diff options
Diffstat (limited to 'xci/installer/kubespray')
| -rw-r--r-- | xci/installer/kubespray/README | 64 | ||||
| -rwxr-xr-x | xci/installer/kubespray/deploy.sh | 157 | ||||
| -rw-r--r-- | xci/installer/kubespray/files/ha/inventory/group_vars/all.yml | 8 | ||||
| -rw-r--r-- | xci/installer/kubespray/playbooks/configure-installer.yml | 50 | ||||
| -rw-r--r-- | xci/installer/kubespray/playbooks/configure-kubenet.yml | 51 | ||||
| -rw-r--r-- | xci/installer/kubespray/playbooks/configure-opnfvhost.yml | 101 | ||||
| -rw-r--r-- | xci/installer/kubespray/playbooks/configure-targethosts.yml | 40 | ||||
| -rw-r--r-- | xci/installer/kubespray/playbooks/group_vars/all | 54 | ||||
| -rw-r--r-- | xci/installer/kubespray/playbooks/post-deployment.yml | 42 |
9 files changed, 567 insertions, 0 deletions
diff --git a/xci/installer/kubespray/README b/xci/installer/kubespray/README new file mode 100644 index 00000000..04202c28 --- /dev/null +++ b/xci/installer/kubespray/README @@ -0,0 +1,64 @@ +The xci/installer/kubespray/files/k8s-cluster.yml is obtained from kubespray. +You can change the parameters according to your needs. +When starting the deploy, it will be copied to the right directory and will be used by kubespray + +For example: + kube_network_plugin: calico + docker_storage_options: -s overlay2 + kube_service_addresses: 10.233.0.0/18 + +Requirements: + 1. Performance of hosts + The performance settings are not required officially. I recommend the following: + - VM_CPU=6 + - VM_DISK=80GB + - VM_MEMORY_SIZE=16GB + + 2. Distributions + - Ubuntu 16.04 + + 3. Packages: + - Ansible v2.4 (or newer) and python-netaddr is installed on the machine that will run Ansible commands + - Jinja 2.9 (or newer) is required to run the Ansible Playbooks + + 4. Others: + - The target servers must have access to the Internet in order to pull docker images. + - The target servers are configured to allow IPv4 forwarding. + - Your ssh key must be copied to all the servers part of your inventory. + - The firewalls are not managed, you'll need to implement your own rules the way you used to. In order to avoid any issue during the deployment you should disable your firewall. + +Flavors: + 1. aio: Single host which acts as the deployment host, master and node. + 2. mini: One deployment host, 1 master host and 1 node host. + 3. noha: One deployment host, 1 master host and 2 node hosts. + 4. ha: One deployment host, 3 master hosts and 2 node hosts. + +Components Installed: + 1. etcd + 2. network plugins:(one of following, which you can choose. Default is calico) + - calico + - flannel + - contive + - weave + 3. kubernetes + 4. docker + +How to use: + +Clone the OPNFV Releng repository + + git clone https://gerrit.opnfv.org/gerrit/releng-xci.git + +Change into the directory where the sandbox script is located + + cd releng-xci/xci + +Set the variable to run kubespray + + export INSTALLER_TYPE=kubespray + export DEPLOY_SCENARIO=k8-nosdn-nofeature + export XCI_FLAVOR=mini + +Execute sandbox script + + ./xci-deploy.sh diff --git a/xci/installer/kubespray/deploy.sh b/xci/installer/kubespray/deploy.sh new file mode 100755 index 00000000..af80b38f --- /dev/null +++ b/xci/installer/kubespray/deploy.sh @@ -0,0 +1,157 @@ +#!/bin/bash +# SPDX-license-identifier: Apache-2.0 +############################################################################## +# Copyright (c) 2017 Huawei +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +set -o errexit +set -o nounset +set -o pipefail + +K8_XCI_PLAYBOOKS="$(dirname $(realpath ${BASH_SOURCE[0]}))/playbooks" +export ANSIBLE_ROLES_PATH=$HOME/.ansible/roles:/etc/ansible/roles:${XCI_PATH}/xci/playbooks/roles + +#------------------------------------------------------------------------------- +# Configure localhost +#------------------------------------------------------------------------------- +# This playbook +# - removes directories that were created by the previous xci run +# - clones opnfv/releng-xci repository +# - clones kubernetes-incubator/kubespray repository +# - creates