[CORD-1760]
Eliminate deprecated versions of OpenStack ansible modules
[CORD-1654]
Quote OpenStack passwords so all-numeric ones aren't interpreted as
integers by YAML parser
Change-Id: I729b146b7664d967ae79dbc814720559c39c2195
diff --git a/xos/synchronizer/steps/delete_slivers.yaml b/xos/synchronizer/steps/delete_slivers.yaml
deleted file mode 100644
index 69ee90a..0000000
--- a/xos/synchronizer/steps/delete_slivers.yaml
+++ /dev/null
@@ -1,24 +0,0 @@
-
-# Copyright 2017-present Open Networking Foundation
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-
----
-- hosts: 127.0.0.1
- connection: local
- tasks:
-
- - nova_compute:
- state: absent
- name: {{ name }}
diff --git a/xos/synchronizer/steps/sliver.yaml b/xos/synchronizer/steps/sliver.yaml
deleted file mode 100644
index a91c7a1..0000000
--- a/xos/synchronizer/steps/sliver.yaml
+++ /dev/null
@@ -1,33 +0,0 @@
-
-# Copyright 2017-present Open Networking Foundation
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-
----
-- hosts: 127.0.0.1
- connection: local
- tasks:
- - nova_compute:
- state: present
- auth_url: http://172.31.38.128:5000/v2.0/
- login_username: admin
- login_password: 6a789bf69dd647e2
- login_tenant_name: admin
- name: gloopy
- image_id: 3ee851df-b35a-41c5-8551-f681e7209095
- key_name: boo
- wait_for: 200
- flavor_id: 3
- nics:
- - net-id: d1de537b-80dc-4c1b-aa5f-4a197b33b5f6
diff --git a/xos/synchronizer/steps/sync_controller_images.py b/xos/synchronizer/steps/sync_controller_images.py
index bebc85b..6837d7a 100644
--- a/xos/synchronizer/steps/sync_controller_images.py
+++ b/xos/synchronizer/steps/sync_controller_images.py
@@ -38,6 +38,7 @@
'endpoint_v3': controller_image.controller.auth_url_v3,
'admin_user':controller_image.controller.admin_user,
'admin_password':controller_image.controller.admin_password,
+ 'admin_project': 'admin',
'domain': controller_image.controller.domain,
'name':controller_image.image.name,
'filepath':controller_image.image.path,
diff --git a/xos/synchronizer/steps/sync_controller_images.yaml b/xos/synchronizer/steps/sync_controller_images.yaml
index e55cec4..149eb81 100644
--- a/xos/synchronizer/steps/sync_controller_images.yaml
+++ b/xos/synchronizer/steps/sync_controller_images.yaml
@@ -18,12 +18,15 @@
- hosts: 127.0.0.1
connection: local
tasks:
- - glance_image:
- auth_url={{ endpoint }}
- login_username="{{ admin_user }}"
- login_tenant_name="admin"
- login_password="{{ admin_password }}"
- name="{{ name }}"
- file="{{ filepath }}"
- disk_format='raw'
- is_public=true
+
+ - os_image:
+ name: "{{ name }}"
+ filename: "{{ filepath }}"
+ disk_format: "raw"
+ is_public: yes
+ auth:
+ auth_url: "{{ endpoint }}"
+ username: "{{ admin_user }}"
+ password: "{{ admin_password }}"
+ project_name: "{{ admin_project }}"
+
diff --git a/xos/synchronizer/steps/sync_controller_networks.yaml b/xos/synchronizer/steps/sync_controller_networks.yaml
index d3613d1..33622b0 100644
--- a/xos/synchronizer/steps/sync_controller_networks.yaml
+++ b/xos/synchronizer/steps/sync_controller_networks.yaml
@@ -19,56 +19,45 @@
connection: local
tasks:
- os_network:
- name: {{ name }}
- shared: true
- {% if not delete -%}
- state: present
- {% else -%}
- state: absent
- {% endif -%}
- auth:
- auth_url: {{ endpoint }}
- username: {{ admin_user }}
- password: {{ admin_password }}
- project_name: {{ admin_project }}
+ auth:
+ auth_url: "{{ endpoint }}"
+ username: "{{ admin_user }}"
+ password: "{{ admin_password }}"
+ project_name: "{{ admin_project }}"
+ name: "{{ name }}"
+ shared: true
+ {% if not delete -%}
+ state: present
+ {% else -%}
+ state: absent
+ {% endif -%}
{% if not delete %}
- os_subnet:
- name: {{ subnet_name }}
- network_name: {{ name }}
+ auth:
+ auth_url: "{{ endpoint }}"
+ username: "{{ admin_user }}"
+ password: "{{ admin_password }}"
+ project_name: "{{ admin_project }}"
+ name: "{{ subnet_name }}"
+ network_name: "{{ name }}"
{% if not delete -%}
state: present
- cidr: {{ cidr }}
- dns_nameservers: 8.8.8.8
+ cidr: "{{ cidr }}"
+ dns_nameservers: "8.8.8.8"
{% if use_vtn -%}
- gateway_ip: {{ gateway }}
+ gateway_ip: "{{ gateway }}"
+ {% else -%}
+ no_gateway_ip: yes
{% endif -%}
{% if start_ip -%}
- allocation_pool_start: {{ start_ip }}
+ allocation_pool_start: "{{ start_ip }}"
{% endif -%}
{% if end_ip -%}
- allocation_pool_end: {{ end_ip }}
+ allocation_pool_end: "{{ end_ip }}"
{% endif -%}
{% else -%}
state: absent
{% endif -%}
- auth:
- auth_url: {{ endpoint }}
- username: {{ admin_user }}
- password: {{ admin_password }}
- project_name: {{ admin_project }}
-
-{% if not use_vtn -%}
-# until we get 'no-gateway-ip' arg to os_subnet, in Ansible 2.2
-# https://github.com/ansible/ansible-modules-core/pull/3736
- - command:
- neutron \
- --os-auth-url {{ endpoint }} \
- --os-username {{ admin_user }} \
- --os-password {{ admin_password }} \
- --os-tenant-name {{ admin_project }} \
- subnet-update --no-gateway {{ subnet_name }}
-{% endif -%}
-
{% endif %}
diff --git a/xos/synchronizer/steps/sync_controller_sites.py b/xos/synchronizer/steps/sync_controller_sites.py
index ac7a075..c0adc42 100644
--- a/xos/synchronizer/steps/sync_controller_sites.py
+++ b/xos/synchronizer/steps/sync_controller_sites.py
@@ -39,21 +39,22 @@
def map_sync_inputs(self, controller_site):
tenant_fields = {'endpoint':controller_site.controller.auth_url,
- 'endpoint_v3': controller_site.controller.auth_url_v3,
- 'domain': controller_site.controller.domain,
- 'admin_user': controller_site.controller.admin_user,
- 'admin_password': controller_site.controller.admin_password,
- 'admin_tenant': controller_site.controller.admin_tenant,
- 'ansible_tag': '%s@%s'%(controller_site.site.login_base,controller_site.controller.name), # name of ansible playbook
- 'tenant': controller_site.site.login_base,
- 'tenant_description': controller_site.site.name}
+ 'endpoint_v3': controller_site.controller.auth_url_v3,
+ 'domain': controller_site.controller.domain,
+ 'admin_user': controller_site.controller.admin_user,
+ 'admin_password': controller_site.controller.admin_password,
+ 'admin_tenant': controller_site.controller.admin_tenant,
+ 'admin_project': 'admin',
+ 'ansible_tag': '%s@%s'%(controller_site.site.login_base,controller_site.controller.name), # name of ansible playbook
+ 'project': controller_site.site.login_base,
+ 'project_description': controller_site.site.name}
return tenant_fields
def map_sync_outputs(self, controller_site, res):
controller_site.tenant_id = res[0]['id']
controller_site.backend_status = '1 - OK'
controller_site.save()
-
+
def delete_record(self, controller_site):
controller_register = json.loads(controller_site.controller.backend_register)
if (controller_register.get('disabled',False)):
