Gitiles
Code Review Sign In
gerrit.opencord.org / platform-install / dd0b30aae184eabaeb0c3df6995de0fd8434ec8f / . / singapore-setup.yml
blob: 9b2171cf595dc04e0ed69c2f07440b71992c0703 [file] [log] [blame]
Andy Bavier8d51c6c2015-04-01 11:40:22 -0400[diff] [blame]1---
2# Play: set up head node
3# Assumes basic /etc/ansible/hosts file
4- hosts: singapore-head
5 sudo: yes
6 tasks:
7
8 - apt: name=python-pycurl
9
10 - name: Add Juju repository
11 apt_repository: repo="ppa:juju/stable"
12
13 - name: Add Ansible repository
14 apt_repository: repo="ppa:ansible/ansible"
15
16 - name: Install older version of Juju due to bug in 1.22
17 apt: name=juju-core=1.20.11-0ubuntu0.14.04.1 update_cache=yes
18
19 - name: Install packages
Andy Bavierdd0b30a2015-04-01 12:15:31 -0400[diff] [blame^]20 apt: name={{ item }} state=latest
Andy Bavier8d51c6c2015-04-01 11:40:22 -0400[diff] [blame]21 with_items:
Andy Bavierdd0b30a2015-04-01 12:15:31 -0400[diff] [blame^]22 - ansible
23 - uvtool
24 - git
Andy Bavier8d51c6c2015-04-01 11:40:22 -0400[diff] [blame]25
26 - name: Get juju-ansible git repo
Andy Bavierdd0b30a2015-04-01 12:15:31 -0400[diff] [blame^]27 sudo: no
Andy Bavier8d51c6c2015-04-01 11:40:22 -0400[diff] [blame]28 git: repo=https://github.com/cmars/juju-ansible.git
Andy Bavierdd0b30a2015-04-01 12:15:31 -0400[diff] [blame^]29 dest={{ ansible_env['PWD'] }}/juju-ansible
Andy Bavier8d51c6c2015-04-01 11:40:22 -0400[diff] [blame]30
31 - name: Set up juju-ansible symlink
32 file: dest=/usr/local/bin/juju-ansible
Andy Bavierdd0b30a2015-04-01 12:15:31 -0400[diff] [blame^]33 src={{ ansible_env['PWD'] }}/juju-ansible
Andy Bavier8d51c6c2015-04-01 11:40:22 -0400[diff] [blame]34 state=link
35
36 - name: Set up juju-ansible-playbook symlink
37 file: dest=/usr/local/bin/juju-ansible-playbook
Andy Bavierdd0b30a2015-04-01 12:15:31 -0400[diff] [blame^]38 src={{ ansible_env['PWD'] }}/juju-ansible
Andy Bavier8d51c6c2015-04-01 11:40:22 -0400[diff] [blame]39 state=link
40
41 - name: Generate key to use in VMs
42 user: name=ubuntu generate_ssh_key=yes
43
Andy Bavier8d51c6c2015-04-01 11:40:22 -0400[diff] [blame]44 - name: Get trusty image for uvtool
45 shell: uvt-simplestreams-libvirt sync release=trusty arch=amd64
46
47 - name: Create VMs to host OpenCloud services
48 sudo: no
49 script: scripts/create-vms.sh
50
51 - pause: prompt="Hit return when all VMs have IP addresses"
52
53 - include: tasks/vm-ips.yml
54
55 - name: Add VMs to /etc/hosts
56 template: src=templates/etc/hosts.j2
57 dest=/etc/hosts
58
59 - name: Set up /etc/ansible/hosts
60 template: src=templates/etc/ansible/hosts.j2
61 dest=/etc/ansible/hosts
62
63 - name: Copy ansible.cfg to disable host key checking
64 sudo: no
65 copy: src=files/ansible.cfg
Andy Bavierdd0b30a2015-04-01 12:15:31 -0400[diff] [blame^]66 dest={{ ansible_env['PWD'] }}/.ansible.cfg
Andy Bavier8d51c6c2015-04-01 11:40:22 -0400[diff] [blame]67
68 - name: Touch ~/.ssh/config
69 sudo: no
Andy Bavierdd0b30a2015-04-01 12:15:31 -0400[diff] [blame^]70 file: path={{ ansible_env['PWD'] }}/.ssh/config state=touch
Andy Bavier8d51c6c2015-04-01 11:40:22 -0400[diff] [blame]71
72 - name: Disable host key checking in SSH
73 sudo: no
Andy Bavierdd0b30a2015-04-01 12:15:31 -0400[diff] [blame^]74 lineinfile: dest={{ ansible_env['PWD'] }}/.ssh/config
Andy Bavier8d51c6c2015-04-01 11:40:22 -0400[diff] [blame]75 line="StrictHostKeyChecking no"
76
77 - name: Test that we can log into every VM
78 sudo: no
Andy Bavierdd0b30a2015-04-01 12:15:31 -0400[diff] [blame^]79 shell: ansible services -m ping -u ubuntu
Andy Bavier8d51c6c2015-04-01 11:40:22 -0400[diff] [blame]80
81# Play: Install services using Juju
82- hosts: singapore-head
83 tasks:
84 - name: Initialize Juju
85 sudo: no
86 shell: juju generate-config
