diff options
Diffstat (limited to 'deploy/adapters/ansible')
24 files changed, 159 insertions, 32 deletions
diff --git a/deploy/adapters/ansible/openstack/HA-ansible-multinodes.yml b/deploy/adapters/ansible/openstack/HA-ansible-multinodes.yml index ac2f2a8d..d3cec000 100644 --- a/deploy/adapters/ansible/openstack/HA-ansible-multinodes.yml +++ b/deploy/adapters/ansible/openstack/HA-ansible-multinodes.yml @@ -67,3 +67,9 @@ sudo: True roles: - monitor + +- hosts: all + remote_user: root + sudo: True + roles: + - secgroup diff --git a/deploy/adapters/ansible/roles/ceph-deploy/files/create_osd.sh b/deploy/adapters/ansible/roles/ceph-deploy/files/create_osd.sh index 02860bde..d0c631fb 100644 --- a/deploy/adapters/ansible/roles/ceph-deploy/files/create_osd.sh +++ b/deploy/adapters/ansible/roles/ceph-deploy/files/create_osd.sh @@ -5,17 +5,6 @@ umount /var/local/osd rm -r /var/local/osd fi -if [ ! -d "/ceph/images" ]; then -mkdir -p /ceph/images -fi - -rm -f /ceph/images/ceph-volumes.img - -if [ ! -f "/ceph/images/ceph-volumes.img" ]; then -echo "create ceph-volumes.img" -dd if=/dev/zero of=/ceph/images/ceph-volumes.img bs=1K seek=$(df / | awk '$3 ~ /[0-9]+/ { print $4 }') count=0 oflag=direct -sgdisk -g --clear /ceph/images/ceph-volumes.img -fi #safe check ps -ef |grep lvremove |awk '{print $2}' |xargs kill -9 @@ -23,24 +12,20 @@ ps -ef |grep vgremove |awk '{print $2}' |xargs kill -9 ps -ef |grep vgcreate |awk '{print $2}' |xargs kill -9 ps -ef |grep lvcreate |awk '{print $2}' |xargs kill -9 -if [ -L "/dev/ceph-volumes/ceph0" ]; then +if [ -L "/dev/cinder-volumes/ceph0" ]; then echo "remove lv vg" -lvremove -f /dev/ceph-volumes/ceph0 -vgremove -f ceph-volumes -rm -r /dev/ceph-volumes +lvremove -f /dev/cinder-volumes/ceph0 fi -echo "vgcreate" -vgcreate -y ceph-volumes $(losetup --show -f /ceph/images/ceph-volumes.img) echo "lvcreate" -lvcreate -l 100%FREE -nceph0 ceph-volumes +lvcreate -l 100%FREE -nceph0 cinder-volumes echo "mkfs" -mkfs.xfs -f /dev/ceph-volumes/ceph0 +mkfs.xfs -f /dev/cinder-volumes/ceph0 if [ ! -d "/var/local/osd" ]; then echo "mount osd" mkdir -p /var/local/osd -mount /dev/ceph-volumes/ceph0 /var/local/osd +mount /dev/cinder-volumes/ceph0 /var/local/osd fi diff --git a/deploy/adapters/ansible/roles/ceph-deploy/tasks/ceph_install_Debian.yml b/deploy/adapters/ansible/roles/ceph-deploy/tasks/ceph_install_Debian.yml index 3959d466..744120b8 100644 --- a/deploy/adapters/ansible/roles/ceph-deploy/tasks/ceph_install_Debian.yml +++ b/deploy/adapters/ansible/roles/ceph-deploy/tasks/ceph_install_Debian.yml @@ -4,6 +4,9 @@ tags: - create_ceph_cluster +- name: default config for ceph + shell: cd {{ ceph_cluster_dir[0] }} && echo "osd_journal_size = 1024" >> ceph.conf && echo "osd_pool_default_size = 2" >> ceph.conf + - name: install ceph for every nodes includes jumpserver shell: cd {{ ceph_cluster_dir[0] }} && ceph-deploy install {{ ceph_cluster_hosts.stdout_lines[0]}} @@ -11,7 +14,7 @@ shell: cd {{ ceph_cluster_dir[0] }} && ceph-deploy --overwrite-conf mon create-initial - name: gather keys - shell: cd {{ ceph_cluster_dir[0] }} && ceph-deploy gatherkeys {{ ceph_cluster_hosts.stdout_lines[0] }} + shell: sleep 5 && cd {{ ceph_cluster_dir[0] }} && ceph-deploy gatherkeys {{ inventory_hostname }} ignore_errors: True - name: copy create_osd.sh to host1 diff --git a/deploy/adapters/ansible/roles/ceph-deploy/tasks/ceph_install_RedHat.yml