diff options
Diffstat (limited to 'deploy/adapters/ansible/roles')
24 files changed, 531 insertions, 93 deletions
diff --git a/deploy/adapters/ansible/roles/config-compute/tasks/RedHat.yml b/deploy/adapters/ansible/roles/config-compute/tasks/RedHat.yml new file mode 100644 index 00000000..4c6d2465 --- /dev/null +++ b/deploy/adapters/ansible/roles/config-compute/tasks/RedHat.yml @@ -0,0 +1,105 @@ +############################################################################## +# Copyright (c) 2017 HUAWEI TECHNOLOGIES CO.,LTD and others. +# +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +- name: make nfs dircetory + file: "dest=/images mode=0777 state=directory" + +- name: configure service + shell: "echo 'nfs 2049/tcp' >> /etc/services; \ + echo 'nfs 2049/udp' >> /etc/services" + +# yamllint disable rule:line-length +- name: generate ifcfg-if.vxlan + template: + src: ifcfg-if.vxlan + dest: /etc/sysconfig/network-scripts/ifcfg-{{sys_intf_mappings["mgmt"]["interface"]}}.{{sys_intf_mappings["mgmt"]["vlan_tag"]}} + +- name: generate ifcfg-if.storage + template: + src: ifcfg-if.storage + dest: /etc/sysconfig/network-scripts/ifcfg-{{sys_intf_mappings["storage"]["interface"]}}.{{sys_intf_mappings["storage"]["vlan_tag"]}} + +- name: add br-vlan to interface script + lineinfile: + dest: /etc/sysconfig/network-scripts/ifcfg-{{ network_cfg["provider_net_mappings"][0]["interface"] }} + line: "BRIDGE=br-vlan" + +- name: remove eth0 ip addresss + lineinfile: + dest: /etc/sysconfig/network-scripts/ifcfg-eth0 + regexp: "^IPADDR=*" + state: absent + +- name: remove eth0 netmask + lineinfile: + dest: /etc/sysconfig/network-scripts/ifcfg-eth0 + regexp: "^NETMASK=*" + state: absent + +- name: add br-mgmt to eth0 script + lineinfile: + dest: /etc/sysconfig/network-scripts/ifcfg-eth0 + line: "BRIDGE=br-mgmt" + +- name: add br-vlan to interface script + lineinfile: + dest: /etc/sysconfig/network-scripts/ifcfg-{{sys_intf_mappings["storage"]["interface"]}}.{{sys_intf_mappings["storage"]["vlan_tag"]}} + line: "BRIDGE=br-storage" + +- name: add br-vxlan to interface script + lineinfile: + dest: /etc/sysconfig/network-scripts/ifcfg-{{sys_intf_mappings["mgmt"]["interface"]}}.{{sys_intf_mappings["mgmt"]["vlan_tag"]}} + line: "BRIDGE=br-vxlan" +# yamllint enable rule:line-length + +- name: generate ifcfg-br-mgmt script + template: + src: ifcfg-br-mgmt + dest: /etc/sysconfig/network-scripts/ + +- name: generate ifcfg-br-vlan script + template: + src: ifcfg-br-vlan + dest: /etc/sysconfig/network-scripts/ + +- name: generate ifcfg-br-storage script + template: + src: ifcfg-br-storage + dest: /etc/sysconfig/network-scripts/ + +- name: generate ifcfg-br-vxlan script + template: + src: ifcfg-br-vxlan + dest: /etc/sysconfig/network-scripts/ + +- name: restart the network + shell: systemctl restart network + +- name: Install apt packages + yum: + pkg: "{{item}}" + state: "present" + with_items: + - nfs-utils + - rpcbind + +- name: configure NFS + template: + src: exports + dest: /etc/exports + +- name: exportfs + shell: exportfs -r + +- name: start nfs + shell: | + service rpcbind start; + service nfs start; + chkconfig rpcbind on; + chkconfig nfs on; diff --git a/deploy/adapters/ansible/roles/config-compute/tasks/Ubuntu.yml b/deploy/adapters/ansible/roles/config-compute/tasks/Ubuntu.yml new file mode 100644 index 00000000..886a407f --- /dev/null +++ b/deploy/adapters/ansible/roles/config-compute/tasks/Ubuntu.yml @@ -0,0 +1,36 @@ +############################################################################## +# Copyright (c) 2017 HUAWEI TECHNOLOGIES CO.,LTD and others. +# +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +- name: configure network + template: + src: compute.j2 + dest: /etc/network/interfaces + notify: + - restart network service + +- meta: flush_handlers + +- name: Install apt packages + apt: + pkg: "nfs-kernel-server" + state: "present" + +- name: make nfs dircetory + file: "dest=/images mode=0777 state=directory" + +- name: configure service + shell: "echo 'nfs 2049/tcp' >> /etc/services; \ + echo 'nfs 2049/udp' >> /etc/services" + +- name: configure NFS + template: + src: exports + dest: /etc/exports + notify: + - restart nfs service diff --git a/deploy/adapters/ansible/roles/config-compute/tasks/main.yml b/deploy/adapters/ansible/roles/config-compute/tasks/main.yml index 886a407f..674c80cc 100644 --- a/deploy/adapters/ansible/roles/config-compute/tasks/main.yml +++ b/deploy/adapters/ansible/roles/config-compute/tasks/main.yml @@ -7,30 +7,8 @@ # http://www.apache.org/licenses/LICENSE-2.0 ############################################################################## --- -- name: configure network - template: - src: compute.j2 - dest: /etc/network/interfaces - notify: - - restart network service +- include: "{{ ansible_distribution }}.yml" + when: ansible_distribution == 'Ubuntu' -- meta: flush_handlers - -- name: Install apt packages - apt: - pkg: "nfs-kernel-server" - state: "present" - -- name: make nfs dircetory - file: "dest=/images mode=0777 state=directory" - -- name: configure service - shell: "echo 'nfs 2049/tcp' >> /etc/services; \ - echo 'nfs 2049/udp' >> /etc/services" - -- name: configure NFS - template: - src: exports - dest: /etc/exports - notify: - - restart nfs service +- include: "{{ ansible_os_family }}.yml" + when: ansible_os_family == 'RedHat' and ansible_distribution_major_version == '7' diff --git a/deploy/adapters/ansible/roles/config-compute/templates/ifcfg-br-mgmt b/deploy/adapters/ansible/roles/config-compute/templates/ifcfg-br-mgmt new file mode 100644 index 00000000..7f1931c8 --- /dev/null +++ b/deploy/adapters/ansible/roles/config-compute/templates/ifcfg-br-mgmt @@ -0,0 +1,7 @@ +DEVICE=br-mgmt +TYPE=Bridge +IPADDR={{host_info[inventory_hostname].MGMT_IP}} +PREFIX=24 +BOOTPROTO=none +ONBOOT=yes +DELAY=0 diff --git a/deploy/adapters/ansible/roles/config-compute/templates/ifcfg-br-storage b/deploy/adapters/ansible/roles/config-compute/templates/ifcfg-br-storage new file mode 100644 index 00000000..3c1db126 --- /dev/null +++ b/deploy/adapters/ansible/roles/config-compute/templates/ifcfg-br-storage @@ -0,0 +1,8 @@ +DEVICE=br-storage +TYPE=Bridge +IPADDR={{ ip_settings[inventory_hostname]["storage"]["ip"] }} +NETMASK=255.255.255.0 +BOOTPROTO=none +DEFROUTE="no" +ONBOOT=yes +DELAY=0 diff --git a/deploy/adapters/ansible/roles/config-compute/templates/ifcfg-br-vlan b/deploy/adapters/ansible/roles/config-compute/templates/ifcfg-br-vlan new file mode 100644 index 00000000..4349a3f1 --- /dev/null +++ b/deploy/adapters/ansible/roles/config-compute/templates/ifcfg-br-vlan @@ -0,0 +1,11 @@ +DEVICE=br-vlan +TYPE=Bridge +IPADDR={{ ip_settings[inventory_hostname]["br-prv"]["ip"] }} +PREFIX=24 +GATEWAY={{ ip_settings[inventory_hostname]["br-prv"]["gw"] }} +BOOTPROTO=none +ONBOOT=yes +DELAY=0 +DEFROUTE="yes" +DNS1=8.8.8.8 +DNS2=8.8.4.4 diff --git a/deploy/adapters/ansible/roles/config-compute/templates/ifcfg-br-vxlan b/deploy/adapters/ansible/roles/config-compute/templates/ifcfg-br-vxlan new file mode 100644 index 00000000..d2a0cb86 --- /dev/null +++ b/deploy/adapters/ansible/roles/config-compute/templates/ifcfg-br-vxlan @@ -0,0 +1,8 @@ +DEVICE=br-vxlan +TYPE=Bridge +IPADDR={{host_info[inventory_hostname].VXLAN_IP}} +NETMASK=255.255.252.0 +BOOTPROTO=none +DEFROUTE="no" +ONBOOT=yes +DELAY=0 diff --git a/deploy/adapters/ansible/roles/config-compute/templates/ifcfg-if.storage b/deploy/adapters/ansible/roles/config-compute/templates/ifcfg-if.storage new file mode 100644 index 00000000..96afb1bd --- /dev/null +++ b/deploy/adapters/ansible/roles/config-compute/templates/ifcfg-if.storage @@ -0,0 +1,4 @@ +DEVICE={{sys_intf_mappings["storage"]["interface"]}}.{{sys_intf_mappings["storage"]["vlan_tag"]}} +BOOTPROTO=none +ONBOOT=yes +VLAN=yes diff --git a/deploy/adapters/ansible/roles/config-compute/templates/ifcfg-if.vxlan b/deploy/adapters/ansible/roles/config-compute/templates/ifcfg-if.vxlan new file mode 100644 index 00000000..9fb19b0c --- /dev/null +++ b/deploy/adapters/ansible/roles/config-compute/templates/ifcfg-if.vxlan @@ -0,0 +1,4 @@ +DEVICE={{sys_intf_mappings["mgmt"]["interface"]}}.{{sys_intf_mappings["mgmt"]["vlan_tag"]}} +BOOTPROTO=none +ONBOOT=yes +VLAN=yes diff --git a/deploy/adapters/ansible/roles/config-controller/tasks/RedHat.yml b/deploy/adapters/ansible/roles/config-controller/tasks/RedHat.yml new file mode 100644 index 00000000..728dc559 --- /dev/null +++ b/deploy/adapters/ansible/roles/config-controller/tasks/RedHat.yml @@ -0,0 +1,75 @@ +############################################################################## +# Copyright (c) 2017 HUAWEI TECHNOLOGIES CO.,LTD and others. +# +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +# yamllint disable rule:line-length +- name: generate vxlan vlan ifcfg-if script + template: + src: ifcfg-if.vxlan + dest: /etc/sysconfig/network-scripts/ifcfg-{{sys_intf_mappings["mgmt"]["interface"]}}.{{sys_intf_mappings["mgmt"]["vlan_tag"]}} + +- name: generate storage vlan ifcfg-if script + template: + src: ifcfg-if.storage + dest: /etc/sysconfig/network-scripts/ifcfg-{{sys_intf_mappings["storage"]["interface"]}}.{{sys_intf_mappings["storage"]["vlan_tag"]}} + +- name: add br-vlan to interface script + lineinfile: + dest: /etc/sysconfig/network-scripts/ifcfg-{{ network_cfg["provider_net_mappings"][0]["interface"] }} + line: "BRIDGE=br-vlan" + +- name: add br-storage to interface script + lineinfile: + dest: /etc/sysconfig/network-scripts/ifcfg-{{sys_intf_mappings["storage"]["interface"]}}.{{sys_intf_mappings["storage"]["vlan_tag"]}} + line: "BRIDGE=br-storage" + +- name: add br-vxlan to interface script + lineinfile: + dest: /etc/sysconfig/network-scripts/ifcfg-{{sys_intf_mappings["mgmt"]["interface"]}}.