Closed sygilber closed 6 years ago
We can invoke multiple handlers for a given action. Currently there is a commit and restart happening that restarts the LMI. In this case we should be restarting the AAC runtime (which is also the Federation runtime). I will add the handler to the role.
I am not sure we need a snapshot before each tuning change - so I may make that optional as well.
Please let me know if you have any issues. I just pushed a change for this. The AAC runtime will be restarted now when you make a change.
Now with your commit, the AAC is restarted when runtime parameters change do occur, and the "runtime status" in LMI UX is no longer reporting "Restart Required: True"
Resolved by following commit:
https://github.com/IBM-Security/isam-ansible-roles/commit/24ffe8ec5a3e86df56953c99a6e7ef438bebf74e
Thanks
Hi,
I would have assumed that it is necessary to invoke the handler "Restart AAC Runtime" when runtime parameters are applied and it triggers a change. But as it turn out, it does not. For instance, in the below test run, changing the parameter 'enable_sslv3" from True to False using Ansible only has the usual "Commit Changes" handler invoked. I can see in the role "set_runtime_tuning_parameter" that it is meant to only invoke the "Commit Changes".
Is it normal ? Maybe there is something I am not getting.
TASK [set_runtime_tuning_parameter : Snapshot Appliance Before Setting Runtime Tuning Parameters] *** ok: [someserver]
TASK [set_runtime_tuning_parameter : Set Runtime Tuning Parameters] ***** changed: [stha9n0fw.iad.ca.inet] => (item={u'runtime_tuning_parameter_value': False, u'runtime_tuning_parameter_option': u'enable_sslv3'}) ok: [someserver] => (item={u'runtime_tuning_parameter_value': u'rt_keys', u'runtime_tuning_parameter_option': u'keystore'}) ok: [someserver] => (item={u'runtime_tuning_parameter_value': u'somelabel', u'runtime_tuning_parameter_option': u'keystore_label'}) ok: [someserver] => (item={u'runtime_tuning_parameter_value': u'sometruststore', u'runtime_tuning_parameter_option': u'truststore'})
TASK [add_runtime_listening_interface : Snapshot Appliance Before Adding Runtime Listening Interfaces] ** ok: [someserver]
TASK [add_runtime_listening_interface : Add Runtime Listening Interfaces] *** ok: [someserver] => (item={u'runtime_listening_interface_port': u'443', u'runtime_listening_interface_secure': True, u'runtime_listening_interface_interface': u'all-application-interfaces'})
RUNNING HANDLER [start_config : Commit Changes] ***** changed: [someserver]
RUNNING HANDLER [start_config : Await Appliance Commit LMI Response] **** ok: [someserver]