diff options
Diffstat (limited to 'prototypes')
| -rw-r--r-- | prototypes/bifrost/playbooks/inventory/group_vars/baremetal | 53 | ||||
| -rw-r--r-- | prototypes/xci/README.rst | 8 | ||||
| -rwxr-xr-x | prototypes/xci/config/user-vars | 10 | ||||
| -rw-r--r-- | prototypes/xci/playbooks/configure-localhost.yml | 24 | ||||
| -rw-r--r-- | prototypes/xci/playbooks/configure-opnfvhost.yml | 43 | ||||
| -rw-r--r-- | prototypes/xci/playbooks/provision-vm-nodes.yml | 49 | ||||
| -rw-r--r-- | prototypes/xci/playbooks/roles/remove-folders/tasks/main.yml | 1 | ||||
| -rw-r--r-- | prototypes/xci/var/opnfv.yml | 4 | ||||
| -rwxr-xr-x | prototypes/xci/xci-deploy.sh | 18 |
9 files changed, 133 insertions, 77 deletions
diff --git a/prototypes/bifrost/playbooks/inventory/group_vars/baremetal b/prototypes/bifrost/playbooks/inventory/group_vars/baremetal deleted file mode 100644 index 008b04d11..000000000 --- a/prototypes/bifrost/playbooks/inventory/group_vars/baremetal +++ /dev/null @@ -1,53 +0,0 @@ ---- -# The ironic API URL for bifrost operations. Defaults to localhost. -# ironic_url: "http://localhost:6385/" - -# The network interface that bifrost will be operating on. Defaults -# to virbr0 in roles, can be overridden here. -# network_interface: "virbr0" - -# The path to the SSH key to be utilized for testing and burn-in -# to configuration drives. When set, it should be set in both baremetal -# and localhost groups, however this is only an override to the default. - -# workaround for opnfv ci until we can fix non-root use -ssh_public_key_path: "/root/.ssh/id_rsa.pub" - -# Normally this user should be root, however if cirros is used, -# a user may wish to define a specific user for testing VM -# connectivity during a test sequence -testing_user: root - -# The default port to download files via. Required for IPA URL generation. -# Presently the defaults are located in the roles, however if changed both -# the localhost and baremetal group files must be updated. -# file_url_port: 8080 - -# IPA Image parameters. If these are changed, they must be changed in -# Both localhost and baremetal groups. Presently the defaults -# in each role should be sufficent for proper operation. -# ipa_kernel: "{{http_boot_folder}}/coreos_production_pxe.vmlinuz" -# ipa_ramdisk: "{{http_boot_folder}}/coreos_production_pxe_image-oem.cpio.gz" -# ipa_kernel_url: "http://{{ hostvars[inventory_hostname]['ansible_' + network_interface]['ipv4']['address'] }}:{{file_url_port}}/coreos_production_pxe.vmlinuz" -# ipa_ramdisk_url: "http://{{ hostvars[inventory_hostname]['ansible_' + network_interface]['ipv4']['address'] }}:{{file_url_port}}/coreos_production_pxe_image-oem.cpio.gz" - -# The http_boot_folder defines the root folder for the webserver. -# If this setting is changed, it must be applied to both the baremetal -# and localhost groups. Presently the role defaults are set to the value -# below. -# http_boot_folder: /httpboot - -# The settings for the name of the image to be deployed along with the -# on disk location are below. If changed, these settings must be applied -# to both the baremetal and localhost groups. If the file is already on -# disk, then the image generation will not take place, otherwise an image -# will be generated using diskimage-builder. -# deploy_image_filename: "deployment_image.qcow2" -# deploy_image: "{{http_boot_folder}}/{{deploy_image_filename}}" - -# Under normal circumstances, the os_ironic_node