diff --git a/xos/synchronizer/steps/sync_controller_sites.yaml b/xos/synchronizer/steps/sync_controller_sites.yaml
index 052510e..46ff581 100644
--- a/xos/synchronizer/steps/sync_controller_sites.yaml
+++ b/xos/synchronizer/steps/sync_controller_sites.yaml
@@ -18,4 +18,14 @@
- hosts: 127.0.0.1
connection: local
tasks:
- - keystone_user: endpoint={{ endpoint }} login_user={{ admin_user }} login_password={{ admin_password }} login_tenant_name={{ admin_tenant }} tenant={{ tenant }} tenant_description="{{ tenant_description }}"
+
+ - name: Create XOS site (OpenStack project)
+ os_project:
+ auth:
+ auth_url: "{{ endpoint }}"
+ username: "{{ admin_user }}"
+ password: "{{ admin_password }}"
+ project_name: "{{ admin_project }}"
+ name: "{{ project }}"
+ description: "{{ project_description }}"
+
diff --git a/xos/synchronizer/steps/sync_controller_slices.py b/xos/synchronizer/steps/sync_controller_slices.py
index a21080a..03c2361 100644
--- a/xos/synchronizer/steps/sync_controller_slices.py
+++ b/xos/synchronizer/steps/sync_controller_slices.py
@@ -50,11 +50,11 @@
'domain': controller_slice.controller.domain,
'admin_user': controller_slice.controller.admin_user,
'admin_password': controller_slice.controller.admin_password,
- 'admin_tenant': 'admin',
- 'tenant': controller_slice.slice.name,
- 'tenant_description': controller_slice.slice.description,
+ 'admin_project': 'admin',
+ 'project': controller_slice.slice.name,
+ 'project_description': controller_slice.slice.description,
'roles':roles,
- 'name':controller_user.user.email,
+ 'username':controller_user.user.email,
'ansible_tag':'%s@%s'%(controller_slice.slice.name,controller_slice.controller.name),
'max_instances':max_instances}
diff --git a/xos/synchronizer/steps/sync_controller_slices.yaml b/xos/synchronizer/steps/sync_controller_slices.yaml
index e198a6d..3552861 100644
--- a/xos/synchronizer/steps/sync_controller_slices.yaml
+++ b/xos/synchronizer/steps/sync_controller_slices.yaml
@@ -18,11 +18,41 @@
- hosts: 127.0.0.1
connection: local
tasks:
- {% if delete -%}
- - keystone_user: endpoint={{ endpoint }} login_user={{ admin_user }} login_password={{ admin_password }} login_tenant_name={{ admin_tenant }} tenant={{ tenant }} tenant_description="{{ tenant_description }}" state=absent
- {% else -%}
- - keystone_user: endpoint={{ endpoint }} login_user={{ admin_user }} login_password={{ admin_password }} login_tenant_name={{ admin_tenant }} tenant={{ tenant }} tenant_description="{{ tenant_description }}"
- {% for role in roles %}
- - keystone_user: endpoint={{ endpoint }} login_user={{ admin_user }} login_password={{ admin_password }} login_tenant_name={{ admin_tenant }} user="{{ name }}" role={{ role }} tenant={{ tenant }}
- {% endfor %}
- {% endif %}
+
+ - name: Create XOS slice (OpenStack project)
+ os_project:
+ auth:
+ auth_url: "{{ endpoint }}"
+ username: "{{ admin_user }}"
+ password: "{{ admin_password }}"
+ project_name: "{{ admin_project }}"
+ name: "{{ project }}"
+{% if delete %}
+ state: absent
+{% else %}
+ description: "{{ project_description }}"
+
+{% for role in roles %}
+ - name: Create role "{{ role }}"
+ os_keystone_role:
+ auth:
+ auth_url: "{{ endpoint }}"
+ username: "{{ admin_user }}"
+ password: "{{ admin_password }}"
+ project_name: "{{ admin_project }}"
+ name: "{{ role }}"
+
+ - name: Create users with roles in slice
+ os_user_role:
+ auth:
+ auth_url: "{{ endpoint }}"
