blob: 9b2171cf595dc04e0ed69c2f07440b71992c0703 [file] [log] [blame]
---
# Play: set up head node
# Assumes basic /etc/ansible/hosts file
- hosts: singapore-head
sudo: yes
tasks:
- apt: name=python-pycurl
- name: Add Juju repository
apt_repository: repo="ppa:juju/stable"
- name: Add Ansible repository
apt_repository: repo="ppa:ansible/ansible"
- name: Install older version of Juju due to bug in 1.22
apt: name=juju-core=1.20.11-0ubuntu0.14.04.1 update_cache=yes
- name: Install packages
apt: name={{ item }} state=latest
with_items:
- ansible
- uvtool
- git
- name: Get juju-ansible git repo
sudo: no
git: repo=https://github.com/cmars/juju-ansible.git
dest={{ ansible_env['PWD'] }}/juju-ansible
- name: Set up juju-ansible symlink
file: dest=/usr/local/bin/juju-ansible
src={{ ansible_env['PWD'] }}/juju-ansible
state=link
- name: Set up juju-ansible-playbook symlink
file: dest=/usr/local/bin/juju-ansible-playbook
src={{ ansible_env['PWD'] }}/juju-ansible
state=link
- name: Generate key to use in VMs
user: name=ubuntu generate_ssh_key=yes
- name: Get trusty image for uvtool
shell: uvt-simplestreams-libvirt sync release=trusty arch=amd64
- name: Create VMs to host OpenCloud services
sudo: no
script: scripts/create-vms.sh
- pause: prompt="Hit return when all VMs have IP addresses"
- include: tasks/vm-ips.yml
- name: Add VMs to /etc/hosts
template: src=templates/etc/hosts.j2
dest=/etc/hosts
- name: Set up /etc/ansible/hosts
template: src=templates/etc/ansible/hosts.j2
dest=/etc/ansible/hosts
- name: Copy ansible.cfg to disable host key checking
sudo: no
copy: src=files/ansible.cfg
dest={{ ansible_env['PWD'] }}/.ansible.cfg
- name: Touch ~/.ssh/config
sudo: no
file: path={{ ansible_env['PWD'] }}/.ssh/config state=touch
- name: Disable host key checking in SSH
sudo: no
lineinfile: dest={{ ansible_env['PWD'] }}/.ssh/config
line="StrictHostKeyChecking no"
- name: Test that we can log into every VM
sudo: no
shell: ansible services -m ping -u ubuntu
# Play: Install services using Juju
- hosts: singapore-head
tasks:
- name: Initialize Juju
sudo: no
shell: juju generate-config
creates={{ ansible_env['PWD'] }}/.juju/environments.yaml
- shell: uvt-kvm ip juju
register: juju_ip
- name: Juju config file
sudo: no
template: src=templates/environments.yaml.j2
dest={{ ansible_env['PWD'] }}/.juju/environments.yaml
- name: Bootstrap Juju
sudo: no
shell: juju bootstrap
creates={{ ansible_env['PWD'] }}/.juju/environments/manual.jenv
# - pause: Break here and try rebooting Juju VM
- name: Copy openstack.cfg for Juju
sudo: no
copy: src=files/openstack.cfg
dest={{ ansible_env['PWD'] }}/openstack.cfg
- name: Deploy OpenStack services with Juju
script: scripts/juju-setup.py
- pause: prompt="Hit return when all services have started successfully"
- name: Set MTU for GRE tunneling
shell: "juju set quantum-gateway instance-mtu=1400"
- name: Use HTTPS for keystone authentication
shell: 'juju set keystone use-https=yes'
- name: Use HTTPS for all service endpoints
shell: 'juju set keystone https-service-endpoints=True'
- name: Use SSL for rabbitmq
shell: 'juju set rabbitmq-server ssl=on'
- name: Add all Juju relations between services
script: scripts/juju-relations.py
- pause: prompt="Wait for relations to be fully added"
# Play: Use libvirt hooks to set up iptables
- hosts: singapore-head
sudo: yes
tasks:
- name: Enable port forwarding for services
copy: src=files/{{ item }}
dest={{ item }}
mode=0755
notify:
- reload libvirt config
- run qemu hook
with_items:
- /etc/libvirt/hooks/daemon
- /etc/libvirt/hooks/qemu
handlers:
- name: reload libvirt config
shell: killall -HUP libvirtd
- name: run qemu hook
shell: /etc/libvirt/hooks/qemu start start
# Play: Create credentials, set up some basic OpenStack
- hosts: singapore-head
sudo: no
tasks:
- name: Get keystone admin password
shell: juju run --unit=keystone/0 "sudo cat /var/lib/keystone/keystone.passwd"
register: keystone_password
- shell: uvt-kvm ip keystone
register: keystone_ip
- name: Create credentials
template: src=templates/admin-openrc.sh.j2
dest={{ ansible_env['PWD'] }}/admin-openrc.sh
- name: Copy credentials to nova-cloud-controller
shell: "scp admin-openrc.sh ubuntu@nova-cloud-controller:"
- name: Get public key
shell: cat {{ ansible_env['PWD'] }}/.ssh/id_rsa.pub
register: sshkey
- hosts: singapore-compute
sudo: yes
vars:
control_net: 192.168.122.0/24
gateway: 198.71.44.85
tasks:
- name: Add route via /etc/rc.local
template: src=templates/etc/rc.local
dest=/etc/rc.local
mode=0755
notify:
- run /etc/rc.local
- name: Add key
authorized_key: user=ubuntu
key="{{ hostvars['opencloud3.sing.internet2.edu']['sshkey']['stdout'] }}"
handlers:
- name: run /etc/rc.local
shell: /etc/rc.local