module does not wait for -# the node to reach active state before continuing with the deployment -# process. This means we may have to timeout, to figure out a deployment -# failed. Change wait_for_node_deploy to true to cause bifrost to wait for -# Ironic to show the instance in Active state. -wait_for_node_deploy: false diff --git a/prototypes/xci/README.rst b/prototypes/xci/README.rst index 8318cdb52..6d7af0d6e 100644 --- a/prototypes/xci/README.rst +++ b/prototypes/xci/README.rst @@ -148,13 +148,7 @@ set where the logs should be stored execute sandbox script - sudo -E ./xci-deploy.sh - -Warning:: - - Please encure you always execute the sandbox script using **sudo -E** - in order to make the environment variables you set available to the - sandbox script or you end up with the default settings. + ./xci-deploy.sh =============== User Variables diff --git a/prototypes/xci/config/user-vars b/prototypes/xci/config/user-vars index d910405a7..f9de940a2 100755 --- a/prototypes/xci/config/user-vars +++ b/prototypes/xci/config/user-vars @@ -28,9 +28,11 @@ export XCI_FLAVOR=${XCI_FLAVOR:-aio} # OPNFV XCI Sandbox is not verified to be used as non-root user as of yet so # changing these paths might break things. #------------------------------------------------------------------------------- -export OPNFV_RELENG_PATH=/opt/releng -export OPENSTACK_BIFROST_PATH=/opt/bifrost -export OPENSTACK_OSA_PATH=/opt/openstack-ansible +export XCI_DEVEL_ROOT=${XCI_DEVEL_ROOT:-"/tmp/.xci-deploy-env"} +export OPNFV_RELENG_PATH="${XCI_DEVEL_ROOT}/releng" +export OPENSTACK_BIFROST_PATH="${XCI_DEVEL_ROOT}/bifrost" +export OPENSTACK_OSA_PATH="${XCI_DEVEL_ROOT}/openstack-ansible" +export OPNFV_SSH_HOST_KEYS_PATH="${XCI_DEVEL_ROOT}/ssh_host_keys" #------------------------------------------------------------------------------- # Set the playbook to use for OpenStack deployment @@ -50,5 +52,5 @@ export OPNFV_OSA_PLAYBOOK=${OPNFV_OSA_PLAYBOOK:-"$OPENSTACK_OSA_PATH/playbooks/s # or # ANSIBLE_VERBOSITY="-vvvv" export ANSIBLE_VERBOSITY=${ANSIBLE_VERBOSITY-""} -export LOG_PATH=${LOG_PATH:-/opt/opnfv/logs} +export LOG_PATH=${LOG_PATH:-${XCI_DEVEL_ROOT}/opnfv/logs} export RUN_TEMPEST=${RUN_TEMPEST:-false} diff --git a/prototypes/xci/playbooks/configure-localhost.yml b/prototypes/xci/playbooks/configure-localhost.yml index 34b974cd1..b6d0fccb7 100644 --- a/prototypes/xci/playbooks/configure-localhost.yml +++ b/prototypes/xci/playbooks/configure-localhost.yml @@ -8,13 +8,35 @@ # http://www.apache.org/licenses/LICENSE-2.0 ############################################################################## - hosts: localhost - remote_user: root + connection: local vars_files: - ../var/{{ ansible_os_family }}.yml - ../var/opnfv.yml roles: - role: remove-folders - { role: clone-repository, project: "opnfv/releng", repo: "{{ OPNFV_RELENG_GIT_URL }}", dest: "{{ OPNFV_RELENG_PATH }}", version: "{{ OPNFV_RELENG_VERSION }}" } + +- hosts: localhost + connection: local + gather_facts: false + vars_files: + - ../var/{{ ansible_os_family }}.yml + - ../var/opnfv.yml + tasks: + - name: Synchronize local development releng repository to XCI paths + synchronize: + src: "{{ OPNFV_RELENG_DEV_PATH }}" + dest: "{{ OPNFV_RELENG_PATH }}" + recursive: yes + delete: yes + when: + - OPNFV_RELENG_DEV_PATH != "" + +- hosts: localhost + connection: local + vars_files: + - ../var/{{ ansible_os_family }}.yml + - ../var/opnfv.yml tasks: - name: create log