85 lines
2.8 KiB
YAML
85 lines
2.8 KiB
YAML
---
|
|
# file: roles/ovn/handlers/main.yml
|
|
|
|
- name: "Configure OVS"
|
|
ansible.builtin.shell:
|
|
cmd: "ovs-vsctl set open_vswitch . external_ids:hostname={{ ansible_hostname }} external_ids:ovn-remote={{ ovn_central_southbound }} external_ids:ovn-encap-type=geneve external_ids:ovn-encap-ip={{ ovn_ip }}"
|
|
|
|
- name: "Enable OVN IC gateway"
|
|
ansible.builtin.shell:
|
|
cmd: "ovs-vsctl set open_vswitch . external_ids:ovn-is-interconn=true"
|
|
|
|
- name: "Configure OVN central northbound DB for SSL (certs)"
|
|
ansible.builtin.shell:
|
|
cmd: "ovn-nbctl set-ssl /etc/ovn/server.key /etc/ovn/server.crt /etc/ovn/ca.crt"
|
|
when: ovn_central
|
|
|
|
- name: "Configure OVN central northbound DB for SSL (ports)"
|
|
ansible.builtin.shell:
|
|
cmd: "ovn-nbctl set-connection pssl:6641:[::]"
|
|
when: ovn_central
|
|
|
|
- name: "Configure OVN central southbound DB for SSL (certs)"
|
|
ansible.builtin.shell:
|
|
cmd: "ovn-sbctl set-ssl /etc/ovn/server.key /etc/ovn/server.crt /etc/ovn/ca.crt"
|
|
when: ovn_central
|
|
|
|
- name: "Configure OVN central southbound DB for SSL (ports)"
|
|
ansible.builtin.shell:
|
|
cmd: "ovn-sbctl set-connection pssl:6642:[::]"
|
|
when: ovn_central
|
|
|
|
- name: "Configure OVN IC northbound DB for SSL (certs)"
|
|
ansible.builtin.shell:
|
|
cmd: "ovn-ic-nbctl set-ssl /etc/ovn/server.key /etc/ovn/server.crt /etc/ovn/ca.crt"
|
|
when: ovn_ic_db
|
|
|
|
- name: "Configure OVN IC northbound DB for SSL (ports)"
|
|
ansible.builtin.shell:
|
|
cmd: "ovn-ic-nbctl set-connection pssl:6645:[::]"
|
|
when: ovn_ic_db
|
|
|
|
- name: "Configure OVN IC southbound DB for SSL (certs)"
|
|
ansible.builtin.shell:
|
|
cmd: "ovn-ic-sbctl set-ssl /etc/ovn/server.key /etc/ovn/server.crt /etc/ovn/ca.crt"
|
|
when: ovn_ic_db
|
|
|
|
- name: "Configure OVN IC southbound DB for SSL (ports)"
|
|
ansible.builtin.shell:
|
|
cmd: "ovn-ic-sbctl set-connection pssl:6646:[::]"
|
|
when: ovn_ic_db
|
|
|
|
- name: "Restart OVN central"
|
|
ansible.builtin.systemd:
|
|
name: ovn-central.service
|
|
state: restarted
|
|
|
|
- name: "Restart OVN host"
|
|
ansible.builtin.systemd:
|
|
name: ovn-host.service
|
|
state: restarted
|
|
|
|
- name: "Restart OVN IC"
|
|
ansible.builtin.systemd:
|
|
daemon_reload: true
|
|
name: ovn-ic.service
|
|
state: restarted
|
|
when: ovn_ic_db
|
|
|
|
- name: "Restart OVN IC DB"
|
|
ansible.builtin.systemd:
|
|
name: ovn-ic-db.service
|
|
state: restarted
|
|
when: ovn_ic_db
|
|
|
|
- name: "Configure OVN AZ name"
|
|
ansible.builtin.shell:
|
|
cmd: "ovn-nbctl --db={{ ovn_central_northbound }} -c /etc/ovn/server.crt -p /etc/ovn/server.key -C /etc/ovn/ca.crt set NB_Global . name={{ ovn_cluster_name }}"
|
|
when:
|
|
- ansible_hostname == ovn_cluster_main_name
|
|
|
|
- name: "Enable OVN IC route sharing"
|
|
ansible.builtin.shell:
|
|
cmd: "ovn-nbctl --db={{ ovn_central_northbound }} -c /etc/ovn/server.crt -p /etc/ovn/server.key -C /etc/ovn/ca.crt set NB_Global . options:ic-route-adv=true options:ic-route-learn=true"
|
|
when:
|
|
- ansible_hostname == ovn_cluster_main_name
|