summaryrefslogtreecommitdiffstats
path: root/lib/ansible
diff options
context:
space:
mode:
Diffstat (limited to 'lib/ansible')
-rw-r--r--lib/ansible/playbooks/configure_undercloud.yml58
-rw-r--r--lib/ansible/playbooks/deploy_overcloud.yml45
-rw-r--r--lib/ansible/playbooks/patch_containers.yml13
-rw-r--r--lib/ansible/playbooks/post_deploy_overcloud.yml12
-rw-r--r--lib/ansible/playbooks/post_deploy_undercloud.yml11
-rw-r--r--lib/ansible/playbooks/prepare_overcloud_containers.yml64
-rw-r--r--lib/ansible/playbooks/undercloud_aarch64.yml38
7 files changed, 129 insertions, 112 deletions
diff --git a/lib/ansible/playbooks/configure_undercloud.yml b/lib/ansible/playbooks/configure_undercloud.yml
index 96080e5f..07b82c8e 100644
--- a/lib/ansible/playbooks/configure_undercloud.yml
+++ b/lib/ansible/playbooks/configure_undercloud.yml
@@ -27,6 +27,13 @@
with_items:
- controller
- compute
+ - name: Copy container prep env file to undercloud
+ copy:
+ src: "{{ apex_temp_dir }}/containers-prepare-parameter.yaml"
+ dest: "/home/stack/containers-prepare-parameter.yaml"
+ owner: stack
+ group: stack
+ mode: 0644
- lineinfile:
path: /etc/sudoers
regexp: 'Defaults\s*requiretty'
@@ -66,51 +73,43 @@
src: /home/stack/apex-undercloud-install.log
dest: "{{ apex_temp_dir }}/"
flat: yes
+ - name: Install ceph-ansible
+ yum:
+ name: ceph-ansible
+ become: yes
- name: openstack-configs nova
shell: openstack-config --set /var/lib/config-data/nova/etc/nova/nova.conf DEFAULT {{ item }}
become: yes
with_items: "{{ nova_config }}"
- name: restart nova services
- docker_container:
- name: "{{ item }}"
- state: started
- restart: yes
+ shell: "{{ container_client }} restart {{ item }}"
with_items:
- nova_conductor
- nova_compute
- nova_api
- nova_scheduler
+ become: yes
- name: openstack-configs neutron
shell: openstack-config --set /var/lib/config-data/neutron/etc/neutron/neutron.conf DEFAULT {{ item }}
become: yes
with_items: "{{ neutron_config }}"
- name: restart neutron services
- docker_container:
- name: "{{ item }}"
- state: started
- restart: yes
+ shell: "{{ container_client }} restart {{ item }}"
with_items:
- neutron_api
- neutron_dhcp
+ become: yes
- name: openstack-configs ironic
shell: openstack-config --set /var/lib/config-data/ironic/etc/ironic/ironic.conf {{ item }}
become: yes
with_items: "{{ ironic_config }}"
- name: restart ironic services
- docker_container:
- name: "{{ item }}"
- state: started
- restart: yes
+ shell: "{{ container_client }} restart {{ item }}"
with_items:
- ironic_api
- ironic_conductor
- ironic_inspector
- # will need to modify the below to patch the container
- - lineinfile:
- path: /usr/lib/python2.7/site-packages/ironic/common/pxe_utils.py
- regexp: '_link_ip_address_pxe_configs'
- line: ' _link_mac_pxe_configs(task)'
- when: aarch64
+ become: yes
- name: configure external network vlan ifcfg
template:
src: external_vlan_ifcfg.yml.j2
@@ -134,21 +133,12 @@
when:
- external_network.vlan == "native"
- external_network.enabled
- - not aarch64
- name: bring up eth2
shell: ip link set up dev eth2
when:
- external_network.vlan == "native"
- external_network.enabled
- - not aarch64
become: yes
- - name: assign IP to native eth0 if aarch64
- shell: ip a a {{ external_network.ip }}/{{ external_network.prefix }} dev eth0
- become: yes
- when:
- - external_network.vlan == "native"
- - external_network.enabled
- - aarch64
- name: bring up eth0 if aarch64
shell: ip link set up dev eth0
when:
@@ -182,12 +172,22 @@
jump: ACCEPT
source: "{{ nat_cidr }}"
ctstate: ESTABLISHED,RELATED
- - name: Undercloud NAT - Save iptables
- shell: service iptables save
become: yes
when:
- not nat_network_ipv6
- nat
+ - name: Allow SSH in iptables
+ iptables:
+ action: insert
+ chain: INPUT
