Blame - cloudlab-setup.yml - platform-install

blob: 65d52834a3604284e2c7f548e74bbb4d81755f5e [file] [log] [blame]

Andy Bavier	cccf27b	2015-08-17 14:48:29 -0400	[diff] [blame]	1	---
				2	# Play: set up head node
				3	# Assumes basic /etc/ansible/hosts file
Andy Bavier	2255230	2015-10-22 12:44:40 -0400	[diff] [blame]	4	- hosts: head
Andy Bavier	cccf27b	2015-08-17 14:48:29 -0400	[diff] [blame]	5	sudo: yes
Andy Bavier	85a52a8	2015-10-22 15:18:44 -0400	[diff] [blame]	6	vars:
				7	# Each OpenCloud cluster needs a unique mgmt_net_prefix
				8	mgmt_net_prefix: 192.168.100
Andy Bavier	cccf27b	2015-08-17 14:48:29 -0400	[diff] [blame]	9	tasks:
				10
Andy Bavier	58c8c52	2015-09-30 16:24:28 -0400	[diff] [blame]	11	- apt: name={{ item }} update_cache=yes
Andy Bavier	cccf27b	2015-08-17 14:48:29 -0400	[diff] [blame]	12	with_items:
				13	- python-pycurl
				14	- software-properties-common
				15
				16	- name: Add Juju repository
				17	apt_repository: repo="ppa:juju/stable"
				18
				19	- name: Add Ansible repository
				20	apt_repository: repo="ppa:ansible/ansible"
				21
Andy Bavier	093e6a8	2015-08-21 13:31:31 -0400	[diff] [blame]	22	- name: Update Ansible cache
				23	apt: update_cache=yes
Andy Bavier	cccf27b	2015-08-17 14:48:29 -0400	[diff] [blame]	24
				25	- name: Install packages
				26	apt: name={{ item }} state=latest
				27	with_items:
				28	- ansible
				29	- uvtool
				30	- git
				31	- bzr
Andy Bavier	093e6a8	2015-08-21 13:31:31 -0400	[diff] [blame]	32	- juju-core
Andy Bavier	8da6df1	2015-10-02 12:33:48 -0400	[diff] [blame]	33	- python-novaclient
				34	- python-neutronclient
				35	- python-keystoneclient
				36	- python-glanceclient
Andy Bavier	cccf27b	2015-08-17 14:48:29 -0400	[diff] [blame]	37
				38	- name: Get juju-ansible git repo
				39	git: repo=https://github.com/cmars/juju-ansible.git
				40	dest=/usr/local/src/juju-ansible
				41
				42	- name: Set up juju-ansible symlink
				43	file: dest=/usr/local/bin/juju-ansible
				44	src=/usr/local/src/juju-ansible/juju-ansible
				45	state=link
				46
				47	- name: Set up juju-ansible-playbook symlink
				48	file: dest=/usr/local/bin/juju-ansible-playbook
				49	src=/usr/local/src/juju-ansible/juju-ansible
				50	state=link
				51
				52	- name: Generate key to use in VMs
				53	user: name={{ ansible_env['SUDO_USER'] }} generate_ssh_key=yes
				54
Andy Bavier	a08061a	2015-10-05 08:24:59 -0400	[diff] [blame]	55	- name: (CloudLab) Set up extra disk space
Andy Bavier	cccf27b	2015-08-17 14:48:29 -0400	[diff] [blame]	56	shell: /usr/testbed/bin/mkextrafs /var/lib/uvtool/libvirt/images
				57	creates=/var/lib/uvtool/libvirt/images/lost+found
Andy Bavier	963ec77	2015-10-22 19:39:21 -0400	[diff] [blame^]	58	when: cloudlab
Andy Bavier	cccf27b	2015-08-17 14:48:29 -0400	[diff] [blame]	59
				60	- name: Add myself to libvirtd group
Andy Bavier	b1ae26e	2015-09-17 16:20:46 -0400	[diff] [blame]	61	user: name={{ ansible_env['SUDO_USER'] }}
				62	groups=libvirtd
				63	append=yes
Andy Bavier	cccf27b	2015-08-17 14:48:29 -0400	[diff] [blame]	64
				65	- name: Get trusty image for uvtool
