diff options
Diffstat (limited to 'deploy/adapters/ansible/roles/config-compute')
15 files changed, 374 insertions, 0 deletions
diff --git a/deploy/adapters/ansible/roles/config-compute/handlers/main.yml b/deploy/adapters/ansible/roles/config-compute/handlers/main.yml new file mode 100644 index 00000000..c565498f --- /dev/null +++ b/deploy/adapters/ansible/roles/config-compute/handlers/main.yml @@ -0,0 +1,14 @@ +############################################################################## +## Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others. +## All rights reserved. This program and the accompanying materials +## are made available under the terms of the Apache License, Version 2.0 +## which accompanies this distribution, and is available at +## http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +- name: restart network service + shell: "/sbin/ifconfig eth0 0 &&/sbin/ifdown -a && \ + /sbin/ifup --ignore-errors -a" + +- name: restart nfs service + service: name=nfs-kernel-server state=restarted diff --git a/deploy/adapters/ansible/roles/config-compute/tasks/RedHat.yml b/deploy/adapters/ansible/roles/config-compute/tasks/RedHat.yml new file mode 100644 index 00000000..4c6d2465 --- /dev/null +++ b/deploy/adapters/ansible/roles/config-compute/tasks/RedHat.yml @@ -0,0 +1,105 @@ +############################################################################## +# Copyright (c) 2017 HUAWEI TECHNOLOGIES CO.,LTD and others. +# +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +- name: make nfs dircetory + file: "dest=/images mode=0777 state=directory" + +- name: configure service + shell: "echo 'nfs 2049/tcp' >> /etc/services; \ + echo 'nfs 2049/udp' >> /etc/services" + +# yamllint disable rule:line-length +- name: generate ifcfg-if.vxlan + template: + src: ifcfg-if.vxlan + dest: /etc/sysconfig/network-scripts/ifcfg-{{sys_intf_mappings["mgmt"]["interface"]}}.{{sys_intf_mappings["mgmt"]["vlan_tag"]}} + +- name: generate ifcfg-if.storage + template: + src: ifcfg-if.storage + dest: /etc/sysconfig/network-scripts/ifcfg-{{sys_intf_mappings["storage"]["interface"]}}.{{sys_intf_mappings["storage"]["vlan_tag"]}} + +- name: add br-vlan to interface script + lineinfile: + dest: /etc/sysconfig/network-scripts/ifcfg-{{ network_cfg["provider_net_mappings"][0]["interface"] }} + line: "BRIDGE=br-vlan" + +- name: remove eth0 ip addresss + lineinfile: + dest: /etc/sysconfig/network-scripts/ifcfg-eth0 + regexp: "^IPADDR=*" + state: absent + +- name: remove eth0 netmask + lineinfile: + dest: /etc/sysconfig/network-scripts/ifcfg-eth0 + regexp: "^NETMASK=*" + state: absent + +- name: add br-mgmt to eth0 script + lineinfile: + dest: /etc/sysconfig/network-scripts/ifcfg-eth0 + line: "BRIDGE=br-mgmt" + +- name: add br-vlan to interface script + lineinfile: + dest: /etc/sysconfig/network-scripts/ifcfg-{{sys_intf_mappings["storage"]["interface"]}}.{{sys_intf_mappings["storage"]["vlan_tag"]}} + line: "BRIDGE=br-storage" + +- name: add br-vxlan to interface script + lineinfile: + dest: /etc/sysconfig/network-scripts/ifcfg-{{sys_intf_mappings["mgmt"]["interface"]}}.