diff options
Diffstat (limited to 'xci/playbooks/roles/bootstrap-host/tasks')
6 files changed, 332 insertions, 0 deletions
diff --git a/xci/playbooks/roles/bootstrap-host/tasks/main.yml b/xci/playbooks/roles/bootstrap-host/tasks/main.yml new file mode 100644 index 00000000..7d6d259e --- /dev/null +++ b/xci/playbooks/roles/bootstrap-host/tasks/main.yml @@ -0,0 +1,15 @@ +--- +# SPDX-license-identifier: Apache-2.0 +############################################################################## +# Copyright (c) 2018 SUSE Linx GmbH and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## + +- include: network.yml + when: configure_network + +- include: time.yml + when: configure_time diff --git a/xci/playbooks/roles/bootstrap-host/tasks/network.yml b/xci/playbooks/roles/bootstrap-host/tasks/network.yml new file mode 100644 index 00000000..a4f260c4 --- /dev/null +++ b/xci/playbooks/roles/bootstrap-host/tasks/network.yml @@ -0,0 +1,64 @@ +--- +# SPDX-license-identifier: Apache-2.0 +############################################################################## +# Copyright (c) 2017 Ericsson AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +- name: ensure glean rules are removed + file: + path: "/etc/udev/rules.d/99-glean.rules" + state: absent + +- name: Determine required packages + set_fact: + network_packages: + - bridge-utils + - "{{ (ansible_pkg_mgr in ['zypper', 'apt']) | ternary('iproute2', 'iproute') }}" + - "{{ (ansible_pkg_mgr == 'apt') | ternary('vlan', 'bridge-utils') }}" + - iptables + +- name: Ensure networking packages are present + package: + name: "{{ network_packages }}" + state: present + +- name: Ensure local facts directory exists + file: + path: "/etc/ansible/facts.d" + state: directory + +# NOTE(hwoarang) We have to check all levels of the local fact before we add it +# otherwise Ansible will fail. +- name: Record initial active interface + ini_file: + create: yes + section: network + state: present + option: xci_interface + value: "{{ ansible_default_ipv4.interface }}" + path: "/etc/ansible/facts.d/xci.fact" + when: ansible_local is not defined + or (ansible_local is defined and ansible_local.xci is not defined) + or (ansible_local is defined and ansible_local.xci is defined and ansible_local.xci.network is not defined) + or (ansible_local is defined and ansible_local.xci is defined and ansible_local.xci.network is defined and ansible_local.xci.network.xci_interface is not defined) + notify: + - Reload facts + +- name: Run handlers + meta: flush_handlers + +- name: "Configure networking on {{ ansible_os_family }}" + include_tasks: "network_{{ ansible_os_family | lower }}.yml" + +- name: Wait for host to come back to life + local_action: + module: wait_for + host: "{{ ansible_host }}" + delay: 15 + state: started + port: 22 + connect_timeout: 10 + timeout: 180 diff --git a/xci/playbooks/roles/bootstrap-host/tasks/network_debian.yml b/xci/playbooks/roles/bootstrap-host/tasks/network_debian.yml new file mode 100644 index 00000000..176c7eb1 --- /dev/null +++ b/xci/playbooks/roles/bootstrap-host/tasks/network_debian.yml @@ -0,0 +1,98 @@ +--- +# SPDX-license-identifier: Apache-2.0 +############################################################################## +# Copyright (c) 2018 SUSE LINUX GmbH. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## + +- name: configure modules + lineinfile: + dest: /etc/modules + state: present + create: yes + line: "8021q" + +- name: add modules + modprobe: + name: 8021q + state: present + +- name: ensure interfaces.d folder is empty + file: + state: "{{ item }}" + path: "/etc/network/interfaces.d" + with_items: + - absent + - directory + +- name: Ensure /etc/interfaces can source additional files + copy: + content: | + auto lo + iface lo inet loopback + source /etc/network/interfaces.d/*.cfg + dest: "/etc/network/interfaces" + +- name: "Configure networking for {{ inventory_hostname }}" + template: + src: "{{ installer_type }}/debian.interface.j2" + dest: "/etc/network/interfaces.d/{{ item.name }}.cfg" + with_items: + - { name: "{{ ansible_local.xci.network.xci_interface }}" } + - { name: "{{ ansible_local.xci.network.xci_interface }}.10", vlan_id: 10 } + - { name: "{{ ansible_local.xci.network.xci_interface }}.30", vlan_id: 30 } + - { name: "{{ ansible_local.xci.network.xci_interface }}.20", vlan_id: 20 } + - { name: "br-mgmt", bridge_ports: "{{ ansible_local.xci.network.xci_interface }}.10", network: "{{ host_info[inventory_hostname].mgmt }}" } + - { name: "br-vxlan", bridge_ports: "{{ ansible_local.xci.network.xci_interface }}.30", network: "{{ host_info[inventory_hostname].private }}" } + - { name: "br-vlan", bridge_ports: "{{ ansible_local.xci.network.xci_interface }}", network: "{{ host_info[inventory_hostname].public }}" } + - { name: "br-storage", bridge_ports: "{{ ansible_local.xci.network.xci_interface }}.20", network: "{{ host_info[inventory_hostname].storage }}" } + loop_control: + label: "{{ item.name }}" + when: baremetal | bool != true + + +- name: "Configure baremetal networking for blade: {{ inventory_hostname }}" + template: + src: "{{ installer_type }}/debian.interface.j2" + dest: "/etc/network/interfaces.d/{{ item.name }}.cfg" + with_items: + - { name: "{{ admin_interface }}", network: "{{ host_info[inventory_hostname].admin }}" } + - { name: "{{ mgmt_interface }}", vlan_id: "{{ (mgmt_vlan == 'native') | ternary(omit, mgmt_vlan) }}" } + - { name: "{{ storage_interface }}", vlan_id: "{{ (storage_vlan == 'native') | ternary(omit, storage_vlan) }}" } + - { name: "{{ public_interface }}", vlan_id: "{{ (public_vlan == 'native') | ternary(omit, public_vlan) }}" } + - { name: "{{ private_interface }}", vlan_id: "{{ (private_vlan == 'native') | ternary(omit, private_vlan) }}" } + - { name: "br-mgmt", bridge_ports: "{{ mgmt_interface }}", network: "{{ host_info[inventory_hostname].mgmt }}" } + - { name: "br-vxlan", bridge_ports: "{{ private_interface }}", network: "{{ host_info[inventory_hostname].private }}" } + - { name: "br-vlan", bridge_ports: "{{ public_interface }}", network: "{{ host_info[inventory_hostname].public }}" } + - { name: "br-storage", bridge_ports: "{{ storage_interface }}", network: "{{ host_info[inventory_hostname].storage }}" } + loop_control: + label: "{{ item.name }}" + when: + - baremetal | bool == true + - "'opnfv' not in inventory_hostname" + +- name: "Configure baremetal networking for VM: {{ inventory_hostname }}" + template: + src: "{{ installer_type }}/debian.interface.j2" + dest: "/etc/network/interfaces.d/{{ item.name }}.cfg" + with_items: + - { name: "{{ mgmt_interface }}", vlan_id: "{{ (mgmt_vlan == 'native') | ternary(omit, mgmt_vlan) }}" } + - { name: "{{ public_interface }}", vlan_id: "{{ (public_vlan == 'native') | ternary(omit, public_vlan) }}" } + - { name: "br-mgmt", bridge_ports: "{{ mgmt_interface }}", network: "{{ host_info[inventory_hostname].mgmt }}" } + - { name: "br-vlan", bridge_ports: "{{ public_interface }}", network: "{{ host_info[inventory_hostname].public }}" } + loop_control: + label: "{{ item.name }}" + when: + - baremetal | bool == true + - "'opnfv' in inventory_hostname" + +- name: restart network service + shell: "/sbin/ip addr flush dev {{ item }}; /sbin/ifdown -a; /sbin/ifup -a" + async: 15 + poll: 0 + with_items: + - "{{ public_interface }}" + - "{{ mgmt_interface }}" diff --git a/xci/playbooks/roles/bootstrap-host/tasks/network_redhat.yml b/xci/playbooks/roles/bootstrap-host/tasks/network_redhat.yml new file mode 100644 index 00000000..288fdf65 --- /dev/null +++ b/xci/playbooks/roles/bootstrap-host/tasks/network_redhat.yml @@ -0,0 +1,32 @@ +--- +# SPDX-license-identifier: Apache-2.0 +############################################################################## +# Copyright (c) 2018 SUSE LINUX GmbH. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## + +- name: "Configure networking on {{ inventory_hostname }}" + template: + src: "{{ installer_type }}/{{ ansible_os_family | lower }}.ifcfg.j2" + dest: "/etc/sysconfig/network-scripts/ifcfg-{{ item.name }}" + with_items: + - { name: "{{ ansible_local.xci.network.xci_interface }}" , bridge: "br-vlan" } + - { name: "{{ ansible_local.xci.network.xci_interface }}.10", bridge: "br-mgmt" , vlan_id: 10 } + - { name: "{{ ansible_local.xci.network.xci_interface }}.20", bridge: "br-storage", vlan_id: 20 } + - { name: "{{ ansible_local.xci.network.xci_interface }}.30", bridge: "br-vxlan" , vlan_id: 30 } + - { name: "br-vlan" , network: "{{ host_info[inventory_hostname].public }}" } + - { name: "br-mgmt" , network: "{{ host_info[inventory_hostname].mgmt }}" } + - { name: "br-storage", network: "{{ host_info[inventory_hostname].storage }}" } + - { name: "br-vxlan" , network: "{{ host_info[inventory_hostname].private }}" } + loop_control: + label: "{{ item.name }}" + +- name: restart network service + service: + name: network + state: restarted + async: 15 + poll: 0 diff --git a/xci/playbooks/roles/bootstrap-host/tasks/network_suse.yml b/xci/playbooks/roles/bootstrap-host/tasks/network_suse.yml new file mode 100644 index 00000000..a8f1bf59 --- /dev/null +++ b/xci/playbooks/roles/bootstrap-host/tasks/network_suse.yml @@ -0,0 +1,93 @@ +--- +# SPDX-license-identifier: Apache-2.0 +############################################################################## +# Copyright (c) 2018 SUSE LINUX GmbH. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## + +- name: "Configure networking on {{ inventory_hostname }}" + template: + src: "{{ installer_type }}/{{ ansible_os_family | lower }}.interface.j2" + dest: "/etc/sysconfig/network/ifcfg-{{ item.name }}" + with_items: + - { name: "{{ ansible_local.xci.network.xci_interface }}" } + - { name: "{{ ansible_local.xci.network.xci_interface }}.10", vlan_id: 10 } + - { name: "{{ ansible_local.xci.network.xci_interface }}.30", vlan_id: 30 } + - { name: "{{ ansible_local.xci.network.xci_interface }}.20", vlan_id: 20 } + - { name: "br-mgmt", bridge_ports: "{{ ansible_local.xci.network.xci_interface }}.10", network: "{{ host_info[inventory_hostname].mgmt }}" } + - { name: "br-vxlan", bridge_ports: "{{ ansible_local.xci.network.xci_interface }}.30", network: "{{ host_info[inventory_hostname].private }}" } + - { name: "br-vlan", bridge_ports: "{{ ansible_local.xci.network.xci_interface }}", network: "{{ host_info[inventory_hostname].public }}" } + - { name: "br-storage", bridge_ports: "{{ ansible_local.xci.network.xci_interface }}.20", network: "{{ host_info[inventory_hostname].storage }}" } + loop_control: + label: "{{ item.name }}" + when: baremetal | bool != true + +- name: "Configure baremetal networking for blade: {{ inventory_hostname }}" + template: + src: "{{ installer_type }}/{{ ansible_os_family | lower }}.interface.j2" + dest: "/etc/sysconfig/network/ifcfg-{{ item.name }}" + with_items: + - { name: "{{ admin_interface }}", network: "{{ host_info[inventory_hostname].admin }}" } + - { name: "{{ mgmt_interface }}", vlan_id: "{{ (mgmt_vlan == 'native') | ternary(omit, mgmt_vlan) }}" } + - { name: "{{ storage_interface }}", vlan_id: "{{ (storage_vlan == 'native') | ternary(omit, storage_vlan) }}" } + - { name: "{{ public_interface }}", vlan_id: "{{ (public_vlan == 'native') | ternary(omit, public_vlan) }}" } + - { name: "{{ private_interface }}", vlan_id: "{{ (private_vlan == 'native') | ternary(omit, private_vlan) }}" } + - { name: "br-mgmt", bridge_ports: "{{ mgmt_interface }}", network: "{{ host_info[inventory_hostname].mgmt }}" } + - { name: "br-vxlan", bridge_ports: "{{ private_interface }}", network: "{{ host_info[inventory_hostname].private }}" } + - { name: "br-vlan", bridge_ports: "{{ public_interface }}", network: "{{ host_info[inventory_hostname].public }}" } + - { name: "br-storage", bridge_ports: "{{ storage_interface }}", network: "{{ host_info[inventory_hostname].storage }}" } + loop_control: + label: "{{ item.name }}" + when: + - baremetal | bool == true + - "'opnfv' not in inventory_hostname" + +- name: "Configure baremetal networking for VM: {{ inventory_hostname }}" + template: + src: "{{ installer_type }}/{{ ansible_os_family | lower }}.interface.j2" + dest: "/etc/sysconfig/network/ifcfg-{{ item.name }}" + with_items: + - { name: "{{ mgmt_interface }}", vlan_id: "{{ (mgmt_vlan == 'native') | ternary(omit, mgmt_vlan) }}" } + - { name: "{{ mgmt_interface }}.30", vlan_id: 30 } + - { name: "{{ mgmt_interface }}.20", vlan_id: 20 } + - { name: "{{ public_interface }}", vlan_id: "{{ (public_vlan == 'native') | ternary(omit, public_vlan) }}" } + - { name: "br-mgmt", bridge_ports: "{{ mgmt_interface }}", network: "{{ host_info[inventory_hostname].mgmt }}" } + - { name: "br-vlan", bridge_ports: "{{ public_interface }}", network: "{{ host_info[inventory_hostname].public }}" } + - { name: "br-vxlan", bridge_ports: "{{ mgmt_interface }}.30", network: "{{ host_info[inventory_hostname].private }}" } + - { name: "br-storage", bridge_ports: "{{ mgmt_interface }}.20", network: "{{ host_info[inventory_hostname].storage }}" } + loop_control: + label: "{{ item.name }}" + when: + - baremetal | bool == true + - "'opnfv' in inventory_hostname" + +- name: Add postup/postdown scripts on SUSE + copy: + src: "network-config-suse" + dest: "/etc/sysconfig/network/scripts/network-config-suse" + mode: 0755 + +- name: Configure static DNS on SUSE + lineinfile: + regexp: '^NETCONFIG_DNS_STATIC_SERVERS=.*' + line: "NETCONFIG_DNS_STATIC_SERVERS=\"{{ host_info[inventory_hostname]['public']['dns'] | join(' ') }}\"" + path: "/etc/sysconfig/network/config" + state: present + when: host_info[inventory_hostname]['public']['dns'] is defined + +- name: Configure routes on SUSE + template: + src: "{{ installer_type }}/{{ ansible_os_family | lower }}.routes.j2" + dest: "/etc/sysconfig/network/ifroute-{{ item.name }}" + with_items: + - { name: "br-vlan", gateway: "{{ host_info[inventory_hostname]['public']['gateway'] }}", route: "default" } + +- name: restart network service + service: + name: network + state: restarted + async: 15 + poll: 0 diff --git a/xci/playbooks/roles/bootstrap-host/tasks/time.yml b/xci/playbooks/roles/bootstrap-host/tasks/time.yml new file mode 100644 index 00000000..9eca769d --- /dev/null +++ b/xci/playbooks/roles/bootstrap-host/tasks/time.yml @@ -0,0 +1,30 @@ +--- +# SPDX-license-identifier: Apache-2.0 +############################################################################## +# Copyright (c) 2017 Ericsson AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +- name: install chrony + package: + name: "chrony" + state: present +- name: restart chrony + service: + name: "{{ (ansible_pkg_mgr == 'apt') | ternary('chrony', 'chronyd') }}" + state: restarted +- name: synchronize time + shell: "chronyc -a 'burst 4/4' && chronyc -a makestep" + args: + executable: /bin/bash + changed_when: True + register: chrony_got_time + until: chrony_got_time.rc == 0 + retries: 5 + delay: 5 + environment: + http_proxy: "{{ lookup('env','http_proxy') }}" + https_proxy: "{{ lookup('env','https_proxy') }}" + no_proxy: "{{ lookup('env','no_proxy') }}" |