| --- |
| - name: Install Prerequisites |
| become: yes |
| apt: name={{ item }} state=latest force=true |
| with_items: |
| - git |
| - bridge-utils |
| - curl |
| - python-pycurl |
| - python-pip |
| - ethtool |
| - jq |
| |
| - name: Install Python Prerequisites |
| become: yes |
| pip: name={{ item }} state=latest |
| with_items: |
| - docker-py |
| |
| - name: Stop MAAS Switchq Container |
| become: yes |
| docker: |
| name: switchq |
| image: opencord/cord-maas-switchq:latest |
| state: absent |
| |
| - name: Stop MAAS Automation Container |
| become: yes |
| docker: |
| name: automation |
| image: opencord/cord-maas-automation:latest |
| state: absent |
| |
| - name: Stop Provisioner Container |
| become: yes |
| docker: |
| name: provisioner |
| image: opencord/cord-provisioner:latest |
| state: absent |
| |
| - name: Stop DHCP Harvester Container |
| become: yes |
| docker: |
| name: harvester |
| image: opencord/cord-dhcp-harvester:latest |
| state: absent |
| |
| - name: Stop IP Allocator Container |
| become: yes |
| docker: |
| name: allocator |
| image: opencord/cord-ip-allocator:latest |
| state: absent |
| |
| - name: MAAS Repository |
| become: yes |
| apt_repository: |
| repo: ppa:maas/stable |
| update_cache: yes |
| state: present |
| |
| - name: MAAS |
| become: yes |
| apt: |
| name: maas=1.9.3* |
| state: present |
| force: yes |
| update_cache: yes |
| allow_unauthenticated: yes |
| |
| - name: MAAS Configuration Directory |
| become: yes |
| file: |
| path: /etc/maas |
| owner: maas |
| group: maas |
| mode: 0755 |
| state: directory |
| |
| - name: MAAS Automation Storage |
| become: yes |
| file: |
| path: /etc/maas/automation/storage |
| owner: maas |
| group: maas |
| mode: 0777 |
| state: directory |
| |
| - name: Host Name Mapping File |
| become: yes |
| copy: |
| src: files/mappings.json |
| dest: /etc/maas/mappings.json |
| owner: maas |
| group: maas |
| mode: 0644 |
| |
| - name: Verify MAAS admin User |
| become: yes |
| shell: maas-region-admin apikey --username=admin 2>/dev/null | wc -l |
| register: maas_admin_user_exists |
| changed_when: false |
| |
| - name: MAAS admin User |
| become: yes |
| command: maas-region-admin createadmin --username=admin --password=admin --email={{ maas.admin_email }} |
| when: maas_admin_user_exists.stdout == '0' |
| |
| - name: Verify MAAS User |
| become: yes |
| shell: maas-region-admin apikey --username={{ maas.user }} 2>/dev/null | wc -l |
| register: maas_user_exists |
| changed_when: false |
| |
| - name: MAAS User |
| become: yes |
| command: maas-region-admin createadmin --username={{ maas.user }} --password={{ maas.user_password }} --email={{ maas.user_email }} |
| when: maas_user_exists.stdout == '0' |
| |
| - name: MAAS User API Key |
| become: yes |
| command: maas-region-admin apikey --username={{ maas.user }} |
| register: apikey |
| changed_when: false |
| |
| - name: Verify Default Virsh Network |
| shell: virsh net-list | grep default | wc -l |
| register: virsh_default_network_exists |
| changed_when: false |
| |
| - name: Default Virsh Network Absent |
| become: yes |
| command: virsh net-destroy default |
| when: virsh_default_network_exists.stdout != '0' |
| |
| - name: Network Configuration |
| become: yes |
| script: files/generate_network_config.sh {{ interfaces.management }} {{ networks.management }} {{ networks.bridge }} {{ networks.bridge_name }} |
| register: network_config_changed |
| changed_when: network_config_changed.stdout == 'true' |
| |
| - name: Network Masquerading (NAT) |
| become: yes |
| template: |
| src: templates/nat.j2 |
