diff options
| author |   Tim Rozet <trozet@redhat.com> | 2017-06-25 21:25:36 -0400 |
|---|---|---|
| committer | Tim Rozet <trozet@redhat.com> | 2017-08-23 08:59:54 -0400 |
| commit | f4d388ea508ba00771e43a219ac64e0d430b73bd (patch) | |
| tree | 4f61a89664474154c3d6f7adecfbb0396617199c /lib/ansible/playbooks | |
| parent | 807fad268c90649f2901c5f5c4cdeb788a0308e0 (diff) | |
Migrates Apex to Python
Removes all bash libraries and converts almost all of the code to a
mixture of Python and Ansible. utils.sh and clean.sh still exist.
clean.sh will be migrated fully to clean.py in another patch.
The Apex Python package is now built into the opnfv-apex-common RPM. To
install locally do 'pip3 install .'. To deploy:
opnfv-deploy -d <file> -n <file> --image-dir /root/apex/.build -v --debug
Non-python files (THT yaml, settings files, ansible playbooks) are all
installed into /usr/share/opnfv-apex/. The RPM will copy settings files
into /etc/opnfv-apex/.
JIRA: APEX-317
Change-Id: I3232f0329bcd13bce5a28da6a8c9c84d0b048024
Signed-off-by: Tim Rozet <trozet@redhat.com>
Diffstat (limited to 'lib/ansible/playbooks')
| -rw-r--r-- | lib/ansible/playbooks/build_dependencies.yml | 10 | ||||
| -rw-r--r-- | lib/ansible/playbooks/configure_undercloud.yml | 116 | ||||
| -rw-r--r-- | lib/ansible/playbooks/deploy_dependencies.yml | 66 | ||||
| -rw-r--r-- | lib/ansible/playbooks/deploy_overcloud.yml | 68 | ||||
| -rw-r--r-- | lib/ansible/playbooks/post_deploy_overcloud.yml | 45 | ||||
| -rw-r--r-- | lib/ansible/playbooks/post_deploy_undercloud.yml | 118 | ||||
| -rw-r--r-- | lib/ansible/playbooks/templates/external_vlan_ifcfg.yml.j2 | 9 | ||||
| -rw-r--r-- | lib/ansible/playbooks/templates/virsh_network_default.xml.j2 | 10 | ||||
| -rw-r--r-- | lib/ansible/playbooks/templates/virsh_network_ovs.xml.j2 | 6 | ||||
| -rw-r--r-- | lib/ansible/playbooks/templates/virsh_pool.xml.j2 | 6 | ||||
| -rw-r--r-- | lib/ansible/playbooks/undercloud_aarch64.yml | 49 |
11 files changed, 499 insertions, 4 deletions
diff --git a/lib/ansible/playbooks/build_dependencies.yml b/lib/ansible/playbooks/build_dependencies.yml index dec8ab7c..afe12b74 100644 --- a/lib/ansible/playbooks/build_dependencies.yml +++ b/lib/ansible/playbooks/build_dependencies.yml @@ -11,15 +11,17 @@ libguestfs-tools,bsdtar,libvirt,yum-utils, python2-oslo-config,python2-debtcollector, make, python34-pip, python-virtualenv,libguestfs-tools-c, - supermin,supermin5,perl-Sys-Guestfs,python-libguestfs + supermin,supermin5,perl-Sys-Guestfs,python-libguestfs, + libvirt-devel,python34-docutils,python-docutils - name: Install Virtualization group yum: name: "@Virtualization Host" - - name: Install python ipmi from OPNFV artifacts - yum: - name: 'http://artifacts.opnfv.org/apex/dependencies/python3-ipmi-0.3.0-1.noarch.rpm' + - pip: + name: python-ipmi + executable: pip3.4 - pip: name: tox + executable: pip3.4 - pip: name: gitpython executable: pip3.4 diff --git a/lib/ansible/playbooks/configure_undercloud.yml b/lib/ansible/playbooks/configure_undercloud.yml new file mode 100644 index 00000000..7b236624 --- /dev/null +++ b/lib/ansible/playbooks/configure_undercloud.yml @@ -0,0 +1,116 @@ +--- +- hosts: all + tasks: + - name: Generate SSH key for stack if missing + shell: test -e ~/.ssh/id_rsa || ssh-keygen -t rsa -N "" -f ~/.ssh/id_rsa + - name: Fix ssh key for stack + shell: restorecon -r /home/stack + become: yes + - file: + path: /home/stack/nics + state: directory + owner: stack + group: stack + mode: 0775 + - copy: + src: /root/.ssh/id_rsa.pub + dest: /home/stack/jumphost_id_rsa.pub + owner: stack + owner: stack + mode: 0644 + - copy: + src: "{{ apex_temp_dir }}/{{ item }}.yaml" + dest: "/home/stack/nics/{{ item }}.yaml" + owner: stack + group: stack + mode: 