aboutsummaryrefslogtreecommitdiffstats
path: root/deploy/adapters/ansible
diff options
context:
space:
mode:
authorJustin chi <chigang@huawei.com>2017-07-14 10:16:59 +0000
committerGerrit Code Review <gerrit@opnfv.org>2017-07-14 10:16:59 +0000
commit37d0565a0277263d11023b62562d130bdd9ee997 (patch)
treea1154f2ff4756ce9e98f81a5eb68fea059eea43b /deploy/adapters/ansible
parentf35c02e9e7d68c0b21e3a9f8cae665b964e75a79 (diff)
parentf31ca71ffc5f4110796655ded3c7a6d144f43e42 (diff)
Merge "change the public endpoint protocol with https"
Diffstat (limited to 'deploy/adapters/ansible')
-rw-r--r--deploy/adapters/ansible/roles/config-osa/files/fetch-files.yml (renamed from deploy/adapters/ansible/roles/config-osa/files/fetch-openrc.yml)10
-rw-r--r--deploy/adapters/ansible/roles/config-osa/files/http.yml25
-rw-r--r--deploy/adapters/ansible/roles/config-osa/tasks/main.yml11
-rw-r--r--deploy/adapters/ansible/roles/config-osa/templates/user_variables.yml.j21
-rw-r--r--deploy/adapters/ansible/roles/post-openstack/tasks/main.yml13
5 files changed, 20 insertions, 40 deletions
diff --git a/deploy/adapters/ansible/roles/config-osa/files/fetch-openrc.yml b/deploy/adapters/ansible/roles/config-osa/files/fetch-files.yml
index 1251cbf1..346ef2fd 100644
--- a/deploy/adapters/ansible/roles/config-osa/files/fetch-openrc.yml
+++ b/deploy/adapters/ansible/roles/config-osa/files/fetch-files.yml
@@ -16,3 +16,13 @@
src: /root/openrc
dest: /opt/openrc
flat: "yes"
+
+- name: Fetch haproxy.cert
+ hosts: haproxy_hosts[0]
+ max_fail_percentage: 20
+ user: root
+ tasks:
+ - fetch:
+ src: /etc/ssl/certs/haproxy.cert
+ dest: /opt/os_cacert
+ flat: "yes"
diff --git a/deploy/adapters/ansible/roles/config-osa/files/http.yml b/deploy/adapters/ansible/roles/config-osa/files/http.yml
deleted file mode 100644
index d5c1e64e..00000000
--- a/deploy/adapters/ansible/roles/config-osa/files/http.yml
+++ /dev/null
@@ -1,25 +0,0 @@
-# #############################################################################
-# Copyright (c) 2017 HUAWEI TECHNOLOGIES CO.,LTD and others.
-#
-# All rights reserved. This program and the accompanying materials
-# are made available under the terms of the Apache License, Version 2.0
-# which accompanies this distribution, and is available at
-# http://www.apache.org/licenses/LICENSE-2.0
-# #############################################################################
----
-- name: change https to http in haproxy configuratio
- hosts: network_hosts
- gather_facts: "{{ gather_facts | default(True) }}"
- max_fail_percentage: 20
- user: root
- tasks:
- - name: change the haproxy configuration
- shell: "sed -i 's/ssl crt.*//g' /etc/haproxy/haproxy.cfg;
- sed -i 's/https$/http/g' /etc/haproxy/haproxy.cfg"
- when: openstack_service_publicuri_proto == "http"
-
- - name: restart haproxy service
- service:
- name: haproxy
- state: restarted
- when: openstack_service_publicuri_proto == "http"
diff --git a/deploy/adapters/ansible/roles/config-osa/tasks/main.yml b/deploy/adapters/ansible/roles/config-osa/tasks/main.yml
index e66ea949..b86a3205 100644
--- a/deploy/adapters/ansible/roles/config-osa/tasks/main.yml
+++ b/deploy/adapters/ansible/roles/config-osa/tasks/main.yml
@@ -76,12 +76,7 @@
src: create-flavor.yml.j2
dest: /opt/openstack-ansible/playbooks/create-flavor.yml
-- name: copy http.yml
+- name: copy fetch-files.yml
copy:
- src: http.yml
- dest: /opt/openstack-ansible/playbooks/http.yml
-
-- name: copy fetch-openrc.yml
- copy:
- src: fetch-openrc.yml
- dest: /opt/openstack-ansible/playbooks/fetch-openrc.yml
+ src: fetch-files.yml
+ dest: /opt/openstack-ansible/playbooks/fetch-files.yml
diff --git a/deploy/adapters/ansible/roles/config-osa/templates/user_variables.yml.j2 b/deploy/adapters/ansible/roles/config-osa/templates/user_variables.yml.j2
index 5157f758..7f29d5fe 100644
--- a/deploy/adapters/ansible/roles/config-osa/templates/user_variables.yml.j2
+++ b/deploy/adapters/ansible/roles/config-osa/templates/user_variables.yml.j2
@@ -21,7 +21,6 @@
# # Debug and Verbose options.
debug: false
-openstack_service_publicuri_proto: http
haproxy_keepalived_external_vip_cidr: "{{ public_vip.ip }}/32"
haproxy_keepalived_internal_vip_cidr: "10.1.0.22/32"
haproxy_keepalived_external_interface: br-vlan
diff --git a/deploy/adapters/ansible/roles/post-openstack/tasks/main.yml b/deploy/adapters/ansible/roles/post-openstack/tasks/main.yml
index 8140cee7..3641faeb 100644
--- a/deploy/adapters/ansible/roles/post-openstack/tasks/main.yml
+++ b/deploy/adapters/ansible/roles/post-openstack/tasks/main.yml
@@ -23,15 +23,16 @@
cd /opt/openstack-ansible/playbooks; \
openstack-ansible create-flavor.yml > /dev/null"
-- name: change https to http
- shell: "export ANSIBLE_LOG_PATH=/var/ansible/run/openstack_ocata-opnfv2/ansible.log; \
- cd /opt/openstack-ansible/playbooks; \
- openstack-ansible http.yml > /dev/null"
-
- name: run ansible yml to fetch openrc
shell: "export ANSIBLE_LOG_PATH=/var/ansible/run/openstack_ocata-opnfv2/ansible.log; \
cd /opt/openstack-ansible/playbooks; \
- openstack-ansible fetch-openrc.yml > /dev/null"
+ openstack-ansible fetch-files.yml > /dev/null"
+
+- name: replace http with https in openrc
+ replace:
+ dest: /opt/openrc
+ regexp: "http://"
+ replace: "https://"
- name: replace internalURL with publicURL in openrc
replace: