File ardana-nova-8.0+git.1601298847.dd01585.obscpio of Package ardana-nova
07070100000000000081A40000000000000000000000015F71E19F00000236000000000000000000000000000000000000003800000000ardana-nova-8.0+git.1601298847.dd01585/.copyrightignore.copyrightignore
roles/NOV-CMP-KVM/files/etc/libvirt/libvirtd.conf
roles/NOV-CMP-KVM/files/etc/default/libvirtd
roles/NOV-CMP-KVM/files/etc/apparmor.d/usr.sbin.libvirtd
roles/NOV-CMP-KVM/files/etc/apparmor.d/usr.lib.libvirt.virt-aa-helper
roles/NOV-CMP-KVM/files/etc/apparmor.d/abstractions/nameservice
roles/NOV-CMP-KVM/files/etc/apparmor.d/abstractions/libvirt-qemu
roles/NOV-CMP-KVM/files/etc/apparmor.d/abstractions/consoles
roles/NOV-CMP-KVM/files/etc/apparmor.d/abstractions/base
roles/NOV-CMP-KVM/files/local.te
tox.ini
test-requirements.txt
requirements.txt
07070100000001000081A40000000000000000000000015F71E19F000000EF000000000000000000000000000000000000003200000000ardana-nova-8.0+git.1601298847.dd01585/.gitignore*.DS_Store
*.egg*
*.log
*.mo
*.pyc
*.swo
*.swp
*.sqlite
*~
.autogenerated
.coverage
.project
.pydevproject
.ropeproject
.testrepository/
.tox
.idea
.venv
tags
build/*
coverage.xml
cover/*
covhtml
doc/source/api/*
doc/build/*
nosetests.xml
07070100000002000081A40000000000000000000000015F71E19F00000080000000000000000000000000000000000000003200000000ardana-nova-8.0+git.1601298847.dd01585/.gitreview[gerrit]
host=gerrit.suse.provo.cloud
port=29418
project=ardana/nova-ansible.git
defaultremote=ardana
defaultbranch=stable/pike
07070100000003000081A40000000000000000000000015F71E19F00000063000000000000000000000000000000000000003500000000ardana-nova-8.0+git.1601298847.dd01585/.rsync-filter- ardana-ci
- *requirements.txt
- HACKING.rst
- README.md
- agent.yaml
- setup.*
- tests
- tox.ini
07070100000004000081A40000000000000000000000015F71E19F00000158000000000000000000000000000000000000003300000000ardana-nova-8.0+git.1601298847.dd01585/.testr.conf[DEFAULT]
test_command=OS_STDOUT_CAPTURE=${OS_STDOUT_CAPTURE:-1} \
OS_STDERR_CAPTURE=${OS_STDERR_CAPTURE:-1} \
OS_TEST_TIMEOUT=${OS_TEST_TIMEOUT:-160} \
${PYTHON:-python} -m subunit.run discover -t ./ ${OS_TEST_PATH:-./tests} $LISTOPT $IDOPTION
test_id_option=--load-list $IDFILE
test_list_option=--list
07070100000005000081A40000000000000000000000015F71E19F000002DB000000000000000000000000000000000000003300000000ardana-nova-8.0+git.1601298847.dd01585/HACKING.rst..
(c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
(c) Copyright 2017 SUSE LLC
Licensed under the Apache License, Version 2.0 (the "License"); you may
not use this file except in compliance with the License. You may obtain
a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
License for the specific language governing permissions and limitations
under the License.
This has been centralised to:
ardana-dev-tools/doc/ardana-ansible-guide/ansible-style-guide.md
07070100000006000081A40000000000000000000000015F71E19F0000279F000000000000000000000000000000000000002F00000000ardana-nova-8.0+git.1601298847.dd01585/LICENSE
Apache License
Version 2.0, January 2004
http://www.apache.org/licenses/
TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
1. Definitions.
"License" shall mean the terms and conditions for use, reproduction,
and distribution as defined by Sections 1 through 9 of this document.
"Licensor" shall mean the copyright owner or entity authorized by
the copyright owner that is granting the License.
"Legal Entity" shall mean the union of the acting entity and all
other entities that control, are controlled by, or are under common
control with that entity. For the purposes of this definition,
"control" means (i) the power, direct or indirect, to cause the
direction or management of such entity, whether by contract or
otherwise, or (ii) ownership of fifty percent (50%) or more of the
outstanding shares, or (iii) beneficial ownership of such entity.
"You" (or "Your") shall mean an individual or Legal Entity
exercising permissions granted by this License.
"Source" form shall mean the preferred form for making modifications,
including but not limited to software source code, documentation
source, and configuration files.
"Object" form shall mean any form resulting from mechanical
transformation or translation of a Source form, including but
not limited to compiled object code, generated documentation,
and conversions to other media types.
"Work" shall mean the work of authorship, whether in Source or
Object form, made available under the License, as indicated by a
copyright notice that is included in or attached to the work
(an example is provided in the Appendix below).
"Derivative Works" shall mean any work, whether in Source or Object
form, that is based on (or derived from) the Work and for which the
editorial revisions, annotations, elaborations, or other modifications
represent, as a whole, an original work of authorship. For the purposes
of this License, Derivative Works shall not include works that remain
separable from, or merely link (or bind by name) to the interfaces of,
the Work and Derivative Works thereof.
"Contribution" shall mean any work of authorship, including
the original version of the Work and any modifications or additions
to that Work or Derivative Works thereof, that is intentionally
submitted to Licensor for inclusion in the Work by the copyright owner
or by an individual or Legal Entity authorized to submit on behalf of
the copyright owner. For the purposes of this definition, "submitted"
means any form of electronic, verbal, or written communication sent
to the Licensor or its representatives, including but not limited to
communication on electronic mailing lists, source code control systems,
and issue tracking systems that are managed by, or on behalf of, the
Licensor for the purpose of discussing and improving the Work, but
excluding communication that is conspicuously marked or otherwise
designated in writing by the copyright owner as "Not a Contribution."
"Contributor" shall mean Licensor and any individual or Legal Entity
on behalf of whom a Contribution has been received by Licensor and
subsequently incorporated within the Work.
2. Grant of Copyright License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
copyright license to reproduce, prepare Derivative Works of,
publicly display, publicly perform, sublicense, and distribute the
Work and such Derivative Works in Source or Object form.
3. Grant of Patent License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
(except as stated in this section) patent license to make, have made,
use, offer to sell, sell, import, and otherwise transfer the Work,
where such license applies only to those patent claims licensable
by such Contributor that are necessarily infringed by their
Contribution(s) alone or by combination of their Contribution(s)
with the Work to which such Contribution(s) was submitted. If You
institute patent litigation against any entity (including a
cross-claim or counterclaim in a lawsuit) alleging that the Work
or a Contribution incorporated within the Work constitutes direct
or contributory patent infringement, then any patent licenses
granted to You under this License for that Work shall terminate
as of the date such litigation is filed.
4. Redistribution. You may reproduce and distribute copies of the
Work or Derivative Works thereof in any medium, with or without
modifications, and in Source or Object form, provided that You
meet the following conditions:
(a) You must give any other recipients of the Work or
Derivative Works a copy of this License; and
(b) You must cause any modified files to carry prominent notices
stating that You changed the files; and
(c) You must retain, in the Source form of any Derivative Works
that You distribute, all copyright, patent, trademark, and
attribution notices from the Source form of the Work,
excluding those notices that do not pertain to any part of
the Derivative Works; and
(d) If the Work includes a "NOTICE" text file as part of its
distribution, then any Derivative Works that You distribute must
include a readable copy of the attribution notices contained
within such NOTICE file, excluding those notices that do not
pertain to any part of the Derivative Works, in at least one
of the following places: within a NOTICE text file distributed
as part of the Derivative Works; within the Source form or
documentation, if provided along with the Derivative Works; or,
within a display generated by the Derivative Works, if and
wherever such third-party notices normally appear. The contents
of the NOTICE file are for informational purposes only and
do not modify the License. You may add Your own attribution
notices within Derivative Works that You distribute, alongside
or as an addendum to the NOTICE text from the Work, provided
that such additional attribution notices cannot be construed
as modifying the License.
You may add Your own copyright statement to Your modifications and
may provide additional or different license terms and conditions
for use, reproduction, or distribution of Your modifications, or
for any such Derivative Works as a whole, provided Your use,
reproduction, and distribution of the Work otherwise complies with
the conditions stated in this License.
5. Submission of Contributions. Unless You explicitly state otherwise,
any Contribution intentionally submitted for inclusion in the Work
by You to the Licensor shall be under the terms and conditions of
this License, without any additional terms or conditions.
Notwithstanding the above, nothing herein shall supersede or modify
the terms of any separate license agreement you may have executed
with Licensor regarding such Contributions.
6. Trademarks. This License does not grant permission to use the trade
names, trademarks, service marks, or product names of the Licensor,
except as required for reasonable and customary use in describing the
origin of the Work and reproducing the content of the NOTICE file.
7. Disclaimer of Warranty. Unless required by applicable law or
agreed to in writing, Licensor provides the Work (and each
Contributor provides its Contributions) on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
implied, including, without limitation, any warranties or conditions
of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
PARTICULAR PURPOSE. You are solely responsible for determining the
appropriateness of using or redistributing the Work and assume any
risks associated with Your exercise of permissions under this License.
8. Limitation of Liability. In no event and under no legal theory,
whether in tort (including negligence), contract, or otherwise,
unless required by applicable law (such as deliberate and grossly
negligent acts) or agreed to in writing, shall any Contributor be
liable to You for damages, including any direct, indirect, special,
incidental, or consequential damages of any character arising as a
result of this License or out of the use or inability to use the
Work (including but not limited to damages for loss of goodwill,
work stoppage, computer failure or malfunction, or any and all
other commercial damages or losses), even if such Contributor
has been advised of the possibility of such damages.
9. Accepting Warranty or Additional Liability. While redistributing
the Work or Derivative Works thereof, You may choose to offer,
and charge a fee for, acceptance of support, warranty, indemnity,
or other liability obligations and/or rights consistent with this
License. However, in accepting such obligations, You may act only
on Your own behalf and on Your sole responsibility, not on behalf
of any other Contributor, and only if You agree to indemnify,
defend, and hold each Contributor harmless for any liability
incurred by, or claims asserted against, such Contributor by reason
of your accepting any such warranty or additional liability.
07070100000007000041ED0000000000000000000000025F71E19F00000000000000000000000000000000000000000000002F00000000ardana-nova-8.0+git.1601298847.dd01585/NOV_MON07070100000008000081A40000000000000000000000015F71E19F00000000000000000000000000000000000000000000003B00000000ardana-nova-8.0+git.1601298847.dd01585/NOV_MON/__init__.py07070100000009000081A40000000000000000000000015F71E19F00000C91000000000000000000000000000000000000004700000000ardana-nova-8.0+git.1601298847.dd01585/NOV_MON/nova_heartbeat_check.py#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
import socket
import keystoneclient
import keystoneclient.auth.identity.v3
import keystoneclient.session
import monasca_agent.collector.checks as checks
from novaclient import client as novacli
THIS_HOST = socket.gethostname()
OK = 0
WARN = 1
FAIL = 2
UNKNOWN = 3
def metric(message=None, state=FAIL, **kwargs):
dims = {'observer_hostname': THIS_HOST,
'service': 'compute'}
dims.update(kwargs)
metric = {
'metric': 'nova.heartbeat',
'dimensions': dims,
'value': state,
}
if message:
metric['value_meta'] = {'msg': message}
return metric
class NovaHeartbeatCheck(checks.AgentCheck):
def __init__(self, name, init_config, agent_config, instances=None):
super(NovaHeartbeatCheck, self).__init__(
name, init_config, agent_config, instances=instances)
self.client = None
def _get_client(self):
key_args = self.init_config['keystone']
auth = keystoneclient.auth.identity.v3.Password(**key_args)
sess = keystoneclient.session.Session(auth=auth)
nova_args = self.init_config['nova']
return novacli.Client(2, session=sess, **nova_args)
def _get_state(self, service):
if service.state == 'up' or service.status == 'disabled':
return OK
return FAIL
def _gather_metrics(self):
if not self.client:
self.client = self._get_client()
services = self.client.services.list(host=THIS_HOST)
# [{"status": "enabled",
# "binary": "nova-compute",
# "zone": "nova",
# "state": "down",
# "updated_at": "2015-10-03T02:33:38.000000",
# "host": "standard-ccp-compute0001-mgmt",
# "disabled_reason": null,
# "id": 31}]
return [metric(state=self._get_state(service),
hostname=service.host,
component=service.binary)
for service in services]
def check(self, instance):
metrics = self._gather_metrics()
self.log.debug("Collected %d heartbeat metrics", len(metrics))
for metric in metrics:
# apply any instance dimensions that may be configured,
# overriding any dimension with same key that check has set.
metric['dimensions'] = self._set_dimensions(
metric['dimensions'], instance)
try:
self.gauge(**metric)
except Exception as e: # noqa
self.log.error('Exception while reporting metric: %s' % e)
0707010000000A000081A40000000000000000000000015F71E19F00000F74000000000000000000000000000000000000003100000000ardana-nova-8.0+git.1601298847.dd01585/README.md<!--
(c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP
(c) Copyright 2017 SUSE LLC
Licensed under the Apache License, Version 2.0 (the "License"); you may
not use this file except in compliance with the License. You may obtain
a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
License for the specific language governing permissions and limitations
under the License.
-->
NOVA-ANSIBLE
============
This repo contains the following roles and role specific tasks:
- NOV-API - API service.
- NOV-CLI - Contains tasks that use the nova client.
- availability_zones - Configure availability zones - used by nova-cloud-configure.
- nova-common - Common variables and tasks across services.
- _configure_policy - Configure policy for service.
- _configure_rootwrap - Configure rootwrap for service.
- _service_status - Check and report status of service.
- _set_directories - Set directories (etc, bin, conf) for service.
- _singleton_service_status - Check and report status of a singleton service.
- _write_conf - Create a file, maintaining backup copies.
- NOV-CMP - Compute service which requires one of the hypervisors.
- NOV-CMP-ESX - ESX hypervisor.
- NOV-CMP-IRN - Ironic hypervisor.
- NOV-CMP-KVM - KVM hypervisor.
- NOV-CND - Conductor service.
- NOV-CAU - Consoleauth service.
- nova-monasca - Monitoring
- heartbeat_alarm - Install and configure a heartbeat check.
- _monitor_libvirt - Run Monasca agent libvirt detection plugin.
- process_bounds_alarm - Run a check on the number of nova-api processes.
- start - Run Monasca agent Nova detection plugin.
- nova-post-configure - Configuration operations that are run after all
services are configured.
- db_configure - Configure the nova database.
- db_contract - Remove rows/columns etc. from the nova database during
upgrade.
- db_create - Create the nova database.
- db_expand - Add rows/columns etc. to the nova database during upgrade.
- keystone_conf - Configure the Keystone service for nova.
- rabbit_configure - Configure the RabbitMQ service for nova.
- create_defalut_flavors - Add the default flavors if they don't exist.
- NOV-SCH - Scheduler service
- NOV-SCH-IRN - Ironic specific configuration for nova scheduler service.
- NOV-VNC - VNC service
Within each service role the following tasks may exist:
- check_upgraded_packages - Notify the restart handler when a service needs
to be restarted due to a package being updated.
- configure - Configure the service.
- install - Install the service.
- start - Start the service.
- status - Report status of the service.
- stop - Stop the service.
Top level playbooks:
- _nova-check-upgraded-packages - Check upgraded packages for all nova services - used by upgrade.
- nova-cloud-configure - Cloud configuration - optionally run manually by users.
- nova-configure - Configure all nova components - used by deploy & reconfigure.
- nova-deploy - Deploy the service (install, configure and start).
- _nova-install - Install all nova components - used by deploy & upgrade.
- _nova-post-configure - Post configuration operations - used by deploy & reconfigure.
- _nova-post-deploy - Post deploy operations - used by deploy & reconfigure.
- nova-reconfigure - Reconfigure all nova components.
- nova-start - Start all nova services.
- nova-status - Status of all nova services.
- nova-stop - Stop all nova services.
- nova-upgrade - Upgrade all nova components.
0707010000000B000081A40000000000000000000000015F71E19F0000069C000000000000000000000000000000000000004900000000ardana-nova-8.0+git.1601298847.dd01585/_nova-check-upgraded-packages.yml#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- hosts: NOV-CND
roles:
- NOV-CND
tasks:
- include: roles/NOV-CND/tasks/check_upgraded_packages.yml
- hosts: NOV-API
roles:
- NOV-API
tasks:
- include: roles/NOV-API/tasks/check_upgraded_packages.yml
- hosts: NOV-CAU
roles:
- NOV-CAU
tasks:
- include: roles/NOV-CAU/tasks/check_upgraded_packages.yml
- hosts: NOV-SCH
roles:
- NOV-SCH
tasks:
- include: roles/NOV-SCH/tasks/check_upgraded_packages.yml
- hosts: NOV-VNC
roles:
- NOV-VNC
tasks:
- include: roles/NOV-VNC/tasks/check_upgraded_packages.yml
- hosts: NOV-KVM
roles:
- NOV-CMP-KVM
tasks:
- include: roles/NOV-CMP-KVM/tasks/check_upgraded_packages.yml
- hosts: NOV-ESX
roles:
- NOV-CMP-ESX
tasks:
- include: roles/NOV-CMP-ESX/tasks/check_upgraded_packages.yml
- hosts: NOV-CMP-IRN
roles:
- NOV-CMP-IRN
tasks:
- include: roles/NOV-CMP-IRN/tasks/check_upgraded_packages.yml
- hosts: NOV-CMP
roles:
- NOV-CMP
tasks:
- include: roles/NOV-CMP/tasks/check_upgraded_packages.yml
0707010000000C000081A40000000000000000000000015F71E19F0000075A000000000000000000000000000000000000003B00000000ardana-nova-8.0+git.1601298847.dd01585/_nova-configure.yml#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017,2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- hosts: NOV-CND
roles:
- NOV-CND
tasks:
- include: roles/NOV-CND/tasks/configure.yml
- hosts: NOV-API
roles:
- NOV-API
tasks:
- include: roles/NOV-API/tasks/configure.yml
- hosts: NOV-CAU
roles:
- NOV-CAU
tasks:
- include: roles/NOV-CAU/tasks/configure.yml
- hosts: NOV-SCH
roles:
- NOV-SCH
tasks:
- include: roles/NOV-SCH/tasks/configure.yml
- hosts: NOV-SCH-IRN
roles:
- NOV-SCH-IRN
tasks:
- include: roles/NOV-SCH-IRN/tasks/configure.yml
- hosts: NOV-VNC
roles:
- NOV-VNC
tasks:
- include: roles/NOV-VNC/tasks/configure.yml
- hosts: NOV-KVM
roles:
- NOV-CMP-KVM
tasks:
- include: roles/NOV-CMP-KVM/tasks/configure.yml
- hosts: NOV-ESX
roles:
- NOV-CMP-ESX
tasks:
- include: roles/NOV-CMP-ESX/tasks/configure.yml
- hosts: NOV-CMP-IRN
roles:
- NOV-CMP-IRN
tasks:
- include: roles/NOV-CMP-IRN/tasks/configure.yml
- hosts: NOV-CMP-HYP
roles:
- NOV-CMP-HYP
tasks:
- include: roles/NOV-CMP-HYP/tasks/configure.yml
- hosts: NOV-CMP
roles:
- NOV-CMP
tasks:
- include: roles/NOV-CMP/tasks/configure.yml
# after everything is running, turn on monitoring
- include: nova-configure-monasca.yml
0707010000000D000081A40000000000000000000000015F71E19F000006FD000000000000000000000000000000000000003900000000ardana-nova-8.0+git.1601298847.dd01585/_nova-install.yml#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- hosts: NOV-CND
roles:
- NOV-CND
tasks:
- include: roles/NOV-CND/tasks/install.yml
- hosts: NOV-API
roles:
- NOV-API
tasks:
- include: roles/NOV-API/tasks/install.yml
- hosts: NOV-CAU
roles:
- NOV-CAU
tasks:
- include: roles/NOV-CAU/tasks/install.yml
- hosts: NOV-SCH
roles:
- NOV-SCH
tasks:
- include: roles/NOV-SCH/tasks/install.yml
- hosts: NOV-SCH-IRN
roles:
- NOV-SCH-IRN
tasks:
- include: roles/NOV-SCH-IRN/tasks/install.yml
# Hypervisors depend on the nova-compute/etc/nova directory existing
# during install - so compute must come before hypervisors
- hosts: NOV-CMP
roles:
- NOV-CMP
tasks:
- include: roles/NOV-CMP/tasks/install.yml
- hosts: NOV-VNC
roles:
- NOV-VNC
tasks:
- include: roles/NOV-VNC/tasks/install.yml
- hosts: NOV-KVM
roles:
- NOV-CMP-KVM
tasks:
- include: roles/NOV-CMP-KVM/tasks/install.yml
- hosts: NOV-CMP-IRN
roles:
- NOV-CMP-IRN
tasks:
- include: roles/NOV-CMP-IRN/tasks/install.yml
- hosts: NOV-CMP-HYP
roles:
- NOV-CMP-HYP
tasks:
- include: roles/NOV-CMP-HYP/tasks/install.yml
0707010000000E000081A40000000000000000000000015F71E19F00000786000000000000000000000000000000000000004000000000ardana-nova-8.0+git.1601298847.dd01585/_nova-post-configure.yml#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
# Configure Nova database
- hosts: NOV-API
# NOV-API is required here because database upgrades rely on nova-manage
# and configuration found in the nova api configuration
roles:
- NOV-API
- nova-post-configure
# All these tasks should be set to run-once
tasks:
- include: roles/nova-post-configure/tasks/db_configure.yml
# Configure keystone
- hosts: NOV-API
roles:
- nova-post-configure
# This task should be set to run-once
tasks:
- include: roles/nova-post-configure/tasks/keystone_conf.yml
ansible_python_interpreter:
"{{ KEY_CLI.vars.keystone_client_python_interpreter }}"
- hosts: NOV-API
roles:
- NOV-API
tasks:
- include: roles/nova-common/tasks/post-configure.yml
- hosts: NOV-CMP
roles:
- NOV-CMP
tasks:
- include: roles/nova-common/tasks/post-configure.yml
- hosts: NOV-CND
roles:
- NOV-CND
tasks:
- include: roles/nova-common/tasks/post-configure.yml
- hosts: NOV-CAU
roles:
- NOV-CAU
tasks:
- include: roles/nova-common/tasks/post-configure.yml
- hosts: NOV-VNC
roles:
- NOV-VNC
tasks:
- include: roles/nova-common/tasks/post-configure.yml
- hosts: NOV-SCH
roles:
- NOV-SCH
tasks:
- include: roles/nova-common/tasks/post-configure.yml
0707010000000F000081A40000000000000000000000015F71E19F00000434000000000000000000000000000000000000003D00000000ardana-nova-8.0+git.1601298847.dd01585/_nova-post-deploy.yml#
# (c) Copyright 2016-2017 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
# Create the default flavors. The operations are idempotent.
- hosts: NOV-API
roles:
- NOV-API
- nova-post-configure
# All these tasks should be set to run-once
tasks:
- include: roles/nova-post-configure/tasks/create_default_flavors.yml
ansible_python_interpreter:
"{{ NOV_CLI.vars.nova_client_python_interpreter }}"
- include: roles/nova-post-configure/tasks/discover_hosts_post_deploy.yml07070100000010000081A40000000000000000000000015F71E19F0000046B000000000000000000000000000000000000005000000000ardana-nova-8.0+git.1601298847.dd01585/_nova-reconfigure-credentials-change.yml#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
# mysql and rabbit passwords are changed centrally, we need to update the
# config files with the new values from the CP.
- include: _nova-configure.yml
# change keystone password
- hosts: NOV-API
roles:
- nova-post-configure
# This task should be set to run-once
tasks:
- include: roles/nova-post-configure/tasks/keystone_change_password.yml
ansible_python_interpreter:
"{{ KEY_CLI.vars.keystone_client_python_interpreter }}"
- include: nova-start.yml
07070100000011000081A40000000000000000000000015F71E19F000002E2000000000000000000000000000000000000004200000000ardana-nova-8.0+git.1601298847.dd01585/_nova-schedule-restart.yml#
# (c) Copyright 2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
# Schedule a restart of all nova services using ardana_notify_... variables
- hosts: all
tasks:
- include: roles/nova-common/tasks/_schedule_restart.yml07070100000012000081A40000000000000000000000015F71E19F00000044000000000000000000000000000000000000003200000000ardana-nova-8.0+git.1601298847.dd01585/agent.yaml# This has to exist but apparently the contents are optional
---
{}
07070100000013000041ED0000000000000000000000045F71E19F00000000000000000000000000000000000000000000003100000000ardana-nova-8.0+git.1601298847.dd01585/ardana-ci07070100000014000041ED0000000000000000000000035F71E19F00000000000000000000000000000000000000000000003900000000ardana-nova-8.0+git.1601298847.dd01585/ardana-ci/project07070100000015000041ED0000000000000000000000035F71E19F00000000000000000000000000000000000000000000004500000000ardana-nova-8.0+git.1601298847.dd01585/ardana-ci/project/input-model07070100000016000041ED0000000000000000000000025F71E19F00000000000000000000000000000000000000000000004A00000000ardana-nova-8.0+git.1601298847.dd01585/ardana-ci/project/input-model/data07070100000017000081A40000000000000000000000015F71E19F0000097B000000000000000000000000000000000000005C00000000ardana-nova-8.0+git.1601298847.dd01585/ardana-ci/project/input-model/data/control_plane.yml#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
product:
version: 2
control-planes:
- name: ccp
control-plane-prefix: ccp
region-name: region1
failure-zones:
- AZ1
- AZ2
- AZ3
common-service-components:
- lifecycle-manager-target
clusters:
- name: cluster0
cluster-prefix: c0
server-role:
- ARDANA-ROLE
member-count: 1
allocation-policy: strict
service-components:
- lifecycle-manager
- ntp-client
- openstack-client
- tempest
- name: cluster1
cluster-prefix: c1
server-role:
- CONTROLLER-ROLE
member-count: 3
allocation-policy: strict
service-components:
- ntp-server
- mysql
- ip-cluster
- keystone-api
- keystone-client
- rabbitmq
- glance-api:
ha_mode: false
glance_stores: 'file'
glance_default_store: 'file'
- glance-registry
- glance-client
- nova-api
- nova-scheduler
- nova-conductor
- nova-console-auth
- nova-novncproxy
- neutron-server
- neutron-ml2-plugin
- neutron-vpn-agent
- neutron-dhcp-agent
- neutron-metadata-agent
- neutron-openvswitch-agent
- neutron-client
resources:
- name: resource
resource-prefix: res
server-role:
- COMPUTE-ROLE
allocation-policy: any
service-components:
- ntp-client
- nova-compute-kvm
- nova-compute
- neutron-l3-agent
- neutron-metadata-agent
- neutron-openvswitch-agent
- neutron-lbaasv2-agent
07070100000018000081A40000000000000000000000015F71E19F000003AB000000000000000000000000000000000000005C00000000ardana-nova-8.0+git.1601298847.dd01585/ardana-ci/project/input-model/data/memory_models.yml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
product:
version: 2
memory-models:
- name: COMPUTE-MEMORY-NUMA
default-huge-page-size: 2M
huge-pages:
- size: 2M
count: 10
numa-node: 0
- size: 1G
count: 1
numa-node: 0
- size: 1G
count: 1
- size: 2M
count: 10
07070100000019000081A40000000000000000000000015F71E19F000004C0000000000000000000000000000000000000005D00000000ardana-nova-8.0+git.1601298847.dd01585/ardana-ci/project/input-model/data/net_interfaces.yml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
product:
version: 2
interface-models:
- name: NET-INTERFACES
network-interfaces:
- name: hed1
device:
name: hed1
network-groups:
- MANAGEMENT
- name: hed2
device:
name: hed2
network-groups:
- ARDANA
- name: hed3
device:
name: hed3
network-groups:
- EXTERNAL-VM
- name: hed4
device:
name: hed4
pci-pt: true
network-groups:
- GUEST
0707010000001A000081A40000000000000000000000015F71E19F00000755000000000000000000000000000000000000005D00000000ardana-nova-8.0+git.1601298847.dd01585/ardana-ci/project/input-model/data/network_groups.yml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
product:
version: 2
network-groups:
- name: ARDANA
hostname-suffix: ardana
component-endpoints:
- lifecycle-manager
- lifecycle-manager-target
- name: MANAGEMENT
hostname-suffix: mgmt
hostname: true
tags:
- neutron.networks.vxlan
- neutron.networks.vlan:
provider-physical-network: physnet1
# tls-component-endpoints:
# - barbican-api
component-endpoints:
- default
# routes:
# - default
load-balancers:
- provider: ip-cluster
name: lb
components:
- default
roles:
- internal
- admin
cert-file: ardana-internal-cert
- provider: ip-cluster
name: extlb
external-name: myardana.test
components:
- default
roles:
- public
cert-file: my-public-project-cert
- name: EXTERNAL-VM
tags:
- neutron.l3_agent.external_network_bridge
- name: GUEST
hostname-suffix: guest
tags:
- neutron.networks.vlan:
provider-physical-network: physnet3
tenant-vlan-id-range: 3070:3071
0707010000001B000081A40000000000000000000000015F71E19F000004D2000000000000000000000000000000000000005700000000ardana-nova-8.0+git.1601298847.dd01585/ardana-ci/project/input-model/data/networks.yml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
product:
version: 2
networks:
- name: ARDANA-NET
vlanid: 101
tagged-vlan: false
cidr: 192.168.110.0/24
gateway-ip: 192.168.110.1
network-group: ARDANA
- name: MANAGEMENT-NET
vlanid: 102
tagged-vlan: false
cidr: 192.168.245.0/24
gateway-ip: 192.168.245.1
network-group: MANAGEMENT
- name: EXTERNAL-VM-NET
vlanid: 103
network-group: EXTERNAL-VM
- name: GUEST-NET
vlanid: 3070
tagged-vlan: false
cidr: 192.168.16.0/24
gateway-ip: 192.168.16.1
network-group: GUEST
0707010000001C000081A40000000000000000000000015F71E19F000005DC000000000000000000000000000000000000005B00000000ardana-nova-8.0+git.1601298847.dd01585/ardana-ci/project/input-model/data/nic_mappings.yml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
product:
version: 2
nic-mappings:
- name: VAGRANT
physical-ports:
- logical-name: hed1
type: simple-port
bus-address: "0000:00:06.0"
- logical-name: hed2
type: simple-port
bus-address: "0000:00:07.0"
- logical-name: hed3
type: simple-port
bus-address: "0000:00:08.0"
- logical-name: hed4
type: simple-port
bus-address: "0000:00:09.0"
#Used for PCI-PT
nic-device-type: "8086:10fb"
- logical-name: hed5
type: simple-port
bus-address: "0000:00:0a.0"
- logical-name: hed6
type: simple-port
bus-address: "0000:00:0b.0"
- logical-name: hed7
type: simple-port
bus-address: "0000:00:0c.0"
- logical-name: hed8
type: simple-port
bus-address: "0000:00:0d.0"
0707010000001D000081A40000000000000000000000015F71E19F0000050A000000000000000000000000000000000000005C00000000ardana-nova-8.0+git.1601298847.dd01585/ardana-ci/project/input-model/data/server_groups.yml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
product:
version: 2
server-groups:
#
# At the top of the tree we have a
# group for any global networks
#
- name: CLOUD
server-groups:
- AZ1
- AZ2
- AZ3
networks:
- ARDANA-NET
- MANAGEMENT-NET
- EXTERNAL-VM-NET
- GUEST-NET
#
# Create a group for each failure zone
#
- name: AZ1
server-groups:
- RACK1
- name: AZ2
server-groups:
- RACK2
- name: AZ3
server-groups:
- RACK3
#
# Create a group for each rack zone
#
- name: RACK1
- name: RACK2
- name: RACK3
0707010000001E000081A40000000000000000000000015F71E19F000003CB000000000000000000000000000000000000005B00000000ardana-nova-8.0+git.1601298847.dd01585/ardana-ci/project/input-model/data/server_roles.yml#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
product:
version: 2
server-roles:
- name: ARDANA-ROLE
interface-model: NET-INTERFACES
disk-model: DISKS
- name: CONTROLLER-ROLE
interface-model: NET-INTERFACES
disk-model: DISKS
- name: COMPUTE-ROLE
interface-model: NET-INTERFACES
disk-model: DISKS
memory-model: COMPUTE-MEMORY-NUMA
0707010000001F000081A40000000000000000000000015F71E19F00000842000000000000000000000000000000000000005600000000ardana-nova-8.0+git.1601298847.dd01585/ardana-ci/project/input-model/data/servers.yml#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
product:
version: 2
baremetal:
netmask: 255.255.255.0
subnet: 192.168.110.0
server-interface: eth2
servers:
- id: server1
ip-addr: 192.168.110.3
role: ARDANA-ROLE
server-group: RACK1
mac-addr: a4:93:0c:4f:7c:73
nic-mapping: VAGRANT
ilo-ip: 192.168.109.3
ilo-password: password
ilo-user: admin
- id: controller1
ip-addr: 192.168.110.4
role: CONTROLLER-ROLE
server-group: RACK1
mac-addr: b2:72:8d:ac:7c:6f
nic-mapping: VAGRANT
ilo-ip: 192.168.109.4
ilo-password: password
ilo-user: admin
- id: controller2
ip-addr: 192.168.110.5
role: CONTROLLER-ROLE
server-group: RACK2
mac-addr: 8a:8e:64:55:43:76
nic-mapping: VAGRANT
ilo-ip: 192.168.109.5
ilo-password: password
ilo-user: admin
- id: controller3
ip-addr: 192.168.110.6
role: CONTROLLER-ROLE
server-group: RACK3
mac-addr: 26:67:3e:49:5a:a7
nic-mapping: VAGRANT
ilo-ip: 192.168.109.6
ilo-password: password
ilo-user: admin
- id: compute1
ip-addr: 192.168.110.7
role: COMPUTE-ROLE
server-group: RACK1
mac-addr: d6:70:c1:36:43:f7
nic-mapping: VAGRANT
ilo-ip: 192.168.109.7
ilo-password: password
ilo-user: admin
- id: compute2
ip-addr: 192.168.110.8
role: COMPUTE-ROLE
server-group: RACK2
mac-addr: 8e:8e:62:a6:ce:76
nic-mapping: VAGRANT
ilo-ip: 192.168.109.8
ilo-password: password
ilo-user: admin
07070100000020000041ED0000000000000000000000025F71E19F00000000000000000000000000000000000000000000003700000000ardana-nova-8.0+git.1601298847.dd01585/ardana-ci/tests07070100000021000081A40000000000000000000000015F71E19F0000048E000000000000000000000000000000000000005100000000ardana-nova-8.0+git.1601298847.dd01585/ardana-ci/tests/check-pci-passthrough.yml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- hosts: NOV-CMP
roles:
- NOV-CMP
tasks:
- include: roles/nova-common/tasks/_set_directories.yml
- name: NOV-CMP | status | Check PCI passthrough is configured
become: yes
command: awk /^pci_passthrough_whitelist\\s\=\\s\\[\\s*{/ "{{ nova_service_conf_dir }}/nova.conf"
register: checkmyconf
- name: NOV-CMP | status | Check PCI passthrough is configured
fail:
msg: "** FAILURE - PCI passthrough is not configured as expected **"
when: checkmyconf.stdout == ""
07070100000022000081ED0000000000000000000000015F71E19F0000036A000000000000000000000000000000000000004100000000ardana-nova-8.0+git.1601298847.dd01585/ardana-ci/tests/copy.bash#!/bin/bash
#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
cp ~/ardana-ci-tests/$1 ~/scratch/ansible/next/ardana/ansible
if [ -n "$2" ]
then
ansible-playbook -i hosts/verb_hosts $1 -e $2
else
ansible-playbook -i hosts/verb_hosts $1
fi
rm ~/scratch/ansible/next/ardana/ansible/$1
07070100000023000081A40000000000000000000000015F71E19F00000D83000000000000000000000000000000000000004600000000ardana-nova-8.0+git.1601298847.dd01585/ardana-ci/tests/test-plan.yaml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- name: ardana-ci | test-plan | Test huge pages - host reboot
logfile: nova-testsuite-hugepages.log
prefix: hugepages
playbooks:
- nova-compute-reboot.yml
- nova-hugepages-status.yml
- name: ardana-ci | test-plan | Test PCI whitelist configuration
logfile: nova-testsuite-pci-whitelist.log
prefix: pci-whitelist
exec:
- copy.bash check-pci-passthrough.yml
- name: ardana-ci | test-plan | Tempest tests
logfile: nova-tempest.log
prefix: tempest
exec:
- ansible-playbook -i hosts/verb_hosts nova-status.yml
tempest:
- "+tempest.api.compute.flavors.test_flavors.FlavorsV2TestJSON.test_get_flavor"
- "+tempest.api.compute.flavors.test_flavors.FlavorsV2TestJSON.test_list_flavors"
- "+tempest.api.compute.security_groups.test_security_group_rules.SecurityGroupRulesTestJSON.test_security_group_rules_create"
- "+tempest.api.compute.security_groups.test_security_group_rules.SecurityGroupRulesTestJSON.test_security_group_rules_list"
- "+tempest.api.compute.security_groups.test_security_groups.SecurityGroupsTestJSON.test_security_groups_create_list_delete"
- "+tempest.api.compute.servers.test_attach_interfaces.AttachInterfacesTestJSON.test_add_remove_fixed_ip"
- "+tempest.api.compute.servers.test_create_server.ServersTestJSON.test_list_servers"
- "+tempest.api.compute.servers.test_create_server.ServersTestJSON.test_verify_server_details"
- "+tempest.api.compute.servers.test_create_server.ServersTestManualDisk.test_list_servers"
- "+tempest.api.compute.servers.test_create_server.ServersTestManualDisk.test_verify_server_details"
- "+tempest.api.compute.servers.test_server_actions.ServerActionsTestJSON.test_reboot_server_hard"
- "+tempest.api.compute.servers.test_server_addresses.ServerAddressesTestJSON.test_list_server_addresses"
- "+tempest.api.compute.servers.test_server_addresses.ServerAddressesTestJSON.test_list_server_addresses_by_network"
- name: ardana-ci | test-plan | Test nova-reconfigure
logfile: nova-testsuite-reconfigure.log
prefix: reconfigure
playbooks:
- nova-reconfigure.yml
- name: ardana-ci | test-plan | Test start after reboot
logfile: nova-start-after-reboot.log
prefix: reboot
vms:
- reboot: controller2
exec:
- ansible-playbook -i hosts/verb_hosts nova-start.yml
- ansible-playbook -i hosts/verb_hosts nova-status.yml
- name: ardana-ci | test-plan | Test move consoleauth
logfile: nova-move-consoleauth.log
prefix: move-cau
exec:
- ansible-playbook -i hosts/verb_hosts nova-start.yml --extra-vars "consoleauth_host_index=1"
- ansible-playbook -i hosts/verb_hosts nova-status.yml
- name: ardana-ci | test-plan | Test nova-cloud-configure
logfile: nova-cloud-configure.log
prefix: cloud-configure
playbooks:
- nova-cloud-configure.yml
07070100000024000041ED0000000000000000000000025F71E19F00000000000000000000000000000000000000000000002E00000000ardana-nova-8.0+git.1601298847.dd01585/config07070100000025000081A40000000000000000000000015F71E19F00000952000000000000000000000000000000000000004000000000ardana-nova-8.0+git.1601298847.dd01585/config/nova-symlinks.yml#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# The following relative symlinks are created under the
# my_cloud/config directory.
---
symlinks:
"nova/api.conf.j2": "roles/NOV-API/templates/api.conf.j2"
"nova/api-logging.conf.j2": "roles/NOV-API/templates/api-logging.conf.j2"
"nova/compute.conf.j2": "roles/NOV-CMP/templates/compute.conf.j2"
"nova/compute-logging.conf.j2": "roles/NOV-CMP/templates/compute-logging.conf.j2"
"nova/conductor.conf.j2": "roles/NOV-CND/templates/conductor.conf.j2"
"nova/conductor-logging.conf.j2": "roles/NOV-CND/templates/conductor-logging.conf.j2"
"nova/consoleauth.conf.j2": "roles/NOV-CAU/templates/consoleauth.conf.j2"
"nova/consoleauth-logging.conf.j2": "roles/NOV-CAU/templates/consoleauth-logging.conf.j2"
"nova/esx-hypervisor.conf.j2": "roles/NOV-CMP-ESX/templates/hypervisor.conf.j2"
"nova/ironic-hypervisor.conf.j2": "roles/NOV-CMP-IRN/templates/hypervisor.conf.j2"
"nova/kvm-hypervisor.conf.j2": "roles/NOV-CMP-KVM/templates/hypervisor.conf.j2"
"nova/hyperv-hypervisor.conf.j2": "roles/NOV-CMP-HYP/templates/hypervisor.conf.j2"
"nova/nova.conf.j2": "roles/nova-common/templates/nova.conf.j2"
"nova/novncproxy.conf.j2": "roles/NOV-VNC/templates/novncproxy.conf.j2"
"nova/novncproxy-logging.conf.j2": "roles/NOV-VNC/templates/novncproxy-logging.conf.j2"
"nova/policy.json.j2": "roles/nova-common/templates/policy.json.j2"
"nova/scheduler.conf.j2": "roles/NOV-SCH/templates/scheduler.conf.j2"
"nova/scheduler-logging.conf.j2": "roles/NOV-SCH/templates/scheduler-logging.conf.j2"
"nova/api-paste.ini.j2": "roles/NOV-API/templates/api-paste.ini.j2"
"nova/api_audit_map.conf.j2": "roles/NOV-API/templates/api_audit_map.conf.j2"
"nova/libvirt-monitoring.yml": "roles/nova-monasca/vars/libvirt-monitoring.yml"
07070100000026000041ED0000000000000000000000025F71E19F00000000000000000000000000000000000000000000003600000000ardana-nova-8.0+git.1601298847.dd01585/filter_plugins07070100000027000081A40000000000000000000000015F71E19F0000090E000000000000000000000000000000000000004300000000ardana-nova-8.0+git.1601298847.dd01585/filter_plugins/groupings.py#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
import itertools
def group_by_key(ungrouped, key_name):
"""Groups dictionaries into lists if they have the same value for a given
key.
Steps though a list of dictionaries. If the values of the given key match
the dictionaries are placed in a list together. These lists are then stored
in a dictionary where the keys are the value matched. This dictionary is
then returned by the function.
"""
def keyfn(item):
return item[key_name]
groupfn = itertools.groupby(sorted(ungrouped, key=keyfn), keyfn)
grouped = {k: [i for i in g] for k, g in groupfn}
return grouped
def sum_groups_by_key(unsummed, key_name):
"""Computes the sum of the values for a given key across multiple dicts.
Steps through a dictionary of lists. Each list is a list of dictionaries.
For each dictionary in a list this function computes the sum of the value
of a given key. A dictionary with the lists replaced by the result of each
sum calculation is returned.
