From 6db2a303546afa13d356f93eb26e76034a7208ef Mon Sep 17 00:00:00 2001 From: Harry Huang Date: Sat, 24 Feb 2018 15:38:47 +0800 Subject: Seprate compass-tasks JIRA: - Keep three compass-tasks: compass-tasks - merge both OSA and kubespray compass-tasks-osa - only OSA compass-tasks-k8s - only kubespray Change-Id: Ia790da1b5080322c5e2efe0980aabe9a76867c10 Signed-off-by: Harry Huang --- compass-tasks-k8s/Dockerfile | 6 + compass-tasks-k8s/run.sh | 13 ++ compass-tasks-osa/Dockerfile | 8 + compass-tasks-osa/run.sh | 49 +++++ compass-tasks-osa/setup-complete.yml | 7 + .../tacker_conf/ansible-role-requirements.yml | 208 +++++++++++++++++++ .../tacker_conf/openstack_services.yml | 225 +++++++++++++++++++++ .../tacker_conf/os-tacker-install.yml | 63 ++++++ compass-tasks-osa/tacker_conf/tacker.yml | 36 ++++ compass-tasks-osa/tacker_conf/tacker_all.yml | 46 +++++ compass-tasks-osa/tacker_conf/user_secrets.yml | 163 +++++++++++++++ 11 files changed, 824 insertions(+) create mode 100644 compass-tasks-k8s/Dockerfile create mode 100644 compass-tasks-k8s/run.sh create mode 100644 compass-tasks-osa/Dockerfile create mode 100644 compass-tasks-osa/run.sh create mode 100644 compass-tasks-osa/setup-complete.yml create mode 100644 compass-tasks-osa/tacker_conf/ansible-role-requirements.yml create mode 100644 compass-tasks-osa/tacker_conf/openstack_services.yml create mode 100644 compass-tasks-osa/tacker_conf/os-tacker-install.yml create mode 100644 compass-tasks-osa/tacker_conf/tacker.yml create mode 100644 compass-tasks-osa/tacker_conf/tacker_all.yml create mode 100644 compass-tasks-osa/tacker_conf/user_secrets.yml diff --git a/compass-tasks-k8s/Dockerfile b/compass-tasks-k8s/Dockerfile new file mode 100644 index 0000000..70da42e --- /dev/null +++ b/compass-tasks-k8s/Dockerfile @@ -0,0 +1,6 @@ +FROM opnfv/compass-tasks-base +ARG BRANCH=master + +ADD ./run.sh /root/ +RUN chmod +x /root/run.sh +RUN /root/run.sh diff --git a/compass-tasks-k8s/run.sh b/compass-tasks-k8s/run.sh new file mode 100644 index 0000000..3a7c0c8 --- /dev/null +++ b/compass-tasks-k8s/run.sh @@ -0,0 +1,13 @@ +#!/bin/bash + +yum install git ntp wget ntpdate openssh-server python-devel sudo '@Development Tools' -y +#yum install -y python-yaml +systemctl stop firewalld +systemctl mask firewalld + +# get kubespray code and install requirement +rm -rf /opt/kargo_k8s +git clone https://github.com/kubernetes-incubator/kubespray.git /opt/kargo_k8s +cd /opt/kargo_k8s +git checkout f4180503c891bea4b4b77a2f7cc93923411a7449 -b k8s1.9.1 +pip install ansible==2.4.2.0 diff --git a/compass-tasks-osa/Dockerfile b/compass-tasks-osa/Dockerfile new file mode 100644 index 0000000..91abdc8 --- /dev/null +++ b/compass-tasks-osa/Dockerfile @@ -0,0 +1,8 @@ +FROM opnfv/compass-tasks-base +ARG BRANCH=master + +ADD ./run.sh /root/ +ADD ./tacker_conf /opt/tacker_conf +ADD ./setup-complete.yml /opt/ +RUN chmod +x /root/run.sh +RUN /root/run.sh diff --git a/compass-tasks-osa/run.sh b/compass-tasks-osa/run.sh new file mode 100644 index 0000000..63e5cb0 --- /dev/null +++ b/compass-tasks-osa/run.sh @@ -0,0 +1,49 @@ +#!/bin/bash + +# add ansible-playbook for normal use +ln -s /root/.virtualenvs/compass-core/bin/ansible-playbook /usr/bin/ansible-playbook + +yum install https://rdoproject.org/repos/openstack-pike/rdo-release-pike.rpm -y +yum install git ntp wget ntpdate openssh-server python-devel sudo '@Development Tools' -y + +systemctl stop firewalld +systemctl mask firewalld + +mkdir -p /opt/git/ +cd /opt/git/ +wget artifacts.opnfv.org/compass4nfv/package/openstack_pike.tar.gz +tar -zxvf openstack_pike.tar.gz +rm -rf openstack_pike.tar.gz + +git clone https://git.openstack.org/openstack/openstack-ansible /opt/openstack-ansible + +cd /opt/openstack-ansible + +git checkout 16c69046bfd90d1b984de43bc6267fece6b75f1c +#git checkout 4cde8f86aaea1fde7c43016f661119879068a133 + +git checkout -b stable/pike + +/bin/cp -rf /opt/tacker_conf/ansible-role-requirements.yml /opt/openstack-ansible/ +/bin/cp -rf /opt/tacker_conf/openstack_services.yml /opt/openstack-ansible/playbooks/defaults/repo_packages/ +/bin/cp -rf /opt/tacker_conf/os-tacker-install.yml /opt/openstack-ansible/playbooks/ +/bin/cp -rf /opt/tacker_conf/tacker.yml /opt/openstack-ansible/playbooks/inventory/env.d/ +/bin/cp -rf /opt/tacker_conf/tacker_all.yml /opt/openstack-ansible/group_vars/ +/bin/cp -rf /opt/tacker_conf/user_secrets.yml /opt/openstack-ansible/etc/openstack_deploy/ + +/bin/cp -rf /opt/openstack-ansible/etc/openstack_deploy /etc/openstack_deploy + +cd /opt/openstack-ansible + +scripts/bootstrap-ansible.sh + +rm -f /usr/local/bin/ansible-playbook + +cd /opt/openstack-ansible/scripts/ +python pw-token-gen.py --file /etc/openstack_deploy/user_secrets.yml + +cd /opt/openstack-ansible/group_vars +sed -i 's/#repo_build_git_cache/repo_build_git_cache/g' repo_all.yml + +cp /opt/setup-complete.yml /opt/openstack-ansible/playbooks/ +echo "- include: setup-complete.yml" >> /opt/openstack-ansible/playbooks/setup-infrastructure.yml diff --git a/compass-tasks-osa/setup-complete.yml b/compass-tasks-osa/setup-complete.yml new file mode 100644 index 0000000..f8a7b54 --- /dev/null +++ b/compass-tasks-osa/setup-complete.yml @@ -0,0 +1,7 @@ +--- + +- hosts: localhost + user: root + tasks: + - name: Mark setup-infrastructure completed + shell: echo "Setup infrastructure completed!" diff --git a/compass-tasks-osa/tacker_conf/ansible-role-requirements.yml b/compass-tasks-osa/tacker_conf/ansible-role-requirements.yml new file mode 100644 index 0000000..201ebd6 --- /dev/null +++ b/compass-tasks-osa/tacker_conf/ansible-role-requirements.yml @@ -0,0 +1,208 @@ +- name: ansible-hardening + scm: git + src: https://git.openstack.org/openstack/ansible-hardening + version: c05e36f48de66feb47046a0126d986fa03313f29 +- name: apt_package_pinning + scm: git + src: https://git.openstack.org/openstack/openstack-ansible-apt_package_pinning + version: 9403a36513aee54c15890ac96c1f8c455f9c083d +- name: pip_install + scm: git + src: https://git.openstack.org/openstack/openstack-ansible-pip_install + version: df107891bf9fdfa7287bdfe43f3fa0120a80e5ad +- name: galera_client + scm: git + src: https://git.openstack.org/openstack/openstack-ansible-galera_client + version: 52b374547648056b58c544532296599801d501d7 +- name: galera_server + scm: git + src: https://git.openstack.org/openstack/openstack-ansible-galera_server + version: b124e06872ebeca7d81cb22fb80ae97a995b07a8 +- name: ceph_client + scm: git + src: https://git.openstack.org/openstack/openstack-ansible-ceph_client + version: 5fcbc68fdbd3105d233fd3c03c887f13227b1c3d +- name: haproxy_server + scm: git + src: https://git.openstack.org/openstack/openstack-ansible-haproxy_server + version: a905aaed8627f59d9dc10b9bc031589a7c65828f +- name: keepalived + scm: git + src: https://github.com/evrardjp/ansible-keepalived + version: 3.0.3 +- name: lxc_container_create + scm: git + src: https://git.openstack.org/openstack/openstack-ansible-lxc_container_create + version: c41d3b20da6be07d9bf5db7f7e6a1384c7cfb5eb +- name: lxc_hosts + scm: git + src: https://git.openstack.org/openstack/openstack-ansible-lxc_hosts + version: fb722e17cd8c1bab640f34ab0b111a44dee2279a +- name: memcached_server + scm: git + src: https://git.openstack.org/openstack/openstack-ansible-memcached_server + version: 08c483f3c5d49c236194090534a015b67c8cded6 +- name: openstack_hosts + scm: git + src: https://git.openstack.org/openstack/openstack-ansible-openstack_hosts + version: a0d3b9c9756b6e95b0e034f3d0576fbb33607820 +- name: os_keystone + scm: git + src: https://git.openstack.org/openstack/openstack-ansible-os_keystone + version: 6d131caff7f60d1dfd0c5d3223fe6ece6416a34c +- name: openstack_openrc + scm: git + src: https://git.openstack.org/openstack/openstack-ansible-openstack_openrc + version: b27229ef168aed7f2febf6991b2d7459ec8883ee +- name: os_aodh + scm: git + src: https://git.openstack.org/openstack/openstack-ansible-os_aodh + version: bcd77b1e10a7054e9365da6a20848b393153d025 +- name: os_barbican + scm: git + src: https://git.openstack.org/openstack/openstack-ansible-os_barbican + version: 0797e8bdadd2fcf4696b22f0e18340c8d9539b09 +- name: os_ceilometer + scm: git + src: https://git.openstack.org/openstack/openstack-ansible-os_ceilometer + version: 4b3e0589a0188de885659614ef4e076018af54f7 +- name: os_cinder + scm: git + src: https://git.openstack.org/openstack/openstack-ansible-os_cinder + version: 6f5ab34e5a0694f3fc84e63c912e00e86e3de280 +- name: os_designate + scm: git + src: https://git.openstack.org/openstack/openstack-ansible-os_designate + version: a4952759e91853adbc2ba0e0088eacd12a0d1bd1 +- name: os_glance + scm: git + src: https://git.openstack.org/openstack/openstack-ansible-os_glance + version: 6590581bbcc73f12113edbd0195c33c90fef74b9 +- name: os_gnocchi + scm: git + src: https://git.openstack.org/openstack/openstack-ansible-os_gnocchi + version: 5f8950f61ed6b61d1cc06ab73b3b02466bee0db1 +- name: os_heat + scm: git + src: https://git.openstack.org/openstack/openstack-ansible-os_heat + version: 4d1efae631026631fb2af4f43a9fe8ca210d643e +- name: os_horizon + scm: git + src: https://git.openstack.org/openstack/openstack-ansible-os_horizon + version: 71aa69b1425f5b5b2bdc274357b62a9b4b57ae8f +- name: os_ironic + scm: git + src: https://git.openstack.org/openstack/openstack-ansible-os_ironic + version: 34205b6b99fc3cfe54eddbcde0380e626976e425 +- name: os_magnum + scm: git + src: https://git.openstack.org/openstack/openstack-ansible-os_magnum + version: 0fdeea886ef4227e02d793f6dbfd54ccd9e6e088 +- name: os_molteniron + scm: git + src: https://git.openstack.org/openstack/openstack-ansible-os_molteniron + version: 58cff32e954ab817d07b8e0a136663c34d7f7b60 +- name: os_neutron + scm: git + src: https://git.openstack.org/openstack/openstack-ansible-os_neutron + version: 728484ad440461b784114bf93cd912b3d1aecd2f +- name: os_nova + scm: git + src: https://git.openstack.org/openstack/openstack-ansible-os_nova + version: b1066d20502a29c4ec33fb9e5a8307201f7530cb +- name: os_octavia + scm: git + src: https://git.openstack.org/openstack/openstack-ansible-os_octavia + version: 5fd1fbae703c17f928cfc00f60aeeed0500c6f2b +- name: os_rally + scm: git + src: https://git.openstack.org/openstack/openstack-ansible-os_rally + version: b2658fb704fd3a1e8bce794b8bf87ac83931aa46 +- name: os_sahara + scm: git + src: https://git.openstack.org/openstack/openstack-ansible-os_sahara + version: e3e4f1bc8d72dd6fb7e26b8d0d364f9a60e16b0f +- name: os_swift + scm: git + src: https://git.openstack.org/openstack/openstack-ansible-os_swift + version: 65a330b0bc96fb88b7b34082f40f47e432948f34 +- name: os_tacker + scm: git + src: https://git.openstack.org/openstack/openstack-ansible-os_tacker + version: cad6a9033e519f03d97a91911ea981b17f1a7eed +- name: os_tempest + scm: git + src: https://git.openstack.org/openstack/openstack-ansible-os_tempest + version: 0fb52fcd130bee25f40cd515da69948821d5b504 +- name: os_trove + scm: git + src: https://git.openstack.org/openstack/openstack-ansible-os_trove + version: 6596f6b28c88a88c89e293ea8f5f8551eb491fd1 +- name: plugins + scm: git + src: https://git.openstack.org/openstack/openstack-ansible-plugins + version: 91ec1736393ff40ac8062180daed0c0027c2549a +- name: rabbitmq_server + scm: git + src: https://git.openstack.org/openstack/openstack-ansible-rabbitmq_server + version: fa80dfc0f8129e02f3f3b34bb7205889d3e5696c +- name: repo_build + scm: git + src: https://git.openstack.org/openstack/openstack-ansible-repo_build + version: d0079ff721b0f9c4682d57eccfadb36f365eea2b +- name: repo_server + scm: git + src: https://git.openstack.org/openstack/openstack-ansible-repo_server + version: 8302adcb11cad4e6245fd6bd1bbb4db08d3b60e9 +- name: rsyslog_client + scm: git + src: https://git.openstack.org/openstack/openstack-ansible-rsyslog_client + version: f41638370114412b97c6523b4c626ca70f0337f4 +- name: rsyslog_server + scm: git + src: https://git.openstack.org/openstack/openstack-ansible-rsyslog_server + version: 61a3ab251f63c6156f2a6604ee1a822070e19c90 +- name: sshd + scm: git + src: https://github.com/willshersystems/ansible-sshd + version: 0.5.1 +- name: bird + scm: git + src: https://github.com/logan2211/ansible-bird + version: '1.4' +- name: etcd + scm: git + src: https://github.com/logan2211/ansible-etcd + version: '1.3' +- name: unbound + scm: git + src: https://github.com/logan2211/ansible-unbound + version: '1.5' +- name: resolvconf + scm: git + src: https://github.com/logan2211/ansible-resolvconf + version: '1.3' +- name: ceph-defaults + scm: git + src: https://github.com/ceph/ansible-ceph-defaults + version: v3.0.8 +- name: ceph-common + scm: git + src: https://github.com/ceph/ansible-ceph-common + version: v3.0.8 +- name: ceph-config + scm: git + src: https://github.com/ceph/ansible-ceph-config + version: v3.0.8 +- name: ceph-mon + scm: git + src: https://github.com/ceph/ansible-ceph-mon + version: v3.0.8 +- name: ceph-mgr + scm: git + src: https://github.com/ceph/ansible-ceph-mgr + version: v3.0.8 +- name: ceph-osd + scm: git + src: https://github.com/ceph/ansible-ceph-osd + version: v3.0.8 diff --git a/compass-tasks-osa/tacker_conf/openstack_services.yml b/compass-tasks-osa/tacker_conf/openstack_services.yml new file mode 100644 index 0000000..a451f9e --- /dev/null +++ b/compass-tasks-osa/tacker_conf/openstack_services.yml @@ -0,0 +1,225 @@ +--- +# Copyright 2014, Rackspace US, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + + +## NOTICE on items in this file: +## * If you use anything in the *._git_install_branch field that is not a TAG +## make sure to leave an in-line comment as to "why". + +## For the sake of anyone else editing this file: +## * If you add services to this file please do so in alphabetical order. +## * Every entry should be name spaced with the name of the client followed by an "_" +## * All items with this file should be separated by `name_` note that the name of the +## package should be one long name with no additional `_` separating it. + + +### Before this is shipped all of these services should have a tag set as the branch, +### or have a comment / reason attached to them as to why a tag can not work. + + +## Global Requirements +requirements_git_repo: https://git.openstack.org/openstack/requirements +requirements_git_install_branch: e7e310f1f355f2ad06528e469c0bd94d7fbc6955 # HEAD of "stable/pike" as of 30.11.2017 + + +## Aodh service +aodh_git_repo: https://git.openstack.org/openstack/aodh +aodh_git_install_branch: ed3ce41fa0ae0173601b683748265e502b84553b # HEAD of "stable/pike" as of 30.11.2017 +aodh_git_project_group: aodh_all + + +## Barbican service +barbican_git_repo: https://git.openstack.org/openstack/barbican +barbican_git_install_branch: 4aefe87d91715adf4a0bc3871956404ebe312fe3 # HEAD of "stable/pike" as of 30.11.2017 +barbican_git_project_group: barbican_all + + +## Ceilometer service +ceilometer_git_repo: https://git.openstack.org/openstack/ceilometer +ceilometer_git_install_branch: d9340c88f0618d40b2959ab09a53c518f3a91de5 # HEAD of "stable/pike" as of 30.11.2017 +ceilometer_git_project_group: ceilometer_all + + +## Cinder service +cinder_git_repo: https://git.openstack.org/openstack/cinder +cinder_git_install_branch: 7bcb2ff94cf38eaa9def1115569981760e36510c # HEAD of "stable/pike" as of 30.11.2017 +cinder_git_project_group: cinder_all + + +## Designate service +designate_git_repo: https://git.openstack.org/openstack/designate +designate_git_install_branch: 6beba54a71510525d5bbc4956d20d27bffa982e5 # HEAD of "stable/pike" as of 30.11.2017 +designate_git_project_group: designate_all + + +## Horizon Designate dashboard plugin +designate_dashboard_git_repo: https://git.openstack.org/openstack/designate-dashboard +designate_dashboard_git_install_branch: bc128a7c29a427933fc4ca94a7510ef8c97e5206 # HEAD of "stable/pike" as of 30.11.2017 +designate_dashboard_git_project_group: horizon_all + + +## Dragonflow service +dragonflow_git_repo: https://git.openstack.org/openstack/dragonflow +dragonflow_git_install_branch: 84f1a26ff8e976b753593dc445e09a4c1a675a21 # Frozen HEAD of "master" as of 14.10.2017 (no stable/pike branch) +dragonflow_git_project_group: neutron_all + + +## Glance service +glance_git_repo: https://git.openstack.org/openstack/glance +glance_git_install_branch: 06af2eb5abe0332f7035a7d7c2fbfd19fbc4dae7 # HEAD of "stable/pike" as of 30.11.2017 +glance_git_project_group: glance_all + + +## Heat service +heat_git_repo: https://git.openstack.org/openstack/heat +heat_git_install_branch: ed3eb9fe823e193e850e170405eecbc1411667f6 # HEAD of "stable/pike" as of 30.11.2017 +heat_git_project_group: heat_all + + +## Horizon service +horizon_git_repo: https://git.openstack.org/openstack/horizon +horizon_git_install_branch: 8b98b9bec432e40d121cc4a3ed6abea5da701a84 # HEAD of "stable/pike" as of 30.11.2017 +horizon_git_project_group: horizon_all + +## Horizon Ironic dashboard plugin +ironic_dashboard_git_repo: https://git.openstack.org/openstack/ironic-ui +ironic_dashboard_git_install_branch: e2cba8ed8745b8ffcaa60d26ab69fd93f61582ad # HEAD of "stable/pike" as of 30.11.2017 +ironic_dashboard_git_project_group: horizon_all + +## Horizon Magnum dashboard plugin +magnum_dashboard_git_repo: https://git.openstack.org/openstack/magnum-ui +magnum_dashboard_git_install_branch: 0b9fc50aada1a3e214acaad1204b48c96a549e5f # HEAD of "stable/pike" as of 30.11.2017 +magnum_dashboard_git_project_group: horizon_all + +## Horizon LBaaS dashboard plugin +neutron_lbaas_dashboard_git_repo: https://git.openstack.org/openstack/neutron-lbaas-dashboard +neutron_lbaas_dashboard_git_install_branch: a5a05a27e7cab99dc379774f1d01c0076818e539 # HEAD of "stable/pike" as of 30.11.2017 +neutron_lbaas_dashboard_git_project_group: horizon_all + +## Horizon Sahara dashboard plugin +sahara_dashboard_git_repo: https://git.openstack.org/openstack/sahara-dashboard +sahara_dashboard_git_install_branch: 804206bb9c8af5c1d4f540664a6f9b36d45696e6 # HEAD of "stable/pike" as of 30.11.2017 +sahara_dashboard_git_project_group: horizon_all + + +## Keystone service +keystone_git_repo: https://git.openstack.org/openstack/keystone +keystone_git_install_branch: d0721d7cf4dc808946a7016b0ca2830c8850d5d9 # HEAD of "stable/pike" as of 30.11.2017 +keystone_git_project_group: keystone_all + + +## Neutron service +neutron_git_repo: https://git.openstack.org/openstack/neutron +neutron_git_install_branch: b1f71de42ead2c1278343307307984ad1ff00c71 # HEAD of "stable/pike" as of 30.11.2017 +neutron_git_project_group: neutron_all + +neutron_lbaas_git_repo: https://git.openstack.org/openstack/neutron-lbaas +neutron_lbaas_git_install_branch: dbdbbee9e7325f27a671cdc0813446d85329ca1b # HEAD of "stable/pike" as of 30.11.2017 +neutron_lbaas_git_project_group: neutron_all + +neutron_vpnaas_git_repo: https://git.openstack.org/openstack/neutron-vpnaas +neutron_vpnaas_git_install_branch: 60e4e7113b5fbbf28e97ebce2f40b7f1675200e6 # HEAD of "stable/pike" as of 30.11.2017 +neutron_vpnaas_git_project_group: neutron_all + +neutron_fwaas_git_repo: https://git.openstack.org/openstack/neutron-fwaas +neutron_fwaas_git_install_branch: c2bafa999f7ea45687d5a3d42739e465564e99d1 # HEAD of "stable/pike" as of 30.11.2017 +neutron_fwaas_git_project_group: neutron_all + +neutron_dynamic_routing_git_repo: https://git.openstack.org/openstack/neutron-dynamic-routing +neutron_dynamic_routing_git_install_branch: 9098d4447581117e857d2f86fb4a0508b5ffbb6a # HEAD of "stable/pike" as of 30.11.2017 +neutron_dynamic_routing_git_project_group: neutron_all + +networking_calico_git_repo: https://git.openstack.org/openstack/networking-calico +networking_calico_git_install_branch: 9688df1a3d1d8b3fd9ba367e82fe6b0559416728 # HEAD of "master" as of 30.11.2017 +networking_calico_git_project_group: neutron_all + +networking_odl_git_repo: https://git.openstack.org/openstack/networking-odl +networking_odl_git_install_branch: 