diff options
Diffstat (limited to 'ansible/roles')
94 files changed, 3039 insertions, 173 deletions
diff --git a/ansible/roles/add_custom_repos/tasks/main.yml b/ansible/roles/add_custom_repos/tasks/main.yml index 7341ad07d..b1dfd542d 100644 --- a/ansible/roles/add_custom_repos/tasks/main.yml +++ b/ansible/roles/add_custom_repos/tasks/main.yml @@ -12,5 +12,5 @@ # See the License for the specific language governing permissions and # limitations under the License. --- -- include: "{{ target_os|lower }}.yml" +- include_tasks: "{{ target_os|lower }}.yml" diff --git a/ansible/roles/add_repos_jumphost/tasks/Debian.yml b/ansible/roles/add_repos_jumphost/tasks/Debian.yml new file mode 100644 index 000000000..e15699617 --- /dev/null +++ b/ansible/roles/add_repos_jumphost/tasks/Debian.yml @@ -0,0 +1,80 @@ +# Copyright (c) 2018 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +# Arguments needed: arch_arm64, arch_amd64, ubuntu_archive + +- name: Set the repositories architecture name + set_fact: + arch: "{{ arch_arm64 if ansible_architecture == 'aarch64' else arch_amd64 }}" + extra_arch: "{{ arch_amd64 if ansible_architecture == 'aarch64' else arch_arm64 }}" + +- name: Define the repositories names + set_fact: + repo: "{{ ubuntu_archive[arch] }}" + extra_repo: "{{ ubuntu_archive[extra_arch] }}" + +- name: Add architecture to the default repository list + replace: + path: "{{ sources_list_file }}" + regexp: '(^deb\s+)([^\[].*)$' + replace: 'deb [arch={{ arch }}] \2' + +- name: Remove support for source repositories + replace: + path: "{{ sources_list_file }}" + regexp: "^deb-src " + replace: "# deb-src " + +- name: Add extra architecture + command: "dpkg --add-architecture {{ extra_arch }}" + +- name: Define the default release version + copy: + dest: "{{ default_distro_file }}" + content: 'APT::Default-Release "{{ ansible_distribution_release }}";' + +- name: Remove extra repository file + file: + path: "{{ repo_file }}" + state: absent + ignore_errors: yes + +- name: Add extra repository file + file: + path: "{{ repo_file }}" + state: touch + +- name: Add the repository for qemu_static_user/xenial + blockinfile: + path: "{{ repo_file }}" + marker: "MARKER" + content: | + deb [arch={{ arch }}] {{ repo }} xenial-updates universe + when: ansible_distribution_release != "xenial" + +- name: Add extra architecture repositories if installing in container + blockinfile: + path: "{{ repo_file }}" + marker: "MARKER" + content: | + deb [arch={{ extra_arch }}] {{ extra_repo }} {{ ansible_distribution_release }} main universe multiverse restricted + deb [arch={{ extra_arch }}] {{ extra_repo }} {{ ansible_distribution_release }}-updates main universe multiverse restricted + deb [arch={{ extra_arch }}] {{ extra_repo }} {{ ansible_distribution_release }}-security main universe multiverse restricted + when: installation_mode == "container" + +- name: Remove the marker + lineinfile: + dest: "{{ repo_file }}" + state: absent + regexp: "MARKER" diff --git a/ansible/roles/add_repos_jumphost/tasks/main.yml b/ansible/roles/add_repos_jumphost/tasks/main.yml new file mode 100644 index 000000000..f50fd9f0d --- /dev/null +++ b/ansible/roles/add_repos_jumphost/tasks/main.yml @@ -0,0 +1,16 @@ +# Copyright (c) 2018 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +- include: "{{ ansible_os_family }}.yml" + when: ansible_os_family == "Debian" diff --git a/ansible/roles/add_repos_jumphost/vars/main.yml b/ansible/roles/add_repos_jumphost/vars/main.yml new file mode 100644 index 000000000..30e444711 --- /dev/null +++ b/ansible/roles/add_repos_jumphost/vars/main.yml @@ -0,0 +1,17 @@ +# Copyright (c) 2018 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +repo_file: "/etc/apt/sources.list.d/yardstick.list" +sources_list_file: "/etc/apt/sources.list" +default_distro_file: "/etc/apt/apt.conf.d/default-distro" diff --git a/ansible/roles/barometer_collectd/tasks/main.yaml b/ansible/roles/barometer_collectd/tasks/main.yaml new file mode 100644 index 000000000..c06540c3f --- /dev/null +++ b/ansible/roles/barometer_collectd/tasks/main.yaml @@ -0,0 +1,40 @@ +#Copyright 2018 OPNFV and Intel Corporation +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- + +- name: Remove barometer-collectd container + docker_container: + name: barometer-collectd + state: absent + +- name: Remove barometer-collectd image + docker_image: + name: opnfv/barometer-collectd + state: absent + +- name: Prepare collectd container + docker_container: + name: barometer-collectd + image: opnfv/barometer-collectd + volumes: + - /opt/collectd/etc/collectd.conf.d/:/opt/collectd/etc/collectd.conf.d + - /var/run:/var/run + - /tmp:/tmp + - /var/lib/collectd:/var/lib/collectd + command: "/run_collectd.sh" + detach: yes + state: present + restart: no + privileged: yes + network_mode: host diff --git a/ansible/roles/build_cni/defaults/main.yml b/ansible/roles/build_cni/defaults/main.yml new file mode 100644 index 000000000..18aa418f4 --- /dev/null +++ b/ansible/roles/build_cni/defaults/main.yml @@ -0,0 +1,16 @@ +# Copyright (c) 2018-2019 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +cni_src_dir: /opt/cni/src +cni_bin_dir: /opt/cni/bin diff --git a/ansible/roles/build_cni/tasks/main.yml b/ansible/roles/build_cni/tasks/main.yml new file mode 100644 index 000000000..ee66686f8 --- /dev/null +++ b/ansible/roles/build_cni/tasks/main.yml @@ -0,0 +1,49 @@ +# Copyright (c) 2018-2019 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +- name: Get CNI driver sources + git: + repo: "{{ item.value.repo_url }}" + dest: "{{ cni_src_dir }}/{{ item.key }}" + version: "{{ item.value.repo_ver }}" + with_dict: "{{ cni_info }}" + +- name: Compile CNI drivers + command: "{{ cni_src_dir }}/{{ item.key }}/{{ item.value.build_script }}" + environment: "{{ go_env }}" + args: + chdir: "{{ cni_src_dir }}/{{ item.key }}" + with_dict: "{{ cni_info }}" + +- name: Get list of compiled CNI binaries + shell: ls -1 {{ item.key }}/bin/* + register: ls_cni_binaries_result + args: + chdir: "{{ cni_src_dir }}" + with_dict: "{{ cni_info }}" + +- set_fact: + cni_binary_list: "{{ cni_binary_list|default([]) + item.stdout_lines }}" + with_items: "{{ ls_cni_binaries_result.results }}" + +- name: Create CNI binaries dir + file: path={{ cni_bin_dir }} state=directory + +- name: Copy CNI binaries into kublet bin dir + copy: + src: "{{ cni_src_dir }}/{{ item }}" + dest: "{{ cni_bin_dir }}/" + remote_src: yes + mode: 0755 + with_items: "{{ cni_binary_list }}" diff --git a/ansible/roles/build_yardstick_image/tasks/cloudimg_modify_normal.yml b/ansible/roles/build_yardstick_image/tasks/cloudimg_modify_normal.yml new file mode 100644 index 000000000..435b43856 --- /dev/null +++ b/ansible/roles/build_yardstick_image/tasks/cloudimg_modify_normal.yml @@ -0,0 +1,56 @@ +# Copyright (c) 2018 Intel Corporation.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+---
+- debug:
+ msg: "chrooted in {{ inventory_hostname }}"
+
+- debug:
+ var: proxy_env
+ verbosity: 2
+
+- include_role:
+ name: "{{ role_item }}"
+ with_items:
+ - reset_resolv_conf
+ - add_custom_repos
+ - modify_cloud_config
+ loop_control:
+ loop_var: role_item
+
+- include_role:
+ name: set_package_installer_proxy
+ when: proxy_env is defined and proxy_env
+
+- include_role:
+ name: install_image_dependencies
+
+- include_vars: roles/download_unixbench/defaults/main.yml
+ when: unixbench_dest is undefined
+
+- include_vars: roles/download_ramspeed/defaults/main.yml
+ when: ramspeed_dest is undefined
+
+- include_role:
+ name: "{{ role_item }}"
+ with_items:
+ - download_l2fwd
+ - download_unixbench
+ - install_unixbench
+ - download_ramspeed
+ - install_ramspeed
+ - download_cachestat
+ loop_control:
+ loop_var: role_item
+
+ environment: "{{ proxy_env }}"
diff --git a/ansible/roles/build_yardstick_image/tasks/cloudimg_modify_nsb.yml b/ansible/roles/build_yardstick_image/tasks/cloudimg_modify_nsb.yml new file mode 100644 index 000000000..65b9b8188 --- /dev/null +++ b/ansible/roles/build_yardstick_image/tasks/cloudimg_modify_nsb.yml @@ -0,0 +1,129 @@ +# Copyright (c) 2018-2019 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +- debug: + msg: "chrooted in {{ inventory_hostname }}" + +- debug: + var: proxy_env + verbosity: 2 + +- debug: msg="play_hosts={{play_hosts}}" + +- include_role: + name: "{{ role_item }}" + with_items: + - reset_resolv_conf + - add_custom_repos + - modify_cloud_config + loop_control: + loop_var: role_item + +- include_role: + name: set_package_installer_proxy + when: proxy_env is defined and proxy_env + +- include_vars: roles/install_dpdk/vars/main.yml + when: dpdk_make_arch is undefined + +- include_vars: roles/download_dpdk/defaults/main.yml + when: dpdk_version is undefined + +- include_vars: roles/download_trex/defaults/main.yml + when: trex_unarchive is undefined + +- include_vars: roles/download_civetweb/defaults/main.yml + when: civetweb_dest is undefined + +- include_role: + name: "{{ role_item }}" + with_items: + - install_image_dependencies + - enable_hugepages_on_boot # can't update grub in chroot/docker + - increase_open_file_limits # needed for collectd plugins + - download_trex + - install_trex + - download_civetweb + - install_civetweb + loop_control: + loop_var: role_item + environment: "{{ proxy_env }}" + +- include_vars: roles/install_dpdk/defaults/main.yml + when: INSTALL_BIN_PATH is undefined + +- include_vars: roles/download_samplevnfs/defaults/main.yml + +- include_role: + name: "{{ role_item }}" + vars: + dpdk_version: "{{ dpdk_version_for_PROX }}" + with_items: + - download_dpdk + - install_dpdk + - download_samplevnfs + loop_control: + loop_var: role_item + environment: "{{ proxy_env }}" + +- name: Install PROX + include_role: + name: install_samplevnf + vars: + vnf_name: PROX + +- include_role: + name: "{{ role_item }}" + with_items: + - download_dpdk + - install_dpdk + - download_pktgen + - install_pktgen + loop_control: + loop_var: role_item + environment: "{{ proxy_env }}" + +- include_vars: roles/download_samplevnfs/defaults/main.yml + when: samplevnf_dest is undefined +- set_fact: + samplevnf_path: "{{ samplevnf_dest }}" +- include_role: + name: install_samplevnf + with_items: + - UDP_Replay + - ACL + - FW + - CGNAPT + loop_control: + loop_var: vnf_name + +- include_vars: roles/download_drivers/defaults/main.yml + when: i40evf_path is undefined + +- include_role: + name: "{{ role_item }}" + with_items: + - install_dpdk_shared # build shared DPDK for collectd only, required DPDK downloaded already + - install_rabbitmq + - download_intel_cmt_cat + - install_intel_cmt_cat + - download_pmu_tools + - install_pmu_tools + - download_collectd + - install_collectd + - download_drivers + - install_drivers + loop_control: + loop_var: role_item + environment: "{{ proxy_env }}" diff --git a/ansible/roles/build_yardstick_image/tasks/main.yml b/ansible/roles/build_yardstick_image/tasks/main.yml new file mode 100644 index 000000000..e21cbb766 --- /dev/null +++ b/ansible/roles/build_yardstick_image/tasks/main.yml @@ -0,0 +1,14 @@ +# Copyright (c) 2018 Intel Corporation.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+---
diff --git a/ansible/roles/build_yardstick_image/tasks/post_build.yml b/ansible/roles/build_yardstick_image/tasks/post_build.yml new file mode 100644 index 000000000..14b7a3d17 --- /dev/null +++ b/ansible/roles/build_yardstick_image/tasks/post_build.yml @@ -0,0 +1,56 @@ +# Copyright (c) 2018 Intel Corporation.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+---
+- name: convert image to image file
+ command: qemu-img convert -c -o compat=0.10 -O qcow2 {{ raw_imgfile }} {{ imgfile }}
+
+# Post build yardstick image
+- group_by:
+ key: image_builder
+
+- name: remove ubuntu policy-rc.d workaround
+ file:
+ path: "{{ mountdir }}/usr/sbin/policy-rc.d"
+ state: absent
+ when: "target_os == 'Ubuntu'"
+
+- name: cleanup fake tmp fstab
+ file:
+ path: "{{ fake_fstab }}"
+ state: absent
+
+- mount:
+ name: "{{ mountdir }}/proc"
+ state: unmounted
+
+- mount:
+ name: "{{ mountdir }}/run"
+ state: unmounted
+
+- mount:
+ name: "{{ mountdir }}"
+ state: unmounted
+
+- name: kpartx -dv to delete all image partition device nodes
+ command: kpartx -dv "{{ raw_imgfile }}"
+ ignore_errors: true
+
+- debug:
+ msg: "yardstick image = {{ imgfile }}"
+
+- set_fact:
+ imgdest: "/var/lib/libvirt/images/{{ imgfile | basename}}"
+
+- name: Copy image to libvirt images
+ shell: "cp {{ imgfile }} {{ imgdest }}"
diff --git a/ansible/roles/build_yardstick_image/tasks/pre_build.yml b/ansible/roles/build_yardstick_image/tasks/pre_build.yml new file mode 100644 index 000000000..3ac8e90e9 --- /dev/null +++ b/ansible/roles/build_yardstick_image/tasks/pre_build.yml @@ -0,0 +1,214 @@ +# Copyright (c) 2018 Intel Corporation.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+---
+- name: Group
+ group_by:
+ key: image_builder
+
+- package: name=parted state=present
+ environment: "{{ proxy_env }}"
+
+- package: name=kpartx state=present
+ environment: "{{ proxy_env }}"
+
+- package: name="{{ growpart_package[ansible_os_family] }}" state=present
+ environment: "{{ proxy_env }}"
+
+- set_fact:
+ imgfile: "{{ normal_image_file }}"
+ when: img_prop_item == "normal"
+
+- set_fact:
+ imgfile: "{{ nsb_image_file }}"
+ when: img_prop_item == "nsb"
+
+- set_fact:
+ mountdir: "{{ lookup('env', 'mountdir')|default('/mnt/yardstick', true) }}"
+ raw_imgfile: "{{ workspace }}/{{ raw_imgfile_basename }}"
+
+# cleanup non-lxd
+- name: unmount all old mount points
+ mount:
+ name: "{{ item }}"
+ state: unmounted
+ with_items:
+ # order matters
+ - "{{ mountdir }}/proc"
+ - "{{ mountdir }}/run"
+ - "{{ mountdir }}"
+ - "/mnt/{{ release }}"
+
+- name: kpartx -dv to delete all image partition device nodes
+ command: kpartx -dv "{{ raw_imgfile }}"
+ ignore_errors: true
+
+- name: Debug dump loop devices
+ command: losetup -a
+ ignore_errors: true
+
+- name: delete loop devices for image file
+ # use this because kpartx -dv will fail if raw_imgfile was delete
+ # but in theory we could have deleted file still attached to loopback device?