"""
def sumfn(count, item):
return count + item.get(key_name, 0)
summed = {k: reduce(sumfn, g, 0) for k, g in unsummed.iteritems()}
return summed
def group_sum_by_keys(ungrouped, group_key, sum_key):
"""Groups dictionaries by a common value and then returns the sum of
this a second value for each group."""
grouped = group_by_key(ungrouped, group_key)
summed = sum_groups_by_key(grouped, sum_key)
return summed
class FilterModule(object):
def filters(self):
return {"sum_groups_by_key": sum_groups_by_key,
"group_by_key": group_by_key,
"group_sum_by_keys": group_sum_by_keys}
07070100000028000081A40000000000000000000000015F71E19F000003B1000000000000000000000000000000000000004000000000ardana-nova-8.0+git.1601298847.dd01585/nova-cloud-configure.yml#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
# configure availability zones based on outputs from CP
- hosts: NOV-API
roles:
- NOV-CLI
# This task should be set to run-once
tasks:
- include: roles/NOV-CLI/tasks/availability_zones.yml
ansible_python_interpreter:
"{{ NOV_CLI.vars.nova_client_python_interpreter }}"
07070100000029000081A40000000000000000000000015F71E19F000002FF000000000000000000000000000000000000003F00000000ardana-nova-8.0+git.1601298847.dd01585/nova-compute-reboot.yml#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- hosts: NOV-CMP
roles:
- guard-cluster
- NOV-CMP
tasks:
- include: roles/NOV-CMP/tasks/reboot.yml
0707010000002A000081A40000000000000000000000015F71E19F00000563000000000000000000000000000000000000004200000000ardana-nova-8.0+git.1601298847.dd01585/nova-configure-monasca.yml#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017-2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- hosts: NOV-API:&MON-AGN
roles:
- nova-configure
# This task should be set to run-once
tasks:
- include: roles/nova-configure/tasks/keystone_conf_monasca.yml
ansible_python_interpreter:
"{{ KEY_CLI.vars.keystone_client_python_interpreter }}"
# we create a new alarm definition for monitoring processes bounds for nova-api.
# The definition of a new alarm needs to be done just once per region.
- hosts: NOV-API:NOV-CAU:NOV-CMP:NOV-CND:NOV-SCH:NOV-VNC:&MON-AGN
roles:
- role: nova-monasca
tasks:
- include: roles/nova-monasca/tasks/heartbeat_check_config.yml
- include: roles/nova-monasca/tasks/process_bounds_alarm.yml
- include: roles/nova-monasca/tasks/heartbeat_alarm.yml
0707010000002B000081A40000000000000000000000015F71E19F000003F1000000000000000000000000000000000000003700000000ardana-nova-8.0+git.1601298847.dd01585/nova-deploy.yml#
# (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017-2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- include: pbstart.yml
vars:
playbook_name: "nova-deploy.yml"
- include: ses-deploy.yml
- include: _nova-install.yml
- include: _nova-configure.yml
- include: _nova-post-configure.yml
- include: nova-configure-monasca.yml
- include: nova-start.yml
- include: _nova-post-deploy.yml
- include: pbfinish.yml
vars:
playbook_name: "nova-deploy.yml"
0707010000002C000081A40000000000000000000000015F71E19F000002EB000000000000000000000000000000000000004100000000ardana-nova-8.0+git.1601298847.dd01585/nova-hugepages-status.yml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- hosts: NOV-CMP
roles:
- NOV-CMP
tasks:
- include: roles/NOV-CMP/tasks/hugepage-status.yml
0707010000002D000081A40000000000000000000000015F71E19F00000309000000000000000000000000000000000000003C00000000ardana-nova-8.0+git.1601298847.dd01585/nova-reconfigure.yml#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017-2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- include: ses-reconfigure.yml
- include: _nova-configure.yml
- include: _nova-post-configure.yml
- include: nova-start.yml
0707010000002E000081A40000000000000000000000015F71E19F00000285000000000000000000000000000000000000003800000000ardana-nova-8.0+git.1601298847.dd01585/nova-restart.yml#
# (c) Copyright 2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- include: _nova-schedule-restart.yml
- include: nova-start.yml
0707010000002F000081A40000000000000000000000015F71E19F000008D0000000000000000000000000000000000000003600000000ardana-nova-8.0+git.1601298847.dd01585/nova-start.yml#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- hosts: NOV-CND
roles:
- NOV-CND
tasks:
- include: roles/NOV-CND/tasks/start.yml
- hosts: NOV-SCH
roles:
- NOV-SCH
tasks:
- include: roles/NOV-SCH/tasks/start.yml
- hosts: NOV-CAU
roles:
- nova-monasca
- NOV-CAU
tasks:
- include: roles/NOV-CAU/tasks/start.yml
- hosts: NOV-VNC
roles:
- NOV-VNC
tasks:
- include: roles/NOV-VNC/tasks/start.yml
- hosts: NOV-API
roles:
- NOV-API
tasks:
- include: roles/NOV-API/tasks/start.yml
- hosts: NOV-CMP
roles:
- NOV-CMP
tasks:
- include: roles/NOV-CMP/tasks/start.yml
- hosts: NOV-API:NOV-CAU:NOV-CMP:NOV-CND:NOV-SCH:NOV-VNC
tasks:
- include: roles/nova-common/tasks/_clear_persistent_facts.yml
when: ardana_notify_nova_restart_required is defined and
ardana_notify_nova_restart_required.changed
- hosts: NOV-CMP-HYP
roles:
- NOV-CMP-HYP
tasks:
- include: roles/NOV-CMP-HYP/tasks/start.yml
# When everything is started we start to monitor.
# The list of hosts is created by the intersection of hosts with the monasca
# agent and the hosts running Nova services.
- hosts: NOV-API:NOV-CAU:NOV-CMP:NOV-CND:NOV-SCH:NOV-VNC:&MON-AGN
roles:
- nova-monasca
tasks:
- include: roles/nova-monasca/tasks/start.yml
- hosts: MON-AGN:&NOV-KVM
roles:
- nova-monasca
tasks:
- include: roles/nova-monasca/tasks/_monitor_libvirt.yml
# Run the vcenter detection plugin only on Nova ESX Compute Proxy
- hosts: NOV-ESX:&MON-AGN
no_log: True
roles:
- role: nova-monasca
tasks:
- include: roles/nova-monasca/tasks/vcenter_check.yml
07070100000030000081A40000000000000000000000015F71E19F00000661000000000000000000000000000000000000003700000000ardana-nova-8.0+git.1601298847.dd01585/nova-status.yml#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- hosts: NOV-CND
max_fail_percentage: 0
roles:
- NOV-CND
tasks:
- include: roles/NOV-CND/tasks/status.yml
- hosts: NOV-API
max_fail_percentage: 0
roles:
- NOV-API
tasks:
- include: roles/NOV-API/tasks/status.yml
- hosts: NOV-CAU
max_fail_percentage: 0
roles:
- NOV-CAU
tasks:
- include: roles/NOV-CAU/tasks/status.yml
- hosts: NOV-SCH
max_fail_percentage: 0
roles:
- NOV-SCH
tasks:
- include: roles/NOV-SCH/tasks/status.yml
- hosts: NOV-VNC
max_fail_percentage: 0
roles:
- NOV-VNC
tasks:
- include: roles/NOV-VNC/tasks/status.yml
- hosts: NOV-CMP
max_fail_percentage: 0
roles:
- NOV-CMP
tasks:
- include: roles/NOV-CMP/tasks/status.yml
- hosts: NOV-KVM
max_fail_percentage: 0
roles:
- NOV-CMP-KVM
tasks:
- include: roles/NOV-CMP-KVM/tasks/status.yml
- hosts: NOV-CMP-HYP
max_fail_percentage: 0
roles:
- NOV-CMP-HYP
tasks:
- include: roles/NOV-CMP-HYP/tasks/status.yml
07070100000031000081A40000000000000000000000015F71E19F00000525000000000000000000000000000000000000003500000000ardana-nova-8.0+git.1601298847.dd01585/nova-stop.yml#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- hosts: NOV-CMP
roles:
- NOV-CMP
tasks:
- include: roles/NOV-CMP/tasks/stop.yml
- hosts: NOV-API
roles:
- NOV-API
tasks:
- include: roles/NOV-API/tasks/stop.yml
- hosts: NOV-VNC
roles:
- NOV-VNC
tasks:
- include: roles/NOV-VNC/tasks/stop.yml
- hosts: NOV-CAU
roles:
- NOV-CAU
tasks:
- include: roles/NOV-CAU/tasks/stop.yml
- hosts: NOV-SCH
roles:
- NOV-SCH
tasks:
- include: roles/NOV-SCH/tasks/stop.yml
- hosts: NOV-CND
roles:
- NOV-CND
tasks:
- include: roles/NOV-CND/tasks/stop.yml
- hosts: NOV-CMP-HYP
roles:
- NOV-CMP-HYP
tasks:
- include: roles/NOV-CMP-HYP/tasks/stop.yml
07070100000032000081A40000000000000000000000015F71E19F00000772000000000000000000000000000000000000003800000000ardana-nova-8.0+git.1601298847.dd01585/nova-upgrade.yml#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017-2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# During an upgrade a service restart notification may be set by:
# install - e.g. new code, new package
# configure - e.g. change to a configuration file
---
- include: nova-status.yml
# Make sure we run ses, to get it's facts
- include: ses-deploy.yml
# Install and configure services in a new venv
- include: _nova-install.yml
- include: _nova-check-upgraded-packages.yml
- include: _nova-configure.yml
# Perform any database expand operations
- hosts: NOV-API
roles:
- nova-post-configure
tasks:
- include: roles/nova-post-configure/tasks/db_expand.yml
# Configure Keystone
- hosts: NOV-API
roles:
- nova-post-configure
tasks:
- include: roles/nova-post-configure/tasks/keystone_conf.yml
ansible_python_interpreter:
"{{ KEY_CLI.vars.keystone_client_python_interpreter }}"
# Restart services based on notifications set earlier
- include: nova-start.yml
# Perform any database contract operations
- hosts: NOV-API
roles:
- nova-post-configure
tasks:
- include: roles/nova-post-configure/tasks/db_contract.yml
# Discover hosts
- hosts: NOV-API
roles:
- nova-post-configure
tasks:
- include: roles/nova-post-configure/tasks/discover_hosts_post_deploy.yml
- include: nova-status.yml
07070100000033000041ED0000000000000000000000125F71E19F00000000000000000000000000000000000000000000002D00000000ardana-nova-8.0+git.1601298847.dd01585/roles07070100000034000041ED0000000000000000000000075F71E19F00000000000000000000000000000000000000000000003500000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-API07070100000035000041ED0000000000000000000000025F71E19F00000000000000000000000000000000000000000000003E00000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-API/defaults07070100000036000081A40000000000000000000000015F71E19F000006C1000000000000000000000000000000000000004700000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-API/defaults/main.yml#
# (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017-2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# This file will contain the default values for the nova-api service
---
nova_component: nova-api
# flag to enable audit middleware in nova api pipeline
nova_api_audit_enable: "{{ NOV.audit.enabled }}"
# the filters nova-common will copy for this service
nova_rootwrap_filters:
- rootwrap.d/api-metadata.filters
# the policy file nova-common will copy for this service
nova_policy_file: ../../nova-common/templates/policy.json.j2
nova_api_etc_dir: "{{ nova_component | config_dir() }}"
nova_api_conf_dir: "{{ nova_component | config_dir() }}/nova"
nova_api_bin_dir: "{{ nova_component | bin_dir() }}"
# the log files nova-common will create for this service
nova_log_files:
- "{{ log_dir }}/nova-api.log"
- "{{ log_dir }}/nova-api-json.log"
# Default max number of open files the Nova API processes can use
nova_api_limit_open_files: 65536
# nova placement api host
nova_placement_api_bind_host: "{{ host.bind.NOV_PLC.internal.ip_address }}"
nova_placement_api_bind_port: "{{ host.bind.NOV_PLC.internal.port }}"
# nova global conf
nova_global_conf_dir: "/etc/nova/"
07070100000037000041ED0000000000000000000000025F71E19F00000000000000000000000000000000000000000000003A00000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-API/meta07070100000038000081A40000000000000000000000015F71E19F00000377000000000000000000000000000000000000004300000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-API/meta/main.yml#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
dependencies:
- role: nova-common
## - role: FND-AP2
## causes "AnsibleUndefinedVariable: One or more undefined variables:
## 'neutron_common_rundir' is undefined", as a workaround added
## FND-AP2 to nova-common meta dependency07070100000039000041ED0000000000000000000000025F71E19F00000000000000000000000000000000000000000000003B00000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-API/tasks0707010000003A000081A40000000000000000000000015F71E19F00000371000000000000000000000000000000000000005700000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-API/tasks/check_upgraded_packages.yml#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- name: NOV-API | check_upgraded_packages | Check upgraded packages
command: /bin/true
register: ardana_notify_nova_api_restart_required
when: item in ardana_upgraded_pkgs | default({})
with_items: nova_api_restart_packages
0707010000003B000081A40000000000000000000000015F71E19F000010A5000000000000000000000000000000000000004900000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-API/tasks/configure.yml#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017-2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# Configure the nova-api service
---
- include: ../../nova-common/tasks/_set_directories.yml
vars:
install_package_result: "{{ ardana_notify_nova_api_install_result }}"
- name: NOV-API | configure | nova-common configure
include: ../../nova-common/tasks/configure.yml
- name: NOV-API | configure | notify on rootwrap or policy change
command: /bin/true
register: ardana_notify_nova_api_restart_required
when: rootwrap_changed or nova_policy_template_result.changed
- include: ../../nova-common/tasks/_write_conf.yml
src: "../../NOV-API/templates/api.conf.j2"
dest: "{{ nova_service_conf_dir }}/api.conf"
- name: NOV-API | configure | notify on api.conf change
command: /bin/true
register: ardana_notify_nova_api_restart_required
when: write_conf_result.changed
- name: NOV-API | configure | Apply template
become: yes
template:
src: "{{ item }}.j2"
dest: "{{ nova_service_conf_dir }}/{{ item }}"
owner: root
group: "{{ nova_system_group }}"
mode: 0640
with_items:
- "api-logging.conf"
- "api_audit_map.conf"
- "api-paste.ini"
register: ardana_notify_nova_api_restart_required
- name: NOV-API | configure | Create nova audit logging directory
become: yes
file:
path: "{{ nova_audit_log_location }}"
owner: "{{ nova_system_user }}"
group: "{{ nova_system_group | default('root') }}"
mode: "0755"
state: directory
when: nova_api_audit_enable
#
# create modwsgi file for nova-placement-api
#
- name: NOV-API | configure | configure nova-placement-api vhost
become: yes
template:
src: nova-placement-api-apache2.conf.j2
dest: "{{ apache2_vhost_dir }}/nova-placement-api-apache2.vhost"
mode: 0644
register: ardana_notify_nova_placement_api_apache_restart
- name: NOV-API | configure | configure nova-placement-api apache file owner
become: yes
file:
path: "{{ log_dir }}/{{ item }}"
owner: "{{ nova_system_user }}"
group: "{{ nova_system_group }}"
mode: 0640
state: touch
with_items:
- nova_placement_api_wsgi.log
- nova_placement_api_wsgi-access.log
- name: NOV-API | configure | set nova-placement-api log file ownership
become: yes
file:
path: "{{ item }}"
state: touch
owner: "{{ nova_system_user }}"
group: "adm"
mode: 0640
with_items:
- "{{ log_dir }}/nova_placement_api_wsgi.log"
- "{{ log_dir }}/nova_placement_api_wsgi-access.log"
- "{{ log_dir }}/nova-placement-api.log"
- name: NOV-API | configure | Create symbolic link for placement-api startup
become: yes
file:
src: "{{ nova_service_bin_dir }}/nova-placement-api"
dest: "{{ www_root }}/nova/nova-placement-api"
owner: root
group: "{{ nova_system_group }}"
state: link
- name: NOV-API | configure | Create Symlinks for api nova.conf from install
file:
src: "{{ nova_service_conf_dir }}/{{ item }}"
dest: "{{ nova_global_conf_dir }}/{{ item }}"
owner: "{{ nova_system_user }}"
group: "{{ nova_system_group }}"
state: link
mode: 0750
with_items:
- nova.conf
become: yes
- name: NOV-API | configure | Create symbolic link for nova-manage script
become: yes
file:
src: "{{ nova_service_bin_dir }}/nova-manage"
dest: /usr/local/bin/nova-manage
owner: root
group: "{{ nova_system_group }}"
state: link
force: yes
- name: NOV-API | configure | Create symbolic link for nova-status script
become: yes
file:
src: "{{ nova_service_bin_dir }}/nova-status"
dest: /usr/local/bin/nova-status
owner: root
group: "{{ nova_system_group }}"
state: link
force: yes
0707010000003C000081A40000000000000000000000015F71E19F00000C05000000000000000000000000000000000000004700000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-API/tasks/install.yml#
# (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017-2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# Install nova-api service
---
- name: NOV-API | install | Update installed packager cache
become: yes
install_package:
cache: update
- name: NOV-API | install | Install the nova-api service from the nova venv
become: yes
install_package:
name: nova
service: nova-api
state: present
activate: act_off
register: ardana_notify_nova_api_install_result
- name: NOV-API | install | register persistent fact of install
command: /bin/true
register: ardana_notify_nova_api_restart_required
when: ardana_notify_nova_api_install_result.changed
- include: ../../nova-common/tasks/_set_directories.yml
vars:
install_package_result: "{{ ardana_notify_nova_api_install_result }}"
- name: NOV-API | install | set nova_api service directories for db_configure
set_fact:
nova_api_etc_dir: |
"{{ nova_component |
config_dir(ardana_notify_nova_api_install_result.version) }}"
nova_api_conf_dir: |
"{{ nova_component |
config_dir(ardana_notify_nova_api_install_result.version) }}/nova"
nova_api_bin_dir: |
"{{ nova_component |
bin_dir(ardana_notify_nova_api_install_result.version) }}"
- name: NOV-API | install | Setup nova-api service
become: yes
setup_systemd:
service: nova-api
user: "{{ nova_system_user }}"
group: "{{ nova_system_group }}"
cmd: nova-api
args: >
--config-file {{ nova_service_conf_dir }}/nova.conf
--config-file {{ nova_service_conf_dir }}/api.conf
limit_open_files: "{{ nova_api_limit_open_files }}"
- name: NOV-API | install | Set nova-api service to not start on boot
become: yes
service:
name: nova-api
enabled: no
# This must happen after the install_package, or a path which is meant to be a
# symlink will be mkdir'd
- include: ../../nova-common/tasks/install.yml
#
# placement api
#
- name: NOV-API | install | Create Nova WSGI directory
become: yes
file:
path: "{{ www_root }}/nova"
owner: "{{ nova_system_user }}"
group: "{{ nova_system_group }}"
mode: 0755
state: directory
recurse: yes
- name: NOV-API | install | Creating nova global conf directory
become: yes
file:
path: "{{ item.dir }}"
state: directory
owner: "{{ nova_system_user }}"
group: "{{ nova_system_group }}"
mode: "{{ item.permission }}"
recurse: yes
with_items:
- { dir: '{{ nova_global_conf_dir }}', permission: '0750'}
0707010000003D000081A40000000000000000000000015F71E19F000002EB000000000000000000000000000000000000004400000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-API/tasks/main.yml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- name: NOV-API | main | Set os-specific variables
include_vars: "{{ ansible_os_family | lower }}.yml"0707010000003E000081A40000000000000000000000015F71E19F00000BA0000000000000000000000000000000000000004500000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-API/tasks/start.yml#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017-2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# Restart or start the nova-api service
---
- name: NOV-API | start | Activate the latest installed version
become: yes
install_package:
name: nova
service: nova-api
activate: act_on
version: "{{ ardana_notify_nova_api_install_result.version }}"
when: not (ardana_notify_nova_api_install_result is not defined)
- name: NOV-API | start | register persistent fact of activate
command: /bin/true
register: ardana_notify_nova_api_restart_required
when: ardana_notify_nova_api_install_result is defined and
ardana_notify_nova_api_install_result.changed
- name: NOV-API | start | Restart nova-api service
become: yes
service:
name: nova-api
state: restarted
when: ardana_notify_nova_restart_required.changed or
(ardana_notify_nova_api_restart_required is defined and
ardana_notify_nova_api_restart_required.changed)
- name: NOV-API | start | Ensure nova-api service is started
become: yes
service:
name: nova-api
state: started
- name: NOV-API | start | Make sure nova-api service is up and responding
uri:
url: "{{ nova_internal_endpoint }}"
status_code: 200
timeout: 20
register: nova_version_status_result
until: nova_version_status_result.status is defined and
nova_version_status_result.status == 200
delay: 10
retries: 3
run_once: true
ignore_errors: true
#
# placement api
#
#
- name: NOV-API | start | Enable nova-placement-api vhost enabled
become: yes
file:
src: "{{ apache2_vhost_dir }}/nova-placement-api-apache2.vhost"
dest: "{{ apache2_vhost_dir }}/nova-placement-api-apache2.conf"
state: link
register: ardana_notify_nova_placement_api_apache_restart
# Set the fact for restart based on ardana_notify
- name: NOV-API | start | Set fact placement api to start on ardana_notify_fact
set_fact:
nova_placement_api_restart_required : True
when: >-
ardana_notify_nova_restart_required.changed or
(ardana_notify_nova_placement_api_apache_restart is defined
and ardana_notify_nova_placement_api_apache_restart.changed)
- include: "{{ playbook_dir }}/roles/FND-AP2/tasks/start_reload.yml"
vars:
apache_reload_requested: "{{ nova_placement_api_restart_required }}"
apache_restart_requested: "{{ nova_placement_api_restart_required }}"
0707010000003F000081A40000000000000000000000015F71E19F000002BF000000000000000000000000000000000000004600000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-API/tasks/status.yml#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- include: ../../nova-common/tasks/_service_status.yml07070100000040000081A40000000000000000000000015F71E19F00000673000000000000000000000000000000000000004400000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-API/tasks/stop.yml#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017-2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# Stop the nova-api service
---
- name: NOV-API | stop | stop nova-api service
become: yes
service: name=nova-api state=stopped
register: stop_result
failed_when:
"stop_result|failed and 'service not found' not in stop_result.msg"
- name: NOV-API | stop | Disable nova-placement-api vhost enabled
become: yes
file:
dest: "{{ apache2_vhost_dir }}/nova-placement-api-apache2.conf"
state: absent
register: ardana_notify_nova_placement_api_apache_restart
# Set the fact for restart based on ardana_notify
- name: NOV-API | stop | Set fact placement api to stop on ardana_notify_fact
set_fact:
nova_placement_api_restart_required : True
when: >-
ardana_notify_nova_placement_api_apache_restart is defined
and ardana_notify_nova_placement_api_apache_restart.changed
- include: "{{ playbook_dir }}/roles/FND-AP2/tasks/start_reload.yml"
vars:
apache_reload_requested: True
apache_restart_requested: "{{ nova_placement_api_restart_required }}"
07070100000041000041ED0000000000000000000000025F71E19F00000000000000000000000000000000000000000000003F00000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-API/templates07070100000042000081A40000000000000000000000015F71E19F00000965000000000000000000000000000000000000005300000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-API/templates/api-logging.conf.j2{#
#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017-2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
#}
[loggers]
keys: root{%- if nova_api_audit_enable|bool %}, audit, oldaudit{% endif %}
[handlers]
keys: watchedfile, logstash{%- if nova_api_audit_enable|bool %}, auditfile{% endif %}
[formatters]
keys: context, logstash, minimal
[logger_root]
qualname: root
handlers: watchedfile, logstash
level: NOTSET
{%- if nova_api_audit_enable|bool %}
[logger_audit]
qualname: oslo_messaging.notification.audit
handlers: auditfile
propagate: 0
level: INFO
# This is here to support the deprecated qualname oslo.messaging
# when this moves to oslo_messaging this logger can be removed
[logger_oldaudit]
qualname: oslo.messaging.notification.audit
handlers: auditfile
propagate: 0
level: INFO
{% endif %}
# Writes to disk
[handler_watchedfile]
class: handlers.WatchedFileHandler
args: ('{{ log_dir }}/nova-api.log',)
formatter: context
level: INFO
# Writes JSON to disk, beaver will ship to logstash
[handler_logstash]
class: handlers.WatchedFileHandler
args: ('{{ log_dir }}/nova-api-json.log',)
formatter: logstash
level: INFO
{%- if nova_api_audit_enable|bool %}
# Writes to disk
[handler_auditfile]
class: handlers.WatchedFileHandler
args: ('{{ nova_audit_log_location }}/nova-audit.log',)
formatter: minimal
level: INFO
{% endif %}
[formatter_minimal]
format: %(message)s
# datefmt must be set otherwise you end up with too many (msecs) fields
[formatter_context]
class: oslo_log.formatters.ContextFormatter
args: (datefmt=datefmt)
format: %(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [%(request_id)s %(user)s %(tenant)s] %(instance)s%(message)s
datefmt: %Y-%m-%d %H:%M:%S
# the "format" and "datefmt" actually set the "type" and "tags"
[formatter_logstash]
class: logstash.LogstashFormatterVersion1
format: nova
datefmt: nova-api
07070100000043000081A40000000000000000000000015F71E19F00000E2A000000000000000000000000000000000000005000000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-API/templates/api-paste.ini.j2{#
#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
#}
############
# Metadata #
############
[composite:metadata]
use = egg:Paste#urlmap
/: meta
[pipeline:meta]
pipeline = cors metaapp
[app:metaapp]
paste.app_factory = nova.api.metadata.handler:MetadataRequestHandler.factory
#############
# OpenStack #
#############
[composite:osapi_compute]
use = call:nova.api.openstack.urlmap:urlmap_factory
/: oscomputeversions
# v21 is an exactly feature match for v2, except it has more stringent
# input validation on the wsgi surface (prevents fuzzing early on the
# API). It also provides new features via API microversions which are
# opt into for clients. Unaware clients will receive the same frozen
# v2 API feature set, but with some relaxed validation
/v2: openstack_compute_api_v21_legacy_v2_compatible
/v2.1: openstack_compute_api_v21
[composite:openstack_compute_api_v21]
use = call:nova.api.auth:pipeline_factory_v21
noauth2 = cors http_proxy_to_wsgi compute_req_id faultwrap sizelimit noauth2 osapi_compute_app_v21
keystone = cors http_proxy_to_wsgi compute_req_id faultwrap sizelimit authtoken keystonecontext {%- if nova_api_audit_enable %} audit{% endif %} osapi_compute_app_v21
[composite:openstack_compute_api_v21_legacy_v2_compatible]
use = call:nova.api.auth:pipeline_factory_v21
noauth2 = cors http_proxy_to_wsgi compute_req_id faultwrap sizelimit noauth2 legacy_v2_compatible osapi_compute_app_v21
keystone = cors http_proxy_to_wsgi compute_req_id faultwrap sizelimit authtoken keystonecontext {%- if nova_api_audit_enable %} audit{% endif %} legacy_v2_compatible osapi_compute_app_v21
[filter:request_id]
paste.filter_factory = oslo_middleware:RequestId.factory
[filter:compute_req_id]
paste.filter_factory = nova.api.compute_req_id:ComputeReqIdMiddleware.factory
[filter:faultwrap]
paste.filter_factory = nova.api.openstack:FaultWrapper.factory
[filter:noauth2]
paste.filter_factory = nova.api.openstack.auth:NoAuthMiddleware.factory
[filter:sizelimit]
paste.filter_factory = oslo_middleware:RequestBodySizeLimiter.factory
[filter:http_proxy_to_wsgi]
paste.filter_factory = oslo_middleware.http_proxy_to_wsgi:HTTPProxyToWSGI.factory
[filter:legacy_v2_compatible]
paste.filter_factory = nova.api.openstack:LegacyV2CompatibleWrapper.factory
[app:osapi_compute_app_v21]
paste.app_factory = nova.api.openstack.compute:APIRouterV21.factory
[pipeline:oscomputeversions]
pipeline = faultwrap http_proxy_to_wsgi oscomputeversionapp
[app:oscomputeversionapp]
paste.app_factory = nova.api.openstack.compute.versions:Versions.factory
##########
# Shared #
##########
[filter:cors]
paste.filter_factory = oslo_middleware.cors:filter_factory
oslo_config_project = nova
[filter:keystonecontext]
paste.filter_factory = nova.api.auth:NovaKeystoneContext.factory
[filter:authtoken]
paste.filter_factory = keystonemiddleware.auth_token:filter_factory
{% if nova_api_audit_enable %}
[filter:audit]
paste.filter_factory = keystonemiddleware.audit:filter_factory
audit_map_file = {{ api_audit_config }}
{% endif %}
07070100000044000081A40000000000000000000000015F71E19F0000046D000000000000000000000000000000000000004B00000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-API/templates/api.conf.j2{#
#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017-2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
#}
# This file has the Ardana values that apply only to the Nova API service.
# You may make changes to this file by adding sections/options below.
[DEFAULT]
# Logging
log_config_append = "{{ nova_service_conf_dir }}/api-logging.conf"
# transport_url
transport_url = {{ rabbit_hosts_transport_url }}
[database]
backend = sqlalchemy
connection = {{ database_connection }}
[api_database]
connection = {{ nova_api_database_connection }}
## Do NOT put anything after this line ##
07070100000045000081A40000000000000000000000015F71E19F000008AB000000000000000000000000000000000000005500000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-API/templates/api_audit_map.conf.j2{#
#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
#}
[DEFAULT]
# default target endpoint type
# should match the endpoint type defined in service catalog
target_endpoint_type = None
[custom_actions]
enable = enable
disable = disable
delete = delete
startup = start/startup
shutdown = stop/shutdown
reboot = start/reboot
os-migrations/get = read
os-server-password/post = update
# possible end path of api requests
[path_keywords]
add = None
action = None
enable = None
disable = None
configure-project = None
defaults = None
delete = None
detail = None
diagnostics = None
entries = entry
extensions = alias
flavors = flavor
images = image
ips = label
limits = None
metadata = key
os-agents = os-agent
os-aggregates = os-aggregate
os-availability-zone = None
os-certificates = None
os-cloudpipe = None
os-fixed-ips = ip
os-extra_specs = key
os-flavor-access = None
os-floating-ip-dns = domain
os-floating-ips-bulk = host
os-floating-ip-pools = None
os-floating-ips = floating-ip
os-hosts = host
os-hypervisors = hypervisor
os-instance-actions = instance-action
os-keypairs = keypair
os-migrations = None
os-networks = network
os-quota-sets = tenant
os-security-groups = security_group
os-security-group-rules = rule
os-server-password = None
os-services = None
os-simple-tenant-usage = tenant
os-virtual-interfaces = None
os-volume_attachments = attachment
os-volumes = volume
os-volume-types = volume-type
os-snapshots = snapshot
reboot = None
servers = server
shutdown = None
startup = None
statistics = None
# map endpoint type defined in service catalog to CADF typeURI
[service_endpoints]
compute = service/compute
07070100000046000081A40000000000000000000000015F71E19F0000066D000000000000000000000000000000000000006200000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-API/templates/nova-placement-api-apache2.conf.j2{#
#
# (c) Copyright 2017-2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
#}
Listen {{ nova_placement_api_bind_host }}:{{ nova_placement_api_bind_port }}
<VirtualHost {{ nova_placement_api_bind_host }}:{{ nova_placement_api_bind_port }}>
WSGIScriptAlias / {{ www_root}}/nova/nova-placement-api
WSGIDaemonProcess nova-placement-api processes=4 threads=5 socket-timeout=300 user={{ nova_system_user }} group={{ nova_system_group }} python-path={{ nova_service_bin_dir }}/../:{{ nova_service_bin_dir }}/../lib/python2.7/site-packages display-name=nova-placement-api
WSGIApplicationGroup nova-placement-api
WSGIProcessGroup nova-placement-api
ErrorLog {{ log_dir }}/nova_placement_api_wsgi.log
LogLevel INFO
CustomLog {{ log_dir }}/nova_placement_api_wsgi-access.log combined
<Directory {{ nova_service_bin_dir }}/../lib/python2.7/site-packages/nova/api/openstack/placement>
Options Indexes FollowSymLinks MultiViews
Require all granted
AllowOverride None
Order allow,deny
allow from all
LimitRequestBody 102400
</Directory>
SetEnv no-gzip 1
</VirtualHost>
07070100000047000041ED0000000000000000000000025F71E19F00000000000000000000000000000000000000000000003A00000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-API/vars07070100000048000081A40000000000000000000000015F71E19F000003B7000000000000000000000000000000000000004500000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-API/vars/debian.yml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
# Contains packages required for nova-api service in Debian System
---
# packages listed here will be installed by nova-common | install
nova_required_packages:
- libmysqlclient18
- libxslt1.1
# packages listed here will trigger a restart of the service when updated
nova_api_restart_packages:
- libxslt1.107070100000049000081A40000000000000000000000015F71E19F000003B1000000000000000000000000000000000000004500000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-API/vars/redhat.yml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
# Contains packages required for nova-api service in RedHat System
---
# packages listed here will be installed by nova-common | install
nova_required_packages:
- libmysqlclient18
- libxslt
# packages listed here will trigger a restart of the service when updated
nova_api_restart_packages:
- libxslt0707010000004A000081A40000000000000000000000015F71E19F000003F1000000000000000000000000000000000000004300000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-API/vars/suse.yml#
# (c) Copyright 2017 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017-2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
# Contains packages required for nova-api service in SUSE System
---
# packages listed here will be installed by nova-common | install
nova_required_packages:
- libmysqlclient18
- libxslt
- python-PrettyTable
- python-netifaces
- libsodium23
# packages listed here will trigger a restart of the service when updated
nova_api_restart_packages:
- libxslt
0707010000004B000041ED0000000000000000000000075F71E19F00000000000000000000000000000000000000000000003500000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CAU0707010000004C000041ED0000000000000000000000025F71E19F00000000000000000000000000000000000000000000003E00000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CAU/defaults0707010000004D000081A40000000000000000000000015F71E19F0000074E000000000000000000000000000000000000004700000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CAU/defaults/main.yml#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017-2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# This file will contain the default values for the nova-consoleauth service
---
nova_component: nova-consoleauth
# the filters nova-common will copy for this service
nova_rootwrap_filters:
- rootwrap.d/consoleauth.filters
# packages listed here will trigger a restart of the service when updated
nova_consoleauth_restart_packages: []
# host_index of where consoleauth service is running
consoleauth_host_index: 0
# host group
consoleauth_host_group: "{{ groups[verb_hosts.NOV_CAU] }}"
# facts file that stores nova_consoleauth run location
run_loc_file: "{{ nova_facts_dir }}/nova_consoleauth_run_location_{{ host.my_dimensions.control_plane }}.fact"
# CP variables - required for enabling disabling service
keystone:
nova_admin_user: "{{ NOV_API.consumes_KEY_API.vars.keystone_nova_user }}"
nova_admin_password: "{{ NOV_API.consumes_KEY_API.vars.keystone_nova_password | quote }}"
service_tenant: "{{ KEY_API.vars.keystone_service_tenant }}"
url: "{{ NOV_API.consumes_KEY_API.vips.private[0].url }}"
ca_certs_file: "{{ trusted_ca_bundle }}"
# the log files nova-common will create for this service
nova_log_files:
- "{{ log_dir }}/nova-consoleauth.log"
- "{{ log_dir }}/nova-consoleauth-json.log"
0707010000004E000041ED0000000000000000000000025F71E19F00000000000000000000000000000000000000000000003A00000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CAU/meta0707010000004F000081A40000000000000000000000015F71E19F000002AC000000000000000000000000000000000000004300000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CAU/meta/main.yml#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
dependencies:
- role: nova-common
07070100000050000041ED0000000000000000000000025F71E19F00000000000000000000000000000000000000000000003B00000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CAU/tasks07070100000051000081A40000000000000000000000015F71E19F00000469000000000000000000000000000000000000005200000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CAU/tasks/_read_run_location.yml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# Read the nova-consoleauth service run location from deployer fact file
---
- name: NOV-CAU | _read_run_location | check run location fact file exists
become: yes
delegate_to: localhost
stat:
path: "{{ run_loc_file }}"
register: stat_run_loc_file_result
- name: NOV-CAU | _read_run_location | read file - set fact
become: yes
delegate_to: localhost
set_fact:
consoleauth_host_index: "{{ lookup('file', run_loc_file) }}"
when: stat_run_loc_file_result.stat.exists
07070100000052000081A40000000000000000000000015F71E19F00000381000000000000000000000000000000000000005700000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CAU/tasks/check_upgraded_packages.yml#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- name: NOV-CAU | check_upgraded_packages | Check upgraded packages
command: /bin/true
register: ardana_notify_nova_consoleauth_restart_required
when: item in ardana_upgraded_pkgs | default({})
with_items: nova_consoleauth_restart_packages
07070100000053000081A40000000000000000000000015F71E19F000006D1000000000000000000000000000000000000004900000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CAU/tasks/configure.yml#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017-2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# Configure the nova-consoleauth service
---
- include: ../../nova-common/tasks/_set_directories.yml
vars:
install_package_result: "{{
ardana_notify_nova_consoleauth_install_result }}"
- include: ../../nova-common/tasks/configure.yml
- name: NOV-CAU | configure | notify on rootwrap change
command: /bin/true
register: ardana_notify_nova_consoleauth_restart_required
when: rootwrap_changed
- include: ../../nova-common/tasks/_write_conf.yml
src: "../../NOV-CAU/templates/consoleauth.conf.j2"
dest: "{{ nova_service_conf_dir }}/consoleauth.conf"
- name: NOV-CAU | configure | notify on consoleauth.conf change
command: /bin/true
register: ardana_notify_nova_consoleauth_restart_required
when: write_conf_result.changed
- name: NOV-CAU | configure | Apply template
become: yes
template:
src: "{{ item }}.j2"
dest: "{{ nova_service_conf_dir }}/{{ item }}"
owner: root
group: "{{ nova_system_group }}"
mode: 0640
with_items:
- "consoleauth-logging.conf"
register: ardana_notify_nova_consoleauth_restart_required
07070100000054000081A40000000000000000000000015F71E19F00000809000000000000000000000000000000000000004700000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CAU/tasks/install.yml#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# Install nova-consoleauth service
---
- name: NOV-CAU | install | Update installed packager cache
become: yes
install_package:
cache: update
- name: NOV-CAU | install |
Install the nova-consoleauth service from the nova venv
become: yes
install_package:
name: nova
service: nova-consoleauth
state: present
activate: act_off
register: ardana_notify_nova_consoleauth_install_result
- name: NOV-CAU | install | register persistent fact of install
command: /bin/true
register: ardana_notify_nova_consoleauth_restart_required
when: ardana_notify_nova_consoleauth_install_result.changed
- include: ../../nova-common/tasks/_set_directories.yml
vars:
install_package_result: "{{
ardana_notify_nova_consoleauth_install_result }}"
- name: NOV-CAU | install | Setup nova-consoleauth service
become: yes
setup_systemd:
service: nova-consoleauth
user: "{{ nova_system_user }}"
group: "{{ nova_system_group }}"
cmd: nova-consoleauth
args: >
--config-file {{ nova_service_conf_dir }}/nova.conf
--config-file {{ nova_service_conf_dir }}/rootwrap.conf
--config-file {{ nova_service_conf_dir }}/consoleauth.conf
- name: NOV-CAU | install | Set nova-consoleauth service to not start on boot
become: yes
service:
name: nova-consoleauth
enabled: no
- include: ../../nova-common/tasks/install.yml
07070100000055000081A40000000000000000000000015F71E19F000002EB000000000000000000000000000000000000004400000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CAU/tasks/main.yml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- name: NOV-CAU | main | Set os-specific variables
include_vars: "{{ ansible_os_family | lower }}.yml"07070100000056000081A40000000000000000000000015F71E19F000011B0000000000000000000000000000000000000004500000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CAU/tasks/start.yml#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# Restart or start the nova-consoleauth service
---
- name: NOV-CAU | start | Activate the latest installed version
become: yes
install_package:
name: nova
service: nova-consoleauth
activate: act_on
version: "{{ ardana_notify_nova_consoleauth_install_result.version }}"
when: not (ardana_notify_nova_consoleauth_install_result is not defined)
