summaryrefslogtreecommitdiffstats
path: root/deploy/adapters/ansible
diff options
context:
space:
mode:
Diffstat (limited to 'deploy/adapters/ansible')
-rw-r--r--deploy/adapters/ansible/openstack/HA-ansible-multinodes.yml6
-rw-r--r--deploy/adapters/ansible/roles/ceph-deploy/files/create_osd.sh25
-rw-r--r--deploy/adapters/ansible/roles/ceph-deploy/tasks/ceph_install_Debian.yml5
-rw-r--r--deploy/adapters/ansible/roles/ceph-deploy/tasks/ceph_install_RedHat.yml9
-rw-r--r--deploy/adapters/ansible/roles/cinder-controller/tasks/cinder_config.yml3
-rw-r--r--deploy/adapters/ansible/roles/cinder-volume/files/create_img.sh2
-rw-r--r--deploy/adapters/ansible/roles/cinder-volume/files/get_var_size.sh2
-rw-r--r--deploy/adapters/ansible/roles/database/vars/RedHat.yml1
-rw-r--r--deploy/adapters/ansible/roles/glance/tasks/glance_config.yml4
-rw-r--r--deploy/adapters/ansible/roles/glance/tasks/glance_install.yml2
-rw-r--r--deploy/adapters/ansible/roles/glance/tasks/nfs.yml6
-rw-r--r--deploy/adapters/ansible/roles/glance/vars/Debian.yml1
-rw-r--r--deploy/adapters/ansible/roles/glance/vars/RedHat.yml4
-rw-r--r--deploy/adapters/ansible/roles/keystone/tasks/keystone_config.yml3
-rw-r--r--deploy/adapters/ansible/roles/neutron-compute/vars/RedHat.yml1
-rwxr-xr-xdeploy/adapters/ansible/roles/odl_cluster/tasks/openvswitch.yml6
-rw-r--r--deploy/adapters/ansible/roles/secgroup/handlers/main.yml10
-rw-r--r--deploy/adapters/ansible/roles/secgroup/tasks/main.yml10
-rw-r--r--deploy/adapters/ansible/roles/secgroup/tasks/secgroup.yml27
-rw-r--r--deploy/adapters/ansible/roles/secgroup/templates/neutron.j24
-rw-r--r--deploy/adapters/ansible/roles/secgroup/templates/nova.j23
-rw-r--r--deploy/adapters/ansible/roles/secgroup/vars/Debian.yml27
-rw-r--r--deploy/adapters/ansible/roles/secgroup/vars/RedHat.yml27
-rw-r--r--deploy/adapters/ansible/roles/secgroup/vars/main.yml3
24 files changed, 159 insertions, 32 deletions
diff --git a/deploy/adapters/ansible/openstack/HA-ansible-multinodes.yml b/deploy/adapters/ansible/openstack/HA-ansible-multinodes.yml
index ac2f2a8d..d3cec000 100644
--- a/deploy/adapters/ansible/openstack/HA-ansible-multinodes.yml
+++ b/deploy/adapters/ansible/openstack/HA-ansible-multinodes.yml
@@ -67,3 +67,9 @@
sudo: True
roles:
- monitor
+
+- hosts: all
+ remote_user: root
+ sudo: True
+ roles:
+ - secgroup
diff --git a/deploy/adapters/ansible/roles/ceph-deploy/files/create_osd.sh b/deploy/adapters/ansible/roles/ceph-deploy/files/create_osd.sh
index 02860bde..d0c631fb 100644
--- a/deploy/adapters/ansible/roles/ceph-deploy/files/create_osd.sh
+++ b/deploy/adapters/ansible/roles/ceph-deploy/files/create_osd.sh
@@ -5,17 +5,6 @@ umount /var/local/osd
rm -r /var/local/osd
fi
-if [ ! -d "/ceph/images" ]; then
-mkdir -p /ceph/images
-fi
-
-rm -f /ceph/images/ceph-volumes.img
-
-if [ ! -f "/ceph/images/ceph-volumes.img" ]; then
-echo "create ceph-volumes.img"
-dd if=/dev/zero of=/ceph/images/ceph-volumes.img bs=1K seek=$(df / | awk '$3 ~ /[0-9]+/ { print $4 }') count=0 oflag=direct
-sgdisk -g --clear /ceph/images/ceph-volumes.img
-fi
#safe check
ps -ef |grep lvremove |awk '{print $2}' |xargs kill -9
