aboutsummaryrefslogtreecommitdiffstats
path: root/deploy/adapters/ansible/roles/config-deployment
diff options
context:
space:
mode:
Diffstat (limited to 'deploy/adapters/ansible/roles/config-deployment')
-rwxr-xr-xdeploy/adapters/ansible/roles/config-deployment/files/cinder.yml13
-rw-r--r--deploy/adapters/ansible/roles/config-deployment/tasks/main.yml33
-rw-r--r--deploy/adapters/ansible/roles/config-deployment/templates/ansible.cfg3
-rw-r--r--deploy/adapters/ansible/roles/config-deployment/templates/openstack_user_config.yml.j2220
-rw-r--r--deploy/adapters/ansible/roles/config-deployment/templates/user_variables.yml27
5 files changed, 296 insertions, 0 deletions
diff --git a/deploy/adapters/ansible/roles/config-deployment/files/cinder.yml b/deploy/adapters/ansible/roles/config-deployment/files/cinder.yml
new file mode 100755
index 00000000..3a39935a
--- /dev/null
+++ b/deploy/adapters/ansible/roles/config-deployment/files/cinder.yml
@@ -0,0 +1,13 @@
+---
+# This file contains an example to show how to set
+# the cinder-volume service to run in a container.
+#
+# Important note:
+# When using LVM or any iSCSI-based cinder backends, such as NetApp with
+# iSCSI protocol, the cinder-volume service *must* run on metal.
+# Reference: https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1226855
+
+container_skel:
+ cinder_volumes_container:
+ properties:
+ is_metal: true
diff --git a/deploy/adapters/ansible/roles/config-deployment/tasks/main.yml b/deploy/adapters/ansible/roles/config-deployment/tasks/main.yml
new file mode 100644
index 00000000..b0696010
--- /dev/null
+++ b/deploy/adapters/ansible/roles/config-deployment/tasks/main.yml
@@ -0,0 +1,33 @@
+##############################################################################
+# Copyright (c) 2017 HUAWEI TECHNOLOGIES CO.,LTD and others.
+#
+# All rights reserved. This program and the accompanying materials
+# are made available under the terms of the Apache License, Version 2.0
+# which accompanies this distribution, and is available at
+# http://www.apache.org/licenses/LICENSE-2.0
+##############################################################################
+---
+- name: create osa log directory
+ file:
+ path: /var/log/osa/
+ state: directory
+
+- name: copy openstack_user_config
+ template:
+ src: openstack_user_config.yml.j2
+ dest: /etc/openstack_deploy/openstack_user_config.yml
+
+- name: copy user_variables
+ template:
+ src: user_variables.yml
+ dest: /etc/openstack_deploy/user_variables.yml
+
+- name: copy cinder.yml
+ copy:
+ src: cinder.yml
+ dest: /etc/openstack_deploy/env.d/cinder.yml
+
+- name: copy ansible.cfg
+ template:
+ src: ansible.cfg
+ dest: /opt/openstack-ansible/playbooks/
diff --git a/deploy/adapters/ansible/roles/config-deployment/templates/ansible.cfg b/deploy/adapters/ansible/roles/config-deployment/templates/ansible.cfg
new file mode 100644
index 00000000..41502fbf
--- /dev/null
+++ b/deploy/adapters/ansible/roles/config-deployment/templates/ansible.cfg
@@ -0,0 +1,3 @@
+[ssh_connection]
+retries = 5
+scp_if_ssh = True