{{sys_intf_mappings["mgmt"]["vlan_tag"]}} + line: "BRIDGE=br-vxlan" +# yamllint enable rule:line-length + +- name: remove eth0 ip addresss + lineinfile: + dest: /etc/sysconfig/network-scripts/ifcfg-eth0 + regexp: "^IPADDR=*" + state: absent + +- name: remove eth0 netmask + lineinfile: + dest: /etc/sysconfig/network-scripts/ifcfg-eth0 + regexp: "^NETMASK=*" + state: absent + +- name: add br-mgmt to eth0 script + lineinfile: + dest: /etc/sysconfig/network-scripts/ifcfg-eth0 + line: "BRIDGE=br-mgmt" + +- name: generate ifcfg-br-mgmt script + template: + src: ifcfg-br-mgmt + dest: /etc/sysconfig/network-scripts/ + +- name: generate ifcfg-br-vlan script + template: + src: ifcfg-br-vlan + dest: /etc/sysconfig/network-scripts/ + +- name: generate ifcfg-br-storag script + template: + src: ifcfg-br-storage + dest: /etc/sysconfig/network-scripts/ + +- name: generate ifcfg-br-vxlan script + template: + src: ifcfg-br-vxlan + dest: /etc/sysconfig/network-scripts/ + +- name: restart the network + shell: systemctl restart network diff --git a/deploy/adapters/ansible/roles/config-controller/tasks/Ubuntu.yml b/deploy/adapters/ansible/roles/config-controller/tasks/Ubuntu.yml new file mode 100644 index 00000000..53c2d502 --- /dev/null +++ b/deploy/adapters/ansible/roles/config-controller/tasks/Ubuntu.yml @@ -0,0 +1,15 @@ +############################################################################## +# Copyright (c) 2017 HUAWEI TECHNOLOGIES CO.,LTD and others. +# +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +- name: configure controller network + template: + src: controller.j2 + dest: /etc/network/interfaces + notify: + - restart network service diff --git a/deploy/adapters/ansible/roles/config-controller/tasks/main.yml b/deploy/adapters/ansible/roles/config-controller/tasks/main.yml index 54e4bf1e..674c80cc 100644 --- a/deploy/adapters/ansible/roles/config-controller/tasks/main.yml +++ b/deploy/adapters/ansible/roles/config-controller/tasks/main.yml @@ -7,11 +7,8 @@ # http://www.apache.org/licenses/LICENSE-2.0 ############################################################################## --- -- name: configure controller network - template: - src: controller.j2 - dest: /etc/network/interfaces - notify: - - restart network service +- include: "{{ ansible_distribution }}.yml" + when: ansible_distribution == 'Ubuntu' -- meta: flush_handlers +- include: "{{ ansible_os_family }}.yml" + when: ansible_os_family == 'RedHat' and ansible_distribution_major_version == '7' diff --git a/deploy/adapters/ansible/roles/config-controller/templates/ifcfg-br-mgmt b/deploy/adapters/ansible/roles/config-controller/templates/ifcfg-br-mgmt new file mode 100644 index 00000000..7f1931c8 --- /dev/null +++ b/deploy/adapters/ansible/roles/config-controller/templates/ifcfg-br-mgmt @@ -0,0 +1,7 @@ +DEVICE=br-mgmt +TYPE=Bridge +IPADDR={{host_info[inventory_hostname].MGMT_IP}} +PREFIX=24 +BOOTPROTO=none +ONBOOT=yes +DELAY=0 diff --git a/deploy/adapters/ansible/roles/config-controller/templates/ifcfg-br-storage b/deploy/adapters/ansible/roles/config-controller/templates/ifcfg-br-storage new file mode 100644 index 00000000..3c1db126 --- /dev/null +++ b/deploy/adapters/ansible/roles/config-controller/templates/ifcfg-br-storage @@ -0,0 +1,8 @@ +DEVICE=br-storage +TYPE=Bridge +IPADDR={{ ip_settings[inventory_hostname]["storage"]["ip"] }} +NETMASK=255.255.255.0 +BOOTPROTO=none +DEFROUTE="no" +ONBOOT=yes +DELAY=0 diff --git a/deploy/adapters/ansible/roles/config-controller/templates/ifcfg-br-vlan b/deploy/adapters/ansible/roles/config-controller/templates/ifcfg-br-vlan new file mode 100644 index 00000000..7dd7165b --- /dev/null +++ b/deploy/adapters/ansible/roles/config-controller/templates/ifcfg-br-vlan @@ -0,0 +1,11 @@ +DEVICE=br-vlan +TYPE=Bridge +IPADDR={{ ip_settings[inventory_hostname]["br-prv"]["ip"] }} +PREFIX=24 +BOOTPROTO=none +ONBOOT=yes +DELAY=0 +DEFROUTE="yes" +GATEWAY={{ ip_settings[inventory_hostname]["br-prv"]["gw"] }} +DNS1=8.8.8.8 +DNS2=8.8.4.4 diff --git a/deploy/adapters/ansible/roles/config-controller/templates/ifcfg-br-vxlan b/deploy/adapters/ansible/roles/config-controller/templates/ifcfg-br-vxlan new file mode 100644 index 00000000..d672919c --- /dev/null +++ b/deploy/adapters/ansible/roles/config-controller/templates/ifcfg-br-vxlan @@ -0,0 +1,6 @@ +DEVICE=br-vxlan +TYPE=Bridge +BOOTPROTO=none +DEFROUTE="no" +ONBOOT=yes +DELAY=0 diff --git a/deploy/adapters/ansible/roles/config-controller/templates/ifcfg-if.storage b/deploy/adapters/ansible/roles/config-controller/templates/ifcfg-if.storage new file mode 100644 index 00000000..96afb1bd --- /dev/null +++ b/deploy/adapters/ansible/roles/config-controller/templates/ifcfg-if.storage @@ -0,0 +1,4 @@ +DEVICE={{sys_intf_mappings["storage"]["interface"]}}.{{sys_intf_mappings["storage"]["vlan_tag"]}} +BOOTPROTO=none +ONBOOT=yes +VLAN=yes diff --git a/deploy/adapters/ansible/roles/config-controller/templates/ifcfg-if.vxlan b/deploy/adapters/ansible/roles/config-controller/templates/ifcfg-if.vxlan new file mode 100644 index 00000000..9fb19b0c --- /dev/null +++ b/deploy/adapters/ansible/roles/config-controller/templates/ifcfg-if.vxlan @@ -0,0 +1,4 @@ +DEVICE={{sys_intf_mappings["mgmt"]["interface"]}}.{{sys_intf_mappings["mgmt"]["vlan_tag"]}} +BOOTPROTO=none +ONBOOT=yes +VLAN=yes diff --git a/deploy/adapters/ansible/roles/pre-prepare/files/centos_base.repo b/deploy/adapters/ansible/roles/pre-prepare/files/centos_base.repo new file mode 100644 index 00000000..ba768e0a --- /dev/null +++ b/deploy/adapters/ansible/roles/pre-prepare/files/centos_base.repo @@ -0,0 +1,31 @@ +[base] +name=CentOS-$releasever - Base +mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=os&infra=$infra +#baseurl=http://mirror.centos.org/centos/$releasever/os/$basearch/ +gpgcheck=1 +gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7 + +#released updates +[updates] +name=CentOS-$releasever - Updates +mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=updates&infra=$infra +#baseurl=http://mirror.centos.org/centos/$releasever/updates/$basearch/ +gpgcheck=1 +gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7 + +#additional packages that may be useful +[extras] +name=CentOS-$releasever - Extras +mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=extras&infra=$infra +#baseurl=http://mirror.centos.org/centos/$releasever/extras/$basearch/ +gpgcheck=1 +gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7 + +#additional packages that extend functionality of existing packages +[centosplus] +name=CentOS-$releasever - Plus +mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=centosplus&infra=$infra +#baseurl=http://mirror.centos.org/centos/$releasever/centosplus/$basearch/ +gpgcheck=1 +enabled=0 +gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7 diff --git a/deploy/adapters/ansible/roles/pre-prepare/tasks/RedHat.yml b/deploy/adapters/ansible/roles/pre-prepare/tasks/RedHat.yml new file mode 100644 index 00000000..5456c9fc --- /dev/null +++ b/deploy/adapters/ansible/roles/pre-prepare/tasks/RedHat.yml @@ -0,0 +1,77 @@ +############################################################################## +# Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others. +# +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +- name: make sure ssh dir exist + file: + path: '{{ item.path }}' + owner: '{{ item.owner }}' + group: '{{ item.group }}' + state: directory + mode: 0755 + with_items: + - path: /root/.ssh + owner: root + group: root + +- name: write ssh config + copy: + content: "UserKnownHostsFile /dev/null\nStrictHostKeyChecking no" + dest: '{{ item.dest }}' + owner: '{{ item.owner }}' + group: '{{ item.group }}' + mode: 0600 + with_items: + - dest: /root/.ssh/config + owner: root + group: root + +- name: generate ssh keys + shell: if [ ! -f ~/.ssh/id_rsa.pub ]; \ + then ssh-keygen -q -t rsa -f ~/.ssh/id_rsa -N ""; \ + else echo "already gen ssh key!"; fi; + +- name: fetch ssh keys + fetch: + src: /root/.ssh/id_rsa.pub + dest: /tmp/ssh-keys-{{ ansible_hostname }} + flat: "yes" + +- authorized_key: + user: root + key: "{{ lookup('file', item) }}" + with_fileglob: + - /tmp/ssh-keys-* + - /root/.ssh/id_rsa.pub + +- name: change sources(yum) list + copy: + src: centos_base.repo + dest: /etc/yum.repos.d/centos_base.repo + +- name: Install yum packages + yum: + pkg: "{{ item }}" + state: "present" + with_items: "{{ yumpackages }}" + +- name: add the appropriate kernel modules + copy: + src: modules + dest: /etc/modules-load.d/openstack-ansible.conf + +- name: restart ntp service + shell: "systemctl enable ntpd.service && systemctl start ntpd.service" + +- name: change the MaxSessions + lineinfile: + dest: /etc/ssh/sshd_config + line: "MaxSessions 500" + +- name: restart ssh service + shell: service sshd restart diff --git a/deploy/adapters/ansible/roles/pre-prepare/tasks/Ubuntu.yml b/deploy/adapters/ansible/roles/pre-prepare/tasks/Ubuntu.yml new file mode 100644 index 00000000..a0f7d015 --- /dev/null +++ b/deploy/adapters/ansible/roles/pre-prepare/tasks/Ubuntu.yml @@ -0,0 +1,76 @@ +############################################################################## +# Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others. +# +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +- name: make sure ssh dir exist + file: + path: '{{ item.path }}' + owner: '{{ item.owner }}' + group: '{{ item.group }}' + state: directory + mode: 0755 + with_items: + - path: /root/.ssh + owner: root + group: root + +- name: write ssh config + copy: + content: "UserKnownHostsFile /dev/null\nStrictHostKeyChecking no" + dest: '{{ item.dest }}' + owner: '{{ item.owner }}' + group: '{{ item.group }}' + mode: 0600 + with_items: + - dest: /root/.ssh/config + owner: root + group: root + +- name: generate ssh keys + shell: if [ ! -f ~/.ssh/id_rsa.pub ]; \ + then ssh-keygen -q -t rsa -f ~/.ssh/id_rsa -N ""; \ + else echo "already gen ssh key!"; fi; + +- name: fetch ssh keys + fetch: + src: /root/.ssh/id_rsa.pub + dest: /tmp/ssh-keys-{{ ansible_hostname }} + flat: "yes" + +- authorized_key: + user: root + key: "{{ lookup('file', item) }}" + with_fileglob: + - /tmp/ssh-keys-* + - /root/.ssh/id_rsa.pub + +- name: change sourcesi(apt) list + template: + src: sources.list + dest: /etc/apt/sources.list + +- name: rm apt.conf + file: + path: /etc/apt/apt.conf + state: absent + +- name: restart ntp service + shell: "service ntp restart" + +- name: add the appropriate kernel modules + copy: + src: modules + dest: /etc/modules + +- name: change the MaxSessions + lineinfile: + dest: /etc/ssh/sshd_config + line: "MaxSessions 500" + +- name: restart ssh service + shell: service ssh