more dns-ification work
diff --git a/aztest-playbook.yml b/aztest-playbook.yml
index 347e8ec..e3d9428 100644
--- a/aztest-playbook.yml
+++ b/aztest-playbook.yml
@@ -1,47 +1,49 @@
---
# aztest playbook, for installing an OpenCloud site
-- hosts: all
+- name: Include Configuration
+ hosts: all
tasks:
- include_vars: vars/opencloud_defaults.yml
- include_vars: vars/aztest.yml
+ - include_vars: vars/aztest_keystone.yml
-# common setup
-- hosts: all
+- name: Prep systems, and enable virtualization
+ hosts: all
become: yes
roles:
- common-prep
- dell-virt
-# Install DNS servers on the head node
-- hosts: head
+- name: DNS Server Setup
+ hosts: head
become: yes
roles:
- dns-nsd
- dns-unbound
-# Configure DNS serves on all
-
-- hosts: all
+- name: Configure all hosts to use DNS server
+ hosts: all
become: yes
roles:
- dns-configure
-# prepare the head node, install juju
-- hosts: head
+- name: Configure head node, create VM's, and start Juju setup
+ hosts: head
roles:
- { role: head-prep, become: yes }
+ - { role: config-virt, become: yes }
- juju-user-prep
- juju-setup
-# prepare the compute nodes
-- hosts: compute
+- name: Configure compute nodes
+ hosts: compute
become: yes
roles:
- compute-prep
-# configure openstack on head node, including compute nodes
-- hosts: head
+- name: Configure Openstack using Juju
+ hosts: head
roles:
- juju-openstack-config
diff --git a/roles/common-prep/handlers/main.yml b/roles/common-prep/handlers/main.yml
index 79f43d9..537ccb3 100644
--- a/roles/common-prep/handlers/main.yml
+++ b/roles/common-prep/handlers/main.yml
@@ -2,18 +2,18 @@
# file: roles/common-prep/handlers/main.yml
# from https://support.ansible.com/hc/en-us/articles/201958037-Reboot-a-server-and-wait-for-it-to-come-back
-- name: restart machine
+- name: restart host
shell: sleep 2 && shutdown -r now "Ansible updates triggered"
async: 1
poll: 0
ignore_errors: true
-# wait 1m, then try to contact machine for 5m
-- name: wait for machine
+# wait 1m, then try to contact machine for 10m
+- name: wait for host
become: false
local_action:
wait_for host={{ inventory_hostname }}
port=22
- delay=60 timeout=300
+ delay=60 timeout=600
state=started
diff --git a/roles/common-prep/tasks/main.yml b/roles/common-prep/tasks/main.yml
index bf1c116..1ea1ad9 100644
--- a/roles/common-prep/tasks/main.yml
+++ b/roles/common-prep/tasks/main.yml
@@ -2,10 +2,18 @@
# file: roles/common-prep/tasks/main.yml
- name: Upgrade system to current using apt
- apt:
+ apt:
upgrade=dist
- update_cache=yes
+ update_cache=yes
cache_valid_time=3600
+
+- stat:
+ path=/var/run/reboot-required
+ register: reboot-required
+
+- name: reboot if required
+ when: reboot-required.exists is defined
+ debug: msg="System will reboot"
notify:
- restart host
- wait for host
diff --git a/roles/compute-prep/handlers/main.yml b/roles/compute-prep/handlers/main.yml
new file mode 100644
index 0000000..eee1556
--- /dev/null
+++ b/roles/compute-prep/handlers/main.yml
@@ -0,0 +1,5 @@
+---
+# file: roles/compute-prep/handlers/main.yml
+
+- name: run rc.local
+ command: /etc/rc.local
diff --git a/roles/compute-prep/tasks/main.yml b/roles/compute-prep/tasks/main.yml
index 1e5bdbe..ac65bc8 100644
--- a/roles/compute-prep/tasks/main.yml
+++ b/roles/compute-prep/tasks/main.yml
@@ -1,11 +1,28 @@
---
# file: roles/compute-prep/tasks/main.yml
-- name: Install packages
+- name: Install packages
apt:
name={{ item }}
state=latest
with_items:
- python-yaml
+- name: Add head node ubuntu user key
+ authorized_key:
+ user=ubuntu
+ key="{{ hostvars[groups['head'][0]]['head_ssh_pubkey']['stdout'] }}"
+
+- name: Add route via /etc/rc.local
+ template:
+ src=rc.local.j2
+ dest=/etc/rc.local
+ mode=0755
+ notify:
+ - run rc.local
+
+- name: Create /var/lib/nova dir
+ file:
+ path=/var/lib/nova
+ state=directory
diff --git a/roles/compute-prep/templates/rc.local.j2 b/roles/compute-prep/templates/rc.local.j2
new file mode 100644
index 0000000..73b12fb
--- /dev/null
+++ b/roles/compute-prep/templates/rc.local.j2
@@ -0,0 +1,19 @@
+#!/bin/sh -e
+#
+# rc.local
+#
+# This script is executed at the end of each multiuser runlevel.
