summaryrefslogtreecommitdiffstats
path: root/deploy/adapters/ansible
diff options
context:
space:
mode:
Diffstat (limited to 'deploy/adapters/ansible')
-rw-r--r--deploy/adapters/ansible/openstack_mitaka/roles/ceph-osd/tasks/install_osd.yml5
-rw-r--r--deploy/adapters/ansible/openstack_mitaka/roles/tacker/files/tacker.conf36
-rwxr-xr-xdeploy/adapters/ansible/openstack_mitaka/roles/tacker/tasks/tacker_controller.yml215
-rw-r--r--deploy/adapters/ansible/openstack_mitaka/roles/tacker/templates/config.yaml4
-rw-r--r--deploy/adapters/ansible/openstack_mitaka/roles/tacker/templates/tackerc.sh12
-rw-r--r--deploy/adapters/ansible/openstack_mitaka_xenial/roles/ceph-osd/tasks/install_osd.yml5
-rwxr-xr-xdeploy/adapters/ansible/openstack_mitaka_xenial/roles/dashboard/templates/openstack-dashboard.conf.j22
-rw-r--r--deploy/adapters/ansible/openstack_mitaka_xenial/roles/keystone/templates/wsgi-keystone.conf.j22
-rw-r--r--deploy/adapters/ansible/openstack_newton_xenial/HA-ansible-multinodes.yml2
-rw-r--r--deploy/adapters/ansible/openstack_newton_xenial/roles/aodh/tasks/aodh_install.yml5
-rw-r--r--deploy/adapters/ansible/openstack_newton_xenial/roles/aodh/templates/aodh.conf.j238
-rw-r--r--deploy/adapters/ansible/openstack_newton_xenial/roles/aodh/templates/api_paste.ini.j222
-rw-r--r--deploy/adapters/ansible/openstack_newton_xenial/roles/aodh/templates/policy.json.j220
-rw-r--r--deploy/adapters/ansible/openstack_newton_xenial/roles/aodh/vars/Debian.yml2
-rw-r--r--deploy/adapters/ansible/openstack_newton_xenial/roles/aodh/vars/RedHat.yml2
-rw-r--r--deploy/adapters/ansible/openstack_newton_xenial/roles/ceilometer_compute/templates/ceilometer.conf.j27
-rw-r--r--deploy/adapters/ansible/openstack_newton_xenial/roles/ceilometer_controller/templates/wsgi-ceilometer.conf.j22
-rw-r--r--deploy/adapters/ansible/openstack_newton_xenial/roles/ceph-osd/tasks/install_osd.yml5
-rw-r--r--deploy/adapters/ansible/openstack_newton_xenial/roles/cinder-volume/templates/cinder.conf7
-rwxr-xr-xdeploy/adapters/ansible/openstack_newton_xenial/roles/dashboard/templates/openstack-dashboard.conf.j22
-rw-r--r--deploy/adapters/ansible/openstack_newton_xenial/roles/keystone/tasks/keystone_config.yml7
-rw-r--r--deploy/adapters/ansible/openstack_newton_xenial/roles/keystone/templates/wsgi-keystone.conf.j22
-rw-r--r--deploy/adapters/ansible/openstack_newton_xenial/roles/neutron-compute/tasks/main.yml2
-rw-r--r--deploy/adapters/ansible/openstack_newton_xenial/roles/neutron-compute/templates/neutron.conf105
-rw-r--r--deploy/adapters/ansible/openstack_newton_xenial/roles/nova-compute/tasks/main.yml8
-rw-r--r--deploy/adapters/ansible/openstack_newton_xenial/roles/nova-compute/templates/nova.conf75
-rwxr-xr-xdeploy/adapters/ansible/openstack_osp9/roles/ceph-osd/tasks/install_osd.yml5
-rwxr-xr-xdeploy/adapters/ansible/roles/ceph-config/tasks/create_config.yml15
-rwxr-xr-xdeploy/adapters/ansible/roles/ceph-openstack/tasks/ceph_openstack_conf.yml4
-rwxr-xr-xdeploy/adapters/ansible/roles/ceph-openstack/tasks/ceph_openstack_pre.yml32
-rw-r--r--deploy/adapters/ansible/roles/ceph-openstack/templates/secret.j22
-rw-r--r--deploy/adapters/ansible/roles/ceph-osd/tasks/install_osd.yml5
-rw-r--r--deploy/adapters/ansible/roles/common/tasks/main.yml6
33 files changed, 512 insertions, 151 deletions
diff --git a/deploy/adapters/ansible/openstack_mitaka/roles/ceph-osd/tasks/install_osd.yml b/deploy/adapters/ansible/openstack_mitaka/roles/ceph-osd/tasks/install_osd.yml
index 0e476085..35e84cf8 100644
--- a/deploy/adapters/ansible/openstack_mitaka/roles/ceph-osd/tasks/install_osd.yml
+++ b/deploy/adapters/ansible/openstack_mitaka/roles/ceph-osd/tasks/install_osd.yml
@@ -11,6 +11,11 @@
- name: create osd lv and mount it on /var/local/osd
script: create_osd.sh
+- name: fetch osd keyring from ceph_adm
+ fetch: src="/var/lib/ceph/bootstrap-osd/ceph.keyring" dest="/tmp/ceph.osd.keyring" flat=yes
+ delegate_to: "{{ public_vip.ip }}"
+ when: compute_expansion
+
- name: copy osd keyring
copy: src="/tmp/ceph.osd.keyring" dest="/var/lib/ceph/bootstrap-osd/ceph.keyring"
diff --git a/deploy/adapters/ansible/openstack_mitaka/roles/tacker/files/tacker.conf b/deploy/adapters/ansible/openstack_mitaka/roles/tacker/files/tacker.conf
new file mode 100644
index 00000000..0c90dcb9
--- /dev/null
+++ b/deploy/adapters/ansible/openstack_mitaka/roles/tacker/files/tacker.conf
@@ -0,0 +1,36 @@
+description "OpenStack Tacker Server"
+author "Yifei Xue <xueyifei@huawei.com>"
+
+start on runlevel [2345]
+stop on runlevel [!2345]
+
+chdir /var/run
+
+respawn
+respawn limit 20 5
+limit nofile 65535 65535
+
+pre-start script
+ for i in lock run log lib ; do
+ mkdir -p /var/$i/tacker
+ chown root /var/$i/tacker
+ done
+end script
+
+script
+ [ -x "/usr/local/bin/tacker-server" ] || exit 0
+ DAEMON_ARGS=""
+ CONFIG_FILE="/usr/local/etc/tacker/tacker.conf"
+ USE_SYSLOG=""
+ USE_LOGFILE=""
+ NO_OPENSTACK_CONFIG_FILE_DAEMON_ARG=""
+ [ -r /etc/default/openstack ] && . /etc/default/openstack
+ [ -r /etc/default/$UPSTART_JOB ] && . /etc/default/$UPSTART_JOB
+ [ "x$USE_SYSLOG" = "xyes" ] && DAEMON_ARGS="$DAEMON_ARGS --use-syslog"
+ [ "x$USE_LOGFILE" != "xno" ] && DAEMON_ARGS="$DAEMON_ARGS --log-file=/var/log/tacker/tacker.log"
+ [ -z "$NO_OPENSTACK_CONFIG_FILE_DAEMON_ARG" ] && DAEMON_ARGS="$DAEMON_ARGS --config-file=$CONFIG_FILE"
+
+ exec start-stop-daemon --start --chdir /var/lib/tacker \
+ --chuid root:root --make-pidfile --pidfile /var/run/tacker/tacker.pid \
+ --exec /usr/local/bin/tacker-server -- ${DAEMON_ARGS}
+end script
diff --git a/deploy/adapters/ansible/openstack_mitaka/roles/tacker/tasks/tacker_controller.yml b/deploy/adapters/ansible/openstack_mitaka/roles/tacker/tasks/tacker_controller.yml
new file mode 100755
index 00000000..cd3b19e8
--- /dev/null
+++ b/deploy/adapters/ansible/openstack_mitaka/roles/tacker/tasks/tacker_controller.yml
@@ -0,0 +1,215 @@
+##############################################################################
+# Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others.
+#
+# All rights reserved. This program and the accompanying materials
+# are made available under the terms of the Apache License, Version 2.0
+# which accompanies this distribution, and is available at
+# http://www.apache.org/licenses/LICENSE-2.0
+##############################################################################
+---
+- name: get http server
+ shell: awk -F'=' '/compass_server/ {print $2}' /etc/compass.conf
+ register: http_server
+
+- name: creat tacker_home, tacker_client_home, tacker_horizon_home
+ shell: >
+ mkdir -p /opt/tacker
+ mkdir -p /opt/tacker_client
+ mkdir -p /opt/tacker_horizon
+
+- name: download tacker package
+ get_url: url="http://{{ http_server.stdout_lines[0] }}/packages/tacker/{{ tacker_pkg_name }}" dest=/opt/{{ tacker_pkg_name }}
+
+- name: download tacker_client package
+ get_url: url="http://{{ http_server.stdout_lines[0] }}/packages/tacker/{{ tacker_client_pkg_name }}" dest=/opt/{{ tacker_client_pkg_name }}
+
+- name: download tacker_horizon package
+ get_url: url="http://{{ http_server.stdout_lines[0] }}/packages/tacker/{{ tacker_horizon_pkg_name }}" dest=/opt/{{ tacker_horizon_pkg_name }}
+
+- name: extract tacker package
+ command: su -s /bin/sh -c "tar xzf /opt/{{ tacker_pkg_name }} -C {{ tacker_home }} --strip-components 1 --no-overwrite-dir -k --skip-old-files"
+
+- name: extract tacker_client package
+ command: su -s /bin/sh -c "tar xzf /opt/{{ tacker_client_pkg_name }} -C {{ tacker_client_home }} --strip-components 1 --no-overwrite-dir -k --skip-old-files"
+
+- name: extract tacker_horizon package
+ command: su -s /bin/sh -c "tar xzf /opt/{{ tacker_horizon_pkg_name }} -C {{ tacker_horizon_home }} --strip-components 1 --no-overwrite-dir -k --skip-old-files"
+
+- name: edit ml2_conf.ini
+ shell: crudini --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 extension_drivers port_security;
+
+- name: Restart neutron-server
+ service: name=neutron-server state=restarted
+
+- name: "create haproxy configuration for tacker"
+ template:
+ src: "haproxy-tacker-cfg.j2"
+ dest: "/tmp/haproxy-tacker.cfg"
+
+- name: get the current haproxy configuration
+ shell: cat /etc/haproxy/haproxy.cfg
+ register: ha_cfg
+
+- name: "combination of the haproxy configuration"
+ shell: "cat /tmp/haproxy-tacker.cfg >> /etc/haproxy/haproxy.cfg"
+ when: ha_cfg.stdout.find('8888') == -1
+
+- name: "delete temporary configuration file"
+ file:
+ dest: "/tmp/haproxy-tacker.cfg"
+ state: "absent"
+
+- name: "restart haproxy"
+ service:
+ name: "haproxy"
+ state: "restarted"
+
+- name: drop and recreate tacker database
+ shell: mysql -e "drop database if exists tacker;";
+ mysql -e "create database tacker character set utf8;";
+ mysql -e "grant all on tacker.* to 'tacker'@'%' identified by 'TACKER_DBPASS';";
+ when: inventory_hostname == haproxy_hosts.keys()[0]
+
+- name: get the openstack user info
+ shell: . /opt/admin-openrc.sh; openstack user list
+ register: user_info
+
+- name: get the openstack service info
+ shell: . /opt/admin-openrc.sh; openstack service list
+ register: service_info
+
+- name: get the openstack endpoint info
+ shell: . /opt/admin-openrc.sh; openstack endpoint list
+ register: endpoint_info
+
+- name: delete the existed tacker endpoint
+ shell: . /opt/admin-openrc.sh; openstack endpoint delete $(openstack endpoint list | grep tacker | awk '{print $2}')
+ when: endpoint_info.stdout.find('tacker') != -1 and inventory_hostname == haproxy_hosts.keys()[0]
+
+- name: delete the existed tacker service
+ shell: . /opt/admin-openrc.sh; openstack service delete tacker
+ when: service_info.stdout.find('tacker') != -1 and inventory_hostname == haproxy_hosts.keys()[0]
+
+- name: delete the existed tacker user
+ shell: . /opt/admin-openrc.sh; openstack user delete tacker
+ when: user_info.stdout.find('tacker') != -1 and inventory_hostname == haproxy_hosts.keys()[0]
+
+- name: create tacker user with admin privileges
+ shell: . /opt/admin-openrc.sh; openstack user create --password console tacker; openstack role add --project service --user tacker admin;
+ when: inventory_hostname == haproxy_hosts.keys()[0]
+
+- name: creat tacker service
+ shell: >
+ . /opt/admin-openrc.sh; openstack service create --name tacker --description "Tacker Project" nfv-orchestration
+ when: inventory_hostname == haproxy_hosts.keys()[0]
+
+- name: provide an endpoint to tacker service
+ shell: >
+ . /opt/admin-openrc.sh; openstack endpoint create --region RegionOne \
+ --publicurl 'http://{{ public_vip.ip }}:8888/' \
+ --adminurl 'http://{{ internal_vip.ip }}:8888/' \
+ --internalurl 'http://{{ internal_vip.ip }}:8888/' tacker
+ when: inventory_hostname == haproxy_hosts.keys()[0]
+
+- name: install pip package
+ pip: name=Babel state=present version=2.3.4
+
+- name: install pip packages
+ shell: >
+ pip install tosca-parser heat-translator oslosphinx;
+
+- name: install tacker
+ shell: >
+ . /opt/admin-openrc.sh; cd {{ tacker_home }}; python setup.py install
+
+- name: create 'tacker' directory in '/var/cache', set ownership and permissions
+ shell: >
+ mkdir -p /var/cache/tacker
+# sudo chown <LOGIN_USER>:root /var/cache/tacker
+# chmod 700 /var/cache/tacker
+
+- name: create 'tacker' directory in '/var/log'
+ shell: mkdir -p /var/log/tacker
+
+- name: copy tacker configs
+ template: src={{ item.src }} dest=/opt/os_templates
+ with_items: "{{ tacker_configs_templates }}"
+
+- name: edit tacker configuration file
+ shell: crudini --merge /usr/local/etc/tacker/tacker.conf < /opt/os_templates/tacker.j2
+
+- name: populate tacker database
+ shell: >
+ . /opt/admin-openrc.sh; /usr/local/bin/tacker-db-manage --config-file /usr/local/etc/tacker/tacker.conf upgrade head
+ when: inventory_hostname == haproxy_hosts.keys()[0]
+
+- name: install tacker client
+ shell: >
+ . /opt/admin-openrc.sh; cd {{ tacker_client_home }}; python setup.py install
+
+- name: install tacker horizon
+ shell: >
+ . /opt/admin-openrc.sh; cd {{ tacker_horizon_home }}; python setup.py install
+
+- name: enable tacker horizon in dashboard
+ shell: >
+ cp {{ tacker_horizon_home }}/openstack_dashboard_extensions/* /usr/share/openstack-dashboard/openstack_dashboard/enabled/
+
+- name: restart apache server
+ shell: service apache2 restart
+
+- name: create tacker service
+ copy: src=tacker.conf dest=/etc/init
+
+- name: create tacker service work dir
+ file: path=/var/lib/tacker state=directory
+
+- name: link the tacker service
+ file:
+ src: /etc/init/tacker.conf
+ dest: /etc/init.d/tacker
+ state: link
+
+- name: start tacker service
+ shell: service tacker start
+
+- name: create tackerc file
+ template: src=tackerc.sh dest=/opt/tackerc.sh mode=777
+
+- name: get the nfv_user info
+ shell: . /opt/tackerc.sh; openstack user list
+ register: nfvuser_info
+
+- name: delete the existed nfv user
+ shell: . /opt/tackerc.sh; openstack user delete nfv_user
+ when: nfvuser_info.stdout.find('nfv') != -1 and inventory_hostname == haproxy_hosts.keys()[0]
+
+- name: get the openstack project info
+ shell: . /opt/tackerc.sh; openstack project list
+ register: nfvproject_info
+
+- name: delete the existed nfv project
+ shell: . /opt/tackerc.sh; openstack project delete $(openstack project list | grep nfv | awk '{print $2}')
+ when: nfvproject_info.stdout.find('nfv') != -1 and inventory_hostname == haproxy_hosts.keys()[0]
+
+- name: create an nfv project
+ shell: . /opt/tackerc.sh; openstack project create --description "NFV Project" nfv
+ when: inventory_hostname == haproxy_hosts.keys()[0]
+
+- name: create nfv user with admin privileges
+ shell: . /opt/tackerc.sh; openstack user create --password console nfv_user; openstack role add --project nfv --user nfv_user admin;
+ when: inventory_hostname == haproxy_hosts.keys()[0]
+
+- name: create config.yml
+ template: src=config.yaml dest=/opt/config.yaml
+
+- name: check if tacker running
+ shell: . /opt/tackerc.sh; while (!(tacker ext-list)); do sleep 30; done
+
+- name: register VIM to tacker
+ shell: . /opt/tackerc.sh; tacker vim-register --config-file /opt/config.yaml --description "OpenStack" --name VIM0
+ when: inventory_hostname == haproxy_hosts.keys()[0]
+
+- name: restart tacker service
+ shell: service tacker stop; service tacker start
+
diff --git a/deploy/adapters/ansible/openstack_mitaka/roles/tacker/templates/config.yaml b/deploy/adapters/ansible/openstack_mitaka/roles/tacker/templates/config.yaml
new file mode 100644
index 00000000..8f73e907
--- /dev/null
+++ b/deploy/adapters/ansible/openstack_mitaka/roles/tacker/templates/config.yaml
@@ -0,0 +1,4 @@
+auth_url: 'http://{{ public_vip.ip }}:5000/v2.0'
+username: 'nfv_user'
+password: 'console'
+project_name: 'nfv'
diff --git a/deploy/adapters/ansible/openstack_mitaka/roles/tacker/templates/tackerc.sh b/deploy/adapters/ansible/openstack_mitaka/roles/tacker/templates/tackerc.sh
new file mode 100644
index 00000000..c673e7f1
--- /dev/null
+++ b/deploy/adapters/ansible/openstack_mitaka/roles/tacker/templates/tackerc.sh
@@ -0,0 +1,12 @@
+#!/bin/sh
+export LC_ALL=C
+export OS_NO_CACHE=true
+export OS_TENANT_NAME=service
+export OS_PROJECT_NAME=service
+export OS_USERNAME=tacker
+export OS_PASSWORD=console
+export OS_AUTH_URL=http://{{ internal_vip.ip }}:5000/v2.0
+export OS_DEFAULT_DOMAIN=default
+export OS_AUTH_STRATEGY=keystone
+export OS_REGION_NAME=RegionOne
+export TACKER_ENDPOINT_TYPE=internalurl
diff --git a/deploy/adapters/ansible/openstack_mitaka_xenial/roles/ceph-osd/tasks/install_osd.yml b/deploy/adapters/ansible/openstack_mitaka_xenial/roles/ceph-osd/tasks/install_osd.yml
index 16f261ef..363e5e6d 100644
--- a/deploy/adapters/ansible/openstack_mitaka_xenial/roles/ceph-osd/tasks/install_osd.yml
+++ b/deploy/adapters/ansible/openstack_mitaka_xenial/roles/ceph-osd/tasks/install_osd.yml
@@ -11,6 +11,11 @@
- name: create osd lv and mount it on /var/local/osd
script: create_osd.sh
+- name: fetch osd keyring from ceph_adm
+ fetch: src="/var/lib/ceph/bootstrap-osd/ceph.keyring" dest="/tmp/ceph.osd.keyring" flat=yes
+ delegate_to: "{{ public_vip.ip }}"
+ when: compute_expansion
+
- name: copy osd keyring
copy: src="/tmp/ceph.osd.keyring" dest="/var/lib/ceph/bootstrap-osd/ceph.keyring"
diff --git a/deploy/adapters/ansible/openstack_mitaka_xenial/roles/dashboard/templates/openstack-dashboard.conf.j2 b/deploy/adapters/ansible/openstack_mitaka_xenial/roles/dashboard/templates/openstack-dashboard.conf.j2
index 89a70686..664af687 100755
--- a/deploy/adapters/ansible/openstack_mitaka_xenial/roles/dashboard/templates/openstack-dashboard.conf.j2
+++ b/deploy/adapters/ansible/openstack_mitaka_xenial/roles/dashboard/templates/openstack-dashboard.conf.j2
@@ -1,6 +1,6 @@
{% set work_threads = (ansible_processor_vcpus + 1) // 2 %}
{% if work_threads > 10 %}
- set work_threads = 10
+{% set work_threads = 10 %}
{% endif %}
<VirtualHost {{ internal_ip }}:80>
diff --git a/deploy/adapters/ansible/openstack_mitaka_xenial/roles/keystone/templates/wsgi-keystone.conf.j2 b/deploy/adapters/ansible/openstack_mitaka_xenial/roles/keystone/templates/wsgi-keystone.conf.j2
index f5f9d339..55c89839 100644
--- a/deploy/adapters/ansible/openstack_mitaka_xenial/roles/keystone/templates/wsgi-keystone.conf.j2
+++ b/deploy/adapters/ansible/openstack_mitaka_xenial/roles/keystone/templates/wsgi-keystone.conf.j2
@@ -1,6 +1,6 @@
{% set work_threads = (ansible_processor_vcpus + 1) // 2 %}
{% if work_threads > 10 %}
- set work_threads = 10
+{% set work_threads = 10 %}
{% endif %}
<VirtualHost {{ internal_ip }}:5000>
diff --git a/deploy/adapters/ansible/openstack_newton_xenial/HA-ansible-multinodes.yml b/deploy/adapters/ansible/openstack_newton_xenial/HA-ansible-multinodes.yml
index 25847ce5..236035e0 100644
--- a/deploy/adapters/ansible/openstack_newton_xenial/HA-ansible-multinodes.yml
+++ b/deploy/adapters/ansible/openstack_newton_xenial/HA-ansible-multinodes.yml
@@ -74,7 +74,7 @@
- ceilometer_controller
- dashboard
- heat
-# - aodh
+ - aodh
- hosts: all
remote_user: root
diff --git a/deploy/adapters/ansible/openstack_newton_xenial/roles/aodh/tasks/aodh_install.yml b/deploy/adapters/ansible/openstack_newton_xenial/roles/aodh/tasks/aodh_install.yml
index eb51fbea..d8a82270 100644
--- a/deploy/adapters/ansible/openstack_newton_xenial/roles/aodh/tasks/aodh_install.yml
+++ b/deploy/adapters/ansible/openstack_newton_xenial/roles/aodh/tasks/aodh_install.yml
@@ -14,12 +14,9 @@
with_items: packages | union(packages_noarch)
- name: update aodh conf
- template: src={{ item }} dest=/etc/aodh/aodh.conf
- backup=yes
+ template: src={{ item }} dest=/etc/aodh/aodh.conf backup=yes
with_items:
- aodh.conf.j2
-# - api_paste.ini.j2
-# - policy.json.j2
notify:
- restart aodh services
diff --git a/deploy/adapters/ansible/openstack_newton_xenial/roles/aodh/templates/aodh.conf.j2 b/deploy/adapters/ansible/openstack_newton_xenial/roles/aodh/templates/aodh.conf.j2
index b580d78c..d9eb0599 100644
--- a/deploy/adapters/ansible/openstack_newton_xenial/roles/aodh/templates/aodh.conf.j2
+++ b/deploy/adapters/ansible/openstack_newton_xenial/roles/aodh/templates/aodh.conf.j2
@@ -5,17 +5,16 @@
{% set memcached_servers = memcached_servers|join(',') %}
[DEFAULT]
+transport_url = rabbit://{{ RABBIT_USER }}:{{ RABBIT_PASS }}@{{ rabbit_host }}
+rpc_backend = rabbit
+
bind_host = {{ internal_ip }}
bind_port = 8042
-rpc_backend = rabbit
auth_strategy = keystone
debug = True
-[oslo_messaging_rabbit]
-rabbit_hosts = {{ internal_vip.ip }}
-rabbit_userid = {{ RABBIT_USER }}
-rabbit_password = {{ RABBIT_PASS }}
-#rabbit_use_ssl = false
+[api]
+host = {{ internal_ip }}
[database]
connection = mysql://aodh:{{ AODH_DBPASS }}@{{ db_host }}/aodh
@@ -23,25 +22,27 @@ connection = mysql://aodh:{{ AODH_DBPASS }}@{{ db_host }}/aodh
[keystone_authtoken]
auth_uri = http://{{ internal_vip.ip }}:5000
auth_url = http://{{ internal_vip.ip }}:35357
+memcached_servers = {{ memcached_servers }}
+auth_type = password
+project_domain_name = default
+user_domain_name = default
+project_name = service
+username = aodh
+password = {{ AODH_PASS }}
+
identity_uri = http://{{ internal_vip.ip }}:35357
auth_plugin = password
project_domain_id = default
user_domain_id = default
-project_name = service
-username = aodh
-password = {{ AODH_PASS }}
-memcached_servers = {{ memcached_servers }}
token_cache_time = 300
revocation_cache_time = 60
-[service_credentials]
-os_auth_url = http://{{ internal_vip.ip }}:5000/v3
-os_username = aodh
-os_tenant_name = service
-os_password = {{ AODH_PASS }}
-os_endpoint_type = internalURL
-os_region_name = RegionOne
+[oslo_messaging_rabbit]
+rabbit_hosts = {{ internal_vip.ip }}
+rabbit_userid = {{ RABBIT_USER }}
+rabbit_password = {{ RABBIT_PASS }}
+[service_credentials]
auth_type = password
auth_url = http://{{ internal_vip.ip }}:5000/v3
project_domain_name = default
@@ -52,5 +53,4 @@ password = {{ AODH_PASS }}
interface = internalURL
region_name = RegionOne
-[api]
-host = {{ internal_ip }}
+endpoint_type = internalURL
diff --git a/deploy/adapters/ansible/openstack_newton_xenial/roles/aodh/templates/api_paste.ini.j2 b/deploy/adapters/ansible/openstack_newton_xenial/roles/aodh/templates/api_paste.ini.j2
deleted file mode 100644
index 151789c4..00000000
--- a/deploy/adapters/ansible/openstack_newton_xenial/roles/aodh/templates/api_paste.ini.j2
+++ /dev/null
@@ -1,22 +0,0 @@
-# aodh API WSGI Pipeline
-# Define the filters that make up the pipeline for processing WSGI requests
-# Note: This pipeline is PasteDeploy's term rather than aodh's pipeline
-# used for processing samples
-
-# Remove authtoken from the pipeline if you don't want to use keystone authentication
-[pipeline:main]
-pipeline = cors request_id authtoken api-server
-
-[app:api-server]
-paste.app_factory = aodh.api.app:app_factory
-
-[filter:authtoken]
-paste.filter_factory = keystonemiddleware.auth_token:filter_factory
-oslo_config_project = aodh
-
-[filter:request_id]
-paste.filter_factory = oslo_middleware:RequestId.factory
-
-[filter:cors]
-paste.filter_factory = oslo_middleware.cors:filter_factory
-oslo_config_project = aodh
diff --git a/deploy/adapters/ansible/openstack_newton_xenial/roles/aodh/templates/policy.json.j2 b/deploy/adapters/ansible/openstack_newton_xenial/roles/aodh/templates/policy.json.j2
deleted file mode 100644
index 4fd873e9..00000000
--- a/deploy/adapters/ansible/openstack_newton_xenial/roles/aodh/templates/policy.json.j2
+++ /dev/null
@@ -1,20 +0,0 @@
-{
- "context_is_admin": "role:admin",
- "segregation": "rule:context_is_admin",
- "admin_or_owner": "rule:context_is_admin or project_id:%(project_id)s",
- "default": "rule:admin_or_owner",
-
- "telemetry:get_alarm": "rule:admin_or_owner",
- "telemetry:get_alarms": "rule:admin_or_owner",
- "telemetry:query_alarm": "rule:admin_or_owner",
-
- "telemetry:create_alarm": "",
- "telemetry:change_alarm": "rule:admin_or_owner",
- "telemetry:delete_alarm": "rule:admin_or_owner",
-
- "telemetry:get_alarm_state": "rule:admin_or_owner",
- "telemetry:change_alarm_state": "rule:admin_or_owner",
-
- "telemetry:alarm_history": "rule:admin_or_owner",
- "telemetry:query_alarm_history": "rule:admin_or_owner"
-}
diff --git a/deploy/adapters/ansible/openstack_newton_xenial/roles/aodh/vars/Debian.yml b/deploy/adapters/ansible/openstack_newton_xenial/roles/aodh/vars/Debian.yml
index bdf4655e..9bf4ad7a 100644
--- a/deploy/adapters/ansible/openstack_newton_xenial/roles/aodh/vars/Debian.yml
+++ b/deploy/adapters/ansible/openstack_newton_xenial/roles/aodh/vars/Debian.yml
@@ -13,7 +13,7 @@ packages:
- aodh-notifier
- aodh-listener
- aodh-expirer
- - python-ceilometerclient
+ - python-aodhclient
services:
- aodh-api
diff --git a/deploy/adapters/ansible/openstack_newton_xenial/roles/aodh/vars/RedHat.yml b/deploy/adapters/ansible/openstack_newton_xenial/roles/aodh/vars/RedHat.yml
index a0381c6b..3d25bd6c 100644
--- a/deploy/adapters/ansible/openstack_newton_xenial/roles/aodh/vars/RedHat.yml
+++ b/deploy/adapters/ansible/openstack_newton_xenial/roles/aodh/vars/RedHat.yml
@@ -13,7 +13,7 @@ packages:
- openstack-aodh-notifier
- openstack-aodh-listener
- openstack-aodh-expirer
- - python-ceilometerclient
+ - python-aodhclient
services:
- openstack-aodh-api
diff --git a/deploy/adapters/ansible/openstack_newton_xenial/roles/ceilometer_compute/templates/ceilometer.conf.j2 b/deploy/adapters/ansible/openstack_newton_xenial/roles/ceilometer_compute/templates/ceilometer.conf.j2
index f388df41..bffd6068 100644
--- a/deploy/adapters/ansible/openstack_newton_xenial/roles/ceilometer_compute/templates/ceilometer.conf.j2
+++ b/deploy/adapters/ansible/openstack_newton_xenial/roles/ceilometer_compute/templates/ceilometer.conf.j2
@@ -1,9 +1,3 @@
-{% set memcached_servers = [] %}
-{% for host in haproxy_hosts.values() %}
-{% set _ = memcached_servers.append('%s:11211'% host) %}
-{% endfor %}
-{% set memcached_servers = memcached_servers|join(',') %}
-
[DEFAULT]
verbose = True
rpc_backend = rabbit
@@ -15,7 +9,6 @@ metering_secret = {{ metering_secret }}
[keystone_authtoken]
auth_uri = http://{{ internal_vip.ip }}:5000
auth_url = http://{{ internal_vip.ip }}:35357
-memcached_servers = {{ memcached_servers }}
auth_type = password
project_domain_name = default
user_domain_name = default
diff --git a/deploy/adapters/ansible/openstack_newton_xenial/roles/ceilometer_controller/templates/wsgi-ceilometer.conf.j2 b/deploy/adapters/ansible/openstack_newton_xenial/roles/ceilometer_controller/templates/wsgi-ceilometer.conf.j2
index a6fd6840..9909f800 100644
--- a/deploy/adapters/ansible/openstack_newton_xenial/roles/ceilometer_controller/templates/wsgi-ceilometer.conf.j2
+++ b/deploy/adapters/ansible/openstack_newton_xenial/roles/ceilometer_controller/templates/wsgi-ceilometer.conf.j2
@@ -1,6 +1,6 @@
{% set work_threads = (ansible_processor_vcpus + 1) // 2 %}
{% if work_threads > 10 %}
- set work_threads = 10
+{% set work_threads = 10 %}
{% endif %}
<VirtualHost {{ internal_ip }}:8777>
diff --git a/deploy/adapters/ansible/openstack_newton_xenial/roles/ceph-osd/tasks/install_osd.yml b/deploy/adapters/ansible/openstack_newton_xenial/roles/ceph-osd/tasks/install_osd.yml
index 16f261ef..363e5e6d 100644
--- a/deploy/adapters/ansible/openstack_newton_xenial/roles/ceph-osd/tasks/install_osd.yml
+++ b/deploy/adapters/ansible/openstack_newton_xenial/roles/ceph-osd/tasks/install_osd.yml
@@ -11,6 +11,11 @@
- name: create osd lv and mount it on /var/local/osd
script: create_osd.sh
+- name: fetch osd keyring from ceph_adm
+ fetch: src="/var/lib/ceph/bootstrap-osd/ceph.keyring" dest="/tmp/ceph.osd.keyring" flat=yes
+ delegate_to: "{{ public_vip.ip }}"
+ when: compute_expansion
+
- name: copy osd keyring
copy: src="/tmp/ceph.osd.keyring" dest="/var/lib/ceph/bootstrap-osd/ceph.keyring"
diff --git a/deploy/adapters/ansible/openstack_newton_xenial/roles/cinder-volume/templates/cinder.conf b/deploy/adapters/ansible/openstack_newton_xenial/roles/cinder-volume/templates/cinder.conf
index e4f98e82..e7946b5c 100644
--- a/deploy/adapters/ansible/openstack_newton_xenial/roles/cinder-volume/templates/cinder.conf
+++ b/deploy/adapters/ansible/openstack_newton_xenial/roles/cinder-volume/templates/cinder.conf
@@ -1,9 +1,3 @@
-{% set memcached_servers = [] %}
-{% for host in haproxy_hosts.values() %}
-{% set _ = memcached_servers.append('%s:11211'% host) %}
-{% endfor %}
-{% set memcached_servers = memcached_servers|join(',') %}
-
[DEFAULT]
rootwrap_config = /etc/cinder/rootwrap.conf
api_paste_confg = /etc/cinder/api-paste.ini
@@ -59,7 +53,6 @@ idle_timeout = 30
[keystone_authtoken]
auth_uri = http://{{ internal_vip.ip }}:5000
auth_url = http://{{ internal_vip.ip }}:35357
-memcached_servers = {{ memcached_servers }}
auth_type = password
project_domain_name = default
user_domain_name = default
diff --git a/deploy/adapters/ansible/openstack_newton_xenial/roles/dashboard/templates/openstack-dashboard.conf.j2 b/deploy/adapters/ansible/openstack_newton_xenial/roles/dashboard/templates/openstack-dashboard.conf.j2
index 89a70686..664af687 100755
--- a/deploy/adapters/ansible/openstack_newton_xenial/roles/dashboard/templates/openstack-dashboard.conf.j2
+++ b/deploy/adapters/ansible/openstack_newton_xenial/roles/dashboard/templates/openstack-dashboard.conf.j2
@@ -1,6 +1,6 @@
{% set work_threads = (ansible_processor_vcpus + 1) // 2 %}
{% if work_threads > 10 %}
- set work_threads = 10
+{% set work_threads = 10 %}
{% endif %}
<VirtualHost {{ internal_ip }}:80>
diff --git a/deploy/adapters/ansible/openstack_newton_xenial/roles/keystone/tasks/keystone_config.yml b/deploy/adapters/ansible/openstack_newton_xenial/roles/keystone/tasks/keystone_config.yml
index 3fea6e28..ea211470 100644
--- a/deploy/adapters/ansible/openstack_newton_xenial/roles/keystone/tasks/keystone_config.yml
+++ b/deploy/adapters/ansible/openstack_newton_xenial/roles/keystone/tasks/keystone_config.yml
@@ -92,10 +92,5 @@
- meta: flush_handlers
- name: wait for keystone ready
- wait_for: port=35357 delay=10 timeout=60 host={{ internal_ip }}
+ wait_for: port=35357 delay=15 timeout=60 host={{ internal_ip }}
-- name: cron job to purge expired tokens hourly
- cron:
- name: 'purge expired tokens'
- special_time: hourly
- job: '/usr/bin/keystone-manage token_flush > /var/log/keystone/keystone-tokenflush.log 2>&1'
diff --git a/deploy/adapters/ansible/openstack_newton_xenial/roles/keystone/templates/wsgi-keystone.conf.j2 b/deploy/adapters/ansible/openstack_newton_xenial/roles/keystone/templates/wsgi-keystone.conf.j2
index f5f9d339..55c89839 100644
--- a/deploy/adapters/ansible/openstack_newton_xenial/roles/keystone/templates/wsgi-keystone.conf.j2
+++ b/deploy/adapters/ansible/openstack_newton_xenial/roles/keystone/templates/wsgi-keystone.conf.j2
@@ -1,6 +1,6 @@
{% set work_threads = (ansible_processor_vcpus + 1) // 2 %}
{% if work_threads > 10 %}
- set work_threads = 10
+{% set work_threads = 10 %}
{% endif %}
<VirtualHost {{ internal_ip }}:5000>
diff --git a/deploy/adapters/ansible/openstack_newton_xenial/roles/neutron-compute/tasks/main.yml b/deploy/adapters/ansible/openstack_newton_xenial/roles/neutron-compute/tasks/main.yml