				66	shell: uvt-simplestreams-libvirt sync --source http://cloud-images.ubuntu.com/daily release=trusty arch=amd64
				67
Andy Bavier	85a52a8	2015-10-22 15:18:44 -0400	[diff] [blame]	68	- name: Change the virbr0 subnet to {{ mgmt_net_prefix }}.0/24
				69	template: src=templates/etc/libvirt/qemu/networks/default.xml.j2
				70	dest=/etc/libvirt/qemu/networks/default.xml
				71	notify:
				72	- recreate default net
Andy Bavier	c1dfb88	2015-10-07 16:20:24 -0400	[diff] [blame]	73
Andy Bavier	85a52a8	2015-10-22 15:18:44 -0400	[diff] [blame]	74	handlers:
				75	- name: recreate default net
				76	shell: virsh net-destroy default; virsh net-create /etc/libvirt/qemu/networks/default.xml
				77
				78	# Play: create VMs to host OpenStack services
				79	- hosts: head
				80	sudo: yes
				81	tasks:
Andy Bavier	cccf27b	2015-08-17 14:48:29 -0400	[diff] [blame]	82	- name: Create VMs to host OpenCloud services
				83	sudo: no
				84	script: scripts/create-vms.sh
				85
Andy Bavier	cccf27b	2015-08-17 14:48:29 -0400	[diff] [blame]	86	- include: tasks/vm-ips.yml
				87
				88	- name: Add VMs to /etc/hosts
				89	template: src=templates/etc/hosts.j2
				90	dest=/etc/hosts
				91	notify:
				92	- Reload dnsmasq
				93
				94	- name: Set up /etc/ansible/hosts
				95	template: src=templates/etc/ansible/hosts.j2
				96	dest=/etc/ansible/hosts
				97
				98	- name: Copy ansible.cfg to disable host key checking
				99	sudo: no
				100	copy: src=files/ansible.cfg
				101	dest={{ ansible_env['PWD'] }}/.ansible.cfg
				102
				103	- name: Touch ~/.ssh/config
				104	sudo: no
				105	file: path={{ ansible_env['PWD'] }}/.ssh/config state=touch
				106
				107	- name: Disable host key checking in SSH
				108	sudo: no
				109	lineinfile: dest={{ ansible_env['PWD'] }}/.ssh/config
				110	line="StrictHostKeyChecking no"
				111
				112	- name: Test that we can log into every VM
				113	sudo: no
				114	shell: ansible services -m ping -u ubuntu
				115
				116	handlers:
				117	- name: Reload dnsmasq
				118	shell: killall -HUP dnsmasq
				119
				120	# Play: Install services using Juju
Andy Bavier	2255230	2015-10-22 12:44:40 -0400	[diff] [blame]	121	- hosts: head
Andy Bavier	cccf27b	2015-08-17 14:48:29 -0400	[diff] [blame]	122	vars:
				123	charm_src: /usr/local/src/charms/trusty
				124	tasks:
				125	- name: Initialize Juju
				126	sudo: no
				127	shell: juju generate-config
				128	creates={{ ansible_env['PWD'] }}/.juju/environments.yaml
				129
				130	- shell: uvt-kvm ip juju
				131	register: juju_ip
				132
				133	- name: Juju config file
				134	sudo: no
				135	template: src=templates/environments.yaml.j2
				136	dest={{ ansible_env['PWD'] }}/.juju/environments.yaml
				137
				138	- name: Bootstrap Juju
				139	sudo: no
				140	shell: juju bootstrap
				141	creates={{ ansible_env['PWD'] }}/.juju/environments/manual.jenv
				142
Andy Bavier	cccf27b	2015-08-17 14:48:29 -0400	[diff] [blame]	143	- name: Copy openstack.cfg for Juju
				144	sudo: yes
				145	copy: src=files/openstack.cfg
				146	dest=/usr/local/src/openstack.cfg
				147
				148	- name: Check for /usr/local/src/charms/trusty