+ # use grep because of // and awk
+ shell: losetup -O NAME,BACK-FILE | grep "{{ raw_imgfile_basename }}" | awk '{ print $1 }' | xargs -l1 losetup -v -d
+ ignore_errors: true
+
+- name: Debug dump loop devices again
+ command: losetup -a
+ ignore_errors: true
+
+- name: delete {{ raw_imgfile }}
+ file:
+ path: "{{ raw_imgfile }}"
+ state: absent
+
+# common
+- name: remove {{ mountdir }}
+ file:
+ path: "{{ mountdir }}"
+ state: absent
+
+# download-common
+- name: remove {{ workspace }}
+ file:
+ path: "{{ workspace }}"
+ state: directory
+
+- name: "fetch {{ image_url }} and verify "
+ fetch_url_and_verify:
+ url: "{{ image_url }}"
+ sha256url: "{{ sha256sums_url }}"
+ dest: "{{ image_dest }}"
+
+- name: convert image to raw
+ command: "qemu-img convert {{ image_dest }} {{ raw_imgfile }}"
+
+- name: resize image to allow for more VNFs
+ command: "qemu-img resize -f raw {{ raw_imgfile }} +2G"
+
+- name: resize parition to allow for more VNFs
+ # use growpart because maybe it handles GPT better than parted
+ command: growpart {{ raw_imgfile }} 1
+
+- name: create mknod devices in chroot
+ command: "mknod -m 0660 /dev/loop{{ item }} b 7 {{ item }}"
+ args:
+ creates: "/dev/loop{{ item }}"
+ with_sequence: start=0 end=9
+ tags: mknod_devices
+
+- name: find first partition device
+ command: kpartx -l "{{ raw_imgfile }}"
+ register: kpartx_res
+
+- set_fact:
+ image_first_partition: "{{ kpartx_res.stdout_lines[0].split()[0] }}"
+
+- set_fact:
+ # assume / is the first partition
+ image_first_partition_device: "/dev/mapper/{{ image_first_partition }}"
+
+- name: use kpartx to create device nodes for the raw image loop device
+ # operate on the loop device to avoid /dev namespace missing devices
+ command: kpartx -avs "{{ raw_imgfile }}"
+
+- name: parted dump raw image
+ command: parted "{{ raw_imgfile }}" print
+ register: parted_res
+
+- debug:
+ var: parted_res
+ verbosity: 2
+
+- name: use blkid to find filesystem type of first partition device
+ command: blkid -o value -s TYPE {{ image_first_partition_device }}
+ register: blkid_res
+
+- set_fact:
+ image_fs_type: "{{ blkid_res.stdout.strip() }}"
+
+- fail:
+ msg: "We only support ext4 image filesystems because we have to resize"
+ when: image_fs_type != "ext4"
+
+- name: fsck the image filesystem
+ command: "e2fsck -y -f {{ image_first_partition_device }}"
+
+- name: resize filesystem to full partition size
+ command: resize2fs {{ image_first_partition_device }}
+
+- name: fsck the image filesystem
+ command: "e2fsck -y -f {{ image_first_partition_device }}"
+
+- name: make tmp disposable fstab
+ command: mktemp --tmpdir fake_fstab.XXXXXXXXXX
+ register: mktemp_res
+
+- set_fact:
+ fake_fstab: "{{ mktemp_res.stdout.strip() }}"
+
+- name: mount first parition on image device
+ mount:
+ src: "{{ image_first_partition_device }}"
+ name: "{{ mountdir }}"
+ # fstype is required
+ fstype: "{{ image_fs_type }}"
+ # !!!!!!! this is required otherwise we add entries to /etc/fstab
+ # and prevent the system from booting
+ fstab: "{{ fake_fstab }}"
+ state: mounted
+
+- name: mount chroot /proc
+ mount:
+ src: none
+ name: "{{ mountdir }}/proc"
+ fstype: proc
+ # !!!!!!! this is required otherwise we add entries to /etc/fstab
+ # and prevent the system from booting
+ fstab: "{{ fake_fstab }}"
+ state: mounted
+
+- name: mount chroot /run
+ mount:
+ src: /run
+ name: "{{ mountdir }}/run"
+ fstype: tmpfs
+ opts: bind
+ # !!!!!!! this is required otherwise we add entries to /etc/fstab
+ # and prevent the system from booting
+ fstab: "{{ fake_fstab }}"
+ state: mounted
+
+- name: if arm copy qemu-aarch64-static into chroot
+ copy:
+ src: /usr/bin/qemu-aarch64-static
+ dest: "{{ mountdir }}/usr/bin"
+ when: img_arch == arch_arm64
+
+- name: create ubuntu policy-rc.d workaround
+ copy:
+ content: "{{ '#!/bin/sh\nexit 101\n' }}"
+ dest: "{{ mountdir }}/usr/sbin/policy-rc.d"
+ mode: 0755
+ when: "target_os == 'Ubuntu'"
+
+- name: add chroot as host
+ add_host:
+ name: "{{ mountdir }}"
+ groups: chroot_image,image_builder
+ connection: chroot
+ ansible_python_interpreter: /usr/bin/python3
+ # set this host variable here
+ nameserver_ip: "{{ ansible_dns.nameservers[0] }}"
+ image_type: vm
diff --git a/ansible/roles/build_yardstick_image/vars/main.yml b/ansible/roles/build_yardstick_image/vars/main.yml new file mode 100644 index 000000000..3d4054408 --- /dev/null +++ b/ansible/roles/build_yardstick_image/vars/main.yml @@ -0,0 +1,33 @@ +# Copyright (c) 2018 Intel Corporation.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+---
+boot_modes:
+ 'amd64': disk1
+ 'arm64': uefi1
+boot_mode: "{{ boot_modes[YARD_IMG_ARCH] }}"
+image_filename:
+ 'xenial': "{{ release }}-server-cloudimg-{{ YARD_IMG_ARCH }}-{{ boot_mode }}.img"
+ 'bionic': "{{ release }}-server-cloudimg-{{ YARD_IMG_ARCH }}.img"
+image_path: "{{ release }}/current/{{ image_filename[release] }}"
+host: "{{ lookup('env', 'HOST')|default('cloud-images.ubuntu.com', true)}}"
+image_url: "{{ lookup('env', 'IMAGE_URL')|default('https://' ~ host ~ '/' ~ image_path, true) }}"
+image_dest: "{{ workspace }}/{{ image_filename[release] }}"
+sha256sums_path: "{{ release }}/current/SHA256SUMS"
+sha256sums_filename: "{{ sha256sums_path|basename }}"
+sha256sums_url: "{{ lookup('env', 'SHA256SUMS_URL')|default('https://' ~ host ~ '/' ~ sha256sums_path, true) }}"
+workspace: "{{ lookup('env', 'workspace')|default('/tmp/workspace/yardstick', true) }}"
+raw_imgfile_basename: "yardstick-{{ release }}-server.raw"
+growpart_package:
+ RedHat: cloud-utils-growpart
+ Debian: cloud-guest-utils
diff --git a/ansible/roles/configure_gui/tasks/main.yml b/ansible/roles/configure_gui/tasks/main.yml new file mode 100644 index 000000000..665053ccf --- /dev/null +++ b/ansible/roles/configure_gui/tasks/main.yml @@ -0,0 +1,38 @@ +# Copyright (c) 2018 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +- name: Define variables + set_fact: + gui_dir: "{{ yardstick_dir }}/gui/" + +- name: Run gui.sh + shell: + cmd: /bin/bash gui.sh + chdir: "{{ gui_dir }}" + +- name: Create nginx/yardstick directory + file: + path: /etc/nginx/yardstick + state: directory + recurse: yes + +- name: Remove /etc/nginx/yardstick/gui/dist directory if it exists + file: + path: /etc/nginx/yardstick/gui/dist + state: absent + +- name: Move dist to /etc/nginx/yardstick/gui + shell: + cmd: mv dist /etc/nginx/yardstick/gui + chdir: "{{ gui_dir }}" diff --git a/ansible/roles/configure_nginx/tasks/main.yml b/ansible/roles/configure_nginx/tasks/main.yml new file mode 100644 index 000000000..e0f7f75bb --- /dev/null +++ b/ansible/roles/configure_nginx/tasks/main.yml @@ -0,0 +1,33 @@ +# Copyright (c) 2018 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +- name: Define variables + set_fact: + socket_file: "{{ socket_file|default('/var/run/yardstick.sock') }}" + +- name: Make sure conf.d directory exists + file: + path: /etc/nginx/conf.d + state: directory + +- name: Create the nginx config file + template: + src: yardstick.conf.j2 + dest: "/etc/nginx/conf.d/yardstick.conf" + +- name: Configure ports if RedHat OS + shell: | + semanage port -m -t http_port_t -p tcp 5000 + semanage port -m -t http_port_t -p udp 5000 + when: ansible_os_family == "RedHat" diff --git a/ansible/roles/configure_nginx/templates/yardstick.conf.j2 b/ansible/roles/configure_nginx/templates/yardstick.conf.j2 new file mode 100644 index 000000000..484096cec --- /dev/null +++ b/ansible/roles/configure_nginx/templates/yardstick.conf.j2 @@ -0,0 +1,18 @@ +server { + listen 5000; + server_name localhost; + index index.htm index.html; + location / { + include uwsgi_params; + client_max_body_size 2000m; + uwsgi_pass unix://{{ socket_file }}; + } + + location /gui/ { + alias /etc/nginx/yardstick/gui/; + } + + location /report/ { + alias /tmp/; + } +} diff --git a/ansible/roles/configure_rabbitmq/tasks/main.yml b/ansible/roles/configure_rabbitmq/tasks/main.yml new file mode 100644 index 000000000..59998abc0 --- /dev/null +++ b/ansible/roles/configure_rabbitmq/tasks/main.yml @@ -0,0 +1,39 @@ +# Copyright (c) 2018 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +- block: + - name: Restart rabbitmq + service: + name: rabbitmq-server + state: restarted + + - name: rabbitmqctl start_app + shell: rabbitmqctl start_app + + - name: Configure rabbitmq + rabbitmq_user: + user: yardstick + password: yardstick + configure_priv: .* + read_priv: .* + write_priv: .* + state: present + when: install_mode == inst_mode_baremetal + +- name: Create rabbitmq file for supervisor + template: + src: rabbitmq.sh.j2 + dest: /etc/yardstick/rabbitmq.sh + mode: 0755 + when: install_mode == inst_mode_container diff --git a/ansible/roles/configure_rabbitmq/templates/rabbitmq.sh.j2 b/ansible/roles/configure_rabbitmq/templates/rabbitmq.sh.j2 new file mode 100644 index 000000000..a91565c01 --- /dev/null +++ b/ansible/roles/configure_rabbitmq/templates/rabbitmq.sh.j2 @@ -0,0 +1,20 @@ +#!/bin/bash
+trap "rabbitmqctl stop_app" EXIT
+
+rabbitmqctl stop_app
+service rabbitmq-server restart
+rabbitmqctl start_app
+
+tmp_file="/tmp/$(basename -- $0).configured"
+if [ ! -f "$tmp_file" ]; then
+ rabbitmqctl add_user yardstick yardstick
+ rabbitmqctl set_permissions -p / yardstick '.*' '.*' '.*'
+ touch "$tmp_file"
+fi
+
+while :
+do
+ sleep 5
+ service rabbitmq-server status > /dev/null 2>&1 || exit 1
+ rabbitmqctl report | grep "Status of node rabbit@`hostname`" > /dev/null 2>&1 || exit 1
+done
diff --git a/ansible/roles/configure_uwsgi/tasks/main.yml b/ansible/roles/configure_uwsgi/tasks/main.yml new file mode 100644 index 000000000..8822bda53 --- /dev/null +++ b/ansible/roles/configure_uwsgi/tasks/main.yml @@ -0,0 +1,53 @@ +# Copyright (c) 2018 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +- name: Define variables + set_fact: + config_dir: "/etc/yardstick/" + log_dir: "/var/log/yardstick/" + socket_file: "/var/run/yardstick.sock" + +- name: Create UWSGI config directory + file: + path: "/etc/yardstick" + state: directory + owner: root + mode: 0755 + +- name: Create API log directory + file: + path: "{{ log_dir }}" + state: directory + owner: root + mode: 0777 + +- name: Create the socket for communicating + file: + path: "{{ socket_file }}" + state: touch + owner: root + mode: 0644 + +- set_fact: + uwsgi_log: "logto" + when: installation_mode == inst_mode_container + +- set_fact: + uwsgi_log: "daemonize" + when: installation_mode != inst_mode_container + +- name: Create the UWSGI config file + template: + src: yardstick.ini.j2 + dest: "{{ config_dir }}yardstick.ini" diff --git a/ansible/roles/configure_uwsgi/templates/yardstick.ini.j2 b/ansible/roles/configure_uwsgi/templates/yardstick.ini.j2 new file mode 100644 index 000000000..1890f16f9 --- /dev/null +++ b/ansible/roles/configure_uwsgi/templates/yardstick.ini.j2 @@ -0,0 +1,18 @@ +[uwsgi] +master = true +debug = true +chdir = {{ yardstick_dir }}/api +module = server +plugins = python +processes = 10 +threads = 5 +async = true +max-requests = 5000 +chmod-socket = 666 +callable = app_wrapper +enable-threads = true +close-on-exec = 1 +{{ uwsgi_log }} = {{ log_dir }}/uwsgi.log +socket = {{ socket_file }} +{# If virtual environment, we need to add: + virtualenv = <virtual_env> #} diff --git a/ansible/roles/docker/tasks/Debian.yml b/ansible/roles/docker/tasks/Debian.yml index cf4128774..a03040d88 100644 --- a/ansible/roles/docker/tasks/Debian.yml +++ b/ansible/roles/docker/tasks/Debian.yml @@ -12,15 +12,21 @@ # See the License for the specific language governing permissions and # limitations under the License. --- - - name: add Ubuntu docker repo - apt_repository: repo='deb [trusted=yes] {{ ubuntu_docker_url }} ubuntu-{{ ansible_distribution_release }} main' state=present + - name: Install docker.io + action: "{{ ansible_pkg_mgr }} name=docker.io state=present force=yes" - - name: ensure correct docker version - action: "{{ ansible_pkg_mgr }} name={{ item }} state=present force=yes" - with_items: "{{ docker_packages[ansible_os_family] }}" + - name: Update package manager cache + tags: + - cache_update + package: + update_cache: yes - - name: remove Ubuntu docker repo - apt_repository: - repo: 'deb [trusted=yes] {{ ubuntu_docker_url }} ubuntu-{{ ansible_distribution_release }} main' - state: absent - update_cache: no + - name: Install python-pip + package: + name: python-pip + state: present + + - name: Install docker-py + pip: + name: docker-py + state: present diff --git a/ansible/roles/docker/tasks/main.yml b/ansible/roles/docker/tasks/main.yml index bbec371a8..18e441462 100644 --- a/ansible/roles/docker/tasks/main.yml +++ b/ansible/roles/docker/tasks/main.yml @@ -1,4 +1,4 @@ -# Copyright (c) 2017 Intel Corporation. +# Copyright (c) 2017-2019 Intel Corporation. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -18,6 +18,10 @@ - name: create docker service config dir file: path=/etc/systemd/system/docker.service.d state=directory + - name: docker configuration + template: src=daemon.json.j2 dest=/etc/docker/daemon.json owner=root mode=0644 + when: 'docker_daemon_config is defined' + - name: create docker proxy config template: src=http-proxy-conf.j2 dest=/etc/systemd/system/docker.service.d/http-proxy.conf owner=root mode=0644 when: 'proxy_env is defined and "http_proxy" in proxy_env or "https_proxy" in proxy_env' diff --git a/ansible/roles/docker/templates/daemon.json.j2 b/ansible/roles/docker/templates/daemon.json.j2 new file mode 100644 index 000000000..57bdc9f63 --- /dev/null +++ b/ansible/roles/docker/templates/daemon.json.j2 @@ -0,0 +1 @@ +{{ docker_daemon_config | to_nice_json }} diff --git a/ansible/roles/docker/vars/main.yml b/ansible/roles/docker/vars/main.yml index 8b5077490..a735d523d 100644 --- a/ansible/roles/docker/vars/main.yml +++ b/ansible/roles/docker/vars/main.yml @@ -16,5 +16,3 @@ docker_project_url: https://yum.dockerproject.org docker_packages: "RedHat": - docker-engine-1.13.1 - "Debian": - - docker-engine=1.13.1* diff --git a/ansible/roles/download_civetweb/tasks/main.yml b/ansible/roles/download_civetweb/tasks/main.yml index 03dd3ccd3..b6a475774 100644 --- a/ansible/roles/download_civetweb/tasks/main.yml +++ b/ansible/roles/download_civetweb/tasks/main.yml @@ -18,6 +18,10 @@ dest: "{{ clone_dest }}/" validate_certs: False checksum: "{{ civetweb_sha256s }}" + register: package_result + until: package_result is succeeded + retries: 10 + delay: 5 - name: unarchive civetweb unarchive: diff --git a/ansible/roles/download_dpdk/defaults/main.yml b/ansible/roles/download_dpdk/defaults/main.yml index d548280f5..b2d959eed 100644 --- a/ansible/roles/download_dpdk/defaults/main.yml +++ b/ansible/roles/download_dpdk/defaults/main.yml @@ -1,14 +1,19 @@ --- -dpdk_version: "17.02" -dpdk_url: "http://dpdk.org/browse/dpdk/snapshot/dpdk-{{ dpdk_version }}.tar.gz" +dpdk_version: "17.05" +dpdk_version_for_PROX: "18.11" +dpdk_url: "http://fast.dpdk.org/rel/dpdk-{{ dpdk_version }}.tar.xz" dpdk_file: "{{ dpdk_url|basename }}" -dpdk_unarchive: "{{ dpdk_file|regex_replace('[.]tar[.]gz$', '') }}" +dpdk_unarchive: "{{ dpdk_file|regex_replace('[.]tar[.]xz$', '') }}" dpdk_dest: "{{ clone_dest }}/" -#Note DPDK 17.08 17.11 and 18.02 are currently unsupported due to prox build issues -dpdk_sha256s: - "16.07": "sha256:d876e4b2a7101f28e7e345d3c88e66afe877d15f0159c19c5bc5bc26b7b7d788" - "17.02": "sha256:b07b546e910095174bdb6152bb0d7ce057cc4b79aaa74771aeee4e8a7219fb38" - "17.05": "sha256:763bfb7e1765efcc949e79d645dc9f1ebd16591431ba0db5ce22becd928dcd0a" - "17.08": "sha256:3a08addbff45c636538514e9a5838fb91ea557661a4c071e03a9a6987d46e5b6" #unsupported - "17.11": "sha256:77a727bb3834549985f291409c9a77a1e8be1c9329ce4c3eb19a22d1461022e4" #unsupported - "18.02": "sha256:f1210310fd5f01a3babe3a09d9b3e5a9db791c2ec6ecfbf94ade9f893a0632b8" #unsupported + +dpdk_md5: + "16.07.2": "md5:4922ea2ec935b64ff5c191fec53344a6" + "16.11.7": "md5:c081d113dfd57633e3bc3ebc802691be" + "17.02.1": "md5:cbdf8b7a92ce934d47c38cbc9c20c54a" + "17.05": "md5:0a68c31cd6a6cabeed0a4331073e4c05" #Ubuntu 17.10 support + "17.05.2": "md5:37afc9ce410d8e6945a1beb173074003" #unsupported + "17.08.2": "md5:dd239a878c8c40cf482fdfe438f8d99c" #unsupported + "17.11.3": "md5:68ca84ac878011acf44e75d33b46f55b" #unsupported + "18.02.2": "md5:75ad6d39b513649744e49c9fcbbb9ca5" #unsupported + "18.05": "md5:9fc86367cd9407ff6a8dfea56c4eddc4" #unsupported + "18.11": "md5:04b86f4a77f4f81a7fbd26467dd2ea9f" # Not supported by SampleVNFs except PROX diff --git a/ansible/roles/download_dpdk/tasks/main.yml b/ansible/roles/download_dpdk/tasks/main.yml index bcb5dde1a..e434536a3 100644 --- a/ansible/roles/download_dpdk/tasks/main.yml +++ b/ansible/roles/download_dpdk/tasks/main.yml @@ -25,7 +25,11 @@ url: "{{ dpdk_url }}" dest: "{{ dpdk_dest }}" validate_certs: False - checksum: "{{ dpdk_sha256s[dpdk_version] }}" + checksum: "{{ dpdk_md5[dpdk_version] }}" + register: package_result + until: package_result is succeeded + retries: 10 + delay: 5 - unarchive: src: "{{ dpdk_dest }}/{{ dpdk_file }}" @@ -37,8 +41,20 @@ path: "{{ dpdk_dest }}/{{ dpdk_file }}" state: absent +- name: find unzipped DPDK folder + find: + paths: "{{ dpdk_dest }}" + patterns: "^dpdk-.*{{ dpdk_version }}$" + file_type: directory + use_regex: yes + register: dpdk_folder_match + +- fail: + msg: "Cannot find unzipped DPDK folder or more than one found" + when: dpdk_folder_match.matched != 1 + - set_fact: - dpdk_path: "{{ dpdk_dest }}/{{ dpdk_unarchive }}" + dpdk_path: "{{ dpdk_folder_match.files[0].path }}" - set_fact: RTE_SDK: "{{ dpdk_path }}" diff --git a/ansible/roles/download_drivers/defaults/main.yml b/ansible/roles/download_drivers/defaults/main.yml index ab68a3c6d..bf1e48a23 100644 --- a/ansible/roles/download_drivers/defaults/main.yml +++ b/ansible/roles/download_drivers/defaults/main.yml @@ -12,10 +12,11 @@ # See the License for the specific language governing permissions and # limitations under the License. --- -i40evf_version: "3.4.2" +i40evf_version: "3.5.13" i40evf_gzfile: "i40evf-{{ i40evf_version }}.tar.gz" i40evf_url: "https://netix.dl.sourceforge.net/project/e1000/i40evf%20stable/{{ i40evf_version }}/{{ i40evf_gzfile }}" i40evf_dest: "{{ clone_dest }}/" i40evf_path: "{{ i40evf_dest }}/{{ i40evf_gzfile|regex_replace('[.]tar[.]gz$', '') }}" i40evf_checksum: "3.4.2": "sha256:a8e2a722fb2f8ac874cb39545a331761841f1724830ff1581d2012dd37314645" + "3.5.13": "sha256:e57b95b694c8480b905e72ea13caac8714d6bb0c9eabe37cca655505b808f033"
\ No newline at end of file diff --git a/ansible/roles/download_drivers/tasks/i40evf.yml b/ansible/roles/download_drivers/tasks/i40evf.yml index cb8a09d6c..48a0330ab 100644 --- a/ansible/roles/download_drivers/tasks/i40evf.yml +++ b/ansible/roles/download_drivers/tasks/i40evf.yml @@ -23,6 +23,10 @@ dest: "{{ i40evf_dest }}/{{ i40evf_gzfile }}" validate_certs: False checksum: "{{ i40evf_checksum[i40evf_version] }}" + register: package_result + until: package_result is succeeded + retries: 10 + delay: 5 - name: Unarchive the i40evf file unarchive: diff --git a/ansible/roles/download_l2fwd/tasks/main.yml b/ansible/roles/download_l2fwd/tasks/main.yml index 7f2ea25c4..43b0ec366 100644 --- a/ansible/roles/download_l2fwd/tasks/main.yml +++ b/ansible/roles/download_l2fwd/tasks/main.yml @@ -20,6 +20,10 @@ get_url: url: "{{ l2fwd_url }}" dest: "{{ l2fwd_dest }}" + register: package_result + until: package_result is succeeded + retries: 10 + delay: 5 - unarchive: src: "{{ l2fwd_dest }}/{{ l2fwd_file }}" diff --git a/ansible/roles/download_pktgen/tasks/main.yml b/ansible/roles/download_pktgen/tasks/main.yml index ff71f207d..b5ac8cfe8 100644 --- a/ansible/roles/download_pktgen/tasks/main.yml +++ b/ansible/roles/download_pktgen/tasks/main.yml @@ -22,6 +22,10 @@ dest: "{{ pktgen_dest }}" validate_certs: False checksum: "{{ pktgen_sha256s[pktgen_version] }}" + register: package_result + until: package_result is succeeded + retries: 10 + delay: 5 - unarchive: src: "{{ pktgen_dest }}/{{ pktgen_file }}" diff --git a/ansible/roles/download_samplevnfs/defaults/main.yml b/ansible/roles/download_samplevnfs/defaults/main.yml index e40eb67c0..2ae4d6159 100644 --- a/ansible/roles/download_samplevnfs/defaults/main.yml +++ b/ansible/roles/download_samplevnfs/defaults/main.yml @@ -1,4 +1,17 @@ --- +# samplevnf_version must be a valid version accepted by "git checkout" +# It can be either: +# - a branch name: fetch branch latest commits, as of installation time +# - a tag name: frozen and reproducible, from stable branches, or +# - a commit id: frozen and reproducible, from any branch +# Some examples: +# - branch name: "master", "stable/gambia", "stable/fraser" +# - tag name: "opnfv-6.2.0" +# - commit id: "3afd384b7e68a3cd29f4d2cdf39785f8441d0b6f" +# Please refer to https://git.opnfv.org/samplevnf for possible values +# beyond the one specified below + samplevnf_url: "https://git.opnfv.org/samplevnf" samplevnf_dest: "{{ clone_dest }}/samplevnf" -samplevnf_version: "stable/euphrates" +samplevnf_version: "47123bfc1b3c0d0b01884aebbce1a3e09ad7ddb0" +path_json: "{{ INSTALL_BIN_PATH }}/{{ inventory_hostname | basename }}_sample_vnf.json" diff --git a/ansible/roles/download_samplevnfs/tasks/main.yml b/ansible/roles/download_samplevnfs/tasks/main.yml index e9d4142c9..f98f2a42d 100644 --- a/ansible/roles/download_samplevnfs/tasks/main.yml +++ b/ansible/roles/download_samplevnfs/tasks/main.yml @@ -27,3 +27,7 @@ - set_fact: samplevnf_path: "{{ samplevnf_dest }}" + +- file: + dest: "{{ path_json }}" + state: absent diff --git a/ansible/roles/download_trex/defaults/main.yml b/ansible/roles/download_trex/defaults/main.yml index 6e8fa7020..cbaae1d84 100644 --- a/ansible/roles/download_trex/defaults/main.yml +++ b/ansible/roles/download_trex/defaults/main.yml @@ -12,7 +12,7 @@ # See the License for the specific language governing permissions and # limitations under the License. --- -trex_version: v2.28 +trex_version: v2.41 trex_url: "https://trex-tgn.cisco.com/trex/release/{{ trex_version }}.tar.gz" trex_file: "{{ trex_url|basename }}" trex_unarchive: "{{ trex_file|regex_replace('[.]tar.gz$', '') }}" @@ -20,3 +20,4 @@ trex_dest: "{{ clone_dest }}/" trex_sha256s: "v2.20": "sha256:eb5a069f758a36133a185c7e27af10834ca03d11441165403529fbd7844658fb" "v2.28": "sha256:c3f08aabbd69dddb09843984d41acbe9ba1af6a6ef3380a7830f7c9e33134207" + "v2.41": "sha256:aa4122d82cc7b25a16a20d6dd465eccd89e31c51816d4103765b86d06a8b9810" diff --git a/ansible/roles/download_trex/tasks/main.yml b/ansible/roles/download_trex/tasks/main.yml index baa964fd8..44449a9c0 100644 --- a/ansible/roles/download_trex/tasks/main.yml +++ b/ansible/roles/download_trex/tasks/main.yml @@ -12,12 +12,21 @@ # See the License for the specific language governing permissions and # limitations under the License. --- +- name: make sure trex_dest exists + file: + path: "{{ trex_dest }}" + state: directory + - name: fetch Trex get_url: url: "{{ trex_url }}" dest: "{{ trex_dest }}" validate_certs: False checksum: "{{ trex_sha256s[trex_version] }}" + register: package_result + until: package_result is succeeded + retries: 10 + delay: 5 - name: unarchive Trex unarchive: diff --git a/ansible/roles/enable_cpu_isolation_on_boot/defaults/main.yml b/ansible/roles/enable_cpu_isolation_on_boot/defaults/main.yml new file mode 100644 index 000000000..fda366682 --- /dev/null +++ b/ansible/roles/enable_cpu_isolation_on_boot/defaults/main.yml @@ -0,0 +1,21 @@ +# Copyright (c) 2018-2019 Intel Corporation +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +grub_file: "/etc/default/grub" +isolcpus_help_string: ' # added by Yardstick ansible isolcpus role' +isolcpu_params: " isolcpus={{ ISOL_CPUS }} nohz=on nohz_full={{ ISOL_CPUS }} rcu_nocbs={{ ISOL_CPUS }}" +enable_isolcpu: 'GRUB_CMDLINE_LINUX="$GRUB_CMDLINE_LINUX{{ isolcpu_params }}"' +update_grub: + Debian: "update-grub2" + RedHat: "grub2-mkconfig -o /boot/grub2/grub.cfg" diff --git a/ansible/roles/enable_cpu_isolation_on_boot/tasks/main.yml b/ansible/roles/enable_cpu_isolation_on_boot/tasks/main.yml new file mode 100644 index 000000000..e11288bfd --- /dev/null +++ b/ansible/roles/enable_cpu_isolation_on_boot/tasks/main.yml @@ -0,0 +1,59 @@ +# Copyright (c) 2018-2019 Intel Corporation +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +- name: Check if isolcpus is set by this role in {{ grub_file}} + lineinfile: + path: "{{ grub_file }}" + regexp: '{{ isolcpus_help_string }}' + state: absent + check_mode: yes + register: is_nsb_isolcpus_role + ignore_errors: True + +- name: Check if isolcpus is set by someone else + lineinfile: + path: "{{ grub_file }}" + regexp: "isolcpus=" + state: absent + check_mode: yes + register: is_isolcpu + ignore_errors: True + +- name: Send warning that CPU isolation cannot be configured + debug: + msg: "WARNING: CPU isolation is not configured" + when: + - not is_nsb_isolcpus_role.changed and not is_isolcpu.changed + - ISOL_CPUS is not defined + +- name: Send info that CPU isolation configured by someone else + debug: + msg: "INFO: NOT modified, CPU isolation is already configured by someone." + when: + - not is_nsb_isolcpus_role.changed and is_isolcpu.changed + +- name: Add/update isolcpus when ISOL_CPUS is defined and not set at all or set by this role + lineinfile: + path: "{{ grub_file }}" + regexp: "{{ isolcpus_help_string }}" + line: '{{ enable_isolcpu }} {{ isolcpus_help_string }}' + when: + - is_nsb_isolcpus_role.changed or not is_nsb_isolcpus_role.changed and not is_isolcpu.changed + - ISOL_CPUS is defined + +- name: Update grub for bare metal usage + command: "{{ update_grub[ansible_os_family] }}" + when: + - is_nsb_isolcpus_role.changed or not is_nsb_isolcpus_role.changed and not is_isolcpu.changed + - ISOL_CPUS is defined diff --git a/ansible/roles/enable_hugepages_on_boot/tasks/main.yml b/ansible/roles/enable_hugepages_on_boot/tasks/main.yml index 75526eb19..f84e07545 100755 --- a/ansible/roles/enable_hugepages_on_boot/tasks/main.yml +++ b/ansible/roles/enable_hugepages_on_boot/tasks/main.yml @@ -1,4 +1,4 @@ -# Copyright (c) 2017 Intel Corporation +# Copyright (c) 2017-2019 Intel Corporation # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -12,7 +12,7 @@ # See the License for the specific language governing permissions and # limitations under the License. --- -- name: check if hugepages are set by this role +- name: Check if hugepages are set by this role command: "grep -o '{{ hugepage_param_regex }}' /etc/default/grub" register: is_mine_huge ignore_errors: True @@ -22,46 +22,32 @@ # stat: path="/sys/firmware/efi" # register: efi -- name: check if hugepages are set by someone else +- name: Check if hugepages are set by someone else command: "grep -o 'default_hugepagesz=' /etc/default/grub" register: is_huge ignore_errors: True -- fail: +- debug: msg: "Hugepages already set by someone else" when: is_mine_huge.stdout == "" and is_huge.stdout != "" -- name: configure hugepages as idempotent block +- name: Configure hugepages as idempotent block block: - - name: use 8 for auto num_hugepages and 1G size + - name: Use 8 for auto num_hugepages and 1G size set_fact: num_hugepages: 8 when: num_hugepages|default("auto") == "auto" - - name: set hugepages in grub + - name: Set hugepages in grub lineinfile: dest: /etc/default/grub regexp: '{{ hugepage_param_regex }}' line: '{{ hugepage_param }}' state: present - - name: create hugetables mount - file: - path: "{{ hugetable_mount }}" - state: directory - - - name: mount hugetlbfs - mount: - name: "{{ hugetable_mount }}" - src: nodev - fstype: hugetlbfs - state: present - - - service: - name: procps - enabled: yes - - include: manual_modify_grub.yml # only tested on Ubuntu, kernel line is probably different on other distros when: ansible_distribution == "Ubuntu" - when: is_mine_huge.stdout == "" + when: + - is_mine_huge.stdout == "" + - is_huge.stdout == "" diff --git a/ansible/roles/enable_iommu_on_boot/tasks/main.yml b/ansible/roles/enable_iommu_on_boot/tasks/main.yml index 1b98a50b1..2772a5d52 100644 --- a/ansible/roles/enable_iommu_on_boot/tasks/main.yml +++ b/ansible/roles/enable_iommu_on_boot/tasks/main.yml @@ -1,4 +1,4 @@ -# Copyright (c) 2017 Intel Corporation +# Copyright (c) 2017-2018 Intel Corporation # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -22,51 +22,58 @@ iommu_boot_params: ' amd_iommu=on iommu=pt' when: hostvars[inventory_hostname]['ansible_system_vendor'] == "AuthenticAMD" -- name: Set facts for this role - set_fact: - hugepages_help_string: ' # added by hugepages role' - iommu_help_string: ', added by iommu role' - hugepages_params: " default_hugepagesz=1G hugepagesz=1G hugepages=8" - iommu_original_kernel_params: 'GRUB_CMDLINE_LINUX="\$GRUB_CMDLINE_LINUX{{ hugepages_params }}' - iommu_enabled_kernel_params: '{{ iommu_original_kernel_params }}{{ iommu_boot_params }}"' - iommu_enabled_kernel_params_with_help: '{{ iommu_original_kernel_params }}{{ iommu_boot_params }}"{{ hugepages_help_string }}{{ iommu_help_string }}' +- block: + - name: Define grub string for IOMMU + set_fact: + enable_iommu: 'GRUB_CMDLINE_LINUX="$GRUB_CMDLINE_LINUX{{ iommu_boot_params }}' -- name: check if iommu is set by this role in /etc/default/grub - lineinfile: - path: /etc/default/grub - line: '{{ iommu_enabled_kernel_params_with_help }}' - #changed_when: no - check_mode: yes - register: is_mine_iommu_etc_grub - ignore_errors: True + - name: check if iommu is set by this role in {{ grub_file}} + lineinfile: + path: "{{ grub_file}}" + regexp: '{{ iommu_help_string }}' + line: '{{ iommu_help_string }}' + state: absent + check_mode: yes + register: is_nsb_iommu_role + ignore_errors: True -- name: check if iommu is set by someone else - command: "grep -o 'iommu' /etc/default/grub" - register: is_iommu - ignore_errors: True + - name: Check if IOMMU is set by someone else + lineinfile: + path: "{{ grub_file}}" + regexp: "_iommu=" + line: '{{ iommu_help_string }}' + state: absent + check_mode: yes + register: is_iommu + ignore_errors: True -- fail: - msg: "Iommu already set by someone else" - when: is_mine_iommu_etc_grub.changed == false and is_iommu.stdout != "" + - name: Send info that IOMMU is configured by someone else + debug: + msg: "INFO: NOT modified, IOMMU is already configured by someone." + when: + - not is_nsb_iommu_role.changed + - is_iommu.changed -- name: 'Configure iommu in /etc/default/grub' -# and /boot/grub/grub.cfg(when: ansible_distribution == "Ubuntu")' - lineinfile: - path: /etc/default/grub - regexp: '({{ iommu_original_kernel_params }})"{{ hugepages_help_string }}' - line: '\1{{ iommu_boot_params }}"{{ hugepages_help_string }}{{ iommu_help_string }}' - backrefs: yes - when: is_mine_iommu_etc_grub.changed == true + - block: + - name: Add IOMMU when it is not set + lineinfile: + path: "{{ grub_file }}" + regexp: "{{ iommu_help_string }}" + line: '{{ enable_iommu }}" {{ iommu_help_string }}' -- name: find boot grub.cfg - find: - paths: /boot - file_type: file - patterns: 'grub*.cfg' - recurse: yes - register: grub_files + - name: find boot grub.cfg + find: + paths: /boot + file_type: file + patterns: 'grub*.cfg' + recurse: yes + register: grub_files -- include: manual_modify_grub.yml - # only tested on Ubuntu, kernel line is probably different on other distros - with_items: "{{ grub_files.files }}" - when: ansible_distribution == "Ubuntu" + - include: manual_modify_grub.yml + # only tested on Ubuntu, kernel line is probably different on other distros + with_items: "{{ grub_files.files }}" + when: + - ansible_distribution == "Ubuntu" + - not is_nsb_iommu_role.changed + - not is_iommu.changed + when: iommu_boot_params is defined diff --git a/ansible/roles/enable_iommu_on_boot/tasks/manual_modify_grub.yml b/ansible/roles/enable_iommu_on_boot/tasks/manual_modify_grub.yml index 6760c3f9d..e0c880912 100644 --- a/ansible/roles/enable_iommu_on_boot/tasks/manual_modify_grub.yml +++ b/ansible/roles/enable_iommu_on_boot/tasks/manual_modify_grub.yml @@ -1,4 +1,4 @@ -# Copyright (c) 2017 Intel Corporation +# Copyright (c) 2017-2018 Intel Corporation # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -12,14 +12,12 @@ # See the License for the specific language governing permissions and # limitations under the License. --- - - - name: check if iommu is set by this role in /boot grub.cfg files lineinfile: path: "{{ item.path }}" - regexp: '{{ hugepages_params }}{{ iommu_boot_params }}' - line: '' - #changed_when: no + regexp: '{{ iommu_boot_params }}' + line: '{{ iommu_boot_params }}' + state: absent check_mode: yes register: is_mine_iommu_boot_grub ignore_errors: True @@ -29,6 +27,6 @@ path: "{{ item.path }}" regexp: '(.*linux\s+/boot/vmlinuz.*)$' replace: '\1{{ iommu_boot_params }}' - when: is_mine_iommu_boot_grub.msg != "line replaced" + when: not is_mine_iommu_boot_grub.changed - debug: var=ansible_kernel diff --git a/ansible/roles/enable_iommu_on_boot/vars/main.yml b/ansible/roles/enable_iommu_on_boot/vars/main.yml index 1b642dcb5..d2575ffd6 100644 --- a/ansible/roles/enable_iommu_on_boot/vars/main.yml +++ b/ansible/roles/enable_iommu_on_boot/vars/main.yml @@ -1,4 +1,4 @@ -# Copyright (c) 2017 Intel Corporation +# Copyright (c) 2017-2018 Intel Corporation # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -12,6 +12,8 @@ # See the License for the specific language governing permissions and # limitations under the License. --- +grub_file: "/etc/default/grub" +iommu_help_string: ' # added by Yardstick ansible iommu role' update_grub: Debian: "update-grub2" RedHat: "grub2-mkconfig -o /boot/grub2/grub.cfg" diff --git a/ansible/roles/infra_check_requirements/tasks/main.yml b/ansible/roles/infra_check_requirements/tasks/main.yml index a11bc56a1..991bd7383 100644 --- a/ansible/roles/infra_check_requirements/tasks/main.yml +++ b/ansible/roles/infra_check_requirements/tasks/main.yml @@ -12,27 +12,30 @@ # See the License for the specific language governing permissions and # limitations under the License. --- +- name: Reread system properties + setup: + - name: Include include_vars: - file: "{{rs_file}}" + file: "{{ rs_file }}" name: infra_deploy_vars - name: Store total CPU, RAM, Disk requested resources set_fact: - vcpu_t: "{{item.vcpus|int + vcpu_t|int}}" - vram_t: "{{item.ram|int + vram_t|int}}" - disk_t: "{{item.disk|int + disk_t|int}}" - with_items: "{{infra_deploy_vars.nodes}}" + vcpu_t: "{{ item.vcpus|int + vcpu_t | int }}" + vram_t: "{{ item.ram|int + vram_t | int }}" + disk_t: "{{ item.disk|int + disk_t | int }}" + with_items: "{{ infra_deploy_vars.nodes }}" - name: Fail if not enough RAM fail: msg: "Failed, not enough RAM, required: {{ vram_t }}, available {{ ansible_memory_mb.nocache.free }}" - when: ansible_memory_mb.nocache.free < vram_t|int + when: ansible_memory_mb.nocache.free < vram_t | int - name: Fail if not enough CPU fail: msg: "Failed, not enough CPU, required: {{ vcpu_t }}, available {{ ansible_processor_vcpus }}" - when: ansible_processor_vcpus < vcpu_t|int + when: ansible_processor_vcpus < vcpu_t | int - name: Define default network counter set_fact: @@ -40,20 +43,38 @@ - name: Increment counter for every default network detected set_fact: - num_default_network_detected: "{{ num_default_network_detected|int + 1 }}" + num_default_network_detected: "{{ num_default_network_detected | int + 1 }}" when: - item.default_gateway is defined - item.default_gateway == True - with_items: "{{infra_deploy_vars.networks}}" + with_items: "{{ infra_deploy_vars.networks }}" - name: Fail if more than 1 or 0 default networks fail: msg: "Failed, there must be 1 default network: {{ num_default_network_detected }} detected" - when: num_default_network_detected|int != 1 + when: num_default_network_detected | int != 1 - name: Fail if not enough Disk space set_fact: - disk_avail: "{% for mount in ansible_mounts if mount.mount == '/' %}{{ (mount.size_available/1024/1024)|int }}{% endfor %}" + disk_avail: "{% for mount in ansible_mounts if mount.mount == '/' %}{{ (mount.size_available/1024/1024) | int }}{% endfor %}" - fail: msg: "Failed, not enough disk space, required {{ disk_t }}, available: {{ disk_avail }}" - when: disk_avail|int < disk_t|int + when: disk_avail|int < disk_t | int + +- set_fact: + ostack_nodes: "{{ ostack_nodes | default([]) + [item.openstack_node] }}" + when: item.openstack_node is defined + with_items: "{{ infra_deploy_vars.nodes }}" + +# all-in-one node node type must be controller, multinode requires at least one controller and one compute node +- fail: + msg: "OpenStack node types currently supported: controller, compute. Check input VMs file." + when: ostack_nodes is undefined or ostack_nodes | length < 1 + +- fail: + msg: "In all-in-one configuration OpenStack node type must be controller." + when: ostack_nodes | length == 1 and 'controller' not in ostack_nodes + +- fail: + msg: "At least one controller and one compute node expected when total number of OpenStack nodes is more than one." + when: ostack_nodes | length > 1 and not ('compute' in ostack_nodes and 'controller' in ostack_nodes) diff --git a/ansible/roles/infra_create_vms/tasks/configure_vm.yml b/ansible/roles/infra_create_vms/tasks/configure_vm.yml index c20a0b175..a6a5e0618 100644 --- a/ansible/roles/infra_create_vms/tasks/configure_vm.yml +++ b/ansible/roles/infra_create_vms/tasks/configure_vm.yml @@ -47,8 +47,6 @@ output: all: ">> /var/log/cloud-init.log" ssh_pwauth: True - bootcmd: - - echo 127.0.0.1 {{ node_item.hostname }} >> /etc/hosts users: - name: {{ node_item.user }} lock-passwd: False diff --git a/ansible/roles/infra_create_vms/tasks/create_interfaces.yml b/ansible/roles/infra_create_vms/tasks/create_interfaces.yml index 34bfd1b71..12b2726dc 100644 --- a/ansible/roles/infra_create_vms/tasks/create_interfaces.yml +++ b/ansible/roles/infra_create_vms/tasks/create_interfaces.yml @@ -12,6 +12,15 @@ # See the License for the specific language governing permissions and # limitations under the License. --- +- set_fact: + mac_address_arg: "mac_address" + +- set_fact: + mac_address_arg: "macaddress" + when: + - ansible_distribution == 'Ubuntu' + - ansible_distribution_major_version|int >= 18 + - name: Add network-data blockinfile: path: "{{ network_config }}" @@ -20,9 +29,9 @@ block: |2 {{ 'enp0s%d:'| format( slot_address | int) }} match: - mac_address: {{ '52:54:00:5d:7d:%02x'| format( mac_address_counter | int) }} + {{ mac_address_arg }}: {{ '52:54:00:5d:7d:%02x'| format( mac_address_counter | int) }} addresses: - - {{ interface_item.ip }}/{{ interface_item.netmask }} + - {{ interface_item.ip }}/{{ (interface_item.ip + '/' + interface_item.netmask) | ipaddr('prefix') }} - name: Add default gateway blockinfile: diff --git a/ansible/roles/infra_create_vms/tasks/main.yml b/ansible/roles/infra_create_vms/tasks/main.yml index 4d47f44ff..b422a9205 100644 --- a/ansible/roles/infra_create_vms/tasks/main.yml +++ b/ansible/roles/infra_create_vms/tasks/main.yml @@ -32,3 +32,14 @@ loop_control: loop_var: node_item with_items: "{{ infra_deploy_vars.nodes }}" + +- name: Create list of dictionaries with vm name, ip address + set_fact: + vm_name_ip: "{{ vm_name_ip|default([]) + [{item.hostname: item.interfaces[1].ip}] }}" + with_items: "{{ infra_deploy_vars.nodes }}" + +- name: Make sure VM is reachable + include_tasks: validate_vms.yml + loop_control: + loop_var: name_ip + with_items: "{{ vm_name_ip }}" diff --git a/ansible/roles/infra_create_vms/tasks/validate_vms.yml b/ansible/roles/infra_create_vms/tasks/validate_vms.yml new file mode 100644 index 000000000..ce5eff211 --- /dev/null +++ b/ansible/roles/infra_create_vms/tasks/validate_vms.yml @@ -0,0 +1,54 @@ +# Copyright (c) 2018 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +- name: Validate if VM is responding + wait_for: + host: "{{ item.value }}" + port: 22 + timeout: 10 + with_dict: "{{ name_ip }}" + register: result + ignore_errors: yes + +- name: Stop VM if it is not responding + virt: + name: "{{ item.key }}" + command: destroy + when: result is failed + with_dict: "{{ name_ip }}" + +- name: Wait for VM is being stopped + pause: + seconds: 10 + when: result is failed + +- name: Start VM + virt: + name: "{{ item.key }}" + command: start + when: result is failed + with_dict: "{{ name_ip }}" + +- name: Validate if VM is responding + wait_for: + host: "{{ item.value }}" + port: 22 + timeout: 10 + when: result is failed + with_dict: "{{ name_ip }}" + register: result + +- fail: + msg: "FAILED on {{ name_ip }}" + when: result is failed diff --git a/ansible/roles/infra_deploy_openstack/tasks/configure_kolla.yml b/ansible/roles/infra_deploy_openstack/tasks/configure_kolla.yml new file mode 100644 index 000000000..9713c0d1e --- /dev/null +++ b/ansible/roles/infra_deploy_openstack/tasks/configure_kolla.yml @@ -0,0 +1,40 @@ +# Copyright (c) 2018 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +- name: Modify globals.yml + replace: + path: /etc/kolla/globals.yml + regexp: "{{ item.find }}" + replace: "{{ item.insert_after }}" + with_items: + - { find: '^#kolla_base_distro:.*', insert_after: 'kolla_base_distro: "ubuntu"' } + - { find: '^#kolla_install_type:.*', insert_after: 'kolla_install_type: "source"' } + - { find: '^#openstack_release:.*', insert_after: 'openstack_release: "pike"' } + - { find: 'kolla_internal_vip_address:.*', insert_after: 'kolla_internal_vip_address: "{{ deployvm_ip }}"' } + - { find: '^#network_interface:.*', insert_after: 'network_interface: "{{ hostvars[ansible_host].ansible_default_ipv4.interface }}"' } + - { find: '^#neutron_external_interface:.*', insert_after: 'neutron_external_interface: "{{ neutron_iface }}"' } + - { find: '^#enable_haproxy:.*', insert_after: 'enable_haproxy: "no"'} + - { find: '^#enable_heat:.