0644 + with_items: + - controller + - compute + - lineinfile: + path: /etc/sudoers + regexp: 'Defaults\s*requiretty' + state: absent + become: yes + - name: openstack-configs undercloud + shell: openstack-config --set undercloud.conf DEFAULT {{ item }} + with_items: "{{ undercloud_config }}" + - name: openstack-configs ironic + shell: openstack-config --set /etc/ironic/ironic.conf {{ item }} + become: yes + with_items: "{{ ironic_config }}" + - name: openstack-configs undercloud aarch64 + shell: openstack-config --set undercloud.conf DEFAULT ipxe_enabled false + when: "{{ aarch64 }}" + - lineinfile: + path: /usr/lib/python2.7/site-packages/ironic/common/pxe_utils.py + regexp: '_link_ip_address_pxe_configs' + line: '_link_mac_pxe_configs(task)' + when: "{{ aarch64 }}" + - name: undercloud install + shell: openstack undercloud install &> apex-undercloud-install.log + become: yes + become_user: stack + - name: openstack-configs nova + shell: openstack-config --set /etc/nova/nova.conf DEFAULT {{ item }} + become: yes + with_items: "{{ nova_config }}" + - name: restart nova services + service: + name: "{{ item }}" + state: restarted + enabled: yes + with_items: + - openstack-nova-conductor + - openstack-nova-compute + - openstack-nova-api + - openstack-nova-scheduler + - name: openstack-configs neutron + shell: openstack-config --set /etc/neutron/neutron.conf DEFAULT {{ item }} + become: yes + with_items: "{{ neutron_config }}" + - name: restart neutron services + service: + name: "{{ item }}" + state: restarted + enabled: yes + with_items: + - neutron-server + - neutron-dhcp-agent + - name: configure external network vlan ifcfg + template: + src: external_vlan_ifcfg.yml.j2 + dest: "/etc/sysconfig/network-scripts/ifcfg-vlan{{ external_network.vlan }}" + owner: root + group: root + mode: 0644 + become: yes + when: + - external_network.vlan != "native" + - external_network.enabled + - name: bring up vlan ifcfg + shell: "ifup vlan{{ external_network.vlan }}" + become: yes + when: + - external_network.vlan != "native" + - external_network.enabled + - name: assign IP to native eth2 + shell: ip a a {{ external_network.ip }}/{{ external_network.prefix }} dev eth2 + become: yes + when: + - external_network.vlan == "native" + - external_network.enabled + - name: bring up eth2 + shell: ip link set up dev eth2 + when: + - external_network.vlan == "native" + - external_network.enabled + become: yes + - name: fetch storage environment file + fetch: + src: /usr/share/openstack-tripleo-heat-templates/environments/storage-environment.yaml + dest: "{{ apex_temp_dir }}/" + flat: yes + +- include: undercloud_aarch64.yml + when: aarch64 diff --git a/lib/ansible/playbooks/deploy_dependencies.yml b/lib/ansible/playbooks/deploy_dependencies.yml new file mode 100644 index 00000000..77231622 --- /dev/null +++ b/lib/ansible/playbooks/deploy_dependencies.yml @@ -0,0 +1,66 @@ +--- +- hosts: localhost + tasks: + - sysctl: + name: net.ipv4.ip_forward + state: present + value: 1 + sysctl_set: yes + - systemd: + name: dhcpd + state: stopped + enabled: no + ignore_errors: yes + - systemd: + name: libvirtd + state: started + enabled: yes + - systemd: + name: openvswitch + state: started + enabled: yes + - virt_net: + command: define + name: default + xml: '{{ lookup("template", "virsh_network_default.xml.j2") }}' + state: active + autostart: yes + - openvswitch_bridge: + bridge: 'br-{{ item }}' + state: present + with_items: '{{ virsh_enabled_networks }}' + - virt_net: + command: define + name: '{{ item }}' + xml: '{{ lookup("template", "virsh_network_ovs.xml.j2") }}' + autostart: yes + with_items: '{{ virsh_enabled_networks }}' + - virt_net: + command: create + name: '{{ item }}' + with_items: '{{ virsh_enabled_networks }}' + - virt_pool: + name: default + command: define + autostart: yes + state: active + xml: '{{ lookup("template", "virsh_pool.xml.j2") }}' + - lineinfile: + path: /etc/modprobe.d/kvm_intel.conf + line: 'options kvm-intel nested=1' + create: yes + when: ansible_architecture == "x86_64" + - modprobe: + name: "{{ item }}" + state: present + with_items: + - kvm + - kvm_intel + when: ansible_architecture == "x86_64" + - name: Generate SSH key for root if missing + shell: test -e ~/.ssh/id_rsa || ssh-keygen -t rsa -N "" -f ~/.ssh/id_rsa + - name: Manually patch vmbc to work with python3.x + lineinfile: + line: " conn.defineXML(ET.tostring(tree, encoding='unicode'))" + regexp: "tostring" + path: /usr/lib/python3.4/site-packages/virtualbmc/vbmc.py diff --git a/lib/ansible/playbooks/deploy_overcloud.yml b/lib/ansible/playbooks/deploy_overcloud.yml new file mode 100644 index 00000000..76bbbc67 --- /dev/null +++ b/lib/ansible/playbooks/deploy_overcloud.yml @@ -0,0 +1,68 @@ +--- +- hosts: all + tasks: + - name: Copy all files to undercloud + copy: + src: "{{ apex_temp_dir }}/{{ item }}" + dest: "/home/stack/{{ item }}" + owner: stack + group: stack + mode: 0644 + with_items: + - network-environment.yaml + - instackenv.json + - opnfv-environment.yaml + - overcloud-full.qcow2 + - deploy_command + - virtual-environment.yaml + - baremetal-environment.yaml + - copy: + src: "{{ apex_temp_dir }}/storage-environment.yaml" + dest: /usr/share/openstack-tripleo-heat-templates/environments/storage-environment.yaml + owner: root + group: root + mode: 0664 + - systemd: + name: openstack-swift-proxy + state: restarted + enabled: yes + become: yes + - name: Upload glance images + shell: "{{ stackrc }} && openstack overcloud image upload" + become: yes + become_user: stack + - name: Import inventory (baremetal) + shell: "{{ stackrc }} && {{ item }}" + with_items: + - openstack overcloud node import instackenv.json + - openstack overcloud node introspect --all-manageable --provide + when: not virtual + - name: Import inventory (virtual) + shell: "{{ stackrc }} && openstack overcloud node import --provide instackenv.json" + when: virtual + - name: Set flavors + shell: '{{ stackrc }} && openstack flavor set --property "cpu_arch"="x86_64" {{ item }}' + with_items: + - baremetal + - control + - compute + - name: Configure DNS server for ctlplane network + shell: "{{ stackrc }} && openstack subnet set ctlplane-subnet {{ dns_server_args }}" + - name: Execute Overcloud Deployment + shell: "{{ stackrc }} && bash deploy_command" + - name: Show Keystone output + shell: "{{ overcloudrc }} && {{ item }}" + when: debug + with_items: + - openstack endpoint list + - openstack service list + - name: Get overcloud nodes and IPs + shell: "{{ stackrc }} && openstack server list -f json" + register: nova_list + - name: Write nova list output to file + local_action: copy content="{{ nova_list.stdout }}" dest="{{ apex_temp_dir }}/nova_output" + - name: Fetch overcloudrc + fetch: + src: /home/stack/overcloudrc + dest: "{{ apex_temp_dir }}/" + flat: yes diff --git a/lib/ansible/playbooks/post_deploy_overcloud.yml b/lib/ansible/playbooks/post_deploy_overcloud.yml new file mode 100644 index 00000000..fdf70240 --- /dev/null +++ b/lib/ansible/playbooks/post_deploy_overcloud.yml @@ -0,0 +1,45 @@ +--- +- hosts: all + tasks: + - name: Bring up br-phy for OVS DPDK + shell: ifup br-phy + when: + - dataplane == 'ovs_dpdk' + - "'compute' in ansible_hostname" + become: yes + - name: Restart OVS Agent for DPDK + shell: systemctl restart neutron-openvswitch-agent + when: + - dataplane == 'ovs_dpdk' + - "'compute' in ansible_hostname" + - sdn == false + - name: SFC config workaround + file: + src: /etc/neutron/networking_sfc.conf + dest: /etc/neutron/conf.d/neutron-server/networking_sfc.conf + state: link + become: yes + when: + - sfc + - "'controller' in ansible_hostname" + - name: Ensure ZRPCD is up + systemd: + name: zrpcd + state: started + enabled: yes + become: yes + when: + - vpn + - "'controller-0' in ansible_hostname" + - name: VSPERF build base machine + shell: /build_base_machine.sh + args: + chdir: /var/opt/vsperf/systems/ + become: yes + when: + - vsperf + - "'compute-0' in ansible_hostname" + - name: Fetch logs from node + fetch: + src: /var/log/messages + dest: "{{ apex_temp_dir }}" diff --git a/lib/ansible/playbooks/post_deploy_undercloud.yml b/lib/ansible/playbooks/post_deploy_undercloud.yml new file mode 100644 index 00000000..ba0746b2 --- /dev/null +++ b/lib/ansible/playbooks/post_deploy_undercloud.yml @@ -0,0 +1,118 @@ +--- +- hosts: all + tasks: + - name: Enable ssh to overcloud nodes from jumphost + shell: "cat /home/stack/jumphost_id_rsa.pub | ssh -T {{ SSH_OPTIONS }} heat-admin@{{ item.value }} 'cat >> ~/.ssh/authorized_keys'" + with_dict: "{{ overcloud_nodes }}" + become: yes + become_user: stack + - name: Configure external network + shell: "{{ overcloudrc }} && {{ item }}" + with_items: "{{ external_network_cmds }}" + - name: Configure gluon networks + shell: "{{ overcloudrc }} && {{ item }}" + when: gluon + with_items: + - openstack network create gluon-network --share --provider-network-type vxlan + - openstack subnet create gluon-subnet --no-gateway --no-dhcp --network GluonNetwork --subnet-range 0.0.0.0/1 + - name: Find admin project id + shell: "{{ overcloudrc }} && openstack project list | grep admin | awk '{print $2}'" + register: os_project_id + - name: Inject OS_PROJECT_ID and OS_TENANT_NAME into overcloudrc + lineinfile: + line: "{{ item }}" + path: /home/stack/overcloudrc + with_items: + - "export OS_PROJECT_ID={{ os_project_id.stdout }}" + - "export OS_TENANT_NAME=admin" + - name: Install Docker + yum: + name: docker + state: present + when: yardstick or dovetail + become: yes + - systemd: + name: docker + state: started + enabled: yes + when: yardstick or dovetail + become: yes + - name: Pull yardstick docker image + docker_image: + name: opnfv/yardstick + when: yardstick + become: yes + - name: Pull dovetail docker image + docker_image: + name: opnfv/dovetail + when: dovetail + become: yes + - name: Register SDN VIP + shell: "{{ stackrc }} && neutron port-list | grep control_virtual_ip | grep -Eo '([0-9]+\\.){3}[0-9]+'" + register: sdn_vip + become: yes + become_user: stack + when: sdn != false + - name: Write SDN controller VIP to overcloudrc + lineinfile: + line: "export SDN_CONTROLLER_IP={{ sdn_vip.stdout }}" + regexp: 'SDN_CONTROLLER_IP' + path: "/home/stack/{{ item }}" + when: sdn != false + with_items: + - overcloudrc + - overcloudrc.v3 + - name: Undercloud NAT - MASQUERADE interface + iptables: + table: nat + chain: POSTROUTING + out_interface: eth0 + jump: MASQUERADE + when: + - virtual + - not external_network_ipv6 + become: yes + - name: Undercloud NAT - MASQUERADE interface with subnet + iptables: + table: nat + chain: POSTROUTING + out_interface: eth0 + jump: MASQUERADE + source: "{{ external_cidr }}" + when: + - virtual + - not external_network_ipv6 + become: yes + - name: Undercloud NAT - Allow Forwarding + iptables: + chain: FORWARD + in_interface: eth2 + jump: ACCEPT + when: + - virtual + - not external_network_ipv6 + become: yes + - name: Undercloud NAT - Allow Stateful Forwarding + iptables: + chain: FORWARD + in_interface: eth2 + jump: ACCEPT + source: "{{ external_cidr }}" + ctstate: ESTABLISHED,RELATED + when: + - virtual + - not external_network_ipv6 + become: yes + - name: Undercloud NAT - Save iptables + shell: service