Browse Source

Fixes made while testing the playbooks.

Updated url of docker registry.

make a loop for more flexibility.

Introducing listen_ip variable that overrides

the default listen_ip.

make a loop for more flexibility.

Get a listen ip specifically for that host.

see if components have listen_ip defined before using ansible_default_ipv4

Make service files look for listen_ip variable.

implemented listen_ip variable here too

map to different port to avoid clashes.

Make PHYSICAL_INTERFACE_MAPPINGS variable...

instead of just one provuider interface.
it should contain something like:
physnet2:eth1,physnet3:eth2

add openstack client on machine that is running keystone

Added delay to check.

enable all services are started at boot

Inventory for gcc openstack03 all in one.

added volume for glance images

Added gcc all in one specific config.

Prevent an error when there is no secrets.yml..

to back up

removed reference to empty dir.

added empty meta/main.yml

And now with a list of roles

..and removed the list

removed reference to empty dir.

Added galera cluster support

When at least three database nodes are installed, the playbook will
install a galera cluster across them.

The galera cnf can be the same template across...

nodes.

made environment file for the service.

I am unable to reproduce systemctl set-environment to work as
advertized.

Reverted to updating init file by ansible.

entrypoint.sh of the mariadb container seems unable to cope when a blank
variable is passed by systemd.

give the galera master node some time

It seems to be nessecary to run in host mode..

for galera to work.

I misunderstood pause. need sleep.

Inventory for physical test cluster.

Added CINDER_PASSWORD

Make sure docker is started.

If docker was already installed but not running
it was not started.

fixed refernce to neutron controller

Added heat

Added port for metadata service

Passed metadata secret to be used in config.

Listen ip should be the machine's ip...

Added openstack client from repo.

changed name of subnet

added horizon

Changed rabbitmq default user to openstack.

This makes it no longer nesseccary to create a separate openstack user,
which is lost on rabbitmq restart.

Added sleep because hosts were usually..

not discovered.

Removed unnessecary port mapping

Making /dev/lvm available to container.

fixed os-test inventory

Make iscsi devices available

(needed to attach cinder volumes to machines)

command module no longer works with &&

add cinder to test setup
merlin-develop
Egon Rijpkema 5 years ago
parent
commit
30567679a2
  1. 35
      gcc-post-install.yml
  2. 14
      gcc-site.yml
  3. 4
      generate_secrets.py
  4. 9
      heat.yml
  5. 4
      hosts
  6. 7
      mariadb.yml
  7. 1
      meta/main.yml
  8. 35
      openstack03
  9. 35
      os-test
  10. 2
      post-install.yml
  11. 5
      roles/cassandra/tasks/main.yml
  12. 17
      roles/cinder-controller/tasks/main.yml
  13. 21
      roles/cinder-storage/tasks/main.yml
  14. 8
      roles/cinder-storage/templates/cinder-storage.service
  15. 5
      roles/common/tasks/docker.yml
  16. 5
      roles/dockerregistry/tasks/main.yml
  17. 18
      roles/glance-controller/tasks/main.yml
  18. 1
      roles/glance-controller/templates/glance.service
  19. 62
      roles/heat/tasks/main.yml
  20. 19
      roles/heat/templates/heat.service
  21. 5
      roles/horizon/tasks/main.yml
  22. 6
      roles/horizon/templates/horizon.service
  23. 40
      roles/keystone/tasks/main.yml
  24. 4
      roles/keystone/templates/keystone.service
  25. 20
      roles/mariadb/files/galera.cnf
  26. 56
      roles/mariadb/tasks/main.yml
  27. 7
      roles/mariadb/templates/mysql.service
  28. 5
      roles/memcached/tasks/main.yml
  29. 21
      roles/neutron-controller/tasks/main.yml
  30. 6
      roles/neutron-controller/templates/neutron-controller.service
  31. 14
      roles/nova-compute/tasks/main.yml
  32. 24
      roles/nova-compute/templates/nova-compute.service
  33. 24
      roles/nova-controller/tasks/main.yml
  34. 5
      roles/nova-controller/templates/nova-controller.service
  35. 8
      roles/rabbitmq/files/rabbitmq.service
  36. 15
      roles/rabbitmq/tasks/main.yml
  37. 58
      secrets.yml
  38. 2
      secrets.yml.topol
  39. 3
      site.yml
  40. 12
      test_hosts

35
gcc-post-install.yml

@ -0,0 +1,35 @@ @@ -0,0 +1,35 @@
---
- hosts: all
name: Dummy to gather facts
tasks: []
- hosts: keystone
become: True
vars_files:
- settings.yml
tasks:
- name: copy public key
copy:
content: "{{ rsa_pub }}"
dest: /srv/keystone/root/id_rsa.pub
- name: post install configuration
command: docker exec -i keystone.service bash -c "source /root/admin-openrc.sh && {{ item }}"
with_items:
- openstack network create --share --external --provider-physical-network provider --provider-network-type vlan --provider-segment 985 vlan985
- >
openstack subnet create --subnet-range 172.23.34.0/24 --gateway 172.23.34.1
--network vlan985 --allocation-pool start=172.23.34.50,end=172.23.34.60
--dns-nameserver 8.8.4.4 vlan985_subnet
- openstack network create --share --external --provider-physical-network provider --provider-network-type vlan --provider-segment 16 vlan16
- >
openstack subnet create --subnet-range 195.169.22.0/23 --gateway 195.169.23.251
--network vlan16 --allocation-pool start=195.169.22.237,end=195.169.22.237
--dns-nameserver 8.8.4.4 vlan16_subnet
- openstack flavor create --ram 4096 --disk 40 --vcpus 2 "Molgenis Dual"
- openstack flavor create --ram 16384 --disk 40 --vcpus 4 "Molgenis Quad 16GB"
- openstack flavor create --ram 8192 --disk 40 --vcpus 4 "Molgenis Quad 8GB"
- openstack keypair create --public-key /root/id_rsa.pub adminkey

14
gcc-site.yml

@ -0,0 +1,14 @@ @@ -0,0 +1,14 @@
---
- include: common.yml
- include: rabbitmq.yml
- include: memcached.yml
- include: mariadb.yml
- include: keystone.yml
- include: glance-controller.yml
- include: nova-controller.yml
- include: neutron-controller.yml
- include: cinder-controller.yml
- include: cinder-storage.yml
- include: nova-compute.yml
- include: horizon.yml
- include: gcc-post-install.yml

4
generate_secrets.py

@ -5,6 +5,7 @@ Open the secrets.yml and replace all passwords. @@ -5,6 +5,7 @@ Open the secrets.yml and replace all passwords.
Original is backed up.
"""
from os import path
import random
import string
from subprocess import call
@ -27,7 +28,8 @@ for key, value in data.iteritems(): @@ -27,7 +28,8 @@ for key, value in data.iteritems():
for _ in range(pass_length))
# Make numbered backups of the secrets file.
call(['cp', '--backup=numbered', 'secrets.yml', 'secrets.yml.bak'])
if path.isfile('secrets.yml'):
call(['cp', '--backup=numbered', 'secrets.yml', 'secrets.yml.bak'])
with open('secrets.yml', 'w') as f:
dump(data, f, Dumper=Dumper, default_flow_style=False)

9
heat.yml

@ -0,0 +1,9 @@ @@ -0,0 +1,9 @@
---
- hosts: all
name: Dummy to gather facts
tasks: []
- hosts: heat
become: True
roles:
- heat

