Fail if TLS + TCP are enabled for libvirtd

This patch fails the playbook if TLS and TCP connectivity are both enabled. The role does not set certificates for libvirtd at this time and these configurations will cause libvirtd to fail. Closes-Bug: 1669436 Change-Id: Ib0448b63b6ce7c7e5d48975b2bd9d78ef5c1218c (cherry picked from commit 37a8b27287)
2017-08-17 11:32:07 -05:00 · 2017-08-17 11:32:07 -05:00 · 1d98cf18e9
parent 176f4dd7a9
commit 1d98cf18e9
1 changed files with 20 additions and 0 deletions
--- a/tasks/main.yml
+++ b/tasks/main.yml
@ -33,6 +33,26 @@
  tags:
    - always

+- name: Fail if TCP and TLS are both enabled
+  fail:
+    msg: |
+      TCP and TLS connectivity are currently enabled for libvirtd. This
+      combination prevents libvirtd from starting properly since this role
+      does not generate TLS certificates for libvirtd at this time.
+
+      To enable TCP connectivity without TLS, set the following variables:
+
+          nova_libvirtd_listen_tcp: 1
+          nova_libvirtd_listen_tls: 0
+
+      Please note that this configuration does not encrypt communication with
+      libvirtd.
+  when:
+    - nova_libvirtd_listen_tcp == 1
+    - nova_libvirtd_listen_tls == 1
+  tags:
+    - always
+
 - include: nova_virt_detect.yml
  static: no
  when: