--- # SPDX-license-identifier: Apache-2.0 ############################################################################## # Copyright (c) 2017 Ericsson AB and others. # All rights reserved. This program and the accompanying materials # are made available under the terms of the Apache License, Version 2.0 # which accompanies this distribution, and is available at # http://www.apache.org/licenses/LICENSE-2.0 ############################################################################## - hosts: opnfv remote_user: root become: yes vars_files: - ../var/flavor-vars.yml - ../var/opnfv.yml pre_tasks: - name: Load distribution variables include_vars: file: ../var/{{ ansible_os_family }}.yml roles: - role: remove-folders - hosts: opnfv remote_user: root vars_files: - ../var/flavor-vars.yml - ../var/opnfv.yml pre_tasks: - name: Load distribution variables include_vars: file: ../var/{{ ansible_os_family }}.yml roles: - { role: clone-repository, project: "opnfv/releng-xci", repo: "{{ OPNFV_RELENG_GIT_URL }}", dest: "{{ OPNFV_RELENG_PATH }}", version: "{{ OPNFV_RELENG_VERSION }}" } - { role: clone-repository, project: "openstack/openstack-ansible", repo: "{{ OPENSTACK_OSA_GIT_URL }}", dest: "{{ OPENSTACK_OSA_PATH }}", version: "{{ OPENSTACK_OSA_VERSION }}" } - hosts: opnfv remote_user: root vars_files: - ../var/opnfv.yml tasks: - name: Load distribution variables include_vars: file: ../var/{{ ansible_os_family }}.yml - name: Synchronize local development releng-xci repository to XCI paths synchronize: src: "{{ OPNFV_RELENG_DEV_PATH }}" dest: "{{ OPNFV_RELENG_PATH }}" recursive: yes delete: yes when: - OPNFV_RELENG_DEV_PATH != "" - name: Synchronize local development openstack-ansible repository to XCI paths synchronize: src: "{{ OPENSTACK_OSA_DEV_PATH }}" dest: "{{ OPENSTACK_OSA_PATH }}" recursive: yes delete: yes when: - OPENSTACK_OSA_DEV_PATH != "" - hosts: opnfv remote_user: root vars_files: - ../var/flavor-vars.yml - ../var/opnfv.yml pre_tasks: - name: Load distribution variables include_vars: file: ../var/{{ ansible_os_family }}.yml roles: - role: configure-network tasks: - name: generate SSH keys shell: ssh-keygen -b 2048 -t rsa -f /root/.ssh/id_rsa -q -N "" args: creates: /root/.ssh/id_rsa - name: ensure ssh key storage directory exists file: path: "{{ OPNFV_SSH_HOST_KEYS_PATH }}" state: directory - name: fetch public key fetch: src="/root/.ssh/id_rsa.pub" dest="{{ OPNFV_SSH_HOST_KEYS_PATH }}" - name: copy flavor inventory shell: "/bin/cp -rf {{XCI_FLAVOR_ANSIBLE_FILE_PATH}}/inventory {{OPNFV_RELENG_PATH}}/xci/playbooks" - name: copy flavor vars shell: "/bin/cp -rf {{XCI_FLAVOR_ANSIBLE_FILE_PATH}}/flavor-vars.yml {{OPNFV_RELENG_PATH}}/xci/var" - name: copy openstack_deploy shell: "/bin/cp -rf {{OPENSTACK_OSA_PATH}}/etc/openstack_deploy {{OPENSTACK_OSA_ETC_PATH}}" - name: copy openstack_user_config.yml shell: "/bin/cp -rf {{XCI_FLAVOR_ANSIBLE_FILE_PATH}}/openstack_user_config.yml {{OPENSTACK_OSA_ETC_PATH}}" - name: copy user_variables.yml shell: "/bin/cp -rf {{XCI_FLAVOR_ANSIBLE_FILE_PATH}}/user_variables.yml {{OPENSTACK_OSA_ETC_PATH}}" - name: copy cinder.yml shell: "/bin/cp -rf {{OPNFV_RELENG_PATH}}/xci/file/cinder.yml {{OPENSTACK_OSA_ETC_PATH}}/env.d" # TODO: We need to get rid of this as soon as the issue is fixed upstream - name: change the haproxy state from disable to enable replace: dest: "{{OPENSTACK_OSA_PATH}}/playbooks/os-keystone-install.yml" regexp: '(\s+)haproxy_state: disabled' replace: '\1haproxy_state: enabled' - name: copy OPNFV OpenStack playbook shell: "/bin/cp -rf {{OPNFV_RELENG_PATH}}/xci/file/setup-openstack.yml {{OPENSTACK_OSA_PATH}}/playbooks" - name: copy OPNFV role requirements shell: "/bin/cp -rf {{OPNFV_RELENG_PATH}}/xci/file/ansible-role-requirements.yml {{OPENSTACK_OSA_PATH}}" - name: bootstrap ansible on opnfv host command: "/bin/bash ./scripts/bootstrap-ansible.sh" args: chdir: "{{OPENSTACK_OSA_PATH}}" - name: install python Crypto module package: name: "{{ python_crypto_package_name }}" - name: install PyYAML pip: name: pyyaml state: present - name: generate password token command: "python pw-token-gen.py --file {{OPENSTACK_OSA_ETC_PATH}}/user_secrets.yml" args: chdir: "{{OPENSTACK_OSA_PATH}}/scripts" - name: create certificate directory /etc/ssl/certs file: path: "/etc/ssl/certs" state: directory - name: create key directory /etc/ssl/private file: path: "/etc/ssl/private" state: directory - name: copy certificate to /etc/ssl/certs copy: src: "/etc/ssl/certs/xci.crt" dest: "/etc/ssl/certs/" become: true - name: read remote key from /etc/ssl/private set_fact: xci_ssl_key: "{{ lookup('pipe', 'sudo cat /etc/ssl/private/xci.key' ) }}" - name: copy key to /etc/ssl/private copy: content: "{{ xci_ssl_key }}" dest: "/etc/ssl/private/xci.key" become: true - hosts: localhost remote_user: root vars_files: - ../var/opnfv.yml tasks: - name: Generate authorized_keys shell: "/bin/cat {{ OPNFV_SSH_HOST_KEYS_PATH }}/opnfv/root/.ssh/id_rsa.pub >> ../file/authorized_keys" - name: Append public keys to authorized_keys shell: "/bin/cat {{ ansible_env.HOME }}/.ssh/id_rsa.pub >> ../file/authorized_keys" - hosts: opnfv gather_facts: no remote_user: root vars_files: - ../var/flavor-vars.yml - ../var/opnfv.yml - "{{ XCI_FLAVOR_ANSIBLE_FILE_PATH }}/user_variables.yml" pre_tasks: - name: Load distribution variables include_vars: file: ../var/{{ ansible_os_family }}.yml roles: - role: "openstack-ansible-openstack_openrc" tasks: - name: add extra insecure flag to generated openrc blockinfile: dest: "{{ ansible_env.HOME }}/openrc" block: | export OS_INSECURE=true - name: fetch generated openrc fetch: src: "{{ ansible_env.HOME }}/openrc" dest: "{{ XCI_DEVEL_ROOT }}/" flat: true