File ardana-octavia-9.0+git.1590079609.a2ae6ab.obscpio of Package ardana-octavia
07070100000000000081A40000000000000000000000015EC6B07900000034000000000000000000000000000000000000003B00000000ardana-octavia-9.0+git.1590079609.a2ae6ab/.copyrightignore.copyrightignore
roles/octavia-common/files/sudoers
07070100000001000081A40000000000000000000000015EC6B0790000007E000000000000000000000000000000000000003500000000ardana-octavia-9.0+git.1590079609.a2ae6ab/.gitreview[gerrit]
host=gerrit.suse.provo.cloud
port=29418
project=ardana/octavia-ansible.git
defaultremote=ardana
defaultbranch=master
07070100000002000081A40000000000000000000000015EC6B0790000279F000000000000000000000000000000000000003200000000ardana-octavia-9.0+git.1590079609.a2ae6ab/LICENSE
Apache License
Version 2.0, January 2004
http://www.apache.org/licenses/
TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
1. Definitions.
"License" shall mean the terms and conditions for use, reproduction,
and distribution as defined by Sections 1 through 9 of this document.
"Licensor" shall mean the copyright owner or entity authorized by
the copyright owner that is granting the License.
"Legal Entity" shall mean the union of the acting entity and all
other entities that control, are controlled by, or are under common
control with that entity. For the purposes of this definition,
"control" means (i) the power, direct or indirect, to cause the
direction or management of such entity, whether by contract or
otherwise, or (ii) ownership of fifty percent (50%) or more of the
outstanding shares, or (iii) beneficial ownership of such entity.
"You" (or "Your") shall mean an individual or Legal Entity
exercising permissions granted by this License.
"Source" form shall mean the preferred form for making modifications,
including but not limited to software source code, documentation
source, and configuration files.
"Object" form shall mean any form resulting from mechanical
transformation or translation of a Source form, including but
not limited to compiled object code, generated documentation,
and conversions to other media types.
"Work" shall mean the work of authorship, whether in Source or
Object form, made available under the License, as indicated by a
copyright notice that is included in or attached to the work
(an example is provided in the Appendix below).
"Derivative Works" shall mean any work, whether in Source or Object
form, that is based on (or derived from) the Work and for which the
editorial revisions, annotations, elaborations, or other modifications
represent, as a whole, an original work of authorship. For the purposes
of this License, Derivative Works shall not include works that remain
separable from, or merely link (or bind by name) to the interfaces of,
the Work and Derivative Works thereof.
"Contribution" shall mean any work of authorship, including
the original version of the Work and any modifications or additions
to that Work or Derivative Works thereof, that is intentionally
submitted to Licensor for inclusion in the Work by the copyright owner
or by an individual or Legal Entity authorized to submit on behalf of
the copyright owner. For the purposes of this definition, "submitted"
means any form of electronic, verbal, or written communication sent
to the Licensor or its representatives, including but not limited to
communication on electronic mailing lists, source code control systems,
and issue tracking systems that are managed by, or on behalf of, the
Licensor for the purpose of discussing and improving the Work, but
excluding communication that is conspicuously marked or otherwise
designated in writing by the copyright owner as "Not a Contribution."
"Contributor" shall mean Licensor and any individual or Legal Entity
on behalf of whom a Contribution has been received by Licensor and
subsequently incorporated within the Work.
2. Grant of Copyright License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
copyright license to reproduce, prepare Derivative Works of,
publicly display, publicly perform, sublicense, and distribute the
Work and such Derivative Works in Source or Object form.
3. Grant of Patent License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
(except as stated in this section) patent license to make, have made,
use, offer to sell, sell, import, and otherwise transfer the Work,
where such license applies only to those patent claims licensable
by such Contributor that are necessarily infringed by their
Contribution(s) alone or by combination of their Contribution(s)
with the Work to which such Contribution(s) was submitted. If You
institute patent litigation against any entity (including a
cross-claim or counterclaim in a lawsuit) alleging that the Work
or a Contribution incorporated within the Work constitutes direct
or contributory patent infringement, then any patent licenses
granted to You under this License for that Work shall terminate
as of the date such litigation is filed.
4. Redistribution. You may reproduce and distribute copies of the
Work or Derivative Works thereof in any medium, with or without
modifications, and in Source or Object form, provided that You
meet the following conditions:
(a) You must give any other recipients of the Work or
Derivative Works a copy of this License; and
(b) You must cause any modified files to carry prominent notices
stating that You changed the files; and
(c) You must retain, in the Source form of any Derivative Works
that You distribute, all copyright, patent, trademark, and
attribution notices from the Source form of the Work,
excluding those notices that do not pertain to any part of
the Derivative Works; and
(d) If the Work includes a "NOTICE" text file as part of its
distribution, then any Derivative Works that You distribute must
include a readable copy of the attribution notices contained
within such NOTICE file, excluding those notices that do not
pertain to any part of the Derivative Works, in at least one
of the following places: within a NOTICE text file distributed
as part of the Derivative Works; within the Source form or
documentation, if provided along with the Derivative Works; or,
within a display generated by the Derivative Works, if and
wherever such third-party notices normally appear. The contents
of the NOTICE file are for informational purposes only and
do not modify the License. You may add Your own attribution
notices within Derivative Works that You distribute, alongside
or as an addendum to the NOTICE text from the Work, provided
that such additional attribution notices cannot be construed
as modifying the License.
You may add Your own copyright statement to Your modifications and
may provide additional or different license terms and conditions
for use, reproduction, or distribution of Your modifications, or
for any such Derivative Works as a whole, provided Your use,
reproduction, and distribution of the Work otherwise complies with
the conditions stated in this License.
5. Submission of Contributions. Unless You explicitly state otherwise,
any Contribution intentionally submitted for inclusion in the Work
by You to the Licensor shall be under the terms and conditions of
this License, without any additional terms or conditions.
Notwithstanding the above, nothing herein shall supersede or modify
the terms of any separate license agreement you may have executed
with Licensor regarding such Contributions.
6. Trademarks. This License does not grant permission to use the trade
names, trademarks, service marks, or product names of the Licensor,
except as required for reasonable and customary use in describing the
origin of the Work and reproducing the content of the NOTICE file.
7. Disclaimer of Warranty. Unless required by applicable law or
agreed to in writing, Licensor provides the Work (and each
Contributor provides its Contributions) on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
implied, including, without limitation, any warranties or conditions
of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
PARTICULAR PURPOSE. You are solely responsible for determining the
appropriateness of using or redistributing the Work and assume any
risks associated with Your exercise of permissions under this License.
8. Limitation of Liability. In no event and under no legal theory,
whether in tort (including negligence), contract, or otherwise,
unless required by applicable law (such as deliberate and grossly
negligent acts) or agreed to in writing, shall any Contributor be
liable to You for damages, including any direct, indirect, special,
incidental, or consequential damages of any character arising as a
result of this License or out of the use or inability to use the
Work (including but not limited to damages for loss of goodwill,
work stoppage, computer failure or malfunction, or any and all
other commercial damages or losses), even if such Contributor
has been advised of the possibility of such damages.
9. Accepting Warranty or Additional Liability. While redistributing
the Work or Derivative Works thereof, You may choose to offer,
and charge a fee for, acceptance of support, warranty, indemnity,
or other liability obligations and/or rights consistent with this
License. However, in accepting such obligations, You may act only
on Your own behalf and on Your sole responsibility, not on behalf
of any other Contributor, and only if You agree to indemnify,
defend, and hold each Contributor harmless for any liability
incurred by, or claims asserted against, such Contributor by reason
of your accepting any such warranty or additional liability.
07070100000003000081A40000000000000000000000015EC6B0790000059D000000000000000000000000000000000000004100000000ardana-octavia-9.0+git.1590079609.a2ae6ab/_octavia-configure.yml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- hosts: OCT-API:OCT-HMX
become: yes
roles:
- octavia-common
tasks:
- include: roles/octavia-common/tasks/configure.yml
- hosts: OCT-API
become: yes
roles:
- octavia-common
- octavia-api
tasks:
- include: roles/octavia-api/tasks/configure.yml
- hosts: OCT-API
become: yes
roles:
- octavia-common
- octavia-worker
tasks:
- include: roles/octavia-common/tasks/tls_deploy.yml
- include: roles/octavia-worker/tasks/configure.yml
- hosts: OCT-HMX
become: yes
roles:
- octavia-common
- octavia-health-manager
tasks:
- include: roles/octavia-health-manager/tasks/configure.yml
- hosts: OCT-API
become: yes
roles:
- octavia-common
- octavia-housekeeping
tasks:
- include: roles/octavia-housekeeping/tasks/configure.yml
07070100000004000081A40000000000000000000000015EC6B07900000B9A000000000000000000000000000000000000004700000000ardana-octavia-9.0+git.1590079609.a2ae6ab/_octavia-guest-configure.yml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017-2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
# Read the values set by execution of service-guest-image.yml
- hosts: OCT-API
tasks:
- set_fact:
SRC_GUEST_IMAGE_DIR: "{{ hostvars.localhost.src_guest_image_tempdir.stdout}}"
- hosts: OCT-API
tasks:
- set_fact:
SRC_GUEST_IMAGE_FILE_NAME: "{{ hostvars.localhost.src_octavia_image_file_name.stdout }}"
- hosts: OCT-API
tasks:
- set_fact:
SERVICE_NAME: "{{ SRC_GUEST_IMAGE_FILE_NAME.split('-')[1] }}"
IMAGE_NAME: "{{ SRC_GUEST_IMAGE_FILE_NAME.split('.')[0] }}"
IMAGE_VERSION: "{{ SRC_GUEST_IMAGE_FILE_NAME.split('-')[-1][:5] }}"
# Copy the image file to OCT-API and upload it to glance
- hosts: OCT-API
roles:
- service-guest-image
- ses_common
- octavia-common
vars:
GLANCE_CLIENT: glance
openstack_project_name: "{{ octavia_project_name }}"
openstack_username: "{{ octavia_admin_user }}"
openstack_password: "{{ octavia_admin_password }}"
openstack_auth_url: "{{ octavia_auth_endpoint }}"
openstack_user_domain_name: "{{ octavia_user_domain_name }}"
openstack_project_domain_name: "{{ octavia_project_domain_name }}"
openstack_endpoint_type: "{{ octavia_endpoint_type }}"
openstack_ca_file: "{{ octavia_ca_file }}"
openstack_insecure: False
tasks:
- include: roles/service-guest-image/tasks/copy_image_file.yml
when: SERVICE_NAME == 'octavia'
- include: roles/ses_common/tasks/_include_setup.yml
- include: roles/service-guest-image/tasks/upload_image.yml
ansible_python_interpreter: "{{ GLA_CLI.vars.glance_client_python_interpreter }}"
when: SERVICE_NAME == 'octavia'
# Configure Octavia for the new image id
- hosts: OCT-API
become: yes
roles:
- octavia-common
vars:
octavia_amp_image_id: "{{service_guest_image_id.stdout}}"
tasks:
- include: roles/octavia-common/tasks/configure.yml
when: SERVICE_NAME == 'octavia'
# Configure Octavia for the new image tag
- hosts: OCT-API
become: yes
roles:
- octavia-common
vars:
octavia_amp_image_tag: "amphora"
tasks:
- include: roles/octavia-common/tasks/configure.yml
when: SERVICE_NAME == 'octavia'
# Restart the services to pick up the image ID
- include: octavia-stop.yml
when: SERVICE_NAME == 'octavia'
- include: octavia-start.yml
when: SERVICE_NAME == 'octavia'
07070100000005000081A40000000000000000000000015EC6B07900000308000000000000000000000000000000000000003F00000000ardana-octavia-9.0+git.1590079609.a2ae6ab/_octavia-install.yml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- hosts: OCT-API:OCT-HMX
become: yes
roles:
- octavia-common
tasks:
- include: roles/octavia-common/tasks/install.yml
07070100000006000081A40000000000000000000000015EC6B079000002E8000000000000000000000000000000000000004800000000ardana-octavia-9.0+git.1590079609.a2ae6ab/_octavia-schedule-restart.yml#
# (c) Copyright 2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
# Schedule a restart of all octavia services using ardana_notify_... variables
- hosts: all
tasks:
- include: roles/octavia-common/tasks/_schedule_restart.yml07070100000007000041ED0000000000000000000000025EC6B07900000000000000000000000000000000000000000000003100000000ardana-octavia-9.0+git.1590079609.a2ae6ab/config07070100000008000081A40000000000000000000000015EC6B0790000064F000000000000000000000000000000000000004600000000ardana-octavia-9.0+git.1590079609.a2ae6ab/config/octavia-symlinks.yml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# The following relative symlinks are created under the
# my_cloud/config directory.
---
symlinks:
"octavia/octavia-api.conf.j2": "roles/octavia-common/templates/octavia-api.conf.j2"
"octavia/octavia-api-logging.conf.j2": "roles/octavia-common/templates/octavia-api-logging.conf.j2"
"octavia/octavia-worker.conf.j2": "roles/octavia-common/templates/octavia-worker.conf.j2"
"octavia/octavia-worker-logging.conf.j2": "roles/octavia-common/templates/octavia-worker-logging.conf.j2"
"octavia/octavia-health-manager.conf.j2": "roles/octavia-common/templates/octavia-health-manager.conf.j2"
"octavia/octavia-hm-logging.conf.j2": "roles/octavia-common/templates/octavia-hm-logging.conf.j2"
"octavia/octavia-housekeeping.conf.j2": "roles/octavia-common/templates/octavia-housekeeping.conf.j2"
"octavia/octavia-hk-logging.conf.j2": "roles/octavia-common/templates/octavia-hk-logging.conf.j2"
"octavia/policy.json.j2": "roles/octavia-common/templates/policy.json.j2"
07070100000009000081A40000000000000000000000015EC6B07900000C1C000000000000000000000000000000000000003D00000000ardana-octavia-9.0+git.1590079609.a2ae6ab/octavia-deploy.yml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- hosts: localhost
connection: local
roles:
- tls-trust
- octavia-common
tasks:
- include: roles/octavia-common/tasks/tls_bootstrap.yml
- include: roles/tls-trust/tasks/cert_csr.yml
- include: roles/tls-trust/tasks/cert_sign.yml
- include: roles/octavia-common/tasks/tls_copy.yml
- hosts: OCT-API
become: yes
roles:
- octavia-post-configure
tasks:
- include: roles/octavia-post-configure/tasks/keystone_conf.yml
ansible_python_interpreter: "{{ KEY_CLI.vars.keystone_client_python_interpreter }}"
- hosts: OCT-API:OCT-HMX
become: yes
roles:
- octavia-common
tasks:
- include: roles/octavia-common/tasks/install.yml
- include: roles/octavia-common/tasks/configure.yml
- include: roles/octavia-common/tasks/start.yml
- hosts: OCT-API
become: yes
roles:
- octavia-post-configure
tasks:
- include: roles/octavia-post-configure/tasks/db_configure.yml
- hosts: OCT-API
become: yes
roles:
- octavia-post-configure
tasks:
- include: roles/octavia-post-configure/tasks/set_quotas.yml
