summaryrefslogtreecommitdiffstats
path: root/xci/nfvi/osa/playbooks
diff options
context:
space:
mode:
Diffstat (limited to 'xci/nfvi/osa/playbooks')
-rw-r--r--xci/nfvi/osa/playbooks/bootstrap-scenarios.yml23
-rw-r--r--xci/nfvi/osa/playbooks/configure-localhost.yml75
-rw-r--r--xci/nfvi/osa/playbooks/configure-opnfvhost.yml185
-rw-r--r--xci/nfvi/osa/playbooks/configure-targethosts.yml49
-rw-r--r--xci/nfvi/osa/playbooks/inventory10
-rwxr-xr-xxci/nfvi/osa/playbooks/xci-deploy.sh183
6 files changed, 525 insertions, 0 deletions
diff --git a/xci/nfvi/osa/playbooks/bootstrap-scenarios.yml b/xci/nfvi/osa/playbooks/bootstrap-scenarios.yml
new file mode 100644
index 00000000..98acf73b
--- /dev/null
+++ b/xci/nfvi/osa/playbooks/bootstrap-scenarios.yml
@@ -0,0 +1,23 @@
+---
+#
+# This file is aimed to be used by scenarios to plug into the XCI.
+# Ideally, all they need to do at this point is to include their
+# role using a statement like the following one
+#
+# - name: Include foobar role
+# include_role:
+# name: "foobar"
+# when: DEPLOY_SCENARIO == "foobar"
+
+- name: Prepare everything to run the os-nosdn-nofeature scenario
+ include_role:
+ name: "os-nosdn-nofeature"
+ when: DEPLOY_SCENARIO == 'os-nosdn-nofeature'
+- name: Prepare everything to run the os-odl-nofeature scenario
+ include_role:
+ name: "os-odl-nofeature"
+ when: DEPLOY_SCENARIO == 'os-odl-nofeature'
+- name: Prepare everything to run the os-odl-sfc scenario
+ include_role:
+ name: "os-odl-sfc"
+ when: DEPLOY_SCENARIO == 'os-odl-sfc'
diff --git a/xci/nfvi/osa/playbooks/configure-localhost.yml b/xci/nfvi/osa/playbooks/configure-localhost.yml
new file mode 100644
index 00000000..caa5d673
--- /dev/null
+++ b/xci/nfvi/osa/playbooks/configure-localhost.yml
@@ -0,0 +1,75 @@
+---
+# SPDX-license-identifier: Apache-2.0
+##############################################################################
+# Copyright (c) 2017 Ericsson AB and others.
+# All rights reserved. This program and the accompanying materials
+# are made available under the terms of the Apache License, Version 2.0
+# which accompanies this distribution, and is available at
+# http://www.apache.org/licenses/LICENSE-2.0
+##############################################################################
+- hosts: localhost
+ connection: local
+
+ pre_tasks:
+ - name: Load distribution variables
+ include_vars:
+ file: "{{ item }}"
+ failed_when: false
+ with_items:
+ - "{{ XCI_PATH }}/xci/var/opnfv.yml"
+ - "{{ XCI_PATH }}/xci/var/{{ ansible_os_family }}.yml"
+
+ - name: cleanup leftovers of previous deployment
+ file:
+ path: "{{ item }}"
+ state: absent
+ recurse: no
+ with_items:
+ - "{{ XCI_CACHE }}/repos"
+ - "{{ LOG_PATH }} "
+ - "{{ OPNFV_SSH_HOST_KEYS_PATH }}"
+
+ roles:
+ - role: clone-repository
+ project: "openstack/openstack-ansible-openstack_openrc"
+ repo: "{{ OPENSTACK_OSA_OPENRC_GIT_URL }}"
+ dest: roles/openstack-ansible-openstack_openrc
+ version: "master"
+ - role: clone-repository
+ project: "openstack/openstack-ansible"
