Gitiles
Code Review Sign In
gerrit.opencord.org / platform-install / 1416aad93238410c6bcbd297f69ccbfb41a73815 / . / singapore-setup.yml
blob: bc8e325e2073ad5a93c3536b18848e08b359febe [file] [log] [blame]
Andy Bavier8d51c6c2015-04-01 11:40:22 -0400[diff] [blame]1---
2# Play: set up head node
3# Assumes basic /etc/ansible/hosts file
4- hosts: singapore-head
5 sudo: yes
6 tasks:
7
8 - apt: name=python-pycurl
9
10 - name: Add Juju repository
11 apt_repository: repo="ppa:juju/stable"
12
13 - name: Add Ansible repository
14 apt_repository: repo="ppa:ansible/ansible"
15
16 - name: Install older version of Juju due to bug in 1.22
17 apt: name=juju-core=1.20.11-0ubuntu0.14.04.1 update_cache=yes
18
19 - name: Install packages
Andy Bavierdd0b30a2015-04-01 12:15:31 -0400[diff] [blame]20 apt: name={{ item }} state=latest
Andy Bavier8d51c6c2015-04-01 11:40:22 -0400[diff] [blame]21 with_items:
Andy Bavierdd0b30a2015-04-01 12:15:31 -0400[diff] [blame]22 - ansible
23 - uvtool
24 - git
Andy Bavier8d51c6c2015-04-01 11:40:22 -0400[diff] [blame]25
26 - name: Get juju-ansible git repo
27 git: repo=https://github.com/cmars/juju-ansible.git
Andy Bavier1416aad2015-04-13 14:55:54 -0400[diff] [blame^]28 dest=/usr/local/src/juju-ansible
Andy Bavier8d51c6c2015-04-01 11:40:22 -0400[diff] [blame]29
30 - name: Set up juju-ansible symlink
31 file: dest=/usr/local/bin/juju-ansible
Andy Bavier1416aad2015-04-13 14:55:54 -0400[diff] [blame^]32 src=/usr/local/src/juju-ansible/juju-ansible
Andy Bavier8d51c6c2015-04-01 11:40:22 -0400[diff] [blame]33 state=link
34
35 - name: Set up juju-ansible-playbook symlink
36 file: dest=/usr/local/bin/juju-ansible-playbook
Andy Bavier1416aad2015-04-13 14:55:54 -0400[diff] [blame^]37 src=/usr/local/src/juju-ansible/juju-ansible
Andy Bavier8d51c6c2015-04-01 11:40:22 -0400[diff] [blame]38 state=link
39
40 - name: Generate key to use in VMs
41 user: name=ubuntu generate_ssh_key=yes
42
Andy Bavier8d51c6c2015-04-01 11:40:22 -0400[diff] [blame]43 - name: Get trusty image for uvtool
44 shell: uvt-simplestreams-libvirt sync release=trusty arch=amd64
45
46 - name: Create VMs to host OpenCloud services
47 sudo: no
48 script: scripts/create-vms.sh
49
50 - pause: prompt="Hit return when all VMs have IP addresses"
51
52 - include: tasks/vm-ips.yml
53
54 - name: Add VMs to /etc/hosts
55 template: src=templates/etc/hosts.j2
56 dest=/etc/hosts
Andy Bavier1416aad2015-04-13 14:55:54 -0400[diff] [blame^]57 notify:
58 - Reload dnsmasq
Andy Bavier8d51c6c2015-04-01 11:40:22 -0400[diff] [blame]59
60 - name: Set up /etc/ansible/hosts
61 template: src=templates/etc/ansible/hosts.j2
62 dest=/etc/ansible/hosts
63
64 - name: Copy ansible.cfg to disable host key checking
65 sudo: no
66 copy: src=files/ansible.cfg
Andy Bavierdd0b30a2015-04-01 12:15:31 -0400[diff] [blame]67 dest={{ ansible_env['PWD'] }}/.ansible.cfg
Andy Bavier8d51c6c2015-04-01 11:40:22 -0400[diff] [blame]68
69 - name: Touch ~/.ssh/config
70 sudo: no
Andy Bavierdd0b30a2015-04-01 12:15:31 -0400[diff] [blame]71 file: path={{ ansible_env['PWD'] }}/.ssh/config state=touch
Andy Bavier8d51c6c2015-04-01 11:40:22 -0400[diff] [blame]72
73 - name: Disable host key checking in SSH
74 sudo: no
Andy Bavierdd0b30a2015-04-01 12:15:31 -0400[diff] [blame]75 lineinfile: dest={{ ansible_env['PWD'] }}/.ssh/config
Andy Bavier8d51c6c2015-04-01 11:40:22 -0400[diff] [blame]76 line="StrictHostKeyChecking no"
77
78 - name: Test that we can log into every VM
79 sudo: no
Andy Bavierdd0b30a2015-04-01 12:15:31 -0400[diff] [blame]80 shell: ansible services -m ping -u ubuntu
Andy Bavier8d51c6c2015-04-01 11:40:22 -0400[diff] [blame]81
Andy Bavier1416aad2015-04-13 14:55:54 -0400[diff] [blame^]82 handlers:
83 - name: Reload dnsmasq
84 shell: killall -HUP dnsmasq
85
Andy Bavier8d51c6c2015-04-01 11:40:22 -0400[diff] [blame]86# Play: Install services using Juju
87- hosts: singapore-head
88 tasks:
89 - name: Initialize Juju
90 sudo: no
91 shell: juju generate-config
Andy Bavierdd0b30a2015-04-01 12:15:31 -0400[diff] [blame]92 creates={{ ansible_env['PWD'] }}/.juju/environments.yaml
Andy Bavier8d51c6c2015-04-01 11:40:22 -0400[diff] [blame]93
94 - shell: uvt-kvm ip juju
95 register: juju_ip
96
97 - name: Juju config file
98 sudo: no
99 template: src=templates/environments.yaml.j2
Andy Bavierdd0b30a2015-04-01 12:15:31 -0400[diff] [blame]100 dest={{ ansible_env['PWD'] }}/.juju/environments.yaml
Andy Bavier8d51c6c2015-04-01 11:40:22 -0400[diff] [blame]101
102 - name: Bootstrap Juju
103 sudo: no
104 shell: juju bootstrap
Andy Bavierdd0b30a2015-04-01 12:15:31 -0400[diff] [blame]105 creates={{ ansible_env['PWD'] }}/.juju/environments/manual.jenv
Andy Bavier8d51c6c2015-04-01 11:40:22 -0400[diff] [blame]106
107 # - pause: Break here and try rebooting Juju VM
108
109 - name: Copy openstack.cfg for Juju
Andy Bavier1416aad2015-04-13 14:55:54 -0400[diff] [blame^]110 sudo: yes
Andy Bavier8d51c6c2015-04-01 11:40:22 -0400[diff] [blame]111 copy: src=files/openstack.cfg
Andy Bavier1416aad2015-04-13 14:55:54 -0400[diff] [blame^]112 dest=/usr/local/src/openstack.cfg
Andy Bavier8d51c6c2015-04-01 11:40:22 -0400[diff] [blame]113
114 - name: Deploy OpenStack services with Juju
115 script: scripts/juju-setup.py
116
117 - pause: prompt="Hit return when all services have started successfully"
118
119 - name: Set MTU for GRE tunneling
120 shell: "juju set quantum-gateway instance-mtu=1400"
121
122 - name: Use HTTPS for keystone authentication
123 shell: 'juju set keystone use-https=yes'
124
125 - name: Use HTTPS for all service endpoints
126 shell: 'juju set keystone https-service-endpoints=True'
127
128 - name: Use SSL for rabbitmq
129 shell: 'juju set rabbitmq-server ssl=on'
130
131 - name: Add all Juju relations between services
132 script: scripts/juju-relations.py
133
134 - pause: prompt="Wait for relations to be fully added"
135
136# Play: Use libvirt hooks to set up iptables
137- hosts: singapore-head
138 sudo: yes
139 tasks:
140 - name: Enable port forwarding for services
141 copy: src=files/{{ item }}
142 dest={{ item }}
143 mode=0755
144 notify:
145 - reload libvirt config
146 - run qemu hook
147 with_items:
148 - /etc/libvirt/hooks/daemon
149 - /etc/libvirt/hooks/qemu
150
151 handlers:
152 - name: reload libvirt config
153 shell: killall -HUP libvirtd
154
155 - name: run qemu hook
156 shell: /etc/libvirt/hooks/qemu start start
157
158# Play: Create credentials, set up some basic OpenStack
159- hosts: singapore-head
160 sudo: no
161 tasks:
162
163 - name: Get keystone admin password
164 shell: juju run --unit=keystone/0 "sudo cat /var/lib/keystone/keystone.passwd"
165 register: keystone_password
166
167 - shell: uvt-kvm ip keystone
168 register: keystone_ip
169
170 - name: Create credentials
171 template: src=templates/admin-openrc.sh.j2
Andy Bavierdd0b30a2015-04-01 12:15:31 -0400[diff] [blame]172 dest={{ ansible_env['PWD'] }}/admin-openrc.sh
Andy Bavier8d51c6c2015-04-01 11:40:22 -0400[diff] [blame]173
174 - name: Copy credentials to nova-cloud-controller
Andy Bavierdd0b30a2015-04-01 12:15:31 -0400[diff] [blame]175 shell: "scp admin-openrc.sh ubuntu@nova-cloud-controller:"
Andy Bavier8d51c6c2015-04-01 11:40:22 -0400[diff] [blame]176
Andy Bavier1416aad2015-04-13 14:55:54 -0400[diff] [blame^]177 - name: Copy network setup script
178 sudo: yes
179 copy: src=scripts/network-setup.sh
180 dest=/usr/local/src/network-setup.sh
181 mode=0644
182
183 - name: Run network setup script
184 shell: ansible nova-cloud-controller -m script -u ubuntu -a "/usr/local/src/network-setup.sh"
185
Andy Bavier8d51c6c2015-04-01 11:40:22 -0400[diff] [blame]186 - name: Get public key
Andy Bavierdd0b30a2015-04-01 12:15:31 -0400[diff] [blame]187 shell: cat {{ ansible_env['PWD'] }}/.ssh/id_rsa.pub
Andy Bavier8d51c6c2015-04-01 11:40:22 -0400[diff] [blame]188 register: sshkey
189
190- hosts: singapore-compute
191 sudo: yes
192 vars:
193 control_net: 192.168.122.0/24
Andy Bavier1416aad2015-04-13 14:55:54 -0400[diff] [blame^]194 gateway: "{{ hostvars['opencloud3.sing.internet2.edu']['ansible_eth0']['ipv4']['address'] }}"
Andy Bavier8d51c6c2015-04-01 11:40:22 -0400[diff] [blame]195 tasks:
Andy Bavier1416aad2015-04-13 14:55:54 -0400[diff] [blame^]196 - name: Install package needed by Juju
197 apt: name=python-yaml state=present
198
Andy Bavier8d51c6c2015-04-01 11:40:22 -0400[diff] [blame]199 - name: Add route via /etc/rc.local
200 template: src=templates/etc/rc.local
201 dest=/etc/rc.local
202 mode=0755
203 notify:
204 - run /etc/rc.local
205
206 - name: Add key
Andy Bavier1416aad2015-04-13 14:55:54 -0400[diff] [blame^]207 authorized_key: user="{{ ansible_env['SUDO_USER'] }}"
Andy Bavier8d51c6c2015-04-01 11:40:22 -0400[diff] [blame]208 key="{{ hostvars['opencloud3.sing.internet2.edu']['sshkey']['stdout'] }}"
209
210 handlers:
211 - name: run /etc/rc.local
212 shell: /etc/rc.local
213