Compare commits
No commits in common. "e59d2c1c98943f06644feb3e6d94b3b998102335" and "f06a94391689ac3c5e64bf88985167ab2681dec4" have entirely different histories.
e59d2c1c98
...
f06a943916
4
hosts
4
hosts
@ -34,10 +34,10 @@ openstack01-node03
|
|||||||
#run_options="-e CASSANDRA_SEEDS=172.23.41.1"
|
#run_options="-e CASSANDRA_SEEDS=172.23.41.1"
|
||||||
|
|
||||||
[neutron-controller]
|
[neutron-controller]
|
||||||
openstack01-node01 provider_interface_name=ens192
|
openstack01-node01
|
||||||
|
|
||||||
[nova-controller]
|
[nova-controller]
|
||||||
openstack01-node03
|
openstack01-node03
|
||||||
|
|
||||||
[nova-compute]
|
[nova-compute]
|
||||||
openstack01-node04 provider_interface_name=dummy0
|
openstack01-node04
|
||||||
|
@ -1,24 +1,18 @@
|
|||||||
# Build and install a docker image for glance.
|
# Build and install a docker image for glance.
|
||||||
---
|
---
|
||||||
- name: include secrets
|
|
||||||
include_vars:
|
|
||||||
file: ../../secrets.yml
|
|
||||||
name: secrets
|
|
||||||
|
|
||||||
- set_fact:
|
- set_fact:
|
||||||
docker_image: webhost12.service.rug.nl/hpc/openstack-glance:latest
|
docker_image: webhost12.service.rug.nl/hpc/openstack-glance:latest
|
||||||
env_vars: >
|
env_vars: >
|
||||||
-e "GLANCE_HOST={{ hostvars[groups['glance-controller'][0]]['ansible_default_ipv4']['address'] }}"
|
-e "RABBIT_HOST={{ hostvars[groups['rabbitmq'][0]]['ansible_default_ipv4']['address'] }}"
|
||||||
-e "GLANCE_PASSWORD={{ secrets['GLANCE_PASSWORD'] }}"
|
|
||||||
-e "GLANCE_USER=glance"
|
|
||||||
-e "KEYSTONE_HOST={{ hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address'] }}"
|
|
||||||
-e "MEMCACHED_HOST={{ hostvars[groups['memcached'][0]]['ansible_default_ipv4']['address'] }}"
|
-e "MEMCACHED_HOST={{ hostvars[groups['memcached'][0]]['ansible_default_ipv4']['address'] }}"
|
||||||
-e "MYSQL_HOST={{ hostvars[groups['databases'][0]]['ansible_default_ipv4']['address'] }}"
|
-e "MYSQL_HOST={{ hostvars[groups['databases'][0]]['ansible_default_ipv4']['address'] }}"
|
||||||
-e "MYSQL_ROOT_PASSWORD={{ secrets['MYSQL_ROOT_PASSWORD'] }}"
|
-e "MYSQL_ROOT_PASSWORD=geheim"
|
||||||
-e "OS_PASSWORD={{ secrets['OS_PASSWORD'] }}"
|
-e "KEYSTONE_HOST={{ hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address'] }}"
|
||||||
-e "RABBIT_HOST={{ hostvars[groups['rabbitmq'][0]]['ansible_default_ipv4']['address'] }}"
|
-e "GLANCE_HOST={{ hostvars[groups['glance-controller'][0]]['ansible_default_ipv4']['address'] }}"
|
||||||
-e "RABBIT_PASSWORD={{ secrets['RABBIT_PASSWORD'] }}"
|
-e "GLANCE_USER=glance"
|
||||||
|
-e "GLANCE_PASSWORD=geheim"
|
||||||
-e "RABBIT_USER=openstack"
|
-e "RABBIT_USER=openstack"
|
||||||
|
-e "RABBIT_PASSWORD=geheim"
|
||||||
|
|
||||||
- name: pull docker image
|
- name: pull docker image
|
||||||
docker_image:
|
docker_image:
|
||||||
@ -32,7 +26,6 @@
|
|||||||
mode: 0777
|
mode: 0777
|
||||||
with_items:
|
with_items:
|
||||||
- /srv/glance
|
- /srv/glance
|
||||||
- /srv/glance/root
|
|
||||||
|
|
||||||
- name: install service file.
|
- name: install service file.