+# Make sure that the script will "exit 0" on success or any other
+# value on error.
+#
+# In order to enable or disable this script just change the execution
+# bits.
+
+{% set head_host = groups['head'][0] -%}
+{% set head_ip = hostvars[head_host]['ansible_default_ipv4']['address'] -%}
+{% set virt_network = hostvars[head_host]['ansible_virbr0']['ipv4']['network'] -%}
+{% set virt_netmask = hostvars[head_host]['ansible_virbr0']['ipv4']['netmask'] -%}
+
+route add -net {{ virt_network }} netmask {{ virt_netmask }} gw {{ head_ip }} || true
+
+exit 0
diff --git a/roles/config-virt/handlers/main.yml b/roles/config-virt/handlers/main.yml
new file mode 100644
index 0000000..d3708e6
--- /dev/null
+++ b/roles/config-virt/handlers/main.yml
@@ -0,0 +1,15 @@
+---
+# roles/juju-setup/handlers/tasks.yml
+
+- name: recreate default network
+ command: virsh net-destroy default ; virsh net-start default
+
+- name: reload libvirt-bin
+ service:
+ name=libvirt-bin
+ state=restarted
+
+- name: run qemu hook
+ command: /etc/libvirt/hooks/qemu start start
+
+
diff --git a/roles/config-virt/tasks/main.yml b/roles/config-virt/tasks/main.yml
new file mode 100644
index 0000000..76f14ae
--- /dev/null
+++ b/roles/config-virt/tasks/main.yml
@@ -0,0 +1,28 @@
+---
+# roles/config-virt/main/tasks.yml
+
+- name: Get ubuntu image for uvtool
+ command: uvt-simplestreams-libvirt sync --source http://cloud-images.ubuntu.com/daily \
+ release={{ ansible_distribution_release }} arch=amd64
+
+- name: Have libvirt enable port forwarding to VM's
+ become: yes
+ template:
+ src={{ item }}.j2
+ dest=/etc/libvirt/hooks/{{ item }}
+ mode=0755 owner=root
+ with_items:
+ - daemon
+ - qemu
+ notify:
+ - reload libvirt-bin
+ - run qemu hook
+
+- name: configure libvirt mgmtbr network DHCP range and IP assignments
+ virt_net:
+ command=define
+ name=default
+ xml='{{ lookup("template", "default.xml.j2") }}'
+ autostart=yes
+ state=active
+
diff --git a/roles/juju-setup/templates/daemon.j2 b/roles/config-virt/templates/daemon.j2
similarity index 84%
rename from roles/juju-setup/templates/daemon.j2
rename to roles/config-virt/templates/daemon.j2
index 32e9b55..c79bf4a 100644
--- a/roles/juju-setup/templates/daemon.j2
+++ b/roles/config-virt/templates/daemon.j2
@@ -11,10 +11,9 @@
add_port_fwd_rule() {
DPORT=$1
- VM=$2
+ VMIP=$2
TOPORT=$3
- VMIP=$( getent ahosts $VM|head -1|awk '{print $1}' )
iptables -t nat -C PREROUTING -p tcp -i $NIC --dport $DPORT -j DNAT --to-destination $VMIP:$TOPORT
if [ "$?" -ne 0 ]
then
@@ -29,7 +28,7 @@
{% for vm in head_vm_list -%}
{% if vm.forwarded_ports is defined -%}
{% for port in vm.forwarded_ports -%}
- add_port_fwd_rule {{ port.ext }} {{ vm.name }} {{ port.int }}
+ add_port_fwd_rule {{ port.ext }} "{{ mgmtbr_prefix }}.{{ vm.ipv4_last_octet }}" {{ port.int }}
{% endfor -%}
{% endif -%}
{% endfor -%}
diff --git a/roles/config-virt/templates/default.xml.j2 b/roles/config-virt/templates/default.xml.j2
new file mode 100644
index 0000000..5183aca
--- /dev/null
+++ b/roles/config-virt/templates/default.xml.j2
@@ -0,0 +1,19 @@
+<network>
+ <name>default</name>
+ <bridge name="virbr0"/>
+ <forward/>
+ <domain name="{{ site_suffix }}" localonly="no"/>
+ <dns>
+{% for ns in dns_servers %}
+ <forwarder addr="{{ ns }}"/>
+{% endfor %}
+ </dns>
