deploy/adapters/ansible/roles/database/templates/my.cnf +++ b/deploy/adapters/ansible/roles/database/templates/my.cnf@@ -45,8 +45,7 @@ skip-name-resolve # # Instead of skip-networking the default is now to listen only on # localhost which is more compatible and is not less secure. -#bind-address = {{ hostvars[inventory_hostname]['ansible_' + INTERNAL_INTERFACE].ipv4.address }} -bind-address = {{ HA_VIP }} +bind-address = {{ internal_vip.ip }} # # * Fine Tuning # @@ -15,7 +15,7 @@ max_connections = 2000 max_connect_errors = 8000 skip-host-cache skip-name-resolve -bind-address = {{ HA_VIP }} +bind-address = {{ internal_vip.ip }} # # * Galera-related settings # @@ -31,8 +31,7 @@ query_cache_type=0 # Override bind-address # In some systems bind-address defaults to 127.0.0.1, and with mysqldump SST # it will have (most likely) disastrous consequences on donor node -#bind-address={{ hostvars[inventory_hostname]['ansible_' + INTERNAL_INTERFACE].ipv4.address }} -bind-address={{ HA_VIP }} +bind-address={{ internal_vip.ip }} ## ## WSREP options @@ -56,7 +55,7 @@ wsrep_cluster_address=gcomm://{{ haproxy_hosts.values()|join(",") }} # Base replication <address|hostname>[:port] of the node. # The values supplied will be used as defaults for state transfer receiving, # listening ports and so on. Default: address of the first network interface. -wsrep_node_address={{ internal_ips[inventory_hostname] }} +wsrep_node_address={{ internal_ip }} # Address for incoming client connections. Autodetect by default. #wsrep_node_incoming_address= @@ -4,7 +4,7 @@ login_username: ADMIN login_password: "{{ ADMIN_PASS }}" login_tenant_name: admin - auth_url: "http://{{ HA_VIP }}:35357/v2.0" + auth_url: "http://{{ internal_vip.ip }}:35357/v2.0" name: "{{ public_net_info.network }}" provider_network_type: "{{ public_net_info.type }}" provider_physical_network: "{{ public_net_info.provider_network }}" @@ -20,7 +20,7 @@ login_username: ADMIN login_password: "{{ ADMIN_PASS }}" login_tenant_name: admin - auth_url: "http://{{ HA_VIP }}:35357/v2.0" + auth_url: "http://{{ internal_vip.ip }}:35357/v2.0" name: "{{ public_net_info.subnet }}" network_name: "{{ public_net_info.network }}" cidr: "{{ public_net_info.floating_ip_cidr }}" @@ -38,7 +38,7 @@ login_username: ADMIN login_password: "{{ ADMIN_PASS }}" login_tenant_name: admin - auth_url: "http://{{ HA_VIP }}:35357/v2.0" + auth_url: "http://{{ internal_vip.ip }}:35357/v2.0" name: "{{ public_net_info.router }}" state: present run_once: true @@ -49,7 +49,7 @@ login_username: ADMIN login_password: "{{ ADMIN_PASS }}" login_tenant_name: admin - auth_url: "http://{{ HA_VIP }}:35357/v2.0" + auth_url: "http://{{ internal_vip.ip }}:35357/v2.0" router_name: "{{ public_net_info.router }}" network_name: "{{ public_net_info.network }}" state: present @@ -653,8 +653,8 @@ connection = mysql://glance:{{ GLANCE_DBPASS }}@{{ db_host }}/glance #db_max_retries = 20 [keystone_authtoken] -auth_uri = http://{{ HA_VIP }}:5000/v2.0 -identity_uri = http://{{ HA_VIP }}:35357 +auth_uri = http://{{ internal_vip.ip }}:5000/v2.0 +identity_uri = http://{{ internal_vip.ip }}:35357 admin_tenant_name = service admin_user = glance admin_password = {{ GLANCE_PASS }} @@ -173,8 +173,8 @@ connection = mysql://glance:{{ GLANCE_DBPASS }}@{{ db_host }}/glance #db_max_retries = 20 [keystone_authtoken] -auth_uri = http://{{ HA_VIP }}:5000/v2.0 -identity_uri = http://{{ HA_VIP }}:35357 +auth_uri = http://{{ internal_vip.ip }}:5000/v2.0 +identity_uri = http://{{ internal_vip.ip }}:35357 admin_tenant_name = service admin_user = glance admin_password = {{ GLANCE_PASS }} @@ -1,2 +1,2 @@ sleep 10 -glance --os-username=admin --os-password={{ ADMIN_PASS }} --os-tenant-name=admin --os-auth-url=http://{{ HA_VIP }}:35357/v2.0 image-create --name="cirros" --disk-format=qcow2 --container-format=bare --is-public=true < /opt/{{ build_in_image_name }} && touch glance.import.completed +glance --os-username=admin --os-password={{ ADMIN_PASS }} --os-tenant-name=admin --os-auth-url=http://{{ internal_vip.ip }}:35357/v2.0 image-create --name="cirros" --disk-format=qcow2 --container-format=bare --is-public=true < /opt/{{ build_in_image_name }} && touch glance.import.completed @@ -11,7 +11,7 @@ except: pass LOG.basicConfig(format='%(asctime)s %(message)s', datefmt='%m/%d/%Y %I:%M:%S %p', filename=LOG_FILE,level=LOG.DEBUG) -ha_vip = {{ HA_VIP }} +ha_vip = {{ internal_vip.ip }} LOG.info("ha_vip: %s" % ha_vip) #ha_vip = "10.1.0.50" @@ -26,7 +26,7 @@ defaults retries 5 listen proxy-glance_registry_cluster - bind {{ HA_VIP }}:9191 + bind {{ internal_vip.ip }}:9191 option tcpka option tcplog balance source @@ -35,7 +35,7 @@ listen proxy-glance_registry_cluster {% endfor %} listen proxy-glance_api_cluster - bind {{ HA_VIP }}:9292 + bind {{ internal_vip.ip }}:9292 option tcpka option httpchk option tcplog @@ -45,7 +45,7 @@ listen proxy-glance_api_cluster {% endfor %} listen proxy-nova-novncproxy - bind {{ HA_VIP }}:6080 + bind {{ internal_vip.ip }}:6080 option tcpka option tcplog balance source @@ -54,7 +54,7 @@ listen proxy-nova-novncproxy {% endfor %} listen proxy-network - bind {{ HA_VIP }}:9696 + bind {{ internal_vip.ip }}:9696 option tcpka option tcplog balance source @@ -63,7 +63,7 @@ listen proxy-network {% endfor %} listen proxy-volume - bind {{ HA_VIP }}:8776 + bind {{ internal_vip.ip }}:8776 option tcpka option httpchk option tcplog @@ -73,7 +73,7 @@ listen proxy-volume {% endfor %} listen proxy-keystone_admin_cluster - bind {{ HA_VIP }}:35357 + bind {{ internal_vip.ip }}:35357 option tcpka option httpchk option tcplog @@ -83,7 +83,7 @@ listen proxy-keystone_admin_cluster {% endfor %} listen proxy-keystone_public_internal_cluster - bind {{ HA_VIP }}:5000 + bind {{ internal_vip.ip }}:5000 option tcpka option httpchk option tcplog @@ -93,7 +93,7 @@ listen proxy-keystone_public_internal_cluster {% endfor %} listen proxy-nova_compute_api_cluster - bind {{ HA_VIP }}:8774 + bind {{ internal_vip.ip }}:8774 mode tcp option httpchk option tcplog @@ -103,7 +103,7 @@ listen proxy-nova_compute_api_cluster {% endfor %} listen proxy-nova_metadata_api_cluster - bind {{ HA_VIP }}:8775 + bind {{ internal_vip.ip }}:8775 option tcpka option tcplog balance source @@ -112,7 +112,7 @@ listen proxy-nova_metadata_api_cluster {% endfor %} listen proxy-cinder_api_cluster - bind {{ HA_VIP }}:8776 + bind {{ internal_vip.ip }}:8776 mode tcp option httpchk option tcplog @@ -1,41 +1,48 @@ global_defs { - - notification_email{ - root@huawei.com - } - - notification_email_from keepalived@huawei.com - - smtp_server localhost - - smtp_connect_timeout 30 - - router_id NodeA - + router_id {{ inventory_hostname }} } -vrrp_instance VI_1 { - interface {{ INTERNAL_INTERFACE }} - virtual_router_id 51 +vrrp_instance internal_vip { + interface {{ internal_vip.interface }} + virtual_router_id {{ vrouter_id_internal }} state BACKUP nopreempt + preempt_delay 30 advert_int 1 -{% for host in groups['controller'] %} -{% if host == inventory_hostname %} - priority {{ 100 - loop.index0 * 5 }} -{% endif %} -{% endfor %} + priority 100 authentication { auth_type PASS - auth_pass 1111 + auth_pass 1234 } virtual_ipaddress { - {{ HA_VIP }} dev {{ INTERNAL_INTERFACE }} + {{ internal_vip.ip }}/{{ internal_vip.netmask }} dev {{ internal_vip.interface }} } notify_master "/usr/local/bin/notify.sh master" notify_backup "/usr/local/bin/notify.sh backup" + } +#vrrp_instance public_vip { +# interface {{ network_cfg.public_vip.interface }} +# virtual_router_id {{ vrouter_id_public }} +# state BACKUP +# nopreempt +# preempt_delay 30 +# advert_int 1 +# priority 100 +# +# authentication { +# auth_type PASS +# auth_pass 4321 +# } +# +# virtual_ipaddress { +# {{ network_cfg.public_vip.ip }}/{{ network_cfg.public_vip.netmask }} dev {{ network_cfg.public_vip.interface }} +# } +# +#} +# +# notify_backup "/usr/local/bin/notify.sh backup" @@ -1,6 +1,6 @@ # Verify the Identity Service installation export OS_PASSWORD={{ ADMIN_PASS }} export OS_TENANT_NAME=admin -export OS_AUTH_URL=http://{{ HA_VIP }}:35357/v2.0 +export OS_AUTH_URL=http://{{ internal_vip.ip }}:35357/v2.0 export OS_USERNAME=ADMIN @@ -1,5 +1,5 @@ export OS_USERNAME=demo export OS_PASSWORD={{ DEMO_PASS }} export OS_TENANT_NAME=demo -export OS_AUTH_URL=http://{{ HA_VIP }}:35357/v2.0 +export OS_AUTH_URL=http://{{ internal_vip.ip }}:35357/v2.0 @@ -1,5 +1,5 @@ set -e -while ! keystone --os-token={{ ADMIN_TOKEN }} --os-endpoint=http://{{ HA_VIP }}:35357/v2.0 user-list; do +while ! keystone --os-token={{ ADMIN_TOKEN }} --os-endpoint=http://{{ internal_vip.ip }}:35357/v2.0 user-list; do echo "not ready" sleep 1 done @@ -7,41 +7,41 @@ echo "keystone is ready" # create an administrative user -keystone --os-token={{ ADMIN_TOKEN }} --os-endpoint=http://{{ HA_VIP }}:35357/v2.0 role-create --name=admin -keystone --os-token={{ ADMIN_TOKEN }} --os-endpoint=http://{{ HA_VIP }}:35357/v2.0 tenant-create --name=admin --description="Admin Tenant" -keystone --os-token={{ ADMIN_TOKEN }} --os-endpoint=http://{{ HA_VIP }}:35357/v2.0 user-create --name=admin --pass={{ ADMIN_PASS }} --tenant=admin --email=admin@admin.com -keystone --os-token={{ ADMIN_TOKEN }} --os-endpoint=http://{{ HA_VIP }}:35357/v2.0 user-role-add --user=admin --tenant=admin --role=admin +keystone --os-token={{ ADMIN_TOKEN }} --os-endpoint=http://{{ internal_vip.ip }}:35357/v2.0 role-create --name=admin +keystone --os-token={{ ADMIN_TOKEN }} --os-endpoint=http://{{ internal_vip.ip }}:35357/v2.0 tenant-create --name=admin --description="Admin Tenant" +keystone --os-token={{ ADMIN_TOKEN }} --os-endpoint=http://{{ internal_vip.ip }}:35357/v2.0 user-create --name=admin --pass={{ ADMIN_PASS }} --tenant=admin --email=admin@admin.com +keystone --os-token={{ ADMIN_TOKEN }} --os-endpoint=http://{{ internal_vip.ip }}:35357/v2.0 user-role-add --user=admin --tenant=admin --role=admin # create a normal user -keystone --os-token={{ ADMIN_TOKEN }} --os-endpoint=http://{{ HA_VIP }}:35357/v2.0 tenant-create --name=demo --description="Demo Tenant" -keystone --os-token={{ ADMIN_TOKEN }} --os-endpoint=http://{{ HA_VIP }}:35357/v2.0 user-create --name=demo --pass={{ DEMO_PASS }} --tenant=demo --email=DEMO_EMAIL +keystone --os-token={{ ADMIN_TOKEN }} --os-endpoint=http://{{ internal_vip.ip }}:35357/v2.0 tenant-create --name=demo --description="Demo Tenant" +keystone --os-token={{ ADMIN_TOKEN }} --os-endpoint=http://{{ internal_vip.ip }}:35357/v2.0 user-create --name=demo --pass={{ DEMO_PASS }} --tenant=demo --email=DEMO_EMAIL # create a service tenant -keystone --os-token={{ ADMIN_TOKEN }} --os-endpoint=http://{{ HA_VIP }}:35357/v2.0 tenant-create --name=service --description="Service Tenant" +keystone --os-token={{ ADMIN_TOKEN }} --os-endpoint=http://{{ internal_vip.ip }}:35357/v2.0 tenant-create --name=service --description="Service Tenant" # regist keystone -keystone --os-token={{ ADMIN_TOKEN }} --os-endpoint=http://{{ HA_VIP }}:35357/v2.0 service-create --name=keystone --type=identity --description="OpenStack Identity" -keystone --os-token={{ ADMIN_TOKEN }} --os-endpoint=http://{{ HA_VIP }}:35357/v2.0 endpoint-create --service_id=$(keystone --os-token={{ ADMIN_TOKEN }} --os-endpoint=http://{{ HA_VIP }}:35357/v2.0 service-list | awk '/ identity / {print $2}') --publicurl=http://{{ HA_VIP }}:5000/v2.0 --internalurl=http://{{ HA_VIP }}:5000/v2.0 --adminurl=http://{{ HA_VIP }}:35357/v2.0 +keystone --os-token={{ ADMIN_TOKEN }} --os-endpoint=http://{{ internal_vip.ip }}:35357/v2.0 service-create --name=keystone --type=identity --description="OpenStack Identity" +keystone --os-token={{ ADMIN_TOKEN }} --os-endpoint=http://{{ internal_vip.ip }}:35357/v2.0 endpoint-create --service_id=$(keystone --os-token={{ ADMIN_TOKEN }} --os-endpoint=http://{{ internal_vip.ip }}:35357/v2.0 service-list | awk '/ identity / {print $2}') --publicurl=http://{{ internal_vip.ip }}:5000/v2.0 --internalurl=http://{{ internal_vip.ip }}:5000/v2.0 --adminurl=http://{{ internal_vip.ip }}:35357/v2.0 # Create a glance user that the Image Service can use to authenticate with the Identity service -keystone --os-token={{ ADMIN_TOKEN }} --os-endpoint=http://{{ HA_VIP }}:35357/v2.0 user-create --name=glance --pass={{ GLANCE_PASS }} --email=glance@example.com -keystone --os-token={{ ADMIN_TOKEN }} --os-endpoint=http://{{ HA_VIP }}:35357/v2.0 user-role-add --user=glance --tenant=service --role=admin +keystone --os-token={{ ADMIN_TOKEN }} --os-endpoint=http://{{ internal_vip.ip }}:35357/v2.0 user-create --name=glance --pass={{ GLANCE_PASS }} --email=glance@example.com +keystone --os-token={{ ADMIN_TOKEN }} --os-endpoint=http://{{ internal_vip.ip }}:35357/v2.0 user-role-add --user=glance --tenant=service --role=admin #Register the Image Service with the Identity service so that other OpenStack services can locate it -keystone --os-token={{ ADMIN_TOKEN }} --os-endpoint=http://{{ HA_VIP }}:35357/v2.0 service-create --name=glance --type=image --description="OpenStack Image Service" -keystone --os-token={{ ADMIN_TOKEN }} --os-endpoint=http://{{ HA_VIP }}:35357/v2.0 endpoint-create --service-id=$(keystone --os-token={{ ADMIN_TOKEN }} --os-endpoint=http://{{ HA_VIP }}:35357/v2.0 service-list | awk '/ image / {print $2}') --publicurl=http://{{ HA_VIP }}:9292 --internalurl=http://{{ HA_VIP }}:9292 --adminurl=http://{{ HA_VIP }}:9292 +keystone --os-token={{ ADMIN_TOKEN }} --os-endpoint=http://{{ internal_vip.ip }}:35357/v2.0 service-create --name=glance --type=image --description="OpenStack Image Service" +keystone --os-token={{ ADMIN_TOKEN }} --os-endpoint=http://{{ internal_vip.ip }}:35357/v2.0 endpoint-create --service-id=$(keystone --os-token={{ ADMIN_TOKEN }} --os-endpoint=http://{{ internal_vip.ip }}:35357/v2.0 service-list | awk '/ image / {print $2}') --publicurl=http://{{ internal_vip.ip }}:9292 --internalurl=http://{{ internal_vip.ip }}:9292 --adminurl=http://{{ internal_vip.ip }}:9292 #Create a nova user that Compute uses to authenticate with the Identity Service -keystone --os-token={{ ADMIN_TOKEN }} --os-endpoint=http://{{ HA_VIP }}:35357/v2.0 user-create --name=nova --pass={{ NOVA_PASS }} --email=nova@example.com -keystone --os-token={{ ADMIN_TOKEN }} --os-endpoint=http://{{ HA_VIP }}:35357/v2.0 user-role-add --user=nova --tenant=service --role=admin +keystone --os-token={{ ADMIN_TOKEN }} --os-endpoint=http://{{ internal_vip.ip }}:35357/v2.0 user-create --name=nova --pass={{ NOVA_PASS }} --email=nova@example.com +keystone --os-token={{ ADMIN_TOKEN }} --os-endpoint=http://{{ internal_vip.ip }}:35357/v2.0 user-role-add --user=nova --tenant=service --role=admin # register Compute with the Identity Service so that other OpenStack services can locate it -keystone --os-token={{ ADMIN_TOKEN }} --os-endpoint=http://{{ HA_VIP }}:35357/v2.0 service-create --name=nova --type=compute --description="OpenStack Compute" -keystone --os-token={{ ADMIN_TOKEN }} --os-endpoint=http://{{ HA_VIP }}:35357/v2.0 endpoint-create --service-id=$(keystone --os-token={{ ADMIN_TOKEN }} --os-endpoint=http://{{ HA_VIP }}:35357/v2.0 service-list | awk '/ compute / {print $2}') --publicurl=http://{{ HA_VIP }}:8774/v2/%\(tenant_id\)s --internalurl=http://{{ HA_VIP }}:8774/v2/%\(tenant_id\)s --adminurl=http://{{ HA_VIP }}:8774/v2/%\(tenant_id\)s +keystone --os-token={{ ADMIN_TOKEN }} --os-endpoint=http://{{ internal_vip.ip }}:35357/v2.0 service-create --name=nova --type=compute --description="OpenStack Compute" +keystone --os-token={{ ADMIN_TOKEN }} --os-endpoint=http://{{ internal_vip.ip }}:35357/v2.0 endpoint-create --service-id=$(keystone --os-token={{ ADMIN_TOKEN }} --os-endpoint=http://{{ internal_vip.ip }}:35357/v2.0 service-list | awk '/ compute / {print $2}') --publicurl=http://{{ internal_vip.ip }}:8774/v2/%\(tenant_id\)s --internalurl=http://{{ internal_vip.ip }}:8774/v2/%\(tenant_id\)s --adminurl=http://{{ internal_vip.ip }}:8774/v2/%\(tenant_id\)s # register netron user, role and service -keystone --os-token={{ ADMIN_TOKEN }} --os-endpoint=http://{{ HA_VIP }}:35357/v2.0 user-create --name neutron --pass {{ NEUTRON_PASS }} --email neutron@example.com -keystone --os-token={{ ADMIN_TOKEN }} --os-endpoint=http://{{ HA_VIP }}:35357/v2.0 user-role-add --user neutron --tenant service --role admin -keystone --os-token={{ ADMIN_TOKEN }} --os-endpoint=http://{{ HA_VIP }}:35357/v2.0 service-create --name neutron --type network --description "OpenStack Networking" -keystone --os-token={{ ADMIN_TOKEN }} --os-endpoint=http://{{ HA_VIP }}:35357/v2.0 endpoint-create --service-id $(keystone --os-token={{ ADMIN_TOKEN }} --os-endpoint=http://{{ HA_VIP }}:35357/v2.0 service-list | awk '/ network / {print $2}') --publicurl http://{{ HA_VIP }}:9696 --adminurl http://{{ HA_VIP }}:9696 --internalurl http://{{ HA_VIP }}:9696 +keystone --os-token={{ ADMIN_TOKEN }} --os-endpoint=http://{{ internal_vip.ip }}:35357/v2.0 user-create --name neutron --pass {{ NEUTRON_PASS }} --email neutron@example.com +keystone --os-token={{ ADMIN_TOKEN }} --os-endpoint=http://{{ internal_vip.ip }}:35357/v2.0 user-role-add --user neutron --tenant service --role admin +keystone --os-token={{ ADMIN_TOKEN }} --os-endpoint=http://{{ internal_vip.ip }}:35357/v2.0 service-create --name neutron --type network --description "OpenStack Networking" +keystone --os-token={{ ADMIN_TOKEN }} --os-endpoint=http://{{ internal_vip.ip }}:35357/v2.0 endpoint-create --service-id $(keystone --os-token={{ ADMIN_TOKEN }} --os-endpoint=http://{{ internal_vip.ip }}:35357/v2.0 service-list | awk '/ network / {print $2}') --publicurl http://{{ internal_vip.ip }}:9696 --adminurl http://{{ internal_vip.ip }}:9696 --internalurl http://{{ internal_vip.ip }}:9696 @@ -1 +1 @@ -RABBITMQ_NODE_IP_ADDRESS={{ HA_VIP }} +RABBITMQ_NODE_IP_ADDRESS={{ internal_vip.ip }} @@ -3,7 +3,7 @@ debug = True # The Neutron user information for accessing the Neutron API. -auth_url = http://{{ HA_VIP }}:5000/v2.0 +auth_url = http://{{ internal_vip.ip }}:5000/v2.0 auth_region = regionOne # Turn off verification of the certificate for ssl # auth_insecure = False @@ -17,7 +17,7 @@ admin_password = {{ NEUTRON_PASS }} # endpoint_type = adminURL # IP address used by Nova metadata server -nova_metadata_ip = {{ HA_VIP }} +nova_metadata_ip = {{ internal_vip.ip }} # TCP Port used by Nova metadata server nova_metadata_port = 8775 @@ -10,7 +10,7 @@ with_items: services | union(services_noarch) - name: get tenant id to fill neutron.conf - shell: keystone --os-token={{ ADMIN_TOKEN }} --os-endpoint=http://{{ HA_VIP }}:35357/v2.0 tenant-get service | grep id | awk '{print $4}' + shell: keystone --os-token={{ ADMIN_TOKEN }} --os-endpoint=http://{{ internal_vip.ip }}:35357/v2.0 tenant-get service | grep id | awk '{print $4}' register: NOVA_ADMIN_TENANT_ID - name: update neutron conf @@ -3,7 +3,7 @@ debug = True # The Neutron user information for accessing the Neutron API. -auth_url = http://{{ HA_VIP }}:5000/v2.0 +auth_url = http://{{ internal_vip.ip }}:5000/v2.0 auth_region = regionOne # Turn off verification of the certificate for ssl # auth_insecure = False @@ -17,7 +17,7 @@ admin_password = {{ NEUTRON_PASS }} # endpoint_type = adminURL # IP address used by Nova metadata server -nova_metadata_ip = {{ HA_VIP }} +nova_metadata_ip = {{ internal_vip.ip }} # TCP Port used by Nova metadata server nova_metadata_port = 8775 @@ -66,8 +66,8 @@ - meta: flush_handlers -- include: igmp-router.yml - when: "'vxlan' in {{ NEUTRON_TUNNEL_TYPES }} and ansible_os_family == 'Debian'" +#- include: igmp-router.yml +# when: "'vxlan' in {{ NEUTRON_TUNNEL_TYPES }} and ansible_os_family == 'Debian'" - name: assert kernel support for vxlan command: modinfo -F version vxlan @@ -1,6 +1,6 @@ interfaces { restore-original-config-on-shutdown: false - interface {{ hostvars[inventory_hostname][neutron_vxlan_interface|default(internal_interface)]['device'] }} { + interface {{ internal_nic }} { description: "Internal pNodes interface" disable: false default-system-config @@ -10,8 +10,8 @@ interfaces { protocols { igmp { disable: false - interface {{ hostvars[inventory_hostname][neutron_vxlan_interface|default(internal_interface)]['device'] }} { - vif {{ hostvars[inventory_hostname][neutron_vxlan_interface|default(internal_interface)]['device'] }} { + interface {{ internal_nic }} { + vif {{ internal_nic }} { disable: false version: 3 } @@ -3,7 +3,7 @@ debug = True # The Neutron user information for accessing the Neutron API. -auth_url = http://{{ HA_VIP }}:5000/v2.0 +auth_url = http://{{ internal_vip.ip }}:5000/v2.0 auth_region = regionOne # Turn off verification of the certificate for ssl # auth_insecure = False @@ -17,7 +17,7 @@ admin_password = {{ NEUTRON_PASS }} # endpoint_type = adminURL # IP address used by Nova metadata server -nova_metadata_ip = {{ HA_VIP }} +nova_metadata_ip = {{ internal_vip.ip }} # TCP Port used by Nova metadata server nova_metadata_port = 8775 @@ -11,4 +11,4 @@ openvswitch_agent: neutron-openvswitch-agent xorp_packages: - openssl098e -# - xorp + #- xorp @@ -3,7 +3,7 @@ debug = True # The Neutron user information for accessing the Neutron API. -auth_url = http://{{ HA_VIP }}:5000/v2.0 +auth_url = http://{{ internal_vip.ip }}:5000/v2.0 auth_region = regionOne # Turn off verification of the certificate for ssl # auth_insecure = False @@ -17,7 +17,7 @@ admin_password = {{ NEUTRON_PASS }} # endpoint_type = adminURL # IP address used by Nova metadata server -nova_metadata_ip = {{ HA_VIP }} +nova_metadata_ip = {{ internal_vip.ip }} # TCP Port used by Nova metadata server nova_metadata_port = 8775 @@ -29,7 +29,7 @@ # service openvswitch-switch start ; - name: Set OpenDaylight as the manager - command: su -s /bin/sh -c "ovs-vsctl set-manager tcp:{{ HA_VIP }}:6640;" + command: su -s /bin/sh -c "ovs-vsctl set-manager tcp:{{ internal_vip.ip }}:6640;" #- name: start and disable Neutron's agent services # service: name=neutron-plugin-openvswitch-agent state=started @@ -28,7 +28,7 @@ odl-cluster-data { remote { log-remote-lifecycle-events = off netty.tcp { - hostname = "{{ hostvars[inventory_hostname]['ansible_' + INTERNAL_INTERFACE].ipv4.address }}" + hostname = "{{ hostvars[inventory_hostname]['ansible_' + internal_nic].ipv4.address }}" port = 2550 maximum-frame-size = 419430400 send-buffer-size = 52428800 @@ -40,9 +40,9 @@ odl-cluster-data { seed-nodes = [ {% for host in groups['odl'] %} {% if loop.last %} - "akka.tcp://opendaylight-cluster-data@{{ hostvars[host]['ansible_' + INTERNAL_INTERFACE].ipv4.address }}:2550" + "akka.tcp://opendaylight-cluster-data@{{ hostvars[host]['ansible_' + internal_nic].ipv4.address }}:2550" {% else %} - "akka.tcp://opendaylight-cluster-data@{{ hostvars[host]['ansible_' + INTERNAL_INTERFACE].ipv4.address }}:2550", + "akka.tcp://opendaylight-cluster-data@{{ hostvars[host]['ansible_' + internal_nic].ipv4.address }}:2550", {% endif %} {% endfor %} ] @@ -53,7 +53,7 @@ odl-cluster-data { {% set key = 0 %} {% for host in groups['odl'] %} {% set key = key + 1 %} - {% if hostvars[host]['ansible_' + INTERNAL_INTERFACE].ipv4.address == hostvars[inventory_hostname]['ansible_' + INTERNAL_INTERFACE].ipv4.address %} + {% if hostvars[host]['ansible_' + internal_nic].ipv4.address == hostvars[inventory_hostname]['ansible_' + internal_nic].ipv4.address %} "member-{{ key }}" {% endif %} {% endfor %} @@ -83,7 +83,7 @@ odl-cluster-rpc { remote { log-remote-lifecycle-events = off netty.tcp { - hostname = "{{ hostvars[inventory_hostname]['ansible_' + INTERNAL_INTERFACE].ipv4.address }}" + hostname = "{{ hostvars[inventory_hostname]['ansible_' + internal_nic].ipv4.address }}" port = 2551 } } @@ -92,9 +92,9 @@ odl-cluster-rpc { seed-nodes = [ {% for host in groups['odl'] %} {% if loop.last %} - "akka.tcp://odl-cluster-rpc@{{ hostvars[host]['ansible_' + INTERNAL_INTERFACE].ipv4.address }}:2551" + "akka.tcp://odl-cluster-rpc@{{ hostvars[host]['ansible_' + internal_nic].ipv4.address }}:2551" {% else %} - "akka.tcp://odl-cluster-rpc@{{ hostvars[host]['ansible_' + INTERNAL_INTERFACE].ipv4.address }}:2551", + "akka.tcp://odl-cluster-rpc@{{ hostvars[host]['ansible_' + internal_nic].ipv4.address }}:2551", {% endif %} {% endfor %} ] @@ -2,5 +2,5 @@ cat <<EOT>> /etc/neutron/plugins/ml2/ml2_conf.ini [ml2_odl] password = admin username = admin -url = http://{{ HA_VIP }}:8080/controller/nb/v2/neutron +url = http://{{ internal_vip.ip }}:8080/controller/nb/v2/neutron EOT @@ -15,24 +15,24 @@ when: 'item["type"] == "ovs"' - name: setup sys intf - shell: ip link del {{ item["name"] }}; \ - ip link add link {{ item["interface"] }} name {{ item["name"] }} type vlan id {{ item["vlan_tag"] }}; \ - ip link set {{ item["interface"] }} up - when: '"vlan_tag" in item' - with_items: "{{ network_cfg['sys_intf_mappings'] }}" + shell: ip link del {{ item.key }}; \ + ip link add link {{ item.value["interface"] }} name {{ item.key }} type vlan id {{ item.value["vlan_tag"] }}; \ + ip link set {{ item.value["interface"] }} up + when: '"vlan_tag" in item.value and item.value["type"] == "vlan"' + with_dict: "{{ sys_intf_mappings }}" - name: set sys intf ip - shell: ip addr del {{ item["ip"] }}/{{ item["netmask"] }} dev {{ item["alias"] }}; \ - ip addr add {{ item["ip"] }}/{{ item["netmask"] }} dev {{ item["alias"] }}; \ - ip link set {{ item["alias"] }} up - with_items: "{{ host_ip_settings }}" + shell: ip addr del {{ item.value["ip"] }}/{{ item.value["netmask"] }} dev {{ item.value["alias"] }}; \ + ip addr add {{ item.value["ip"] }}/{{ item.value["netmask"] }} dev {{ item.value["alias"] }}; \ + ip link set {{ item.value["alias"] }} up + with_dict: "{{ host_ip_settings }}" - name: set gateway shell: ip route del default; \ - ip route add default via {{ item["gw"] }} dev {{ item["alias"] }} - when: '"gw" in item' - with_items: "{{ host_ip_settings }}" + ip route add default via {{ item.value["gw"] }} dev {{ item.key }} + when: '"gw" in item.value' + with_dict: "{{ host_ip_settings }}" - name: copy net config template: src=my_configs.debian dest=/etc/network/interfaces.d/my_configs.cfg @@ -1,16 +1,14 @@ -{%- for intf in host_ip_settings %} +{%- for alias, intf in host_ip_settings.items() %} -auto {{ intf["alias"] }} -iface {{ intf["alias"] }} inet static +auto {{ alias }} +iface {{ alias }} inet static address {{ intf["ip"] }} netmask {{ intf["netmask"] }} {% if "gw" in intf %} gateway {{ intf["gw"] }} {% endif %} -{% for sys_intf in network_cfg["sys_intf_mappings"] %} -{% if "vlan_tag" in sys_intf and sys_intf["name"] == intf["alias"] %} - pre-up ip link set {{ sys_intf["interface"] }} up - pre-up ip link add link {{ sys_intf["interface"] }} name {{ sys_intf["name"] }} type vlan id {{ sys_intf["vlan_tag"] }} +{% if intf["name"] == alias %} + pre-up ip link set {{ sys_intf_mappings[alias]["interface"] }} up + pre-up ip link add link {{ sys_intf_mappings[alias]["interface"] }} name {{ alias }} type vlan id {{ sys_intf_mappings[alias]["vlan_tag"] }} {% endif %} {% endfor %} -{% endfor %} |