|
||||||
template:
|
template:
|
||||||
@ -49,7 +42,6 @@
|
|||||||
/usr/bin/docker run --rm
|
/usr/bin/docker run --rm
|
||||||
{{ env_vars }}
|
{{ env_vars }}
|
||||||
--add-host=keystone:{{ hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address'] }} \
|
--add-host=keystone:{{ hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address'] }} \
|
||||||
-v /srv/glance/root:/root \
|
|
||||||
{{ docker_image }} /etc/bootstrap.sh
|
{{ docker_image }} /etc/bootstrap.sh
|
||||||
tags: bootstrap
|
tags: bootstrap
|
||||||
|
|
||||||
|
@ -6,11 +6,9 @@ Requires=docker.service
|
|||||||
[Service]
|
[Service]
|
||||||
TimeoutStartSec=0
|
TimeoutStartSec=0
|
||||||
Restart=always
|
Restart=always
|
||||||
ExecStartPre=-/usr/bin/docker kill %n
|
ExecStartPre=-/usr/bin/docker rm -f %n
|
||||||
ExecStartPre=-/usr/bin/docker rm %n
|
|
||||||
ExecStart=/usr/bin/docker run --name %n \
|
ExecStart=/usr/bin/docker run --name %n \
|
||||||
{{ env_vars | replace('\n', '') }} \
|
{{ env_vars | replace('\n', '') }} \
|
||||||
-v /srv/glance/root:/root \
|
|
||||||
-p 9292:9292 \
|
-p 9292:9292 \
|
||||||
{{ docker_image }}
|
{{ docker_image }}
|
||||||
|
|
||||||
|
@ -6,8 +6,7 @@ Requires=docker.service
|
|||||||
[Service]
|
[Service]
|
||||||
TimeoutStartSec=0
|
TimeoutStartSec=0
|
||||||
Restart=always
|
Restart=always
|
||||||
ExecStartPre=-/usr/bin/docker kill %n
|
ExecStartPre=-/usr/bin/docker rm -f %n
|
||||||
ExecStartPre=-/usr/bin/docker rm %n
|
|
||||||
ExecStart=/usr/bin/docker run --name %n \
|
ExecStart=/usr/bin/docker run --name %n \
|
||||||
-e "MEMCACHED_SERVER={{ hostvars[groups['memcached'][0]]['ansible_default_ipv4']['address'] }}" \
|
-e "MEMCACHED_SERVER={{ hostvars[groups['memcached'][0]]['ansible_default_ipv4']['address'] }}" \
|
||||||
-e "KEYSTONE_HOST={{ hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address'] }}" \
|
-e "KEYSTONE_HOST={{ hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address'] }}" \
|
||||||
|
31
roles/keystone/files/Dockerfile
Normal file
31
roles/keystone/files/Dockerfile
Normal file
@ -0,0 +1,31 @@
|
|||||||
|
# Build keystone. It needs to be run with
|
||||||
|
# --add-host=mariadb:<ip mariadb listens tp>
|
||||||
|
# Wen starting with an initialized db,
|
||||||
|
# run keystone-manage db_sync from this docker first:
|
||||||
|
# $ docker run hpc/keystone --add-host=mariadb:<ip mariadb> "keystone-manage db_sync"
|
||||||
|
|
||||||
|
FROM ubuntu:16.04
|
||||||
|
|
||||||
|
RUN apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 5EDB1B62EC4926EA
|
||||||
|
|
||||||
|
RUN set -x \
|
||||||
|
&& echo "deb http://ubuntu-cloud.archive.canonical.com/ubuntu xenial-updates/ocata main" > /etc/apt/sources.list.d/ocata.list \
|
||||||
|
&& apt-get -y update \
|
||||||
|
&& apt-get -y install \
|
||||||
|
&& apt-get -y install keystone python-openstackclient \
|
||||||
|
&& apt-get -y clean
|
||||||
|
|
||||||
|
# set admin token TODO: make this a secret
|
||||||
|
# in volume of met env
|
||||||
|
COPY keystone.conf /etc/keystone/keystone.conf
|
||||||
|
|
||||||
|
RUN mkdir /etc/keystone/fernet-keys
|
||||||
|
|
||||||
|
RUN chown keystone: /etc/keystone/fernet-keys
|
||||||
|
|
||||||
|
COPY admin-openrc.sh root/admin-openrc.sh
|
||||||
|
|
||||||
|
COPY bootstrap.sh /etc/bootstrap.sh
|
||||||
|
|
||||||
|
#RUN keystone-manage db_sync
|
||||||
|
CMD apachectl -DFOREGROUND
|
16
roles/keystone/files/bootstrap.sh
Executable file
16
roles/keystone/files/bootstrap.sh
Executable file
@ -0,0 +1,16 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
source /root/admin-openrc.sh
|
||||||
|
|
||||||
|
openstack project create --domain default \
|
||||||
|
--description "Service Project" service
|
||||||
|
|
||||||
|
openstack project create --domain default \
|
||||||
|
--description "Demo Project" demo
|
||||||
|
|
||||||
|
openstack user create --domain default \
|
||||||
|
--password geheim demo
|
||||||
|
|
||||||
|
openstack role create user
|
||||||
|
|
||||||
|
openstack role add --project demo --user demo user
|
12
roles/keystone/files/keystone.conf
Normal file
12
roles/keystone/files/keystone.conf
Normal file
@ -0,0 +1,12 @@
|
|||||||
|
[DEFAULT]
|
||||||
|
|
||||||
|
verbose = true
|
||||||
|
|
||||||
|
[database]
|
||||||
|
connection = mysql+pymysql://keystone:keystone@mariadb/keystone
|
||||||
|
|
||||||
|
[token]
|
||||||
|
provider = fernet
|
||||||
|
|
||||||
|
[identity]