@@ -23,24 +12,20 @@ ps -ef |grep vgremove |awk '{print $2}' |xargs kill -9
ps -ef |grep vgcreate |awk '{print $2}' |xargs kill -9
ps -ef |grep lvcreate |awk '{print $2}' |xargs kill -9
-if [ -L "/dev/ceph-volumes/ceph0" ]; then
+if [ -L "/dev/cinder-volumes/ceph0" ]; then
echo "remove lv vg"
-lvremove -f /dev/ceph-volumes/ceph0
-vgremove -f ceph-volumes
-rm -r /dev/ceph-volumes
+lvremove -f /dev/cinder-volumes/ceph0
fi
-echo "vgcreate"
-vgcreate -y ceph-volumes $(losetup --show -f /ceph/images/ceph-volumes.img)
echo "lvcreate"
-lvcreate -l 100%FREE -nceph0 ceph-volumes
+lvcreate -l 100%FREE -nceph0 cinder-volumes
echo "mkfs"
-mkfs.xfs -f /dev/ceph-volumes/ceph0
+mkfs.xfs -f /dev/cinder-volumes/ceph0
if [ ! -d "/var/local/osd" ]; then
echo "mount osd"
mkdir -p /var/local/osd
-mount /dev/ceph-volumes/ceph0 /var/local/osd
+mount /dev/cinder-volumes/ceph0 /var/local/osd
fi
diff --git a/deploy/adapters/ansible/roles/ceph-deploy/tasks/ceph_install_Debian.yml b/deploy/adapters/ansible/roles/ceph-deploy/tasks/ceph_install_Debian.yml
index 3959d466..744120b8 100644
--- a/deploy/adapters/ansible/roles/ceph-deploy/tasks/ceph_install_Debian.yml
+++ b/deploy/adapters/ansible/roles/ceph-deploy/tasks/ceph_install_Debian.yml
@@ -4,6 +4,9 @@
tags:
- create_ceph_cluster
+- name: default config for ceph
+ shell: cd {{ ceph_cluster_dir[0] }} && echo "osd_journal_size = 1024" >> ceph.conf && echo "osd_pool_default_size = 2" >> ceph.conf
+
- name: install ceph for every nodes includes jumpserver
shell: cd {{ ceph_cluster_dir[0] }} && ceph-deploy install {{ ceph_cluster_hosts.stdout_lines[0]}}
@@ -11,7 +14,7 @@
shell: cd {{ ceph_cluster_dir[0] }} && ceph-deploy --overwrite-conf mon create-initial
- name: gather keys
- shell: cd {{ ceph_cluster_dir[0] }} && ceph-deploy gatherkeys {{ ceph_cluster_hosts.stdout_lines[0] }}
+ shell: sleep 5 && cd {{ ceph_cluster_dir[0] }} && ceph-deploy gatherkeys {{ inventory_hostname }}
ignore_errors: True
- name: copy create_osd.sh to host1
diff --git a/deploy/adapters/ansible/roles/ceph-deploy/tasks/ceph_install_RedHat.yml b/deploy/adapters/ansible/roles/ceph-deploy/tasks/ceph_install_RedHat.yml
index 97d925d6..385c7571 100644
--- a/deploy/adapters/ansible/roles/ceph-deploy/tasks/ceph_install_RedHat.yml
+++ b/deploy/adapters/ansible/roles/ceph-deploy/tasks/ceph_install_RedHat.yml
@@ -4,6 +4,9 @@
tags:
- create_ceph_cluster
+- name: default config for ceph
+ shell: cd {{ ceph_cluster_dir[0] }} && echo "osd_journal_size = 1024" >> ceph.conf && echo "osd_pool_default_size = 2" >> ceph.conf
+
- name: install ceph for every nodes includes jumpserver
shell: cd {{ ceph_cluster_dir[0] }} && ceph-deploy install --no-adjust-repos --repo-url http://10.1.0.12/cblr/repo_mirror/centos7-juno-ppa --gpg-url http://10.1.0.12/cblr/repo_mirror/centos7-juno-ppa/ceph_key_release.asc {{ ceph_cluster_hosts.stdout_lines[0]}}
@@ -11,7 +14,7 @@
shell: cd {{ ceph_cluster_dir[0] }} && ceph-deploy --overwrite-conf mon create-initial
- name: gather keys
- shell: cd {{ ceph_cluster_dir[0] }} && ceph-deploy gatherkeys {{ ceph_cluster_hosts.stdout_lines[0] }}
