| Andy Bavier | a17d84b | 2016-11-16 09:39:26 -0800 | [diff] [blame] | 1 | --- |
| 2 | # file: create-lxd/tasks/main.yml |
| 3 | - name: Ensure DIG |
| 4 | become: yes |
| 5 | apt: |
| 6 | name: dnsutils=1:9* |
| 7 | state: present |
| 8 | |
| 9 | - name: Enable trusty-backports |
| 10 | become: yes |
| 11 | apt_repository: |
| 12 | repo: "{{ item }}" |
| 13 | state: present |
| 14 | with_items: |
| 15 | - "deb http://us.archive.ubuntu.com/ubuntu/ trusty-backports main restricted universe" |
| 16 | - "deb-src http://us.archive.ubuntu.com/ubuntu/ trusty-backports main restricted universe" |
| 17 | |
| 18 | - name: Ensure LXD |
| 19 | become: yes |
| 20 | apt: |
| 21 | name: lxd |
| 22 | state: present |
| 23 | update_cache: yes |
| 24 | default_release: trusty-backports |
| 25 | |
| 26 | # For lookup() below |
| 27 | - name: Fetch remote key |
| 28 | fetch: |
| 29 | src: .ssh/id_rsa.pub |
| 30 | dest: /tmp/id_rsa.pub |
| 31 | flat: yes |
| 32 | |
| 33 | - name: Create openstack LXD profile |
| 34 | become: yes |
| 35 | lxd_profile: |
| 36 | name: openstack |
| 37 | state: present |
| 38 | config: |
| 39 | user.user-data: | |
| 40 | #cloud-config |
| 41 | ssh_authorized_keys: |
| 42 | - "{{ lookup('file', '/tmp/id_rsa.pub') }}" |
| 43 | description: 'OpenStack services on CORD' |
| 44 | devices: |
| 45 | eth0: |
| 46 | nictype: bridged |
| 47 | parent: mgmtbr |
| 48 | type: nic |
| 49 | |
| 50 | - name: Create containers for the OpenStack services |
| 51 | become: yes |
| 52 | lxd_container: |
| 53 | name: "{{ item.name }}" |
| 54 | architecture: x86_64 |
| 55 | state: started |
| 56 | source: |
| 57 | type: image |
| 58 | mode: pull |
| 59 | server: https://cloud-images.ubuntu.com/releases |
| 60 | protocol: simplestreams |
| 61 | alias: "{{ ansible_distribution_release }}" |
| 62 | profiles: ["openstack"] |
| 63 | wait_for_ipv4_addresses: true |
| 64 | timeout: 600 |
| 65 | with_items: "{{ head_lxd_list }}" |
| 66 | |
| 67 | - name: fetch IP of DHCP harvester |
| 68 | when: on_maas |
| 69 | command: docker-ip harvester |
| 70 | register: harvester_ip |
| 71 | changed_when: False |
| 72 | |
| 73 | - name: force a harvest to get container name resolution |
| 74 | when: on_maas |
| 75 | uri: |
| 76 | url: http://{{ harvester_ip.stdout }}:8954/harvest |
| 77 | method: POST |
| 78 | |
| 79 | - name: wait for container name resolution |
| 80 | when: on_maas |
| 81 | host_dns_check: |
| 82 | hosts: "{{ head_lxd_list | map(attribute='name') | list | to_json }}" |
| 83 | command_on_fail: "curl -sS --connect-timeout 3 -XPOST http://{{ harvester_ip.stdout }}:8954/harvest" |
| 84 | register: all_resolved |
| 85 | until: all_resolved.everyone == "OK" |
| 86 | retries: 5 |
| 87 | delay: 10 |
| 88 | failed_when: all_resolved.everyone != "OK" |
| 89 | |
| 90 | - name: wait for containers to come up |
| 91 | wait_for: |
| 92 | host={{ item.name }} |
| 93 | port=22 |
| 94 | with_items: "{{ head_lxd_list }}" |
| 95 | |
| Sapan Bhatia | c5dfa8f | 2017-04-18 13:32:28 +0200 | [diff] [blame] | 96 | - name: Ensure /etc/ansible directory exists |
| 97 | become: yes |
| 98 | file: path=/etc/ansible state=directory |
| 99 | |
| Andy Bavier | a17d84b | 2016-11-16 09:39:26 -0800 | [diff] [blame] | 100 | - name: Create /etc/ansible/hosts file |
| 101 | become: yes |
| 102 | template: |
| 103 | src=ansible_hosts.j2 |
| 104 | dest=/etc/ansible/hosts |
| 105 | |
| 106 | - name: Verify that we can log into every container |
| 107 | command: ansible containers -m ping -u ubuntu |
| 108 | tags: |
| 109 | - skip_ansible_lint # connectivity check |
| 110 | |
| Andy Bavier | a9cf6ab | 2017-02-23 14:57:34 -0500 | [diff] [blame] | 111 | - name: Verify that containers have external connectivity |
| 112 | command: ansible containers -m uri -u ubuntu -a "url=http://www.google.com" |
| 113 | tags: |
| 114 | - skip_ansible_lint # connectivity check |
| 115 | |
| Andy Bavier | a17d84b | 2016-11-16 09:39:26 -0800 | [diff] [blame] | 116 | - name: Have containers use the apt-cache |
| 117 | command: ansible containers -b -u ubuntu -m lineinfile -a "dest=/etc/apt/apt.conf.d/02apt-cacher-ng create=yes mode=0644 owner=root group=root regexp='^Acquire' line='Acquire::http { Proxy \"http://{{ apt_cacher_name }}:{{ apt_cacher_port | default('3142') }}\"; };'" |
| 118 | tags: |
| 119 | - skip_ansible_lint # running a sub job |
| 120 | |
| 121 | - name: Update apt cache |
| 122 | command: ansible containers -m apt -b -u ubuntu -a "update_cache=yes cache_valid_time=3600" |
| 123 | tags: |
| 124 | - skip_ansible_lint # running a sub job |
| 125 | |
| 126 | - name: Update software in all the containers |
| 127 | when: run_dist_upgrade |
| 128 | command: ansible containers -m apt -b -u ubuntu -a "upgrade=dist" |
| 129 | tags: |
| 130 | - skip_ansible_lint # running a sub job |
| 131 | |
| 132 | - name: Create containers' eth0 interface config file for DNS config via resolvconf program |
| 133 | when: not on_maas |
| 134 | template: |
| 135 | src=eth0.cfg.j2 |
| 136 | dest={{ ansible_user_dir }}/eth0.cfg |
| 137 | |
| 138 | - name: Copy eth0 interface config file to all containers |
| 139 | when: not on_maas |
| 140 | command: ansible containers -b -u ubuntu -m copy -a "src={{ ansible_user_dir }}/eth0.cfg dest=/etc/network/interfaces.d/eth0.cfg owner=root group=root mode=0644" |
| 141 | |
| 142 | - name: Restart eth0 interface on all containers |
| 143 | when: not on_maas |
| 144 | command: ansible containers -b -u ubuntu -m shell -a "ifdown eth0 ; ifup eth0" |
| 145 | |
| 146 | - name: Verify that we can log into every container after restarting network interfaces |
| 147 | when: not on_maas |
| 148 | command: ansible containers -m ping -u ubuntu |