--- - hosts: all tasks: - name: Enable ssh to overcloud nodes from jumphost shell: "cat /home/stack/jumphost_id_rsa.pub | ssh -T {{ SSH_OPTIONS }} heat-admin@{{ item.value }} 'cat >> ~/.ssh/authorized_keys'" with_dict: "{{ overcloud_nodes }}" become: yes become_user: stack - name: Configure external network shell: "{{ overcloudrc }} && {{ item }}" with_items: "{{ external_network_cmds }}" - name: Configure gluon networks shell: "{{ overcloudrc }} && {{ item }}" when: gluon with_items: - openstack network create gluon-network --share --provider-network-type vxlan - openstack subnet create gluon-subnet --no-gateway --no-dhcp --network GluonNetwork --subnet-range 0.0.0.0/1 - name: Find admin project id shell: "{{ overcloudrc }} && openstack project list | grep admin | awk '{print $2}'" register: os_project_id - name: Ensure rc files owned by stack file: path: "/home/stack/{{ item }}" state: file owner: stack group: stack mode: 0644 become: yes with_items: - overcloudrc - overcloudrc.v3 - name: Inject OS_PROJECT_ID and OS_TENANT_NAME into overcloudrc lineinfile: line: "{{ item }}" path: /home/stack/overcloudrc become: yes become_user: stack with_items: - "export OS_PROJECT_ID={{ os_project_id.stdout }}" - "export OS_TENANT_NAME=admin" - name: Install Docker yum: name: docker state: present when: yardstick or dovetail become: yes - systemd: name: docker state: started enabled: yes when: yardstick or dovetail become: yes - name: Pull yardstick docker image docker_image: name: opnfv/yardstick when: yardstick become: yes - name: Pull dovetail docker image docker_image: name: opnfv/dovetail when: dovetail become: yes - name: Register SDN VIP shell: "{{ stackrc }} && neutron port-list | grep control_virtual_ip | grep -Eo '([0-9]+\\.){3}[0-9]+'" register: sdn_vip become: yes become_user: stack when: sdn != false - name: Write SDN controller VIP to overcloudrc lineinfile: line: "export SDN_CONTROLLER_IP={{ sdn_vip.stdout }}" regexp: 'SDN_CONTROLLER_IP' path: "/home/stack/{{ item }}" when: sdn != false become: yes become_user: stack with_items: - overcloudrc - overcloudrc.v3 - name: Undercloud NAT - MASQUERADE interface iptables: table: nat chain: POSTROUTING out_interface: eth0 jump: MASQUERADE when: - virtual - not external_network_ipv6 become: yes - name: Undercloud NAT - MASQUERADE interface with subnet iptables: table: nat chain: POSTROUTING out_interface: eth0 jump: MASQUERADE source: "{{ external_cidr }}" when: - virtual - not external_network_ipv6 become: yes - name: Undercloud NAT - Allow Forwarding iptables: chain: FORWARD in_interface: eth2 jump: ACCEPT when: - virtual - not external_network_ipv6 become: yes - name: Undercloud NAT - Allow Stateful Forwarding iptables: chain: FORWARD in_interface: eth2 jump: ACCEPT source: "{{ external_cidr }}" ctstate: ESTABLISHED,RELATED when: - virtual - not external_network_ipv6 become: yes - name: Undercloud NAT - Save iptables shell: service iptables save become: yes when: - virtual - not external_network_ipv6 - name: Create congress datasources shell: "{{ overcloudrc }} && openstack congress datasource create {{ item }}" become: yes become_user: stack when: congress with_items: "{{ congress_datasources }}" ignore_errors: yes - name: Configure Calipso block: - name: Install Calipso dependencies pip: name: "{{ item }}" executable: pip3 with_items: - docker - pymongo - name: Create Calipso user user: name: calipso createhome: yes - name: Remove old docker package: name: "{{ item }}" state: absent with_items: - docker - docker-common - docker-selinux - docker-engine - name: Install Docker CE package: name: docker-ce state: latest - name: Start Docker service: name: docker state: started enabled: yes - name: Install Calipso command: > python3 /root/calipso-installer.py --command start-all --copy q --hostname {{ calipso_ip }} --dbport 37017 --webport 81 --apiport 8001 --rabbitmport 15673 become: yes when: calipso