diff --git a/deploy/adapters/ansible/roles/config-deployment/templates/openstack_user_config.yml.j2 b/deploy/adapters/ansible/roles/config-deployment/templates/openstack_user_config.yml.j2
new file mode 100644
index 00000000..38e14784
--- /dev/null
+++ b/deploy/adapters/ansible/roles/config-deployment/templates/openstack_user_config.yml.j2
@@ -0,0 +1,220 @@
+---
+cidr_networks:
+ container: 10.1.0.0/24
+ tunnel: 172.29.240.0/22
+ storage: 172.16.2.0/24
+
+used_ips:
+ - "10.1.0.1,10.1.0.55"
+ - "10.1.0.100,10.1.0.110"
+ - "172.29.240.1,172.29.240.50"
+ - "172.16.2.1,172.16.2.50"
+ - "172.29.248.1,172.29.248.50"
+
+global_overrides:
+ internal_lb_vip_address: 10.1.0.22
+ external_lb_vip_address: {{ public_vip.ip }}
+ tunnel_bridge: "br-vxlan"
+ management_bridge: "br-mgmt"
+ provider_networks:
+ - network:
+ container_bridge: "br-mgmt"
+ container_type: "veth"
+ container_interface: "eth1"
+ ip_from_q: "container"
+ type: "raw"
+ group_binds:
+ - all_containers
+ - hosts
+ is_container_address: true
+ is_ssh_address: true
+ - network:
+ container_bridge: "br-vxlan"
+ container_type: "veth"
+ container_interface: "eth10"
+ ip_from_q: "tunnel"
+ type: "vxlan"
+ range: "1:1000"
+ net_name: "vxlan"
+ group_binds:
+ - neutron_linuxbridge_agent
+ - network:
+ container_bridge: "br-vlan"
+ container_type: "veth"
+ container_interface: "eth12"
+ host_bind_override: "eth12"
+ type: "flat"
+ net_name: "flat"
+ group_binds:
+ - neutron_linuxbridge_agent
+ - network:
+ container_bridge: "br-vlan"
+ container_type: "veth"
+ container_interface: "eth11"
+ type: "vlan"
+ range: "1:1"
+ net_name: "vlan"
+ group_binds:
+ - neutron_linuxbridge_agent
+ - network:
+ container_bridge: "br-storage"
+ container_type: "veth"
+ container_interface: "eth2"
+ ip_from_q: "storage"
+ type: "raw"
+ group_binds:
+ - glance_api
+ - cinder_api
+ - cinder_volume
+ - nova_compute
+
+###
+### Infrastructure
+###
+
+# galera, memcache, rabbitmq, utility
+shared-infra_hosts:
+{% for host in groups.controller%}
+ {{host}}:
+ ip: {{ hostvars[host]['ansible_ssh_host'] }}
+{% endfor %}
+
+# repository (apt cache, python packages, etc)
+repo-infra_hosts:
+{% for host in groups.controller%}
+ {{host}}:
+ ip: {{ hostvars[host]['ansible_ssh_host'] }}
+{% endfor %}
+
+# load balancer
+# Ideally the load balancer should not use the Infrastructure hosts.
+# Dedicated hardware is best for improved performance and security.
+haproxy_hosts:
+{% for host in groups.controller%}
+ {{host}}:
+ ip: {{ hostvars[host]['ansible_ssh_host'] }}
+{% endfor %}
+
+# rsyslog server
+#log_hosts:
+ # log1:
+ # ip: 10.1.0.53
+
+###
+### OpenStack
+###
+
+# keystone
+identity_hosts:
+{% for host in groups.controller%}
+ {{host}}:
+ ip: {{ hostvars[host]['ansible_ssh_host'] }}
+{% endfor %}
+
+# cinder api services
+storage-infra_hosts:
+{% for host in groups.controller%}
+ {{host}}:
+ ip: {{ hostvars[host]['ansible_ssh_host'] }}
+{% endfor %}
+
+# glance
+# The settings here are repeated for each infra host.
+# They could instead be applied as global settings in
+# user_variables, but are left here to illustrate that
+# each container could have different storage targets.
