diff options
| -rw-r--r-- | deploy/adapters/ansible/roles/config-osa/files/fetch-files.yml (renamed from deploy/adapters/ansible/roles/config-osa/files/fetch-openrc.yml) | 10 | ||||
| -rw-r--r-- | deploy/adapters/ansible/roles/config-osa/files/http.yml | 25 | ||||
| -rw-r--r-- | deploy/adapters/ansible/roles/config-osa/tasks/main.yml | 11 | ||||
| -rw-r--r-- | deploy/adapters/ansible/roles/config-osa/templates/user_variables.yml.j2 | 1 | ||||
| -rw-r--r-- | deploy/adapters/ansible/roles/post-openstack/tasks/main.yml | 13 |
5 files changed, 20 insertions, 40 deletions
diff --git a/deploy/adapters/ansible/roles/config-osa/files/fetch-openrc.yml b/deploy/adapters/ansible/roles/config-osa/files/fetch-files.yml index 1251cbf1..346ef2fd 100644 --- a/deploy/adapters/ansible/roles/config-osa/files/fetch-openrc.yml +++ b/deploy/adapters/ansible/roles/config-osa/files/fetch-files.yml @@ -16,3 +16,13 @@ src: /root/openrc dest: /opt/openrc flat: "yes" + +- name: Fetch haproxy.cert + hosts: haproxy_hosts[0] + max_fail_percentage: 20 + user: root + tasks: + - fetch: + src: /etc/ssl/certs/haproxy.cert + dest: /opt/os_cacert + flat: "yes" diff --git a/deploy/adapters/ansible/roles/config-osa/files/http.yml b/deploy/adapters/ansible/roles/config-osa/files/http.yml deleted file mode 100644 index d5c1e64e..00000000 --- a/deploy/adapters/ansible/roles/config-osa/files/http.yml +++ /dev/null @@ -1,25 +0,0 @@ -# ############################################################################# -# Copyright (c) 2017 HUAWEI TECHNOLOGIES CO.,LTD and others. -# -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -# ############################################################################# ---- -- name: change https to http in haproxy configuratio - hosts: network_hosts - gather_facts: "{{ gather_facts | default(True) }}" - max_fail_percentage: 20 - user: root - tasks: - - name: change the haproxy configuration - shell: "sed -i 's/ssl crt.*//g' /etc/haproxy/haproxy.cfg; - sed -i 's/https$/http/g' /etc/haproxy/haproxy.cfg" - when: openstack_service_publicuri_proto == "http" - - - name: restart haproxy service - service: - name: haproxy - state: restarted - when: openstack_service_publicuri_proto == "http" diff --git a/deploy/adapters/ansible/roles/config-osa/tasks/main.yml b/deploy/adapters/ansible/roles/config-osa/tasks/main.yml index e66ea949..b86a3205 100644 --- a/deploy/adapters/ansible/roles/config-osa/tasks/main.yml +++ b/deploy/adapters/ansible/roles/config-osa/tasks/main.yml @@ -76,12 +76,7 @@ src: create-flavor.yml.j2 dest: /opt/openstack-ansible/playbooks/create-flavor.yml -- name: copy http.yml +- name: copy fetch-files.yml copy: - src: http.yml - dest: /opt/openstack-ansible/playbooks/http.yml - -- name: copy fetch-openrc.yml - copy: - src: fetch-openrc.yml - dest: /opt/openstack-ansible/playbooks/fetch-openrc.yml + src: fetch-files.yml + dest: /opt/openstack-ansible/playbooks/fetch-files.yml diff --git a/deploy/adapters/ansible/roles/config-osa/templates/user_variables.yml.j2 b/deploy/adapters/ansible/roles/config-osa/templates/user_variables.yml.j2 index 5157f758..7f29d5fe 100644 --- a/deploy/adapters/ansible/roles/config-osa/templates/user_variables.yml.j2 +++ b/deploy/adapters/ansible/roles/config-osa/templates/user_variables.yml.j2 @@ -21,7 +21,6 @@ # # Debug and Verbose options. debug: false -openstack_service_publicuri_proto: http haproxy_keepalived_external_vip_cidr: "{{ public_vip.ip }}/32" haproxy_keepalived_internal_vip_cidr: "10.1.0.22/32" haproxy_keepalived_external_interface: br-vlan diff --git a/deploy/adapters/ansible/roles/post-openstack/tasks/main.yml b/deploy/adapters/ansible/roles/post-openstack/tasks/main.yml index 8140cee7..3641faeb 100644 --- a/deploy/adapters/ansible/roles/post-openstack/tasks/main.yml +++ b/deploy/adapters/ansible/roles/post-openstack/tasks/main.yml @@ -23,15 +23,16 @@ cd /opt/openstack-ansible/playbooks; \ openstack-ansible create-flavor.yml > /dev/null" -- name: change https to http - shell: "export ANSIBLE_LOG_PATH=/var/ansible/run/openstack_ocata-opnfv2/ansible.log; \ - cd /opt/openstack-ansible/playbooks; \ - openstack-ansible http.yml > /dev/null" - - name: run ansible yml to fetch openrc shell: "export ANSIBLE_LOG_PATH=/var/ansible/run/openstack_ocata-opnfv2/ansible.log; \ cd /opt/openstack-ansible/playbooks; \ - openstack-ansible fetch-openrc.yml > /dev/null" + openstack-ansible fetch-files.yml > /dev/null" + +- name: replace http with https in openrc + replace: + dest: /opt/openrc + regexp: "http://" + replace: "https://" - name: replace internalURL with publicURL in openrc replace: |