319c51183fde4c189d310ff252248f3632c8c9df # HEAD of "master" as of 29.10.2017 +networking_odl_git_project_group: neutron_all + +## Nova service +nova_git_repo: https://git.openstack.org/openstack/nova +nova_git_install_branch: ec20e1aca856cf1f31d0212bda3e494bb8622aad # HEAD of "stable/pike" as of 30.11.2017 +nova_git_project_group: nova_all + + +## PowerVM Virt Driver +nova_powervm_git_repo: https://git.openstack.org/openstack/nova-powervm +nova_powervm_git_install_branch: e0b516ca36fa5dfd38ae6f7ea97afd9a52f313ed # HEAD of "stable/pike" as of 30.11.2017 +nova_powervm_git_project_group: nova_all + + +## LXD Virt Driver +nova_lxd_git_repo: https://git.openstack.org/openstack/nova-lxd +nova_lxd_git_install_branch: 9747c274138d9ef40512d5015e9e581f6bbec5d9 # HEAD of "stable/pike" as of 30.11.2017 +nova_lxd_git_project_group: nova_all + + +## Sahara service +sahara_git_repo: https://git.openstack.org/openstack/sahara +sahara_git_install_branch: 3ee0da5ea09904125c44e1f9d1a9b83554b1a1cd # HEAD of "stable/pike" as of 30.11.2017 +sahara_git_project_group: sahara_all + + +## Swift service +swift_git_repo: https://git.openstack.org/openstack/swift +swift_git_install_branch: 0344d6eb5afc723adc7bacf4b4e2aaf04da47548 # HEAD of "stable/pike" as of 30.11.2017 +swift_git_project_group: swift_all + + +## Swift3 middleware +swift_swift3_git_repo: https://git.openstack.org/openstack/swift3 +swift_swift3_git_install_branch: 1fb6a30ee59a16cd4b6c49bab963ff9e3f974580 # HEAD of "master" as of 30.11.2017 +swift_swift3_git_project_group: swift_all + + +## Ironic service +ironic_git_repo: https://git.openstack.org/openstack/ironic +ironic_git_install_branch: 47179d9fca337f32324f8e8a68541358fdac8649 # HEAD of "stable/pike" as of 30.11.2017 +ironic_git_project_group: ironic_all + +## Magnum service +magnum_git_repo: https://git.openstack.org/openstack/magnum +magnum_git_install_branch: c58b727bec3561d8d283497d784a3437185924dd # HEAD of "stable/pike" as of 30.11.2017 +magnum_git_project_group: magnum_all + +## Trove service +trove_git_repo: https://git.openstack.org/openstack/trove +trove_git_install_branch: e6d4b4b3fe1768348c9df815940b97cecb5e7ee2 # HEAD of "stable/pike" as of 30.11.2017 +trove_git_project_group: trove_all + +## Horizon Trove dashboard plugin +trove_dashboard_git_repo: https://git.openstack.org/openstack/trove-dashboard +trove_dashboard_git_install_branch: bffd0776d139f38f96ce8ded07ccde4b5a41bc7a # HEAD of "stable/pike" as of 30.11.2017 +trove_dashboard_git_project_group: horizon_all + +## Octavia service +octavia_git_repo: https://git.openstack.org/openstack/octavia +octavia_git_install_branch: d2fad0b6544a4893f72e2e993292b0379a452515 # HEAD of "stable/pike" as of 30.11.2017 +octavia_git_project_group: octavia_all + +## Molteniron service +molteniron_git_repo: https://git.openstack.org/openstack/molteniron +molteniron_git_install_branch: 094276cda77d814d07ad885e7d63de8d1243750a # HEAD of "master" as of 30.11.2017 +molteniron_git_project_group: molteniron_all + +## Tacker service +tacker_git_repo: https://git.openstack.org/openstack/tacker +tacker_git_install_branch: 90f5374f73ea8dd5f41c9ca8f2ed447d5a37285a # HEAD of "pike" as of 07.09.2017 +tacker_git_project_group: tacker_all + +networking_sfc_git_repo: https://git.openstack.org/openstack/networking-sfc +networking_sfc_git_install_branch: 4f98a7bb28bee3d4044b2c8af942e2df42c6752b # HEAD of "master" as of 16.10.2017 +networking_sfc_git_project_group: tacker_all diff --git a/compass-tasks-osa/tacker_conf/os-tacker-install.yml b/compass-tasks-osa/tacker_conf/os-tacker-install.yml new file mode 100644 index 0000000..dd96595 --- /dev/null +++ b/compass-tasks-osa/tacker_conf/os-tacker-install.yml @@ -0,0 +1,63 @@ +--- +# Copyright 2017, SUSE LINUX GmbH. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +- name: Install the tacker components + hosts: tacker_all + gather_facts: "{{ gather_facts | default(True) }}" + max_fail_percentage: 20 + user: root + pre_tasks: + - include: common-tasks/os-lxc-container-setup.yml + - include: common-tasks/rabbitmq-vhost-user.yml + static: no + vars: + user: "{{ tacker_rabbitmq_userid }}" + password: "{{ tacker_rabbitmq_password }}" + vhost: "{{ tacker_rabbitmq_vhost }}" + _rabbitmq_host_group: "{{ tacker_rabbitmq_host_group }}" + when: + - inventory_hostname == groups['tacker_all'][0] + - groups[tacker_rabbitmq_host_group] | length > 0 + - include: common-tasks/os-log-dir-setup.yml + vars: + log_dirs: + - src: "/openstack/log/{{ inventory_hostname }}-tacker" + dest: "/var/log/tacker" + - include: common-tasks/mysql-db-user.yml + static: no + vars: + user_name: "{{ tacker_galera_user }}" + password: "{{ tacker_container_mysql_password }}" + login_host: "{{ tacker_galera_address }}" + db_name: "{{ tacker_galera_database }}" + when: inventory_hostname == groups['tacker_all'][0] + - include: common-tasks/package-cache-proxy.yml + roles: + - role: "os_tacker" + - role: "openstack_openrc" + tags: + - openrc + - role: "rsyslog_client" + rsyslog_client_log_rotate_file: tacker_log_rotate + rsyslog_client_log_dir: "/var/log/tacker" + rsyslog_client_config_name: "99-tacker-rsyslog-client.conf" + tags: + - rsyslog + vars: + is_metal: "{{ properties.is_metal|default(false) }}" + tacker_galera_address: "{{ internal_lb_vip_address }}" + environment: "{{ deployment_environment_variables | default({}) }}" + tags: + - tacker diff --git a/compass-tasks-osa/tacker_conf/tacker.yml b/compass-tasks-osa/tacker_conf/tacker.yml new file mode 100644 index 0000000..9ceabbc --- /dev/null +++ b/compass-tasks-osa/tacker_conf/tacker.yml @@ -0,0 +1,36 @@ +--- +# Copyright 2017, SUSE Linux GmbH +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +component_skel: + tacker_server: + belongs_to: + - tacker_all + + +container_skel: + tacker_container: + belongs_to: + - mano_containers + contains: + - tacker_server + + +physical_skel: + mano_containers: + belongs_to: + - all_containers + mano_hosts: + belongs_to: + - hosts diff --git a/compass-tasks-osa/tacker_conf/tacker_all.yml b/compass-tasks-osa/tacker_conf/tacker_all.yml new file mode 100644 index 0000000..95d5b83 --- /dev/null +++ b/compass-tasks-osa/tacker_conf/tacker_all.yml @@ -0,0 +1,46 @@ +--- +# Copyright 2017, SUSE LINUX GmbH +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +tacker_service_user_name: tacker +tacker_service_tenant_name: service + +tacker_rabbitmq_userid: tacker +tacker_rabbitmq_vhost: /tacker +tacker_rabbitmq_port: "{{ rabbitmq_port }}" +tacker_rabbitmq_use_ssl: "{{ rabbitmq_use_ssl }}" +tacker_rabbitmq_servers: "{{ rabbitmq_servers }}" +tacker_rabbitmq_host_group: "{{ rabbitmq_host_group }}" + +tacker_service_publicuri: "{{ openstack_service_publicuri_proto|default(tacker_service_proto) }}://{{ external_lb_vip_address }}:{{ tacker_service_port }}" +tacker_service_adminurl: "{{ tacker_service_adminuri }}/" +tacker_service_region: "{{ service_region }}" +tacker_service_in_ldap: "{{ service_ldap_backend_enabled }}" + +tacker_aodh_enabled: "{{ groups['aodh_all'] is defined and groups['aodh_all'] | length > 0 }}" +tacker_gnocchi_enabled: "{{ groups['gnocchi_all'] is defined and groups['gnocchi_all'] | length > 0 }}" + +# NOTE: these and their swift_all.yml counterpart should be moved back to all.yml once swift with tacker gets proper SSL support +# swift_rabbitmq_telemetry_port: "{{ rabbitmq_port }}" +# swift_rabbitmq_telemetry_use_ssl: "{{ rabbitmq_use_ssl }}" + +# Ensure that the package state matches the global setting +tacker_package_state: "{{ package_state }}" + +# venv fetch configuration +tacker_venv_tag: "{{ venv_tag }}" +tacker_venv_download_url: "{{ venv_base_download_url }}/tacker-{{ openstack_release }}-{{ ansible_architecture | lower }}.tgz" + +# locations for fetching the default files from the git source +tacker_git_config_lookup_location: "{{ openstack_repo_url }}/openstackgit/tacker" diff --git a/compass-tasks-osa/tacker_conf/user_secrets.yml