*' , insert_after: 'enable_heat: "yes"'} + - { find: '^#docker_registry:.*', insert_after: 'docker_registry: "{{ ansible_host }}:4000"' } + +- name: Generate multinode from inventory + template: + src: templates/multinode.j2 + dest: "{{ git_repos_path + 'multinode' }}" + +- set_fact: + path2multinode: "{{ git_repos_path + kolla_ans_path + '/ansible/inventory/multinode' }}" + +- name: Append rest groups to multinode file + shell: line=`grep -n '\[deployment\]' {{ path2multinode }} | cut -d ':' -f1` && tail -n +$line {{ path2multinode }} >> "{{ git_repos_path + 'multinode' }}" diff --git a/ansible/roles/infra_deploy_openstack/tasks/configure_openstack.yml b/ansible/roles/infra_deploy_openstack/tasks/configure_openstack.yml new file mode 100644 index 000000000..3963cb64c --- /dev/null +++ b/ansible/roles/infra_deploy_openstack/tasks/configure_openstack.yml @@ -0,0 +1,67 @@ +# Copyright (c) 2018 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +- name: Create folders + file: + path: "{{ item }}" + state: directory + with_items: + - /etc/kolla/config/nova + - /etc/kolla/config/neutron + +- set_fact: + filter_ops: RetryFilter,AvailabilityZoneFilter,RamFilter,DiskFilter,ComputeCapabilitiesFilter,ImagePropertiesFilter,ServerGroupAntiAffinityFilter,ServerGroupAffinityFilter,SameHostFilter + +- name: Configure OpenStack Nova + copy: + content: | + [filter_scheduler] + enabled_filters = {{ filter_ops }} + [libvirt] + cpu_mode = host-passthrough + dest: /etc/kolla/config/nova.conf + +- name: Configure OpenStack Neutron + copy: + content: | + [DEFAULT] + service_plugins=neutron.services.l3_router.l3_router_plugin.L3RouterPlugin + [securitygroup] + firewall_driver = neutron.agent.firewall.NoopFirewallDriver + [ml2] + extension_drivers=port_security + [agent] + extensions=port_security + dest: /etc/kolla/config/neutron.conf + +- name: Configure OpenStack ml2_plugin.ini + copy: + content: | + [ml2] + tenant_network_types = vxlan + extension_drivers = port_security + type_drivers = vlan,flat,local,vxlan + mechanism_drivers = openvswitch + [ml2_type_flat] + flat_networks = physnet1 + [ml2_type_vlan] + network_vlan_ranges = physnet1 + [securitygroup] + firewall_driver = iptables_hybrid + [ovs] + datapath_type = system + bridge_mappings = physnet1:br-ex + tunnel_bridge = br-tun + local_ip = {{ deployvm_ip }} + dest: /etc/kolla/config/neutron/ml2_plugin.ini diff --git a/ansible/roles/infra_deploy_openstack/tasks/install_kolla.yml b/ansible/roles/infra_deploy_openstack/tasks/install_kolla.yml new file mode 100644 index 000000000..38c163c6c --- /dev/null +++ b/ansible/roles/infra_deploy_openstack/tasks/install_kolla.yml @@ -0,0 +1,54 @@ +# Copyright (c) 2018 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +- name: Download kolla and kolla-ansible from git repos + git: + repo: "{{ item.repo }}" + dest: "{{ git_repos_path + item.dir }}" + version: stable/pike + with_items: + - { dir: "{{ kolla_path }}", repo: 'https://git.openstack.org/openstack/kolla'} + - { dir: "{{ kolla_ans_path }}", repo: 'https://git.openstack.org/openstack/kolla-ansible' } + +- name: Copy kolla-ansible password.yml and globals.yml + shell: cp -r "{{ git_repos_path + kolla_ans_path + '/etc/kolla/' }}" /etc/ + +- name: Copy kolla-ansible all-in-one, multinode + shell: cp * "{{ git_repos_path }}" + args: + chdir: "{{ git_repos_path + kolla_ans_path + '/ansible/inventory/' }}" + +- name: Install requirements + pip: + chdir: "{{ item[0] }}" + requirements: "{{ item[1] }}" + with_nested: + - [ "{{ git_repos_path + kolla_path }}", "{{ git_repos_path + kolla_ans_path }}" ] + - [ 'requirements.txt', 'test-requirements.txt' ] + +- name: pip install . + pip: + chdir: "{{ item }}" + name: '.' + with_items: + - "{{ git_repos_path + kolla_path }}" + - "{{ git_repos_path + kolla_ans_path }}" + +- name: Run setup.py + shell: "python setup.py install" + args: + chdir: "{{ item }}" + with_items: + - "{{ git_repos_path + kolla_path }}" + - "{{ git_repos_path + kolla_ans_path }}" diff --git a/ansible/roles/infra_deploy_openstack/tasks/main.yml b/ansible/roles/infra_deploy_openstack/tasks/main.yml new file mode 100644 index 000000000..ba5d5bc54 --- /dev/null +++ b/ansible/roles/infra_deploy_openstack/tasks/main.yml @@ -0,0 +1,125 @@ +# Copyright (c) 2018 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +# This script is based on https://docs.openstack.org/kolla-ansible/pike/user/quickstart.html +- name: Include variables + include_vars: + file: "{{ rs_file }}" + name: infra_deploy_vars + +- set_fact: + traffic_ip: "{{ item.interfaces[1].ip }}" + when: item.hostname == ansible_host + with_items: "{{ infra_deploy_vars.nodes }}" + +- name: Get neutron iface + set_fact: + neutron_iface: "{{ item }}" + when: + - hostvars[ansible_host]['ansible_' + item.replace('-', '_')].ipv4 is defined + - hostvars[ansible_host]['ansible_' + item.replace('-', '_')].ipv4.address is defined + - hostvars[ansible_host]['ansible_' + item.replace('-', '_')].ipv4.address == traffic_ip + with_items: "{{ hostvars[ansible_host].ansible_interfaces }}" + +- name: Create a registry container + docker_container: + name: registry + image: registry:2 + restart_policy: always + ports: + - "4000:5000" + +- name: Download and install Kolla + include_tasks: install_kolla.yml + +- name: Configure Kolla + include_tasks: configure_kolla.yml + +- name: Configure Open Stack + include_tasks: configure_openstack.yml + +- name: Ramp up Open Stack + include_tasks: rampup_openstack.yml + +- name: Update admin-openrc.sh + lineinfile: + path: /etc/kolla/admin-openrc.sh + regexp: "{{ item.find }}" + line: "{{ item.add }}" + with_items: + - { find: 'EXTERNAL_NETWORK', add: 'export EXTERNAL_NETWORK=public' } + - { find: 'OS_AUTH_TYPE', add: 'export OS_AUTH_TYPE=password' } + +- name: Copy env file + shell: cp /etc/kolla/admin-openrc.sh /tmp/admin-openrc.yaml + +- name: Rework as env vars + replace: + path: /tmp/admin-openrc.yaml + regexp: 'export\s+(.*)=(.*)' + replace: '\1: \2' + +- name: Download OpenStack env file + fetch: + src: /tmp/admin-openrc.yaml + dest: /tmp/ + flat: yes + +- include_vars: + file: /tmp/admin-openrc.yaml + name: ostack_env + +- name: Re-assign IP address + shell: ip address show {{ neutron_iface }} | awk '/inet/ {print $2}' + when: neutron_iface is defined + register: ip_netmask + +- shell: > + ip addr del dev {{ neutron_iface }} {{ ip_netmask.stdout }} && + ip addr add dev br-ex {{ infra_deploy_vars.networks[1].host_ip }}/{{ ip_netmask.stdout_lines[0].split('/')[1] }} + when: + - neutron_iface is defined + - ip_netmask.stdout | length > 0 + +- name: Create external network + os_network: + name: public + external: yes + provider_physical_network: physnet1 + provider_network_type: flat + environment: + - no_proxy: "{{ lookup('env', 'no_proxy') + ',' + ansible_host + ',' + hostvars[ansible_host].ansible_default_ipv4.address }}" + - "{{ ostack_env }}" + +- name: Create sub-network + os_subnet: + name: public-subnet + network_name: public + cidr: "{{ ip_netmask.stdout }}" + allocation_pool_start: "{{ infra_deploy_vars.networks[1].dhcp_ip_start }}" + allocation_pool_end: "{{ infra_deploy_vars.networks[1].dhcp_ip_stop }}" + gateway_ip: "{{ infra_deploy_vars.networks[1].host_ip }}" + enable_dhcp: no + environment: + - no_proxy: "{{ lookup('env', 'no_proxy') + ',' + ansible_host + ',' + hostvars[ansible_host].ansible_default_ipv4.address }}" + - "{{ ostack_env }}" + +- name: Upload OpenStack env file to Yardstick VM + copy: + src: /etc/kolla/admin-openrc.sh + dest: '/tmp/admin-openrc.sh' + delegate_to: "{{ item }}" + when: "groups['yardstickG'] is defined" + with_items: + - "{{ groups['yardstickG'] }}" diff --git a/ansible/roles/infra_deploy_openstack/tasks/rampup_openstack.yml b/ansible/roles/infra_deploy_openstack/tasks/rampup_openstack.yml new file mode 100644 index 000000000..c75bec685 --- /dev/null +++ b/ansible/roles/infra_deploy_openstack/tasks/rampup_openstack.yml @@ -0,0 +1,43 @@ +# Copyright (c) 2018 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +- name: Generate passwords + shell: kolla-genpwd + +- name: Generate the kolla-build.conf + shell: tox -e genconfig + args: + chdir: "{{ git_repos_path + kolla_path }}" + +- set_fact: + target: "{{ git_repos_path + 'all-in-one' }}" + +- set_fact: + target: "{{ git_repos_path + 'multinode' }}" + when: "groups['ostack'] | length > 1" + +- name: Run kolla-ansible precheck + shell: kolla-ansible prechecks -i "{{ target }}" + +- name: Build kolla-ansible + shell: kolla-build -b ubuntu -t source --profile default --tag pike --registry {{ ansible_host }}:4000 --push + +- name: Pull images from registry + shell: kolla-ansible pull -i "{{ target }}" + +- name: Run kolla-ansible deploy + shell: kolla-ansible deploy -i "{{ target }}" + +- name: Create an openrc file + shell: kolla-ansible post-deploy diff --git a/ansible/roles/infra_deploy_openstack/templates/multinode.j2 b/ansible/roles/infra_deploy_openstack/templates/multinode.j2 new file mode 100644 index 000000000..57f87b521 --- /dev/null +++ b/ansible/roles/infra_deploy_openstack/templates/multinode.j2 @@ -0,0 +1,39 @@ +{% set control_dict = {} %} +{% set compute_dict = {} %} +{% for host in groups['ostack'] %} +{% if hostvars[host].node_type is defined and hostvars[host].node_type == 'controller' %} +{% set control_dict = control_dict.update({hostvars[host].ansible_host: hostvars[host].ansible_default_ipv4.interface}) %} +{% endif %} +{% endfor %} +{% for host in groups['ostack'] %} +{% if hostvars[host].node_type is defined and hostvars[host].node_type == 'compute' %} +{% for iface in hostvars[host].ansible_interfaces %} +{%- if ((hostvars[host]['ansible_' + iface.replace('-', '_')].ipv4 is defined) and + (hostvars[host]['ansible_' + iface.replace('-', '_')].ipv4.address is defined) and + (hostvars[host]['ansible_' + iface.replace('-', '_')].ipv4.address == hostvars[host].secondary_ip)) -%} +{% set compute_dict = compute_dict.update({hostvars[host].ansible_host: iface}) %} +{% endif %} +{% endfor %} +{% endif %} +{% endfor %} +{% macro print_node(in_dict, iface_str='', cnt=1) %} +{%- for host, iface in in_dict | dictsort -%} +{% if loop.index <= cnt %} +{% if iface_str %} +{{ host }} ansible_ssh_user={{ hostvars[host].ansible_user }} ansible_private_key_file=/root/.ssh/id_rsa ansible_become=True {{ iface_str }}={{ iface }} +{% else %} +{{ host }} ansible_ssh_user={{ hostvars[host].ansible_user }} ansible_private_key_file=/root/.ssh/id_rsa ansible_become=True +{% endif %} +{% endif %} +{% endfor %} +{% endmacro %} +[control] +{{ print_node(control_dict, iface_str='network_interface', cnt=control_dict | length) }} +[compute] +{{ print_node(compute_dict, iface_str='network_interface', cnt=compute_dict | length) }} +[network] +{{ print_node(control_dict, iface_str='', cnt=control_dict | length) }} +[monitoring] +{{ print_node(control_dict) }} +[storage] +{{ print_node(control_dict, iface_str='', cnt=control_dict | length) }} diff --git a/ansible/roles/infra_deploy_openstack/vars/main.yml b/ansible/roles/infra_deploy_openstack/vars/main.yml new file mode 100644 index 000000000..bbea56847 --- /dev/null +++ b/ansible/roles/infra_deploy_openstack/vars/main.yml @@ -0,0 +1,18 @@ +# Copyright (c) 2018 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +kolla_path: "{{ 'https://git.openstack.org/openstack/kolla' | urlsplit('path') | basename }}" +kolla_ans_path: "{{ 'https://git.openstack.org/openstack/kolla-ansible' | urlsplit('path') | basename }}" +deployvm_ip: "{{ hostvars[ansible_host].host_ip }}" +git_repos_path: '/tmp/repos/' diff --git a/ansible/roles/infra_destroy_previous_configuration/tasks/delete_network.yml b/ansible/roles/infra_destroy_previous_configuration/tasks/delete_network.yml index 314ee30af..5e616335a 100644 --- a/ansible/roles/infra_destroy_previous_configuration/tasks/delete_network.yml +++ b/ansible/roles/infra_destroy_previous_configuration/tasks/delete_network.yml @@ -14,18 +14,18 @@ --- - name: Destroy old networks created by virt virt_net: - name: "{{ network_item.name }}" + name: "{{ network_item }}" command: destroy - when: network_item.name in virt_nets.list_nets + when: clean_up | bool or network_item in deploy_nets -# Ignoring erros as network can be created without being defined. +# Ignoring errors as network can be created without being defined. # This can happen if a user manually creates a network using the virsh command. # If the network is not defined the undefine code will throw an error. - name: Undefine old networks defined by virt virt_net: - name: "{{ network_item.name }}" + name: "{{ network_item }}" command: undefine - when: network_item.name in virt_nets.list_nets + when: clean_up | bool or network_item in deploy_nets ignore_errors: yes - name: Check if "ovs-vsctl" command is present @@ -34,15 +34,20 @@ ignore_errors: yes - name: Destroy OVS bridge if it exists - command: ovs-vsctl --if-exists -- del-br "{{ network_item.name }}" - when: ovs_vsctl_present.rc == 0 + command: ovs-vsctl --if-exists -- del-br "{{ network_item }}" + when: + - ovs_vsctl_present.rc == 0 + - clean_up | bool or network_item in deploy_nets + ignore_errors: yes - name: Check if linux bridge is present - stat: path="{{ '/sys/class/net/'+network_item.name+'/brif/' }}" + stat: path="{{ '/sys/class/net/' + network_item + '/brif/' }}" register: check_linux_bridge - name: Remove linux bridge if it exists shell: | - ifconfig "{{ network_item.name }}" down - brctl delbr "{{ network_item.name }}" - when: check_linux_bridge.stat.exists + ifconfig "{{ network_item }}" down + brctl delbr "{{ network_item }}" + when: + - check_linux_bridge.stat.exists + - clean_up | bool or network_item in deploy_nets diff --git a/ansible/roles/infra_destroy_previous_configuration/tasks/delete_vm.yml b/ansible/roles/infra_destroy_previous_configuration/tasks/delete_vm.yml index 5e43ee81e..91e949344 100644 --- a/ansible/roles/infra_destroy_previous_configuration/tasks/delete_vm.yml +++ b/ansible/roles/infra_destroy_previous_configuration/tasks/delete_vm.yml @@ -16,14 +16,14 @@ - name: Destroy old VMs virt: command: destroy - name: "{{ node_item.hostname }}" - when: node_item.hostname in virt_vms.list_vms + name: "{{ vmhost_item }}" + when: clean_up | bool or vmhost_item in deploy_vms ignore_errors: yes # Ignore errors as VM can be running while undefined - name: Undefine old VMs virt: command: undefine - name: "{{ node_item.hostname }}" - when: node_item.hostname in virt_vms.list_vms + name: "{{ vmhost_item }}" + when: clean_up | bool or vmhost_item in deploy_vms ignore_errors: yes diff --git a/ansible/roles/infra_destroy_previous_configuration/tasks/main.yml b/ansible/roles/infra_destroy_previous_configuration/tasks/main.yml index e6c2c0229..6c4aa33cf 100644 --- a/ansible/roles/infra_destroy_previous_configuration/tasks/main.yml +++ b/ansible/roles/infra_destroy_previous_configuration/tasks/main.yml @@ -12,7 +12,7 @@ # See the License for the specific language governing permissions and # limitations under the License. --- -- name: Include +- name: Include input file include_vars: file: "{{ rs_file }}" name: infra_deploy_vars @@ -25,16 +25,40 @@ virt: command=list_vms register: virt_vms +- set_fact: + deploy_vms: "{{ deploy_vms | default([]) + [item.hostname] }}" + with_items: "{{ infra_deploy_vars.nodes }}" + +- name: Define old disk images to delete + shell: virsh domblklist {{ item }} | awk '/\/.*/ { print $2 }' + when: clean_up | bool or item in deploy_vms + with_items: "{{ virt_vms.list_vms }}" + register: virt_img + +- set_fact: + images: "{{ images | default([]) + item.stdout_lines }}" + when: item.stdout_lines is defined and item.stdout_lines | length > 0 + with_items: "{{ virt_img.results }}" + - name: Destroy old VMs include_tasks: delete_vm.yml - extra_vars: "{{ virt_vms }}" loop_control: - loop_var: node_item - with_items: "{{ infra_deploy_vars.nodes }}" + loop_var: vmhost_item + with_items: "{{ virt_vms.list_vms }}" + +- set_fact: + deploy_nets: "{{ deploy_nets | default([]) + [item.name] }}" + with_items: "{{ infra_deploy_vars.networks }}" - name: Delete old networks include_tasks: delete_network.yml - extra_vars: "{{ virt_nets }}" loop_control: loop_var: network_item - with_items: "{{ infra_deploy_vars.networks }}" + with_items: "{{ virt_nets.list_nets }}" + +- name: Delete old disk images + file: + path: "{{ item }}" + state: absent + when: images is defined and images | length > 0 + with_items: "{{ images }}" diff --git a/ansible/roles/infra_install_dependencies/tasks/Debian.yml b/ansible/roles/infra_install_dependencies/tasks/Debian.yml new file mode 100644 index 000000000..9f4dc1046 --- /dev/null +++ b/ansible/roles/infra_install_dependencies/tasks/Debian.yml @@ -0,0 +1,34 @@ +# Copyright (c) 2018 Intel Corporation.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+---
+- name: Update repositories
+ apt:
+ update_cache: yes
+
+- name: Install core packages
+ action: "{{ ansible_pkg_mgr }} name={{ item }} state=present"
+ with_items:
+ - python-libvirt
+ - genisoimage
+ when: ansible_distribution_major_version|int == 16
+
+- name: Install core packages
+ action: "{{ ansible_pkg_mgr }} name={{ item }} state=present"
+ with_items:
+ - python-pip
+ - python-libvirt
+ - python-lxml
+ - python-netaddr
+ - genisoimage
+ when: ansible_distribution_major_version|int >= 18
diff --git a/ansible/roles/infra_install_dependencies/tasks/main.yml b/ansible/roles/infra_install_dependencies/tasks/main.yml new file mode 100644 index 000000000..115b1e3b9 --- /dev/null +++ b/ansible/roles/infra_install_dependencies/tasks/main.yml @@ -0,0 +1,15 @@ +# Copyright (c) 2018 Intel Corporation.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+---
+- include_tasks: "{{ ansible_os_family }}.yml"
diff --git a/ansible/roles/infra_prepare_vms/tasks/main.yml b/ansible/roles/infra_prepare_vms/tasks/main.yml new file mode 100644 index 000000000..4e0d9c373 --- /dev/null +++ b/ansible/roles/infra_prepare_vms/tasks/main.yml @@ -0,0 +1,102 @@ +# Copyright (c) 2018 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +- name: Include input file + include_vars: + file: "{{ rs_file }}" + name: infra_deploy_vars + +- name: Install setuptools + apt: + name: python-setuptools + +- name: Install pip + shell: easy_install pip + environment: "{{ proxy_env }}" + +- name: Install dependency for dns dig + pip: + name: dnspython + state: latest + +- set_fact: + block_str: "{{ block_str | default('') + item.interfaces[0].ip + ' ' + item.hostname + '\n'}}" + with_items: "{{ infra_deploy_vars.nodes }}" + +- name: Delete hosts between markers + blockinfile: + path: /etc/hosts + marker: "# {mark} generated hosts file" + content: "" + +- name: Update /etc/hosts + blockinfile: + path: /etc/hosts + block: | + {{ block_str }} + marker: "# {mark} generated hosts file" + +- name: Clear known hosts + shell: > + ssh-keygen -f /root/.ssh/known_hosts -R "{{ item.interfaces[0].ip }}"; + ssh-keygen -f /root/.ssh/known_hosts -R "{{ item.hostname }}" + with_items: "{{ infra_deploy_vars.nodes }}" + +- set_fact: + controllers: "{{ controllers | default([]) + [item.hostname] }}" + when: + - item.openstack_node is defined + - item.openstack_node == 'controller' + with_items: "{{ infra_deploy_vars.nodes }}" + +- name: Add host controller as deploy + add_host: + hostname: "{{ item.hostname }}" + host_ip: "{{ item.interfaces[0].ip }}" + groups: deploy, ostack + ansible_host: "{{ item.hostname }}" + ansible_user: "{{ item.user }}" + ansible_ssh_pass: "{{ item.password }}" + node_type: "{{ item.openstack_node }}" + secondary_ip: "{{ item.interfaces[1].ip }}" + when: item.hostname == controllers[0] + with_items: "{{ infra_deploy_vars.nodes }}" + +- name: Add hosts others as controller, compute + add_host: + hostname: "{{ item.hostname }}" + host_ip: "{{ item.interfaces[0].ip }}" + groups: regular,ostack + ansible_host: "{{ item.hostname }}" + ansible_user: "{{ item.user }}" + ansible_ssh_pass: "{{ item.password }}" + node_type: "{{ item.openstack_node }}" + secondary_ip: "{{ item.interfaces[1].ip }}" + when: + - item.openstack_node is defined + - item.openstack_node == 'controller' or item.openstack_node == 'compute' + - item.hostname != controllers[0] + with_items: "{{ infra_deploy_vars.nodes }}" + +- name: Add yardstick host to group + add_host: + hostname: "{{ item.hostname }}" + host_ip: "{{ item.interfaces[0].ip }}" + groups: yardstickG + ansible_host: "{{ item.hostname }}" + ansible_user: "{{ item.user }}" + ansible_ssh_pass: "{{ item.password }}" + secondary_ip: "{{ item.interfaces[1].ip }}" + when: item.hostname == 'yardstickvm' + with_items: "{{ infra_deploy_vars.nodes }}" diff --git a/ansible/roles/infra_rampup_stack_nodes/tasks/configure_docker.yml b/ansible/roles/infra_rampup_stack_nodes/tasks/configure_docker.yml new file mode 100644 index 000000000..a6ae00e51 --- /dev/null +++ b/ansible/roles/infra_rampup_stack_nodes/tasks/configure_docker.yml @@ -0,0 +1,48 @@ +# Copyright (c) 2018 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +- file: + path: /lib/systemd/system/docker.service.d + state: directory + +- copy: + content: | + [Service] + MountFlags=shared + dest: /lib/systemd/system/docker.service.d/kolla.conf + +- set_fact: + ostack_hosts: "{{ ostack_hosts | default([]) + [hostvars[item].ansible_host] }}" + with_items: "{{ groups['ostack'] }}" + +- name: Create proxy configuration for docker + copy: + content: | + [Service] + Environment="HTTP_PROXY={{ lookup('env', 'http_proxy') }}" + Environment="HTTPS_PROXY={{ lookup('env', 'https_proxy') }}" + Environment="FTP_PROXY={{ lookup('env', 'ftp_proxy') }}" + Environment="NO_PROXY={{ lookup('env', 'no_proxy') }},{{ hostvars[ansible_host].ansible_default_ipv4.address }},{{ ostack_hosts | join(',') }}" + dest: /lib/systemd/system/docker.service.d/http-proxy.conf + +- name: Update /etc/default/docker + lineinfile: + path: /etc/default/docker + line: 'DOCKER_OPTS="--dns {{ hostvars[ansible_host].ansible_default_ipv4.gateway }} --insecure-registry {{ deploy_host }}:4000"' + +- name: reload restart docker + systemd: + state: restarted + daemon_reload: yes + name: docker diff --git a/ansible/roles/infra_rampup_stack_nodes/tasks/install_packets.yml b/ansible/roles/infra_rampup_stack_nodes/tasks/install_packets.yml new file mode 100644 index 000000000..d22e8155a --- /dev/null +++ b/ansible/roles/infra_rampup_stack_nodes/tasks/install_packets.yml @@ -0,0 +1,85 @@ +# Copyright (c) 2018 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +- name: Update apt cache + apt: + update_cache: yes + upgrade: yes + cache_valid_time: 36000 + environment: "{{ proxy_env }}" + +- name: Install packets + apt: + name: "{{ item }}" + with_items: + - python-tox + - python-dev + - libffi-dev + - libssl-dev + - python3-dev + - ethtool + - ipmitool + - git + - ntp + - apparmor-utils + - docker.io + - libvirt-bin + - python-setuptools + - build-essential + environment: "{{ proxy_env }}" + +- name: Install pip + shell: easy_install pip + environment: "{{ proxy_env }}" + +- name: Update pip ansible docker + pip: + name: "{{ item }}" + state: latest + with_items: + - ansible + - docker + - tox + - shade + environment: "{{ proxy_env }}" + +- name: Remove conflicting packages + apt: + name: "{{ item }}" + state: absent + with_items: + - lxd + - lxc + +- name: Stop and disable libvirt + systemd: + state: stopped + enabled: no + name: libvirt-bin.service + +- name: Stop and disable apparmor service + systemd: + name: apparmor + state: stopped + enabled: no + +- name: Get stat of libvirtd apparmor profile + stat: + path: /etc/apparmor.d/disable/usr.sbin.libvirtd + register: apparmor_libvirtd_profile + +- name: Remove apparmor profile for libvirt + shell: ln -s /etc/apparmor.d/usr.sbin.libvirtd /etc/apparmor.d/disable/ && apparmor_parser -R /etc/apparmor.d/usr.sbin.libvirtd + when: + - apparmor_libvirtd_profile.stat.exists == False diff --git a/ansible/roles/infra_rampup_stack_nodes/tasks/main.yml b/ansible/roles/infra_rampup_stack_nodes/tasks/main.yml new file mode 100644 index 000000000..65d5e59d8 --- /dev/null +++ b/ansible/roles/infra_rampup_stack_nodes/tasks/main.yml @@ -0,0 +1,39 @@ +# Copyright (c) 2018 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +# Configure proxy and install python to support ansible +- name: Create apt.conf proxy config + raw: > + echo 'Acquire::http::proxy "{{ hostvars[groups['jumphost'][0]].proxy_proto + '://' + hostvars[groups['jumphost'][0]].proxy_host_ip + ':' + hostvars[groups['jumphost'][0]].proxy_port }}";' + > /etc/apt/apt.conf.d/22proxy + +- name: Install python which is required to run ansible mudules + raw: apt-get update && apt-get install -y python + +- name: Gather facts + setup: + +- name: Update configuration files + include_tasks: update_conf_files.yml + +- name: Install packets + include_tasks: install_packets.yml + when: ansible_hostname in groups['ostack'] + +- name: Configure docker settings + include_tasks: configure_docker.yml + when: ansible_hostname in groups['ostack'] + +- name: generate and apply SSH keys + include_tasks: update_keys.yml diff --git a/ansible/roles/infra_rampup_stack_nodes/tasks/update_conf_files.yml b/ansible/roles/infra_rampup_stack_nodes/tasks/update_conf_files.yml new file mode 100644 index 000000000..424fb543b --- /dev/null +++ b/ansible/roles/infra_rampup_stack_nodes/tasks/update_conf_files.yml @@ -0,0 +1,69 @@ +# Copyright (c) 2018 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +- name: Set hostname + shell: hostname {{ ansible_hostname }} + +- name: Delete hosts between markers + blockinfile: + path: /etc/hosts + marker: "# {mark} generated hosts file" + content: "" + +- set_fact: + block_str: "{{ block_str | default('') + hostvars[item].host_ip + ' ' + hostvars[item].ansible_host + '\n'}}" + with_items: "{{ groups['ostack'] }}" + +- name: Update /etc/hosts + blockinfile: + path: /etc/hosts + block: | + {{ block_str }} + marker: "# {mark} generated hosts file" + +- name: Update /etc/hosts + lineinfile: + path: /etc/hosts + regexp: ".*{{ hostvars[groups['jumphost'][0]].proxy_host }}.*" + line: "{{ hostvars[groups['jumphost'][0]].proxy_host_ip }} {{ hostvars[groups['jumphost'][0]].proxy_host }}" + +- name: Turn off IPv6 + lineinfile: + path: /etc/sysctl.conf + regexp: '^{{ item }}.