4
hosts

@ -34,7 +34,7 @@ openstack01-node03 @@ -34,7 +34,7 @@ openstack01-node03
#run_options="-e CASSANDRA_SEEDS=172.23.41.1"
[neutron-controller]
openstack01-node01 provider_interface_name=ens192
openstack01-node01 physical_interface_mappings=provider:ens192
[nova-controller]
openstack01-node03
@ -46,4 +46,4 @@ openstack01-node03 @@ -46,4 +46,4 @@ openstack01-node03
openstack01-node01 storage_volume=/dev/loop0
[nova-compute]
openstack01-node04 provider_interface_name=dummy0
openstack01-node04 physical_interface_mappings=provider:dummy0

7
mariadb.yml

@ -4,3 +4,10 @@ @@ -4,3 +4,10 @@
become: True
roles:
- mariadb
vars:
hostname_node0: "{{ hostvars[groups['databases'][0]]['ansible_hostname'] }}"
hostname_node1: "{{ hostvars[groups['databases'][1]]['ansible_hostname'] }}"
hostname_node2: "{{ hostvars[groups['databases'][2]]['ansible_hostname'] }}"
ip_node0: "{{ hostvars[groups['databases'][0]]['listen_ip'] | default(hostvars[groups['databases'][0]]['ansible_default_ipv4']['address']) }}"
ip_node1: "{{ hostvars[groups['databases'][1]]['listen_ip'] | default(hostvars[groups['databases'][1]]['ansible_default_ipv4']['address']) }}"
ip_node2: "{{ hostvars[groups['databases'][2]]['listen_ip'] | default(hostvars[groups['databases'][2]]['ansible_default_ipv4']['address']) }}"

1
meta/main.yml

@ -0,0 +1 @@ @@ -0,0 +1 @@
---

35
openstack03

@ -0,0 +1,35 @@ @@ -0,0 +1,35 @@
[databases]
openstack03
[keystone]
openstack03
[glance-controller]
openstack03
[horizon]
openstack03
[rabbitmq]
openstack03
[memcached]
openstack03
[neutron-controller]
openstack03 physical_interface_mappings=provider:enp4s0f0
[nova-controller]
openstack03
[cinder-controller]
openstack03
[cinder-storage]
openstack03 storage_volume=/dev/sdb1
[nova-compute]
openstack03 physical_interface_mappings=provider:enp4s0f0
[all:vars]
listen_ip=172.23.40.243

35
os-test

@ -0,0 +1,35 @@ @@ -0,0 +1,35 @@
[databases]
os-test
[keystone]
os-test
[glance-controller]
os-test
[horizon]
os-test
[rabbitmq]
os-test
[memcached]
os-test
[neutron-controller]
os-test physical_interface_mappings=provider:enp4s0f0
[nova-controller]
os-test
[cinder-controller]
os-test
[cinder-storage]
os-test storage_volume=/dev/sdb
[nova-compute]
os-test physical_interface_mappings=provider:enp4s0f0
[all:vars]
listen_ip=129.125.60.194

2
post-install.yml

@ -19,7 +19,7 @@ @@ -19,7 +19,7 @@
- >
openstack subnet create --network provider
--allocation-pool start={{ allocation_pool['start'] }},end={{ allocation_pool['end'] }}
--dns-nameserver {{ dns_nameserver }} --gateway {{ gateway }} --subnet-range {{ subnet_range }} provider
--dns-nameserver {{ dns_nameserver }} --gateway {{ gateway }} --subnet-range {{ subnet_range }} providersub
- openstack flavor create --id 0 --vcpus 1 --ram 64 --disk 1 m1.nano
- openstack keypair create --public-key /root/id_rsa.pub adminkey

5
roles/cassandra/tasks/main.yml

@ -7,9 +7,14 @@ @@ -7,9 +7,14 @@
mode: 644
owner: root
group: root
- name: install service file
command: systemctl daemon-reload
- name: make sure service is started
systemd:
name: cassandra.service
state: started
- name: start service at boot.
command: systemctl reenable cassandra.service

17
roles/cinder-controller/tasks/main.yml

@ -6,18 +6,18 @@ @@ -6,18 +6,18 @@
name: secrets
- set_fact:
docker_image: webhost12.service.rug.nl/hpc/openstack-cinder-controller:latest
docker_image: registry.webhosting.rug.nl/hpc/openstack-cinder-controller:latest
env_vars: >
-e "MY_IP={{ ansible_default_ipv4.address }}"
-e "CINDER_HOST={{ hostvars[groups['cinder-controller'][0]]['ansible_default_ipv4']['address'] }}"
-e "MY_IP={{ listen_ip | default(ansible_default_ipv4.address) }}"
-e "CINDER_HOST={{ listen_ip | default(hostvars[groups['cinder-controller'][0]]['ansible_default_ipv4']['address']) }}"
-e "CINDER_PASSWORD={{ secrets['CINDER_PASSWORD'] }}"
-e "CINDER_USER=cinder"
-e "KEYSTONE_HOST={{ hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address'] }}"
-e "MEMCACHED_HOST={{ hostvars[groups['memcached'][0]]['ansible_default_ipv4']['address'] }}"
-e "MYSQL_HOST={{ hostvars[groups['databases'][0]]['ansible_default_ipv4']['address'] }}"
-e "KEYSTONE_HOST={{ listen_ip | default(hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address']) }}"
-e "MEMCACHED_HOST={{ listen_ip | default(hostvars[groups['memcached'][0]]['ansible_default_ipv4']['address']) }}"
-e "MYSQL_HOST={{ listen_ip | default(hostvars[groups['databases'][0]]['ansible_default_ipv4']['address']) }}"
-e "MYSQL_ROOT_PASSWORD={{ secrets['MYSQL_ROOT_PASSWORD'] }}"
-e "OS_PASSWORD={{ secrets['OS_PASSWORD'] }}"
-e "RABBIT_HOST={{ hostvars[groups['rabbitmq'][0]]['ansible_default_ipv4']['address'] }}"
-e "RABBIT_HOST={{ listen_ip | default(hostvars[groups['rabbitmq'][0]]['ansible_default_ipv4']['address']) }}"
-e "RABBIT_PASSWORD={{ secrets['RABBIT_PASSWORD'] }}"
-e "RABBIT_USER=openstack"
@ -43,6 +43,9 @@ @@ -43,6 +43,9 @@
owner: root
group: root
- name: start service at boot.
command: systemctl reenable cinder-controller.service
- command: systemctl daemon-reload
- name: Initialize database.