| dest: /etc/network/if-pre-up.d/nat |
| owner: root |
| group: root |
| mode: 0755 |
| |
| - name: Ensure Masquerading (NAT) |
| become: yes |
| command: /etc/network/if-pre-up.d/nat report-changed |
| register: masq_changed |
| changed_when: masq_changed.stdout == 'true' |
| |
| - name: VM Bridge |
| become: yes |
| template: |
| src: templates/create_bridge.j2 |
| dest: /etc/network/if-pre-up.d/create_bridge_{{ networks.bridge_name }} |
| owner: root |
| group: root |
| mode: 0755 |
| |
| - name: Activate VM Bridge |
| become: yes |
| command: /etc/network/if-pre-up.d/create_bridge_{{ networks.bridge_name }} report-changed |
| register: bridge_changed |
| changed_when: bridge_changed.stdout == 'true' |
| |
| - name: Management Interface |
| become: yes |
| shell: ifdown {{ interfaces.management }} && ifup {{ interfaces.management }} |
| when: network_config_changed.stdout == 'true' |
| |
| - name: Management Interface IP Address |
| shell: ifconfig {{ interfaces.management }} 2>&1 | grep "inet addr:" | sed -e 's/.*:\([.0-9]*\)[ ]*Bcast.*/\1/g' |
| register: mgmt_ip_address |
| changed_when: false |
| failed_when: mgmt_ip_address.rc != 0 or mgmt_ip_address.stdout == "" |
| |
| # Currently the onie image is being stored in **Dropbox** on a personal account, which is not really what we want to |
| # have in production, but it works for the time being. |
| - name: Switch Boot Resources |
| become: yes |
| get_url: |
| url={{ item.url }} |
| dest=/var/www/html/{{ item.dest }} |
| owner=root |
| group=root |
| mode=0644 |
| validate_certs=no |
| with_items: |
| - { url : "{{ accton_as6712_32x }}", dest : "onie-installer-x86_64-accton_as6712_32x-r0" } |
| - { url : "{{ accton_as5712_54x }}", dest : "onie-installer-x86_64-accton_as5712_54x-r0" } |
| tags: |
| - switch_support |
| |
| - name: Restart MAAS Services |
| become: yes |
| service: |
| name={{ item }} |
| state=restarted |
| with_items: |
| - maas-proxy |
| - maas-regiond |
| - maas-clusterd |
| - maas-dhcpd |
| - bind9 |
| tags: |
| - maas_restart |
| |
| - name: Wait for MAAS to Intialize (start) |
| pause: |
| seconds=30 |
| changed_when: false |
| tags: |
| - maas_restart |
| |
| - name: MAAS Accepting API Requests |
| action: get_url url=http://{{ mgmt_ip_address.stdout }}/MAAS/api/1.0/maas/ dest=/tmp |
| register: api_test |
| until: api_test.status_code is defined and api_test.status_code == 403 |
| retries: 5 |
| delay: 60 |
| failed_when: api_test.status_code is not defined or api_test.status_code != 403 |
| |
| - name: Configure MAAS |
| become: yes |
| command: docker run docker-registry:5000/cord-maas-bootstrap:{{ docker.image_version }} --apikey='{{apikey.stdout}}' --sshkey='{{maas.user_sshkey}}' --url='http://{{mgmt_ip_address.stdout}}/MAAS/api/1.0' --network='{{networks.management}}' --interface='{{interfaces.management}}' --zone='administrative' --cluster='Cluster master' --domain='{{maas.domain}}' --bridge='{{networks.bridge_name}}' --bridge-subnet='{{networks.bridge}}' |
| register: maas_config_result |
| changed_when: maas_config_result.stdout.find("CHANGED") != -1 |
| failed_when: "maas_config_result.rc != 0 or 'ERROR' in maas_config_result.stdout" |
| |
| - name: Custom MAAS Configuration Template |
| become: yes |
| copy: |
| src: files/{{ item.src }} |
| dest: "{{ item.dest }}" |
| owner: maas |
| group: maas |
| mode: 0644 |
| with_items: |
| - { src: 'dhcpd.blacklist', dest: '/etc/dhcp' } |
| - { src: 'dhcpd.reservations', dest: '/etc/dhcp' } |
| - { src: 'dhcp_harvest.inc', dest: '/etc/bind/maas' } |
| - { src: 'cnames.inc', dest: '/etc/bind/maas' } |