+ <ip address="{{ mgmtbr_prefix }}.1" netmask="255.255.255.0">
+ <dhcp>
+ <range start="{{ mgmtbr_prefix }}.2" end="{{ mgmtbr_prefix }}.254"/>
+{% for vm in head_vm_list %}
+ <host name='{{ vm.name }}' ip='{{ mgmtbr_prefix }}.{{ vm.ipv4_last_octet }}'/>
+{% endfor %}
+ </dhcp>
+ </ip>
+</network>
diff --git a/roles/juju-setup/templates/qemu.j2 b/roles/config-virt/templates/qemu.j2
similarity index 100%
rename from roles/juju-setup/templates/qemu.j2
rename to roles/config-virt/templates/qemu.j2
diff --git a/roles/dns-nsd/handlers/main.yml b/roles/dns-nsd/handlers/main.yml
index 18e7e4a..559cc55 100644
--- a/roles/dns-nsd/handlers/main.yml
+++ b/roles/dns-nsd/handlers/main.yml
@@ -1,5 +1,8 @@
---
#file: roles/dns-nsd/handlers/main.yml
+- name: reload-nsd
+ service: name=nsd state=reloaded
+
- name: restart-nsd
service: name=nsd state=restarted
diff --git a/roles/dns-nsd/tasks/main.yml b/roles/dns-nsd/tasks/main.yml
index aeeeacb..0eda801 100644
--- a/roles/dns-nsd/tasks/main.yml
+++ b/roles/dns-nsd/tasks/main.yml
@@ -9,7 +9,7 @@
when: ansible_os_family == 'Debian'
- name: Ensure that zones directory exists
- file:
+ file:
name={{ nsd_zonesdir }}
state=directory
mode=0755 owner=root group={{ nsd_group }}
@@ -20,7 +20,7 @@
dest={{ nsd_conf }}
mode=0644 owner=root group={{ nsd_group }}
notify:
- - restart-nsd
+ - reload-nsd
- name: create forward zonefiles from template
template:
@@ -29,7 +29,7 @@
mode=0644 owner=root group={{ nsd_group }}
with_items: '{{ nsd_zones }}'
notify:
- - restart-nsd
+ - reload-nsd
- name: create reverse zonefiles from template
template:
@@ -38,5 +38,5 @@
mode=0644 owner=root group={{ nsd_group }}
with_items: '{{ nsd_zones }}'
notify:
- - restart-nsd
+ - reload-nsd
diff --git a/roles/head-prep/tasks/main.yml b/roles/head-prep/tasks/main.yml
index f875729..fe351c7 100644
--- a/roles/head-prep/tasks/main.yml
+++ b/roles/head-prep/tasks/main.yml
@@ -30,6 +30,7 @@
- python-neutronclient
- python-keystoneclient
- python-glanceclient
+ - virt-top
- name: Obtain the juju-ansible tool from github
git:
@@ -46,27 +47,18 @@
- "/usr/local/bin/juju-ansible"
- "/usr/local/bin/juju-ansible-playbook"
-- name: Prepare user account and generate SSH key
+- name: Prep user account by adding to libvirtd group and generating SSH key
user:
name={{ ansible_user_id }}
generate_ssh_key=yes
groups="libvirtd" append=yes
-- name: Register public key
+- name: Register public key in variable
shell: cat {{ ansible_user_dir }}/.ssh/id_rsa.pub
register: sshkey
-- name: Add key to this user account
+- name: Add public key to this user account
authorized_key:
user={{ ansible_user_id }}
key="{{ sshkey.stdout }}"
-- name: Copy keypair to /tmp
- shell: cp -f {{ ansible_user_dir }}/.ssh/{{ item }} /tmp; chmod +r /tmp/{{ item }}
- with_items:
- - id_rsa
- - id_rsa.pub
-
-- name: Get ubuntu image for uvtool
- shell: uvt-simplestreams-libvirt sync --source http://cloud-images.ubuntu.com/daily release={{ ansible_distribution_release }} arch=amd64
-
diff --git a/roles/juju-openstack-config/defaults/main.yml b/roles/juju-openstack-config/defaults/main.yml
new file mode 100644
index 0000000..4a0158f
--- /dev/null
+++ b/roles/juju-openstack-config/defaults/main.yml
@@ -0,0 +1,20 @@
+---
+# roles/juju-setup/defaults/main.yml
+
+openstack_version: kilo
+
+openstack_cfg_path: /usr/local/src/openstack.cfg