21
roles/cinder-storage/tasks/main.yml

@ -4,22 +4,24 @@ @@ -4,22 +4,24 @@
include_vars:
file: ../../secrets.yml
name: secrets
tags: vars
- set_fact:
docker_image: webhost12.service.rug.nl/hpc/openstack-cinder-storage:latest
docker_image: registry.webhosting.rug.nl/hpc/openstack-cinder-storage:latest
env_vars: >
-e "MY_IP={{ ansible_default_ipv4.address }}"
-e "CINDER_HOST={{ hostvars[groups['cinder-storage'][0]]['ansible_default_ipv4']['address'] }}"
-e "MY_IP={{ listen_ip | default(ansible_default_ipv4.address) }}"
-e "CINDER_HOST={{ listen_ip | default(hostvars[groups['cinder-storage'][0]]['ansible_default_ipv4']['address']) }}"
-e "CINDER_PASSWORD={{ secrets['CINDER_PASSWORD'] }}"
-e "CINDER_USER=cinder"
-e "GLANCE_HOST={{ hostvars[groups['glance-controller'][0]]['ansible_default_ipv4']['address'] }}"
-e "KEYSTONE_HOST={{ hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address'] }}"
-e "MYSQL_HOST={{ hostvars[groups['databases'][0]]['ansible_default_ipv4']['address'] }}"
-e "GLANCE_HOST={{ listen_ip | default(hostvars[groups['glance-controller'][0]]['ansible_default_ipv4']['address']) }}"
-e "KEYSTONE_HOST={{ listen_ip | default(hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address']) }}"
-e "MYSQL_HOST={{ listen_ip | default(hostvars[groups['databases'][0]]['ansible_default_ipv4']['address']) }}"
-e "MYSQL_ROOT_PASSWORD={{ secrets['MYSQL_ROOT_PASSWORD'] }}"
-e "OS_PASSWORD={{ secrets['OS_PASSWORD'] }}"
-e "RABBIT_HOST={{ hostvars[groups['rabbitmq'][0]]['ansible_default_ipv4']['address'] }}"
-e "RABBIT_HOST={{ listen_ip | default(hostvars[groups['rabbitmq'][0]]['ansible_default_ipv4']['address']) }}"
-e "RABBIT_PASSWORD={{ secrets['RABBIT_PASSWORD'] }}"
-e "RABBIT_USER=openstack"
tags: vars
- name: pull docker image
docker_image:
@ -52,8 +54,13 @@ @@ -52,8 +54,13 @@
mode: 644
owner: root
group: root
tags: systemd
- command: systemctl daemon-reload
tags: systemd
- name: start service at boot.
command: systemctl reenable cinder-storage.service
- name: make sure service is started
systemd:

8
roles/cinder-storage/templates/cinder-storage.service

@ -1,5 +1,5 @@ @@ -1,5 +1,5 @@
[Unit]
Description=Openstack Glance Container
Description=Openstack Cinder Storage container
After=docker.service
Requires=docker.service
@ -11,9 +11,13 @@ ExecStartPre=-/usr/bin/docker rm %n @@ -11,9 +11,13 @@ ExecStartPre=-/usr/bin/docker rm %n
ExecStart=/usr/bin/docker run --name %n \
--privileged \
{{ env_vars | replace('\n', '') }} \
-v "/dev/cinder-volumes/":/dev/cinder-volumes \
-v /srv/cinder-storage/root:/root \
-v "{{ storage_volume }}":/dev/cinder_storage_volume \
-p 8776:8776 \
-v "/dev/lvm":/dev/lvm \
-v "/srv/cinder-storage/volumes/:/var/lib/cinder/volumes/" \
-p 8777:8776 \
-p 3260:3260 \
{{ docker_image }}
[Install]

5
roles/common/tasks/docker.yml

@ -13,3 +13,8 @@ @@ -13,3 +13,8 @@
with_items:
- docker-engine
- python-docker
- name: make sure service is started
systemd:
name: docker.service
state: started

5
roles/dockerregistry/tasks/main.yml

@ -7,13 +7,18 @@ @@ -7,13 +7,18 @@
mode: 644
owner: root
group: root
- name: install service file
command: systemctl daemon-reload
- name: make sure service is started
systemd:
name: dockerregistry.service
state: started
- name: start service at boot.
command: systemctl reenable dockerregistry.service
- name: Copy certificates and passwd file
copy:
src: "{{ item }}"

18
roles/glance-controller/tasks/main.yml

@ -6,17 +6,17 @@ @@ -6,17 +6,17 @@
name: secrets
- set_fact:
docker_image: webhost12.service.rug.nl/hpc/openstack-glance:latest
docker_image: registry.webhosting.rug.nl/hpc/openstack-glance:latest
env_vars: >
-e "GLANCE_HOST={{ hostvars[groups['glance-controller'][0]]['ansible_default_ipv4']['address'] }}"
-e "GLANCE_HOST={{ listen_ip | default(hostvars[groups['glance-controller'][0]]['ansible_default_ipv4']['address']) }}"
-e "GLANCE_PASSWORD={{ secrets['GLANCE_PASSWORD'] }}"
-e "GLANCE_USER=glance"
-e "KEYSTONE_HOST={{ hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address'] }}"
-e "MEMCACHED_HOST={{ hostvars[groups['memcached'][0]]['ansible_default_ipv4']['address'] }}"
-e "MYSQL_HOST={{ hostvars[groups['databases'][0]]['ansible_default_ipv4']['address'] }}"
-e "KEYSTONE_HOST={{ listen_ip | default(hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address']) }}"
-e "MEMCACHED_HOST={{ listen_ip | default(hostvars[groups['memcached'][0]]['ansible_default_ipv4']['address']) }}"
-e "MYSQL_HOST={{ listen_ip | default(hostvars[groups['databases'][0]]['ansible_default_ipv4']['address']) }}"
-e "MYSQL_ROOT_PASSWORD={{ secrets['MYSQL_ROOT_PASSWORD'] }}"
-e "OS_PASSWORD={{ secrets['OS_PASSWORD'] }}"
-e "RABBIT_HOST={{ hostvars[groups['rabbitmq'][0]]['ansible_default_ipv4']['address'] }}"
-e "RABBIT_HOST={{ listen_ip | default(hostvars[groups['rabbitmq'][0]]['ansible_default_ipv4']['address']) }}"
-e "RABBIT_PASSWORD={{ secrets['RABBIT_PASSWORD'] }}"
-e "RABBIT_USER=openstack"
@ -42,14 +42,18 @@ @@ -42,14 +42,18 @@
owner: root
group: root
- name: start service at boot.
command: systemctl reenable glance.service
- command: systemctl daemon-reload
- name: Initialize database.
command: >
/usr/bin/docker run --rm
{{ env_vars }}
--add-host=keystone:{{ hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address'] }} \
--add-host=keystone:{{ listen_ip | default(hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address']) }} \
-v /srv/glance/root:/root \
-v /var/lib/glance/images:/var/lib/glance/images \
{{ docker_image }} /etc/bootstrap.sh
tags: bootstrap

1
roles/glance-controller/templates/glance.service

@ -11,6 +11,7 @@ ExecStartPre=-/usr/bin/docker rm %n @@ -11,6 +11,7 @@ ExecStartPre=-/usr/bin/docker rm %n
ExecStart=/usr/bin/docker run --name %n \
{{ env_vars | replace('\n', '') }} \
-v /srv/glance/root:/root \
-v /var/lib/glance/images:/var/lib/glance/images \
-p 9292:9292 \
{{ docker_image }}