|
||||||
|
default_domain_id = default
|
@ -1,6 +1,6 @@
|
|||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
# Start a mariadb container to use its mysql client to initialize the keystone database.
|
# Start a mariadb container to use its mysql client to initialize the keystone database.
|
||||||
docker run --rm -i mariadb:10.2 mysql -uroot -p"$MYSQL_ROOT_PASSWORD" --host "$DB_HOST" << EOF
|
docker run --rm -i mariadb:10.2 mysql -uroot -pgeheim --host "$1" << EOF
|
||||||
CREATE DATABASE IF NOT EXISTS keystone;
|
CREATE DATABASE IF NOT EXISTS keystone;
|
||||||
GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'localhost' IDENTIFIED BY 'keystone';
|
GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'localhost' IDENTIFIED BY 'keystone';
|
||||||
GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%' IDENTIFIED BY 'keystone';
|
GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%' IDENTIFIED BY 'keystone';
|
||||||
|
@ -1,20 +1,10 @@
|
|||||||
# Build and install a docker image for keystone.
|
# Build and install a docker image for keystone.
|
||||||
---
|
---
|
||||||
- name: include secrets
|
|
||||||
include_vars:
|
|
||||||
file: ../../secrets.yml
|
|
||||||
name: secrets
|
|
||||||
|
|
||||||
- name: Make persistent directories
|
- name: Make persistent directories
|
||||||
file:
|
file:
|
||||||
path: "{{ item }}"
|
path: /srv/keystone/fernet-keys
|
||||||
state: directory
|
state: directory
|
||||||
mode: 0777
|
mode: 0777
|
||||||
with_items:
|
|
||||||
- /srv
|
|
||||||
- /srv/keystone
|
|
||||||
- /srv/keystone/fernet-keys
|
|
||||||
- /srv/keystone/root
|
|
||||||
|
|
||||||
- set_fact:
|
- set_fact:
|
||||||
docker_image: webhost12.service.rug.nl/hpc/openstack-keystone:latest
|
docker_image: webhost12.service.rug.nl/hpc/openstack-keystone:latest
|
||||||
@ -36,10 +26,7 @@
|
|||||||
command: systemctl daemon-reload
|
command: systemctl daemon-reload
|
||||||
|
|
||||||
- name: Initialize db
|
- name: Initialize db
|
||||||
script: scripts/initialize_db.sh
|
script: scripts/initialize_db.sh {{ hostvars[groups['databases'][0]]['ansible_default_ipv4']['address'] }}
|
||||||
environment:
|
|
||||||
MYSQL_ROOT_PASSWORD: "{{ secrets['MYSQL_ROOT_PASSWORD'] }}"
|
|
||||||
DB_HOST: "{{ hostvars[groups['databases'][0]]['ansible_default_ipv4']['address'] }}"
|
|
||||||
register: result
|
register: result
|
||||||
until: result|succeeded
|
until: result|succeeded
|
||||||
# sometimes the initial connect fails.
|
# sometimes the initial connect fails.
|
||||||
@ -60,7 +47,7 @@
|
|||||||
- fernet_setup --keystone-user keystone --keystone-group keystone
|
- fernet_setup --keystone-user keystone --keystone-group keystone
|
||||||
- credential_setup --keystone-user keystone --keystone-group keystone
|
- credential_setup --keystone-user keystone --keystone-group keystone
|
||||||
- >
|
- >
|
||||||
bootstrap --bootstrap-password {{ secrets['OS_PASSWORD'] }}
|
bootstrap --bootstrap-password geheim
|
||||||
--bootstrap-admin-url http://{{ hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address'] }}:35357/v3/
|
--bootstrap-admin-url http://{{ hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address'] }}:35357/v3/
|
||||||
--bootstrap-internal-url http://{{ hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address'] }}:35357/v3/
|
--bootstrap-internal-url http://{{ hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address'] }}:35357/v3/
|
||||||
--bootstrap-public-url http://{{ hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address'] }}:5000/v3/
|
--bootstrap-public-url http://{{ hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address'] }}:5000/v3/
|
||||||
@ -76,8 +63,5 @@
|
|||||||
/usr/bin/docker run --rm
|
/usr/bin/docker run --rm
|
||||||