+ repo: "{{ OPENSTACK_OSA_GIT_URL }}"
+ dest: "{{ XCI_CACHE }}/repos/openstack-ansible"
+ version: "{{ OPENSTACK_OSA_VERSION }}"
+
+ tasks:
+ - name: create log directory {{LOG_PATH}}
+ file:
+ path: "{{LOG_PATH}}"
+ state: directory
+ recurse: no
+ - name: check if certificate directory /etc/ssl/certs exists already
+ stat: path=/etc/ssl/certs
+ register: check_etc_ssl_certs
+ - name: create certificate directory /etc/ssl/certs
+ become: true
+ file:
+ path: "/etc/ssl/certs"
+ state: directory
+ when: check_etc_ssl_certs.stat.exists == false
+ - name: create key directory /etc/ssl/private
+ become: true
+ file:
+ path: "/etc/ssl/private"
+ state: directory
+ - name: generate self signed certificate
+ command: openssl req -new -nodes -x509 -subj "{{ XCI_SSL_SUBJECT }}" -days 3650 -keyout "/etc/ssl/private/xci.key" -out "/etc/ssl/certs/xci.crt" -extensions v3_ca
+ become: true
+ - name: Synchronize local development OSA repository to XCI paths
+ # command module is much faster than the copy module
+ synchronize:
+ src: "{{ OPENSTACK_OSA_DEV_PATH }}"
+ dest: "{{ XCI_CACHE }}/repos/openstack-ansible"
+ recursive: yes
+ delete: yes
+ when:
+ - OPENSTACK_OSA_DEV_PATH != ""
diff --git a/xci/nfvi/osa/playbooks/configure-opnfvhost.yml b/xci/nfvi/osa/playbooks/configure-opnfvhost.yml
new file mode 100644
index 00000000..656f18e8
--- /dev/null
+++ b/xci/nfvi/osa/playbooks/configure-opnfvhost.yml
@@ -0,0 +1,185 @@
+---
+# SPDX-license-identifier: Apache-2.0
+##############################################################################
+# Copyright (c) 2017 Ericsson AB and others.
+# All rights reserved. This program and the accompanying materials
+# are made available under the terms of the Apache License, Version 2.0
+# which accompanies this distribution, and is available at
+# http://www.apache.org/licenses/LICENSE-2.0
+##############################################################################
+- hosts: opnfv
+ remote_user: root
+ vars_files:
+ - "{{ XCI_PATH }}/xci/var/opnfv.yml"
+
+ pre_tasks:
+ - name: Load distribution variables
+ include_vars:
+ file: "{{ item }}"
+ with_items:
+ - "{{ XCI_PATH }}/xci/var/{{ ansible_os_family }}.yml"
+ - "{{ XCI_PATH }}/xci/file/{{ XCI_FLAVOR }}/flavor-vars.yml"
+ - name: Set facts for remote deployment
+ set_fact:
+ remote_xci_path: "{{ ansible_env.HOME }}/releng-xci"
+ remote_xci_flavor_files: "{{ ansible_env.HOME }}/releng-xci/xci/file/{{ XCI_FLAVOR }}"
+ remote_xci_playbooks: "{{ ansible_env.HOME }}/releng-xci/xci/playbooks"
+
+ roles:
+ - role: configure-network
+ when: XCI_FLAVOR != "aio"
+
+ tasks:
+ - name: generate SSH keys
+ shell: ssh-keygen -b 2048 -t rsa -f /root/.ssh/id_rsa -q -N ""
+ args:
+ creates: "{{ ansible_env.HOME }}/.ssh/id_rsa"
+ - name: fetch public key
+ fetch:
+ src: "{{ ansible_env.HOME }}/.ssh/id_rsa.pub"
+ dest: "{{ XCI_PATH }}/xci/file/authorized_keys"
+ flat: yes
+ - name: Copy releng-xci to remote host
+ synchronize:
+ src: "{{ XCI_PATH }}/"
+ dest: "{{ remote_xci_path }}"
