summaryrefslogtreecommitdiffstats
path: root/xci/playbooks
diff options
context:
space:
mode:
authorMarkos Chandras <mchandras@suse.de>2017-12-21 13:37:36 +0000
committerGerrit Code Review <gerrit@opnfv.org>2017-12-21 13:37:36 +0000
commit1a68730ab76b3fad4395f1cca0d3590c0507d378 (patch)
tree0a57fdf3fa7296ea4b92c3d5cedc178690dd3144 /xci/playbooks
parent1b238dde764f68404489b21245e0b1494cb06e8e (diff)
parentc74cfd33fc3c8274433f153f1d211b7b2657ab54 (diff)
Merge "xci: OSA: Move all the OSA specific playbooks to the NFVI directory"
Diffstat (limited to 'xci/playbooks')
-rw-r--r--xci/playbooks/bootstrap-scenarios.yml23
-rw-r--r--xci/playbooks/configure-localhost.yml72
-rw-r--r--xci/playbooks/configure-opnfvhost.yml185
-rw-r--r--xci/playbooks/configure-targethosts.yml50
-rw-r--r--xci/playbooks/inventory10
5 files changed, 0 insertions, 340 deletions
diff --git a/xci/playbooks/bootstrap-scenarios.yml b/xci/playbooks/bootstrap-scenarios.yml
deleted file mode 100644
index 98acf73b..00000000
--- a/xci/playbooks/bootstrap-scenarios.yml
+++ /dev/null
@@ -1,23 +0,0 @@
----
-#
-# This file is aimed to be used by scenarios to plug into the XCI.
-# Ideally, all they need to do at this point is to include their
-# role using a statement like the following one
-#
-# - name: Include foobar role
-# include_role:
-# name: "foobar"
-# when: DEPLOY_SCENARIO == "foobar"
-
-- name: Prepare everything to run the os-nosdn-nofeature scenario
- include_role:
- name: "os-nosdn-nofeature"
- when: DEPLOY_SCENARIO == 'os-nosdn-nofeature'
-- name: Prepare everything to run the os-odl-nofeature scenario
- include_role:
- name: "os-odl-nofeature"
- when: DEPLOY_SCENARIO == 'os-odl-nofeature'
-- name: Prepare everything to run the os-odl-sfc scenario
- include_role:
- name: "os-odl-sfc"
- when: DEPLOY_SCENARIO == 'os-odl-sfc'
diff --git a/xci/playbooks/configure-localhost.yml b/xci/playbooks/configure-localhost.yml
deleted file mode 100644
index 279ae162..00000000
--- a/xci/playbooks/configure-localhost.yml
+++ /dev/null
@@ -1,72 +0,0 @@
----
-# SPDX-license-identifier: Apache-2.0
-##############################################################################
-# Copyright (c) 2017 Ericsson AB and others.
-# All rights reserved. This program and the accompanying materials
-# are made available under the terms of the Apache License, Version 2.0
-# which accompanies this distribution, and is available at
-# http://www.apache.org/licenses/LICENSE-2.0
-##############################################################################
-- hosts: localhost
- connection: local
- vars_files:
- - ../var/opnfv.yml
-
- pre_tasks:
- - name: Load distribution variables
- include_vars:
- file: ../var/{{ ansible_os_family }}.yml
- - name: cleanup leftovers of previous deployment
- file:
- path: "{{ item }}"
- state: absent
- recurse: no
- with_items:
- - "{{ XCI_CACHE }}/repos"
- - "{{ LOG_PATH }} "
- - "{{ OPNFV_SSH_HOST_KEYS_PATH }}"
-
- roles:
- - role: clone-repository
- project: "openstack/openstack-ansible-openstack_openrc"
- repo: "{{ OPENSTACK_OSA_OPENRC_GIT_URL }}"
- dest: roles/openstack-ansible-openstack_openrc
- version: "master"
- - role: clone-repository
- project: "openstack/openstack-ansible"
- repo: "{{ OPENSTACK_OSA_GIT_URL }}"
- dest: "{{ XCI_CACHE }}/repos/openstack-ansible"
- version: "{{ OPENSTACK_OSA_VERSION }}"
-
- tasks:
- - name: create log directory {{LOG_PATH}}
- file:
- path: "{{LOG_PATH}}"
- state: directory
- recurse: no
- - name: check if certificate directory /etc/ssl/certs exists already
- stat: path=/etc/ssl/certs
- register: check_etc_ssl_certs
- - name: create certificate directory /etc/ssl/certs
- become: true
- file:
- path: "/etc/ssl/certs"
- state: directory
- when: check_etc_ssl_certs.stat.exists == false
- - name: create key directory /etc/ssl/private
- become: true
- file:
- path: "/etc/ssl/private"
- state: directory
- - name: generate self signed certificate
- command: openssl req -new -nodes -x509 -subj "{{ XCI_SSL_SUBJECT }}" -days 3650 -keyout "/etc/ssl/private/xci.key" -out "/etc/ssl/certs/xci.crt" -extensions v3_ca
- become: true
- - name: Synchronize local development OSA repository to XCI paths
- # command module is much faster than the copy module
- synchronize:
- src: "{{ OPENSTACK_OSA_DEV_PATH }}"
- dest: "{{ XCI_CACHE }}/repos/openstack-ansible"
- recursive: yes
- delete: yes
- when:
- - OPENSTACK_OSA_DEV_PATH != ""
diff --git a/xci/playbooks/configure-opnfvhost.yml b/xci/playbooks/configure-opnfvhost.yml
deleted file mode 100644
index 30831bec..00000000
--- a/xci/playbooks/configure-opnfvhost.yml
+++ /dev/null
@@ -1,185 +0,0 @@
----
-# SPDX-license-identifier: Apache-2.0
-##############################################################################
-# Copyright (c) 2017 Ericsson AB and others.
-# All rights reserved. This program and the accompanying materials
-# are made available under the terms of the Apache License, Version 2.0
-# which accompanies this distribution, and is available at
-# http://www.apache.org/licenses/LICENSE-2.0
-##############################################################################
-- hosts: opnfv
- remote_user: root
- vars_files:
- - ../var/opnfv.yml
- pre_tasks:
- - name: Load distribution variables
- include_vars:
- file: "{{ item }}"
- with_items:
- - ../var/{{ ansible_os_family }}.yml
- - ../file/{{ XCI_FLAVOR }}/flavor-vars.yml
- - name: Set facts for remote deployment
- set_fact:
- remote_xci_path: "{{ ansible_env.HOME }}/releng-xci"
- remote_xci_flavor_files: "{{ ansible_env.HOME }}/releng-xci/xci/file/{{ XCI_FLAVOR }}"
- remote_xci_playbooks: "{{ ansible_env.HOME }}/releng-xci/xci/playbooks"
-
- roles:
- - role: configure-network
- when: XCI_FLAVOR != "aio"
-
- tasks:
- - name: generate SSH keys
- shell: ssh-keygen -b 2048 -t rsa -f /root/.ssh/id_rsa -q -N ""
- args:
- creates: "{{ ansible_env.HOME }}/.ssh/id_rsa"
- - name: fetch public key
- fetch:
- src: "{{ ansible_env.HOME }}/.ssh/id_rsa.pub"
- dest: "../file/authorized_keys"
- flat: yes
- - name: Copy releng-xci to remote host
- synchronize:
- src: "{{ XCI_PATH }}/"
- dest: "{{ remote_xci_path }}"
- recursive: yes
- delete: yes
- - name: copy flavor inventory
- shell: "/bin/cp -rf {{ remote_xci_flavor_files }}/inventory {{ remote_xci_playbooks }}"
- - name: copy openstack_deploy
- shell: "/bin/cp -rf {{OPENSTACK_OSA_PATH}}/etc/openstack_deploy {{OPENSTACK_OSA_ETC_PATH}}"
- - name: copy openstack_user_config.yml
- shell: "/bin/cp -rf {{ remote_xci_flavor_files }}/openstack_user_config.yml {{OPENSTACK_OSA_ETC_PATH}}"
- failed_when: false
- - name: copy all user override files
