Gitiles
Code Review Sign In
gerrit.opencord.org / platform-install / 093e6a85ac1ff65a37c37ed88f786429519f5f02 / . / cloudlab-setup.yml
blob: ccf11795692ec5efc80355aeefef312e7b714fd4 [file] [log] [blame]
Andy Baviercccf27b2015-08-17 14:48:29 -0400[diff] [blame]1---
2# Play: set up head node
3# Assumes basic /etc/ansible/hosts file
4- hosts: cloudlab-head
5 sudo: yes
6 tasks:
7
8 - apt: name={{ item }}
9 with_items:
10 - python-pycurl
11 - software-properties-common
12
13 - name: Add Juju repository
14 apt_repository: repo="ppa:juju/stable"
15
16 - name: Add Ansible repository
17 apt_repository: repo="ppa:ansible/ansible"
18
Andy Bavier093e6a82015-08-21 13:31:31 -0400[diff] [blame^]19 - name: Update Ansible cache
20 apt: update_cache=yes
Andy Baviercccf27b2015-08-17 14:48:29 -0400[diff] [blame]21
22 - name: Install packages
23 apt: name={{ item }} state=latest
24 with_items:
25 - ansible
26 - uvtool
27 - git
28 - bzr
Andy Bavier093e6a82015-08-21 13:31:31 -0400[diff] [blame^]29 - juju-core
Andy Baviercccf27b2015-08-17 14:48:29 -0400[diff] [blame]30
31 - name: Get juju-ansible git repo
32 git: repo=https://github.com/cmars/juju-ansible.git
33 dest=/usr/local/src/juju-ansible
34
35 - name: Set up juju-ansible symlink
36 file: dest=/usr/local/bin/juju-ansible
37 src=/usr/local/src/juju-ansible/juju-ansible
38 state=link
39
40 - name: Set up juju-ansible-playbook symlink
41 file: dest=/usr/local/bin/juju-ansible-playbook
42 src=/usr/local/src/juju-ansible/juju-ansible
43 state=link
44
45 - name: Generate key to use in VMs
46 user: name={{ ansible_env['SUDO_USER'] }} generate_ssh_key=yes
47
48 - name: Set up extra space on CloudLab nodes
49 shell: /usr/testbed/bin/mkextrafs /var/lib/uvtool/libvirt/images
50 creates=/var/lib/uvtool/libvirt/images/lost+found
51
52 - name: Add myself to libvirtd group
53 shell: usermod -aG libvirtd {{ ansible_env['SUDO_USER'] }}
54
55 - name: Get trusty image for uvtool
56 shell: uvt-simplestreams-libvirt sync --source http://cloud-images.ubuntu.com/daily release=trusty arch=amd64
57
58 - name: Create VMs to host OpenCloud services
59 sudo: no
60 script: scripts/create-vms.sh
61
Andy Baviercccf27b2015-08-17 14:48:29 -0400[diff] [blame]62 - include: tasks/vm-ips.yml
63
64 - name: Add VMs to /etc/hosts
65 template: src=templates/etc/hosts.j2
66 dest=/etc/hosts
67 notify:
68 - Reload dnsmasq
69
70 - name: Set up /etc/ansible/hosts
71 template: src=templates/etc/ansible/hosts.j2
72 dest=/etc/ansible/hosts
73
74 - name: Copy ansible.cfg to disable host key checking
75 sudo: no
76 copy: src=files/ansible.cfg
77 dest={{ ansible_env['PWD'] }}/.ansible.cfg
78
79 - name: Touch ~/.ssh/config
80 sudo: no
81 file: path={{ ansible_env['PWD'] }}/.ssh/config state=touch
82
83 - name: Disable host key checking in SSH
84 sudo: no
85 lineinfile: dest={{ ansible_env['PWD'] }}/.ssh/config
86 line="StrictHostKeyChecking no"
87
88 - name: Test that we can log into every VM
89 sudo: no
90 shell: ansible services -m ping -u ubuntu
91
92 handlers:
93 - name: Reload dnsmasq
94 shell: killall -HUP dnsmasq
95
96# Play: Install services using Juju
97- hosts: cloudlab-head
98 vars:
99 charm_src: /usr/local/src/charms/trusty
100 tasks:
101 - name: Initialize Juju
102 sudo: no
103 shell: juju generate-config
104 creates={{ ansible_env['PWD'] }}/.juju/environments.yaml
105
106 - shell: uvt-kvm ip juju
107 register: juju_ip
108
109 - name: Juju config file
110 sudo: no
111 template: src=templates/environments.yaml.j2
112 dest={{ ansible_env['PWD'] }}/.juju/environments.yaml
113
114 - name: Bootstrap Juju
115 sudo: no
116 shell: juju bootstrap
117 creates={{ ansible_env['PWD'] }}/.juju/environments/manual.jenv
118
119 # - pause: Break here and try rebooting Juju VM
120
121 - name: Copy openstack.cfg for Juju
122 sudo: yes
123 copy: src=files/openstack.cfg
124 dest=/usr/local/src/openstack.cfg
125
126 - name: Check for /usr/local/src/charms/trusty
127 sudo: yes
128 file: path={{ charm_src }}
129 state=directory
130 mode=0755
131
132 - name: Deploy OpenStack services with Juju
133 script: scripts/juju-setup.py
134
135# - pause: prompt="Hit return when all services have started successfully"
136
137 - name: Set MTU for GRE tunneling
Andy Bavier093e6a82015-08-21 13:31:31 -0400[diff] [blame^]138 shell: "juju set neutron-gateway instance-mtu=1400"
Andy Baviercccf27b2015-08-17 14:48:29 -0400[diff] [blame]139
Andy Bavier093e6a82015-08-21 13:31:31 -0400[diff] [blame^]140# Disable all HTTPS for time being
Andy Baviercccf27b2015-08-17 14:48:29 -0400[diff] [blame]141 - name: Use HTTPS for keystone authentication
Andy Bavier093e6a82015-08-21 13:31:31 -0400[diff] [blame^]142 shell: 'juju set keystone use-https=no'
Andy Baviercccf27b2015-08-17 14:48:29 -0400[diff] [blame]143
144 - name: Use HTTPS for all service endpoints
Andy Bavier093e6a82015-08-21 13:31:31 -0400[diff] [blame^]145 shell: 'juju set keystone https-service-endpoints=False'
Andy Baviercccf27b2015-08-17 14:48:29 -0400[diff] [blame]146
147 - name: Use SSL for rabbitmq
Andy Bavier093e6a82015-08-21 13:31:31 -0400[diff] [blame^]148 shell: 'juju set rabbitmq-server ssl=off'
Andy Baviercccf27b2015-08-17 14:48:29 -0400[diff] [blame]149
150 - name: Add all Juju relations between services
151 script: scripts/juju-relations.py
152
153 - pause: prompt="Wait for relations to be fully added"
154
155# Play: Use libvirt hooks to set up iptables
156- hosts: cloudlab-head
157 sudo: yes
158 tasks:
159 - name: Enable port forwarding for services
160 copy: src=files/{{ item }}
161 dest={{ item }}
162 mode=0755
163 notify:
164 - reload libvirt config
165 - run qemu hook
166 with_items:
167 - /etc/libvirt/hooks/daemon
168 - /etc/libvirt/hooks/qemu
169
170 handlers:
171 - name: reload libvirt config
172 shell: killall -HUP libvirtd
173
174 - name: run qemu hook
175 shell: /etc/libvirt/hooks/qemu start start
176
177# Play: Create credentials, set up some basic OpenStack
178- hosts: cloudlab-head
179 sudo: no
180 tasks:
181
182 - name: Get keystone admin password
183 shell: juju run --unit=keystone/0 "sudo cat /var/lib/keystone/keystone.passwd"
184 register: keystone_password
185
186 - shell: uvt-kvm ip keystone
187 register: keystone_ip
188
189 - name: Create credentials
190 template: src=templates/admin-openrc.sh.j2
191 dest={{ ansible_env['PWD'] }}/admin-openrc.sh
192
193 - name: Copy credentials to nova-cloud-controller
194 shell: "scp admin-openrc.sh ubuntu@nova-cloud-controller:"
195
196 - name: Copy network setup script
197 sudo: yes
198 copy: src=scripts/network-setup.sh
199 dest=/usr/local/src/network-setup.sh
200 mode=0644
201
Andy Bavier093e6a82015-08-21 13:31:31 -0400[diff] [blame^]202# - name: Run network setup script
203# shell: ansible nova-cloud-controller -m script -u ubuntu -a "/usr/local/src/network-setup.sh"
Andy Baviercccf27b2015-08-17 14:48:29 -0400[diff] [blame]204
205 - name: Get public key
206 shell: cat {{ ansible_env['PWD'] }}/.ssh/id_rsa.pub
207 register: sshkey
208
209- hosts: cloudlab-compute
210 sudo: yes
211 vars:
212 control_net: 192.168.122.0/24
Andy Bavier093e6a82015-08-21 13:31:31 -0400[diff] [blame^]213 gateway: "{{ hostvars['ctl.install.xos-pg0.clemson.cloudlab.us']['ansible_default_ipv4']['address'] }}"
Andy Baviercccf27b2015-08-17 14:48:29 -0400[diff] [blame]214 tasks:
215 - name: Install package needed by Juju
216 apt: name=python-yaml state=present
217
Andy Bavier093e6a82015-08-21 13:31:31 -0400[diff] [blame^]218 - name: Add key
219 authorized_key: user="{{ ansible_env['SUDO_USER'] }}"
220 key="{{ hostvars['ctl.install.xos-pg0.clemson.cloudlab.us']['sshkey']['stdout'] }}"
221
Andy Baviercccf27b2015-08-17 14:48:29 -0400[diff] [blame]222 - name: Add route via /etc/rc.local
223 template: src=templates/etc/rc.local.cloudlab
224 dest=/etc/rc.local
225 mode=0755
226 notify:
227 - run /etc/rc.local
228
Andy Bavier093e6a82015-08-21 13:31:31 -0400[diff] [blame^]229 - name: Touch ~/.ssh/config
230 file: path=/var/lib/nova state=directory
231
232 - name: Set up extra space on CloudLab nodes
233 shell: /usr/testbed/bin/mkextrafs /var/lib/nova
234 creates=/var/lib/nova/lost+found
Andy Baviercccf27b2015-08-17 14:48:29 -0400[diff] [blame]235
236 handlers:
237 - name: run /etc/rc.local
238 shell: /etc/rc.local