iptables save + become: yes + when: + - virtual + - not external_network_ipv6 + - name: Create congress datasources + shell: "{{ overcloudrc }} && openstack congress datasource create {{ item }}" + become: yes + become_user: stack + when: congress + with_items: "{{ congress_datasources }}" + ignore_errors: yes diff --git a/lib/ansible/playbooks/templates/external_vlan_ifcfg.yml.j2 b/lib/ansible/playbooks/templates/external_vlan_ifcfg.yml.j2 new file mode 100644 index 00000000..c478a7d9 --- /dev/null +++ b/lib/ansible/playbooks/templates/external_vlan_ifcfg.yml.j2 @@ -0,0 +1,9 @@ +DEVICE=vlan{{ external_network.vlan }} +ONBOOT=yes +DEVICETYPE=ovs +TYPE=OVSIntPort +BOOTPROTO=static +IPADDR={{ external_network.ip }} +PREFIX={{ external_network.prefix }} +OVS_BRIDGE=br-ctlplane +OVS_OPTIONS="tag={{ external_network.vlan }}" diff --git a/lib/ansible/playbooks/templates/virsh_network_default.xml.j2 b/lib/ansible/playbooks/templates/virsh_network_default.xml.j2 new file mode 100644 index 00000000..d7241d0c --- /dev/null +++ b/lib/ansible/playbooks/templates/virsh_network_default.xml.j2 @@ -0,0 +1,10 @@ +<network> + <name>default</name> + <bridge name="virbr0"/> + <forward/> + <ip address="192.168.122.1" netmask="255.255.255.0"> + <dhcp> + <range start="192.168.122.2" end="192.168.122.254"/> + </dhcp> + </ip> +</network> diff --git a/lib/ansible/playbooks/templates/virsh_network_ovs.xml.j2 b/lib/ansible/playbooks/templates/virsh_network_ovs.xml.j2 new file mode 100644 index 00000000..75a06eea --- /dev/null +++ b/lib/ansible/playbooks/templates/virsh_network_ovs.xml.j2 @@ -0,0 +1,6 @@ +<network ipv6='yes'> + <name>{{ item }}</name> + <forward mode='bridge'/> + <bridge name='br-{{ item }}'/> + <virtualport type='openvswitch'/> +</network> diff --git a/lib/ansible/playbooks/templates/virsh_pool.xml.j2 b/lib/ansible/playbooks/templates/virsh_pool.xml.j2 new file mode 100644 index 00000000..f6ea498a --- /dev/null +++ b/lib/ansible/playbooks/templates/virsh_pool.xml.j2 @@ -0,0 +1,6 @@ +<pool type='dir'> + <name>default</name> + <target> + <path>/var/lib/libvirt/images</path> + </target> +</pool> diff --git a/lib/ansible/playbooks/undercloud_aarch64.yml b/lib/ansible/playbooks/undercloud_aarch64.yml new file mode 100644 index 00000000..5b607c3e --- /dev/null +++ b/lib/ansible/playbooks/undercloud_aarch64.yml @@ -0,0 +1,49 @@ +--- +- hosts: all + tasks: + - name: aarch64 configuration + block: + - shell: yum -y reinstall grub2-efi shim + - copy: + src: /boot/efi/EFI/centos/grubaa64.efi + dest: /tftpboot/grubaa64.efi + remote_src: yes + - file: + path: /tftpboot/EFI/centos + state: directory + mode: 0755 + - copy: + content: | + set default=master + set timeout=5 + set hidden_timeout_quiet=false + menuentry "master" { + configfile /tftpboot/\\\$net_default_ip.conf + } + dest: /tftpboot/EFI/centos/grub.cfg + mode: 0644 + - shell: 'openstack-config --set /etc/ironic/ironic.conf pxe uefi_pxe_config_template $pybasedir/drivers/modules/pxe_grub_config.template' + - shell: 'openstack-config --set /etc/ironic/ironic.conf pxe uefi_pxe_bootfile_name grubaa64.efi' + - systemd: + name: openstack-ironic-conductor + state: restarted + enabled: yes + - replace: + path: /usr/lib/python2.7/site-packages/ironic/drivers/modules/pxe_grub_config.template + regexp: 'linuxefi' + replace: 'linux' + - replace: + path: /usr/lib/python2.7/site-packages/ironic/drivers/modules/pxe_grub_config.template + regexp: 'initrdefi' + replace: 'initrd' + - lineinfile: + path: /tftpboot/map-file + insertafter: EOF + state: present + line: '' + - shell: "echo 'r ^/EFI/centos/grub.cfg-(.*) /tftpboot/pxelinux.cfg/\\1' | sudo tee --append /tftpboot/map-file" + - systemd: + name: xinetd + state: restarted + enabled: yes + become: yes |