+ shell: sleep 5 && cd {{ ceph_cluster_dir[0] }} && ceph-deploy gatherkeys {{ inventory_hostname }}
ignore_errors: True
- name: copy create_osd.sh to host1
@@ -34,7 +37,7 @@
- create_osd
- name: prepare create osd
- shell: cd {{ ceph_cluster_dir[0] }} && ceph-deploy --repo-url http://10.1.0.12/cblr/repo_mirror/centos7-juno-ppa --gpg-url http://10.1.0.12/cblr/repo_mirror/centos7-juno-ppa/ceph_key_release.asc osd prepare {{ item }}:/var/local/osd
+ shell: cd {{ ceph_cluster_dir[0] }} && ceph-deploy osd prepare {{ item }}:/var/local/osd
with_items:
- "{{ groups['compute'] }}"
tags:
@@ -42,7 +45,7 @@
- name: activate osd
- shell: cd {{ ceph_cluster_dir[0] }} && ceph-deploy --repo-url http://10.1.0.12/cblr/repo_mirror/centos7-juno-ppa --gpg-url http://10.1.0.12/cblr/repo_mirror/centos7-juno-ppa/ceph_key_release.asc osd activate {{ item }}:/var/local/osd
+ shell: cd {{ ceph_cluster_dir[0] }} && ceph-deploy osd activate {{ item }}:/var/local/osd
with_items:
- "{{ groups['compute'] }}"
tags:
diff --git a/deploy/adapters/ansible/roles/cinder-controller/tasks/cinder_config.yml b/deploy/adapters/ansible/roles/cinder-controller/tasks/cinder_config.yml
index 69850846..85556a5a 100644
--- a/deploy/adapters/ansible/roles/cinder-controller/tasks/cinder_config.yml
+++ b/deploy/adapters/ansible/roles/cinder-controller/tasks/cinder_config.yml
@@ -3,6 +3,7 @@
template: src=cinder.conf dest=/etc/cinder/cinder.conf
- name: sync cinder db
- cinder_manage: action=dbsync
+ #cinder_manage: action=dbsync
+ shell: cinder-manage db sync
notify:
- restart cinder control serveice
diff --git a/deploy/adapters/ansible/roles/cinder-volume/files/create_img.sh b/deploy/adapters/ansible/roles/cinder-volume/files/create_img.sh
index b69db0ed..2e734188 100644
--- a/deploy/adapters/ansible/roles/cinder-volume/files/create_img.sh
+++ b/deploy/adapters/ansible/roles/cinder-volume/files/create_img.sh
@@ -1,3 +1,3 @@
if [[ ! -f /var/cinder.img ]]; then
- dd if=/dev/zero of=/var/cinder.img bs=1 count=1 seek=$1
+ dd if=/dev/zero of=/var/cinder.img bs=1 count=0 seek=$1
fi
diff --git a/deploy/adapters/ansible/roles/cinder-volume/files/get_var_size.sh b/deploy/adapters/ansible/roles/cinder-volume/files/get_var_size.sh
index 9670da12..55041c6e 100644
--- a/deploy/adapters/ansible/roles/cinder-volume/files/get_var_size.sh
+++ b/deploy/adapters/ansible/roles/cinder-volume/files/get_var_size.sh
@@ -2,5 +2,5 @@ size=`df /var | awk '$3 ~ /[0-9]+/ { print $4 }'`;
if [[ $size -gt 2000000000 ]]; then
echo -n 2000000000000;
else
- echo -n $((size * 1000));
+ echo -n $((size * 1000 / 512 * 512));
fi
diff --git a/deploy/adapters/ansible/roles/database/vars/RedHat.yml b/deploy/adapters/ansible/roles/database/vars/RedHat.yml
index 7213d7fa..a4171559 100644
--- a/deploy/adapters/ansible/roles/database/vars/RedHat.yml
+++ b/deploy/adapters/ansible/roles/database/vars/RedHat.yml
@@ -7,6 +7,7 @@ maridb_packages:
- MariaDB-Galera-server
- MariaDB-client
- galera
+ - MySQL-python
services: []
diff --git a/deploy/adapters/ansible/roles/glance/tasks/glance_config.yml b/deploy/adapters/ansible/roles/glance/tasks/glance_config.yml
