| Andy Bavier | cccf27b | 2015-08-17 14:48:29 -0400 | [diff] [blame] | 1 | --- |
| 2 | # Play: set up head node |
| 3 | # Assumes basic /etc/ansible/hosts file |
| 4 | - hosts: cloudlab-head |
| 5 | sudo: yes |
| 6 | tasks: |
| 7 | |
| Tony Mack | 97634a6 | 2015-10-20 19:41:23 +0000 | [diff] [blame^] | 8 | - apt: update_cache=yes |
| 9 | |
| Andy Bavier | cccf27b | 2015-08-17 14:48:29 -0400 | [diff] [blame] | 10 | - apt: name={{ item }} |
| 11 | with_items: |
| 12 | - python-pycurl |
| 13 | - software-properties-common |
| 14 | |
| 15 | - name: Add Juju repository |
| 16 | apt_repository: repo="ppa:juju/stable" |
| 17 | |
| 18 | - name: Add Ansible repository |
| 19 | apt_repository: repo="ppa:ansible/ansible" |
| 20 | |
| 21 | - name: Install older version of Juju due to bug in 1.22 |
| 22 | apt: name=juju-core |
| 23 | |
| 24 | - name: Install packages |
| 25 | apt: name={{ item }} state=latest |
| 26 | with_items: |
| 27 | - ansible |
| 28 | - uvtool |
| 29 | - git |
| 30 | - bzr |
| 31 | |
| 32 | - name: Get juju-ansible git repo |
| 33 | git: repo=https://github.com/cmars/juju-ansible.git |
| 34 | dest=/usr/local/src/juju-ansible |
| 35 | |
| 36 | - name: Set up juju-ansible symlink |
| 37 | file: dest=/usr/local/bin/juju-ansible |
| 38 | src=/usr/local/src/juju-ansible/juju-ansible |
| 39 | state=link |
| 40 | |
| 41 | - name: Set up juju-ansible-playbook symlink |
| 42 | file: dest=/usr/local/bin/juju-ansible-playbook |
| 43 | src=/usr/local/src/juju-ansible/juju-ansible |
| 44 | state=link |
| 45 | |
| 46 | - name: Generate key to use in VMs |
| 47 | user: name={{ ansible_env['SUDO_USER'] }} generate_ssh_key=yes |
| 48 | |
| 49 | - name: Set up extra space on CloudLab nodes |
| 50 | shell: /usr/testbed/bin/mkextrafs /var/lib/uvtool/libvirt/images |
| 51 | creates=/var/lib/uvtool/libvirt/images/lost+found |
| 52 | |
| 53 | - name: Add myself to libvirtd group |
| 54 | shell: usermod -aG libvirtd {{ ansible_env['SUDO_USER'] }} |
| 55 | |
| 56 | - name: Get trusty image for uvtool |
| 57 | shell: uvt-simplestreams-libvirt sync --source http://cloud-images.ubuntu.com/daily release=trusty arch=amd64 |
| 58 | |
| 59 | - name: Create VMs to host OpenCloud services |
| 60 | sudo: no |
| 61 | script: scripts/create-vms.sh |
| 62 | |
| 63 | # - pause: prompt="Hit return when all VMs have IP addresses" |
| 64 | |
| 65 | - include: tasks/vm-ips.yml |
| 66 | |
| 67 | - name: Add VMs to /etc/hosts |
| 68 | template: src=templates/etc/hosts.j2 |
| 69 | dest=/etc/hosts |
| 70 | notify: |
| 71 | - Reload dnsmasq |
| 72 | |
| 73 | - name: Set up /etc/ansible/hosts |
| 74 | template: src=templates/etc/ansible/hosts.j2 |
| 75 | dest=/etc/ansible/hosts |
| 76 | |
| 77 | - name: Copy ansible.cfg to disable host key checking |
| 78 | sudo: no |
| 79 | copy: src=files/ansible.cfg |
| 80 | dest={{ ansible_env['PWD'] }}/.ansible.cfg |
| 81 | |
| 82 | - name: Touch ~/.ssh/config |
| 83 | sudo: no |
| 84 | file: path={{ ansible_env['PWD'] }}/.ssh/config state=touch |
| 85 | |
| 86 | - name: Disable host key checking in SSH |
| 87 | sudo: no |
| 88 | lineinfile: dest={{ ansible_env['PWD'] }}/.ssh/config |
| 89 | line="StrictHostKeyChecking no" |
| 90 | |
| 91 | - name: Test that we can log into every VM |
| 92 | sudo: no |
| 93 | shell: ansible services -m ping -u ubuntu |
| 94 | |
| 95 | handlers: |
| 96 | - name: Reload dnsmasq |
| 97 | shell: killall -HUP dnsmasq |
| 98 | |
| 99 | # Play: Install services using Juju |
| 100 | - hosts: cloudlab-head |
| 101 | vars: |
| 102 | charm_src: /usr/local/src/charms/trusty |
| 103 | tasks: |
| 104 | - name: Initialize Juju |
| 105 | sudo: no |
| 106 | shell: juju generate-config |
| 107 | creates={{ ansible_env['PWD'] }}/.juju/environments.yaml |
| 108 | |
| 109 | - shell: uvt-kvm ip juju |
| 110 | register: juju_ip |
| 111 | |
| 112 | - name: Juju config file |
| 113 | sudo: no |
| 114 | template: src=templates/environments.yaml.j2 |
| 115 | dest={{ ansible_env['PWD'] }}/.juju/environments.yaml |
| 116 | |