Andy Bavierdd0b30a2015-04-01 12:15:31 -0400[diff] [blame^]87 creates={{ ansible_env['PWD'] }}/.juju/environments.yaml
Andy Bavier8d51c6c2015-04-01 11:40:22 -0400[diff] [blame]88
89 - shell: uvt-kvm ip juju
90 register: juju_ip
91
92 - name: Juju config file
93 sudo: no
94 template: src=templates/environments.yaml.j2
Andy Bavierdd0b30a2015-04-01 12:15:31 -0400[diff] [blame^]95 dest={{ ansible_env['PWD'] }}/.juju/environments.yaml
Andy Bavier8d51c6c2015-04-01 11:40:22 -0400[diff] [blame]96
97 - name: Bootstrap Juju
98 sudo: no
99 shell: juju bootstrap
Andy Bavierdd0b30a2015-04-01 12:15:31 -0400[diff] [blame^]100 creates={{ ansible_env['PWD'] }}/.juju/environments/manual.jenv
Andy Bavier8d51c6c2015-04-01 11:40:22 -0400[diff] [blame]101
102 # - pause: Break here and try rebooting Juju VM
103
104 - name: Copy openstack.cfg for Juju
105 sudo: no
106 copy: src=files/openstack.cfg
Andy Bavierdd0b30a2015-04-01 12:15:31 -0400[diff] [blame^]107 dest={{ ansible_env['PWD'] }}/openstack.cfg
Andy Bavier8d51c6c2015-04-01 11:40:22 -0400[diff] [blame]108
109 - name: Deploy OpenStack services with Juju
110 script: scripts/juju-setup.py
111
112 - pause: prompt="Hit return when all services have started successfully"
113
114 - name: Set MTU for GRE tunneling
115 shell: "juju set quantum-gateway instance-mtu=1400"
116
117 - name: Use HTTPS for keystone authentication
118 shell: 'juju set keystone use-https=yes'
119
120 - name: Use HTTPS for all service endpoints
121 shell: 'juju set keystone https-service-endpoints=True'
122
123 - name: Use SSL for rabbitmq
124 shell: 'juju set rabbitmq-server ssl=on'
125
126 - name: Add all Juju relations between services
127 script: scripts/juju-relations.py
128
129 - pause: prompt="Wait for relations to be fully added"
130
131# Play: Use libvirt hooks to set up iptables
132- hosts: singapore-head
133 sudo: yes
134 tasks:
135 - name: Enable port forwarding for services
136 copy: src=files/{{ item }}
137 dest={{ item }}
138 mode=0755
139 notify:
140 - reload libvirt config
141 - run qemu hook
142 with_items:
143 - /etc/libvirt/hooks/daemon
144 - /etc/libvirt/hooks/qemu
145
146 handlers:
147 - name: reload libvirt config
148 shell: killall -HUP libvirtd
149
150 - name: run qemu hook
151 shell: /etc/libvirt/hooks/qemu start start
152
153# Play: Create credentials, set up some basic OpenStack
154- hosts: singapore-head
155 sudo: no
156 tasks:
157
158 - name: Get keystone admin password
159 shell: juju run --unit=keystone/0 "sudo cat /var/lib/keystone/keystone.passwd"
160 register: keystone_password
161
162 - shell: uvt-kvm ip keystone
163 register: keystone_ip
164
165 - name: Create credentials
166 template: src=templates/admin-openrc.sh.j2
Andy Bavierdd0b30a2015-04-01 12:15:31 -0400[diff] [blame^]167 dest={{ ansible_env['PWD'] }}/admin-openrc.sh
Andy Bavier8d51c6c2015-04-01 11:40:22 -0400[diff] [blame]168
169 - name: Copy credentials to nova-cloud-controller
Andy Bavierdd0b30a2015-04-01 12:15:31 -0400[diff] [blame^]170 shell: "scp admin-openrc.sh ubuntu@nova-cloud-controller:"
Andy Bavier8d51c6c2015-04-01 11:40:22 -0400[diff] [blame]171
172 - name: Get public key
Andy Bavierdd0b30a2015-04-01 12:15:31 -0400[diff] [blame^]173 shell: cat {{ ansible_env['PWD'] }}/.ssh/id_rsa.pub
Andy Bavier8d51c6c2015-04-01 11:40:22 -0400[diff] [blame]174 register: sshkey
175
176- hosts: singapore-compute
177 sudo: yes
178 vars:
179 control_net: 192.168.122.0/24
180 gateway: 198.71.44.85
181 tasks:
182 - name: Add route via /etc/rc.local
183 template: src=templates/etc/rc.local
184 dest=/etc/rc.local
185 mode=0755
186 notify:
187 - run /etc/rc.local
188
189 - name: Add key
190 authorized_key: user=ubuntu
191 key="{{ hostvars['opencloud3.sing.internet2.edu']['sshkey']['stdout'] }}"
192
193 handlers:
194 - name: run /etc/rc.local
195 shell: /etc/rc.local
196