23 lines
805 B
YAML
23 lines
805 B
YAML
---
|
|
- hosts: Compute
|
|
vars:
|
|
metadata:
|
|
name: Verify NoOpFirewallDriver is set in Nova
|
|
description: >
|
|
When using Neutron, the `firewall_driver` option in Nova must be set to
|
|
`NoopFirewallDriver`.
|
|
groups:
|
|
- post-deployment
|
|
tasks:
|
|
- name: Read the `firewall_driver` value
|
|
become: true
|
|
ini: path=/etc/nova/nova.conf section=DEFAULT key=firewall_driver
|
|
register: nova_firewall_driver
|
|
- name: Verify `firewall_driver` is set to `NoopFirewallDriver`
|
|
fail:
|
|
msg: >
|
|
The firewall_driver value in /etc/nova/nova.conf is
|
|
{{ nova_firewall_driver.value or 'unset' }}, but it must be set to:
|
|
nova.virt.firewall.NoopFirewallDriver
|
|
failed_when: "{{ nova_firewall_driver.value != 'nova.virt.firewall.NoopFirewallDriver' }}"
|