ansible_python_interpreter: "{{ NEU_CLI.vars.neutron_client_python_interpreter }}"
- hosts: OCT-API
become: yes
roles:
- octavia-common
- octavia-api
tasks:
- include: roles/octavia-api/tasks/configure.yml
- include: roles/octavia-api/tasks/start.yml
- hosts: OCT-API
become: yes
roles:
- octavia-common
- octavia-worker
tasks:
- include: roles/octavia-common/tasks/tls_deploy.yml
- include: roles/octavia-worker/tasks/configure.yml
- include: roles/octavia-worker/tasks/start.yml
- hosts: OCT-HMX
become: yes
roles:
- octavia-common
- octavia-health-manager
tasks:
- include: roles/octavia-health-manager/tasks/configure.yml
- include: roles/octavia-health-manager/tasks/start.yml
- hosts: OCT-API
become: yes
roles:
- octavia-common
- octavia-housekeeping
tasks:
- include: roles/octavia-housekeeping/tasks/configure.yml
- include: roles/octavia-housekeeping/tasks/start.yml
# after everything is running, turn on monitoring
- hosts: OCT-API:OCT-HMX:&MON-AGN
roles:
- octavia-common
- { role: monasca-agent, run_mode: Use }
tasks:
- include: roles/octavia-common/tasks/setup_monasca_service_plugin.yml
# set up active check of octavia api via vip
- hosts: OCT-API:&MON-AGN
roles:
- octavia-common
- { role: monasca-agent, run_mode: Use }
tasks:
- include: roles/octavia-common/tasks/remote_monitor.yml
0707010000000A000081A40000000000000000000000015EC6B079000003B0000000000000000000000000000000000000005500000000ardana-octavia-9.0+git.1590079609.a2ae6ab/octavia-reconfigure-credentials-change.yml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- hosts: OCT-API
become: yes
roles:
- octavia-post-configure
tasks:
- include: roles/octavia-post-configure/tasks/keystone_change_pwd.yml
ansible_python_interpreter: "{{ KEY_CLI.vars.keystone_client_python_interpreter }}"
- include: _octavia-configure.yml
- include: octavia-start.yml
0707010000000B000081A40000000000000000000000015EC6B07900000700000000000000000000000000000000000000004200000000ardana-octavia-9.0+git.1590079609.a2ae6ab/octavia-reconfigure.yml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- hosts: localhost
connection: local
roles:
- tls-trust
- octavia-common
tasks:
- include: roles/octavia-common/tasks/tls_bootstrap.yml
- include: roles/tls-trust/tasks/cert_csr.yml
- include: roles/tls-trust/tasks/cert_sign.yml
- include: roles/octavia-common/tasks/tls_copy.yml
- hosts: OCT-API
become: yes
roles:
- octavia-post-configure
tasks:
- include: roles/octavia-post-configure/tasks/keystone_conf.yml
ansible_python_interpreter: "{{ KEY_CLI.vars.keystone_client_python_interpreter }}"
- include: _octavia-configure.yml
- hosts: OCT-API
become: yes
roles:
- octavia-post-configure
tasks:
- include: roles/octavia-post-configure/tasks/db_configure.yml
- hosts: OCT-API:OCT-HMX:&MON-AGN
roles:
- octavia-common
- { role: monasca-agent, run_mode: Use }
tasks:
- include: roles/octavia-common/tasks/setup_monasca_service_plugin.yml
# set up active check of octavia api via vip
- hosts: OCT-API:&MON-AGN
roles:
- octavia-common
- { role: monasca-agent, run_mode: Use }
tasks:
- include: roles/octavia-common/tasks/remote_monitor.yml
- include: octavia-start.yml
0707010000000C000081A40000000000000000000000015EC6B0790000028B000000000000000000000000000000000000003E00000000ardana-octavia-9.0+git.1590079609.a2ae6ab/octavia-restart.yml#
# (c) Copyright 2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- include: _octavia-schedule-restart.yml
- include: octavia-start.yml
0707010000000D000081A40000000000000000000000015EC6B07900000552000000000000000000000000000000000000003C00000000ardana-octavia-9.0+git.1590079609.a2ae6ab/octavia-start.yml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- hosts: OCT-API:OCT-HMX
become: yes
roles:
- octavia-common
tasks:
- include: roles/octavia-common/tasks/start.yml
- hosts: OCT-API
become: yes
roles:
- octavia-common
- octavia-api
tasks:
- include: roles/octavia-api/tasks/start.yml
- hosts: OCT-API
become: yes
roles:
- octavia-common
- octavia-worker
tasks:
- include: roles/octavia-worker/tasks/start.yml
- hosts: OCT-HMX
become: yes
roles:
- octavia-common
- octavia-health-manager
tasks:
- include: roles/octavia-health-manager/tasks/start.yml
- hosts: OCT-API
become: yes
roles:
- octavia-common
- octavia-housekeeping
tasks:
- include: roles/octavia-housekeeping/tasks/start.yml
0707010000000E000081A40000000000000000000000015EC6B07900000483000000000000000000000000000000000000003D00000000ardana-octavia-9.0+git.1590079609.a2ae6ab/octavia-status.yml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- hosts: OCT-API
become: yes
roles:
- octavia-api
tasks:
- include: roles/octavia-api/tasks/status.yml
- hosts: OCT-API
become: yes
roles:
- octavia-worker
tasks:
- include: roles/octavia-worker/tasks/status.yml
- hosts: OCT-HMX
become: yes
roles:
- octavia-health-manager
tasks:
- include: roles/octavia-health-manager/tasks/status.yml
- hosts: OCT-API
become: yes
roles:
- octavia-housekeeping
tasks:
- include: roles/octavia-housekeeping/tasks/status.yml
0707010000000F000081A40000000000000000000000015EC6B079000004CB000000000000000000000000000000000000003B00000000ardana-octavia-9.0+git.1590079609.a2ae6ab/octavia-stop.yml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- hosts: OCT-API
become: yes
roles:
- octavia-common
- octavia-api
tasks:
- include: roles/octavia-api/tasks/stop.yml
- hosts: OCT-API
become: yes
roles:
- octavia-common
- octavia-worker
tasks:
- include: roles/octavia-worker/tasks/stop.yml
- hosts: OCT-HMX
become: yes
roles:
- octavia-common
- octavia-health-manager
tasks:
- include: roles/octavia-health-manager/tasks/stop.yml
- hosts: OCT-API
become: yes
roles:
- octavia-common
- octavia-housekeeping
tasks:
- include: roles/octavia-housekeeping/tasks/stop.yml
07070100000010000081A40000000000000000000000015EC6B0790000068B000000000000000000000000000000000000003E00000000ardana-octavia-9.0+git.1590079609.a2ae6ab/octavia-upgrade.yml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- include: octavia-status.yml
# Install new venv
- include: _octavia-install.yml
- hosts: localhost
connection: local
roles:
- tls-trust
- octavia-common
tasks:
- include: roles/octavia-common/tasks/tls_bootstrap.yml
- include: roles/tls-trust/tasks/cert_csr.yml
- include: roles/tls-trust/tasks/cert_sign.yml
- include: roles/octavia-common/tasks/tls_copy.yml
- hosts: OCT-API
become: yes
roles:
- octavia-post-configure
tasks:
- include: roles/octavia-post-configure/tasks/keystone_conf.yml
ansible_python_interpreter: "{{ KEY_CLI.vars.keystone_client_python_interpreter }}"
# Configure services in a new venv
- include: _octavia-configure.yml
- hosts: OCT-API
become: yes
roles:
- octavia-post-configure
tasks:
- include: roles/octavia-post-configure/tasks/db_configure.yml
- include: roles/octavia-post-configure/tasks/neutron_to_octavia_migration.yml
# Restart services based on notifications set earlier
- include: octavia-start.yml
- include: octavia-status.yml
07070100000011000041ED0000000000000000000000085EC6B07900000000000000000000000000000000000000000000003000000000ardana-octavia-9.0+git.1590079609.a2ae6ab/roles07070100000012000041ED0000000000000000000000055EC6B07900000000000000000000000000000000000000000000003C00000000ardana-octavia-9.0+git.1590079609.a2ae6ab/roles/octavia-api07070100000013000041ED0000000000000000000000025EC6B07900000000000000000000000000000000000000000000004500000000ardana-octavia-9.0+git.1590079609.a2ae6ab/roles/octavia-api/defaults07070100000014000081A40000000000000000000000015EC6B079000002E6000000000000000000000000000000000000004E00000000ardana-octavia-9.0+git.1590079609.a2ae6ab/roles/octavia-api/defaults/main.yml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# This file will contain the default values for the octavia server
---
octavia_component: octavia-api
07070100000015000041ED0000000000000000000000025EC6B07900000000000000000000000000000000000000000000004200000000ardana-octavia-9.0+git.1590079609.a2ae6ab/roles/octavia-api/tasks07070100000016000081A40000000000000000000000015EC6B07900000471000000000000000000000000000000000000005000000000ardana-octavia-9.0+git.1590079609.a2ae6ab/roles/octavia-api/tasks/configure.yml#
# (c) Copyright 2016-2017 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- include: ../../octavia-common/tasks/create_systemd_service.yml
octavia_service_cmd: "octavia-api"
octavia_service_cmd_args: "--config-file={{ octavia_conf_dir }}/octavia-api.conf"
- name: octavia-api | configure | set octavia log file ownership
become: yes
file:
path: "{{ octavia_log_dir }}/{{ item }}"
owner: "{{ octavia_user }}"
group: "{{ octavia_log_file_group }}"
mode: 0640
state: touch
with_items:
- octavia-api.log
- octavia-api-json.log
07070100000017000081A40000000000000000000000015EC6B0790000043F000000000000000000000000000000000000004C00000000ardana-octavia-9.0+git.1590079609.a2ae6ab/roles/octavia-api/tasks/start.yml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- name: octavia-api | start | Restart the octavia-api
service: name=octavia-api state=restarted
when: (ardana_notify_octavia_restart_required is defined and
ardana_notify_octavia_restart_required.changed) or
(ardana_notify_octavia_api_restart_required is defined and
ardana_notify_octavia_api_restart_required.changed)
- name: octavia-api | start | Start the octavia-api
service: name=octavia-api state=started
07070100000018000081A40000000000000000000000015EC6B079000002BE000000000000000000000000000000000000004D00000000ardana-octavia-9.0+git.1590079609.a2ae6ab/roles/octavia-api/tasks/status.yml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- include: ../../octavia-common/tasks/_service_status.yml
07070100000019000081A40000000000000000000000015EC6B079000002E0000000000000000000000000000000000000004B00000000ardana-octavia-9.0+git.1590079609.a2ae6ab/roles/octavia-api/tasks/stop.yml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- name: octavia-api | stop | Stop the octavia-api
service: name=octavia-api state=stopped
0707010000001A000041ED0000000000000000000000025EC6B07900000000000000000000000000000000000000000000004100000000ardana-octavia-9.0+git.1590079609.a2ae6ab/roles/octavia-api/vars0707010000001B000081A40000000000000000000000015EC6B07900000283000000000000000000000000000000000000004A00000000ardana-octavia-9.0+git.1590079609.a2ae6ab/roles/octavia-api/vars/main.yml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
0707010000001C000041ED0000000000000000000000085EC6B07900000000000000000000000000000000000000000000003F00000000ardana-octavia-9.0+git.1590079609.a2ae6ab/roles/octavia-common0707010000001D000041ED0000000000000000000000025EC6B07900000000000000000000000000000000000000000000004800000000ardana-octavia-9.0+git.1590079609.a2ae6ab/roles/octavia-common/defaults0707010000001E000081A40000000000000000000000015EC6B07900001DC5000000000000000000000000000000000000005100000000ardana-octavia-9.0+git.1590079609.a2ae6ab/roles/octavia-common/defaults/main.yml#
# (c) Copyright 2016-2017 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017-2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
mysql:
host: "{{ OCT_API.consumes_FND_MDB.vips.private[0].host }}"
octavia_user: "{{ OCT_API.consumes_FND_MDB.vars.accounts.octavia.username }}"
octavia_password: "{{ OCT_API.consumes_FND_MDB.vars.accounts.octavia.password | quote }}"
use_tls: "{{ OCT_API.consumes_FND_MDB.vips.private[0].use_tls }}"
ca: "?ssl_ca={{ trusted_ca_bundle }}"
keystone:
admin_tenant: "{{ KEY_API.vars.keystone_admin_tenant }}"
service_tenant: "{{ KEY_API.vars.keystone_service_tenant }}"
auth_uri: "{{ OCT_API.consumes_KEY_API.vips.private[0].url }}"
identity_uri: "{{ OCT_API.consumes_KEY_API.vips.private[0].url }}"
endpoint: "{{ OCT_API.consumes_KEY_API.vips.private[0].url }}/v3"
octavia_admin_user: "{{ OCT_API.consumes_KEY_API.vars.keystone_octavia_user }}"
octavia_admin_password: "{{ OCT_API.consumes_KEY_API.vars.keystone_octavia_password | quote }}"
octavia_project_name: "{{ OCT_API.consumes_KEY_API.vars.octavia_admin_project }}"
admin_user: "{{ KEY_API.vars.keystone_admin_user }}"
admin_password: "{{ KEY_API.vars.keystone_admin_pwd | quote }}"
default_domain_name: "{{ KEY_API.vars.keystone_default_domain }}"
admin_role: "{{ KEY_API.vars.keystone_admin_role }}"
neutron:
admin_user: "{{ OCT_API.consumes_KEY_API.vars.keystone_neutron_user }}"
admin_password: "{{ OCT_API.consumes_KEY_API.vars.keystone_neutron_password | quote }}"
endpoint: "{{ OCT_API.consumes_NEU_SVR.vips.private[0].url }}"
nova:
endpoint: "{{ OCT_API.consumes_NOV_API.vips.private[0].url }}/v2.1"
rabbit:
members: "{{ OCT_API.consumes_FND_RMQ.members.private }}"
userid: "{{ OCT.consumes_FND_RMQ.vars.accounts.octavia.username }}"
password: "{{ OCT.consumes_FND_RMQ.vars.accounts.octavia.password }}"
use_ssl: "{{ OCT.consumes_FND_RMQ.members.private[0].use_tls }}"
health_manager:
members: "{{ OCT_API.consumes_OCT_HMX.members.private }}"
heartbeat_key: "{{ OCT_API.consumes_OCT_HMX.vars.heartbeat_key }}"
octavia_db_connection: "mysql+pymysql://{{ mysql.octavia_user }}:{{ mysql.octavia_password | urlencode }}@{{ mysql.host }}/octavia{% if mysql.use_tls %}{{ mysql.ca }}{% endif %}"
# Other variables
octavia_endpoint_type: "internalURL"
installation_directory: "/usr/share"
octavia_user: "octavia"
octavia_group: "octavia"
octavia_log_file_group: "adm"
keystone_service_tenant: "{{ keystone.service_tenant }}"
keystone_admin_tenant: "{{ keystone.admin_tenant }}"
keystone_admin_user: "{{ keystone.admin_user }}"
keystone_admin_password: "{{ keystone.admin_password }}"
keystone_endpoint: "{{ keystone.endpoint }}"
neutron_endpoint: "{{ neutron.endpoint }}"
nova_endpoint: "{{ nova.endpoint }}"
keystone_default_domain: "{{ keystone.default_domain_name }}"
octavia_log_dir: "/var/log/octavia"
octavia_common_rundir: "/var/run/octavia"
octavia_project_domain_name: "{{ keystone.default_domain_name }}"
octavia_user_domain_name: "{{ keystone.default_domain_name }}"
octavia_project_name: "{{ keystone.octavia_project_name }}"
octavia_neutron_admin_role: "neutron_admin"
octavia_region_name: "{{ OCT.regions | first }}"
# Packages required by all roles
# Note: individual roles override this list during their respective installs
#required_packages:
# - ipset
# - iptables
## [DEFAULT]
octavia_bind_host: "{% if host.bind.OCT_API is defined %}{{ host.bind.OCT_API.internal.ip_address }}{% endif %}"
octavia_bind_port: "9876"
## [health_manager]
octavia_healthmanager_bind_host: "{{ octavia_bind_host }}"
octavia_healthmanager_port: "5555"
octavia_healthmanager_hosts: "{% for x in health_manager.members %}{{ x.ip_address }}:{{ x.port }}{%if not loop.last %},{% endif %}{% endfor %}"
octavia_heartbeat_key: "{{ health_manager.heartbeat_key }}"
octavia_heartbeat_interval: 10
octavia_health_check_interval: 3
### RabbitMQ
octavia_rabbit_hosts: "{% for x in rabbit.members %}{{ x.host }}:{{ x.port }}{%if not loop.last %},{% endif %}{% endfor %}"
octavia_rabbit_userid: "{{ rabbit.userid }}"
octavia_rabbit_password: "{{ rabbit.password }}"
octavia_rabbit_use_ssl: "{{ rabbit.use_ssl }}"
octavia_rabbit_hosts_url: >-
{%- for x in rabbit.members -%}
{{ octavia_rabbit_userid }}:{{ octavia_rabbit_password }}@{{ x.host }}:{{ x.port }}{%- if not loop.last -%},{%- endif -%}
{%- endfor -%}
octavia_transport_url: "rabbit://{{ octavia_rabbit_hosts_url }}//"
## [keystone_authtoken]
octavia_auth_endpoint: "{{ keystone.endpoint }}"
octavia_identity_uri: "{{ keystone.identity_uri }}"
octavia_admin_user: "{{ keystone.octavia_admin_user }}"
octavia_admin_password: "{{ keystone.octavia_admin_password }}"
octavia_ca_file: "{{ trusted_ca_bundle }}"
## [certificates]
octavia_ca_private_key_passphrase: "foobar"
octavia_ca_private_key: "{{ octavia_conf_dir }}/certs/private/cakey.pem"
octavia_ca_certificate: "{{ octavia_conf_dir }}/certs/cacert.pem"
## [haproxy_amphora]
octavia_server_ca: "{{ octavia_conf_dir}}/certs/cacert.pem"
octavia_client_ca: "{{ octavia_conf_dir}}/certs/client_ca.pem"
octavia_client_cert: "{{ octavia_conf_dir}}/certs/client.pem"
octavia_client_cert_monitoring: "{{ octavia_conf_dir}}/client_monitoring.pem"
octavia_key_path: "{{ octavia_conf_dir}}/.ssh/octavia_ssh_key"
# haproxy_template = /var/lib/octavia/custom_template
# The following may need to be an absolute location:
# base_log_dir = /logs
## [barbican]
neutron_admin_user: "{{ neutron.admin_user }}"
