xos/synchronizers/vcpe/steps/sync_vcpetenant.yaml

---
- hosts: {{ instance_name }}
  gather_facts: False
  connection: ssh
  user: ubuntu
  sudo: yes
  vars:
      cdn_enable: {{ cdn_enable }}
      dnsdemux_ip: {{ dnsdemux_ip }}
      firewall_enable: {{ firewall_enable }}
      url_filter_enable: {{ url_filter_enable }}
      vlan_ids:
        {% for vlan_id in vlan_ids %}
        - {{ vlan_id }}
        {% endfor %}
      c_tags:
        {% for c_tag in c_tags %}
        - {{ c_tag }}
        {% endfor %}
      s_tags:
        {% for s_tag in s_tags %}
        - {{ s_tag }}
        {% endfor %}
      firewall_rules:
        {% for firewall_rule in firewall_rules.split("\n") %}
        - {{ firewall_rule }}
        {% endfor %}
      cdn_prefixes:
        {% for prefix in cdn_prefixes %}
        - {{ prefix }}
        {% endfor %}
      bbs_addrs:
        {% for bbs_addr in bbs_addrs %}
        - {{ bbs_addr }}
        {% endfor %}
      nat_ip: {{ nat_ip }}
      nat_mac: {{ nat_mac }}
      lan_ip: {{ lan_ip }}
      lan_mac: {{ lan_mac }}
      wan_ip: {{ wan_ip }}
      wan_mac: {{ wan_mac }}
      wan_container_mac: {{ wan_container_mac }}
      wan_next_hop: 10.0.1.253   # FIX ME
      private_ip: {{ private_ip }}
      private_mac: {{ private_mac }}
      hpc_client_ip: {{ hpc_client_ip }}
      hpc_client_mac: {{ hpc_client_mac }}
      keystone_tenant_id: {{ keystone_tenant_id }}
      keystone_user_id: {{ keystone_user_id }}
      rabbit_user: {{ rabbit_user }}
      rabbit_password: {{ rabbit_password }}
      rabbit_host: {{ rabbit_host }}
      safe_browsing:
        {% for mac in safe_browsing_macs %}
        - {{ mac }}
        {% endfor %}

  tasks:
{% if full_setup %}
  - name: Docker repository
    copy: src=/opt/xos/synchronizers/vcpe/files/docker.list
      dest=/etc/apt/sources.list.d/docker.list

  - name: Import the repository key
    apt_key: keyserver=keyserver.ubuntu.com id=36A1D7869245C8950F966E92D8576A8BA88D21E9

  - name: install Docker
    apt: name=lxc-docker state=present update_cache=yes

  - name: install python-setuptools
    apt: name=python-setuptools state=present

  - name: install pip
    easy_install: name=pip

  - name: install docker-py
    pip: name=docker-py version=0.5.3

  - name: install Pipework
    get_url: url=https://raw.githubusercontent.com/jpetazzo/pipework/master/pipework
       dest=/usr/local/bin/pipework
       mode=0755

  - name: make sure /etc/dnsmasq.d exists
    file: path=/etc/dnsmasq.d state=directory owner=root group=root

  - name: Disable resolvconf service
    shell: service resolvconf stop
    shell: echo manual > /etc/init/resolvconf.override
    shell: rm -f /etc/resolv.conf

  - name: Install resolv.conf
    copy: src=/opt/xos/synchronizers/vcpe/files/vm-resolv.conf
      dest=/etc/resolv.conf

  - name: Verify if vcpe_stats_notifier ([] is to avoid capturing the shell process) cron job is already running
    shell: pgrep -f [v]cpe_stats_notifier | wc -l
    register: cron_job_pids_count

#  - name: DEBUG
#    debug: var=cron_job_pids_count.stdout

  - name: make sure ~/bin exists
    file: path=~/bin state=directory owner=root group=root
    when: cron_job_pids_count.stdout == "0"

  - name: Copy cron job to destination
    copy: src=/opt/xos/synchronizers/vcpe/vcpe_stats_notifier.py
      dest=~/bin/vcpe_stats_notifier.py
    when: cron_job_pids_count.stdout == "0"

  - name: install python-kombu
    apt: name=python-kombu state=present
    when: cron_job_pids_count.stdout == "0"

  - name: Initiate vcpe_stats_notifier cron job
    command: python ~/bin/vcpe_stats_notifier.py --keystone_tenant_id={{ keystone_tenant_id }} --keystone_user_id={{ keystone_user_id }} --rabbit_user={{ rabbit_user }} --rabbit_password={{ rabbit_password }} --rabbit_host={{ rabbit_host }} --vcpeservice_rabbit_exchange='vcpeservice'
    async: 9999999999999999
    poll: 0
    when: cron_job_pids_count.stdout == "0"
{% endif %}

  - name: vCPE upstart
    template: src=/opt/xos/synchronizers/vcpe/templates/vcpe.conf.j2 dest=/etc/init/vcpe-{{ s_tags[0] }}-{{ c_tags[0] }}.conf

  - name: vCPE startup script
    template: src=/opt/xos/synchronizers/vcpe/templates/start-vcpe.sh.j2 dest=/usr/local/sbin/start-vcpe-{{ s_tags[0] }}-{{ c_tags[0] }}.sh mode=0755
    notify:
#    - restart vcpe
     - stop vcpe
     - remove container
     - start vcpe

  - name: create /etc/vcpe-{{ s_tags[0] }}-{{ c_tags[0] }}/dnsmasq.d
    file: path=/etc/vcpe-{{ s_tags[0] }}-{{ c_tags[0] }}/dnsmasq.d state=directory owner=root group=root

  - name: vCPE basic dnsmasq config
    copy: src=/opt/xos/synchronizers/vcpe/files/vcpe.dnsmasq dest=/etc/vcpe-{{ s_tags[0] }}-{{ c_tags[0] }}/dnsmasq.d/vcpe.conf owner=root group=root
    notify:
    - restart dnsmasq

  - name: dnsmasq config
    template: src=/opt/xos/synchronizers/vcpe/templates/dnsmasq_servers.j2 dest=/etc/vcpe-{{ s_tags[0] }}-{{ c_tags[0] }}/dnsmasq.d/servers.conf owner=root group=root
    notify:
    - restart dnsmasq

# These are samples, not necessary for correct function of demo

#  - name: networking info
#    template: src=/opt/xos/synchronizers/vcpe/templates/vlan_sample.j2 dest=/etc/vlan_sample owner=root group=root

#  - name: firewall info
#    template: src=/opt/xos/synchronizers/vcpe/templates/firewall_sample.j2 dest=/etc/firewall_sample owner=root group=root

  - name: Make sure vCPE service is running
    service: name=vcpe-{{ s_tags[0] }}-{{ c_tags[0] }} state=started

  handlers:
  # Dnsmasq is automatically restarted in the container
  - name: restart dnsmasq
    shell: docker exec vcpe-{{ s_tags[0] }}-{{ c_tags[0] }} killall dnsmasq

  - name: restart vcpe
    shell: service vcpe-{{ s_tags[0] }}-{{ c_tags[0] }} stop; sleep 1; service vcpe-{{ s_tags[0] }}-{{ c_tags[0] }} start

  - name: stop vcpe
    service: name=vcpe-{{ s_tags[0] }}-{{ c_tags[0] }} state=stopped

  - name: remove container
    docker: name=vcpe-{{ s_tags[0] }}-{{ c_tags[0] }} state=absent image=docker-vcpe

  - name: start vcpe
    service: name=vcpe-{{ s_tags[0] }}-{{ c_tags[0] }} state=started