Merge "Allow deployments to run when selinux is disabled"
This commit is contained in:
commit
3b0ffcd9d6
deployment
barbican
ceilometer
cinder
deprecated/nova
heat
logrotate
manila
neutron
neutron-dhcp-container-puppet.yamlneutron-l3-container-puppet.yamlneutron-metadata-container-puppet.yamlneutron-ovs-agent-container-puppet.yamlneutron-sriov-agent-container-puppet.yaml
nova
nova-compute-container-puppet.yamlnova-conductor-container-puppet.yamlnova-ironic-container-puppet.yamlnova-modular-libvirt-container-puppet.yamlnova-scheduler-container-puppet.yaml
octavia
ovn
@ -803,6 +803,9 @@ outputs:
|
|||||||
name: virt_sandbox_use_netlink
|
name: virt_sandbox_use_netlink
|
||||||
persistent: true
|
persistent: true
|
||||||
state: true
|
state: true
|
||||||
|
when:
|
||||||
|
- ansible_facts.selinux is defined
|
||||||
|
- ansible_facts.selinux.status == "enabled"
|
||||||
scale_tasks:
|
scale_tasks:
|
||||||
if:
|
if:
|
||||||
- {get_param: BarbicanPkcs11CryptoLunasaEnabled}
|
- {get_param: BarbicanPkcs11CryptoLunasaEnabled}
|
||||||
|
@ -139,3 +139,6 @@ outputs:
|
|||||||
name: virt_sandbox_use_netlink
|
name: virt_sandbox_use_netlink
|
||||||
persistent: true
|
persistent: true
|
||||||
state: true
|
state: true
|
||||||
|
when:
|
||||||
|
- ansible_facts.selinux is defined
|
||||||
|
- ansible_facts.selinux.status == "enabled"
|
||||||
|
@ -220,6 +220,9 @@ outputs:
|
|||||||
name: virt_sandbox_use_netlink
|
name: virt_sandbox_use_netlink
|
||||||
persistent: true
|
persistent: true
|
||||||
state: true
|
state: true
|
||||||
|
when:
|
||||||
|
- ansible_facts.selinux is defined
|
||||||
|
- ansible_facts.selinux.status == "enabled"
|
||||||
external_upgrade_tasks:
|
external_upgrade_tasks:
|
||||||
- when:
|
- when:
|
||||||
- step|int == 1
|
- step|int == 1
|
||||||
|
@ -282,6 +282,9 @@ outputs:
|
|||||||
name: virt_sandbox_use_netlink
|
name: virt_sandbox_use_netlink
|
||||||
persistent: true
|
persistent: true
|
||||||
state: true
|
state: true
|
||||||
|
when:
|
||||||
|
- ansible_facts.selinux is defined
|
||||||
|
- ansible_facts.selinux.status == "enabled"
|
||||||
deploy_steps_tasks:
|
deploy_steps_tasks:
|
||||||
- name: Clean up when switching cinder-backup from pcmk to active-active
|
- name: Clean up when switching cinder-backup from pcmk to active-active
|
||||||
when:
|
when:
|
||||||
|
@ -163,6 +163,9 @@ outputs:
|
|||||||
name: virt_sandbox_use_netlink
|
name: virt_sandbox_use_netlink
|
||||||
persistent: true
|
persistent: true
|
||||||
state: true
|
state: true
|
||||||
|
when:
|
||||||
|
- ansible_facts.selinux is defined
|
||||||
|
- ansible_facts.selinux.status == "enabled"
|
||||||
external_upgrade_tasks:
|
external_upgrade_tasks:
|
||||||
- when:
|
- when:
|
||||||
- step|int == 1
|
- step|int == 1
|
||||||
|
@ -925,6 +925,9 @@ outputs:
|
|||||||
name: os_enable_vtpm
|
name: os_enable_vtpm
|
||||||
persistent: true
|
persistent: true
|
||||||
state: true
|
state: true
|
||||||
|
when:
|
||||||
|
- ansible_facts.selinux is defined
|
||||||
|
- ansible_facts.selinux.status == "enabled"
|
||||||
metadata_settings:
|
metadata_settings:
|
||||||
list_concat:
|
list_concat:
|
||||||
- if:
|
- if:
|
||||||
|
@ -305,6 +305,9 @@ outputs:
|
|||||||
name: virt_sandbox_use_netlink
|
name: virt_sandbox_use_netlink
|
||||||
persistent: true
|
persistent: true
|
||||||
state: true
|
state: true
|
||||||
|
when:
|
||||||
|
- ansible_facts.selinux is defined
|
||||||
|
- ansible_facts.selinux.status == "enabled"
|
||||||
upgrade_tasks: []
|
upgrade_tasks: []
|
||||||
external_upgrade_tasks:
|
external_upgrade_tasks:
|
||||||
- when:
|
- when:
|
||||||
|
@ -113,6 +113,9 @@ outputs:
|
|||||||
name: logrotate_read_inside_containers
|
name: logrotate_read_inside_containers
|
||||||
