Gitiles
Code Review Sign In
gerrit.opencord.org / maas / f3071010f9e5c9b48a3c0b2cbca57db12f9c681a / . / roles / maas / tasks / main.yml
blob: c5c4642913b7b6c1a2b6b7ecf45d2952f70083b8 [file] [log] [blame]
---
- name: Install Prerequisites
become: yes
apt: name={{ item }} state=latest force=true
with_items:
- git
- bridge-utils
- curl
- python-pycurl
- python-pip
- ethtool
- jq
- name: Install Python Prerequisites
become: yes
pip: name={{ item }} state=latest
with_items:
- docker-py
- name: Stop MAAS Switchq Container
become: yes
docker:
name: switchq
image: opencord/cord-maas-switchq:latest
state: absent
- name: Stop MAAS Automation Container
become: yes
docker:
name: automation
image: opencord/cord-maas-automation:latest
state: absent
- name: Stop Provisioner Container
become: yes
docker:
name: provisioner
image: opencord/cord-provisioner:latest
state: absent
- name: Stop DHCP Harvester Container
become: yes
docker:
name: harvester
image: opencord/cord-dhcp-harvester:latest
state: absent
- name: Stop IP Allocator Container
become: yes
docker:
name: allocator
image: opencord/cord-ip-allocator:latest
state: absent
- name: MAAS Repository
become: yes
apt_repository:
repo: ppa:maas/stable
update_cache: yes
state: present
- name: MAAS
become: yes
apt:
name: maas=1.9.3*
state: present
force: yes
update_cache: yes
allow_unauthenticated: yes
- name: MAAS Configuration Directory
become: yes
file:
path: /etc/maas
owner: maas
group: maas
mode: 0755
state: directory
- name: MAAS Automation Storage
become: yes
file:
path: /etc/maas/automation/storage
owner: maas
group: maas
mode: 0777
state: directory
- name: Host Name Mapping File
become: yes
copy:
src: files/mappings.json
dest: /etc/maas/mappings.json
owner: maas
group: maas
mode: 0644
- name: Verify MAAS admin User
become: yes
shell: maas-region-admin apikey --username=admin 2>/dev/null | wc -l
register: maas_admin_user_exists
changed_when: false
- name: MAAS admin User
become: yes
command: maas-region-admin createadmin --username=admin --password=admin --email={{ maas.admin_email }}
when: maas_admin_user_exists.stdout == '0'
- name: Verify MAAS User
become: yes
shell: maas-region-admin apikey --username={{ maas.user }} 2>/dev/null | wc -l
register: maas_user_exists
changed_when: false
- name: MAAS User
become: yes
command: maas-region-admin createadmin --username={{ maas.user }} --password={{ maas.user_password }} --email={{ maas.user_email }}
when: maas_user_exists.stdout == '0'
- name: MAAS User API Key
become: yes
command: maas-region-admin apikey --username={{ maas.user }}
register: apikey
changed_when: false
- name: Verify Default Virsh Network
shell: virsh net-list | grep default | wc -l
register: virsh_default_network_exists
changed_when: false
- name: Default Virsh Network Absent
become: yes
command: virsh net-destroy default
when: virsh_default_network_exists.stdout != '0'
- name: Network Configuration
become: yes
script: files/generate_network_config.sh {{ interfaces.management }} {{ networks.management }} {{ networks.bridge }} {{ networks.bridge_name }}
register: network_config_changed
changed_when: network_config_changed.stdout == 'true'
- name: Network Masquerading (NAT)
become: yes
template:
src: templates/nat.j2
dest: /etc/network/if-pre-up.d/nat
owner: root
group: root
mode: 0755
- name: Ensure Masquerading (NAT)
become: yes
command: /etc/network/if-pre-up.d/nat report-changed
register: masq_changed
changed_when: masq_changed.stdout == 'true'
- name: VM Bridge
become: yes
template:
src: templates/create_bridge.j2
dest: /etc/network/if-pre-up.d/create_bridge_{{ networks.bridge_name }}
owner: root
group: root
mode: 0755
- name: Activate VM Bridge
become: yes
command: /etc/network/if-pre-up.d/create_bridge_{{ networks.bridge_name }} report-changed
register: bridge_changed
changed_when: bridge_changed.stdout == 'true'
- name: Management Interface
become: yes
shell: ifdown {{ interfaces.management }} && ifup {{ interfaces.management }}
when: network_config_changed.stdout == 'true'
- name: Management Interface IP Address
shell: ifconfig {{ interfaces.management }} 2>&1 | grep "inet addr:" | sed -e 's/.*:\([.0-9]*\)[ ]*Bcast.*/\1/g'
register: mgmt_ip_address
changed_when: false
failed_when: mgmt_ip_address.rc != 0 or mgmt_ip_address.stdout == ""
