
Added the Masakari user to the libvirt group to ensure proper permissions for accessing libvirt resources. This resolves permission issues that could prevent Masakari from monitoring and managing virtual machine instances effectively. The fix ensures that the Masakari service can successfully interact with the libvirt daemon for instance evacuation and recovery operations during host failures. Related-Bug: #2120450 Co-authored-by: Jobin Jospeh <jobinathirampuzha@gmail.com> Change-Id: I4fdbc073319583709f7c9919aedf7728d1e8dee5 Signed-off-by: Nilesh Chandekar <nilesh.c85@gmail.com>
66 lines
2.4 KiB
YAML
66 lines
2.4 KiB
YAML
---
|
|
# Copyright (c) 2018 NTT DATA
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
# you may not use this file except in compliance with the License.
|
|
# You may obtain a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
# See the License for the specific language governing permissions and
|
|
# limitations under the License.
|
|
|
|
- name: Create the system group
|
|
ansible.builtin.group:
|
|
name: "{{ masakari_system_group_name }}"
|
|
gid: "{{ masakari_system_group_gid | default(omit) }}"
|
|
state: "present"
|
|
system: "yes"
|
|
|
|
- name: Create the masakari system user
|
|
ansible.builtin.user:
|
|
name: "{{ masakari_system_user_name }}"
|
|
uid: "{{ masakari_system_user_uid | default(omit) }}"
|
|
group: "{{ masakari_system_group_name }}"
|
|
comment: "{{ masakari_system_comment }}"
|
|
shell: "{{ masakari_system_shell }}"
|
|
system: "yes"
|
|
createhome: "yes"
|
|
home: "{{ masakari_system_user_home }}"
|
|
|
|
- name: Add masakari user to libvirt Group
|
|
ansible.builtin.user:
|
|
name: "{{ masakari_system_user_name }}"
|
|
groups: "{{ masakari_monitor_libvirt_group }}"
|
|
append: "yes"
|
|
when:
|
|
- "masakari_services['masakari-hostmonitor']['group'] in group_names"
|
|
|
|
- name: Create masakari dir
|
|
ansible.builtin.file:
|
|
path: "{{ item.path | realpath }}"
|
|
state: directory
|
|
owner: "{{ item.owner | default(masakari_system_user_name) }}"
|
|
group: "{{ item.group | default(masakari_system_group_name) }}"
|
|
mode: "{{ item.mode | default(omit) }}"
|
|
when: item.condition | default(True)
|
|
with_items:
|
|
- path: "/openstack"
|
|
mode: "0755"
|
|
owner: "root"
|
|
group: "root"
|
|
- path: "{{ masakari_etc_dir }}"
|
|
mode: "0750"
|
|
condition: "{{ masakari_services['masakari-api']['group'] in group_names or masakari_services['masakari-engine']['group'] in group_names }}"
|
|
- path: "{{ masakari_monitor_etc_dir }}"
|
|
mode: "0750"
|
|
condition: "{{ inventory_hostname in groups['masakari_monitor'] }}"
|
|
- path: "{{ masakari_system_user_home }}"
|
|
- path: "{{ masakari_system_user_home }}/cache/api"
|
|
mode: "0700"
|
|
- path: "{{ masakari_system_user_home }}/cache/registry"
|
|
- path: "{{ masakari_system_user_home }}/scrubber"
|