{{sys_intf_mappings["mgmt"]["vlan_tag"]}} + line: "BRIDGE=br-vxlan" +# yamllint enable rule:line-length + +- name: generate ifcfg-br-mgmt script + template: + src: ifcfg-br-mgmt + dest: /etc/sysconfig/network-scripts/ + +- name: generate ifcfg-br-vlan script + template: + src: ifcfg-br-vlan + dest: /etc/sysconfig/network-scripts/ + +- name: generate ifcfg-br-storage script + template: + src: ifcfg-br-storage + dest: /etc/sysconfig/network-scripts/ + +- name: generate ifcfg-br-vxlan script + template: + src: ifcfg-br-vxlan + dest: /etc/sysconfig/network-scripts/ + +- name: restart the network + shell: systemctl restart network + +- name: Install apt packages + yum: + pkg: "{{item}}" + state: "present" + with_items: + - nfs-utils + - rpcbind + +- name: configure NFS + template: + src: exports + dest: /etc/exports + +- name: exportfs + shell: exportfs -r + +- name: start nfs + shell: | + service rpcbind start; + service nfs start; + chkconfig rpcbind on; + chkconfig nfs on; diff --git a/deploy/adapters/ansible/roles/config-compute/tasks/Ubuntu.yml b/deploy/adapters/ansible/roles/config-compute/tasks/Ubuntu.yml new file mode 100644 index 00000000..6e6cae85 --- /dev/null +++ b/deploy/adapters/ansible/roles/config-compute/tasks/Ubuntu.yml @@ -0,0 +1,54 @@ +############################################################################## +# Copyright (c) 2017 HUAWEI TECHNOLOGIES CO.,LTD and others. +# +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +- name: configure network + template: + src: compute.j2 + dest: /etc/network/interfaces + notify: + - restart network service + +- meta: flush_handlers + +- name: check apt source + shell: "ping -c 2 {{ LOCAL_REPOSITORY_IP }} > /dev/null" + register: checkresult + ignore_errors: "true" + +- name: change sources list(apt) + template: + src: sources.list.lab + dest: /etc/apt/sources.list + when: checkresult.rc == 0 + +- name: change sources list(apt) + template: + src: sources.list.official + dest: /etc/apt/sources.list + when: checkresult.rc != 0 + +- name: Install apt packages + apt: + pkg: "nfs-kernel-server" + state: "present" + update_cache: "yes" + +- name: make nfs dircetory + file: "dest=/images mode=0777 state=directory" + +- name: configure service + shell: "echo 'nfs 2049/tcp' >> /etc/services; \ + echo 'nfs 2049/udp' >> /etc/services" + +- name: configure NFS + template: + src: exports + dest: /etc/exports + notify: + - restart nfs service diff --git a/deploy/adapters/ansible/roles/config-compute/tasks/main.yml b/deploy/adapters/ansible/roles/config-compute/tasks/main.yml new file mode 100644 index 00000000..674c80cc --- /dev/null +++ b/deploy/adapters/ansible/roles/config-compute/tasks/main.yml @@ -0,0 +1,14 @@ +############################################################################## +# Copyright (c) 2017 HUAWEI TECHNOLOGIES CO.,LTD and others. +# +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +- include: "{{ ansible_distribution }}.yml" + when: ansible_distribution == 'Ubuntu' + +- include: "{{ ansible_os_family }}.yml" + when: ansible_os_family == 'RedHat' and ansible_distribution_major_version == '7' diff --git a/deploy/adapters/ansible/roles/config-compute/templates/compute.j2 b/deploy/adapters/ansible/roles/config-compute/templates/compute.j2 new file mode 100644 index 00000000..66c3297b --- /dev/null +++ b/deploy/adapters/ansible/roles/config-compute/templates/compute.j2 @@ -0,0 +1,81 @@ +# This file describes the network interfaces available on your system +# and how to activate them. For more information, see interfaces(5). + +# The loopback network interface +auto lo +iface lo inet loopback + + +# Physical interface +auto eth0 +iface eth0 inet manual + + +# OpenStack Networking VXLAN (tunnel/overlay) VLAN interface +auto {{sys_intf_mappings["mgmt"]["interface"]}}.