directory {{LOG_PATH}} file: diff --git a/prototypes/xci/playbooks/configure-opnfvhost.yml b/prototypes/xci/playbooks/configure-opnfvhost.yml index 64fcef0db..8656ff9df 100644 --- a/prototypes/xci/playbooks/configure-opnfvhost.yml +++ b/prototypes/xci/playbooks/configure-opnfvhost.yml @@ -17,6 +17,37 @@ - role: remove-folders - { role: clone-repository, project: "opnfv/releng", repo: "{{ OPNFV_RELENG_GIT_URL }}", dest: "{{ OPNFV_RELENG_PATH }}", version: "{{ OPNFV_RELENG_VERSION }}" } - { role: clone-repository, project: "openstack/openstack-ansible", repo: "{{ OPENSTACK_OSA_GIT_URL }}", dest: "{{ OPENSTACK_OSA_PATH }}", version: "{{ OPENSTACK_OSA_VERSION }}" } + +- hosts: opnfv + remote_user: root + vars_files: + - ../var/{{ ansible_os_family }}.yml + - ../var/opnfv.yml + tasks: + - name: Synchronize local development releng repository to XCI paths + synchronize: + src: "{{ OPNFV_RELENG_DEV_PATH }}" + dest: "{{ OPNFV_RELENG_PATH }}" + recursive: yes + delete: yes + when: + - OPNFV_RELENG_DEV_PATH != "" + - name: Synchronize local development openstack-ansible repository to XCI paths + synchronize: + src: "{{ OPENSTACK_OSA_DEV_PATH }}" + dest: "{{ OPENSTACK_OSA_PATH }}" + recursive: yes + delete: yes + when: + - OPENSTACK_OSA_DEV_PATH != "" + +- hosts: opnfv + remote_user: root + vars_files: + - ../var/{{ ansible_os_family }}.yml + - ../var/flavor-vars.yml + - ../var/opnfv.yml + roles: # TODO: this only works for ubuntu/xenial and need to be adjusted for other distros - { role: configure-network, when: ansible_distribution_release == "xenial", src: "../template/opnfv.interface.j2", dest: "/etc/network/interfaces" } tasks: @@ -24,8 +55,12 @@ shell: ssh-keygen -b 2048 -t rsa -f /root/.ssh/id_rsa -q -N "" args: creates: /root/.ssh/id_rsa + - name: ensure ssh key storage directory exists + file: + path: "{{ OPNFV_SSH_HOST_KEYS_PATH }}" + state: directory - name: fetch public key - fetch: src="/root/.ssh/id_rsa.pub" dest="/" + fetch: src="/root/.ssh/id_rsa.pub" dest="{{ OPNFV_SSH_HOST_KEYS_PATH }}" - name: copy flavor inventory shell: "/bin/cp -rf {{XCI_FLAVOR_ANSIBLE_FILE_PATH}}/inventory {{OPNFV_RELENG_PATH}}/prototypes/xci/playbooks" - name: copy flavor vars @@ -58,8 +93,10 @@ chdir: "{{OPENSTACK_OSA_PATH}}/scripts" - hosts: localhost remote_user: root + vars_files: + - ../var/opnfv.yml tasks: - name: Generate authorized_keys - shell: "/bin/cat /opnfv/root/.ssh/id_rsa.pub >> ../file/authorized_keys" + shell: "/bin/cat {{ OPNFV_SSH_HOST_KEYS_PATH }}/opnfv/root/.ssh/id_rsa.pub >> ../file/authorized_keys" - name: Append public keys to authorized_keys - shell: "/bin/cat /root/.ssh/id_rsa.pub >> ../file/authorized_keys" + shell: "/bin/cat {{ ansible_env.HOME }}/.ssh/id_rsa.pub >> ../file/authorized_keys" diff --git a/prototypes/xci/playbooks/provision-vm-nodes.yml b/prototypes/xci/playbooks/provision-vm-nodes.yml index 9a32d0bfc..8be36c7a9 100644 --- a/prototypes/xci/playbooks/provision-vm-nodes.yml +++ b/prototypes/xci/playbooks/provision-vm-nodes.yml @@ -8,7 +8,7 @@ # http://www.apache.org/licenses/LICENSE-2.0 ############################################################################## - hosts: localhost - remote_user: root + connection: local vars_files: - ../var/{{ ansible_os_family }}.yml - ../var/opnfv.yml @@ -17,15 +17,62 @@ - role: remove-folders - { role: clone-repository, project: "opnfv/releng", repo: "{{ OPNFV_RELENG_GIT_URL }}", dest: "{{ OPNFV_RELENG_PATH }}", version: "{{ OPNFV_RELENG_VERSION }}" } - { role: clone-repository, project: "opnfv/bifrost", repo: "{{ OPENSTACK_BIFROST_GIT_URL }}", dest: "{{ OPENSTACK_BIFROST_PATH }}", version: "{{ OPENSTACK_BIFROST_VERSION }}" } + +- hosts: localhost + connection: local + gather_facts: false + vars_files: + - ../var/{{ ansible_os_family }}.yml + - ../var/opnfv.yml + tasks: + - name: Synchronize local development bifrost repository to XCI paths + # command module is much faster than the copy module + synchronize: + src: "{{ OPENSTACK_BIFROST_DEV_PATH }}" + dest: "{{ OPENSTACK_BIFROST_PATH }}" + recursive: yes + delete: yes + when: + - OPENSTACK_BIFROST_DEV_PATH != "" + - name: Synchronize local development releng repository to XCI paths + synchronize: + src: "{{ OPNFV_RELENG_DEV_PATH }}" + dest: "{{ OPNFV_RELENG_PATH }}" + recursive: yes + delete: yes + when: + - OPNFV_RELENG_DEV_PATH != "" + +- hosts: localhost + connection: local + gather_facts: false + vars_files: + - ../var/{{ ansible_os_family }}.yml + - ../var/opnfv.yml tasks: - name: combine opnfv/releng and openstack/bifrost scripts/playbooks copy: src: "{{ OPNFV_RELENG_PATH }}/prototypes/bifrost/" dest: "{{ OPENSTACK_BIFROST_PATH }}" + +- hosts: localhost + connection: local + become: yes + vars_files: + - ../var/{{ ansible_os_family }}.yml + - ../var/opnfv.yml + tasks: - name: destroy VM nodes created by previous deployment command: "/bin/bash ./scripts/destroy-env.sh" args: chdir: "{{ OPENSTACK_BIFROST_PATH }}" + +- hosts: localhost + connection: local + vars_files: + - ../var/{{ ansible_os_family }}.yml + - ../var/opnfv.yml + tasks: - name: create and provision VM nodes for the flavor {{ XCI_FLAVOR }} command: "/bin/bash ./scripts/bifrost-provision.sh" args: diff --git a/prototypes/xci/playbooks/roles/remove-folders/tasks/main.yml b/prototypes/xci/playbooks/roles/remove-folders/tasks/main.yml index ac8c0f7dc..425b8dbf4 100644 --- a/prototypes/xci/playbooks/roles/remove-folders/tasks/main.yml +++ b/prototypes/xci/playbooks/roles/remove-folders/tasks/main.yml @@ -18,3 +18,4 @@ - "{{ OPENSTACK_OSA_PATH }}" - "{{ OPENSTACK_OSA_ETC_PATH }}" - "{{ LOG_PATH }} " + - "{{ OPNFV_SSH_HOST_KEYS_PATH }}" diff --git a/prototypes/xci/var/opnfv.yml b/prototypes/xci/var/opnfv.yml index 12cb55675..85f532ad2 100644 --- a/prototypes/xci/var/opnfv.yml +++ b/prototypes/xci/var/opnfv.yml @@ -9,12 +9,15 @@ ############################################################################## OPNFV_RELENG_GIT_URL: "{{ lookup('env','OPNFV_RELENG_GIT_URL') }}" OPNFV_RELENG_PATH: "{{ lookup('env','OPNFV_RELENG_PATH') }}" +OPNFV_RELENG_DEV_PATH: "{{ lookup('env','OPNFV_RELENG_DEV_PATH') }}" OPNFV_RELENG_VERSION: "{{ lookup('env','OPNFV_RELENG_VERSION') }}" OPENSTACK_BIFROST_GIT_URL: "{{ lookup('env','OPENSTACK_BIFROST_GIT_URL') }}" OPENSTACK_BIFROST_PATH: "{{ lookup('env','OPENSTACK_BIFROST_PATH') }}" +OPENSTACK_BIFROST_DEV_PATH: "{{ lookup('env','OPENSTACK_BIFROST_DEV_PATH') }}" OPENSTACK_BIFROST_VERSION: "{{ lookup('env','OPENSTACK_BIFROST_VERSION') }}" OPENSTACK_OSA_GIT_URL: "{{ lookup('env','OPENSTACK_OSA_GIT_URL') }}" OPENSTACK_OSA_PATH: "{{ lookup('env','OPENSTACK_OSA_PATH') }}" +OPENSTACK_OSA_DEV_PATH: "{{ lookup('env','OPENSTACK_OSA_DEV_PATH') }}" OPENSTACK_OSA_VERSION: "{{ lookup('env','OPENSTACK_OSA_VERSION') }}" OPENSTACK_OSA_ETC_PATH: "{{ lookup('env','OPENSTACK_OSA_ETC_PATH') }}" XCI_ANSIBLE_PIP_VERSION: "{{ lookup('env','XCI_ANSIBLE_PIP_VERSION') }}" @@ -23,3 +26,4 @@ XCI_FLAVOR_ANSIBLE_FILE_PATH: "{{ lookup('env','XCI_FLAVOR_ANSIBLE_FILE_PATH') } XCI_LOOP: "{{ lookup('env','XCI_LOOP') }}" LOG_PATH: "{{ lookup('env','LOG_PATH') }}" OPNFV_HOST_IP: "{{ lookup('env','OPNFV_HOST_IP') }}" +OPNFV_SSH_HOST_KEYS_PATH: "{{ lookup('env', 'OPNFV_SSH_HOST_KEYS_PATH') }}" diff --git a/prototypes/xci/xci-deploy.sh b/prototypes/xci/xci-deploy.sh index 718ed73c2..3a65983ac 100755 --- a/prototypes/xci/xci-deploy.sh +++ b/prototypes/xci/xci-deploy.sh @@ -4,11 +4,13 @@ set -o nounset set -o pipefail #------------------------------------------------------------------------------- -# This script must run as root +# This script should not be run as root #------------------------------------------------------------------------------- -if [[ $(whoami) != "root" ]]; then - echo "Error: This script must be run as root!" - exit 1 +if [[ $(whoami) == "root" ]]; then + echo "WARNING: This script should not be run as root!" + echo "Elevated privileges are aquired automatically when necessary" + echo "Waiting 10s to give you a chance to stop the script (Ctrl-C)" + for x in $(seq 10 -1 1); do echo -n "$x..."; sleep 1; done fi #------------------------------------------------------------------------------- @@ -137,7 +139,7 @@ echo "Info: Configured target hosts" #------------------------------------------------------------------------------- echo "Info: Setting up target hosts for openstack-ansible" echo "-----------------------------------------------------------------------" -sudo -E /bin/sh -c "ssh root@$OPNFV_HOST_IP openstack-ansible \ +ssh root@$OPNFV_HOST_IP "openstack-ansible \ $OPENSTACK_OSA_PATH/playbooks/setup-hosts.yml" | \ tee $LOG_PATH/setup-hosts.log echo "-----------------------------------------------------------------------" @@ -156,7 +158,7 @@ echo "Info: Set up target hosts for openstack-ansible successfuly" echo "Info: Setting up infrastructure" echo "-----------------------------------------------------------------------" echo "xci: running ansible playbook setup-infrastructure.yml" -sudo -E /bin/sh -c "ssh root@$OPNFV_HOST_IP openstack-ansible \ +ssh root@$OPNFV_HOST_IP "openstack-ansible \ $OPENSTACK_OSA_PATH/playbooks//setup-infrastructure.yml" | \ tee $LOG_PATH/setup-infrastructure.log echo "-----------------------------------------------------------------------" @@ -171,7 +173,7 @@ fi #------------------------------------------------------------------------------- echo "Info: Verifying database cluster" echo "-----------------------------------------------------------------------" -sudo -E /bin/sh -c "ssh root@$OPNFV_HOST_IP ansible -i $OPENSTACK_OSA_PATH/playbooks/inventory/ \ +ssh root@$OPNFV_HOST_IP "ansible -i $OPENSTACK_OSA_PATH/playbooks/inventory/ \ galera_container -m shell \ -a "mysql -h localhost -e 'show status like \"%wsrep_cluster_%\";'"" \ | tee $LOG_PATH/galera.log @@ -190,7 +192,7 @@ echo "Info: Database cluster verification successful!" #------------------------------------------------------------------------------- echo "Info: Installing OpenStack on target hosts" echo "-----------------------------------------------------------------------" -sudo -E /bin/sh -c "ssh root@$OPNFV_HOST_IP openstack-ansible \ +ssh root@$OPNFV_HOST_IP "openstack-ansible \ $OPENSTACK_OSA_PATH/playbooks/setup-openstack.yml" | \ tee $LOG_PATH/opnfv-setup-openstack.log echo "-----------------------------------------------------------------------" |