62
roles/heat/tasks/main.yml

@ -0,0 +1,62 @@ @@ -0,0 +1,62 @@
# Build and install a docker image for heat.
---
- name: include secrets
include_vars:
file: ../../secrets.yml
name: secrets
- set_fact:
docker_image: registry.webhosting.rug.nl/hpc/openstack-heat:latest
env_vars: >
-e "HEAT_HOST={{ listen_ip | default(hostvars[groups['heat'][0]]['ansible_default_ipv4']['address']) }}"
-e "HEAT_PASSWORD={{ secrets['HEAT_PASSWORD'] }}"
-e "HEAT_USER=heat"
-e "KEYSTONE_HOST={{ listen_ip | default(hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address']) }}"
-e "MEMCACHED_HOST={{ listen_ip | default(hostvars[groups['memcached'][0]]['ansible_default_ipv4']['address']) }}"
-e "MYSQL_HOST={{ listen_ip | default(hostvars[groups['databases'][0]]['ansible_default_ipv4']['address']) }}"
-e "MYSQL_ROOT_PASSWORD={{ secrets['MYSQL_ROOT_PASSWORD'] }}"
-e "OS_PASSWORD={{ secrets['OS_PASSWORD'] }}"
-e "RABBIT_HOST={{ listen_ip | default(hostvars[groups['rabbitmq'][0]]['ansible_default_ipv4']['address']) }}"
-e "RABBIT_PASSWORD={{ secrets['RABBIT_PASSWORD'] }}"
-e "RABBIT_USER=openstack"
- name: pull docker image
docker_image:
name: "{{ docker_image }}"
tags: pull
- name: Make build and persistent directories
file:
path: "{{ item }}"
state: directory
mode: 0777
with_items:
- /srv/heat
- /srv/heat/root
- name: install service file.
template:
src: templates/heat.service
dest: /etc/systemd/system/heat.service
mode: 644
owner: root
group: root
- name: start service at boot.
command: systemctl reenable heat.service
- command: systemctl daemon-reload
- name: Initialize database.
command: >
/usr/bin/docker run --rm
{{ env_vars }}
--add-host=keystone:{{ listen_ip | default(hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address']) }} \
-v /srv/heat/root:/root \
{{ docker_image }} /etc/bootstrap.sh
tags: bootstrap
- name: make sure service is started
systemd:
name: heat.service
state: restarted

19
roles/heat/templates/heat.service

@ -0,0 +1,19 @@ @@ -0,0 +1,19 @@
[Unit]
Description=Openstack heat Container
After=docker.service
Requires=docker.service
[Service]
TimeoutStartSec=0
Restart=always
ExecStartPre=-/usr/bin/docker kill %n
ExecStartPre=-/usr/bin/docker rm %n
ExecStart=/usr/bin/docker run --name %n \
{{ env_vars | replace('\n', '') }} \
-v /srv/heat/root:/root \
-p 8000:8000 \
-p 8004:8004 \
{{ docker_image }}
[Install]
WantedBy=multi-user.target

5
roles/horizon/tasks/main.yml

@ -1,7 +1,7 @@ @@ -1,7 +1,7 @@
# Run hpc/horizon
---
- set_fact:
docker_image: webhost12.service.rug.nl/hpc/openstack-horizon:latest
docker_image: registry.webhosting.rug.nl/hpc/openstack-horizon:latest
- name: pull docker image
docker_image:
@ -19,6 +19,9 @@ @@ -19,6 +19,9 @@
- command: systemctl daemon-reload
- name: start service at boot.
command: systemctl reenable horizon.service
- name: make sure service is started
systemd:
name: horizon.service

6
roles/horizon/templates/horizon.service

@ -9,9 +9,9 @@ Restart=always @@ -9,9 +9,9 @@ Restart=always
ExecStartPre=-/usr/bin/docker kill %n
ExecStartPre=-/usr/bin/docker rm %n
ExecStart=/usr/bin/docker run --name %n \
-e "MEMCACHED_SERVER={{ hostvars[groups['memcached'][0]]['ansible_default_ipv4']['address'] }}" \
-e "KEYSTONE_HOST={{ hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address'] }}" \
--add-host=keystone:{{ hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address'] }} \
-e "MEMCACHED_SERVER={{ hostvars[groups['memcached'][0]]['listen_ip'] | default(hostvars[groups['memcached'][0]]['ansible_default_ipv4']['address']) }}" \
-e "KEYSTONE_HOST={{ hostvars[groups['keystone'][0]]['listen_ip'] | default(hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address']) }}" \
--add-host=keystone:{{ hostvars[groups['keystone'][0]]['listen_ip'] | default(hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address']) }} \
-p 80:80 \
{{ docker_image }}

40
roles/keystone/tasks/main.yml

@ -17,7 +17,7 @@ @@ -17,7 +17,7 @@
- /srv/keystone/root
- set_fact:
docker_image: webhost12.service.rug.nl/hpc/openstack-keystone:latest
docker_image: registry.webhosting.rug.nl/hpc/openstack-keystone:latest
- name: pull docker image
docker_image:
@ -36,11 +36,14 @@ @@ -36,11 +36,14 @@
- name: install service file
command: systemctl daemon-reload
- name: start service at boot.
command: systemctl reenable keystone.service
- name: Initialize db
script: scripts/initialize_db.sh
environment:
MYSQL_ROOT_PASSWORD: "{{ secrets['MYSQL_ROOT_PASSWORD'] }}"
DB_HOST: "{{ hostvars[groups['databases'][0]]['ansible_default_ipv4']['address'] }}"
DB_HOST: "{{ listen_ip | default(hostvars[groups['databases'][0]]['ansible_default_ipv4']['address']) }}"
register: result
until: result|succeeded
# sometimes the initial connect fails.
@ -52,9 +55,9 @@ @@ -52,9 +55,9 @@
- name: keystone manage commands to setup db
command: >
/usr/bin/docker run --rm
--add-host=mariadb:{{ hostvars[groups['databases'][0]]['ansible_default_ipv4']['address'] }}
--add-host=mariadb:{{ listen_ip | default(hostvars[groups['databases'][0]]['ansible_default_ipv4']['address']) }}
-v /srv/keystone/fernet-keys:/etc/keystone/fernet-keys
-e "KEYSTONE_HOST={{ hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address'] }}"
-e "KEYSTONE_HOST={{ listen_ip | default(hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address']) }}"
{{ docker_image }} keystone-manage {{ item }}
with_items:
- db_sync
@ -62,9 +65,9 @@ @@ -62,9 +65,9 @@
- credential_setup --keystone-user keystone --keystone-group keystone
- >
bootstrap --bootstrap-password {{ secrets['OS_PASSWORD'] }}
--bootstrap-admin-url http://{{ hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address'] }}:35357/v3/
--bootstrap-internal-url http://{{ hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address'] }}:35357/v3/
--bootstrap-public-url http://{{ hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address'] }}:5000/v3/
--bootstrap-admin-url http://{{ listen_ip | default(hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address']) }}:35357/v3/
--bootstrap-internal-url http://{{ listen_ip | default(hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address']) }}:35357/v3/
--bootstrap-public-url http://{{ listen_ip | default(hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address']) }}:5000/v3/
--bootstrap-region-id RegionOne
- name: make sure service is started
@ -75,10 +78,29 @@ @@ -75,10 +78,29 @@
- name: Create a domain, projects users and roles
command: >
/usr/bin/docker run --rm
--add-host=mariadb:{{ hostvars[groups['databases'][0]]['ansible_default_ipv4']['address'] }}
--add-host=mariadb:{{ listen_ip | default(hostvars[groups['databases'][0]]['ansible_default_ipv4']['address']) }}
-v /srv/keystone/fernet-keys:/etc/keystone/fernet-keys
-v /srv/keystone/root:/root
-e "KEYSTONE_HOST={{ hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address'] }}"
-e "KEYSTONE_HOST={{ listen_ip | default(hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address']) }}"
-e "OS_AUTH_URL=http://${KEYSTONE_HOST}:35357/v3"
-e "OS_PASSWORD={{ secrets['OS_PASSWORD'] }}"
{{ docker_image }} bash /etc/bootstrap.sh
- name: install openstack repo on host.
command: >
echo "deb http://ubuntu-cloud.archive.canonical.com/ubuntu xenial-updates/ocata main" > /etc/apt/sources.list.d/ocata.list &&
apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 5EDB1B62EC4926EA
tags: openstackclient
- name: install openstack client for management
apt:
name: python-openstackclient
state: latest
update_cache: yes
tags: openstackclient
- name: source admin-openrc.sh in root .bashrc
lineinfile:
path: /root/.bashrc
line: 'source /srv/keystone/root/admin-openrc.sh'