{{sys_intf_mappings["mgmt"]["vlan_tag"]}} +iface {{sys_intf_mappings["mgmt"]["interface"]}}.{{sys_intf_mappings["mgmt"]["vlan_tag"]}} inet manual + vlan-raw-device {{sys_intf_mappings["mgmt"]["interface"]}} + +# Storage network VLAN interface (optional) +auto {{sys_intf_mappings["storage"]["interface"]}}.{{sys_intf_mappings["storage"]["vlan_tag"]}} +iface {{sys_intf_mappings["storage"]["interface"]}}.{{sys_intf_mappings["storage"]["vlan_tag"]}} inet manual + vlan-raw-device {{sys_intf_mappings["storage"]["interface"]}} + +# Container/Host management bridge +auto br-mgmt +iface br-mgmt inet static + bridge_stp off + bridge_waitport 0 + bridge_fd 0 + bridge_ports eth0 + address {{host_info[inventory_hostname].MGMT_IP}} + netmask 255.255.255.0 + +# compute1 VXLAN (tunnel/overlay) bridge config +auto br-vxlan +iface br-vxlan inet static + bridge_stp off + bridge_waitport 0 + bridge_fd 0 + bridge_ports {{sys_intf_mappings["mgmt"]["interface"]}}.{{sys_intf_mappings["mgmt"]["vlan_tag"]}} + address {{host_info[inventory_hostname].VXLAN_IP}} + netmask 255.255.252.0 + +# OpenStack Networking VLAN bridge +auto br-vlan +iface br-vlan inet static + bridge_stp off + bridge_waitport 0 + bridge_fd 0 + bridge_ports {{ network_cfg["provider_net_mappings"][0]["interface"] }} + address {{ip_settings[inventory_hostname]["br-prv"]["ip"]}} + netmask 255.255.255.0 + gateway {{ip_settings[inventory_hostname]["br-prv"]["gw"]}} + offload-sg off + # Create veth pair, don't bomb if already exists + pre-up ip link add br-vlan-veth type veth peer name eth12 || true + # Set both ends UP + pre-up ip link set br-vlan-veth up + pre-up ip link set eth12 up + # Delete veth pair on DOWN + post-down ip link del br-vlan-veth || true + bridge_ports br-vlan-veth + +# Add an additional address to br-vlan +iface br-vlan inet static + # Flat network default gateway + # -- This needs to exist somewhere for network reachability + # -- from the router namespace for floating IP paths. + # -- Putting this here is primarily for tempest to work. + address {{host_info[inventory_hostname].VLAN_IP_SECOND}} + netmask 255.255.252.0 + +# compute storage bridge +auto br-storage +iface br-storage inet static + bridge_stp off + bridge_waitport 0 + bridge_fd 0 + bridge_ports {{sys_intf_mappings["storage"]["interface"]}}.{{sys_intf_mappings["storage"]["vlan_tag"]}} + address {{ip_settings[inventory_hostname]["storage"]["ip"]}} + netmask 255.255.252.0 diff --git a/deploy/adapters/ansible/roles/config-compute/templates/exports b/deploy/adapters/ansible/roles/config-compute/templates/exports new file mode 100644 index 00000000..c2749c85 --- /dev/null +++ b/deploy/adapters/ansible/roles/config-compute/templates/exports @@ -0,0 +1,11 @@ +# /etc/exports: the access control list for filesystems which may be exported +# to NFS clients. See exports(5). +# +# Example for NFSv2 and NFSv3: +# /srv/homes hostname1(rw,sync,no_subtree_check) hostname2(ro,sync,no_subtree_check) +# +# Example for NFSv4: +# /srv/nfs4 gss/krb5i(rw,sync,fsid=0,crossmnt,no_subtree_check) +# /srv/nfs4/homes gss/krb5i(rw,sync,no_subtree_check) +# +/images *(rw,sync,no_subtree_check,no_root_squash) diff --git a/deploy/adapters/ansible/roles/config-compute/templates/ifcfg-br-mgmt b/deploy/adapters/ansible/roles/config-compute/templates/ifcfg-br-mgmt new file mode 100644 index 00000000..7f1931c8 --- /dev/null +++ b/deploy/adapters/ansible/roles/config-compute/templates/ifcfg-br-mgmt @@ -0,0 +1,7 @@ +DEVICE=br-mgmt +TYPE=Bridge +IPADDR={{host_info[inventory_hostname].MGMT_IP}} +PREFIX=24 +BOOTPROTO=none +ONBOOT=yes +DELAY=0 diff --git a/deploy/adapters/ansible/roles/config-compute/templates/ifcfg-br-storage b/deploy/adapters/ansible/roles/config-compute/templates/ifcfg-br-storage new file mode 100644 index 00000000..3c1db126 --- /dev/null +++ b/deploy/adapters/ansible/roles/config-compute/templates/ifcfg-br-storage @@ -0,0 +1,8 @@ +DEVICE=br-storage +TYPE=Bridge +IPADDR={{ ip_settings[inventory_hostname]["storage"]["ip"] }} +NETMASK=255.255.255.0 +BOOTPROTO=none +DEFROUTE="no" +ONBOOT=yes +DELAY=0 diff --git a/deploy/adapters/ansible/roles/config-compute/templates/ifcfg-br-vlan b/deploy/adapters/ansible/roles/config-compute/templates/ifcfg-br-vlan new file mode 100644 index 00000000..4349a3f1 --- /dev/null +++ b/deploy/adapters/ansible/roles/config-compute/templates/ifcfg-br-vlan @@ -0,0 +1,11 @@ +DEVICE=br-vlan +TYPE=Bridge +IPADDR={{ ip_settings[inventory_hostname]["br-prv"]["ip"] }} +PREFIX=24 +GATEWAY={{ ip_settings[inventory_hostname]["br-prv"]["gw"] }} +BOOTPROTO=none +ONBOOT=yes +DELAY=0 +DEFROUTE="yes" +DNS1=8.8.8.8 +DNS2=8.8.4.4 diff --git a/deploy/adapters/ansible/roles/config-compute/templates/ifcfg-br-vxlan b/deploy/adapters/ansible/roles/config-compute/templates/ifcfg-br-vxlan new file mode 100644 index 00000000..d2a0cb86 --- /dev/null +++ b/deploy/adapters/ansible/roles/config-compute/templates/ifcfg-br-vxlan @@ -0,0 +1,8 @@ +DEVICE=br-vxlan +TYPE=Bridge +IPADDR={{host_info[inventory_hostname].VXLAN_IP}} +NETMASK=255.255.252.0 +BOOTPROTO=none +DEFROUTE="no" +ONBOOT=yes +DELAY=0 diff --git a/deploy/adapters/ansible/roles/config-compute/templates/ifcfg-if.storage b/deploy/adapters/ansible/roles/config-compute/templates/ifcfg-if.storage new file mode 100644 index 00000000..96afb1bd --- /dev/null +++ b/deploy/adapters/ansible/roles/config-compute/templates/ifcfg-if.storage @@ -0,0 +1,4 @@ +DEVICE={{sys_intf_mappings["storage"]["interface"]}}.{{sys_intf_mappings["storage"]["vlan_tag"]}} +BOOTPROTO=none +ONBOOT=yes +VLAN=yes diff --git a/deploy/adapters/ansible/roles/config-compute/templates/ifcfg-if.vxlan b/deploy/adapters/ansible/roles/config-compute/templates/ifcfg-if.vxlan new file mode 100644 index 00000000..9fb19b0c --- /dev/null +++ b/deploy/adapters/ansible/roles/config-compute/templates/ifcfg-if.vxlan @@ -0,0 +1,4 @@ +DEVICE={{sys_intf_mappings["mgmt"]["interface"]}}.{{sys_intf_mappings["mgmt"]["vlan_tag"]}} +BOOTPROTO=none +ONBOOT=yes +VLAN=yes diff --git a/deploy/adapters/ansible/roles/config-compute/templates/sources.list.lab b/deploy/adapters/ansible/roles/config-compute/templates/sources.list.lab new file mode 100644 index 00000000..b1e00d05 --- /dev/null +++ b/deploy/adapters/ansible/roles/config-compute/templates/sources.list.lab @@ -0,0 +1,7 @@ +deb [ arch=amd64 ] http://{{LOCAL_REPOSITORY_IP}}/ubuntu/ xenial main restricted universe multiverse +deb [ arch=amd64 ] http://{{LOCAL_REPOSITORY_IP}}/ubuntu/ xenial-security main