summaryrefslogtreecommitdiffstats
path: root/lib/ansible/playbooks/configure_undercloud.yml
diff options
context:
space:
mode:
Diffstat (limited to 'lib/ansible/playbooks/configure_undercloud.yml')
-rw-r--r--lib/ansible/playbooks/configure_undercloud.yml136
1 files changed, 99 insertions, 37 deletions
diff --git a/lib/ansible/playbooks/configure_undercloud.yml b/lib/ansible/playbooks/configure_undercloud.yml
index c0e1cd35..07b82c8e 100644
--- a/lib/ansible/playbooks/configure_undercloud.yml
+++ b/lib/ansible/playbooks/configure_undercloud.yml
@@ -27,26 +27,36 @@
with_items:
- controller
- compute
+ - name: Copy container prep env file to undercloud
+ copy:
+ src: "{{ apex_temp_dir }}/containers-prepare-parameter.yaml"
+ dest: "/home/stack/containers-prepare-parameter.yaml"
+ owner: stack
+ group: stack
+ mode: 0644
- lineinfile:
path: /etc/sudoers
regexp: 'Defaults\s*requiretty'
state: absent
become: yes
+ - lineinfile:
+ path: /etc/environment
+ regexp: '^http_proxy'
+ line: "http_proxy={{ http_proxy }}"
+ become: yes
+ when: http_proxy
+ - lineinfile:
+ path: /etc/environment
+ regexp: '^https_proxy'
+ line: "https_proxy={{ https_proxy }}"
+ become: yes
+ when: https_proxy
- name: openstack-configs undercloud
shell: openstack-config --set undercloud.conf DEFAULT {{ item }}
with_items: "{{ undercloud_config }}"
- - name: openstack-configs ironic
- shell: openstack-config --set /etc/ironic/ironic.conf {{ item }}
- become: yes
- with_items: "{{ ironic_config }}"
- - name: openstack-configs undercloud aarch64
- shell: openstack-config --set undercloud.conf DEFAULT ipxe_enabled false
- when: aarch64
- - lineinfile:
- path: /usr/lib/python2.7/site-packages/ironic/common/pxe_utils.py
- regexp: '_link_ip_address_pxe_configs'
- line: ' _link_mac_pxe_configs(task)'
- when: aarch64
+ - name: openstack-configs undercloud network
+ shell: openstack-config --set undercloud.conf ctlplane-subnet {{ item }}
+ with_items: "{{ undercloud_network_config }}"
- block:
- name: undercloud install
shell: openstack undercloud install &> apex-undercloud-install.log
@@ -63,32 +73,43 @@
src: /home/stack/apex-undercloud-install.log
dest: "{{ apex_temp_dir }}/"
flat: yes
+ - name: Install ceph-ansible
+ yum:
+ name: ceph-ansible
+ become: yes
- name: openstack-configs nova
- shell: openstack-config --set /etc/nova/nova.conf DEFAULT {{ item }}
+ shell: openstack-config --set /var/lib/config-data/nova/etc/nova/nova.conf DEFAULT {{ item }}
become: yes
with_items: "{{ nova_config }}"
- name: restart nova services
- service:
- name: "{{ item }}"
- state: restarted
- enabled: yes
+ shell: "{{ container_client }} restart {{ item }}"
with_items:
- - openstack-nova-conductor
- - openstack-nova-compute
- - openstack-nova-api
- - openstack-nova-scheduler
+ - nova_conductor
+ - nova_compute
+ - nova_api
+ - nova_scheduler
+ become: yes
- name: openstack-configs neutron
- shell: openstack-config --set /etc/neutron/neutron.conf DEFAULT {{ item }}
+ shell: openstack-config --set /var/lib/config-data/neutron/etc/neutron/neutron.conf DEFAULT {{ item }}
become: yes
with_items: "{{ neutron_config }}"
- name: restart neutron services
- service:
- name: "{{ item }}"
- state: restarted
- enabled: yes
+ shell: "{{ container_client }} restart {{ item }}"
with_items:
- - neutron-server
- - neutron-dhcp-agent
+ - neutron_api
+ - neutron_dhcp
+ become: yes
+ - name: openstack-configs ironic
+ shell: openstack-config --set /var/lib/config-data/ironic/etc/ironic/ironic.conf {{ item }}
+ become: yes
+ with_items: "{{ ironic_config }}"
+ - name: restart ironic services
+ shell: "{{ container_client }} restart {{ item }}"
+ with_items:
+ - ironic_api
+ - ironic_conductor
+ - ironic_inspector
+ become: yes
- name: configure external network vlan ifcfg
template:
src: external_vlan_ifcfg.yml.j2
@@ -112,21 +133,12 @@
when:
- external_network.vlan == "native"
- external_network.enabled
- - not aarch64
- name: bring up eth2
shell: ip link set up dev eth2
when:
- external_network.vlan == "native"
- external_network.enabled
- - not aarch64
become: yes
- - name: assign IP to native eth0 if aarch64
- shell: ip a a {{ external_network.ip }}/{{ external_network.prefix }} dev eth0
- become: yes
- when:
- - external_network.vlan == "native"
- - external_network.enabled
- - aarch64
- name: bring up eth0 if aarch64
shell: ip link set up dev eth0
when:
@@ -134,11 +146,61 @@
- external_network.enabled
- aarch64
become: yes
+ - block:
+ - name: Undercloud NAT - MASQUERADE interface
+ iptables:
+ table: nat
+ chain: POSTROUTING
+ out_interface: eth0
+ jump: MASQUERADE
+ - name: Undercloud NAT - MASQUERADE interface with subnet
+ iptables:
+ table: nat
+ chain: POSTROUTING
+ out_interface: eth0
+ jump: MASQUERADE
+ source: "{{ nat_cidr }}"
+ - name: Undercloud NAT - Allow Forwarding
+ iptables:
+ chain: FORWARD
+ in_interface: eth2
+ jump: ACCEPT
+ - name: Undercloud NAT - Allow Stateful Forwarding
+ iptables:
+ chain: FORWARD
+ in_interface: eth2
+ jump: ACCEPT
+ source: "{{ nat_cidr }}"
+ ctstate: ESTABLISHED,RELATED
+ become: yes
+ when:
+ - not nat_network_ipv6
+ - nat
+ - name: Allow SSH in iptables
+ iptables:
+ action: insert
+ chain: INPUT
+ rule_num: 1
+ protocol: tcp
+ destination_port: 22
+ jump: ACCEPT
+ become: yes
+ - name: Undercloud NAT - Save iptables
+ shell: service iptables save
+ become: yes
- name: fetch storage environment file
fetch:
src: /usr/share/openstack-tripleo-heat-templates/environments/storage-environment.yaml
dest: "{{ apex_temp_dir }}/"
flat: yes
+ - name: fetch sriov environment file
+ fetch:
+ src: /usr/share/openstack-tripleo-heat-templates/environments/services/neutron-opendaylight-sriov.yaml
+ dest: "{{ apex_temp_dir }}/"
+ flat: yes
+ - name: Restorecon for root ssh
+ shell: restorecon -r -v /root/.ssh
+ become: yes
- include: undercloud_aarch64.yml
when: aarch64