neutron_admin_password: "{{ neutron.admin_password }}"
octavia_mgmt_net: "{{ config_data.OCT.amp_network_name }}"
octavia_mgmt_sec_group: "lb-mgmt-sec-group"
octavia_nova_flavor_name: "m1.lbaas.amphora"
# This is set later once the image is unpacked
octavia_amp_image_id: ""
octavia_amp_image_tag: "amphora"
octavia_user_domain_name: "{{ keystone.default_domain_name }}"
octavia_project_domain_name: "{{ keystone.default_domain_name }}"
## variables needed by _write_conf.yml
write_conf_file_owner: "{{ octavia_user }}"
write_conf_file_group: "{{ octavia_group }}"
# tls stuff
tls_temp_dir: "/tmp/ardana_octavia_tls/"
tls_req_dir: "/tmp/ardana_octavia_tls/"
tls_req_file: "ardana-octavia-req"
tls_certs_dir: "/tmp/ardana_octavia_certs/"
tls_ca_cert_file: "cacert.pem"
tls_ca_key_file: "cakey.pem"
tls_index_file: "{{ tls_temp_dir }}/indext.txt"
tls_serial_file: "{{ tls_temp_dir }}/serial"
tls_cert_file: "{{ tls_certs_dir }}/client.pem"
tls_server_ca_file: "serverca_01.pem"
tls_server_ca_key_file: "servercakey.pem"
# need Neutron database connection string to migrate load balancer data
neutron_mysql:
db_ssl: "{% if NEU_SVR.consumes_FND_MDB.vips.private[0].use_tls %}?ssl_ca={{ trusted_ca_bundle }}{% endif %}"
host: "{{ NEU_SVR.consumes_FND_MDB.vips.private[0].host }}"
admin_user: "{{ NEU_SVR.consumes_FND_MDB.vars.accounts.neutron.username }}"
admin_password: "{{ NEU_SVR.consumes_FND_MDB.vars.accounts.neutron.password | quote }}"
neutron_db_connection: "mysql+pymysql://{{ neutron_mysql.admin_user }}:{{ neutron_mysql.admin_password | urlencode }}@{{ neutron_mysql.host }}/ovs_neutron{{ neutron_mysql.db_ssl }}"
0707010000001F000041ED0000000000000000000000025EC6B07900000000000000000000000000000000000000000000004500000000ardana-octavia-9.0+git.1590079609.a2ae6ab/roles/octavia-common/files07070100000020000081A40000000000000000000000015EC6B07900000687000000000000000000000000000000000000005000000000ardana-octavia-9.0+git.1590079609.a2ae6ab/roles/octavia-common/files/cacert.pem-----BEGIN CERTIFICATE-----
MIIEpDCCA4ygAwIBAgIJAN1H61H2/+beMA0GCSqGSIb3DQEBBQUAMIGSMQswCQYD
VQQGEwJVUzELMAkGA1UECBMCQ0ExEjAQBgNVBAcTCVNhbiBEaWVnbzEMMAoGA1UE
ChMDSFBFMQ4wDAYDVQQLEwVDbG91ZDEmMCQGA1UEAxMdSGVsaW9uIE9jdGF2aWEg
Q2xpZW50IERlbW8gQ0ExHDAaBgkqhkiG9w0BCQEWDWxiYWFzQGhwZS5jb20wHhcN
MTYwMjE4MTY0NzM3WhcNMzYwMjEzMTY0NzM3WjCBkjELMAkGA1UEBhMCVVMxCzAJ
BgNVBAgTAkNBMRIwEAYDVQQHEwlTYW4gRGllZ28xDDAKBgNVBAoTA0hQRTEOMAwG
A1UECxMFQ2xvdWQxJjAkBgNVBAMTHUhlbGlvbiBPY3RhdmlhIENsaWVudCBEZW1v
IENBMRwwGgYJKoZIhvcNAQkBFg1sYmFhc0BocGUuY29tMIIBIjANBgkqhkiG9w0B
AQEFAAOCAQ8AMIIBCgKCAQEA9LMukgQrFSyIwROGuvjHswfv0571kcXHm43/1fnU
/9MJNtrkt+p5xiNw+f1S6Oarkv7R5ALf1I8/G4J4RQCWYUBjiozz9d2MtrFAIM+G
JWIK7erzLQ85SWxN5/6or/E9WRrxocRRbbrB0+fNHm6RWtbIK0V5yjC3QxemQ975
H73F/Y1aIgfSjgjbuIwuUiy6/rl9WowDXsJY977ZsTrv4vJvklDo2bdy9zgZ1UNi
uKRGYwhFtuVwjOkl3G8OVIyciuOZrqiQ6RTI25VM6DV2M4+tGha6Ra8wSNbjT2Vp
Qxo4ywTJ5qSMm440QZCkvKUNUseewaI/I1dcSoJxeoX9pQIDAQABo4H6MIH3MB0G
A1UdDgQWBBR329ZEypvomN5ynDmoeVrsAXFXZTCBxwYDVR0jBIG/MIG8gBR329ZE
ypvomN5ynDmoeVrsAXFXZaGBmKSBlTCBkjELMAkGA1UEBhMCVVMxCzAJBgNVBAgT
AkNBMRIwEAYDVQQHEwlTYW4gRGllZ28xDDAKBgNVBAoTA0hQRTEOMAwGA1UECxMF
Q2xvdWQxJjAkBgNVBAMTHUhlbGlvbiBPY3RhdmlhIENsaWVudCBEZW1vIENBMRww
GgYJKoZIhvcNAQkBFg1sYmFhc0BocGUuY29tggkA3UfrUfb/5t4wDAYDVR0TBAUw
AwEB/zANBgkqhkiG9w0BAQUFAAOCAQEAOb4yRfE5sekBxMoiXE/NAtH9rciHCKno
RZ3ysVJ3kXwV29S27ziPM+JEe8A8HO8jXVw8DQA2VcBlU2cBOgzeV1CLMg/83IpW
vAcEXdfodWc0E79UPleaEGd0tVLxMjzxBVpasvcojpJO3FH9lpg9wLXZA6TfxZ4C
dCGdr5BDLI1sZG4QQ+h+9hh0Tqhx6YFgHUnt3HhvGK/tZ2iNPnw3ZCY8BPzGSKGK
3k/6X23cgtSAaRz91mmsy/DMlpGkPyGLA2G8dT9Mz+iPTz8Qbn8EvCom31y6P5pn
htvSgd7wb/FVU+8JWRhs6QuzTdRT802K4xjs9v7Ukl1cMGzVGycwug==
-----END CERTIFICATE-----
07070100000021000081A40000000000000000000000015EC6B0790000068F000000000000000000000000000000000000004F00000000ardana-octavia-9.0+git.1590079609.a2ae6ab/roles/octavia-common/files/cakey.pem-----BEGIN RSA PRIVATE KEY-----
MIIEpQIBAAKCAQEA9LMukgQrFSyIwROGuvjHswfv0571kcXHm43/1fnU/9MJNtrk
t+p5xiNw+f1S6Oarkv7R5ALf1I8/G4J4RQCWYUBjiozz9d2MtrFAIM+GJWIK7erz
LQ85SWxN5/6or/E9WRrxocRRbbrB0+fNHm6RWtbIK0V5yjC3QxemQ975H73F/Y1a
IgfSjgjbuIwuUiy6/rl9WowDXsJY977ZsTrv4vJvklDo2bdy9zgZ1UNiuKRGYwhF
tuVwjOkl3G8OVIyciuOZrqiQ6RTI25VM6DV2M4+tGha6Ra8wSNbjT2VpQxo4ywTJ
5qSMm440QZCkvKUNUseewaI/I1dcSoJxeoX9pQIDAQABAoIBAQCz6Gl9AYOLdcq1
6d1M6kwo3NT/CggSvQ8c1zIZ6C0qScakhhtS/Rm7C6OsqQukILRUxvUaZuKaLReA
6lPyp5PovKZy318ejV0/lOJJPUqrgYH3mp5fqqm7yd0djKYJdZxdPuoYvXYA7yZC
3lJ45WIJH5Db/6Cjf129/k1H6U/QfQ5TuUro6j7B6JC0wl8BFF1FmrFoXdOWAKb4
qsl504857Ff5zDuZsanT36x1LN0XWwCeoRuqL0N5i61e+TLGJ771xq2GTn8yUYue
IuCBB/QAbkLSf7yAQE5wC8245rIvsoHgVNOIvVnLqQI34AH0AUvLdbZsPFmn20ry
NM0GRPkBAoGBAP7iuI99k29Ked+81IBP/tilcx0pUb9rOHOMFVJeJTggRT0/1gF/
wLDXQkmHHPK9SLfxK3rFQuS1LxgmaKDKwhj5i6l6f8zk9fSZhbR6PynxNSwkn1X8
MDYZVoR3K7a/StHkVNKT/FoHMOK7qJjeXD38rHKLJDuGLw9QefWT67qJAoGBAPXF
D4n7hHS1+3Cgs13pw6IzO/ezrPZG0s5gY67/n41FJOCDKsFoFvUZk6DYaGQktpl8
sRYzVIWXICc93+kD2TFr00Q/6VIk7esVkUgTo6TVvpUvxJV2x4nC5HqINbpi+Ot0
h3tlGVQ8tPjwyp/CjgHONrSDEbnOGG6RY+niV3M9AoGAE/uOYKGFt4ntOB9DwbOD
1VRTTAv7PriXOmfXHBgJbvcItp6UlpV/c93McptHJ7izRMiBkiR49BlIUepg9Yov
4WlfC7Bw6I1iwwRuORIEdbNVadqNK16UIQmngMcfBDrHEOGHzOKRPDWoHX58308/
iBSRKIHEG26PrfGvPhOUvZECgYEAklYJkJEQJyYMVt14r1x3Pebft/dl7yXwcy11
bUeLSuR2tq+jD5HYyYu3GTiBv88UYoOaNavOkdSQMo1m+yltcz3Oh36+gEi42Rb4
cEAxWf5jAhV1KcGVwfMnc8YSp64ypI+388MYt82FvAwzubhwMacFb6nzLf0HEx7C
rQo2I8kCgYEAiAufrajQCiRCU0sS2J+53rPmyRQrEP0upxhJmj6MMRMExVvED8VN
hkY3544VW4tKVCMZBtDUxxcYm90xDiQtuCFKCW1taaVFwPWg+VdlYpZFv01bJhz/
AKHmXMuZtDK7wl3YJdrom6w2o+M5EugmViUV8TF2+1gli0o/mCpMJxY=
-----END RSA PRIVATE KEY-----
07070100000022000081A40000000000000000000000015EC6B07900000687000000000000000000000000000000000000005500000000ardana-octavia-9.0+git.1590079609.a2ae6ab/roles/octavia-common/files/serverca_01.pem-----BEGIN CERTIFICATE-----
MIIEpDCCA4ygAwIBAgIJAI5jCsK04Z18MA0GCSqGSIb3DQEBBQUAMIGSMQswCQYD
VQQGEwJVUzELMAkGA1UECBMCQ0ExEjAQBgNVBAcTCVNhbiBEaWVnbzEMMAoGA1UE
ChMDSFBFMQ4wDAYDVQQLEwVDbG91ZDEmMCQGA1UEAxMdSGVsaW9uIE9jdGF2aWEg
U2VydmVyIERlbW8gQ0ExHDAaBgkqhkiG9w0BCQEWDWxiYWFzQGhwZS5jb20wHhcN
MTYwMjE4MTY1NjQzWhcNMzYwMjEzMTY1NjQzWjCBkjELMAkGA1UEBhMCVVMxCzAJ
BgNVBAgTAkNBMRIwEAYDVQQHEwlTYW4gRGllZ28xDDAKBgNVBAoTA0hQRTEOMAwG
A1UECxMFQ2xvdWQxJjAkBgNVBAMTHUhlbGlvbiBPY3RhdmlhIFNlcnZlciBEZW1v
IENBMRwwGgYJKoZIhvcNAQkBFg1sYmFhc0BocGUuY29tMIIBIjANBgkqhkiG9w0B
AQEFAAOCAQ8AMIIBCgKCAQEAyhE+0IGAEpFnobw5DyOxw8jndPyR0MZRkIBCdYe4
7Dauf2dS5zNm0CmzplEBtudbxxgCF3YKavZqkPZQzsDfUxYr056vAnph3secQ1Gd
AzjC9SCuiIkzaG2E1ibjKg2KT8QXx+aUhGWbKUf2TRuN3OBAtoDiJskSmHAyvkpm
PLnMgJT+aGBibyBhSYF07WSKf3arI+WGJu5X3nH9VH5o17HwAOoLDNvVHQcXDg7q
VfWMFXH9MaG46Rox1LMN5kq9Ep3Elu0ec0Sap2wAts6BCWkM766N9jPz+iUDSBvf
AOezkZawmeNq/WaKZzdp3nd/cBQMABJu35NG0fRrFbWC8wIDAQABo4H6MIH3MB0G
A1UdDgQWBBTRQQSW794lYXblc87iSmOM72uvbzCBxwYDVR0jBIG/MIG8gBTRQQSW
794lYXblc87iSmOM72uvb6GBmKSBlTCBkjELMAkGA1UEBhMCVVMxCzAJBgNVBAgT
AkNBMRIwEAYDVQQHEwlTYW4gRGllZ28xDDAKBgNVBAoTA0hQRTEOMAwGA1UECxMF
Q2xvdWQxJjAkBgNVBAMTHUhlbGlvbiBPY3RhdmlhIFNlcnZlciBEZW1vIENBMRww
GgYJKoZIhvcNAQkBFg1sYmFhc0BocGUuY29tggkAjmMKwrThnXwwDAYDVR0TBAUw
AwEB/zANBgkqhkiG9w0BAQUFAAOCAQEAGusB9CMZiPEwg2UbsNMxxNKqD7UF56g4
ojl1UCbd0LdWAfwraZIk4A2m50o5kPQw3To1N6qTOGr3rzT2GkktrbB+Tfaluorq
LYjfwzNj72T1QCJOfgvJZEgBgTBIfWkJXa8FDyBMiPnlHZhnbxU4uNf2kJcqAmF+
otbwMJg96+qEXC6nICN0N6vNARZvLKT1mQZZ3SIhXnzX53aBya0ma4zOWc29kkn6
uachCLGpU7uRvFaP7dgpu0WoRiwmbg2IVhtkavg8tT1gv4KNyHP2uUyHrH12FINS
0bWZodG5Ty3eCYyc2QaJWZFUbXwPZGaspFxHhiMfPKAQ3AxjvD2CwQ==
-----END CERTIFICATE-----
07070100000023000081A40000000000000000000000015EC6B079000006D7000000000000000000000000000000000000005500000000ardana-octavia-9.0+git.1590079609.a2ae6ab/roles/octavia-common/files/servercakey.pem-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: DES-EDE3-CBC,056D586D079DEFCA
KnC/Yh4Od59N4S2HKuLFmcQfZWfPzexqENLmtrmxs6qi63jedoVcve3/ez9rSBbA
G9zBIyAtDvkjFPviDamA7x+MvsLrictOsuArbJYE+Hs2KVdqU47BsD8Y6HamA/HT
Ws5st0W7PKD0iH0X+05BKsRzpdbmbd3NpB9N4FQydfOjo9sPLVVrvsmo3FmEkERV
9UttXI4daA6GjfrOPz3n7HHJNOcQ+ObvBf7Bk0N69pBXvt3Q5jjZsc3XsfYRD29j
CjIalKg9ERUTNaEVVw2qQl0RIw8HrueN8WZBGB36YxWvatFVZ65X0hMgl808dgl6
cYRJ2HOvlodew/lDTcAgF7XQTHqlIAkD1od8HyTUq86A2+DARGYoeacTk5lhM1d+
uzfiS/mtB/0fl9gkPW4mBYdwd0l8kU06Jt5R475QItPRrpFx3Vty225lqV9+pVv4
M9MMXosXESsyOumzJjvJtmvG4Obh+75SH2B6kPRXojz3DiKgMRvf7HtgVEblyiOx
9a0J28ZS6OmUBA2bp3FQ5KEyZYXxWmNkCt6Jl699X+Qk0mq/AKLJB7BSgeX/Uc+O
SILejomGCyieW31seIJkUZCUso8N+1f19ZKdLZ7gj6sG/mayk6q9I66ak+FvBGNI
ICJDgqXEj4+sqo4oH55mK81TIQriZTGf7y2CnAfjTfZ6D/yW81Qw5aKtDtut2gj7
df8w1JEewbkEYZ7Jq5uYANTyAwNN4WNobf44XE2qx9RmcpcWwfSAXqwEv9Jk24S/
e8H1dPWpsm/fcRSG/8UiSBoswKPe9tU5UGeVok7Rl5D0lGPTMhYv6MYO41DcZMEW
yOb6QkRqbiYg0URIjTC2Wx7HN7X5XILzSqvKvhMuHiOAGCjzMtfJxlle5Zn1gl8L
x1egvp4/QDlwevPgzynGIRj9du4uG3Q+HacjSHw1HtggmG6VYhucBa+M12f0cFvm
+J0DX4086w5p8mnJJ1SYOwCU7j8u2+LGERAWG38KUCOmGG1KIkO2H+jO2ijS4Gij
domNSoJVHZGRFLQsBTCrjzgxijcTPz7CSF2MMHY1D1SvDRU+TWJqWpj8bENpGlc7
SYVaxW3oybJ/9jV/mSSgpMF2So1YR2bOwLxg2EB5B/7+3aqzcLs5nTgGaCCbyBxD
bvpIHr5bGWm6Mio/wkaQlbIA2slxF1dQHPVE+GUEMMb95SXSKhmgMJNLYcv0A/kC
PZ83OJhYH/quUgzVdbF1X5J0NGv/UXjHy4xRhFuMzs65X8Yrn5aCm9dM7mH9iEhu
0dfVM5jOBvqhTRblsyAYCoh+L5daU3AdCEY+1uAuC3fa33LltcNXMgsZdHsYliHG
LLXPX+zzOadacpNXlKO4u69gHPW7BlQPnfWG67zGxVhWoJzdWzVgPdMy9Bn8vWuj
zyErhApupUYSvcRTD3XrZjDLUnh0uFbtx1cFHcP8xCFU1wkCcc7tNvtmRSH6GNxJ
/OEsIoweWntdMKghaROLNxErN8/aCkyWMaerYXtMQeYy1kUqyDhS3C6cdyRIZsek
ejPcNJIwnp/ng3sZ11CVWK91BZJhReYUkiXArKjV+QDYY7SlhtgzfPha8KKsannY
-----END RSA PRIVATE KEY-----
07070100000024000041ED0000000000000000000000025EC6B07900000000000000000000000000000000000000000000004400000000ardana-octavia-9.0+git.1590079609.a2ae6ab/roles/octavia-common/meta07070100000025000081A40000000000000000000000015EC6B07900000263000000000000000000000000000000000000004D00000000ardana-octavia-9.0+git.1590079609.a2ae6ab/roles/octavia-common/meta/main.yml# (c) Copyright 2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
dependencies:
- role: tls-vars
07070100000026000041ED0000000000000000000000025EC6B07900000000000000000000000000000000000000000000004500000000ardana-octavia-9.0+git.1590079609.a2ae6ab/roles/octavia-common/tasks07070100000027000081A40000000000000000000000015EC6B07900000F5D000000000000000000000000000000000000006000000000ardana-octavia-9.0+git.1590079609.a2ae6ab/roles/octavia-common/tasks/_create_mgmt_sec_group.yml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- name: octavia-common | _create_mgmt_sec_group | Retrieve management subnet for single-cp
shell: >
openstack network show {{ octavia_mgmt_net_id.stdout }} | tr -d ' ' | grep "subnets" | cut -f 3 -d '|'
environment: &OS_ENV
OS_AUTH_URL: "{{ octavia_auth_endpoint }}"
OS_USERNAME: "{{ octavia_admin_user }}"
OS_PASSWORD: "{{ octavia_admin_password }}"
OS_PROJECT_NAME: "{{ octavia_project_name }}"
OS_USER_DOMAIN_NAME: "{{ octavia_user_domain_name }}"
OS_PROJECT_DOMAIN_NAME: "{{ octavia_project_domain_name }}"
OS_ENDPOINT_TYPE: "{{ octavia_endpoint_type }}"
OS_REGION_NAME: "{{ octavia_region_name }}"
OS_CACERT: "{{ octavia_ca_file }}"
OS_IDENTITY_API_VERSION: "3"
OS_AUTH_VERSION: "3"
OS_INTERFACE: "internal"
register: octavia_mgmt_subnet
run_once: true
- name: octavia-common | _create_mgmt_sec_group | Retrieve management subnet for multi-cp
shell: >
openstack network show {{ octavia_mgmt_net_id.stdout }} | tr -d ' ' | grep "subnets" | cut -f 3 -d '|'
environment:
OS_AUTH_URL: "{{ octavia_auth_endpoint }}"
OS_USERNAME: "{{ octavia_admin_user }}"
OS_PASSWORD: "{{ octavia_admin_password }}"
OS_PROJECT_NAME: "{{ octavia_project_name }}"
OS_USER_DOMAIN_NAME: "{{ octavia_user_domain_name }}"
OS_PROJECT_DOMAIN_NAME: "{{ octavia_project_domain_name }}"
OS_ENDPOINT_TYPE: "{{ octavia_endpoint_type }}"
OS_REGION_NAME: "{{ octavia_region_name }}"
OS_CACERT: "{{ octavia_ca_file }}"
OS_IDENTITY_API_VERSION: "3"
OS_AUTH_VERSION: "3"
OS_INTERFACE: "internal"
register: octavia_mgmt_subnet
run_once_per: verb_hosts.OCT_API
- name: octavia-common | _create_mgmt_sec_group | Verify if management subnet was found
fail:
msg: "Management subnet was not found"
when: octavia_mgmt_subnet.stdout == ""
run_once_per: verb_hosts.OCT_API
- name: octavia-common | _create_mgmt_sec_group | Check if management security group exists
shell: >
openstack security group show {{ octavia_mgmt_sec_group }}
environment: *OS_ENV
register: octavia_mgmt_sec_group_check
ignore_errors: True
run_once_per: verb_hosts.OCT_API
- name: octavia-common | _create_mgmt_sec_group | Create management security group
shell: >
openstack security group create {{ octavia_mgmt_sec_group }} --description "Octavia Management Security Group"
environment: *OS_ENV
when: octavia_mgmt_sec_group_check|failed
run_once_per: verb_hosts.OCT_API
- name: octavia-common | _create_mgmt_sec_group | Get management security group id
shell: >
openstack security group list| grep {{ octavia_mgmt_sec_group }} | tr -d ' ' | cut -f 2 -d '|'
environment: *OS_ENV
register: octavia_mgmt_sec_group_id
run_once: true
- name: octavia-common | _create_mgmt_sec_group | Get management security group id
shell: >
openstack security group list| grep {{ octavia_mgmt_sec_group }} | tr -d ' ' | cut -f 2 -d '|'
environment: *OS_ENV
register: octavia_mgmt_sec_group_id
run_once_per: verb_hosts.OCT_API
- name: octavia-common | _create_mgmt_sec_group | rule, TCP 9443
shell: >
openstack security group rule create --protocol tcp --dst-port 9443:9443 {{ octavia_mgmt_sec_group }}
environment: *OS_ENV
ignore_errors: True
run_once_per: verb_hosts.OCT_API
07070100000028000081A40000000000000000000000015EC6B0790000117F000000000000000000000000000000000000005D00000000ardana-octavia-9.0+git.1590079609.a2ae6ab/roles/octavia-common/tasks/_create_nova_flavor.yml#
# (c) Copyright 2016-2017 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- name: octavia-common | _create_nova_flavor | Check if flavor exists
shell: >
nova flavor-show {{ octavia_nova_flavor_name }}
environment: &OS_ENV
OS_AUTH_URL: "{{ keystone_endpoint }}"
OS_USERNAME: "{{ keystone_admin_user }}"
OS_PASSWORD: "{{ keystone_admin_password }}"
OS_PROJECT_NAME: "{{ keystone_service_tenant }}"
OS_USER_DOMAIN_NAME: "{{ keystone_default_domain }}"
OS_PROJECT_DOMAIN_NAME: "{{ keystone_default_domain }}"
OS_ENDPOINT_TYPE: "{{ octavia_endpoint_type }}"
OS_REGION_NAME: "{{ octavia_region_name }}"
OS_CACERT: "{{ octavia_ca_file }}"
OS_IDENTITY_API_VERSION: "3"
OS_AUTH_VERSION: "3"
register: octavia_nova_flavor_check_result
ignore_errors: True
run_once_per: verb_hosts.OCT_API
- name: octavia-common | _create_nova_flavor | Create nova flavor
shell: >
nova flavor-create --is-public False {{ octavia_nova_flavor_name }} auto 1024 2 1
environment: *OS_ENV
when: octavia_nova_flavor_check_result|failed
run_once_per: verb_hosts.OCT_API
- name: octavia-common | _create_nova_flavor | Get octavia project id
shell: >
openstack project show -f value -c id {{ octavia_project_name }}
environment:
OS_AUTH_URL: "{{ keystone_endpoint }}"
OS_USERNAME: "{{ keystone_admin_user }}"
OS_PASSWORD: "{{ keystone_admin_password }}"
OS_USER_DOMAIN_NAME: "{{ keystone_default_domain }}"
OS_DOMAIN_NAME: "{{ keystone_default_domain }}"
OS_ENDPOINT_TYPE: "{{ octavia_endpoint_type }}"
OS_REGION_NAME: "{{ octavia_region_name }}"
OS_CACERT: "{{ octavia_ca_file }}"
OS_IDENTITY_API_VERSION: "3"
OS_AUTH_VERSION: "3"
when: octavia_nova_flavor_check_result|failed
register: project_id_results
changed_when: False
run_once_per: verb_hosts.OCT_API
- name: octavia-common | _create_nova_flavor | Assign tenant access to flavor
shell: >
nova flavor-access-add {{ octavia_nova_flavor_name }} {{ project_id_results.stdout }}
environment: *OS_ENV
when: octavia_nova_flavor_check_result|failed
run_once_per: verb_hosts.OCT_API
- name: octavia-common | _create_nova_flavor | Retrieve nova flavor_id for single-cp
shell: >
nova flavor-list | grep {{ octavia_nova_flavor_name }} | tr -d ' ' | cut -f 2 -d '|'
environment:
OS_AUTH_URL: "{{ octavia_auth_endpoint }}"
OS_USERNAME: "{{ octavia_admin_user }}"
OS_PASSWORD: "{{ octavia_admin_password }}"
OS_PROJECT_NAME: "{{ octavia_project_name }}"
OS_USER_DOMAIN_NAME: "{{ octavia_user_domain_name }}"
OS_PROJECT_DOMAIN_NAME: "{{ octavia_project_domain_name }}"
OS_ENDPOINT_TYPE: "{{ octavia_endpoint_type }}"
OS_REGION_NAME: "{{ octavia_region_name }}"
OS_CACERT: "{{ octavia_ca_file }}"
OS_IDENTITY_API_VERSION: "3"
OS_AUTH_VERSION: "3"
