summaryrefslogtreecommitdiffstats
path: root/ansible
diff options
context:
space:
mode:
authorRodolfo Alonso Hernandez <rodolfo.alonso.hernandez@intel.com>2018-04-26 09:23:10 +0000
committerGerrit Code Review <gerrit@opnfv.org>2018-04-26 09:23:10 +0000
commitfd54ab5c79b16cdc1765517057b8eb0c988f60c8 (patch)
treed19878aeacf2c150e98da6259b8bee5d7b152a63 /ansible
parent0aae33539c4790a3fd1ffeac1fd266d8d00ad70d (diff)
parent7cf8184eca909dc4d4cddff38ae457ab7e01f053 (diff)
Merge "OpenStack deployment using kolla"
Diffstat (limited to 'ansible')
-rw-r--r--ansible/infra_deploy.yml25
-rw-r--r--ansible/roles/infra_check_requirements/tasks/main.yml45
-rw-r--r--ansible/roles/infra_create_vms/tasks/configure_vm.yml2
-rw-r--r--ansible/roles/infra_deploy_openstack/tasks/configure_kolla.yml40
-rw-r--r--ansible/roles/infra_deploy_openstack/tasks/configure_openstack.yml67
-rw-r--r--ansible/roles/infra_deploy_openstack/tasks/install_kolla.yml54
-rw-r--r--ansible/roles/infra_deploy_openstack/tasks/main.yml125
-rw-r--r--ansible/roles/infra_deploy_openstack/tasks/rampup_openstack.yml43
-rw-r--r--ansible/roles/infra_deploy_openstack/templates/multinode.j239
-rw-r--r--ansible/roles/infra_deploy_openstack/vars/main.yml18
-rw-r--r--ansible/roles/infra_prepare_vms/tasks/main.yml105
-rw-r--r--ansible/roles/infra_rampup_stack_nodes/tasks/configure_docker.yml48
-rw-r--r--ansible/roles/infra_rampup_stack_nodes/tasks/install_packets.yml85
-rw-r--r--ansible/roles/infra_rampup_stack_nodes/tasks/main.yml39
-rw-r--r--ansible/roles/infra_rampup_stack_nodes/tasks/update_conf_files.yml69
-rw-r--r--ansible/roles/infra_rampup_stack_nodes/tasks/update_keys.yml48
-rw-r--r--ansible/roles/infra_rampup_stack_nodes/vars/main.yml16
17 files changed, 854 insertions, 14 deletions
diff --git a/ansible/infra_deploy.yml b/ansible/infra_deploy.yml
index 029879502..8cf5dffef 100644
--- a/ansible/infra_deploy.yml
+++ b/ansible/infra_deploy.yml
@@ -17,8 +17,33 @@
rs_file: "{{ RS_FILE }}"
clean_up: "{{ CLEAN_UP | default(False) }}" # If True will be delete all VMs, networks, disk images
+ tasks:
+ - set_fact:
+ proxy_host: "{{ lookup('env', 'http_proxy') | urlsplit('hostname') }}"
+ proxy_proto: "{{ lookup('env', 'http_proxy') | urlsplit('scheme') }}"
+ proxy_port: "{{ lookup('env', 'http_proxy') | urlsplit('port') }}"
+
+ - set_fact:
+ proxy_host_ip: "{{ lookup('dig', proxy_host) }}"
+
roles:
- infra_destroy_previous_configuration
- infra_check_requirements
- infra_create_network
- infra_create_vms
+ - infra_prepare_vms
+
+- hosts: deploy,regular,yardstickG
+ gather_facts: no
+ become: yes
+
+ roles:
+ - infra_rampup_stack_nodes
+
+
+- hosts: deploy
+ become: yes
+ environment: "{{ proxy_env }}"
+
+ roles:
+ - infra_deploy_openstack
diff --git a/ansible/roles/infra_check_requirements/tasks/main.yml b/ansible/roles/infra_check_requirements/tasks/main.yml
