Gitiles
Code Review Sign In
gerrit.opencord.org / platform-install / fe284a196c96a7f87b8467cd203bd7637dcda0ef / . / roles / create-lxd / tasks / main.yml
blob: b27e08ca938de503228f50202a6356782321b063 [file] [log] [blame]
Andy Baviera17d84b2016-11-16 09:39:26 -0800[diff] [blame]1---
2# file: create-lxd/tasks/main.yml
Andy Baviera17d84b2016-11-16 09:39:26 -0800[diff] [blame]3
Zack Williams5223dd92017-02-28 23:38:02 -0700[diff] [blame]4- name: Enable trusty-backports apt repository
Andy Baviera17d84b2016-11-16 09:39:26 -0800[diff] [blame]5 apt_repository:
6 repo: "{{ item }}"
7 state: present
8 with_items:
Zack Williams5223dd92017-02-28 23:38:02 -0700[diff] [blame]9 - "deb http://archive.ubuntu.com/ubuntu trusty-backports main restricted universe multiverse"
Andy Baviera17d84b2016-11-16 09:39:26 -0800[diff] [blame]10
Zack Williams5223dd92017-02-28 23:38:02 -0700[diff] [blame]11- name: Install LXD from trusty-backports
Andy Baviera17d84b2016-11-16 09:39:26 -0800[diff] [blame]12 apt:
13 name: lxd
Andy Baviera17d84b2016-11-16 09:39:26 -0800[diff] [blame]14 default_release: trusty-backports
Zack Williams5223dd92017-02-28 23:38:02 -0700[diff] [blame]15 update_cache: yes
16 cache_valid_time: 3600
Andy Baviera17d84b2016-11-16 09:39:26 -0800[diff] [blame]17
Zack Williams5223dd92017-02-28 23:38:02 -0700[diff] [blame]18- name: Create LXD profiles for OpenStack services
Andy Baviera17d84b2016-11-16 09:39:26 -0800[diff] [blame]19 lxd_profile:
Zack Williams5223dd92017-02-28 23:38:02 -0700[diff] [blame]20 name: "openstack-{{ item.name }}"
Andy Baviera17d84b2016-11-16 09:39:26 -0800[diff] [blame]21 state: present
22 config:
23 user.user-data: |
24 #cloud-config
25 ssh_authorized_keys:
Zack Williams5223dd92017-02-28 23:38:02 -0700[diff] [blame]26 - "{{ lookup('file', ssh_pki_dir ~ '/client_certs/{{ pod_sshkey_name }}_sshkey.pub') }}"
27 description: 'OpenStack service {{ item.name }} for CORD'
Andy Baviera17d84b2016-11-16 09:39:26 -0800[diff] [blame]28 devices:
29 eth0:
Andy Baviera17d84b2016-11-16 09:39:26 -0800[diff] [blame]30 type: nic
Zack Williams5223dd92017-02-28 23:38:02 -0700[diff] [blame]31 parent: mgmtbr
32 nictype: bridged
33 # ipv4.address: "{{ mgmt_ipv4_first_octets }}.{{ item.ipv4_last_octet }}"
34 hwaddr: "{{ item.hwaddr | default(hwaddr_prefix ~ ((mgmt_ipv4_first_octets ~ '.' ~ item.ipv4_last_octet) | ip4_hex)) | hwaddr('unix') }}"
Andy Bavier1cac0012017-03-13 10:06:18 -0400[diff] [blame]35 certs:
36 type: disk
37 path: /usr/local/share/ca-certificates/cord/
38 source: /usr/local/share/ca-certificates/
Zack Williams5223dd92017-02-28 23:38:02 -0700[diff] [blame]39 with_items: "{{ head_lxd_list }}"
Andy Baviera17d84b2016-11-16 09:39:26 -0800[diff] [blame]40
41- name: Create containers for the OpenStack services
Andy Baviera17d84b2016-11-16 09:39:26 -0800[diff] [blame]42 lxd_container:
43 name: "{{ item.name }}"
44 architecture: x86_64
45 state: started
46 source:
47 type: image
48 mode: pull
49 server: https://cloud-images.ubuntu.com/releases
50 protocol: simplestreams
51 alias: "{{ ansible_distribution_release }}"
Zack Williams5223dd92017-02-28 23:38:02 -0700[diff] [blame]52 profiles: ["openstack-{{ item.name }}"]
Andy Baviera17d84b2016-11-16 09:39:26 -0800[diff] [blame]53 wait_for_ipv4_addresses: true
54 timeout: 600
55 with_items: "{{ head_lxd_list }}"
56
57- name: fetch IP of DHCP harvester
Zack Williamsfe284a12017-07-01 11:00:04 -0700[diff] [blame^]58 when: use_maas
Andy Baviera17d84b2016-11-16 09:39:26 -0800[diff] [blame]59 command: docker-ip harvester
60 register: harvester_ip
61 changed_when: False
62
63- name: force a harvest to get container name resolution
Zack Williamsfe284a12017-07-01 11:00:04 -0700[diff] [blame^]64 when: use_maas
Andy Baviera17d84b2016-11-16 09:39:26 -0800[diff] [blame]65 uri:
66 url: http://{{ harvester_ip.stdout }}:8954/harvest
67 method: POST
68
69- name: wait for container name resolution
Zack Williamsfe284a12017-07-01 11:00:04 -0700[diff] [blame^]70 when: use_maas
Andy Baviera17d84b2016-11-16 09:39:26 -0800[diff] [blame]71 host_dns_check:
72 hosts: "{{ head_lxd_list | map(attribute='name') | list | to_json }}"
73 command_on_fail: "curl -sS --connect-timeout 3 -XPOST http://{{ harvester_ip.stdout }}:8954/harvest"
74 register: all_resolved
75 until: all_resolved.everyone == "OK"
76 retries: 5
77 delay: 10
78 failed_when: all_resolved.everyone != "OK"
79
Zack Williams43d62b52017-01-23 07:34:45 -0700[diff] [blame]80- name: Wait for containers to be accessible via SSH
Andy Baviera17d84b2016-11-16 09:39:26 -0800[diff] [blame]81 wait_for:
Zack Williams43d62b52017-01-23 07:34:45 -0700[diff] [blame]82 host: "{{ item.name }}"
83 port: 22
84 search_regex: "OpenSSH"
Andy Baviera17d84b2016-11-16 09:39:26 -0800[diff] [blame]85 with_items: "{{ head_lxd_list }}"
86
Sapan Bhatia35dba662017-04-18 13:32:28 +0200[diff] [blame]87- name: Ensure /etc/ansible directory exists
Zack Williams5223dd92017-02-28 23:38:02 -0700[diff] [blame]88 file:
89 path: /etc/ansible
90 state: directory
91 owner: root
92 group: root
93 mode: 0755
Sapan Bhatia35dba662017-04-18 13:32:28 +0200[diff] [blame]94
Zack Williams5223dd92017-02-28 23:38:02 -0700[diff] [blame]95- name: Create /etc/ansible/hosts file with containers list
Andy Baviera17d84b2016-11-16 09:39:26 -0800[diff] [blame]96 template:
Zack Williams5223dd92017-02-28 23:38:02 -0700[diff] [blame]97 src: ansible_hosts.j2
98 dest: /etc/ansible/hosts
99 owner: root
100 group: root
101 mode: 0644
Andy Baviera17d84b2016-11-16 09:39:26 -0800[diff] [blame]102