+ rule_num: 1
+ protocol: tcp
+ destination_port: 22
+ jump: ACCEPT
+ become: yes
+ - name: Undercloud NAT - Save iptables
+ shell: service iptables save
+ become: yes
- name: fetch storage environment file
fetch:
src: /usr/share/openstack-tripleo-heat-templates/environments/storage-environment.yaml
diff --git a/lib/ansible/playbooks/deploy_overcloud.yml b/lib/ansible/playbooks/deploy_overcloud.yml
index 90c3ad1d..9a405814 100644
--- a/lib/ansible/playbooks/deploy_overcloud.yml
+++ b/lib/ansible/playbooks/deploy_overcloud.yml
@@ -12,11 +12,23 @@
- network-environment.yaml
- instackenv.json
- overcloud-full.qcow2
+ - overcloud-full.vmlinuz
+ - overcloud-full.initrd
+ - ironic-python-agent.initramfs
+ - ironic-python-agent.kernel
- deploy_command
- virtual-environment.yaml
- baremetal-environment.yaml
- kubernetes-environment.yaml
- "{{ apex_env_file }}"
+ - name: Copy ansible.cfg data to undercloud in aarch64
+ copy:
+ src: "{{ apex_temp_dir }}/ansible.cfg"
+ dest: "/home/stack/ansible.cfg"
+ owner: stack
+ group: stack
+ mode: 0644
+ when: aarch64
- name: Copy network data to undercloud
copy:
src: "{{ apex_temp_dir }}/network_data.yaml"
@@ -61,6 +73,22 @@
owner: root
group: root
become: yes
+ - name: Insert External network into Compute role
+ shell: |
+ ruby -e '
+ require "yaml"
+ data = YAML.load(File.read("/usr/share/openstack-tripleo-heat-templates/roles_data.yaml"))
+ if data[1]["networks"].is_a?(Array)
+ data[1]["networks"].push("External")
+ elsif data[1]["networks"].is_a?(Hash)
+ data[1]["networks"].merge!("External"=> { "subnet" => "external_subnet" })
+ else
+ raise "Unable to determine data to modify in roles_data.yaml"
+ end
+ data[1]["default_route_networks"] = Array.new(["External"])
+ File.open("/usr/share/openstack-tripleo-heat-templates/roles_data.yaml", "w") { |f| f.write(data.to_yaml) }
+ '
+ become: yes
- name: Upload glance images
shell: "{{ stackrc }} && openstack overcloud image upload"
become: yes
@@ -80,8 +108,25 @@
- baremetal
- control
- compute
+ - name: Re-enable ceph config for aarch64
+ replace:
+ path: "/usr/share/ceph-ansible/roles/ceph-client/tasks/create_users_keys.yml"
+ regexp: "x86_64"
+ replace: "aarch64"
+ backup: yes
+ when: aarch64
- name: Configure DNS server for ctlplane network
shell: "{{ stackrc }} && openstack subnet set ctlplane-subnet {{ dns_server_args }}"
+ - name: Update NIC templates before deployment
+ shell: >
+ /usr/share/openstack-tripleo-heat-templates/tools/merge-new-params-nic-config-script.py
+ -n /home/stack/network_data.yaml -t /home/stack/nics/{{ item }}.yaml --discard-comments True
+ --role-name Controller
+ become: yes
+ become_user: stack
+ with_items:
+ - controller
+ - compute
- block:
- name: Execute Overcloud Deployment
shell: "{{ stackrc }} && bash deploy_command"
diff --git a/lib/ansible/playbooks/patch_containers.yml b/lib/ansible/playbooks/patch_containers.yml
new file mode 100644
index 00000000..1ef05810
--- /dev/null
+++ b/lib/ansible/playbooks/patch_containers.yml
@@ -0,0 +1,13 @@
+---
+ - name: "Pull docker image to ensure it exists locally: {{ item }}"
+ shell: "{{ container_client }} pull {{ undercloud_ip }}:8787/tripleo{{ os_version }}/centos-binary-{{ item }}:current-tripleo"
+ - name: "Find docker image user {{ item }}"
+ shell: >
+ {{ container_client }} inspect --format='{{ '{{' }}.ContainerConfig.User{{ '}}' }}'
+ {{ undercloud_ip }}:8787/tripleo{{ os_version }}/centos-binary-{{ item }}:current-tripleo
+ register: user_result
+ - name: "Patch docker image {{ item }}"
+ shell: >
+ cd /home/stack/containers/{{ item }} && {{ container_client }} build
+ --build-arg REAL_USER={{ user_result.stdout }}
+ -t {{ undercloud_ip }}:8787/tripleo{{ os_version }}/centos-binary-{{ item }}:apex .