index a11bc56a1..991bd7383 100644
--- a/ansible/roles/infra_check_requirements/tasks/main.yml
+++ b/ansible/roles/infra_check_requirements/tasks/main.yml
@@ -12,27 +12,30 @@
# See the License for the specific language governing permissions and
# limitations under the License.
---
+- name: Reread system properties
+ setup:
+
- name: Include
include_vars:
- file: "{{rs_file}}"
+ file: "{{ rs_file }}"
name: infra_deploy_vars
- name: Store total CPU, RAM, Disk requested resources
set_fact:
- vcpu_t: "{{item.vcpus|int + vcpu_t|int}}"
- vram_t: "{{item.ram|int + vram_t|int}}"
- disk_t: "{{item.disk|int + disk_t|int}}"
- with_items: "{{infra_deploy_vars.nodes}}"
+ vcpu_t: "{{ item.vcpus|int + vcpu_t | int }}"
+ vram_t: "{{ item.ram|int + vram_t | int }}"
+ disk_t: "{{ item.disk|int + disk_t | int }}"
+ with_items: "{{ infra_deploy_vars.nodes }}"
- name: Fail if not enough RAM
fail:
msg: "Failed, not enough RAM, required: {{ vram_t }}, available {{ ansible_memory_mb.nocache.free }}"
- when: ansible_memory_mb.nocache.free < vram_t|int
+ when: ansible_memory_mb.nocache.free < vram_t | int
- name: Fail if not enough CPU
fail:
msg: "Failed, not enough CPU, required: {{ vcpu_t }}, available {{ ansible_processor_vcpus }}"
- when: ansible_processor_vcpus < vcpu_t|int
+ when: ansible_processor_vcpus < vcpu_t | int
- name: Define default network counter
set_fact:
@@ -40,20 +43,38 @@
- name: Increment counter for every default network detected
set_fact:
- num_default_network_detected: "{{ num_default_network_detected|int + 1 }}"
+ num_default_network_detected: "{{ num_default_network_detected | int + 1 }}"
when:
- item.default_gateway is defined
- item.default_gateway == True
- with_items: "{{infra_deploy_vars.networks}}"
+ with_items: "{{ infra_deploy_vars.networks }}"
- name: Fail if more than 1 or 0 default networks
fail:
msg: "Failed, there must be 1 default network: {{ num_default_network_detected }} detected"
- when: num_default_network_detected|int != 1
+ when: num_default_network_detected | int != 1
- name: Fail if not enough Disk space
set_fact:
- disk_avail: "{% for mount in ansible_mounts if mount.mount == '/' %}{{ (mount.size_available/1024/1024)|int }}{% endfor %}"
+ disk_avail: "{% for mount in ansible_mounts if mount.mount == '/' %}{{ (mount.size_available/1024/1024) | int }}{% endfor %}"
- fail:
msg: "Failed, not enough disk space, required {{ disk_t }}, available: {{ disk_avail }}"
- when: disk_avail|int < disk_t|int
+ when: disk_avail|int < disk_t | int
+
+- set_fact:
+ ostack_nodes: "{{ ostack_nodes | default([]) + [item.openstack_node] }}"
+ when: item.openstack_node is defined
+ with_items: "{{ infra_deploy_vars.nodes }}"
+
+# all-in-one node node type must be controller, multinode requires at least one controller and one compute node
+- fail:
+ msg: "OpenStack node types currently supported: controller, compute. Check input VMs file."
+ when: ostack_nodes is undefined or ostack_nodes | length < 1
+
+- fail:
+ msg: "In all-in-one configuration OpenStack node type must be controller."
+ when: ostack_nodes | length == 1 and 'controller' not in ostack_nodes
+
+- fail:
+ msg: "At least one controller and one compute node expected when total number of OpenStack nodes is more than one."
+ when: ostack_nodes | length > 1 and not ('compute' in ostack_nodes and 'controller' in ostack_nodes)
diff --git a/ansible/roles/infra_create_vms/tasks/configure_vm.yml b/ansible/roles/infra_create_vms/tasks/configure_vm.yml
index c20a0b175..a6a5e0618 100644
--- a/ansible/roles/infra_create_vms/tasks/configure_vm.yml
+++ b/ansible/roles/infra_create_vms/tasks/configure_vm.yml
@@ -47,8 +47,6 @@
output:
all: ">> /var/log/cloud-init.log"
ssh_pwauth: True
- bootcmd:
- - echo 127.0.0.1 {{ node_item.hostname }} >> /etc/hosts
users:
- name: {{ node_item.user }}
lock-passwd: False
diff --git a/ansible/roles/infra_deploy_openstack/tasks/configure_kolla.yml b/ansible/roles/infra_deploy_openstack/tasks/configure_kolla.yml
new file mode 100644
index 000000000..9713c0d1e
--- /dev/null
+++ b/ansible/roles/infra_deploy_openstack/tasks/configure_kolla.yml
@@ -0,0 +1,40 @@
+# Copyright (c) 2018 Intel Corporation.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+---
+- name: Modify globals.yml
+ replace:
+ path: /etc/kolla/globals.yml
+ regexp: "{{ item.find }}"
+ replace: "{{ item.insert_after }}"
+ with_items:
+ - { find: '^#kolla_base_distro:.*', insert_after: 'kolla_base_distro: "ubuntu"' }