4
roles/keystone/templates/keystone.service

@ -9,8 +9,8 @@ Restart=always @@ -9,8 +9,8 @@ Restart=always
ExecStartPre=-/usr/bin/docker kill %n
ExecStartPre=-/usr/bin/docker rm %n
ExecStart=/usr/bin/docker run --name %n \
--add-host=mariadb:{{ hostvars[groups['databases'][0]]['ansible_default_ipv4']['address'] }} \
-e "KEYSTONE_HOST={{ hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address'] }}" \
--add-host=mariadb:{{ hostvars[groups['databases'][0]]['listen_ip'] | default(hostvars[groups['databases'][0]]['ansible_default_ipv4']['address']) }} \
-e "KEYSTONE_HOST={{ hostvars[groups['keystone'][0]]['listen_ip'] | default(hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address']) }}" \
-p 5000:5000 -p 35357:35357 \
-v /srv/keystone/fernet-keys:/etc/keystone/fernet-keys \
-v /srv/keystone/root:/root \

20
roles/mariadb/files/galera.cnf

@ -0,0 +1,20 @@ @@ -0,0 +1,20 @@
[mysqld]
binlog_format=ROW
default-storage-engine=innodb
innodb_autoinc_lock_mode=2
bind-address=0.0.0.0
# Galera Provider Configuration
wsrep_on=ON
wsrep_provider=/usr/lib/galera/libgalera_smm.so
# Galera Cluster Configuration
wsrep_cluster_name="test_cluster"
wsrep_cluster_address="gcomm://{{ ip_node0 }},{{ ip_node1 }},{{ ip_node2 }}"
# Galera Synchronization Configuration
wsrep_sst_method=rsync
# Galera Node Configuration
wsrep_node_address="{{ listen_ip | default(ansible_default_ipv4.address) }}"
wsrep_node_name="{{ ansible_nodename }}"

56
roles/mariadb/tasks/main.yml

@ -5,14 +5,6 @@ @@ -5,14 +5,6 @@
file: ../../secrets.yml
name: secrets
- name: install service file.
template:
src: templates/mysql.service
dest: /etc/systemd/system/mysql.service
mode: 644
owner: root
group: root
- name: make mariadb settings volume
file:
path: "{{ item }}"
@ -21,16 +13,60 @@ @@ -21,16 +13,60 @@
with_items:
- /srv/mariadb/lib/mysql
- /srv/mariadb/etc/mysql
- /srv/mariadb/etc/mysql/conf.d
- name: place settings file
copy:
src: files/my.cnf
dest: /srv/mariadb/etc/mysql
dest: /srv/mariadb/etc/mysql/conf.d/my.cnf
mode: 660
- command: systemctl daemon-reload
- name: Set galara.cnf on node if we have at least three nodes.
template:
src: files/galera.cnf
dest: /srv/mariadb/etc/mysql/conf.d/galera.cnf
mode: 660
when: groups['databases'] | length >= 3
# This mimics galera_new_cluster.sh
- name: Initialize a new cluster.
block:
- set_fact:
mariadb_args: "--wsrep-new-cluster"
- template:
src: templates/mysql.service
dest: /etc/systemd/system/mysql.service
mode: 644
owner: root
group: root
- command: systemctl daemon-reload
- systemd:
name: mysql.service
state: started
when: groups['databases'] | length >= 3 and ansible_hostname == hostname_node0
- name: install service file.
block:
- set_fact:
mariadb_args: ""
- template:
src: templates/mysql.service
dest: /etc/systemd/system/mysql.service
mode: 644
owner: root
group: root
- name: Give the master node some time to initialize the cluster.
command: bash -c "sleep 60 && systemctl daemon-reload"
- name: make sure service is started
systemd:
name: mysql.service
state: started
- name: start service at boot.
command: systemctl reenable mysql.service

7
roles/mariadb/templates/mysql.service

@ -9,10 +9,11 @@ Restart=always @@ -9,10 +9,11 @@ Restart=always
ExecStartPre=-/usr/bin/docker kill %n || /bin/true
ExecStartPre=-/usr/bin/docker rm %n
ExecStartPre=/usr/bin/docker pull mariadb:10.2
ExecStart=/usr/bin/docker run -p 3306:3306 --name %n \
ExecStart=/usr/bin/docker run --name %n \
--network host \
-v /srv/mariadb/lib/mysql:/var/lib/mysql \
-v /srv/mariadb/etc/mysql:/etc/mysql \
-e MYSQL_ROOT_PASSWORD={{ secrets['MYSQL_ROOT_PASSWORD'] }} mariadb:10.2
-v /srv/mariadb/etc/mysql/conf.d:/etc/mysql/conf.d \
-e MYSQL_ROOT_PASSWORD={{ secrets['MYSQL_ROOT_PASSWORD'] }} mariadb:10.2 {{ mariadb_args }}
[Install]
WantedBy=multi-user.target

5
roles/memcached/tasks/main.yml

@ -7,8 +7,13 @@ @@ -7,8 +7,13 @@
mode: 644
owner: root
group: root
- name: install service file
command: systemctl daemon-reload
- name: start service at boot.
command: systemctl reenable memcached.service
- name: make sure service is started
systemd:
name: memcached.service

21
roles/neutron-controller/tasks/main.yml

@ -6,7 +6,7 @@ @@ -6,7 +6,7 @@
name: secrets
- set_fact:
docker_image: "webhost12.service.rug.nl/hpc/openstack-neutron-controller:latest"
docker_image: "registry.webhosting.rug.nl/hpc/openstack-neutron-controller:latest"
- name: pull docker image
docker_image:
@ -16,21 +16,21 @@ @@ -16,21 +16,21 @@
- set_fact:
env_vars: >
-e "KEYSTONE_HOST={{ hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address'] }}"
-e "MEMCACHED_HOST={{ hostvars[groups['memcached'][0]]['ansible_default_ipv4']['address'] }}"
-e "KEYSTONE_HOST={{ listen_ip | default(hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address']) }}"
-e "MEMCACHED_HOST={{ listen_ip | default(hostvars[groups['memcached'][0]]['ansible_default_ipv4']['address']) }}"
-e "METADATA_SECRET={{ secrets['METADATA_SECRET'] }}"
-e "MY_IP={{ hostvars[groups['neutron-controller'][0]]['ansible_default_ipv4']['address'] }}"
-e "MYSQL_HOST={{ hostvars[groups['databases'][0]]['ansible_default_ipv4']['address'] }}"
-e "MY_IP={{ listen_ip | default(hostvars[groups['neutron-controller'][0]]['ansible_default_ipv4']['address']) }}"
-e "MYSQL_HOST={{ listen_ip | default(hostvars[groups['databases'][0]]['ansible_default_ipv4']['address']) }}"
-e "MYSQL_ROOT_PASSWORD={{ secrets['MYSQL_ROOT_PASSWORD'] }}"
-e "NEUTRON_PASSWORD={{ secrets['NEUTRON_PASSWORD'] }}"
-e "NEUTRON_USER=neutron"
-e "NOVA_USER=nova"
-e "NOVA_PASSWORD={{ secrets['NOVA_PASSWORD'] }}"
-e "NOVA_CONTROLLER_HOST={{ hostvars[groups['nova-controller'][0]]['ansible_default_ipv4']['address'] }}"
-e "NOVA_CONTROLLER_HOST={{ listen_ip | default(hostvars[groups['nova-controller'][0]]['ansible_default_ipv4']['address']) }}"
-e "NOVA_PLACEMENT_PASSWORD={{ secrets['NOVA_PLACEMENT_PASSWORD'] }}"
-e "NOVA_PLACEMENT_USER=placement"
-e "OS_PASSWORD={{ secrets['OS_PASSWORD'] }}"
-e "PROVIDER_INTERFACE_NAME={{ provider_interface_name }}"
-e "PHYSICAL_INTERFACE_MAPPINGS={{ physical_interface_mappings }}"
-e "RABBIT_PASSWORD={{ secrets['RABBIT_PASSWORD'] }}"
-e "RABBIT_USER=openstack"
tags: env
@ -45,12 +45,15 @@ @@ -45,12 +45,15 @@
- command: systemctl daemon-reload
- name: start service at boot.
command: systemctl reenable neutron-controller.service
- name: Initialize neutron
command: >
/usr/bin/docker run --rm
{{ env_vars }}
--add-host=mariadb:{{ hostvars[groups['databases'][0]]['ansible_default_ipv4']['address'] }}
--add-host=keystone:{{ hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address'] }}
--add-host=mariadb:{{ listen_ip | default(hostvars[groups['databases'][0]]['ansible_default_ipv4']['address']) }}
--add-host=keystone:{{ listen_ip | default(hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address']) }}
--network host
{{ docker_image }}
/etc/bootstrap.sh