+
+compute_relations:
+ - name: nova-compute
+ relations: [ "glance", "nova-cloud-controller", "neutron-openvswitch", "nagios", "nrpe", ]
+
+ - name: "nova-compute:shared-db"
+ relations: [ "mysql:shared-db", ]
+
+ - name: "nova-compute:amqp"
+ relations: [ "rabbitmq-server:amqp", ]
+
+ - name: ntp
+ relations: [ "nova-compute", ]
+
diff --git a/roles/juju-openstack-config/tasks/main.yml b/roles/juju-openstack-config/tasks/main.yml
index 47d4cc7..7d6d1b0 100644
--- a/roles/juju-openstack-config/tasks/main.yml
+++ b/roles/juju-openstack-config/tasks/main.yml
@@ -1,19 +1,45 @@
---
# roles/juju-openstack-config/main/tasks.yml
-- name: Obtain keystone admin password
- command: "juju run --unit={{ juju_services['keystone']['units'].keys()[0] }} 'sudo cat /var/lib/keystone/keystone.passwd'"
- register: keystone_password
+- name: add compute nodes
+ command: juju add-machine ssh:ubuntu@{{ item }}
+ with_items: "{{ groups['compute'] | difference( juju_machines.keys() ) }}"
+ register: added-compute-nodes
-- name: Obtain keystone IP address
- command: uvt-kvm ip keystone
- register: keystone_ip
+# run this again, so add-machine items will be in the juju_compute_nodes list
+- name: Obtain Juju Facts after adding compute nodes
+ when: added-compute-nodes
+ juju_facts:
-- name: Create admin-openrc.sh credentials file
- template:
- src=admin-openrc.sh.j2
- dest={{ ansible_user_dir }}/admin-openrc.sh
+# the crazy [ ] in the with-items is so that jinja compares arrays of strings,
+# rather than strings of characters
+- name: add-unit nova-compute to first compute node
+ command: "juju deploy nova-compute --to {{ juju_machines[item]['machine_id'] }} --config={{ openstack_cfg_path }}"
+ with_items: "{{ [ groups['compute'][0] ] | difference( juju_compute_nodes.keys() ) }}"
+ register: added-first-nova-compute
+# run this again, so first nova compute will be in the juju_compute_nodes list
+- name: Obtain Juju Facts nova-compute deploy
+ juju_facts:
+ when: added-first-nova-compute
+
+- name: add-unit nova-compute to other compute nodes
+ command: "juju add-unit nova-compute --to {{ juju_machines[item]['machine_id'] }}"
+ with_items: "{{ groups['compute'] | difference( juju_compute_nodes.keys() ) }}"
+
+# added this to openstack.cfg
+# - name: Have nova-compute use KVM as its virt-type
+# command: juju set nova-compute virt-type=kvm
+
+- name: Create relations to compute
+ command: "juju add-relation '{{ item.0.name }}' '{{ item.1 }}'"
+ register: compute_relation
+ failed_when: "compute_relation|failed and 'relation already exists' not in compute_relation.stderr"
+ with_subelements:
+ - "{{ compute_relations }}"
+ - relations
+
+# need to ansible-ify these
- name: Copy credentials file to nova-cloud-controller
command: "scp {{ ansible_user_dir }}/admin-openrc.sh ubuntu@nova-cloud-controller:"
@@ -25,12 +51,6 @@
mode=0644 owner=root
- name: Run network setup script
- command: ansible nova-cloud-controller -m script -u ubuntu -a "/usr/local/src/network-setup.sh"
+ command: ansible nova-cloud-controller-1 -m script -u ubuntu -a "/usr/local/src/network-setup.sh"
-- name: Copy nova-cloud-controller CA certificate to local
- become: yes
- command: juju scp {{ juju_services['nova-cloud-controller']['units'].keys()[0] }}:/usr/local/share/ca-certificates/keystone_juju_ca_cert.crt \
