openstack/openstack-ansible-os_nova
Code Issues Proposed changes

Fail if TLS + TCP are enabled for libvirtd

Browse Source 
This patch fails the playbook if TLS and TCP connectivity are both
enabled. The role does not set certificates for libvirtd at this time
and these configurations will cause libvirtd to fail.

Closes-Bug: 1669436
Change-Id: Ib0448b63b6ce7c7e5d48975b2bd9d78ef5c1218c
This commit is contained in:
Major Hayden 2017-08-17 11:32:07 -05:00
parent f5e5279ab7
commit 37a8b27287
No known key found for this signature in database
GPG Key ID: 737051E0C1011FB1
1 changed files with 20 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
tasks/main.yml
View File

@ -33,6 +33,26 @@
tags:
- always
- name: Fail if TCP and TLS are both enabled
fail:
msg: |
TCP and TLS connectivity are currently enabled for libvirtd. This
combination prevents libvirtd from starting properly since this role
does not generate TLS certificates for libvirtd at this time.
To enable TCP connectivity without TLS, set the following variables:
nova_libvirtd_listen_tcp: 1
nova_libvirtd_listen_tls: 0
Please note that this configuration does not encrypt communication with
libvirtd.
when:
- nova_libvirtd_listen_tcp == 1
- nova_libvirtd_listen_tls == 1
tags:
- always
- include: nova_virt_detect.yml
static: no
tags: