec2noauth cloudrequest validator ec2executor +# keystone = ec2faultwrap logrequest ec2keystoneauth cloudrequest validator ec2executor -[filter:ec2faultwrap] -paste.filter_factory = nova.api.ec2:FaultWrapper.factory +# [filter:ec2faultwrap] +# paste.filter_factory = nova.api.ec2:FaultWrapper.factory -[filter:logrequest] -paste.filter_factory = nova.api.ec2:RequestLogging.factory +# [filter:logrequest] +# paste.filter_factory = nova.api.ec2:RequestLogging.factory -[filter:ec2lockout] -paste.filter_factory = nova.api.ec2:Lockout.factory +# [filter:ec2lockout] +# paste.filter_factory = nova.api.ec2:Lockout.factory -[filter:ec2keystoneauth] -paste.filter_factory = nova.api.ec2:EC2KeystoneAuth.factory +# [filter:ec2keystoneauth] +# paste.filter_factory = nova.api.ec2:EC2KeystoneAuth.factory -[filter:ec2noauth] -paste.filter_factory = nova.api.ec2:NoAuth.factory +# [filter:ec2noauth] +# paste.filter_factory = nova.api.ec2:NoAuth.factory -[filter:cloudrequest] -controller = nova.api.ec2.cloud.CloudController -paste.filter_factory = nova.api.ec2:Requestify.factory +# [filter:cloudrequest] +# controller = nova.api.ec2.cloud.CloudController +# paste.filter_factory = nova.api.ec2:Requestify.factory -[filter:authorizer] -paste.filter_factory = nova.api.ec2:Authorizer.factory +# [filter:authorizer] +# paste.filter_factory = nova.api.ec2:Authorizer.factory -[filter:validator] -paste.filter_factory = nova.api.ec2:Validator.factory +# [filter:validator] +# paste.filter_factory = nova.api.ec2:Validator.factory + +# [app:ec2executor] +# paste.app_factory = nova.api.ec2:Executor.factory -[app:ec2executor] -paste.app_factory = nova.api.ec2:Executor.factory ############# # OpenStack # @@ -61,21 +64,30 @@ use = call:nova.api.openstack.urlmap:urlmap_factory /: oscomputeversions /v1.1: openstack_compute_api_v2 /v2: openstack_compute_api_v2 +/v2.1: openstack_compute_api_v21 /v3: openstack_compute_api_v3 [composite:openstack_compute_api_v2] use = call:nova.api.auth:pipeline_factory noauth = compute_req_id faultwrap sizelimit noauth ratelimit osapi_compute_app_v2 +noauth2 = compute_req_id faultwrap sizelimit noauth2 ratelimit osapi_compute_app_v2 keystone = compute_req_id faultwrap sizelimit authtoken keystonecontext ratelimit osapi_compute_app_v2 keystone_nolimit = compute_req_id faultwrap sizelimit authtoken keystonecontext osapi_compute_app_v2 +[composite:openstack_compute_api_v21] +use = call:nova.api.auth:pipeline_factory_v21 +noauth = compute_req_id faultwrap sizelimit noauth osapi_compute_app_v21 +noauth2 = compute_req_id faultwrap sizelimit noauth2 osapi_compute_app_v21 +keystone = compute_req_id faultwrap sizelimit authtoken keystonecontext osapi_compute_app_v21 + [composite:openstack_compute_api_v3] -use = call:nova.api.auth:pipeline_factory_v3 +use = call:nova.api.auth:pipeline_factory_v21 noauth = request_id faultwrap sizelimit noauth_v3 osapi_compute_app_v3 +noauth2 = request_id faultwrap sizelimit noauth_v3 osapi_compute_app_v3 keystone = request_id faultwrap sizelimit authtoken keystonecontext osapi_compute_app_v3 [filter:request_id] -paste.filter_factory = nova.openstack.common.middleware.request_id:RequestIdMiddleware.factory +paste.filter_factory = oslo.middleware:RequestId.factory [filter:compute_req_id] paste.filter_factory = nova.api.compute_req_id:ComputeReqIdMiddleware.factory @@ -84,6 +96,9 @@ paste.filter_factory = nova.api.compute_req_id:ComputeReqIdMiddleware.factory paste.filter_factory = nova.api.openstack:FaultWrapper.factory [filter:noauth] +paste.filter_factory = nova.api.openstack.auth:NoAuthMiddlewareOld.factory + +[filter:noauth2] paste.filter_factory = nova.api.openstack.auth:NoAuthMiddleware.factory [filter:noauth_v3] @@ -93,11 +108,14 @@ paste.filter_factory = nova.api.openstack.auth:NoAuthMiddlewareV3.factory paste.filter_factory = nova.api.openstack.compute.limits:RateLimitingMiddleware.factory [filter:sizelimit] -paste.filter_factory = nova.api.sizelimit:RequestBodySizeLimiter.factory +paste.filter_factory = oslo.middleware:RequestBodySizeLimiter.factory [app:osapi_compute_app_v2] paste.app_factory = nova.api.openstack.compute:APIRouter.factory +[app:osapi_compute_app_v21] +paste.app_factory = nova.api.openstack.compute:APIRouterV21.factory + [app:osapi_compute_app_v3] paste.app_factory = nova.api.openstack.compute:APIRouterV3.factory @@ -115,4 +133,4 @@ paste.app_factory = nova.api.openstack.compute.versions:Versions.factory paste.filter_factory = nova.api.auth:NovaKeystoneContext.factory [filter:authtoken] -paste.filter_factory = keystonemiddleware.auth_token:filter_factory +paste.filter_factory = keystonemiddleware.auth_token:filter_factory \ No newline at end of file diff --git a/files/policy.json b/files/policy.json index 61aed1ba..c8464b1f 100644 --- a/files/policy.json +++ b/files/policy.json @@ -18,15 +18,16 @@ "compute:shelve": "", "compute:shelve_offload": "", "compute:unshelve": "", + "compute:resize": "", + "compute:confirm_resize": "", + "compute:revert_resize": "", + "compute:rebuild": "", + "compute:reboot": "", "compute:volume_snapshot_create": "", "compute:volume_snapshot_delete": "", "admin_api": "is_admin:True", - "compute:v3:servers:start": "rule:admin_or_owner", - "compute:v3:servers:stop": "rule:admin_or_owner", - "compute_extension:v3:os-access-ips:discoverable": "", - "compute_extension:v3:os-access-ips": "", "compute_extension:accounts": "rule:admin_api", "compute_extension:admin_actions": "rule:admin_api", "compute_extension:admin_actions:pause": "rule:admin_or_owner", @@ -41,87 +42,37 @@ "compute_extension:admin_actions:migrateLive": "rule:admin_api", "compute_extension:admin_actions:resetState": "rule:admin_api", "compute_extension:admin_actions:migrate": "rule:admin_api", - "compute_extension:v3:os-admin-actions": "rule:admin_api", - "compute_extension:v3:os-admin-actions:discoverable": "", - "compute_extension:v3:os-admin-actions:reset_network": "rule:admin_api", - "compute_extension:v3:os-admin-actions:inject_network_info": "rule:admin_api", - "compute_extension:v3:os-admin-actions:reset_state": "rule:admin_api", - "compute_extension:v3:os-admin-password": "", - "compute_extension:v3:os-admin-password:discoverable": "", "compute_extension:aggregates": "rule:admin_api", - "compute_extension:v3:os-aggregates:discoverable": "", - "compute_extension:v3:os-aggregates:index": "rule:admin_api", - "compute_extension:v3:os-aggregates:create": "rule:admin_api", - "compute_extension:v3:os-aggregates:show": "rule:admin_api", - "compute_extension:v3:os-aggregates:update": "rule:admin_api", - "compute_extension:v3:os-aggregates:delete": "rule:admin_api", - "compute_extension:v3:os-aggregates:add_host": "rule:admin_api", - "compute_extension:v3:os-aggregates:remove_host": "rule:admin_api", - "compute_extension:v3:os-aggregates:set_metadata": "rule:admin_api", "compute_extension:agents": "rule:admin_api", - "compute_extension:v3:os-agents": "rule:admin_api", - "compute_extension:v3:os-agents:discoverable": "", "compute_extension:attach_interfaces": "", - "compute_extension:v3:os-attach-interfaces": "", - "compute_extension:v3:os-attach-interfaces:discoverable": "", "compute_extension:baremetal_nodes": "rule:admin_api", "compute_extension:cells": "rule:admin_api", - "compute_extension:v3:os-cells": "rule:admin_api", - "compute_extension:v3:os-cells:discoverable": "", + "compute_extension:cells:create": "rule:admin_api", + "compute_extension:cells:delete": "rule:admin_api", + "compute_extension:cells:update": "rule:admin_api", + "compute_extension:cells:sync_instances": "rule:admin_api", "compute_extension:certificates": "", - "compute_extension:v3:os-certificates:create": "", - "compute_extension:v3:os-certificates:show": "", - "compute_extension:v3:os-certificates:discoverable": "", "compute_extension:cloudpipe": "rule:admin_api", "compute_extension:cloudpipe_update": "rule:admin_api", "compute_extension:console_output": "", - "compute_extension:v3:consoles:discoverable": "", - "compute_extension:v3:os-console-output:discoverable": "", - "compute_extension:v3:os-console-output": "", "compute_extension:consoles": "", - "compute_extension:v3:os-remote-consoles": "", - "compute_extension:v3:os-remote-consoles:discoverable": "", "compute_extension:createserverext": "", - "compute_extension:v3:os-create-backup:discoverable": "", - "compute_extension:v3:os-create-backup": "rule:admin_or_owner", "compute_extension:deferred_delete": "", - "compute_extension:v3:os-deferred-delete": "", - "compute_extension:v3:os-deferred-delete:discoverable": "", "compute_extension:disk_config": "", "compute_extension:evacuate": "rule:admin_api", - "compute_extension:v3:os-evacuate": "rule:admin_api", - "compute_extension:v3:os-evacuate:discoverable": "", "compute_extension:extended_server_attributes": "rule:admin_api", - "compute_extension:v3:os-extended-server-attributes": "rule:admin_api", - "compute_extension:v3:os-extended-server-attributes:discoverable": "", "compute_extension:extended_status": "", - "compute_extension:v3:os-extended-status": "", - "compute_extension:v3:os-extended-status:discoverable": "", "compute_extension:extended_availability_zone": "", - "compute_extension:v3:os-extended-availability-zone": "", - "compute_extension:v3:os-extended-availability-zone:discoverable": "", "compute_extension:extended_ips": "", "compute_extension:extended_ips_mac": "", "compute_extension:extended_vif_net": "", - "compute_extension:v3:extension_info:discoverable": "", "compute_extension:extended_volumes": "", - "compute_extension:v3:os-extended-volumes": "", - "compute_extension:v3:os-extended-volumes:swap": "", - "compute_extension:v3:os-extended-volumes:discoverable": "", - "compute_extension:v3:os-extended-volumes:attach": "", - "compute_extension:v3:os-extended-volumes:detach": "", "compute_extension:fixed_ips": "rule:admin_api", "compute_extension:flavor_access": "", "compute_extension:flavor_access:addTenantAccess": "rule:admin_api", "compute_extension:flavor_access:removeTenantAccess": "rule:admin_api", - "compute_extension:v3:flavor-access": "", - "compute_extension:v3:flavor-access:discoverable": "", - "compute_extension:v3:flavor-access:remove_tenant_access": "rule:admin_api", - "compute_extension:v3:flavor-access:add_tenant_access": "rule:admin_api", "compute_extension:flavor_disabled": "", "compute_extension:flavor_rxtx": "", - "compute_extension:v3:os-flavor-rxtx": "", - "compute_extension:v3:os-flavor-rxtx:discoverable": "", "compute_extension:flavor_swap": "", "compute_extension:flavorextradata": "", "compute_extension:flavorextraspecs:index": "", @@ -129,15 +80,7 @@ "compute_extension:flavorextraspecs:create": "rule:admin_api", "compute_extension:flavorextraspecs:update": "rule:admin_api", "compute_extension:flavorextraspecs:delete": "rule:admin_api", - "compute_extension:v3:flavors:discoverable": "", - "compute_extension:v3:flavor-extra-specs:discoverable": "", - "compute_extension:v3:flavor-extra-specs:index": "", - "compute_extension:v3:flavor-extra-specs:show": "", - "compute_extension:v3:flavor-extra-specs:create": "rule:admin_api", - "compute_extension:v3:flavor-extra-specs:update": "rule:admin_api", - "compute_extension:v3:flavor-extra-specs:delete": "rule:admin_api", "compute_extension:flavormanage": "rule:admin_api", - "compute_extension:v3:flavor-manage": "rule:admin_api", "compute_extension:floating_ip_dns": "", "compute_extension:floating_ip_pools": "", "compute_extension:floating_ips": "", @@ -145,99 +88,39 @@ "compute_extension:fping": "", "compute_extension:fping:all_tenants": "rule:admin_api", "compute_extension:hide_server_addresses": "is_admin:False", - "compute_extension:v3:os-hide-server-addresses": "is_admin:False", - "compute_extension:v3:os-hide-server-addresses:discoverable": "", "compute_extension:hosts": "rule:admin_api", - "compute_extension:v3:os-hosts": "rule:admin_api", - "compute_extension:v3:os-hosts:discoverable": "", "compute_extension:hypervisors": "rule:admin_api", - "compute_extension:v3:os-hypervisors": "rule:admin_api", - "compute_extension:v3:os-hypervisors:discoverable": "", "compute_extension:image_size": "", "compute_extension:instance_actions": "", - "compute_extension:v3:os-instance-actions": "", - "compute_extension:v3:os-instance-actions:discoverable": "", "compute_extension:instance_actions:events": "rule:admin_api", - "compute_extension:v3:os-instance-actions:events": "rule:admin_api", "compute_extension:instance_usage_audit_log": "rule:admin_api", - "compute_extension:v3:ips:discoverable": "", "compute_extension:keypairs": "", "compute_extension:keypairs:index": "", "compute_extension:keypairs:show": "", "compute_extension:keypairs:create": "", "compute_extension:keypairs:delete": "", - "compute_extension:v3:keypairs:discoverable": "", - "compute_extension:v3:keypairs": "", - "compute_extension:v3:keypairs:index": "", - "compute_extension:v3:keypairs:show": "", - "compute_extension:v3:keypairs:create": "", - "compute_extension:v3:keypairs:delete": "", - "compute_extension:v3:os-lock-server:discoverable": "", - "compute_extension:v3:os-lock-server:lock": "rule:admin_or_owner", - "compute_extension:v3:os-lock-server:unlock": "rule:admin_or_owner", - "compute_extension:v3:os-migrate-server:discoverable": "", - "compute_extension:v3:os-migrate-server:migrate": "rule:admin_api", - "compute_extension:v3:os-migrate-server:migrate_live": "rule:admin_api", "compute_extension:multinic": "", - "compute_extension:v3:os-multinic": "", - "compute_extension:v3:os-multinic:discoverable": "", "compute_extension:networks": "rule:admin_api", "compute_extension:networks:view": "", "compute_extension:networks_associate": "rule:admin_api", - "compute_extension:v3:os-pause-server:discoverable": "", - "compute_extension:v3:os-pause-server:pause": "rule:admin_or_owner", - "compute_extension:v3:os-pause-server:unpause": "rule:admin_or_owner", - "compute_extension:v3:os-pci:pci_servers": "", - "compute_extension:v3:os-pci:discoverable": "", - "compute_extension:v3:os-pci:index": "rule:admin_api", - "compute_extension:v3:os-pci:detail": "rule:admin_api", - "compute_extension:v3:os-pci:show": "rule:admin_api", "compute_extension:quotas:show": "", "compute_extension:quotas:update": "rule:admin_api", "compute_extension:quotas:delete": "rule:admin_api", - "compute_extension:v3:os-quota-sets:discoverable": "", - "compute_extension:v3:os-quota-sets:show": "", - "compute_extension:v3:os-quota-sets:update": "rule:admin_api", - "compute_extension:v3:os-quota-sets:delete": "rule:admin_api", - "compute_extension:v3:os-quota-sets:detail": "rule:admin_api", "compute_extension:quota_classes": "", "compute_extension:rescue": "", - "compute_extension:v3:os-rescue": "", - "compute_extension:v3:os-rescue:discoverable": "", - "compute_extension:v3:os-scheduler-hints:discoverable": "", "compute_extension:security_group_default_rules": "rule:admin_api", "compute_extension:security_groups": "", - "compute_extension:v3:os-security-groups": "", - "compute_extension:v3:os-security-groups:discoverable": "", "compute_extension:server_diagnostics": "rule:admin_api", - "compute_extension:v3:os-server-diagnostics": "rule:admin_api", - "compute_extension:v3:os-server-diagnostics:discoverable": "", "compute_extension:server_groups": "", "compute_extension:server_password": "", - "compute_extension:v3:os-server-password": "", - "compute_extension:v3:os-server-password:discoverable": "", "compute_extension:server_usage": "", - "compute_extension:v3:os-server-usage": "", - "compute_extension:v3:os-server-usage:discoverable": "", "compute_extension:services": "rule:admin_api", - "compute_extension:v3:os-services": "rule:admin_api", - "compute_extension:v3:os-services:discoverable": "", - "compute_extension:v3:server-metadata:discoverable": "", - "compute_extension:v3:servers:discoverable": "", "compute_extension:shelve": "", "compute_extension:shelveOffload": "rule:admin_api", - "compute_extension:v3:os-shelve:shelve": "", - "compute_extension:v3:os-shelve:shelve:discoverable": "", - "compute_extension:v3:os-shelve:shelve_offload": "rule:admin_api", "compute_extension:simple_tenant_usage:show": "rule:admin_or_owner", - "compute_extension:v3:os-suspend-server:discoverable": "", - "compute_extension:v3:os-suspend-server:suspend": "rule:admin_or_owner", - "compute_extension:v3:os-suspend-server:resume": "rule:admin_or_owner", "compute_extension:simple_tenant_usage:list": "rule:admin_api", "compute_extension:unshelve": "", - "compute_extension:v3:os-shelve:unshelve": "", "compute_extension:users": "rule:admin_api", - "compute_extension:v3:os-user-data:discoverable": "", "compute_extension:virtual_interfaces": "", "compute_extension:virtual_storage_arrays": "", "compute_extension:volumes": "", @@ -248,34 +131,13 @@ "compute_extension:volume_attachments:delete": "", "compute_extension:volumetypes": "", "compute_extension:availability_zone:list": "", - "compute_extension:v3:os-availability-zone:list": "", - "compute_extension:v3:os-availability-zone:discoverable": "", "compute_extension:availability_zone:detail": "rule:admin_api", - "compute_extension:v3:os-availability-zone:detail": "rule:admin_api", "compute_extension:used_limits_for_admin": "rule:admin_api", "compute_extension:migrations:index": "rule:admin_api", - "compute_extension:v3:os-migrations:index": "rule:admin_api", - "compute_extension:v3:os-migrations:discoverable": "", "compute_extension:os-assisted-volume-snapshots:create": "rule:admin_api", "compute_extension:os-assisted-volume-snapshots:delete": "rule:admin_api", "compute_extension:console_auth_tokens": "rule:admin_api", - "compute_extension:v3:os-console-auth-tokens": "rule:admin_api", "compute_extension:os-server-external-events:create": "rule:admin_api", - "compute_extension:v3:os-server-external-events:create": "rule:admin_api", - - "volume:create": "", - "volume:get_all": "", - "volume:get_volume_metadata": "", - "volume:get_snapshot": "", - "volume:get_all_snapshots": "", - - - "volume_extension:types_manage": "rule:admin_api", - "volume_extension:types_extra_specs": "rule:admin_api", - "volume_extension:volume_admin_actions:reset_status": "rule:admin_api", - "volume_extension:snapshot_admin_actions:reset_status": "rule:admin_api", - "volume_extension:volume_admin_actions:force_delete": "rule:admin_api", - "network:get_all": "", "network:get": "", @@ -298,7 +160,6 @@ "network:get_floating_ips_by_project": "", "network:get_floating_ips_by_fixed_address": "", "network:allocate_floating_ip": "", - "network:deallocate_floating_ip": "", "network:associate_floating_ip": "", "network:disassociate_floating_ip": "", "network:release_floating_ip": "", @@ -320,5 +181,6 @@ "network:get_dns_entries_by_name": "", "network:create_private_dns_domain": "", "network:create_public_dns_domain": "", - "network:delete_dns_domain": "" + "network:delete_dns_domain": "", + "network:attach_external_network": "rule:admin_api" } diff --git a/tasks/nova_service_setup.yml b/tasks/nova_service_setup.yml index 899b67e9..3f487506 100644 --- a/tasks/nova_service_setup.yml +++ b/tasks/nova_service_setup.yml @@ -60,6 +60,8 @@ service_internalurl: "{{ nova_s3_service_internalurl }}" service_adminurl: "{{ nova_s3_service_adminurl }}" role_name: "{{ nova_service_role_name }}" + when: > + nova_s3_deprecated_but_enabled == true or nova_s3_deprecated_but_enabled == 'True' tags: - nova-api - nova-api-s3 @@ -77,6 +79,8 @@ service_internalurl: "{{ nova_ec2_service_internalurl }}" service_adminurl: "{{ nova_ec2_service_adminurl }}" role_name: "{{ nova_service_role_name }}" + when: > + nova_ec2_deprecated_but_enabled == true or nova_ec2_deprecated_but_enabled == 'True' tags: - nova-api - nova-api-ec2 diff --git a/tasks/nova_upstart_init.yml b/tasks/nova_upstart_init.yml index 2ca917fb..249cdd21 100644 --- a/tasks/nova_upstart_init.yml +++ b/tasks/nova_upstart_init.yml @@ -56,7 +56,9 @@ system_user: "{{ nova_system_user_name }}" system_group: "{{ nova_system_group_name }}" service_home: "{{ nova_system_home_folder }}" - when: inventory_hostname in groups['nova_api_ec2'] + when: > + inventory_hostname in groups['nova_api_ec2'] and + (nova_ec2_deprecated_but_enabled == true or nova_ec2_deprecated_but_enabled == 'True') - include: nova_upstart_common_init.yml vars: @@ -65,7 +67,9 @@ system_user: "{{ nova_system_user_name }}" system_group: "{{ nova_system_group_name }}" service_home: "{{ nova_system_home_folder }}" - when: inventory_hostname in groups['nova_api_ec2'] + when: > + inventory_hostname in groups['nova_api_ec2'] and + (nova_ec2_deprecated_but_enabled == true or nova_ec2_deprecated_but_enabled == 'True') - include: nova_upstart_common_init.yml vars: diff --git a/templates/nova.conf.j2 b/templates/nova.conf.j2 index 86db6fb2..56066f7e 100644 --- a/templates/nova.conf.j2 +++ b/templates/nova.conf.j2 @@ -10,7 +10,6 @@ verbose = {{ verbose }} fatal_deprecations = {{ nova_fatal_deprecations }} log_dir = /var/log/nova state_path = {{ nova_system_home_folder }} -lock_path = /var/lock/nova rootwrap_config = /etc/nova/rootwrap.conf service_down_time = 120 @@ -47,23 +46,20 @@ allow_resize_to_same_host = True image_cache_manager_interval = {{ nova_image_cache_manager_interval }} # Api's -enabled_apis = osapi_compute,metadata,ec2 +enabled_apis = {{ nova_enabled_apis }} osapi_compute_workers = {{ nova_osapi_compute_workers | default(api_threads) }} +{% if nova_ec2_deprecated_but_enabled == true or nova_ec2_deprecated_but_enabled == 'True' %} ec2_workers = {{ nova_ec2_workers | default(api_threads) }} ec2_dmz_host = {{ external_lb_vip_address }} +{% endif %} +{% if nova_s3_deprecated_but_enabled == true or nova_s3_deprecated_but_enabled == 'True' %} s3_port = {{ nova_s3_service_port }} s3_host = {{ ansible_ssh_host }} +{% endif %} # Rpc all -amqp_auto_delete = False rpc_backend = {{ nova_rpc_backend }} -# RabbitMQ -rabbit_port = {{ rabbitmq_port }} -rabbit_userid = {{ rabbitmq_userid }} -rabbit_password = {{ rabbitmq_password }} -rabbit_hosts = {{ rabbitmq_servers }} - # Metadata metadata_host = {{ internal_lb_vip_address }} metadata_port = {{ nova_metadata_port }} @@ -176,6 +172,18 @@ connection = mysql://{{ nova_galera_user }}:{{ nova_container_mysql_password }}@ {% endif %} +[oslo_concurrency] +lock_path = /var/lock/nova + + +[oslo_messaging_rabbit] +amqp_auto_delete = False +rabbit_port = {{ rabbitmq_port }} +rabbit_userid = {{ rabbitmq_userid }} +rabbit_password = {{ rabbitmq_password }} +rabbit_hosts = {{ rabbitmq_servers }} + + [libvirt] vif_driver = {{ nova_libvirt_vif_driver }} inject_partition = -2