index fd3e51d3..375e325d 100644
--- a/deploy/adapters/ansible/openstack_newton_xenial/roles/neutron-compute/tasks/main.yml
+++ b/deploy/adapters/ansible/openstack_newton_xenial/roles/neutron-compute/tasks/main.yml
@@ -63,7 +63,7 @@
file: src=/etc/neutron/plugins/ml2/ml2_conf.ini dest=/etc/neutron/plugin.ini state=link
- name: config neutron
- template: src=templates/neutron.conf
+ template: src=neutron.conf
dest=/etc/neutron/neutron.conf backup=yes
notify:
- restart neutron compute service
diff --git a/deploy/adapters/ansible/openstack_newton_xenial/roles/neutron-compute/templates/neutron.conf b/deploy/adapters/ansible/openstack_newton_xenial/roles/neutron-compute/templates/neutron.conf
new file mode 100644
index 00000000..a676e951
--- /dev/null
+++ b/deploy/adapters/ansible/openstack_newton_xenial/roles/neutron-compute/templates/neutron.conf
@@ -0,0 +1,105 @@
+[DEFAULT]
+verbose = {{ VERBOSE }}
+debug = {{ VERBOSE }}
+state_path = /var/lib/neutron
+lock_path = $state_path/lock
+notify_nova_on_port_status_changes = True
+notify_nova_on_port_data_changes = True
+log_dir = /var/log/neutron
+bind_host = {{ network_server_host }}
+bind_port = 9696
+core_plugin = ml2
+service_plugins = router
+api_paste_config = api-paste.ini
+auth_strategy = keystone
+dhcp_lease_duration = 86400
+allow_overlapping_ips = True
+rpc_backend = rabbit
+rpc_thread_pool_size = 240
+rpc_conn_pool_size = 100
+rpc_response_timeout = 300
+rpc_cast_timeout = 300
+notification_driver = neutron.openstack.common.notifier.rpc_notifier
+default_notification_level = INFO
+notification_topics = notifications
+agent_down_time = 75
+network_scheduler_driver = neutron.scheduler.dhcp_agent_scheduler.ChanceScheduler
+router_scheduler_driver = neutron.scheduler.l3_agent_scheduler.ChanceScheduler
+api_workers = 8
+rpc_workers = 8
+notify_nova_on_port_status_changes = True
+notify_nova_on_port_data_changes = True
+nova_url = http://{{ internal_vip.ip }}:8774/v3
+nova_region_name = RegionOne
+nova_admin_username = nova
+nova_admin_password = {{ NOVA_PASS }}
+nova_admin_auth_url = http://{{ internal_vip.ip }}:35357/v3
+send_events_interval = 2
+
+[quotas]
+quota_driver = neutron.db.quota_db.DbQuotaDriver
+quota_items = network,subnet,port
+default_quota = -1
+quota_network = 100
+quota_subnet = 100
+quota_port = 8000
+quota_security_group = 1000
+quota_security_group_rule = 1000
+
+[agent]
+root_helper = "sudo /usr/bin/neutron-rootwrap /etc/neutron/rootwrap.conf"
+report_interval = 30
+
+[keystone_authtoken]
+auth_uri = http://{{ internal_vip.ip }}:5000
+auth_url = http://{{ internal_vip.ip }}:35357
+auth_type = password
+project_domain_name = default
+user_domain_name = default
+project_name = service
+username = neutron
+password = {{ NEUTRON_PASS }}
+
+identity_uri = http://{{ internal_vip.ip }}:35357
+admin_tenant_name = service
+admin_user = neutron
+admin_password = {{ NEUTRON_PASS }}
+signing_dir = $state_path/keystone-signing
+
+[database]
+connection = mysql://neutron:{{ NEUTRON_DBPASS }}@{{ db_host }}/neutron
+slave_connection =
+max_retries = 10
+retry_interval = 10
+min_pool_size = 1
+max_pool_size = 100
+idle_timeout = 30
+use_db_reconnect = True
+max_overflow = 100
+connection_debug = 0
+connection_trace = False
+pool_timeout = 10
+
+[service_providers]
+service_provider=FIREWALL:Iptables:neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewllDriver:default
+
+{% if enable_fwaas %}
+[fwaas]
+driver = neutron_fwaas.services.firewall.drivers.linux.iptables_fwaas.IptablesFwaasDriver
+enabled = True
+{% endif %}
+
+[nova]
+auth_url = http://{{ internal_vip.ip }}:35357
+auth_type = password
+project_domain_name = default
+user_domain_name = default
+project_name = service
+username = nova
+password = {{ NOVA_PASS }}
+
+[oslo_messaging_rabbit]
+rabbit_host = {{ rabbit_host }}
+rabbit_password = {{ RABBIT_PASS }}
+rabbit_port = 5672
+rabbit_userid = {{ RABBIT_USER }}
diff --git a/deploy/adapters/ansible/openstack_newton_xenial/roles/nova-compute/tasks/main.yml b/deploy/adapters/ansible/openstack_newton_xenial/roles/nova-compute/tasks/main.yml
index 7bb4f347..16315b36 100644
--- a/deploy/adapters/ansible/openstack_newton_xenial/roles/nova-compute/tasks/main.yml
+++ b/deploy/adapters/ansible/openstack_newton_xenial/roles/nova-compute/tasks/main.yml
@@ -30,13 +30,6 @@
state=absent
when: ansible_os_family == "Debian"
-- name: update nova-compute conf
- template: src=templates/{{ item }} dest=/etc/nova/{{ item }}
- with_items:
- - nova.conf
- notify:
- - restart nova-compute services
-
- name: get number of cpu support virtualization
shell: egrep -c '(vmx|svm)' /proc/cpuinfo
register: kvm_cpu_num
@@ -44,6 +37,7 @@
- name: update nova-compute conf
template: src={{ item }} dest=/etc/nova/{{ item }}
with_items:
+ - nova.conf
- nova-compute.conf
notify:
- restart nova-compute services
diff --git a/deploy/adapters/ansible/openstack_newton_xenial/roles/nova-compute/templates/nova.conf b/deploy/adapters/ansible/openstack_newton_xenial/roles/nova-compute/templates/nova.conf
index 5f8fb887..8d7e9a5f 100644
--- a/deploy/adapters/ansible/openstack_newton_xenial/roles/nova-compute/templates/nova.conf
+++ b/deploy/adapters/ansible/openstack_newton_xenial/roles/nova-compute/templates/nova.conf
@@ -1,10 +1,10 @@
-{% set memcached_servers = [] %}
-{% for host in haproxy_hosts.values() %}
-{% set _ = memcached_servers.append('%s:11211'% host) %}
-{% endfor %}
-{% set memcached_servers = memcached_servers|join(',') %}
-
[DEFAULT]
+transport_url = rabbit://{{ RABBIT_USER }}:{{ RABBIT_PASS }}@{{ rabbit_host }}
+auth_strategy = keystone
+my_ip = {{ internal_ip }}
+use_neutron = True
+firewall_driver = nova.virt.firewall.NoopFirewallDriver
+
dhcpbridge_flagfile=/etc/nova/nova.conf
dhcpbridge=/usr/bin/nova-dhcpbridge
log-dir=/var/log/nova
@@ -13,25 +13,15 @@ force_dhcp_release=True
verbose={{ VERBOSE }}
ec2_private_dns_show_ip=True
enabled_apis=osapi_compute,metadata
-
-auth_strategy = keystone
-my_ip = {{ internal_ip }}
