diff --git a/defaults/main.yml b/defaults/main.yml index 9f523d69..b2ea4023 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -295,17 +295,6 @@ ceilometer_loadbalancer_v2_meter_definitions_default_file_path: "/etc/openstack_ ceilometer_osprofiler_event_definitions_default_file_path: "/etc/openstack_deploy/ceilometer/osprofiler_event_definitions.yaml" ceilometer_polling_default_file_path: "/etc/openstack_deploy/ceilometer/polling.yaml" -# If the above-mentioned files do not exist, then these -# paths will be used to find the files from the git config -# lookup location. -ceilometer_git_config_lookup_location: https://git.openstack.org/cgit/openstack/ceilometer/plain -ceilometer_data_meters_git_file_path: "ceilometer/data/meters.d/meters.yaml?h={{ ceilometer_git_install_branch }}" -ceilometer_event_definitions_git_file_path: "ceilometer/pipeline/data/event_definitions.yaml?h={{ ceilometer_git_install_branch }}" -ceilometer_gnocchi_resources_git_file_path: "ceilometer/publisher/data/gnocchi_resources.yaml?h={{ ceilometer_git_install_branch }}" -ceilometer_loadbalancer_v2_meter_definitions_git_file_path: "etc/ceilometer/examples/loadbalancer_v2_meter_definitions.yaml?h={{ ceilometer_git_install_branch }}" -ceilometer_osprofiler_event_definitions_git_file_path: "etc/ceilometer/examples/osprofiler_event_definitions.yaml?h={{ ceilometer_git_install_branch }}" -ceilometer_polling_git_file_path: "etc/ceilometer/polling.yaml?h={{ ceilometer_git_install_branch }}" - ## Tunable var-based overrides # The contents of these are templated over the default files. ceilometer_ceilometer_conf_overrides: {} diff --git a/files/rootwrap.d/ipmi.filters b/files/rootwrap.d/ipmi.filters deleted file mode 100644 index 2ef74b04..00000000 --- a/files/rootwrap.d/ipmi.filters +++ /dev/null @@ -1,7 +0,0 @@ -# ceilometer-rootwrap command filters for IPMI capable nodes -# This file should be owned by (and only-writeable by) the root user - -[Filters] -# ceilometer/ipmi/nodemanager/node_manager.py: 'ipmitool' -ipmitool: CommandFilter, ipmitool, root - diff --git a/releasenotes/notes/smart-sources-59cd0811dcf1ae49.yaml b/releasenotes/notes/smart-sources-59cd0811dcf1ae49.yaml new file mode 100644 index 00000000..67c6d59c --- /dev/null +++ b/releasenotes/notes/smart-sources-59cd0811dcf1ae49.yaml @@ -0,0 +1,16 @@ +--- +upgrade: + - | + Due to the smart-reources implementation, variables, related to custom git path + of exact config files were removed. Now all config files are taken from + upstream git repo, but overrides and client configs are still supported. + The following variables are not supported now: + * ceilometer_git_config_lookup_location + * ceilometer_data_meters_git_file_path + * ceilometer_event_definitions_git_file_path + * ceilometer_gnocchi_resources_git_file_path + * ceilometer_loadbalancer_v2_meter_definitions_git_file_path + * ceilometer_osprofiler_event_definitions_git_file_path + * ceilometer_polling_git_file_path + If you are maintaining custom ceilometer git repository, you still may use + ``ceilometer_git_repo`` variable, to provide url to your git repository. diff --git a/tasks/ceilometer_post_install.yml b/tasks/ceilometer_post_install.yml index ae8a38d6..a8ac6a65 100644 --- a/tasks/ceilometer_post_install.yml +++ b/tasks/ceilometer_post_install.yml @@ -13,19 +13,6 @@ # See the License for the specific language governing permissions and # limitations under the License. -- name: Retrieve default configuration files - uri: - url: "{{ item }}" - return_content: yes - with_items: - - "{{ ceilometer_git_config_lookup_location }}/{{ ceilometer_data_meters_git_file_path }}" - - "{{ ceilometer_git_config_lookup_location }}/{{ ceilometer_event_definitions_git_file_path }}" - - "{{ ceilometer_git_config_lookup_location }}/{{ ceilometer_gnocchi_resources_git_file_path }}" - - "{{ ceilometer_git_config_lookup_location }}/{{ ceilometer_loadbalancer_v2_meter_definitions_git_file_path }}" - - "{{ ceilometer_git_config_lookup_location }}/{{ ceilometer_osprofiler_event_definitions_git_file_path }}" - - "{{ ceilometer_git_config_lookup_location }}/{{ ceilometer_polling_git_file_path }}" - register: _git_file_fetch - - name: Copy ceilometer configuration files config_template: content: "{{ item.content | default(omit) }}" @@ -47,53 +34,58 @@ config_overrides: "{{ ceilometer_pipeline_yaml_overrides }}" config_type: "yaml" list_extend: false - - src: "rootwrap.conf.j2" - dest: "/etc/ceilometer/rootwrap.conf" - owner: "root" - group: "root" - config_overrides: "{{ ceilometer_rootwrap_conf_overrides }}" - config_type: "ini" - - dest: "/etc/ceilometer/loadbalancer_v2_meter_definitions.yaml" - config_overrides: "{{ ceilometer_loadbalancer_v2_meter_definitions_yaml_overrides }}" - config_type: "yaml" - list_extend: false - content: "{{ ceilometer_loadbalancer_v2_meter_definitions_user_content | default(ceilometer_loadbalancer_v2_meter_definitions_default_content, true) }}" - - dest: "/etc/ceilometer/osprofiler_event_definitions.yaml" - config_overrides: "{{ ceilometer_osprofiler_event_definitions_yaml_overrides }}" - config_type: "yaml" - list_extend: false - content: "{{ ceilometer_osprofiler_event_definitions_user_content | default(ceilometer_osprofiler_event_definitions_default_content, true) }}" - - dest: "/etc/ceilometer/polling.yaml" - config_overrides: "{{ ceilometer_polling_yaml_overrides }}" - config_type: "yaml" - list_extend: false - content: "{{ ceilometer_polling_user_content | default(ceilometer_polling_default_content, true) }}" - - dest: "{{ ceilometer_lib_dir }}/ceilometer/data/meters.d/meters.yaml" - config_overrides: "{{ ceilometer_data_meters_yaml_overrides }}" - config_type: "yaml" - list_extend: false - content: "{{ ceilometer_data_meters_user_content | default(ceilometer_data_meters_default_content, true) }}" - - dest: "{{ ceilometer_lib_dir }}/ceilometer/pipeline/data/event_definitions.yaml" - config_overrides: "{{ ceilometer_event_definitions_yaml_overrides }}" - config_type: "yaml" - list_extend: false - content: "{{ ceilometer_event_definitions_user_content | default(ceilometer_event_definitions_default_content, true) }}" - - dest: "{{ ceilometer_lib_dir }}/ceilometer/publisher/data/gnocchi_resources.yaml" - config_overrides: "{{ ceilometer_gnocchi_resources_yaml_overrides }}" - config_type: "yaml" - list_extend: false - content: "{{ ceilometer_gnocchi_resources_user_content | default(ceilometer_gnocchi_resources_default_content, true) }}" notify: - Restart ceilometer services -- name: Copy rootwrap filters - copy: - src: "{{ item }}" - dest: "/etc/ceilometer/rootwrap.d/" +# NOTE(cloudnull): This is using "cp" instead of copy with a remote_source +# because we only want to copy the original files once. and we +# don't want to need multiple tasks. +- name: Preserve original configuration file(s) + command: "cp {{ item.source_f }} {{ item.source_f }}.original" + args: + creates: "{{ item.source_f }}.original" + with_items: "{{ ceilometer_core_files }}" + when: "{{ item.condition | default(True) }}" + +- name: Fetch override files + fetch: + src: "{{ item.source_f }}.original" + dest: "{{ item.tmp_f }}" + flat: yes + changed_when: false + with_items: "{{ ceilometer_core_files }}" + when: "{{ item.condition | default(True) }}" + run_once: true + +- name: Copy common config + config_template: + src: "{{ item.tmp_f }}" + dest: "{{ item.target_f | default(item.source_f) }}" + owner: "{{ item.owner | default(ceilometer_system_user_name) }}" + group: "{{ item.group | default(ceilometer_system_group_name) }}" + mode: "{{ item.mode | default('0640') }}" + config_overrides: "{{ item.config_overrides }}" + config_type: "{{ item.config_type }}" + content: "{{ item.content | default(omit) }}" + with_items: "{{ ceilometer_core_files }}" + when: "{{ item.condition | default(True) }}" + notify: + - Restart ceilometer services + +- name: Cleanup fetched temp files + file: + path: "{{ item.tmp_f }}" + state: absent + changed_when: false + delegate_to: localhost + with_items: "{{ ceilometer_core_files }}" + when: "{{ item.condition | default(True) }}" + +# NOTE(cloudnull): This will ensure strong permissions on all rootwrap files. +- name: Set rootwrap.d permissions + file: + path: "/etc/ceilometer/rootwrap.d" owner: "root" group: "root" - with_fileglob: - - rootwrap.d/* - notify: - - Restart ceilometer services - + mode: "0640" + recurse: true diff --git a/tasks/ceilometer_pre_install.yml b/tasks/ceilometer_pre_install.yml index d3569dda..a967dec7 100644 --- a/tasks/ceilometer_pre_install.yml +++ b/tasks/ceilometer_pre_install.yml @@ -40,17 +40,57 @@ home: "{{ swift_system_home_folder }}" when: swift_ceilometer_enabled | bool + +# NOTE(cloudnull): During an upgrade the local directory may exist on a source +# install. If the directory does exist it will need to be +# removed. This is required on source installs because the +# config directory is a link. +- name: Source config block + block: + - name: Stat config directory + stat: + path: "/etc/ceilometer" + register: ceilometer_conf_dir_stat + + - name: Remove the config directory + file: + path: "/etc/cinder" + state: absent + when: + - ceilometer_conf_dir_stat.stat.isdir is defined and + ceilometer_conf_dir_stat.stat.isdir + when: + - ceilometer_install_method == 'source' + - name: Create ceilometer dir file: - path: "{{ item.path }}" - state: directory + path: "{{ item.path | default(omit) }}" + src: "{{ item.src | default(omit) }}" + dest: "{{ item.dest | default(omit) }}" + state: "{{ item.state | default('directory') }}" owner: "{{ item.owner|default(ceilometer_system_user_name) }}" group: "{{ item.group|default(ceilometer_system_group_name) }}" - mode: "{{ item.mode|default('0755') }}" + mode: "{{ item.mode | default(omit) }}" + force: "{{ item.force | default(omit) }}" + when: + - (item.condition | default(true)) | bool with_items: - - { path: "/openstack", owner: "root", group: "root" } - - { path: "/etc/ceilometer" } - - { path: "/etc/ceilometer/rootwrap.d", owner: "root", group: "root" } - - { path: "{{ ceilometer_system_user_home }}" } - - { path: "{{ ceilometer_system_user_home }}/.ssh", mode: "0700" } - - { path: "/var/cache/ceilometer", mode: "0700" } + - path: "/openstack" + owner: "root" + group: "root" + mode: "0755" + - path: "/var/cache/ceilometer" + mode: "0700" + - path: "{{ (ceilometer_install_method == 'distro') | ternary('/etc/ceilometer', (ceilometer_bin | dirname) + '/etc/ceilometer') }}" + mode: "0755" + - path: "/etc/ceilometer" + src: "{{ ceilometer_bin | dirname | regex_replace('^/', '../') }}/etc/ceilometer" + state: link + force: true + condition: "{{ ceilometer_install_method == 'source' }}" + - path: "/etc/ceilometer/rootwrap.d" + owner: "root" + group: "root" + - path: "{{ ceilometer_system_user_home }}" + - path: "{{ ceilometer_system_user_home }}/.ssh" + mode: "0700" diff --git a/templates/rootwrap.conf.j2 b/templates/rootwrap.conf.j2 deleted file mode 100644 index 3724f388..00000000 --- a/templates/rootwrap.conf.j2 +++ /dev/null @@ -1,27 +0,0 @@ -# Configuration for ceilometer-rootwrap -# This file should be owned by (and only-writeable by) the root user - -[DEFAULT] -# List of directories to load filter definitions from (separated by ','). -# These directories MUST all be only writeable by root ! -filters_path=/etc/ceilometer/rootwrap.d,/usr/share/ceilometer/rootwrap - -# List of directories to search executables in, in case filters do not -# explicitely specify a full path (separated by ',') -# If not specified, defaults to system PATH environment variable. -# These directories MUST all be only writeable by root ! -exec_dirs={{ ceilometer_bin }},/sbin,/usr/sbin,/bin,/usr/bin,/usr/local/sbin,/usr/local/bin - -# Enable logging to syslog -# Default value is False -use_syslog=False - -# Which syslog facility to use. -# Valid values include auth, authpriv, syslog, user0, user1... -# Default value is 'syslog' -syslog_log_facility=syslog - -# Which messages to log. -# INFO means log all usage -# ERROR means only log unsuccessful attempts -syslog_log_level=ERROR diff --git a/vars/main.yml b/vars/main.yml index 8c879278..f9248cac 100644 --- a/vars/main.yml +++ b/vars/main.yml @@ -21,16 +21,56 @@ ceilometer_loadbalancer_v2_meter_definitions_user_content: "{{ lookup('pipe', 'c ceilometer_osprofiler_event_definitions_user_content: "{{ lookup('pipe', 'cat ' ~ ceilometer_osprofiler_event_definitions_default_file_path ~ ' 2>/dev/null || true') }}" ceilometer_polling_user_content: "{{ lookup('pipe', 'cat ' ~ ceilometer_polling_default_file_path ~ ' 2>/dev/null || true') }}" -# These vars find the appropriate result content from the with_items loop -ceilometer_data_meters_default_content: | - {{ _git_file_fetch.results | selectattr('item', 'equalto', ceilometer_git_config_lookup_location ~ '/' ~ ceilometer_data_meters_git_file_path) | map(attribute='content') | first }} -ceilometer_event_definitions_default_content: | - {{ _git_file_fetch.results | selectattr('item', 'equalto', ceilometer_git_config_lookup_location ~ '/' ~ ceilometer_event_definitions_git_file_path) | map(attribute='content') | first }} -ceilometer_gnocchi_resources_default_content: | - {{ _git_file_fetch.results | selectattr('item', 'equalto', ceilometer_git_config_lookup_location ~ '/' ~ ceilometer_gnocchi_resources_git_file_path) | map(attribute='content') | first }} -ceilometer_loadbalancer_v2_meter_definitions_default_content: | - {{ _git_file_fetch.results | selectattr('item', 'equalto', ceilometer_git_config_lookup_location ~ '/' ~ ceilometer_loadbalancer_v2_meter_definitions_git_file_path) | map(attribute='content') | first }} -ceilometer_osprofiler_event_definitions_default_content: | - {{ _git_file_fetch.results | selectattr('item', 'equalto', ceilometer_git_config_lookup_location ~ '/' ~ ceilometer_osprofiler_event_definitions_git_file_path) | map(attribute='content') | first }} -ceilometer_polling_default_content: | - {{ _git_file_fetch.results | selectattr('item', 'equalto', ceilometer_git_config_lookup_location ~ '/' ~ ceilometer_polling_git_file_path) | map(attribute='content') | first }} +_ceilometer_rootwrap_conf_overrides: + DEFAULT: + filters_path: "/etc/ceilometer/rootwrap.d,/usr/share/ceilometer/rootwrap" + exec_dirs: "{{ ceilometer_bin }},/sbin,/usr/sbin,/bin,/usr/bin,/usr/local/bin,/usr/local/sbin" + +ceilometer_core_files: + - tmp_f: "/tmp/rootwrap.conf" + source_f: "/etc/ceilometer/rootwrap.conf" + config_overrides: "{{ _ceilometer_rootwrap_conf_overrides | combine(ceilometer_rootwrap_conf_overrides, recursive=True) }}" + config_type: "ini" + owner: "root" + group: "{{ ceilometer_system_group_name }}" + mode: "0640" + - tmp_f: "/tmp/polling.yaml" + source_f: "/etc/ceilometer/polling.yaml" + config_overrides: "{{ ceilometer_polling_yaml_overrides }}" + config_type: "yaml" + list_extend: false + content: "{{ ceilometer_polling_user_content }}" + - tmp_f: "/tmp/loadbalancer_v2_meter_definitions.yaml" + source_f: "/etc/ceilometer/examples/loadbalancer_v2_meter_definitions.yaml" + target_f: "/etc/ceilometer/loadbalancer_v2_meter_definitions.yaml" + config_overrides: "{{ ceilometer_loadbalancer_v2_meter_definitions_yaml_overrides }}" + config_type: "yaml" + list_extend: false + content: "{{ ceilometer_loadbalancer_v2_meter_definitions_user_content }}" + condition: "{{ ceilometer_install_method == 'source' }}" + - tmp_f: "/tmp/osprofiler_event_definitions.yaml" + source_f: "/etc/ceilometer/examples/osprofiler_event_definitions.yaml" + target_f: "/etc/ceilometer/osprofiler_event_definitions.yaml" + config_overrides: "{{ ceilometer_osprofiler_event_definitions_yaml_overrides }}" + config_type: "yaml" + list_extend: false + content: "{{ ceilometer_osprofiler_event_definitions_user_content }}" + condition: "{{ ceilometer_install_method == 'source' }}" + - tmp_f: "/tmp/meters.yaml" + source_f: "{{ ceilometer_lib_dir }}/ceilometer/data/meters.d/meters.yaml" + config_overrides: "{{ ceilometer_data_meters_yaml_overrides }}" + config_type: "yaml" + list_extend: false + content: "{{ ceilometer_data_meters_user_content }}" + - tmp_f: "/tmp/event_definitions.yaml" + source_f: "{{ ceilometer_lib_dir }}/ceilometer/pipeline/data/event_definitions.yaml" + config_overrides: "{{ ceilometer_event_definitions_yaml_overrides }}" + config_type: "yaml" + list_extend: false + content: "{{ ceilometer_event_definitions_user_content }}" + - tmp_f: "/tmp/gnocchi_resources.yaml" + source_f: "{{ ceilometer_lib_dir }}/ceilometer/publisher/data/gnocchi_resources.yaml" + config_overrides: "{{ ceilometer_gnocchi_resources_yaml_overrides }}" + config_type: "yaml" + list_extend: false + content: "{{ ceilometer_gnocchi_resources_user_content }}"