Gitiles
Code Review Sign In
gerrit.opencord.org / platform-install / 8d51c6c7b7b35c53592c270253d9ed0822c2a195 / . / singapore-setup.yml
blob: 3d2067dc703fc7dd8e6f0ded931a2a787a084bed [file] [log] [blame]
Andy Bavier8d51c6c2015-04-01 11:40:22 -0400[diff] [blame^]1---
2# Play: set up head node
3# Assumes basic /etc/ansible/hosts file
4- hosts: singapore-head
5 sudo: yes
6 tasks:
7
8 - apt: name=python-pycurl
9
10 - name: Add Juju repository
11 apt_repository: repo="ppa:juju/stable"
12
13 - name: Add Ansible repository
14 apt_repository: repo="ppa:ansible/ansible"
15
16 - name: Install older version of Juju due to bug in 1.22
17 apt: name=juju-core=1.20.11-0ubuntu0.14.04.1 update_cache=yes
18
19 - name: Install packages
20 apt: name={{ item.name }} state=latest
21 with_items:
22 - name: ansible
23 - name: uvtool
24
25 - name: Get juju-ansible git repo
26 git: repo=https://github.com/cmars/juju-ansible.git
27 dest=/home/ubuntu/juju-ansible
28
29 - name: Set up juju-ansible symlink
30 file: dest=/usr/local/bin/juju-ansible
31 src=/home/ubuntu/juju-ansible
32 state=link
33
34 - name: Set up juju-ansible-playbook symlink
35 file: dest=/usr/local/bin/juju-ansible-playbook
36 src=/home/ubuntu/juju-ansible
37 state=link
38
39 - name: Generate key to use in VMs
40 user: name=ubuntu generate_ssh_key=yes
41
42 - name: Get new key
43 sudo: no
44 shell: cat /home/ubuntu/.ssh/id_rsa.pub
45 register: sshkey
46
47 - name: Add to authorized_keys
48 authorized_key: user=ubuntu
49 key="{{ sshkey.stdout }}"
50
51 - name: Get trusty image for uvtool
52 shell: uvt-simplestreams-libvirt sync release=trusty arch=amd64
53
54 - name: Create VMs to host OpenCloud services
55 sudo: no
56 script: scripts/create-vms.sh
57
58 - pause: prompt="Hit return when all VMs have IP addresses"
59
60 - include: tasks/vm-ips.yml
61
62 - name: Add VMs to /etc/hosts
63 template: src=templates/etc/hosts.j2
64 dest=/etc/hosts
65
66 - name: Set up /etc/ansible/hosts
67 template: src=templates/etc/ansible/hosts.j2
68 dest=/etc/ansible/hosts
69
70 - name: Copy ansible.cfg to disable host key checking
71 sudo: no
72 copy: src=files/ansible.cfg
73 dest=/home/ubuntu/.ansible.cfg
74
75 - name: Touch ~/.ssh/config
76 sudo: no
77 file: path=/home/ubuntu/.ssh/config state=touch
78
79 - name: Disable host key checking in SSH
80 sudo: no
81 lineinfile: dest=/home/ubuntu/.ssh/config
82 line="StrictHostKeyChecking no"
83
84 - name: Test that we can log into every VM
85 sudo: no
86 shell: ansible services -m ping
87
88# Play: Install services using Juju
89- hosts: singapore-head
90 tasks:
91 - name: Initialize Juju
92 sudo: no
93 shell: juju generate-config
94 creates=/home/ubuntu/.juju/environments.yaml
95
96 - shell: uvt-kvm ip juju
97 register: juju_ip
98
99 - name: Juju config file
100 sudo: no
101 template: src=templates/environments.yaml.j2
102 dest=/home/ubuntu/.juju/environments.yaml
103
104 - name: Bootstrap Juju
105 sudo: no
106 shell: juju bootstrap
107 creates=/home/ubuntu/.juju/environments/manual.jenv
108
109 # - pause: Break here and try rebooting Juju VM
110
111 - name: Copy openstack.cfg for Juju
112 sudo: no
113 copy: src=files/openstack.cfg
114 dest=/home/ubuntu/openstack.cfg
115
116 - name: Deploy OpenStack services with Juju
117 script: scripts/juju-setup.py
118
119 - pause: prompt="Hit return when all services have started successfully"
120
121 - name: Set MTU for GRE tunneling
122 shell: "juju set quantum-gateway instance-mtu=1400"
123
124 - name: Use HTTPS for keystone authentication
125 shell: 'juju set keystone use-https=yes'
126
127 - name: Use HTTPS for all service endpoints
128 shell: 'juju set keystone https-service-endpoints=True'
129
130 - name: Use SSL for rabbitmq
131 shell: 'juju set rabbitmq-server ssl=on'
132
133 - name: Add all Juju relations between services
134 script: scripts/juju-relations.py
135
136 - pause: prompt="Wait for relations to be fully added"
137
138# Play: Use libvirt hooks to set up iptables
139- hosts: singapore-head
140 sudo: yes
141 tasks:
142 - name: Enable port forwarding for services
143 copy: src=files/{{ item }}
144 dest={{ item }}
145 mode=0755
146 notify:
147 - reload libvirt config
148 - run qemu hook
149 with_items:
150 - /etc/libvirt/hooks/daemon
151 - /etc/libvirt/hooks/qemu
152
153 handlers:
154 - name: reload libvirt config
155 shell: killall -HUP libvirtd
156
157 - name: run qemu hook
158 shell: /etc/libvirt/hooks/qemu start start
159
160# Play: Create credentials, set up some basic OpenStack
161- hosts: singapore-head
162 sudo: no
163 tasks:
164
165 - name: Get keystone admin password
166 shell: juju run --unit=keystone/0 "sudo cat /var/lib/keystone/keystone.passwd"
167 register: keystone_password
168
169 - shell: uvt-kvm ip keystone
170 register: keystone_ip
171
172 - name: Create credentials
173 template: src=templates/admin-openrc.sh.j2
174 dest=/home/ubuntu/admin-openrc.sh
175
176 - name: Copy credentials to nova-cloud-controller
177 shell: "scp admin-openrc.sh nova-cloud-controller:"
178
179 - name: Get public key
180 shell: cat /home/ubuntu/.ssh/id_rsa.pub
181 register: sshkey
182
183- hosts: singapore-compute
184 sudo: yes
185 vars:
186 control_net: 192.168.122.0/24
187 gateway: 198.71.44.85
188 tasks:
189 - name: Add route via /etc/rc.local
190 template: src=templates/etc/rc.local
191 dest=/etc/rc.local
192 mode=0755
193 notify:
194 - run /etc/rc.local
195
196 - name: Add key
197 authorized_key: user=ubuntu
198 key="{{ hostvars['opencloud3.sing.internet2.edu']['sshkey']['stdout'] }}"
199
200 handlers:
201 - name: run /etc/rc.local
202 shell: /etc/rc.local
203
204# Whaat's left
205# - Adding compute nodes
206# - Add machine
207# - Deploy charm
208# - Remove virbr0
209#
210# - Creating br-ex and br-nat networks
211# - But this should perhaps be done by OpenCloud?