-use_neutron = True
-firewall_driver = nova.virt.firewall.NoopFirewallDriver
-transport_url = rabbit://openstack:{{ RABBIT_PASS }}@{{ rabbit_host }}
default_floating_pool={{ public_net_info.network }}
metadata_listen={{ internal_ip }}
linuxnet_interface_driver = nova.network.linux_net.LinuxOVSInterfaceDriver
-
iscsi_helper=tgtadm
connection_type=libvirt
root_helper=sudo nova-rootwrap /etc/nova/rootwrap.conf
debug={{ DEBUG }}
volumes_path=/var/lib/nova/volumes
rpc_backend = rabbit
-rabbit_host = {{ rabbit_host }}
-rabbit_userid = {{ RABBIT_USER }}
-rabbit_password = {{ RABBIT_PASS }}
osapi_compute_listen={{ internal_ip }}
network_api_class = nova.network.neutronv2.api.API
security_group_api = neutron
@@ -40,34 +30,26 @@ instance_usage_audit_period = hour
notify_on_state_change = vm_and_task_state
notification_driver = nova.openstack.common.notifier.rpc_notifier
notification_driver = ceilometer.compute.nova_notifier
-memcached_servers = {{ memcached_servers }}
-[database]
-# The SQLAlchemy connection string used to connect to the database
-connection = mysql://nova:{{ NOVA_DBPASS }}@{{ db_host }}/nova
+[api_database]
+connection = mysql://nova:{{ NOVA_DBPASS }}@{{ db_host }}/nova_api
idle_timeout = 30
pool_timeout = 10
use_db_reconnect = True
-[api_database]
-connection = mysql://nova:{{ NOVA_DBPASS }}@{{ db_host }}/nova_api
+[database]
+connection = mysql://nova:{{ NOVA_DBPASS }}@{{ db_host }}/nova
idle_timeout = 30
pool_timeout = 10
use_db_reconnect = True
-[oslo_concurrency]
-lock_path=/var/lib/nova/tmp
-
-[libvirt]
-use_virtio_for_bridges=True
-
-[wsgi]
-api_paste_config=/etc/nova/api-paste.ini
+[glance]
+api_servers = http://{{ internal_vip.ip }}:9292
+host = {{ internal_vip.ip }}
[keystone_authtoken]
auth_uri = http://{{ internal_vip.ip }}:5000
auth_url = http://{{ internal_vip.ip }}:35357
-memcached_servers = {{ memcached_servers }}
auth_type = password
project_domain_name = default
user_domain_name = default
@@ -80,17 +62,8 @@ admin_tenant_name = service
admin_user = nova
admin_password = {{ NOVA_PASS }}
-[vnc]
-enabled = True
-vncserver_listen = {{ internal_ip }}
-vncserver_proxyclient_address = {{ internal_ip }}
-novncproxy_base_url = http://{{ public_vip.ip }}:6080/vnc_auto.html
-novncproxy_host = {{ internal_ip }}
-novncproxy_port = 6080
-
-[glance]
-api_servers = http://{{ internal_vip.ip }}:9292
-host = {{ internal_vip.ip }}
+[libvirt]
+use_virtio_for_bridges=True
[neutron]
url = http://{{ internal_vip.ip }}:9696
@@ -111,3 +84,21 @@ admin_username = neutron
admin_password = {{ NEUTRON_PASS }}
admin_auth_url = http://{{ internal_vip.ip }}:35357/v3
+[oslo_concurrency]
+lock_path=/var/lib/nova/tmp
+
+[oslo_messaging_rabbit]
+rabbit_host = {{ rabbit_host }}
+rabbit_userid = {{ RABBIT_USER }}
+rabbit_password = {{ RABBIT_PASS }}
+
+[vnc]
+enabled = True
+vncserver_listen = {{ internal_ip }}
+vncserver_proxyclient_address = {{ internal_ip }}
+novncproxy_base_url = http://{{ public_vip.ip }}:6080/vnc_auto.html
+novncproxy_host = {{ internal_ip }}
+novncproxy_port = 6080
+
+[wsgi]
+api_paste_config=/etc/nova/api-paste.ini
diff --git a/deploy/adapters/ansible/openstack_osp9/roles/ceph-osd/tasks/install_osd.yml b/deploy/adapters/ansible/openstack_osp9/roles/ceph-osd/tasks/install_osd.yml
index 0e476085..35e84cf8 100755
--- a/deploy/adapters/ansible/openstack_osp9/roles/ceph-osd/tasks/install_osd.yml
+++ b/deploy/adapters/ansible/openstack_osp9/roles/ceph-osd/tasks/install_osd.yml
@@ -11,6 +11,11 @@
- name: create osd lv and mount it on /var/local/osd
script: create_osd.sh
+- name: fetch osd keyring from ceph_adm
+ fetch: src="/var/lib/ceph/bootstrap-osd/ceph.keyring" dest="/tmp/ceph.osd.keyring" flat=yes
+ delegate_to: "{{ public_vip.ip }}"
+ when: compute_expansion
+
- name: copy osd keyring
copy: src="/tmp/ceph.osd.keyring" dest="/var/lib/ceph/bootstrap-osd/ceph.keyring"
diff --git a/deploy/adapters/ansible/roles/ceph-config/tasks/create_config.yml b/deploy/adapters/ansible/roles/ceph-config/tasks/create_config.yml
index 891e23e0..771fb6ab 100755
--- a/deploy/adapters/ansible/roles/ceph-config/tasks/create_config.yml
+++ b/deploy/adapters/ansible/roles/ceph-config/tasks/create_config.yml
@@ -18,6 +18,11 @@
dest: "/tmp/ceph.conf"
when: inventory_hostname in groups['ceph_adm']
+- name: fetch ceph conf from ceph_adm
+ fetch: src="/etc/ceph/ceph.conf" dest="/tmp/ceph.conf" flat=yes
+ delegate_to: "{{ public_vip.ip }}"
+ when: compute_expansion
+
- name: "make directory for ceph config file"
file: path="/etc/ceph" state="directory"
@@ -53,10 +58,20 @@
fetch: src="/tmp/ceph.mon.keyring" dest="/tmp/ceph.mon.keyring" flat=yes
when: inventory_hostname in groups['ceph_adm']
+- name: fetch mon.keyring from ceph_adm
+ fetch: src="/tmp/ceph.mon.keyring" dest="/tmp/ceph.mon.keyring" flat=yes
+ delegate_to: "{{ public_vip.ip }}"
+ when: compute_expansion
+
- name: fetch client.admin.keyring to local
fetch: src="/etc/ceph/ceph.client.admin.keyring" dest="/tmp/ceph.client.admin.keyring" flat=yes
when: inventory_hostname in groups['ceph_adm']
+- name: fetch mon.keyring from ceph_adm
+ fetch: src="/etc/ceph/ceph.client.admin.keyring" dest="/tmp/ceph.client.admin.keyring" flat=yes
+ delegate_to: "{{ public_vip.ip }}"
+ when: compute_expansion
+
- name: copy mon.keyring to remote nodes
copy: src="/tmp/ceph.mon.keyring" dest="/tmp/ceph.mon.keyring"
diff --git a/deploy/adapters/ansible/roles/ceph-openstack/tasks/ceph_openstack_conf.yml b/deploy/adapters/ansible/roles/ceph-openstack/tasks/ceph_openstack_conf.yml
index d7c414ee..0496ba97 100755
--- a/deploy/adapters/ansible/roles/ceph-openstack/tasks/ceph_openstack_conf.yml
+++ b/deploy/adapters/ansible/roles/ceph-openstack/tasks/ceph_openstack_conf.yml
@@ -28,13 +28,13 @@
ignore_errors: True
- name: modify cinder.conf for ceph
