From f31ca71ffc5f4110796655ded3c7a6d144f43e42 Mon Sep 17 00:00:00 2001
From: wutianwei <wutianwei1@huawei.com>
Date: Fri, 14 Jul 2017 11:01:28 +0800
Subject: change the public endpoint protocol with https

Fetch the os_cacerts for funtest
replace the internalURL with publicURL

Change-Id: Iff4fe2c998f3b5e723e826cf27e8901208988785
Signed-off-by: wutianwei <wutianwei1@huawei.com>
---
 .../ansible/roles/config-osa/files/fetch-files.yml | 28 ++++++++++++++++++++++
 .../roles/config-osa/files/fetch-openrc.yml        | 18 --------------
 .../ansible/roles/config-osa/files/http.yml        | 25 -------------------
 .../ansible/roles/config-osa/tasks/main.yml        | 11 +++------
 .../config-osa/templates/user_variables.yml.j2     |  1 -
 .../ansible/roles/post-openstack/tasks/main.yml    | 13 +++++-----
 6 files changed, 38 insertions(+), 58 deletions(-)
 create mode 100644 deploy/adapters/ansible/roles/config-osa/files/fetch-files.yml
 delete mode 100644 deploy/adapters/ansible/roles/config-osa/files/fetch-openrc.yml
 delete mode 100644 deploy/adapters/ansible/roles/config-osa/files/http.yml

(limited to 'deploy/adapters/ansible')

diff --git a/deploy/adapters/ansible/roles/config-osa/files/fetch-files.yml b/deploy/adapters/ansible/roles/config-osa/files/fetch-files.yml
new file mode 100644
index 00000000..346ef2fd
--- /dev/null
+++ b/deploy/adapters/ansible/roles/config-osa/files/fetch-files.yml
@@ -0,0 +1,28 @@
+# #############################################################################
+# Copyright (c) 2017 HUAWEI TECHNOLOGIES CO.,LTD and others.
+#
+# All rights reserved. This program and the accompanying materials
+# are made available under the terms of the Apache License, Version 2.0
+# which accompanies this distribution, and is available at
+# http://www.apache.org/licenses/LICENSE-2.0
+# #############################################################################
+---
+- name: Fetch openrc
+  hosts: utility_all[0]
+  max_fail_percentage: 20
+  user: root
+  tasks:
+    - fetch:
+        src: /root/openrc
+        dest: /opt/openrc
+        flat: "yes"
+
+- name: Fetch haproxy.cert
+  hosts: haproxy_hosts[0]
+  max_fail_percentage: 20
+  user: root
+  tasks:
+    - fetch:
+        src: /etc/ssl/certs/haproxy.cert
+        dest: /opt/os_cacert
+        flat: "yes"
diff --git a/deploy/adapters/ansible/roles/config-osa/files/fetch-openrc.yml b/deploy/adapters/ansible/roles/config-osa/files/fetch-openrc.yml
deleted file mode 100644
index 1251cbf1..00000000
--- a/deploy/adapters/ansible/roles/config-osa/files/fetch-openrc.yml
+++ /dev/null
@@ -1,18 +0,0 @@
-# #############################################################################
-# Copyright (c) 2017 HUAWEI TECHNOLOGIES CO.,LTD and others.
-#
-# All rights reserved. This program and the accompanying materials
-# are made available under the terms of the Apache License, Version 2.0
-# which accompanies this distribution, and is available at
-# http://www.apache.org/licenses/LICENSE-2.0
-# #############################################################################
----
-- name: Fetch openrc
-  hosts: utility_all[0]
-  max_fail_percentage: 20
-  user: root
-  tasks:
-    - fetch:
-        src: /root/openrc
-        dest: /opt/openrc
-        flat: "yes"
diff --git a/deploy/adapters/ansible/roles/config-osa/files/http.yml b/deploy/adapters/ansible/roles/config-osa/files/http.yml
deleted file mode 100644
index d5c1e64e..00000000
--- a/deploy/adapters/ansible/roles/config-osa/files/http.yml
+++ /dev/null
@@ -1,25 +0,0 @@
-# #############################################################################
-# Copyright (c) 2017 HUAWEI TECHNOLOGIES CO.,LTD and others.
-#
-# All rights reserved. This program and the accompanying materials
-# are made available under the terms of the Apache License, Version 2.0
-# which accompanies this distribution, and is available at
-# http://www.apache.org/licenses/LICENSE-2.0
-# #############################################################################
----
-- name: change https to http in haproxy configuratio
-  hosts: network_hosts
-  gather_facts: "{{ gather_facts | default(True) }}"
-  max_fail_percentage: 20
-  user: root
-  tasks:
-    - name: change the haproxy configuration
-      shell: "sed -i 's/ssl crt.*//g' /etc/haproxy/haproxy.cfg;
-              sed -i 's/https$/http/g' /etc/haproxy/haproxy.cfg"
-      when: openstack_service_publicuri_proto == "http"
-
-    - name: restart haproxy service
-      service:
-        name: haproxy
-        state: restarted
-      when: openstack_service_publicuri_proto == "http"
diff --git a/deploy/adapters/ansible/roles/config-osa/tasks/main.yml b/deploy/adapters/ansible/roles/config-osa/tasks/main.yml
index e66ea949..b86a3205 100644
--- a/deploy/adapters/ansible/roles/config-osa/tasks/main.yml
+++ b/deploy/adapters/ansible/roles/config-osa/tasks/main.yml
@@ -76,12 +76,7 @@
     src: create-flavor.yml.j2
     dest: /opt/openstack-ansible/playbooks/create-flavor.yml
 