register: octavia_nova_flavor_id
run_once: true
# Duplicating it for the case of multi-cp environment so that this variable is registered
# for all the regions. Only this task will not work as this variable is required by all
# the controllers in single-cp environment also.
- name: octavia-common | _create_nova_flavor | Retrieve nova flavor_id for multi-cp
shell: >
nova flavor-list | grep {{ octavia_nova_flavor_name }} | tr -d ' ' | cut -f 2 -d '|'
environment:
OS_AUTH_URL: "{{ octavia_auth_endpoint }}"
OS_USERNAME: "{{ octavia_admin_user }}"
OS_PASSWORD: "{{ octavia_admin_password }}"
OS_PROJECT_NAME: "{{ octavia_project_name }}"
OS_USER_DOMAIN_NAME: "{{ octavia_user_domain_name }}"
OS_PROJECT_DOMAIN_NAME: "{{ octavia_project_domain_name }}"
OS_ENDPOINT_TYPE: "{{ octavia_endpoint_type }}"
OS_REGION_NAME: "{{ octavia_region_name }}"
OS_CACERT: "{{ octavia_ca_file }}"
OS_IDENTITY_API_VERSION: "3"
OS_AUTH_VERSION: "3"
register: octavia_nova_flavor_id
run_once_per: verb_hosts.OCT_API
07070100000029000081A40000000000000000000000015EC6B07900000CE0000000000000000000000000000000000000005B00000000ardana-octavia-9.0+git.1590079609.a2ae6ab/roles/octavia-common/tasks/_get_glance_image.yml#
# (c) Copyright 2016-2017 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017-2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- name: octavia-common | _get_glance_image | Get octavia project id
command: openstack \
project show -f value -c id {{ octavia_project_name }}
environment: &OS_ENV
OS_AUTH_URL: "{{ keystone_endpoint }}"
OS_USERNAME: "{{ keystone_admin_user }}"
OS_PASSWORD: "{{ keystone_admin_password }}"
OS_USER_DOMAIN_NAME: "{{ keystone_default_domain }}"
OS_DOMAIN_NAME: "{{ keystone_default_domain }}"
OS_ENDPOINT_TYPE: "{{ octavia_endpoint_type }}"
OS_REGION_NAME: "{{ octavia_region_name }}"
OS_CACERT: "{{ octavia_ca_file }}"
OS_IDENTITY_API_VERSION: "3"
OS_AUTH_VERSION: "3"
register: project_id_results
changed_when: False
- name: octavia-common | _get_glance_image | Set octavia_project_id
set_fact:
octavia_project_id: "{{ project_id_results.stdout }}"
when: project_id_results | success
- name: octavia-common | _get_glance_image | Get glance image ID
shell: >
glance image-list \
--sort-key created_at \
--sort-dir desc \
--owner {{ octavia_project_id }} | grep 'amphora' | awk 'NR==1{print $2; exit}'
environment:
OS_AUTH_URL: "{{ keystone_endpoint }}"
OS_USERNAME: "{{ keystone_admin_user }}"
OS_PASSWORD: "{{ keystone_admin_password }}"
OS_PROJECT_NAME: "{{ keystone_service_tenant }}"
OS_USER_DOMAIN_NAME: "{{ keystone_default_domain }}"
OS_PROJECT_DOMAIN_NAME: "{{ keystone_default_domain }}"
OS_ENDPOINT_TYPE: "{{ octavia_endpoint_type }}"
OS_REGION_NAME: "{{ octavia_region_name }}"
OS_CACERT: "{{ octavia_ca_file }}"
OS_IDENTITY_API_VERSION: "3"
OS_AUTH_VERSION: "3"
register: octavia_image_id_results
when: project_id_results | success
- name: octavia-common | _get_glance_image | Set octavia_amp_image_id
set_fact:
octavia_amp_image_id: "{{ octavia_image_id_results.stdout }}"
when: project_id_results | success and octavia_image_id_results | success
- name: octavia-common | _get_glance_image | Set octavia image tag
command: openstack \
image set --tag {{ octavia_amp_image_tag }} {{ octavia_amp_image_id }}
environment:
OS_AUTH_URL: "{{ keystone_endpoint }}"
OS_USERNAME: "{{ keystone_admin_user }}"
OS_PASSWORD: "{{ keystone_admin_password }}"
OS_USER_DOMAIN_NAME: "{{ keystone_default_domain }}"
OS_DOMAIN_NAME: "{{ keystone_default_domain }}"
OS_ENDPOINT_TYPE: "{{ octavia_endpoint_type }}"
OS_INTERFACE: "{{ octavia_endpoint_type }}"
OS_REGION_NAME: "{{ octavia_region_name }}"
OS_CACERT: "{{ octavia_ca_file }}"
OS_IDENTITY_API_VERSION: "3"
OS_AUTH_VERSION: "3"
when: octavia_image_id_results.stdout | length > 0
run_once: True
0707010000002A000081A40000000000000000000000015EC6B07900000989000000000000000000000000000000000000005B00000000ardana-octavia-9.0+git.1590079609.a2ae6ab/roles/octavia-common/tasks/_get_mgmt_network.yml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- name: octavia-common | _get_mgmt_network | Get management network for single-cp
shell: >
openstack network list | grep {{ octavia_mgmt_net }} | tr -d ' ' | cut -f 2 -d '|'
environment: &OS_ENV
OS_AUTH_URL: "{{ octavia_auth_endpoint }}"
OS_USERNAME: "{{ octavia_admin_user }}"
OS_PASSWORD: "{{ octavia_admin_password }}"
OS_PROJECT_NAME: "{{ octavia_project_name }}"
OS_USER_DOMAIN_NAME: "{{ octavia_user_domain_name }}"
OS_PROJECT_DOMAIN_NAME: "{{ octavia_project_domain_name }}"
OS_ENDPOINT_TYPE: "{{ octavia_endpoint_type }}"
OS_REGION_NAME: "{{ octavia_region_name }}"
OS_CACERT: "{{ octavia_ca_file }}"
OS_IDENTITY_API_VERSION: "3"
OS_AUTH_VERSION: "3"
OS_INTERFACE: "internal"
register: octavia_mgmt_net_id
run_once: true
- name: octavia-common | _get_mgmt_network | Get management network for multi-cp
shell: >
openstack network list | grep {{ octavia_mgmt_net }} | tr -d ' ' | cut -f 2 -d '|'
environment:
OS_AUTH_URL: "{{ octavia_auth_endpoint }}"
OS_USERNAME: "{{ octavia_admin_user }}"
OS_PASSWORD: "{{ octavia_admin_password }}"
OS_PROJECT_NAME: "{{ octavia_project_name }}"
OS_USER_DOMAIN_NAME: "{{ octavia_user_domain_name }}"
OS_PROJECT_DOMAIN_NAME: "{{ octavia_project_domain_name }}"
OS_ENDPOINT_TYPE: "{{ octavia_endpoint_type }}"
OS_REGION_NAME: "{{ octavia_region_name }}"
OS_CACERT: "{{ octavia_ca_file }}"
OS_IDENTITY_API_VERSION: "3"
OS_AUTH_VERSION: "3"
OS_INTERFACE: "internal"
register: octavia_mgmt_net_id
run_once_per: verb_hosts.OCT_API
- name: octavia-common | _get_mgmt_network | Verify if management network was found
fail: msg="Management network was not found"
when: octavia_mgmt_net_id.stdout == ""
run_once_per: verb_hosts.OCT_API
0707010000002B000081A40000000000000000000000015EC6B079000007C0000000000000000000000000000000000000006B00000000ardana-octavia-9.0+git.1590079609.a2ae6ab/roles/octavia-common/tasks/_install_configure_nlbaas2octavia.yml#
# (c) Copyright 2020 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- name: octavia-common | _install_configure_nlbaas2octavia |
Get octavia project id
command: openstack \
project show -f value -c id {{ octavia_project_name }}
environment: &OS_ENV
OS_AUTH_URL: "{{ keystone_endpoint }}"
OS_USERNAME: "{{ keystone_admin_user }}"
OS_PASSWORD: "{{ keystone_admin_password }}"
OS_USER_DOMAIN_NAME: "{{ keystone_default_domain }}"
OS_DOMAIN_NAME: "{{ keystone_default_domain }}"
OS_ENDPOINT_TYPE: "{{ octavia_endpoint_type }}"
OS_REGION_NAME: "{{ octavia_region_name }}"
OS_CACERT: "{{ octavia_ca_file }}"
OS_IDENTITY_API_VERSION: "3"
OS_AUTH_VERSION: "3"
register: project_id_results
changed_when: False
- name: octavia-common | _install_configure_nlbaas2octavia |
Set octavia_project_id
set_fact:
octavia_project_id: "{{ project_id_results.stdout }}"
when: project_id_results | success
- name: octavia-common | _install_configure_nlbaas2octavia |
Install nlbaas2octavia
template:
src: "nlbaas2octavia.j2"
dest: "{{ octavia_bin_dir }}/nlbaas2octavia"
owner: "root"
group: "root"
mode: 0755
- name: octavia-common | _install_configure_nlbaas2octavia |
Configure nlbaas2octavia
template:
src: "nlbaas2octavia.conf.j2"
dest: "{{ octavia_conf_dir }}/nlbaas2octavia.conf"
owner: "{{ octavia_user }}"
group: "{{ octavia_group }}"
mode: 0640
0707010000002C000081A40000000000000000000000015EC6B07900000319000000000000000000000000000000000000005B00000000ardana-octavia-9.0+git.1590079609.a2ae6ab/roles/octavia-common/tasks/_schedule_restart.yml#
# (c) Copyright 2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- name: octavia-common | _schedule_restart | Schedule a restart for all services
debug:
msg: "Trigger a change notification in octavia"
changed_when: true
register: ardana_notify_octavia_restart_required0707010000002D000081A40000000000000000000000015EC6B07900000519000000000000000000000000000000000000005900000000ardana-octavia-9.0+git.1590079609.a2ae6ab/roles/octavia-common/tasks/_service_status.yml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- name: octavia-common | status | Print service being checked
debug:
msg: "Running service check for {{ octavia_component }}"
run_once_per: verb_hosts.OCT_API
- name: octavia-common | status | Check systemd service running
command: systemctl status "{{ octavia_component }}"
ignore_errors: yes
changed_when: false
register: systemctl_status_result
- name: octavia-common | status | Report status
fail:
msg: |
{{ octavia_component }} is not running.
systemctl status {{ octavia_component }} output:
{{ systemctl_status_result.stdout }}
{{ systemctl_status_result.stderr }}
when: systemctl_status_result | failed
0707010000002E000081A40000000000000000000000015EC6B0790000056F000000000000000000000000000000000000006200000000ardana-octavia-9.0+git.1590079609.a2ae6ab/roles/octavia-common/tasks/_set_service_directories.yml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- name: Octavia Common | _set_service_directories | Set main configuration and bin directories - configure
set_fact:
octavia_conf_dir: "{{ 'octavia' | config_dir(octavia_install_result.version) }}"
octavia_bin_dir: "{{ 'octavia' | bin_dir(octavia_install_result.version) }}"
octavia_lib_dir: "{{ 'octavia' | jar_dir(octavia_install_result.version) }}"
when: octavia_install_result.version is defined
- name: Octavia Common | _set_service_directories | Set main configuration and bin directories - reconfigure
set_fact:
octavia_conf_dir: "{{ 'octavia' | config_dir() }}"
octavia_bin_dir: "{{ 'octavia' | bin_dir() }}"
octavia_lib_dir: "{{ 'octavia' | jar_dir() }}"
when: octavia_install_result.version is undefined
0707010000002F000081A40000000000000000000000015EC6B07900000748000000000000000000000000000000000000005500000000ardana-octavia-9.0+git.1590079609.a2ae6ab/roles/octavia-common/tasks/_write_conf.yml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- name: octavia-common | _write_conf | Check for pre-existing version of {{ dest }}
stat: path="{{ octavia_conf_dir }}/{{ dest }}"
register: conf_stat_result
- name: octavia-common | _write_conf | get timestamp
command: date +%Y%m%d%H%M%S
register: time_result
- name: octavia-common | _write_conf | Create a backup version of the existing {{ dest }} file
command: cp {{ octavia_conf_dir }}/{{ dest }} {{ octavia_conf_dir }}/{{ dest }}.{{ time_result.stdout }}
when: conf_stat_result.stat.exists
- name: octavia-common | _write_conf | Template {{ dest }}
template:
src: "{{ src }}"
dest: "{{ octavia_conf_dir }}/{{ dest }}"
owner: "{{ write_conf_file_owner }}"
group: "{{ write_conf_file_group }}"
mode: "{{ mode | default('0640') }}"
register: write_conf_result
- name: octavia-common | _write_conf | Delete backup file that has not changed.
file:
path: "{{ octavia_conf_dir }}/{{ dest }}.{{ time_result.stdout }}"
state: absent
when: write_conf_result.changed==false
- name: octavia-common | _write_conf | remove all but last 10 backups of {{dest }}
shell: ls -td {{ octavia_conf_dir }}/{{ dest }}.* |awk 'NR>10' |xargs rm -f
when: conf_stat_result.stat.exists
07070100000030000081A40000000000000000000000015EC6B07900001760000000000000000000000000000000000000005300000000ardana-octavia-9.0+git.1590079609.a2ae6ab/roles/octavia-common/tasks/configure.yml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017-2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
# This .yml sets all facts related to Octavia_conf_dir and Octavia_bin_dir
- include: _set_service_directories.yml
- name: octavia-common | configure | Check for presence of group '{{ octavia_group }}'
command: "grep -q {{ octavia_group }} /etc/group"
register: group_chk_result
ignore_errors: True
- name: octavia-common | configure | Add group '{{ octavia_group }}'
group: name={{ octavia_group }} system=yes
when: group_chk_result|failed
- name: octavia-common | configure | Check for presence of user '{{ octavia_user }}'
command: "id {{ octavia_user }}"
register: user_chk_result
ignore_errors: True
- name: octavia-common | configure | Delete sudoers
file: path=/etc/sudoers.d/octavia state=absent
- name: octavia-common | configure | Add user '{{ octavia_user }}'
user: name={{ octavia_user }} group={{ octavia_group }} system=yes createhome=no home=/var/lib/octavia shell=/bin/false
when: user_chk_result|failed
- name: octavia-common | configure | Set permissions of {{ installation_directory }}/octavia hierarchy
file: path={{ installation_directory }}/octavia owner={{ octavia_user }} group={{ octavia_group }} state=directory recurse=yes
- name: octavia-common | configure | Set permissions of {{ installation_directory }}/octavia templates
file: path={{ installation_directory }}/octavia owner={{ octavia_user }} group={{ octavia_group }} mode=0755 state=directory
- name: octavia-common | configure | Create logging directory
file: path=/var/log/octavia owner={{ octavia_user }} group={{ octavia_group }} mode=0775 state=directory
- name: octavia-common | configure | Create /var/lib/octavia directory
file: path=/var/lib/octavia owner={{ octavia_user }} group={{ octavia_group }} mode=0770 state=directory