log directory +#------------------------------------------------------------------------------- + +echo "Info: Configuring localhost for kubespray" +echo "-----------------------------------------------------------------------" +cd $XCI_PLAYBOOKS +ansible-playbook ${XCI_ANSIBLE_PARAMS} -e XCI_PATH="${XCI_PATH}" \ + -i dynamic_inventory.py configure-localhost.yml +echo "-----------------------------------------------------------------------" +echo "Info: Configured localhost for kubespray" + +#------------------------------------------------------------------------------- +# Configure installer +#------------------------------------------------------------------------------- +# TODO: summarize what this playbook does +#------------------------------------------------------------------------------- + +echo "Info: Configuring kubespray installer" +echo "-----------------------------------------------------------------------" +cd $K8_XCI_PLAYBOOKS +ansible-playbook ${XCI_ANSIBLE_PARAMS} \ + -i ${XCI_PLAYBOOKS}/dynamic_inventory.py configure-installer.yml +echo "-----------------------------------------------------------------------" +echo "Info: Configured kubespray installer" + +#------------------------------------------------------------------------------- +# Configure deployment host, opnfv +#------------------------------------------------------------------------------- +# This playbook +# - removes directories that were created by the previous xci run +# - synchronize opnfv/releng-xci and kubernetes-incubator/kubespray repositories +# - generates/prepares ssh keys +# - copies flavor files to be used by kubespray +# - install packages required by kubespray +#------------------------------------------------------------------------------- +echo "Info: Configuring opnfv deployment host for kubespray" +echo "-----------------------------------------------------------------------" +cd $K8_XCI_PLAYBOOKS +ansible-playbook ${XCI_ANSIBLE_PARAMS} \ + -i ${XCI_PLAYBOOKS}/dynamic_inventory.py configure-opnfvhost.yml +echo "-----------------------------------------------------------------------" +echo "Info: Configured opnfv deployment host for kubespray" + +#------------------------------------------------------------------------------- +# Configure target hosts for kubespray +#------------------------------------------------------------------------------- +# This playbook is only run for the all flavors except aio since aio is configured by the configure-opnfvhost.yml +# This playbook +# - adds public keys to target hosts +# - install packages required by kubespray +# - configures haproxy service +#------------------------------------------------------------------------------- +if [ $XCI_FLAVOR != "aio" ]; then + echo "Info: Configuring target hosts for kubespray" + echo "-----------------------------------------------------------------------" + cd $K8_XCI_PLAYBOOKS + ansible-playbook ${XCI_ANSIBLE_PARAMS} \ + -i ${XCI_PLAYBOOKS}/dynamic_inventory.py configure-targethosts.yml + echo "-----------------------------------------------------------------------" + echo "Info: Configured target hosts for kubespray" +fi + + +echo "Info: Using kubespray to deploy the kubernetes cluster" +echo "-----------------------------------------------------------------------" +ssh root@$OPNFV_HOST_IP "set -o pipefail; export XCI_FLAVOR=$XCI_FLAVOR; export INSTALLER_TYPE=$INSTALLER_TYPE; \ + export IDF=/root/releng-xci/xci/var/idf.yml; export PDF=/root/releng-xci/xci/var/pdf.yml; \ + cd releng-xci/.cache/repos/kubespray/; ansible-playbook \ + -i inventory/opnfv/dynamic_inventory.py cluster.yml -b | tee setup-kubernetes.log" +scp root@$OPNFV_HOST_IP:~/releng-xci/.cache/repos/kubespray/setup-kubernetes.log \ + $LOG_PATH/setup-kubernetes.log + + +cd $K8_XCI_PLAYBOOKS +ansible-playbook ${XCI_ANSIBLE_PARAMS} \ + -i ${XCI_PLAYBOOKS}/dynamic_inventory.py configure-kubenet.yml +echo +echo "-----------------------------------------------------------------------" +echo "Info: Kubernetes installation is successfully