+ recursive: yes
+ delete: yes
+ - name: copy flavor inventory
+ shell: "/bin/cp -rf {{ remote_xci_flavor_files }}/inventory {{ remote_xci_playbooks }}"
+ - name: copy openstack_deploy
+ shell: "/bin/cp -rf {{OPENSTACK_OSA_PATH}}/etc/openstack_deploy {{OPENSTACK_OSA_ETC_PATH}}"
+ - name: copy openstack_user_config.yml
+ shell: "/bin/cp -rf {{ remote_xci_flavor_files }}/openstack_user_config.yml {{OPENSTACK_OSA_ETC_PATH}}"
+ failed_when: false
+ - name: copy all user override files
+ shell: "/bin/cp -rf {{ remote_xci_flavor_files }}/user_variables.yml {{OPENSTACK_OSA_ETC_PATH}}"
+ failed_when: false
+ - name: copy cinder.yml
+ shell: "/bin/cp -rf {{ remote_xci_path }}/xci/nfvi/osa/files/cinder.yml {{OPENSTACK_OSA_ETC_PATH}}/env.d"
+ - name: Configure AIO tempest
+ lineinfile:
+ path: "{{ OPENSTACK_OSA_ETC_PATH }}/user_variables.yml"
+ line: "{{ item }}: {{ RUN_TEMPEST | bool }}"
+ state: present
+ with_items:
+ - "tempest_install"
+ - "tempest_run"
+ - block:
+ - name: copy ceph.yml
+ shell: "/bin/cp -rf {{ remote_xci_flavor_files }}/ceph.yml {{OPENSTACK_OSA_ETC_PATH}}/conf.d/"
+ - name: copy user_ceph.yml
+ shell: "/bin/cp -rf {{ remote_xci_flavor_files }}/user_ceph.yml {{OPENSTACK_OSA_ETC_PATH}}/user_ceph.yml"
+ - name: copy user_variables_ceph.yml
+ shell: "/bin/cp -rf {{ remote_xci_flavor_files }}/user_variables_ceph.yml {{OPENSTACK_OSA_ETC_PATH}}/user_variables_ceph.yml"
+ when: XCI_CEPH_ENABLED == "true"
+ # TODO: We need to get rid of this as soon as the issue is fixed upstream
+ - name: change the haproxy state from disable to enable
+ replace:
+ dest: "{{OPENSTACK_OSA_PATH}}/playbooks/os-keystone-install.yml"
+ regexp: '(\s+)haproxy_state: disabled'
+ replace: '\1haproxy_state: enabled'
+ - name: copy OPNFV OpenStack playbook
+ shell: "/bin/cp -rf {{ remote_xci_path }}/xci/nfvi/osa/files/setup-openstack.yml {{OPENSTACK_OSA_PATH}}/playbooks"
+ - name: copy pinned versions of OSA Roles and global requirements
+ shell: "/bin/cp -rf {{ remote_xci_path }}/xci/nfvi/osa/files/{{ item }} {{OPENSTACK_OSA_PATH}}/{{ item }}"
+ with_items:
+ - "ansible-role-requirements.yml"
+ - "global-requirement-pins.txt"
+ when:
+ - OPENSTACK_OSA_VERSION != "master"
+ - name: copy pinned versions of OpenStack services
+ shell: "/bin/cp -rf {{ remote_xci_path }}/xci/nfvi/osa/files/openstack_services.yml {{OPENSTACK_OSA_PATH}}/playbooks/defaults/repo_packages/openstack_services.yml"
+ when:
+ - OPENSTACK_OSA_VERSION != "master"
+ - include: bootstrap-scenarios.yml
+ - name: bootstrap ansible on opnfv host
+ command: "/bin/bash ./scripts/bootstrap-ansible.sh"
+ args:
+ chdir: "{{OPENSTACK_OSA_PATH}}"
+ - name: install python Crypto module
+ package:
+ name: "{{ python_crypto_package_name }}"
+ - name: install PyYAML
+ pip:
+ name: pyyaml
+ state: present
+ - name: generate password token
+ command: "python pw-token-gen.py --file {{OPENSTACK_OSA_ETC_PATH}}/user_secrets.yml"
+ args:
+ chdir: "{{OPENSTACK_OSA_PATH}}/scripts"
+ - name: check if certificate directory /etc/ssl/certs exists already