+image_hosts:
+{% for host in groups.controller%}
+ {{host}}:
+ ip: {{ hostvars[host]['ansible_ssh_host'] }}
+ container_vars:
+ limit_container_types: glance
+ glance_nfs_client:
+ - server: "{{ip_settings[groups.compute[0]]['storage']['ip']}}"
+ remote_path: "/images"
+ local_path: "/var/lib/glance/images"
+ type: "nfs"
+ options: "_netdev,auto"
+{% endfor %}
+
+# nova api, conductor, etc services
+compute-infra_hosts:
+{% for host in groups.controller%}
+ {{host}}:
+ ip: {{ hostvars[host]['ansible_ssh_host'] }}
+{% endfor %}
+
+# heat
+orchestration_hosts:
+{% for host in groups.controller%}
+ {{host}}:
+ ip: {{ hostvars[host]['ansible_ssh_host'] }}
+{% endfor %}
+
+# horizon
+dashboard_hosts:
+{% for host in groups.controller%}
+ {{host}}:
+ ip: {{ hostvars[host]['ansible_ssh_host'] }}
+{% endfor %}
+
+# neutron server, agents (L3, etc)
+network_hosts:
+{% for host in groups.controller%}
+ {{host}}:
+ ip: {{ hostvars[host]['ansible_ssh_host'] }}
+{% endfor %}
+
+# ceilometer (telemetry API)
+metering-infra_hosts:
+{% for host in groups.controller%}
+ {{host}}:
+ ip: {{ hostvars[host]['ansible_ssh_host'] }}
+{% endfor %}
+
+# aodh (telemetry alarm service)
+metering-alarm_hosts:
+{% for host in groups.controller%}
+ {{host}}:
+ ip: {{ hostvars[host]['ansible_ssh_host'] }}
+{% endfor %}
+
+# gnocchi (telemetry metrics storage)
+metrics_hosts:
+{% for host in groups.controller%}
+ {{host}}:
+ ip: {{ hostvars[host]['ansible_ssh_host'] }}
+{% endfor %}
+
+# nova hypervisors
+compute_hosts:
+{% for host in groups.compute%}
+ {{host}}:
+ ip: {{ hostvars[host]['ansible_ssh_host'] }}
+{% endfor %}
+
+# ceilometer compute agent (telemetry)
+metering-compute_hosts:
+{% for host in groups.compute%}
+ {{host}}:
+ ip: {{ hostvars[host]['ansible_ssh_host'] }}
+{% endfor %}
+
+# cinder volume hosts (NFS-backed)
+# The settings here are repeated for each infra host.
+# They could instead be applied as global settings in
+# user_variables, but are left here to illustrate that
+# each container could have different storage targets.
+storage_hosts:
+{% for host in groups.compute%}
+ {{host}}:
+ ip: {{ hostvars[host]['ansible_ssh_host'] }}
+ container_vars:
+ cinder_backends:
+ limit_container_types: cinder_volume
+ lvm:
+ volume_group: cinder-volumes
+ volume_driver: cinder.volume.drivers.lvm.LVMVolumeDriver
+ volume_backend_name: LVM_iSCSI
+ iscsi_ip_address: "{{ip_settings[host]['storage']['ip']}}"
+{% endfor %}
diff --git a/deploy/adapters/ansible/roles/config-deployment/templates/user_variables.yml b/deploy/adapters/ansible/roles/config-deployment/templates/user_variables.yml
new file mode 100644
index 00000000..30b2c6b2
--- /dev/null
+++ b/deploy/adapters/ansible/roles/config-deployment/templates/user_variables.yml
@@ -0,0 +1,27 @@
+---
+# Copyright 2014, Rackspace US, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# ##
+# ## This file contains commonly used overrides for convenience. Please inspect
+# ## the defaults for each role to find additional override options.
+# ##
+
+# # Debug and Verbose options.
+debug: false
+
+haproxy_keepalived_external_vip_cidr: "{{ public_vip.ip }}/32"
+haproxy_keepalived_internal_vip_cidr: "10.1.0.22/32"
+haproxy_keepalived_external_interface: br-vlan
+haproxy_keepalived_internal_interface: br-mgmt