diff options
Diffstat (limited to 'ansible/roles')
16 files changed, 444 insertions, 3 deletions
diff --git a/ansible/roles/create_samplevnfs_image/tasks/main.yml b/ansible/roles/create_samplevnfs_image/tasks/main.yml index c83cccab5..ab7371a12 100644 --- a/ansible/roles/create_samplevnfs_image/tasks/main.yml +++ b/ansible/roles/create_samplevnfs_image/tasks/main.yml @@ -19,6 +19,6 @@ is_public: yes disk_format: qcow2 container_format: bare - filename: "{{ raw_imgfile }}" + filename: "{{ imgfile }}" properties: hw_vif_multiqueue_enabled: true diff --git a/ansible/roles/download_civetweb/defaults/main.yml b/ansible/roles/download_civetweb/defaults/main.yml index 5efc9bb56..289e52ce8 100644 --- a/ansible/roles/download_civetweb/defaults/main.yml +++ b/ansible/roles/download_civetweb/defaults/main.yml @@ -12,7 +12,7 @@ # See the License for the specific language governing permissions and # limitations under the License. --- -civetweb_url: https://sourceforge.net/projects/civetweb/files/1.9/CivetWeb_V1.9.zip +civetweb_url: https://iweb.dl.sourceforge.net/project/civetweb/1.9.1/CivetWeb_V1.9.1.zip civetweb_file: "{{ civetweb_url|basename }}" civetweb_dest: "{{ clone_dest }}/civetweb" -civetweb_sha256s: "sha256:947a546bfccd733c79dff9565227fa74f4d17750650ff49312ef4b2d032fa8c8" +civetweb_sha256s: "sha256:69a82f042eae0197fb50b09861a8e2c5fff2871c196a21edd122bb8ce34ca0f3" diff --git a/ansible/roles/download_drivers/defaults/main.yml b/ansible/roles/download_drivers/defaults/main.yml new file mode 100644 index 000000000..ab68a3c6d --- /dev/null +++ b/ansible/roles/download_drivers/defaults/main.yml @@ -0,0 +1,21 @@ +# Copyright (c) 2018 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +i40evf_version: "3.4.2" +i40evf_gzfile: "i40evf-{{ i40evf_version }}.tar.gz" +i40evf_url: "https://netix.dl.sourceforge.net/project/e1000/i40evf%20stable/{{ i40evf_version }}/{{ i40evf_gzfile }}" +i40evf_dest: "{{ clone_dest }}/" +i40evf_path: "{{ i40evf_dest }}/{{ i40evf_gzfile|regex_replace('[.]tar[.]gz$', '') }}" +i40evf_checksum: + "3.4.2": "sha256:a8e2a722fb2f8ac874cb39545a331761841f1724830ff1581d2012dd37314645" diff --git a/ansible/roles/download_drivers/tasks/i40evf.yml b/ansible/roles/download_drivers/tasks/i40evf.yml new file mode 100644 index 000000000..cb8a09d6c --- /dev/null +++ b/ansible/roles/download_drivers/tasks/i40evf.yml @@ -0,0 +1,36 @@ +# Copyright (c) 2018 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +- name: Directory to store i40evf driver + file: + path: "{{ i40evf_dest }}" + state: directory + +- name: Fetch i40evf driver + get_url: + url: "{{ i40evf_url }}" + dest: "{{ i40evf_dest }}/{{ i40evf_gzfile }}" + validate_certs: False + checksum: "{{ i40evf_checksum[i40evf_version] }}" + +- name: Unarchive the i40evf file + unarchive: + src: "{{ i40evf_dest }}/{{ i40evf_gzfile }}" + dest: "{{ i40evf_dest }}" + copy: no + +- name: Cleanup the archive to save space + file: + path: "{{ i40evf_dest }}/{{ i40evf_gzfile }}" + state: absent diff --git a/ansible/roles/download_drivers/tasks/main.yml b/ansible/roles/download_drivers/tasks/main.yml new file mode 100644 index 000000000..b7c1e0f1f --- /dev/null +++ b/ansible/roles/download_drivers/tasks/main.yml @@ -0,0 +1,15 @@ +# Copyright (c) 2018 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +- include: i40evf.yml diff --git a/ansible/roles/enable_iommu_on_boot/tasks/main.yml b/ansible/roles/enable_iommu_on_boot/tasks/main.yml new file mode 100644 index 