- name: NOV-CAU | start | register persistent fact of activate
command: /bin/true
register: ardana_notify_nova_consoleauth_restart_required
when: ardana_notify_nova_consoleauth_install_result is defined and
ardana_notify_nova_consoleauth_install_result.changed
- include: _read_run_location.yml
# consoleauth_host_index specifies the index of the host where consoleauth
# should be running.
# we match the consoleauth_host_index with the index of the inventory_host
- name: NOV-CAU | start | Restart nova-consoleauth service
become: yes
service:
name: nova-consoleauth
state: restarted
when:
({{ consoleauth_host_index }} ==
{{ consoleauth_host_group.index(inventory_hostname) }}
) and (ardana_notify_nova_restart_required.changed or
(ardana_notify_nova_consoleauth_restart_required is defined and
ardana_notify_nova_consoleauth_restart_required.changed))
# ignore errors as nova-api will not be able to service this
# request during deploy
- name: NOV-CAU | start | Enable consoleauth service
shell: >
nova service-enable {{ host.my_dimensions.hostname }} nova-consoleauth
when:
({{ consoleauth_host_index }} ==
{{ consoleauth_host_group.index(inventory_hostname) }})
ignore_errors: True
environment:
OS_USERNAME: "{{ keystone.nova_admin_user }}"
OS_PROJECT_NAME: "{{ keystone.service_tenant }}"
OS_PASSWORD: "{{ keystone.nova_admin_password }}"
OS_USER_DOMAIN_NAME: Default
OS_PROJECT_DOMAIN_NAME: Default
OS_AUTH_URL: "{{ keystone.url }}/v3"
OS_ENDPOINT_TYPE: internalURL
OS_CACERT: "{{ ca_certs_file }}"
- name: NOV-CAU | start | Ensure nova-consoleauth service started
become: yes
service:
name: nova-consoleauth
state: started
when:
({{ consoleauth_host_index }} ==
{{ consoleauth_host_group.index(inventory_hostname) }})
- name: NOV-CAU | start | Remove nova-consoleauth monasca process check from inactive nodes
become: yes
monasca_agent_plugin:
name: "nova"
state: "absent"
args:
service_api_url: "{{ nova_api_url }}"
component_name: "nova-consoleauth"
when:
({{ consoleauth_host_index }} !=
{{ consoleauth_host_group.index(inventory_hostname) }})
ignore_errors: True
- name: NOV-CAU | start | Stop consoleauth where not needed
become: yes
service:
name: nova-consoleauth
state: stopped
when:
({{ consoleauth_host_index }} !=
{{ consoleauth_host_group.index(inventory_hostname) }})
# ignore errors as nova-api will not be able to service this
# request during deploy
- name: NOV-CAU | start | Disable consoleauth where not needed
shell: >
nova service-disable {{ host.my_dimensions.hostname }} nova-consoleauth
--reason "singleton running elsewhere"
when:
({{ consoleauth_host_index }} !=
{{ consoleauth_host_group.index(inventory_hostname) }})
ignore_errors: True
environment:
OS_USERNAME: "{{ keystone.nova_admin_user }}"
OS_PROJECT_NAME: "{{ keystone.service_tenant }}"
OS_PASSWORD: "{{ keystone.nova_admin_password }}"
OS_USER_DOMAIN_NAME: Default
OS_PROJECT_DOMAIN_NAME: Default
OS_AUTH_URL: "{{ keystone.url }}/v3"
OS_ENDPOINT_TYPE: internalURL
OS_CACERT: "{{ ca_certs_file }}"
# write to deployer fact file where we started service
- name: NOV-CAU | start | copy consoleauth_host_index to nova.fact on localhost
become: yes
delegate_to: localhost
copy:
dest: "{{ run_loc_file }}"
content: "{{ consoleauth_host_index }}"
mode: 0644
07070100000057000081A40000000000000000000000015F71E19F0000032E000000000000000000000000000000000000004600000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CAU/tasks/status.yml#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- include: _read_run_location.yml
- include: ../../nova-common/tasks/_singleton_service_status.yml
vars:
singleton_host_index: "{{ consoleauth_host_index }}"
07070100000058000081A40000000000000000000000015F71E19F00000390000000000000000000000000000000000000004400000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CAU/tasks/stop.yml#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# Stop the nova-consoleauth service
---
- name: NOV-CAU | stop | stop nova-consoleauth service
become: yes
service: name=nova-consoleauth state=stopped
register: stop_result
failed_when:
"stop_result|failed and 'service not found' not in stop_result.msg"
07070100000059000041ED0000000000000000000000025F71E19F00000000000000000000000000000000000000000000003F00000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CAU/templates0707010000005A000081A40000000000000000000000015F71E19F000006CC000000000000000000000000000000000000005B00000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CAU/templates/consoleauth-logging.conf.j2{#
#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017-2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
#}
[loggers]
keys: root, iso8601
[handlers]
keys: watchedfile, logstash
[formatters]
keys: context, logstash
[logger_root]
qualname: root
handlers: watchedfile, logstash
level: NOTSET
[logger_iso8601]
qualname: iso8601
handlers: watchedfile, logstash
level: WARNING
# Writes to disk
[handler_watchedfile]
class: handlers.WatchedFileHandler
args: ('{{ log_dir }}/nova-consoleauth.log',)
formatter: context
# Writes JSON to disk, beaver will ship to logstash
[handler_logstash]
class: handlers.WatchedFileHandler
args: ('{{ log_dir }}/nova-consoleauth-json.log',)
formatter: logstash
level: INFO
# datefmt must be set otherwise you end up with too many (msecs) fields
[formatter_context]
class: oslo_log.formatters.ContextFormatter
args: (datefmt=datefmt)
format: %(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [%(request_id)s %(user)s %(tenant)s] %(instance)s%(message)s
datefmt: %Y-%m-%d %H:%M:%S
# the "format" and "datefmt" actually set the "type" and "tags"
[formatter_logstash]
class: logstash.LogstashFormatterVersion1
format: nova
datefmt: nova-consoleauth
0707010000005B000081A40000000000000000000000015F71E19F00000431000000000000000000000000000000000000005300000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CAU/templates/consoleauth.conf.j2{#
#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
#}
# This file has the Ardana values that apply only to the Consoleauth service.
# You may make changes to this file by adding sections/options below.
[DEFAULT]
# Logging
log_config_append = "{{ nova_service_conf_dir }}/consoleauth-logging.conf"
[database]
backend = sqlalchemy
connection = {{ database_connection }}
[api_database]
connection = {{ nova_api_database_connection }}
## Do NOT put anything after this line ##
0707010000005C000041ED0000000000000000000000025F71E19F00000000000000000000000000000000000000000000003A00000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CAU/vars0707010000005D000081A40000000000000000000000015F71E19F0000039A000000000000000000000000000000000000004500000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CAU/vars/debian.yml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
# Contains packages required for nova-consoleauth service in Debian System
---
# packages listed here will be installed by nova-common | install
nova_required_packages: []
# packages listed here will trigger a restart of the service when updated
nova_consoleauth_restart_packages: []0707010000005E000081A40000000000000000000000015F71E19F0000039A000000000000000000000000000000000000004500000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CAU/vars/redhat.yml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
# Contains packages required for nova-consoleauth service in RedHat System
---
# packages listed here will be installed by nova-common | install
nova_required_packages: []
# packages listed here will trigger a restart of the service when updated
nova_consoleauth_restart_packages: []0707010000005F000081A40000000000000000000000015F71E19F00000399000000000000000000000000000000000000004300000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CAU/vars/suse.yml#
# (c) Copyright 2017 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
# Contains packages required for nova-consoleauth service in SUSE System
---
# packages listed here will be installed by nova-common | install
nova_required_packages: []
# packages listed here will trigger a restart of the service when updated
nova_consoleauth_restart_packages: []
07070100000060000041ED0000000000000000000000045F71E19F00000000000000000000000000000000000000000000003500000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CLI07070100000061000041ED0000000000000000000000025F71E19F00000000000000000000000000000000000000000000003E00000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CLI/defaults07070100000062000081A40000000000000000000000015F71E19F0000047E000000000000000000000000000000000000004700000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CLI/defaults/main.yml#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# CP variables
---
keystone:
nova_admin_user: "{{ NOV_API.consumes_KEY_API.vars.keystone_nova_user }}"
nova_admin_password: "{{ NOV_API.consumes_KEY_API.vars.keystone_nova_password | quote }}"
role: "{{ KEY_API.vars.keystone_admin_role }}"
service_tenant: "{{ KEY_API.vars.keystone_service_tenant }}"
url: "{{ NOV_API.consumes_KEY_API.vips.private[0].url }}"
nova_api:
internal_url: "{{ NOV_API.advertises.vips.private[0].url }}/v2/%(tenant_id)s"
internal_region: "{{ NOV.regions | first }}"
07070100000063000041ED0000000000000000000000025F71E19F00000000000000000000000000000000000000000000003B00000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CLI/tasks07070100000064000081A40000000000000000000000015F71E19F000007F7000000000000000000000000000000000000005200000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CLI/tasks/availability_zones.yml#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017-2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
# Create host aggregate and availability zone
- name: NOV-CLI | availability_zones | create host aggregate and az
become: yes
nova_host_aggregate:
state: present
auth_url: "{{ keystone.url }}/v3"
login_username: "{{ keystone.nova_admin_user }}"
login_password: "{{ keystone.nova_admin_password }}"
login_tenant_name: "{{ keystone.service_tenant }}"
region_name: "{{ nova_api.internal_region }}"
name: "{{ item }}"
availability_zone: "{{ item }}"
run_once: true
environment:
NOVACLIENT_BYPASS_URL: "{{ nova_api.internal_url }}"
with_items: zone_types.nova_availability_zones
when: ( ( zone_types.nova_availability_zones | length ) > 0 )
# Add host to availability zone
- name: NOV-CLI | availability_zones | add host to az
become: yes
nova_host_aggregate:
state: present
auth_url: "{{ keystone.url }}/v3"
login_username: "{{ keystone.nova_admin_user }}"
login_password: "{{ keystone.nova_admin_password }}"
login_tenant_name: "{{ keystone.service_tenant }}"
region_name: "{{ nova_api.internal_region }}"
name: "{{ hostvars[item].host.failure_zone }}"
host: "{{ hostvars[item].host.my_dimensions.hostname }}"
run_once: true
environment:
NOVACLIENT_BYPASS_URL: "{{ nova_api.internal_url }}"
with_items: groups[verb_hosts.NOV_CMP]
when: ( ( zone_types.nova_availability_zones | length ) > 0 )
07070100000065000041ED0000000000000000000000075F71E19F00000000000000000000000000000000000000000000003500000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CMP07070100000066000041ED0000000000000000000000075F71E19F00000000000000000000000000000000000000000000003900000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CMP-ESX07070100000067000041ED0000000000000000000000025F71E19F00000000000000000000000000000000000000000000004200000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CMP-ESX/defaults07070100000068000081A40000000000000000000000015F71E19F0000076C000000000000000000000000000000000000004B00000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CMP-ESX/defaults/main.yml#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
# variables to go into hypervisor.conf in vcenter compute proxy
vcenter_encrypted_password: "{%- if global.pass_through is defined -%}
{%- if global.pass_through.vmware is defined -%}
{%- for vc in global.pass_through.vmware -%}
{%- if vc.id == host.pass_through.vmware.vcenter_id -%}
{{ vc.password }}
{%- endif -%}
{%- endfor -%}
{%- endif -%}
{%- endif -%}"
vmware_vcenter_id: "{{ host.pass_through.vmware.vcenter_id }}"
esx_default_driver: "vmwareapi.VMwareVCDriver"
esx_compute_driver_list: "{{ NOV_ESX | get_provided_data_values('compute_driver') }}"
esx_compute_driver: "{%- if esx_compute_driver_list|length > 0 -%}
{{ esx_compute_driver_list | last }}
{%- else -%}
{{ esx_default_driver }}
{%- endif -%}"
neutron_ovs_bridge:
"{%- set ovs_br_list = NOV_ESX | provided_data('ovs_bridge') -%}
{%- if ovs_br_list | length > 0 -%}
{{ ovs_br_list | last }}
{%- endif -%}"
07070100000069000041ED0000000000000000000000025F71E19F00000000000000000000000000000000000000000000003E00000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CMP-ESX/meta0707010000006A000081A40000000000000000000000015F71E19F000002BE000000000000000000000000000000000000004700000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CMP-ESX/meta/main.yml#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
dependencies:
- role: nova-common
- role: NOV-CMP
0707010000006B000041ED0000000000000000000000025F71E19F00000000000000000000000000000000000000000000003F00000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CMP-ESX/tasks0707010000006C000081A40000000000000000000000015F71E19F00000379000000000000000000000000000000000000005B00000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CMP-ESX/tasks/check_upgraded_packages.yml#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- name: NOV-CMP-ESX | check_upgraded_packages | Check upgraded packages
command: /bin/true
register: ardana_notify_nova_compute_restart_required
when: item in ardana_upgraded_pkgs | default({})
with_items: nova_esx_restart_packages
0707010000006D000081A40000000000000000000000015F71E19F000005C5000000000000000000000000000000000000004D00000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CMP-ESX/tasks/configure.yml#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# Configure the hypervisor.conf specific to vmware
---
- include: ../../nova-common/tasks/_set_directories.yml
vars:
install_package_result: "{{ ardana_notify_nova_compute_install_result }}"
# hypervisor.conf will be loaded last by nova-compute
# filename should remain the same across hypervisors
# we can use nova_service_conf_dir as this will be set to compute
# by including the nova-compute role as a dependency
- include: ../../nova-common/tasks/_write_conf.yml
src: "../../NOV-CMP-ESX/templates/hypervisor.conf.j2"
dest: "{{ nova_service_conf_dir }}/hypervisor.conf"
owner: "{{ nova_system_user }}"
group: "{{ nova_system_group }}"
- name: NOV-CMP-ESX | configure | notify on hypervisor.conf change
command: /bin/true
register: ardana_notify_nova_compute_restart_required
when: write_conf_result.changed
0707010000006E000081A40000000000000000000000015F71E19F000002EF000000000000000000000000000000000000004800000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CMP-ESX/tasks/main.yml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- name: NOV-CMP-ESX | main | Set os-specific variables
include_vars: "{{ ansible_os_family | lower }}.yml"0707010000006F000041ED0000000000000000000000025F71E19F00000000000000000000000000000000000000000000004300000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CMP-ESX/templates07070100000070000081A40000000000000000000000015F71E19F0000071B000000000000000000000000000000000000005600000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CMP-ESX/templates/hypervisor.conf.j2{#
#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
#}
# You may make changes to this file by adding sections/options below.
[DEFAULT]
# Compute
compute_driver = {{ esx_compute_driver }}
allow_resize_to_same_host = True
[vmware]
{% if host.pass_through.vmware.vcenter_ip is defined and host.pass_through.vmware.vcenter_ip != "" %}
host_ip = {{ host.pass_through.vmware.vcenter_ip }}
host_port = {{ host.pass_through.vmware.vcenter_port }}
host_username = {{ host.pass_through.vmware.vcenter_username }}
{% else %}
{% for vc in global.pass_through.vmware %}{% if vc.id == vmware_vcenter_id %}
host_ip = {{ vc.ip }}
host_port = {{ vc.port }}
host_username = {{ vc.username }}
{% endif %}
{% endfor %}
{% endif %}
host_password = {{ vcenter_encrypted_password | openstack_user_password_decrypt }}
cluster_name = {{ host.pass_through.vmware.vcenter_cluster }}
insecure = True
vmwareapi_nic_attach_retry_count = 60
# VNC
[vnc]
novncproxy_base_url = {{ novncproxy_base_url }}
vncserver_listen = 0.0.0.0
vncserver_proxyclient_address = {{ vncserver_proxyclient_address }}
enabled = True
{% if neutron_ovs_bridge != "" %}
[neutron]
ovs_bridge = {{ neutron_ovs_bridge }}
{% endif %}
## Do NOT put anything after this line ##
07070100000071000041ED0000000000000000000000025F71E19F00000000000000000000000000000000000000000000003E00000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CMP-ESX/vars07070100000072000081A40000000000000000000000015F71E19F000003C4000000000000000000000000000000000000004900000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CMP-ESX/vars/debian.yml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
# Contains packages names and default values required for nova-compute-esx
# to work in Debian System
---
# packages listed here will be installed by nova-common | install
nova_required_packages: []
# packages listed here will trigger a restart of libvirt and the compute service
# when updated
nova_esx_restart_packages: []07070100000073000081A40000000000000000000000015F71E19F000003C4000000000000000000000000000000000000004900000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CMP-ESX/vars/redhat.yml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
# Contains packages names and default values required for nova-compute-esx
# to work in RedHat System
---
# packages listed here will be installed by nova-common | install
nova_required_packages: []
# packages listed here will trigger a restart of libvirt and the compute service
# when updated
nova_esx_restart_packages: []07070100000074000081A40000000000000000000000015F71E19F000003C3000000000000000000000000000000000000004700000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CMP-ESX/vars/suse.yml#
# (c) Copyright 2017 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
# Contains packages names and default values required for nova-compute-esx
# to work in SUSE System
---
# packages listed here will be installed by nova-common | install
nova_required_packages: []
# packages listed here will trigger a restart of libvirt and the compute service
# when updated
nova_esx_restart_packages: []
07070100000075000041ED0000000000000000000000065F71E19F00000000000000000000000000000000000000000000003900000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CMP-HYP07070100000076000041ED0000000000000000000000025F71E19F00000000000000000000000000000000000000000000004200000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CMP-HYP/defaults07070100000077000081A40000000000000000000000015F71E19F0000078F000000000000000000000000000000000000004B00000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CMP-HYP/defaults/main.yml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
win_service: nova
win_service_name: OpenStack Nova Compute Service
win_nova_conf_dir: etc\nova
win_conf_dir: "{{ [win_ardana_dir, win_service, build_url.svc_dir,
win_nova_conf_dir] | join(path_separator) }}"
win_bin_dir: "{{ [win_ardana_dir, win_service, build_url.svc_dir, 'bin'] |
join(path_separator) }}"
win_nova_conf_name: nova.conf
win_nova_conf_path: "{{ [win_conf_dir, win_nova_conf_name] |
join(path_separator) }}"
win_hypervisor_conf_name: hypervisor.conf
win_hypervisor_conf_path: "{{ [win_conf_dir, win_hypervisor_conf_name] |
join(path_separator) }}"
win_compute_conf_name: compute.conf
win_compute_conf_path: "{{ [win_conf_dir, win_compute_conf_name] |
join(path_separator) }}"
win_compute_logging_conf_name: compute-logging.conf
win_compute_logging_conf_path: "{{ [win_conf_dir, win_compute_logging_conf_name
] | join(path_separator) }}"
win_service_conf_name: novaservice.conf
win_service_conf_path: "{{ [win_ardana_dir, 'setup', win_service_conf_name] |
join(path_separator) }}"
win_policy_file_name: policy.json
win_policy_file_path: "{{ [win_conf_dir, win_policy_file_name] |
join(path_separator) }}"
win_jinja_vars: '#jinja2: newline_sequence:"\\r\\n"'
nova_service_conf_dir: "{{ win_conf_dir }}"
nova_service_bin_dir: "{{ win_bin_dir }}"
07070100000078000041ED0000000000000000000000025F71E19F00000000000000000000000000000000000000000000003E00000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CMP-HYP/meta07070100000079000081A40000000000000000000000015F71E19F000002C6000000000000000000000000000000000000004700000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CMP-HYP/meta/main.yml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
dependencies:
- role: win-install-package
- role: nova-common
0707010000007A000041ED0000000000000000000000025F71E19F00000000000000000000000000000000000000000000003F00000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CMP-HYP/tasks0707010000007B000081A40000000000000000000000015F71E19F000006BC000000000000000000000000000000000000004F00000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CMP-HYP/tasks/_write_conf.yml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- name: NOV-CMP-HYP | _write_conf | Check if the conf already exists
win_stat:
path: "{{ dest }}"
register: win_conf_stat_result
- name: NOV-CMP-HYP | _write_conf | Get timestamp
raw: powershell Get-Date -Format yyyyMMddHHmmss
register: time_result
changed_when: False
- name: NOV-CMP-HYP | _write_conf | Create a backup of the existing conf
raw: COPY "{{ dest }}" "{{ dest }}-{{ time_result.stdout_lines[0] }}.conf"
when: win_conf_stat_result.stat.exists
- name: NOV-CMP-HYP | _write_conf | Copy the conf file
win_template:
src: "{{ src }}"
dest: "{{ dest }}"
register: ardana_notify_win_nova_restart_required
- name: NOV-CMP-HYP | _write_conf | Delete backup of the unchanged file
win_file:
path: "{{ dest }}-{{ time_result.stdout_lines[0] }}.conf"
state: absent
when: ardana_notify_win_nova_restart_required.changed != True
- name: NOV-CMP-HYP | _write_conf | remove all but last 10 backups of the conf
raw: powershell -file "{{ [win_ardana_dir, 'setup', 'delete_backups.ps1'] |
join(path_separator) }}" "{{ dest }}"
0707010000007C000081A40000000000000000000000015F71E19F00000508000000000000000000000000000000000000005400000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CMP-HYP/tasks/_write_templates.yml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
#
# This is to generate windows specific templates on the deployer node from
# the common templates.
# The windows specific templates need the following line at the beginning of
# the file to template new line characters.
# '#jinja2: newline_sequence:"\\r\\n"'
# The second task inserts the above line in the template.
---
- name: NOV-CMP-HYP | _write_templates | copy common template to NOV-CMP-HYP
raw: cp {{ src }} {{ dest }}
run_once: true
delegate_to: localhost
- name: NOV-CMP-HYP | _write_templates | make the template windows specific
raw: sed -i '1 i \{{ win_jinja_vars }}' {{ dest }}
run_once: true
delegate_to: localhost
0707010000007D000081A40000000000000000000000015F71E19F00000C06000000000000000000000000000000000000004D00000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CMP-HYP/tasks/configure.yml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- include: ../../win-install-package/tasks/_setvars.yml
when: win_service_config_result is not defined
- include: ../../win-install-package/tasks/check_version.yml
- name: NOV-CMP-HYP | configure | set os-specific variables
include_vars: ../../nova-common/vars/{{ ansible_os_family | lower }}.yml
- name: NOV-CMP-HYP | configure | set os-specific variables for logging
include_vars: ../../NOV-CMP/vars/{{ ansible_os_family | lower }}.yml
- name: NOV-CMP-HYP | configure | Get instance VHD path
raw: powershell (Get-VMHost -ComputerName localhost).VirtualHardDiskPath
register: win_instance_path_result
- name: NOV-CMP-HYP | configure | set instance path fact
set_fact:
win_instance_path: "{{ win_instance_path_result.stdout_lines[0].rstrip('
\\\\') }}"
- name: NOV-CMP-HYP | configure | check if the host is a part of a cluster
raw : powershell (Get-WindowsFeature "Failover-Clustering").Installed
register: win_cluster_result
- name: NOV-CMP-HYP | configure | set fact whether the host is in a cluster
set_fact:
win_cluster: "{{ win_cluster_result.stdout_lines[0] }}"
- name: NOV-CMP-HYP | configure | Create the conf directory
win_file:
path: "{{ win_conf_dir }}"
state: directory
- include: _write_templates.yml
src: roles/nova-common/templates/nova.conf.j2
dest: roles/NOV-CMP-HYP/templates/nova.conf.j2
- include: _write_templates.yml
src: roles/nova-common/templates/policy.json.j2
dest: roles/NOV-CMP-HYP/templates/policy.json.j2
- include: _write_templates.yml
src: roles/NOV-CMP/templates/compute.conf.j2
dest: roles/NOV-CMP-HYP/templates/compute.conf.j2
- include: _write_templates.yml
src: roles/NOV-CMP/templates/compute-logging.conf.j2
dest: roles/NOV-CMP-HYP/templates/compute-logging.conf.j2
- include: _write_conf.yml
src: hypervisor.conf.j2
dest: "{{ win_hypervisor_conf_path }}"
- include: _write_conf.yml
src: nova.conf.j2
dest: "{{ win_nova_conf_path }}"
- include: _write_conf.yml
src: compute.conf.j2
dest: "{{ win_compute_conf_path }}"
- include: _write_conf.yml
src: compute-logging.conf.j2
dest: "{{ win_compute_logging_conf_path }}"
- include: _write_conf.yml
src: policy.json.j2
dest: '{{ win_policy_file_path }}'
- name: NOV-CMP-HYP | configure | Copy service conf
win_template:
src: novaservice.conf.j2
dest: '{{ win_service_conf_path }}'
- include: ../../win-install-package/tasks/configure.yml
0707010000007E000081A40000000000000000000000015F71E19F000002BB000000000000000000000000000000000000004B00000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CMP-HYP/tasks/install.yml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- include: ../../win-install-package/tasks/install.yml
0707010000007F000081A40000000000000000000000015F71E19F0000056F000000000000000000000000000000000000004900000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CMP-HYP/tasks/start.yml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- name: NOV-CMP-HYP | start | Restart nova-compute service
win_service:
name: "{{ win_service_name }}"
state: restarted
when: ardana_notify_win_nova_restart_required.changed and
ardana_notify_win_nova_restart_required is defined
register: win_nova_restarted_result
# Start the service in the case when ardana_notify_win_nova_restart_required
# is false.
# Eg., when nova-start.yml is run independently.
#
# Execute this only when the above task is skipped and the service start
# is not yet triggered
- name: NOV-CMP-HYP | start | Ensure nova-compute service is started
win_service:
name: "{{ win_service_name }}"
state: started
register: _service_status_started_result
when: win_nova_restarted_result|skipped
07070100000080000081A40000000000000000000000015F71E19F00000444000000000000000000000000000000000000004A00000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CMP-HYP/tasks/status.yml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- name: NOV-CMP-HYP | status | Print service being checked
debug:
msg: "Running service check for {{ win_service_name }}"
run_once: true
- name: NOV-CMP-HYP | status | Get Service Status
win_service:
name: "{{ win_service_name }}"
register: _service_status_result
- name: NOV-CMP-HYP | status | Check Service status
fail:
msg:
"{{ win_service_name }} is not running."
when: _service_status_result.state == 'stopped'
07070100000081000081A40000000000000000000000015F71E19F0000031E000000000000000000000000000000000000004800000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CMP-HYP/tasks/stop.yml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- name: NOV-CMP-HYP | stop | Stop service
win_service:
name: "{{ win_service_name }}"
state: stopped
register: _service_status_stopped_result
07070100000082000041ED0000000000000000000000025F71E19F00000000000000000000000000000000000000000000004300000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CMP-HYP/templates07070100000083000081A40000000000000000000000015F71E19F000005F4000000000000000000000000000000000000005600000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CMP-HYP/templates/hypervisor.conf.j2#jinja2: newline_sequence:'\r\n'
{#
#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
#}
# This configuration file includes the default values for Ardana
# Changes may be made to this file by the customer.
# Layout / order of settings in this file can be found:
# http://docs.openstack.org/liberty/config-reference/content/list-of-compute-config-options.html
[DEFAULT]
logfile=nova-compute.log
{% if win_cluster | bool %}
compute_driver=hyperv.cluster.hadriver.HyperVHADriver
{% else %}
compute_driver=hyperv.driver.HyperVDriver
{% endif %}
instances_path="{{ win_instance_path }}"
policy_file="{{ win_policy_file_path }}"
mkisofs_cmd="{{ win_bin_dir }}\mkisofs.exe"
vif_plugging_timeout = 300
reserved_host_memory_mb = 12288
[hyperv]
qemu_img_cmd="{{ win_bin_dir }}\\qemu-img.exe"
limit_cpu_features=False
config_drive_inject_password=False
config_drive_cdrom = True
dynamic_memory_ratio=1
enable_instance_metrics_collection=False
07070100000084000081A40000000000000000000000015F71E19F00000485000000000000000000000000000000000000005700000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CMP-HYP/templates/novaservice.conf.j2#jinja2: newline_sequence:'\r\n'
{#
#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
#}
[DEFAULT]
python_path = {{ [win_ardana_dir, win_service, build_url.svc_dir, win_service,
'scripts', 'python.exe'] | join(path_separator) }}
script_path = {{ [win_ardana_dir, win_service, build_url.svc_dir, win_service,
'scripts', 'nova-compute-script.py'] | join(path_separator) }}
service_name = {{ win_service_name }}
confs = --config-file,{{ win_nova_conf_path }},--config-file,{{
win_hypervisor_conf_path }},--config-file,{{ win_compute_conf_path
}}
07070100000085000041ED0000000000000000000000075F71E19F00000000000000000000000000000000000000000000003900000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CMP-IRN07070100000086000041ED0000000000000000000000025F71E19F00000000000000000000000000000000000000000000004200000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CMP-IRN/defaults07070100000087000081A40000000000000000000000015F71E19F0000047D000000000000000000000000000000000000004B00000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CMP-IRN/defaults/main.yml#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017-2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# This file will contain the default values for the nova ironic component
---
## [ironic]
ironic_api_endpoint_url: "{{ NOV_CMP_IRN.consumes_IRN_API.vips.private[0].url }}/v1"
admin_tenant_name : "{{ KEY_API.vars.keystone_service_tenant }}"
keystone_ironic_password : "{{ IRN_API.consumes_KEY_API.vars.keystone_ironic_password | quote }}"
keystone_ironic_user : "{{ IRN_API.consumes_KEY_API.vars.keystone_ironic_user }}"
ironic_admin_auth_uri : "{{ IRN_API.consumes_KEY_API.vips.private[0].url }}/v3"
07070100000088000041ED0000000000000000000000025F71E19F00000000000000000000000000000000000000000000003E00000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CMP-IRN/meta07070100000089000081A40000000000000000000000015F71E19F000002BE000000000000000000000000000000000000004700000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CMP-IRN/meta/main.yml#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
dependencies:
- role: nova-common
- role: NOV-CMP
0707010000008A000041ED0000000000000000000000025F71E19F00000000000000000000000000000000000000000000003F00000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CMP-IRN/tasks0707010000008B000081A40000000000000000000000015F71E19F00000379000000000000000000000000000000000000005B00000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CMP-IRN/tasks/check_upgraded_packages.yml#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- name: NOV-CMP-IRN | check_upgraded_packages | Check upgraded packages
command: /bin/true
register: ardana_notify_nova_compute_restart_required
when: item in ardana_upgraded_pkgs | default({})
with_items: nova_irn_restart_packages
0707010000008C000081A40000000000000000000000015F71E19F00000585000000000000000000000000000000000000004D00000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CMP-IRN/tasks/configure.yml#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017-2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# Configure the hypervisor.conf specific to ironic
---
- include: ../../nova-common/tasks/_set_directories.yml
vars:
install_package_result: "{{ ardana_notify_nova_compute_install_result }}"
# hypervisor.conf will be loaded last by nova-compute
# filename should remain the same across hypervisors
# we can use nova_service_conf_dir as this will be set to compute
# by including the nova-compute role as a dependency
- include: ../../nova-common/tasks/_write_conf.yml
src: "../../NOV-CMP-IRN/templates/hypervisor.conf.j2"
dest: "{{ nova_service_conf_dir }}/hypervisor.conf"
- name: NOV-CMP-IRN | configure | notify on hypervisor.conf change
command: /bin/true
register: ardana_notify_nova_compute_restart_required
when: write_conf_result.changed
0707010000008D000081A40000000000000000000000015F71E19F000002B8000000000000000000000000000000000000004B00000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CMP-IRN/tasks/install.yml#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- include: ../../nova-common/tasks/install.yml
0707010000008E000081A40000000000000000000000015F71E19F000002EF000000000000000000000000000000000000004800000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CMP-IRN/tasks/main.yml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- name: NOV-CMP-IRN | main | Set os-specific variables
include_vars: "{{ ansible_os_family | lower }}.yml"0707010000008F000041ED0000000000000000000000025F71E19F00000000000000000000000000000000000000000000004300000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CMP-IRN/templates07070100000090000081A40000000000000000000000015F71E19F000005F7000000000000000000000000000000000000005600000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CMP-IRN/templates/hypervisor.conf.j2{#
#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017-2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
#}
# This file has the Ardana values that apply only to the ironic hypervisor.
# You may make changes to this file by adding sections/options below.
[DEFAULT]
# Compute
compute_driver = ironic.IronicDriver
reserved_host_disk_mb = 0
reserved_host_memory_mb = 0
ram_allocation_ratio = 1.0
firewall_driver = nova.virt.firewall.NoopFirewallDriver
compute_manager = ironic.nova.compute.manager.ClusteredComputeManager
[ironic]
auth_type = v3password
auth_url = {{ ironic_admin_auth_uri }}
project_name = {{ admin_tenant_name }}
username = {{ keystone_ironic_user }}
password = {{ keystone_ironic_password }}
# We are hardcoding the domain to 'Default' for backward compatibility.
# In the future, these need to be coming from vars.
project_domain_name = Default
user_domain_name = Default
api_endpoint = {{ ironic_api_endpoint_url }}
## Do NOT put anything after this line ##
07070100000091000041ED0000000000000000000000025F71E19F00000000000000000000000000000000000000000000003E00000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CMP-IRN/vars07070100000092000081A40000000000000000000000015F71E19F000003C4000000000000000000000000000000000000004900000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CMP-IRN/vars/debian.yml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
# Contains packages names and default values required for nova-compute-irn
# to work in Debian System
---
# packages listed here will be installed by nova-common | install
nova_required_packages: []
# packages listed here will trigger a restart of libvirt and the compute service
# when updated
nova_irn_restart_packages: []07070100000093000081A40000000000000000000000015F71E19F000003C4000000000000000000000000000000000000004900000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CMP-IRN/vars/redhat.yml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
# Contains packages names and default values required for nova-compute-irn
# to work in RedHat System
---
# packages listed here will be installed by nova-common | install
nova_required_packages: []
# packages listed here will trigger a restart of libvirt and the compute service
# when updated
nova_irn_restart_packages: []07070100000094000081A40000000000000000000000015F71E19F000003C3000000000000000000000000000000000000004700000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CMP-IRN/vars/suse.yml#
# (c) Copyright 2017 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
# Contains packages names and default values required for nova-compute-irn
# to work in SUSE System
---
# packages listed here will be installed by nova-common | install
nova_required_packages: []
# packages listed here will trigger a restart of libvirt and the compute service
# when updated
nova_irn_restart_packages: []
07070100000095000041ED0000000000000000000000095F71E19F00000000000000000000000000000000000000000000003900000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CMP-KVM07070100000096000041ED0000000000000000000000025F71E19F00000000000000000000000000000000000000000000004200000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CMP-KVM/defaults07070100000097000081A40000000000000000000000015F71E19F0000081F000000000000000000000000000000000000004B00000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CMP-KVM/defaults/main.yml#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017-2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# This file will contain the default values for the nova kvm component
# that are the same on every distro. If they need to be different on
# different distros then put them in vars/<distro>.yml
---
nova_private_ssh_key: "{{ NOV_KVM.vars.nova_ssh_key.private }}"
nova_vcpu_pin_set: "{{ host | item('cpu_assignments.NOV_KVM.vm.processor_list', default='') }}"
nova_cgroup_device_acl:
- /dev/null
- /dev/full
- /dev/dayzero
- /dev/random
- /dev/urandom
- /dev/ptmx
- /dev/kvm
- /dev/kqemu
- /dev/rtc
- /dev/hpet
- /dev/vfio/vfio
huge_page_sizes: "{{ non_numa_huge_pages | union(numa_huge_pages) | map(attribute='size') | unique | list }}"
neutron_ovs_bridge:
"{%- set ovs_br_list = NOV_KVM | provided_data('ovs_bridge') -%}
{%- if ovs_br_list | length > 0 -%}
{{ ovs_br_list | last }}
{%- endif -%}"
# Flag to indicate whether on RHEL computes, selinux policy updates need to be
# applied or not?
nova_rhel_compute_apply_selinux_policy_updates: false
# SES Integration
nova_ses_enabled: "{{ 'True' if ses_nova_user_name is defined else 'False' }}"
nova_ses_user_name: "{{ ses_nova_user_name | default('') }}"
nova_ses_pool_name: "{{ ses_nova_pool_name | default('') }}"
nova_ses_secret_uuid: "{{ ses_nova_secret_uuid | default('') }}"
nova_ses_ceph_conf_file_path: "{{ ses_conf_file_path | default('') }}"
nova_ses_cinder_keyring_file_path: "{{ ses_cinder_keyring_file_path | default('') }}"
07070100000098000041ED0000000000000000000000035F71E19F00000000000000000000000000000000000000000000003F00000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CMP-KVM/files07070100000099000041ED0000000000000000000000065F71E19F00000000000000000000000000000000000000000000004300000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CMP-KVM/files/etc0707010000009A000041ED0000000000000000000000035F71E19F00000000000000000000000000000000000000000000004E00000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CMP-KVM/files/etc/apparmor.d0707010000009B000041ED0000000000000000000000025F71E19F00000000000000000000000000000000000000000000005B00000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CMP-KVM/files/etc/apparmor.d/abstractions0707010000009C000081A40000000000000000000000015F71E19F00001499000000000000000000000000000000000000006000000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CMP-KVM/files/etc/apparmor.d/abstractions/base# vim:syntax=apparmor
# ------------------------------------------------------------------
#
# Copyright (C) 2002-2009 Novell/SUSE
# Copyright (C) 2009-2011 Canonical Ltd.
# Copyright (C) 2014 Hewlett-Packard Development Company, L.P.
# Copyright (C) 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# ------------------------------------------------------------------
# (Note that the ldd profile has inlined this file; if you make
# modifications here, please consider including them in the ldd
# profile as well.)
# The __canary_death_handler function writes a time-stamped log
# message to /dev/log for logging by syslogd. So, /dev/log, timezones,
# and localisations of date should be available EVERYWHERE, so
# StackGuard, FormatGuard, etc., alerts can be properly logged.
/dev/log w,
/dev/random r,
/dev/urandom r,
/etc/locale/** r,
/etc/locale.alias r,
/etc/localtime r,
/usr/share/locale-langpack/** r,
/usr/share/locale/** r,
/usr/share/**/locale/** r,
/usr/share/zoneinfo/ r,
/usr/share/zoneinfo/** r,
# Uncomment to allow use of X11
#/usr/share/X11/locale/** r,
/usr/lib{,32,64}/locale/** mr,
/usr/lib{,32,64}/gconv/*.so mr,
/usr/lib{,32,64}/gconv/gconv-modules* mr,
/usr/lib/@{multiarch}/gconv/*.so mr,
/usr/lib/@{multiarch}/gconv/gconv-modules* mr,
# used by glibc when binding to ephemeral ports
/etc/bindresvport.blacklist r,
# ld.so.cache and ld are used to load shared libraries; they are best
# available everywhere
/etc/ld.so.cache mr,
/lib{,32,64}/ld{,32,64}-*.so mrix,
/lib{,32,64}/**/ld{,32,64}-*.so mrix,
/lib/@{multiarch}/ld{,32,64}-*.so mrix,
/lib/tls/i686/{cmov,nosegneg}/ld-*.so mrix,
/lib/i386-linux-gnu/tls/i686/{cmov,nosegneg}/ld-*.so mrix,
/opt/*-linux-uclibc/lib/ld-uClibc*so* mrix,
# we might as well allow everything to use common libraries
/lib{,32,64}/** r,
/lib{,32,64}/lib*.so* mr,
/lib{,32,64}/**/lib*.so* mr,
/lib/@{multiarch}/** r,
/lib/@{multiarch}/lib*.so* mr,
/lib/@{multiarch}/**/lib*.so* mr,
/usr/lib{,32,64}/** r,
/usr/lib{,32,64}/*.so* mr,
/usr/lib{,32,64}/**/lib*.so* mr,
/usr/lib/@{multiarch}/** r,
/usr/lib/@{multiarch}/lib*.so* mr,
/usr/lib/@{multiarch}/**/lib*.so* mr,
/lib/tls/i686/{cmov,nosegneg}/lib*.so* mr,
/lib/i386-linux-gnu/tls/i686/{cmov,nosegneg}/lib*.so* mr,
# /dev/null is pretty harmless and frequently used
/dev/null rw,
# Write access to /dev/zero is not needed
/dev/zero r,
# recent glibc uses /dev/full in preference to /dev/null for programs
# that don't have open fds at exec()
/dev/full rw,
# Sometimes used to determine kernel/user interfaces to use
@{PROC}/sys/kernel/version r,
# Depending on which glibc routine uses this file, base may not be the
# best place -- but many profiles require it, and it is quite harmless.
@{PROC}/sys/kernel/ngroups_max r,
# glibc's sysconf(3) routine to determine free memory, etc
@{PROC}/meminfo r,
@{PROC}/stat r,
@{PROC}/cpuinfo r,
/sys/devices/system/cpu/online r,
# glibc's *printf protections read the maps file
@{PROC}/*/maps r,
# libgcrypt reads some flags from /proc
@{PROC}/sys/crypto/* r,
# some applications will display license information
/usr/share/common-licenses/** r,
# glibc statvfs
@{PROC}/filesystems r,
# glibc malloc (man 5 proc)
@{PROC}/sys/vm/overcommit_memory r,
# Uncomment to allow KVM to look at encrypted /home
# Workaround https://launchpad.net/bugs/359338 until upstream handles stacked
# filesystems generally. This does not appreciably decrease security when
# enabled because the user is expected to have access to files owned by him/her.
# Exceptions to this are explicit in the profiles. While this rule grants access
# to those exceptions, the intended privacy is maintained due to the encrypted
# contents of the files in this directory. Files in this directory will also use
# filename encryption by default, so the files are further protected. Also, with
# the use of 'owner', this rule properly # prevents access to the files from
# processes running under a different uid.
# encrypted ~/.Private and old-style encrypted $HOME
#owner @{HOME}/.Private/** mrixwlk,
# new-style encrypted $HOME
#owner @{HOMEDIRS}/.ecryptfs/*/.Private/** mrixwlk,
0707010000009D000081A40000000000000000000000015F71E19F00000511000000000000000000000000000000000000006400000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CMP-KVM/files/etc/apparmor.d/abstractions/consoles# vim:syntax=apparmor
# ------------------------------------------------------------------
#
# Copyright (C) 2002-2005 Novell/SUSE
# Copyright (C) 2014 Hewlett-Packard Development Company, L.P.
# Copyright (C) 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# ------------------------------------------------------------------
# only allow read access to tty
# there are three common ways to refer to consoles
#/dev/console rw,
#/dev/tty rw,
/dev/tty r,
# this next entry is a tad unfortunate; /dev/tty will always be
# associated with the controlling terminal by the kernel, but if a
# program uses the /dev/pts/ interface, it actually has access to
# -all- xterm, sshd, etc, terminals on the system.
/dev/pts/[0-9]* rw,
/dev/pts/ r,
0707010000009E000081A40000000000000000000000015F71E19F00001142000000000000000000000000000000000000006800000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CMP-KVM/files/etc/apparmor.d/abstractions/libvirt-qemu# Last Modified: Fri Mar 9 14:43:22 2012
