49f334284b
Change Id84e3b6e62e544582d6917047534e846e026798d added support for custom HAProxy service config using a plain copy of files in services.d. Use a template action instead of a copy so that we can use variables and iterate over group of hosts. Change-Id: I1f07785932de4e4540422bd18af95241f05a67bf
165 lines
4.5 KiB
YAML
165 lines
4.5 KiB
YAML
---
|
|
- name: Setting sysctl values
|
|
sysctl: name={{ item.name }} value={{ item.value }} sysctl_set=yes
|
|
become: true
|
|
with_items:
|
|
- { name: "net.ipv4.ip_nonlocal_bind", value: 1}
|
|
- { name: "net.ipv6.ip_nonlocal_bind", value: 1}
|
|
- { name: "net.unix.max_dgram_qlen", value: 128}
|
|
when:
|
|
- set_sysctl | bool
|
|
|
|
- name: Ensuring config directories exist
|
|
file:
|
|
path: "{{ node_config_directory }}/{{ item.key }}"
|
|
state: "directory"
|
|
owner: "{{ config_owner_user }}"
|
|
group: "{{ config_owner_group }}"
|
|
mode: "0770"
|
|
become: true
|
|
when:
|
|
- inventory_hostname in groups[item.value.group]
|
|
- item.value.enabled | bool
|
|
with_dict: "{{ haproxy_services }}"
|
|
|
|
- name: Ensuring service config subdir exists
|
|
vars:
|
|
service: "{{ haproxy_services['haproxy'] }}"
|
|
file:
|
|
path: "{{ node_config_directory }}/haproxy/services.d"
|
|
state: "directory"
|
|
owner: "{{ config_owner_user }}"
|
|
group: "{{ config_owner_group }}"
|
|
mode: "0770"
|
|
become: true
|
|
when:
|
|
- inventory_hostname in groups[service.group]
|
|
- service.enabled | bool
|
|
|
|
- name: Copying over config.json files for services
|
|
template:
|
|
src: "{{ item.key }}.json.j2"
|
|
dest: "{{ node_config_directory }}/{{ item.key }}/config.json"
|
|
mode: "0660"
|
|
become: true
|
|
when:
|
|
- inventory_hostname in groups[item.value.group]
|
|
- item.value.enabled | bool
|
|
with_dict: "{{ haproxy_services }}"
|
|
notify:
|
|
- "Restart {{ item.key }} container"
|
|
|
|
- name: Copying over haproxy.cfg
|
|
vars:
|
|
service: "{{ haproxy_services['haproxy'] }}"
|
|
template:
|
|
src: "{{ item }}"
|
|
dest: "{{ node_config_directory }}/haproxy/haproxy.cfg"
|
|
mode: "0660"
|
|
become: true
|
|
when:
|
|
- inventory_hostname in groups[service.group]
|
|
- service.enabled | bool
|
|
with_first_found:
|
|
- "{{ node_custom_config }}/haproxy/{{ inventory_hostname }}/haproxy_main.cfg"
|
|
- "{{ node_custom_config }}/haproxy/haproxy_main.cfg"
|
|
- "haproxy_main.cfg.j2"
|
|
notify:
|
|
- Restart haproxy container
|
|
|
|
- name: Copying over custom haproxy services configuration
|
|
vars:
|
|
service: "{{ haproxy_services['haproxy'] }}"
|
|
template:
|
|
src: "{{ item }}"
|
|
dest: "{{ node_config_directory }}/haproxy/services.d/"
|
|
mode: "0660"
|
|
become: true
|
|
when:
|
|
- inventory_hostname in groups[service.group]
|
|
- service.enabled | bool
|
|
with_fileglob:
|
|
- "{{ node_custom_config }}/haproxy/services.d/*.cfg"
|
|
notify:
|
|
- Restart haproxy container
|
|
|
|
- name: Load and persist keepalived module
|
|
import_role:
|
|
role: module-load
|
|
vars:
|
|
modules:
|
|
- {'name': ip_vs }
|
|
|
|
- name: Copying over keepalived.conf
|
|
vars:
|
|
service: "{{ haproxy_services['keepalived'] }}"
|
|
template:
|
|
src: "{{ item }}"
|
|
dest: "{{ node_config_directory }}/keepalived/keepalived.conf"
|
|
mode: "0660"
|
|
become: true
|
|
when:
|
|
- inventory_hostname in groups[service.group]
|
|
- service.enabled | bool
|
|
with_first_found:
|
|
- "{{ node_custom_config }}/keepalived/{{ inventory_hostname }}/keepalived.conf"
|
|
- "{{ node_custom_config }}/keepalived/keepalived.conf"
|
|
- "keepalived.conf.j2"
|
|
notify:
|
|
- Restart keepalived container
|
|
|
|
- name: Copying over haproxy.pem
|
|
vars:
|
|
service: "{{ haproxy_services['haproxy'] }}"
|
|
copy:
|
|
src: "{{ kolla_external_fqdn_cert }}"
|
|
dest: "{{ node_config_directory }}/haproxy/{{ item }}"
|
|
mode: "0660"
|
|
become: true
|
|
when:
|
|
- kolla_enable_tls_external | bool
|
|
- inventory_hostname in groups[service.group]
|
|
- service.enabled | bool
|
|
with_items:
|
|
- "haproxy.pem"
|
|
notify:
|
|
- Restart haproxy container
|
|
|
|
- name: Copying over haproxy-internal.pem
|
|
vars:
|
|
service: "{{ haproxy_services['haproxy'] }}"
|
|
copy:
|
|
src: "{{ kolla_internal_fqdn_cert }}"
|
|
dest: "{{ node_config_directory }}/haproxy/{{ item }}"
|
|
mode: "0660"
|
|
become: true
|
|
when:
|
|
- kolla_enable_tls_internal | bool
|
|
- inventory_hostname in groups[service.group]
|
|
- service.enabled | bool
|
|
with_items:
|
|
- "haproxy-internal.pem"
|
|
notify:
|
|
- Restart haproxy container
|
|
|
|
- name: Copying over haproxy start script
|
|
vars:
|
|
service: "{{ haproxy_services['haproxy'] }}"
|
|
template:
|
|
src: "{{ item }}"
|
|
dest: "{{ node_config_directory }}/haproxy/haproxy_run.sh"
|
|
mode: "0770"
|
|
become: true
|
|
when:
|
|
- inventory_hostname in groups[service.group]
|
|
- service.enabled | bool
|
|
with_first_found:
|
|
- "{{ node_custom_config }}/haproxy/{{ inventory_hostname }}/haproxy_run.sh"
|
|
- "{{ node_custom_config }}/haproxy/haproxy_run.sh"
|
|
- "haproxy_run.sh.j2"
|
|
notify:
|
|
- Restart haproxy container
|
|
|
|
- include_tasks: check-containers.yml
|
|
when: kolla_action != "config"
|