b/compass-tasks-osa/tacker_conf/user_secrets.yml new file mode 100644 index 0000000..05832ec --- /dev/null +++ b/compass-tasks-osa/tacker_conf/user_secrets.yml @@ -0,0 +1,163 @@ +--- +# Copyright 2014, Rackspace US, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +############################# WARNING ######################################## +# The playbooks do not currently manage changing passwords in an existing +# environment. Changing passwords and re-running the playbooks will fail +# and may break your OpenStack environment. +############################# WARNING ######################################## + + +## Rabbitmq Options +rabbitmq_cookie_token: +rabbitmq_monitoring_password: + +## Tokens +memcached_encryption_key: + +## Galera Options +galera_root_password: + +## Keystone Options +keystone_container_mysql_password: +keystone_auth_admin_password: +keystone_service_password: +keystone_rabbitmq_password: + +## Ceilometer Options: +ceilometer_container_db_password: +ceilometer_service_password: +ceilometer_telemetry_secret: +ceilometer_rabbitmq_password: + +## Aodh Options: +aodh_container_db_password: +aodh_service_password: +aodh_rabbitmq_password: + +## Cinder Options +cinder_container_mysql_password: +cinder_service_password: +cinder_profiler_hmac_key: +cinder_rabbitmq_password: + +## Ceph/rbd: a UUID to be used by libvirt to refer to the client.cinder user +cinder_ceph_client_uuid: + +## Glance Options +glance_container_mysql_password: +glance_service_password: +glance_profiler_hmac_key: +glance_rabbitmq_password: + +## Gnocchi Options: +gnocchi_container_mysql_password: +gnocchi_service_password: + +## Heat Options +heat_stack_domain_admin_password: +heat_container_mysql_password: +### THE HEAT AUTH KEY NEEDS TO BE 32 CHARACTERS LONG ## +heat_auth_encryption_key: +### THE HEAT AUTH KEY NEEDS TO BE 32 CHARACTERS LONG ## +heat_service_password: +heat_rabbitmq_password: + +## Ironic options +ironic_rabbitmq_password: +ironic_container_mysql_password: +ironic_service_password: +ironic_swift_temp_url_secret_key: + +## Horizon Options +horizon_container_mysql_password: +horizon_secret_key: + +## Neutron Options +neutron_container_mysql_password: +neutron_service_password: +neutron_rabbitmq_password: +neutron_ha_vrrp_auth_password: + +## Nova Options +nova_container_mysql_password: +nova_api_container_mysql_password: +nova_metadata_proxy_secret: +nova_service_password: +nova_rabbitmq_password: +nova_placement_service_password: +nova_placement_container_mysql_password: + +# LXD Options for nova compute +lxd_trust_password: + +## Octavia Options +octavia_container_mysql_password: +octavia_service_password: +octavia_health_hmac_key: +octavia_rabbitmq_password: + +## Sahara Options +sahara_container_mysql_password: +sahara_rabbitmq_password: +sahara_service_password: + +## Swift Options: +swift_service_password: +swift_dispersion_password: +### Once the swift cluster has been setup DO NOT change these hash values! +swift_hash_path_suffix: +swift_hash_path_prefix: +# Swift needs a telemetry password when using ceilometer +swift_rabbitmq_telemetry_password: + +## haproxy stats password +haproxy_stats_password: +haproxy_keepalived_authentication_password: + +## Magnum Options +magnum_service_password: +magnum_galera_password: +magnum_rabbitmq_password: +magnum_trustee_password: + +## Rally Options: +rally_galera_password: + +## Trove Options +trove_galera_password: +trove_rabbitmq_password: +trove_service_password: +trove_admin_user_password: +trove_taskmanager_rpc_encr_key: +trove_inst_rpc_key_encr_key: + +## Barbican Options +barbican_galera_password: +barbican_rabbitmq_password: +barbican_service_password: + +## Designate Options +designate_galera_password: +designate_rabbitmq_password: +designate_service_password: + +## Molteniron Options: +molteniron_container_mysql_password: + +# Tacker options +tacker_rabbitmq_password: +tacker_service_password: +tacker_container_mysql_password: -- cgit 1.2.3-korg