index 548c2309..4cd71ffc 100644
--- a/deploy/adapters/ansible/roles/glance/tasks/glance_config.yml
+++ b/deploy/adapters/ansible/roles/glance/tasks/glance_config.yml
@@ -1,6 +1,8 @@
---
- name: sync glance db
- glance_manage: action=dbsync
+ #glance_manage: action=dbsync
+ shell: glance-manage db sync
+ ignore_errors: True
notify:
- restart glance services
diff --git a/deploy/adapters/ansible/roles/glance/tasks/glance_install.yml b/deploy/adapters/ansible/roles/glance/tasks/glance_install.yml
index 6d2b7053..1a34c6f5 100644
--- a/deploy/adapters/ansible/roles/glance/tasks/glance_install.yml
+++ b/deploy/adapters/ansible/roles/glance/tasks/glance_install.yml
@@ -13,8 +13,6 @@
with_items:
- glance-api.conf
- glance-registry.conf
- notify:
- - restart glance services
- name: remove default sqlite db
shell: rm /var/lib/glance/glance.sqlite || touch glance.sqllite.db.removed
diff --git a/deploy/adapters/ansible/roles/glance/tasks/nfs.yml b/deploy/adapters/ansible/roles/glance/tasks/nfs.yml
index dc1be977..ff96c64a 100644
--- a/deploy/adapters/ansible/roles/glance/tasks/nfs.yml
+++ b/deploy/adapters/ansible/roles/glance/tasks/nfs.yml
@@ -17,7 +17,7 @@
line="/opt/images *(rw,insecure,sync,all_squash)"
run_once: True
-- name: restart nfs service
+- name: restart compass nfs service
local_action: service name={{ item }} state=restarted enabled=yes
with_items:
- rpcbind
@@ -32,6 +32,10 @@
shell: awk -F'=' '/compass_server/ {print $2}' /etc/compass.conf
register: ip_info
+- name: restart host nfs service
+ service: name={{ item }} state=restarted enabled=yes
+ with_items: '{{ nfs_services }}'
+
- name: mount image directory
shell: |
mount -t nfs -onfsvers=3 {{ ip_info.stdout_lines[0] }}:/opt/images /var/lib/glance/images
diff --git a/deploy/adapters/ansible/roles/glance/vars/Debian.yml b/deploy/adapters/ansible/roles/glance/vars/Debian.yml
index b295ff28..974ada23 100644
--- a/deploy/adapters/ansible/roles/glance/vars/Debian.yml
+++ b/deploy/adapters/ansible/roles/glance/vars/Debian.yml
@@ -6,6 +6,7 @@ packages:
nfs_packages:
- nfs-common
+nfs_services: []
services:
- glance-registry
- glance-api
diff --git a/deploy/adapters/ansible/roles/glance/vars/RedHat.yml b/deploy/adapters/ansible/roles/glance/vars/RedHat.yml
index e26b7034..bd80d21d 100644
--- a/deploy/adapters/ansible/roles/glance/vars/RedHat.yml
+++ b/deploy/adapters/ansible/roles/glance/vars/RedHat.yml
@@ -6,6 +6,10 @@ nfs_packages:
- nfs-utils
- rpcbind
+nfs_services:
+ - rpcbind
+ - rpc-statd
+
services:
- openstack-glance-api
- openstack-glance-registry
diff --git a/deploy/adapters/ansible/roles/keystone/tasks/keystone_config.yml b/deploy/adapters/ansible/roles/keystone/tasks/keystone_config.yml
index f69a83cb..6c39da8d 100644
--- a/deploy/adapters/ansible/roles/keystone/tasks/keystone_config.yml
+++ b/deploy/adapters/ansible/roles/keystone/tasks/keystone_config.yml
@@ -1,6 +1,7 @@
---
- name: keystone-manage db-sync
- keystone_manage: action=dbsync
+ #keystone_manage: action=dbsync
+ shell: keystone-manage db_sync
- name: wait for keystone ready
