| --- |
| # Copyright 2017-present Open Networking Foundation |
| # |
| # Licensed under the Apache License, Version 2.0 (the "License"); |
| # you may not use this file except in compliance with the License. |
| # You may obtain a copy of the License at |
| # |
| # http://www.apache.org/licenses/LICENSE-2.0 |
| # |
| # Unless required by applicable law or agreed to in writing, software |
| # distributed under the License is distributed on an "AS IS" BASIS, |
| # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| # See the License for the specific language governing permissions and |
| # limitations under the License. |
| |
| # file: create-lxd/tasks/main.yml |
| |
| - name: Enable trusty-backports apt repository |
| apt_repository: |
| repo: "{{ item }}" |
| state: present |
| with_items: |
| - "deb http://archive.ubuntu.com/ubuntu trusty-backports main restricted universe multiverse" |
| |
| - name: Install LXD from trusty-backports |
| apt: |
| name: lxd |
| default_release: trusty-backports |
| update_cache: yes |
| cache_valid_time: 3600 |
| |
| - name: Create LXD profiles for OpenStack services |
| lxd_profile: |
| name: "openstack-{{ item.name }}" |
| state: present |
| config: |
| user.user-data: | |
| #cloud-config |
| ssh_authorized_keys: |
| - "{{ lookup('file', ssh_pki_dir ~ '/client_certs/{{ pod_sshkey_name }}_sshkey.pub') }}" |
| description: 'OpenStack service {{ item.name }} for CORD' |
| devices: |
| eth0: |
| type: nic |
| parent: "{{ management_net_bridge }}" |
| nictype: bridged |
| hwaddr: "{{ item.hwaddr | default( vtn_net_management_host_hwaddr_prefix ~ ( vtn_net_management_host_cidr | ipaddr(item.ipv4_last_octet) | ipaddr('address') | ip4_hex )) | hwaddr('unix') }}" |
| certs: |
| type: disk |
| path: /usr/local/share/ca-certificates/cord/ |
| source: /usr/local/share/ca-certificates/ |
| with_items: "{{ head_lxd_list }}" |
| |
| - name: Create containers for the OpenStack services |
| lxd_container: |
| name: "{{ item.name }}" |
| architecture: x86_64 |
| state: started |
| source: |
| type: image |
| mode: pull |
| server: https://cloud-images.ubuntu.com/releases |
| protocol: simplestreams |
| alias: "{{ ansible_distribution_release }}" |
| profiles: ["openstack-{{ item.name }}"] |
| wait_for_ipv4_addresses: true |
| timeout: 600 |
| with_items: "{{ head_lxd_list }}" |
| |
| - name: fetch IP of DHCP harvester |
| when: use_maas |
| command: docker-ip harvester |
| register: harvester_ip |
| changed_when: False |
| |
| - name: force a harvest to get container name resolution |
| when: use_maas |
| uri: |
| url: http://{{ harvester_ip.stdout }}:8954/harvest |
| method: POST |
| |
| - name: wait for container name resolution |
| when: use_maas |
| host_dns_check: |
| hosts: "{{ head_lxd_list | map(attribute='name') | list | to_json }}" |
| command_on_fail: "curl -sS --connect-timeout 3 -XPOST http://{{ harvester_ip.stdout }}:8954/harvest" |
| register: all_resolved |
| until: all_resolved.everyone == "OK" |
| retries: 5 |
| delay: 10 |
| failed_when: all_resolved.everyone != "OK" |
| |
| - name: Wait for containers to be accessible via SSH |
| wait_for: |
| host: "{{ item.name }}" |
| port: 22 |
| search_regex: "OpenSSH" |
| with_items: "{{ head_lxd_list }}" |
| |
| - name: Ensure /etc/ansible directory exists |
| file: |
| path: /etc/ansible |
| state: directory |
| owner: root |
| group: root |
| mode: 0755 |
| |
| - name: Create /etc/ansible/hosts file with containers list |
| template: |
| src: ansible_hosts.j2 |
| dest: /etc/ansible/hosts |
| owner: root |
| group: root |
| mode: 0644 |
| |