+ - { find: '^#kolla_install_type:.*', insert_after: 'kolla_install_type: "source"' }
+ - { find: '^#openstack_release:.*', insert_after: 'openstack_release: "pike"' }
+ - { find: 'kolla_internal_vip_address:.*', insert_after: 'kolla_internal_vip_address: "{{ deployvm_ip }}"' }
+ - { find: '^#network_interface:.*', insert_after: 'network_interface: "{{ hostvars[ansible_host].ansible_default_ipv4.interface }}"' }
+ - { find: '^#neutron_external_interface:.*', insert_after: 'neutron_external_interface: "{{ neutron_iface }}"' }
+ - { find: '^#enable_haproxy:.*', insert_after: 'enable_haproxy: "no"'}
+ - { find: '^#enable_heat:.*' , insert_after: 'enable_heat: "yes"'}
+ - { find: '^#docker_registry:.*', insert_after: 'docker_registry: "{{ ansible_host }}:4000"' }
+
+- name: Generate multinode from inventory
+ template:
+ src: templates/multinode.j2
+ dest: "{{ git_repos_path + 'multinode' }}"
+
+- set_fact:
+ path2multinode: "{{ git_repos_path + kolla_ans_path + '/ansible/inventory/multinode' }}"
+
+- name: Append rest groups to multinode file
+ shell: line=`grep -n '\[deployment\]' {{ path2multinode }} | cut -d ':' -f1` && tail -n +$line {{ path2multinode }} >> "{{ git_repos_path + 'multinode' }}"
diff --git a/ansible/roles/infra_deploy_openstack/tasks/configure_openstack.yml b/ansible/roles/infra_deploy_openstack/tasks/configure_openstack.yml
new file mode 100644
index 000000000..3963cb64c
--- /dev/null
+++ b/ansible/roles/infra_deploy_openstack/tasks/configure_openstack.yml
@@ -0,0 +1,67 @@
+# Copyright (c) 2018 Intel Corporation.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+---
+- name: Create folders
+ file:
+ path: "{{ item }}"
+ state: directory
+ with_items:
+ - /etc/kolla/config/nova
+ - /etc/kolla/config/neutron
+
+- set_fact:
+ filter_ops: RetryFilter,AvailabilityZoneFilter,RamFilter,DiskFilter,ComputeCapabilitiesFilter,ImagePropertiesFilter,ServerGroupAntiAffinityFilter,ServerGroupAffinityFilter,SameHostFilter
+
+- name: Configure OpenStack Nova
+ copy:
+ content: |
+ [filter_scheduler]
+ enabled_filters = {{ filter_ops }}
+ [libvirt]
+ cpu_mode = host-passthrough
+ dest: /etc/kolla/config/nova.conf
+
+- name: Configure OpenStack Neutron
+ copy:
+ content: |
+ [DEFAULT]
+ service_plugins=neutron.services.l3_router.l3_router_plugin.L3RouterPlugin
+ [securitygroup]
+ firewall_driver = neutron.agent.firewall.NoopFirewallDriver
+ [ml2]
+ extension_drivers=port_security
+ [agent]
+ extensions=port_security
+ dest: /etc/kolla/config/neutron.conf
+
+- name: Configure OpenStack ml2_plugin.ini
+ copy:
+ content: |
+ [ml2]
+ tenant_network_types = vxlan
+ extension_drivers = port_security
+ type_drivers = vlan,flat,local,vxlan
+ mechanism_drivers = openvswitch
+ [ml2_type_flat]
+ flat_networks = physnet1
+ [ml2_type_vlan]
+ network_vlan_ranges = physnet1
+ [securitygroup]
+ firewall_driver = iptables_hybrid
+ [ovs]
+ datapath_type = system
+ bridge_mappings = physnet1:br-ex
+ tunnel_bridge = br-tun
+ local_ip = {{ deployvm_ip }}
+ dest: /etc/kolla/config/neutron/ml2_plugin.ini
diff --git a/ansible/roles/infra_deploy_openstack/tasks/install_kolla.yml b/ansible/roles/infra_deploy_openstack/tasks/install_kolla.yml
new file mode 100644
index 000000000..38c163c6c
--- /dev/null
+++ b/ansible/roles/infra_deploy_openstack/tasks/install_kolla.yml
@@ -0,0 +1,54 @@
+# Copyright (c) 2018 Intel Corporation.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+---
+- name: Download kolla and kolla-ansible from git repos
+ git:
+ repo: "{{ item.repo }}"
+ dest: "{{ git_repos_path + item.dir }}"
+ version: stable/pike
+ with_items:
+ - { dir: "{{ kolla_path }}", repo: 'https://git.openstack.org/openstack/kolla'}
+ - { dir: "{{ kolla_ans_path }}", repo: 'https://git.openstack.org/openstack/kolla-ansible' }
+
+- name: Copy kolla-ansible password.yml and globals.yml
+ shell: cp -r "{{ git_repos_path + kolla_ans_path + '/etc/kolla/' }}" /etc/
+
+- name: Copy kolla-ansible all-in-one, multinode
+ shell: cp * "{{ git_repos_path }}"
+ args:
+ chdir: "{{ git_repos_path + kolla_ans_path + '/ansible/inventory/' }}"
+
+- name: Install requirements
+ pip:
+ chdir: "{{ item[0] }}"
+ requirements: "{{ item[1] }}"
+ with_nested:
+ - [ "{{ git_repos_path + kolla_path }}", "{{ git_repos_path + kolla_ans_path }}" ]
+ - [ 'requirements.txt', 'test-requirements.txt' ]
+
+- name: pip install .
+ pip:
+ chdir: "{{ item }}"
+ name: '.'
