summaryrefslogtreecommitdiffstats
path: root/lib/ansible/playbooks/post_deploy_undercloud.yml
blob: a8f1cd55d1ee3fd8248fdd177f5b62196aff9a63 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
---
- hosts: all
  tasks:
    - name: Enable ssh to overcloud nodes from jumphost
      shell: "cat /home/stack/jumphost_id_rsa.pub | ssh -T {{ SSH_OPTIONS }} heat-admin@{{ item.value }} 'cat >> ~/.ssh/authorized_keys'"
      with_dict: "{{ overcloud_nodes }}"
      become: yes
      become_user: stack
    - name: Configure external network
      shell: "{{ overcloudrc }} && {{ item }}"
      with_items: "{{ external_network_cmds }}"
    - name: Configure gluon networks
      shell: "{{ overcloudrc }} && {{ item }}"
      when: gluon
      with_items:
        - openstack network create gluon-network --share --provider-network-type vxlan
        - openstack subnet create gluon-subnet --no-gateway --no-dhcp --network GluonNetwork --subnet-range 0.0.0.0/1
    - name: Find admin project id
      shell: "{{ overcloudrc }} && openstack project list | grep admin | awk '{print $2}'"
      register: os_project_id
    - name: Ensure rc files owned by stack
      file:
        path: "/home/stack/{{ item }}"
        state: file
        owner: stack
        group: stack
        mode: 0644
      become: yes
      with_items:
        - overcloudrc
        - overcloudrc.v3
    - name: Inject OS_PROJECT_ID and OS_TENANT_NAME into overcloudrc
      lineinfile:
        line: "{{ item }}"
        path: /home/stack/overcloudrc
      become: yes
      become_user: stack
      with_items:
        - "export OS_PROJECT_ID={{ os_project_id.stdout }}"
        - "export OS_TENANT_NAME=admin"
    - name: Install Docker
      yum:
        name: docker
        state: present
      when: yardstick or dovetail
      become: yes
    - systemd:
        name: docker
        state: started
        enabled: yes
      when: yardstick or dovetail
      become: yes
    - name: Pull yardstick docker image
      docker_image:
        name: opnfv/yardstick
      when: yardstick
      become: yes
    - name: Pull dovetail docker image
      docker_image:
        name: opnfv/dovetail
      when: dovetail
      become: yes
    - name: Register SDN VIP
      shell: "{{ stackrc }} && neutron port-list | grep control_virtual_ip | grep -Eo '([0-9]+\\.){3}[0-9]+'"
      register: sdn_vip
      become: yes
      become_user: stack
      when: sdn != false
    - name: Write SDN controller VIP to overcloudrc
      lineinfile:
        line: "export SDN_CONTROLLER_IP={{ sdn_vip.stdout }}"
        regexp: 'SDN_CONTROLLER_IP'
        path: "/home/stack/{{ item }}"
      when: sdn != false
      become: yes
      become_user: stack
      with_items:
        - overcloudrc
        - overcloudrc.v3
    - name: Register OS Region
      shell: "{{ overcloudrc }} && openstack endpoint list -c Region -f json"
      register: region
      become: yes
      become_user: stack
    - name: Write Region into overcloudrc
      lineinfile:
        line: "export OS_REGION_NAME={{(region.stdout|from_json)[1]['Region']}}"
        regexp: 'OS_REGION_NAME'
        path: "/home/stack/{{ item }}"
      become: yes
      become_user: stack
      with_items:
        - overcloudrc
        - overcloudrc.v3
    - name: Undercloud NAT - MASQUERADE interface
      iptables:
        table: nat
        chain: POSTROUTING
        out_interface: eth0
        jump: MASQUERADE
      when:
        - virtual
        - not external_network_ipv6
      become: yes
    - name: Undercloud NAT - MASQUERADE interface with subnet
      iptables:
        table: nat
        chain: POSTROUTING
        out_interface: eth0
        jump: MASQUERADE
        source: "{{ external_cidr }}"
      when:
        - virtual
        - not external_network_ipv6
      become: yes
    - name: Undercloud NAT - Allow Forwarding
      iptables:
        chain: FORWARD
        in_interface: eth2
        jump: ACCEPT
      when:
        - virtual
        - not external_network_ipv6
      become: yes
    - name: Undercloud NAT - Allow Stateful Forwarding
      iptables:
        chain: FORWARD
        in_interface: eth2
        jump: ACCEPT
        source: "{{ external_cidr }}"
        ctstate: ESTABLISHED,RELATED
      when:
        - virtual
        - not external_network_ipv6
      become: yes
    - name: Undercloud NAT - Save iptables
      shell: service iptables save
      become: yes
      when:
        - virtual
        - not external_network_ipv6
    - name: Create congress datasources
      shell: "{{ overcloudrc }} && openstack congress datasource create {{ item }}"
      become: yes
      become_user: stack
      when: congress
      with_items: "{{ congress_datasources }}"
      ignore_errors: yes
    - name: Configure Calipso
      block:
        - name: Install Calipso dependencies
          pip:
            name: "{{ item }}"
            executable: pip3
          with_items:
            - docker
            - pymongo
        - name: Create Calipso user
          user:
            name: calipso
            createhome: yes
        - name: Remove old docker
          package:
            name: "{{ item }}"
            state: absent
          with_items:
            - docker
            - docker-common
            - docker-selinux
            - docker-engine
        - name: Install Docker CE
          package:
            name: docker-ce
            state: latest
        - name: Start Docker
          service:
            name: docker
            state: started
            enabled: yes
        - name: Install Calipso
          command: >
            python3 /root/calipso-installer.py --command start-all
            --copy q --hostname {{ calipso_ip }} --dbport 37017 --webport 81
            --apiport 8001 --rabbitmport 15673
      become: yes
      when: calipso