blob: c83ff64202f1a5a25788752e98301c1b08afd3ba [file] [log] [blame]
Andy Baviercccf27b2015-08-17 14:48:29 -04001---
2# Play: set up head node
3# Assumes basic /etc/ansible/hosts file
Andy Bavier22552302015-10-22 12:44:40 -04004- hosts: head
Andy Baviercccf27b2015-08-17 14:48:29 -04005 sudo: yes
Andy Bavier85a52a82015-10-22 15:18:44 -04006 vars:
7 # Each OpenCloud cluster needs a unique mgmt_net_prefix
8 mgmt_net_prefix: 192.168.100
Andy Baviercccf27b2015-08-17 14:48:29 -04009 tasks:
10
Andy Bavier58c8c522015-09-30 16:24:28 -040011 - apt: name={{ item }} update_cache=yes
Andy Baviercccf27b2015-08-17 14:48:29 -040012 with_items:
13 - python-pycurl
14 - software-properties-common
15
16 - name: Add Juju repository
17 apt_repository: repo="ppa:juju/stable"
18
19 - name: Add Ansible repository
20 apt_repository: repo="ppa:ansible/ansible"
21
Andy Bavier093e6a82015-08-21 13:31:31 -040022 - name: Update Ansible cache
23 apt: update_cache=yes
Andy Baviercccf27b2015-08-17 14:48:29 -040024
25 - name: Install packages
26 apt: name={{ item }} state=latest
27 with_items:
28 - ansible
29 - uvtool
30 - git
31 - bzr
Andy Bavier093e6a82015-08-21 13:31:31 -040032 - juju-core
Andy Bavier8da6df12015-10-02 12:33:48 -040033 - python-novaclient
34 - python-neutronclient
35 - python-keystoneclient
36 - python-glanceclient
Andy Baviercccf27b2015-08-17 14:48:29 -040037
38 - name: Get juju-ansible git repo
39 git: repo=https://github.com/cmars/juju-ansible.git
40 dest=/usr/local/src/juju-ansible
41
42 - name: Set up juju-ansible symlink
43 file: dest=/usr/local/bin/juju-ansible
44 src=/usr/local/src/juju-ansible/juju-ansible
45 state=link
46
47 - name: Set up juju-ansible-playbook symlink
48 file: dest=/usr/local/bin/juju-ansible-playbook
49 src=/usr/local/src/juju-ansible/juju-ansible
50 state=link
51
52 - name: Generate key to use in VMs
53 user: name={{ ansible_env['SUDO_USER'] }} generate_ssh_key=yes
54
Andy Baviera08061a2015-10-05 08:24:59 -040055 - name: (CloudLab) Set up extra disk space
Andy Baviercccf27b2015-08-17 14:48:29 -040056 shell: /usr/testbed/bin/mkextrafs /var/lib/uvtool/libvirt/images
57 creates=/var/lib/uvtool/libvirt/images/lost+found
58
59 - name: Add myself to libvirtd group
Andy Bavierb1ae26e2015-09-17 16:20:46 -040060 user: name={{ ansible_env['SUDO_USER'] }}
61 groups=libvirtd
62 append=yes
Andy Baviercccf27b2015-08-17 14:48:29 -040063
64 - name: Get trusty image for uvtool
65 shell: uvt-simplestreams-libvirt sync --source http://cloud-images.ubuntu.com/daily release=trusty arch=amd64
66
Andy Bavier85a52a82015-10-22 15:18:44 -040067 - name: Change the virbr0 subnet to {{ mgmt_net_prefix }}.0/24
68 template: src=templates/etc/libvirt/qemu/networks/default.xml.j2
69 dest=/etc/libvirt/qemu/networks/default.xml
70 notify:
71 - recreate default net
Andy Bavierc1dfb882015-10-07 16:20:24 -040072
Andy Bavier85a52a82015-10-22 15:18:44 -040073 handlers:
74 - name: recreate default net
75 shell: virsh net-destroy default; virsh net-create /etc/libvirt/qemu/networks/default.xml
76
77# Play: create VMs to host OpenStack services
78- hosts: head
79 sudo: yes
80 tasks:
Andy Baviercccf27b2015-08-17 14:48:29 -040081 - name: Create VMs to host OpenCloud services
82 sudo: no