+ stat: path=/etc/ssl/certs
+ register: check_etc_ssl_certs
+ - name: create certificate directory /etc/ssl/certs
+ file:
+ path: "/etc/ssl/certs"
+ state: directory
+ when: check_etc_ssl_certs.stat.exists == false
+ - name: create key directory /etc/ssl/private
+ file:
+ path: "/etc/ssl/private"
+ state: directory
+ - name: copy certificate to /etc/ssl/certs
+ copy:
+ src: "/etc/ssl/certs/xci.crt"
+ dest: "/etc/ssl/certs/"
+ - name: read remote key from /etc/ssl/private
+ set_fact:
+ xci_ssl_key: "{{ lookup('pipe', 'sudo cat /etc/ssl/private/xci.key' ) }}"
+ - name: copy key to /etc/ssl/private
+ copy:
+ content: "{{ xci_ssl_key }}"
+ dest: "/etc/ssl/private/xci.key"
+ become: true
+ - name: install opnfv required packages
+ package:
+ name: "{{ opnfv_required_packages }}"
+ state: latest
+ # Docker is needed for functest
+ - name: Ensure Docker service is started and enabled
+ service:
+ name: "{{ docker_service_name }}"
+ state: started
+ enabled: yes
+ - name: install opnfv required pip packages
+ pip:
+ name: "{{ opnfv_required_pip }}"
+ state: present
+
+- hosts: localhost
+ remote_user: root
+
+ tasks:
+ - name: Append public keys to authorized_keys
+ shell: "/bin/cat {{ ansible_env.HOME }}/.ssh/id_rsa.pub >> {{ XCI_PATH }}/xci/file/authorized_keys"
+
+- hosts: opnfv
+ remote_user: root
+ vars_files:
+ - "{{ XCI_PATH }}/xci/var/opnfv.yml"
+
+ pre_tasks:
+ - name: Load distribution variables
+ include_vars:
+ file: "{{ item }}"
+ failed_when: false
+ with_items:
+ - "{{ XCI_PATH }}/xci/var/{{ ansible_os_family }}.yml"
+ - "{{ XCI_PATH }}/xci/file/{{ XCI_FLAVOR }}/flavor-vars.yml"
+ - "{{ XCI_PATH }}/xci/file/{{ XCI_FLAVOR }}/user_variables.yml"
+ roles:
+ - role: "openstack-ansible-openstack_openrc"
+
+ tasks:
+ - name: add extra insecure flag to generated openrc
+ blockinfile:
+ dest: "{{ ansible_env.HOME }}/openrc"
+ block: |
+ export OS_INSECURE=true
+
+ - name: fetch generated openrc
+ fetch:
+ src: "{{ ansible_env.HOME }}/openrc"
+ dest: "{{ XCI_PATH }}/.cache/openrc"
+ flat: true
diff --git a/xci/nfvi/osa/playbooks/configure-targethosts.yml b/xci/nfvi/osa/playbooks/configure-targethosts.yml
new file mode 100644
index 00000000..14a9149b
--- /dev/null
+++ b/xci/nfvi/osa/playbooks/configure-targethosts.yml
@@ -0,0 +1,49 @@
+---
+- hosts: all
+ remote_user: root
+ tasks:
+ - name: add public key to host
+ copy:
+ src: "{{ XCI_PATH }}/xci/file/authorized_keys"
+ dest: /root/.ssh/authorized_keys
+
+- hosts: controller
+ remote_user: root
+ vars_files:
+ - "{{ XCI_PATH }}/xci/var/opnfv.yml"
+
+ pre_tasks:
+ - name: Load distribution variables
+ include_vars:
+ file: "{{ item }}"
+ with_items:
+ - "{{ XCI_PATH }}/xci/var/{{ ansible_os_family }}.yml"
+ - "{{ XCI_PATH }}/xci/file/{{ XCI_FLAVOR }}/flavor-vars.yml"
+ roles:
+ - role: configure-network
+ # we need to force sync time with ntp or the nodes will be out of sync timewise
+ - role: synchronize-time
+
+- hosts: compute
+ remote_user: root
+ vars_files:
+ - "{{ XCI_PATH }}/xci/var/opnfv.yml"