#include <abstractions/base>
#include <abstractions/consoles>
#include <abstractions/nameservice>
# required for reading disk images
capability dac_override,
capability dac_read_search,
capability chown,
# needed to drop privileges
capability setgid,
capability setuid,
network inet stream,
network inet6 stream,
/dev/net/tun rw,
/dev/kvm rw,
/dev/ptmx rw,
# Uncomment to support older kqemu.
# /dev/kqemu rw,
@{PROC}/*/status r,
# Debian BZ#760510
@{PROC}/sys/kernel/cap_last_cap r,
# Uncomment to allow guests USB access
# For hostdev access. The actual devices will be added dynamically
#/sys/bus/usb/devices/ r,
#/sys/devices/**/usb[0-9]*/** r,
# Uncomment to allow guest audio support
# WARNING: this gives the guest direct access to host hardware and specific
# portions of shared memory. This is required for sound using ALSA with kvm,
# but may constitute a security risk. If your environment does not require
# the use of sound in your VMs, feel free to comment out or prepend 'deny' to
# the rules for files in /dev.
#/{dev,run}/shm r,
#/{dev,run}/shmpulse-shm* r,
#/{dev,run}/shmpulse-shm* rwk,
#/dev/snd/* rw,
# Uncomment for Xen guests
#capability ipc_lock,
# NOTE: kvm needs read access to /sys/devices/system/cpu/online
# for Openstack Nova Folsom release on Ubuntu 12.04.
/sys/devices/system/cpu/online r,
# Uncomment to allow guest spice usage
# spice
#owner /{dev,run}/shm/spice.* rw,
# 'kill' is not required for sound and is a security risk. Do not enable
# unless you absolutely need it.
deny capability kill,
# Uncomment the following if you need access to /dev/fb*
#/dev/fb* rw,
# Uncomment to allow audio support:
#/etc/pulse/client.conf r,
#@{HOME}/.pulse-cookie rwk,
#owner /root/.pulse-cookie rwk,
#owner /root/.pulse/ rw,
#owner /root/.pulse/* rw,
#/usr/share/alsa/** r,
#owner /tmp/pulse-*/ rw,
#owner /tmp/pulse-*/* rw,
#/var/lib/dbus/machine-id r,
# Allow access to hugepages
/tmp/hugepages_*/** rw,
# access to firmware's etc
/usr/share/kvm/** r,
/usr/share/qemu/** r,
/usr/share/bochs/** r,
/usr/share/openbios/** r,
/usr/share/openhackware/** r,
/usr/share/proll/** r,
/usr/share/vgabios/** r,
/usr/share/seabios/** r,
/usr/share/ovmf/** r,
# access PKI infrastructure
/etc/pki/libvirt-vnc/** r,
# the various binaries
/usr/bin/kvm rmix,
/usr/bin/qemu rmix,
/usr/bin/qemu-system-arm rmix,
/usr/bin/qemu-system-cris rmix,
/usr/bin/qemu-system-i386 rmix,
/usr/bin/qemu-system-m68k rmix,
/usr/bin/qemu-system-microblaze rmix,
/usr/bin/qemu-system-microblazeel rmix,
/usr/bin/qemu-system-mips rmix,
/usr/bin/qemu-system-mips64 rmix,
/usr/bin/qemu-system-mips64el rmix,
/usr/bin/qemu-system-mipsel rmix,
/usr/bin/qemu-system-ppc rmix,
/usr/bin/qemu-system-ppc64 rmix,
/usr/bin/qemu-system-ppcemb rmix,
/usr/bin/qemu-system-sh4 rmix,
/usr/bin/qemu-system-sh4eb rmix,
/usr/bin/qemu-system-sparc rmix,
/usr/bin/qemu-system-sparc64 rmix,
/usr/bin/qemu-system-x86_64 rmix,
/usr/bin/qemu-alpha rmix,
/usr/bin/qemu-arm rmix,
/usr/bin/qemu-armeb rmix,
/usr/bin/qemu-cris rmix,
/usr/bin/qemu-i386 rmix,
/usr/bin/qemu-m68k rmix,
/usr/bin/qemu-microblaze rmix,
/usr/bin/qemu-microblazeel rmix,
/usr/bin/qemu-mips rmix,
/usr/bin/qemu-mipsel rmix,
/usr/bin/qemu-ppc rmix,
/usr/bin/qemu-ppc64 rmix,
/usr/bin/qemu-ppc64abi32 rmix,
/usr/bin/qemu-sh4 rmix,
/usr/bin/qemu-sh4eb rmix,
/usr/bin/qemu-sparc rmix,
/usr/bin/qemu-sparc64 rmix,
/usr/bin/qemu-sparc32plus rmix,
/usr/bin/qemu-sparc64 rmix,
/usr/bin/qemu-x86_64 rmix,
/usr/lib/qemu/block-curl.so mr,
# for rbd
/etc/ceph/ceph.conf r,
/usr/lib/x86_64-linux-gnu/qemu/* mr,
# for save and resume
/bin/dash rmix,
/bin/dd rmix,
/bin/cat rmix,
# for usb access
/dev/bus/usb/ r,
/etc/udev/udev.conf r,
/sys/bus/ r,
/sys/class/ r,
/usr/{lib,libexec}/qemu-bridge-helper Cx -> qemu_bridge_helper,
# child profile for bridge helper process
profile qemu_bridge_helper {
#include <abstractions/base>
capability setuid,
capability setgid,
capability setpcap,
capability net_admin,
network inet stream,
/dev/net/tun rw,
/etc/qemu/** r,
owner @{PROC}/*/status r,
/usr/{lib,libexec}/qemu-bridge-helper rmix,
}
0707010000009F000081A40000000000000000000000015F71E19F00000D03000000000000000000000000000000000000006700000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CMP-KVM/files/etc/apparmor.d/abstractions/nameservice# ------------------------------------------------------------------
#
# Copyright (C) 2002-2009 Novell/SUSE
# Copyright (C) 2009-2011 Canonical Ltd.
# Copyright (C) 2014 Hewlett-Packard Development Company, L.P.
# Copyright (C) 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# ------------------------------------------------------------------
# Many programs wish to perform nameservice-like operations, such as
# looking up users by name or id, groups by name or id, hosts by name
# or IP, etc. These operations may be performed through files, dns,
# NIS, NIS+, LDAP, hesiod, wins, etc. Allow them all here.
/etc/group r,
/etc/host.conf r,
/etc/hosts r,
/etc/nsswitch.conf r,
/etc/gai.conf r,
/etc/passwd r,
/etc/protocols r,
# Uncomment when sssd (system security services deamon) is used.
# When using sssd, the passwd and group files are stored in an alternate path
#/var/lib/sss/mc/group r,
#/var/lib/sss/mc/passwd r,
/etc/resolv.conf r,
# on systems using resolvconf, /etc/resolv.conf is a symlink to
# /{,var/}run/resolvconf/resolv.conf and a file sometimes referenced in
# /etc/resolvconf/run/resolv.conf
/{,var/}run/resolvconf/resolv.conf r,
/etc/resolvconf/run/resolv.conf r,
/etc/samba/lmhosts r,
/etc/services r,
# db backend
/var/lib/misc/*.db r,
# The Name Service Cache Daemon can cache lookups, sometimes leading
# to vast speed increases when working with network-based lookups.
/{,var/}run/.nscd_socket rw,
/{,var/}run/nscd/socket rw,
/var/{db,cache,run}/nscd/{passwd,group,services,hosts} r,
# nscd renames and unlinks files in it's operation that clients will
# have open
/{,var/}run/nscd/db* rmix,
# The nss libraries are sometimes used in addition to PAM; make sure
# they are available
/lib{,32,64}/libnss_*.so* mr,
/usr/lib{,32,64}/libnss_*.so* mr,
/lib/@{multiarch}/libnss_*.so* mr,
/usr/lib/@{multiarch}/libnss_*.so* mr,
/etc/default/nss r,
# Uncomment when mdns4 support required
# avahi-daemon is used for mdns4 resolution
#/{,var/}run/avahi-daemon/socket w,
# Uncomment to support nis
##include <abstractions/nis>
# ldap
#include <abstractions/ldapclient>
# all openldap config
/etc/ldap/** r,
# Uncomment to support winbind
##include <abstractions/winbind>
# Uncomment to support likewise
##include <abstractions/likewise>
# Uncomment to support mdnsd
##include <abstractions/mdns>
# kerberos
#include <abstractions/kerberosclient>
# TCP/UDP network access
network inet stream,
network inet6 stream,
network inet dgram,
network inet6 dgram,
# interface details
@{PROC}/*/net/route r,
070701000000A0000081A40000000000000000000000015F71E19F00000605000000000000000000000000000000000000006D00000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CMP-KVM/files/etc/apparmor.d/usr.lib.libvirt.virt-aa-helper# Last Modified: Thu May 29 16:32:34 2014
#include <tunables/global>
/usr/lib/libvirt/virt-aa-helper {
#include <abstractions/base>
# needed for searching directories
capability dac_override,
capability dac_read_search,
# needed for when disk is on a network filesystem
network inet,
deny @{PROC}/[0-9]*/mounts r,
@{PROC}/[0-9]*/net/psched r,
owner @{PROC}/[0-9]*/status r,
@{PROC}/filesystems r,
# for hostdev
/sys/devices/ r,
/sys/devices/** r,
/usr/lib/libvirt/virt-aa-helper mr,
/sbin/apparmor_parser Ux,
/etc/apparmor.d/libvirt/* r,
/etc/apparmor.d/libvirt/libvirt-[0-9a-f]*-[0-9a-f]*-[0-9a-f]*-[0-9a-f]*-[0-9a-f]* rw,
# See Debian BZ#725144
/etc/libnl-3/classid r,
# partial fix
# for cinder/iscsi volumes
audit /dev/sd[a-z]* r,
# Uncomment to grant access to files in users' home directories
# E.g., for non-privileged libvirt user sessions.
# For backingstore -- allow access to non-hidden files in @{HOME} as well
# as storage pools
audit deny @{HOME}/.* mrwkl,
audit deny @{HOME}/.*/ rw,
audit deny @{HOME}/.*/** mrwkl,
audit deny @{HOME}/bin/ rw,
audit deny @{HOME}/bin/** mrwkl,
# Cloud VMs shouldn't access home dirs.
#@{HOME}/ r,
#@{HOME}/** r,
/var/lib/libvirt/images/ r,
/var/lib/libvirt/images/** r,
/{media,mnt,opt,srv}/** r,
/var/lib/nova/instances/**/disk{,.*} r,
/var/lib/nova/images/** r,
/var/lib/nova/instances/_base/** r,
/**.img r,
/**.qcow{,2} r,
/**.qed r,
/**.vmdk r,
/**.[iI][sS][oO] r,
/**/disk{,.*} r,
}
070701000000A1000081A40000000000000000000000015F71E19F0000095F000000000000000000000000000000000000006000000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CMP-KVM/files/etc/apparmor.d/usr.sbin.libvirtd# Last Modified: Thu May 29 16:33:45 2014
#include <tunables/global>
@{LIBVIRT}="libvirt"
/usr/sbin/libvirtd {
#include <abstractions/base>
#include <abstractions/dbus>
capability kill,
capability net_admin,
capability net_raw,
capability setgid,
capability sys_admin,
capability sys_module,
capability sys_ptrace,
capability sys_nice,
capability sys_chroot,
capability setuid,
capability dac_override,
capability dac_read_search,
capability fowner,
capability chown,
capability setpcap,
capability mknod,
capability fsetid,
capability audit_write,
# Needed for vfio
capability sys_resource,
network inet stream,
network inet dgram,
network inet6 stream,
network inet6 dgram,
network packet dgram,
# Very lenient profile for libvirtd since we want to first focus on confining
# the guests. Guests will have a very restricted profile.
/ r,
/** rwmkl,
# Deny access to files that libvirtd should not need access to and
# that might pose a security risk in an OpenStack compute node.
audit deny /etc/chef w,
audit deny /etc/group w,
audit deny /etc/shadow w,
audit deny /etc/gshadow w,
audit deny /etc/hosts w,
audit deny /etc/hosts.allow w,
audit deny /etc/hosts.deny w,
audit deny /etc/network w,
audit deny /etc/passwd w,
audit deny /etc/protocols w,
audit deny /etc/resolv.conf w,
audit deny /etc/securetty w,
audit deny /etc/security.d w,
audit deny /etc/sudoers w,
audit deny /etc/sysctl.conf w,
# don't let libvirtd force a crash
audit deny /proc/sysrq-trigger w,
audit deny /proc/sys/kernel/sysrq w,
# end of risk mitigation
/bin/* PUx,
/sbin/* PUx,
/usr/bin/* PUx,
/usr/sbin/* PUx,
/lib/udev/scsi_id PUx,
# Uncomment to use xen toolstack
#/usr/lib/xen-common/bin/xen-toolstack PUx,
# force the use of virt-aa-helper
audit deny /sbin/apparmor_parser rwxl,
audit deny /etc/apparmor.d/libvirt/** wxl,
audit deny /sys/kernel/security/apparmor/features rwxl,
audit deny /sys/kernel/security/apparmor/matching rwxl,
audit deny /sys/kernel/security/apparmor/.* rwxl,
/sys/kernel/security/apparmor/profiles r,
/usr/lib/libvirt/* PUxr,
/etc/libvirt/hooks/** rmix,
# Uncomment to use xen
#/etc/xen/scripts/** rmix,
# allow changing to our UUID-based named profiles
change_profile -> @{LIBVIRT}-[0-9a-f]*-[0-9a-f]*-[0-9a-f]*-[0-9a-f]*-[0-9a-f]*,
}
070701000000A2000041ED0000000000000000000000025F71E19F00000000000000000000000000000000000000000000004B00000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CMP-KVM/files/etc/default070701000000A3000081A40000000000000000000000015F71E19F00000105000000000000000000000000000000000000005400000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CMP-KVM/files/etc/default/libvirtd# Defaults for libvirt-bin initscript (/etc/init.d/libvirt-bin)
# This is a POSIX shell fragment
# options passed to libvirtd, add "-l" to listen on tcp
libvirtd_opts="-l"
# pass in location of kerberos keytab
# export KRB5_KTNAME=/etc/libvirt/libvirt.keytab
070701000000A4000041ED0000000000000000000000025F71E19F00000000000000000000000000000000000000000000004B00000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CMP-KVM/files/etc/libvirt070701000000A5000081A40000000000000000000000015F71E19F00000270000000000000000000000000000000000000005900000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CMP-KVM/files/etc/libvirt/libvirtd.conf# Minimal libvirtd config for kvm compute nodes.
unix_sock_group = "libvirtd"
unix_sock_rw_perms = "0770"
auth_unix_ro = "none"
auth_unix_rw = "none"
auth_tcp = "none"
listen_tls = 0
listen_tcp = 1
log_filters="3:libvirt.c 3:qemu 3:cpu 3:cgroup 3:command 3:nwfilter"
log_outputs="3:file:/var/log/libvirt/libvirt.log"
# The minimum limit sets the number of workers to start up
# initially. If the number of active clients exceeds this,
# then more threads are spawned, up to max_workers limit.
min_workers = 50
max_workers = 200
# Limit on concurrent requests from a single client
# connection.
max_client_requests = 180
070701000000A6000041ED0000000000000000000000025F71E19F00000000000000000000000000000000000000000000004D00000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CMP-KVM/files/etc/sysconfig070701000000A7000081A40000000000000000000000015F71E19F0000046F000000000000000000000000000000000000005600000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CMP-KVM/files/etc/sysconfig/libvirtd# Override the default config file
# NOTE: This setting is no longer honoured if using
# systemd. Set '--config /etc/libvirt/libvirtd.conf'
# in LIBVIRTD_ARGS instead.
#LIBVIRTD_CONFIG=/etc/libvirt/libvirtd.conf
# Listen for TCP/IP connections
# NB. must setup TLS/SSL keys prior to using this
LIBVIRTD_ARGS="--listen"
# Override Kerberos service keytab for SASL/GSSAPI
#KRB5_KTNAME=/etc/libvirt/krb5.tab
# Override the QEMU/SDL default audio driver probing when
# starting virtual machines using SDL graphics
#
# NB these have no effect for VMs using VNC, unless vnc_allow_host_audio
# is enabled in /etc/libvirt/qemu.conf
#QEMU_AUDIO_DRV=sdl
#
#SDL_AUDIODRIVER=pulse
# Override the maximum number of opened files.
# This only works with traditional init scripts.
# In the systemd world, the limit can only be changed by overriding
# LimitNOFILE for libvirtd.service. To do that, just create a *.conf
# file in /etc/systemd/system/libvirtd.service.d/ (for example
# /etc/systemd/system/libvirtd.service.d/openfiles.conf) and write
# the following two lines in it:
# [Service]
# LimitNOFILE=2048
#
#LIBVIRTD_NOFILES_LIMIT=2048
070701000000A8000081A40000000000000000000000015F71E19F00000420000000000000000000000000000000000000004800000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CMP-KVM/files/local.te
module local 1.0;
require {
type nova_var_lib_t;
type svirt_t;
type var_log_t;
type logrotate_t;
type var_lib_t;
type virtlogd_t;
class capability { dac_override dac_read_search };
class file { open append create getattr write unlink };
class dir { search write remove_name add_name};
}
#============= logrotate_t ==============
#!!!! This avc is allowed in the current policy
allow logrotate_t var_lib_t:file { create write };
#============= virtlogd_t ==============
#!!!! This avc is allowed in the current policy
allow virtlogd_t nova_var_lib_t:dir search;
allow virtlogd_t nova_var_lib_t:dir write;
allow virtlogd_t nova_var_lib_t:dir remove_name;
allow virtlogd_t nova_var_lib_t:dir add_name;
allow virtlogd_t nova_var_lib_t:file create;
allow virtlogd_t nova_var_lib_t:file open;
allow virtlogd_t nova_var_lib_t:file append;
allow virtlogd_t nova_var_lib_t:file getattr;
allow virtlogd_t nova_var_lib_t:file unlink;
#!!!! This avc is allowed in the current policy
allow virtlogd_t self:capability { dac_override dac_read_search };
070701000000A9000041ED0000000000000000000000025F71E19F00000000000000000000000000000000000000000000004200000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CMP-KVM/handlers070701000000AA000081A40000000000000000000000015F71E19F00000394000000000000000000000000000000000000004B00000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CMP-KVM/handlers/main.yml#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- name: reload apparmor
become: yes
service:
name: apparmor
state: reloaded
- name: reload libvirtd
become: yes
service:
name: libvirtd
state: reloaded
- name: restart libvirtd
become: yes
service:
name: libvirtd
state: restarted
070701000000AB000041ED0000000000000000000000025F71E19F00000000000000000000000000000000000000000000003E00000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CMP-KVM/meta070701000000AC000081A40000000000000000000000015F71E19F000002BE000000000000000000000000000000000000004700000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CMP-KVM/meta/main.yml#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
dependencies:
- role: nova-common
- role: NOV-CMP
070701000000AD000041ED0000000000000000000000025F71E19F00000000000000000000000000000000000000000000003F00000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CMP-KVM/tasks070701000000AE000081A40000000000000000000000015F71E19F00000494000000000000000000000000000000000000005B00000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CMP-KVM/tasks/check_upgraded_packages.yml#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- name: NOV-CMP-KVM | check_upgraded_packages |
Check upgraded apparmor packages
command: /bin/true
notify:
- reload apparmor
when: item in ardana_upgraded_pkgs | default({})
with_items: nova_apparmor_restart_packages
- name: NOV-CMP-KVM | check_upgraded_packages |
Check upgraded libvirt packages
command: /bin/true
notify:
- reload libvirtd
register: ardana_notify_nova_compute_restart_required
when: item in ardana_upgraded_pkgs | default({})
with_items: nova_libvirt_restart_packages
070701000000AF000081A40000000000000000000000015F71E19F00002386000000000000000000000000000000000000004D00000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CMP-KVM/tasks/configure.yml#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017-2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# Configure libvirt
---
- include: ../../nova-common/tasks/_set_directories.yml
vars:
install_package_result: "{{ ardana_notify_nova_compute_install_result }}"
- include: ../../nova-common/tasks/_read_migrate_enabled.yml
# hypervisor.conf will be loaded last by nova-compute
# filename should remain the same across hypervisors
# we can use nova_service_conf_dir as this will be set to compute
# by including the nova-compute role as a dependency
- include: ../../nova-common/tasks/_write_conf.yml
src: "../../NOV-CMP-KVM/templates/hypervisor.conf.j2"
dest: "{{ nova_service_conf_dir }}/hypervisor.conf"
- name: NOV-CMP-KVM | configure | notify on hypervisor.conf change
command: /bin/true
notify:
- restart libvirtd
register: ardana_notify_nova_compute_restart_required
when: write_conf_result.changed
# TODO (rajjoh) Update Selinux config for RedHat distro
- name: NOV-CMP-KVM | configure | Copy apparmor config files
become: yes
copy:
src: "{{ item.file }}"
dest: "/{{ item.file }}"
owner: root
group: root
mode: "{{ item.mode | default('a-rwx,u=rw,g=r,a=r') }}"
with_items:
- file: 'etc/apparmor.d/abstractions/base'
- file: 'etc/apparmor.d/abstractions/consoles'
- file: 'etc/apparmor.d/abstractions/libvirt-qemu'
- file: 'etc/apparmor.d/abstractions/nameservice'
- file: 'etc/apparmor.d/usr.lib.libvirt.virt-aa-helper'
- file: 'etc/apparmor.d/usr.sbin.libvirtd'
notify:
- reload apparmor
- restart libvirtd
when: ansible_os_family == 'Debian'
register: ardana_notify_nova_compute_restart_required
# TODO (rajjoh) Update Selinux config for RedHat distro
- name: NOV-CMP-KVM | configure | Create symlink for apparmor kvm profile
become: yes
file:
src: /etc/apparmor.d/libvirt/TEMPLATE.qemu
dest: /etc/apparmor.d/libvirt/TEMPLATE.kvm
owner: root
group: root
mode: 0644
force: yes
state: link
notify:
- reload apparmor
- restart libvirtd
when: ansible_os_family == 'Debian'
register: ardana_notify_nova_compute_restart_required
- name: NOV-CMP-KVM | configure | Copy libvirtd config files
become: yes
copy:
src: "{{ item.file }}"
dest: "/{{ item.file }}"
owner: root
group: root
mode: "{{ item.mode | default('a-rwx,u=rw,g=r,a=r') }}"
with_items:
- file: 'etc/libvirt/libvirtd.conf'
- file: "{{ libvirt_defaults_file }}"
mode: '0755'
notify:
- restart libvirtd
register: ardana_notify_nova_compute_restart_required
- name: NOV-CMP-KVM | configure | Enable login for Nova user
become: yes
user:
name: "{{ nova_system_user }}"
shell: /bin/bash
when: nova_migrate_enabled|bool
- name: NOV-CMP-KVM | configure | Disable login for Nova user
become: yes
user:
name: "{{ nova_system_user }}"
shell: /bin/false
when: not nova_migrate_enabled|bool
- name: NOV-CMP-KVM | configure | Ensure .ssh directory exists
become: yes
file:
path: "{{ nova_system_home_folder }}/.ssh"
state: directory
setype: ssh_home_t
owner: "{{ nova_system_user }}"
mode: 0700
when: nova_migrate_enabled|bool
- name: NOV-CMP-KVM | configure | Remove .ssh directory
become: yes
file:
path: "{{ nova_system_home_folder }}/.ssh"
state: absent
when: not nova_migrate_enabled|bool
- name: NOV-CMP-KVM | configure | Write private key
become: yes
copy:
content: "{{ nova_private_ssh_key }}"
dest: "{{ nova_system_home_folder }}/.ssh/id_rsa"
owner: "{{ nova_system_user }}"
group: "{{ nova_system_group }}"
mode: 0600
when: nova_migrate_enabled|bool and
nova_private_ssh_key is defined
- name: NOV-CMP-KVM | configure | Generate and copy public key
become: yes
shell: >
ssh-keygen -y -f "{{ nova_system_home_folder }}"/.ssh/id_rsa >>
"{{ nova_system_home_folder }}"/.ssh/authorized_keys
when: nova_migrate_enabled|bool and
nova_private_ssh_key is defined
- name: NOV-CMP-KVM | configure | Turn off strict host key checking
become: yes
lineinfile:
dest: "{{ nova_system_home_folder }}/.ssh/config"
regexp: ^StrictHostKeyChecking
line: StrictHostKeyChecking no
create: True
owner: "{{ nova_system_user }}"
group: "{{ nova_system_group }}"
when: nova_migrate_enabled|bool
- name: NOV-CMP-KVM | configure | Stat qemu/save folder to check if it is a link
become: yes
stat:
path: /var/lib/libvirt/qemu/save
register: sym_result
- name: NOV-CMP-KVM | configure | Create save folder in nova home folder
become: yes
file:
path: "{{ nova_system_home_folder }}/save"
owner: "{{ libvirt_qemu_user }}"
group: "{{ libvirt_qemu_user }}"
mode: 0755
state: directory
when: sym_result.stat.islnk is defined and sym_result.stat.islnk == False
- name: NOV-CMP-KVM | configure |
Set ownership of hugepage directories to qemu user
become: yes
file:
path: /tmp/hugepages_{{ item.size }}
state: directory
owner: "{{ libvirt_qemu_user }}"
group: "root"
with_items:
total_huge_pages
when:
total_huge_pages | length > 0
tags:
- skip_ansible_lint
#(TODO)From 4.0 version we can remove the copy of saved instances images
- name: NOV-CMP-KVM | configure | Copy saved instances images to new location
become: yes
command: cp -r /var/lib/libvirt/qemu/save/ "{{ nova_system_home_folder }}/"
when: sym_result.stat.islnk is defined and sym_result.stat.islnk == False
- name: NOV-CMP-KVM | configure | Delete save folder in qemu folder
become: yes
file:
path: /var/lib/libvirt/qemu/save/
state: absent
when: sym_result.stat.islnk is defined and sym_result.stat.islnk == False
- name: NOV-CMP-KVM | configure |
Create link from nova save folder to qemu folder
become: yes
file:
src: "{{ nova_system_home_folder }}/save"
dest: /var/lib/libvirt/qemu/save
owner: "{{ libvirt_qemu_user }}"
group: "{{ libvirt_qemu_user }}"
state: link
when: sym_result.stat.islnk is defined and sym_result.stat.islnk == False
- include: ../../nova-common/tasks/_write_conf.yml
become: yes
src: "../../NOV-CMP-KVM/templates/qemu.conf.j2"
dest: "/etc/libvirt/qemu.conf"
conf_group: "{{ libvirt_qemu_user }}"
- name: NOV-CMP-KVM | configure | notify on qemu.conf change
command: /bin/true
notify:
- restart libvirtd
when: write_conf_result.changed
- name: NOV-CMP-KVM | configure | Copy temp directory for selinux updates
become: yes
shell: "mktemp -d"
register: _rhel_selinux_policy_temp_loc_result
when: (ansible_os_family | lower == 'redhat') and
(nova_rhel_compute_apply_selinux_policy_updates | bool)
- name: NOV-CMP-KVM | configure | Copy selinux policy te updates
become: yes
copy:
src: "{{ item.file }}"
dest: "{{ _rhel_selinux_policy_temp_loc_result.stdout }}/{{ item.file }}"
owner: root
group: root
mode: "{{ item.mode | default('a-rwx,u=rw,g=r,a=r') }}"
with_items:
- file: 'local.te'
when: (ansible_os_family | lower == 'redhat') and
(nova_rhel_compute_apply_selinux_policy_updates | bool)
- name: NOV-CMP-KVM | configure | Restore SELinux context for qemu-kvm,
libvirt lib and nova lib paths
become: yes
shell: |
set -eu
restorecon -R -v /usr/libexec/qemu-kvm
restorecon -R -v /var/lib/libvirt/
restorecon -R -v /var/lib/nova
register: _rhel_selinux_restore_context_result
until: _rhel_selinux_restore_context_result|success
when: (ansible_os_family | lower == 'redhat') and
(nova_rhel_compute_apply_selinux_policy_updates | bool)
- name: NOV-CMP-KVM | configure | Apply updated selinux policy
lib and nova lib paths
become: yes
shell: |
set -eu
make -f /usr/share/selinux/devel/Makefile local.pp
semodule -i local.pp
args:
chdir: "{{ _rhel_selinux_policy_temp_loc_result.stdout }}"
register: _rhel_sepolicy_update_result
until: _rhel_sepolicy_update_result|success
when: (ansible_os_family | lower == 'redhat') and
(nova_rhel_compute_apply_selinux_policy_updates | bool)
- name: NOV-CMP-KVM | configure | Remove temp directory with selinux updates
become: yes
file:
path: "{{ _rhel_selinux_policy_temp_loc_result.stdout }}"
state: absent
when: (ansible_os_family | lower == 'redhat') and
(nova_rhel_compute_apply_selinux_policy_updates | bool)
# For SES/Ceph integration
- include: ./create-compute-secret-key.yml
when: nova_ses_enabled|bool
070701000000B0000081A40000000000000000000000015F71E19F00000740000000000000000000000000000000000000005D00000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CMP-KVM/tasks/create-compute-secret-key.yml#
# (c) Copyright 2017-2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- name: NOV-CMP-KVM | create-compute-secret-key | get keyring value
become: yes
shell: >
grep 'key = ' {{ nova_ses_cinder_keyring_file_path }} | awk '{print $3}'
register: ses_keyring_value_result
- name: NOV-CMP-KVM | create-compute-secret-key |
Generate "/etc/ceph/cinder.xml"
become: yes
template:
src: secret.xml.j2
dest: "/etc/ceph/cinder.xml"
owner: "root"
group: "root"
mode: 0640
with_items:
- { uuid: "{{ nova_ses_secret_uuid }}",
user_name: "{{ nova_ses_user_name }}" }
# libvirtd must be running for the next steps
- name: NOV-CMP-KVM | create-compute-secret-key | start libvirtd
become: yes
service:
name: libvirtd
state: started
- name: NOV-CMP-KVM | create-compute-secret-key | Define the secret
become: yes
command: "virsh secret-define --file /etc/ceph/cinder.xml"
- name: NOV-CMP-KVM | create-compute-secret-key | Set secret value for Nova
become: yes
shell: "virsh secret-set-value --secret {{ nova_ses_secret_uuid }} --base64
{{ ses_keyring_value_result.stdout }}"
- name: NOV-CMP-KVM | create-compute-secret-key |
Delete the keys from /etc/ceph directory
become: yes
file:
dest: "/etc/ceph/cinder.xml"
state: absent
run_once_per: verb_hosts.NOV_CMP
070701000000B1000081A40000000000000000000000015F71E19F00000765000000000000000000000000000000000000004B00000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CMP-KVM/tasks/install.yml#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017-2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# Install libvirt
---
- include: ../../nova-common/tasks/install.yml
# add the libvirtd group as apt package only adds libvirt group
- name: NOV-CMP-KVM | install | Add libvirtd group
become: yes
group:
name: libvirtd
- name: NOV-CMP-KVM | install | Add nova user to libvirtd group
become: yes
user:
name: "{{ nova_system_user }}"
groups: libvirtd
append: yes
- name: NOV-CMP-KVM | install | Add nova user to kvm group
become: yes
user:
name: "{{ nova_system_user }}"
groups: kvm
append: yes
# directories
- name: NOV-CMP-KVM | install | Create sub-directories in /var/lib/nova
become: yes
file:
path: "{{ nova_system_home_folder }}/{{ item }}"
owner: "{{ nova_system_user }}"
group: kvm
mode: 0750
state: directory
with_items:
- "instances"
- "instances/_base"
- name: NOV-CMP-KVM | install | Set ownership of /dev/kvm
become: yes
file:
path: /dev/kvm
owner: root
group: kvm
mode: 0660
when: ansible_os_family | lower == 'redhat'
- name: NOV-CMP-KVM | install | For RHEL, set group ACL for /dev/kvm
become: yes
acl:
path: /dev/kvm
etype: group
permissions: rw
state: present
when: ansible_os_family | lower == 'redhat'
070701000000B2000081A40000000000000000000000015F71E19F000002EF000000000000000000000000000000000000004800000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CMP-KVM/tasks/main.yml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- name: NOV-CMP-KVM | main | Set os-specific variables
include_vars: "{{ ansible_os_family | lower }}.yml"070701000000B3000081A40000000000000000000000015F71E19F000005A3000000000000000000000000000000000000004A00000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CMP-KVM/tasks/status.yml#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- name: NOV-CMP-KVM | status | Check systemd for libvirtd
become: yes
command: systemctl status libvirtd
ignore_errors: yes
changed_when: false
register: systemctl_status_result
- name: NOV-CMP-KVM | status | Get end of libvirt log
become: yes
command: tail /var/log/libvirt/libvirt.log
ignore_errors: yes
changed_when: false
register: libvirt_tail_result
when: systemctl_status_result | failed
- name: NOV-CMP-KVM | status | Report status of libvirtd
fail:
msg: |
libvirtd is not running.
'systemctl status libvirtd'
stdout:
{{ systemctl_status_result.stdout }}
stderr:
{{ systemctl_status_result.stderr }}
tail /var/log/libvirt/libvirt.log
{{ libvirt_tail_result.stdout }}
when: systemctl_status_result | failed
070701000000B4000041ED0000000000000000000000025F71E19F00000000000000000000000000000000000000000000004300000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CMP-KVM/templates070701000000B5000081A40000000000000000000000015F71E19F000008BA000000000000000000000000000000000000005600000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CMP-KVM/templates/hypervisor.conf.j2{#
#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017-2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
#}
# This file has the Ardana values that apply only to the KVM hypervisor.
# You may make changes to this file by adding sections/options below.
[DEFAULT]
# Compute
compute_driver = libvirt.LibvirtDriver
{% if nova_vcpu_pin_set != "" %}
# Hypervisor
vcpu_pin_set = {{ nova_vcpu_pin_set }}
{% endif %}
[libvirt]
block_migration_flag = VIR_MIGRATE_LIVE,VIR_MIGRATE_PEER2PEER,VIR_MIGRATE_NON_SHARED_INC,VIR_MIGRATE_UNDEFINE_SOURCE
inject_partition = 1
live_migration_bandwidth = 1000
live_migration_flag = VIR_MIGRATE_LIVE,VIR_MIGRATE_PEER2PEER
live_migration_progress_timeout = 300
{% if nova_cpu_mode is defined %}
cpu_mode = {{ nova_cpu_mode }}
{% if nova_cpu_mode == 'custom' %}
cpu_model = {{ nova_cpu_model }}
{% endif %}
{% endif %}
snapshots_directory = {{ libvirt_snapshots_directory }}
snapshot_image_format = qcow2
volume_use_multipath = False
# SES Integration
{% if nova_ses_enabled|bool %}
{% if ses_nova_set_images_type is defined and ses_nova_set_images_type|bool %}
images_type = rbd
images_rbd_pool = {{ nova_ses_pool_name }}
images_rbd_ceph_conf = {{ nova_ses_ceph_conf_file_path }}
disk_cachemodes = network=writeback
hw_disk_discard = unmap
{% endif %}
rbd_user = {{ nova_ses_user_name }}
rbd_secret_uuid = {{ nova_ses_secret_uuid }}
{% endif %}
# VNC
[vnc]
novncproxy_base_url = {{ novncproxy_base_url }}
vncserver_listen = 0.0.0.0
vncserver_proxyclient_address = {{ vncserver_proxyclient_address }}
enabled = True
{% if neutron_ovs_bridge != "" %}
[neutron]
ovs_bridge = {{ neutron_ovs_bridge }}
{% endif %}
## Do NOT put anything after this line ##
070701000000B6000081A40000000000000000000000015F71E19F00004E32000000000000000000000000000000000000005000000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CMP-KVM/templates/qemu.conf.j2#
#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017-2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
#}
# Master configuration file for the QEMU driver.
# All settings described here are optional - if omitted, sensible
# defaults are used.
# VNC is configured to listen on 127.0.0.1 by default.
# To make it listen on all public interfaces, uncomment
# this next option.
#
# NB, strong recommendation to enable TLS + x509 certificate
# verification when allowing public access
#
#vnc_listen = "0.0.0.0"
# Enable this option to have VNC served over an automatically created
# unix socket. This prevents unprivileged access from users on the
# host machine, though most VNC clients do not support it.
#
# This will only be enabled for VNC configurations that do not have
# a hardcoded 'listen' or 'socket' value. This setting takes preference
# over vnc_listen.
#
#vnc_auto_unix_socket = 1
# Enable use of TLS encryption on the VNC server. This requires
# a VNC client which supports the VeNCrypt protocol extension.
# Examples include vinagre, virt-viewer, virt-manager and vencrypt
# itself. UltraVNC, RealVNC, TightVNC do not support this
#
# It is necessary to setup CA and issue a server certificate
# before enabling this.
#
#vnc_tls = 1
# Use of TLS requires that x509 certificates be issued. The
# default it to keep them in /etc/pki/libvirt-vnc. This directory
# must contain
#
# ca-cert.pem - the CA master certificate
# server-cert.pem - the server certificate signed with ca-cert.pem
# server-key.pem - the server private key
#
# This option allows the certificate directory to be changed
#
#vnc_tls_x509_cert_dir = "/etc/pki/libvirt-vnc"
# The default TLS configuration only uses certificates for the server
# allowing the client to verify the server's identity and establish
# an encrypted channel.
#
# It is possible to use x509 certificates for authentication too, by
# issuing a x509 certificate to every client who needs to connect.
#
# Enabling this option will reject any client who does not have a
# certificate signed by the CA in /etc/pki/libvirt-vnc/ca-cert.pem
#
#vnc_tls_x509_verify = 1
# The default VNC password. Only 8 bytes are significant for
# VNC passwords. This parameter is only used if the per-domain
# XML config does not already provide a password. To allow
# access without passwords, leave this commented out. An empty
# string will still enable passwords, but be rejected by QEMU,
# effectively preventing any use of VNC. Obviously change this
# example here before you set this.
#
#vnc_password = "XYZ12345"
# Enable use of SASL encryption on the VNC server. This requires
# a VNC client which supports the SASL protocol extension.
# Examples include vinagre, virt-viewer and virt-manager
# itself. UltraVNC, RealVNC, TightVNC do not support this
#
# It is necessary to configure /etc/sasl2/qemu.conf to choose
# the desired SASL plugin (eg, GSSPI for Kerberos)
#
#vnc_sasl = 1
# The default SASL configuration file is located in /etc/sasl2/
# When running libvirtd unprivileged, it may be desirable to
# override the configs in this location. Set this parameter to
# point to the directory, and create a qemu.conf in that location
#
#vnc_sasl_dir = "/some/directory/sasl2"
# QEMU implements an extension for providing audio over a VNC connection,
# though if your VNC client does not support it, your only chance for getting
# sound output is through regular audio backends. By default, libvirt will
# disable all QEMU sound backends if using VNC, since they can cause
# permissions issues. Enabling this option will make libvirtd honor the
# QEMU_AUDIO_DRV environment variable when using VNC.
#
#vnc_allow_host_audio = 0
# SPICE is configured to listen on 127.0.0.1 by default.
# To make it listen on all public interfaces, uncomment
# this next option.
#
# NB, strong recommendation to enable TLS + x509 certificate
# verification when allowing public access
#
#spice_listen = "0.0.0.0"
# Enable use of TLS encryption on the SPICE server.
#
# It is necessary to setup CA and issue a server certificate
# before enabling this.
#
#spice_tls = 1
# Use of TLS requires that x509 certificates be issued. The
# default it to keep them in /etc/pki/libvirt-spice. This directory
# must contain
#
# ca-cert.pem - the CA master certificate
# server-cert.pem - the server certificate signed with ca-cert.pem
# server-key.pem - the server private key
#
# This option allows the certificate directory to be changed.
#
#spice_tls_x509_cert_dir = "/etc/pki/libvirt-spice"
# The default SPICE password. This parameter is only used if the
# per-domain XML config does not already provide a password. To
# allow access without passwords, leave this commented out. An
# empty string will still enable passwords, but be rejected by
# QEMU, effectively preventing any use of SPICE. Obviously change
# this example here before you set this.
#
#spice_password = "XYZ12345"
# Enable use of SASL encryption on the SPICE server. This requires
# a SPICE client which supports the SASL protocol extension.
#
# It is necessary to configure /etc/sasl2/qemu.conf to choose
# the desired SASL plugin (eg, GSSPI for Kerberos)
#
#spice_sasl = 1
# The default SASL configuration file is located in /etc/sasl2/
# When running libvirtd unprivileged, it may be desirable to
# override the configs in this location. Set this parameter to
# point to the directory, and create a qemu.conf in that location
#
#spice_sasl_dir = "/some/directory/sasl2"
# By default, if no graphical front end is configured, libvirt will disable
# QEMU audio output since directly talking to alsa/pulseaudio may not work
# with various security settings. If you know what you're doing, enable
# the setting below and libvirt will passthrough the QEMU_AUDIO_DRV
# environment variable when using nographics.
#
#nographics_allow_host_audio = 1
# Override the port for creating both VNC and SPICE sessions (min).
# This defaults to 5900 and increases for consecutive sessions
# or when ports are occupied, until it hits the maximum.
#
# Minimum must be greater than or equal to 5900 as lower number would
# result into negative vnc display number.
#
# Maximum must be less than 65536, because higher numbers do not make
# sense as a port number.
#
#remote_display_port_min = 5900
#remote_display_port_max = 65535
# VNC WebSocket port policies, same rules apply as with remote display
# ports. VNC WebSockets use similar display <-> port mappings, with
# the exception being that ports start from 5700 instead of 5900.
#
#remote_websocket_port_min = 5700
#remote_websocket_port_max = 65535
# The default security driver is SELinux. If SELinux is disabled
# on the host, then the security driver will automatically disable
# itself. If you wish to disable QEMU SELinux security driver while
# leaving SELinux enabled for the host in general, then set this
# to 'none' instead. It's also possible to use more than one security
# driver at the same time, for this use a list of names separated by
# comma and delimited by square brackets. For example:
#
# security_driver = [ "selinux", "apparmor" ]
#
# Notes: The DAC security driver is always enabled; as a result, the
# value of security_driver cannot contain "dac". The value "none" is
# a special value; security_driver can be set to that value in
# isolation, but it cannot appear in a list of drivers.
#
#security_driver = "selinux"
# If set to non-zero, then the default security labeling
# will make guests confined. If set to zero, then guests
# will be unconfined by default. Defaults to 1.
#security_default_confined = 1
# If set to non-zero, then attempts to create unconfined
# guests will be blocked. Defaults to 0.
#security_require_confined = 1
# The user for QEMU processes run by the system instance. It can be
# specified as a user name or as a user id. The qemu driver will try to
# parse this value first as a name and then, if the name doesn't exist,
# as a user id.
#
# Since a sequence of digits is a valid user name, a leading plus sign
# can be used to ensure that a user id will not be interpreted as a user
# name.
#
# Some examples of valid values are:
#
# user = "qemu" # A user named "qemu"
# user = "+0" # Super user (uid=0)
# user = "100" # A user named "100" or a user with uid=100
#
#user = "root"
# The group for QEMU processes run by the system instance. It can be
# specified in a similar way to user.
#group = "root"
# Whether libvirt should dynamically change file ownership
# to match the configured user/group above. Defaults to 1.
# Set to 0 to disable file ownership changes.
#dynamic_ownership = 1
# What cgroup controllers to make use of with QEMU guests
#
# - 'cpu' - use for schedular tunables
# - 'devices' - use for device whitelisting
# - 'memory' - use for memory tunables
# - 'blkio' - use for block devices I/O tunables
# - 'cpuset' - use for CPUs and memory nodes
# - 'cpuacct' - use for CPUs statistics.
#
# NB, even if configured here, they won't be used unless
# the administrator has mounted cgroups, e.g.:
#
# mkdir /dev/cgroup
# mount -t cgroup -o devices,cpu,memory,blkio,cpuset none /dev/cgroup
#
# They can be mounted anywhere, and different controllers
# can be mounted in different locations. libvirt will detect
# where they are located.
#
#cgroup_controllers = [ "cpu", "devices", "memory", "blkio", "cpuset", "cpuacct" ]
# This is the basic set of devices allowed / required by
# all virtual machines.
#
# As well as this, any configured block backed disks,
# all sound device, and all PTY devices are allowed.
#
# This will only need setting if newer QEMU suddenly
# wants some device we don't already know about.
#
{% if nova_cgroup_device_acl is defined %}
cgroup_device_acl = [
{% for device in nova_cgroup_device_acl %}
"{{ device }}"
{% if not loop.last %}
,
{% endif %}
{% endfor %}
]