83 script: scripts/create-vms.sh
84
Andy Baviercccf27b2015-08-17 14:48:29 -040085 - include: tasks/vm-ips.yml
86
87 - name: Add VMs to /etc/hosts
88 template: src=templates/etc/hosts.j2
89 dest=/etc/hosts
90 notify:
91 - Reload dnsmasq
92
93 - name: Set up /etc/ansible/hosts
94 template: src=templates/etc/ansible/hosts.j2
95 dest=/etc/ansible/hosts
96
97 - name: Copy ansible.cfg to disable host key checking
98 sudo: no
99 copy: src=files/ansible.cfg
100 dest={{ ansible_env['PWD'] }}/.ansible.cfg
101
102 - name: Touch ~/.ssh/config
103 sudo: no
104 file: path={{ ansible_env['PWD'] }}/.ssh/config state=touch
105
106 - name: Disable host key checking in SSH
107 sudo: no
108 lineinfile: dest={{ ansible_env['PWD'] }}/.ssh/config
109 line="StrictHostKeyChecking no"
110
111 - name: Test that we can log into every VM
112 sudo: no
113 shell: ansible services -m ping -u ubuntu
114
115 handlers:
116 - name: Reload dnsmasq
117 shell: killall -HUP dnsmasq
118
119# Play: Install services using Juju
Andy Bavier22552302015-10-22 12:44:40 -0400120- hosts: head
Andy Baviercccf27b2015-08-17 14:48:29 -0400121 vars:
122 charm_src: /usr/local/src/charms/trusty
123 tasks:
124 - name: Initialize Juju
125 sudo: no
126 shell: juju generate-config
127 creates={{ ansible_env['PWD'] }}/.juju/environments.yaml
128
129 - shell: uvt-kvm ip juju
130 register: juju_ip
131
132 - name: Juju config file
133 sudo: no
134 template: src=templates/environments.yaml.j2
135 dest={{ ansible_env['PWD'] }}/.juju/environments.yaml
136
137 - name: Bootstrap Juju
138 sudo: no
139 shell: juju bootstrap
140 creates={{ ansible_env['PWD'] }}/.juju/environments/manual.jenv
141
Andy Baviercccf27b2015-08-17 14:48:29 -0400142 - name: Copy openstack.cfg for Juju
143 sudo: yes
144 copy: src=files/openstack.cfg
145 dest=/usr/local/src/openstack.cfg
146
147 - name: Check for /usr/local/src/charms/trusty
148 sudo: yes
149 file: path={{ charm_src }}
150 state=directory
151 mode=0755
152
153 - name: Deploy OpenStack services with Juju
154 script: scripts/juju-setup.py
155
Andy Baviercccf27b2015-08-17 14:48:29 -0400156 - name: Add all Juju relations between services
157 script: scripts/juju-relations.py
158
Andy Bavier52017142015-10-05 15:01:36 -0400159 - name: Wait for relations to be fully added
160 script: scripts/wait-for-services.sh
Andy Baviercccf27b2015-08-17 14:48:29 -0400161
162# Play: Use libvirt hooks to set up iptables
Andy Bavier22552302015-10-22 12:44:40 -0400163- hosts: head
Andy Baviercccf27b2015-08-17 14:48:29 -0400164 sudo: yes
165 tasks:
166 - name: Enable port forwarding for services
167 copy: src=files/{{ item }}
168 dest={{ item }}
169 mode=0755
170 notify:
171 - reload libvirt config
172 - run qemu hook
173 with_items:
174 - /etc/libvirt/hooks/daemon
175 - /etc/libvirt/hooks/qemu
176
177 handlers:
178 - name: reload libvirt config
179 shell: killall -HUP libvirtd
180
181 - name: run qemu hook
182 shell: /etc/libvirt/hooks/qemu start start
183
184# Play: Create credentials, set up some basic OpenStack
Andy Bavier22552302015-10-22 12:44:40 -0400185- hosts: head
Andy Baviercccf27b2015-08-17 14:48:29 -0400186 sudo: no
187 tasks:
188
189 - name: Get keystone admin password
190 shell: juju run --unit=keystone/0 "sudo cat /var/lib/keystone/keystone.passwd"