- shell: "/bin/cp -rf {{ remote_xci_flavor_files }}/user_variables.yml {{OPENSTACK_OSA_ETC_PATH}}"
- failed_when: false
- - name: copy cinder.yml
- shell: "/bin/cp -rf {{ remote_xci_path }}/xci/file/cinder.yml {{OPENSTACK_OSA_ETC_PATH}}/env.d"
- - name: Configure AIO tempest
- lineinfile:
- path: "{{ OPENSTACK_OSA_ETC_PATH }}/user_variables.yml"
- line: "{{ item }}: {{ RUN_TEMPEST | bool }}"
- state: present
- with_items:
- - "tempest_install"
- - "tempest_run"
- - block:
- - name: copy ceph.yml
- shell: "/bin/cp -rf {{ remote_xci_flavor_files }}/ceph.yml {{OPENSTACK_OSA_ETC_PATH}}/conf.d/"
- - name: copy user_ceph.yml
- shell: "/bin/cp -rf {{ remote_xci_flavor_files }}/user_ceph.yml {{OPENSTACK_OSA_ETC_PATH}}/user_ceph.yml"
- - name: copy user_variables_ceph.yml
- shell: "/bin/cp -rf {{ remote_xci_flavor_files }}/user_variables_ceph.yml {{OPENSTACK_OSA_ETC_PATH}}/user_variables_ceph.yml"
- when: XCI_CEPH_ENABLED == "true"
- # TODO: We need to get rid of this as soon as the issue is fixed upstream
- - name: change the haproxy state from disable to enable
- replace:
- dest: "{{OPENSTACK_OSA_PATH}}/playbooks/os-keystone-install.yml"
- regexp: '(\s+)haproxy_state: disabled'
- replace: '\1haproxy_state: enabled'
- - name: copy OPNFV OpenStack playbook
- shell: "/bin/cp -rf {{ remote_xci_path }}/xci/file/setup-openstack.yml {{OPENSTACK_OSA_PATH}}/playbooks"
- - name: copy pinned versions of OSA Roles and global requirements
- shell: "/bin/cp -rf {{ remote_xci_path }}/xci/file/{{ item }} {{OPENSTACK_OSA_PATH}}/{{ item }}"
- with_items:
- - "ansible-role-requirements.yml"
- - "global-requirement-pins.txt"
- when:
- - OPENSTACK_OSA_VERSION != "master"
- - name: copy pinned versions of OpenStack services
- shell: "/bin/cp -rf {{ remote_xci_path }}/xci/file/openstack_services.yml {{OPENSTACK_OSA_PATH}}/playbooks/defaults/repo_packages/openstack_services.yml"
- when:
- - OPENSTACK_OSA_VERSION != "master"
- - include: bootstrap-scenarios.yml
- - name: bootstrap ansible on opnfv host
- command: "/bin/bash ./scripts/bootstrap-ansible.sh"
- args:
- chdir: "{{OPENSTACK_OSA_PATH}}"
- - name: install python Crypto module
- package:
- name: "{{ python_crypto_package_name }}"
- - name: install PyYAML
- pip:
- name: pyyaml
- state: present
- - name: generate password token
- command: "python pw-token-gen.py --file {{OPENSTACK_OSA_ETC_PATH}}/user_secrets.yml"
- args:
- chdir: "{{OPENSTACK_OSA_PATH}}/scripts"
- - name: check if certificate directory /etc/ssl/certs exists already
- stat: path=/etc/ssl/certs
- register: check_etc_ssl_certs
- - name: create certificate directory /etc/ssl/certs
- file:
- path: "/etc/ssl/certs"
- state: directory
- when: check_etc_ssl_certs.stat.exists == false
- - name: create key directory /etc/ssl/private
- file:
- path: "/etc/ssl/private"
- state: directory
- - name: copy certificate to /etc/ssl/certs
- copy:
- src: "/etc/ssl/certs/xci.crt"
- dest: "/etc/ssl/certs/"
- - name: read remote key from /etc/ssl/private
- set_fact:
- xci_ssl_key: "{{ lookup('pipe', 'sudo cat /etc/ssl/private/xci.key' ) }}"
- - name: copy key to /etc/ssl/private
- copy:
- content: "{{ xci_ssl_key }}"
- dest: "/etc/ssl/private/xci.key"
- become: true
- - name: install opnfv required packages
- package:
- name: "{{ opnfv_required_packages }}"