diff --git a/lib/ansible/playbooks/post_deploy_overcloud.yml b/lib/ansible/playbooks/post_deploy_overcloud.yml
index 882b0126..2b90ab1f 100644
--- a/lib/ansible/playbooks/post_deploy_overcloud.yml
+++ b/lib/ansible/playbooks/post_deploy_overcloud.yml
@@ -54,14 +54,12 @@
- openstack-nova-api
- openstack-nova-scheduler
- openstack-nova-conductor
- - name: Restart Compute Nova Compute (Pike Workaround)
- shell: "systemctl restart openstack-nova-compute"
+ - name: Restart Compute Nova Compute (workaround for NFS)
+ shell: "{{ container_client }} restart nova_compute"
become: yes
- when:
- - "'compute' in ansible_hostname"
- - os_version == 'pike'
+ when: "'compute' in ansible_hostname or all_in_one"
- name: Update ODL container restart policy to always
- shell: "docker update --restart=always opendaylight_api"
+ shell: "{{ container_client }} update --restart=always opendaylight_api"
become: yes
when:
- sdn == 'opendaylight'
@@ -90,7 +88,7 @@
- "'controller' in ansible_hostname"
- sdn != 'ovn'
- name: Restart metadata service
- shell: "docker restart neutron_metadata_agent"
+ shell: "{{ container_client }} restart neutron_metadata_agent"
become: yes
when:
- "'controller' in ansible_hostname"
diff --git a/lib/ansible/playbooks/post_deploy_undercloud.yml b/lib/ansible/playbooks/post_deploy_undercloud.yml
index d03f1a1e..8cdfedfe 100644
--- a/lib/ansible/playbooks/post_deploy_undercloud.yml
+++ b/lib/ansible/playbooks/post_deploy_undercloud.yml
@@ -74,6 +74,17 @@
become: yes
become_user: stack
with_items: "{{ overcloudrc_files }}"
+ - name: Write SDN WEB and REST PORT to overcloudrc
+ lineinfile:
+ line: "export {{ item[0] }}=8081"
+ regexp: "{{ item[0] }}"
+ path: "/home/stack/{{ item[1] }}"
+ when: sdn != false
+ become: yes
+ become_user: stack
+ with_nested:
+ - [ 'SDN_CONTROLLER_WEBPORT', 'SDN_CONTROLLER_RESTCONFPORT' ]
+ - "{{ overcloudrc_files }}"
- name: Grab Heat Environment variables
shell: "{{ stackrc }} && openstack stack environment show overcloud -f json"
register: heat_env
diff --git a/lib/ansible/playbooks/prepare_overcloud_containers.yml b/lib/ansible/playbooks/prepare_overcloud_containers.yml
index 54dbe098..ebf081dc 100644
--- a/lib/ansible/playbooks/prepare_overcloud_containers.yml
+++ b/lib/ansible/playbooks/prepare_overcloud_containers.yml
@@ -20,73 +20,31 @@
when: patched_docker_services|length > 0
- name: Prepare generic docker registry image file
shell: >
- {{ stackrc }} && openstack overcloud container image prepare
- --namespace docker.io/tripleo{{ os_version }}
- --tag {{ container_tag }}
- --push-destination {{ undercloud_ip }}:8787
- -e /usr/share/openstack-tripleo-heat-templates/environments/docker.yaml
- -e /usr/share/openstack-tripleo-heat-templates/environments/storage-environment.yaml
- --output-images-file overcloud_containers.yml
+ sudo openstack tripleo container image prepare
+ -e /home/stack/containers-prepare-parameter.yaml
--output-env-file docker-images.yaml
- become: yes
- become_user: stack