completed!" +echo "-----------------------------------------------------------------------" + +#------------------------------------------------------------------------------- +# Execute post-installation tasks +#------------------------------------------------------------------------------- +# Playbook post.yml is used in order to execute any post-deployment tasks that +# are required for the scenario under test. +#------------------------------------------------------------------------------- +# copy admin.conf +ssh root@$OPNFV_HOST_IP "mkdir -p ~/.kube/; \ + cp -f ~/admin.conf ~/.kube/config" +echo "-----------------------------------------------------------------------" +echo "Info: Running post-deployment scenario role" +echo "-----------------------------------------------------------------------" +cd $K8_XCI_PLAYBOOKS +ansible-playbook ${XCI_ANSIBLE_PARAMS} -i ${XCI_PLAYBOOKS}/dynamic_inventory.py \ + post-deployment.yml +echo "-----------------------------------------------------------------------" +echo "Info: Post-deployment scenario role execution done" +echo "-----------------------------------------------------------------------" +echo +echo "Login opnfv host ssh root@$OPNFV_HOST_IP +according to the user-guide to create a service +https://kubernetes.io/docs/user-guide/walkthrough/k8s201/" +echo +echo "-----------------------------------------------------------------------" +echo "Info: Kubernetes login details" +echo "-----------------------------------------------------------------------" +echo +# Get the dashboard URL +if ssh-keygen -f "/home/opnfv/.ssh/known_hosts" -F $OPNFV_HOST_IP; +then +ssh-keygen -f "/home/opnfv/.ssh/known_hosts" -R $OPNFV_HOST_IP; +echo "known_hosts entry from opnfv host from previous deployment found and deleted" +fi +DASHBOARD_SERVICE=$(ssh -q -o StrictHostKeyChecking=no root@$OPNFV_HOST_IP "kubectl get service -n kube-system |grep kubernetes-dashboard") +DASHBOARD_PORT=$(echo ${DASHBOARD_SERVICE} | awk '{print $5}' |awk -F "[:/]" '{print $2}') +KUBER_SERVER_URL=$(ssh root@$OPNFV_HOST_IP "grep -r server ~/.kube/config") +echo "Info: Kubernetes Dashboard URL:" +echo $KUBER_SERVER_URL | awk '{print $2}'| sed -n "s#:[0-9]*\$#:$DASHBOARD_PORT#p" + +# Get the dashboard user and password +MASTER_IP=$(echo ${KUBER_SERVER_URL} | awk '{print $2}' |awk -F "[:/]" '{print $4}') +if ssh-keygen -f "/home/opnfv/.ssh/known_hosts" -F $MASTER_IP; +then +ssh-keygen -f "/home/opnfv/.ssh/known_hosts" -R $MASTER_IP; +echo "Info: known_hosts entry for master host from previous deployment found and deleted" +fi +USER_CSV=$(ssh -q -o StrictHostKeyChecking=no root@$MASTER_IP " cat /etc/kubernetes/users/known_users.csv") +USERNAME=$(echo $USER_CSV |awk -F ',' '{print $2}') +PASSWORD=$(echo $USER_CSV |awk -F ',' '{print $1}') +echo "Info: Dashboard username: ${USERNAME}" +echo "Info: Dashboard password: ${PASSWORD}" + +# vim: set ts=4 sw=4 expandtab: diff --git a/xci/installer/kubespray/files/ha/inventory/group_vars/all.yml b/xci/installer/kubespray/files/ha/inventory/group_vars/all.yml new file mode 100644 index 00000000..d1b946a7 --- /dev/null +++ b/xci/installer/kubespray/files/ha/inventory/group_vars/all.yml @@ -0,0 +1,8 @@ +--- +loadbalancer_apiserver: + address: 192.168.122.222 + port: 8383 + +apiserver_loadbalancer_domain_name: 192.168.122.222 +supplementary_addresses_in_ssl_keys: + - 192.168.122.222 diff --git a/xci/installer/kubespray/playbooks/configure-installer.yml b/xci/installer/kubespray/playbooks/configure-installer.yml new file mode 100644 index 00000000..d88ee55c --- /dev/null +++ b/xci/installer/kubespray/playbooks/configure-installer.yml @@ -0,0 +1,50 @@ +--- +# SPDX-license-identifier: Apache-2.0 +############################################################################## +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +- hosts: localhost + connection: local + vars_files: + - "{{ xci_path }}/xci/var/opnfv.yml" + + tasks: + - name: delete existing kubespray/inventory/opnfv directory + file: + path: "{{ xci_path }}/.cache/repos/kubespray/inventory/opnfv" + state: absent + + - name: copy kubespray/inventory/sample as kubespray/inventory/opnfv + copy: + src: "{{ xci_path }}/.cache/repos/kubespray/inventory/sample/" + dest: "{{ xci_path }}/.cache/repos/kubespray/inventory/opnfv" + + - name: update kubespray k8s-cluster.yml for xci + lineinfile: + path: "{{ xci_path }}/.cache/repos/kubespray/inventory/opnfv/group_vars/k8s-cluster/k8s-cluster.yml" + regexp: "{{ item.regexp }}" + line: "{{ item.line }}" + with_items: + - { regexp: "kube_version:.