summaryrefslogtreecommitdiffstats
path: root/ansible/roles/infra_rampup_stack_nodes
diff options
context:
space:
mode:
authorRodolfo Alonso Hernandez <rodolfo.alonso.hernandez@intel.com>2018-04-26 09:23:10 +0000
committerGerrit Code Review <gerrit@opnfv.org>2018-04-26 09:23:10 +0000
commitfd54ab5c79b16cdc1765517057b8eb0c988f60c8 (patch)
treed19878aeacf2c150e98da6259b8bee5d7b152a63 /ansible/roles/infra_rampup_stack_nodes
parent0aae33539c4790a3fd1ffeac1fd266d8d00ad70d (diff)
parent7cf8184eca909dc4d4cddff38ae457ab7e01f053 (diff)
Merge "OpenStack deployment using kolla"
Diffstat (limited to 'ansible/roles/infra_rampup_stack_nodes')
-rw-r--r--ansible/roles/infra_rampup_stack_nodes/tasks/configure_docker.yml48
-rw-r--r--ansible/roles/infra_rampup_stack_nodes/tasks/install_packets.yml85
-rw-r--r--ansible/roles/infra_rampup_stack_nodes/tasks/main.yml39
-rw-r--r--ansible/roles/infra_rampup_stack_nodes/tasks/update_conf_files.yml69
-rw-r--r--ansible/roles/infra_rampup_stack_nodes/tasks/update_keys.yml48
-rw-r--r--ansible/roles/infra_rampup_stack_nodes/vars/main.yml16
6 files changed, 305 insertions, 0 deletions
diff --git a/ansible/roles/infra_rampup_stack_nodes/tasks/configure_docker.yml b/ansible/roles/infra_rampup_stack_nodes/tasks/configure_docker.yml
new file mode 100644
index 000000000..a6ae00e51
--- /dev/null
+++ b/ansible/roles/infra_rampup_stack_nodes/tasks/configure_docker.yml
@@ -0,0 +1,48 @@
+# Copyright (c) 2018 Intel Corporation.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+---
+- file:
+ path: /lib/systemd/system/docker.service.d
+ state: directory
+
+- copy:
+ content: |
+ [Service]
+ MountFlags=shared
+ dest: /lib/systemd/system/docker.service.d/kolla.conf
+
+- set_fact:
+ ostack_hosts: "{{ ostack_hosts | default([]) + [hostvars[item].ansible_host] }}"
+ with_items: "{{ groups['ostack'] }}"
+
+- name: Create proxy configuration for docker
+ copy:
+ content: |
+ [Service]
+ Environment="HTTP_PROXY={{ lookup('env', 'http_proxy') }}"
+ Environment="HTTPS_PROXY={{ lookup('env', 'https_proxy') }}"
+ Environment="FTP_PROXY={{ lookup('env', 'ftp_proxy') }}"
+ Environment="NO_PROXY={{ lookup('env', 'no_proxy') }},{{ hostvars[ansible_host].ansible_default_ipv4.address }},{{ ostack_hosts | join(',') }}"
+ dest: /lib/systemd/system/docker.service.d/http-proxy.conf
+
+- name: Update /etc/default/docker
+ lineinfile:
+ path: /etc/default/docker
+ line: 'DOCKER_OPTS="--dns {{ hostvars[ansible_host].ansible_default_ipv4.gateway }} --insecure-registry {{ deploy_host }}:4000"'
+
+- name: reload restart docker
+ systemd:
+ state: restarted
+ daemon_reload: yes
+ name: docker
diff --git a/ansible/roles/infra_rampup_stack_nodes/tasks/install_packets.yml b/ansible/roles/infra_rampup_stack_nodes/tasks/install_packets.yml
new file mode 100644
index 000000000..d22e8155a
--- /dev/null
+++ b/ansible/roles/infra_rampup_stack_nodes/tasks/install_packets.yml
@@ -0,0 +1,85 @@
+# Copyright (c) 2018 Intel Corporation.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+---
+- name: Update apt cache
+ apt:
+ update_cache: yes
+ upgrade: yes
+ cache_valid_time: 36000
+ environment: "{{ proxy_env }}"
+
+- name: Install packets
+ apt:
+ name: "{{ item }}"
+ with_items:
+ - python-tox
+ - python-dev
+ - libffi-dev
+ - libssl-dev
+ - python3-dev
+ - ethtool
+ - ipmitool
+ - git
+ - ntp
+ - apparmor-utils
+ - docker.io
+ - libvirt-bin
+ - python-setuptools
+ - build-essential
+ environment: "{{ proxy_env }}"
+
+- name: Install pip
+ shell: easy_install pip
+ environment: "{{ proxy_env }}"
+
+- name: Update pip ansible docker
+ pip:
+ name: "{{ item }}"
+ state: latest
+ with_items:
+ - ansible
+ - docker
+ - tox
+ - shade
+ environment: "{{ proxy_env }}"
+
+- name: Remove conflicting packages
+ apt:
+ name: "{{ item }}"
+ state: absent
+ with_items:
+ - lxd
+ - lxc
+
+- name: Stop and disable libvirt
+ systemd:
+ state: stopped
+ enabled: no
+ name: libvirt-bin.service
+
+- name: Stop and disable apparmor service
+ systemd:
+ name: apparmor
+ state: stopped
+ enabled: no
+
+- name: Get stat of libvirtd apparmor profile
+ stat:
+ path: /etc/apparmor.d/disable/usr.sbin.libvirtd
+ register: apparmor_libvirtd_profile
+
+- name: Remove apparmor profile for libvirt
+ shell: ln -s /etc/apparmor.d/usr.sbin.libvirtd /etc/apparmor.d/disable/ && apparmor_parser -R /etc/apparmor.d/usr.sbin.libvirtd
+ when:
+ - apparmor_libvirtd_profile.stat.exists == False
diff --git a/ansible/roles/infra_rampup_stack_nodes/tasks/main.yml b/ansible/roles/infra_rampup_stack_nodes/tasks/main.yml
new file mode 100644
index 000000000..65d5e59d8
--- /dev/null
+++ b/ansible/roles/infra_rampup_stack_nodes/tasks/main.yml
@@ -0,0 +1,39 @@
+# Copyright (c) 2018 Intel Corporation.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+---
+# Configure proxy and install python to support ansible
+- name: Create apt.conf proxy config
+ raw: >
+ echo 'Acquire::http::proxy "{{ hostvars[groups['jumphost'][0]].proxy_proto + '://' + hostvars[groups['jumphost'][0]].proxy_host_ip + ':' + hostvars[groups['jumphost'][0]].proxy_port }}";'
+ > /etc/apt/apt.conf.d/22proxy
+
+- name: Install python which is required to run ansible mudules
+ raw: apt-get update && apt-get install -y python
+
+- name: Gather facts
+ setup:
+
+- name: Update configuration files
+ include_tasks: update_conf_files.yml
+
+- name: Install packets
+ include_tasks: install_packets.yml
+ when: ansible_hostname in groups['ostack']
+
+- name: Configure docker settings
+ include_tasks: configure_docker.yml
+ when: ansible_hostname in groups['ostack']
+
+- name: generate and apply SSH keys
+ include_tasks: update_keys.yml
diff --git a/ansible/roles/infra_rampup_stack_nodes/tasks/update_conf_files.yml b/ansible/roles/infra_rampup_stack_nodes/tasks/update_conf_files.yml
new file mode 100644
index 000000000..424fb543b
--- /dev/null
+++ b/ansible/roles/infra_rampup_stack_nodes/tasks/update_conf_files.yml
@@ -0,0 +1,69 @@
+# Copyright (c) 2018 Intel Corporation.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+---
+- name: Set hostname
+ shell: hostname {{ ansible_hostname }}
+
+- name: Delete hosts between markers
+ blockinfile:
+ path: /etc/hosts
+ marker: "# {mark} generated hosts file"
+ content: ""
+
+- set_fact:
+ block_str: "{{ block_str | default('') + hostvars[item].host_ip + ' ' + hostvars[item].ansible_host + '\n'}}"
+ with_items: "{{ groups['ostack'] }}"
+
+- name: Update /etc/hosts