# Note this also sets the ownership and mode if the directory already exists.
- name: octavia-common | configure | Create systemd service directory if not exists
file:
path: "{{ systemd_service_dir }}"
state: directory
mode: 0755
owner: "root"
group: "root"
- name: octavia-common | configure | Create common run directory service file
template:
dest: "{{ systemd_service_dir }}{{ octavia_common_rundir_service }}"
owner: "root"
group: "root"
mode: 0644
src: "{{ octavia_common_rundir_service }}.j2"
## Get management service network,sec group, flavor and image IDs for *.conf files
- include: _get_mgmt_network.yml
- include: _create_mgmt_sec_group.yml
- include: _create_nova_flavor.yml
- include: _get_glance_image.yml
- include: _write_conf.yml
src: "../templates/octavia-api.conf.j2"
dest: "octavia-api.conf"
- name: octavia-common | configure | octavia-api.conf change
command: /bin/true
register: ardana_notify_octavia_api_restart_required
when: write_conf_result.changed==true
- include: _write_conf.yml
src: "../templates/octavia-api-logging.conf.j2"
dest: "octavia-api-logging.conf"
- name: octavia-common | configure | octavia-api-logging.conf change
command: /bin/true
register: ardana_notify_octavia_api_restart_required
when: write_conf_result.changed==true
- include: _write_conf.yml
src: "../templates/octavia-worker.conf.j2"
dest: "octavia-worker.conf"
- name: octavia-common | configure | octavia-worker.conf change
command: /bin/true
register: ardana_notify_octavia_worker_restart_required
when: write_conf_result.changed==true
- include: _write_conf.yml
src: "../templates/octavia-worker-logging.conf.j2"
dest: "octavia-worker-logging.conf"
- name: octavia-common | configure | octavia-worker-logging.conf change
command: /bin/true
register: ardana_notify_octavia_worker_restart_required
when: write_conf_result.changed==true
- include: _write_conf.yml
src: "../templates/octavia-health-manager.conf.j2"
dest: "octavia-health-manager.conf"
- name: octavia-common | configure | octavia-health-manager.conf change
command: /bin/true
register: ardana_notify_octavia_health_manager_restart_required
when: write_conf_result.changed==true
- include: _write_conf.yml
src: "../templates/octavia-hm-logging.conf.j2"
dest: "octavia-hm-logging.conf"
- name: octavia-common | configure | octavia-hm-logging.conf change
command: /bin/true
register: ardana_notify_octavia_health_manager_restart_required
when: write_conf_result.changed==true
- include: _write_conf.yml
src: "../templates/octavia-housekeeping.conf.j2"
dest: "octavia-housekeeping.conf"
- name: octavia-common | configure | octavia-housekeeping.conf change
command: /bin/true
register: ardana_notify_octavia_housekeeping_restart_required
when: write_conf_result.changed==true
- include: _write_conf.yml
src: "../templates/octavia-hk-logging.conf.j2"
dest: "octavia-hk-logging.conf"
- name: octavia-common | configure | octavia-hk-logging.conf change
command: /bin/true
register: ardana_notify_octavia_housekeeping_restart_required
when: write_conf_result.changed==true
- name: octavia-common | configure | Copy alembic.ini
template:
src: "../templates/alembic.ini.j2"
dest: "{{ octavia_lib_dir }}/python2.7/site-packages/octavia/db/migration/alembic.ini"
owner: "root"
group: "root"
mode: 0664
- include: _write_conf.yml
src: "../templates/policy.json.j2"
dest: "policy.json"
- include: _install_configure_nlbaas2octavia.yml
07070100000031000081A40000000000000000000000015EC6B07900000643000000000000000000000000000000000000006000000000ardana-octavia-9.0+git.1590079609.a2ae6ab/roles/octavia-common/tasks/create_systemd_service.yml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- name: octavia-common | create_systemd_service | Start
debug:
msg: "Setting up the systemd service for {{ octavia_service_cmd }}"
- name: octavia-common | create_systemd_service | setup restart hold time
set_fact:
restart_hold: "{{ service_restart_hold | default('100ms') }}"
- name: octavia-common | create_systemd_service | Construct command string
set_fact:
octavia_component_exec_start: "{{ octavia_bin_dir }}/{{ octavia_service_cmd }} {{ octavia_service_cmd_args | default('') }}"
- name: octavia-common | create_systemd_service | Writing systemd service file
template:
src: "octavia-component.service.j2"
dest: "{{ systemd_service_dir }}{{ octavia_component }}.service"
owner: "root"
group: "root"
mode: "0644"
register:
service_file_result
- name: octavia-common | create_systemd_service | add service to systemd
command: /bin/systemctl daemon-reload
when:
service_file_result.changed==true
07070100000032000081A40000000000000000000000015EC6B07900000538000000000000000000000000000000000000005100000000ardana-octavia-9.0+git.1590079609.a2ae6ab/roles/octavia-common/tasks/install.yml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017-2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
#- include: common_install.yml
# Install Octavia
- name: octavia-common | install | Update venv cache
become: yes
install_package:
cache: update
- name: octavia-common | install | Install Octavia package
install_package:
name: octavia
service: octavia
state: present
activate: act_off
register: octavia_install_result
- name: octavia-common | install | Notify restart on install
command: /bin/true
register: ardana_notify_octavia_restart_required
when: octavia_install_result.changed
#- name: Octavia Common | install | Notify restart on package update
# set_fact:
# octavia_restart_required: true
# when: check_updated_packages_result.changed
07070100000033000081A40000000000000000000000015EC6B079000003C0000000000000000000000000000000000000005800000000ardana-octavia-9.0+git.1590079609.a2ae6ab/roles/octavia-common/tasks/remote_monitor.yml# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- name: octavia-common | remote_monitor | Setup active check against Octavia API
become: yes
monasca_agent_plugin:
name: "httpcheck"
args:
url: "{{ OCT_API.consumes_OCT_API.vips.private[0].url }}"
dimensions: "service:octavia,component:octavia-api,monitored_host_type:vip,api_endpoint:private"
07070100000034000081A40000000000000000000000015EC6B07900000464000000000000000000000000000000000000006600000000ardana-octavia-9.0+git.1590079609.a2ae6ab/roles/octavia-common/tasks/setup_monasca_service_plugin.yml# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- name: octavia-common | setup_monasca_service_plugin | Run Monasca agent Octavia detection plugin
become: yes
monasca_agent_plugin:
name: "octavia"
args: "disable_http_check=yes"
- name: octavia-common | setup_monasca_service_plugin |
Run Monasca detection plugin for Octavia client cert
become: yes
monasca_agent_plugin:
name: CertificateFileCheck
args:
cert_files: "{{ octavia_client_cert_monitoring }}"
dimensions: "service:octavia"
07070100000035000081A40000000000000000000000015EC6B079000004C9000000000000000000000000000000000000004F00000000ardana-octavia-9.0+git.1590079609.a2ae6ab/roles/octavia-common/tasks/start.yml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- name: Octavia Common | start | Set run directory to be created at boot
service:
name: "{{ octavia_common_rundir_service }}"
enabled: yes
- name: Octavia Common | start | Create run directory now
file:
path={{ octavia_common_rundir }}
owner={{ octavia_user }}
group={{ octavia_group }}
mode=0775
state=directory
- name: Octavia Common | start | Activate the latest install
install_package:
name: octavia
service: octavia
activate: act_on
version: "{{ octavia_install_result.version }}"
when: octavia_install_result is defined
07070100000036000081A40000000000000000000000015EC6B079000006AA000000000000000000000000000000000000005700000000ardana-octavia-9.0+git.1590079609.a2ae6ab/roles/octavia-common/tasks/tls_bootstrap.yml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
# Inspired by tls-trust package
# TODO Consider using secure delete
- name: octavia-common | cert_bootstrap | remove working directory to get rid of old creds
file:
path: "{{ tls_temp_dir }}"
state: absent
- name: octavia-common | cert_bootstrap | copy support files
copy:
src: "{{ item }}"
dest: "{{ tls_temp_dir }}"
with_items:
- "{{ tls_ca_cert_file }}"
- "{{ tls_ca_key_file }}"
- name: "octavia-common | cert_bootstrap | Apply template: {{ item }}"
template:
src: "{{ item }}.j2"
dest: "{{ tls_temp_dir }}/{{ item }}"
with_items:
- "openssl.cnf"
- name: octavia-common | cert_bootstrap | Create an index.txt file
command: "touch {{ tls_index_file }}"
- name: octavia-common | cert_bootstrap | Create and assign a random serial number
command: "/usr/bin/openssl rand -hex -out {{ tls_serial_file }} 6"
args:
chdir: "{{ tls_temp_dir }}"
- name: octavia-common | cert_req | Create an internal Cert Req
template:
src: ardana-octavia-req.j2
dest: "{{ tls_temp_dir }}/{{ tls_req_file }}"
07070100000037000081A40000000000000000000000015EC6B07900000399000000000000000000000000000000000000005200000000ardana-octavia-9.0+git.1590079609.a2ae6ab/roles/octavia-common/tasks/tls_copy.yml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- name: tls-trust | cert_copy | Make sure directory exists
file:
path: "{{ tls_certs_dir }}"
state: directory
- name: tls-trust | cert_copy | create an internal vip cert
shell: "cat key.pem cert.pem > {{ tls_cert_file }}"
args:
chdir: "{{ tls_temp_dir }}"
07070100000038000081A40000000000000000000000015EC6B07900000E70000000000000000000000000000000000000005400000000ardana-octavia-9.0+git.1590079609.a2ae6ab/roles/octavia-common/tasks/tls_deploy.yml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- name: octavia-common | tls_deploy | create cert dir
file:
path: "{{ octavia_conf_dir}}/certs"
state: directory
owner: "{{ octavia_user }}"
group: "{{ octavia_group }}"
mode: 0750
- name: octavia-common | tls_deploy | create cert private dir
file:
path: "{{ octavia_conf_dir}}/certs/private"
state: directory
owner: "{{ octavia_user }}"
group: "{{ octavia_group }}"
mode: 0700
- name: octavia-common | tls_deploy | deploy client cert to server
copy:
src: "{{ tls_cert_file }}"
dest: "{{ octavia_client_cert }}"
owner: "{{ octavia_user }}"
group: "{{ octavia_group }}"
mode: 0440
register: tls_deploy_result
# NOTE(gyee): Since the provisioned client certificate is consisted of
# both certificate and private key, we need to separate out the certificate
# portion for monitoring without having to compromise the private key.
# This is done by copying the certificate to a different file and make it
# readable by the world. Making certificate readable by the world is NOT a
# problem as it is TLS certificate is public information.
- name: octavia-common | tls_deploy | separate out client cert for monitoring
become: yes
shell: >
openssl x509 -in {{ octavia_client_cert }}
-out {{ octavia_client_cert_monitoring }} -outform PEM
- name: octavia-common | tls_deploy | Make sure monitoring cert is readable
become: yes
file:
path: "{{ octavia_client_cert_monitoring }}"
mode: '0644'
- name: octavia-common | tls_deploy | deploy client cert to server result
command: /bin/true
register: ardana_notify_octavia_restart_required
when: tls_deploy_result.changed==true
- name: octavia-common | tls_deploy | deploy client ca to server
copy:
src: "{{ tls_ca_cert_file }}"
dest: "{{ octavia_client_ca }}"
owner: "{{ octavia_user }}"
group: "{{ octavia_group }}"
mode: 0440
register: tls_deploy_result
- name: octavia-common | tls_deploy | deploy client ca to server result
command: /bin/true
register: ardana_notify_octavia_restart_required
when: tls_deploy_result.changed==true
- name: octavia-common | tls_deploy | deploy server ca to server
copy:
src: "{{ tls_server_ca_file }}"
dest: "{{ octavia_ca_certificate }}"
owner: "{{ octavia_user }}"
group: "{{ octavia_group }}"
mode: 0440
register: tls_deploy_result
- name: octavia-common | tls_deploy | deploy server ca to server result
command: /bin/true
register: ardana_notify_octavia_restart_required
when: tls_deploy_result.changed==true
- name: octavia-common | tls_deploy | deploy server ca key to server
copy:
src: "{{ tls_server_ca_key_file }}"
dest: "{{ octavia_ca_private_key }}"
owner: "{{ octavia_user }}"
group: "{{ octavia_group }}"
mode: 0440
register: tls_deploy_result
- name: octavia-common | tls_deploy | deploy server ca key to server result
command: /bin/true
register: ardana_notify_octavia_restart_required
when: tls_deploy_result.changed==true
07070100000039000041ED0000000000000000000000025EC6B07900000000000000000000000000000000000000000000004900000000ardana-octavia-9.0+git.1590079609.a2ae6ab/roles/octavia-common/templates0707010000003A000081A40000000000000000000000015EC6B07900000731000000000000000000000000000000000000005800000000ardana-octavia-9.0+git.1590079609.a2ae6ab/roles/octavia-common/templates/alembic.ini.j2{#
#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
#}
# A generic, single database configuration.
[alembic]
# path to migration scripts
script_location = %(here)s/alembic_migrations
# template used to generate migration files
# file_template = %%(rev)s_%%(slug)s
# max length of characters to apply to the
# "slug" field
#truncate_slug_length = 40
# set to 'true' to run the environment during
# the 'revision' command, regardless of autogenerate
# revision_environment = false
# set to 'true' to allow .pyc and .pyo files without
# a source .py file to be detected as revisions in the
# versions/ directory
# sourceless = false
#sqlalchemy.url = mysql+pymysql://root:password@localhost/octavia
sqlalchemy.url = {{ octavia_db_connection }}
# Logging configuration
[loggers]
keys = root,sqlalchemy,alembic
[handlers]
keys = console
[formatters]
keys = generic
[logger_root]
level = WARN
handlers = console
qualname =
[logger_sqlalchemy]
level = WARN
handlers =
qualname = sqlalchemy.engine
[logger_alembic]
level = INFO
handlers =
qualname = alembic
[handler_console]
class = StreamHandler
args = (sys.stderr,)
level = NOTSET
formatter = generic
[formatter_generic]
format = %(levelname)-5.5s [%(name)s] %(message)s
datefmt = %H:%M:%S
0707010000003B000081A40000000000000000000000015EC6B07900000383000000000000000000000000000000000000005F00000000ardana-octavia-9.0+git.1590079609.a2ae6ab/roles/octavia-common/templates/ardana-octavia-req.j2#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
[ req ]
distinguished_name = req_distinguished_name
req_extensions = v3_req
prompt = no
[ req_distinguished_name ]
CN = "ardana-octavia-client"
[ v3_req ]
basicConstraints = CA:FALSE
keyUsage = nonRepudiation, digitalSignature, keyEncipherment
[ alt_names ]0707010000003C000081A40000000000000000000000015EC6B079000002BA000000000000000000000000000000000000006000000000ardana-octavia-9.0+git.1590079609.a2ae6ab/roles/octavia-common/templates/nlbaas2octavia.conf.j2[DEFAULT]
# debug = False
[migration]
# Run without making changes
# trial_run=False
# Delete the load balancer records from neutron-lbaas after migration
delete_after_migration=True
# Example db_connection:
# connection = mysql+pymysql://root:pass@127.0.0.1:3306/octavia
# Replace 127.0.0.1 above with the IP address of the database used by the
# main octavia server. (Leave it as is if the database runs on this host.)
# Octavia service account ID
octavia_account_id = {{ octavia_project_id }}
# Connection string for the neutron database
neutron_db_connection = {{ neutron_db_connection }}
# Connection string for the octavia database
octavia_db_connection = {{ octavia_db_connection }}
0707010000003D000081A40000000000000000000000015EC6B079000041F6000000000000000000000000000000000000005B00000000ardana-octavia-9.0+git.1590079609.a2ae6ab/roles/octavia-common/templates/nlbaas2octavia.j2#!{{ octavia_bin_dir }}/python2
# Copyright 2018 Rackspace, US Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
import datetime
import sys
from oslo_config import cfg
from oslo_db.sqlalchemy import enginefacade
import oslo_i18n as i18n
from oslo_log import log as logging
_translators = i18n.TranslatorFactory(domain='nlbaas2octavia')
# The primary translation function using the well-known name "_"
_ = _translators.primary
CONF = cfg.CONF
migration_opts = [
cfg.BoolOpt('delete_after_migration', default=True,
help='Delete the load balancer records from neutron-lbaas'
' after migration'),
cfg.BoolOpt('trial_run', default=False,
help='Run without making changes.'),
cfg.StrOpt('octavia_account_id', required=True,
help='The keystone account ID Octavia is running under.'),
cfg.StrOpt('neutron_db_connection',
required=True,
help='The neutron database connection string'),
cfg.StrOpt('octavia_db_connection',
required=True,
help='The octavia database connection string'),
]
cfg.CONF.register_opts(migration_opts, group='migration')
def cascade_delete_neutron_lb(n_session, lb_id):
listeners = n_session.execute(
"SELECT id FROM lbaas_listeners WHERE loadbalancer_id = :lb_id;",
{'lb_id': lb_id})
for listener in listeners:
l7policies = n_session.execute(
"SELECT id FROM lbaas_l7policies WHERE listener_id = :list_id;",
{'list_id': listener[0]})
for l7policy in l7policies:
# Delete l7rules
n_session.execute(
"DELETE FROM lbaas_l7rules WHERE l7policy_id = :l7p_id;",
{'l7p_id': l7policy[0]})
# Delete l7policies
n_session.execute(
"DELETE FROM lbaas_l7policies WHERE listener_id = :list_id;",
{'list_id': listener[0]})
# Delete SNI records
n_session.execute(
"DELETE FROM lbaas_sni WHERE listener_id = :list_id;",
{'list_id': listener[0]})
# Delete the listeners
n_session.execute(
"DELETE FROM lbaas_listeners WHERE loadbalancer_id = :lb_id;",
{'lb_id': lb_id})
pools = n_session.execute(
"SELECT id, healthmonitor_id FROM lbaas_pools "
"WHERE loadbalancer_id = :lb_id;", {'lb_id': lb_id}).fetchall()
for pool in pools:
# Delete the members
n_session.execute(
"DELETE FROM lbaas_members WHERE pool_id = :pool_id;",
{'pool_id': pool[0]})
# Delete the session persistence records
n_session.execute(
"DELETE FROM lbaas_sessionpersistences WHERE pool_id = :pool_id;",
{'pool_id': pool[0]})
# Delete the pools
n_session.execute(
"DELETE FROM lbaas_pools WHERE id = :pool_id;",
{'pool_id': pool[0]})
# Delete the health monitor
if pool[1]:
result = n_session.execute("DELETE FROM lbaas_healthmonitors "
"WHERE id = :id", {'id': pool[1]})
if result.rowcount != 1:
raise Exception(_('Failed to delete health monitor: '
'%s') % pool[1])
# Delete the lb stats
n_session.execute(
"DELETE FROM lbaas_loadbalancer_statistics WHERE "
"loadbalancer_id = :lb_id;", {'lb_id': lb_id})
# Delete provider record
n_session.execute(
"DELETE FROM providerresourceassociations WHERE "
"resource_id = :lb_id;", {'lb_id': lb_id})
# Delete the load balanacer
n_session.execute(
"DELETE FROM lbaas_loadbalancers WHERE id = :lb_id;", {'lb_id': lb_id})
def process_health_monitor(LOG, n_session, o_session, project_id,
pool_id, hm_id):
hm = n_session.execute(
"SELECT type, delay, timeout, max_retries, http_method, url_path, "
"expected_codes, admin_state_up, provisioning_status, name, "
"max_retries_down FROM lbaas_healthmonitors WHERE id = :hm_id AND "
"provisioning_status = 'ACTIVE';", {'hm_id': hm_id}).fetchone()
LOG.debug('Migrating health manager: %s', hm_id)
if hm is None:
raise Exception(_('Health monitor %s has invalid '
'provisioning_status.'), hm_id)
hm_op_status = 'ONLINE' if hm[7] else 'OFFLINE'
result = o_session.execute(
"UPDATE health_monitor SET project_id = :proj_id WHERE "
"id = :id;", {'proj_id': project_id, 'id': pool_id})
if result.rowcount != 1:
raise Exception(_('Unable to update health monitor in the Octavia '
'database.'))
def process_members(LOG, n_session, o_session, project_id, pool_id):
# Handle members
members = n_session.execute(
"SELECT id, subnet_id, address, protocol_port, weight, "
"admin_state_up, provisioning_status, operating_status, name FROM "
"lbaas_members WHERE pool_id = :pool_id;",
{'pool_id': pool_id}).fetchall()
for member in members:
LOG.debug('Migrating member: %s', member[0])
if member[6] == 'DELETED':
continue
elif member[6] != 'ACTIVE':
raise Exception(_('Member %s for pool %s is invalid state of %s.'),
member[0],
pool_id,
member[6])
result = o_session.execute(
"UPDATE member SET project_id = :proj_id WHERE "
"id = :id;", {'proj_id': project_id, 'id': member[0]})
if result.rowcount != 1:
raise Exception(
_('Unable to update member in the Octavia database.'))
def process_L7policies(LOG, n_session, o_session, listener_id, project_id):
l7policies = n_session.execute(
"SELECT id, name, description, listener_id, action, "
"redirect_pool_id, redirect_url, position, "
"provisioning_status, admin_state_up FROM "
"lbaas_l7policies WHERE listener_id = :listener_id AND "
"provisioning_status = 'ACTIVE';",
{'listener_id': listener_id}).fetchall()
for l7policy in l7policies:
LOG.debug('Migrating L7 policy: %s', l7policy[0])
if l7policy[8] == 'DELETED':
continue
elif l7policy[8] != 'ACTIVE':
raise Exception(_('L7 policy is invalid state of %s.'),
l7policy[8])
result = o_session.execute(
"UPDATE l7policy SET project_id = :proj_id WHERE "
"id = :id;", {'proj_id': project_id, 'id': l7policy[0]})
if result.rowcount != 1:
raise Exception(_('Unable to update L7 policy in the Octavia '
'database.'))