6
roles/neutron-controller/templates/neutron-controller.service

@ -10,9 +10,9 @@ ExecStartPre=-/usr/bin/docker kill %n @@ -10,9 +10,9 @@ ExecStartPre=-/usr/bin/docker kill %n
ExecStartPre=-/usr/bin/docker rm %n
ExecStart=/usr/bin/docker run --name %n \
{{ env_vars | replace('\n', '') }} \
--add-host=nova-controller:{{ hostvars[groups['nova-controller'][0]]['ansible_default_ipv4']['address'] }} \
--add-host=mariadb:{{ hostvars[groups['databases'][0]]['ansible_default_ipv4']['address'] }} \
--add-host=keystone:{{ hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address'] }} \
--add-host=nova-controller:{{ hostvars[groups['nova-controller'][0]]['listen_ip'] | default(hostvars[groups['nova-controller'][0]]['ansible_default_ipv4']['address']) }} \
--add-host=mariadb:{{ hostvars[groups['databases'][0]]['listen_ip'] | default(hostvars[groups['databases'][0]]['ansible_default_ipv4']['address']) }} \
--add-host=keystone:{{ hostvars[groups['keystone'][0]]['listen_ip'] | default(hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address']) }} \
--add-host={{ ansible_nodename }}:{{ ansible_default_ipv4.address }} \
--privileged \
--network host \

14
roles/nova-compute/tasks/main.yml

@ -4,10 +4,11 @@ @@ -4,10 +4,11 @@
include_vars:
file: ../../secrets.yml
name: secrets
tags: vars
- set_fact:
docker_image: webhost12.service.rug.nl/hpc/openstack-nova-compute:latest
tags: facts
docker_image: registry.webhosting.rug.nl/hpc/openstack-nova-compute:latest
tags: vars
- name: pull docker image
docker_image:
@ -22,11 +23,13 @@ @@ -22,11 +23,13 @@
mode: 644
owner: root
group: root
tags: systemd
- command: systemctl daemon-reload
tags: systemd
- apt:
name: '{{ item }}'
name: "{{ item }}"
with_items:
- kvm
- libvirt0
@ -38,6 +41,9 @@ @@ -38,6 +41,9 @@
name: nova-compute.service
state: restarted
- name: start service at boot.
command: systemctl reenable nova-compute.service
- name: let nova controler discover new host
command: docker exec -i nova-controller.service nova-manage cell_v2 discover_hosts
shell: "sleep 10 && docker exec -i nova-controller.service nova-manage cell_v2 discover_hosts"
delegate_to: "{{ hostvars[groups['nova-controller'][0]]['ansible_hostname'] }}"

24
roles/nova-compute/templates/nova-compute.service

@ -9,30 +9,32 @@ Restart=always @@ -9,30 +9,32 @@ Restart=always
ExecStartPre=-/usr/bin/docker kill %n
ExecStartPre=-/usr/bin/docker rm %n
ExecStart=/usr/bin/docker run --name %n \
-e "GLANCE_CONTROLLER_HOST={{ hostvars[groups['glance-controller'][0]]['ansible_default_ipv4']['address'] }}" \
-e "KEYSTONE_HOST={{ hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address'] }}" \
-e "MEMCACHED_HOST={{ hostvars[groups['memcached'][0]]['ansible_default_ipv4']['address'] }}" \
-e "MY_IP={{ hostvars[groups['nova-compute'][0]]['ansible_default_ipv4']['address'] }}" \
-e "MYSQL_HOST={{ hostvars[groups['databases'][0]]['ansible_default_ipv4']['address'] }}" \
-e "GLANCE_CONTROLLER_HOST={{ hostvars[groups['glance-controller'][0]]['listen_ip'] | default(hostvars[groups['glance-controller'][0]]['ansible_default_ipv4']['address']) }}" \
-e "KEYSTONE_HOST={{ hostvars[groups['keystone'][0]]['listen_ip'] | default(hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address']) }}" \
-e "METADATA_SECRET={{ secrets['METADATA_SECRET'] }}" \
-e "MEMCACHED_HOST={{ hostvars[groups['memcached'][0]]['listen_ip'] | default(hostvars[groups['memcached'][0]]['ansible_default_ipv4']['address']) }}" \
-e "MY_IP={{ listen_ip | default(ansible_default_ipv4.address) }}" \
-e "MYSQL_HOST={{ hostvars[groups['databases'][0]]['listen_ip'] | default(hostvars[groups['databases'][0]]['ansible_default_ipv4']['address']) }}" \
-e "MYSQL_ROOT_PASSWORD={{ secrets['MYSQL_ROOT_PASSWORD'] }}" \
-e "NEUTRON_CONTROLLER_HOST={{ hostvars[groups['neutron-controller'][0]]['ansible_default_ipv4']['address'] }}" \
-e "NEUTRON_CONTROLLER_HOST={{ hostvars[groups['neutron-controller'][0]]['listen_ip'] | default(hostvars[groups['neutron-controller'][0]]['ansible_default_ipv4']['address']) }}" \
-e "NEUTRON_PASSWORD={{ secrets['NEUTRON_PASSWORD'] }}" \
-e "NEUTRON_USER=neutron" \
-e "NOVA_COMPUTE_USER=nova_compute" \
-e "NOVA_CONTROLLER_HOST={{ hostvars[groups['nova-controller'][0]]['ansible_default_ipv4']['address'] }}" \
-e "NOVA_CONTROLLER_HOST={{ hostvars[groups['nova-controller'][0]]['listen_ip'] | default(hostvars[groups['nova-controller'][0]]['ansible_default_ipv4']['address']) }}" \
-e "NOVA_PASSWORD={{ secrets['NOVA_PASSWORD'] }}" \
-e "NOVA_PASSWORD={{ secrets['NOVA_PASSWORD'] }}" \
-e "NOVA_PLACEMENT_PASSWORD={{ secrets['NOVA_PLACEMENT_PASSWORD'] }}" \
-e "NOVA_PLACEMENT_USER=placement" \
-e "NOVA_USER=nova" \
-e "OS_PASSWORD={{ secrets['OS_PASSWORD'] }}" \
-e "PROVIDER_INTERFACE_NAME={{ provider_interface_name }}" \
-e "RABBIT_HOST={{ hostvars[groups['rabbitmq'][0]]['ansible_default_ipv4']['address'] }}" \
-e "PHYSICAL_INTERFACE_MAPPINGS={{ physical_interface_mappings }}" \
-e "RABBIT_HOST={{ hostvars[groups['rabbitmq'][0]]['listen_ip'] | default(hostvars[groups['rabbitmq'][0]]['ansible_default_ipv4']['address']) }}" \
-e "RABBIT_PASSWORD={{ secrets['RABBIT_PASSWORD'] }}" \
-e "RABBIT_USER=openstack" \
--add-host=keystone:{{ hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address'] }} \
--add-host=mariadb:{{ hostvars[groups['databases'][0]]['ansible_default_ipv4']['address'] }} \
--add-host=keystone:{{ hostvars[groups['keystone'][0]]['listen_ip'] | default(hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address']) }} \
--add-host=mariadb:{{ hostvars[groups['databases'][0]]['listen_ip'] | default(hostvars[groups['databases'][0]]['ansible_default_ipv4']['address']) }} \
--privileged \
-v /dev:/dev \
-v /var/run/libvirt/libvirt-sock:/var/run/libvirt/libvirt-sock \
-v /var/lib/nova/instances:/var/lib/nova/instances \
-v /lib/modules:/lib/modules \