+ with_items:
+ - "{{ git_repos_path + kolla_path }}"
+ - "{{ git_repos_path + kolla_ans_path }}"
+
+- name: Run setup.py
+ shell: "python setup.py install"
+ args:
+ chdir: "{{ item }}"
+ with_items:
+ - "{{ git_repos_path + kolla_path }}"
+ - "{{ git_repos_path + kolla_ans_path }}"
diff --git a/ansible/roles/infra_deploy_openstack/tasks/main.yml b/ansible/roles/infra_deploy_openstack/tasks/main.yml
new file mode 100644
index 000000000..ba5d5bc54
--- /dev/null
+++ b/ansible/roles/infra_deploy_openstack/tasks/main.yml
@@ -0,0 +1,125 @@
+# Copyright (c) 2018 Intel Corporation.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+---
+# This script is based on https://docs.openstack.org/kolla-ansible/pike/user/quickstart.html
+- name: Include variables
+ include_vars:
+ file: "{{ rs_file }}"
+ name: infra_deploy_vars
+
+- set_fact:
+ traffic_ip: "{{ item.interfaces[1].ip }}"
+ when: item.hostname == ansible_host
+ with_items: "{{ infra_deploy_vars.nodes }}"
+
+- name: Get neutron iface
+ set_fact:
+ neutron_iface: "{{ item }}"
+ when:
+ - hostvars[ansible_host]['ansible_' + item.replace('-', '_')].ipv4 is defined
+ - hostvars[ansible_host]['ansible_' + item.replace('-', '_')].ipv4.address is defined
+ - hostvars[ansible_host]['ansible_' + item.replace('-', '_')].ipv4.address == traffic_ip
+ with_items: "{{ hostvars[ansible_host].ansible_interfaces }}"
+
+- name: Create a registry container
+ docker_container:
+ name: registry
+ image: registry:2
+ restart_policy: always
+ ports:
+ - "4000:5000"
+
+- name: Download and install Kolla
+ include_tasks: install_kolla.yml
+
+- name: Configure Kolla
+ include_tasks: configure_kolla.yml
+
+- name: Configure Open Stack
+ include_tasks: configure_openstack.yml
+
+- name: Ramp up Open Stack
+ include_tasks: rampup_openstack.yml
+
+- name: Update admin-openrc.sh
+ lineinfile:
+ path: /etc/kolla/admin-openrc.sh
+ regexp: "{{ item.find }}"
+ line: "{{ item.add }}"
+ with_items:
+ - { find: 'EXTERNAL_NETWORK', add: 'export EXTERNAL_NETWORK=public' }
+ - { find: 'OS_AUTH_TYPE', add: 'export OS_AUTH_TYPE=password' }
+
+- name: Copy env file
+ shell: cp /etc/kolla/admin-openrc.sh /tmp/admin-openrc.yaml
+
+- name: Rework as env vars
+ replace:
+ path: /tmp/admin-openrc.yaml
+ regexp: 'export\s+(.*)=(.*)'
+ replace: '\1: \2'
+
+- name: Download OpenStack env file
+ fetch:
+ src: /tmp/admin-openrc.yaml
+ dest: /tmp/
+ flat: yes
+
+- include_vars:
+ file: /tmp/admin-openrc.yaml
+ name: ostack_env
+
+- name: Re-assign IP address
+ shell: ip address show {{ neutron_iface }} | awk '/inet/ {print $2}'
+ when: neutron_iface is defined
+ register: ip_netmask
+
+- shell: >
+ ip addr del dev {{ neutron_iface }} {{ ip_netmask.stdout }} &&
+ ip addr add dev br-ex {{ infra_deploy_vars.networks[1].host_ip }}/{{ ip_netmask.stdout_lines[0].split('/')[1] }}
+ when:
+ - neutron_iface is defined
+ - ip_netmask.stdout | length > 0
+
+- name: Create external network
+ os_network:
+ name: public
+ external: yes
+ provider_physical_network: physnet1
+ provider_network_type: flat
+ environment:
+ - no_proxy: "{{ lookup('env', 'no_proxy') + ',' + ansible_host + ',' + hostvars[ansible_host].ansible_default_ipv4.address }}"
+ - "{{ ostack_env }}"
+
+- name: Create sub-network
+ os_subnet:
+ name: public-subnet
+ network_name: public
+ cidr: "{{ ip_netmask.stdout }}"
+ allocation_pool_start: "{{ infra_deploy_vars.networks[1].dhcp_ip_start }}"
+ allocation_pool_end: "{{ infra_deploy_vars.networks[1].dhcp_ip_stop }}"
+ gateway_ip: "{{ infra_deploy_vars.networks[1].host_ip }}"
+ enable_dhcp: no
+ environment:
+ - no_proxy: "{{ lookup('env', 'no_proxy') + ',' + ansible_host + ',' + hostvars[ansible_host].ansible_default_ipv4.address }}"
+ - "{{ ostack_env }}"
+
+- name: Upload OpenStack env file to Yardstick VM
+ copy:
+ src: /etc/kolla/admin-openrc.sh
+ dest: '/tmp/admin-openrc.sh'
+ delegate_to: "{{ item }}"
+ when: "groups['yardstickG'] is defined"
+ with_items:
+ - "{{ groups['yardstickG'] }}"
diff --git a/ansible/roles/infra_deploy_openstack/tasks/rampup_openstack.yml b/ansible/roles/infra_deploy_openstack/tasks/rampup_openstack.yml
new file mode 100644
index 000000000..c75bec685
--- /dev/null
+++ b/ansible/roles/infra_deploy_openstack/tasks/rampup_openstack.yml
@@ -0,0 +1,43 @@
+# Copyright (c) 2018 Intel Corporation.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+---
+- name: Generate passwords
+ shell: kolla-genpwd
+
+- name: Generate the kolla-build.conf
+ shell: tox -e genconfig
+ args:
+ chdir: "{{ git_repos_path + kolla_path }}"
+
+- set_fact:
+ target: "{{ git_repos_path + 'all-in-one' }}"
+
+- set_fact:
+ target: "{{ git_repos_path + 'multinode' }}"
+ when: "groups['ostack'] | length > 1"
+
+- name: Run kolla-ansible precheck
+ shell: kolla-ansible prechecks -i "{{ target }}"
+
+- name: Build kolla-ansible
+ shell: kolla-build -b ubuntu -t source --profile default --tag pike --registry {{ ansible_host }}:4000 --push
+
+- name: Pull images from registry
+ shell: kolla-ansible pull -i "{{ target }}"
+
+- name: Run kolla-ansible deploy
+ shell: kolla-ansible deploy -i "{{ target }}"
+
+- name: Create an openrc file
+ shell: kolla-ansible post-deploy
diff --git a/ansible/roles/infra_deploy_openstack/templates/multinode.j2 b/ansible/roles/infra_deploy_openstack/templates/multinode.j2
new file mode 100644
index 000000000..57f87b521
--- /dev/null
+++ b/ansible/roles/infra_deploy_openstack/templates/multinode.j2
@@ -0,0 +1,39 @@
+{% set control_dict = {} %}
+{% set compute_dict = {} %}
+{% for host in groups['ostack'] %}
+{% if hostvars[host].node_type is defined and hostvars[host].node_type == 'controller' %}
+{% set control_dict = control_dict.update({hostvars[host].ansible_host: hostvars[host].ansible_default_ipv4.interface}) %}
+{% endif %}
+{% endfor %}
+{% for host in groups['ostack'] %}
+{% if hostvars[host].node_type is defined and hostvars[host].node_type == 'compute' %}
+{% for iface in hostvars[host].ansible_interfaces %}
+{%- if ((hostvars[host]['ansible_' + iface.replace('-', '_')].ipv4 is defined) and
+ (hostvars[host]['ansible_' + iface.replace('-', '_')].ipv4.address is defined) and
+ (hostvars[host]['ansible_' + iface.replace('-', '_')].ipv4.address == hostvars[host].secondary_ip)) -%}
+{% set compute_dict = compute_dict.update({hostvars[host].ansible_host: iface}) %}
+{% endif %}
+{% endfor %}
+{% endif %}
+{% endfor %}
+{% macro print_node(in_dict, iface_str='', cnt=1) %}
+{%- for host, iface in in_dict | dictsort -%}
+{% if loop.index <= cnt %}
+{% if iface_str %}
+{{ host }} ansible_ssh_user={{ hostvars[host].ansible_user }} ansible_private_key_file=/root/.ssh/id_rsa ansible_become=True {{ iface_str }}={{ iface }}
+{% else %}
+{{ host }} ansible_ssh_user={{ hostvars[host].ansible_user }} ansible_private_key_file=/root/.ssh/id_rsa ansible_become=True
+{% endif %}
+{% endif %}
+{% endfor %}
+{% endmacro %}
+[control]
+{{ print_node(control_dict, iface_str='network_interface', cnt=control_dict | length) }}
+[compute]
+{{ print_node(compute_dict, iface_str='network_interface', cnt=compute_dict | length) }}
+[network]
+{{ print_node(control_dict, iface_str='', cnt=control_dict | length) }}
+[monitoring]
+{{ print_node(control_dict) }}
+[storage]
+{{ print_node(control_dict, iface_str='', cnt=control_dict | length) }}
diff --git a/ansible/roles/infra_deploy_openstack/vars/main.yml b/ansible/roles/infra_deploy_openstack/vars/main.yml
new file mode 100644
index 000000000..bbea56847
--- /dev/null
+++ b/ansible/roles/infra_deploy_openstack/vars/main.yml
@@ -0,0 +1,18 @@
+# Copyright (c) 2018 Intel Corporation.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+---
+kolla_path: "{{ 'https://git.openstack.org/openstack/kolla' | urlsplit('path') | basename }}"