+ blockinfile:
+ path: /etc/hosts
+ block: |
+ {{ block_str }}
+ marker: "# {mark} generated hosts file"
+
+- name: Update /etc/hosts
+ lineinfile:
+ path: /etc/hosts
+ regexp: ".*{{ hostvars[groups['jumphost'][0]].proxy_host }}.*"
+ line: "{{ hostvars[groups['jumphost'][0]].proxy_host_ip }} {{ hostvars[groups['jumphost'][0]].proxy_host }}"
+
+- name: Turn off IPv6
+ lineinfile:
+ path: /etc/sysctl.conf
+ regexp: '^{{ item }}.*'
+ line: "{{ item }} = 1"
+ with_items:
+ - 'net.ipv6.conf.all.disable_ipv6'
+ - 'net.ipv6.conf.default.disable_ipv6'
+ - 'net.ipv6.conf.lo.disable_ipv6'
+
+- name: Update IP configuration
+ shell: sysctl -p
+
+- name: Update resolv.conf
+ shell: echo "{{ 'nameserver ' + hostvars[ansible_host].ansible_default_ipv4.gateway }}" > /etc/resolvconf/resolv.conf.d/base
+
+- name: Update name servers
+ shell: resolvconf -u
+
+- name: Update /etc/environment
+ lineinfile:
+ path: /etc/environment
+ regexp: "{{ item.find }}"
+ line: "{{ item.add }}"
+ with_items:
+ - { find: 'http_proxy=', add: "{{ 'export http_proxy=' + lookup('env', 'http_proxy') }}" }
+ - { find: 'https_proxy=', add: "{{ 'export https_proxy=' + lookup('env', 'https_proxy') }}" }
+ - { find: 'ftp_proxy=', add: "{{ 'export ftp_proxy=' + lookup('env', 'ftp_proxy') }}" }
+ - { find: 'no_proxy=', add: "{{ 'export no_proxy=' + lookup('env', 'no_proxy') + ',' + ansible_host + ',' + hostvars[ansible_host].ansible_default_ipv4.address }}" }
diff --git a/ansible/roles/infra_rampup_stack_nodes/tasks/update_keys.yml b/ansible/roles/infra_rampup_stack_nodes/tasks/update_keys.yml
new file mode 100644
index 000000000..816f7cbca
--- /dev/null
+++ b/ansible/roles/infra_rampup_stack_nodes/tasks/update_keys.yml
@@ -0,0 +1,48 @@
+# Copyright (c) 2018 Intel Corporation.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+---
+- name: Generate keys
+ user:
+ name: "{{ hostvars[ansible_host].ansible_user }}"
+ generate_ssh_key: yes
+ state: present
+ ssh_key_file: "/root/.ssh/id_rsa"
+
+- name: Get remote files
+ fetch:
+ src: "/root/.ssh/id_rsa.pub"
+ dest: "/tmp"
+
+- name: Update authorized_key
+ authorized_key:
+ key: "{{ lookup('file', '/tmp/{{ hostvars[item].ansible_host }}/root/.ssh/id_rsa.pub') }}"
+ state: present
+ user: "{{ hostvars[item].ansible_user }}"
+ with_items:
+ - "{{ groups['ostack'] }}"
+ - "{{ groups['yardstickG'] }}"
+
+- name: Make sure the known hosts file exists
+ file:
+ path: "{{ ssh_known_hosts_file }}"
+ state: touch
+
+- name: Add key to known hosts
+ known_hosts:
+ name: "{{ hostvars[item].ansible_host }}"
+ key: "{{ lookup('pipe', 'ssh-keyscan -t rsa {{ hostvars[item].ansible_host }}') }}"
+ path: "{{ ssh_known_hosts_file }}"
+ with_items:
+ - "{{ groups['ostack'] }}"
+ - "{{ groups['yardstickG'] }}"
diff --git a/ansible/roles/infra_rampup_stack_nodes/vars/main.yml b/ansible/roles/infra_rampup_stack_nodes/vars/main.yml
new file mode 100644
index 000000000..252eb86b3
--- /dev/null
+++ b/ansible/roles/infra_rampup_stack_nodes/vars/main.yml
@@ -0,0 +1,16 @@
+# Copyright (c) 2018 Intel Corporation.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+---
+ssh_known_hosts_file: "/root/.ssh/known_hosts"
+deploy_host: "{{ hostvars[groups['deploy'][0]].ansible_host }}"