# Currently the onie image is being stored in **Dropbox** on a personal account, which is not really what we want to
# have in production, but it works for the time being.
- name: Switch Boot Resources
become: yes
get_url:
url={{ item.url }}
dest=/var/www/html/{{ item.dest }}
owner=root
group=root
mode=0644
validate_certs=no
with_items:
- { url : "{{ accton_as6712_32x }}", dest : "onie-installer-x86_64-accton_as6712_32x-r0" }
- { url : "{{ accton_as5712_54x }}", dest : "onie-installer-x86_64-accton_as5712_54x-r0" }
tags:
- switch_support
- name: Restart MAAS Services
become: yes
service:
name={{ item }}
state=restarted
with_items:
- maas-proxy
- maas-regiond
- maas-clusterd
- maas-dhcpd
- bind9
tags:
- maas_restart
- name: Wait for MAAS to Intialize (start)
pause:
seconds=30
changed_when: false
tags:
- maas_restart
- name: MAAS Accepting API Requests
action: get_url url=http://{{ mgmt_ip_address.stdout }}/MAAS/api/1.0/maas/ dest=/tmp
register: api_test
until: api_test.status_code is defined and api_test.status_code == 403
retries: 5
delay: 60
failed_when: api_test.status_code is not defined or api_test.status_code != 403
- name: Configure MAAS
become: yes
command: docker run docker-registry:5000/cord-maas-bootstrap:{{ docker.image_version }} --apikey='{{apikey.stdout}}' --sshkey='{{maas.user_sshkey}}' --url='http://{{mgmt_ip_address.stdout}}/MAAS/api/1.0' --network='{{networks.management}}' --interface='{{interfaces.management}}' --zone='administrative' --cluster='Cluster master' --domain='{{maas.domain}}' --bridge='{{networks.bridge_name}}' --bridge-subnet='{{networks.bridge}}'
register: maas_config_result
changed_when: maas_config_result.stdout.find("CHANGED") != -1
failed_when: "maas_config_result.rc != 0 or 'ERROR' in maas_config_result.stdout"
- name: Custom MAAS Configuration Template
become: yes
copy:
src: files/{{ item.src }}
dest: "{{ item.dest }}"
owner: maas
group: maas
mode: 0644
with_items:
- { src: 'dhcpd.blacklist', dest: '/etc/dhcp' }
- { src: 'dhcpd.reservations', dest: '/etc/dhcp' }
- { src: 'dhcp_harvest.inc', dest: '/etc/bind/maas' }
- { src: 'cnames.inc', dest: '/etc/bind/maas' }
- { src: 'named.conf.options.inside.maas', dest: '/etc/bind/maas' }
- { src: 'dhcpd.conf.template', dest: '/etc/maas/templates/dhcp' }
- { src: 'dhcp_harvest.inc', dest: '/etc/maas/templates/dns' }
- { src: 'zone.template', dest: '/tmp' }
- name: Ensure RNDC Listens
become: yes
lineinfile:
dest: /etc/bind/maas/named.conf.rndc.maas
regexp: 'inet .* port 954'
line: ' inet 0.0.0.0 port 954'
state: present
- name: Ensure ENDC Allows Trusted
become: yes
lineinfile:
dest: /etc/bind/maas/named.conf.rndc.maas
regexp: 'allow { .* } keys { "rndc-maas-key"; };'
line: ' allow { trusted; } keys { "rndc-maas-key"; };'
state: present
- name: Custom DNS Zone Template
become: yes
script: files/update_dns_template.sh {{ networks.management }} {{ maas.domain }}
register: dns_template_changed
changed_when: dns_template_changed.stdout == 'true'
- name: Ensure Nameserver
become: yes
lineinfile:
dest: /etc/resolvconf/resolv.conf.d/head
state: present
insertafter: EOF
line: "nameserver {{ mgmt_ip_address.stdout }}"
register: ns_nameserver
- name: Ensure Domain Search
become: yes
lineinfile:
dest: /etc/resolvconf/resolv.conf.d/base
state: present
insertafter: EOF
line: 'search cord.lab'
register: ns_search
- name: Ensure DNS Config
become: yes
command: resolvconf -u
when: ns_nameserver.changed or ns_search.changed
- name: Restart MAAS Services
become: yes
service:
name={{ item }}
state=restarted
with_items:
- maas-proxy
- maas-regiond
- maas-clusterd
- maas-dhcpd
tags:
- maas_restart
- name: Wait for MAAS to Intialize (start)
pause:
seconds=30
changed_when: false
tags:
- maas_restart
- name: Ensure DNS
become: yes
service:
name=bind9
state=restarted
when: ns_nameserver.changed or ns_search.changed
- name: MAAS Accepting API Requests
action: get_url url=http://{{ mgmt_ip_address.stdout }}/MAAS/api/1.0/maas/ dest=/tmp
register: api_test2
until: api_test2.status_code is defined and api_test2.status_code == 403
retries: 5
delay: 60
failed_when: api_test2.status_code is not defined or api_test2.status_code != 403
- name: Ensure Boot Resource Import Started
become: yes
shell: maas login cord http://localhost/MAAS/api/1.0/ "{{apikey.stdout}}" && maas cord boot-resources import && maas logout cord
- name: Ensure VirtualBox Power Management
include: virtualbox.yml
when: virtualbox_support is defined
- name: Ensure MAAS Ansible Config Directory
become: yes
file:
path=/etc/maas/ansible
owner=maas
group=maas
state=directory
- name: Ensure SSH keys for Ansible
become: yes
command: cp {{ ansible_env['PWD'] }}/.ssh/id_rsa /etc/maas/ansible/id_rsa
- name: Ensure SSH Key Permissions
become: yes
file:
path: /etc/maas/ansible/id_rsa
owner: root
group: root
mode: 0400
- name: Initialize Interface Configuration Fact
set_fact:
interface_config: 0
- name: Set Interface Configuration Fact
set_fact:
interface_config: 1
tags:
- interface_config
- name: Default VirtualBox Host
become: no
set_fact:
virtualbox_host: "{{ virtualbox.power_helper_host }}"
when: virtualbox_support is defined
changed_when: false
- name: Override VirtualBox Host
become: no
set_fact:
virtualbox_host: "{{ discovered_vbox_host.stdout }}"
when: virtualbox_support is defined and virtualbox_host == ''
changed_when: false
- name: Custom Automation Compose Configurations
become: yes
template:
src: templates/{{ item }}.j2
dest: /etc/maas/{{ item }}
owner: maas
group: maas
mode: 0644
with_items:
- automation-compose.yml
- harvest-compose.yml
- name: Automation
become: yes
command: docker-compose -f /etc/maas/{{ item }} up -d
with_items:
- automation-compose.yml
- harvest-compose.yml
- name: Wait For Image Download
shell: maas login cord http://localhost/MAAS/api/1.0/ "{{apikey.stdout}}" > /dev/null 2>&1 && maas cord boot-resources read | jq 'map(select(.type != "Synced"))' && maas logout cord > /dev/null 2>&1
register: images_synced
until: images_synced.stdout == "[]"
retries: 5
delay: 60
failed_when: images_synced.stdout != "[]"