+kolla_ans_path: "{{ 'https://git.openstack.org/openstack/kolla-ansible' | urlsplit('path') | basename }}"
+deployvm_ip: "{{ hostvars[ansible_host].host_ip }}"
+git_repos_path: '/tmp/repos/'
diff --git a/ansible/roles/infra_prepare_vms/tasks/main.yml b/ansible/roles/infra_prepare_vms/tasks/main.yml
new file mode 100644
index 000000000..d7ed08511
--- /dev/null
+++ b/ansible/roles/infra_prepare_vms/tasks/main.yml
@@ -0,0 +1,105 @@
+# Copyright (c) 2018 Intel Corporation.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+---
+- name: Include input file
+ include_vars:
+ file: "{{ rs_file }}"
+ name: infra_deploy_vars
+
+- name: Install setuptools
+ apt:
+ name: python-setuptools
+
+- name: Install pip
+ shell: easy_install pip
+ environment: "{{ proxy_env }}"
+
+- name: Install dependency for dns dig
+ pip:
+ name: dnspython
+ state: latest
+
+- set_fact:
+ block_str: "{{ block_str | default('') + item.interfaces[0].ip + ' ' + item.hostname + '\n'}}"
+ with_items: "{{ infra_deploy_vars.nodes }}"
+
+- name: Delete hosts between markers
+ blockinfile:
+ path: /etc/hosts
+ marker: "# {mark} generated hosts file"
+ content: ""
+
+- name: Update /etc/hosts
+ blockinfile:
+ path: /etc/hosts
+ block: |
+ {{ block_str }}
+ marker: "# {mark} generated hosts file"
+
+- name: Clear known hosts
+ shell: >
+ ssh-keygen -f /root/.ssh/known_hosts -R "{{ item.interfaces[0].ip }}";
+ ssh-keygen -f /root/.ssh/known_hosts -R "{{ item.hostname }}"
+ with_items: "{{ infra_deploy_vars.nodes }}"
+
+- set_fact:
+ controllers: "{{ controllers | default([]) + [item.hostname] }}"
+ when:
+ - item.openstack_node is defined
+ - item.openstack_node == 'controller'
+ with_items: "{{ infra_deploy_vars.nodes }}"
+
+- name: Add host controller as deploy
+ add_host:
+ hostname: "{{ item.hostname }}"
+ host_ip: "{{ item.interfaces[0].ip }}"
+ groups: deploy, ostack
+ ansible_host: "{{ item.hostname }}"
+ ansible_user: "{{ item.user }}"
+ ansible_ssh_pass: "{{ item.password }}"
+ node_type: "{{ item.openstack_node }}"
+ secondary_ip: "{{ item.interfaces[1].ip }}"
+ when: item.hostname == controllers[0]
+ with_items: "{{ infra_deploy_vars.nodes }}"
+
+- name: Add hosts others as controller, compute
+ add_host:
+ hostname: "{{ item.hostname }}"
+ host_ip: "{{ item.interfaces[0].ip }}"
+ groups: regular,ostack
+ ansible_host: "{{ item.hostname }}"
+ ansible_user: "{{ item.user }}"
+ ansible_ssh_pass: "{{ item.password }}"
+ node_type: "{{ item.openstack_node }}"
+ secondary_ip: "{{ item.interfaces[1].ip }}"
+ when:
+ - item.openstack_node is defined
+ - item.openstack_node == 'controller' or item.openstack_node == 'compute'
+ - item.hostname != controllers[0]
+ with_items: "{{ infra_deploy_vars.nodes }}"
+
+- name: Add yardstick host to group
+ add_host:
+ hostname: "{{ item.hostname }}"
+ host_ip: "{{ item.interfaces[0].ip }}"
+ groups: yardstickG
+ ansible_host: "{{ item.hostname }}"
+ ansible_user: "{{ item.user }}"
+ ansible_ssh_pass: "{{ item.password }}"
+ secondary_ip: "{{ item.interfaces[1].ip }}"
+ when: item.hostname == 'yardstickvm'
+ with_items: "{{ infra_deploy_vars.nodes }}"
+
+- name: Workaround, not all VMs are ready by that time
+ pause: seconds=20
diff --git a/ansible/roles/infra_rampup_stack_nodes/tasks/configure_docker.yml b/ansible/roles/infra_rampup_stack_nodes/tasks/configure_docker.yml
new file mode 100644
index 000000000..a6ae00e51
--- /dev/null
+++ b/ansible/roles/infra_rampup_stack_nodes/tasks/configure_docker.yml
@@ -0,0 +1,48 @@
+# Copyright (c) 2018 Intel Corporation.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+---
+- file:
+ path: /lib/systemd/system/docker.service.d
+ state: directory
+
+- copy:
+ content: |
+ [Service]
+ MountFlags=shared
+ dest: /lib/systemd/system/docker.service.d/kolla.conf
+
+- set_fact:
+ ostack_hosts: "{{ ostack_hosts | default([]) + [hostvars[item].ansible_host] }}"
+ with_items: "{{ groups['ostack'] }}"
+