wait_for: port=35357 delay=3 timeout=10 host={{ internal_vip.ip }}
diff --git a/deploy/adapters/ansible/roles/neutron-compute/vars/RedHat.yml b/deploy/adapters/ansible/roles/neutron-compute/vars/RedHat.yml
index cf882150..386c4e53 100644
--- a/deploy/adapters/ansible/roles/neutron-compute/vars/RedHat.yml
+++ b/deploy/adapters/ansible/roles/neutron-compute/vars/RedHat.yml
@@ -1,5 +1,6 @@
---
packages:
+ - openstack-neutron
- openstack-neutron-ml2
- openstack-neutron-openvswitch
diff --git a/deploy/adapters/ansible/roles/odl_cluster/tasks/openvswitch.yml b/deploy/adapters/ansible/roles/odl_cluster/tasks/openvswitch.yml
index f301cba2..e52b18ff 100755
--- a/deploy/adapters/ansible/roles/odl_cluster/tasks/openvswitch.yml
+++ b/deploy/adapters/ansible/roles/odl_cluster/tasks/openvswitch.yml
@@ -17,6 +17,12 @@
- name: shut down and disable Neutron's openvswitch agent services
service: name=neutron-plugin-openvswitch-agent state=stopped
+- name: Stop the Open vSwitch service and clear existing OVSDB
+ shell: >
+ ovs-vsctl del-br br-int ;
+ ovs-vsctl del-br br-tun ;
+ ovs-vsctl del-manager ;
+
#- name: remove Neutron's openvswitch agent services
# shell: >
# update-rc.d neutron-plugin-openvswitch-agent remove
diff --git a/deploy/adapters/ansible/roles/secgroup/handlers/main.yml b/deploy/adapters/ansible/roles/secgroup/handlers/main.yml
new file mode 100644
index 00000000..551258d2
--- /dev/null
+++ b/deploy/adapters/ansible/roles/secgroup/handlers/main.yml
@@ -0,0 +1,10 @@
+---
+- name: restart controller relation service
+ service: name={{ item }} state=restarted enabled=yes
+ ignore_errors: True
+ with_items: controller_services
+
+- name: restart compute relation service
+ service: name={{ item }} state=restarted enabled=yes
+ ignore_errors: True
+ with_items: compute_services
diff --git a/deploy/adapters/ansible/roles/secgroup/tasks/main.yml b/deploy/adapters/ansible/roles/secgroup/tasks/main.yml
new file mode 100644
index 00000000..c26af4b0
--- /dev/null
+++ b/deploy/adapters/ansible/roles/secgroup/tasks/main.yml
@@ -0,0 +1,10 @@
+---
+- include_vars: "{{ ansible_os_family }}.yml"
+ tags: secgroup
+
+- debug: msg={{ enable_secgroup }}
+ tags: secgroup
+
+- include: secgroup.yml
+ when: '{{ enable_secgroup }} == False'
+ tags: secgroup
diff --git a/deploy/adapters/ansible/roles/secgroup/tasks/secgroup.yml b/deploy/adapters/ansible/roles/secgroup/tasks/secgroup.yml
new file mode 100644
index 00000000..f2a6c0ab
--- /dev/null
+++ b/deploy/adapters/ansible/roles/secgroup/tasks/secgroup.yml
@@ -0,0 +1,27 @@
+---
+- name: make sure template dir exits
+ file: path=/opt/os_templates state=directory mode=0755
+ tags: secgroup
+
+- name: copy configs
+ template: src={{ item.src}} dest=/opt/os_templates
+ with_items: "{{ configs_templates }}"
+ tags: secgroup
+
+- name: update controller configs
+ shell: '[ -f {{ item.1 }} ] && crudini --merge {{ item.1 }} < /opt/os_templates/{{ item.0.src }} || /bin/true'
+ tags: secgroup
+ with_subelements:
+ - configs_templates
+ - dest
+ notify: restart controller relation service
+ when: inventory_hostname in "{{ groups['controller'] }}"
+