				149	sudo: yes
				150	file: path={{ charm_src }}
				151	state=directory
				152	mode=0755
				153
				154	- name: Deploy OpenStack services with Juju
				155	script: scripts/juju-setup.py
				156
Andy Bavier	cccf27b	2015-08-17 14:48:29 -0400	[diff] [blame]	157	- name: Add all Juju relations between services
				158	script: scripts/juju-relations.py
				159
Andy Bavier	5201714	2015-10-05 15:01:36 -0400	[diff] [blame]	160	- name: Wait for relations to be fully added
				161	script: scripts/wait-for-services.sh
Andy Bavier	cccf27b	2015-08-17 14:48:29 -0400	[diff] [blame]	162
				163	# Play: Use libvirt hooks to set up iptables
Andy Bavier	2255230	2015-10-22 12:44:40 -0400	[diff] [blame]	164	- hosts: head
Andy Bavier	cccf27b	2015-08-17 14:48:29 -0400	[diff] [blame]	165	sudo: yes
				166	tasks:
				167	- name: Enable port forwarding for services
				168	copy: src=files/{{ item }}
				169	dest={{ item }}
				170	mode=0755
				171	notify:
				172	- reload libvirt config
				173	- run qemu hook
				174	with_items:
				175	- /etc/libvirt/hooks/daemon
				176	- /etc/libvirt/hooks/qemu
				177
				178	handlers:
				179	- name: reload libvirt config
				180	shell: killall -HUP libvirtd
				181
				182	- name: run qemu hook
				183	shell: /etc/libvirt/hooks/qemu start start
				184
				185	# Play: Create credentials, set up some basic OpenStack
Andy Bavier	2255230	2015-10-22 12:44:40 -0400	[diff] [blame]	186	- hosts: head
Andy Bavier	cccf27b	2015-08-17 14:48:29 -0400	[diff] [blame]	187	sudo: no
				188	tasks:
				189
				190	- name: Get keystone admin password
				191	shell: juju run --unit=keystone/0 "sudo cat /var/lib/keystone/keystone.passwd"
				192	register: keystone_password
				193
				194	- shell: uvt-kvm ip keystone
				195	register: keystone_ip
				196
				197	- name: Create credentials
				198	template: src=templates/admin-openrc.sh.j2
				199	dest={{ ansible_env['PWD'] }}/admin-openrc.sh
				200
Andy Bavier	a08061a	2015-10-05 08:24:59 -0400	[diff] [blame]	201	- name: (CloudLab) Make sure that /root/setup exists
Andy Bavier	8da6df1	2015-10-02 12:33:48 -0400	[diff] [blame]	202	file: path=/root/setup state=directory
				203	sudo: yes
Andy Bavier	963ec77	2015-10-22 19:39:21 -0400	[diff] [blame^]	204	when: cloudlab
Andy Bavier	8da6df1	2015-10-02 12:33:48 -0400	[diff] [blame]	205
Andy Bavier	a08061a	2015-10-05 08:24:59 -0400	[diff] [blame]	206	- name: (CloudLab) Copy credentials to /root/setup
Andy Bavier	8da6df1	2015-10-02 12:33:48 -0400	[diff] [blame]	207	shell: scp admin-openrc.sh /root/setup
				208	sudo: yes
Andy Bavier	963ec77	2015-10-22 19:39:21 -0400	[diff] [blame^]	209	when: cloudlab
Andy Bavier	8da6df1	2015-10-02 12:33:48 -0400	[diff] [blame]	210
Andy Bavier	cccf27b	2015-08-17 14:48:29 -0400	[diff] [blame]	211	- name: Copy credentials to nova-cloud-controller
				212	shell: "scp admin-openrc.sh ubuntu@nova-cloud-controller:"
				213
				214	- name: Copy network setup script
				215	sudo: yes
				216	copy: src=scripts/network-setup.sh
				217	dest=/usr/local/src/network-setup.sh
				218	mode=0644
				219