- /usr/local/share/ca-certificates
- creates=/usr/local/share/ca-certificates/keystone_juju_ca_cert.crt
- notify: update-ca-certificates
diff --git a/roles/juju-openstack-config/templates/admin-openrc.sh.j2 b/roles/juju-openstack-config/templates/admin-openrc.sh.j2
deleted file mode 100644
index 4ef1a08..0000000
--- a/roles/juju-openstack-config/templates/admin-openrc.sh.j2
+++ /dev/null
@@ -1,5 +0,0 @@
-export OS_USERNAME=admin
-export OS_PASSWORD={{ keystone_password.stdout }}
-export OS_TENANT_NAME=admin
-export OS_AUTH_URL=http://keystone:5000/v2.0
-export OS_REGION_NAME=RegionOne
diff --git a/roles/juju-setup/handlers/main.yml b/roles/juju-setup/handlers/main.yml
deleted file mode 100644
index d54f5dc..0000000
--- a/roles/juju-setup/handlers/main.yml
+++ /dev/null
@@ -1,12 +0,0 @@
----
-# roles/juju-setup/handlers/tasks.yml
-
-- name: reload libvirt-bin
- service:
- name=libvirt-bin
- state=reloaded
-
-- name: run qemu hook
- command: /etc/libvirt/hooks/qemu start start
-
-
diff --git a/roles/juju-setup/tasks/main.yml b/roles/juju-setup/tasks/main.yml
index d1b2f30..672c9be 100644
--- a/roles/juju-setup/tasks/main.yml
+++ b/roles/juju-setup/tasks/main.yml
@@ -2,7 +2,7 @@
# roles/juju-setup/main/tasks.yml
- name: create Virtual Machines with uvt-kvm
- shell: uvt-kvm create {{ item.name }} --cpu={{ item.cpu }} --memory={{ item.memMB }} --disk={{ item.diskGB }}; \
+ shell: uvt-kvm create {{ item.name }} --cpu={{ item.cpu }} --memory={{ item.memMB }} --disk={{ item.diskGB }} ; \
uvt-kvm wait --insecure {{ item.name }}
creates=/var/lib/uvtool/libvirt/images/{{ item.name }}.qcow
with_items: "{{ head_vm_list }}"
@@ -11,17 +11,6 @@
command: virsh autostart {{ item.name }}
with_items: "{{ head_vm_list }}"
-- name: Discover VM IP addresses
- shell: "uvt-kvm ip {{ item.name }}"
- with_items: "{{ head_vm_list }}"
- register: vm_ip
-
-- name: Create /etc/hosts with VM IP addresses
- become: yes
- template:
- src=hosts.j2
- dest=/etc/hosts
-
- name: Create /etc/ansible/hosts file
become: yes
template:
@@ -31,18 +20,19 @@
- name: Verify that we can log into every VM
command: ansible services -m ping -u ubuntu
-- name: Have libvirt enable port forwarding to VM's
- become: yes
+- name: Update software in all the VMs
+ command: ansible services -m apt -b -u ubuntu -a "upgrade=dist update_cache=yes cache_valid_time=3600"
+
+- name: Create VM's eth0 interface config file for DNS config via resolvconf program
template:
- src={{ item }}.j2
- dest=/etc/libvirt/hooks/{{ item }}
- mode=0755 owner=root
- with_items:
- - daemon
- - qemu
- notify:
- - reload libvirt-bin
- - run qemu hook
+ src=eth0.cfg.j2
+ dest={{ ansible_user_dir }}/eth0.cfg
+
+- name: Copy eth0 interface config file to all VMs
+ command: ansible services -b -u ubuntu -m copy -a "src={{ ansible_user_dir }}/eth0.cfg dest=/etc/network/interfaces.d/eth0.cfg owner=root group=root mode=0644"
+
+- name: Restart eth0 interface on all VMs
+ command: ansible services -b -u ubuntu -m shell -a "ifdown eth0 ; ifup eth0"
- name: Initialize Juju
command: juju generate-config
@@ -64,7 +54,7 @@
dest={{ openstack_cfg_path }}
# Code for this is in library/juju_facts.py
-- name: Obtain Juju Facts
+- name: Obtain Juju Facts for creating machines
juju_facts:
# For setwise operations on desired vs Juju state:
@@ -74,7 +64,11 @@
- name: Add machines to Juju
command: "juju add-machine ssh:{{ item }}"
- with_items: "{{ head_vm_list | map(attribute='name') | list | difference( juju_machines.keys() ) }}"
+ with_items: "{{ head_vm_list | map(attribute='service') | list | difference( juju_machines.keys() ) }}"
+
+# run this again, so machines will be in the juju_machines list
+- name: Obtain Juju Facts after machine creation
+ juju_facts:
- name: Deploy services that are hosted in their own VM
command: "juju deploy {{ item }} --to {{ juju_machines[item]['machine_id'] }} --config={{ openstack_cfg_path }}"
@@ -92,15 +86,39 @@
# Previous method wasn't idempotent either
- name: Create relations between services
command: "juju add-relation '{{ item.0.name }}' '{{ item.1 }}'"
- ignore_errors: True
+ register: juju_relation
+ failed_when: "juju_relation|failed and 'relation already exists' not in juju_relation.stderr"
with_subelements:
- "{{ service_relations }}"
- relations
+# run another time, so services will be in juju_services list
+- name: Obtain Juju Facts after service creation
+ juju_facts:
+
# This should be able to test for the VM's coming up, but not working right now
#- name: Wait for juju services on VM's to come up
-# wait_for:
+# wait_for:
# port={{ item.ext }}
# timeout=10
# with_items: "{{ head_vm_list | map(attribute='forwarded_ports') | reject('undefined') | list }}"
+# - name: Obtain keystone admin password
+# command: "juju run --unit={{ juju_services['keystone']['units'].keys()[0] }} 'sudo cat /var/lib/keystone/keystone.passwd'"
+# register: keystone_password
+
+- name: Create admin-openrc.sh credentials file
+ template:
+ src=admin-openrc.sh.j2
+ dest={{ ansible_user_dir }}/admin-openrc.sh
+
+- name: Copy nova-cloud-controller CA certificate to head
+ command: juju scp {{ juju_services['nova-cloud-controller']['units'].keys()[0] }}:/usr/local/share/ca-certificates/keystone_juju_ca_cert.crt {{ ansible_user_dir }}
+ creates={{ ansible_user_dir }}/keystone_juju_ca_cert.crt
+
+- name: Move cert to system location
+ become: yes
+ command: mv {{ ansible_user_dir }}/keystone_juju_ca_cert.crt /usr/local/share/ca-certificates
+ creates=/usr/local/share/ca-certificates/keystone_juju_ca_cert.crt
+ notify: update-ca-certificates
+
diff --git a/roles/juju-setup/templates/admin-openrc.sh.j2 b/roles/juju-setup/templates/admin-openrc.sh.j2
new file mode 100644
index 0000000..bd195a4
--- /dev/null
+++ b/roles/juju-setup/templates/admin-openrc.sh.j2
@@ -0,0 +1,5 @@
+export OS_USERNAME=admin
+export OS_PASSWORD={{ keystone_admin_password }}
+export OS_TENANT_NAME=admin
+export OS_AUTH_URL=https://keystone.{{ site_suffix }}:5000/v2.0
+export OS_REGION_NAME=RegionOne
diff --git a/roles/juju-setup/templates/eth0.cfg.j2 b/roles/juju-setup/templates/eth0.cfg.j2
new file mode 100644
index 0000000..0baa7a8
--- /dev/null
+++ b/roles/juju-setup/templates/eth0.cfg.j2
@@ -0,0 +1,7 @@
+# The primary network interface
+auto eth0
+iface eth0 inet dhcp
+ dns-nameservers{% for ns in dns_servers %} {{ ns }}{% endfor %}
+{% if dns_search is defined %}
+ dns-search{% for searchdom in dns_search %} {{ searchdom }}{% endfor %}
+{% endif %}
diff --git a/roles/juju-setup/templates/openstack.cfg.j2 b/roles/juju-setup/templates/openstack.cfg.j2
index b5b635d..5a1f224 100644
--- a/roles/juju-setup/templates/openstack.cfg.j2
+++ b/roles/juju-setup/templates/openstack.cfg.j2
@@ -3,10 +3,9 @@
glance:
openstack-origin: "cloud:trusty-kilo"
keystone:
- admin-password: ""
+ use-https: "yes"
https-service-endpoints: "True"
openstack-origin: "cloud:trusty-kilo"
- use-https: "yes"
mysql:
mongodb:
nagios:
@@ -30,6 +29,7 @@
network-manager: "Neutron"
openstack-origin: "cloud:trusty-kilo"
nova-compute:
+ virt-type:kvm
config-flags: "firewall_driver=nova.virt.firewall.NoopFirewallDriver"
# config-flags: "firewall_driver=nova.virt.firewall.NoopFirewallDriver,xos_api_url=http://portal.opencloud.us"
disable-neutron-security-groups: "True"
diff --git a/roles/juju-user-prep/tasks/main.yml b/roles/juju-user-prep/tasks/main.yml
index 6f675fd..6e61ad3 100644
--- a/roles/juju-user-prep/tasks/main.yml
+++ b/roles/juju-user-prep/tasks/main.yml
@@ -13,3 +13,9 @@
src=ansible.cfg
dest={{ ansible_user_dir }}/.ansible.cfg
+
+- name: Get public ssh key from head node ubuntu user
+ command: cat {{ ansible_user_dir }}/.ssh/id_rsa.pub
+ register: head_ssh_pubkey
+
+
diff --git a/vars/aztest.yml b/vars/aztest.yml
index 4e37651..fd11cd8 100644
--- a/vars/aztest.yml
+++ b/vars/aztest.yml
@@ -1,8 +1,11 @@
---
# file: group_vars/aztest.yml
-# Prefix for DNS zones
-mgmt_net_prefix: 192.168.250
+# IP prefix for VMs
+mgmtbr_prefix: 192.168.250
+
+# site domain suffix
+site_suffix: aztest.infra.opencloud.us
# NSD/Unbound settings
@@ -18,3 +21,13 @@
unbound_interfaces:
# - 192.168.250.1/24
- 206.207.253.10/28
+
+# resolv.conf settings
+dns_servers:
+ - 206.207.253.10
+
+dns_search:
+ - aztest.infra.opencloud.us
+ - opencloud.cs.arizona.edu
+
+
diff --git a/vars/opencloud_defaults.yml b/vars/opencloud_defaults.yml
index 2d3ef92..41628a8 100644
--- a/vars/opencloud_defaults.yml
+++ b/vars/opencloud_defaults.yml
@@ -6,6 +6,7 @@
head_vm_list:
- name: "juju-1"
+ service: "juju"
aliases:
- "juju"
ipv4_last_octet: 10
@@ -14,6 +15,7 @@
diskGB: 20
- name: "ceilometer-1"
+ service: "ceilometer"
aliases:
- "ceilometer"
ipv4_last_octet: 20
@@ -24,6 +26,7 @@
- { ext: 8777, int: 8777 }
- name: "glance-1"
+ service: "glance"
aliases:
- "glance"
ipv4_last_octet: 30
@@ -34,6 +37,7 @@
- { ext: 9292, int: 9292 }
- name: "keystone-1"
+ service: "keystone"
aliases:
- "keystone"
ipv4_last_octet: 40
@@ -46,6 +50,7 @@
- { ext: 5000, int: 5000 }
- name: "mysql-1"
+ service: "mysql"
aliases:
- "mysql"
ipv4_last_octet: 50
@@ -54,6 +59,7 @@
diskGB: 40
- name: "nagios-1"
+ service: "nagios"
aliases:
- "nagios"
ipv4_last_octet: 60
@@ -64,6 +70,7 @@
- { ext: 3128, int: 80 }
- name: "neutron-api-1"
+ service: "neutron-api"
aliases:
- "neutron-api"
ipv4_last_octet: 70
@@ -74,6 +81,7 @@
- { ext: 9696, int: 9696 }
- name: "neutron-gateway-1"
+ service: "neutron-gateway"
aliases:
- "neutron-gateway"
ipv4_last_octet: 80
@@ -82,6 +90,7 @@
diskGB: 40
- name: "nova-cloud-controller-1"
+ service: "nova-cloud-controller"
aliases:
- "nova-cloud-controller"
ipv4_last_octet: 90
@@ -92,6 +101,7 @@
- { ext: 8774, int: 8774 }
- name: "openstack-dashboard-1"
+ service: "openstack-dashboard"
aliases:
- "openstack-dashboard"
ipv4_last_octet: 100
@@ -102,6 +112,7 @@
- { ext: 8080, int: 80 }
- name: "rabbitmq-server-1"
+ service: "rabbitmq-server"
aliases:
- "rabbitmq-server"
ipv4_last_octet: 110