| 117 | - name: Bootstrap Juju |
| 118 | sudo: no |
| 119 | shell: juju bootstrap |
| 120 | creates={{ ansible_env['PWD'] }}/.juju/environments/manual.jenv |
| 121 | |
| 122 | # - pause: Break here and try rebooting Juju VM |
| 123 | |
| 124 | - name: Copy openstack.cfg for Juju |
| 125 | sudo: yes |
| 126 | copy: src=files/openstack.cfg |
| 127 | dest=/usr/local/src/openstack.cfg |
| 128 | |
| 129 | - name: Check for /usr/local/src/charms/trusty |
| 130 | sudo: yes |
| 131 | file: path={{ charm_src }} |
| 132 | state=directory |
| 133 | mode=0755 |
| 134 | |
| 135 | - name: Deploy OpenStack services with Juju |
| 136 | script: scripts/juju-setup.py |
| 137 | |
| 138 | # - pause: prompt="Hit return when all services have started successfully" |
| 139 | |
| 140 | - name: Set MTU for GRE tunneling |
| 141 | shell: "juju set quantum-gateway instance-mtu=1400" |
| 142 | |
| 143 | - name: Use HTTPS for keystone authentication |
| 144 | shell: 'juju set keystone use-https=yes' |
| 145 | |
| 146 | - name: Use HTTPS for all service endpoints |
| 147 | shell: 'juju set keystone https-service-endpoints=True' |
| 148 | |
| 149 | - name: Use SSL for rabbitmq |
| 150 | shell: 'juju set rabbitmq-server ssl=on' |
| 151 | |
| 152 | - name: Add all Juju relations between services |
| 153 | script: scripts/juju-relations.py |
| 154 | |
| 155 | - pause: prompt="Wait for relations to be fully added" |
| 156 | |
| 157 | # Play: Use libvirt hooks to set up iptables |
| 158 | - hosts: cloudlab-head |
| 159 | sudo: yes |
| 160 | tasks: |
| 161 | - name: Enable port forwarding for services |
| 162 | copy: src=files/{{ item }} |
| 163 | dest={{ item }} |
| 164 | mode=0755 |
| 165 | notify: |
| 166 | - reload libvirt config |
| 167 | - run qemu hook |
| 168 | with_items: |
| 169 | - /etc/libvirt/hooks/daemon |
| 170 | - /etc/libvirt/hooks/qemu |
| 171 | |
| 172 | handlers: |
| 173 | - name: reload libvirt config |
| 174 | shell: killall -HUP libvirtd |
| 175 | |
| 176 | - name: run qemu hook |
| 177 | shell: /etc/libvirt/hooks/qemu start start |
| 178 | |
| 179 | # Play: Create credentials, set up some basic OpenStack |
| 180 | - hosts: cloudlab-head |
| 181 | sudo: no |
| 182 | tasks: |
| 183 | |
| 184 | - name: Get keystone admin password |
| 185 | shell: juju run --unit=keystone/0 "sudo cat /var/lib/keystone/keystone.passwd" |
| 186 | register: keystone_password |
| 187 | |
| 188 | - shell: uvt-kvm ip keystone |
| 189 | register: keystone_ip |
| 190 | |
| 191 | - name: Create credentials |
| 192 | template: src=templates/admin-openrc.sh.j2 |
| 193 | dest={{ ansible_env['PWD'] }}/admin-openrc.sh |
| 194 | |
| 195 | - name: Copy credentials to nova-cloud-controller |
| 196 | shell: "scp admin-openrc.sh ubuntu@nova-cloud-controller:" |
| 197 | |
| 198 | - name: Copy network setup script |
| 199 | sudo: yes |
| 200 | copy: src=scripts/network-setup.sh |
| 201 | dest=/usr/local/src/network-setup.sh |
| 202 | mode=0644 |
| 203 | |
| 204 | - name: Run network setup script |
| 205 | shell: ansible nova-cloud-controller -m script -u ubuntu -a "/usr/local/src/network-setup.sh" |
| 206 | |
| 207 | - name: Get public key |
| 208 | shell: cat {{ ansible_env['PWD'] }}/.ssh/id_rsa.pub |
| 209 | register: sshkey |
| 210 | |
| 211 | - hosts: cloudlab-compute |
| 212 | sudo: yes |
| 213 | vars: |
| 214 | control_net: 192.168.122.0/24 |
| 215 | gateway: 130.127.133.105 |
| 216 | tasks: |
| 217 | - name: Install package needed by Juju |
| 218 | apt: name=python-yaml state=present |
| 219 | |
| 220 | - name: Add route via /etc/rc.local |
| 221 | template: src=templates/etc/rc.local.cloudlab |
| 222 | dest=/etc/rc.local |
| 223 | mode=0755 |
| 224 | notify: |
| 225 | - run /etc/rc.local |
| 226 | |
| 227 | - name: Add key |
| 228 | authorized_key: user="{{ ansible_env['SUDO_USER'] }}" |
| 229 | key="{{ hostvars['ctl.acb-qv8253.xos-pg0.clemson.cloudlab.us']['sshkey']['stdout'] }}" |
| 230 | |
| 231 | handlers: |
| 232 | - name: run /etc/rc.local |
| 233 | shell: /etc/rc.local |