diff options
17 files changed, 123 insertions, 48 deletions
diff --git a/deploy/adapters/ansible/openstack_mitaka/roles/keystone/vars/Debian.yml b/deploy/adapters/ansible/openstack_mitaka/roles/keystone/vars/Debian.yml deleted file mode 100644 index b8d8e7c2..00000000 --- a/deploy/adapters/ansible/openstack_mitaka/roles/keystone/vars/Debian.yml +++ /dev/null @@ -1,21 +0,0 @@ -############################################################################## -# Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others. -# -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## ---- - -cron_path: "/var/spool/cron/crontabs" - -packages: - - keystone - - python-openstackclient - -services: - - apache2 - -apache_config_dir: /etc/apache2 -http_service_name: apache2 diff --git a/deploy/adapters/ansible/openstack_mitaka/roles/nova-compute/tasks/main.yml b/deploy/adapters/ansible/openstack_mitaka/roles/nova-compute/tasks/main.yml index 5d7f8b60..f49896bf 100644 --- a/deploy/adapters/ansible/openstack_mitaka/roles/nova-compute/tasks/main.yml +++ b/deploy/adapters/ansible/openstack_mitaka/roles/nova-compute/tasks/main.yml @@ -37,6 +37,10 @@ notify: - restart nova-compute services +- name: get number of cpu support virtualization + shell: egrep -c '(vmx|svm)' /proc/cpuinfo + register: kvm_cpu_num + - name: update nova-compute conf template: src={{ item }} dest=/etc/nova/{{ item }} with_items: diff --git a/deploy/adapters/ansible/openstack_mitaka/roles/nova-compute/templates/nova-compute.conf b/deploy/adapters/ansible/openstack_mitaka/roles/nova-compute/templates/nova-compute.conf new file mode 100644 index 00000000..305d408b --- /dev/null +++ b/deploy/adapters/ansible/openstack_mitaka/roles/nova-compute/templates/nova-compute.conf @@ -0,0 +1,11 @@ +[DEFAULT] +compute_driver=libvirt.LibvirtDriver +force_raw_images = true +[libvirt] +{% if kvm_cpu_num.stdout_lines[0]|int == 0 %} +virt_type=qemu +{% else %} +virt_type=kvm +{% endif %} +images_type = raw +mem_stats_period_seconds=0 diff --git a/deploy/adapters/ansible/openstack_mitaka/roles/secgroup/templates/neutron.j2 b/deploy/adapters/ansible/openstack_mitaka/roles/secgroup/templates/neutron.j2 new file mode 100644 index 00000000..aac6c8a2 --- /dev/null +++ b/deploy/adapters/ansible/openstack_mitaka/roles/secgroup/templates/neutron.j2 @@ -0,0 +1,4 @@ +[securitygroup] +firewall_driver = neutron.agent.firewall.NoopFirewallDriver +enable_security_group = True + diff --git a/deploy/adapters/ansible/openstack_mitaka/roles/secgroup/templates/nova.j2 b/deploy/adapters/ansible/openstack_mitaka/roles/secgroup/templates/nova.j2 new file mode 100644 index 00000000..7dbc216a --- /dev/null +++ b/deploy/adapters/ansible/openstack_mitaka/roles/secgroup/templates/nova.j2 @@ -0,0 +1,3 @@ +[DEFAULT] +firewall_driver = nova.virt.firewall.NoopFirewallDriver +security_group_api = neutron diff --git a/deploy/adapters/ansible/openstack_mitaka_xenial/roles/keystone/templates/admin-openrc-v3.sh b/deploy/adapters/ansible/openstack_mitaka_xenial/roles/keystone/templates/admin-openrc-v3.sh deleted file mode 100644 index c3d863e8..00000000 --- a/deploy/adapters/ansible/openstack_mitaka_xenial/roles/keystone/templates/admin-openrc-v3.sh +++ /dev/null @@ -1,19 +0,0 @@ -############################################################################## -# Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others. -# -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## -# Verify the Identity Service installation -export OS_PASSWORD={{ ADMIN_PASS }} -export OS_TENANT_NAME=admin -export OS_AUTH_URL=http://{{ internal_vip.ip }}:35357/v3 -export OS_IDENTITY_API_VERSION=3 -export OS_USERNAME=admin -export OS_VOLUME_API_VERSION=2 -export OS_USER_DOMAIN_NAME=Default -export OS_PROJECT_DOMAIN_NAME=Default - - diff --git a/deploy/adapters/ansible/openstack_mitaka_xenial/roles/nova-compute/tasks/main.yml b/deploy/adapters/ansible/openstack_mitaka_xenial/roles/nova-compute/tasks/main.yml index c177001d..7bb4f347 100644 --- a/deploy/adapters/ansible/openstack_mitaka_xenial/roles/nova-compute/tasks/main.yml +++ b/deploy/adapters/ansible/openstack_mitaka_xenial/roles/nova-compute/tasks/main.yml @@ -37,6 +37,10 @@ notify: - restart nova-compute services +- name: get number of cpu support virtualization + shell: egrep -c '(vmx|svm)' /proc/cpuinfo + register: kvm_cpu_num + - name: update nova-compute conf template: src={{ item }} dest=/etc/nova/{{ item }} with_items: diff --git a/deploy/adapters/ansible/openstack_mitaka_xenial/roles/nova-compute/templates/nova-compute.conf b/deploy/adapters/ansible/openstack_mitaka_xenial/roles/nova-compute/templates/nova-compute.conf new file mode 100644 index 00000000..305d408b --- /dev/null +++ b/deploy/adapters/ansible/openstack_mitaka_xenial/roles/nova-compute/templates/nova-compute.conf @@ -0,0 +1,11 @@ +[DEFAULT] +compute_driver=libvirt.LibvirtDriver +force_raw_images = true +[libvirt] +{% if kvm_cpu_num.stdout_lines[0]|int == 0 %} +virt_type=qemu +{% else %} +virt_type=kvm +{% endif %} +images_type = raw +mem_stats_period_seconds=0 diff --git a/deploy/adapters/ansible/openstack_mitaka_xenial/roles/secgroup/templates/neutron.j2 b/deploy/adapters/ansible/openstack_mitaka_xenial/roles/secgroup/templates/neutron.j2 new file mode 100644 index 00000000..aac6c8a2 --- /dev/null +++ b/deploy/adapters/ansible/openstack_mitaka_xenial/roles/secgroup/templates/neutron.j2 @@ -0,0 +1,4 @@ +[securitygroup] +firewall_driver = neutron.agent.firewall.NoopFirewallDriver +enable_security_group = True + diff --git a/deploy/adapters/ansible/openstack_mitaka_xenial/roles/secgroup/templates/nova.j2 b/deploy/adapters/ansible/openstack_mitaka_xenial/roles/secgroup/templates/nova.j2 new file mode 100644 index 00000000..7dbc216a --- /dev/null +++ b/deploy/adapters/ansible/openstack_mitaka_xenial/roles/secgroup/templates/nova.j2 @@ -0,0 +1,3 @@ +[DEFAULT] +firewall_driver = nova.virt.firewall.NoopFirewallDriver +security_group_api = neutron diff --git a/deploy/adapters/ansible/roles/database/tasks/mariadb_config.yml b/deploy/adapters/ansible/roles/database/tasks/mariadb_config.yml index b18ae8f7..780fc322 100644 --- a/deploy/adapters/ansible/roles/database/tasks/mariadb_config.yml +++ b/deploy/adapters/ansible/roles/database/tasks/mariadb_config.yml @@ -41,6 +41,24 @@ script: remove_user.sh when: ansible_os_family == "RedHat" +- name: restart mysql for centos noha + service: + name: mysql + state: restarted + when: > + inventory_hostname == haproxy_hosts.keys()[0] + and haproxy_hosts|length == 1 + and ansible_os_family == "RedHat" + +- name: restart mysql second time for centos noha + service: + name: mysql + state: restarted + when: > + inventory_hostname == haproxy_hosts.keys()[0] + and haproxy_hosts|length == 1 + and ansible_os_family == "RedHat" + - name: restart first nodes service: name: mysql diff --git a/deploy/adapters/ansible/roles/heat/tasks/heat_install.yml b/deploy/adapters/ansible/roles/heat/tasks/heat_install.yml index 1fbada8c..a6e76c74 100644 --- a/deploy/adapters/ansible/roles/heat/tasks/heat_install.yml +++ b/deploy/adapters/ansible/roles/heat/tasks/heat_install.yml @@ -17,6 +17,18 @@ lineinfile: dest=/opt/service create=yes line='{{ item }}' with_items: services | union(services_noarch) +# ' + +- name: create heat user domain + shell: > + . /opt/admin-openrc-v3.sh; + openstack domain create --description "Stack projects and users" heat; + openstack user create --domain heat --password {{ HEAT_PASS }} heat_domain_admin; + openstack role add --domain heat --user-domain heat --user heat_domain_admin admin; + openstack role create heat_stack_owner; + openstack role add --project demo --user demo heat_stack_owner; + when: inventory_hostname == groups['controller'][0] and ansible_os_family == "Debian" + - name: update heat conf template: src=heat.j2 dest=/etc/heat/heat.conf @@ -24,4 +36,13 @@ notify: - restart heat service - remove heat-sqlite-db + when: ansible_os_family == "RedHat" +- name: update heat conf + template: src=heat_debian.j2 + dest=/etc/heat/heat.conf + backup=yes + notify: + - restart heat service + - remove heat-sqlite-db + when: ansible_os_family == "Debian" diff --git a/deploy/adapters/ansible/roles/heat/templates/heat_debian.j2 b/deploy/adapters/ansible/roles/heat/templates/heat_debian.j2 new file mode 100644 index 00000000..62df9fd9 --- /dev/null +++ b/deploy/adapters/ansible/roles/heat/templates/heat_debian.j2 @@ -0,0 +1,28 @@ +[DEFAULT] +heat_metadata_server_url = http://{{ internal_vip.ip }}:8000 +heat_waitcondition_server_url = http://{{ internal_vip.ip }}:8000/v1/waitcondition +rpc_backend = rabbit +rabbit_host = {{ rabbit_host }} +rabbit_userid = {{ RABBIT_USER }} +rabbit_password = {{ RABBIT_PASS }} +log_dir = /var/log/heat +stack_domain_admin = heat_domain_admin +stack_domain_admin_password = {{ HEAT_PASS }} +stack_user_domain_name = heat + +[database] +connection = mysql://heat:{{ HEAT_DBPASS }}@{{ db_host }}/heat +idle_timeout = 30 +use_db_reconnect = True +pool_timeout = 10 + +[ec2authtoken] +auth_uri = http://{{ internal_vip.ip }}:5000/v2.0 + +[keystone_authtoken] +auth_uri = http://{{ internal_vip.ip }}:5000/v2.0 +identity_uri = http://{{ internal_vip.ip }}:35357 +admin_tenant_name = service +admin_user = heat +admin_password = {{ HEAT_PASS }} + diff --git a/deploy/adapters/ansible/roles/keystone/tasks/keystone_install.yml b/deploy/adapters/ansible/roles/keystone/tasks/keystone_install.yml index ffae8ff0..ea6926f4 100644 --- a/deploy/adapters/ansible/roles/keystone/tasks/keystone_install.yml +++ b/deploy/adapters/ansible/roles/keystone/tasks/keystone_install.yml @@ -83,5 +83,6 @@ with_items: - admin-openrc.sh - demo-openrc.sh + - admin-openrc-v3.sh - meta: flush_handlers diff --git a/deploy/adapters/ansible/openstack_mitaka/roles/keystone/templates/admin-openrc-v3.sh b/deploy/adapters/ansible/roles/keystone/templates/admin-openrc-v3.sh index c3d863e8..c3d863e8 100644 --- a/deploy/adapters/ansible/openstack_mitaka/roles/keystone/templates/admin-openrc-v3.sh +++ b/deploy/adapters/ansible/roles/keystone/templates/admin-openrc-v3.sh diff --git a/deploy/adapters/ansible/roles/keystone/vars/Debian.yml b/deploy/adapters/ansible/roles/keystone/vars/Debian.yml index 67547277..b8d8e7c2 100644 --- a/deploy/adapters/ansible/roles/keystone/vars/Debian.yml +++ b/deploy/adapters/ansible/roles/keystone/vars/Debian.yml @@ -12,6 +12,7 @@ cron_path: "/var/spool/cron/crontabs" packages: - keystone + - python-openstackclient services: - apache2 diff --git a/deploy/prepare.sh b/deploy/prepare.sh index a4f606af..22183f49 100755 --- a/deploy/prepare.sh +++ b/deploy/prepare.sh @@ -36,13 +36,6 @@ function download_iso() } function prepare_env() { - if [[ "$DEPLOY_FIRST_TIME" == "true" ]]; then - sudo apt-get update -y - sudo apt-get install -y --force-yes mkisofs bc curl ipmitool openvswitch-switch - sudo apt-get install -y --force-yes git python-dev - sudo apt-get install -y --force-yes libxslt-dev libxml2-dev libvirt-dev build-essential qemu-utils qemu-kvm libvirt-bin virtinst libmysqld-dev - sudo apt-get install -y --force-yes libffi-dev libssl-dev - fi sudo service libvirt-bin restart if sudo service openvswitch-switch status|grep stop; then @@ -78,11 +71,20 @@ function _prepare_python_env() { rm -rf $WORK_DIR/venv mkdir -p $WORK_DIR/venv - sudo apt-get install -y --force-yes python-pip + if [[ "$DEPLOY_FIRST_TIME" == "true" ]]; then + sudo apt-get update -y + sudo apt-get install -y --force-yes mkisofs bc curl ipmitool openvswitch-switch + sudo apt-get install -y --force-yes git python-dev python-pip + sudo apt-get install -y --force-yes libxslt-dev libxml2-dev libvirt-dev build-essential qemu-utils qemu-kvm libvirt-bin virtinst libmysqld-dev + sudo apt-get install -y --force-yes libffi-dev libssl-dev + fi + sudo pip install --upgrade virtualenv virtualenv $WORK_DIR/venv source $WORK_DIR/venv/bin/activate + pip install --upgrade cffi + pip install --upgrade MarkupSafe pip install --upgrade pip pip install --upgrade cheetah pip install --upgrade pyyaml |