Change ordering of /etc/ operations to improve upgrades
This change matches an earlier modification to os_neutron Currently we symlink /etc/<service> to empty directory at pre-stage, and filling it with config only during post_install. This means, that policies and rootwrap filters are not working properly until playbook execution finish. Additionally, we replace sudoers file with new path in it, which makes current operations impossible for the service, since rootwrap can not gain sudo privileges. With this change we move symlinking and rootwrap steps to handlers, which means that we will do replace configs while service is stopped. During post_install we place all of the configs inside the venv, which is versioned at the moment. This way we minimise downtime of the service while performing upgrades Closes-Bug: #2056180 Change-Id: I9c8212408c21e09895ee5805011aecb40b689a13
This commit is contained in:
8 changed files with 56 additions and 61 deletions
@@ -13,6 +13,9 @@
# See the License for the specific language governing permissions and
# limitations under the License.
nova_conf_dir:/etc/nova
nova_conf_version_dir:"{{ (nova_install_method == 'distro') | ternary(nova_conf_dir, (nova_bin | dirname) + nova_conf_dir) }}"
_nova_is_first_play_host:>-
{{
(nova_services['nova-conductor']['group'] in group_names and
@@ -119,16 +122,16 @@ nova_mount_points: |-
_nova_rootwrap_conf_overrides:
DEFAULT:
filters_path:"/etc/nova/rootwrap.d,/usr/share/nova/rootwrap"
filters_path:"{{ nova_conf_dir }}/rootwrap.d,/usr/share/nova/rootwrap"
exec_dirs:"{{ nova_bin }},/sbin,/usr/sbin,/bin,/usr/bin,/usr/local/bin,/usr/local/sbin"
nova_core_files:
- tmp_f:"/tmp/api-paste.ini"
target_f:"/etc/nova/api-paste.ini"
target_f:"{{ nova_conf_version_dir }}/api-paste.ini"
config_overrides:"{{ nova_api_paste_ini_overrides }}"
config_type:"ini"
- tmp_f:"/tmp/rootwrap.conf"
target_f:"/etc/nova/rootwrap.conf"
target_f:"{{ nova_conf_version_dir }}/rootwrap.conf"
config_overrides:"{{ _nova_rootwrap_conf_overrides | combine(nova_rootwrap_conf_overrides, recursive=True) }}"
config_type:"ini"
owner:"root"
Reference in New Issue
Block a user
Blocking a user prevents them from interacting with repositories, such as opening or commenting on pull requests or issues. Learn more about blocking a user.