--add-host=mariadb:{{ hostvars[groups['databases'][0]]['ansible_default_ipv4']['address'] }}
|
--add-host=mariadb:{{ hostvars[groups['databases'][0]]['ansible_default_ipv4']['address'] }}
|
||||||
-v /srv/keystone/fernet-keys:/etc/keystone/fernet-keys
|
-v /srv/keystone/fernet-keys:/etc/keystone/fernet-keys
|
||||||
-v /srv/keystone/root:/root
|
|
||||||
-e "KEYSTONE_HOST={{ hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address'] }}"
|
-e "KEYSTONE_HOST={{ hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address'] }}"
|
||||||
-e "OS_AUTH_URL=http://${KEYSTONE_HOST}:35357/v3"
|
|
||||||
-e "OS_PASSWORD={{ secrets['OS_PASSWORD'] }}"
|
|
||||||
{{ docker_image }} bash /etc/bootstrap.sh
|
{{ docker_image }} bash /etc/bootstrap.sh
|
||||||
|
@ -1,5 +1,5 @@
|
|||||||
export OS_TENANT_NAME=admin
|
export OS_TENANT_NAME=admin
|
||||||
export OS_USERNAME=admin
|
export OS_USERNAME=admin
|
||||||
export OS_PASSWORD={{ hostvars[groups['keystone'][0]]['OS_PASSWORD'] }}
|
export OS_PASSWORD=geheim
|
||||||
export OS_AUTH_URL=http://{{ hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address'] }}:35357/v3
|
export OS_AUTH_URL=http://{{ hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address'] }}:35357/v3
|
||||||
export OS_IDENTITY_API_VERSION=3
|
export OS_IDENTITY_API_VERSION=3
|
||||||
|
@ -6,14 +6,12 @@ Requires=docker.service
|
|||||||
[Service]
|
[Service]
|
||||||
TimeoutStartSec=0
|
TimeoutStartSec=0
|
||||||
Restart=always
|
Restart=always
|
||||||
ExecStartPre=-/usr/bin/docker kill %n
|
ExecStartPre=-/usr/bin/docker rm -f %n
|
||||||
ExecStartPre=-/usr/bin/docker rm %n
|
|
||||||
ExecStart=/usr/bin/docker run --name %n \
|
ExecStart=/usr/bin/docker run --name %n \
|
||||||
--add-host=mariadb:{{ hostvars[groups['databases'][0]]['ansible_default_ipv4']['address'] }} \
|
--add-host=mariadb:{{ hostvars[groups['databases'][0]]['ansible_default_ipv4']['address'] }} \
|
||||||
-e "KEYSTONE_HOST={{ hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address'] }}" \
|
-e "KEYSTONE_HOST={{ hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address'] }}" \
|
||||||
-p 5000:5000 -p 35357:35357 \
|
-p 5000:5000 -p 35357:35357 \
|
||||||
-v /srv/keystone/fernet-keys:/etc/keystone/fernet-keys \
|
-v /srv/keystone/fernet-keys:/etc/keystone/fernet-keys \
|
||||||
-v /srv/keystone/root:/root \
|
|
||||||
{{ docker_image }}
|
{{ docker_image }}
|
||||||
|
|
||||||
[Install]
|
[Install]
|
||||||
|
@ -6,13 +6,13 @@ Requires=docker.service
|
|||||||
[Service]
|
[Service]
|
||||||
TimeoutStartSec=0
|
TimeoutStartSec=0
|
||||||
Restart=always
|
Restart=always
|
||||||
ExecStartPre=-/usr/bin/docker kill %n || /bin/true
|
ExecStartPre=-/usr/bin/docker stop %n
|
||||||
ExecStartPre=-/usr/bin/docker rm %n
|
ExecStartPre=-/usr/bin/docker rm %n
|
||||||
ExecStartPre=/usr/bin/docker pull mariadb:10.2
|
ExecStartPre=/usr/bin/docker pull mariadb:10.2
|
||||||
ExecStart=/usr/bin/docker run -p 3306:3306 --name %n \
|
ExecStart=/usr/bin/docker run -p 3306:3306 --name %n \
|
||||||
-v /srv/mariadb/lib/mysql:/var/lib/mysql \
|
-v /srv/mariadb/lib/mysql:/var/lib/mysql \
|
||||||
-v /srv/mariadb/etc/mysql:/etc/mysql \
|
-v /srv/mariadb/etc/mysql:/etc/mysql \
|
||||||
-e MYSQL_ROOT_PASSWORD={{ secrets['MYSQL_ROOT_PASSWORD'] }} mariadb:10.2
|
-e MYSQL_ROOT_PASSWORD=geheim mariadb:10.2
|
||||||
|
|
||||||
[Install]
|
[Install]
|
||||||
WantedBy=multi-user.target
|
WantedBy=multi-user.target
|
@ -1,13 +1,8 @@
|
|||||||
# Install a docker based mariadb.
|
# Install a docker based mariadb.
|
||||||
---
|
---
|
||||||
- name: include secrets
|
|
||||||
include_vars:
|
|
||||||
file: ../../secrets.yml
|
|
||||||
name: secrets
|
|
||||||
|
|
||||||
- name: install service file.
|
- name: install service file.
|
||||||
template:
|
template:
|
||||||
src: templates/mysql.service
|
src: files/mysql.service
|
||||||
dest: /etc/systemd/system/mysql.service
|
dest: /etc/systemd/system/mysql.service
|
||||||
mode: 644
|
mode: 644
|
||||||
owner: root
|
owner: root
|
||||||
|
@ -1,10 +1,5 @@
|
|||||||
# Build and install a docker image for neutron-controller.
|
# Build and install a docker image for neutron-controller.
|
||||||
---
|
---
|
||||||
- name: include secrets
|
|
||||||
include_vars:
|
|
||||||
file: ../../secrets.yml
|
|
||||||
name: secrets
|
|
||||||
|
|
||||||
- set_fact:
|
- set_fact:
|
||||||
docker_image: "webhost12.service.rug.nl/hpc/openstack-neutron-controller:latest"
|
docker_image: "webhost12.service.rug.nl/hpc/openstack-neutron-controller:latest"
|
||||||
|
|
||||||
@ -16,19 +11,18 @@
|
|||||||
- set_fact:
|
- set_fact:
|
||||||
env_vars: >
|
env_vars: >
|
||||||
-e "KEYSTONE_HOST={{ hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address'] }}"
|
-e "KEYSTONE_HOST={{ hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address'] }}"
|
||||||
-e "MEMCACHED_HOST={{ hostvars[groups['memcached'][0]]['ansible_default_ipv4']['address'] }}"
|
-e "METADATA_SECRET=geheim"
|
||||||
-e "METADATA_SECRET={{ secrets['METADATA_SECRET'] }}"
|
|
||||||
-e "MY_IP={{ hostvars[groups['neutron-controller'][0]]['ansible_default_ipv4']['address'] }}"
|
-e "MY_IP={{ hostvars[groups['neutron-controller'][0]]['ansible_default_ipv4']['address'] }}"
|
||||||
-e "MYSQL_HOST={{ hostvars[groups['databases'][0]]['ansible_default_ipv4']['address'] }}"
|
-e "MYSQL_HOST={{ hostvars[groups['databases'][0]]['ansible_default_ipv4']['address'] }}"
|
||||||
-e "MYSQL_ROOT_PASSWORD={{ secrets['MYSQL_ROOT_PASSWORD'] }}"
|
-e "MYSQL_ROOT_PASSWORD=geheim"
|
||||||
-e "NEUTRON_PASSWORD={{ secrets['NEUTRON_PASSWORD'] }}"
|
-e "NEUTRON_PASSWORD=geheim"
|
||||||
-e "NEUTRON_USER=neutron"
|
-e "NEUTRON_USER=neutron"
|
||||||
-e "NOVA_CONTROLLER_HOST={{ hostvars[groups['nova-controller'][0]]['ansible_default_ipv4']['address'] }}"
|
-e "NOVA_CONTROLLER_HOST={{ hostvars[groups['nova-controller'][0]]['ansible_default_ipv4']['address'] }}"
|
||||||
-e "NOVA_PLACEMENT_PASSWORD={{ secrets['NOVA_PLACEMENT_PASSWORD'] }}"
|
-e "NOVA_PASSWORD=geheim"
|
||||||
-e "NOVA_PLACEMENT_USER=placement"
|
-e "NOVA_USER=nova"
|
||||||
-e "OS_PASSWORD={{ secrets['OS_PASSWORD'] }}"
|
-e "MEMCACHED_HOST={{ hostvars[groups['memcached'][0]]['ansible_default_ipv4']['address'] }}"
|
||||||
-e "PROVIDER_INTERFACE_NAME={{ provider_interface_name }}"
|
-e "PROVIDER_INTERFACE_NAME={{ provider_interface_name }}"
|
||||||
-e "RABBIT_PASSWORD={{ secrets['RABBIT_PASSWORD'] }}"
|
-e "RABBIT_PASSWORD=geheim"
|
||||||
-e "RABBIT_USER=openstack"
|
-e "RABBIT_USER=openstack"
|
||||||
tags: env
|
tags: env
|
||||||
|
|
||||||
|
@ -6,8 +6,7 @@ Requires=docker.service
|
|||||||
[Service]
|
[Service]
|
||||||
TimeoutStartSec=0
|
TimeoutStartSec=0
|
||||||
Restart=always
|
Restart=always
|
||||||
ExecStartPre=-/usr/bin/docker kill %n
|
ExecStartPre=-/usr/bin/docker rm -f %n
|
||||||
ExecStartPre=-/usr/bin/docker rm %n
|
|
||||||
ExecStart=/usr/bin/docker run --name %n \
|
ExecStart=/usr/bin/docker run --name %n \
|
||||||
{{ env_vars | replace('\n', '') }} \
|
{{ env_vars | replace('\n', '') }} \
|
||||||
--add-host=nova-controller:{{ hostvars[groups['nova-controller'][0]]['ansible_default_ipv4']['address'] }} \
|
--add-host=nova-controller:{{ hostvars[groups['nova-controller'][0]]['ansible_default_ipv4']['address'] }} \
