summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--deploy/adapters/ansible/openstack/HA-ansible-multinodes.yml85
-rw-r--r--deploy/adapters/ansible/roles/ha/templates/haproxy.cfg4
2 files changed, 83 insertions, 6 deletions
diff --git a/deploy/adapters/ansible/openstack/HA-ansible-multinodes.yml b/deploy/adapters/ansible/openstack/HA-ansible-multinodes.yml
index b8fff581..472bb30a 100644
--- a/deploy/adapters/ansible/openstack/HA-ansible-multinodes.yml
+++ b/deploy/adapters/ansible/openstack/HA-ansible-multinodes.yml
@@ -1,6 +1,42 @@
---
- hosts: all
remote_user: root
+ pre_tasks:
+ - name: make sure ssh dir exist
+ file:
+ path: '{{ item.path }}'
+ owner: '{{ item.owner }}'
+ group: '{{ item.group }}'
+ state: directory
+ mode: 0755
+ with_items:
+ - path: /root/.ssh
+ owner: root
+ group: root
+
+ - name: write ssh config
+ copy:
+ content: "UserKnownHostsFile /dev/null\nStrictHostKeyChecking no"
+ dest: '{{ item.dest }}'
+ owner: '{{ item.owner }}'
+ group: '{{ item.group }}'
+ mode: 0600
+ with_items:
+ - dest: /root/.ssh/config
+ owner: root
+ group: root
+
+ - name: generate ssh keys
+ shell: if [ ! -f ~/.ssh/id_rsa.pub ]; then ssh-keygen -q -t rsa -f ~/.ssh/id_rsa -N ""; else echo "already gen ssh key!"; fi;
+
+ - name: fetch ssh keys
+ fetch: src=/root/.ssh/id_rsa.pub dest=/tmp/ssh-keys-{{ ansible_hostname }} flat=yes
+
+ - authorized_key:
+ user: root
+ key: "{{ lookup('file', 'item') }}"
+ with_fileglob:
+ - /tmp/ssh-keys-*
roles:
- common
@@ -38,8 +74,8 @@
- hosts: all
remote_user: root
accelerate: true
- roles:
- - storage
+ roles:
+ - storage
- hosts: compute
remote_user: root
@@ -116,3 +152,48 @@
accelerate: true
roles:
- secgroup
+
+- hosts: all
+ remote_user: root
+ accelerate: true
+ tasks:
+ - name: set bash to nova
+ user:
+ name: nova
+ shell: /bin/bash
+
+ - name: make sure ssh dir exist
+ file:
+ path: '{{ item.path }}'
+ owner: '{{ item.owner }}'
+ group: '{{ item.group }}'
+ state: directory
+ mode: 0755
+ with_items:
+ - path: /var/lib/nova/.ssh
+ owner: nova
+ group: nova
+
+ - name: copy ssh keys for nova
+ shell: cp -rf /root/.ssh/id_rsa /var/lib/nova/.ssh;
+
+ - name: write ssh config
+ copy:
+ content: "UserKnownHostsFile /dev/null\nStrictHostKeyChecking no"
+ dest: '{{ item.dest }}'
+ owner: '{{ item.owner }}'
+ group: '{{ item.group }}'
+ mode: 0600
+ with_items:
+ - dest: /var/lib/nova/.ssh/config
+ owner: nova
+ group: nova
+
+ - authorized_key:
+ user: nova
+ key: "{{ lookup('file', 'item') }}"
+ with_fileglob:
+ - /tmp/ssh-keys-*
+
+ - name: chown ssh file
+ shell: chown -R nova:nova /var/lib/nova/.ssh;
diff --git a/deploy/adapters/ansible/roles/ha/templates/haproxy.cfg b/deploy/adapters/ansible/roles/ha/templates/haproxy.cfg
index 1bca5e39..3ff63689 100644
--- a/deploy/adapters/ansible/roles/ha/templates/haproxy.cfg
+++ b/deploy/adapters/ansible/roles/ha/templates/haproxy.cfg
@@ -56,7 +56,6 @@ listen proxy-glance_registry_cluster
bind {{ public_vip.ip }}:9191
option tcpka
option tcplog
- option httpchk
balance source
{% for host,ip in haproxy_hosts.items() %}
server {{ host }} {{ ip }}:9191 weight 1 check inter 2000 rise 2 fall 5
@@ -78,7 +77,6 @@ listen proxy-nova-novncproxy
bind {{ public_vip.ip }}:6080
option tcpka
option tcplog
- option httpchk
balance source
{% for host,ip in haproxy_hosts.items() %}
server {{ host }} {{ ip }}:6080 weight 1 check inter 2000 rise 2 fall 5
@@ -144,7 +142,6 @@ listen proxy-nova_metadata_api_cluster
bind {{ public_vip.ip }}:8775
option tcpka
option tcplog
- option httpchk
balance source
{% for host,ip in haproxy_hosts.items() %}
server {{ host }} {{ ip }}:8775 weight 1 check inter 2000 rise 2 fall 5
@@ -180,7 +177,6 @@ listen proxy-dashboarad
cookie SERVERID insert indirect nocache
option forwardfor
option httpchk
- option httpchk
option httpclose
rspidel ^Set-cookie:\ IP=
{% for host,ip in haproxy_hosts.items() %}