{% endif %}
#
# RDMA migration requires the following extra files to be added to the list:
# "/dev/infiniband/rdma_cm",
# "/dev/infiniband/issm0",
# "/dev/infiniband/issm1",
# "/dev/infiniband/umad0",
# "/dev/infiniband/umad1",
# "/dev/infiniband/uverbs0"
# The default format for Qemu/KVM guest save images is raw; that is, the
# memory from the domain is dumped out directly to a file. If you have
# guests with a large amount of memory, however, this can take up quite
# a bit of space. If you would like to compress the images while they
# are being saved to disk, you can also set "lzop", "gzip", "bzip2", or "xz"
# for save_image_format. Note that this means you slow down the process of
# saving a domain in order to save disk space; the list above is in descending
# order by performance and ascending order by compression ratio.
#
# save_image_format is used when you use 'virsh save' or 'virsh managedsave'
# at scheduled saving, and it is an error if the specified save_image_format
# is not valid, or the requested compression program can't be found.
#
# dump_image_format is used when you use 'virsh dump' at emergency
# crashdump, and if the specified dump_image_format is not valid, or
# the requested compression program can't be found, this falls
# back to "raw" compression.
#
# snapshot_image_format specifies the compression algorithm of the memory save
# image when an external snapshot of a domain is taken. This does not apply
# on disk image format. It is an error if the specified format isn't valid,
# or the requested compression program can't be found.
#
#save_image_format = "raw"
#dump_image_format = "raw"
#snapshot_image_format = "raw"
# When a domain is configured to be auto-dumped when libvirtd receives a
# watchdog event from qemu guest, libvirtd will save dump files in directory
# specified by auto_dump_path. Default value is /var/lib/libvirt/qemu/dump
#
#auto_dump_path = "/var/lib/libvirt/qemu/dump"
# When a domain is configured to be auto-dumped, enabling this flag
# has the same effect as using the VIR_DUMP_BYPASS_CACHE flag with the
# virDomainCoreDump API. That is, the system will avoid using the
# file system cache while writing the dump file, but may cause
# slower operation.
#
#auto_dump_bypass_cache = 0
# When a domain is configured to be auto-started, enabling this flag
# has the same effect as using the VIR_DOMAIN_START_BYPASS_CACHE flag
# with the virDomainCreateWithFlags API. That is, the system will
# avoid using the file system cache when restoring any managed state
# file, but may cause slower operation.
#
#auto_start_bypass_cache = 0
# If provided by the host and a hugetlbfs mount point is configured,
# a guest may request huge page backing. When this mount point is
# unspecified here, determination of a host mount point in /proc/mounts
# will be attempted. Specifying an explicit mount overrides detection
# of the same in /proc/mounts. Setting the mount point to "" will
# disable guest hugepage backing. If desired, multiple mount points can
# be specified at once, separated by comma and enclosed in square
# brackets, for example:
#
# hugetlbfs_mount = ["/tmp/hugepages2M", "/tmp/hugepages1G"]
#
# The size of huge page served by specific mount point is determined by
# libvirt at the daemon startup.
#
# NB, within these mount points, guests will create memory backing
# files in a location of $MOUNTPOINT/libvirt/qemu
#
{% if huge_page_sizes is defined and huge_page_sizes|length > 0 %}
hugetlbfs_mount = [
{% for size in huge_page_sizes %}
"/tmp/hugepages_{{ size }}"{% if not loop.last %},{% endif %}
{% endfor %}
]
{% endif %}
# Path to the setuid helper for creating tap devices. This executable
# is used to create <source type='bridge'> interfaces when libvirtd is
# running unprivileged. libvirt invokes the helper directly, instead
# of using "-netdev bridge", for security reasons.
#bridge_helper = "/usr/libexec/qemu-bridge-helper"
# If clear_emulator_capabilities is enabled, libvirt will drop all
# privileged capabilities of the QEmu/KVM emulator. This is enabled by
# default.
#
# Warning: Disabling this option means that a compromised guest can
# exploit the privileges and possibly do damage to the host.
#
#clear_emulator_capabilities = 1
# If enabled, libvirt will have QEMU set its process name to
# "qemu:VM_NAME", where VM_NAME is the name of the VM. The QEMU
# process will appear as "qemu:VM_NAME" in process listings and
# other system monitoring tools. By default, QEMU does not set
# its process title, so the complete QEMU command (emulator and
# its arguments) appear in process listings.
#
#set_process_name = 1
# If max_processes is set to a positive integer, libvirt will use
# it to set the maximum number of processes that can be run by qemu
# user. This can be used to override default value set by host OS.
# The same applies to max_files which sets the limit on the maximum
# number of opened files.
#
#max_processes = 0
#max_files = 0
# mac_filter enables MAC addressed based filtering on bridge ports.
# This currently requires ebtables to be installed.
#
#mac_filter = 1
# By default, PCI devices below non-ACS switch are not allowed to be assigned
# to guests. By setting relaxed_acs_check to 1 such devices will be allowed to
# be assigned to guests.
#
#relaxed_acs_check = 1
# If allow_disk_format_probing is enabled, libvirt will probe disk
# images to attempt to identify their format, when not otherwise
# specified in the XML. This is disabled by default.
#
# WARNING: Enabling probing is a security hole in almost all
# deployments. It is strongly recommended that users update their
# guest XML <disk> elements to include <driver type='XXXX'/>
# elements instead of enabling this option.
#
#allow_disk_format_probing = 1
# In order to prevent accidentally starting two domains that
# share one writable disk, libvirt offers two approaches for
# locking files. The first one is sanlock, the other one,
# virtlockd, is then our own implementation. Accepted values
# are "sanlock" and "lockd".
#
#lock_manager = "lockd"
# Set limit of maximum APIs queued on one domain. All other APIs
# over this threshold will fail on acquiring job lock. Specially,
# setting to zero turns this feature off.
# Note, that job lock is per domain.
#
#max_queued = 0
###################################################################
# Keepalive protocol:
# This allows qemu driver to detect broken connections to remote
# libvirtd during peer-to-peer migration. A keepalive message is
# sent to the daemon after keepalive_interval seconds of inactivity
# to check if the daemon is still responding; keepalive_count is a
# maximum number of keepalive messages that are allowed to be sent
# to the daemon without getting any response before the connection
# is considered broken. In other words, the connection is
# automatically closed approximately after
# keepalive_interval * (keepalive_count + 1) seconds since the last
# message received from the daemon. If keepalive_interval is set to
# -1, qemu driver will not send keepalive requests during
# peer-to-peer migration; however, the remote libvirtd can still
# send them and source libvirtd will send responses. When
# keepalive_count is set to 0, connections will be automatically
# closed after keepalive_interval seconds of inactivity without
# sending any keepalive messages.
#
#keepalive_interval = 5
#keepalive_count = 5
# Use seccomp syscall whitelisting in QEMU.
# 1 = on, 0 = off, -1 = use QEMU default
# Defaults to -1.
#
#seccomp_sandbox = 1
# Override the listen address for all incoming migrations. Defaults to
# 0.0.0.0, or :: if both host and qemu are capable of IPv6.
#migration_address = "0.0.0.0"
# The default hostname or IP address which will be used by a migration
# source for transferring migration data to this host. The migration
# source has to be able to resolve this hostname and connect to it so
# setting "localhost" will not work. By default, the host's configured
# hostname is used.
#migration_host = "host.example.com"
# Override the port range used for incoming migrations.
#
# Minimum must be greater than 0, however when QEMU is not running as root,
# setting the minimum to be lower than 1024 will not work.
#
# Maximum must not be greater than 65535.
#
#migration_port_min = 49152
#migration_port_max = 49215
# Timestamp QEMU's log messages (if QEMU supports it)
#
# Defaults to 1.
#
#log_timestamp = 0
# Location of master nvram file
#
# When a domain is configured to use UEFI instead of standard
# BIOS it may use a separate storage for UEFI variables. If
# that's the case libvirt creates the variable store per domain
# using this master file as image. Each UEFI firmware can,
# however, have different variables store. Therefore the nvram is
# a list of strings when a single item is in form of:
# ${PATH_TO_UEFI_FW}:${PATH_TO_UEFI_VARS}.
# Later, when libvirt creates per domain variable store, this list is
# searched for the master image. The UEFI firmware can be called
# differently for different guest architectures. For instance, it's OVMF
# for x86_64 and i686, but it's AAVMF for aarch64. The libvirt default
# follows this scheme.
#nvram = [
# "/usr/share/OVMF/OVMF_CODE.fd:/usr/share/OVMF/OVMF_VARS.fd",
# "/usr/share/AAVMF/AAVMF_CODE.fd:/usr/share/AAVMF/AAVMF_VARS.fd"
#]
#
nvram = [
"/usr/share/qemu/ovmf-x86_64-code.bin:/usr/share/qemu/ovmf-x86_64-vars.bin",
"/usr/share/qemu/ovmf-x86_64-ms-code.bin:/usr/share/qemu/ovmf-x86_64-ms-vars.bin"
]
070701000000B7000081A40000000000000000000000015F71E19F000002EE000000000000000000000000000000000000005100000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CMP-KVM/templates/secret.xml.j2{#
#
# (c) Copyright 2017-2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
#}
<secret ephemeral='no' private='no'>
<uuid>{{ item.uuid }}</uuid>
<usage type='ceph'>
<name>client.{{ item.user_name }} secret</name>
</usage>
</secret>
070701000000B8000041ED0000000000000000000000025F71E19F00000000000000000000000000000000000000000000003E00000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CMP-KVM/vars070701000000B9000081A40000000000000000000000015F71E19F00000619000000000000000000000000000000000000004900000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CMP-KVM/vars/debian.yml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
# Contains packages names and default values required for nova-compute-kvm
# to work in Debian System
---
# packages listed here will be installed by nova-common | install
nova_required_packages:
- kvm
- libvirt-bin
- kpartx
- ebtables
- dnsmasq
- qemu-utils
- apparmor
- apparmor-profiles
- apparmor-utils
# packages listed here will trigger a restart of the apparmor service when updated
nova_apparmor_restart_packages:
- apparmor
- apparmor-profiles
- apparmor-utils
# packages listed here will trigger a restart of libvirt and the compute service
# when updated
nova_libvirt_restart_packages:
- kvm
- libvirt-bin
- kpartx
- ebtables
- dnsmasq
- qemu-utils
# kernel modules listed here will be loaded by nova-common | install
nova_kernel_modules:
- nbd
- vhost_net
nova_kernel_module_file: nova-kvm
libvirt_qemu_user: libvirt-qemu
libvirt_defaults_file: etc/default/libvirtd070701000000BA000081A40000000000000000000000015F71E19F000005AB000000000000000000000000000000000000004900000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CMP-KVM/vars/redhat.yml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017-2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
# Contains packages names and default values required for nova-compute-kvm
# to work in RedHat System
---
# packages listed here will be installed by nova-common | install
nova_required_packages:
- qemu-kvm
- libvirt
- libvirt-python
- iscsi-initiator-utils
- ebtables
- python-libguestfs
- lvm2
- rsync
- curl
- policycoreutils-devel
# packages listed here will trigger a restart of libvirt and the compute service
# when updated
nova_libvirt_restart_packages:
- qemu-kvm
- libvirt
- libvirt-python
- iscsi-initiator-utils
- ebtables
- python-libguestfs
- lvm2
# kernel modules listed here will be loaded by nova-common | install
nova_kernel_modules:
- vhost_net
nova_kernel_module_file: nova-kvm
libvirt_qemu_user: qemu
libvirt_defaults_file: etc/sysconfig/libvirtd070701000000BB000081A40000000000000000000000015F71E19F000005BA000000000000000000000000000000000000004700000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CMP-KVM/vars/suse.yml#
# (c) Copyright 2017 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017-2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
# Contains packages names and default values required for nova-compute-kvm
# to work in SUSE System
---
# packages listed here will be installed by nova-common | install
nova_required_packages:
- cryptsetup
- dnsmasq
- ebtables
- genisoimage
- kpartx
- kvm
- typelib-1_0-Libosinfo-1_0
- libvirt
- python-PrettyTable
- python-netifaces
- qemu-block-rbd
- qemu-ovmf-x86_64
- rsync
- libsodium23
# packages listed here will trigger a restart of libvirt and the compute service
# when updated
nova_libvirt_restart_packages:
- kvm
- libvirt
- kpartx
- ebtables
- dnsmasq
# kernel modules listed here will be loaded by nova-common | install
nova_kernel_modules:
- nbd
- vhost_net
nova_kernel_module_file: nova-kvm
libvirt_qemu_user: qemu
libvirt_defaults_file: etc/default/libvirtd
070701000000BC000041ED0000000000000000000000025F71E19F00000000000000000000000000000000000000000000003E00000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CMP/defaults070701000000BD000081A40000000000000000000000015F71E19F0000076A000000000000000000000000000000000000004700000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CMP/defaults/main.yml#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017-2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# This file will contain the default values for the nova-compute service
# that are the same on every distro. If they need to be different on
# different distros then put them in vars/<distro>.yml
---
nova_component: nova-compute
# the filters nova-common will copy for this service
nova_rootwrap_filters:
- rootwrap.d/compute.filters
- rootwrap.d/network.filters
# the policy file nova-common will copy for this service
nova_policy_file: ../../nova-common/templates/policy.json.j2
# nova-compute.conf
## [DEFAULT]
nova_reboot_wait_timeout: 300
nova_reboot_check_ip: "{{ host.bind.OPS_LMTGT.ssh.ip_address }}"
nova_reboot_check_port: "{{ host.bind.OPS_LMTGT.ssh.port }}"
numa_huge_pages: "{{ host | item('my_memory_model.numa_huge_pages', default=[]) }}"
non_numa_huge_pages: "{{ host | item('my_memory_model.non_numa_huge_pages', default=[]) }}"
total_huge_pages: "{{ numa_huge_pages | union(non_numa_huge_pages) }}"
## [vnc]
novncproxy_base_url: "{{ NOV_VNC.advertises.vips.public[0].url }}/vnc_auto.html"
vncserver_proxyclient_address: "{{ host.bind.NOV_CMP.vncdisplay.ip_address }}"
# the log files nova-common will create for this service
nova_log_files:
- "{{ log_dir }}/nova-compute.log"
- "{{ log_dir }}/nova-compute-json.log"
070701000000BE000041ED0000000000000000000000025F71E19F00000000000000000000000000000000000000000000003A00000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CMP/meta070701000000BF000081A40000000000000000000000015F71E19F000002AC000000000000000000000000000000000000004300000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CMP/meta/main.yml#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
dependencies:
- role: nova-common
070701000000C0000041ED0000000000000000000000025F71E19F00000000000000000000000000000000000000000000003B00000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CMP/tasks070701000000C1000081A40000000000000000000000015F71E19F00000379000000000000000000000000000000000000005700000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CMP/tasks/check_upgraded_packages.yml#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- name: NOV-CMP | check_upgraded_packages | Check upgraded packages
command: /bin/true
register: ardana_notify_nova_compute_restart_required
when: item in ardana_upgraded_pkgs | default({})
with_items: nova_compute_restart_packages
070701000000C2000081A40000000000000000000000015F71E19F000006F5000000000000000000000000000000000000004900000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CMP/tasks/configure.yml#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017-2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# Configure the nova-compute service
---
- include: ../../nova-common/tasks/_set_directories.yml
vars:
install_package_result: "{{ ardana_notify_nova_compute_install_result }}"
- name: NOV-CMP | configure | nova-common configure
include: ../../nova-common/tasks/configure.yml
- name: NOV-CMP | configure | notify on rootwrap or policy change
command: /bin/true
register: ardana_notify_nova_compute_restart_required
when: rootwrap_changed or nova_policy_template_result.changed
- include: ../../nova-common/tasks/_write_conf.yml
src: "../../NOV-CMP/templates/compute.conf.j2"
dest: "{{ nova_service_conf_dir }}/compute.conf"
- name: NOV-CMP | configure | notify on compute.conf change
command: /bin/true
register: ardana_notify_nova_compute_restart_required
when: write_conf_result.changed
- name: NOV-CMP | configure | Apply template
become: yes
template:
src: "{{ item }}.j2"
dest: "{{ nova_service_conf_dir }}/{{ item }}"
owner: root
group: "{{ nova_system_group }}"
mode: 0640
with_items:
- "compute-logging.conf"
register: ardana_notify_nova_compute_restart_required
070701000000C3000081A40000000000000000000000015F71E19F000003F0000000000000000000000000000000000000004F00000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CMP/tasks/hugepage-status.yml#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# Check hugepages on a host
---
- name: NOV-CMP | hugepage-status | Verify hugepage count on compute host
become: yes
shell: cat /sys/kernel/mm/hugepages/hugepages-{{ item.key }}kB/nr_hugepages
register: hugepage_result
failed_when: hugepage_result.stdout | int != item.value
with_dict: "{{ total_huge_pages | group_sum_by_keys('size_in_k', 'count') }}"
070701000000C4000081A40000000000000000000000015F71E19F000007FF000000000000000000000000000000000000004700000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CMP/tasks/install.yml#
# (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017-2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# Install nova-compute
---
- name: NOV-CMP | install | Update installed packager cache
become: yes
install_package:
cache: update
- name: NOV-CMP | install | Install the nova-compute service from the nova venv
become: yes
install_package:
name: nova
service: nova-compute
state: present
activate: act_off
register: ardana_notify_nova_compute_install_result
- name: NOV-CMP | install | register persistent fact of install
command: /bin/true
register: ardana_notify_nova_compute_restart_required
when: ardana_notify_nova_compute_install_result.changed
- include: ../../nova-common/tasks/_set_directories.yml
vars:
install_package_result: "{{ ardana_notify_nova_compute_install_result }}"
- name: NOV-CMP | install | Setup nova-compute service
become: yes
setup_systemd:
service: nova-compute
user: "{{ nova_system_user }}"
group: "{{ nova_system_group }}"
cmd: nova-compute
after: "{{ libvirtd_service }}"
restart: on-failure
restart_sec: 60s
args: >
--config-file {{ nova_service_conf_dir }}/nova.conf
--config-file {{ nova_service_conf_dir }}/compute.conf
--config-file {{ nova_service_conf_dir }}/hypervisor.conf
- name: NOV-CMP | install | Set nova-compute service to start on boot
become: yes
service:
name: nova-compute
enabled: yes
- include: ../../nova-common/tasks/install.yml
070701000000C5000081A40000000000000000000000015F71E19F000002EC000000000000000000000000000000000000004400000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CMP/tasks/main.yml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- name: NOV-CMP | main | Set os-specific variables
include_vars: "{{ ansible_os_family | lower }}.yml"
070701000000C6000081A40000000000000000000000015F71E19F0000041F000000000000000000000000000000000000004600000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CMP/tasks/reboot.yml#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# Reboot compute nodes
---
- name: NOV-CMP | reboot | Reboot compute nodes
become: yes
shell: sleep 2 && shutdown -r now
async: 1
poll: 0
- name: NOV-CMP | reboot | Wait for compute nodes to come back up
delegate_to: localhost
wait_for:
host: "{{ nova_reboot_check_ip }}"
port: "{{ nova_reboot_check_port }}"
state: started
delay: 30
timeout: "{{ nova_reboot_wait_timeout }}"
070701000000C7000081A40000000000000000000000015F71E19F000006A0000000000000000000000000000000000000004500000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CMP/tasks/start.yml#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# Restart or start the nova-compute service
---
- name: NOV-CMP | start | Activate the latest installed version
become: yes
install_package:
name: nova
service: nova-compute
activate: act_on
version: "{{ ardana_notify_nova_compute_install_result.version }}"
when: not (ardana_notify_nova_compute_install_result is not defined)
- name: NOV-CMP | start | register persistent fact of activate
command: /bin/true
register: ardana_notify_nova_compute_restart_required
when: ardana_notify_nova_compute_install_result is defined and
ardana_notify_nova_compute_install_result.changed
- name: NOV-CMP | start | Restart nova-compute service
become: yes
service:
name: nova-compute
state: restarted
when: ardana_notify_nova_restart_required.changed or
(ardana_notify_nova_compute_restart_required is defined and
ardana_notify_nova_compute_restart_required.changed)
- name: NOV-CMP | start | Ensure nova-compute service started
become: yes
service:
name: nova-compute
state: started
070701000000C8000081A40000000000000000000000015F71E19F000002C0000000000000000000000000000000000000004600000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CMP/tasks/status.yml#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- include: ../../nova-common/tasks/_service_status.yml
070701000000C9000081A40000000000000000000000015F71E19F00000383000000000000000000000000000000000000004400000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CMP/tasks/stop.yml#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# Stop the nova-compute service
---
- name: NOV-CMP | stop | stop nova-compute service
become: yes
service: name=nova-compute state=stopped
register: stop_result
failed_when:
"stop_result|failed and 'service not found' not in stop_result.msg"
070701000000CA000041ED0000000000000000000000025F71E19F00000000000000000000000000000000000000000000003F00000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CMP/templates070701000000CB000081A40000000000000000000000015F71E19F0000072D000000000000000000000000000000000000005700000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CMP/templates/compute-logging.conf.j2{#
#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
#}
[loggers]
keys: root, iso8601, suds
[handlers]
keys: {{ nova_compute_log_handlers }}
[formatters]
keys: {{ nova_compute_log_formatters }}
[logger_root]
qualname: root
handlers: {{ nova_compute_log_handlers }}
level: NOTSET
[logger_iso8601]
qualname: iso8601
handlers:
level: WARNING
[logger_suds]
qualname: suds
handlers:
level: INFO
# Writes to disk
[handler_file]
class: {{ nova_compute_log_handler_file_class }}
args: ({{ nova_compute_log_handler_file_args }})
formatter: context
level: INFO
# Writes JSON to disk, beaver will ship to logstash
[handler_logstash]
class: {{ nova_compute_log_handler_file_class }}
args: ({{ nova_compute_log_handler_logstash_args }})
formatter: logstash
level: INFO
# datefmt must be set otherwise you end up with too many (msecs) fields
[formatter_context]
class: oslo_log.formatters.ContextFormatter
args: (datefmt=datefmt)
format: %(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [%(request_id)s %(user)s %(tenant)s] %(instance)s%(message)s
datefmt: %Y-%m-%d %H:%M:%S
# the "format" and "datefmt" actually set the "type" and "tags"
[formatter_logstash]
class: logstash.LogstashFormatterVersion1
format: nova
datefmt: nova-compute
070701000000CC000081A40000000000000000000000015F71E19F000003B4000000000000000000000000000000000000004F00000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CMP/templates/compute.conf.j2{#
#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
#}
# This file has the Ardana values that apply only to the Nova Compute service.
# You may make changes to this file by adding sections/options below.
[DEFAULT]
# Logging
log_config_append = "{{ log_config_append }}"
live_migration_progress_timeout = 300
## Do NOT put anything after this line ##
070701000000CD000041ED0000000000000000000000025F71E19F00000000000000000000000000000000000000000000003A00000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CMP/vars070701000000CE000081A40000000000000000000000015F71E19F00000595000000000000000000000000000000000000004500000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CMP/vars/debian.yml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017-2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
# Contains packages required for nova-compute service in Debian System
---
# packages listed here will be installed by nova-common | install
nova_required_packages:
- bridge-utils
- libxslt1.1
- genisoimage
- python-guestfs
# packages listed here will trigger a restart of the service when updated
nova_compute_restart_packages: []
# Logging variables
log_config_append: "{{ nova_service_conf_dir }}/compute-logging.conf"
nova_compute_log_handlers: file, logstash
nova_compute_log_formatters: context, logstash
nova_compute_log_handler_file_class: handlers.WatchedFileHandler
nova_compute_log_handler_file_args: "'{{ log_dir
}}/nova-compute.log',"
nova_compute_log_handler_logstash_args: "'{{ log_dir
}}/nova-compute-json.log',"
libvirtd_service: "libvirtd.target"
070701000000CF000081A40000000000000000000000015F71E19F00000596000000000000000000000000000000000000004500000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CMP/vars/redhat.yml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017-2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
# Contains packages required for nova-compute service in RedHat System
---
# packages listed here will be installed by nova-common | install
nova_required_packages:
- bridge-utils
- libxslt
- genisoimage
- python-libguestfs
# packages listed here will trigger a restart of the service when updated
nova_compute_restart_packages: []
# Logging variables
log_config_append: "{{ nova_service_conf_dir }}/compute-logging.conf"
nova_compute_log_handlers: file, logstash
nova_compute_log_formatters: context, logstash
nova_compute_log_handler_file_class: handlers.WatchedFileHandler
nova_compute_log_handler_file_args: "'{{ log_dir
}}/nova-compute.log',"
nova_compute_log_handler_logstash_args: "'{{ log_dir
}}/nova-compute-json.log',"
libvirtd_service: "libvirtd.service"
070701000000D0000081A40000000000000000000000015F71E19F000005DA000000000000000000000000000000000000004300000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CMP/vars/suse.yml#
# (c) Copyright 2017 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017-2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
# Contains packages required for nova-compute service in SUSE System
---
# packages listed here will be installed by nova-common | install
nova_required_packages:
- bridge-utils
- dosfstools
- libxslt
- genisoimage
- python-libguestfs
- kvm
- libvirt
- libvirt-python
- libsodium23
# packages listed here will trigger a restart of the service when updated
nova_compute_restart_packages: []
# Logging variables
log_config_append: "{{ nova_service_conf_dir }}/compute-logging.conf"
nova_compute_log_handlers: file, logstash
nova_compute_log_formatters: context, logstash
nova_compute_log_handler_file_class: handlers.WatchedFileHandler
nova_compute_log_handler_file_args: "'{{ log_dir
}}/nova-compute.log',"
nova_compute_log_handler_logstash_args: "'{{ log_dir
}}/nova-compute-json.log',"
libvirtd_service: "libvirtd.service"
070701000000D1000081A40000000000000000000000015F71E19F00000495000000000000000000000000000000000000004600000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CMP/vars/windows.yml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
# Contains packages required for nova-compute service in Windows System
---
# Logging variables
log_config_append: "{{ nova_service_conf_dir }}\\compute-logging.conf"
nova_compute_log_handlers: file
nova_compute_log_formatters: context
nova_compute_log_handler_file_class: handlers.RotatingFileHandler
nova_compute_log_handler_file_args: "'{{ win_log_file_location
}}\\\\nova-compute.log', 'a', 15728640, 10"
nova_compute_log_handler_logstash_args: "'{{ win_log_file_location
}}\\\\nova-compute-json.log', 'a', 15728640, 10"
070701000000D2000041ED0000000000000000000000075F71E19F00000000000000000000000000000000000000000000003500000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CND070701000000D3000041ED0000000000000000000000025F71E19F00000000000000000000000000000000000000000000003E00000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CND/defaults070701000000D4000081A40000000000000000000000015F71E19F0000056A000000000000000000000000000000000000004700000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CND/defaults/main.yml#
# (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017-2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# This file will contain the default values for the nova-conductor service
---
nova_component: nova-conductor
# Number of maximum worker allowed regardless of CPUs available
nova_conductor_max_workers: 8
# Number of workers for OpenStack Conductor service. The default will be the
# maximum allowed by variable nova_conductor_max_workers
nova_conductor_workers: "{{ ansible_processor_count * ansible_processor_cores * 2 | default('{{ nova_conductor_max_workers }} ') }}"
# the log files nova-common will create for this service
nova_log_files:
- "{{ log_dir }}/nova-conductor.log"
- "{{ log_dir }}/nova-conductor-json.log"
# Default max number of open files the Nova Conductor processes can use
nova_cnd_limit_open_files: 65536
070701000000D5000041ED0000000000000000000000025F71E19F00000000000000000000000000000000000000000000003A00000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CND/meta070701000000D6000081A40000000000000000000000015F71E19F000002AC000000000000000000000000000000000000004300000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CND/meta/main.yml#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
dependencies:
- role: nova-common
070701000000D7000041ED0000000000000000000000025F71E19F00000000000000000000000000000000000000000000003B00000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CND/tasks070701000000D8000081A40000000000000000000000015F71E19F0000037D000000000000000000000000000000000000005700000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CND/tasks/check_upgraded_packages.yml#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- name: NOV-CND | check_upgraded_packages | Check upgraded packages
command: /bin/true
register: ardana_notify_nova_conductor_restart_required
when: item in ardana_upgraded_pkgs | default({})
with_items: nova_conductor_restart_packages
070701000000D9000081A40000000000000000000000015F71E19F000006D6000000000000000000000000000000000000004900000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CND/tasks/configure.yml#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017-2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# Configure the nova-conductor service
---
- include: ../../nova-common/tasks/_set_directories.yml
vars:
install_package_result: "{{ ardana_notify_nova_conductor_install_result }}"
- name: NOV-CND | configure | nova-common configure
include: ../../nova-common/tasks/configure.yml
- name: NOV-CND | configure | notify on rootwrap change
command: /bin/true
register: ardana_notify_nova_conductor_restart_required
when: rootwrap_changed
- include: ../../nova-common/tasks/_write_conf.yml
src: "../../NOV-CND/templates/conductor.conf.j2"
dest: "{{ nova_service_conf_dir }}/conductor.conf"
- name: NOV-CND | configure | notify on conductor.conf change
command: /bin/true
register: ardana_notify_nova_conductor_restart_required
when: write_conf_result.changed
- name: NOV-CND | configure | Apply template
become: yes
template:
src: "{{ item }}.j2"
dest: "{{ nova_service_conf_dir }}/{{ item }}"
owner: root
group: "{{ nova_system_group }}"
mode: 0640
with_items:
- "conductor-logging.conf"
register: ardana_notify_nova_conductor_restart_required
070701000000DA000081A40000000000000000000000015F71E19F00000848000000000000000000000000000000000000004700000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CND/tasks/install.yml#
# (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# Install nova-conductor
---
- name: NOV-CND | install | Update installed packager cache
become: yes
install_package:
cache: update
- name: NOV-CND | install |
Install the nova-conductor service from the nova venv
become: yes
install_package:
name: nova
service: nova-conductor
state: present
activate: act_off
register: ardana_notify_nova_conductor_install_result
- name: NOV-CND | install | register persistent fact of install
command: /bin/true
register: ardana_notify_nova_conductor_restart_required
when: ardana_notify_nova_conductor_install_result.changed
- include: ../../nova-common/tasks/_set_directories.yml
vars:
install_package_result: "{{ ardana_notify_nova_conductor_install_result }}"
- name: NOV-CND | install | Setup nova-conductor service
become: yes
setup_systemd:
service: nova-conductor
user: "{{ nova_system_user }}"
group: "{{ nova_system_group }}"
cmd: nova-conductor
# FIXME remove nova.conf
args: >
--config-file {{ nova_service_conf_dir }}/nova.conf
--config-file {{ nova_service_conf_dir }}/conductor.conf
limit_open_files: "{{ nova_cnd_limit_open_files }}"
- name: NOV-CND | install | Set nova-conductor service to not start on boot
become: yes
service:
name: nova-conductor
enabled: no
# This must happen after the install_package, or a path which is meant to be a
# symlink will be mkdir'd
- include: ../../nova-common/tasks/install.yml
070701000000DB000081A40000000000000000000000015F71E19F00000409000000000000000000000000000000000000004400000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CND/tasks/main.yml#
# (c) Copyright 2016-2017 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- name: NOV-CND | main |
Set max worker count to 8 if dynamic
CPU based count is greater than {{ nova_conductor_max_workers }}
set_fact:
nova_conductor_workers: "{{ nova_conductor_max_workers }}"
when: nova_conductor_workers|int > nova_conductor_max_workers|int
- name: NOV-CND | main | Set os-specific variables
include_vars: "{{ ansible_os_family | lower }}.yml"
070701000000DC000081A40000000000000000000000015F71E19F000006BD000000000000000000000000000000000000004500000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CND/tasks/start.yml#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# Restart or start the nova-conductor service
---
- name: NOV-CND | start | Activate the latest installed version
become: yes
install_package:
name: nova
service: nova-conductor
activate: act_on
version: "{{ ardana_notify_nova_conductor_install_result.version }}"
when: not (ardana_notify_nova_conductor_install_result is not defined)
- name: NOV-CND | start | register persistent fact of activate
command: /bin/true
register: ardana_notify_nova_conductor_restart_required
when: ardana_notify_nova_conductor_install_result is defined and
ardana_notify_nova_conductor_install_result.changed
- name: NOV-CND | start | Restart nova-conductor service
become: yes
service:
name: nova-conductor
state: restarted
when: ardana_notify_nova_restart_required.changed or
(ardana_notify_nova_conductor_restart_required is defined and
ardana_notify_nova_conductor_restart_required.changed)
- name: NOV-CND | start | Ensure nova-conductor service is started
become: yes
service:
name: nova-conductor
state: started
070701000000DD000081A40000000000000000000000015F71E19F000002C0000000000000000000000000000000000000004600000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CND/tasks/status.yml#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- include: ../../nova-common/tasks/_service_status.yml
070701000000DE000081A40000000000000000000000015F71E19F00000389000000000000000000000000000000000000004400000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CND/tasks/stop.yml#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# Stop the nova-conductor service
---
- name: NOV-CND | stop | stop nova-conductor service
become: yes
service: name=nova-conductor state=stopped
register: stop_result
failed_when:
"stop_result|failed and 'service not found' not in stop_result.msg"
070701000000DF000041ED0000000000000000000000025F71E19F00000000000000000000000000000000000000000000003F00000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CND/templates070701000000E0000081A40000000000000000000000015F71E19F00000673000000000000000000000000000000000000005900000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CND/templates/conductor-logging.conf.j2{#
#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017-2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
#}
[loggers]
keys: root
[handlers]
keys: watchedfile, logstash
[formatters]
keys: context, logstash
[logger_root]
qualname: root
handlers: watchedfile, logstash
level: NOTSET
# Writes to disk
[handler_watchedfile]
class: handlers.WatchedFileHandler
args: ('{{ log_dir }}/nova-conductor.log',)
formatter: context
level: INFO
# Writes JSON to disk, beaver will ship to logstash
[handler_logstash]
class: handlers.WatchedFileHandler
args: ('{{ log_dir }}/nova-conductor-json.log',)
formatter: logstash
level: INFO
# datefmt must be set otherwise you end up with too many (msecs) fields
[formatter_context]
class: oslo_log.formatters.ContextFormatter
args: (datefmt=datefmt)
format: %(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [%(request_id)s %(user)s %(tenant)s] %(instance)s%(message)s
datefmt: %Y-%m-%d %H:%M:%S
# the "format" and "datefmt" actually set the "type" and "tags"
[formatter_logstash]
class: logstash.LogstashFormatterVersion1
format: nova
datefmt: nova-conductor
070701000000E1000081A40000000000000000000000015F71E19F000004D7000000000000000000000000000000000000005100000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CND/templates/conductor.conf.j2{#
#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
#}
# This file has the Ardana values that apply only to the Nova Conductor service.
# You may make changes to this file by adding sections/options below.
[DEFAULT]
# Logging
log_config_append = "{{ nova_service_conf_dir }}/conductor-logging.conf"
[database]
backend = sqlalchemy
connection = {{ database_connection }}
[api_database]
connection = {{ nova_api_database_connection }}
[conductor]
# Please change this value in openstack/ardana/ansible/roles/NOV-CND/defaults/main.yml ,
# do not remove it here
workers = {{ nova_conductor_workers }}
## Do NOT put anything after this line ##
070701000000E2000041ED0000000000000000000000025F71E19F00000000000000000000000000000000000000000000003A00000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CND/vars070701000000E3000081A40000000000000000000000015F71E19F000003A8000000000000000000000000000000000000004500000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CND/vars/debian.yml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
# Contains packages required for nova-conductor service in Debian System
---
# packages listed here will be installed by nova-common | install
nova_required_packages:
- libmysqlclient18
# packages listed here will trigger a restart of the service when updated
nova_conductor_restart_packages: []070701000000E4000081A40000000000000000000000015F71E19F000003A8000000000000000000000000000000000000004500000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CND/vars/redhat.yml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
# Contains packages required for nova-conductor service in RedHat System
---
# packages listed here will be installed by nova-common | install
nova_required_packages:
- libmysqlclient18
# packages listed here will trigger a restart of the service when updated
nova_conductor_restart_packages: []070701000000E5000081A40000000000000000000000015F71E19F000003BC000000000000000000000000000000000000004300000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-CND/vars/suse.yml#
# (c) Copyright 2017 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017-2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
# Contains packages required for nova-conductor service in SUSE System
---
# packages listed here will be installed by nova-common | install
nova_required_packages:
- libmysqlclient18
- libsodium23
# packages listed here will trigger a restart of the service when updated
nova_conductor_restart_packages: []
070701000000E6000041ED0000000000000000000000075F71E19F00000000000000000000000000000000000000000000003500000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-SCH070701000000E7000041ED0000000000000000000000065F71E19F00000000000000000000000000000000000000000000003900000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-SCH-IRN070701000000E8000041ED0000000000000000000000025F71E19F00000000000000000000000000000000000000000000004200000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-SCH-IRN/defaults070701000000E9000081A40000000000000000000000015F71E19F0000047D000000000000000000000000000000000000004B00000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-SCH-IRN/defaults/main.yml#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017-2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# This file will contain the default values for the nova ironic component
---
## [ironic]
ironic_api_endpoint_url: "{{ NOV_SCH_IRN.consumes_IRN_API.vips.private[0].url }}/v1"
admin_tenant_name : "{{ KEY_API.vars.keystone_service_tenant }}"
keystone_ironic_password : "{{ IRN_API.consumes_KEY_API.vars.keystone_ironic_password | quote }}"
keystone_ironic_user : "{{ IRN_API.consumes_KEY_API.vars.keystone_ironic_user }}"
ironic_admin_auth_uri : "{{ IRN_API.consumes_KEY_API.vips.private[0].url }}/v3"
070701000000EA000041ED0000000000000000000000025F71E19F00000000000000000000000000000000000000000000003E00000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-SCH-IRN/meta070701000000EB000081A40000000000000000000000015F71E19F000002BE000000000000000000000000000000000000004700000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-SCH-IRN/meta/main.yml#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
dependencies:
- role: nova-common
- role: NOV-SCH
070701000000EC000041ED0000000000000000000000025F71E19F00000000000000000000000000000000000000000000003F00000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-SCH-IRN/tasks070701000000ED000081A40000000000000000000000015F71E19F0000053F000000000000000000000000000000000000004D00000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-SCH-IRN/tasks/configure.yml#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# Configure the hypervisor.conf specific to ironic
---
# hypervisor.conf will be loaded last by nova-scheduler
# filename should remain the same across hypervisors
# we can use nova_service_conf_dir as this will be set to scheduler
# by including the nova-scheduler role as a dependency
- include: ../../nova-common/tasks/_write_conf.yml
src: "../../NOV-SCH-IRN/templates/hypervisor.conf.j2"
dest: "{{ nova_service_conf_dir }}/hypervisor.conf"
owner: "{{ nova_system_user }}"
group: "{{ nova_system_group }}"
- name: NOV-SCH-IRN | configure | notify on hypervisor.conf change
command: /bin/true
register: ardana_notify_nova_scheduler_restart_required
when: write_conf_result.changed
070701000000EE000081A40000000000000000000000015F71E19F000002B8000000000000000000000000000000000000004B00000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-SCH-IRN/tasks/install.yml#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- include: ../../nova-common/tasks/install.yml
070701000000EF000041ED0000000000000000000000025F71E19F00000000000000000000000000000000000000000000004300000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-SCH-IRN/templates070701000000F0000081A40000000000000000000000015F71E19F00000559000000000000000000000000000000000000005600000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-SCH-IRN/templates/hypervisor.conf.j2{#
#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017-2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
#}
# This file has the Ardana values that apply only to the ironic hypervisor.
# You may make changes to this file by adding sections/options below.
[DEFAULT]
# Scheduler
scheduler_host_manager = ironic_host_manager
scheduler_use_baremetal_filters = True
[ironic]
auth_type = v3password
api_endpoint = {{ ironic_api_endpoint_url }}
project_name = {{ admin_tenant_name }}
auth_url = {{ ironic_admin_auth_uri }}
password = {{ keystone_ironic_password }}
username = {{ keystone_ironic_user }}
# We are hardcoding the domain to 'Default' for backward compatibility.
# In the future, these need to be coming from vars.
project_domain_name = Default
user_domain_name = Default
## Do NOT put anything after this line ##
070701000000F1000041ED0000000000000000000000025F71E19F00000000000000000000000000000000000000000000003E00000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-SCH/defaults070701000000F2000081A40000000000000000000000015F71E19F0000046A000000000000000000000000000000000000004700000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-SCH/defaults/main.yml#
# (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017-2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# This file will contain the default values for the nova-scheduler service
---
nova_component: nova-scheduler
# the log files nova-common will create for this service
nova_log_files:
- "{{ log_dir }}/nova-scheduler.log"
- "{{ log_dir }}/nova-scheduler-json.log"
# policy files needed for ironic_host_manager
nova_policy_file: ../../nova-common/templates/policy.json.j2
# Default max number of open files the Nova Scheduler processes can use
nova_sch_limit_open_files: 65536
070701000000F3000041ED0000000000000000000000025F71E19F00000000000000000000000000000000000000000000003A00000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-SCH/meta070701000000F4000081A40000000000000000000000015F71E19F000002AC000000000000000000000000000000000000004300000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-SCH/meta/main.yml#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
dependencies:
- role: nova-common
070701000000F5000041ED0000000000000000000000025F71E19F00000000000000000000000000000000000000000000003B00000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-SCH/tasks070701000000F6000081A40000000000000000000000015F71E19F0000037D000000000000000000000000000000000000005700000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-SCH/tasks/check_upgraded_packages.yml#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- name: NOV-SCH | check_upgraded_packages | Check upgraded packages
command: /bin/true
register: ardana_notify_nova_scheduler_restart_required
when: item in ardana_upgraded_pkgs | default({})
with_items: nova_scheduler_restart_packages
070701000000F7000081A40000000000000000000000015F71E19F0000087F000000000000000000000000000000000000004900000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-SCH/tasks/configure.yml#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017-2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# Configure the nova-scheduler service
---
- include: ../../nova-common/tasks/_set_directories.yml
vars:
install_package_result: "{{ ardana_notify_nova_scheduler_install_result }}"
- name: NOV-SCH | configure | nova-common configure
include: ../../nova-common/tasks/configure.yml
- name: NOV-SCH | configure | notify on rootwrap change
command: /bin/true
register: ardana_notify_nova_scheduler_restart_required
when: rootwrap_changed
- include: ../../nova-common/tasks/_write_conf.yml
src: "../../NOV-SCH/templates/scheduler.conf.j2"
dest: "{{ nova_service_conf_dir }}/scheduler.conf"
conf_owner: "{{ nova_system_user }}"
conf_group: "{{ nova_system_group }}"
# We need to be sure that the hypervisor.conf file is present
- name: NOV-SCH | configure | touch hypervisor.conf
become: yes
copy:
dest: "{{ nova_service_conf_dir }}/hypervisor.conf"
owner: "{{ nova_system_user }}"
group: "{{ nova_system_group }}"
mode: 0644
content: ""
force: no # do not overwrite if it exists
- name: NOV-SCH | configure | notify on scheduler.conf change
command: /bin/true
register: ardana_notify_nova_scheduler_restart_required
when: write_conf_result.changed
- name: NOV-SCH | configure | Apply template
become: yes
template:
src: "{{ item }}.j2"
dest: "{{ nova_service_conf_dir }}/{{ item }}"
owner: root
group: "{{ nova_system_group }}"
mode: 0640
with_items:
- "scheduler-logging.conf"
register: ardana_notify_nova_scheduler_restart_required
070701000000F8000081A40000000000000000000000015F71E19F0000086B000000000000000000000000000000000000004700000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-SCH/tasks/install.yml#
# (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# Install nova-scheduler
---
- name: NOV-SCH | install | Update installed packager cache
become: yes
install_package:
cache: update
- name: NOV-SCH | install |
Install the nova-scheduler service from the nova venv
become: yes
install_package:
name: nova
service: nova-scheduler
state: present
activate: act_off
register: ardana_notify_nova_scheduler_install_result
- name: NOV-SCH | install | register persistent fact of install
command: /bin/true
register: ardana_notify_nova_scheduler_restart_required
when: ardana_notify_nova_scheduler_install_result.changed
- include: ../../nova-common/tasks/_set_directories.yml
vars:
install_package_result: "{{ ardana_notify_nova_scheduler_install_result }}"
- name: NOV-SCH | install | Setup nova-scheduler service
become: yes
setup_systemd:
service: nova-scheduler
user: "{{ nova_system_user }}"
group: "{{ nova_system_group }}"
cmd: nova-scheduler
args: >
--config-file {{ nova_service_conf_dir }}/nova.conf
--config-file {{ nova_service_conf_dir }}/scheduler.conf
--config-file {{ nova_service_conf_dir }}/hypervisor.conf
limit_open_files: "{{ nova_sch_limit_open_files }}"
- name: NOV-SCH | install | Set nova-scheduler service to not start on boot
become: yes
service:
name: nova-scheduler
enabled: no
# This must happen after the install_package, or a path which is meant to be a
# symlink will be mkdir'd
- include: ../../nova-common/tasks/install.yml
070701000000F9000081A40000000000000000000000015F71E19F000002EB000000000000000000000000000000000000004400000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-SCH/tasks/main.yml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- name: NOV-SCH | main | Set os-specific variables
include_vars: "{{ ansible_os_family | lower }}.yml"070701000000FA000081A40000000000000000000000015F71E19F000006BA000000000000000000000000000000000000004500000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-SCH/tasks/start.yml#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# Restart or start the nova-scheduler service
---
- name: NOV-SCH | start | Activate the latest installed version
become: yes
install_package:
name: nova
service: nova-scheduler
activate: act_on
version: "{{ ardana_notify_nova_scheduler_install_result.version }}"
when: not (ardana_notify_nova_scheduler_install_result is not defined)
- name: NOV-SCH | start | register persistent fact of activate
command: /bin/true
register: ardana_notify_nova_scheduler_restart_required
when: ardana_notify_nova_scheduler_install_result is defined and
ardana_notify_nova_scheduler_install_result.changed
- name: NOV-SCH | start | Restart nova-scheduler service
become: yes
service:
name: nova-scheduler
state: restarted
when: ardana_notify_nova_restart_required.changed or
(ardana_notify_nova_scheduler_restart_required is defined and
ardana_notify_nova_scheduler_restart_required.changed)
- name: NOV-SCH | start | Ensure nova-scheduler service started
become: yes
service:
name: nova-scheduler
state: started
070701000000FB000081A40000000000000000000000015F71E19F000002C0000000000000000000000000000000000000004600000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-SCH/tasks/status.yml#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- include: ../../nova-common/tasks/_service_status.yml
070701000000FC000081A40000000000000000000000015F71E19F00000389000000000000000000000000000000000000004400000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-SCH/tasks/stop.yml#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# Stop the nova-scheduler service
---
- name: NOV-SCH | stop | stop nova-scheduler service
become: yes
service: name=nova-scheduler state=stopped
register: stop_result
failed_when:
"stop_result|failed and 'service not found' not in stop_result.msg"
070701000000FD000041ED0000000000000000000000025F71E19F00000000000000000000000000000000000000000000003F00000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-SCH/templates070701000000FE000081A40000000000000000000000015F71E19F00000675000000000000000000000000000000000000005900000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-SCH/templates/scheduler-logging.conf.j2{#
#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017-2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
#}
[loggers]
keys: root
[handlers]
keys: watchedfile, logstash
[formatters]
keys: context, logstash
[logger_root]
qualname: root
handlers: watchedfile, logstash
level: NOTSET
# Writes to disk
[handler_watchedfile]
class: handlers.WatchedFileHandler
args: ('{{ log_dir }}/nova-scheduler.log',)
formatter: context
level: INFO
# Writes JSON to disk, beaver will ship to logstash
[handler_logstash]
class: handlers.WatchedFileHandler
args: ('{{ log_dir }}/nova-scheduler-json.log',)
formatter: logstash
level: INFO
# datefmt must be set otherwise you end up with too many (msecs) fields
[formatter_context]
class: oslo_log.formatters.ContextFormatter
args: (datefmt=datefmt)
format: %(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [%(request_id)s %(user)s %(tenant)s] %(instance)s%(message)s
datefmt: %Y-%m-%d %H:%M:%S
# the "format" and "datefmt" actually set the "type" and "tags"
[formatter_logstash]
class: logstash.LogstashFormatterVersion1
format: nova
datefmt: nova-scheduler
070701000000FF000081A40000000000000000000000015F71E19F0000046B000000000000000000000000000000000000005100000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-SCH/templates/scheduler.conf.j2{#
#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017-2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
#}
# This file has the Ardana values that apply only to the Nova Scheduler service.
# You may make changes to this file by adding sections/options below.
[DEFAULT]
# Logging
log_config_append = "{{ nova_service_conf_dir }}/scheduler-logging.conf"
[database]
backend = sqlalchemy
connection = {{ database_connection }}
[api_database]
connection = {{ nova_api_database_connection }}
[scheduler]
discover_hosts_in_cells_interval = 300
## Do NOT put anything after this line ##
07070100000100000041ED0000000000000000000000025F71E19F00000000000000000000000000000000000000000000003A00000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-SCH/vars07070100000101000081A40000000000000000000000015F71E19F00000396000000000000000000000000000000000000004500000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-SCH/vars/debian.yml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
# Contains packages required for nova-scheduler service in Debian System
---
# packages listed here will be installed by nova-common | install
nova_required_packages: []
# packages listed here will trigger a restart of the service when updated
nova_scheduler_restart_packages: []07070100000102000081A40000000000000000000000015F71E19F00000398000000000000000000000000000000000000004500000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-SCH/vars/redhat.yml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
# Contains packages required for nova-consoleauth service in RedHat System
---
# packages listed here will be installed by nova-common | install
nova_required_packages: []
# packages listed here will trigger a restart of the service when updated
nova_scheduler_restart_packages: []07070100000103000081A40000000000000000000000015F71E19F00000397000000000000000000000000000000000000004300000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-SCH/vars/suse.yml#
# (c) Copyright 2017 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
# Contains packages required for nova-consoleauth service in SUSE System
---
# packages listed here will be installed by nova-common | install
nova_required_packages: []
# packages listed here will trigger a restart of the service when updated
nova_scheduler_restart_packages: []
07070100000104000041ED0000000000000000000000075F71E19F00000000000000000000000000000000000000000000003500000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-VNC07070100000105000041ED0000000000000000000000025F71E19F00000000000000000000000000000000000000000000003E00000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-VNC/defaults07070100000106000081A40000000000000000000000015F71E19F00000402000000000000000000000000000000000000004700000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-VNC/defaults/main.yml#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017-2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# This file will contain the default values for the nova-novncproxy service
---
nova_component: nova-novncproxy
# the filters nova-common will copy for this service
nova_rootwrap_filters:
- rootwrap.d/novnc.filters
# the log files nova-common will create for this service
nova_log_files:
- "{{ log_dir }}/nova-novncproxy.log"
- "{{ log_dir }}/nova-novncproxy-json.log"
07070100000107000041ED0000000000000000000000025F71E19F00000000000000000000000000000000000000000000003A00000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-VNC/meta07070100000108000081A40000000000000000000000015F71E19F000002AC000000000000000000000000000000000000004300000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-VNC/meta/main.yml#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
dependencies:
- role: nova-common
07070100000109000041ED0000000000000000000000025F71E19F00000000000000000000000000000000000000000000003B00000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-VNC/tasks0707010000010A000081A40000000000000000000000015F71E19F0000037F000000000000000000000000000000000000005700000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-VNC/tasks/check_upgraded_packages.yml#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- name: NOV-VNC | check_upgraded_packages | Check upgraded packages
command: /bin/true
register: ardana_notify_nova_novncproxy_restart_required
when: item in ardana_upgraded_pkgs | default({})
with_items: nova_novncproxy_restart_packages
0707010000010B000081A40000000000000000000000015F71E19F000006DA000000000000000000000000000000000000004900000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-VNC/tasks/configure.yml#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017-2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# Configure the nova-novnc service
---
- include: ../../nova-common/tasks/_set_directories.yml
vars:
install_package_result: "{{ ardana_notify_nova_novncproxy_install_result }}"
- name: NOV-VNC | configure | nova-common configure
include: ../../nova-common/tasks/configure.yml
- name: NOV-VNC | configure | notify on rootwrap change
command: /bin/true
register: ardana_notify_nova_novncproxy_restart_required
when: rootwrap_changed
- include: ../../nova-common/tasks/_write_conf.yml
src: "../../NOV-VNC/templates/novncproxy.conf.j2"
dest: "{{ nova_service_conf_dir }}/novncproxy.conf"
- name: NOV-VNC | configure | notify on novncproxy.conf change
command: /bin/true
register: ardana_notify_nova_novncproxy_restart_required
when: write_conf_result.changed
- name: NOV-VNC | configure | Apply template
become: yes
template:
src: "{{ item }}.j2"
dest: "{{ nova_service_conf_dir }}/{{ item }}"
owner: root
group: "{{ nova_system_group }}"
mode: 0640
with_items:
- "novncproxy-logging.conf"
register: ardana_notify_nova_novncproxy_restart_required
0707010000010C000081A40000000000000000000000015F71E19F00000846000000000000000000000000000000000000004700000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-VNC/tasks/install.yml#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# Install nova-novncproxy service
---
- name: NOV-VNC | install | Update installed packager cache
become: yes
install_package:
cache: update
- name: NOV-VNC | install |
Install the nova-novncproxy service from the nova venv
become: yes
install_package:
name: nova
service: nova-novncproxy
state: present
activate: act_off
register: ardana_notify_nova_novncproxy_install_result
- name: NOV-VNC | install | register persistent fact of install
command: /bin/true
register: ardana_notify_nova_novncproxy_restart_required
when: ardana_notify_nova_novncproxy_install_result.changed
- include: ../../nova-common/tasks/_set_directories.yml
vars:
install_package_result: "{{ ardana_notify_nova_novncproxy_install_result }}"
- name: NOV-VNC | install | Setup nova-novncproxy service
become: yes
setup_systemd:
service: nova-novncproxy
user: "{{ nova_system_user }}"
group: "{{ nova_system_group }}"
cmd: nova-novncproxy
args: >
--config-file {{ nova_service_conf_dir }}/nova.conf
--config-file {{ nova_service_conf_dir }}/rootwrap.conf
--config-file {{ nova_service_conf_dir }}/novncproxy.conf
- name: NOV-VNC | install | Set nova-novncproxy service to not start on boot
become: yes
service:
name: nova-novncproxy
enabled: no
# This must happen after the install_package, or a path which is meant to be a
# symlink will be mkdir'd
- include: ../../nova-common/tasks/install.yml
0707010000010D000081A40000000000000000000000015F71E19F000002EB000000000000000000000000000000000000004400000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-VNC/tasks/main.yml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- name: NOV-VNC | main | Set os-specific variables
include_vars: "{{ ansible_os_family | lower }}.yml"0707010000010E000081A40000000000000000000000015F71E19F000006C7000000000000000000000000000000000000004500000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-VNC/tasks/start.yml#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# Restart or start the nova-novncproxy service
---
- name: NOV-VNC | start | Activate the latest installed version
become: yes
install_package:
name: nova
service: nova-novncproxy
activate: act_on
version: "{{ ardana_notify_nova_novncproxy_install_result.version }}"
when: not (ardana_notify_nova_novncproxy_install_result is not defined)
- name: NOV-VNC | start | register persistent fact of activate
command: /bin/true
register: ardana_notify_nova_novncproxy_restart_required
when: ardana_notify_nova_novncproxy_install_result is defined and
ardana_notify_nova_novncproxy_install_result.changed
- name: NOV-VNC | start | Restart nova-novncproxy service
become: yes
service:
name: nova-novncproxy
state: restarted
when: ardana_notify_nova_restart_required.changed or
(ardana_notify_nova_novncproxy_restart_required is defined and
ardana_notify_nova_novncproxy_restart_required.changed)
- name: NOV-VNC | start | Ensure nova-novncproxy service started
become: yes
service:
name: nova-novncproxy
state: started
0707010000010F000081A40000000000000000000000015F71E19F000002C0000000000000000000000000000000000000004600000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-VNC/tasks/status.yml#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- include: ../../nova-common/tasks/_service_status.yml
07070100000110000081A40000000000000000000000015F71E19F0000038C000000000000000000000000000000000000004400000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-VNC/tasks/stop.yml#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# Stop the nova-novncproxy service
---
- name: NOV-VNC | stop | stop nova-novncproxy service
become: yes
service: name=nova-novncproxy state=stopped
register: stop_result
failed_when:
"stop_result|failed and 'service not found' not in stop_result.msg"
07070100000111000041ED0000000000000000000000025F71E19F00000000000000000000000000000000000000000000003F00000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-VNC/templates07070100000112000081A40000000000000000000000015F71E19F000006B3000000000000000000000000000000000000005A00000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-VNC/templates/novncproxy-logging.conf.j2{#
#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017-2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
#}
[loggers]
keys: root
[handlers]
keys: watchedfile, logstash
[formatters]
keys: context, logstash
[logger_root]
qualname: root
handlers: watchedfile, logstash
level: NOTSET
# Writes to disk
[handler_watchedfile]
class: handlers.WatchedFileHandler
# TODO Use templated log path
args: ('{{ log_dir }}/nova-novncproxy.log',)
formatter: context
level: INFO
# Writes JSON to disk, beaver will ship to logstash
[handler_logstash]
class: handlers.WatchedFileHandler
# TODO Use templated log path
args: ('{{ log_dir }}/nova-novncproxy-json.log',)
formatter: logstash
level: INFO
# datefmt must be set otherwise you end up with too many (msecs) fields
[formatter_context]
class: oslo_log.formatters.ContextFormatter
args: (datefmt=datefmt)
format: %(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [%(request_id)s %(user)s %(tenant)s] %(instance)s%(message)s
datefmt: %Y-%m-%d %H:%M:%S
# the "format" and "datefmt" attrs actually set the "type" and "tags"
[formatter_logstash]
class: logstash.LogstashFormatterVersion1
format: nova
datefmt: novncproxy
07070100000113000081A40000000000000000000000015F71E19F000004B5000000000000000000000000000000000000005200000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-VNC/templates/novncproxy.conf.j2{#
#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
#}
# This file has the Ardana values that apply only to the Nova novncproxy service.
# You may make changes to this file by adding sections/options below.
[DEFAULT]
# Logging
log_config_append = "{{ nova_service_conf_dir }}/novncproxy-logging.conf"
# VNC
novncproxy_host = {{ novncproxy_host }}
novncproxy_port = {{ novncproxy_port }}
vncserver_listen = {{ vncserver_listen }}
[database]
backend = sqlalchemy
connection = {{ database_connection }}
[api_database]
connection = {{ nova_api_database_connection }}
## Do NOT put anything after this line ##
07070100000114000041ED0000000000000000000000025F71E19F00000000000000000000000000000000000000000000003A00000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-VNC/vars07070100000115000081A40000000000000000000000015F71E19F000003A5000000000000000000000000000000000000004500000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-VNC/vars/debian.yml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
# Contains packages required for nova-scheduler service in Debian System
---
# packages listed here will be installed by nova-common | install
nova_required_packages:
- novnc
# packages listed here will trigger a restart of the service when updated
nova_novncproxy_restart_packages:
- novnc07070100000116000081A40000000000000000000000015F71E19F000003A7000000000000000000000000000000000000004500000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-VNC/vars/redhat.yml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
# Contains packages required for nova-consoleauth service in RedHat System
---
# packages listed here will be installed by nova-common | install
nova_required_packages:
- novnc
# packages listed here will trigger a restart of the service when updated
nova_novncproxy_restart_packages:
- novnc07070100000117000081A40000000000000000000000015F71E19F000003A6000000000000000000000000000000000000004300000000ardana-nova-8.0+git.1601298847.dd01585/roles/NOV-VNC/vars/suse.yml#
# (c) Copyright 2017 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
# Contains packages required for nova-consoleauth service in SUSE System
---
# packages listed here will be installed by nova-common | install
nova_required_packages:
- novnc
# packages listed here will trigger a restart of the service when updated
nova_novncproxy_restart_packages:
- novnc
07070100000118000041ED0000000000000000000000095F71E19F00000000000000000000000000000000000000000000003900000000ardana-nova-8.0+git.1601298847.dd01585/roles/nova-common07070100000119000041ED0000000000000000000000025F71E19F00000000000000000000000000000000000000000000004200000000ardana-nova-8.0+git.1601298847.dd01585/roles/nova-common/defaults0707010000011A000081A40000000000000000000000015F71E19F00001F60000000000000000000000000000000000000004B00000000ardana-nova-8.0+git.1601298847.dd01585/roles/nova-common/defaults/main.yml#
# (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017-2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
# Layout of this file:
# At the top of this file (following on from this text) are the root level
# variables. Variables defined here have global scope.
#
# Files are defined by identifiers followed by a colon(:), with sections in
# a file indented to the next level.
# system level vars
# -----------------
# Values in this section relate to the build/install of nova
# at a system level
nova_system_group: nova
nova_log_group: adm
nova_system_user: nova
nova_system_createhome: false
nova_system_shell: /bin/false
nova_migrate_enabled: false
enable_migrate_file: "{{ nova_facts_dir }}/nova_migrate_enabled.fact"
# Some directories are set by _set_directories.yml as they need to be set after
# install (the version is required in the path).
nova_state_root_dir: /
nova_system_home_folder: "{{ nova_state_root_dir }}/var/lib/nova"
nova_kernel_module_file: "{{ nova_component }}"
nova_facts_dir: "/etc/ansible/facts.d"
# Number of maximum workers allowed regardless of CPUs available
nova_api_max_workers: 20
# Number of maximum workers allowed regardless of CPUs available
nova_metadata_max_workers: 10
# Number of workers for OpenStack API service. The default will be the
# maximum allowed by variable nova_api_max_workers
nova_api_workers: "{{ ansible_processor_count * ansible_processor_cores * 2 | default('{{ nova_api_max_workers }} ') }}"
# Number of workers for metadata service.
nova_metadata_workers: "{{ ansible_processor_count * ansible_processor_cores * 2 | default('{{ nova_metadata_max_workers }} ') }}"
# nova.conf
## [DEFAULT]
### API
api_paste_config: "{{ nova_service_conf_dir }}/api-paste.ini"
api_audit_config: "{{ nova_service_conf_dir }}/api_audit_map.conf"
compute_link_prefix: "{{ NOV_API.advertises.vips.public[0].url }}"
osapi_compute_listen_port: >
{{ host | item('bind.NOV_API.internal.port',
default=8774) }}
osapi_compute_listen: >
{{ host | item('bind.NOV_API.internal.ip_address',
default=host.vars.my_hostname_address) }}
### CA & SSL
keys_path: "{{ nova_state_root_dir }}/var/lib/nova/keys"
### common
lock_path: "{{ nova_state_root_dir }}/var/lib/nova"
my_ip: "{{ host.vars.my_hostname_address }}"
rootwrap_config: "{{ nova_service_conf_dir }}/rootwrap.conf"
state_path: "{{ nova_state_root_dir }}/var/lib/nova"
### Logging
log_dir: "{{ nova_state_root_dir }}/var/log/nova"
### Audit
nova_api_audit_enable: "{{ NOV.audit.enabled }}"
nova_audit_log_location: "{{ NOV.audit.dir }}/nova"
nova_internal_endpoint: NOV_API.advertises.vips.private[0].url
### Metadata
metadata_host: "{% if host.bind.NOV_MTD is defined %}{{ host.bind.NOV_MTD.internal.ip_address }}{% else %}{{ NOV_API.advertises.vips.private[0].host }}{% endif %}"
metadata_listen: "{% if host.bind.NOV_MTD is defined %}{{ host.bind.NOV_MTD.internal.ip_address }}{% else %}{{ NOV_API.advertises.vips.private[0].host }}{% endif %}"
metadata_use_forwarded_for: >
{% if true in (NOV_API | provided_data('use_forwarded_for')) %}
True{% else %}False{% endif %}
### Network
default_floating_pool: "{{ config_data | item('NEU.neutron_external_networks', default=[{'name': 'ext-net'}]) | map(attribute='name') | first }}"
### RabbitMQ
rabbit_hosts: "{% for x in NOV_API.consumes_FND_RMQ.members.private %}{{ x.host }}:{{ x.port }}{%if not loop.last %},{% endif %}{% endfor %}"
rabbit_password: "{{ NOV.consumes_FND_RMQ.vars.accounts.nova.password }}"
rabbit_userid: "{{ NOV.consumes_FND_RMQ.vars.accounts.nova.username }}"
rabbit_use_ssl: "{{ NOV.consumes_FND_RMQ.members.private[0].use_tls }}"
rabbit_hosts_transport_url: >
rabbit://
{%- for x in NOV_API.consumes_FND_RMQ.members.private -%}
{{ rabbit_userid }}:{{ rabbit_password }}@{{ x.host }}:{{ x.port }}{%- if not loop.last -%},{%- endif -%}
{%- endfor -%}
/
cell0_rabbit_hosts_transport_url: "none:///"
nova_rpc_response_timeout: 60
### SRIOV and PCI-PT
pci_passthrough_whitelist: ''
### VNC
novncproxy_host: "{{ host.bind.NOV_VNC.public.ip_address }}"
novncproxy_port: "{{ host.bind.NOV_VNC.public.port }}"
vncserver_listen: "{{ host.bind.NOV_VNC.public.ip_address }}"
## [vnc]
vncserver_proxyclient_address: "{{ NOV_VNC.advertises.vips.public[0].host }}"
## [database ssl]
nova_db_ca_file: "{{ trusted_ca_bundle }}"
nova_db_ssl: "{% if NOV.consumes_FND_MDB.vips.private[0].use_tls %}?ssl_ca={{ nova_db_ca_file }}{% endif %}"
nova_api_db_ssl: "{% if NOV_API.consumes_FND_MDB.vips.private[0].use_tls %}?ssl_ca={{ nova_db_ca_file }}{% endif %}"
## [database]
database_connection: "mysql+pymysql://{{ NOV.consumes_FND_MDB.vars.accounts.nova.username }}:{{ NOV.consumes_FND_MDB.vars.accounts.nova.password | urlencode }}@{{ NOV.consumes_FND_MDB.vips.private[0].host }}/nova{{ nova_db_ssl }}"
cell0_database_connection: "mysql+pymysql://{{ NOV.consumes_FND_MDB.vars.accounts.nova.username }}:{{ NOV.consumes_FND_MDB.vars.accounts.nova.password | urlencode }}@{{ NOV.consumes_FND_MDB.vips.private[0].host }}/nova_cell0{{ nova_db_ssl }}"
## [api_database]
nova_api_database_connection: "mysql+pymysql://{{ NOV_API.consumes_FND_MDB.vars.accounts.nova_api.username }}:{{ NOV_API.consumes_FND_MDB.vars.accounts.nova_api.password | urlencode }}@{{ NOV_API.consumes_FND_MDB.vips.private[0].host }}/nova_api{{ nova_api_db_ssl }}"
## [glance]
glance_api_servers: "{{ NOV_API.consumes_GLA_API.vips.private[0].url }}"
## [keystone_authtoken]
keystone_auth_uri: "{{ NOV_API.consumes_KEY_API.vips.private[0].url }}"
keystone_identity_uri: "{{ NOV_API.consumes_KEY_API.vips.private[0].url }}"
nova_admin_password: "{{ NOV_API.consumes_KEY_API.vars.keystone_nova_password | quote }}"
nova_admin_tenant_name: "{{ KEY_API.vars.keystone_service_tenant }}"
nova_admin_user: "{{ NOV_API.consumes_KEY_API.vars.keystone_nova_user }}"
keystone_region_name: "{{ NOV.regions | first }}"
memcached_servers: "{% for x in NOV.consumes_FND_MEM.members.private %}{{ x.host }}:{{ x.port }}{%if
not loop.last %},{% endif %}{% endfor %}"
memcache_secret_key: "{{ NOV.consumes_FND_MEM.vars.memcached.nova.secret_key | quote }}"
## [placement]
nova_placement_api_user: "{{ NOV_PLC.consumes_KEY_API.vars.nova_placement_api_user }}"
nova_placement_api_password: "{{ NOV_PLC.consumes_KEY_API.vars.nova_placement_api_password | quote }}"
# Barbican
barbican_endpoint_template: "{% if ( 'consumes_KEYMGR_API' in NOV_API ) %}{{ NOV_API.consumes_KEYMGR_API.vips.private[0].url }}{% endif %}"
barbican_os_region_name: "{{ NOV.regions | first }}"
barbican_keystone_auth_url: "{{ NOV_API.consumes_KEY_API.vips.private[0].url }}/v3"
## [libvirt]
libvirt_snapshots_directory: "{{ nova_state_root_dir }}/var/lib/nova/tmp"
## [neutron]
neutron_admin_auth_url: "{{ NOV_API.consumes_KEY_API.vips.private[0].url }}/v3"
neutron_admin_project_name: "{{ KEY_API.vars.keystone_service_tenant }}"
neutron_admin_password: "{{ NEU_SVR.consumes_KEY_API.vars.keystone_neutron_password | quote }}"
neutron_admin_username: "{{ NEU_SVR.consumes_KEY_API.vars.keystone_neutron_user }}"
neutron_domain_name: "{{ KEY_API.vars.keystone_default_domain }}"
neutron_url: "{{ NOV_API.consumes_NEU_SVR.vips.private[0].url }}"
neutron_metadata_proxy_shared_secret: >
{%- if NOV_MTD.vars.metadata_proxy_shared_secret is defined -%}
{{ NOV_MTD.vars.metadata_proxy_shared_secret }}
{%- endif -%}
neutron_region_name: "{{ NOV.regions | first }}"
## [cinder]
cinder_os_region_name: "{{ NOV.regions | first }}"
0707010000011B000041ED0000000000000000000000035F71E19F00000000000000000000000000000000000000000000003F00000000ardana-nova-8.0+git.1601298847.dd01585/roles/nova-common/files0707010000011C000041ED0000000000000000000000025F71E19F00000000000000000000000000000000000000000000004A00000000ardana-nova-8.0+git.1601298847.dd01585/roles/nova-common/files/rootwrap.d0707010000011D000081A40000000000000000000000015F71E19F0000024D000000000000000000000000000000000000005F00000000ardana-nova-8.0+git.1601298847.dd01585/roles/nova-common/files/rootwrap.d/api-metadata.filters# nova-rootwrap command filters for api-metadata nodes
# This is needed on nova-api hosts running with "metadata" in enabled_apis
# or when running nova-api-metadata
# This file should be owned by (and only-writeable by) the root user
[Filters]
# nova/network/linux_net.py: 'ip[6]tables-save' % (cmd, '-t', ...
iptables-save: CommandFilter, iptables-save, root
ip6tables-save: CommandFilter, ip6tables-save, root
# nova/network/linux_net.py: 'ip[6]tables-restore' % (cmd,)
iptables-restore: CommandFilter, iptables-restore, root
ip6tables-restore: CommandFilter, ip6tables-restore, root
0707010000011E000081A40000000000000000000000015F71E19F00000167000000000000000000000000000000000000006900000000ardana-nova-8.0+git.1601298847.dd01585/roles/nova-common/files/rootwrap.d/baremetal-compute-ipmi.filters# nova-rootwrap command filters for compute nodes
# This file should be owned by (and only-writeable by) the root user
[Filters]
# nova/virt/baremetal/ipmi.py: 'ipmitool', ..
ipmitool: CommandFilter, ipmitool, root
# nova/virt/baremetal/ipmi.py: 'kill', '-TERM', str(console_pid)
kill_shellinaboxd: KillFilter, root, /usr/local/bin/shellinaboxd, -15, -TERM
0707010000011F000081A40000000000000000000000015F71E19F0000017E000000000000000000000000000000000000006A00000000ardana-nova-8.0+git.1601298847.dd01585/roles/nova-common/files/rootwrap.d/baremetal-deploy-helper.filters# nova-rootwrap command filters for nova-baremetal-deploy-helper
# This file should be owned by (and only-writeable by) the root user
[Filters]
# nova-baremetal-deploy-helper
iscsiadm: CommandFilter, iscsiadm, root
sfdisk: CommandFilter, sfdisk, root
dd: CommandFilter, dd, root
mkswap: CommandFilter, mkswap, root
blkid: CommandFilter, blkid, root
mkfs: CommandFilter, mkfs, root
07070100000120000081A40000000000000000000000015F71E19F000025B1000000000000000000000000000000000000005A00000000ardana-nova-8.0+git.1601298847.dd01585/roles/nova-common/files/rootwrap.d/compute.filters# nova-rootwrap command filters for compute nodes
# This file should be owned by (and only-writeable by) the root user
[Filters]
# nova/virt/disk/mount/api.py: 'kpartx', '-a', device
# nova/virt/disk/mount/api.py: 'kpartx', '-d', device
kpartx: CommandFilter, kpartx, root
# nova/virt/xenapi/vm_utils.py: tune2fs, -O ^has_journal, part_path
# nova/virt/xenapi/vm_utils.py: tune2fs, -j, partition_path
tune2fs: CommandFilter, tune2fs, root
# nova/virt/disk/mount/api.py: 'mount', mapped_device
# nova/virt/disk/api.py: 'mount', '-o', 'bind', src, target
# nova/virt/xenapi/vm_utils.py: 'mount', '-t', 'ext2,ext3,ext4,reiserfs'..
# nova/virt/configdrive.py: 'mount', device, mountdir
# nova/virt/libvirt/volume.py: 'mount', '-t', 'sofs' ...
mount: CommandFilter, mount, root
# nova/virt/disk/mount/api.py: 'umount', mapped_device
# nova/virt/disk/api.py: 'umount' target
# nova/virt/xenapi/vm_utils.py: 'umount', dev_path
# nova/virt/configdrive.py: 'umount', mountdir
umount: CommandFilter, umount, root
# nova/virt/disk/mount/nbd.py: 'qemu-nbd', '-c', device, image
# nova/virt/disk/mount/nbd.py: 'qemu-nbd', '-d', device
qemu-nbd: CommandFilter, qemu-nbd, root
# nova/virt/disk/mount/loop.py: 'losetup', '--find', '--show', image
# nova/virt/disk/mount/loop.py: 'losetup', '--detach', device
losetup: CommandFilter, losetup, root
# nova/virt/disk/vfs/localfs.py: 'blkid', '-o', 'value', '-s', 'TYPE', device
blkid: CommandFilter, blkid, root
# nova/virt/libvirt/utils.py: 'blockdev', '--getsize64', path
# nova/virt/disk/mount/nbd.py: 'blockdev', '--flushbufs', device
blockdev: RegExpFilter, blockdev, root, blockdev, (--getsize64|--flushbufs), /dev/.*
# nova/virt/disk/vfs/localfs.py: 'tee', canonpath
tee: CommandFilter, tee, root
# nova/virt/disk/vfs/localfs.py: 'mkdir', canonpath
mkdir: CommandFilter, mkdir, root
# nova/virt/disk/vfs/localfs.py: 'chown'
# nova/virt/libvirt/connection.py: 'chown', os.getuid( console_log
# nova/virt/libvirt/connection.py: 'chown', os.getuid( console_log
# nova/virt/libvirt/connection.py: 'chown', 'root', basepath('disk')
chown: CommandFilter, chown, root
# nova/virt/disk/vfs/localfs.py: 'chmod'
chmod: CommandFilter, chmod, root
# nova/virt/libvirt/vif.py: 'ip', 'tuntap', 'add', dev, 'mode', 'tap'
# nova/virt/libvirt/vif.py: 'ip', 'link', 'set', dev, 'up'
# nova/virt/libvirt/vif.py: 'ip', 'link', 'delete', dev
# nova/network/linux_net.py: 'ip', 'addr', 'add', str(floating_ip)+'/32'i..
# nova/network/linux_net.py: 'ip', 'addr', 'del', str(floating_ip)+'/32'..
# nova/network/linux_net.py: 'ip', 'addr', 'add', '169.254.169.254/32',..
# nova/network/linux_net.py: 'ip', 'addr', 'show', 'dev', dev, 'scope',..
# nova/network/linux_net.py: 'ip', 'addr', 'del/add', ip_params, dev)
# nova/network/linux_net.py: 'ip', 'addr', 'del', params, fields[-1]
# nova/network/linux_net.py: 'ip', 'addr', 'add', params, bridge
# nova/network/linux_net.py: 'ip', '-f', 'inet6', 'addr', 'change', ..
# nova/network/linux_net.py: 'ip', 'link', 'set', 'dev', dev, 'promisc',..
# nova/network/linux_net.py: 'ip', 'link', 'add', 'link', bridge_if ...
# nova/network/linux_net.py: 'ip', 'link', 'set', interface, address,..
# nova/network/linux_net.py: 'ip', 'link', 'set', interface, 'up'
# nova/network/linux_net.py: 'ip', 'link', 'set', bridge, 'up'
# nova/network/linux_net.py: 'ip', 'addr', 'show', 'dev', interface, ..
# nova/network/linux_net.py: 'ip', 'link', 'set', dev, address, ..
# nova/network/linux_net.py: 'ip', 'link', 'set', dev, 'up'
# nova/network/linux_net.py: 'ip', 'route', 'add', ..
# nova/network/linux_net.py: 'ip', 'route', 'del', .
# nova/network/linux_net.py: 'ip', 'route', 'show', 'dev', dev
ip: CommandFilter, ip, root
# nova/virt/libvirt/vif.py: 'tunctl', '-b', '-t', dev
# nova/network/linux_net.py: 'tunctl', '-b', '-t', dev
tunctl: CommandFilter, tunctl, root
# nova/virt/libvirt/vif.py: 'ovs-vsctl', ...
# nova/virt/libvirt/vif.py: 'ovs-vsctl', 'del-port', ...
# nova/network/linux_net.py: 'ovs-vsctl', ....
ovs-vsctl: CommandFilter, ovs-vsctl, root
# nova/virt/libvirt/vif.py: 'vrouter-port-control', ...
vrouter-port-control: CommandFilter, vrouter-port-control, root
# nova/virt/libvirt/vif.py: 'ebrctl', ...
ebrctl: CommandFilter, ebrctl, root
# nova/virt/libvirt/vif.py: 'mm-ctl', ...
mm-ctl: CommandFilter, mm-ctl, root
# nova/network/linux_net.py: 'ovs-ofctl', ....
ovs-ofctl: CommandFilter, ovs-ofctl, root
# nova/virt/libvirt/connection.py: 'dd', if=%s % virsh_output, ...
dd: CommandFilter, dd, root
# nova/virt/xenapi/volume_utils.py: 'iscsiadm', '-m', ...
iscsiadm: CommandFilter, iscsiadm, root
# nova/virt/libvirt/volume/aoe.py: 'aoe-revalidate', aoedev
# nova/virt/libvirt/volume/aoe.py: 'aoe-discover'
aoe-revalidate: CommandFilter, aoe-revalidate, root
aoe-discover: CommandFilter, aoe-discover, root
# nova/virt/xenapi/vm_utils.py: parted, --script, ...
# nova/virt/xenapi/vm_utils.py: 'parted', '--script', dev_path, ..*.
parted: CommandFilter, parted, root
# nova/virt/xenapi/vm_utils.py: 'pygrub', '-qn', dev_path
pygrub: CommandFilter, pygrub, root
# nova/virt/xenapi/vm_utils.py: fdisk %(dev_path)s
fdisk: CommandFilter, fdisk, root
# nova/virt/xenapi/vm_utils.py: e2fsck, -f, -p, partition_path
# nova/virt/disk/api.py: e2fsck, -f, -p, image
e2fsck: CommandFilter, e2fsck, root
# nova/virt/xenapi/vm_utils.py: resize2fs, partition_path
# nova/virt/disk/api.py: resize2fs, image
resize2fs: CommandFilter, resize2fs, root
# nova/network/linux_net.py: 'ip[6]tables-save' % (cmd, '-t', ...
iptables-save: CommandFilter, iptables-save, root
ip6tables-save: CommandFilter, ip6tables-save, root
# nova/network/linux_net.py: 'ip[6]tables-restore' % (cmd,)
iptables-restore: CommandFilter, iptables-restore, root
ip6tables-restore: CommandFilter, ip6tables-restore, root
# nova/network/linux_net.py: 'arping', '-U', floating_ip, '-A', '-I', ...
# nova/network/linux_net.py: 'arping', '-U', network_ref['dhcp_server'],..
arping: CommandFilter, arping, root
# nova/network/linux_net.py: 'dhcp_release', dev, address, mac_address
dhcp_release: CommandFilter, dhcp_release, root
# nova/network/linux_net.py: 'kill', '-9', pid
# nova/network/linux_net.py: 'kill', '-HUP', pid
kill_dnsmasq: KillFilter, root, /usr/sbin/dnsmasq, -9, -HUP
# nova/network/linux_net.py: 'kill', pid
kill_radvd: KillFilter, root, /usr/sbin/radvd
# nova/network/linux_net.py: dnsmasq call
dnsmasq: EnvFilter, env, root, CONFIG_FILE=, NETWORK_ID=, dnsmasq
# nova/network/linux_net.py: 'radvd', '-C', '%s' % _ra_file(dev, 'conf'..
radvd: CommandFilter, radvd, root
# nova/network/linux_net.py: 'brctl', 'addbr', bridge
# nova/network/linux_net.py: 'brctl', 'setfd', bridge, 0
# nova/network/linux_net.py: 'brctl', 'stp', bridge, 'off'
# nova/network/linux_net.py: 'brctl', 'addif', bridge, interface
brctl: CommandFilter, brctl, root
# nova/virt/libvirt/utils.py: 'mkswap'
# nova/virt/xenapi/vm_utils.py: 'mkswap'
mkswap: CommandFilter, mkswap, root
# nova/virt/libvirt/utils.py: 'nova-idmapshift'
nova-idmapshift: CommandFilter, nova-idmapshift, root
# nova/virt/xenapi/vm_utils.py: 'mkfs'
# nova/utils.py: 'mkfs', fs, path, label
mkfs: CommandFilter, mkfs, root
# nova/virt/libvirt/utils.py: 'qemu-img'
qemu-img: CommandFilter, qemu-img, root
# nova/virt/disk/vfs/localfs.py: 'readlink', '-e'
readlink: CommandFilter, readlink, root
# nova/virt/disk/api.py:
mkfs.ext3: CommandFilter, mkfs.ext3, root
mkfs.ext4: CommandFilter, mkfs.ext4, root
mkfs.ntfs: CommandFilter, mkfs.ntfs, root
# nova/virt/libvirt/connection.py:
lvremove: CommandFilter, lvremove, root
# nova/virt/libvirt/utils.py:
lvcreate: CommandFilter, lvcreate, root
# nova/virt/libvirt/utils.py:
lvs: CommandFilter, lvs, root
# nova/virt/libvirt/utils.py:
vgs: CommandFilter, vgs, root
# nova/utils.py:read_file_as_root: 'cat', file_path
# (called from nova/virt/disk/vfs/localfs.py:VFSLocalFS.read_file)
read_passwd: RegExpFilter, cat, root, cat, (/var|/usr)?/tmp/openstack-vfs-localfs[^/]+/etc/passwd
read_shadow: RegExpFilter, cat, root, cat, (/var|/usr)?/tmp/openstack-vfs-localfs[^/]+/etc/shadow
# os-brick needed commands
read_initiator: ReadFileFilter, /etc/iscsi/initiatorname.iscsi
multipath: CommandFilter, multipath, root
# multipathd show status
multipathd: CommandFilter, multipathd, root
systool: CommandFilter, systool, root
vgc-cluster: CommandFilter, vgc-cluster, root
# os_brick/initiator/connector.py
drv_cfg: CommandFilter, /opt/emc/scaleio/sdc/bin/drv_cfg, root, /opt/emc/scaleio/sdc/bin/drv_cfg, --query_guid
# TODO(smcginnis) Temporary fix.
# Need to pull in os-brick os-brick.filters file instead and clean
# out stale brick values from this file.
scsi_id: CommandFilter, /lib/udev/scsi_id, root
# nova/storage/linuxscsi.py: sg_scan device
sg_scan: CommandFilter, sg_scan, root
# nova/volume/encryptors/cryptsetup.py:
# nova/volume/encryptors/luks.py:
ln: RegExpFilter, ln, root, ln, --symbolic, --force, /dev/mapper/.*, .*
# nova/volume/encryptors.py:
# nova/virt/libvirt/dmcrypt.py:
cryptsetup: CommandFilter, cryptsetup, root
# nova/virt/xenapi/vm_utils.py:
xenstore-read: CommandFilter, xenstore-read, root
# nova/virt/libvirt/utils.py:
rbd: CommandFilter, rbd, root
# nova/virt/libvirt/utils.py: 'shred', '-n3', '-s%d' % volume_size, path
shred: CommandFilter, shred, root
# nova/virt/libvirt/volume.py: 'cp', '/dev/stdin', delete_control..
cp: CommandFilter, cp, root
# nova/virt/xenapi/vm_utils.py:
sync: CommandFilter, sync, root
# nova/virt/libvirt/imagebackend.py:
ploop: CommandFilter, ploop, root
# nova/virt/libvirt/utils.py: 'xend', 'status'
xend: CommandFilter, xend, root
# nova/virt/libvirt/utils.py:
touch: CommandFilter, touch, root
07070100000121000081A40000000000000000000000015F71E19F00000043000000000000000000000000000000000000005E00000000ardana-nova-8.0+git.1601298847.dd01585/roles/nova-common/files/rootwrap.d/consoleauth.filters# Empty file to allow ansible script to run and configure rootwrap
07070100000122000081A40000000000000000000000015F71E19F00000FA3000000000000000000000000000000000000005A00000000ardana-nova-8.0+git.1601298847.dd01585/roles/nova-common/files/rootwrap.d/network.filters# nova-rootwrap command filters for network nodes
# This file should be owned by (and only-writeable by) the root user
[Filters]
# nova/virt/libvirt/vif.py: 'ip', 'tuntap', 'add', dev, 'mode', 'tap'
# nova/virt/libvirt/vif.py: 'ip', 'link', 'set', dev, 'up'
# nova/virt/libvirt/vif.py: 'ip', 'link', 'delete', dev
# nova/network/linux_net.py: 'ip', 'addr', 'add', str(floating_ip)+'/32'i..
# nova/network/linux_net.py: 'ip', 'addr', 'del', str(floating_ip)+'/32'..
# nova/network/linux_net.py: 'ip', 'addr', 'add', '169.254.169.254/32',..
# nova/network/linux_net.py: 'ip', 'addr', 'show', 'dev', dev, 'scope',..
# nova/network/linux_net.py: 'ip', 'addr', 'del/add', ip_params, dev)
# nova/network/linux_net.py: 'ip', 'addr', 'del', params, fields[-1]
# nova/network/linux_net.py: 'ip', 'addr', 'add', params, bridge
# nova/network/linux_net.py: 'ip', '-f', 'inet6', 'addr', 'change', ..
# nova/network/linux_net.py: 'ip', 'link', 'set', 'dev', dev, 'promisc',..
# nova/network/linux_net.py: 'ip', 'link', 'add', 'link', bridge_if ...
# nova/network/linux_net.py: 'ip', 'link', 'set', interface, address,..
# nova/network/linux_net.py: 'ip', 'link', 'set', interface, 'up'
# nova/network/linux_net.py: 'ip', 'link', 'set', bridge, 'up'
# nova/network/linux_net.py: 'ip', 'addr', 'show', 'dev', interface, ..
# nova/network/linux_net.py: 'ip', 'link', 'set', dev, address, ..
# nova/network/linux_net.py: 'ip', 'link', 'set', dev, 'up'
# nova/network/linux_net.py: 'ip', 'route', 'add', ..
# nova/network/linux_net.py: 'ip', 'route', 'del', .
# nova/network/linux_net.py: 'ip', 'route', 'show', 'dev', dev
ip: CommandFilter, ip, root
# nova/virt/libvirt/vif.py: 'ovs-vsctl', ...
# nova/virt/libvirt/vif.py: 'ovs-vsctl', 'del-port', ...
# nova/network/linux_net.py: 'ovs-vsctl', ....
ovs-vsctl: CommandFilter, ovs-vsctl, root
# nova/network/linux_net.py: 'ovs-ofctl', ....
ovs-ofctl: CommandFilter, ovs-ofctl, root
# nova/virt/libvirt/vif.py: 'ivs-ctl', ...
# nova/virt/libvirt/vif.py: 'ivs-ctl', 'del-port', ...
# nova/network/linux_net.py: 'ivs-ctl', ....
ivs-ctl: CommandFilter, ivs-ctl, root
# nova/virt/libvirt/vif.py: 'ifc_ctl', ...
ifc_ctl: CommandFilter, /opt/pg/bin/ifc_ctl, root
# nova/network/linux_net.py: 'ebtables', '-D' ...
# nova/network/linux_net.py: 'ebtables', '-I' ...
ebtables: CommandFilter, ebtables, root
ebtables_usr: CommandFilter, ebtables, root
# nova/network/linux_net.py: 'ip[6]tables-save' % (cmd, '-t', ...
iptables-save: CommandFilter, iptables-save, root
ip6tables-save: CommandFilter, ip6tables-save, root
# nova/network/linux_net.py: 'ip[6]tables-restore' % (cmd,)
iptables-restore: CommandFilter, iptables-restore, root
ip6tables-restore: CommandFilter, ip6tables-restore, root
# nova/network/linux_net.py: 'arping', '-U', floating_ip, '-A', '-I', ...
# nova/network/linux_net.py: 'arping', '-U', network_ref['dhcp_server'],..
arping: CommandFilter, arping, root
# nova/network/linux_net.py: 'dhcp_release', dev, address, mac_address
dhcp_release: CommandFilter, dhcp_release, root
# nova/network/linux_net.py: 'kill', '-9', pid
# nova/network/linux_net.py: 'kill', '-HUP', pid
kill_dnsmasq: KillFilter, root, /usr/sbin/dnsmasq, -9, -HUP
# nova/network/linux_net.py: 'kill', pid
kill_radvd: KillFilter, root, /usr/sbin/radvd
# nova/network/linux_net.py: dnsmasq call
dnsmasq: EnvFilter, env, root, CONFIG_FILE=, NETWORK_ID=, dnsmasq
# nova/network/linux_net.py: 'radvd', '-C', '%s' % _ra_file(dev, 'conf'..
radvd: CommandFilter, radvd, root
# nova/network/linux_net.py: 'brctl', 'addbr', bridge
# nova/network/linux_net.py: 'brctl', 'setfd', bridge, 0
# nova/network/linux_net.py: 'brctl', 'stp', bridge, 'off'
# nova/network/linux_net.py: 'brctl', 'addif', bridge, interface
brctl: CommandFilter, brctl, root
# nova/network/linux_net.py: 'sysctl', ....
sysctl: CommandFilter, sysctl, root
# nova/network/linux_net.py: 'conntrack'
conntrack: CommandFilter, conntrack, root
# nova/network/linux_net.py: 'fp-vdev'
fp-vdev: CommandFilter, fp-vdev, root
07070100000123000081A40000000000000000000000015F71E19F00000043000000000000000000000000000000000000005800000000ardana-nova-8.0+git.1601298847.dd01585/roles/nova-common/files/rootwrap.d/novnc.filters# Empty file to allow ansible script to run and configure rootwrap
07070100000124000041ED0000000000000000000000025F71E19F00000000000000000000000000000000000000000000004100000000ardana-nova-8.0+git.1601298847.dd01585/roles/nova-common/library07070100000125000081A40000000000000000000000015F71E19F00000E26000000000000000000000000000000000000005900000000ardana-nova-8.0+git.1601298847.dd01585/roles/nova-common/library/create_pci_whitelist.py#!/usr/bin/python
#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
from ansible.module_utils.basic import * # noqa
import json
import yaml
DOCUMENTATION = '''
---
module: create-pci-whitelist
short_description: Create SRIOV and PCI whitelist
description: Create SRIOV and PCI whitelist
author: Praveen Kumar SM
requirements: [ ]
options:
args:
required: true
description:
- A string containing arguments passed to the create sriov and
pci whitelist
'''
EXAMPLES = '''
tasks:
- name: Create PCI Whitelist
create_pci_whitelist: args="{{ network_pci_pt_sriov_interfaces }}"
The structure of network_pci_pt_sriov_interfaces is below:
[
{
"bus_address": "0000:15:00",
"device": "hed15",
"nic_device_type": {
"device_id": "1008",
"family": "MT-27500",
"name": "544M",
"vendor_id": "15b3"
},
"pf_mode": "pci-passthrough",
"tags": [
{
"component": "neutron-openvswitch-agent",
"data_values": {
"provider-physical-network": "physnet5",
"tenant-vlan-id-range": "50:59"
},
"service": "neutron",
"tag": "neutron.networks.vlan"
}
],
"vf_count": "4"
}, ...