+- name: Create proxy configuration for docker
+ copy:
+ content: |
+ [Service]
+ Environment="HTTP_PROXY={{ lookup('env', 'http_proxy') }}"
+ Environment="HTTPS_PROXY={{ lookup('env', 'https_proxy') }}"
+ Environment="FTP_PROXY={{ lookup('env', 'ftp_proxy') }}"
+ Environment="NO_PROXY={{ lookup('env', 'no_proxy') }},{{ hostvars[ansible_host].ansible_default_ipv4.address }},{{ ostack_hosts | join(',') }}"
+ dest: /lib/systemd/system/docker.service.d/http-proxy.conf
+
+- name: Update /etc/default/docker
+ lineinfile:
+ path: /etc/default/docker
+ line: 'DOCKER_OPTS="--dns {{ hostvars[ansible_host].ansible_default_ipv4.gateway }} --insecure-registry {{ deploy_host }}:4000"'
+
+- name: reload restart docker
+ systemd:
+ state: restarted
+ daemon_reload: yes
+ name: docker
diff --git a/ansible/roles/infra_rampup_stack_nodes/tasks/install_packets.yml b/ansible/roles/infra_rampup_stack_nodes/tasks/install_packets.yml
new file mode 100644
index 000000000..d22e8155a
--- /dev/null
+++ b/ansible/roles/infra_rampup_stack_nodes/tasks/install_packets.yml
@@ -0,0 +1,85 @@
+# Copyright (c) 2018 Intel Corporation.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+---
+- name: Update apt cache
+ apt:
+ update_cache: yes
+ upgrade: yes
+ cache_valid_time: 36000
+ environment: "{{ proxy_env }}"
+
+- name: Install packets
+ apt:
+ name: "{{ item }}"
+ with_items:
+ - python-tox
+ - python-dev
+ - libffi-dev
+ - libssl-dev
+ - python3-dev
+ - ethtool
+ - ipmitool
+ - git
+ - ntp
+ - apparmor-utils
+ - docker.io
+ - libvirt-bin
+ - python-setuptools
+ - build-essential
+ environment: "{{ proxy_env }}"
+
+- name: Install pip
+ shell: easy_install pip
+ environment: "{{ proxy_env }}"
+
+- name: Update pip ansible docker
+ pip:
+ name: "{{ item }}"
+ state: latest
+ with_items:
+ - ansible
+ - docker
+ - tox
+ - shade
+ environment: "{{ proxy_env }}"
+
+- name: Remove conflicting packages
+ apt:
+ name: "{{ item }}"
+ state: absent
+ with_items:
+ - lxd
+ - lxc
+
+- name: Stop and disable libvirt
+ systemd:
+ state: stopped
+ enabled: no
+ name: libvirt-bin.service
+
+- name: Stop and disable apparmor service
+ systemd:
+ name: apparmor
+ state: stopped
+ enabled: no
+
+- name: Get stat of libvirtd apparmor profile
+ stat:
+ path: /etc/apparmor.d/disable/usr.sbin.libvirtd
+ register: apparmor_libvirtd_profile
+
+- name: Remove apparmor profile for libvirt
+ shell: ln -s /etc/apparmor.d/usr.sbin.libvirtd /etc/apparmor.d/disable/ && apparmor_parser -R /etc/apparmor.d/usr.sbin.libvirtd
+ when:
+ - apparmor_libvirtd_profile.stat.exists == False
diff --git a/ansible/roles/infra_rampup_stack_nodes/tasks/main.yml b/ansible/roles/infra_rampup_stack_nodes/tasks/main.yml
new file mode 100644
index 000000000..65d5e59d8
--- /dev/null
+++ b/ansible/roles/infra_rampup_stack_nodes/tasks/main.yml
@@ -0,0 +1,39 @@
+# Copyright (c) 2018 Intel Corporation.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+---
+# Configure proxy and install python to support ansible
+- name: Create apt.conf proxy config
+ raw: >
+ echo 'Acquire::http::proxy "{{ hostvars[groups['jumphost'][0]].proxy_proto + '://' + hostvars[groups['jumphost'][0]].proxy_host_ip + ':' + hostvars[groups['jumphost'][0]].proxy_port }}";'
+ > /etc/apt/apt.conf.d/22proxy
+
+- name: Install python which is required to run ansible mudules
+ raw: apt-get update && apt-get install -y python
+
+- name: Gather facts
+ setup:
+
+- name: Update configuration files
+ include_tasks: update_conf_files.yml
+
+- name: Install packets
+ include_tasks: install_packets.yml
+ when: ansible_hostname in groups['ostack']
+
+- name: Configure docker settings
+ include_tasks: configure_docker.yml
+ when: ansible_hostname in groups['ostack']
+
+- name: generate and apply SSH keys
+ include_tasks: update_keys.yml
diff --git a/ansible/roles/infra_rampup_stack_nodes/tasks/update_conf_files.yml b/ansible/roles/infra_rampup_stack_nodes/tasks/update_conf_files.yml