+
+ pre_tasks:
+ - name: Load distribution variables
+ include_vars:
+ file: "{{ item }}"
+ with_items:
+ - "{{ XCI_PATH }}/xci/var/{{ ansible_os_family }}.yml"
+ - "{{ XCI_PATH }}/xci/file/{{ XCI_FLAVOR }}/flavor-vars.yml"
+ roles:
+ - role: configure-network
+ # we need to force sync time with ntp or the nodes will be out of sync timewise
+ - role: synchronize-time
+ - role: configure-ceph
+ when: XCI_CEPH_ENABLED == "true"
+
+- hosts: compute00
+ remote_user: root
+ roles:
+ - role: configure-nfs
diff --git a/xci/nfvi/osa/playbooks/inventory b/xci/nfvi/osa/playbooks/inventory
new file mode 100644
index 00000000..fd9af901
--- /dev/null
+++ b/xci/nfvi/osa/playbooks/inventory
@@ -0,0 +1,10 @@
+# SPDX-license-identifier: Apache-2.0
+##############################################################################
+# Copyright (c) 2017 Ericsson AB and others.
+# All rights reserved. This program and the accompanying materials
+# are made available under the terms of the Apache License, Version 2.0
+# which accompanies this distribution, and is available at
+# http://www.apache.org/licenses/LICENSE-2.0
+##############################################################################
+[opnfv]
+opnfv ansible_ssh_host=192.168.122.2
diff --git a/xci/nfvi/osa/playbooks/xci-deploy.sh b/xci/nfvi/osa/playbooks/xci-deploy.sh
new file mode 100755
index 00000000..89fb455b
--- /dev/null
+++ b/xci/nfvi/osa/playbooks/xci-deploy.sh
@@ -0,0 +1,183 @@
+#!/bin/bash
+set -o errexit
+set -o nounset
+set -o pipefail
+
+submit_bug_report() {
+ cd ${XCI_PATH}
+ echo ""
+ echo "-------------------------------------------------------------------------"
+ echo "Oh nooooo! The XCI deployment failed miserably :-("
+ echo ""
+ echo "If you need help, please choose one of the following options"
+ echo "* #opnfv-pharos @ freenode network"
+ echo "* opnfv-tech-discuss mailing list (https://lists.opnfv.org/mailman/listinfo/opnfv-tech-discuss)"
+ echo " - Please prefix the subject with [XCI]"
+ echo "* https://jira.opnfv.org (Release Engineering project)"
+ echo ""
+ echo "Do not forget to submit the following information on your bug report:"
+ echo ""
+ git diff --quiet && echo "releng-xci tree status: clean" || echo "releng-xci tree status: local modifications"
+ echo "opnfv/releng-xci version: $(git rev-parse HEAD)"
+ echo "openstack/bifrost version: $OPENSTACK_BIFROST_VERSION"
+ echo "openstack/openstack-ansible version: $OPENSTACK_OSA_VERSION"
+ echo "xci flavor: $XCI_FLAVOR"
+ echo "xci nfvi: $XCI_NFVI"
+ echo "Environment variables:"
+ env | grep --color=never '\(OPNFV\|XCI\|OPENSTACK\)'
+ echo "-------------------------------------------------------------------------"
+}
+
+#-------------------------------------------------------------------------------
+# This script should not be run as root
+#-------------------------------------------------------------------------------
+if [[ $(whoami) == "root" ]]; then
+ echo "WARNING: This script should not be run as root!"