]
This will produce output (sans single-quotes) like:
' {"devname": "hed15", "physical_network": "physnet5"},'
'{"physical_network": "physnet5", "address": "*:15:00"}'
The leading space is to work around:
https://github.com/ansible/ansible/issues/10864
'''
def main():
module = AnsibleModule( # noqa
argument_spec={'args': {'required': True, 'type': 'str'}},
supports_check_mode=True)
lines = []
for pci_dict in yaml.load(module.params['args']):
phys_net = ''
for tag_dict in pci_dict.get('tags', []):
if (tag_dict.get('tag') in ['neutron.networks.flat',
'neutron.networks.vlan']):
phys_net = (tag_dict.get('data_values', {})
.get('provider-physical-network', phys_net))
pf_mode = pci_dict.get('pf_mode')
if (pf_mode in ['normal', 'sriov-only', 'pci-passthrough']
and pci_dict.get('vf_count', 0) > 0):
lines.append(json.dumps({
"devname": pci_dict.get('device'),
"physical_network": phys_net}))
if pf_mode in ['pci-passthrough']:
bus_addr = pci_dict.get('bus_address')
lines.append(json.dumps({
"address": "*:" + bus_addr[bus_addr.index(':') + 1:],
"physical_network": phys_net}))
combined = ' ' + ",".join(lines)
module.exit_json(cmd='args', stdout=combined)
if __name__ == "__main__":
main()
07070100000126000041ED0000000000000000000000025F71E19F00000000000000000000000000000000000000000000003E00000000ardana-nova-8.0+git.1601298847.dd01585/roles/nova-common/meta07070100000127000081A40000000000000000000000015F71E19F000002C2000000000000000000000000000000000000004700000000ardana-nova-8.0+git.1601298847.dd01585/roles/nova-common/meta/main.yml#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017-2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# ---
dependencies:
- role: FND-AP2
- role: tls-vars
07070100000128000041ED0000000000000000000000025F71E19F00000000000000000000000000000000000000000000003F00000000ardana-nova-8.0+git.1601298847.dd01585/roles/nova-common/tasks07070100000129000081A40000000000000000000000015F71E19F000003D4000000000000000000000000000000000000005B00000000ardana-nova-8.0+git.1601298847.dd01585/roles/nova-common/tasks/_clear_persistent_facts.yml#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# Clear persistent fact that is read by all services so must exist until
# all services have been restarted
---
- name: nova-common | _clear_persistent_facts | Clear persistent facts
command: /bin/true
changed_when: true
when: ardana_notify_nova_restart_required is defined and
ardana_notify_nova_restart_required.changed
0707010000012A000081A40000000000000000000000015F71E19F00000484000000000000000000000000000000000000005500000000ardana-nova-8.0+git.1601298847.dd01585/roles/nova-common/tasks/_configure_policy.yml#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# nova-common | _configure_policy
---
- name: nova-common | _configure_policy | debug message for nova-component
debug:
msg: "Running nova-common _configure_policy for {{ nova_component }}"
when: nova_component is defined
run_once: true
- name: nova-common | _configure_policy | Apply policy template
become: yes
template:
src: "{{ nova_policy_file }}"
dest: "{{ nova_service_conf_dir }}/policy.json"
owner: root
group: root
mode: 0644
register: nova_policy_template_result
0707010000012B000081A40000000000000000000000015F71E19F00000AE0000000000000000000000000000000000000005700000000ardana-nova-8.0+git.1601298847.dd01585/roles/nova-common/tasks/_configure_rootwrap.yml#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# nova-common | _configure_rootwrap
---
- name: nova-common | _configure_rootwrap | debug message for nova-component
debug:
msg: "Running nova-common _configure_rootwrap for {{ nova_component }}"
when: nova_component is defined
run_once: true
# this has to be in the /etc/sudoers.d of the host - not the venv!
- name: nova-common | _configure_rootwrap |
Setup nova user to allow sudo to run nova-rootwrap without password
become: yes
template:
src: nova-rootwrap.j2
dest: /etc/sudoers.d/nova-rootwrap
owner: root
group: root
mode: 0440
validate: 'visudo -cf %s'
register: allow_sudo_result
# DO NOT register the symbolic link creation - it reports changed everytime
- name: nova-common | _configure_rootwrap |
Create a symbolic link between filesystem and venv for nova-rootwrap
become: yes
file:
src: "{{ nova_service_bin_dir }}/nova-rootwrap"
dest: /usr/local/bin/nova-rootwrap
owner: "{{ nova_system_user }}"
group: "{{ nova_system_group }}"
state: link
changed_when: False
- name: nova-common | _configure_rootwrap |
Create directory for rootwrap filters.
become: yes
file:
path: "{{ nova_service_conf_dir }}/rootwrap.d"
owner: root
group: root
mode: 0755
state: directory
register: create_dir_result
- name: nova-common | _configure_rootwrap | Apply rootwrap template
become: yes
template:
src: "{{ item }}.j2"
dest: "{{ nova_service_conf_dir }}/{{ item }}"
owner: root
group: root
mode: 0644
with_items:
- "rootwrap.conf"
register: apply_template_result
- name: nova-common | _configure_rootwrap | Copy the rootwrap filters
become: yes
copy:
src: "{{ item }}"
dest: "{{ nova_service_conf_dir }}/rootwrap.d"
owner: root
group: root
mode: 0644
with_items:
nova_rootwrap_filters
register: copy_filters_result
- name: nova-common | _configure_rootwrap | summarise rootwrap results
set_fact:
rootwrap_changed: True
when:
allow_sudo_result.changed or
create_dir_result.changed or
apply_template_result.changed or
copy_filters_result.changed
0707010000012C000081A40000000000000000000000015F71E19F0000044C000000000000000000000000000000000000005900000000ardana-nova-8.0+git.1601298847.dd01585/roles/nova-common/tasks/_create_pci_whitelist.yml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- name: nova-common | _create_pci_whitelist | Create pci_passthrough_whitelist
local_action:
create_pci_whitelist args="{{ network_pci_pt_sriov_interfaces }}"
when: network_pci_pt_sriov_interfaces is defined
register: pci_whitelist_result
- name: nova-common | _create_pci_whitelist | Set pci_passthrough_whitelist
set_fact:
pci_passthrough_whitelist: "{{ pci_whitelist_result.stdout }}"
when: network_pci_pt_sriov_interfaces is defined
0707010000012D000081A40000000000000000000000015F71E19F00000491000000000000000000000000000000000000005900000000ardana-nova-8.0+git.1601298847.dd01585/roles/nova-common/tasks/_read_migrate_enabled.yml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# Read the if nova migrate is enabled from deployer fact file
---
- name: nova-common | _read_migrate_enabled |
check migrate enabled file location exists
become: yes
delegate_to: localhost
stat:
path: "{{ enable_migrate_file }}"
register: stat_enable_migrate_file_result
- name: nova-common | _read_migrate_enabled | read file - set fact
become: yes
delegate_to: localhost
set_fact:
nova_migrate_enabled: "{{ lookup('file', enable_migrate_file) }}"
when: stat_enable_migrate_file_result.stat.exists
0707010000012E000081A40000000000000000000000015F71E19F00000354000000000000000000000000000000000000005500000000ardana-nova-8.0+git.1601298847.dd01585/roles/nova-common/tasks/_schedule_restart.yml#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- name: nova-common | _schedule_restart | Schedule a restart for all services
debug:
msg: "Trigger a change notification in nova"
changed_when: true
register: ardana_notify_nova_restart_required0707010000012F000081A40000000000000000000000015F71E19F0000053F000000000000000000000000000000000000005300000000ardana-nova-8.0+git.1601298847.dd01585/roles/nova-common/tasks/_service_status.yml#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- name: nova-common | _service_status | Print service being checked
debug:
msg: "Running service check for {{ nova_component }}"
run_once: true
- name: nova-common | _service_status | Check systemd service running
become: yes
command: systemctl -n 0 status "{{ nova_component }}"
ignore_errors: yes
changed_when: false
register: systemctl_status_result
- name: nova-common | _service_status | Report status of "{{ nova_component }}"
fail:
msg: |
{{ nova_component }} is not running.
systemctl status {{ nova_component }} output:
{{ systemctl_status_result.stdout }}
{{ systemctl_status_result.stderr }}
when: systemctl_status_result | failed
07070100000130000081A40000000000000000000000015F71E19F0000059B000000000000000000000000000000000000005400000000ardana-nova-8.0+git.1601298847.dd01585/roles/nova-common/tasks/_set_directories.yml#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
#
---
- name: nova-common | _set_directories | set service etc directory - configure
set_fact:
nova_service_etc_dir:
"{{ nova_component | config_dir(install_package_result.version) }}"
nova_service_conf_dir:
"{{ nova_component | config_dir(install_package_result.version) }}/nova"
nova_service_bin_dir:
"{{ nova_component | bin_dir(install_package_result.version) }}"
when: install_package_result.version is defined
- name: nova-common | _set_directories | set service etc directory - reconfigure
set_fact:
nova_service_etc_dir: "{{ nova_component | config_dir() }}"
nova_service_conf_dir: "{{ nova_component | config_dir() }}/nova"
nova_service_bin_dir: "{{ nova_component | bin_dir() }}"
when: install_package_result.version is undefined
07070100000131000081A40000000000000000000000015F71E19F00000846000000000000000000000000000000000000005D00000000ardana-nova-8.0+git.1601298847.dd01585/roles/nova-common/tasks/_singleton_service_status.yml#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- name: nova-common | _singleton_service_status | Print service being checked
debug:
msg: "Running service check for {{ nova_component }} \
which should only be running on {{ inventory_hostname }}"
when:
({{ singleton_host_index }} ==
{{ consoleauth_host_group.index(inventory_hostname) }})
- name: nova-common | _singleton_service_status | Check systemd service running
command: systemctl status "{{ nova_component }}"
ignore_errors: yes
changed_when: false
register: systemctl_status_result
- name: nova-common | _singleton_service_status |
Report status of "{{ nova_component }}"
fail:
msg: |
** FAILURE {{ nova_component }} is running where not expected **
systemctl status {{ nova_component }} output:
{{ systemctl_status_result.stdout }}
{{ systemctl_status_result.stderr }}
when:
({{ singleton_host_index }} !=
{{ consoleauth_host_group.index(inventory_hostname) }}
) and (systemctl_status_result | success)
- name: nova-common | _singleton_service_status |
Report status of "{{ nova_component }}"
fail:
msg: |
** FAILURE {{ nova_component }} is not running where expected **
systemctl status {{ nova_component }} output:
{{ systemctl_status_result.stdout }}
{{ systemctl_status_result.stderr }}
when:
({{ singleton_host_index }} ==
{{ consoleauth_host_group.index(inventory_hostname) }}
) and (systemctl_status_result | failed)
07070100000132000081A40000000000000000000000015F71E19F0000075A000000000000000000000000000000000000004F00000000ardana-nova-8.0+git.1601298847.dd01585/roles/nova-common/tasks/_write_conf.yml#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017-2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- name: nova-common | _write_conf |
Check for pre-existing version of {{ dest }}
stat:
path: "{{ dest }}"
register: conf_stat_result
- name: nova-common | _write_conf | get timestamp
command: date +%Y%m%d%H%M%S
register: time_result
changed_when: False
- name: nova-common | _write_conf |
Create a backup version of the existing {{ dest }} file
become: yes
command: cp {{ dest }} {{ dest }}.{{ time_result.stdout }}
when: conf_stat_result.stat.exists
changed_when: False
- name: nova-common | _write_conf | Template {{ dest }}
become: yes
template:
src: "{{ src }}"
dest: "{{ dest }}"
owner: root
group: "{{ conf_group | default(nova_system_group) }}"
mode: "{{ mode | default('a-rwx,u+rw,g+r') }}"
register: write_conf_result
- name: nova-common | _write_conf | Delete backup file that has not changed.
become: yes
file:
path: "{{ dest }}.{{ time_result.stdout }}"
state: absent
when: write_conf_result.changed==false
changed_when: False
- name: nova-common | _write_conf |
remove all but last 10 backups of {{ dest }}
become: yes
shell: ls -td {{ dest }}.* |awk 'NR>10' |xargs rm -f
when: conf_stat_result.stat.exists
changed_when: False
07070100000133000081A40000000000000000000000015F71E19F00000994000000000000000000000000000000000000004D00000000ardana-nova-8.0+git.1601298847.dd01585/roles/nova-common/tasks/configure.yml#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017-2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# nova-common | configure
---
- name: nova-common | configure |
Set max api worker count if dynamic
CPU based count is greater than {{ nova_api_max_workers }}
set_fact:
nova_api_workers: "{{ nova_api_max_workers }}"
when: nova_api_workers|int > nova_api_max_workers|int
- name: nova-common | configure |
Set max metadata worker count if dynamic
CPU based count is greater than {{ nova_metadata_max_workers }}
set_fact:
nova_metadata_workers: "{{ nova_api_max_workers }}"
when: nova_metadata_workers|int > nova_api_max_workers|int
- name: nova-common | configure | debug message for nova_component
debug:
msg: "Running nova-common configure for {{ nova_component }}"
when: nova_component is defined
run_once: true
- name: nova-common | configure | set os-specific variables
include_vars: "{{ ansible_os_family | lower }}.yml"
- include: _read_migrate_enabled.yml
- include: _create_pci_whitelist.yml
when: network_device_types is defined
- include: _write_conf.yml
src: "nova.conf.j2"
dest: "{{ nova_service_conf_dir }}/nova.conf"
- name: nova-common | configure | notify on nova.conf change
shell: echo "notify change"
register: ardana_notify_nova_restart_required
when: write_conf_result.changed
- name: nova-common | configure | default rootwrap_changed to false
set_fact:
rootwrap_changed: false
- include: _configure_rootwrap.yml
when: nova_rootwrap_filters is defined
- include: _configure_policy.yml
when: nova_policy_file is defined
# write to deployer fact file whether migrate/resize is enabled or not
- name: nova-common | configure | Write localhost enable_migrate file
delegate_to: localhost
become: yes
copy:
dest: "{{ enable_migrate_file }}"
content: "{{ nova_migrate_enabled }}"
mode: 0664
07070100000134000081A40000000000000000000000015F71E19F00000DAA000000000000000000000000000000000000004B00000000ardana-nova-8.0+git.1601298847.dd01585/roles/nova-common/tasks/install.yml#
# (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017-2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# common install tasks associated with the install of nova services
---
- name: nova-common | install | debug msg for nova_component
debug:
msg: "Running nova-common install for {{ nova_component }}"
when: nova_component is defined
run_once: true
# accounts & group
- name: nova-common | install | Add group '{{ nova_system_group }}'
become: yes
group:
name: "{{ nova_system_group }}"
- name: nova-common | install |
Add nova system user account '{{ nova_system_user }}'
become: yes
user:
name: "{{ nova_system_user }}"
group: "{{ nova_system_group }}"
createhome: "{{ nova_system_createhome }}"
home: "{{ nova_system_home_folder }}"
shell: "{{ nova_system_shell }}"
system: True
# directories
- name: nova-common | install | Create directories
become: yes
file:
path: "{{ item.file }}"
owner: "{{ nova_system_user }}"
group: "{{ item.group | default('root') }}"
mode: "{{ item.mode | default('a-rwx,u+rwx,g+rx,o+rx') }}"
state: directory
with_items:
- file: "{{ nova_system_home_folder }}"
- file: "{{ keys_path }}"
- file: "{{ log_dir }}"
group: "{{ nova_system_group }}"
mode: "0755"
# consoleauth uses a fact on deployer to store where service is running
- name: nova-common | install | create /etc/ansible/facts.d/ on localhost
become: yes
delegate_to: localhost
run_once: true
file:
path: "{{ nova_facts_dir }}"
state: directory
mode: 0755
# Make sure we do not create a path to a symlink that does not exist yet
- name: nova-common | install | Check '{{ nova_service_etc_dir }}' dir exists
become: yes
stat:
path: "{{ nova_service_etc_dir }}"
register: nova_service_etc_dir_result
- name: nova-common | install |
Fail when '{{ nova_service_etc_dir }}' does not exist
fail:
msg: "{{ nova_service_etc_dir }} does not exist."
when: not nova_service_etc_dir_result.stat.exists or
not nova_service_etc_dir_result.stat.isdir
- name: nova-common | install | Create directory '{{ nova_service_conf_dir }}'
become: yes
file:
path: "{{ nova_service_conf_dir }}"
owner: root
group: root
mode: 0755
state: directory
- name: nova-common | install | Install required packages for Nova
become: yes
package:
name: "{{ item }}"
state: present
with_items:
nova_required_packages | default([])
- name: nova-common | install | Add kernel modules
become: yes
modprobe:
name: "{{ item }}"
state: present
with_items:
nova_kernel_modules | default([])
- name: nova-common | install | Set kernel modules to load on reboot
become: yes
template:
src: modules_load.conf.j2
dest: "/etc/modules-load.d/{{ nova_kernel_module_file }}.conf"
owner: root
group: root
mode: '0640'
with_items:
nova_kernel_modules | default([])
07070100000135000081A40000000000000000000000015F71E19F0000039E000000000000000000000000000000000000005200000000ardana-nova-8.0+git.1601298847.dd01585/roles/nova-common/tasks/post-configure.yml#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- name: nova-common | post-configure | touch log file
become: yes
copy:
dest: "{{ item }}"
owner: "{{ nova_system_user }}"
group: "{{ nova_log_group }}"
mode: 0640
content: ""
force: no # do not overwrite if it exists
with_items: nova_log_files
07070100000136000081A40000000000000000000000015F71E19F00000301000000000000000000000000000000000000004D00000000ardana-nova-8.0+git.1601298847.dd01585/roles/nova-common/tasks/show-vars.yml#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- name: Display all variables/facts known for '{{ inventory_hostname }}'
debug:
var: hostvars[inventory_hostname]
07070100000137000041ED0000000000000000000000025F71E19F00000000000000000000000000000000000000000000004300000000ardana-nova-8.0+git.1601298847.dd01585/roles/nova-common/templates07070100000138000081A40000000000000000000000015F71E19F00000327000000000000000000000000000000000000005800000000ardana-nova-8.0+git.1601298847.dd01585/roles/nova-common/templates/modules_load.conf.j2{#
#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
#}
# kernel modules required to be loaded on startup by {{ nova_kernel_module_file }} service
{% for module in nova_kernel_modules %}
{{ module }}
{% endfor %}
07070100000139000081A40000000000000000000000015F71E19F00000087000000000000000000000000000000000000005400000000ardana-nova-8.0+git.1601298847.dd01585/roles/nova-common/templates/nova-rootwrap.j2Defaults:nova !requiretty
nova ALL = (root) NOPASSWD: /usr/local/bin/nova-rootwrap /opt/stack/service/nova-*/etc/nova/rootwrap.conf *
0707010000013A000081A40000000000000000000000015F71E19F00001B1B000000000000000000000000000000000000005000000000ardana-nova-8.0+git.1601298847.dd01585/roles/nova-common/templates/nova.conf.j2{#
#
# (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017-2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
#}
# This configuration file includes the default values for Ardana
# Changes may be made to this file by the customer.
# Layout / order of settings in this file can be found:
# http://docs.openstack.org/liberty/config-reference/content/list-of-compute-config-options.html
[DEFAULT]
# API
api_rate_limit = False
enable_new_services = True
multi_instance_display_name_template = %(name)s-%(count)s
osapi_compute_listen = {{ osapi_compute_listen }}
# Please change this value (if you need to) in openstack/ardana/ansible/roles/nova-common/defaults/main.yml , do not remove it here
osapi_compute_workers = {{ nova_api_workers }}
# common
my_ip = {{ my_ip }}
rootwrap_config = {{ rootwrap_config }}
state_path = {{ state_path }}
# Compute
image_cache_manager_interval = 360
instance_usage_audit = True
instance_usage_audit_period = hour
resume_guests_state_on_host_boot = True
running_deleted_instance_action = reap
vif_plugging_is_fatal = False
# NOTE: Increasing the timout value helps the VMs to
# come up properly and obtain its metadata in a large
# scale testing (VNETCORE-2789).
# This change should be revisited in 5.0 to validate
# if there is any upstream fix in newton that fixes it.
vif_plugging_timeout = 1800
# Hypervisor
virt_mkfs = linux-ext4=mkfs -t ext4 -F -L %(fs_label)s %(target)s
# Logging
debug = True
default_log_levels = nova.openstack.common.rpc.amqp=INFO,nova.scheduler.filters.retry_filter=INFO,nova.scheduler.filters.image_props_filter=INFO,nova.scheduler.filters.disk_filter=INFO,nova.servicegroup.drivers.db=INFO,nova.servicegroup.api=INFO,nova.scheduler.host_manager=INFO
logging_context_format_string = %(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [%(request_id)s %(user)s %(tenant)s] %(instance)s%(message)s
log_dir = {{ log_dir }}
# Metadata
metadata_host = {{ metadata_host }}
metadata_listen = {{ metadata_listen }}
# Please change this value (if you need to) in openstack/ardana/ansible/roles/nova-common/defaults/main.yml , do not remove it here
metadata_workers = {{ nova_metadata_workers }}
# Policy
resize_fs_using_block_device = True
# Scheduler
ram_allocation_ratio = 1.0
reserved_host_disk_mb = 10240
reserved_host_memory_mb = 2816
# Volumes (Cinder)
volume_usage_poll_interval = 3600
# transport_url
transport_url = {{ rabbit_hosts_transport_url }}
# Seconds to wait for a response from a call (rabbit message)
rpc_response_timeout = {{ nova_rpc_response_timeout }}
# End of [DEFAULT] section
[oslo_messaging_notifications]
# Oslo messaging
# Note:
# If the infoblox-ipam-agent is to be deployed in the cloud, change the
# notification_driver settting from "messaging" to "messagingv2".
driver = messaging
topics = notifications
[vnc]
vncserver_proxyclient_address = {{ vncserver_proxyclient_address }}
[cinder]
catalog_info = volumev3:cinderv3:internalURL
cafile = {{ ca_certs_file }}
os_region_name = {{ cinder_os_region_name }}
[glance]
api_servers = {{ glance_api_servers }}
cafile = {{ ca_certs_file }}
[placement]
auth_type = password
auth_url = {{ keystone_auth_uri }}/v3
auth_uri = {{ keystone_auth_uri }}/v3
username = {{ nova_placement_api_user }}
password = {{ nova_placement_api_password }}
user_domain_name = Default
project_name = {{ nova_admin_tenant_name }}
project_domain_name = Default
os_region_name = {{ keystone_region_name }}
cafile = {{ ca_certs_file }}
os_interface = internal
[placement_database]
connection = {{ nova_api_database_connection }}
[api]
auth_strategy = keystone
use_forwarded_for = {{ metadata_use_forwarded_for }}
compute_link_prefix = {{ compute_link_prefix }}
[api_database]
connection = {{ nova_api_database_connection }}
[crypto]
# CA & SSL
keys_path = {{ keys_path }}
[keystone_authtoken]
auth_type = v3password
auth_url = {{ keystone_auth_uri }}/v3
auth_uri = {{ keystone_auth_uri }}/v3
project_domain_name = Default
project_name = {{ nova_admin_tenant_name }}
user_domain_name = Default
username = {{ nova_admin_user }}
password = {{ nova_admin_password }}
region_name = {{ keystone_region_name }}
cafile = {{ ca_certs_file }}
service_token_roles_required = true
service_token_roles = admin
memcached_servers = {{ memcached_servers }}
memcache_security_strategy = ENCRYPT
memcache_secret_key = {{ memcache_secret_key }}
memcache_pool_socket_timeout = 1
[neutron]
auth_type = v3password
auth_url = {{ neutron_admin_auth_url }}
password = {{ neutron_admin_password }}
project_name = {{ neutron_admin_project_name }}
username = {{ neutron_admin_username }}
project_domain_name = {{ neutron_domain_name }}
user_domain_name = {{ neutron_domain_name }}
metadata_proxy_shared_secret = {{ neutron_metadata_proxy_shared_secret }}
neutron_auth_strategy = keystone
cafile = {{ ca_certs_file }}
service_metadata_proxy = True
url = {{ neutron_url }}
timeout = 300
region_name = {{ neutron_region_name }}
default_floating_pool = {{ default_floating_pool }}
[notifications]
notify_api_faults = True
notify_on_state_change = vm_and_task_state
[osapi_v3]
enabled = True
[oslo_concurrency]
lock_path = {{ lock_path }}
[oslo_messaging_rabbit]
ssl = {{ rabbit_use_ssl }}
rpc_conn_pool_size = 10
kombu_reconnect_delay = 5.0
[pci]
# SRIOV and PCI-PT
passthrough_whitelist = [{{ pci_passthrough_whitelist }}]
[quota]
quota_cores = -1
quota_injected_files = 5
quota_injectd_file_content_bytes = 10240
quota_instances = 40
quota_metadata_items = 50
quota_ram = 15360
until_refresh = 1
[filter_scheduler]
host_subset_size = 5
available_filters = nova.scheduler.filters.all_filters
enabled_filters = AvailabilityZoneFilter,RetryFilter,ComputeFilter,DiskFilter,RamFilter,ImagePropertiesFilter,ServerGroupAffinityFilter,ServerGroupAntiAffinityFilter,ComputeCapabilitiesFilter,NUMATopologyFilter,PciPassthroughFilter,SameHostFilter,DifferentHostFilter
{% if nova_api_audit_enable|bool %}
[audit_middleware_notifications]
driver = log
{% endif %}
{% if barbican_endpoint_template != "" %}
#Barbican
[key_manager]
api_class = castellan.key_manager.barbican_key_manager.BarbicanKeyManager
[barbican]
barbican_endpoint = {{ barbican_endpoint_template }}
barbican_api_version = v1
auth_endpoint = {{ barbican_keystone_auth_url }}
{% endif %}
[wsgi]
api_paste_config = {{ api_paste_config }}
default_pool_size = 100
### End of File ###
## Do NOT put anything after this line ##
0707010000013B000081A40000000000000000000000015F71E19F000003C7000000000000000000000000000000000000005200000000ardana-nova-8.0+git.1601298847.dd01585/roles/nova-common/templates/policy.json.j2{#
#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017-2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
#}
{
{%- if not nova_migrate_enabled|bool %}
"os_compute_api:servers:resize": "!",
"os_compute_api:servers:confirm_resize": "!",
"os_compute_api:servers:revert_resize": "!",
"os_compute_api:os-migrate-server:migrate": "!",
{% endif %}
"context_is_admin": "role:admin or role:nova_admin"
}
0707010000013C000081A40000000000000000000000015F71E19F00000683000000000000000000000000000000000000005400000000ardana-nova-8.0+git.1601298847.dd01585/roles/nova-common/templates/rootwrap.conf.j2{#
#
# (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017-2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
#}
# Configuration for nova-rootwrap
# This file should be owned by (and only-writeable by) the root user
[DEFAULT]
# List of directories to load filter definitions from (separated by ',').
# These directories MUST all be only writeable by root !
filters_path={{ nova_service_conf_dir }}/rootwrap.d,/usr/share/nova/rootwrap
# List of directories to search executables in, in case filters do not
# explicitely specify a full path (separated by ',')
# If not specified, defaults to system PATH environment variable.
# These directories MUST all be only writeable by root !
exec_dirs={{ nova_service_bin_dir }},/sbin,/usr/sbin,/bin,/usr/bin,/usr/local/sbin,/usr/local/bin
# Enable logging to syslog
# Default value is False
use_syslog=False
# Which syslog facility to use.
# Valid values include auth, authpriv, syslog, local0, local1...
# Default value is 'syslog'
syslog_log_facility=syslog
# Which messages to log.
# INFO means log all usage
# ERROR means only log unsuccessful attempts
syslog_log_level=ERROR
0707010000013D000041ED0000000000000000000000025F71E19F00000000000000000000000000000000000000000000003E00000000ardana-nova-8.0+git.1601298847.dd01585/roles/nova-common/vars0707010000013E000081A40000000000000000000000015F71E19F00000351000000000000000000000000000000000000004900000000ardana-nova-8.0+git.1601298847.dd01585/roles/nova-common/vars/debian.yml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017-2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
# Contains packages names and default values required for nova-compute-kvm
# to work in Debian System
---
# entries required for nova.conf.j2 for debian os family
ca_certs_file: "{{ trusted_ca_bundle }}"
0707010000013F000081A40000000000000000000000015F71E19F00000351000000000000000000000000000000000000004900000000ardana-nova-8.0+git.1601298847.dd01585/roles/nova-common/vars/redhat.yml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017-2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
# Contains packages names and default values required for nova-compute-kvm
# to work in Debian System
---
# entries required for nova.conf.j2 for redhat os family
ca_certs_file: "{{ trusted_ca_bundle }}"
07070100000140000081A40000000000000000000000015F71E19F0000034F000000000000000000000000000000000000004700000000ardana-nova-8.0+git.1601298847.dd01585/roles/nova-common/vars/suse.yml#
# (c) Copyright 2017 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017-2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
