diff options
author | Vincent S. Cojot <vcojot@redhat.com> | 2017-02-09 10:48:57 -0500 |
---|---|---|
committer | Vincent S. Cojot <vcojot@redhat.com> | 2017-02-09 10:48:57 -0500 |
commit | ce3ed51d89a09b36b5610ea37a665b3df3c4e2f3 (patch) | |
tree | 3cc4066f1cff3b71993982a84052a851c56f0ce4 | |
parent | c8ac98e3a8b3e7e6ca2c61f83618d70c1c122bb7 (diff) | |
download | openstack-access-policy-ce3ed51d89a09b36b5610ea37a665b3df3c4e2f3.tar.gz openstack-access-policy-ce3ed51d89a09b36b5610ea37a665b3df3c4e2f3.tar.xz openstack-access-policy-ce3ed51d89a09b36b5610ea37a665b3df3c4e2f3.zip |
minor fixes..
-rwxr-xr-x | files/push_sevone_policies_to_overcloud.sh | 56 |
1 files changed, 39 insertions, 17 deletions
diff --git a/files/push_sevone_policies_to_overcloud.sh b/files/push_sevone_policies_to_overcloud.sh index aa4c697..e0cb7cf 100755 --- a/files/push_sevone_policies_to_overcloud.sh +++ b/files/push_sevone_policies_to_overcloud.sh @@ -7,6 +7,7 @@ src_config="" dst_config="" sev1_backup="" svc_name="" +declare -i restart_svc=0 # This tool is used to push policies on the overcloud [ "$BASH" ] && function whence @@ -43,10 +44,20 @@ do fi done +# Verify syntax, abort if error.. +for mysvc in aodh ceilometer cinder glance gnocchi heat ironic keystone manila mistral neutron nova sahara zaqar +do + src_config="${TOP_DIR}/etc/${mysvc}/policy.json" + json_verify -q < ${src_config} + if [ $? -ne 0 ]; then + echo "Testing JSON syntax of ${src_config} failed!!" ; exit 127 + fi +done + # Obtain list of Controllers from nova (they will be running consoleauth) CTLR_LIST=$(nova host-list| awk '/consoleauth/ {split($2,a,".") ; print a[1]}'|xargs) if [ "x${CTLR_LIST}" != "x" ]; then - echo "(II) Found these controller(s): ${CTLR_LIST}" + echo "(II) Found controller(s): ${CTLR_LIST}" else echo "(**) Unable to find controllers running consoleauth!"; exit 127 fi @@ -62,12 +73,11 @@ do fi done if [ ${#IP_LIST[@]} -gt 0 ]; then - echo "(II) Found these IPs for controllers: ${IP_LIST[@]}" + echo "(II) Found this/these IP(s) for controller(s): ${IP_LIST[@]}" else echo "(**) Unable to find controllers IP Addresses!"; exit 127 fi - # Inject Services... for myctrl in "${!IP_LIST[@]}" do @@ -87,10 +97,13 @@ do do src_config="/home/heat-admin/etc/${mysvc}/policy.json" dst_config="/etc/${mysvc}/policy.json" - sev1_backup="${dst_config}.sevone" + sev1_backup="${dst_config}.pre-sevone" - # Take a backup - ssh -q heat-admin@${myip} "sudo test -f ${sev1_backup} || sudo /bin/cp -afv ${dst_config} ${sev1_backup}" + # Take a backup, if not present already.. + ssh -q heat-admin@${myip} "sudo test -f ${sev1_backup}" + if [ $? -ne 0 ]; then + ssh -q heat-admin@${myip} "sudo test -f ${dst_config}" && ssh -q heat-admin@${myip} "sudo /bin/cp -afv ${dst_config} ${sev1_backup}" + fi # Compare files and copy if necessary... ssh -q heat-admin@${myip} "sudo cmp -s ${src_config} ${dst_config}" @@ -105,17 +118,26 @@ do ssh -q heat-admin@${myip} "sudo chown root:${mysvc} ${dst_config} && sudo chmod 640 ${dst_config}" ssh -q heat-admin@${myip} "sudo restorecon ${dst_config} 2>/dev/null" - # Restart service appropriately... Only 'neutron' does not have an openstack prefix in the service name - case "${mysvc}" in - neutron) - svc_name="${mysvc}" - ;; - *) - svc_name="openstack-${mysvc}" - ;; - esac - echo -n " (WW) Restarting (systemctl) ${svc_name}-\* services on ${myctrl} ..." - ssh -q heat-admin@${myip} sudo systemctl restart "${svc_name}-\*" && echo OK + # This is disabled by default as restarting services isn't necessary for policy.json updates. + if [ ${restart_svc} -eq 1 ]; then + # Restart service appropriately... Only 'neutron' does not have an 'openstack' prefix in its service name + case "${mysvc}" in + neutron) + svc_name="${mysvc}" + ;; + *) + svc_name="openstack-${mysvc}" + ;; + esac + echo -n " (WW) Restarting (systemctl) ${svc_name}-\* services on ${myctrl} ..." + ssh -q heat-admin@${myip} sudo systemctl restart "${svc_name}-\*" && echo OK + fi fi done done + +if [ $? -eq 0 ]; then + echo "(II) ALL done." +else + echo "(**) Failures seen, please check..." +fi
\ No newline at end of file |