-
Notifications
You must be signed in to change notification settings - Fork 70
/
Copy pathconfigure.yml
138 lines (124 loc) · 4.41 KB
/
configure.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
---
# Copyright 2023 Red Hat, Inc.
# All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
- name: Gather user fact
ansible.builtin.setup:
gather_subset:
- "!all"
- "!min"
- "user"
when:
- ansible_user is undefined
- name: Create ceilometer config dir
become: true
ansible.builtin.file:
path: "{{ item.path }}"
state: directory
setype: "{{ item.setype | default('container_file_t') }}"
owner: "{{ ansible_user | default(ansible_user_id) }}"
group: "{{ ansible_user | default(ansible_user_id) }}"
mode: "{{ item.mode | default('0750') }}"
recurse: true
loop:
- {"path": "{{ edpm_telemetry_config_dest }}"}
- name: Determine if cacert file exists
ansible.builtin.stat:
path: "{{ edpm_telemetry_cacerts }}/tls-ca-bundle.pem"
register: ca_bundle_stat_res
- name: Render ceilometer config files
tags:
- edpm_telemetry
ansible.builtin.template:
src: "{{ item.src }}"
dest: "{{ edpm_telemetry_config_dest }}/{{ item.dest }}"
setype: "container_file_t"
mode: "0644"
loop:
- {"src": "ceilometer-host-specific.conf.j2", "dest": "ceilometer-host-specific.conf"}
- name: Configure ceilometer user and group on the host
ansible.builtin.import_role:
name: edpm_users
vars:
edpm_users_users:
# 42405 is matching with the uid and gid created by kolla in the ceilometer containers
- {"name": "ceilometer", "uid": "42405", "gid": "42405", "shell": "/sbin/nologin", "comment": "ceilometer user", "groups": "libvirt"}
edpm_users_extra_dirs: []
- name: Gather ceilometer config files
ansible.builtin.set_fact:
configs:
- "src": "{{ edpm_telemetry_config_src }}/ceilometer.conf"
"dest": "{{ edpm_telemetry_config_dest }}/ceilometer.conf"
- "src": "{{ edpm_telemetry_config_src }}/polling.yaml"
"dest": "{{ edpm_telemetry_config_dest }}/polling.yaml"
- name: Check for custom.conf existence
ansible.builtin.stat:
path: "{{ edpm_telemetry_config_src }}/custom.conf"
delegate_to: localhost
register: custom_ceilometer_conf
- name: Append custom.conf to config files
ansible.builtin.set_fact:
configs: "{{ configs + [{'src': edpm_telemetry_config_src + '/custom.conf', 'dest': edpm_telemetry_config_dest + '/custom.conf'}] }}"
when: custom_ceilometer_conf.stat.exists
- name: Copy generated ceilometer configs
ansible.builtin.copy:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
mode: "{{ item.mode | default('0640') }}"
remote_src: "{{ telemetry_test | default('false') }}"
loop: "{{ configs }}"
- name: Check that tls.crt exists
ansible.builtin.stat:
path: "{{ edpm_telemetry_certs }}/tls.crt"
register: tls_crt_stat
- name: Check that tls.key exists
ansible.builtin.stat:
path: "{{ edpm_telemetry_certs }}/tls.key"
register: tls_key_stat
- name: Render container config templates
ansible.builtin.template:
src: "{{ item }}"
dest: "{{ edpm_telemetry_config_dest }}/{{ item | basename | regex_replace('\\.j2$', '') }}"
mode: 0644
with_fileglob:
- ../templates/*.j2
vars:
ca_bundle_exists: "{{ ca_bundle_stat_res.stat.exists }}"
tls_cert_exists: "{{ tls_crt_stat.stat.exists and tls_key_stat.stat.exists }}"
- name: Configure tls if present
when:
- tls_crt_stat.stat.exists and tls_key_stat.stat.exists
block:
- name: Create config file for exporters
ansible.builtin.include_tasks:
file: exporter_tls.yml
loop:
- node_exporter
- podman_exporter
loop_control:
loop_var: exporter
- name: Change the owner of the crt
become: true
ansible.builtin.file:
path: "{{ edpm_telemetry_certs }}/tls.crt"
mode: "0644"
owner: ceilometer
group: ceilometer
- name: Change the owner of the key
become: true
ansible.builtin.file:
path: "{{ edpm_telemetry_certs }}/tls.key"
mode: "0644"
owner: ceilometer
group: ceilometer