# Contains packages names and default values required for nova-compute-kvm
# to work on SUSE systems.
---
# entries required for nova.conf.j2 for SUSE os family
ca_certs_file: "{{ trusted_ca_bundle }}"
07070100000141000081A40000000000000000000000015F71E19F00000371000000000000000000000000000000000000004A00000000ardana-nova-8.0+git.1601298847.dd01585/roles/nova-common/vars/windows.yml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
# Contains packages names and default values required for nova-compute-kvm
# to work in Debian System
---
# entries required for nova.conf.j2 for windows os family
log_dir: "{{ win_log_file_location }}"
ca_certs_file: "{{ win_certs_path }}"
07070100000142000041ED0000000000000000000000055F71E19F00000000000000000000000000000000000000000000003C00000000ardana-nova-8.0+git.1601298847.dd01585/roles/nova-configure07070100000143000041ED0000000000000000000000025F71E19F00000000000000000000000000000000000000000000004500000000ardana-nova-8.0+git.1601298847.dd01585/roles/nova-configure/defaults07070100000144000081A40000000000000000000000015F71E19F00000569000000000000000000000000000000000000004E00000000ardana-nova-8.0+git.1601298847.dd01585/roles/nova-configure/defaults/main.yml#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017-2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# CP Variables
---
keystone:
endpoint: "{{ NOV_API.consumes_KEY_API.vips.private[0].url }}/v3"
admin_user: "{{ KEY_API.vars.keystone_admin_user }}"
admin_password: "{{ KEY_API.vars.keystone_admin_pwd | quote }}"
default_domain_name: "{{ KEY_API.vars.keystone_default_domain }}"
monasca:
nova_user: "{{ NOV_API.consumes_KEY_API.vars.nova_monasca_user }}"
nova_password: "{{ NOV_API.consumes_KEY_API.vars.nova_monasca_password }}"
# KEYSTONE-824 You'd think this'd be KEY_API.vars.keystone_monitoring_tenant but nope
tenant: "{{ KEY_API.vars.keystone_admin_tenant }}"
# Likewise, KEY_API.vars.keystone_monitoring_role
role: "monasca-user"
default_domain_name: "Default"
system_cacert_file: "{{ trusted_ca_bundle }}"
07070100000145000041ED0000000000000000000000025F71E19F00000000000000000000000000000000000000000000004100000000ardana-nova-8.0+git.1601298847.dd01585/roles/nova-configure/meta07070100000146000081A40000000000000000000000015F71E19F000002AC000000000000000000000000000000000000004A00000000ardana-nova-8.0+git.1601298847.dd01585/roles/nova-configure/meta/main.yml#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
dependencies:
- role: nova-common
07070100000147000041ED0000000000000000000000025F71E19F00000000000000000000000000000000000000000000004200000000ardana-nova-8.0+git.1601298847.dd01585/roles/nova-configure/tasks07070100000148000081A40000000000000000000000015F71E19F0000077D000000000000000000000000000000000000005C00000000ardana-nova-8.0+git.1601298847.dd01585/roles/nova-configure/tasks/keystone_conf_monasca.yml#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# Nova keystone configuration
---
- name: nova-configure | keystone_conf_monasca | Get a domain scoped token
keystone_v3:
endpoint: "{{ keystone.endpoint }}"
login_username: "{{ keystone.admin_user }}"
login_password: "{{ keystone.admin_password }}"
login_user_domain_name: "{{ keystone.default_domain_name }}"
login_domain_name: "{{ keystone.default_domain_name }}"
action: "token_get"
run_once: true
register: domain_scoped_token_result
- name: nova-configure | keystone_conf_monasca | Create Monitoring User
become: yes
keystone_v3:
action: "create_user"
endpoint: "{{ keystone.endpoint }}"
login_token: "{{ domain_scoped_token_result.result }}"
user_name: "{{ monasca.nova_user }}"
user_password: "{{ monasca.nova_password }}"
user_domain_name: "Default"
run_once: true
- name: nova-configure | keystone_conf_monasca | Add Monitoring User Role
become: yes
keystone_v3:
action: "grant_project_role"
endpoint: "{{ keystone.endpoint }}"
login_token: "{{ domain_scoped_token_result.result }}"
project_name: "{{ monasca.tenant }}"
user_name: "{{ monasca.nova_user }}"
role_name: "{{ monasca.role }}"
user_domain_name: "Default"
project_domain_name: "Default"
run_once: true
07070100000149000041ED0000000000000000000000075F71E19F00000000000000000000000000000000000000000000003A00000000ardana-nova-8.0+git.1601298847.dd01585/roles/nova-monasca0707010000014A000041ED0000000000000000000000025F71E19F00000000000000000000000000000000000000000000004300000000ardana-nova-8.0+git.1601298847.dd01585/roles/nova-monasca/defaults0707010000014B000081A40000000000000000000000015F71E19F00000A67000000000000000000000000000000000000004C00000000ardana-nova-8.0+git.1601298847.dd01585/roles/nova-monasca/defaults/main.yml#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017-2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# This file will contain the default values for the nova-monasca component
---
nova_component: nova-monasca
# At the moment we specify the same upper and lower bounds, but we want to keep
# two separate values just in case we need to define a broader range in the future
process_count_lower_bound: "{{ nova_api_workers|int + nova_metadata_workers|int + 1 }}"
process_count_upper_bound: "{{ nova_api_workers|int + nova_metadata_workers|int + 1 }}"
# Keystone
keystone_auth_url: >
{{ KEY_API.advertises.vips.private[0].url ~ '/v3' }}
keystone_auth_url_unversioned: "{{ KEY_API.advertises.vips.private[0].url }}"
nova_admin_user: "{{ NOV_API.consumes_KEY_API.vars.keystone_nova_user }}"
nova_admin_password: "{{ NOV_API.consumes_KEY_API.vars.keystone_nova_password | quote }}"
nova_api_region: "{{ NOV.regions | first }}"
nova_monasca_user: "{{ NOV_API.consumes_KEY_API.vars.nova_monasca_user }}"
nova_monasca_password: "{{ NOV_API.consumes_KEY_API.vars.nova_monasca_password | quote }}"
nova_monasca_default_domain: "Default"
system_cacert_file: "{{ trusted_ca_bundle }}"
keystone_service_tenant: "{{ KEY_API.vars.keystone_service_tenant }}"
# KEYSTONE-824 You'd think this'd be KEY_API.vars.keystone_monitoring_tenant but nope
keystone_monitoring_tenant: "{{ KEY_API.vars.keystone_admin_tenant }}"
monasca_alarm_definition_api_url: >
{{ MON_AGN.consumes_MON_API.vips.private[0].url ~ '/v2.0' }}
nova_api_url: >-
{% if (host | item('bind.NOV_API.internal.ip_address') is defined)
and (host | item('bind.NOV_API.internal.port') is defined)
%}http://{{ host.bind.NOV_API.internal.ip_address
}}:{{ host.bind.NOV_API.internal.port
}}/v2.0{% endif %}
nova_vnc_url: >-
{% if (host | item('bind.NOV_VNC.public.ip_address') is defined)
and (host | item('bind.NOV_VNC.public.port') is defined)
%}http://{{ host.bind.NOV_VNC.public.ip_address
}}:{{ host.bind.NOV_VNC.public.port
}}/vnc_auto.html{% endif %}
nova_vip_url: "{{ NOV_API.advertises.vips.private[0].url }}"
0707010000014C000041ED0000000000000000000000025F71E19F00000000000000000000000000000000000000000000003F00000000ardana-nova-8.0+git.1601298847.dd01585/roles/nova-monasca/meta0707010000014D000081A40000000000000000000000015F71E19F000002F9000000000000000000000000000000000000004800000000ardana-nova-8.0+git.1601298847.dd01585/roles/nova-monasca/meta/main.yml#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
dependencies:
- role: nova-common
- role: monasca-agent
run_mode: Use
- role: monasca-alarm-definition
0707010000014E000041ED0000000000000000000000025F71E19F00000000000000000000000000000000000000000000004000000000ardana-nova-8.0+git.1601298847.dd01585/roles/nova-monasca/tasks0707010000014F000081A40000000000000000000000015F71E19F00000718000000000000000000000000000000000000005500000000ardana-nova-8.0+git.1601298847.dd01585/roles/nova-monasca/tasks/_monitor_libvirt.yml#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017-2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- name: nova-monasca | _monitor_libvirt | include required variables
include_vars: libvirt-monitoring.yml
- name: nova-monasca | _monitor_libvirt | Install Nova Client rpm
become: yes
package:
name: python-novaclient
state: present
when: deployer_media_legacy_layout|bool == False
- name: nova-monasca | _monitor_libvirt |
Run Monasca agent libvirt detection plugin
become: yes
monasca_agent_plugin:
name: "libvirt"
args:
username: "{{ nova_admin_user }}"
password: "{{ nova_admin_password }}"
project_name: "{{ keystone_service_tenant }}"
auth_url: "{{ keystone_auth_url_unversioned }}"
endpoint_type: "admin"
disk_collection_period: "{{ monasca_libvirt_disk_collection_period }}"
region_name: "{{ nova_api_region }}"
vm_cpu_check_enable: "{{ vm_cpu_check_enable }}"
vm_disks_check_enable: "{{ vm_disks_check_enable }}"
vm_extended_disks_check_enable: "{{ vm_extended_disks_check_enable }}"
vm_network_check_enable: "{{ vm_network_check_enable }}"
vm_ping_check_enable: "{{ vm_ping_check_enable }}"
vm_probation: "{{ monasca_libvirt_vm_probation }}"
07070100000150000081A40000000000000000000000015F71E19F0000057A000000000000000000000000000000000000005D00000000ardana-nova-8.0+git.1601298847.dd01585/roles/nova-monasca/tasks/_set_email_notifications.yml#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017-2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- name: nova-monasca | _set_email_notifications |
Setup default email notification method
monasca_notification_method:
name: "Default Email"
type: 'EMAIL'
address: "root@localhost"
keystone_url: "{{ keystone_auth_url }}"
keystone_user: "{{ nova_monasca_user }}"
keystone_password: "{{ nova_monasca_password | quote }}"
keystone_project: "{{ keystone_monitoring_tenant }}"
keystone_project_domain: "{{ nova_monasca_default_domain }}"
keystone_user_domain: "{{ nova_monasca_default_domain }}"
keystone_verify: "{{ system_cacert_file }}"
monasca_api_url: "{{ monasca_alarm_definition_api_url }}"
overwrite: false
register: nova_monasca_notification_method_result
run_once: true
no_log: True
07070100000151000081A40000000000000000000000015F71E19F00000860000000000000000000000000000000000000005400000000ardana-nova-8.0+git.1601298847.dd01585/roles/nova-monasca/tasks/heartbeat_alarm.yml#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017-2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- name: nova-monasca | _set_email_notifications |
Include the setting of the email notification
include: _set_email_notifications.yml
- name: nova-monasca | heartbeat_alarm | Install heartbeat check plugin
become: yes
copy:
src: "NOV_MON/{{ item }}"
dest: "/usr/lib/monasca/agent/custom_checks.d/{{ item }}"
owner: "root"
group: "{{ monasca_agent_group_name }}"
mode: 0750
with_items:
- "nova_heartbeat_check.py"
- name: nova-monasca | heartbeat_alarm | Heartbeat alarm definition
monasca_alarm_definition:
name: "nova.heartbeat"
description: "Check that all services are sending heartbeats"
severity: "HIGH"
expression: "nova.heartbeat > 0"
match_by: ["hostname"]
keystone_url: "{{ keystone_auth_url }}"
keystone_user: "{{ nova_monasca_user }}"
keystone_password: "{{ nova_monasca_password }}"
keystone_project: "{{ keystone_monitoring_tenant }}"
keystone_project_domain: "{{ nova_monasca_default_domain }}"
keystone_user_domain: "{{ nova_monasca_default_domain }}"
keystone_verify: "{{ system_cacert_file }}"
monasca_api_url: "{{ monasca_alarm_definition_api_url }}"
ok_actions:
- "{{ nova_monasca_notification_method_result.notification_method_id }}"
undetermined_actions:
- "{{ nova_monasca_notification_method_result.notification_method_id }}"
alarm_actions:
- "{{ nova_monasca_notification_method_result.notification_method_id }}"
run_once: true
no_log: True
07070100000152000081A40000000000000000000000015F71E19F000003B7000000000000000000000000000000000000005B00000000ardana-nova-8.0+git.1601298847.dd01585/roles/nova-monasca/tasks/heartbeat_check_config.yml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017-2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- name: nova-monasca | heartbeat_check_config | Configure the heartbeat check
become: yes
template:
src: "{{ item }}.j2"
dest: "/etc/monasca/agent/conf.d/{{ item }}"
owner: "root"
group: "{{ monasca_agent_group_name }}"
mode: 0640
with_items:
- "nova_heartbeat_check.yaml"
07070100000153000081A40000000000000000000000015F71E19F000007E7000000000000000000000000000000000000005900000000ardana-nova-8.0+git.1601298847.dd01585/roles/nova-monasca/tasks/process_bounds_alarm.yml#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017-2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- name: nova-monasca | _set_email_notifications |
Include the setting of the email notification
include: _set_email_notifications.yml
- name: nova-monasca | process_bounds_alarm | Process bounds alarm definition
monasca_alarm_definition:
name: "Process bound check"
description: "Check if the number of processes is within a specified range"
severity: HIGH
expression: >
process.pid_count{process_name=nova-api} <
{{ process_count_lower_bound }}
or process.pid_count{process_name=nova-api} >
{{ process_count_upper_bound }}
match_by:
- hostname
keystone_url: "{{ keystone_auth_url }}"
keystone_user: "{{ nova_monasca_user }}"
keystone_password: "{{ nova_monasca_password }}"
keystone_project: "{{ keystone_monitoring_tenant }}"
keystone_project_domain: "{{ nova_monasca_default_domain }}"
keystone_user_domain: "{{ nova_monasca_default_domain }}"
keystone_verify: "{{ system_cacert_file }}"
monasca_api_url: "{{ monasca_alarm_definition_api_url }}"
ok_actions:
- "{{ nova_monasca_notification_method_result.notification_method_id }}"
undetermined_actions:
- "{{ nova_monasca_notification_method_result.notification_method_id }}"
alarm_actions:
- "{{ nova_monasca_notification_method_result.notification_method_id }}"
run_once: true
no_log: True
07070100000154000081A40000000000000000000000015F71E19F00000672000000000000000000000000000000000000004A00000000ardana-nova-8.0+git.1601298847.dd01585/roles/nova-monasca/tasks/start.yml#
# (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- name: nova-monasca | start | Run Monasca agent Nova detection plugin
become: yes
monasca_agent_plugin:
name: "nova"
args:
service_api_url: "{{ nova_api_url }}"
when: (nova_api_url | length) > 0
- name: nova-monasca | start | Run Monasca agent Nova detection plugin
become: yes
monasca_agent_plugin:
name: "nova"
when: (nova_api_url | length) == 0
- name: nova-monasca | start | Setup active check against VNC endpoint
become: yes
monasca_agent_plugin:
name: "httpcheck"
args:
url: "{{ nova_vnc_url }}"
dimensions: service:compute,component:nova-vnc
when: (nova_vnc_url | length) > 0
- name: nova-monasca | start | Setup active check against Nova admin VIP
become: yes
run_once_per: verb_hosts.NOV_API
monasca_agent_plugin:
name: "httpcheck"
args:
use_keystone: True
match_pattern: .*v2.0.*
url: "{{ nova_vip_url }}"
dimensions: service:compute,component:nova-api
when: (nova_vip_url | length) > 0
07070100000155000081A40000000000000000000000015F71E19F00000AF0000000000000000000000000000000000000005200000000ardana-nova-8.0+git.1601298847.dd01585/roles/nova-monasca/tasks/vcenter_check.yml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017-2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- name: nova-monasca | vcenter_check | Setup default email notification method
include: _set_email_notifications.yml
- name: nova-monasca | vcenter_check | Run vCenter detection plugin
become: yes
monasca_agent_plugin:
name: "vcenter"
- name: nova-monasca | vcenter_check | Alarms for ESX cluster
monasca_alarm_definition:
name: "{{ item.name }}"
description: "{{
item.description | default('vCenter ESX cluster alarm') }}"
expression: "{{ item.expression }}"
match_by: "{{ item.match_by | default(['esx_cluster_id']) }}"
severity: "{{ item.severity | default('HIGH') }}"
keystone_url: "{{ keystone_auth_url }}"
keystone_user: "{{ nova_monasca_user }}"
keystone_password: "{{ nova_monasca_password | quote }}"
keystone_project: "{{ keystone_monitoring_tenant }}"
keystone_project_domain: "{{ nova_monasca_default_domain }}"
keystone_user_domain: "{{ nova_monasca_default_domain }}"
keystone_verify: "{{ system_cacert_file }}"
monasca_api_url: "{{ monasca_alarm_definition_api_url }}"
alarm_actions:
- "{{ nova_monasca_notification_method_result.notification_method_id }}"
ok_actions:
- "{{ nova_monasca_notification_method_result.notification_method_id }}"
undetermined_actions:
- "{{ nova_monasca_notification_method_result.notification_method_id }}"
run_once: True
no_log: True
register: monasca_vcenter_alarms_result
until: not monasca_vcenter_alarms_result | failed
with_items:
- name: "ESX cluster CPU Usage"
description: "Alarms when ESX cluster CPU usage is high"
expression: "avg(vcenter.cpu.used_perc) > 90 times 3"
severity: "HIGH"
match_by: "esx_cluster_id"
- name: "ESX cluster Disk Usage"
description: "Alarms when ESX cluster datastore usage is high"
expression: "vcenter.disk.total_used_space_perc > 90"
severity: "HIGH"
match_by: "esx_cluster_id"
- name: "ESX cluster Memory Usage"
description: "Alarms when ESX cluster memory usage is high"
expression: "avg(vcenter.mem.used_perc) > 90 times 3"
severity: "HIGH"
match_by: "esx_cluster_id"
07070100000156000041ED0000000000000000000000025F71E19F00000000000000000000000000000000000000000000004400000000ardana-nova-8.0+git.1601298847.dd01585/roles/nova-monasca/templates07070100000157000081A40000000000000000000000015F71E19F0000045A000000000000000000000000000000000000006100000000ardana-nova-8.0+git.1601298847.dd01585/roles/nova-monasca/templates/nova_heartbeat_check.yaml.j2{#
#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
#}
---
init_config:
keystone:
# Uses the Nova admin to list services. Metrics are submitted
# using a non-admin user.
project_domain_name: "Default"
project_name: "{{ keystone_service_tenant }}"
user_domain_name: "Default"
username: "{{ nova_admin_user }}"
password: "{{ nova_admin_password }}"
auth_url: "{{ keystone_auth_url }}"
nova:
endpoint_type: "internalURL"
instances:
- {}
07070100000158000041ED0000000000000000000000025F71E19F00000000000000000000000000000000000000000000003F00000000ardana-nova-8.0+git.1601298847.dd01585/roles/nova-monasca/vars07070100000159000081A40000000000000000000000015F71E19F00000930000000000000000000000000000000000000005600000000ardana-nova-8.0+git.1601298847.dd01585/roles/nova-monasca/vars/libvirt-monitoring.yml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# These are the tunable values for monasca monitoring of VMs using libvirt
---
# How often disk metrics are collected for VMs by the Monasca agent. Decreasing
# this value will increase the disk, memory, cpu and network usage of Monasca
monasca_libvirt_disk_collection_period: 600 # Ten minutes
# These flags control the metrics collected by the Monasca libvirt
# plugin. Changing them to false will reduce the number of metrics while true
# increases the number of metrics. Turning off vm_extended_disks_check_enable
# will decrease the number of metrics collected for each mounted disk in the
# VM so can have a large effect on the total number of metrics collected
# and decrease the amount of CPU, disk space and network bandwidth required
# for Monasca
vm_cpu_check_enable: true
vm_disks_check_enable: true
vm_extended_disks_check_enable: true
vm_network_check_enable: true
vm_ping_check_enable: true
# The period of time (in seconds) in which to suspend metrics from a
# newly-created VM. This is used to prevent creating and storing
# quickly-obsolete metrics in an environment with a high amount of instance
# churn (VMs created and destroyed in rapid succession). Setting to 0
# disables VM probation and metrics will be recorded as soon as possible
# after a VM is created. Decreasing this value in an environment with a high
# amount of instance churn can have a large effect on the total number of
# metrics collected and increase the amount of CPU, disk space and network
# bandwidth required for Monasca. This value may need to be decreased if
# Heat Autoscaling is in use so that Heat knows that a new VM has been
# created and is handling some of the load.
monasca_libvirt_vm_probation: 300
0707010000015A000041ED0000000000000000000000075F71E19F00000000000000000000000000000000000000000000004100000000ardana-nova-8.0+git.1601298847.dd01585/roles/nova-post-configure0707010000015B000041ED0000000000000000000000025F71E19F00000000000000000000000000000000000000000000004A00000000ardana-nova-8.0+git.1601298847.dd01585/roles/nova-post-configure/defaults0707010000015C000081A40000000000000000000000015F71E19F000008CB000000000000000000000000000000000000005300000000ardana-nova-8.0+git.1601298847.dd01585/roles/nova-post-configure/defaults/main.yml#
# (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# CP Variables
---
keystone:
endpoint: "{{ NOV_API.consumes_KEY_API.vips.private[0].url }}/v3"
nova_admin_user: "{{ NOV_API.consumes_KEY_API.vars.keystone_nova_user }}"
nova_admin_password: "{{ NOV_API.consumes_KEY_API.vars.keystone_nova_password | quote }}"
nova_admin_user_domain_name: "{{ KEY_API.vars.keystone_default_domain }}"
role: "{{ KEY_API.vars.keystone_admin_role }}"
service_tenant: "{{ KEY_API.vars.keystone_service_tenant }}"
service_tenant_domain_name: "{{ KEY_API.vars.keystone_default_domain }}"
admin_user: "{{ KEY_API.vars.keystone_admin_user }}"
admin_password: "{{ KEY_API.vars.keystone_admin_pwd | quote }}"
default_domain_name: "{{ KEY_API.vars.keystone_default_domain }}"
monasca:
nova_user: "{{ NOV_API.consumes_KEY_API.vars.nova_monasca_user }}"
nova_password: "{{ NOV_API.consumes_KEY_API.vars.nova_monasca_password }}"
mysql:
host: "{{ NOV_API.consumes_FND_MDB.vips.private[0].host }}"
login_password: "{{ FND_MDB.vars.mysql_service_pwd | quote }}"
login_user: "{{ FND_MDB.vars.mysql_service_user }}"
nova_admin_password: "{{ NOV_API.consumes_FND_MDB.vars.accounts.nova.password | quote }}"
nova_admin_user: "{{ NOV_API.consumes_FND_MDB.vars.accounts.nova.username }}"
nova_api:
internal_url: "{{ NOV_API.advertises.vips.private[0].url }}/v2.1/%(tenant_id)s"
internal_region: "{{ NOV.regions | first }}"
mysql_cli_host: "{{ groups[verb_hosts.FND_MDB][0] }}"
nova_placement_api:
username: "{{ NOV_PLC.consumes_KEY_API.vars.nova_placement_api_user }}"
password: "{{ NOV_PLC.consumes_KEY_API.vars.nova_placement_api_password | quote }}"
0707010000015D000041ED0000000000000000000000025F71E19F00000000000000000000000000000000000000000000004700000000ardana-nova-8.0+git.1601298847.dd01585/roles/nova-post-configure/files0707010000015E000081A40000000000000000000000015F71E19F0000030B000000000000000000000000000000000000005D00000000ardana-nova-8.0+git.1601298847.dd01585/roles/nova-post-configure/files/fix_instance_types.sh#!/bin/bash
#
# (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
PATH=/usr/bin:/bin
set -e
mysql nova -e "update instance_types set created_at=NULL, updated_at=NULL, deleted_at=NULL;"
0707010000015F000041ED0000000000000000000000025F71E19F00000000000000000000000000000000000000000000004900000000ardana-nova-8.0+git.1601298847.dd01585/roles/nova-post-configure/library07070100000160000081A40000000000000000000000015F71E19F00001824000000000000000000000000000000000000005A00000000ardana-nova-8.0+git.1601298847.dd01585/roles/nova-post-configure/library/create_flavor.py#!/usr/bin/python
#
# (c) Copyright 2016-2017 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# This module is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This software is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this software. If not, see <http://www.gnu.org/licenses/>.
from ansible.module_utils.basic import * # noqa
try:
from keystoneauth1.identity import v3
from keystoneauth1 import session
except ImportError:
msg = "'keysthoneauth is required for this module to work'"
print("failed=True msg=%s" % (msg))
try:
from novaclient import client as nova_client
except ImportError:
print("failed=True msg='novaclient is required for this module to work'")
DOCUMENTATION = '''
---
module: create_flavor
version_added: "1.0"
short_description: Create a given Nova flavor
description:
- Create a given Nova flavor for a given region.
options:
login_username:
description:
- login username to authenticate to keystone
required: true
default: admin
login_password:
description:
- Password of login user
required: true
default: 'yes'
login_tenant_name:
description:
- The tenant name of the login user
required: true
default: 'yes'
auth_url:
description:
- The keystone url for authentication
required: false
default: 'http://127.0.0.1:35357/v2.0/'
ca_cert:
description:
- CA certificate bundle file path
required: false
default: None
region_name:
description:
- Name of the region
required: false
default: None
flavorid:
description:
- Unique flavor ID
required: false
default: 'auto'
name:
description:
- New flavor name
required: true
default: None
ram:
description:
- Memory size in MB
required: true
default: None
disk:
description:
- Disk size in GB
required: true
default: None
ephemeral:
description:
- Ephemeral disk size in GB
required: false
default: None
swap:
description:
- Swap space size in GB
required: false
default: None
vcpus:
description:
- Number of vcpus
required: true
default: None
rxtx-factor:
description:
- RX/TX factor
required: false
default: None
is_public:
description:
- Indicate if flavor is available to other projects
required: false
default: True
requirements: ["novaclient"]
author: Guang Yee
'''
EXAMPLES = '''
# Creates a new flavor
- create_flavor: login_username=admin login_password=admin
login_tenant_name=admin name=m1.tiny id=1 ram=512 vcpus=1
'''
def _find_flavor(client, name):
""" Return the first flavor which matches the given name """
for flavor in client.flavors.list():
if flavor.name == name:
return flavor
def create_flavor(client, name, ram, vcpus, disk, **args):
""" Create a new flavor if one does not exist. """
flavor = _find_flavor(client, name)
if flavor:
return dict(changed=False, id=flavor.id)
flavor = client.flavors.create(name, ram, vcpus, disk, **args)
return dict(changed=True, id=flavor.id)
def main():
module = AnsibleModule( # noqa
argument_spec=dict(
auth_url=dict(required=False,
default='http://127.0.0.1:35357/v3'),
login_project_name=dict(required=False, default='service'),
login_project_domain_name=dict(required=False, default='Default'),
login_username=dict(required=False, default='nova'),
login_user_domain_name=dict(required=False, default='Default'),
login_password=dict(required=False, default='password'),
region_name=dict(required=False, default='RegionOne'),
ca_cert=dict(required=False, default=None),
name=dict(required=True),
ram=dict(required=True),
vcpus=dict(required=True),
disk=dict(required=True),
flavorid=dict(required=False),
ephemeral=dict(required=False),
swap=dict(required=False),
rxtx_factor=dict(required=False),
is_public=dict(required=False)
),
supports_check_mode=False
)
optional_args = {}
for arg in ['flavorid', 'ephemeral', 'swap', 'rxtx_factor', 'is_public']:
if arg in module.params and module.params[arg] is not None:
optional_args[arg] = module.params[arg]
ks_auth = v3.Password(
auth_url=module.params['auth_url'],
username=module.params['login_username'],
user_domain_name=module.params['login_user_domain_name'],
project_name=module.params['login_project_name'],
project_domain_name=module.params['login_project_domain_name'],
password=module.params['login_password'])
ks_session = session.Session(auth=ks_auth,
verify=module.params['ca_cert'] or True)
client = nova_client.Client('2',
session=ks_session,
region_name=module.params['region_name'],
service_type='compute',
endpoint_type='internalURL')
try:
d = create_flavor(client, module.params['name'], module.params['ram'],
module.params['vcpus'], module.params['disk'],
**optional_args)
except Exception, e:
module.fail_json(msg='Exception: %s' % e)
else:
module.exit_json(**d)
if __name__ == "__main__":
main()
07070100000161000041ED0000000000000000000000025F71E19F00000000000000000000000000000000000000000000004600000000ardana-nova-8.0+git.1601298847.dd01585/roles/nova-post-configure/meta07070100000162000081A40000000000000000000000015F71E19F000002AC000000000000000000000000000000000000004F00000000ardana-nova-8.0+git.1601298847.dd01585/roles/nova-post-configure/meta/main.yml#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
dependencies:
- role: nova-common
07070100000163000041ED0000000000000000000000025F71E19F00000000000000000000000000000000000000000000004700000000ardana-nova-8.0+git.1601298847.dd01585/roles/nova-post-configure/tasks07070100000164000081A40000000000000000000000015F71E19F00000AB5000000000000000000000000000000000000006400000000ardana-nova-8.0+git.1601298847.dd01585/roles/nova-post-configure/tasks/_delete_cell1_duplicates.yml#
# (c) Copyright 2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# this file can be removed at a later date when we are absolutely
# sure all customers have patched bsc#1091490 on their systems
# kindly delete any duplicates
- name: nova-post-configure | _delete_cell1_duplicates |
Query for cell1 mapping UUIDs
become: yes
shell: >
{{ nova_api_bin_dir }}/nova-manage
cell_v2 list_cells 2>/dev/null |
grep "^| *cell1 " | awk '{ print $4 }'
register: _cell_mapping_uuid_result
run_once_per: verb_hosts.NOV_API
- name: nova-post-configure | _delete_cell1_duplicates |
Delete all unused cell1 mappings
become: yes
command: >
{{ nova_api_bin_dir }}/nova-manage
cell_v2 delete_cell --cell_uuid {{ item }}
with_items: "{{ _cell_mapping_uuid_result.stdout_lines }}"
run_once_per: verb_hosts.NOV_API
ignore_errors: yes
when: _cell_mapping_uuid_result.stdout_lines | length > 1
# forcefully delete remaining duplicates
- name: nova-post-configure | _delete_cell1_duplicates |
Query for remaining cell1 mapping UUIDs
become: yes
shell: >
{{ nova_api_bin_dir }}/nova-manage
cell_v2 list_cells 2>/dev/null |
grep "^| *cell1 " | awk '{ print $4 }'
register: _cell_mapping_uuid_result
- name: nova-post-configure | _delete_cell1_duplicates |
Ensure all remaining cell1 mappings are valid
become: yes
command: >
{{ nova_api_bin_dir }}/nova-manage
cell_v2 update_cell --cell_uuid {{ item }}
--database_connection "{{ database_connection }}"
--transport-url "{{ rabbit_hosts_transport_url }}"
with_items: "{{ _cell_mapping_uuid_result.stdout_lines }}"
no_log: True
- name: nova-post-configure | _delete_cell1_duplicates | Force delete duplicates
become: yes
command: >
{{ nova_api_bin_dir }}/nova-manage
cell_v2 delete_cell --force --cell_uuid {{ item }}
with_items: "{{ _cell_mapping_uuid_result.stdout_lines[1:] }}"
run_once_per: verb_hosts.NOV_API
when: _cell_mapping_uuid_result.stdout_lines | length > 1
# recreate all forcefully deleted host to cell mappings
- name: nova-post-configure | _delete_cell1_duplicates |
Recreate all forcefully deleted host to cell mappings
include: discover_hosts_post_deploy.yml
07070100000165000081A40000000000000000000000015F71E19F000007CC000000000000000000000000000000000000006000000000ardana-nova-8.0+git.1601298847.dd01585/roles/nova-post-configure/tasks/_update_cell_mapping.yml#
# (c) Copyright 2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- name: nova-post-configure | _update_cell_mapping | Query for cell mapping UUID
become: yes
shell: >
{{ nova_api_bin_dir }}/nova-manage
cell_v2 list_cells 2>/dev/null |
grep "^| *{{ cell_mapping_name }} " | awk '{ print $4 }'
register: _cell_mapping_uuid_result
run_once_per: verb_hosts.NOV_API
- name: nova-post-configure | _update_cell_mapping | Create/update cell mapping
become: yes
command: >
{{ nova_api_bin_dir }}/nova-manage
{%- if _cell_mapping_uuid_result.stdout == '' %}
{%- if cell_mapping_name == 'cell0' %}
cell_v2 map_cell0
{%- else %}
cell_v2 create_cell --name={{ cell_mapping_name }} --verbose
{%- endif %}
{%- else %}
cell_v2 update_cell --cell_uuid {{ _cell_mapping_uuid_result.stdout }}
{%- endif %}
{%- if cell_mapping_name == 'cell0' %}
--database_connection "{{ cell0_database_connection }}"
{%- if _cell_mapping_uuid_result.stdout != '' %}
--transport-url "{{ cell0_rabbit_hosts_transport_url }}"
{%- endif %}
{%- else %}
--database_connection "{{ database_connection }}"
--transport-url "{{ rabbit_hosts_transport_url }}"
{%- endif %}
no_log: True
run_once_per: verb_hosts.NOV_API
- name: nova-post-configure | _update_cell_mapping | Restart nova-api service
command: /bin/true
register: ardana_notify_nova_api_restart_required
07070100000166000081A40000000000000000000000015F71E19F000006E3000000000000000000000000000000000000006200000000ardana-nova-8.0+git.1601298847.dd01585/roles/nova-post-configure/tasks/create_default_flavors.yml#
# (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
# Create the default flavors
- name: nova-post-configure | create_default_flavors | Create default flavors
become: yes
create_flavor:
auth_url: "{{ keystone.endpoint }}"
login_username: "{{ keystone.nova_admin_user }}"
login_user_domain_name: "{{ keystone.nova_admin_user_domain_name }}"
login_password: "{{ keystone.nova_admin_password }}"
login_project_name: "{{ keystone.service_tenant }}"
login_project_domain_name: "{{ keystone.service_tenant_domain_name }}"
region_name: "{{ nova_api.internal_region }}"
ca_cert: "{{ ca_certs_file }}"
name: "{{ item.name }}"
flavorid: "{{ item.flavorid }}"
ram: "{{ item.ram }}"
disk: "{{ item.disk }}"
vcpus: "{{ item.vcpus }}"
run_once_per: verb_hosts.NOV_API
with_items:
- { flavorid: 1, name: m1.tiny, ram: 512, disk: 1, vcpus: 1}
- { flavorid: 2, name: m1.small, ram: 2048, disk: 20, vcpus: 1}
- { flavorid: 3, name: m1.medium, ram: 4096, disk: 40, vcpus: 2}
- { flavorid: 4, name: m1.large, ram: 8192, disk: 80, vcpus: 4}
- { flavorid: 5, name: m1.xlarge, ram: 16384, disk: 160, vcpus: 8}
07070100000167000081A40000000000000000000000015F71E19F00000478000000000000000000000000000000000000005400000000ardana-nova-8.0+git.1601298847.dd01585/roles/nova-post-configure/tasks/db_cells.yml#
# (c) Copyright 2017-2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# Nova Database
---
# this step can be removed at a later date when we are absolutely
# sure all customers have patched bsc#1091490 on their systems
- name: nova-post-configure | db_cells | Remove duplicate cell1 mappings
include: _delete_cell1_duplicates.yml
- name: nova-post-configure | db_cells | Create/update cell mapping cell0
include: _update_cell_mapping.yml
vars:
cell_mapping_name: 'cell0'
- name: nova-post-configure | db_cells | Create/update cell mapping cell1
include: _update_cell_mapping.yml
vars:
cell_mapping_name: 'cell1'
07070100000168000081A40000000000000000000000015F71E19F00000C96000000000000000000000000000000000000005800000000ardana-nova-8.0+git.1601298847.dd01585/roles/nova-post-configure/tasks/db_configure.yml#
# (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# Nova Database
---
# This task always reports changed
- name: nova-post-configure | db_configure | Run nova-manage api db sync
become: yes
command: >
{{ nova_api_bin_dir }}/nova-manage
--config-file {{ nova_api_conf_dir }}/nova.conf
--config-file {{ nova_api_conf_dir }}/api.conf
api_db sync
run_once_per: verb_hosts.NOV_API
- name: nova-post-configure | db_configure |
Prepare cell0 and cell1 during normal deployment
include: db_cells.yml
when: list_cells_result is undefined
# This task always reports changed
- name: nova-post-configure | db_configure | Run nova-manage db sync
become: yes
command: >
{{ nova_api_bin_dir }}/nova-manage
--config-file {{ nova_api_conf_dir }}/nova.conf
--config-file {{ nova_api_conf_dir }}/api.conf
db sync
run_once_per: verb_hosts.NOV_API
# We need to fix the dates per
#
# https://bugzilla.suse.com/show_bug.cgi?id=1056240
#
# prior to the migration
- name: nova-post-configure | db_configure | Copy fix_instance_types.sh script
become: yes
copy:
src: "fix_instance_types.sh"
dest: "/tmp/fix_instance_types.sh"
mode: 0700
delegate_to: "{{ mysql_cli_host }}"
run_once: true
- name: nova-post-configure | db_configure | Fix dates for instance_type
become: yes
command: >
/tmp/fix_instance_types.sh
delegate_to: "{{ mysql_cli_host }}"
run_once: true
- name: nova-post-configure | db_configure | Remove fix_instance_types.sh script
become: yes
file:
path: "/tmp/fix_instance_types.sh"
state: absent
run_once_per: verb_hosts.NOV_API
# This task always reports changes
- name: nova-post-configure | db_configure | Run nova-manage db online migrate
become: yes
command: >
{{ nova_api_bin_dir }}/nova-manage
--config-file {{ nova_api_conf_dir }}/nova.conf
--config-file {{ nova_api_conf_dir }}/api.conf
db online_data_migrations
run_once_per: verb_hosts.NOV_API
# operation above sets the owner of file to root - needs to be nova
- name: nova-post-configure | db_configure | set log file owner
become: yes
file:
path: "{{ item }}"
owner: "{{ nova_system_user }}"
group: "{{ nova_log_group }}"
mode: 0640
state: touch
with_items: nova_log_files
# operation above sets the owner of file to root - needs to be nova
- name: nova-post-configure | db_configure | set audit log file owner
become: yes
file:
path: "{{ nova_audit_log_location }}/nova-audit.log"
owner: "{{ nova_system_user }}"
group: "{{ nova_log_group }}"
mode: 0640
state: touch
when: nova_api_audit_enable
07070100000169000081A40000000000000000000000015F71E19F000002E5000000000000000000000000000000000000005700000000ardana-nova-8.0+git.1601298847.dd01585/roles/nova-post-configure/tasks/db_contract.yml#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# tasks against the database that will drop unused columns etc..
---
# TODO: define actions here
0707010000016A000081A40000000000000000000000015F71E19F000003B6000000000000000000000000000000000000005500000000ardana-nova-8.0+git.1601298847.dd01585/roles/nova-post-configure/tasks/db_expand.yml#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# tasks against the nova database that will add new columns, tables
# and/or remove redundant data prior to upgrade
---
- name: nova-post-configure | db_expand | Prepare cell0 and cell1 during upgrade
include: db_cells.yml
- name: nova-post-configure | db_expand | DB Expand
include: db_configure.yml
0707010000016B000081A40000000000000000000000015F71E19F0000062D000000000000000000000000000000000000006600000000ardana-nova-8.0+git.1601298847.dd01585/roles/nova-post-configure/tasks/discover_hosts_post_deploy.yml#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017-2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
# cells: discover hosts
- name: nova-post-configure | discover_hosts_post_deploy | Map hosts to cell
become: yes
command: >
{{ nova_api_bin_dir }}/nova-manage
cell_v2 discover_hosts --verbose
run_once_per: verb_hosts.NOV_API
# When upgrading we need to map existing instances to the new cell1
# To do this we need the cell UUID.
- name: nova-post-configure | discover_hosts_post_deploy |
Get UUID of new Nova Cell
shell: >
{{ nova_api_bin_dir }}/nova-manage
--config-dir {{ nova_api_conf_dir }}
cell_v2 list_cells | grep cell1
become: yes
ignore_errors: yes
register: cell1_result
- name: nova-post-configure | discover_hosts_post_deploy |
Map instances to new Cell1
command: >
{{ nova_api_bin_dir }}/nova-manage
--config-dir {{ nova_api_conf_dir }}
cell_v2 map_instances --cell_uuid {{ cell1_result['stdout'].split()[3] }}
become: yes
when: cell1_result | success
0707010000016C000081A40000000000000000000000015F71E19F00000791000000000000000000000000000000000000006400000000ardana-nova-8.0+git.1601298847.dd01585/roles/nova-post-configure/tasks/keystone_change_password.yml#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# Nova keystone password change
---
- name: nova-post-configure | keystone_change_password |
Get a domain scoped token
keystone_v3:
endpoint: "{{ keystone.endpoint }}"
login_username: "{{ keystone.admin_user }}"
login_password: "{{ keystone.admin_password }}"
login_user_domain_name: "{{ keystone.default_domain_name }}"
login_domain_name: "{{ keystone.default_domain_name }}"
action: "token_get"
run_once: true
register: domain_scoped_token_result
- name: nova-post-configure | keystone_change_password |
Change Nova Keystone password
become: yes
keystone_v3:
action: "reset_password_by_admin"
endpoint: "{{ keystone.endpoint }}"
login_token: "{{ domain_scoped_token_result.result }}"
user_name: "{{ keystone.nova_admin_user }}"
user_password: "{{ keystone.nova_admin_password }}"
user_domain_name: "Default"
run_once: true
- name: nova-post-configure | keystone_change_password |
Change Nova Monitoring password
become: yes
keystone_v3:
action: "reset_password_by_admin"
endpoint: "{{ keystone.endpoint }}"
login_token: "{{ domain_scoped_token_result.result }}"
user_name: "{{ monasca.nova_user }}"
user_password: "{{ monasca.nova_password }}"
user_domain_name: "Default"
run_once: true0707010000016D000081A40000000000000000000000015F71E19F00000C0D000000000000000000000000000000000000005900000000ardana-nova-8.0+git.1601298847.dd01585/roles/nova-post-configure/tasks/keystone_conf.yml#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# Nova keystone configuration
---
- name: nova-post-configure | keystone_conf | Get a domain scoped token
keystone_v3:
endpoint: "{{ keystone.endpoint }}"
login_username: "{{ keystone.admin_user }}"
login_password: "{{ keystone.admin_password }}"
login_user_domain_name: "{{ keystone.default_domain_name }}"
login_domain_name: "{{ keystone.default_domain_name }}"
action: "token_get"
run_once: true
changed_when: false
register: domain_scoped_token_result
- name: nova-post-configure | keystone_conf | Create Nova Keystone User
keystone_v3:
action: "create_user"
endpoint: "{{ keystone.endpoint }}"
login_token: "{{ domain_scoped_token_result.result }}"
user_name: "{{ keystone.nova_admin_user }}"
user_password: "{{ keystone.nova_admin_password }}"
user_domain_name: "Default"
run_once: true
- name: nova-post-configure | keystone_conf | Add role to Nova User
keystone_v3:
action: "grant_project_role"
endpoint: "{{ keystone.endpoint }}"
login_token: "{{ domain_scoped_token_result.result }}"
project_name: "{{ keystone.service_tenant }}"
user_name: "{{ keystone.nova_admin_user }}"
role_name: "{{ keystone.role }}"
user_domain_name: "Default"
project_domain_name: "Default"
run_once: true
- name: nova-post-configure | keystone_conf | Create Nova Admin role in Keystone
keystone_v3:
action: "create_role"
endpoint: "{{ keystone.endpoint }}"
login_token: "{{ domain_scoped_token_result.result }}"
role_name: "nova_admin"
description: "Nova admin role"
run_once: true
#
# placement api user
#
- name: nova-post-configure | keystone_conf | Create nova-placement-api user
keystone_v3:
action: "create_user"
endpoint: "{{ keystone.endpoint }}"
login_token: "{{ domain_scoped_token_result.result }}"
user_name: "{{ nova_placement_api.username }}"
user_password: "{{ nova_placement_api.password }}"
user_domain_name: "Default"
run_once: true
- name: nova-post-configure | keystone_conf | Add role nova-placement-api user
keystone_v3:
action: "grant_project_role"
endpoint: "{{ keystone.endpoint }}"
login_token: "{{ domain_scoped_token_result.result }}"
project_name: "{{ keystone.service_tenant }}"
user_name: "{{ nova_placement_api.username }}"
role_name: "{{ keystone.role }}"
user_domain_name: "Default"
project_domain_name: "Default"
run_once: true
0707010000016E000081A40000000000000000000000015F71E19F000001D4000000000000000000000000000000000000003100000000ardana-nova-8.0+git.1601298847.dd01585/setup.cfg[metadata]
name = nova-ansible
author = "SUSE LLC"
author-email = ardana@googlegroups.com
summary = Nova Ansible tests
classifier =
Development Status :: 4 - Beta
Environment :: Console
Environment :: OpenStack
Intended Audience :: Developers
Intended Audience :: Information Technology
License :: OSI Approved :: Apache Software License
Operating System :: OS Independent
Programming Language :: Python
[files]
packages =
NOV-MON
0707010000016F000081A40000000000000000000000015F71E19F00000424000000000000000000000000000000000000003000000000ardana-nova-8.0+git.1601298847.dd01585/setup.py# Copyright (c) 2013 Hewlett-Packard Development Company, L.P.
# Copyright (c) 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
# implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# THIS FILE IS MANAGED BY THE GLOBAL REQUIREMENTS REPO - DO NOT EDIT
import setuptools
# In python < 2.7.4, a lazy loading of package `pbr` will break
# setuptools if some other modules registered functions in `atexit`.
# solution from: http://bugs.python.org/issue15881#msg170215
try:
import multiprocessing # noqa
except ImportError:
pass
setuptools.setup(
setup_requires=['pbr>=2.0.0'],
pbr=True)
07070100000170000081A40000000000000000000000015F71E19F000001F3000000000000000000000000000000000000003D00000000ardana-nova-8.0+git.1601298847.dd01585/test-requirements.txt# The order of packages is significant, because pip processes them in the order
# of appearance. Changing the order has an impact on the overall integration
# process, which may cause wedges in the gate later.
mock>=2.0 # BSD
testrepository>=0.0.18 # Apache-2.0/BSD
testtools>=1.4.0 # MIT
python-novaclient>=9.0.0 # Apache-2.0
python-monascaclient>=1.7.0 # Apache-2.0
oslo.serialization!=2.19.1,>=1.10.0 # Apache-2.0
oslo.utils>=3.20.0 # Apache-2.0
python-keystoneclient>=3.8.0 # Apache-2.0
flake8
07070100000171000041ED0000000000000000000000035F71E19F00000000000000000000000000000000000000000000002D00000000ardana-nova-8.0+git.1601298847.dd01585/tests07070100000172000041ED0000000000000000000000025F71E19F00000000000000000000000000000000000000000000003500000000ardana-nova-8.0+git.1601298847.dd01585/tests/NOV_MON07070100000173000081A40000000000000000000000015F71E19F00000000000000000000000000000000000000000000004100000000ardana-nova-8.0+git.1601298847.dd01585/tests/NOV_MON/__init__.py07070100000174000081A40000000000000000000000015F71E19F00001283000000000000000000000000000000000000005200000000ardana-nova-8.0+git.1601298847.dd01585/tests/NOV_MON/test_nova_heartbeat_check.py#
# (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
import mock
import unittest
import keystoneclient
import NOV_MON.nova_heartbeat_check as nhc
from novaclient import client as novacli
class TestNovaHeartbeatCheck(unittest.TestCase):
def setUp(self):
nhc.THIS_HOST = 'this_host'
# Create without calling __init__, as that takes several parameters
self.nhc = nhc.NovaHeartbeatCheck.__new__(nhc.NovaHeartbeatCheck)
self.nhc.client = None
self.nhc.log = mock.MagicMock()
def test_metric1(self):
metric = nhc.metric()
self.assertNotIn('value_meta', metric)
self.assertEqual('nova.heartbeat', metric['metric'])
self.assertEqual(nhc.FAIL, metric['value'])
dims = metric['dimensions']
self.assertEqual('compute', dims['service'])
self.assertIsNotNone(dims['observer_hostname'])
def test_metric2(self):
metric = nhc.metric(message='omg', cat='meow')
self.assertEqual('omg', metric['value_meta']['msg'])
dims = metric['dimensions']
self.assertEqual('meow', dims['cat'])
@mock.patch.object(novacli.Client, '__init__',
return_value=None)
@mock.patch.object(keystoneclient.session.Session, '__init__',
return_value=None)
@mock.patch.object(keystoneclient.auth.identity.v3.Password, '__init__',
return_value=None)
def test_get_client(self, mock_pass, mock_session, mock_client):
self.nhc.init_config = {'keystone': {'project_name': 'aa'},
'nova': {'endpoint_type': 'bb'}}
client = self.nhc._get_client()
self.assertIsNotNone(client)
def mk_service(self, **kwargs):
data = {'status': 'enabled',
'binary': 'nova-compute',
'zone': 'nova',
'state': 'up',
'updated_at': '2015-10-03T02:33:38.000000',
'host': 'this_host',
'disabled_reason': None,
'id': 31}
data.update(kwargs)
svc = mock.MagicMock()
for k, v in data.items():
setattr(svc, k, v)
return svc
def test_get_state(self):
svc = self.mk_service()
self.assertEqual('enabled', svc.status)
self.assertEqual('nova-compute', svc.binary)
self.assertEqual(nhc.OK, self.nhc._get_state(svc))
svc.state = 'down'
self.assertEqual(nhc.FAIL, self.nhc._get_state(svc))
svc.status = 'disabled'
self.assertEqual(nhc.OK, self.nhc._get_state(svc))
svc.state = 'up'
self.assertEqual(nhc.OK, self.nhc._get_state(svc))
def test_gather_metrics(self):
@mock.patch.object(self.nhc, '_get_client')
def fn(mock_client):
mock_client.return_value.services.list.return_value = [
self.mk_service(),
self.mk_service(host='other_host'),
]
return self.nhc._gather_metrics()
metrics = fn()
self.assertEqual(2, len(metrics))
self.assertEqual('this_host', metrics[0]['dimensions']['hostname'])
self.assertEqual('other_host', metrics[1]['dimensions']['hostname'])
def test_check(self):
metrics = [nhc.metric(state=nhc.OK, hostname='this_host'),
nhc.metric(state=nhc.FAIL, hostname='this_host')]
instance = mock.sentinel.instance
@mock.patch.object(self.nhc, 'gauge')
@mock.patch.object(self.nhc, '_set_dimensions',
side_effect=lambda *a: a[0])
@mock.patch.object(self.nhc, '_gather_metrics',
return_value=metrics)
def fn(mock_gather, mock_dims, mock_gauge):
self.nhc.check(instance)
mock_gather.assert_called_once_with()
self.assertEqual([mock.call(m['dimensions'], instance)
for m in metrics],
mock_dims.call_args_list)
self.assertEqual([mock.call(**m) for m in metrics],
mock_gauge.call_args_list)
fn()
07070100000175000081A40000000000000000000000015F71E19F00000000000000000000000000000000000000000000003900000000ardana-nova-8.0+git.1601298847.dd01585/tests/__init__.py07070100000176000081A40000000000000000000000015F71E19F000001EC000000000000000000000000000000000000002F00000000ardana-nova-8.0+git.1601298847.dd01585/tox.ini[tox]
envlist = py27,pep8
skipsdist = True
[testenv:pep8]
commands =
flake8 {posargs}
[testenv]
whitelist_externals = bash
find
rm
setenv = VIRTUAL_ENV={envdir}
LANGUAGE=en_US
LC_ALL=en_US.utf-8
deps = -r{toxinidir}/test-requirements.txt
commands =
find . -type f -name "*.pyc" -delete
python setup.py testr --slowest
passenv = http_proxy HTTP_PROXY https_proxy HTTPS_PROXY no_proxy NO_PROXY
[flake8]
exclude = .tox,.git
07070100000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000B00000000TRAILER!!!970 blocks