000000000..1b98a50b1 --- /dev/null +++ b/ansible/roles/enable_iommu_on_boot/tasks/main.yml @@ -0,0 +1,72 @@ +# Copyright (c) 2017 Intel Corporation +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +- name: Set iommu_boot_params for Intel + set_fact: + iommu_boot_params: ' intel_iommu=on iommu=pt' + when: hostvars[inventory_hostname]['ansible_system_vendor'] == "Intel Corporation" + +- name: Set iommu_boot_params for AMD + set_fact: + iommu_boot_params: ' amd_iommu=on iommu=pt' + when: hostvars[inventory_hostname]['ansible_system_vendor'] == "AuthenticAMD" + +- name: Set facts for this role + set_fact: + hugepages_help_string: ' # added by hugepages role' + iommu_help_string: ', added by iommu role' + hugepages_params: " default_hugepagesz=1G hugepagesz=1G hugepages=8" + iommu_original_kernel_params: 'GRUB_CMDLINE_LINUX="\$GRUB_CMDLINE_LINUX{{ hugepages_params }}' + iommu_enabled_kernel_params: '{{ iommu_original_kernel_params }}{{ iommu_boot_params }}"' + iommu_enabled_kernel_params_with_help: '{{ iommu_original_kernel_params }}{{ iommu_boot_params }}"{{ hugepages_help_string }}{{ iommu_help_string }}' + +- name: check if iommu is set by this role in /etc/default/grub + lineinfile: + path: /etc/default/grub + line: '{{ iommu_enabled_kernel_params_with_help }}' + #changed_when: no + check_mode: yes + register: is_mine_iommu_etc_grub + ignore_errors: True + +- name: check if iommu is set by someone else + command: "grep -o 'iommu' /etc/default/grub" + register: is_iommu + ignore_errors: True + +- fail: + msg: "Iommu already set by someone else" + when: is_mine_iommu_etc_grub.changed == false and is_iommu.stdout != "" + +- name: 'Configure iommu in /etc/default/grub' +# and /boot/grub/grub.cfg(when: ansible_distribution == "Ubuntu")' + lineinfile: + path: /etc/default/grub + regexp: '({{ iommu_original_kernel_params }})"{{ hugepages_help_string }}' + line: '\1{{ iommu_boot_params }}"{{ hugepages_help_string }}{{ iommu_help_string }}' + backrefs: yes + when: is_mine_iommu_etc_grub.changed == true + +- name: find boot grub.cfg + find: + paths: /boot + file_type: file + patterns: 'grub*.cfg' + recurse: yes + register: grub_files + +- include: manual_modify_grub.yml + # only tested on Ubuntu, kernel line is probably different on other distros + with_items: "{{ grub_files.files }}" + when: ansible_distribution == "Ubuntu" diff --git a/ansible/roles/enable_iommu_on_boot/tasks/manual_modify_grub.yml b/ansible/roles/enable_iommu_on_boot/tasks/manual_modify_grub.yml new file mode 100644 index 000000000..6760c3f9d --- /dev/null +++ b/ansible/roles/enable_iommu_on_boot/tasks/manual_modify_grub.yml @@ -0,0 +1,34 @@ +# Copyright (c) 2017 Intel Corporation +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- + + +- name: check if iommu is set by this role in /boot grub.cfg files + lineinfile: + path: "{{ item.path }}" + regexp: '{{ hugepages_params }}{{ iommu_boot_params }}' + line: '' + #changed_when: no + check_mode: yes + register: is_mine_iommu_boot_grub + ignore_errors: True + +- name: added iommu to grub manually because we can't run update-grub in chroot + replace: + path: "{{ item.path }}" + regexp: '(.*linux\s+/boot/vmlinuz.