191 register: keystone_password
192
193 - shell: uvt-kvm ip keystone
194 register: keystone_ip
195
196 - name: Create credentials
197 template: src=templates/admin-openrc.sh.j2
198 dest={{ ansible_env['PWD'] }}/admin-openrc.sh
199
Andy Baviera08061a2015-10-05 08:24:59 -0400200 - name: (CloudLab) Make sure that /root/setup exists
Andy Bavier8da6df12015-10-02 12:33:48 -0400201 file: path=/root/setup state=directory
202 sudo: yes
203
Andy Baviera08061a2015-10-05 08:24:59 -0400204 - name: (CloudLab) Copy credentials to /root/setup
Andy Bavier8da6df12015-10-02 12:33:48 -0400205 shell: scp admin-openrc.sh /root/setup
206 sudo: yes
207
Andy Baviercccf27b2015-08-17 14:48:29 -0400208 - name: Copy credentials to nova-cloud-controller
209 shell: "scp admin-openrc.sh ubuntu@nova-cloud-controller:"
210
211 - name: Copy network setup script
212 sudo: yes
213 copy: src=scripts/network-setup.sh
214 dest=/usr/local/src/network-setup.sh
215 mode=0644
216
Andy Bavier4e7762e2015-08-27 14:36:34 -0400217 - name: Run network setup script
218 shell: ansible nova-cloud-controller -m script -u ubuntu -a "/usr/local/src/network-setup.sh"
Andy Baviercccf27b2015-08-17 14:48:29 -0400219
220 - name: Get public key
221 shell: cat {{ ansible_env['PWD'] }}/.ssh/id_rsa.pub
222 register: sshkey
223
Andy Bavier8da6df12015-10-02 12:33:48 -0400224 - name: Copy CA certificate
Andy Bavier52017142015-10-05 15:01:36 -0400225 shell: sudo juju scp nova-cloud-controller/0:/usr/local/share/ca-certificates/keystone_juju_ca_cert.crt /usr/local/share/ca-certificates
Andy Bavier8da6df12015-10-02 12:33:48 -0400226 creates=/usr/local/share/ca-certificates/keystone_juju_ca_cert.crt
Andy Bavier8da6df12015-10-02 12:33:48 -0400227
228 - name: Update CA ca-certificates
229 shell: update-ca-certificates
230 sudo: yes
231
Andy Bavier22552302015-10-22 12:44:40 -0400232- hosts: compute
Andy Baviercccf27b2015-08-17 14:48:29 -0400233 sudo: yes
234 vars:
Andy Bavier22552302015-10-22 12:44:40 -0400235 control_net: "{{ hostvars['head']['ansible_virbr0']['ipv4']['network'] }}/24"
236 gateway: "{{ hostvars['head']['ansible_default_ipv4']['address'] }}"
Andy Baviercccf27b2015-08-17 14:48:29 -0400237 tasks:
238 - name: Install package needed by Juju
239 apt: name=python-yaml state=present
240
Andy Bavier093e6a82015-08-21 13:31:31 -0400241 - name: Add key
242 authorized_key: user="{{ ansible_env['SUDO_USER'] }}"
Andy Bavier1704c582015-10-22 14:02:25 -0400243 key="{{ hostvars['head']['sshkey']['stdout'] }}"
Andy Bavier093e6a82015-08-21 13:31:31 -0400244
Andy Baviercccf27b2015-08-17 14:48:29 -0400245 - name: Add route via /etc/rc.local
246 template: src=templates/etc/rc.local.cloudlab
247 dest=/etc/rc.local
248 mode=0755
249 notify:
250 - run /etc/rc.local
251
Andy Bavier093e6a82015-08-21 13:31:31 -0400252 - name: Touch ~/.ssh/config
253 file: path=/var/lib/nova state=directory
254
Andy Baviera08061a2015-10-05 08:24:59 -0400255 - name: (CloudLab) Set up extra disk space
Andy Bavier093e6a82015-08-21 13:31:31 -0400256 shell: /usr/testbed/bin/mkextrafs /var/lib/nova
257 creates=/var/lib/nova/lost+found
Andy Baviercccf27b2015-08-17 14:48:29 -0400258
259 handlers:
260 - name: run /etc/rc.local
261 shell: /etc/rc.local