- - name: Prepare SDN docker registry image file
- shell: >
- {{ stackrc }} && openstack overcloud container image prepare
- --namespace docker.io/tripleo{{ os_version }}
- --tag {{ container_tag }}
- --push-destination {{ undercloud_ip }}:8787
- {{ sdn_env_file }}
- --output-images-file sdn_containers.yml
- --output-env-file sdn-images.yaml
- become: yes
- become_user: stack
- when: sdn != false
- - name: Update Ceph tag for aarch64 in container env file
- lineinfile:
- path: /home/stack/overcloud_containers.yml
- regexp: '.*ceph.*'
- line: '- imagename: docker.io/ceph/daemon:master-fafda7d-luminous-centos-7-aarch64'
- when: aarch64
- - name: Update Ceph tag for aarch64 in container image file
- lineinfile:
- path: /home/stack/docker-images.yaml
- regexp: '^DockerCephDaemonImage'
- line: 'DockerCephDaemonImage: {{ undercloud_ip }}:8787/ceph/daemon/master-fafda7d-luminous-centos-7-aarch64'
- when: aarch64
- - name: Upload docker images to local registry
- shell: >
- {{ stackrc }} && openstack overcloud container image upload
- --config-file /home/stack/overcloud_containers.yml
- - name: Upload SDN docker images to local registry
- shell: >
- {{ stackrc }} && openstack overcloud container image upload
- --config-file /home/stack/sdn_containers.yml
- when: sdn != false
- name: Collect docker images in registry
uri:
url: http://{{ undercloud_ip }}:8787/v2/_catalog
body_format: json
register: response
- - name: Patch Docker images
- shell: >
- cd /home/stack/containers/{{ item }} && docker build
- -t {{ undercloud_ip }}:8787/tripleo{{ os_version }}/centos-binary-{{ item }}:apex .
+ - include_tasks: patch_containers.yml
+ with_items: "{{ patched_docker_services }}"
+ loop_control:
+ loop_var: item
when:
- patched_docker_services|length > 0
- item in (response.json)['repositories']|join(" ")
- with_items: "{{ patched_docker_services }}"
- name: Push patched docker images to local registry
- shell: docker push {{ undercloud_ip }}:8787/tripleo{{ os_version }}/centos-binary-{{ item }}:apex
+ shell: "{{ container_client }} push {{ undercloud_ip }}:8787/tripleo{{ os_version }}/centos-binary-{{ item }}:apex"
when:
- patched_docker_services|length > 0
- item in (response.json)['repositories']|join(" ")
with_items: "{{ patched_docker_services }}"
- name: Modify Images with Apex tag
replace:
- path: "{{ item[0] }}"
- regexp: "(\\s*Docker.*?:.*?centos-binary-{{ item[1] }}):.*"
+ path: "/home/stack/docker-images.yaml"
+ regexp: "(\\s*Docker.*?:.*?centos-binary-{{ item }}):.*"
replace: '\1:apex'
- with_nested:
- - [ '/home/stack/sdn-images.yaml', '/home/stack/docker-images.yaml']
- - "{{ patched_docker_services }}" \ No newline at end of file
+ with_items: "{{ patched_docker_services }}"
+ become: yes
diff --git a/lib/ansible/playbooks/undercloud_aarch64.yml b/lib/ansible/playbooks/undercloud_aarch64.yml
index ddaf1b04..efcbdabd 100644
--- a/lib/ansible/playbooks/undercloud_aarch64.yml
+++ b/lib/ansible/playbooks/undercloud_aarch64.yml