Andy Bavier	4e7762e	2015-08-27 14:36:34 -0400	[diff] [blame]	220	- name: Run network setup script
				221	shell: ansible nova-cloud-controller -m script -u ubuntu -a "/usr/local/src/network-setup.sh"
Andy Bavier	cccf27b	2015-08-17 14:48:29 -0400	[diff] [blame]	222
				223	- name: Get public key
				224	shell: cat {{ ansible_env['PWD'] }}/.ssh/id_rsa.pub
				225	register: sshkey
				226
Andy Bavier	8da6df1	2015-10-02 12:33:48 -0400	[diff] [blame]	227	- name: Copy CA certificate
Andy Bavier	5201714	2015-10-05 15:01:36 -0400	[diff] [blame]	228	shell: sudo juju scp nova-cloud-controller/0:/usr/local/share/ca-certificates/keystone_juju_ca_cert.crt /usr/local/share/ca-certificates
Andy Bavier	8da6df1	2015-10-02 12:33:48 -0400	[diff] [blame]	229	creates=/usr/local/share/ca-certificates/keystone_juju_ca_cert.crt
Andy Bavier	8da6df1	2015-10-02 12:33:48 -0400	[diff] [blame]	230
				231	- name: Update CA ca-certificates
				232	shell: update-ca-certificates
				233	sudo: yes
				234
Andy Bavier	2255230	2015-10-22 12:44:40 -0400	[diff] [blame]	235	- hosts: compute
Andy Bavier	cccf27b	2015-08-17 14:48:29 -0400	[diff] [blame]	236	sudo: yes
				237	vars:
Andy Bavier	2255230	2015-10-22 12:44:40 -0400	[diff] [blame]	238	control_net: "{{ hostvars['head']['ansible_virbr0']['ipv4']['network'] }}/24"
				239	gateway: "{{ hostvars['head']['ansible_default_ipv4']['address'] }}"
Andy Bavier	cccf27b	2015-08-17 14:48:29 -0400	[diff] [blame]	240	tasks:
				241	- name: Install package needed by Juju
				242	apt: name=python-yaml state=present
				243
Andy Bavier	093e6a8	2015-08-21 13:31:31 -0400	[diff] [blame]	244	- name: Add key
				245	authorized_key: user="{{ ansible_env['SUDO_USER'] }}"
Andy Bavier	1704c58	2015-10-22 14:02:25 -0400	[diff] [blame]	246	key="{{ hostvars['head']['sshkey']['stdout'] }}"
Andy Bavier	093e6a8	2015-08-21 13:31:31 -0400	[diff] [blame]	247
Andy Bavier	cccf27b	2015-08-17 14:48:29 -0400	[diff] [blame]	248	- name: Add route via /etc/rc.local
				249	template: src=templates/etc/rc.local.cloudlab
				250	dest=/etc/rc.local
				251	mode=0755
Andy Bavier	963ec77	2015-10-22 19:39:21 -0400	[diff] [blame^]	252	when: cloudlab
				253	notify:
				254	- run /etc/rc.local
				255
				256	- name: Add route via /etc/rc.local
				257	template: src=templates/etc/rc.local
				258	dest=/etc/rc.local
				259	mode=0755
				260	when: not cloudlab
Andy Bavier	cccf27b	2015-08-17 14:48:29 -0400	[diff] [blame]	261	notify:
				262	- run /etc/rc.local
				263
Andy Bavier	093e6a8	2015-08-21 13:31:31 -0400	[diff] [blame]	264	- name: Touch ~/.ssh/config
				265	file: path=/var/lib/nova state=directory
				266
Andy Bavier	a08061a	2015-10-05 08:24:59 -0400	[diff] [blame]	267	- name: (CloudLab) Set up extra disk space
Andy Bavier	093e6a8	2015-08-21 13:31:31 -0400	[diff] [blame]	268	shell: /usr/testbed/bin/mkextrafs /var/lib/nova
				269	creates=/var/lib/nova/lost+found
Andy Bavier	963ec77	2015-10-22 19:39:21 -0400	[diff] [blame^]	270	when: cloudlab
Andy Bavier	cccf27b	2015-08-17 14:48:29 -0400	[diff] [blame]	271
				272	handlers:
				273	- name: run /etc/rc.local
				274	shell: /etc/rc.local