|
||||||
|
@ -1,10 +1,5 @@
|
|||||||
# Build and install a docker image for nova-controller.
|
# Build and install a docker image for nova-controller.
|
||||||
---
|
---
|
||||||
- name: include secrets
|
|
||||||
include_vars:
|
|
||||||
file: ../../secrets.yml
|
|
||||||
name: secrets
|
|
||||||
|
|
||||||
- set_fact:
|
- set_fact:
|
||||||
docker_image: webhost12.service.rug.nl/hpc/openstack-nova-compute:latest
|
docker_image: webhost12.service.rug.nl/hpc/openstack-nova-compute:latest
|
||||||
tags: facts
|
tags: facts
|
||||||
|
@ -6,37 +6,33 @@ Requires=docker.service
|
|||||||
[Service]
|
[Service]
|
||||||
TimeoutStartSec=0
|
TimeoutStartSec=0
|
||||||
Restart=always
|
Restart=always
|
||||||
ExecStartPre=-/usr/bin/docker kill %n
|
ExecStartPre=-/usr/bin/docker rm -f %n
|
||||||
ExecStartPre=-/usr/bin/docker rm %n
|
|
||||||
ExecStart=/usr/bin/docker run --name %n \
|
ExecStart=/usr/bin/docker run --name %n \
|
||||||
-e "GLANCE_CONTROLLER_HOST={{ hostvars[groups['glance-controller'][0]]['ansible_default_ipv4']['address'] }}" \
|
-e "MY_IP={{ hostvars[groups['nova-compute'][0]]['ansible_default_ipv4']['address'] }}" \
|
||||||
|
-e "NOVA_USER=nova" \
|
||||||
|
-e "NOVA_COMPUTE_USER=nova_compute" \
|
||||||
|
-e "NOVA_PASSWORD=geheim" \
|
||||||
|
-e "NOVA_PLACEMENT_USER=placement" \
|
||||||
|
-e "NOVA_PLACEMENT_PASSWORD=geheim" \
|
||||||
|
-e "RABBIT_USER=openstack" \
|
||||||
|
-e "RABBIT_PASSWORD=geheim" \
|
||||||
|
-e "RABBIT_HOST={{ hostvars[groups['rabbitmq'][0]]['ansible_default_ipv4']['address'] }}" \
|
||||||
-e "KEYSTONE_HOST={{ hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address'] }}" \
|
-e "KEYSTONE_HOST={{ hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address'] }}" \
|
||||||
-e "MEMCACHED_HOST={{ hostvars[groups['memcached'][0]]['ansible_default_ipv4']['address'] }}" \
|
-e "MEMCACHED_HOST={{ hostvars[groups['memcached'][0]]['ansible_default_ipv4']['address'] }}" \
|
||||||
-e "MY_IP={{ hostvars[groups['nova-compute'][0]]['ansible_default_ipv4']['address'] }}" \
|
|
||||||
-e "MYSQL_HOST={{ hostvars[groups['databases'][0]]['ansible_default_ipv4']['address'] }}" \
|
-e "MYSQL_HOST={{ hostvars[groups['databases'][0]]['ansible_default_ipv4']['address'] }}" \
|
||||||
-e "MYSQL_ROOT_PASSWORD={{ secrets['MYSQL_ROOT_PASSWORD'] }}" \
|
-e "MYSQL_ROOT_PASSWORD=geheim" \
|
||||||
-e "NEUTRON_CONTROLLER_HOST={{ hostvars[groups['neutron-controller'][0]]['ansible_default_ipv4']['address'] }}" \
|
-e "NEUTRON_CONTROLLER_HOST={{ hostvars[groups['neutron-controller'][0]]['ansible_default_ipv4']['address'] }}" \
|
||||||
-e "NEUTRON_PASSWORD={{ secrets['NEUTRON_PASSWORD'] }}" \
|
-e "NEUTRON_PASSWORD=geheim" \
|
||||||
-e "NEUTRON_USER=neutron" \
|
-e "NEUTRON_USER=neutron" \
|
||||||
-e "NOVA_COMPUTE_USER=nova_compute" \
|
|
||||||
-e "NOVA_CONTROLLER_HOST={{ hostvars[groups['nova-controller'][0]]['ansible_default_ipv4']['address'] }}" \
|
-e "NOVA_CONTROLLER_HOST={{ hostvars[groups['nova-controller'][0]]['ansible_default_ipv4']['address'] }}" \
|
||||||
-e "NOVA_PASSWORD={{ secrets['NOVA_PASSWORD'] }}" \
|
|
||||||
-e "NOVA_PASSWORD={{ secrets['NOVA_PASSWORD'] }}" \
|
|
||||||
-e "NOVA_PLACEMENT_PASSWORD={{ secrets['NOVA_PLACEMENT_PASSWORD'] }}" \
|
|
||||||
-e "NOVA_PLACEMENT_USER=placement" \
|
|
||||||
-e "NOVA_USER=nova" \
|
|
||||||
-e "OS_PASSWORD={{ secrets['OS_PASSWORD'] }}" \
|
|
||||||