*' + line: "{{ item }} = 1" + with_items: + - 'net.ipv6.conf.all.disable_ipv6' + - 'net.ipv6.conf.default.disable_ipv6' + - 'net.ipv6.conf.lo.disable_ipv6' + +- name: Update IP configuration + shell: sysctl -p + +- name: Update resolv.conf + shell: echo "{{ 'nameserver ' + hostvars[ansible_host].ansible_default_ipv4.gateway }}" > /etc/resolvconf/resolv.conf.d/base + +- name: Update name servers + shell: resolvconf -u + +- name: Update /etc/environment + lineinfile: + path: /etc/environment + regexp: "{{ item.find }}" + line: "{{ item.add }}" + with_items: + - { find: 'http_proxy=', add: "{{ 'export http_proxy=' + lookup('env', 'http_proxy') }}" } + - { find: 'https_proxy=', add: "{{ 'export https_proxy=' + lookup('env', 'https_proxy') }}" } + - { find: 'ftp_proxy=', add: "{{ 'export ftp_proxy=' + lookup('env', 'ftp_proxy') }}" } + - { find: 'no_proxy=', add: "{{ 'export no_proxy=' + lookup('env', 'no_proxy') + ',' + ansible_host + ',' + hostvars[ansible_host].ansible_default_ipv4.address }}" } diff --git a/ansible/roles/infra_rampup_stack_nodes/tasks/update_keys.yml b/ansible/roles/infra_rampup_stack_nodes/tasks/update_keys.yml new file mode 100644 index 000000000..816f7cbca --- /dev/null +++ b/ansible/roles/infra_rampup_stack_nodes/tasks/update_keys.yml @@ -0,0 +1,48 @@ +# Copyright (c) 2018 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +- name: Generate keys + user: + name: "{{ hostvars[ansible_host].ansible_user }}" + generate_ssh_key: yes + state: present + ssh_key_file: "/root/.ssh/id_rsa" + +- name: Get remote files + fetch: + src: "/root/.ssh/id_rsa.pub" + dest: "/tmp" + +- name: Update authorized_key + authorized_key: + key: "{{ lookup('file', '/tmp/{{ hostvars[item].ansible_host }}/root/.ssh/id_rsa.pub') }}" + state: present + user: "{{ hostvars[item].ansible_user }}" + with_items: + - "{{ groups['ostack'] }}" + - "{{ groups['yardstickG'] }}" + +- name: Make sure the known hosts file exists + file: + path: "{{ ssh_known_hosts_file }}" + state: touch + +- name: Add key to known hosts + known_hosts: + name: "{{ hostvars[item].ansible_host }}" + key: "{{ lookup('pipe', 'ssh-keyscan -t rsa {{ hostvars[item].ansible_host }}') }}" + path: "{{ ssh_known_hosts_file }}" + with_items: + - "{{ groups['ostack'] }}" + - "{{ groups['yardstickG'] }}" diff --git a/ansible/roles/infra_rampup_stack_nodes/vars/main.yml b/ansible/roles/infra_rampup_stack_nodes/vars/main.yml new file mode 100644 index 000000000..252eb86b3 --- /dev/null +++ b/ansible/roles/infra_rampup_stack_nodes/vars/main.yml @@ -0,0 +1,16 @@ +# Copyright (c) 2018 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +ssh_known_hosts_file: "/root/.ssh/known_hosts" +deploy_host: "{{ hostvars[groups['deploy'][0]].ansible_host }}" diff --git a/ansible/roles/init_kubeadm/defaults/main.yml b/ansible/roles/init_kubeadm/defaults/main.yml new file mode 100644 index 000000000..3d868398d --- /dev/null +++ b/ansible/roles/init_kubeadm/defaults/main.yml @@ -0,0 +1,27 @@ +# Copyright (c) 2018-2019 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +cmk_rbc_rules_url: https://raw.githubusercontent.com/intel/CPU-Manager-for-Kubernetes/master/resources/authorization/cmk-rbac-rules.yaml +cmk_serviceaccount: https://raw.githubusercontent.com/intel/CPU-Manager-for-Kubernetes/master/resources/authorization/cmk-serviceaccount.yaml +dpdk_devbind_path: "{{ INSTALL_BIN_PATH|default('/opt') }}" +multus_config: + name: node-cni-network + type: multus + kubeconfig: /etc/kubernetes/kubelet.conf + delegates: + - type: flannel + delegate: + isDefaultGateway: true + hairpinMode: true + masterplugin: true diff --git a/ansible/roles/init_kubeadm/tasks/kubeadm.yml b/ansible/roles/init_kubeadm/tasks/kubeadm.yml new file mode 100644 index 000000000..7c808a01c --- /dev/null +++ b/ansible/roles/init_kubeadm/tasks/kubeadm.yml @@ -0,0 +1,50 @@ +# Copyright (c) 2018-2019 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +- set_fact: + service_cidr_param: --service-cidr={{ kubeadm_service_cidr }} + when: 'kubeadm_service_cidr is defined' + +- set_fact: + pod_network_cidr_param: --pod-network-cidr={{ kubeadm_pod_network_cidr }} + when: 'kubeadm_pod_network_cidr is defined' + +- set_fact: + kubernetes_version: --kubernetes-version {{ kubeadm_kubernetes_version }} + when: 'kubeadm_kubernetes_version is defined' + +- name: Initialize Kubernetes cluster + command: > + kubeadm init {{ pod_network_cidr_param|default('') }} + {{ service_cidr_param|default('') }} {{ kubernetes_version|default('') }} + --ignore-preflight-errors=all + +- name: Create Kubernetes configuration dir + file: path={{ ansible_env.HOME }}/.kube state=directory + +- name: Setup Kubernetes environment + copy: + src: /etc/kubernetes/admin.conf + dest: "{{ ansible_env.HOME }}/.kube/config" + remote_src: yes + +- name: Allow to schedule pods on the master + command: kubectl taint nodes --all node-role.kubernetes.io/master- + +- name: Wait for kube-dns pod to be in running state + command: kubectl get pods --namespace=kube-system -l k8s-app=kube-dns -o json + register: result + until: result.stdout|from_json|json_query('items[].status.phase|[0]') == "Running" + retries: 30 + delay: 2 diff --git a/ansible/roles/init_kubeadm/tasks/kubectl.yml b/ansible/roles/init_kubeadm/tasks/kubectl.yml new file mode 100644 index 000000000..dd8ad2f65 --- /dev/null +++ b/ansible/roles/init_kubeadm/tasks/kubectl.yml @@ -0,0 +1,26 @@ +# Copyright (c) 2019 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +- name: Generate temporary resource file + tempfile: state=file prefix=kubectl.{{ item }}. + register: config_file + +- name: Generate {{ item }} resource file + template: src={{ item }}.j2 dest={{ config_file.path }} + +- name: Create {{ item }} resource + command: kubectl create -f {{ config_file.path }} + +- name: Create Kubernetes configuration dir + file: path={{ config_file.path }} state=absent diff --git a/ansible/roles/init_kubeadm/tasks/main.yml b/ansible/roles/init_kubeadm/tasks/main.yml new file mode 100644 index 000000000..df7334ce1 --- /dev/null +++ b/ansible/roles/init_kubeadm/tasks/main.yml @@ -0,0 +1,70 @@ +# Copyright (c) 2018-2019 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +- name: Disable swap + command: swapoff -a + ignore_errors: true + +- name: Reset Kubernetes cluster + command: kubeadm reset + +- name: Clean Kubernetes directories (w/o removing the folder itself) + shell: rm -fr {{ item }}/* + with_items: + - /etc/kubernetes + - /var/lib/cni + - /etc/cmk + +- name: Create Multus CNI plugin dir + file: path=/etc/cni/net.d state=directory + +- name: Configure Multus CNI plugin + template: src=10-multus-cni.conf.j2 dest=/etc/cni/net.d/10-multus-cni.conf owner=root mode=0644 + +- name: Change default kubelet cluster dns IP + lineinfile: + path: /etc/systemd/system/kubelet.service.d/10-kubeadm.conf + regexp: '^(.*)--cluster-dns=([0-9\.]*)( +.*)$' + line: '\1--cluster-dns={{ kubelet_cluster_dns_ip }}\3' + backrefs: yes + backup: yes + +- name: Systemd daemon reload + command: systemctl daemon-reload + +- name: Restart kubelet + service: name=kubelet state=restarted + +- name: Initialize kubeadm + include: kubeadm.yml + +- name: Create CMK Kubernetes resources + command: kubectl create -f {{ item }} + with_items: + - "{{ cmk_rbc_rules_url }}" + - "{{ cmk_serviceaccount }}" + +- name: Create Kubernetes resources + include: kubectl.yml + with_items: + - crd-network.yaml + - net-flannel.yaml + - roles.yaml + - kube-flannel.yaml + - cmk-init-pod.yaml + +- name: Create a ClusterRoleBinding for a particular ClusterRole + command: > + kubectl create clusterrolebinding multus-node-{{ ansible_hostname }} + --clusterrole=multus-crd-overpowered --user=system:node:{{ ansible_hostname }} diff --git a/ansible/roles/init_kubeadm/templates/10-multus-cni.conf.j2 b/ansible/roles/init_kubeadm/templates/10-multus-cni.conf.j2 new file mode 100644 index 000000000..a68afaf26 --- /dev/null +++ b/ansible/roles/init_kubeadm/templates/10-multus-cni.conf.j2 @@ -0,0 +1 @@ +{{ multus_config | to_nice_json }} diff --git a/ansible/roles/init_kubeadm/templates/cmk-init-pod.yaml.j2 b/ansible/roles/init_kubeadm/templates/cmk-init-pod.yaml.j2 new file mode 100644 index 000000000..44c22581f --- /dev/null +++ b/ansible/roles/init_kubeadm/templates/cmk-init-pod.yaml.j2 @@ -0,0 +1,32 @@ +# Copyright (c) 2019 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +apiVersion: v1 +kind: Pod +metadata: + labels: + app: cmk-cluster-init-pod + name: cmk-cluster-init-pod +spec: + serviceAccountName: cmk-serviceaccount + containers: + - args: + # Change this value to pass different options to cluster-init. + - "/cmk/cmk.py cluster-init --host-list={{ ansible_hostname }} --saname=cmk-serviceaccount --cmk-img=si-docker.ir.intel.com/vcmts-ubuntu/cmk --num-dp-cores=4 --dp-mode=spread --num-cp-cores=1 --cp-mode=spread" + command: + - "/bin/bash" + - "-c" + image: si-docker.ir.intel.com/vcmts-ubuntu/cmk + name: cmk-cluster-init-pod + restartPolicy: Never diff --git a/ansible/roles/init_kubeadm/templates/crd-network.yaml.j2 b/ansible/roles/init_kubeadm/templates/crd-network.yaml.j2 new file mode 100644 index 000000000..0e451c51a --- /dev/null +++ b/ansible/roles/init_kubeadm/templates/crd-network.yaml.j2 @@ -0,0 +1,26 @@ +# Copyright (c) 2019 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +apiVersion: "apiextensions.k8s.io/v1beta1" +kind: CustomResourceDefinition +metadata: + name: networks.kubernetes.com +spec: + group: kubernetes.com + version: v1 + scope: Namespaced + names: + plural: networks + singular: network + kind: Network diff --git a/ansible/roles/init_kubeadm/templates/kube-flannel.yaml.j2 b/ansible/roles/init_kubeadm/templates/kube-flannel.yaml.j2 new file mode 100644 index 000000000..ddb849616 --- /dev/null +++ b/ansible/roles/init_kubeadm/templates/kube-flannel.yaml.j2 @@ -0,0 +1,158 @@ +# Copyright (c) 2019 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1beta1 +metadata: + name: flannel +rules: + - apiGroups: + - "" + resources: + - pods + verbs: + - get + - apiGroups: + - "" + resources: + - nodes + verbs: + - list + - watch + - apiGroups: + - "" + resources: + - nodes/status + verbs: + - patch +--- +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1beta1 +metadata: + name: flannel +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: flannel +subjects: +- kind: ServiceAccount + name: flannel + namespace: kube-system +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: flannel + namespace: kube-system +--- +kind: ConfigMap +apiVersion: v1 +metadata: + name: kube-flannel-cfg + namespace: kube-system + labels: + tier: node + app: flannel +data: + cni-conf.json: | + { + "name": "cbr0", + "plugins": [ + { + "type": "flannel", + "delegate": { + "hairpinMode": true, + "isDefaultGateway": true + } + }, + { + "type": "portmap", + "capabilities": { + "portMappings": true + } + } + ] + } + net-conf.json: | + { + "Network": "{{ kubeadm_pod_network_cidr }}", + "Backend": { + "Type": "vxlan" + } + } +--- +apiVersion: extensions/v1beta1 +kind: DaemonSet +metadata: + name: kube-flannel-ds + namespace: kube-system + labels: + tier: node + app: flannel +spec: + template: + metadata: + labels: + tier: node + app: flannel + spec: + hostNetwork: true + nodeSelector: + beta.kubernetes.io/arch: amd64 + tolerations: + - key: node-role.kubernetes.io/master + operator: Exists + effect: NoSchedule + serviceAccountName: flannel + containers: + - name: kube-flannel + image: quay.io/coreos/flannel:v0.10.0-amd64 + command: + - /opt/bin/flanneld + args: + - --ip-masq + - --kube-subnet-mgr + resources: + requests: + cpu: "100m" + memory: "50Mi" + limits: + cpu: "100m" + memory: "50Mi" + securityContext: + privileged: true + env: + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + volumeMounts: + - name: run + mountPath: /run + - name: flannel-cfg + mountPath: /etc/kube-flannel/ + volumes: + - name: run + hostPath: + path: /run + - name: cni + hostPath: + path: /etc/cni/net.d + - name: flannel-cfg + configMap: + name: kube-flannel-cfg diff --git a/ansible/roles/init_kubeadm/templates/net-flannel.yaml.j2 b/ansible/roles/init_kubeadm/templates/net-flannel.yaml.j2 new file mode 100644 index 000000000..db25c6a89 --- /dev/null +++ b/ansible/roles/init_kubeadm/templates/net-flannel.yaml.j2 @@ -0,0 +1,24 @@ +# Copyright (c) 2019 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +apiVersion: "kubernetes.com/v1" +kind: Network +metadata: + name: flannel +plugin: flannel +args: '[{ + "delegate": { + "isDefaultGateway": true + } + }]' diff --git a/ansible/roles/init_kubeadm/templates/roles.yaml.j2 b/ansible/roles/init_kubeadm/templates/roles.yaml.j2 new file mode 100644 index 000000000..b3509b048 --- /dev/null +++ b/ansible/roles/init_kubeadm/templates/roles.yaml.j2 @@ -0,0 +1,29 @@ +# Copyright (c) 2019 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: multus-crd-overpowered +rules: +- apiGroups: + - '*' + resources: + - '*' + verbs: + - '*' +- nonResourceURLs: + - '*' + verbs: + - '*' diff --git a/ansible/roles/install_civetweb/defaults/main.yml b/ansible/roles/install_civetweb/defaults/main.yml index ed5ab27f2..c97403688 100644 --- a/ansible/roles/install_civetweb/defaults/main.yml +++ b/ansible/roles/install_civetweb/defaults/main.yml @@ -15,8 +15,9 @@ civetweb_dest: "{{ clone_dest }}/civetweb" civetweb_build_dependencies: Debian: - - libjson-c-dev=0.11-4ubuntu2 - - libjson0 - - libjson0-dev +# - libjson-c-dev=0.11-4ubuntu2 +# - libjson0 +# - libjson0-dev - libssl-dev + - libjson-c-dev RedHat: diff --git a/ansible/roles/install_dependencies_jumphost/tasks/Debian.yml b/ansible/roles/install_dependencies_jumphost/tasks/Debian.yml new file mode 100755 index 000000000..a229cc1a2 --- /dev/null +++ b/ansible/roles/install_dependencies_jumphost/tasks/Debian.yml @@ -0,0 +1,106 @@ +# Copyright (c) 2017 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +- name: Update repositories + apt: + update_cache: yes + +- name: Install dependency for Ubuntu 18 + action: "{{ ansible_pkg_mgr }} name=libssl1.0-dev state=present" + when: + - ansible_distribution == 'Ubuntu' + - ansible_distribution_major_version|int >= 17 + +- name: Install core packages + action: "{{ ansible_pkg_mgr }} name={{ item }} state=present" + with_items: + - wget + - curl + - screen + - procps + - socat + - sshpass + - sudo + - vim + - libffi-dev + - libfuse-dev + - libxft-dev + - libxml2-dev + - libxss-dev + - libxslt1-dev + - libzmq3-dev + - qemu-user-static + - qemu-utils + - kpartx + - python + - python-setuptools + - python-dev + - python-libvirt + - python-virtualenv + - bridge-utils + - ebtables + - openssl + - ccze + - nginx-full + - uwsgi + - uwsgi-plugin-python + - supervisor + - lsof + - npm + - rabbitmq-server + +- name: Install libc6:arm64 package + action: "{{ ansible_pkg_mgr }} name={{ item }} state=present" + with_items: + - libc6:arm64 + when: + - arch is defined + - arch != arch_arm64 + - installation_mode == inst_mode_container + +- name: Remove dependencies that are no longer required + apt: + update_cache: yes + +- name: Remove useless packages from the cache + apt: + autoclean: yes + +# There is a bug with the easy install ansible module in Ubuntu 16.04 linux. +# Refer https://github.com/ansible/ansible/issues/23534 +- name: Install pip + shell: easy_install -U pip + when: + - ansible_distribution == 'Ubuntu' + - ansible_distribution_major_version|int <= 16 + +- name: Install python-pip + action: "{{ ansible_pkg_mgr }} name=python-pip state=present" + when: + - ansible_distribution == 'Ubuntu' + - ansible_distribution_major_version|int >= 17 + +- name: Uninstall docker as it conflicts with docker-py + pip: + name: + - docker + state: absent + +- name: Install required docker-py module + pip: + name: + - docker-py + - shade + state: latest + environment: "{{ proxy_env }}" diff --git a/ansible/roles/install_dependencies/tasks/RedHat.yml b/ansible/roles/install_dependencies_jumphost/tasks/RedHat.yml index a5d4d0b15..cb5315adb 100644 --- a/ansible/roles/install_dependencies/tasks/RedHat.yml +++ b/ansible/roles/install_dependencies_jumphost/tasks/RedHat.yml @@ -42,5 +42,14 @@ - python-setuptools - libffi-devel - python-devel - - kpartx - + - nodejs + - npm + - gcc + - lsof + - procps + - bridge-utils + - ebtables + - openssl + - python-virtualenv + - ccze + - python-pip diff --git a/ansible/roles/install_dependencies/tasks/Debian.yml b/ansible/roles/install_dependencies_jumphost/tasks/Suse.yml index bba6fb13c..7932ed96d 100755..100644 --- a/ansible/roles/install_dependencies/tasks/Debian.yml +++ b/ansible/roles/install_dependencies_jumphost/tasks/Suse.yml @@ -1,4 +1,4 @@ -# Copyright (c) 2017 Intel Corporation. +# Copyright (c) 2018 Intel Corporation. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -12,39 +12,44 @@ # See the License for the specific language governing permissions and # limitations under the License. --- +- name: Install EPEL if needed + action: "{{ ansible_pkg_mgr }} name=epel-release state=present" + when: ansible_distribution in ['RedHat', 'CentOS', 'ScientificLinux'] + - name: Install core packages action: "{{ ansible_pkg_mgr }} name={{ item }} state=present" with_items: - - python-minimal + - deltarpm - wget + - expect - curl - screen - - procps - git - socat - sshpass - - libxslt1-dev - - libffi-dev - - libfuse-dev - qemu-kvm - - qemu-user-static - - qemu-utils - kpartx - - libvirt0 - - python-libvirt + - libxslt-devel + - libffi-devel + - openssl-devel + - nginx + - uwsgi + - python-setuptools + - libffi-devel + - python-devel + - nodejs + - npm + - gcc + - lsof + - procps - bridge-utils - ebtables - openssl - - libssl-dev - - python-dev - python-virtualenv - ccze - - libxml2-dev - - libxslt-dev - - libzmq-dev - - nginx-full - - uwsgi - - uwsgi-plugin-python - - supervisor - - python-setuptools - - lsof + +# There is a bug with the easy install ansible module in suse linux. +# Until this is fixed the shell command must be used +# Refer https://github.com/ansible/ansible/issues/37296 +- name: Install pip + shell: easy_install -U pip diff --git a/ansible/roles/install_dependencies/tasks/main.yml b/ansible/roles/install_dependencies_jumphost/tasks/main.yml index 27660c3ca..27660c3ca 100644 --- a/ansible/roles/install_dependencies/tasks/main.yml +++ b/ansible/roles/install_dependencies_jumphost/tasks/main.yml diff --git a/ansible/roles/install_dependencies_kubernetes/tasks/main.yml b/ansible/roles/install_dependencies_kubernetes/tasks/main.yml new file mode 100644 index 000000000..90098a48e --- /dev/null +++ b/ansible/roles/install_dependencies_kubernetes/tasks/main.yml @@ -0,0 +1,19 @@ +# Copyright (c) 2018-2019 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +- name: Install https download transport for APT + apt: + name: apt-transport-https + state: latest + update_cache: yes diff --git a/ansible/roles/install_dpdk/tasks/Debian.yml b/ansible/roles/install_dpdk/tasks/Debian.yml index 4f0c3c881..b76a0fbf8 100755 --- a/ansible/roles/install_dpdk/tasks/Debian.yml +++ b/ansible/roles/install_dpdk/tasks/Debian.yml @@ -17,6 +17,7 @@ with_items: - libpcap-dev - pciutils + - libelf-dev - name: Install kernel headers action: "{{ ansible_pkg_mgr }} name=linux-headers-{{ dpdk_kernel }} state=present" diff --git a/ansible/roles/install_dpdk/tasks/main.yml b/ansible/roles/install_dpdk/tasks/main.yml index 5bcfb50b1..a1a377eb1 100644 --- a/ansible/roles/install_dpdk/tasks/main.yml +++ b/ansible/roles/install_dpdk/tasks/main.yml @@ -20,6 +20,10 @@ # with_fileglob: # - "{{ local_nsb_path }}/patches/dpdk_custom_patch/0*.patch" +- debug: + var: dpdk_version + verbosity: 2 + - name: find kernel for image, (including chroot) find_kernel: kernel: "{{ ansible_kernel }}" @@ -106,6 +110,7 @@ src: "{{ dpdk_path }}/{{ dpdk_make_arch }}/kmod/igb_uio.ko" dest: "{{ dpdk_module_dir }}/igb_uio.ko" remote_src: yes + when: dpdk_version is version(dpdk_version_for_PROX, '>=') - name: run depmod for dpdk_kernel command: depmod "{{ dpdk_kernel }}" @@ -116,8 +121,26 @@ - name: copy dpdk-devbind.py to correct location copy: - src: "{{ dpdk_devbind_usertools if dpdk_version|float >= 17.02 else dpdk_devbind_tools }}" + src: "{{ dpdk_devbind_usertools if dpdk_version is version('17.02', '>=') else dpdk_devbind_tools }}" dest: "{{ INSTALL_BIN_PATH }}/dpdk-devbind.py" remote_src: yes force: yes mode: 0755 + when: dpdk_version is version(dpdk_version_for_PROX, '>=') + +- name: make vPE binary + command: make -j {{ ansible_processor_vcpus }} + args: + chdir: "{{ dpdk_path }}/examples/ip_pipeline" + environment: + RTE_SDK: "{{ dpdk_path }}" + when: dpdk_version is version(dpdk_version_for_PROX, '!=') + +- name: Copy vPE to correct location + copy: + src: "{{ dpdk_path }}/examples/ip_pipeline/build/app/ip_pipeline" + dest: "{{ INSTALL_BIN_PATH }}/vPE_vnf" + remote_src: yes + force: yes + mode: 0755 + when: dpdk_version is version(dpdk_version_for_PROX, '!=') diff --git a/ansible/roles/install_go/defaults/main.yml b/ansible/roles/install_go/defaults/main.yml new file mode 100644 index 000000000..dee4f82d2 --- /dev/null +++ b/ansible/roles/install_go/defaults/main.yml @@ -0,0 +1,18 @@ +# Copyright (c) 2018-2019 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +golang_repo_key_server: keyserver.ubuntu.com +golang_repo_key_id: C73998DC9DFEA6DCF1241057308C15A29AD198E9 +golang_repo_url: deb http://ppa.launchpad.net/gophers/archive/ubuntu xenial main +golang_bin_dir: /usr/lib/go-1.10/bin diff --git a/ansible/roles/install_go/tasks/main.yml b/ansible/roles/install_go/tasks/main.yml new file mode 100644 index 000000000..5489fadae --- /dev/null +++ b/ansible/roles/install_go/tasks/main.yml @@ -0,0 +1,40 @@ +# Copyright (c) 2018-2019 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +- name: Add go language gophers repo key + # due to a proxy issue in the ansible apt_key module on Ubuntu 17.10, + # it doesn't work to add key via `id` and `keyserver` parametes. Similar + # issue is described here: https://github.com/debops/ansible-elastic_co/issues/2 + # apt_key: + # keyserver: "{{ golang_repo_key_server }}" + # id: "{{ golang_repo_key_id }}" + # As a workaround, we can use `apt-key` tool directly with proxy specified. + command: > + apt-key adv --keyserver {{ golang_repo_key_server }} --recv-keys + --keyserver-options http-proxy={{ proxy_env.http_proxy }} + {{ golang_repo_key_id }} + +- name: Add apt golang repository + apt_repository: + repo: "{{ golang_repo_url }}" + filename: golang-1.10-go + +- name: Install golang-1.10-go + apt: + name: golang-1.10-go + +- name: Setup Go environment variable + set_fact: + go_env: + PATH: "{{ golang_bin_dir }}:{{ ansible_env.PATH }}" diff --git a/ansible/roles/install_image_dependencies/defaults/main.yml b/ansible/roles/install_image_dependencies/defaults/main.yml index 7a3f5fa7e..558e68a9b 100644 --- a/ansible/roles/install_image_dependencies/defaults/main.yml +++ b/ansible/roles/install_image_dependencies/defaults/main.yml @@ -29,6 +29,8 @@ install_dependencies: - libxft-dev - libxss-dev - expect + - libnuma-dev + - curl RedHat: - bc - fio @@ -49,3 +51,4 @@ install_dependencies: - sysstat - unzip - python-devel + - curl diff --git a/ansible/roles/install_image_dependencies/tasks/main.yml b/ansible/roles/install_image_dependencies/tasks/main.yml index ffd30f33e..4e55339c2 100644 --- a/ansible/roles/install_image_dependencies/tasks/main.yml +++ b/ansible/roles/install_image_dependencies/tasks/main.yml @@ -19,5 +19,5 @@ action: "{{ ansible_pkg_mgr }} name={{ item }} state=latest update_cache=yes" register: pkg_mgr_results retries: "{{ pkg_mgr_retries }}" - until: pkg_mgr_results|success + until: pkg_mgr_results is success with_items: "{{ install_dependencies[ansible_os_family] }}" diff --git a/ansible/roles/install_kube/defaults/main.yml b/ansible/roles/install_kube/defaults/main.yml new file mode 100644 index 000000000..1ae57469d --- /dev/null +++ b/ansible/roles/install_kube/defaults/main.yml @@ -0,0 +1,16 @@ +# Copyright (c) 2018-2019 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +kubernetes_key_url: https://packages.cloud.google.com/apt/doc/apt-key.gpg +kubernetes_repo_url: deb http://apt.kubernetes.io/ kubernetes-xenial main diff --git a/ansible/roles/install_kube/tasks/main.yml b/ansible/roles/install_kube/tasks/main.yml new file mode 100644 index 000000000..ea4f0cdb5 --- /dev/null +++ b/ansible/roles/install_kube/tasks/main.yml @@ -0,0 +1,30 @@ +# Copyright (c) 2018-2019 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +- name: Add kubernetes repo key + apt_key: + url: "{{ kubernetes_key_url }}" + +- name: Add apt kubernetes repository + apt_repository: + repo: "{{ kubernetes_repo_url }}" + filename: kubernetes + +- name: Install kubelet kubeadm kubectl kubernetes-cni + apt: + name: + - kubelet=1.9.3* + - kubeadm=1.9.3* + - kubectl=1.9.3* + force: yes diff --git a/ansible/roles/install_samplevnf/tasks/main.yml b/ansible/roles/install_samplevnf/tasks/main.yml index b5d33f668..ad147b00f 100644 --- a/ansible/roles/install_samplevnf/tasks/main.yml +++ b/ansible/roles/install_samplevnf/tasks/main.yml @@ -56,3 +56,35 @@ # make executable mode: 0755 +- set_fact: + path_vnf: "{{ INSTALL_BIN_PATH }}/{{ vnf_app_names[vnf_name]}}" + +- stat: + path: "{{ path_vnf }}" + checksum_algorithm: md5 + register: path_vnf_var + +- stat: + path: "{{ path_json }}" + register: path_json_var + +- name: Fetch from remote + fetch: + src: "{{ path_json }}" + dest: "{{ path_json }}" + flat: yes + when: path_json_var.stat.exists + +- name: Read from json + set_fact: + json_vars: "{{ lookup('file', path_json) | from_json }}" + when: path_json_var.stat.exists + +- set_fact: + json_vars: "{{ json_vars | default([]) | combine({ vnf_app_names[vnf_name]: {'branch_commit': samplevnf_version, 'path_vnf': path_vnf, 'md5': path_vnf_var.stat.checksum }}) }}" + +- name: Update json file + copy: + content: "{{ json_vars | to_nice_json }}" + dest: "{{ path_json }}" + mode: 0755 diff --git a/ansible/roles/install_samplevnf/vars/main.yml b/ansible/roles/install_samplevnf/vars/main.yml index 45cea6820..e2a37377a 100644 --- a/ansible/roles/install_samplevnf/vars/main.yml +++ b/ansible/roles/install_samplevnf/vars/main.yml @@ -47,12 +47,12 @@ vnf_build_dependencies: vnf_build_dirs: ACL: vACL FW: vFW - CGNATP: vCGNAPT + CGNAPT: vCGNAPT UDP_Replay: UDP_Replay PROX: DPPD-PROX vnf_app_names: ACL: vACL FW: vFW - CGNATP: vCGNAPT + CGNAPT: vCGNAPT UDP_Replay: UDP_Replay PROX: prox diff --git a/ansible/roles/install_trex/defaults/main.yml b/ansible/roles/install_trex/defaults/main.yml index a5555e355..79a04fedd 100644 --- a/ansible/roles/install_trex/defaults/main.yml +++ b/ansible/roles/install_trex/defaults/main.yml @@ -13,6 +13,6 @@ # limitations under the License. --- #TREX_DOWNLOAD: "https://trex-tgn.cisco.com/trex/release/v2.05.tar.gz" -TREX_VERSION: v2.28 +TREX_VERSION: v2.41 TREX_DOWNLOAD: "{{ nsb_mirror_url|ternary(nsb_mirror_url, 'https://trex-tgn.cisco.com/trex/release' }}/{{ TREX_VERSION }}.tar.gz" INSTALL_BIN_PATH: "/opt/nsb_bin" diff --git a/ansible/roles/install_yardstick/tasks/main.yml b/ansible/roles/install_yardstick/tasks/main.yml new file mode 100644 index 000000000..f93f8eec3 --- /dev/null +++ b/ansible/roles/install_yardstick/tasks/main.yml @@ -0,0 +1,67 @@ +# Copyright (c) 2018 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +# Arguments needed: map_min_addr_file, yardstick_dir + +- name: Define variables + set_fact: + map_min_addr_file: "/etc/sysctl.d/mmap_min_addr.conf" + +- name: Remove the kernel minimum virtual address restriction that a process is allowed to mmap + copy: + dest: "{{ map_min_addr_file }}" + content: "vm.mmap_min_addr = 0\n" + +- name: Config git SSL + git_config: + name: http.sslVerify + scope: global + value: False + +- name: Install Yardstick requirements (venv) + pip: + requirements: "{{ yardstick_dir }}/requirements.txt" + virtualenv: "{{ yardstick_dir }}/virtualenv" + async: 900 + poll: 0 + register: pip_installer + when: virtual_environment == True + +- name: Install Yardstick requirements + pip: + requirements: "{{ yardstick_dir }}/requirements.txt" + async: 900 + poll: 0 + register: pip_installer + when: virtual_environment == False + +- name: Check install Yardstick requirements + async_status: + jid: "{{ pip_installer.ansible_job_id }}" + register: job_result + until: job_result.finished + retries: 180 + +- name: Install Yardstick code (venv) + pip: + name: "{{ yardstick_dir }}/" + editable: True + virtualenv: "{{ yardstick_dir }}/virtualenv" + when: virtual_environment == True + +- name: Install Yardstick code + pip: + name: "{{ yardstick_dir }}/" + editable: True + when: virtual_environment == False diff --git a/ansible/roles/set_package_installer_proxy/templates/apt_conf.j2 b/ansible/roles/set_package_installer_proxy/templates/apt_conf.j2 index 5b57178a7..cba8eacd4 100644 --- a/ansible/roles/set_package_installer_proxy/templates/apt_conf.j2 +++ b/ansible/roles/set_package_installer_proxy/templates/apt_conf.j2 @@ -1,3 +1,6 @@ {% if "http_proxy" in proxy_env %} Acquire::http::Proxy "{{ proxy_env.http_proxy }}"; {% endif %} +{% if "https_proxy" in proxy_env %} +Acquire::https::Proxy "{{ proxy_env.https_proxy }}"; +{% endif %} |