blob: b29cbdf3cbdedf668540c3604c00c53f7cb3bcb2 [file] [log] [blame]
---
# roles/juju-setup/main/tasks.yml
- name: Initialize Juju
command: juju generate-config
creates={{ ansible_user_dir }}/.juju/environments.yaml
- name: Create Juju config file from template
template:
src=environments.yaml.j2
dest={{ ansible_user_dir }}/.juju/environments.yaml
- name: Bootstrap Juju
command: juju bootstrap
creates={{ ansible_user_dir }}/.juju/environments/manual.jenv
- name: Copy over juju-config.yml for configuring Juju services
become: yes
template:
src={{ juju_config_name }}_juju_config.yml.j2
dest={{ juju_config_path }}
# Code for this is in library/juju_facts.py
- name: Obtain Juju Facts for creating machines
juju_facts:
- name: Pause to let Juju settle before adding machines
pause:
prompt="Waiting for Juju..."
seconds=20
# For setwise operations on desired vs Juju state:
# list of active juju_machines names: juju_machines.keys()
# list of active juju_services names: juju_services.keys()
- name: Add machines to Juju
when: "{{ head_lxd_list | map(attribute='service') | list | reject('undefined') | map('format_string', '%s.'~site_suffix ) | difference( juju_machines.keys() ) | length }}"
command: "juju add-machine ssh:{{ item }}"
with_items: "{{ head_lxd_list | map(attribute='service') | list | reject('undefined') | map('format_string', '%s.'~site_suffix ) | difference( juju_machines.keys() ) }}"
# run this again, so machines will be in the juju_machines list
- name: Obtain Juju Facts after machine creation
juju_facts:
- name: Deploy services that are hosted in their own VM
when: "{{ lxd_service_list | difference( juju_services.keys() ) | length }}"
command: "juju deploy {{ charm_versions[item] | default(item) }} --to {{ juju_machines[item~'.'~site_suffix]['machine_id'] }} --config={{ juju_config_path }}"
with_items: "{{ lxd_service_list | difference( juju_services.keys() ) }}"
- name: Deploy services that don't have their own VM
when: "{{ standalone_service_list | difference( juju_services.keys() ) | length }}"
command: "juju deploy {{ charm_versions[item] | default(item) }} --config={{ juju_config_path }}"
with_items: "{{ standalone_service_list | difference( juju_services.keys() ) }}"
- name: Create relations between services
command: "juju add-relation '{{ item.0.name }}' '{{ item.1 }}'"
register: juju_relation
failed_when: "juju_relation|failed and 'relation already exists' not in juju_relation.stderr"
with_subelements:
- "{{ service_relations }}"
- relations
tags:
- skip_ansible_lint # benign to do this more than once, hard to check for
# run another time, so services will be in juju_services list
- name: Obtain Juju Facts after service creation
juju_facts:
# 1800s = 30m. Usually takes 10-12m on cloudlab for relations to come up
# Only checks for first port in list
- name: Wait for juju services to have open ports
wait_for:
host={{ item.name }}
port={{ item.forwarded_ports[0].int }}
timeout=1800
with_items: "{{ head_lxd_list | selectattr('forwarded_ports', 'defined') | list }}"
# secondary wait, as waiting on ports isn't enough. Probably only need one of these...
# 160*15s = 2400s = 40m max wait
- name: Wait for juju services to start
command: juju status --format=summary
register: juju_summary
until: juju_summary.stdout.find("pending:") == -1
retries: 160
delay: 15
tags:
- skip_ansible_lint # checking/waiting on a system to be up
- name: Create admin-openrc.sh credentials file
template:
src=admin-openrc.sh.j2
dest={{ ansible_user_dir }}/admin-openrc.sh
- name: Copy nova-cloud-controller CA certificate to head
command: juju scp {{ juju_services['nova-cloud-controller']['units'].keys()[0] }}:/usr/local/share/ca-certificates/keystone_juju_ca_cert.crt {{ ansible_user_dir }}
register: result
until: result | success
retries: 40
delay: 15
tags:
- skip_ansible_lint # checking/waiting on file availibilty
- name: Copy cert to system location
become: yes
copy:
src: "{{ ansible_user_dir }}/keystone_juju_ca_cert.crt"
dest: "/usr/local/share/ca-certificates/keystone_juju_ca_cert.crt"
remote_src: true
notify:
- update-ca-certificates
- Move cert to all service VMs
- update-ca-certificates in service VMs