-e "PROVIDER_INTERFACE_NAME={{ provider_interface_name }}" \
|
-e "PROVIDER_INTERFACE_NAME={{ provider_interface_name }}" \
|
||||||
-e "RABBIT_HOST={{ hostvars[groups['rabbitmq'][0]]['ansible_default_ipv4']['address'] }}" \
|
-e "GLANCE_CONTROLLER_HOST={{ hostvars[groups['glance-controller'][0]]['ansible_default_ipv4']['address'] }}" \
|
||||||
-e "RABBIT_PASSWORD={{ secrets['RABBIT_PASSWORD'] }}" \
|
|
||||||
-e "RABBIT_USER=openstack" \
|
|
||||||
--add-host=keystone:{{ hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address'] }} \
|
--add-host=keystone:{{ hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address'] }} \
|
||||||
--add-host=mariadb:{{ hostvars[groups['databases'][0]]['ansible_default_ipv4']['address'] }} \
|
--add-host=mariadb:{{ hostvars[groups['databases'][0]]['ansible_default_ipv4']['address'] }} \
|
||||||
--privileged \
|
--privileged \
|
||||||
-v /var/run/libvirt/libvirt-sock:/var/run/libvirt/libvirt-sock \
|
-v /var/run/libvirt/libvirt-sock:/var/run/libvirt/libvirt-sock \
|
||||||
-v /var/lib/nova/instances:/var/lib/nova/instances \
|
-v /var/lib/nova/instances:/var/lib/nova/instances \
|
||||||
-v /lib/modules:/lib/modules \
|
-v /lib/modules:/lib/modules \
|
||||||
-v /etc/machine-id:/etc/machine-id \
|
|
||||||
--network host \
|
--network host \
|
||||||
{{ docker_image }} /etc/run.sh
|
{{ docker_image }} /etc/run.sh
|
||||||
|
|
||||||
|
@ -1,39 +1,25 @@
|
|||||||
# Build and install a docker image for nova-controller.
|
# Build and install a docker image for nova-controller.
|
||||||
---
|
---
|
||||||
- name: include secrets
|
|
||||||
include_vars:
|
|
||||||
file: ../../secrets.yml
|
|
||||||
name: secrets
|
|
||||||
|
|
||||||
- name: Make persistent directories
|
|
||||||
file:
|
|
||||||
path: "{ item }}"
|
|
||||||
state: directory
|
|
||||||
mode: 0777
|
|
||||||
with_items:
|
|
||||||
- /srv/nova-controller
|
|
||||||
- /srv/nova-controller/root
|
|
||||||
|
|
||||||
- set_fact:
|
- set_fact:
|
||||||
docker_image: webhost12.service.rug.nl/hpc/openstack-nova-service:latest
|
docker_image: webhost12.service.rug.nl/hpc/openstack-nova-service:latest
|
||||||
env_vars: >
|
env_vars: >
|
||||||
-e "GLANCE_CONTROLLER_HOST={{ hostvars[groups['glance-controller'][0]]['ansible_default_ipv4']['address'] }}"
|
|
||||||
-e "KEYSTONE_HOST={{ hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address'] }}"
|
|
||||||
-e "MEMCACHED_HOST={{ hostvars[groups['memcached'][0]]['ansible_default_ipv4']['address'] }}"
|
|
||||||
-e "MY_IP={{ hostvars[groups['nova-controller'][0]]['ansible_default_ipv4']['address'] }}"
|
-e "MY_IP={{ hostvars[groups['nova-controller'][0]]['ansible_default_ipv4']['address'] }}"
|
||||||
-e "MYSQL_HOST={{ hostvars[groups['databases'][0]]['ansible_default_ipv4']['address'] }}"
|
|
||||||
-e "MYSQL_ROOT_PASSWORD={{ secrets['MYSQL_ROOT_PASSWORD'] }}"
|
|
||||||
-e "NEUTRON_CONTROLLER_HOST={{ hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address'] }}"
|
|
||||||
-e "NEUTRON_PASSWORD={{ secrets['NEUTRON_PASSWORD'] }}"
|
|
||||||
-e "NEUTRON_USER=neutron"
|
|
||||||
-e "NOVA_CONTROLLER_HOST={{ hostvars[groups['nova-controller'][0]]['ansible_default_ipv4']['address'] }}"
|
|
||||||
-e "NOVA_PASSWORD={{ secrets['NOVA_PASSWORD'] }}"
|
|
||||||
-e "NOVA_PLACEMENT_PASSWORD={{ secrets['NOVA_PLACEMENT_PASSWORD'] }}"
|
|
||||||
-e "NOVA_PLACEMENT_USER=placement"
|
|
||||||