persistent: true
|
persistent: true
|
||||||
state: true
|
state: true
|
||||||
|
when:
|
||||||
|
- ansible_facts.selinux is defined
|
||||||
|
- ansible_facts.selinux.status == "enabled"
|
||||||
deploy_steps_tasks:
|
deploy_steps_tasks:
|
||||||
- name: configure tmpwatch on the host
|
- name: configure tmpwatch on the host
|
||||||
when: step|int == 2
|
when: step|int == 2
|
||||||
|
@ -128,6 +128,9 @@ outputs:
|
|||||||
name: virt_sandbox_use_netlink
|
name: virt_sandbox_use_netlink
|
||||||
persistent: true
|
persistent: true
|
||||||
state: true
|
state: true
|
||||||
|
when:
|
||||||
|
- ansible_facts.selinux is defined
|
||||||
|
- ansible_facts.selinux.status == "enabled"
|
||||||
upgrade_tasks: []
|
upgrade_tasks: []
|
||||||
external_upgrade_tasks:
|
external_upgrade_tasks:
|
||||||
- when:
|
- when:
|
||||||
|
@ -428,6 +428,9 @@ outputs:
|
|||||||
name: virt_sandbox_use_netlink
|
name: virt_sandbox_use_netlink
|
||||||
persistent: true
|
persistent: true
|
||||||
state: true
|
state: true
|
||||||
|
when:
|
||||||
|
- ansible_facts.selinux is defined
|
||||||
|
- ansible_facts.selinux.status == "enabled"
|
||||||
- name: set conditions
|
- name: set conditions
|
||||||
set_fact:
|
set_fact:
|
||||||
dnsmasq_wrapper_enabled: {get_param: NeutronEnableDnsmasqDockerWrapper}
|
dnsmasq_wrapper_enabled: {get_param: NeutronEnableDnsmasqDockerWrapper}
|
||||||
|
@ -355,6 +355,9 @@ outputs:
|
|||||||
name: virt_sandbox_use_netlink
|
name: virt_sandbox_use_netlink
|
||||||
persistent: true
|
persistent: true
|
||||||
state: true
|
state: true
|
||||||
|
when:
|
||||||
|
- ansible_facts.selinux is defined
|
||||||
|
- ansible_facts.selinux.status == "enabled"
|
||||||
- name: set conditions
|
- name: set conditions
|
||||||
set_fact:
|
set_fact:
|
||||||
keepalived_wrapper_enabled: {get_param: NeutronEnableKeepalivedWrapper}
|
keepalived_wrapper_enabled: {get_param: NeutronEnableKeepalivedWrapper}
|
||||||
|
@ -211,4 +211,7 @@ outputs:
|
|||||||
name: virt_sandbox_use_netlink
|
name: virt_sandbox_use_netlink
|
||||||
persistent: true
|
persistent: true
|
||||||
state: true
|
state: true
|
||||||
|
when:
|
||||||
|
- ansible_facts.selinux is defined
|
||||||
|
- ansible_facts.selinux.status == "enabled"
|
||||||
upgrade_tasks: []
|
upgrade_tasks: []
|
||||||
|
@ -418,6 +418,9 @@ outputs:
|
|||||||
name: virt_sandbox_use_netlink
|
name: virt_sandbox_use_netlink
|
||||||
persistent: true
|
persistent: true
|
||||||
state: true
|
state: true
|
||||||
|
when:
|
||||||
|
- ansible_facts.selinux is defined
|
||||||
|
- ansible_facts.selinux.status == "enabled"
|
||||||
update_tasks:
|
update_tasks:
|
||||||
# puppetlabs-firewall manages security rules via Puppet but make the rules
|
# puppetlabs-firewall manages security rules via Puppet but make the rules
|
||||||
# consistent by default. Since Neutron also creates some rules, we don't
|
# consistent by default. Since Neutron also creates some rules, we don't
|
||||||
|
@ -202,6 +202,9 @@ outputs:
|
|||||||
name: virt_sandbox_use_netlink
|
name: virt_sandbox_use_netlink
|
||||||
persistent: true
|
persistent: true
|
||||||
state: true
|
state: true
|
||||||
|
when:
|
||||||
|
- ansible_facts.selinux is defined
|
||||||
|
- ansible_facts.selinux.status == "enabled"
|
||||||
- if:
|
- if:
|
||||||
- derive_pci_whitelist_enabled
|
- derive_pci_whitelist_enabled
|
||||||
- - name: "creating directory"
|
- - name: "creating directory"
|
||||||
|
@ -1532,6 +1532,9 @@ outputs:
|
|||||||
name: virt_sandbox_use_netlink
|
name: virt_sandbox_use_netlink
|
||||||
persistent: true
|
persistent: true
|
||||||
state: true
|
state: true
|
||||||
|
when:
|
||||||
|
- ansible_facts.selinux is defined
|
||||||
|
- ansible_facts.selinux.status == "enabled"
