diff options
Diffstat (limited to 'lib')
-rw-r--r-- | lib/ansible/playbooks/configure_undercloud.yml | 58 | ||||
-rw-r--r-- | lib/ansible/playbooks/deploy_overcloud.yml | 45 | ||||
-rw-r--r-- | lib/ansible/playbooks/patch_containers.yml | 13 | ||||
-rw-r--r-- | lib/ansible/playbooks/post_deploy_overcloud.yml | 12 | ||||
-rw-r--r-- | lib/ansible/playbooks/post_deploy_undercloud.yml | 11 | ||||
-rw-r--r-- | lib/ansible/playbooks/prepare_overcloud_containers.yml | 64 | ||||
-rw-r--r-- | lib/ansible/playbooks/undercloud_aarch64.yml | 38 |
7 files changed, 129 insertions, 112 deletions
diff --git a/lib/ansible/playbooks/configure_undercloud.yml b/lib/ansible/playbooks/configure_undercloud.yml index 96080e5f..07b82c8e 100644 --- a/lib/ansible/playbooks/configure_undercloud.yml +++ b/lib/ansible/playbooks/configure_undercloud.yml @@ -27,6 +27,13 @@ with_items: - controller - compute + - name: Copy container prep env file to undercloud + copy: + src: "{{ apex_temp_dir }}/containers-prepare-parameter.yaml" + dest: "/home/stack/containers-prepare-parameter.yaml" + owner: stack + group: stack + mode: 0644 - lineinfile: path: /etc/sudoers regexp: 'Defaults\s*requiretty' @@ -66,51 +73,43 @@ src: /home/stack/apex-undercloud-install.log dest: "{{ apex_temp_dir }}/" flat: yes + - name: Install ceph-ansible + yum: + name: ceph-ansible + become: yes - name: openstack-configs nova shell: openstack-config --set /var/lib/config-data/nova/etc/nova/nova.conf DEFAULT {{ item }} become: yes with_items: "{{ nova_config }}" - name: restart nova services - docker_container: - name: "{{ item }}" - state: started - restart: yes + shell: "{{ container_client }} restart {{ item }}" with_items: - nova_conductor - nova_compute - nova_api - nova_scheduler + become: yes - name: openstack-configs neutron shell: openstack-config --set /var/lib/config-data/neutron/etc/neutron/neutron.conf DEFAULT {{ item }} become: yes with_items: "{{ neutron_config }}" - name: restart neutron services - docker_container: - name: "{{ item }}" - state: started - restart: yes + shell: "{{ container_client }} restart {{ item }}" with_items: - neutron_api - neutron_dhcp + become: yes - name: openstack-configs ironic shell: openstack-config --set /var/lib/config-data/ironic/etc/ironic/ironic.conf {{ item }} become: yes with_items: "{{ ironic_config }}" - name: restart ironic services - docker_container: - name: "{{ item }}" - state: started - restart: yes + shell: "{{ container_client }} restart {{ item }}" with_items: - ironic_api - ironic_conductor - ironic_inspector - # will need to modify the below to patch the container - - lineinfile: - path: /usr/lib/python2.7/site-packages/ironic/common/pxe_utils.py - regexp: '_link_ip_address_pxe_configs' - line: ' _link_mac_pxe_configs(task)' - when: aarch64 + become: yes - name: configure external network vlan ifcfg template: src: external_vlan_ifcfg.yml.j2 @@ -134,21 +133,12 @@ when: - external_network.vlan == "native" - external_network.enabled - - not aarch64 - name: bring up eth2 shell: ip link set up dev eth2 when: - external_network.vlan == "native" - external_network.enabled - - not aarch64 become: yes - - name: assign IP to native eth0 if aarch64 - shell: ip a a {{ external_network.ip }}/{{ external_network.prefix }} dev eth0 - become: yes - when: - - external_network.vlan == "native" - - external_network.enabled - - aarch64 - name: bring up eth0 if aarch64 shell: ip link set up dev eth0 when: @@ -182,12 +172,22 @@ jump: ACCEPT source: "{{ nat_cidr }}" ctstate: ESTABLISHED,RELATED - - name: Undercloud NAT - Save iptables - shell: service iptables save become: yes when: - not nat_network_ipv6 - nat + - name: Allow SSH in iptables + iptables: + action: insert + chain: INPUT + rule_num: 1 + protocol: tcp + destination_port: 22 + jump: ACCEPT + become: yes + - name: Undercloud NAT - Save iptables + shell: service iptables save + become: yes - name: fetch storage environment file fetch: src: /usr/share/openstack-tripleo-heat-templates/environments/storage-environment.yaml diff --git a/lib/ansible/playbooks/deploy_overcloud.yml