new file mode 100644
index 000000000..424fb543b
--- /dev/null
+++ b/ansible/roles/infra_rampup_stack_nodes/tasks/update_conf_files.yml
@@ -0,0 +1,69 @@
+# Copyright (c) 2018 Intel Corporation.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+---
+- name: Set hostname
+ shell: hostname {{ ansible_hostname }}
+
+- name: Delete hosts between markers
+ blockinfile:
+ path: /etc/hosts
+ marker: "# {mark} generated hosts file"
+ content: ""
+
+- set_fact:
+ block_str: "{{ block_str | default('') + hostvars[item].host_ip + ' ' + hostvars[item].ansible_host + '\n'}}"
+ with_items: "{{ groups['ostack'] }}"
+
+- name: Update /etc/hosts
+ blockinfile:
+ path: /etc/hosts
+ block: |
+ {{ block_str }}
+ marker: "# {mark} generated hosts file"
+
+- name: Update /etc/hosts
+ lineinfile:
+ path: /etc/hosts
+ regexp: ".*{{ hostvars[groups['jumphost'][0]].proxy_host }}.*"
+ line: "{{ hostvars[groups['jumphost'][0]].proxy_host_ip }} {{ hostvars[groups['jumphost'][0]].proxy_host }}"
+
+- name: Turn off IPv6
+ lineinfile:
+ path: /etc/sysctl.conf
+ regexp: '^{{ item }}.*'
+ line: "{{ item }} = 1"
+ with_items:
+ - 'net.ipv6.conf.all.disable_ipv6'
+ - 'net.ipv6.conf.default.disable_ipv6'
+ - 'net.ipv6.conf.lo.disable_ipv6'
+
+- name: Update IP configuration
+ shell: sysctl -p
+
+- name: Update resolv.conf
+ shell: echo "{{ 'nameserver ' + hostvars[ansible_host].ansible_default_ipv4.gateway }}" > /etc/resolvconf/resolv.conf.d/base
+
+- name: Update name servers
+ shell: resolvconf -u
+
+- name: Update /etc/environment
+ lineinfile:
+ path: /etc/environment
+ regexp: "{{ item.find }}"
+ line: "{{ item.add }}"
+ with_items:
+ - { find: 'http_proxy=', add: "{{ 'export http_proxy=' + lookup('env', 'http_proxy') }}" }
+ - { find: 'https_proxy=', add: "{{ 'export https_proxy=' + lookup('env', 'https_proxy') }}" }
+ - { find: 'ftp_proxy=', add: "{{ 'export ftp_proxy=' + lookup('env', 'ftp_proxy') }}" }
+ - { find: 'no_proxy=', add: "{{ 'export no_proxy=' + lookup('env', 'no_proxy') + ',' + ansible_host + ',' + hostvars[ansible_host].ansible_default_ipv4.address }}" }
diff --git a/ansible/roles/infra_rampup_stack_nodes/tasks/update_keys.yml b/ansible/roles/infra_rampup_stack_nodes/tasks/update_keys.yml
new file mode 100644
index 000000000..816f7cbca
--- /dev/null
+++ b/ansible/roles/infra_rampup_stack_nodes/tasks/update_keys.yml
@@ -0,0 +1,48 @@
+# Copyright (c) 2018 Intel Corporation.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+---
+- name: Generate keys
+ user:
+ name: "{{ hostvars[ansible_host].ansible_user }}"
+ generate_ssh_key: yes
+ state: present
+ ssh_key_file: "/root/.ssh/id_rsa"
+
+- name: Get remote files
+ fetch:
+ src: "/root/.ssh/id_rsa.pub"
+ dest: "/tmp"
+
+- name: Update authorized_key
+ authorized_key:
+ key: "{{ lookup('file', '/tmp/{{ hostvars[item].ansible_host }}/root/.ssh/id_rsa.pub') }}"
+ state: present
+ user: "{{ hostvars[item].ansible_user }}"
+ with_items:
+ - "{{ groups['ostack'] }}"
+ - "{{ groups['yardstickG'] }}"
+
+- name: Make sure the known hosts file exists
+ file:
+ path: "{{ ssh_known_hosts_file }}"
+ state: touch
+
+- name: Add key to known hosts
+ known_hosts:
+ name: "{{ hostvars[item].ansible_host }}"
+ key: "{{ lookup('pipe', 'ssh-keyscan -t rsa {{ hostvars[item].ansible_host }}') }}"
+ path: "{{ ssh_known_hosts_file }}"
+ with_items:
+ - "{{ groups['ostack'] }}"
+ - "{{ groups['yardstickG'] }}"
diff --git a/ansible/roles/infra_rampup_stack_nodes/vars/main.yml b/ansible/roles/infra_rampup_stack_nodes/vars/main.yml
new file mode 100644
index 000000000..252eb86b3
--- /dev/null
+++ b/ansible/roles/infra_rampup_stack_nodes/vars/main.yml
@@ -0,0 +1,16 @@
+# Copyright (c) 2018 Intel Corporation.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+---
+ssh_known_hosts_file: "/root/.ssh/known_hosts"
+deploy_host: "{{ hostvars[groups['deploy'][0]].ansible_host }}"