openstack/openstack-ansible-os_nova
Code Issues Proposed changes
381 Commits 7 Branches 145 Tags
14.2.2
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
cmart c15d491020 nova user can read kernel for libguestfs on Ubuntu 
Problem: libvirt password/key injection uses libguestfs to mount the
guest filesystem. libguestfs uses a supermin appliance, and in order to
create this appliance, libguestfs (running as nova user) must read the
host's kernel. Unfortunately, Ubuntu sets file permissions which make
compressed kernels non-readable to non-root users, and this breaks
libvirt password/key injection on compute hosts running Ubuntu.

Solution: When compute hosts are running Ubuntu AND the deployer has
enabled libvirt password or SSH key injection, do the following:
- Run `dpkg-statoverride` to set file permissions on compressed
  kernel (/boot/vmlinuz-*), readable to group 'nova'
- Install a script which does same for each new kernel installed via
  system updates in the future

Related-Bug: #1507915
Change-Id: Ic96b69bb80ce11001b2ee5d63324a12b0f68456d
(cherry picked from commit 2bd15db036)
2017-04-07 08:05:53 +00:00
defaults
nova user can read kernel for libguestfs on Ubuntu
2017-04-07 08:05:53 +00:00
doc
Add custom interfaces file and update docs for PowerVM RMC
2016-12-06 16:54:06 +00:00
examples
[DOCS] Refactor of nova role docs
2016-08-16 18:57:21 -04:00
files
nova user can read kernel for libguestfs on Ubuntu
2017-04-07 08:05:53 +00:00
handlers
Use dictionary for service group mappings
2016-10-14 15:09:51 +01:00
meta
Use updated get_url module checksum functionality
2016-11-09 16:26:04 +00:00
releasenotes
nova user can read kernel for libguestfs on Ubuntu
2017-04-07 08:05:53 +00:00
tasks
nova user can read kernel for libguestfs on Ubuntu
2017-04-07 08:05:53 +00:00
templates
Fix default live migration configuration
2017-03-16 12:39:52 +00:00
tests
Use centralised Ansible test scripts
2016-10-20 12:54:37 +01:00
vars
Remove UCA/RDO in role
2017-02-14 10:45:29 +00:00
.gitignore
Use openstack-ansible-tests for os-nova role
2016-09-20 12:36:33 +01:00
.gitreview
Update .gitreview for stable/newton
2016-09-29 14:47:06 -04:00
bindep.txt
Install python2-pyOpenSSL package on CentOS
2017-03-03 19:38:25 +00:00
CONTRIBUTING.rst
Implement base configuration for independent repository
2016-03-02 00:07:37 +00:00
LICENSE
Implement base configuration for independent repository
2016-03-02 00:07:37 +00:00
manual-test.rc
Use centralised test scripts
2016-09-30 12:44:34 +00:00
README.rst
[DOCS] Fix link to nova
2016-08-18 17:18:12 +01:00
run_tests.sh
Use openstack-ansible-tests for os-nova role
2016-09-20 12:36:33 +01:00
setup.cfg
modify the home-page info with the developer documentation
2016-09-20 16:34:55 +05:30
setup.py
Updated from global requirements
2016-07-19 21:12:37 +00:00
test-requirements.txt
Use centralised Ansible test scripts
2016-10-20 12:54:37 +01:00
tox.ini
Use centralised Ansible test scripts
2016-10-20 12:54:37 +01:00
Vagrantfile
Remove apt update from Vagrantfile
2016-08-19 15:40:40 -04:00

README.rst

OpenStack-Ansible nova

Ansible role that installs and configures OpenStack nova and all of its corresponding services.

This role will install the following:
  • nova-api
  • nova-conductor
  • nova-scheduler
  • nova-console
  • nova-cert
  • nova-compute

Documentation for the project can be found at: http://docs.openstack.org/developer/openstack-ansible-os_nova/

The project home is at: http://launchpad.net/openstack-ansible

View Git Blame Copy Permalink
Description
Role os_nova for OpenStack-Ansible
Readme 16 MiB
Languages
Jinja 66.7%
Python 30.9%
Shell 2.4%