# Handle L7 rules
l7rules = n_session.execute(
"SELECT id, type, compare_type, invert, `key`, value, "
"provisioning_status, admin_state_up FROM lbaas_l7rules WHERE "
"l7policy_id = :l7policy_id AND provisioning_status = 'ACTIVE';",
{'l7policy_id': l7policy[0]}).fetchall()
for l7rule in l7rules:
LOG.debug('Migrating L7 rule: %s', l7policy[0])
if l7rule[6] == 'DELETED':
continue
elif l7rule[6] != 'ACTIVE':
raise Exception(_('L7 rule is invalid state of %s.'),
l7rule[6])
result = o_session.execute(
"UPDATE l7rule set project_id = :proj_id WHERE "
"id = :id;", {'proj_id': project_id, 'id': l7rule[0]})
if result.rowcount != 1:
raise Exception(_('Unable to update L7 policy in the Octavia '
'database.'))
def migrate_lb(LOG, n_session_maker, o_session_maker, lb_id):
n_session = n_session_maker(autocommit=False)
o_session = o_session_maker(autocommit=False)
LOG.info('Migrating load balancer: %s', lb_id)
try:
# Lock the load balancer in neutron DB
result = n_session.execute(
"UPDATE lbaas_loadbalancers SET "
"provisioning_status = 'PENDING_UPDATE' WHERE id = :id AND "
"provisioning_status = 'ACTIVE';", {'id': lb_id})
if result.rowcount != 1:
raise Exception(_('Load balancer is not provisioning_status '
'ACTIVE'))
# Get the load balancer record from neutron
n_lb = n_session.execute(
"SELECT b.provider_name, a.project_id, a.name, a.description, "
"a.admin_state_up, a.operating_status, a.flavor_id, "
"a.vip_port_id, a.vip_subnet_id, a.vip_address "
"FROM lbaas_loadbalancers a JOIN providerresourceassociations b "
"ON a.id = b.resource_id WHERE ID = :id;",
{'id': lb_id}).fetchone()
# Migrate the port and security groups to Octavia
vip_port = n_session.execute(
"SELECT a.device_owner, a.project_id, b.security_group_id "
"FROM ports a JOIN securitygroupportbindings b ON "
"a.id = b.port_id where id = :id;",
{'id': n_lb[7]}).fetchone()
# neutron-lbaas does not support user VIP ports, so take
# ownership of the port and security group
if vip_port[0] == 'neutron:LOADBALANCERV2':
result = n_session.execute(
"UPDATE ports SET device_owner = 'Octavia', "
"project_id = :proj_id WHERE "
"id = :id;", {'id': n_lb[7],
'proj_id': CONF.migration.octavia_account_id})
if result.rowcount != 1:
raise Exception(_('Unable to update VIP port in the neutron '
'database.'))
security_group = n_session.execute(
"SELECT project_id FROM securitygroups WHERE id = :id",
{'id': vip_port[2]}).fetchone()
# Update security group project, only when its owner is not the
# user project, which means that Octavia should own it
if security_group[0] != n_lb[1]:
result = n_session.execute(
"UPDATE securitygroups SET project_id = :proj_id WHERE "
"id = :id;", {'proj_id': CONF.migration.octavia_account_id,
'id': vip_port[2]})
if result.rowcount != 1:
raise Exception(_('Unable to update VIP security group in '
'the neutron database.'))
# Now migrate the octavia loadbalancers from Neutron. Notice that
# for the
# neutron_lbaas.services.loadbalancer.plugin.LoadBalancerPluginv2
# Neutron LBaaS plugin, the provider name is still set to 'octavia'.
if n_lb[0] == 'octavia':
# Create the load balancer
result = o_session.execute(
"UPDATE load_balancer SET project_id = :proj_id WHERE "
"id = :id;", {'proj_id': n_lb[1], 'id': lb_id})
if result.rowcount != 1:
raise Exception(_('Unable to update load balancer in the '
'Octavia database.'))
# Create pools
pools = n_session.execute(
"SELECT id, name, description, protocol, lb_algorithm, "
"healthmonitor_id, admin_state_up, provisioning_status, "
"operating_status FROM lbaas_pools WHERE loadbalancer_id "
" = :lb_id;",
{'lb_id': lb_id}).fetchall()
for pool in pools:
LOG.debug('Migrating pool: %s', pool[0])
if pool[7] == 'DELETED':
continue
elif pool[7] != 'ACTIVE':
raise Exception(_('Pool is invalid state of %s.'), pool[7])
result = o_session.execute(
"UPDATE pool SET project_id = :proj_id WHERE "
"id = :id;", {'proj_id': n_lb[1], 'id': pool[0]})
if result.rowcount != 1:
raise Exception(_('Unable to update pool in the '
'Octavia database.'))
# Create health monitor if there is one
if pool[5] is not None:
process_health_monitor(LOG, n_session, o_session,
n_lb[1], pool[0], pool[5])
# Handle the pool memebers
process_members(LOG, n_session, o_session, n_lb[1], pool[0])
lb_stats = n_session.execute(
"SELECT bytes_in, bytes_out, active_connections, "
"total_connections FROM lbaas_loadbalancer_statistics WHERE "
"loadbalancer_id = :lb_id;", {'lb_id': lb_id}).fetchone()
listeners = n_session.execute(
"SELECT id, name, description, protocol, protocol_port, "
"connection_limit, default_pool_id, admin_state_up, "
"provisioning_status, operating_status, "
"default_tls_container_id FROM lbaas_listeners WHERE "
"loadbalancer_id = :lb_id;", {'lb_id': lb_id}).fetchall()
for listener in listeners:
LOG.debug('Migrating listener: %s', listener[0])
if listener[8] == 'DELETED':
continue
elif listener[8] != 'ACTIVE':
raise Exception(_('Listener is invalid state of %s.'),
listener[8])
result = o_session.execute(
"UPDATE listener SET project_id = :proj_id WHERE "
"id = :id;", {'proj_id': n_lb[1], 'id': listener[0]})
if result.rowcount != 1:
raise Exception(_('Unable to update listener in the '
'Octavia database.'))
# Handle L7 policy records
process_L7policies(LOG, n_session, o_session,
listener[0], n_lb[1])
# Delete the old neutron-lbaas records
if (CONF.migration.delete_after_migration and not
CONF.migration.trial_run):
cascade_delete_neutron_lb(n_session, lb_id)
if CONF.migration.trial_run:
o_session.rollback()
n_session.rollback()
LOG.info('Simulated migration of load balancer %s successful.',
lb_id)
else:
o_session.commit()
n_session.commit()
LOG.info('Migration of load balancer %s successful.', lb_id)
return 0
except Exception as e:
n_session.rollback()
o_session.rollback()
LOG.exception("Skipping load balancer %s due to: %s.", lb_id, str(e))
return 1
def main():
if len(sys.argv) == 1:
print('Error: Config file must be specified.')
print('nlbaas2octavia --config-file <filename>')
return 1
logging.register_options(cfg.CONF)
cfg.CONF(args=sys.argv[1:],
project='nlbaas2octavia',
version='nlbaas2octavia 1.0')
logging.set_defaults()
logging.setup(cfg.CONF, 'nlbaas2octavia')
LOG = logging.getLogger('nlbaas2octavia')
CONF.log_opt_values(LOG, logging.DEBUG)
neutron_context_manager = enginefacade.transaction_context()
neutron_context_manager.configure(
connection=CONF.migration.neutron_db_connection)
n_session_maker = neutron_context_manager.writer.get_sessionmaker()
octavia_context_manager = enginefacade.transaction_context()
octavia_context_manager.configure(
connection=CONF.migration.octavia_db_connection)
o_session_maker = octavia_context_manager.writer.get_sessionmaker()
LOG.info('Starting migration.')
n_session = n_session_maker(autocommit=True)
lb_id_list = []
lb_id_list = n_session.execute(
"SELECT id FROM lbaas_loadbalancers WHERE "
"provisioning_status = 'ACTIVE';").fetchall()
failure_count = 0
for lb in lb_id_list:
failure_count += migrate_lb(LOG, n_session_maker,
o_session_maker, lb[0])
if failure_count:
sys.exit(1)
if __name__ == "__main__":
main()
0707010000003E000081A40000000000000000000000015EC6B07900000673000000000000000000000000000000000000006500000000ardana-octavia-9.0+git.1590079609.a2ae6ab/roles/octavia-common/templates/octavia-api-logging.conf.j2{#
#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
#}
[loggers]
keys: root
[handlers]
keys: watchedfile, logstash
[formatters]
keys: context, logstash
[logger_root]
qualname: root
handlers: watchedfile, logstash
level: NOTSET
# Writes to disk
[handler_watchedfile]
class: handlers.WatchedFileHandler
args: ('{{ octavia_log_dir }}/octavia-api.log',)
formatter: context
level: INFO
# Writes JSON to disk, beaver will ship to logstash
[handler_logstash]
class: handlers.WatchedFileHandler
args: ('{{ octavia_log_dir }}/octavia-api-json.log',)
formatter: logstash
level: INFO
# datefmt must be set otherwise you end up with too many (msecs) fields
[formatter_context]
class: oslo_log.formatters.ContextFormatter
args: (datefmt=datefmt)
format: %(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [%(request_id)s %(user)s %(tenant)s] %(instance)s%(message)s
datefmt: %Y-%m-%d %H:%M:%S
# the "format" and "datefmt" actually set the "type" and "tags"
[formatter_logstash]
class: logstash.LogstashFormatterVersion1
format: octavia
datefmt: octavia-api
0707010000003F000081A40000000000000000000000015EC6B07900001072000000000000000000000000000000000000005D00000000ardana-octavia-9.0+git.1590079609.a2ae6ab/roles/octavia-common/templates/octavia-api.conf.j2{#
#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017-2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
#}
# This configuration file includes the default values for Ardana Openstack
# Changes may be made to this file by customers.
[DEFAULT]
debug = True
#os_region_name = region1
os_endpoint_type = {{ octavia_endpoint_type }}
log_config_append = "{{ octavia_conf_dir }}/octavia-api-logging.conf"
transport_url = {{ octavia_transport_url }}
[api_settings]
api_handler = queue_producer
bind_host = {{ octavia_bind_host }}
bind_port = {{ octavia_bind_port }}
[database]
connection = {{ octavia_db_connection }}
[health_manager]
bind_ip = {{ octavia_healthmanager_bind_host }}
bind_port = {{ octavia_healthmanager_port }}
controller_ip_port_list = {{ octavia_healthmanager_hosts }}
heartbeat_key = {{ octavia_heartbeat_key }}
event_streamer_driver = noop_event_streamer
heartbeat_interval = {{ octavia_heartbeat_interval }}
heartbeat_timeout = 180
health_check_interval = {{ octavia_health_check_interval }}
[keystone_authtoken]
auth_version = 3
www_authenticate_uri = {{ octavia_auth_endpoint }}
auth_url = {{ octavia_auth_endpoint }}
auth_type = password
project_name = {{ octavia_project_name }}
project_domain_name = Default
user_domain_name = Default
username = {{ octavia_admin_user }}
password = {{ octavia_admin_password }}
region_name = {{ octavia_region_name }}
cafile = {{ octavia_ca_file }}
[certificates]
cert_generator = local_cert_generator
cert_manager = barbican_cert_manager
ca_certificate = {{ octavia_ca_certificate }}
ca_private_key = {{ octavia_ca_private_key }}
ca_private_key_passphrase = {{ octavia_ca_private_key_passphrase }}
[haproxy_amphora]
server_ca = {{ octavia_server_ca }}
client_cert = {{ octavia_client_cert }}
key_path = {{ octavia_key_path }}
base_path = /var/lib/octavia
base_cert_dir = /var/lib/octavia/certs
connection_max_retries = 120
connection_retry_interval = 5
[controller_worker]
amp_active_retries = 40
amp_active_wait_sec = 10
amp_flavor_id = {{ octavia_nova_flavor_id.stdout }}
amp_image_tag = {{ octavia_amp_image_tag }}
amp_boot_network_list = {{ octavia_mgmt_net_id.stdout }}
amp_secgroup_list = {{ octavia_mgmt_sec_group_id.stdout }}
client_ca = {{ octavia_client_ca }}
compute_driver = compute_nova_driver
amphora_driver = amphora_haproxy_rest_driver
network_driver = allowed_address_pairs_driver
loadbalancer_topology = SINGLE
#amp_ssh_key_name =
[oslo_messaging_rabbit]
ssl = {{ octavia_rabbit_use_ssl }}
[house_keeping]
# Pool size for the spare pool
# spare_amphora_pool_size = 0
[oslo_messaging]
topic = octavia_prov
rpc_thread_pool_size = 2
[service_auth]
auth_version = 3
auth_uri = {{ octavia_auth_endpoint }}
auth_url = {{ octavia_auth_endpoint }}
auth_type = password
project_name = {{ octavia_project_name }}
project_domain_name = Default
user_domain_name = Default
username = {{ octavia_admin_user }}
password = {{ octavia_admin_password }}
region_name = {{ octavia_region_name }}
cafile = {{ octavia_ca_file }}
[networking]
port_detach_timeout = 900
[neutron]
endpoint = {{ neutron_endpoint }}
endpoint_type = {{ octavia_endpoint_type }}
[nova]
endpoint = {{ nova_endpoint }}
endpoint_type = {{ octavia_endpoint_type }}
[barbican]
auth_url = {{ octavia_auth_endpoint }}
admin_user = {{ neutron_admin_user }}
admin_password = {{ neutron_admin_password }}
auth_version = 3
admin_tenant_name = {{ keystone_admin_tenant }}
admin_user_domain = {{ keystone_default_domain }}
admin_project_domain = {{ keystone_default_domain }}
region_name = {{ octavia_region_name }}
#service_name =
endpoint_type = {{ octavia_endpoint_type }}
### End of File ###
## Do NOT put anything after this line ##
07070100000040000081A40000000000000000000000015EC6B0790000042E000000000000000000000000000000000000006A00000000ardana-octavia-9.0+git.1590079609.a2ae6ab/roles/octavia-common/templates/octavia-common-rundir.service.j2{#
#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
#}
[Unit]
Description=Create {{ octavia_common_rundir }}
[Service]
ExecStartPre=/bin/mkdir -p {{ octavia_common_rundir }}
ExecStartPre=/bin/chmod 775 {{ octavia_common_rundir }}
ExecStart=/bin/chown -R {{ octavia_user }}:{{ octavia_group }} {{ octavia_common_rundir }}
[Install]
RequiredBy=octavia-api.service
RequiredBy=octavia-worker.service
RequiredBy=octavia-health-manager.service
RequiredBy=octavia-housekeeping.service
07070100000041000081A40000000000000000000000015EC6B079000003CA000000000000000000000000000000000000006600000000ardana-octavia-9.0+git.1590079609.a2ae6ab/roles/octavia-common/templates/octavia-component.service.j2{#
#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
#}
[Unit]
Description={{ octavia_service_cmd }} Service
[Service]
ExecStart={{ octavia_component_exec_start }}
Environment=
User={{ octavia_user }}
Group={{ octavia_group }}
PermissionsStartOnly=true
Restart=on-failure
RestartSec={{ restart_hold }}
[Install]
WantedBy=multi-user.target
Alias={{ octavia_service_cmd }}.service
07070100000042000081A40000000000000000000000015EC6B07900001077000000000000000000000000000000000000006800000000ardana-octavia-9.0+git.1590079609.a2ae6ab/roles/octavia-common/templates/octavia-health-manager.conf.j2{#
#
# (c) Copyright 2016-2017 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017-2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
