diff --git a/deployment/neutron/neutron-dhcp-container-puppet.yaml b/deployment/neutron/neutron-dhcp-container-puppet.yaml index 103195032d..18d2cfd78a 100644 --- a/deployment/neutron/neutron-dhcp-container-puppet.yaml +++ b/deployment/neutron/neutron-dhcp-container-puppet.yaml @@ -436,33 +436,3 @@ outputs: mode: 0755 content: {get_file: ./kill-script} upgrade_tasks: [] - post_upgrade_tasks: - - name: Check for neutron user - getent: - database: passwd - key: neutron - fail_key: false - - name: Set neutron_user_avail - set_fact: - neutron_user_avail: "{{ getent_passwd is defined }}" - - when: - - step|int == 2 - - neutron_user_avail|bool - block: - - name: Ensure read/write access for files created after upgrade - become: true - shell: | - umask 0002 - setfacl -d -R -m u:neutron:rwx /var/lib/neutron - setfacl -R -m u:neutron:rw /var/lib/neutron - find /var/lib/neutron -type d -exec setfacl -m u:neutron:rwx '{}' \; - - name: Provide access for domain sockets - become: true - shell: | - umask 0002 - setfacl -m u:neutron:rwx "{{ item }}" - with_items: - - /var/lib/neutron/metadata_proxy - - /var/lib/neutron - # These files are not necessarily present - failed_when: false diff --git a/deployment/neutron/neutron-l3-container-puppet.yaml b/deployment/neutron/neutron-l3-container-puppet.yaml index c22af947f0..89563553f5 100644 --- a/deployment/neutron/neutron-l3-container-puppet.yaml +++ b/deployment/neutron/neutron-l3-container-puppet.yaml @@ -364,34 +364,3 @@ outputs: mode: 0755 content: {get_file: ./kill-script} upgrade_tasks: [] - post_upgrade_tasks: - - name: Check for neutron user - getent: - database: passwd - key: neutron - fail_key: false - - name: Set neutron_user_avail - set_fact: - neutron_user_avail: "{{ getent_passwd is defined }}" - - when: - - step|int == 2 - - neutron_user_avail|bool - block: - - name: Ensure r/w access for existing files after upgrade - become: true - shell: | - umask 0002 - setfacl -d -R -m u:neutron:rwx /var/lib/neutron - setfacl -R -m u:neutron:rw /var/lib/neutron - find /var/lib/neutron -type d -exec setfacl -m u:neutron:rwx '{}' \; - - name: Provide access to domain sockets - become: true - shell: | - umask 0002 - setfacl -m u:neutron:rwx "{{ item }}" - with_items: - - /var/lib/neutron/metadata_proxy - - /var/lib/neutron/keepalived-state-change - - /var/lib/neutron - # These files are not necessarily present - failed_when: false diff --git a/deployment/neutron/neutron-metadata-container-puppet.yaml b/deployment/neutron/neutron-metadata-container-puppet.yaml index d78bdf1667..c2cb150087 100644 --- a/deployment/neutron/neutron-metadata-container-puppet.yaml +++ b/deployment/neutron/neutron-metadata-container-puppet.yaml @@ -193,34 +193,3 @@ outputs: persistent: yes state: yes upgrade_tasks: [] - post_upgrade_tasks: - - name: Check for neutron user - getent: - database: passwd - key: neutron - fail_key: false - - name: Set neutron_user_avail - set_fact: - neutron_user_avail: "{{ getent_passwd is defined }}" - - when: - - step|int == 2 - - neutron_user_avail|bool - block: - - name: Ensure r/w access for existing files after upgrade - become: true - shell: | - umask 0002 - setfacl -d -R -m u:neutron:rwx /var/lib/neutron - setfacl -R -m u:neutron:rw /var/lib/neutron - find /var/lib/neutron -type d -exec setfacl -m u:neutron:rwx '{}' \; - - name: Provide access to domain sockets - become: true - shell: | - umask 0002 - setfacl -m u:neutron:rwx "{{ item }}" - with_items: - - /var/lib/neutron/metadata_proxy - - /var/lib/neutron/keepalived-state-change - - /var/lib/neutron - # These files are not necessarily present - failed_when: false