@@ -3,13 +3,12 @@
tasks:
- name: aarch64 configuration
block:
- - shell: yum -y reinstall grub2-efi shim
- copy:
src: /boot/efi/EFI/centos/grubaa64.efi
- dest: /tftpboot/grubaa64.efi
+ dest: /var/lib/config-data/puppet-generated/ironic/var/lib/ironic/tftpboot/grubaa64.efi
remote_src: yes
- file:
- path: /tftpboot/EFI/centos
+ path: /var/lib/config-data/puppet-generated/ironic/var/lib/ironic/tftpboot/EFI/centos
state: directory
mode: 0755
- copy:
@@ -18,32 +17,25 @@
set timeout=5
set hidden_timeout_quiet=false
menuentry "local" {
- configfile (hd0,gpt3)/boot/grub2/grub.cfg
+ configfile /var/lib/ironic/tftpboot/$net_default_mac.conf
}
- dest: /tftpboot/EFI/centos/grub.cfg
+ dest: /var/lib/config-data/puppet-generated/ironic/var/lib/ironic/tftpboot/EFI/centos/grub.cfg
mode: 0644
- - shell: 'openstack-config --set /etc/ironic/ironic.conf pxe uefi_pxe_bootfile_name grubaa64.efi'
- - shell: 'openstack-config --set /etc/ironic/ironic.conf pxe uefi_pxe_config_template \$pybasedir/drivers/modules/pxe_grub_config.template'
-
- - systemd:
- name: openstack-ironic-conductor
- state: restarted
- enabled: yes
- - replace:
- path: /usr/lib/python2.7/site-packages/ironic/drivers/modules/pxe_grub_config.template
- regexp: 'linuxefi'
- replace: 'linux'
- - replace:
- path: /usr/lib/python2.7/site-packages/ironic/drivers/modules/pxe_grub_config.template
- regexp: 'initrdefi'
- replace: 'initrd'
+ - shell: 'sudo crudini --set /var/lib/config-data/puppet-generated/ironic/etc/ironic/ironic.conf pxe pxe_bootfile_name_by_arch aarch64:grubaa64.efi'
+ - shell: 'sudo crudini --set /var/lib/config-data/puppet-generated/ironic/etc/ironic/ironic.conf pxe pxe_config_template_by_arch aarch64:\$pybasedir/drivers/modules/pxe_grub_config.template'
+ - shell: 'docker exec -u root ironic_conductor sed -i "s/initrdefi/initrd/g" /usr/lib/python2.7/site-packages/ironic/drivers/modules/pxe_grub_config.template'
+ - shell: 'docker exec -u root ironic_conductor sed -i "s/linuxefi/linux/g" /usr/lib/python2.7/site-packages/ironic/drivers/modules/pxe_grub_config.template'
- lineinfile:
- path: /tftpboot/map-file
+ path: /var/lib/config-data/puppet-generated/ironic/var/lib/ironic/tftpboot/map-file
insertafter: EOF
state: present
line: ''
- - shell: "echo 'r ^/EFI/centos/grub.cfg-(.*) /tftpboot/pxelinux.cfg/\\1' | sudo tee --append /tftpboot/map-file"
- - shell: "echo 'r ^/EFI/centos/grub.cfg /tftpboot/EFI/centos/grub.cfg' | sudo tee --append /tftpboot/map-file"
+ - shell: "echo 'r ^/EFI/centos/grub.cfg-(.*) /var/lib/ironic/tftpboot/pxelinux.cfg/\\1' | sudo tee --append /var/lib/config-data/puppet-generated/ironic/var/lib/ironic/tftpboot/map-file"
+ - shell: "echo 'r ^/EFI/centos/grub.cfg /var/lib/ironic/tftpboot/EFI/centos/grub.cfg' | sudo tee --append /var/lib/config-data/puppet-generated/ironic/var/lib/ironic/tftpboot/map-file"
+ - shell: "docker restart {{ item }}"
+ with_items:
+ - ironic_conductor
+ - ironic_pxe_tftp
- systemd:
name: xinetd
state: restarted