*", line: "kube_version: {{ kubernetes_version }}" } + - { regexp: "kubeconfig_localhost:.*", line: "kubeconfig_localhost: true" } + - { regexp: "kube_basic_auth:.*", line: "kube_basic_auth: true" } + - { regexp: "dashboard_enabled:.*", line: "dashboard_enabled: true" } + +# NOTE(fdegir): the reason for this task to be separate from the task which uses lineinfile +# module is that escaping curly braces does not work with with_items. what happens is that +# ansible tries to resolve {{ ansible_env.HOME }} which we don't want since it should point +# to home folder of the user executing this task at runtime. + - name: update kubespray artifacts_dir + lineinfile: + path: "{{ xci_path }}/.cache/repos/kubespray/inventory/opnfv/group_vars/k8s-cluster/k8s-cluster.yml" + regexp: "artifacts_dir:.*" + line: "artifacts_dir: '{{ '{{' }} ansible_env.HOME {{ '}}' }}'" + + - name: change dashboard server type to NodePort + lineinfile: + path: "{{ xci_path }}/.cache/repos/kubespray/roles/kubernetes-apps/ansible/templates/dashboard.yml.j2" + insertafter: 'targetPort' + line: " type: NodePort" diff --git a/xci/installer/kubespray/playbooks/configure-kubenet.yml b/xci/installer/kubespray/playbooks/configure-kubenet.yml new file mode 100644 index 00000000..18a126c1 --- /dev/null +++ b/xci/installer/kubespray/playbooks/configure-kubenet.yml @@ -0,0 +1,51 @@ +--- +# SPDX-license-identifier: Apache-2.0 +############################################################################## +# Copyright (c) 2018 SUSE LINUX GmbH and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## + +# NOTE(hwoarang) Kubenet expects networking to be prepared by the administrator so it's necessary +# to do that as part of the node configuration. All we need is to add static routes on every node +# so cbr0 interfaces can talk to each other. +- name: Prepare networking for kubenet + hosts: k8s-cluster + remote_user: root + gather_facts: True + become: yes + vars_files: + - "{{ xci_path }}/xci/var/opnfv.yml" + tasks: + - name: Configure static routes + block: + - name: Collect cbr0 information from the nodes + set_fact: + kubenet_xci_static_routes: |- + {% set static_routes = [] %} + {% for host in groups['k8s-cluster']|select("ne", inventory_hostname) %} + {%- set _ = static_routes.append( + {'network': (hostvars[host]['ansible_cbr0']['ipv4']['network']+'/'+ + hostvars[host]['ansible_cbr0']['ipv4']['netmask'])|ipaddr('net'), + 'gateway': hostvars[host]['ansible_default_ipv4']['address']}) -%} + {% endfor %} + {{ static_routes }} + + - name: Add static routes on each node + shell: "ip route show | grep -q {{ item.network }} || ip route add {{ item.network }} via {{ item.gateway }}" + with_items: "{{ kubenet_xci_static_routes }}" + loop_control: + label: "{{ item.network }}" + when: deploy_scenario.find('k8-nosdn-') != -1 + + - name: Ensure rp_filter is disabled on localhost + sysctl: + name: net.ipv4.conf.all.rp_filter + sysctl_set: yes + state: present + value: "{{ (kubenet_xci_static_routes is defined) | ternary(0, 1) }}" + reload: yes + delegate_to: localhost + run_once: True diff --git a/xci/installer/kubespray/playbooks/configure-opnfvhost.yml b/xci/installer/kubespray/playbooks/configure-opnfvhost.yml new file mode 100644 index 00000000..52e42b06 --- /dev/null +++ b/xci/installer/kubespray/playbooks/configure-opnfvhost.yml @@ -0,0 +1,101 @@ +--- +# SPDX-license-identifier: Apache-2.0 +############################################################################## +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +- hosts: opnfv + remote_user: root + vars_files: + - "{{ xci_path }}/xci/var/opnfv.yml" + + pre_tasks: + - name: Load distribution variables + include_vars: + file: "{{ item }}" + with_items: + - "{{ xci_path }}/xci/var/{{ ansible_os_family }}.yml" + - name: Set facts for remote deployment + set_fact: + remote_xci_path: "{{ ansible_env.HOME }}/releng-xci" + remote_xci_flavor_files: "{{ ansible_env.HOME }}/releng-xci/xci/installer/{{ installer_type }}/files/{{ xci_flavor }}" + remote_xci_playbooks: "{{ ansible_env.HOME }}/releng-xci/xci/playbooks" + + roles: + - role: bootstrap-host + configure_network: xci_flavor != 'aio' + + tasks: + - name: Create list of files to copy + shell: | + git ls-tree -r --name-only HEAD > {{ xci_cache }}/releng-xci.files + echo ".git/" >> {{ xci_cache }}/releng-xci.files + echo ".cache/repos/" >> {{ xci_cache }}/releng-xci.files + echo ".cache/xci.env" >> {{ xci_cache }}/releng-xci.files + args: + executable: /bin/bash + chdir: "{{ xci_path }}" + changed_when: False + delegate_to: 127.0.0.1 + tags: + - skip_ansible_lint + + - name: Copy releng-xci to remote host + synchronize: + archive: yes + src: "{{ xci_path }}/" + dest: "{{ remote_xci_path }}" + delete: yes + rsync_opts: + - "--recursive" + - "--files-from={{ xci_cache }}/releng-xci.files" + + - name: link xci dynamic inventory to kubespray/inventory/opnfv directory + file: + src: "{{ remote_xci_playbooks }}/dynamic_inventory.py" + path: "{{ remote_xci_path }}/.cache/repos/kubespray/inventory/opnfv/dynamic_inventory.py" + state: link + + - name: Download kubectl and place it to /usr/local/bin + get_url: + url: "https://storage.googleapis.com/kubernetes-release/release/{{ kubernetes_version }}/bin/linux/amd64/kubectl" + dest: /usr/local/bin/kubectl + owner: root + group: root + mode: 0755 + + - name: Reload XCI deployment host facts + setup: + filter: ansible_local + gather_subset: "!all" + delegate_to: 127.0.0.1 + + - name: Prepare everything to run the {{ deploy_scenario }} role + include_role: + name: "{{ hostvars['opnfv'].ansible_local.xci.scenarios.role }}" + + - name: Install required packages + package: + name: "{{ (ansible_pkg_mgr == 'zypper') | ternary('dbus-1', 'dbus') }}" + state: present + update_cache: "{{ (ansible_pkg_mgr in ['apt', 'zypper']) | ternary('yes', omit) }}" + when: xci_flavor == 'aio' + + - name: pip install required packages + pip: + name: "{{ item.name }}" + version: "{{ item.version | default(omit) }}" + with_items: + - { name: 'ansible', version: "{{ xci_kube_ansible_pip_version }}" } + - { name: 'netaddr' } + - { name: 'ansible-modules-hashivault' } + + - name: fetch xci environment + copy: + src: "{{ xci_path }}/.cache/xci.env" + dest: /root/xci.env + + - name: Manage SSH keys + include_tasks: "{{ xci_path }}/xci/playbooks/manage-ssh-keys.yml" diff --git a/xci/installer/kubespray/playbooks/configure-targethosts.yml b/xci/installer/kubespray/playbooks/configure-targethosts.yml new file mode 100644 index 00000000..2fde9877 --- /dev/null +++ b/xci/installer/kubespray/playbooks/configure-targethosts.yml @@ -0,0 +1,40 @@ +--- +- hosts: k8s-cluster + remote_user: root + vars_files: + - "{{ xci_path }}/xci/var/opnfv.yml" + + pre_tasks: + - name: Load distribution variables + include_vars: + file: "{{ item }}" + with_items: + - "{{ xci_path }}/xci/var/{{ ansible_os_family }}.yml" + + roles: + - role: bootstrap-host + + tasks: + - name: Manage SSH keys + include_tasks: "{{ xci_path }}/xci/playbooks/manage-ssh-keys.yml" + + - name: Install dbus + package: + name: "{{ (ansible_pkg_mgr == 'zypper') | ternary('dbus-1', 'dbus') }}" + state: present + update_cache: "{{ (ansible_pkg_mgr in ['apt', 'zypper']) | ternary('yes', omit) }}" + +- hosts: kube-master + remote_user: root + vars_files: + - "{{ xci_path }}/xci/var/opnfv.yml" + pre_tasks: + - name: Load distribution variables + include_vars: + file: "{{ xci_path }}/xci/var/{{ ansible_os_family }}.yml" + roles: + - role: "keepalived" + when: xci_flavor == 'ha' + - role: "haproxy_server" + haproxy_service_configs: "{{ haproxy_default_services}}" + when: xci_flavor == 'ha' diff --git a/xci/installer/kubespray/playbooks/group_vars/all b/xci/installer/kubespray/playbooks/group_vars/all new file mode 100644 index 00000000..328f8dba --- /dev/null +++ b/xci/installer/kubespray/playbooks/group_vars/all @@ -0,0 +1,54 @@ +keepalived_ubuntu_src: "uca" +keepalived_uca_apt_repo_url: "{{ uca_apt_repo_url | default('http://ubuntu-cloud.archive.canonical.com/ubuntu') }}" + +keepalived_sync_groups: + haproxy: + instances: + - external + +haproxy_keepalived_external_interface: "{{ ansible_default_ipv4.interface }}" +haproxy_keepalived_authentication_password: 'keepalived' +keepalived_instances: + external: + interface: "{{ haproxy_keepalived_external_interface }}" + state: "BACKUP" + virtual_router_id: "{{ haproxy_keepalived_external_virtual_router_id | default ('10') }}" + priority: "{{ ((ansible_play_hosts|length-ansible_play_hosts.index(inventory_hostname))*100)-((ansible_play_hosts|length-ansible_play_hosts.index(inventory_hostname))*50) }}" + authentication_password: "{{ haproxy_keepalived_authentication_password }}" + vips: + - "{{ haproxy_keepalived_external_vip_cidr | default('192.168.122.222/32') }} dev {{ haproxy_keepalived_external_interface }}" + +haproxy_default_services: + - service: + haproxy_service_name: proxy-apiserver + haproxy_backend_nodes: "{{ groups['kube-master'] | default([]) }}" + haproxy_port: 8383 + haproxy_backend_port: 6443 + haproxy_balance_type: tcp + +haproxy_bind_on_non_local: "True" +haproxy_use_keepalived: "True" +keepalived_selinux_compile_rules: + - keepalived_ping + - keepalived_haproxy_pid_file + +# Ensure that the package state matches the global setting +haproxy_package_state: "latest" + +haproxy_whitelist_networks: + - 192.168.0.0/16 + - 172.16.0.0/12 + - 10.0.0.0/8 + +haproxy_galera_whitelist_networks: "{{ haproxy_whitelist_networks }}" +haproxy_glance_registry_whitelist_networks: "{{ haproxy_whitelist_networks }}" +haproxy_keystone_admin_whitelist_networks: "{{ haproxy_whitelist_networks }}" +haproxy_nova_metadata_whitelist_networks: "{{ haproxy_whitelist_networks }}" +haproxy_rabbitmq_management_whitelist_networks: "{{ haproxy_whitelist_networks }}" +haproxy_repo_git_whitelist_networks: "{{ haproxy_whitelist_networks }}" +haproxy_repo_cache_whitelist_networks: "{{ haproxy_whitelist_networks }}" +haproxy_octavia_whitelist_networks: "{{ haproxy_whitelist_networks }}" +haproxy_ssl: false + +internal_lb_vip_address: "192.168.122.222" +external_lb_vip_address: "{{ internal_lb_vip_address }}" diff --git a/xci/installer/kubespray/playbooks/post-deployment.yml b/xci/installer/kubespray/playbooks/post-deployment.yml new file mode 100644 index 00000000..5c2f7f36 --- /dev/null +++ b/xci/installer/kubespray/playbooks/post-deployment.yml @@ -0,0 +1,42 @@ +--- +# SPDX-license-identifier: Apache-2.0 +############################################################################## +# Copyright (c) 2018 Ericsson AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +- hosts: opnfv + remote_user: root + vars_files: + - "{{ xci_path }}/xci/var/opnfv.yml" + + pre_tasks: + - name: Load distribution variables + include_vars: + file: "{{ item }}" + with_items: + - "{{ xci_path }}/xci/var/{{ ansible_os_family }}.yml" + - name: Set facts for remote deployment + set_fact: + remote_xci_scenario_path: "{{ ansible_env.HOME }}/releng-xci/.cache/repos/scenarios/{{ deploy_scenario }}/scenarios/{{ deploy_scenario }}" + + tasks: + - name: Reload XCI deployment host facts + setup: + filter: ansible_local + gather_subset: "!all" + delegate_to: 127.0.0.1 + + - name: Check if any post-deployment task defined for {{ deploy_scenario }} role + stat: + path: "{{ remote_xci_scenario_path }}/role/{{ deploy_scenario }}/tasks/post-deployment.yml" + register: post_deployment_yml + + - name: Execute post-deployment tasks of {{ deploy_scenario }} role + include_role: + name: "{{ hostvars['opnfv'].ansible_local.xci.scenarios.role }}" + tasks_from: post-deployment + when: + - post_deployment_yml.stat.exists |