diff options
Diffstat (limited to 'components/congress/ansible/roles')
3 files changed, 152 insertions, 0 deletions
diff --git a/components/congress/ansible/roles/deploy/tasks/main.yml b/components/congress/ansible/roles/deploy/tasks/main.yml new file mode 100644 index 0000000..956728b --- /dev/null +++ b/components/congress/ansible/roles/deploy/tasks/main.yml @@ -0,0 +1,89 @@ +--- +- name: updating package cache + apt: update_cache=yes + +- name: installing dependancies + apt: pkg={{item}} state=present + with_items: + - python-pip + - libmysqlclient-dev + - python-mysqldb + +- name: installing python dependancies + pip: name={{item}} + with_items: + - virtualenv +# - MySQL-python + +- name: creating congress group + group: name=congress state=present + when: init == "True" + +- name: creating congress user + user: name=congress group=congress state=present createhome=no + when: init == "True" + +- name: creating remote install directory + file: path={{item}} state=directory owner=congress group=congress + with_items: + - /etc/congress + - "{{installDir}}" + - /var/log/congress + +- name: copying congress build to prod host + unarchive: src={{tempDir}}/congress-{{congressVersion}}.tgz dest={{installDir}} owner=congress group=congress + +- name: activating virtualenv + shell: virtualenv {{installDir}}/congress + +- name: updating congress.conf + template: src=congress.conf dest=/etc/congress/congress.conf owner=congress group=congress + +- name: create congress service + shell: > + {{installDir}}/congress/bin/keystone \ + --os-auth-url={{keystoneAuthProto}}://{{keystoneAuthHost}}:35357/v2.0 \ + --os-username={{keystoneAdminUser}} \ + --os-tenant-name={{adminTenantName}} \ + --os-password={{keystoneAdminPassword}} \ + service-create --name congress --type "policy" --description "Congress Service" + when: init == "True" + +- name: creating keystone endpoint + shell: > + {{installDir}}/congress/bin/keystone \ + --os-auth-url={{keystoneAuthProto}}://{{keystoneAuthHost}}:35357/v2.0 \ + --os-username={{keystoneAdminUser}} \ + --os-tenant-name={{adminTenantName}} \ + --os-password={{keystoneAdminPassword}} \ + endpoint-create --service congress \ + --region {{authRegion}} \ + --publicurl {{publicEndpoint}} \ + --adminurl {{adminEndpoint}} \ + --internalurl {{internalEndpoint}} + when: init == "True" + +- name: creating congress database + mysql_db: name=congress state=present login_host={{mysqlDBIP}} login_user={{mysqlDBUser}} login_password={{mysqlDBPassword}} + when: init == "True" + +- name: creating and granting congress user access to database + mysql_user: name={{dbUser}} password={{dbPassword}} login_host={{mysqlDBIP}} login_user={{mysqlDBUser}} login_password={{mysqlDBPassword}} priv=congress.*:ALL host={{ item }} + with_items: + - "%" + - "localhost" + when: init == "True" + +- name: creating congress database schema + shell: > + {{installDir}}/congress/bin/congress-db-manage --config-file /etc/congress/congress.conf upgrade head + when: init == "True" + +- name: copy init service + template: src=congress-api.conf dest=/etc/init/congress-api.conf + when: init == "True" + +- name: enabling init service for congress + file: src=/lib/init/upstart-job dest=/etc/init.d/congress-api state=link + when: init == "True" + diff --git a/components/congress/ansible/roles/deploy/templates/congress-api.conf b/components/congress/ansible/roles/deploy/templates/congress-api.conf new file mode 100644 index 0000000..4eae24d --- /dev/null +++ b/components/congress/ansible/roles/deploy/templates/congress-api.conf @@ -0,0 +1,7 @@ +description "Congress API server" + +env PYTHON_PATH={{installDir}}/congress +start on runlevel [2345] +stop on runlevel [!2345] + +exec {{installDir}}/congress/bin/congress-server --config-file /etc/congress/congress.conf diff --git a/components/congress/ansible/roles/deploy/templates/congress.conf b/components/congress/ansible/roles/deploy/templates/congress.conf new file mode 100644 index 0000000..ffcd900 --- /dev/null +++ b/components/congress/ansible/roles/deploy/templates/congress.conf @@ -0,0 +1,56 @@ +[DEFAULT] +# Print more verbose output (set logging level to INFO instead of default WARNING level). +verbose = True + +# Print debugging output (set logging level to DEBUG instead of default WARNING level). +# debug = False + +# log_format = %(asctime)s %(levelname)8s [%(name)s] %(message)s +# log_date_format = %Y-%m-%d %H:%M:%S + +# use_syslog -> syslog +# log_file and log_dir -> log_dir/log_file +# (not log_file) and log_dir -> log_dir/{binary_name}.log +# use_stderr -> stderr +# (not user_stderr) and (not log_file) -> stdout +# publish_errors -> notification system + +# use_syslog = False +# syslog_log_facility = LOG_USER + +# use_stderr = True +log_file = congress.log +log_dir = /var/log/congress + +# publish_errors = False + +# Address to bind the API server to +# bind_host = 0.0.0.0 + +# Port the bind the API server to +# bind_port = 1789 + +# The path to the latest policy dump +policy_path = /etc/congress/snapshot + +# Paste configuration file +# api_paste_config = api-paste.ini + +# The strategy to be used for auth. +# Supported values are 'keystone'(default), 'noauth'. +auth_strategy = keystone + +# List of datasource driver class paths to import. +# For example: congress.datasources.neutronv2_driver.NeutronV2Driver, etc +# datasource_drivers = [] + +[keystone_authtoken] +auth_host = {{ keystoneAuthHost }} +auth_port = 35357 +auth_protocol = {{ keystoneAuthProto }} +admin_tenant_name = {{ adminTenantName }} +admin_user = {{ congressAdminUser }} +admin_password = {{ congressAdminPassword }} + +[database] +connection = mysql://{{dbUser}}:{{dbPassword}}@{{mysqlDBIP}}:3306/congress |