24
roles/nova-controller/tasks/main.yml

@ -15,18 +15,19 @@ @@ -15,18 +15,19 @@
- /srv/nova-controller/root
- set_fact:
docker_image: webhost12.service.rug.nl/hpc/openstack-nova-service:latest
docker_image: registry.webhosting.rug.nl/hpc/openstack-nova-service:latest
env_vars: >
-e "GLANCE_CONTROLLER_HOST={{ hostvars[groups['glance-controller'][0]]['ansible_default_ipv4']['address'] }}"
-e "KEYSTONE_HOST={{ hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address'] }}"
-e "MEMCACHED_HOST={{ hostvars[groups['memcached'][0]]['ansible_default_ipv4']['address'] }}"
-e "MY_IP={{ hostvars[groups['nova-controller'][0]]['ansible_default_ipv4']['address'] }}"
-e "MYSQL_HOST={{ hostvars[groups['databases'][0]]['ansible_default_ipv4']['address'] }}"
-e "GLANCE_CONTROLLER_HOST={{ listen_ip | default(hostvars[groups['glance-controller'][0]]['ansible_default_ipv4']['address']) }}"
-e "KEYSTONE_HOST={{ listen_ip | default(hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address']) }}"
-e "METADATA_SECRET={{ secrets['METADATA_SECRET'] }}"
-e "MEMCACHED_HOST={{ listen_ip | default(hostvars[groups['memcached'][0]]['ansible_default_ipv4']['address']) }}"
-e "MY_IP={{ listen_ip | default(ansible_default_ipv4.address) }}"
-e "MYSQL_HOST={{ listen_ip | default(hostvars[groups['databases'][0]]['ansible_default_ipv4']['address']) }}"
-e "MYSQL_ROOT_PASSWORD={{ secrets['MYSQL_ROOT_PASSWORD'] }}"
-e "NEUTRON_CONTROLLER_HOST={{ hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address'] }}"
-e "NEUTRON_CONTROLLER_HOST={{ hostvars[groups['neutron-controller'][0]]['listen_ip'] | default(hostvars[groups['neutron-controller'][0]]['ansible_default_ipv4']['address']) }}"
-e "NEUTRON_PASSWORD={{ secrets['NEUTRON_PASSWORD'] }}"
-e "NEUTRON_USER=neutron"
-e "NOVA_CONTROLLER_HOST={{ hostvars[groups['nova-controller'][0]]['ansible_default_ipv4']['address'] }}"
-e "NOVA_CONTROLLER_HOST={{ listen_ip | default(hostvars[groups['nova-controller'][0]]['ansible_default_ipv4']['address']) }}"
-e "NOVA_PASSWORD={{ secrets['NOVA_PASSWORD'] }}"
-e "NOVA_PLACEMENT_PASSWORD={{ secrets['NOVA_PLACEMENT_PASSWORD'] }}"
-e "NOVA_PLACEMENT_USER=placement"
@ -52,12 +53,15 @@ @@ -52,12 +53,15 @@
- command: systemctl daemon-reload
- name: start service at boot.
command: systemctl reenable nova-controller.service
- name: Initialize database.
command: >
/usr/bin/docker run --rm
{{ env_vars }}
--add-host=mariadb:{{ hostvars[groups['databases'][0]]['ansible_default_ipv4']['address'] }}
--add-host=keystone:{{ hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address'] }}
--add-host=mariadb:{{ listen_ip | default(hostvars[groups['databases'][0]]['ansible_default_ipv4']['address']) }}
--add-host=keystone:{{ listen_ip | default(hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address']) }}
-v /srv/nova-controller/root:/root
{{ docker_image }}
/etc/bootstrap.sh

5
roles/nova-controller/templates/nova-controller.service

@ -10,11 +10,12 @@ ExecStartPre=-/usr/bin/docker kill %n @@ -10,11 +10,12 @@ ExecStartPre=-/usr/bin/docker kill %n
ExecStartPre=-/usr/bin/docker rm %n
ExecStart=/usr/bin/docker run --name %n \
{{ env_vars | replace('\n', '') }} \
--add-host=mariadb:{{ hostvars[groups['databases'][0]]['ansible_default_ipv4']['address'] }} \
--add-host=keystone:{{ hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address'] }} \
--add-host=mariadb:{{ hostvars[groups['databases'][0]]['listen_ip'] | default(hostvars[groups['databases'][0]]['ansible_default_ipv4']['address']) }} \
--add-host=keystone:{{ hostvars[groups['keystone'][0]]['listen_ip'] | default(hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address']) }} \
--privileged \
-v /srv/nova-controller/root:/root \
-p 8774:8774 \
-p 8775:8775 \
-p 8778:8778 \
-p 6080:6080 \
{{ docker_image }} /etc/run.sh

8
roles/rabbitmq/files/rabbitmq.service

@ -10,11 +10,11 @@ ExecStartPre=-/usr/bin/docker kill %n @@ -10,11 +10,11 @@ ExecStartPre=-/usr/bin/docker kill %n
ExecStartPre=-/usr/bin/docker rm %n
ExecStartPre=/usr/bin/docker pull rabbitmq:latest
ExecStart=/usr/bin/docker run \
--add-host "{{ hostvars[groups['rabbitmq'][0]]['ansible_hostname'] }}:{{ hostvars[groups['rabbitmq'][0]]['ansible_default_ipv4']['address'] }}" \
--add-host "{{ hostvars[groups['rabbitmq'][1]]['ansible_hostname'] }}:{{ hostvars[groups['rabbitmq'][1]]['ansible_default_ipv4']['address'] }}" \
--add-host "{{ hostvars[groups['rabbitmq'][2]]['ansible_hostname'] }}:{{ hostvars[groups['rabbitmq'][2]]['ansible_default_ipv4']['address'] }}" \
{% for host in groups['rabbitmq'] %}
--add-host "{{ host }}:{{ hostvars[host]['listen_ip'] | default(hostvars[host]['ansible_default_ipv4']['address']) }}" \
{% endfor %}
-p 4369:4369 -p 25679:25679 -p 25672:25672 -p 5671-5672:5671-5672 -p 8080:15672 \
-e "RABBITMQ_DEFAULT_USER=user" -e "RABBITMQ_DEFAULT_PASS={{ secrets['RABBIT_PASSWORD'] }}" \
-e "RABBITMQ_DEFAULT_USER=openstack" -e "RABBITMQ_DEFAULT_PASS={{ secrets['RABBIT_PASSWORD'] }}" \
-e "RABBITMQ_ERLANG_COOKIE={{ secrets['RABBITMQ_ERLANG_COOKIE'] }}" \
-e "RABBITMQ_NODENAME=rabbit_{{ ansible_nodename }}" \
--hostname "{{ ansible_nodename }}" --name %n rabbitmq:3-management