#}
# This configuration file includes the default values for Ardana Openstack
# Changes may be made to this file by customers.
[DEFAULT]
debug = True
#os_region_name = region1
os_endpoint_type = {{ octavia_endpoint_type }}
log_config_append = "{{ octavia_conf_dir }}/octavia-hm-logging.conf"
transport_url = {{ octavia_transport_url }}
[api_settings]
api_handler = queue_producer
bind_host = {{ octavia_bind_host }}
bind_port = {{ octavia_bind_port }}
[database]
connection = {{ octavia_db_connection }}
[health_manager]
bind_ip = {{ octavia_healthmanager_bind_host }}
bind_port = {{ octavia_healthmanager_port }}
controller_ip_port_list = {{ octavia_healthmanager_hosts }}
heartbeat_key = {{ octavia_heartbeat_key }}
event_streamer_driver = noop_event_streamer
heartbeat_interval = {{ octavia_heartbeat_interval }}
heartbeat_timeout = 180
health_check_interval = {{ octavia_health_check_interval }}
[keystone_authtoken]
auth_version = 3
www_authenticate_uri = {{ octavia_auth_endpoint }}
auth_url = {{ octavia_auth_endpoint }}
auth_type = password
project_name = {{ octavia_project_name }}
project_domain_name = Default
user_domain_name = Default
username = {{ octavia_admin_user }}
password = {{ octavia_admin_password }}
region_name = {{ octavia_region_name }}
cafile = {{ octavia_ca_file }}
[certificates]
cert_generator = local_cert_generator
cert_manager = barbican_cert_manager
ca_certificate = {{ octavia_ca_certificate }}
ca_private_key = {{ octavia_ca_private_key }}
ca_private_key_passphrase = {{ octavia_ca_private_key_passphrase }}
[haproxy_amphora]
server_ca = {{ octavia_server_ca }}
client_cert = {{ octavia_client_cert }}
key_path = {{ octavia_key_path }}
base_path = /var/lib/octavia
base_cert_dir = /var/lib/octavia/certs
connection_max_retries = 120
connection_retry_interval = 5
[controller_worker]
amp_active_retries = 40
amp_active_wait_sec = 10
amp_flavor_id = {{ octavia_nova_flavor_id.stdout }}
amp_image_tag = {{ octavia_amp_image_tag }}
amp_boot_network_list = {{ octavia_mgmt_net_id.stdout }}
amp_secgroup_list = {{ octavia_mgmt_sec_group_id.stdout }}
client_ca = {{ octavia_client_ca }}
compute_driver = compute_nova_driver
amphora_driver = amphora_haproxy_rest_driver
network_driver = allowed_address_pairs_driver
loadbalancer_topology = SINGLE
#amp_ssh_key_name =
[oslo_messaging_rabbit]
ssl = {{ octavia_rabbit_use_ssl }}
[oslo_messaging]
topic = octavia_prov
rpc_thread_pool_size = 2
[house_keeping]
# Pool size for the spare pool
# spare_amphora_pool_size = 0
[service_auth]
auth_version = 3
auth_uri = {{ octavia_auth_endpoint }}
auth_url = {{ octavia_auth_endpoint }}
auth_type = password
project_name = {{ octavia_project_name }}
project_domain_name = Default
user_domain_name = Default
username = {{ octavia_admin_user }}
password = {{ octavia_admin_password }}
region_name = {{ octavia_region_name }}
cafile = {{ octavia_ca_file }}
[networking]
port_detach_timeout = 900
[neutron]
endpoint = {{ neutron_endpoint }}
endpoint_type = {{ octavia_endpoint_type }}
[nova]
endpoint = {{ nova_endpoint }}
endpoint_type = {{ octavia_endpoint_type }}
[barbican]
auth_url = {{ octavia_auth_endpoint }}
admin_user = {{ neutron_admin_user }}
admin_password = {{ neutron_admin_password }}
auth_version = 3
admin_tenant_name = {{ keystone_admin_tenant }}
admin_user_domain = {{ keystone_default_domain }}
admin_project_domain = {{ keystone_default_domain }}
region_name = {{ octavia_region_name }}
#service_name =
endpoint_type = {{ octavia_endpoint_type }}
### End of File ###
## Do NOT put anything after this line ##
07070100000043000081A40000000000000000000000015EC6B0790000068E000000000000000000000000000000000000006400000000ardana-octavia-9.0+git.1590079609.a2ae6ab/roles/octavia-common/templates/octavia-hk-logging.conf.j2{#
#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
#}
[loggers]
keys: root
[handlers]
keys: watchedfile, logstash
[formatters]
keys: context, logstash
[logger_root]
qualname: root
handlers: watchedfile, logstash
level: NOTSET
# Writes to disk
[handler_watchedfile]
class: handlers.WatchedFileHandler
args: ('{{ octavia_log_dir }}/octavia-housekeeping.log',)
formatter: context
level: INFO
# Writes JSON to disk, beaver will ship to logstash
[handler_logstash]
class: handlers.WatchedFileHandler
args: ('{{ octavia_log_dir }}/octavia-housekeeping-json.log',)
formatter: logstash
level: INFO
# datefmt must be set otherwise you end up with too many (msecs) fields
[formatter_context]
class: oslo_log.formatters.ContextFormatter
args: (datefmt=datefmt)
format: %(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [%(request_id)s %(user)s %(tenant)s] %(instance)s%(message)s
datefmt: %Y-%m-%d %H:%M:%S
# the "format" and "datefmt" actually set the "type" and "tags"
[formatter_logstash]
class: logstash.LogstashFormatterVersion1
format: octavia
datefmt: octavia-housekeeping
07070100000044000081A40000000000000000000000015EC6B07900000695000000000000000000000000000000000000006400000000ardana-octavia-9.0+git.1590079609.a2ae6ab/roles/octavia-common/templates/octavia-hm-logging.conf.j2{#
#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
#}
[loggers]
keys: root
[handlers]
keys: watchedfile, logstash
[formatters]
keys: context, logstash
[logger_root]
qualname: root
handlers: watchedfile, logstash
level: NOTSET
# Writes to disk
[handler_watchedfile]
class: handlers.WatchedFileHandler
args: ('{{ octavia_log_dir }}/octavia-health-manager.log',)
formatter: context
level: INFO
# Writes JSON to disk, beaver will ship to logstash
[handler_logstash]
class: handlers.WatchedFileHandler
args: ('{{ octavia_log_dir }}/octavia-health-manager-json.log',)
formatter: logstash
level: INFO
# datefmt must be set otherwise you end up with too many (msecs) fields
[formatter_context]
class: oslo_log.formatters.ContextFormatter
args: (datefmt=datefmt)
format: %(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [%(request_id)s %(user)s %(tenant)s] %(instance)s%(message)s
datefmt: %Y-%m-%d %H:%M:%S
# the "format" and "datefmt" actually set the "type" and "tags"
[formatter_logstash]
class: logstash.LogstashFormatterVersion1
format: octavia
datefmt: octavia-health-manager
07070100000045000081A40000000000000000000000015EC6B07900001071000000000000000000000000000000000000006600000000ardana-octavia-9.0+git.1590079609.a2ae6ab/roles/octavia-common/templates/octavia-housekeeping.conf.j2{#
#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017-2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
#}
# This configuration file includes the default values for Ardana Openstack
# Changes may be made to this file by customers.
[DEFAULT]
debug = True
#os_region_name = region1
os_endpoint_type = {{ octavia_endpoint_type }}
log_config_append = "{{ octavia_conf_dir }}/octavia-hk-logging.conf"
transport_url = {{ octavia_transport_url }}
[api_settings]
api_handler = queue_producer
bind_host = {{ octavia_bind_host }}
bind_port = {{ octavia_bind_port }}
[database]
connection = {{ octavia_db_connection }}
[health_manager]
bind_ip = {{ octavia_healthmanager_bind_host }}
bind_port = {{ octavia_healthmanager_port }}
controller_ip_port_list = {{ octavia_healthmanager_hosts }}
heartbeat_key = {{ octavia_heartbeat_key }}
event_streamer_driver = noop_event_streamer
heartbeat_interval = {{ octavia_heartbeat_interval }}
heartbeat_timeout = 180
health_check_interval = {{ octavia_health_check_interval }}
[keystone_authtoken]
auth_version = 3
www_authenticate_uri = {{ octavia_auth_endpoint }}
auth_url = {{ octavia_auth_endpoint }}
auth_type = password
project_name = {{ octavia_project_name }}
project_domain_name = Default
user_domain_name = Default
username = {{ octavia_admin_user }}
password = {{ octavia_admin_password }}
region_name = {{ octavia_region_name }}
cafile = {{ octavia_ca_file }}
[certificates]
cert_generator = local_cert_generator
cert_manager = barbican_cert_manager
ca_certificate = {{ octavia_ca_certificate }}
ca_private_key = {{ octavia_ca_private_key }}
ca_private_key_passphrase = {{ octavia_ca_private_key_passphrase }}
[haproxy_amphora]
server_ca = {{ octavia_server_ca }}
client_cert = {{ octavia_client_cert }}
key_path = {{ octavia_key_path }}
base_path = /var/lib/octavia
base_cert_dir = /var/lib/octavia/certs
connection_max_retries = 120
connection_retry_interval = 5
[controller_worker]
amp_active_retries = 40
amp_active_wait_sec = 10
amp_flavor_id = {{ octavia_nova_flavor_id.stdout }}
amp_image_tag = {{ octavia_amp_image_tag }}
amp_boot_network_list = {{ octavia_mgmt_net_id.stdout }}
amp_secgroup_list = {{ octavia_mgmt_sec_group_id.stdout }}
client_ca = {{ octavia_client_ca }}
compute_driver = compute_nova_driver
amphora_driver = amphora_haproxy_rest_driver
network_driver = allowed_address_pairs_driver
loadbalancer_topology = SINGLE
#amp_ssh_key_name =
[oslo_messaging_rabbit]
ssl = {{ octavia_rabbit_use_ssl }}
[oslo_messaging]
topic = octavia_prov
rpc_thread_pool_size = 2
[house_keeping]
# Pool size for the spare pool
# spare_amphora_pool_size = 0
[service_auth]
auth_version = 3
auth_uri = {{ octavia_auth_endpoint }}
auth_url = {{ octavia_auth_endpoint }}
auth_type = password
project_name = {{ octavia_project_name }}
project_domain_name = Default
user_domain_name = Default
username = {{ octavia_admin_user }}
password = {{ octavia_admin_password }}
region_name = {{ octavia_region_name }}
cafile = {{ octavia_ca_file }}
[networking]
port_detach_timeout = 900
[neutron]
endpoint = {{ neutron_endpoint }}
endpoint_type = {{ octavia_endpoint_type }}
[nova]
endpoint = {{ nova_endpoint }}
endpoint_type = {{ octavia_endpoint_type }}
[barbican]
auth_url = {{ octavia_auth_endpoint }}
admin_user = {{ neutron_admin_user }}
admin_password = {{ neutron_admin_password }}
auth_version = 3
admin_tenant_name = {{ keystone_admin_tenant }}
admin_user_domain = {{ keystone_default_domain }}
admin_project_domain = {{ keystone_default_domain }}
region_name = {{ octavia_region_name }}
#service_name =
endpoint_type = {{ octavia_endpoint_type }}
### End of File ###
## Do NOT put anything after this line ##
07070100000046000081A40000000000000000000000015EC6B0790000067C000000000000000000000000000000000000006800000000ardana-octavia-9.0+git.1590079609.a2ae6ab/roles/octavia-common/templates/octavia-worker-logging.conf.j2{#
#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
#}
[loggers]
keys: root
[handlers]
keys: watchedfile, logstash
[formatters]
keys: context, logstash
[logger_root]
qualname: root
handlers: watchedfile, logstash
level: NOTSET
# Writes to disk
[handler_watchedfile]
class: handlers.WatchedFileHandler
args: ('{{ octavia_log_dir }}/octavia-worker.log',)
formatter: context
level: INFO
# Writes JSON to disk, beaver will ship to logstash
[handler_logstash]
class: handlers.WatchedFileHandler
args: ('{{ octavia_log_dir }}/octavia-worker-json.log',)
formatter: logstash
level: INFO
# datefmt must be set otherwise you end up with too many (msecs) fields
[formatter_context]
class: oslo_log.formatters.ContextFormatter
args: (datefmt=datefmt)
format: %(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [%(request_id)s %(user)s %(tenant)s] %(instance)s%(message)s
datefmt: %Y-%m-%d %H:%M:%S
# the "format" and "datefmt" actually set the "type" and "tags"
[formatter_logstash]
class: logstash.LogstashFormatterVersion1
format: octavia
datefmt: octavia-worker
07070100000047000081A40000000000000000000000015EC6B07900001079000000000000000000000000000000000000006000000000ardana-octavia-9.0+git.1590079609.a2ae6ab/roles/octavia-common/templates/octavia-worker.conf.j2{#
#
# (c) Copyright 2016-2017 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017-2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
#}
# This configuration file includes the default values for Ardana Openstack
# Changes may be made to this file by customers.
[DEFAULT]
debug = True
#os_region_name = region1
os_endpoint_type = {{ octavia_endpoint_type }}
log_config_append = "{{ octavia_conf_dir }}/octavia-worker-logging.conf"
transport_url = {{ octavia_transport_url }}
[api_settings]
api_handler = queue_producer
bind_host = {{ octavia_bind_host }}
bind_port = {{ octavia_bind_port }}
[database]
connection = {{ octavia_db_connection }}
[health_manager]
bind_ip = {{ octavia_healthmanager_bind_host }}
bind_port = {{ octavia_healthmanager_port }}
controller_ip_port_list = {{ octavia_healthmanager_hosts }}
heartbeat_key = {{ octavia_heartbeat_key }}
event_streamer_driver = noop_event_streamer
heartbeat_interval = {{ octavia_heartbeat_interval }}
heartbeat_timeout = 180
health_check_interval = {{ octavia_health_check_interval }}
[keystone_authtoken]
auth_version = 3
www_authenticate_uri = {{ octavia_auth_endpoint }}
auth_url = {{ octavia_auth_endpoint }}
auth_type = password
project_name = {{ octavia_project_name }}
project_domain_name = Default
user_domain_name = Default
username = {{ octavia_admin_user }}
password = {{ octavia_admin_password }}
region_name = {{ octavia_region_name }}
cafile = {{ octavia_ca_file }}
[certificates]
cert_generator = local_cert_generator
cert_manager = barbican_cert_manager
ca_certificate = {{ octavia_ca_certificate }}
ca_private_key = {{ octavia_ca_private_key }}
ca_private_key_passphrase = {{ octavia_ca_private_key_passphrase }}
[haproxy_amphora]
server_ca = {{ octavia_server_ca }}
client_cert = {{ octavia_client_cert }}
key_path = {{ octavia_key_path }}
base_path = /var/lib/octavia
base_cert_dir = /var/lib/octavia/certs
connection_max_retries = 120
connection_retry_interval = 5
[controller_worker]
amp_active_retries = 40
amp_active_wait_sec = 10
amp_flavor_id = {{ octavia_nova_flavor_id.stdout}}
amp_image_tag = {{ octavia_amp_image_tag }}
amp_boot_network_list = {{ octavia_mgmt_net_id.stdout }}
amp_secgroup_list = {{ octavia_mgmt_sec_group_id.stdout }}
client_ca = {{ octavia_client_ca }}
compute_driver = compute_nova_driver
amphora_driver = amphora_haproxy_rest_driver
network_driver = allowed_address_pairs_driver
loadbalancer_topology = SINGLE
#amp_ssh_key_name =
[oslo_messaging_rabbit]
ssl = {{ octavia_rabbit_use_ssl }}
[oslo_messaging]
topic = octavia_prov
rpc_thread_pool_size = 2
[house_keeping]
# Pool size for the spare pool
# spare_amphora_pool_size = 0
[service_auth]
auth_version = 3
auth_uri = {{ octavia_auth_endpoint }}
auth_url = {{ octavia_auth_endpoint }}
auth_type = password
project_name = {{ octavia_project_name }}
project_domain_name = Default
user_domain_name = Default
username = {{ octavia_admin_user }}
password = {{ octavia_admin_password }}
region_name = {{ octavia_region_name }}
cafile = {{ octavia_ca_file }}
[networking]
port_detach_timeout = 900
[neutron]
endpoint = {{ neutron_endpoint }}
endpoint_type = {{ octavia_endpoint_type }}
[nova]
endpoint = {{ nova_endpoint }}
endpoint_type = {{ octavia_endpoint_type }}
[barbican]
auth_url = {{ octavia_auth_endpoint }}
admin_user = {{ neutron_admin_user }}
admin_password = {{ neutron_admin_password }}
auth_version = 3
admin_tenant_name = {{ keystone_admin_tenant }}
admin_user_domain = {{ keystone_default_domain }}
admin_project_domain = {{ keystone_default_domain }}
region_name = {{ octavia_region_name }}
#service_name =
endpoint_type = {{ octavia_endpoint_type }}
### End of File ###
## Do NOT put anything after this line ##
07070100000048000081A40000000000000000000000015EC6B07900000C47000000000000000000000000000000000000005800000000ardana-octavia-9.0+git.1590079609.a2ae6ab/roles/octavia-common/templates/openssl.cnf.j2{# Copyright 2010 United States Government as represented by the
# Administrator of the National Aeronautics and Space Administration.
# All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#}
#
# OpenSSL configuration file.
#
# Establish working directory.
dir = .
[ ca ]
default_ca = CA_default
[ CA_default ]
serial = {{ tls_serial_file }}
database = {{ tls_index_file }}
new_certs_dir = $dir/
certificate = {{ tls_ca_cert_file }}
private_key = {{ tls_ca_key_file }}
unique_subject = no
default_crl_days = 365
default_days = 365
default_md = md5
preserve = no
email_in_dn = no
nameopt = default_ca
certopt = default_ca
policy = policy_match
copy_extensions = copy
# NOTE(dprince): stateOrProvinceName must be 'supplied' or 'optional' to
# work around a stateOrProvince printable string UTF8 mismatch on
# RHEL 6 and Fedora 14 (using openssl-1.0.0-4.el6.x86_64 or
# openssl-1.0.0d-1.fc14.x86_64)
[ policy_match ]
countryName = optional
stateOrProvinceName = optional
organizationName = optional
organizationalUnitName = optional
commonName = supplied
emailAddress = optional
[ req ]
default_bits = 2048 # Size of keys
default_keyfile = key.pem # name of generated keys
default_md = md5 # message digest algorithm
string_mask = nombstr # permitted characters
distinguished_name = req_distinguished_name
req_extensions = v3_req
x509_extensions = v3_ca
[ req_distinguished_name ]
# Variable name Prompt string
#---------------------- ----------------------------------
0.organizationName = Organization Name (company)
organizationalUnitName = Organizational Unit Name (department, division)
emailAddress = Email Address
emailAddress_max = 40
localityName = Locality Name (city, district)
stateOrProvinceName = State or Province Name (full name)
countryName = Country Name (2 letter code)
countryName_min = 2
countryName_max = 2
commonName = Common Name (hostname, IP, or your name)