+ username: "{{ admin_user }}"
+ password: "{{ admin_password }}"
+ project_name: "{{ admin_project }}"
+ user: "{{ username }}"
+ role: "{{ role }}"
+ project: "{{ project }}"
+
+{% endfor %}
+{% endif %}
+
diff --git a/xos/synchronizer/steps/sync_controller_users.yaml b/xos/synchronizer/steps/sync_controller_users.yaml
index d80f6b9..6ee36e1 100644
--- a/xos/synchronizer/steps/sync_controller_users.yaml
+++ b/xos/synchronizer/steps/sync_controller_users.yaml
@@ -21,46 +21,44 @@
- name: Create user account for "{{ name }}"
os_user:
+ auth:
+ auth_url: "{{ endpoint }}"
+ username: "{{ admin_user }}"
+ password: "{{ admin_password }}"
+ project_name: "{{ admin_project }}"
name: "{{ name }}"
email: "{{ email }}"
password: "{{ password }}"
- auth:
- auth_url: {{ endpoint }}
- username: {{ admin_user }}
- password: {{ admin_password }}
- project_name: {{ admin_project }}
- name: Create project for "{{ project }}"
os_project:
- name: "{{ project }}"
auth:
- auth_url: {{ endpoint }}
- username: {{ admin_user }}
- password: {{ admin_password }}
- project_name: {{ admin_project }}
+ auth_url: "{{ endpoint }}"
+ username: "{{ admin_user }}"
+ password: "{{ admin_password }}"
+ project_name: "{{ admin_project }}"
+ name: "{{ project }}"
{% for role in roles %}
- - name: Creating role "{{ role }}" for "{{ name }}" on "{{ project }}"
- keystone_user:
+ - name: Create role "{{ role }}"
+ os_keystone_role:
+ auth:
+ auth_url: "{{ endpoint }}"
+ username: "{{ admin_user }}"
+ password: "{{ admin_password }}"
+ project_name: "{{ admin_project }}"
+ name: "{{ role }}"
+
+ - name: Add role "{{ role }}" to user "{{ name }}" on project "{{ project }}"
+ os_user_role:
+ auth:
+ auth_url: "{{ endpoint }}"
+ username: "{{ admin_user }}"
+ password: "{{ admin_password }}"
+ project_name: "{{ admin_project }}"
user: "{{ name }}"
role: "{{ role }}"
- tenant: "{{ project }}"
- endpoint: {{ endpoint }}
- login_user: {{ admin_user }}
- login_password: {{ admin_password }}
- login_tenant_name: {{ admin_project }}
+ project: "{{ project }}"
+
{% endfor %}
-# FIXME: the below should work in Ansible 2.1, once we get the Admin/admin and
-# Member/user role name issues straightened out.
-#
-# - name: Creating role "{{ role }}" for "{{ name }}" on "{{ project }}"
-# os_user_role:
-# user: "{{ name }}"
-# role: "{{ role }}"
-# project: "{{ project }}"
-# auth:
-# auth_url: {{ endpoint }}
-# username: {{ admin_user }}
-# password: {{ admin_password }}
-# project_name: {{ admin_project }}
diff --git a/xos/synchronizer/steps/sync_instances.yaml b/xos/synchronizer/steps/sync_instances.yaml
index e3bb4ba..be8b81e 100644
--- a/xos/synchronizer/steps/sync_instances.yaml
+++ b/xos/synchronizer/steps/sync_instances.yaml
@@ -19,19 +19,19 @@
connection: local
tasks:
- os_server:
- name: {{ name }}
+ name: "{{ name }}"
auth:
- auth_url: {{ endpoint }}
- username: {{ admin_user }}
- password: {{ admin_password }}
- project_name: {{ project_name }}
+ auth_url: "{{ endpoint }}"
+ username: "{{ admin_user }}"
+ password: "{{ admin_password }}"
+ project_name: "{{ project_name }}"
{% if delete -%}
state: absent
{% else -%}
state: present
availability_zone: "{{ availability_zone }}"
- image: {{ image_name }}
- flavor: {{ flavor_name }}
+ image: "{{ image_name }}"
+ flavor: "{{ flavor_name }}"
timeout: 200
userdata: "{{ user_data }}"
config_drive: yes