restricted universe multiverse +deb [ arch=amd64 ] http://{{LOCAL_REPOSITORY_IP}}/ubuntu/ xenial-updates main restricted universe multiverse + +deb-src [ arch=amd64 ] http://{{LOCAL_REPOSITORY_IP}}/ubuntu/ xenial main restricted universe multiverse +deb-src [ arch=amd64 ] http://{{LOCAL_REPOSITORY_IP}}/ubuntu/ xenial-security main restricted universe multiverse +deb-src [ arch=amd64 ] http://{{LOCAL_REPOSITORY_IP}}/ubuntu/ xenial-updates main restricted universe multiverse diff --git a/deploy/adapters/ansible/roles/config-compute/templates/sources.list.official b/deploy/adapters/ansible/roles/config-compute/templates/sources.list.official new file mode 100644 index 00000000..799e4b58 --- /dev/null +++ b/deploy/adapters/ansible/roles/config-compute/templates/sources.list.official @@ -0,0 +1,36 @@ +# See http://help.ubuntu.com/community/UpgradeNotes for how to upgrade to +# newer versions of the distribution. + +deb http://archive.ubuntu.com/ubuntu/ xenial main restricted +deb-src http://archive.ubuntu.com/ubuntu/ xenial main restricted + +## Major bug fix updates produced after the final release of the +## distribution. +deb http://archive.ubuntu.com/ubuntu/ xenial-updates main restricted +deb-src http://archive.ubuntu.com/ubuntu/ xenial-updates main restricted + +## Uncomment the following two lines to add software from the 'universe' +## repository. +## N.B. software from this repository is ENTIRELY UNSUPPORTED by the Ubuntu +## team. Also, please note that software in universe WILL NOT receive any +## review or updates from the Ubuntu security team. +deb http://archive.ubuntu.com/ubuntu/ xenial universe +deb-src http://archive.ubuntu.com/ubuntu/ xenial universe +deb http://archive.ubuntu.com/ubuntu/ xenial-updates universe +deb-src http://archive.ubuntu.com/ubuntu/ xenial-updates universe + +## N.B. software from this repository may not have been tested as +## extensively as that contained in the main release, although it includes +## newer versions of some applications which may provide useful features. +## Also, please note that software in backports WILL NOT receive any review +## or updates from the Ubuntu security team. +# deb http://archive.ubuntu.com/ubuntu/ xenial-backports main restricted +# deb-src http://archive.ubuntu.com/ubuntu/ xenial-backports main restricted + +deb http://archive.ubuntu.com/ubuntu/ xenial-security main restricted +deb-src http://archive.ubuntu.com/ubuntu/ xenial-security main restricted +deb http://archive.ubuntu.com/ubuntu/ xenial-security universe +deb-src http://archive.ubuntu.com/ubuntu/ xenial-security universe +# deb http://archive.ubuntu.com/ubuntu/ xenial-security multiverse +# deb-src http://archive.ubuntu.com/ubuntu/ xenial-security multiverse + diff --git a/deploy/adapters/ansible/roles/config-compute/vars/main.yml b/deploy/adapters/ansible/roles/config-compute/vars/main.yml new file mode 100644 index 00000000..783ea0d0 --- /dev/null +++ b/deploy/adapters/ansible/roles/config-compute/vars/main.yml @@ -0,0 +1,10 @@ +# ############################################################################# +# Copyright (c) 2017 HUAWEI TECHNOLOGIES CO.,LTD and others. +# +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +# ############################################################################# +--- +LOCAL_REPOSITORY_IP: "192.168.137.222" |