From ca07f6418291e0ea210a688d17a97ebf5cf0c6e2 Mon Sep 17 00:00:00 2001 From: Jaganathan Palanisamy Date: Wed, 20 Nov 2019 15:37:09 +0530 Subject: [PATCH] Derive Pci passthrough whitelist disable option This change is to add the option to disable the derive pci passthrough whitelist automation logic in sriov deployments if required. Change-Id: Ib2d5b019e3064acf50c06da071d9eb77fe0d10dd Closes-Bug: #1841041 (cherry picked from commit 8a7dcb59d9c9b37132c7e6d67128c22790ca7722) --- docker/services/neutron-sriov-agent.yaml | 46 ++++++++++++++++-------- 1 file changed, 32 insertions(+), 14 deletions(-) diff --git a/docker/services/neutron-sriov-agent.yaml b/docker/services/neutron-sriov-agent.yaml index 3bf39eacb3..240cf4fb55 100644 --- a/docker/services/neutron-sriov-agent.yaml +++ b/docker/services/neutron-sriov-agent.yaml @@ -40,6 +40,21 @@ parameters: description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json + DerivePciWhitelistEnabled: + default: true + description: Whether to enable or not the pci passthrough whitelist automation. + type: boolean + tags: + - role_specific + +conditions: + + derive_pci_whitelist_enabled: + or: + - and: + - equals: [{get_param: DerivePciWhitelistEnabled}, true] + - equals: [{get_param: [RoleParameters, DerivePciWhitelistEnabled]}, ''] + - equals: [{get_param: [RoleParameters, DerivePciWhitelistEnabled]}, true] resources: @@ -117,20 +132,23 @@ outputs: host_prep_tasks: list_concat: - {get_attr: [NeutronLogging, host_prep_tasks]} - - - name: "creating directory" - file: - state: directory - path: /var/lib/pci_passthrough_whitelist_scripts - owner: root - group: root - mode: 0750 - - name: derive pci passthrough whitelist - copy: - content: {get_file: ./derive_pci_passthrough_whitelist.py} - dest: '/var/lib/pci_passthrough_whitelist_scripts/derive_pci_passthrough_whitelist.py' - mode: 0700 - - name: run derive_pci_passthrough_whitelist.py - command: /var/lib/pci_passthrough_whitelist_scripts/derive_pci_passthrough_whitelist.py + - - if: + - derive_pci_whitelist_enabled + - - name: "creating directory" + file: + state: directory + path: /var/lib/pci_passthrough_whitelist_scripts + owner: root + group: root + mode: 0750 + - name: derive pci passthrough whitelist + copy: + content: {get_file: ./derive_pci_passthrough_whitelist.py} + dest: '/var/lib/pci_passthrough_whitelist_scripts/derive_pci_passthrough_whitelist.py' + mode: 0700 + - name: run derive_pci_passthrough_whitelist.py + command: /var/lib/pci_passthrough_whitelist_scripts/derive_pci_passthrough_whitelist.py + - [] metadata_settings: get_attr: [NeutronSriovAgentBase, role_data, metadata_settings] upgrade_tasks: