de00bf491d
Currently, we have a lot of logic for checking if a handler should run, depending on whether config files have changed and whether the container configuration has changed. As rm_work pointed out during the recent haproxy refactor, these conditionals are typically unnecessary - we can rely on Ansible's handler notification system to only trigger handlers when they need to run. This removes a lot of error prone code. This patch removes conditional handler logic for all services. It is important to ensure that we no longer trigger handlers when unnecessary, because without these checks in place it will trigger a restart of the containers. Implements: blueprint simplify-handlers Change-Id: I4f1aa03e9a9faaf8aecd556dfeafdb834042e4cd
130 lines
3.8 KiB
YAML
130 lines
3.8 KiB
YAML
---
|
|
- name: Ensuring config directory exists
|
|
file:
|
|
path: "{{ node_config_directory }}/{{ item }}"
|
|
state: "directory"
|
|
mode: "0770"
|
|
become: true
|
|
with_items:
|
|
- "nova-libvirt/secrets"
|
|
when: inventory_hostname in groups['compute']
|
|
|
|
- name: Check nova keyring file
|
|
local_action: stat path="{{ node_custom_config }}/nova/ceph.client.nova.keyring"
|
|
run_once: True
|
|
register: nova_cephx_keyring_file
|
|
failed_when: not nova_cephx_keyring_file.stat.exists
|
|
when:
|
|
- nova_backend == "rbd"
|
|
- external_ceph_cephx_enabled | bool
|
|
|
|
- name: Check cinder keyring file
|
|
local_action: stat path="{{ node_custom_config }}/nova/ceph.client.cinder.keyring"
|
|
run_once: True
|
|
register: cinder_cephx_keyring_file
|
|
failed_when: not cinder_cephx_keyring_file.stat.exists
|
|
when:
|
|
- cinder_backend_ceph | bool
|
|
- external_ceph_cephx_enabled | bool
|
|
|
|
# NOTE: nova-compute and nova-libvirt only need ceph.client.nova.keyring.
|
|
- name: Copy over ceph nova keyring file
|
|
copy:
|
|
src: "{{ nova_cephx_keyring_file.stat.path }}"
|
|
dest: "{{ node_config_directory }}/{{ item }}/"
|
|
mode: "0660"
|
|
become: true
|
|
with_items:
|
|
- nova-compute
|
|
- nova-libvirt
|
|
when:
|
|
- inventory_hostname in groups['compute']
|
|
- nova_backend == "rbd"
|
|
- external_ceph_cephx_enabled | bool
|
|
notify:
|
|
- Restart {{ item }} container
|
|
|
|
- name: Copy over ceph.conf
|
|
template:
|
|
src: "{{ node_custom_config }}/nova/ceph.conf"
|
|
dest: "{{ node_config_directory }}/{{ item }}/"
|
|
mode: "0660"
|
|
become: true
|
|
with_items:
|
|
- nova-compute
|
|
- nova-libvirt
|
|
when:
|
|
- inventory_hostname in groups['compute']
|
|
- nova_backend == "rbd"
|
|
notify:
|
|
- Restart {{ item }} container
|
|
|
|
- name: Pushing nova secret xml for libvirt
|
|
template:
|
|
src: "secret.xml.j2"
|
|
dest: "{{ node_config_directory }}/nova-libvirt/secrets/{{ item.uuid }}.xml"
|
|
mode: "0600"
|
|
become: true
|
|
when:
|
|
- inventory_hostname in groups['compute']
|
|
- item.enabled | bool
|
|
with_items:
|
|
- uuid: "{{ rbd_secret_uuid }}"
|
|
name: "client.nova secret"
|
|
enabled: "{{ nova_backend == 'rbd' }}"
|
|
- uuid: "{{ cinder_rbd_secret_uuid }}"
|
|
name: "client.cinder secret"
|
|
enabled: "{{ cinder_backend_ceph }}"
|
|
notify:
|
|
- Restart nova-libvirt container
|
|
|
|
- name: Extract nova key from file
|
|
local_action: shell cat "{{ nova_cephx_keyring_file.stat.path }}" | grep -E 'key\s*=' | awk '{ print $3 }'
|
|
changed_when: false
|
|
run_once: True
|
|
register: nova_cephx_raw_key
|
|
when:
|
|
- nova_backend == "rbd"
|
|
- external_ceph_cephx_enabled | bool
|
|
|
|
- name: Extract cinder key from file
|
|
local_action: shell cat "{{ cinder_cephx_keyring_file.stat.path }}" | grep -E 'key\s*=' | awk '{ print $3 }'
|
|
changed_when: false
|
|
run_once: True
|
|
register: cinder_cephx_raw_key
|
|
when:
|
|
- cinder_backend_ceph | bool
|
|
- external_ceph_cephx_enabled | bool
|
|
|
|
- name: Pushing secrets key for libvirt
|
|
copy:
|
|
content: "{{ item.result.stdout }}"
|
|
dest: "{{ node_config_directory }}/nova-libvirt/secrets/{{ item.uuid }}.base64"
|
|
mode: "0600"
|
|
become: true
|
|
when:
|
|
- inventory_hostname in groups['compute']
|
|
- item.enabled | bool
|
|
- external_ceph_cephx_enabled | bool
|
|
with_items:
|
|
- uuid: "{{ rbd_secret_uuid }}"
|
|
result: "{{ nova_cephx_raw_key }}"
|
|
enabled: "{{ nova_backend == 'rbd' }}"
|
|
- uuid: "{{ cinder_rbd_secret_uuid }}"
|
|
result: "{{ cinder_cephx_raw_key }}"
|
|
enabled: "{{ cinder_backend_ceph }}"
|
|
notify:
|
|
- Restart nova-libvirt container
|
|
|
|
- name: Ensuring config directory has correct owner and permission
|
|
become: true
|
|
file:
|
|
path: "{{ node_config_directory }}/{{ item }}"
|
|
recurse: yes
|
|
owner: "{{ config_owner_user }}"
|
|
group: "{{ config_owner_group }}"
|
|
with_items:
|
|
- "nova-compute"
|
|
- "nova-libvirt/secrets"
|
|
when: inventory_hostname in groups['compute']
|