restart diff --git a/deploy/adapters/ansible/roles/pre-prepare/tasks/main.yml b/deploy/adapters/ansible/roles/pre-prepare/tasks/main.yml index 747f5eb7..76203440 100644 --- a/deploy/adapters/ansible/roles/pre-prepare/tasks/main.yml +++ b/deploy/adapters/ansible/roles/pre-prepare/tasks/main.yml @@ -7,62 +7,8 @@ # http://www.apache.org/licenses/LICENSE-2.0 ############################################################################## --- -- name: make sure ssh dir exist - file: - path: '{{ item.path }}' - owner: '{{ item.owner }}' - group: '{{ item.group }}' - state: directory - mode: 0755 - with_items: - - path: /root/.ssh - owner: root - group: root +- include: "{{ ansible_distribution }}.yml" + when: ansible_distribution == 'Ubuntu' -- name: write ssh config - copy: - content: "UserKnownHostsFile /dev/null\nStrictHostKeyChecking no" - dest: '{{ item.dest }}' - owner: '{{ item.owner }}' - group: '{{ item.group }}' - mode: 0600 - with_items: - - dest: /root/.ssh/config - owner: root - group: root - -- name: generate ssh keys - shell: if [ ! -f ~/.ssh/id_rsa.pub ]; \ - then ssh-keygen -q -t rsa -f ~/.ssh/id_rsa -N ""; \ - else echo "already gen ssh key!"; fi; - -- name: fetch ssh keys - fetch: - src: /root/.ssh/id_rsa.pub - dest: /tmp/ssh-keys-{{ ansible_hostname }} - flat: "yes" - -- authorized_key: - user: root - key: "{{ lookup('file', item) }}" - with_fileglob: - - /tmp/ssh-keys-* - - /root/.ssh/id_rsa.pub - -- name: change sources list - template: - src: sources.list - dest: /etc/apt/sources.list - -- name: rm apt.conf - file: - path: /etc/apt/apt.conf - state: absent - -- name: restart ntp service - shell: "service ntp restart" - -- name: add the appropriate kernel modules - copy: - src: modules - dest: /etc/modules +- include: "{{ ansible_os_family }}.yml" + when: ansible_os_family == 'RedHat' and ansible_distribution_major_version == '7' diff --git a/deploy/adapters/ansible/roles/pre-prepare/vars/main.yml b/deploy/adapters/ansible/roles/pre-prepare/vars/main.yml index 66cf66bf..f44a9f9f 100644 --- a/deploy/adapters/ansible/roles/pre-prepare/vars/main.yml +++ b/deploy/adapters/ansible/roles/pre-prepare/vars/main.yml @@ -1,5 +1,5 @@ --- -packages: +aptpackages: - bridge-utils - debootstrap - ifenslave @@ -11,3 +11,10 @@ packages: - sudo - vlan - tcpdump + +yumpackages: +- bridge-utils +- iputils +- lvm2 +- ntp +- tcpdump diff --git a/deploy/adapters/ansible/roles/setup-host/tasks/main.yml b/deploy/adapters/ansible/roles/setup-host/tasks/main.yml index f0b1051c..e22b3c60 100644 --- a/deploy/adapters/ansible/roles/setup-host/tasks/main.yml +++ b/deploy/adapters/ansible/roles/setup-host/tasks/main.yml @@ -15,7 +15,20 @@ | tee -a /var/log/osa/host.log > /dev/null" - name: read the ansible log file - shell: cat /var/log/osa/host.log | tail -n 1000 + shell: cat /var/log/osa/host.log | tail -n 500 | grep failed=1 |awk '{print $1}' + register: failed_container + +- name: echo failed_container + shell: "export ANSIBLE_LOG_PATH=/var/ansible/run/openstack_ocata-opnfv2/ansible.log; \ + export ANSIBLE_SCP_IF_SSH=y; \ + cd /opt/openstack-ansible/playbooks; \ + openstack-ansible setup-hosts.yml --limit {{item}} \ + | tee -a /var/log/osa/retry-host.log > /dev/null" + with_items: + - "{{ failed_container.stdout_lines }}" + +- name: read the ansible log file + shell: cat /var/log/osa/retry-host.log | tail -n 500 register: setup_host_result - fail: |