15
roles/rabbitmq/tasks/main.yml

@ -5,9 +5,6 @@ @@ -5,9 +5,6 @@
file: ../../secrets.yml
name: secrets
- include_vars:
dir: 'vars'
- name: install service file.
template:
src: files/rabbitmq.service
@ -19,6 +16,9 @@ @@ -19,6 +16,9 @@
- name: install service file
command: systemctl daemon-reload
- name: start service at boot.
command: systemctl reenable rabbitmq.service
- name: make sure service is started
systemd:
name: rabbitmq.service
@ -27,6 +27,7 @@ @@ -27,6 +27,7 @@
- name: wait for container to be started
wait_for:
port: 5672
delay: 5
- name: setup the cluster
command: "docker exec -i rabbitmq.service {{ item }}"
@ -36,11 +37,3 @@ @@ -36,11 +37,3 @@
- rabbitmqctl start_app
when: ansible_nodename != hostname_node0
- name: create openstack user
command: "docker exec -i rabbitmq.service {{ item }}"
with_items:
- rabbitmqctl add_user openstack "{{ secrets['RABBIT_PASSWORD'] }}"
- rabbitmqctl set_permissions openstack ".*" ".*" ".*"
when: ansible_nodename == hostname_node0
register: command_result
failed_when: "command_result.rc not in (0, 70)"

58
secrets.yml

@ -1,30 +1,30 @@ @@ -1,30 +1,30 @@
$ANSIBLE_VAULT;1.1;AES256
62633134346438356462333363626164393762356139653666323461333037393536373631653565
6631306631333538353534663738313062636232633339610a303161323131373739393735666463
65353135626430353737373239623361306137326334333761626235353463393465383830666666
6138616530346563310a306263316331346263356139383435316239346230313266636363313564
36633130393062373936363765636361343939313639326237633337353665666338633338343837
34613534333063303537323738396436333964613362636664366264313334663365336132623464
64656131373261376466356638636338643135393139386534626132323262393064626666323462
64323664373262356632393465653932303939313338656665336639613966626234636666373163
35633231666338643863623737396435626364333365656536613130666435323837323136663339
61363936336434656530313538643463663737613831646265313731363734356635356438353062
34323063346265393737343834343065616139656234666230323131366138396265393737666236
39353766643239323339623534393962666432656331323462656439306365613539366230643133
36316138303361313134336431343137343433383430616137376563383233303432383664333930
61613531313638303531643232343066376565663032326533313461363839383664366338356439
37363233666663653736376538386536653262653633323065363830623032363063393635653762
32636365656362323362303962306538336234626533323830656230386432666461343063663832
62373133343933353563653762333836333862376232353339313662363865616439623635393839
37346433346264633036343761613230396434366132653261643137386466326235613030306235
34333065623232303939623233373762393939653639333734336336303762326662386530356563
65303165623564303635356337353662363433626466653939323438633938386166386262623435
64376431396631623034386434393431616631363663393835343035313639663538643565616330
65353365303131326335646164333231306564383936396139643935646331393235326666336230
38326165663865343966356335326438303133663239656235313935626332323332376665343132
62336139643262333938303537313533623535333736643163373137343035393034613939663061
36323063643734343865333138356434643266663436653435353132386330636238343637653434
65616361333263336332643262623034343439383737366663373166643433653466313237613930
32373162646461323266353662326134343839613264313339306430366165633838663831666565
65333337623962313561306333616232393334353934316565666331336561633934623339353138
62656339386530333036383831613762353234643461656436623033613930353531
35643437313834633532373265366630663035336231306639623561613765386332663334343237
3339363162303463353437326331656532336138373066620a623137643762383532376361353364
37646236386466353636396535376463333133323664316634663466663164303063383830653039
3535666361303562630a316137376531636537383138663662373865383431343035646539356137
38323866643831353537366630363333663865383261633938346664633362343661343839383766
66363733356333303334323136376136353738376362376231353338343763663131363731343639
61383138626235633663666430383964616239363035663663646133636434363032626633663865
30663732646630393163653461626435333463396463333236313930346461626364626166386365
66323736316230376165666366363136666533376335316132343361393532616536383965363339
30376362356665633630393561653532613139366236663961643864383738353430666562623730
34663166393665653265663836623731386235633062306562373935633737363639383336303539
37663763623664623038316438356138363134646230643261646262353163333430616462393866
31666233636233356464633436626637313633623736343264613037353432386131393964386663
36353236613662633764366437306461316138366461653731373436613039346663663536653362
38656636303935626563303732666261373665303035333661643865393166653330646336393961
31646539396131626464313733383638656438613530663166393035343630353764313232323432
34386334666231323261343765623636313032373835396332623037613866613636393038653266
36336531356534633933383432646663663364376130386239613836336263623161326563346661
33636232313866613662353661373533383138393434396338343934326333326238336638396462
65376133343038313437343934373265333632663133653133656130636533663237623839623634
35363764363763363465363437623964363362616261663166633066373033633864336532633031
32323733616562663031303230383561373637326436336462363461313532623262653866323862
34643631333533626537373538353564306261313035303530666462326534633638363932363037
65336230373034643966656561303164373463353638316632613431643535303930373334383134
38323731363535313065326330653666323934636466386238616664316635303333653631396639
39303737613361653862343964303231393164346134633366633262326230643137303331373231
31323832363937663935333737613133323265323863623933633962633230386339636432643937
66653763376663666637353738646565343835333937343765356539383734316231623466343634
30663135663938393561333133663737653635393432333534306466366332333338

2
secrets.yml.topol

@ -9,3 +9,5 @@ OS_PASSWORD: # Keystone admin password @@ -9,3 +9,5 @@ OS_PASSWORD: # Keystone admin password
OS_DEMO_PASSWORD: # Keystone demo user password
RABBIT_PASSWORD:
RABBITMQ_ERLANG_COOKIE:
CINDER_PASSWORD:
HEAT_PASSWORD:

3
site.yml

@ -7,6 +7,9 @@ @@ -7,6 +7,9 @@
- include: glance-controller.yml
- include: nova-controller.yml
- include: neutron-controller.yml
- include: cinder-controller.yml
- include: cinder-storage.yml
- include: nova-compute.yml
- include: horizon.yml
- include: heat.yml
- include: post-install.yml

12
test_hosts

@ -1,5 +1,7 @@ @@ -1,5 +1,7 @@
[databases]
ansible-test
ansible-test-2
ansible-test-3
[keystone]
ansible-test-3
@ -15,14 +17,20 @@ ansible-test @@ -15,14 +17,20 @@ ansible-test
ansible-test-2
ansible-test-3
[cinder-storage]
ansible-test
[memcached]
ansible-test-3
[neutron-controller]
ansible-test provider_interface_name=ens10
ansible-test physical_interface_mappings=provider:ens10
[nova-controller]
ansible-test
[nova-compute]
ansible-test-2 provider_interface_name=ens10
ansible-test-2 physical_interface_mappings=provider:ens10
[heat]
ansible-test

Loading…
Cancel
Save