b/deploy/adapters/ansible/roles/ceph-deploy/tasks/ceph_install_RedHat.yml index 97d925d6..385c7571 100644 --- a/deploy/adapters/ansible/roles/ceph-deploy/tasks/ceph_install_RedHat.yml +++ b/deploy/adapters/ansible/roles/ceph-deploy/tasks/ceph_install_RedHat.yml @@ -4,6 +4,9 @@ tags: - create_ceph_cluster +- name: default config for ceph + shell: cd {{ ceph_cluster_dir[0] }} && echo "osd_journal_size = 1024" >> ceph.conf && echo "osd_pool_default_size = 2" >> ceph.conf + - name: install ceph for every nodes includes jumpserver shell: cd {{ ceph_cluster_dir[0] }} && ceph-deploy install --no-adjust-repos --repo-url http://10.1.0.12/cblr/repo_mirror/centos7-juno-ppa --gpg-url http://10.1.0.12/cblr/repo_mirror/centos7-juno-ppa/ceph_key_release.asc {{ ceph_cluster_hosts.stdout_lines[0]}} @@ -11,7 +14,7 @@ shell: cd {{ ceph_cluster_dir[0] }} && ceph-deploy --overwrite-conf mon create-initial - name: gather keys - shell: cd {{ ceph_cluster_dir[0] }} && ceph-deploy gatherkeys {{ ceph_cluster_hosts.stdout_lines[0] }} + shell: sleep 5 && cd {{ ceph_cluster_dir[0] }} && ceph-deploy gatherkeys {{ inventory_hostname }} ignore_errors: True - name: copy create_osd.sh to host1 @@ -34,7 +37,7 @@ - create_osd - name: prepare create osd - shell: cd {{ ceph_cluster_dir[0] }} && ceph-deploy --repo-url http://10.1.0.12/cblr/repo_mirror/centos7-juno-ppa --gpg-url http://10.1.0.12/cblr/repo_mirror/centos7-juno-ppa/ceph_key_release.asc osd prepare {{ item }}:/var/local/osd + shell: cd {{ ceph_cluster_dir[0] }} && ceph-deploy osd prepare {{ item }}:/var/local/osd with_items: - "{{ groups['compute'] }}" tags: @@ -42,7 +45,7 @@ - name: activate osd - shell: cd {{ ceph_cluster_dir[0] }} && ceph-deploy --repo-url http://10.1.0.12/cblr/repo_mirror/centos7-juno-ppa --gpg-url http://10.1.0.12/cblr/repo_mirror/centos7-juno-ppa/ceph_key_release.asc osd activate {{ item }}:/var/local/osd + shell: cd {{ ceph_cluster_dir[0] }} && ceph-deploy osd activate {{ item }}:/var/local/osd with_items: - "{{ groups['compute'] }}" tags: diff --git a/deploy/adapters/ansible/roles/cinder-controller/tasks/cinder_config.yml b/deploy/adapters/ansible/roles/cinder-controller/tasks/cinder_config.yml index 69850846..85556a5a 100644 --- a/deploy/adapters/ansible/roles/cinder-controller/tasks/cinder_config.yml +++ b/deploy/adapters/ansible/roles/cinder-controller/tasks/cinder_config.yml @@ -3,6 +3,7 @@ template: src=cinder.conf dest=/etc/cinder/cinder.conf - name: sync cinder db - cinder_manage: action=dbsync + #cinder_manage: action=dbsync + shell: cinder-manage db sync notify: - restart cinder control serveice diff --git a/deploy/adapters/ansible/roles/cinder-volume/files/create_img.sh b/deploy/adapters/ansible/roles/cinder-volume/files/create_img.sh index b69db0ed..2e734188 100644 --- a/deploy/adapters/ansible/roles/cinder-volume/files/create_img.sh +++ b/deploy/adapters/ansible/roles/cinder-volume/files/create_img.sh @@ -1,3 +1,3 @@ if [[ ! -f /var/cinder.img ]]; then - dd if=/dev/zero of=/var/cinder.img bs=1 count=1 seek=$1 + dd if=/dev/zero of=/var/cinder.img bs=1 count=0 seek=$1 fi diff --git a/deploy/adapters/ansible/roles/cinder-volume/files/get_var_size.sh b/deploy/adapters/ansible/roles/cinder-volume/files/get_var_size.sh index 9670da12..55041c6e 100644 --- a/deploy/adapters/ansible/roles/cinder-volume/files/get_var_size.sh +++ b/deploy/adapters/ansible/roles/cinder-volume/files/get_var_size.sh @@ -2,5 +2,5 @@ size=`df /var | awk '$3 ~ /[0-9]+/ { print $4 }'`; if [[ $size -gt 2000000000 ]]; then echo -n 2000000000000; else - echo -n $((size * 1000)); + echo -n $((size * 1000 / 512 * 512)); fi diff --git a/deploy/adapters/ansible/roles/database/vars/RedHat.yml b/deploy/adapters/ansible/roles/database/vars/RedHat.yml index 7213d7fa..a4171559 100644 --- a/deploy/adapters/ansible/roles/database/vars/RedHat.yml +++ b/deploy/adapters/ansible/roles/database/vars/RedHat.yml @@ -7,6 +7,7 @@ maridb_packages: - MariaDB-Galera-server - MariaDB-client - galera + - MySQL-python services: [] diff --git a/deploy/adapters/ansible/roles/glance/tasks/glance_config.yml b/deploy/adapters/ansible/roles/glance/tasks/glance_config.yml index 548c2309..4cd71ffc 100644 --- a/deploy/adapters/ansible/roles/glance/tasks/glance_config.yml +++ b/deploy/adapters/ansible/roles/glance/tasks/glance_config.yml @@ -1,6 +1,8 @@ --- - name: sync glance db - glance_manage: action=dbsync + #glance_manage: action=dbsync + shell: glance-manage db sync + ignore_errors: True notify: - restart glance services diff --git a/deploy/adapters/ansible/roles/glance/tasks/glance_install.yml b/deploy/adapters/ansible/roles/glance/tasks/glance_install.yml index 6d2b7053..1a34c6f5 100644 --- a/deploy/adapters/ansible/roles/glance/tasks/glance_install.yml +++ b/deploy/adapters/ansible/roles/glance/tasks/glance_install.yml @@ -13,8 +13,6 @@ with_items: - glance-api.conf - glance-registry.conf - notify: - - restart glance services - name: remove default sqlite db shell: rm /var/lib/glance/glance.sqlite || touch glance.sqllite.db.removed diff --git a/deploy/adapters/ansible/roles/glance/tasks/nfs.yml b/deploy/adapters/ansible/roles/glance/tasks/nfs.yml index dc1be977..ff96c64a 100644 --- a/deploy/adapters/ansible/roles/glance/tasks/nfs.yml +++ b/deploy/adapters/ansible/roles/glance/tasks/nfs.yml @@ -17,7 +17,7 @@ line="/opt/images *(rw,insecure,sync,all_squash)" run_once: True -- name: restart nfs service +- name: restart compass nfs service local_action: service name={{ item }} state=restarted enabled=yes with_items: - rpcbind @@ -32,6 +32,10 @@ shell: awk -F'=' '/compass_server/ {print $2}' /etc/compass.conf register: ip_info +- name: restart host nfs service + service: name={{ item }} state=restarted enabled=yes + with_items: '{{ nfs_services }}' + - name: mount image directory shell: | mount -t nfs -onfsvers=3 {{ ip_info.stdout_lines[0] }}:/opt/images /var/lib/glance/images diff --git a/deploy/adapters/ansible/roles/glance/vars/Debian.yml b/deploy/adapters/ansible/roles/glance/vars/Debian.yml index b295ff28..974ada23 100644 --- a/deploy/adapters/ansible/roles/glance/vars/Debian.yml +++ b/deploy/adapters/ansible/roles/glance/vars/Debian.yml @@ -6,6 +6,7 @@ packages: nfs_packages: - nfs-common +nfs_services: [] services: - glance-registry - glance-api diff --git a/deploy/adapters/ansible/roles/glance/vars/RedHat.yml b/deploy/adapters/ansible/roles/glance/vars/RedHat.yml index e26b7034..bd80d21d 100644 --- a/deploy/adapters/ansible/roles/glance/vars/RedHat.yml +++ b/deploy/adapters/ansible/roles/glance/vars/RedHat.yml @@ -6,6 +6,10 @@ nfs_packages: - nfs-utils - rpcbind +nfs_services: + - rpcbind + - rpc-statd + services: - openstack-glance-api - openstack-glance-registry diff --git