+- name: update compute configs
+ shell: '[ -f {{ item.1 }} ] && crudini --merge {{ item.1 }} < /opt/os_templates/{{ item.0.src }} || /bin/true'
+ tags: secgroup
+ with_subelements:
+ - configs_templates
+ - dest
+ notify: restart compute relation service
+ when: inventory_hostname in "{{ groups['compute'] }}"
diff --git a/deploy/adapters/ansible/roles/secgroup/templates/neutron.j2 b/deploy/adapters/ansible/roles/secgroup/templates/neutron.j2
new file mode 100644
index 00000000..7b39e18c
--- /dev/null
+++ b/deploy/adapters/ansible/roles/secgroup/templates/neutron.j2
@@ -0,0 +1,4 @@
+[securitygroup]
+firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
+enable_security_group = False
+
diff --git a/deploy/adapters/ansible/roles/secgroup/templates/nova.j2 b/deploy/adapters/ansible/roles/secgroup/templates/nova.j2
new file mode 100644
index 00000000..91fa6cd2
--- /dev/null
+++ b/deploy/adapters/ansible/roles/secgroup/templates/nova.j2
@@ -0,0 +1,3 @@
+[DEFAULT]
+firewall_driver = nova.virt.firewall.NoopFirewallDriver
+security_group_api = nova
diff --git a/deploy/adapters/ansible/roles/secgroup/vars/Debian.yml b/deploy/adapters/ansible/roles/secgroup/vars/Debian.yml
new file mode 100644
index 00000000..85025bf5
--- /dev/null
+++ b/deploy/adapters/ansible/roles/secgroup/vars/Debian.yml
@@ -0,0 +1,27 @@
+---
+configs_templates:
+ - src: nova.j2
+ dest:
+ - /etc/nova/nova.conf
+ - src: neutron.j2
+ dest:
+ - /etc/neutron/plugins/ml2/ml2_conf.ini
+ - /etc/neutron/plugins/openvswitch/ovs_neutron_plugin.ini
+ - /etc/neutron/plugins/ml2/restproxy.ini
+
+controller_services:
+ - nova-api
+ - nova-cert
+ - nova-conductor
+ - nova-consoleauth
+ - nova-novncproxy
+ - nova-scheduler
+ - neutron-server
+ - neutron-plugin-openvswitch-agent
+ - neutron-l3-agent
+ - neutron-dhcp-agent
+ - neutron-metadata-agent
+
+compute_services:
+ - nova-compute
+ - neutron-plugin-openvswitch-agent
diff --git a/deploy/adapters/ansible/roles/secgroup/vars/RedHat.yml b/deploy/adapters/ansible/roles/secgroup/vars/RedHat.yml
new file mode 100644
index 00000000..533bbe9d
--- /dev/null
+++ b/deploy/adapters/ansible/roles/secgroup/vars/RedHat.yml
@@ -0,0 +1,27 @@
+---
+configs_templates:
+ - src: nova.j2
+ dest:
+ - /etc/nova/nova.conf
+ - src: neutron.j2
+ dest:
+ - /etc/neutron/plugins/ml2/ml2_conf.ini
+ - /etc/neutron/plugins/openvswitch/ovs_neutron_plugin.ini
+ - /etc/neutron/plugins/ml2/restproxy.ini
+
+controller_services:
+ - openstack-nova-api
+ - openstack-nova-cert
+ - openstack-nova-conductor
+ - openstack-nova-consoleauth
+ - openstack-nova-novncproxy
+ - openstack-nova-scheduler
+ - neutron-openvswitch-agent
+ - neutron-l3-agent
+ - neutron-dhcp-agent
+ - neutron-metadata-agent
+ - neutron-server
+
+compute_services:
+ - openstack-nova-compute
+ - neutron-openvswitch-agent
diff --git a/deploy/adapters/ansible/roles/secgroup/vars/main.yml b/deploy/adapters/ansible/roles/secgroup/vars/main.yml
new file mode 100644
index 00000000..bb87da65
--- /dev/null
+++ b/deploy/adapters/ansible/roles/secgroup/vars/main.yml
@@ -0,0 +1,3 @@
+---
+packages_noarch: []
+metering_secret: 1c5df72079b31fb47747