- shell: sed -i 's/^\(volume_driver\).*/\1 = cinder.volume.drivers.rbd.RBDDriver/g' /etc/cinder/cinder.conf && sed -i 's/^\(rbd_secret_uuid\).*/\1 = {{ ceph_uuid.stdout_lines[0] }}/g' /etc/cinder/cinder.conf && sed -i '/^\[DEFAULT/a rbd_pool = volumes\nrbd_ceph_conf = /etc/ceph/ceph.conf\nrbd_flatten_volume_from_snapshot = false\nrbd_max_clone_depth = 5\nrbd_store_chunk_size = 4\nrados_connect_timeout = -1\nglance_api_version = 2\nrbd_user = cinder\nrbd_secret_uuid = {{ ceph_uuid.stdout_lines[0] }}' /etc/cinder/cinder.conf && service {{ cinder_service }} restart
+ shell: sed -i 's/^\(volume_driver\).*/\1 = cinder.volume.drivers.rbd.RBDDriver/g' /etc/cinder/cinder.conf && sed -i 's/^\(rbd_secret_uuid\).*/\1 = {{ ceph_uuid }}/g' /etc/cinder/cinder.conf && sed -i '/^\[DEFAULT/a rbd_pool = volumes\nrbd_ceph_conf = /etc/ceph/ceph.conf\nrbd_flatten_volume_from_snapshot = false\nrbd_max_clone_depth = 5\nrbd_store_chunk_size = 4\nrados_connect_timeout = -1\nglance_api_version = 2\nrbd_user = cinder\nrbd_secret_uuid = {{ ceph_uuid }}' /etc/cinder/cinder.conf && service {{ cinder_service }} restart
when: inventory_hostname in groups['compute']
tags:
- ceph_conf_cinder
- name: modify nova.conf for ceph
- shell: sed -i 's/^\(images_type\).*/\1 = rbd/g' /etc/nova/nova-compute.conf && sed -i 's/^\(rbd_secret_uuid\).*/\1 = {{ ceph_uuid.stdout_lines[0] }}/g' /etc/nova/nova-compute.conf && sed -i '/^\[libvirt/a images_rbd_pool = vms\nimages_rbd_ceph_conf = /etc/ceph/ceph.conf\nrbd_user = cinder\nrbd_secret_uuid = {{ ceph_uuid.stdout_lines[0] }}\ndisk_cachemodes=\"network=writeback\"\nlive_migration_flag=\"VIR_MIGRATE_UNDEFINE_SOURCE,VIR_MIGRATE_PEER2PEER,VIR_MIGRATE_LIVE,VIR_MIGRATE_PERSIST_DEST,VIR_MIGRATE_TUNNELLED\"' /etc/nova/nova-compute.conf && service {{ nova_service }} restart
+ shell: sed -i 's/^\(images_type\).*/\1 = rbd/g' /etc/nova/nova-compute.conf && sed -i 's/^\(rbd_secret_uuid\).*/\1 = {{ ceph_uuid }}/g' /etc/nova/nova-compute.conf && sed -i '/^\[libvirt/a images_rbd_pool = vms\nimages_rbd_ceph_conf = /etc/ceph/ceph.conf\nrbd_user = cinder\nrbd_secret_uuid = {{ ceph_uuid }}\ndisk_cachemodes=\"network=writeback\"\nlive_migration_flag=\"VIR_MIGRATE_UNDEFINE_SOURCE,VIR_MIGRATE_PEER2PEER,VIR_MIGRATE_LIVE,VIR_MIGRATE_PERSIST_DEST,VIR_MIGRATE_TUNNELLED\"' /etc/nova/nova-compute.conf && service {{ nova_service }} restart
when: inventory_hostname in groups['compute']
tags:
- ceph_conf_nova
diff --git a/deploy/adapters/ansible/roles/ceph-openstack/tasks/ceph_openstack_pre.yml b/deploy/adapters/ansible/roles/ceph-openstack/tasks/ceph_openstack_pre.yml
index 78b71ec0..ece4154f 100755
--- a/deploy/adapters/ansible/roles/ceph-openstack/tasks/ceph_openstack_pre.yml
+++ b/deploy/adapters/ansible/roles/ceph-openstack/tasks/ceph_openstack_pre.yml
@@ -9,11 +9,39 @@
---
- name: gen ceph uuid
shell: uuidgen
- register: ceph_uuid
+ register: ceph_uuid_out
run_once: true
tags:
- ceph_copy_secret
+- name: set ceph uuid var
+ set_fact:
+ ceph_uuid: "{{ ceph_uuid_out.stdout_lines[0] }}"
+ when: not compute_expansion
+ tags:
+ - ceph_copy_secret
+
+- name: save ceph uuid for expansion
+ copy: content="{{ ceph_uuid }}" dest=/etc/ceph/ceph.uuid.libvirt
+ when: not compute_expansion and inventory_hostname in groups['controller']
+ tags:
+ - ceph_copy_secret
+
+- name: fetch ceph uuid from controller node for expansion
+ shell: cat /etc/ceph/ceph.uuid.libvirt
+ register: ceph_uuid_out
+ delegate_to: "{{ public_vip.ip }}"
+ when: compute_expansion and inventory_hostname in groups['compute']
+ tags:
+ - ceph_copy_secret
+
+- name: set ceph uuid var for expansion
+ set_fact:
+ ceph_uuid: "{{ ceph_uuid_out.stdout_lines[0] }}"
+ when: compute_expansion and inventory_hostname in groups['compute']
+ tags:
+ - ceph_copy_secret
+
- name: gen template secret.xml
local_action:
module: "template"
@@ -68,7 +96,7 @@
- name: create key for libvirt on compute nodes
- shell: "virsh secret-define --file ~/secret.xml && virsh secret-set-value --secret {{ ceph_uuid.stdout_lines[0] }} --base64 $(cat client.cinder.key)"
+ shell: "virsh secret-define --file ~/secret.xml && virsh secret-set-value --secret {{ ceph_uuid }} --base64 $(cat client.cinder.key)"
when: inventory_hostname in groups['compute']
tags:
- ceph_copy_secret
diff --git a/deploy/adapters/ansible/roles/ceph-openstack/templates/secret.j2 b/deploy/adapters/ansible/roles/ceph-openstack/templates/secret.j2
index a0ffc6e3..0195e099 100644
--- a/deploy/adapters/ansible/roles/ceph-openstack/templates/secret.j2
+++ b/deploy/adapters/ansible/roles/ceph-openstack/templates/secret.j2
@@ -1,5 +1,5 @@
<secret ephemeral='no' private='no'>
- <uuid>{{ ceph_uuid.stdout_lines[0] }}</uuid>
+ <uuid>{{ ceph_uuid }}</uuid>
<usage type='ceph'>
<name>client.cinder secret</name>
</usage>
diff --git a/deploy/adapters/ansible/roles/ceph-osd/tasks/install_osd.yml b/deploy/adapters/ansible/roles/ceph-osd/tasks/install_osd.yml
index e7e4a242..ff99d68a 100644
--- a/deploy/adapters/ansible/roles/ceph-osd/tasks/install_osd.yml
+++ b/deploy/adapters/ansible/roles/ceph-osd/tasks/install_osd.yml
@@ -11,6 +11,11 @@
- name: create osd lv and mount it on /var/local/osd
script: create_osd.sh
+- name: fetch osd keyring from ceph_adm
+ fetch: src="/var/lib/ceph/bootstrap-osd/ceph.keyring" dest="/tmp/ceph.osd.keyring" flat=yes
+ delegate_to: "{{ public_vip.ip }}"
+ when: compute_expansion
+
- name: copy osd keyring
copy: src="/tmp/ceph.osd.keyring" dest="/var/lib/ceph/bootstrap-osd/ceph.keyring"
diff --git a/deploy/adapters/ansible/roles/common/tasks/main.yml b/deploy/adapters/ansible/roles/common/tasks/main.yml
index 8da5603c..1fa0de84 100644
--- a/deploy/adapters/ansible/roles/common/tasks/main.yml
+++ b/deploy/adapters/ansible/roles/common/tasks/main.yml
@@ -46,15 +46,15 @@
- name: make config template dir exist
file: path=/opt/os_templates state=directory mode=0755
-- name: upgrade pip
- pip: name=pip state=latest
-
- name: create pip config directory
file: path=~/.pip state=directory
- name: update pip.conf
template: src=pip.conf dest=~/.pip/{{ pip_conf }}
+- name: upgrade pip
+ pip: name=pip state=latest
+
- name: install pip packages
pip: name={{ item }} state=present extra_args='--pre'
with_items: pip_packages