b/lib/ansible/playbooks/deploy_overcloud.yml index 90c3ad1d..9a405814 100644 --- a/lib/ansible/playbooks/deploy_overcloud.yml +++ b/lib/ansible/playbooks/deploy_overcloud.yml @@ -12,11 +12,23 @@ - network-environment.yaml - instackenv.json - overcloud-full.qcow2 + - overcloud-full.vmlinuz + - overcloud-full.initrd + - ironic-python-agent.initramfs + - ironic-python-agent.kernel - deploy_command - virtual-environment.yaml - baremetal-environment.yaml - kubernetes-environment.yaml - "{{ apex_env_file }}" + - name: Copy ansible.cfg data to undercloud in aarch64 + copy: + src: "{{ apex_temp_dir }}/ansible.cfg" + dest: "/home/stack/ansible.cfg" + owner: stack + group: stack + mode: 0644 + when: aarch64 - name: Copy network data to undercloud copy: src: "{{ apex_temp_dir }}/network_data.yaml" @@ -61,6 +73,22 @@ owner: root group: root become: yes + - name: Insert External network into Compute role + shell: | + ruby -e ' + require "yaml" + data = YAML.load(File.read("/usr/share/openstack-tripleo-heat-templates/roles_data.yaml")) + if data[1]["networks"].is_a?(Array) + data[1]["networks"].push("External") + elsif data[1]["networks"].is_a?(Hash) + data[1]["networks"].merge!("External"=> { "subnet" => "external_subnet" }) + else + raise "Unable to determine data to modify in roles_data.yaml" + end + data[1]["default_route_networks"] = Array.new(["External"]) + File.open("/usr/share/openstack-tripleo-heat-templates/roles_data.yaml", "w") { |f| f.write(data.to_yaml) } + ' + become: yes - name: Upload glance images shell: "{{ stackrc }} && openstack overcloud image upload" become: yes @@ -80,8 +108,25 @@ - baremetal - control - compute + - name: Re-enable ceph config for aarch64 + replace: + path: "/usr/share/ceph-ansible/roles/ceph-client/tasks/create_users_keys.yml" + regexp: "x86_64" + replace: "aarch64" + backup: yes + when: aarch64 - name: Configure DNS server for ctlplane network shell: "{{ stackrc }} && openstack subnet set ctlplane-subnet {{ dns_server_args }}" + - name: Update NIC templates before deployment + shell: > + /usr/share/openstack-tripleo-heat-templates/tools/merge-new-params-nic-config-script.py + -n /home/stack/network_data.yaml -t /home/stack/nics/{{ item }}.yaml --discard-comments True + --role-name Controller + become: yes + become_user: stack + with_items: + - controller + - compute - block: - name: Execute Overcloud Deployment shell: "{{ stackrc }} && bash deploy_command" diff --git a/lib/ansible/playbooks/patch_containers.yml b/lib/ansible/playbooks/patch_containers.yml new file mode 100644 index 00000000..1ef05810 --- /dev/null +++ b/lib/ansible/playbooks/patch_containers.yml @@ -0,0 +1,13 @@ +--- + - name: "Pull docker image to ensure it exists locally: {{ item }}" + shell: "{{ container_client }} pull {{ undercloud_ip }}:8787/tripleo{{ os_version }}/centos-binary-{{ item }}:current-tripleo" + - name: "Find docker image user {{ item }}" + shell: > + {{ container_client }} inspect --format='{{ '{{' }}.ContainerConfig.User{{ '}}' }}' + {{ undercloud_ip }}:8787/tripleo{{ os_version }}/centos-binary-{{ item }}:current-tripleo + register: user_result + - name: "Patch docker image {{ item }}" + shell: > + cd /home/stack/containers/{{ item }} && {{ container_client }} build + --build-arg REAL_USER={{ user_result.stdout }} + -t {{ undercloud_ip }}:8787/tripleo{{ os_version }}/centos-binary-{{ item }}:apex . diff --git a/lib/ansible/playbooks/post_deploy_overcloud.yml b/lib/ansible/playbooks/post_deploy_overcloud.yml index 882b0126..2b90ab1f 100644 --- a/lib/ansible/playbooks/post_deploy_overcloud.yml +++ b/lib/ansible/playbooks/post_deploy_overcloud.yml @@ -54,14 +54,12 @@ - openstack-nova-api - openstack-nova-scheduler - openstack-nova-conductor - - name: Restart Compute Nova Compute (Pike Workaround) - shell: "systemctl restart openstack-nova-compute" + - name: Restart Compute Nova Compute (workaround for NFS) + shell: "{{ container_client }} restart nova_compute" become: yes - when: - - "'compute' in ansible_hostname" - - os_version == 'pike' + when: "'compute' in ansible_hostname or all_in_one" - name: Update ODL container restart policy to always - shell: "docker update --restart=always opendaylight_api" + shell: "{{ container_client }} update --restart=always opendaylight_api" become: yes when: - sdn == 'opendaylight' @@ -90,7 +88,7 @@ - "'controller' in ansible_hostname" - sdn != 'ovn' - name: Restart metadata service - shell: "docker restart neutron_metadata_agent" + shell: "{{ container_client }} restart neutron_metadata_agent" become: yes when: - "'controller' in ansible_hostname" diff --git a/lib/ansible/playbooks/post_deploy_undercloud.yml b/lib/ansible/playbooks/post_deploy_undercloud.yml index d03f1a1e..8cdfedfe 100644 --- a/lib/ansible/playbooks/post_deploy_undercloud.yml +++ b/lib/ansible/playbooks/post_deploy_undercloud.yml @@ -74,6 +74,17 @@ become: yes become_user: stack with_items: "{{ overcloudrc_files }}" + - name: Write SDN WEB and REST PORT to overcloudrc + lineinfile: + line: "export {{ item[0] }}=8081" + regexp: "{{ item[0] }}" + path: "/home/stack/{{ item[1] }}" + when: sdn != false + become: yes + become_user: stack + with_nested: + - [ 'SDN_CONTROLLER_WEBPORT', 'SDN_CONTROLLER_RESTCONFPORT' ] + - "{{ overcloudrc_files }}" - name: Grab Heat Environment variables shell: "{{ stackrc }} && openstack stack environment show overcloud -f json" register: heat_env diff --git a/lib/ansible/playbooks/prepare_overcloud_containers.yml b/lib/ansible/playbooks/prepare_overcloud_containers.yml index 54dbe098..ebf081dc 100644 --- a/lib/ansible/playbooks/prepare_overcloud_containers.yml +++ b/lib/ansible/playbooks/prepare_overcloud_containers.yml @@ -20,73 +20,31 @@ when: patched_docker_services|length > 0 - name: Prepare generic docker registry image file shell: > - {{ stackrc }} && openstack overcloud container image prepare - --namespace docker.io/tripleo{{ os_version }} - --tag {{ container_tag }} - --push-destination {{ undercloud_ip }}:8787 - -e /usr/share/openstack-tripleo-heat-templates/environments/docker.yaml - -e /usr/share/openstack-tripleo-heat-templates/environments/storage-environment.yaml - --output-images-file overcloud_containers.yml + sudo openstack tripleo container image prepare + -e /home/stack/containers-prepare-parameter.yaml --output-env-file docker-images.yaml - become: yes - become_user: stack - - name: Prepare SDN docker registry image file - shell: > - {{ stackrc }} && openstack overcloud container image prepare - --namespace docker.io/tripleo{{ os_version }} - --tag {{ container_tag }} - --push-destination {{ undercloud_ip }}:8787 - {{ sdn_env_file }} - --output-images-file sdn_containers.yml - --output-env-file sdn-images.yaml - become: yes - become_user: stack - when: sdn != false - - name: Update Ceph tag for aarch64 in container env file - lineinfile: - path: /home/stack/overcloud_containers.yml - regexp: '.*ceph.*' - line: '- imagename: docker.io/ceph/daemon:master-fafda7d-luminous-centos-7-aarch64' - when: aarch64 - - name: Update Ceph tag for aarch64 in container image file - lineinfile: - path: /home/stack/docker-images.yaml - regexp: '^DockerCephDaemonImage' - line: 'DockerCephDaemonImage: {{ undercloud_ip }}:8787/ceph/daemon/master-fafda7d-luminous-centos-7-aarch64' - when: aarch64 - - name: Upload docker images to local registry - shell: > - {{ stackrc }} && openstack overcloud container image upload - --config-file /home/stack/overcloud_containers.yml - - name: Upload SDN docker images to local registry - shell: > - {{ stackrc }} && openstack overcloud container image upload - --config-file /home/stack/sdn_containers.yml - when: sdn != false - name: Collect docker images in registry uri: url: http://{{ undercloud_ip }}:8787/v2/_catalog body_format: json register: response - - name: Patch Docker images - shell: > - cd /home/stack/containers/{{ item }} && docker build - -t {{ undercloud_ip }}:8787/tripleo{{ os_version }}/centos-binary-{{ item }}:apex . + - include_tasks: patch_containers.yml + with_items: "{{ patched_docker_services }}" + loop_control: + loop_var: item when: - patched_docker_services|length > 0 - item in (response.json)['repositories']|join(" ") - with_items: "{{ patched_docker_services }}" - name: Push patched docker images to local registry - shell: docker push {{ undercloud_ip }}:8787/tripleo{{ os_version }}/centos-binary-{{ item }}:apex + shell: "{{ container_client }} push {{ undercloud_ip }}:8787/tripleo{{ os_version }}/centos-binary-{{ item }}:apex" when: - patched_docker_services|length > 0 - item in (response.json)['repositories']|join(" ") with_items: "{{ patched_docker_services }}" - name: Modify Images with Apex tag replace: - path: "{{ item[0] }}" - regexp: "(\\s*Docker.*?:.*?centos-binary-{{ item[1] }}):.*" + path: "/home/stack/docker-images.yaml" + regexp: "(\\s*Docker.*?:.*?centos-binary-{{ item }}):.*" replace: '\1:apex' - with_nested: - - [ '/home/stack/sdn-images.yaml', '/home/stack/docker-images.yaml'] - - "{{ patched_docker_services }}"
\ No newline at end of file + with_items: "{{ patched_docker_services }}" + become: yes diff --git a/lib/ansible/playbooks/undercloud_aarch64.yml b/lib/ansible/playbooks/undercloud_aarch64.yml index ddaf1b04..efcbdabd 100644 --- a/lib/ansible/playbooks/undercloud_aarch64.yml +++ b/lib/ansible/playbooks/undercloud_aarch64.yml @@ -3,13 +3,12 @@ tasks: - name: aarch64 configuration block: - - shell: yum -y reinstall grub2-efi shim - copy: src: /boot/efi/EFI/centos/grubaa64.efi - dest: /tftpboot/grubaa64.efi + dest: /var/lib/config-data/puppet-generated/ironic/var/lib/ironic/tftpboot/grubaa64.efi remote_src: yes - file: - path: /tftpboot/EFI/centos + path: /var/lib/config-data/puppet-generated/ironic/var/lib/ironic/tftpboot/EFI/centos state: directory mode: 0755 - copy: @@ -18,32 +17,25 @@ set timeout=5 set hidden_timeout_quiet=false menuentry "local" { - configfile (hd0,gpt3)/boot/grub2/grub.cfg + configfile /var/lib/ironic/tftpboot/$net_default_mac.conf } - dest: /tftpboot/EFI/centos/grub.cfg + dest: /var/lib/config-data/puppet-generated/ironic/var/lib/ironic/tftpboot/EFI/centos/grub.cfg mode: 0644 - - shell: 'openstack-config --set /etc/ironic/ironic.conf pxe uefi_pxe_bootfile_name grubaa64.efi' - - shell: 'openstack-config --set /etc/ironic/ironic.conf pxe uefi_pxe_config_template \$pybasedir/drivers/modules/pxe_grub_config.template' - - - systemd: - name: openstack-ironic-conductor - state: restarted - enabled: yes - - replace: - path: /usr/lib/python2.7/site-packages/ironic/drivers/modules/pxe_grub_config.template - regexp: 'linuxefi' - replace: 'linux' - - replace: - path: /usr/lib/python2.7/site-packages/ironic/drivers/modules/pxe_grub_config.template - regexp: 'initrdefi' - replace: 'initrd' + - shell: 'sudo crudini --set /var/lib/config-data/puppet-generated/ironic/etc/ironic/ironic.conf pxe pxe_bootfile_name_by_arch aarch64:grubaa64.efi' + - shell: 'sudo crudini --set /var/lib/config-data/puppet-generated/ironic/etc/ironic/ironic.conf pxe pxe_config_template_by_arch aarch64:\$pybasedir/drivers/modules/pxe_grub_config.template' + - shell: 'docker exec -u root ironic_conductor sed -i "s/initrdefi/initrd/g" /usr/lib/python2.7/site-packages/ironic/drivers/modules/pxe_grub_config.template' + - shell: 'docker exec -u root ironic_conductor sed -i "s/linuxefi/linux/g" /usr/lib/python2.7/site-packages/ironic/drivers/modules/pxe_grub_config.template' - lineinfile: - path: /tftpboot/map-file + path: /var/lib/config-data/puppet-generated/ironic/var/lib/ironic/tftpboot/map-file insertafter: EOF state: present line: '' - - shell: "echo 'r ^/EFI/centos/grub.cfg-(.*) /tftpboot/pxelinux.cfg/\\1' | sudo tee --append /tftpboot/map-file" - - shell: "echo 'r ^/EFI/centos/grub.cfg /tftpboot/EFI/centos/grub.cfg' | sudo tee --append /tftpboot/map-file" + - shell: "echo 'r ^/EFI/centos/grub.cfg-(.*) /var/lib/ironic/tftpboot/pxelinux.cfg/\\1' | sudo tee --append /var/lib/config-data/puppet-generated/ironic/var/lib/ironic/tftpboot/map-file" + - shell: "echo 'r ^/EFI/centos/grub.cfg /var/lib/ironic/tftpboot/EFI/centos/grub.cfg' | sudo tee --append /var/lib/config-data/puppet-generated/ironic/var/lib/ironic/tftpboot/map-file" + - shell: "docker restart {{ item }}" + with_items: + - ironic_conductor + - ironic_pxe_tftp - systemd: name: xinetd state: restarted |