| - { src: 'named.conf.options.inside.maas', dest: '/etc/bind/maas' } |
| - { src: 'dhcpd.conf.template', dest: '/etc/maas/templates/dhcp' } |
| - { src: 'dhcp_harvest.inc', dest: '/etc/maas/templates/dns' } |
| - { src: 'zone.template', dest: '/tmp' } |
| |
| - name: Ensure RNDC Listens |
| become: yes |
| lineinfile: |
| dest: /etc/bind/maas/named.conf.rndc.maas |
| regexp: 'inet .* port 954' |
| line: ' inet 0.0.0.0 port 954' |
| state: present |
| |
| - name: Ensure ENDC Allows Trusted |
| become: yes |
| lineinfile: |
| dest: /etc/bind/maas/named.conf.rndc.maas |
| regexp: 'allow { .* } keys { "rndc-maas-key"; };' |
| line: ' allow { trusted; } keys { "rndc-maas-key"; };' |
| state: present |
| |
| - name: Custom DNS Zone Template |
| become: yes |
| script: files/update_dns_template.sh {{ networks.management }} {{ maas.domain }} |
| register: dns_template_changed |
| changed_when: dns_template_changed.stdout == 'true' |
| |
| - name: Ensure Nameserver |
| become: yes |
| lineinfile: |
| dest: /etc/resolvconf/resolv.conf.d/head |
| state: present |
| insertafter: EOF |
| line: "nameserver {{ mgmt_ip_address.stdout }}" |
| register: ns_nameserver |
| |
| - name: Ensure Domain Search |
| become: yes |
| lineinfile: |
| dest: /etc/resolvconf/resolv.conf.d/base |
| state: present |
| insertafter: EOF |
| line: 'search cord.lab' |
| register: ns_search |
| |
| - name: Ensure DNS Config |
| become: yes |
| command: resolvconf -u |
| when: ns_nameserver.changed or ns_search.changed |
| |
| - name: Restart MAAS Services |
| become: yes |
| service: |
| name={{ item }} |
| state=restarted |
| with_items: |
| - maas-proxy |
| - maas-regiond |
| - maas-clusterd |
| - maas-dhcpd |
| tags: |
| - maas_restart |
| |
| - name: Wait for MAAS to Intialize (start) |
| pause: |
| seconds=30 |
| changed_when: false |
| tags: |
| - maas_restart |
| |
| - name: Ensure DNS |
| become: yes |
| service: |
| name=bind9 |
| state=restarted |
| when: ns_nameserver.changed or ns_search.changed |
| |
| - name: Ensure VirtualBox Power Management |
| include: virtualbox.yml |
| when: virtualbox_support is defined |
| |
| - name: Ensure MAAS Ansible Config Directory |
| become: yes |
| file: |
| path=/etc/maas/ansible |
| owner=maas |
| group=maas |
| state=directory |
| |
| - name: Ensure SSH keys for Ansible |
| become: yes |
| command: cp {{ ansible_env['PWD'] }}/.ssh/id_rsa /etc/maas/ansible/id_rsa |
| |
| - name: Ensure SSH Key Permissions |
| become: yes |
| file: |
| path: /etc/maas/ansible/id_rsa |
| owner: root |
| group: root |
| mode: 0400 |
| |
| - name: Initialize Interface Configuration Fact |
| set_fact: |
| interface_config: 0 |
| |
| - name: Set Interface Configuration Fact |
| set_fact: |
| interface_config: 1 |
| tags: |
| - interface_config |
| |
| - name: Default VirtualBox Host |
| become: no |
| set_fact: |
| virtualbox_host: "{{ virtualbox.power_helper_host }}" |
| when: virtualbox_support is defined |
| changed_when: false |
| |
| - name: Override VirtualBox Host |
| become: no |
| set_fact: |
| virtualbox_host: "{{ discovered_vbox_host.stdout }}" |
| when: virtualbox_support is defined and virtualbox_host == '' |
| changed_when: false |
| |
| - name: Custom Automation Compose Configurations |
| become: yes |
| template: |
| src: templates/{{ item }}.j2 |
| dest: /etc/maas/{{ item }} |
| owner: maas |
| group: maas |
| mode: 0644 |
| with_items: |
| - automation-compose.yml |
| - harvest-compose.yml |
| |
| - name: Automation |
| become: yes |
| command: docker-compose -f /etc/maas/{{ item }} up -d |
| with_items: |
| - automation-compose.yml |
| - harvest-compose.yml |