+ echo "Elevated privileges are aquired automatically when necessary"
+ echo "Waiting 10s to give you a chance to stop the script (Ctrl-C)"
+ for x in $(seq 10 -1 1); do echo -n "$x..."; sleep 1; done
+fi
+
+#-------------------------------------------------------------------------------
+# Set environment variables
+#-------------------------------------------------------------------------------
+# The order of sourcing the variable files is significant so please do not
+# change it or things might stop working.
+# - user-vars: variables that can be configured or overriden by user.
+# - pinned-versions: versions to checkout. These can be overriden if you want to
+# use different/more recent versions of the tools but you might end up using
+# something that is not verified by OPNFV XCI.
+# - flavor-vars: settings for VM nodes for the chosen flavor.
+# - env-vars: variables for the xci itself and you should not need to change or
+# override any of them.
+#-------------------------------------------------------------------------------
+# find where are we
+export XCI_PATH="$(git rev-parse --show-toplevel)"
+# source user vars
+source $XCI_PATH/xci/config/user-vars
+# source pinned versions
+source $XCI_PATH/xci/config/pinned-versions
+# source flavor configuration
+source "$XCI_PATH/xci/config/${XCI_FLAVOR}-vars"
+# source NFVI configuration
+source "$XCI_PATH/xci/nfvi/${XCI_NFVI}/env" &>/dev/null || true
+# source xci configuration
+source $XCI_PATH/xci/config/env-vars
+
+if [[ -z $(echo $PATH | grep "$HOME/.local/bin") ]]; then
+ export PATH="$HOME/.local/bin:$PATH"
+fi
+
+#-------------------------------------------------------------------------------
+# Sanitize local development environment variables
+#-------------------------------------------------------------------------------
+user_local_dev_vars=(OPENSTACK_OSA_DEV_PATH OPENSTACK_BIFROST_DEV_PATH)
+for local_user_var in ${user_local_dev_vars[@]}; do
+ [[ -n ${!local_user_var:-} ]] && export $local_user_var=${!local_user_var%/}/
+done
+unset user_local_dev_vars local_user_var
+
+# register our handler
+trap submit_bug_report ERR
+
+#-------------------------------------------------------------------------------
+# Log info to console
+#-------------------------------------------------------------------------------
+echo "Info: Starting XCI Deployment"
+echo "Info: Deployment parameters"
+echo "-------------------------------------------------------------------------"
+echo "xci flavor: $XCI_FLAVOR"
+echo "xci nfvi: $XCI_NFVI"
+echo "opnfv/releng-xci version: $(git rev-parse HEAD)"
+echo "openstack/bifrost version: $OPENSTACK_BIFROST_VERSION"
+echo "openstack/openstack-ansible version: $OPENSTACK_OSA_VERSION"
+echo "OPNFV scenario: $DEPLOY_SCENARIO"
+echo "-------------------------------------------------------------------------"
+
+#-------------------------------------------------------------------------------
+# Install ansible on localhost
+#-------------------------------------------------------------------------------
+echo "Info: Installing Ansible from pip"
+echo "-------------------------------------------------------------------------"
+source file/install-ansible.sh
+echo "-------------------------------------------------------------------------"
+
+# Make the VMs match the host. If we need to make this configurable
+# then this logic has to be moved outside this file
+case ${OS_FAMILY,,} in
+ # These should ideally match the CI jobs
+ debian)
+ export DIB_OS_RELEASE="${DIB_OS_RELEASE:-xenial}"
+ export DIB_OS_ELEMENT="${DIB_OS_ELEMENT:-ubuntu-minimal}"
+ export DIB_OS_PACKAGES="${DIB_OS_PACKAGES:-vlan,vim,less,bridge-utils,language-pack-en,iputils-ping,rsyslog,curl,iptables}"
+ ;;
+ redhat)
+ export DIB_OS_RELEASE="${DIB_OS_RELEASE:-7}"
+ export DIB_OS_ELEMENT="${DIB_OS_ELEMENT:-centos-minimal}"
+ export DIB_OS_PACKAGES="${DIB_OS_PACKAGES:-vim,less,bridge-utils,iputils,rsyslog,curl,iptables}"
+ ;;
+ suse)
+ export DIB_OS_RELEASE="${DIB_OS_RELEASE:-42.3}"
+ export DIB_OS_ELEMENT="${DIB_OS_ELEMENT:-opensuse-minimal}"
+ export DIB_OS_PACKAGES="${DIB_OS_PACKAGES:-vim,less,bridge-utils,iputils,rsyslog,curl,iptables}"
+ ;;
+esac
+
+# There is no CentOS support at all
+if [[ $OS_FAMILY == RedHat ]]; then
+ echo ""
+ echo "Error: Sorry, only Ubuntu and SUSE hosts are supported for now!"
