From a08257f0aee5795ac27765c3ba34a30f881bd4a8 Mon Sep 17 00:00:00 2001 From: Martin Schuppert Date: Tue, 29 Jan 2019 15:13:06 +0100 Subject: [PATCH] Remove postsave_cmd and restart libvirt on cert files change Qemu certs are note used by libvirt and therefore does not need a restart. In case certs gets renewed, right now qemu processes (instances) need to be restarted. This removes the postsave_cmd and also restart libvirt on cert file change. Change-Id: I1a72265b369271f7bdfd3aaa143aad14a861a90a --- manifests/certmonger/qemu.pp | 7 +------ .../notes/qemu_remove_postsave_cmd-07ad04ac44d7b706.yaml | 7 +++++++ 2 files changed, 8 insertions(+), 6 deletions(-) create mode 100644 releasenotes/notes/qemu_remove_postsave_cmd-07ad04ac44d7b706.yaml diff --git a/manifests/certmonger/qemu.pp b/manifests/certmonger/qemu.pp index a780f65e4..f6f23e02a 100644 --- a/manifests/certmonger/qemu.pp +++ b/manifests/certmonger/qemu.pp @@ -37,7 +37,6 @@ # # [*postsave_cmd*] # (Optional) Specifies the command to execute after requesting a certificate. -# If nothing is given, it will default to: "systemctl reload ${service name}" # Defaults to undef. # # [*principal*] @@ -60,7 +59,6 @@ define tripleo::certmonger::qemu ( include ::certmonger include ::nova::params - $postsave_cmd_real = pick($postsave_cmd, "systemctl reload ${::nova::params::libvirt_service_name}") certmonger_certificate { $name : ensure => 'present', certfile => $service_certificate, @@ -68,7 +66,7 @@ define tripleo::certmonger::qemu ( hostname => $hostname, dnsname => $hostname, principal => $principal, - postsave_cmd => $postsave_cmd_real, + postsave_cmd => $postsave_cmd, ca => $certmonger_ca, cacertfile => $cacertfile, wait => true, @@ -85,7 +83,4 @@ define tripleo::certmonger::qemu ( group => 'qemu', mode => '0640' } - - File[$service_certificate] ~> Service<| title == $::nova::params::libvirt_service_name |> - File[$service_key] ~> Service<| title == $::nova::params::libvirt_service_name |> } diff --git a/releasenotes/notes/qemu_remove_postsave_cmd-07ad04ac44d7b706.yaml b/releasenotes/notes/qemu_remove_postsave_cmd-07ad04ac44d7b706.yaml new file mode 100644 index 000000000..75ae9c991 --- /dev/null +++ b/releasenotes/notes/qemu_remove_postsave_cmd-07ad04ac44d7b706.yaml @@ -0,0 +1,7 @@ +--- +fixes: + - | + qemu certs are note used by libvirt and therefore does not need a restart. + In case certs gets renewed, right now qemu processes (instances) need to be + restarted. This removes the postsave_cmd and also restart libvirt on cert + file change.