- state: latest
- # Docker is needed for functest
- - name: Ensure Docker service is started and enabled
- service:
- name: "{{ docker_service_name }}"
- state: started
- enabled: yes
- - name: install opnfv required pip packages
- pip:
- name: "{{ opnfv_required_pip }}"
- state: present
-
-- hosts: localhost
- remote_user: root
- vars_files:
- - ../var/opnfv.yml
- tasks:
- - name: Append public keys to authorized_keys
- shell: "/bin/cat {{ ansible_env.HOME }}/.ssh/id_rsa.pub >> ../file/authorized_keys"
-
-- hosts: opnfv
- remote_user: root
- vars_files:
- - ../var/opnfv.yml
- pre_tasks:
- - name: Load distribution variables
- include_vars:
- file: "{{ item }}"
- failed_when: false
- with_items:
- - ../var/opnfv.yml
- - ../var/{{ ansible_os_family }}.yml
- - ../file/{{ XCI_FLAVOR }}/flavor-vars.yml
- - ../file/{{ XCI_FLAVOR }}/user_variables.yml
- roles:
- - role: "openstack-ansible-openstack_openrc"
-
- tasks:
- - name: add extra insecure flag to generated openrc
- blockinfile:
- dest: "{{ ansible_env.HOME }}/openrc"
- block: |
- export OS_INSECURE=true
-
- - name: fetch generated openrc
- fetch:
- src: "{{ ansible_env.HOME }}/openrc"
- dest: "{{ XCI_PATH }}/.cache/openrc"
- flat: true
diff --git a/xci/playbooks/configure-targethosts.yml b/xci/playbooks/configure-targethosts.yml
deleted file mode 100644
index d136f436..00000000
--- a/xci/playbooks/configure-targethosts.yml
+++ /dev/null
@@ -1,50 +0,0 @@
----
-- hosts: all
- remote_user: root
- tasks:
- - name: add public key to host
- copy:
- src: ../file/authorized_keys
- dest: /root/.ssh/authorized_keys
-
-- hosts: controller
- remote_user: root
- vars_files:
- - ../var/opnfv.yml
-
- pre_tasks:
- - name: Load distribution variables
- include_vars:
- file: "{{ item }}"
- with_items:
- - ../var/{{ ansible_os_family }}.yml
- - ../file/{{ XCI_FLAVOR }}/flavor-vars.yml
- roles:
- - role: configure-network
- # we need to force sync time with ntp or the nodes will be out of sync timewise
- - role: synchronize-time
-
-- hosts: compute
- remote_user: root
- vars_files:
- - ../var/opnfv.yml
-
- pre_tasks:
- - name: Load distribution variables
- include_vars:
- file: "{{ item }}"
- with_items:
- - ../var/opnfv.yml
- - ../var/{{ ansible_os_family }}.yml
- - ../file/{{ XCI_FLAVOR }}/flavor-vars.yml
- roles:
- - role: configure-network
- # we need to force sync time with ntp or the nodes will be out of sync timewise
- - role: synchronize-time
- - role: configure-ceph
- when: XCI_CEPH_ENABLED == "true"
-
-- hosts: compute00
- remote_user: root
- roles:
- - role: configure-nfs
diff --git a/xci/playbooks/inventory b/xci/playbooks/inventory
deleted file mode 100644
index fd9af901..00000000
--- a/xci/playbooks/inventory
+++ /dev/null
@@ -1,10 +0,0 @@
-# SPDX-license-identifier: Apache-2.0
-##############################################################################
-# Copyright (c) 2017 Ericsson AB and others.
-# All rights reserved. This program and the accompanying materials
-# are made available under the terms of the Apache License, Version 2.0
-# which accompanies this distribution, and is available at
-# http://www.apache.org/licenses/LICENSE-2.0
-##############################################################################
-[opnfv]
-opnfv ansible_ssh_host=192.168.122.2