|
||||||
- name: install Instance HA recovery script
|
- name: install Instance HA recovery script
|
||||||
when: instance_ha_enabled|bool
|
when: instance_ha_enabled|bool
|
||||||
block:
|
block:
|
||||||
|
@ -242,6 +242,9 @@ outputs:
|
|||||||
name: virt_sandbox_use_netlink
|
name: virt_sandbox_use_netlink
|
||||||
persistent: true
|
persistent: true
|
||||||
state: true
|
state: true
|
||||||
|
when:
|
||||||
|
- ansible_facts.selinux is defined
|
||||||
|
- ansible_facts.selinux.status == "enabled"
|
||||||
external_upgrade_tasks:
|
external_upgrade_tasks:
|
||||||
- when: step|int == 1
|
- when: step|int == 1
|
||||||
block: &nova_online_db_migration
|
block: &nova_online_db_migration
|
||||||
|
@ -230,6 +230,9 @@ outputs:
|
|||||||
name: virt_sandbox_use_netlink
|
name: virt_sandbox_use_netlink
|
||||||
persistent: true
|
persistent: true
|
||||||
state: true
|
state: true
|
||||||
|
when:
|
||||||
|
- ansible_facts.selinux is defined
|
||||||
|
- ansible_facts.selinux.status == "enabled"
|
||||||
external_post_deploy_tasks: {get_attr: [NovaComputeCommon, nova_compute_common_deploy_steps_tasks]}
|
external_post_deploy_tasks: {get_attr: [NovaComputeCommon, nova_compute_common_deploy_steps_tasks]}
|
||||||
external_upgrade_tasks:
|
external_upgrade_tasks:
|
||||||
- when:
|
- when:
|
||||||
|
@ -963,6 +963,9 @@ outputs:
|
|||||||
name: os_enable_vtpm
|
name: os_enable_vtpm
|
||||||
persistent: true
|
persistent: true
|
||||||
state: true
|
state: true
|
||||||
|
when:
|
||||||
|
- ansible_facts.selinux is defined
|
||||||
|
- ansible_facts.selinux.status == "enabled"
|
||||||
metadata_settings:
|
metadata_settings:
|
||||||
list_concat:
|
list_concat:
|
||||||
- if:
|
- if:
|
||||||
|
@ -323,6 +323,9 @@ outputs:
|
|||||||
name: virt_sandbox_use_netlink
|
name: virt_sandbox_use_netlink
|
||||||
persistent: true
|
persistent: true
|
||||||
state: true
|
state: true
|
||||||
|
when:
|
||||||
|
- ansible_facts.selinux is defined
|
||||||
|
- ansible_facts.selinux.status == "enabled"
|
||||||
external_upgrade_tasks:
|
external_upgrade_tasks:
|
||||||
- when:
|
- when:
|
||||||
- step|int == 1
|
- step|int == 1
|
||||||
|
@ -179,6 +179,9 @@ outputs:
|
|||||||
name: virt_sandbox_use_netlink
|
name: virt_sandbox_use_netlink
|
||||||
persistent: true
|
persistent: true
|
||||||
state: true
|
state: true
|
||||||
|
when:
|
||||||
|
- ansible_facts.selinux is defined
|
||||||
|
- ansible_facts.selinux.status == "enabled"
|
||||||
update_tasks: {get_attr: [OctaviaBase, role_data, update_tasks]}
|
update_tasks: {get_attr: [OctaviaBase, role_data, update_tasks]}
|
||||||
upgrade_tasks: {get_attr: [OctaviaBase, role_data, upgrade_tasks]}
|
upgrade_tasks: {get_attr: [OctaviaBase, role_data, upgrade_tasks]}
|
||||||
external_upgrade_tasks:
|
external_upgrade_tasks:
|
||||||
|
@ -277,7 +277,7 @@ outputs:
|
|||||||
- 'ssl'
|
- 'ssl'
|
||||||
vswitch::ovs::vlan_limit:
|
vswitch::ovs::vlan_limit:
|
||||||
if:
|
if:
|
||||||
- {get_param: EnableVLANTransparency}
|
- {get_param: EnableVLANTransparency}
|
||||||
- 0
|
- 0
|
||||||
service_config_settings: {}
|
service_config_settings: {}
|
||||||
# BEGIN DOCKER SETTINGS
|
# BEGIN DOCKER SETTINGS
|
||||||
@ -426,6 +426,9 @@ outputs:
|
|||||||
name: virt_sandbox_use_netlink
|
name: virt_sandbox_use_netlink
|
||||||
persistent: true
|
persistent: true
|
||||||
state: true
|
state: true
|
||||||
|
when:
|
||||||
|
- ansible_facts.selinux is defined
|
||||||
|
- ansible_facts.selinux.status == "enabled"
|
||||||
- name: Copy in cleanup script
|
- name: Copy in cleanup script
|
||||||
copy:
|
copy:
|
||||||
content: {get_file: ../neutron/neutron-cleanup}
|
content: {get_file: ../neutron/neutron-cleanup}
|
||||||
|
Loading…
x
Reference in New Issue
Block a user