commonName_max = 64
# Default values for the above, for consistency and less typing.
# Variable name Value
#------------------------------ ------------------------------
0.organizationName_default = Hewlett-Packard-Enterprise
localityName_default = Bristol
stateOrProvinceName_default = Bristol
countryName_default = UK
[ v3_ca ]
basicConstraints = CA:TRUE
subjectKeyIdentifier = hash
authorityKeyIdentifier = keyid:always,issuer:always
subjectAltName = @alt_names
[ v3_req ]
basicConstraints = CA:FALSE
subjectKeyIdentifier = hash
[ alt_names ]07070100000049000081A40000000000000000000000015EC6B07900000435000000000000000000000000000000000000005800000000ardana-octavia-9.0+git.1590079609.a2ae6ab/roles/octavia-common/templates/policy.json.j2{#
#
# (c) Copyright 2019 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
#}
{
"context_is_admin": "role:admin or role:load-balancer_admin or role:neutron_admin",
"admin_or_owner": "is_admin:True or rule:context_is_admin or project_id:%(project_id)s",
"load-balancer:read": "rule:admin_or_owner",
"load-balancer:read-global": "is_admin:True",
"load-balancer:write": "rule:admin_or_owner",
"load-balancer:read-quota": "rule:admin_or_owner",
"load-balancer:read-quota-global": "is_admin:True",
"load-balancer:write-quota": "is_admin:True"
}
0707010000004A000041ED0000000000000000000000025EC6B07900000000000000000000000000000000000000000000004400000000ardana-octavia-9.0+git.1590079609.a2ae6ab/roles/octavia-common/vars0707010000004B000081A40000000000000000000000015EC6B079000002F0000000000000000000000000000000000000004D00000000ardana-octavia-9.0+git.1590079609.a2ae6ab/roles/octavia-common/vars/main.yml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017-2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
systemd_service_dir: /etc/systemd/system/
octavia_common_rundir_service: octavia-common-rundir.service
0707010000004C000041ED0000000000000000000000055EC6B07900000000000000000000000000000000000000000000004700000000ardana-octavia-9.0+git.1590079609.a2ae6ab/roles/octavia-health-manager0707010000004D000041ED0000000000000000000000025EC6B07900000000000000000000000000000000000000000000005000000000ardana-octavia-9.0+git.1590079609.a2ae6ab/roles/octavia-health-manager/defaults0707010000004E000081A40000000000000000000000015EC6B079000002F1000000000000000000000000000000000000005900000000ardana-octavia-9.0+git.1590079609.a2ae6ab/roles/octavia-health-manager/defaults/main.yml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# This file will contain the default values for the octavia server
---
octavia_component: octavia-health-manager
0707010000004F000041ED0000000000000000000000025EC6B07900000000000000000000000000000000000000000000004D00000000ardana-octavia-9.0+git.1590079609.a2ae6ab/roles/octavia-health-manager/tasks07070100000050000081A40000000000000000000000015EC6B079000004A8000000000000000000000000000000000000005B00000000ardana-octavia-9.0+git.1590079609.a2ae6ab/roles/octavia-health-manager/tasks/configure.yml#
# (c) Copyright 2016-2017 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- include: ../../octavia-common/tasks/create_systemd_service.yml
octavia_service_cmd: "octavia-health-manager"
octavia_service_cmd_args: "--config-file={{ octavia_conf_dir }}/octavia-health-manager.conf"
- name: octavia-health-manager | configure | set octavia log file ownership
become: yes
file:
path: "{{ octavia_log_dir }}/{{ item }}"
owner: "{{ octavia_user }}"
group: "{{ octavia_log_file_group }}"
mode: 0640
state: touch
with_items:
- octavia-health-manager.log
- octavia-health-manager-json.log
07070100000051000081A40000000000000000000000015EC6B07900000497000000000000000000000000000000000000005700000000ardana-octavia-9.0+git.1590079609.a2ae6ab/roles/octavia-health-manager/tasks/start.yml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- name: octavia-health-manager | start | Restart the octavia-health-manager
service: name=octavia-health-manager state=restarted
when: (ardana_notify_octavia_restart_required is defined and
ardana_notify_octavia_restart_required.changed) or
(ardana_notify_octavia_health_manager_restart_required is defined and
ardana_notify_octavia_health_manager_restart_required.changed)
- name: octavia-health-manager | start | Start the octavia-health-manager
service: name=octavia-health-manager state=started
07070100000052000081A40000000000000000000000015EC6B079000002BE000000000000000000000000000000000000005800000000ardana-octavia-9.0+git.1590079609.a2ae6ab/roles/octavia-health-manager/tasks/status.yml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- include: ../../octavia-common/tasks/_service_status.yml
07070100000053000081A40000000000000000000000015EC6B07900000301000000000000000000000000000000000000005600000000ardana-octavia-9.0+git.1590079609.a2ae6ab/roles/octavia-health-manager/tasks/stop.yml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- name: octavia-health-manager | stop | Stop the octavia-health-manager
service: name=octavia-health-manager state=stopped
07070100000054000041ED0000000000000000000000025EC6B07900000000000000000000000000000000000000000000004C00000000ardana-octavia-9.0+git.1590079609.a2ae6ab/roles/octavia-health-manager/vars07070100000055000081A40000000000000000000000015EC6B07900000283000000000000000000000000000000000000005500000000ardana-octavia-9.0+git.1590079609.a2ae6ab/roles/octavia-health-manager/vars/main.yml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
07070100000056000041ED0000000000000000000000055EC6B07900000000000000000000000000000000000000000000004500000000ardana-octavia-9.0+git.1590079609.a2ae6ab/roles/octavia-housekeeping07070100000057000041ED0000000000000000000000025EC6B07900000000000000000000000000000000000000000000004E00000000ardana-octavia-9.0+git.1590079609.a2ae6ab/roles/octavia-housekeeping/defaults07070100000058000081A40000000000000000000000015EC6B079000002EF000000000000000000000000000000000000005700000000ardana-octavia-9.0+git.1590079609.a2ae6ab/roles/octavia-housekeeping/defaults/main.yml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# This file will contain the default values for the octavia server
---
octavia_component: octavia-housekeeping
07070100000059000041ED0000000000000000000000025EC6B07900000000000000000000000000000000000000000000004B00000000ardana-octavia-9.0+git.1590079609.a2ae6ab/roles/octavia-housekeeping/tasks0707010000005A000081A40000000000000000000000015EC6B0790000049E000000000000000000000000000000000000005900000000ardana-octavia-9.0+git.1590079609.a2ae6ab/roles/octavia-housekeeping/tasks/configure.yml#
# (c) Copyright 2016-2017 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- include: ../../octavia-common/tasks/create_systemd_service.yml
octavia_service_cmd: "octavia-housekeeping"
octavia_service_cmd_args: "--config-file={{ octavia_conf_dir }}/octavia-housekeeping.conf"
- name: octavia-housekeeping | configure | set octavia log file ownership
become: yes
file:
path: "{{ octavia_log_dir }}/{{ item }}"
owner: "{{ octavia_user }}"
group: "{{ octavia_log_file_group }}"
mode: 0640
state: touch
with_items:
- octavia-housekeeping.log
- octavia-housekeeping-json.log
0707010000005B000081A40000000000000000000000015EC6B07900000487000000000000000000000000000000000000005500000000ardana-octavia-9.0+git.1590079609.a2ae6ab/roles/octavia-housekeeping/tasks/start.yml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- name: octavia-housekeeping | start | Restart the octavia-housekeeping
service: name=octavia-housekeeping state=restarted
when: (ardana_notify_octavia_restart_required is defined and
ardana_notify_octavia_restart_required.changed) or
(ardana_notify_octavia_housekeeping_restart_required is defined and
ardana_notify_octavia_housekeeping_restart_required.changed)
- name: octavia-housekeeping | start | Start the octavia-housekeeping
service: name=octavia-housekeeping state=started
0707010000005C000081A40000000000000000000000015EC6B079000002BE000000000000000000000000000000000000005600000000ardana-octavia-9.0+git.1590079609.a2ae6ab/roles/octavia-housekeeping/tasks/status.yml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- include: ../../octavia-common/tasks/_service_status.yml
0707010000005D000081A40000000000000000000000015EC6B079000002FB000000000000000000000000000000000000005400000000ardana-octavia-9.0+git.1590079609.a2ae6ab/roles/octavia-housekeeping/tasks/stop.yml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- name: octavia-housekeeping | stop | Stop the octavia-housekeeping
service: name=octavia-housekeeping state=stopped
0707010000005E000041ED0000000000000000000000025EC6B07900000000000000000000000000000000000000000000004A00000000ardana-octavia-9.0+git.1590079609.a2ae6ab/roles/octavia-housekeeping/vars0707010000005F000081A40000000000000000000000015EC6B07900000283000000000000000000000000000000000000005300000000ardana-octavia-9.0+git.1590079609.a2ae6ab/roles/octavia-housekeeping/vars/main.yml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
07070100000060000041ED0000000000000000000000055EC6B07900000000000000000000000000000000000000000000004700000000ardana-octavia-9.0+git.1590079609.a2ae6ab/roles/octavia-post-configure07070100000061000041ED0000000000000000000000025EC6B07900000000000000000000000000000000000000000000005000000000ardana-octavia-9.0+git.1590079609.a2ae6ab/roles/octavia-post-configure/defaults07070100000062000081A40000000000000000000000015EC6B0790000039C000000000000000000000000000000000000005900000000ardana-octavia-9.0+git.1590079609.a2ae6ab/roles/octavia-post-configure/defaults/main.yml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
load_balancer_observer_role: "load-balancer_observer"
load_balancer_global_observer_role: "load-balancer_global_observer"
load_balancer_member_role: "load-balancer_member"
load_balancer_quota_admin_role: "load-balancer_quota_admin"
load_balancer_admin_role: "load-balancer_admin"
07070100000063000041ED0000000000000000000000025EC6B07900000000000000000000000000000000000000000000004C00000000ardana-octavia-9.0+git.1590079609.a2ae6ab/roles/octavia-post-configure/meta07070100000064000081A40000000000000000000000015EC6B079000002AA000000000000000000000000000000000000005500000000ardana-octavia-9.0+git.1590079609.a2ae6ab/roles/octavia-post-configure/meta/main.yml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
dependencies:
- role: octavia-common
07070100000065000041ED0000000000000000000000025EC6B07900000000000000000000000000000000000000000000004D00000000ardana-octavia-9.0+git.1590079609.a2ae6ab/roles/octavia-post-configure/tasks07070100000066000081A40000000000000000000000015EC6B07900000363000000000000000000000000000000000000005E00000000ardana-octavia-9.0+git.1590079609.a2ae6ab/roles/octavia-post-configure/tasks/db_configure.yml
#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- name: Octavia Post Configure | db_configure | Run Octavia DB sync
command: "{{ octavia_bin_dir }}/octavia-db-manage --config-file {{ octavia_conf_dir }}/octavia-api.conf upgrade head"
run_once_per: verb_hosts.OCT_API
07070100000067000081A40000000000000000000000015EC6B079000005B6000000000000000000000000000000000000006500000000ardana-octavia-9.0+git.1590079609.a2ae6ab/roles/octavia-post-configure/tasks/keystone_change_pwd.yml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- name: octavia-post-configure | keystone_change_pwd | Get a domain scoped token
keystone_v3:
endpoint: "{{ keystone_endpoint }}"
login_username: "{{ keystone_admin_user }}"
login_password: "{{ keystone_admin_password }}"
login_user_domain_name: "{{ keystone_default_domain }}"
login_domain_name: "{{ keystone_default_domain }}"
action: "token_get"
run_once: true
register: domain_scoped_token
- name: octavia-post-configure | keystone_change_pwd | Update octavia user password
keystone_v3:
login_token: "{{ domain_scoped_token.result }}"
endpoint: "{{ keystone_endpoint }}"
action: "reset_password_by_admin"
user_name: "{{ octavia_admin_user }}"
user_password: "{{ octavia_admin_password }}"
user_domain_name: "{{ octavia_user_domain_name }}"
run_once: true
07070100000068000081A40000000000000000000000015EC6B07900000E09000000000000000000000000000000000000005F00000000ardana-octavia-9.0+git.1590079609.a2ae6ab/roles/octavia-post-configure/tasks/keystone_conf.yml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017-2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# Octavia keystone configuration
---
- name: octavia-post-configure | keystone_conf | Get a domain scoped token
keystone_v3:
endpoint: "{{ keystone_endpoint }}"
login_username: "{{ keystone_admin_user }}"
login_password: "{{ keystone_admin_password }}"
login_user_domain_name: "{{ keystone_default_domain }}"
login_domain_name: "{{ keystone_default_domain }}"
action: "token_get"
run_once: true
register: domain_scoped_token
- name: octavia-post-configure | keystone_conf | Create Octavia Keystone Project
keystone_v3:
action: "create_project"
endpoint: "{{ keystone_endpoint }}"
project_name: "{{ octavia_project_name }}"
project_domain_name: "{{ octavia_project_domain_name }}"
login_token: "{{ domain_scoped_token.result }}"
run_once: true
register: project_id_result
- name: octavia-post-configure | keystone_conf | Set octavia_project_id fact
set_fact:
octavia_project_id: "{{ project_id_result.result['id'] }}"
when: project_id_result | success
- name: octavia-post-configure | keystone_conf | Create Octavia Keystone User
keystone_v3:
action: "create_user"
endpoint: "{{ keystone_endpoint }}"
login_token: "{{ domain_scoped_token.result }}"
user_name: "{{ octavia_admin_user }}"
user_password: "{{ octavia_admin_password }}"
user_domain_name: "{{ octavia_user_domain_name }}"
run_once: true
- name: octavia-post-configure | keystone_conf | Add role to Octavia Service User
keystone_v3:
action: "grant_project_role"
endpoint: "{{ keystone_endpoint }}"
login_token: "{{ domain_scoped_token.result }}"
project_name: "{{ octavia_project_name }}"
user_name: "{{ octavia_admin_user }}"
role_name: "{{ keystone.admin_role }}"
user_domain_name: "{{ octavia_user_domain_name }}"
project_domain_name: "{{ octavia_project_domain_name }}"
run_once: true
- name: octavia-post-configure | keystone_conf | Add neutron_admin role to Octavia User
keystone_v3:
action: "grant_project_role"
endpoint: "{{ keystone_endpoint }}"
login_token: "{{ domain_scoped_token.result }}"
project_name: "{{ octavia_project_name }}"
user_name: "{{ octavia_admin_user }}"
role_name: "{{ octavia_neutron_admin_role }}"
user_domain_name: "{{ octavia_user_domain_name }}"
project_domain_name: "{{ octavia_project_domain_name }}"
run_once: true
- name: octavia-post-configure | keystone_conf | Create Octavia specific roles
keystone_v3:
action: "create_role"
endpoint: "{{ keystone_endpoint }}"
login_token: "{{ domain_scoped_token.result }}"
role_name: "{{ item }}"
description: "Octavia Role: {{ item }} role (created via octavia deploy)"
with_items:
- "{{ load_balancer_observer_role }}"
- "{{ load_balancer_global_observer_role }}"
- "{{ load_balancer_member_role }}"
- "{{ load_balancer_quota_admin_role }}"
- "{{ load_balancer_admin_role }}"
run_once: True
07070100000069000081A40000000000000000000000015EC6B0790000033F000000000000000000000000000000000000006E00000000ardana-octavia-9.0+git.1590079609.a2ae6ab/roles/octavia-post-configure/tasks/neutron_to_octavia_migration.yml
#
# (c) Copyright 2020 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- name: Octavia Post Configure | neutron_to_octavia_migration |
Run Neutron to Octavia DB migration
command: "{{ octavia_bin_dir }}/nlbaas2octavia --config-file {{ octavia_conf_dir }}/nlbaas2octavia.conf"
run_once_per: verb_hosts.OCT_API
0707010000006A000081A40000000000000000000000015EC6B07900000670000000000000000000000000000000000000005C00000000ardana-octavia-9.0+git.1590079609.a2ae6ab/roles/octavia-post-configure/tasks/set_quotas.yml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2018 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# Set Quotas for Octavia Project
---
- name: octavia-post-configure | set_octavia_quotas | Set Octavia Quotas
shell: >
openstack quota set {{ octavia_project_name }} \
--floating-ips -1 \
--networks -1 \
--ports -1 \
--secgroups -1 \
--routers -1 \
--subnetpools -1 \
--secgroup-rules -1 \
--subnets -1 \
--fixed-ips -1 \
--cores -1 \
--instances -1 \
--ram -1
environment:
OS_AUTH_URL: "{{ octavia_auth_endpoint }}"
OS_USERNAME: "{{ keystone_admin_user }}"
OS_PASSWORD: "{{ keystone_admin_password }}"
OS_PROJECT_NAME: "{{ keystone_service_tenant }}"
OS_USER_DOMAIN_NAME: "{{ octavia_user_domain_name }}"
OS_PROJECT_DOMAIN_NAME: "{{ octavia_project_domain_name }}"
OS_ENDPOINT_TYPE: "{{ octavia_endpoint_type }}"
OS_REGION_NAME: "{{ octavia_region_name }}"
OS_CACERT: "{{ octavia_ca_file }}"
OS_IDENTITY_API_VERSION: "3"
OS_AUTH_VERSION: "3"
OS_INTERFACE: "internal"
run_once_per: verb_hosts.OCT_API
0707010000006B000041ED0000000000000000000000055EC6B07900000000000000000000000000000000000000000000003F00000000ardana-octavia-9.0+git.1590079609.a2ae6ab/roles/octavia-worker0707010000006C000041ED0000000000000000000000025EC6B07900000000000000000000000000000000000000000000004800000000ardana-octavia-9.0+git.1590079609.a2ae6ab/roles/octavia-worker/defaults0707010000006D000081A40000000000000000000000015EC6B079000002E9000000000000000000000000000000000000005100000000ardana-octavia-9.0+git.1590079609.a2ae6ab/roles/octavia-worker/defaults/main.yml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# This file will contain the default values for the octavia server
---
octavia_component: octavia-worker
0707010000006E000041ED0000000000000000000000025EC6B07900000000000000000000000000000000000000000000004500000000ardana-octavia-9.0+git.1590079609.a2ae6ab/roles/octavia-worker/tasks0707010000006F000081A40000000000000000000000015EC6B07900000480000000000000000000000000000000000000005300000000ardana-octavia-9.0+git.1590079609.a2ae6ab/roles/octavia-worker/tasks/configure.yml#
# (c) Copyright 2016-2017 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- include: ../../octavia-common/tasks/create_systemd_service.yml
octavia_service_cmd: "octavia-worker"
octavia_service_cmd_args: "--config-file={{ octavia_conf_dir }}/octavia-worker.conf"
- name: octavia-worker | configure | set octavia log file ownership
become: yes
file:
path: "{{ octavia_log_dir }}/{{ item }}"
owner: "{{ octavia_user }}"
group: "{{ octavia_log_file_group }}"
mode: 0640
state: touch
with_items:
- octavia-worker.log
- octavia-worker-json.log
07070100000070000081A40000000000000000000000015EC6B07900000457000000000000000000000000000000000000004F00000000ardana-octavia-9.0+git.1590079609.a2ae6ab/roles/octavia-worker/tasks/start.yml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- name: octavia-worker | start | Restart the octavia-worker
service: name=octavia-worker state=restarted
when: (ardana_notify_octavia_restart_required is defined and
ardana_notify_octavia_restart_required.changed) or
(ardana_notify_octavia_worker_restart_required is defined and
ardana_notify_octavia_worker_restart_required.changed)
- name: octavia-worker | start | Start the octavia-worker
service: name=octavia-worker state=started
07070100000071000081A40000000000000000000000015EC6B079000002BE000000000000000000000000000000000000005000000000ardana-octavia-9.0+git.1590079609.a2ae6ab/roles/octavia-worker/tasks/status.yml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- include: ../../octavia-common/tasks/_service_status.yml
07070100000072000081A40000000000000000000000015EC6B079000002E9000000000000000000000000000000000000004E00000000ardana-octavia-9.0+git.1590079609.a2ae6ab/roles/octavia-worker/tasks/stop.yml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
- name: octavia-worker | stop | Stop the octavia-worker
service: name=octavia-worker state=stopped
07070100000073000041ED0000000000000000000000025EC6B07900000000000000000000000000000000000000000000004400000000ardana-octavia-9.0+git.1590079609.a2ae6ab/roles/octavia-worker/vars07070100000074000081A40000000000000000000000015EC6B07900000283000000000000000000000000000000000000004D00000000ardana-octavia-9.0+git.1590079609.a2ae6ab/roles/octavia-worker/vars/main.yml#
# (c) Copyright 2016 Hewlett Packard Enterprise Development LP
# (c) Copyright 2017 SUSE LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
---
07070100000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000B00000000TRAILER!!!370 blocks