-- name: copy http.yml
+- name: copy fetch-files.yml
   copy:
-    src: http.yml
-    dest: /opt/openstack-ansible/playbooks/http.yml
-
-- name: copy fetch-openrc.yml
-  copy:
-    src: fetch-openrc.yml
-    dest: /opt/openstack-ansible/playbooks/fetch-openrc.yml
+    src: fetch-files.yml
+    dest: /opt/openstack-ansible/playbooks/fetch-files.yml
diff --git a/deploy/adapters/ansible/roles/config-osa/templates/user_variables.yml.j2 b/deploy/adapters/ansible/roles/config-osa/templates/user_variables.yml.j2
index 5157f758..7f29d5fe 100644
--- a/deploy/adapters/ansible/roles/config-osa/templates/user_variables.yml.j2
+++ b/deploy/adapters/ansible/roles/config-osa/templates/user_variables.yml.j2
@@ -21,7 +21,6 @@
 # # Debug and Verbose options.
 debug: false
 
-openstack_service_publicuri_proto: http
 haproxy_keepalived_external_vip_cidr: "{{ public_vip.ip }}/32"
 haproxy_keepalived_internal_vip_cidr: "10.1.0.22/32"
 haproxy_keepalived_external_interface: br-vlan
diff --git a/deploy/adapters/ansible/roles/post-openstack/tasks/main.yml b/deploy/adapters/ansible/roles/post-openstack/tasks/main.yml
index 8140cee7..3641faeb 100644
--- a/deploy/adapters/ansible/roles/post-openstack/tasks/main.yml
+++ b/deploy/adapters/ansible/roles/post-openstack/tasks/main.yml
@@ -23,15 +23,16 @@
           cd /opt/openstack-ansible/playbooks; \
           openstack-ansible create-flavor.yml > /dev/null"
 
-- name: change https to http
-  shell: "export ANSIBLE_LOG_PATH=/var/ansible/run/openstack_ocata-opnfv2/ansible.log; \
-          cd /opt/openstack-ansible/playbooks; \
-          openstack-ansible http.yml > /dev/null"
-
 - name: run ansible yml to fetch openrc
   shell: "export ANSIBLE_LOG_PATH=/var/ansible/run/openstack_ocata-opnfv2/ansible.log; \
           cd /opt/openstack-ansible/playbooks; \
-          openstack-ansible fetch-openrc.yml > /dev/null"
+          openstack-ansible fetch-files.yml > /dev/null"
+
+- name: replace http with https in openrc
+  replace:
+    dest: /opt/openrc
+    regexp: "http://"
+    replace: "https://"
 
 - name: replace internalURL with publicURL in openrc
   replace:
-- 
cgit 1.2.3-korg