*)$' + replace: '\1{{ iommu_boot_params }}' + when: is_mine_iommu_boot_grub.msg != "line replaced" + +- debug: var=ansible_kernel diff --git a/ansible/roles/enable_iommu_on_boot/vars/main.yml b/ansible/roles/enable_iommu_on_boot/vars/main.yml new file mode 100644 index 000000000..1b642dcb5 --- /dev/null +++ b/ansible/roles/enable_iommu_on_boot/vars/main.yml @@ -0,0 +1,17 @@ +# Copyright (c) 2017 Intel Corporation +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +update_grub: + Debian: "update-grub2" + RedHat: "grub2-mkconfig -o /boot/grub2/grub.cfg" diff --git a/ansible/roles/infra_check_requirements/tasks/main.yml b/ansible/roles/infra_check_requirements/tasks/main.yml new file mode 100644 index 000000000..8d05bbdb7 --- /dev/null +++ b/ansible/roles/infra_check_requirements/tasks/main.yml @@ -0,0 +1,43 @@ +# Copyright (c) 2018 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +- name: Include + include_vars: + file: "{{rs_file}}" + name: infra_deploy_vars + +- name: Store total CPU, RAM, Disk requested resources + set_fact: + vcpu_t: "{{item.vcpus|int + vcpu_t|int}}" + vram_t: "{{item.ram|int + vram_t|int}}" + disk_t: "{{item.disk|int + disk_t|int}}" + with_items: "{{infra_deploy_vars.nodes}}" + +- name: Fail if not enough RAM + fail: + msg: "Failed, not enough RAM, required: {{ vram_t }}, available {{ ansible_memory_mb.nocache.free }}" + when: ansible_memory_mb.nocache.free < vram_t|int + +- name: Fail if not enough CPU + fail: + msg: "Failed, not enough CPU, required: {{ vcpu_t }}, available {{ ansible_processor_vcpus }}" + when: ansible_processor_vcpus < vcpu_t|int + + +- name: Fail if not enough Disk space + set_fact: + disk_avail: "{% for mount in ansible_mounts if mount.mount == '/' %}{{ (mount.size_available/1024/1024)|int }}{% endfor %}" +- fail: + msg: "Failed, not enough disk space, required {{ disk_t }}, available: {{ disk_avail }}" + when: disk_avail|int < disk_t|int diff --git a/ansible/roles/infra_check_requirements/vars/main.yml b/ansible/roles/infra_check_requirements/vars/main.yml new file mode 100644 index 000000000..219c33875 --- /dev/null +++ b/ansible/roles/infra_check_requirements/vars/main.yml @@ -0,0 +1,17 @@ +# Copyright (c) 2018 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +vcpu_t: 0 +vram_t: 0 +disk_t: 0 diff --git a/ansible/roles/infra_destroy_previous_configuration/tasks/delete_network.yml b/ansible/roles/infra_destroy_previous_configuration/tasks/delete_network.yml new file mode 100644 index 000000000..314ee30af --- /dev/null +++ b/ansible/roles/infra_destroy_previous_configuration/tasks/delete_network.yml @@ -0,0 +1,48 @@ +# Copyright (c) 2017-2018 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +- name: Destroy old networks created by virt + virt_net: + name: "{{ network_item.name }}" + command: destroy + when: network_item.name in virt_nets.list_nets + +# Ignoring erros as network can be created without being defined. +# This can happen if a user manually creates a network using the virsh command. +# If the network is not defined the undefine code will throw an error. +- name: Undefine old networks defined by virt + virt_net: + name: "{{ network_item.name }}" + command: undefine + when: network_item.name in virt_nets.list_nets + ignore_errors: yes + +- name: Check if "ovs-vsctl" command is present + command: which ovs-vsctl + register: ovs_vsctl_present + ignore_errors: yes + +- name: Destroy OVS bridge if it exists + command: ovs-vsctl --if-exists -- del-br "{{ network_item.name }}" + when: ovs_vsctl_present.rc == 0 + +- name: Check if linux bridge is present + stat: path="{{ '/sys/class/net/'+network_item.name+'/brif/' }}" + register: check_linux_bridge + +- name: Remove linux bridge if it exists + shell: | + ifconfig "{{ network_item.name }}" down + brctl delbr "{{ network_item.name }}" + when: check_linux_bridge.stat.exists diff --git a/ansible/roles/infra_destroy_previous_configuration/tasks/main.yml b/ansible/roles/infra_destroy_previous_configuration/tasks/main.yml new file mode 100644 index 000000000..5595cd501 --- /dev/null +++ b/ansible/roles/infra_destroy_previous_configuration/tasks/main.yml @@ -0,0 +1,47 @@ +# Copyright (c) 2017-2018 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +- name: Include + include_vars: + file: "{{ rs_file }}" + name: infra_deploy_vars + +- name: List virt-nets + virt_net: command=list_nets + register: virt_nets + +- name: List VMs + virt: command=list_vms + register: virt_vms + +- name: Destroy old VMs + virt: + command: destroy + name: "{{ item.hostname }}" + when: item.hostname in virt_vms.list_vms + with_items: "{{ infra_deploy_vars.nodes }}" + +- name: Undefine old VMs + virt: + command: undefine + name: "{{ item.hostname }}" + when: item.hostname in virt_vms.list_vms + with_items: "{{ infra_deploy_vars.nodes }}" + +- name: Delete old networks + include_tasks: delete_network.yml + extra_vars: "{{ virt_nets }}" + loop_control: + loop_var: network_item + with_items: "{{ infra_deploy_vars.networks }}" diff --git a/ansible/roles/install_drivers/tasks/Debian.yml b/ansible/roles/install_drivers/tasks/Debian.yml new file mode 100755 index 000000000..27f6b74cc --- /dev/null +++ b/ansible/roles/install_drivers/tasks/Debian.yml @@ -0,0 +1,16 @@ +# Copyright (c) 2018 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +- name: Install kernel headers + action: "{{ ansible_pkg_mgr }} name=linux-headers-{{ chroot_kernel }} state=present" diff --git a/ansible/roles/install_drivers/tasks/RedHat.yml b/ansible/roles/install_drivers/tasks/RedHat.yml new file mode 100644 index 000000000..d2e2a3768 --- /dev/null +++ b/ansible/roles/install_drivers/tasks/RedHat.yml @@ -0,0 +1,16 @@ +# Copyright (c) 2018 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +- name: Install kernel headers + action: "{{ ansible_pkg_mgr }} name=kernel-headers-{{ chroot_kernel }} state=present" diff --git a/ansible/roles/install_drivers/tasks/i40evf.yml b/ansible/roles/install_drivers/tasks/i40evf.yml new file mode 100644 index 000000000..1cd95ceb0 --- /dev/null +++ b/ansible/roles/install_drivers/tasks/i40evf.yml @@ -0,0 +1,31 @@ +# Copyright (c) 2018 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +- name: Make i40evf + make: + chdir: "{{ i40evf_path }}/src" + params: + BUILD_KERNEL: "{{ chroot_kernel }}" + +- name: Make i40evf install + make: + chdir: "{{ i40evf_path }}/src" + target: install + params: + BUILD_KERNEL: "{{ chroot_kernel }}" + +- name: Configure i40evf to load on boot + copy: + content: i40evf + dest: /etc/modules-load.d/i40evf.conf diff --git a/ansible/roles/install_drivers/tasks/main.yml b/ansible/roles/install_drivers/tasks/main.yml new file mode 100644 index 000000000..72a432e54 --- /dev/null +++ b/ansible/roles/install_drivers/tasks/main.yml @@ -0,0 +1,28 @@ +# Copyright (c) 2018 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +- name: Find kernel for image, (including chroot) + find_kernel: + kernel: "{{ ansible_kernel }}" + register: found_kernel + +# Do this before installing kernel headers +- name: Set chroot_kernel to be the kernel we found + set_fact: + chroot_kernel: "{{ found_kernel.kernel }}" + +- include: "{{ ansible_os_family }}.yml" + +# Install drivers +- include: i40evf.yml |