+ echo "Error: CentOS 7 support is still work in progress."
+ echo ""
+ exit 1
+fi
+
+# Clone OPNFV scenario repositories
+#-------------------------------------------------------------------------------
+# This playbook
+# - removes existing scenario roles
+# - clones OPNFV scenario roles based on the file/opnfv-scenario-requirements.yml file
+#-------------------------------------------------------------------------------
+echo "Info: Cloning OPNFV scenario repositories"
+echo "-------------------------------------------------------------------------"
+cd $XCI_PATH/xci/playbooks
+ansible-playbook ${XCI_ANSIBLE_VERBOSITY} -i inventory get-opnfv-scenario-requirements.yml
+echo "-------------------------------------------------------------------------"
+
+#-------------------------------------------------------------------------------
+# Get scenario variables overrides
+#-------------------------------------------------------------------------------
+if [[ -f $XCI_SCENARIOS_CACHE/${DEPLOY_SCENARIO:-_no_scenario_}/xci_overrides ]]; then
+ source $XCI_SCENARIOS_CACHE/$DEPLOY_SCENARIO/xci_overrides
+fi
+
+#-------------------------------------------------------------------------------
+# Start provisioning VM nodes
+#-------------------------------------------------------------------------------
+# This playbook
+# - removes directories that were created by the previous xci run
+# - clones opnfv/releng-xci and openstack/bifrost repositories
+# - combines opnfv/releng-xci and openstack/bifrost scripts/playbooks
+# - destroys VMs, removes ironic db, leases, logs
+# - creates and provisions VMs for the chosen flavor
+#-------------------------------------------------------------------------------
+echo "Info: Starting provisining VM nodes using openstack/bifrost"
+echo "-------------------------------------------------------------------------"
+# We are using sudo so we need to make sure that env_reset is not present
+sudo sed -i "s/^Defaults.*env_reset/#&/" /etc/sudoers
+cd $XCI_PATH/bifrost/
+sudo -E bash ./scripts/destroy-env.sh
+cd $XCI_PLAYBOOKS
+ansible-playbook ${XCI_ANSIBLE_VERBOSITY} -i inventory provision-vm-nodes.yml
+cd ${XCI_CACHE}/repos/bifrost
+bash ./scripts/bifrost-provision.sh
+echo "-----------------------------------------------------------------------"
+echo "Info: VM nodes are provisioned!"
+echo "-----------------------------------------------------------------------"
+
+# Deploy OpenStack on the selected NFVI
+echo "Info: Deploying '${XCI_NFVI}' NFVI"
+echo "-----------------------------------------------------------------------"
+source ${XCI_PATH}/xci/nfvi/${XCI_NFVI}/nfvi-deploy.sh
+
+# vim: set ts=4 sw=4 expandtab: