blob: f1878e81512cdd96b536ee49507f3fdfcdffc75b (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
|
---
- hosts: all
tasks:
- name: Generate SSH key for stack if missing
shell: test -e ~/.ssh/id_rsa || ssh-keygen -t rsa -N "" -f ~/.ssh/id_rsa
- name: Fix ssh key for stack
shell: restorecon -r /home/stack
become: yes
- file:
path: /home/stack/nics
state: directory
owner: stack
group: stack
mode: 0775
- copy:
src: /root/.ssh/id_rsa.pub
dest: /home/stack/jumphost_id_rsa.pub
owner: stack
group: stack
mode: 0644
- copy:
src: "{{ apex_temp_dir }}/{{ item }}.yaml"
dest: "/home/stack/nics/{{ item }}.yaml"
owner: stack
group: stack
mode: 0644
with_items:
- controller
- compute
- lineinfile:
path: /etc/sudoers
regexp: 'Defaults\s*requiretty'
state: absent
become: yes
- lineinfile:
path: /etc/environment
regexp: '^http_proxy'
line: "http_proxy={{ http_proxy }}"
become: yes
when: http_proxy
- lineinfile:
path: /etc/environment
regexp: '^https_proxy'
line: "https_proxy={{ https_proxy }}"
become: yes
when: https_proxy
- name: openstack-configs undercloud
shell: openstack-config --set undercloud.conf DEFAULT {{ item }}
with_items: "{{ undercloud_config }}"
- name: Add ironic packages
yum:
name: openstack-ironic-api,openstack-ironic-common,
openstack-ironic-inspector
become: yes
- name: openstack-configs ironic
shell: openstack-config --set /etc/ironic/ironic.conf {{ item }}
become: yes
with_items: "{{ ironic_config }}"
- lineinfile:
path: /usr/lib/python2.7/site-packages/ironic/common/pxe_utils.py
regexp: '_link_ip_address_pxe_configs'
line: ' _link_mac_pxe_configs(task)'
when: aarch64
- block:
- name: undercloud install
shell: openstack undercloud install &> apex-undercloud-install.log
become: yes
become_user: stack
rescue:
- name: undercloud install retry
shell: openstack undercloud install >> apex-undercloud-install.log 2>&1
become: yes
become_user: stack
always:
- name: fetch undercloud log
fetch:
src: /home/stack/apex-undercloud-install.log
dest: "{{ apex_temp_dir }}/"
flat: yes
- name: openstack-configs nova
shell: openstack-config --set /etc/nova/nova.conf DEFAULT {{ item }}
become: yes
with_items: "{{ nova_config }}"
- name: restart nova services
service:
name: "{{ item }}"
state: restarted
enabled: yes
with_items:
- openstack-nova-conductor
- openstack-nova-compute
- openstack-nova-api
- openstack-nova-scheduler
- name: openstack-configs neutron
shell: openstack-config --set /etc/neutron/neutron.conf DEFAULT {{ item }}
become: yes
with_items: "{{ neutron_config }}"
- name: restart neutron services
service:
name: "{{ item }}"
state: restarted
enabled: yes
with_items:
- neutron-server
- neutron-dhcp-agent
- name: Configure workaround for mariadb long blob (LP#1768913)
shell: openstack-config --set /etc/my.cnf.d/galera.cnf mysqld innodb_log_file_size 256M
become: yes
- name: restart mariadb service
service:
name: mariadb
state: restarted
enabled: yes
become: yes
- name: configure external network vlan ifcfg
template:
src: external_vlan_ifcfg.yml.j2
dest: "/etc/sysconfig/network-scripts/ifcfg-vlan{{ external_network.vlan }}"
owner: root
group: root
mode: 0644
become: yes
when:
- external_network.vlan != "native"
- external_network.enabled
- name: bring up vlan ifcfg
shell: "ifup vlan{{ external_network.vlan }}"
become: yes
when:
- external_network.vlan != "native"
- external_network.enabled
- name: assign IP to native eth2
shell: ip a a {{ external_network.ip }}/{{ external_network.prefix }} dev eth2
become: yes
when:
- external_network.vlan == "native"
- external_network.enabled
- not aarch64
- name: bring up eth2
shell: ip link set up dev eth2
when:
- external_network.vlan == "native"
- external_network.enabled
- not aarch64
become: yes
- name: assign IP to native eth0 if aarch64
shell: ip a a {{ external_network.ip }}/{{ external_network.prefix }} dev eth0
become: yes
when:
- external_network.vlan == "native"
- external_network.enabled
- aarch64
- name: bring up eth0 if aarch64
shell: ip link set up dev eth0
when:
- external_network.vlan == "native"
- external_network.enabled
- aarch64
become: yes
- block:
- name: Undercloud NAT - MASQUERADE interface
iptables:
table: nat
chain: POSTROUTING
out_interface: eth0
jump: MASQUERADE
- name: Undercloud NAT - MASQUERADE interface with subnet
iptables:
table: nat
chain: POSTROUTING
out_interface: eth0
jump: MASQUERADE
source: "{{ nat_cidr }}"
- name: Undercloud NAT - Allow Forwarding
iptables:
chain: FORWARD
in_interface: eth2
jump: ACCEPT
- name: Undercloud NAT - Allow Stateful Forwarding
iptables:
chain: FORWARD
in_interface: eth2
jump: ACCEPT
source: "{{ nat_cidr }}"
ctstate: ESTABLISHED,RELATED
- name: Undercloud NAT - Save iptables
shell: service iptables save
become: yes
when:
- not nat_network_ipv6
- nat
- name: fetch storage environment file
fetch:
src: /usr/share/openstack-tripleo-heat-templates/environments/storage-environment.yaml
dest: "{{ apex_temp_dir }}/"
flat: yes
- name: fetch sriov environment file
fetch:
src: /usr/share/openstack-tripleo-heat-templates/environments/services/neutron-opendaylight-sriov.yaml
dest: "{{ apex_temp_dir }}/"
flat: yes
- include: undercloud_aarch64.yml
when: aarch64
|