a/deploy/adapters/ansible/roles/keystone/tasks/keystone_config.yml b/deploy/adapters/ansible/roles/keystone/tasks/keystone_config.yml index f69a83cb..6c39da8d 100644 --- a/deploy/adapters/ansible/roles/keystone/tasks/keystone_config.yml +++ b/deploy/adapters/ansible/roles/keystone/tasks/keystone_config.yml @@ -1,6 +1,7 @@ --- - name: keystone-manage db-sync - keystone_manage: action=dbsync + #keystone_manage: action=dbsync + shell: keystone-manage db_sync - name: wait for keystone ready wait_for: port=35357 delay=3 timeout=10 host={{ internal_vip.ip }} diff --git a/deploy/adapters/ansible/roles/neutron-compute/vars/RedHat.yml b/deploy/adapters/ansible/roles/neutron-compute/vars/RedHat.yml index cf882150..386c4e53 100644 --- a/deploy/adapters/ansible/roles/neutron-compute/vars/RedHat.yml +++ b/deploy/adapters/ansible/roles/neutron-compute/vars/RedHat.yml @@ -1,5 +1,6 @@ --- packages: + - openstack-neutron - openstack-neutron-ml2 - openstack-neutron-openvswitch diff --git a/deploy/adapters/ansible/roles/odl_cluster/tasks/openvswitch.yml b/deploy/adapters/ansible/roles/odl_cluster/tasks/openvswitch.yml index f301cba2..e52b18ff 100755 --- a/deploy/adapters/ansible/roles/odl_cluster/tasks/openvswitch.yml +++ b/deploy/adapters/ansible/roles/odl_cluster/tasks/openvswitch.yml @@ -17,6 +17,12 @@ - name: shut down and disable Neutron's openvswitch agent services service: name=neutron-plugin-openvswitch-agent state=stopped +- name: Stop the Open vSwitch service and clear existing OVSDB + shell: > + ovs-vsctl del-br br-int ; + ovs-vsctl del-br br-tun ; + ovs-vsctl del-manager ; + #- name: remove Neutron's openvswitch agent services # shell: > # update-rc.d neutron-plugin-openvswitch-agent remove diff --git a/deploy/adapters/ansible/roles/secgroup/handlers/main.yml b/deploy/adapters/ansible/roles/secgroup/handlers/main.yml new file mode 100644 index 00000000..551258d2 --- /dev/null +++ b/deploy/adapters/ansible/roles/secgroup/handlers/main.yml @@ -0,0 +1,10 @@ +--- +- name: restart controller relation service + service: name={{ item }} state=restarted enabled=yes + ignore_errors: True + with_items: controller_services + +- name: restart compute relation service + service: name={{ item }} state=restarted enabled=yes + ignore_errors: True + with_items: compute_services diff --git a/deploy/adapters/ansible/roles/secgroup/tasks/main.yml b/deploy/adapters/ansible/roles/secgroup/tasks/main.yml new file mode 100644 index 00000000..c26af4b0 --- /dev/null +++ b/deploy/adapters/ansible/roles/secgroup/tasks/main.yml @@ -0,0 +1,10 @@ +--- +- include_vars: "{{ ansible_os_family }}.yml" + tags: secgroup + +- debug: msg={{ enable_secgroup }} + tags: secgroup + +- include: secgroup.yml + when: '{{ enable_secgroup }} == False' + tags: secgroup diff --git a/deploy/adapters/ansible/roles/secgroup/tasks/secgroup.yml b/deploy/adapters/ansible/roles/secgroup/tasks/secgroup.yml new file mode 100644 index 00000000..f2a6c0ab --- /dev/null +++ b/deploy/adapters/ansible/roles/secgroup/tasks/secgroup.yml @@ -0,0 +1,27 @@ +--- +- name: make sure template dir exits + file: path=/opt/os_templates state=directory mode=0755 + tags: secgroup + +- name: copy configs + template: src={{ item.src}} dest=/opt/os_templates + with_items: "{{ configs_templates }}" + tags: secgroup + +- name: update controller configs + shell: '[ -f {{ item.1 }} ] && crudini --merge {{ item.1 }} < /opt/os_templates/{{ item.0.src }} || /bin/true' + tags: secgroup + with_subelements: + - configs_templates + - dest + notify: restart controller relation service + when: inventory_hostname in "{{ groups['controller'] }}" + +- name: update compute configs + shell: '[ -f {{ item.1 }} ] && crudini --merge {{ item.1 }} < /opt/os_templates/{{ item.0.src }} || /bin/true' + tags: secgroup + with_subelements: + - configs_templates + - dest + notify: restart compute relation service + when: inventory_hostname in "{{ groups['compute'] }}" diff --git a/deploy/adapters/ansible/roles/secgroup/templates/neutron.j2 b/deploy/adapters/ansible/roles/secgroup/templates/neutron.j2 new file mode 100644 index 00000000..7b39e18c --- /dev/null +++ b/deploy/adapters/ansible/roles/secgroup/templates/neutron.j2 @@ -0,0 +1,4 @@ +[securitygroup] +firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver +enable_security_group = False + diff --git a/deploy/adapters/ansible/roles/secgroup/templates/nova.j2 b/deploy/adapters/ansible/roles/secgroup/templates/nova.j2 new file mode 100644 index 00000000..91fa6cd2 --- /dev/null +++ b/deploy/adapters/ansible/roles/secgroup/templates/nova.j2 @@ -0,0 +1,3 @@ +[DEFAULT] +firewall_driver = nova.virt.firewall.NoopFirewallDriver +security_group_api = nova diff --git a/deploy/adapters/ansible/roles/secgroup/vars/Debian.yml b/deploy/adapters/ansible/roles/secgroup/vars/Debian.yml new file mode 100644 index 00000000..85025bf5 --- /dev/null +++ b/deploy/adapters/ansible/roles/secgroup/vars/Debian.yml @@ -0,0 +1,27 @@ +--- +configs_templates: + - src: nova.j2 + dest: + - /etc/nova/nova.conf + - src: neutron.j2 + dest: + - /etc/neutron/plugins/ml2/ml2_conf.ini + - /etc/neutron/plugins/openvswitch/ovs_neutron_plugin.ini + - /etc/neutron/plugins/ml2/restproxy.ini + +controller_services: + - nova-api + - nova-cert + - nova-conductor + - nova-consoleauth + - nova-novncproxy + - nova-scheduler + - neutron-server + - neutron-plugin-openvswitch-agent + - neutron-l3-agent + - neutron-dhcp-agent + - neutron-metadata-agent + +compute_services: + - nova-compute + - neutron-plugin-openvswitch-agent diff --git a/deploy/adapters/ansible/roles/secgroup/vars/RedHat.yml b/deploy/adapters/ansible/roles/secgroup/vars/RedHat.yml new file mode 100644 index 00000000..533bbe9d --- /dev/null +++ b/deploy/adapters/ansible/roles/secgroup/vars/RedHat.yml @@ -0,0 +1,27 @@ +--- +configs_templates: + - src: nova.j2 + dest: + - /etc/nova/nova.conf + - src: neutron.j2 + dest: + - /etc/neutron/plugins/ml2/ml2_conf.ini + - /etc/neutron/plugins/openvswitch/ovs_neutron_plugin.ini + - /etc/neutron/plugins/ml2/restproxy.ini + +controller_services: + - openstack-nova-api + - openstack-nova-cert + - openstack-nova-conductor + - openstack-nova-consoleauth + - openstack-nova-novncproxy + - openstack-nova-scheduler + - neutron-openvswitch-agent + - neutron-l3-agent + - neutron-dhcp-agent + - neutron-metadata-agent + - neutron-server + +compute_services: + - openstack-nova-compute + - neutron-openvswitch-agent diff --git a/deploy/adapters/ansible/roles/secgroup/vars/main.yml b/deploy/adapters/ansible/roles/secgroup/vars/main.yml new file mode 100644 index 00000000..bb87da65 --- /dev/null +++ b/deploy/adapters/ansible/roles/secgroup/vars/main.yml @@ -0,0 +1,3 @@ +--- +packages_noarch: [] +metering_secret: 1c5df72079b31fb47747 |