Initial commit
diff --git a/singapore-setup.yml b/singapore-setup.yml
new file mode 100644
index 0000000..3d2067d
--- /dev/null
+++ b/singapore-setup.yml
@@ -0,0 +1,211 @@
+---
+# Play: set up head node
+# Assumes basic /etc/ansible/hosts file
+- hosts: singapore-head
+ sudo: yes
+ tasks:
+
+ - apt: name=python-pycurl
+
+ - name: Add Juju repository
+ apt_repository: repo="ppa:juju/stable"
+
+ - name: Add Ansible repository
+ apt_repository: repo="ppa:ansible/ansible"
+
+ - name: Install older version of Juju due to bug in 1.22
+ apt: name=juju-core=1.20.11-0ubuntu0.14.04.1 update_cache=yes
+
+ - name: Install packages
+ apt: name={{ item.name }} state=latest
+ with_items:
+ - name: ansible
+ - name: uvtool
+
+ - name: Get juju-ansible git repo
+ git: repo=https://github.com/cmars/juju-ansible.git
+ dest=/home/ubuntu/juju-ansible
+
+ - name: Set up juju-ansible symlink
+ file: dest=/usr/local/bin/juju-ansible
+ src=/home/ubuntu/juju-ansible
+ state=link
+
+ - name: Set up juju-ansible-playbook symlink
+ file: dest=/usr/local/bin/juju-ansible-playbook
+ src=/home/ubuntu/juju-ansible
+ state=link
+
+ - name: Generate key to use in VMs
+ user: name=ubuntu generate_ssh_key=yes
+
+ - name: Get new key
+ sudo: no
+ shell: cat /home/ubuntu/.ssh/id_rsa.pub
+ register: sshkey
+
+ - name: Add to authorized_keys
+ authorized_key: user=ubuntu
+ key="{{ sshkey.stdout }}"
+
+ - name: Get trusty image for uvtool
+ shell: uvt-simplestreams-libvirt sync release=trusty arch=amd64
+
+ - name: Create VMs to host OpenCloud services
+ sudo: no
+ script: scripts/create-vms.sh
+
+ - pause: prompt="Hit return when all VMs have IP addresses"
+
+ - include: tasks/vm-ips.yml
+
+ - name: Add VMs to /etc/hosts
+ template: src=templates/etc/hosts.j2
+ dest=/etc/hosts
+
+ - name: Set up /etc/ansible/hosts
+ template: src=templates/etc/ansible/hosts.j2
+ dest=/etc/ansible/hosts
+
+ - name: Copy ansible.cfg to disable host key checking
+ sudo: no
+ copy: src=files/ansible.cfg
+ dest=/home/ubuntu/.ansible.cfg
+
+ - name: Touch ~/.ssh/config
+ sudo: no
+ file: path=/home/ubuntu/.ssh/config state=touch
+
+ - name: Disable host key checking in SSH
+ sudo: no
+ lineinfile: dest=/home/ubuntu/.ssh/config
+ line="StrictHostKeyChecking no"
+
+ - name: Test that we can log into every VM
+ sudo: no
+ shell: ansible services -m ping
+
+# Play: Install services using Juju
+- hosts: singapore-head
+ tasks:
+ - name: Initialize Juju
+ sudo: no
+ shell: juju generate-config
+ creates=/home/ubuntu/.juju/environments.yaml
+
+ - shell: uvt-kvm ip juju
+ register: juju_ip
+
+ - name: Juju config file
+ sudo: no
+ template: src=templates/environments.yaml.j2
+ dest=/home/ubuntu/.juju/environments.yaml
+
+ - name: Bootstrap Juju
+ sudo: no
+ shell: juju bootstrap
+ creates=/home/ubuntu/.juju/environments/manual.jenv
+
+ # - pause: Break here and try rebooting Juju VM
+
+ - name: Copy openstack.cfg for Juju
+ sudo: no
+ copy: src=files/openstack.cfg
+ dest=/home/ubuntu/openstack.cfg
+
+ - name: Deploy OpenStack services with Juju
+ script: scripts/juju-setup.py
+
+ - pause: prompt="Hit return when all services have started successfully"
+
+ - name: Set MTU for GRE tunneling
+ shell: "juju set quantum-gateway instance-mtu=1400"
+
+ - name: Use HTTPS for keystone authentication
+ shell: 'juju set keystone use-https=yes'
+
+ - name: Use HTTPS for all service endpoints
+ shell: 'juju set keystone https-service-endpoints=True'
+
+ - name: Use SSL for rabbitmq
+ shell: 'juju set rabbitmq-server ssl=on'
+
+ - name: Add all Juju relations between services
+ script: scripts/juju-relations.py
+
+ - pause: prompt="Wait for relations to be fully added"
+
+# Play: Use libvirt hooks to set up iptables
+- hosts: singapore-head
+ sudo: yes
+ tasks:
+ - name: Enable port forwarding for services
+ copy: src=files/{{ item }}
+ dest={{ item }}
+ mode=0755
+ notify:
+ - reload libvirt config
+ - run qemu hook
+ with_items:
+ - /etc/libvirt/hooks/daemon
+ - /etc/libvirt/hooks/qemu
+
+ handlers:
+ - name: reload libvirt config
+ shell: killall -HUP libvirtd
+
+ - name: run qemu hook
+ shell: /etc/libvirt/hooks/qemu start start
+
+# Play: Create credentials, set up some basic OpenStack
+- hosts: singapore-head
+ sudo: no
+ tasks:
+
+ - name: Get keystone admin password
+ shell: juju run --unit=keystone/0 "sudo cat /var/lib/keystone/keystone.passwd"
+ register: keystone_password
+
+ - shell: uvt-kvm ip keystone
+ register: keystone_ip
+
+ - name: Create credentials
+ template: src=templates/admin-openrc.sh.j2
+ dest=/home/ubuntu/admin-openrc.sh
+
+ - name: Copy credentials to nova-cloud-controller
+ shell: "scp admin-openrc.sh nova-cloud-controller:"
+
+ - name: Get public key
+ shell: cat /home/ubuntu/.ssh/id_rsa.pub
+ register: sshkey
+
+- hosts: singapore-compute
+ sudo: yes
+ vars:
+ control_net: 192.168.122.0/24
+ gateway: 198.71.44.85
+ tasks:
+ - name: Add route via /etc/rc.local
+ template: src=templates/etc/rc.local
+ dest=/etc/rc.local
+ mode=0755
+ notify:
+ - run /etc/rc.local
+
+ - name: Add key
+ authorized_key: user=ubuntu
+ key="{{ hostvars['opencloud3.sing.internet2.edu']['sshkey']['stdout'] }}"
+
+ handlers:
+ - name: run /etc/rc.local
+ shell: /etc/rc.local
+
+# Whaat's left
+# - Adding compute nodes
+# - Add machine
+# - Deploy charm
+# - Remove virbr0
+#
+# - Creating br-ex and br-nat networks
+# - But this should perhaps be done by OpenCloud?
\ No newline at end of file