-e "NOVA_USER=nova"
|
-e "NOVA_USER=nova"
|
||||||
-e "OS_PASSWORD={{ secrets['OS_PASSWORD'] }}"
|
-e "NOVA_PASSWORD=geheim"
|
||||||
-e "RABBIT_PASSWORD={{ secrets['RABBIT_PASSWORD'] }}"
|
-e "NOVA_PLACEMENT_USER=placement"
|
||||||
|
-e "NOVA_PLACEMENT_PASSWORD=geheim"
|
||||||
-e "RABBIT_USER=openstack"
|
-e "RABBIT_USER=openstack"
|
||||||
|
-e "RABBIT_PASSWORD=geheim"
|
||||||
|
-e "KEYSTONE_HOST={{ hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address'] }}"
|
||||||
|
-e "NEUTRON_CONTROLLER_HOST={{ hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address'] }}"
|
||||||
|
-e "MEMCACHED_HOST={{ hostvars[groups['memcached'][0]]['ansible_default_ipv4']['address'] }}"
|
||||||
|
-e "MYSQL_HOST={{ hostvars[groups['databases'][0]]['ansible_default_ipv4']['address'] }}"
|
||||||
|
-e "MYSQL_ROOT_PASSWORD=geheim"
|
||||||
|
-e "NOVA_CONTROLLER_HOST={{ hostvars[groups['nova-controller'][0]]['ansible_default_ipv4']['address'] }}"
|
||||||
|
-e "GLANCE_CONTROLLER_HOST={{ hostvars[groups['glance-controller'][0]]['ansible_default_ipv4']['address'] }}"
|
||||||
|
-e "NEUTRON_PASSWORD=geheim"
|
||||||
|
-e "NEUTRON_USER=neutron"
|
||||||
|
-e "METADATA_SECRET=geheim"
|
||||||
tags: facts
|
tags: facts
|
||||||
|
|
||||||
- name: pull docker image
|
- name: pull docker image
|
||||||
@ -57,7 +43,6 @@
|
|||||||
{{ env_vars }}
|
{{ env_vars }}
|
||||||
--add-host=mariadb:{{ hostvars[groups['databases'][0]]['ansible_default_ipv4']['address'] }}
|
--add-host=mariadb:{{ hostvars[groups['databases'][0]]['ansible_default_ipv4']['address'] }}
|
||||||
--add-host=keystone:{{ hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address'] }}
|
--add-host=keystone:{{ hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address'] }}
|
||||||
-v /srv/nova-controller/root:/root
|
|
||||||
{{ docker_image }}
|
{{ docker_image }}
|
||||||
/etc/bootstrap.sh
|
/etc/bootstrap.sh
|
||||||
tags: bootstrap
|
tags: bootstrap
|
||||||
|
@ -6,17 +6,14 @@ Requires=docker.service
|
|||||||
[Service]
|
[Service]
|
||||||
TimeoutStartSec=0
|
TimeoutStartSec=0
|
||||||
Restart=always
|
Restart=always
|
||||||
ExecStartPre=-/usr/bin/docker kill %n
|
ExecStartPre=-/usr/bin/docker rm -f %n
|
||||||
ExecStartPre=-/usr/bin/docker rm %n
|
|
||||||
ExecStart=/usr/bin/docker run --name %n \
|
ExecStart=/usr/bin/docker run --name %n \
|
||||||
{{ env_vars | replace('\n', '') }} \
|
{{ env_vars | replace('\n', '') }} \
|
||||||
--add-host=mariadb:{{ hostvars[groups['databases'][0]]['ansible_default_ipv4']['address'] }} \
|
--add-host=mariadb:{{ hostvars[groups['databases'][0]]['ansible_default_ipv4']['address'] }} \
|
||||||
--add-host=keystone:{{ hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address'] }} \
|
--add-host=keystone:{{ hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address'] }} \
|
||||||
--privileged \
|
--privileged \
|
||||||
-v /srv/nova-controller/root:/root \
|
|
||||||
-p 8774:8774 \
|
-p 8774:8774 \
|
||||||
-p 8778:8778 \
|
-p 8778:8778 \
|
||||||
-p 6080:6080 \
|
|
||||||
{{ docker_image }} /etc/run.sh
|
{{ docker_image }} /etc/run.sh
|
||||||
|
|
||||||
[Install]
|
[Install]
|
||||||
|
@ -6,7 +6,7 @@ Requires=docker.service
|
|||||||
[Service]
|
[Service]
|
||||||
TimeoutStartSec=0
|
TimeoutStartSec=0
|
||||||
Restart=always
|
Restart=always
|
||||||
ExecStartPre=-/usr/bin/docker kill %n
|
ExecStartPre=-/usr/bin/docker stop %n
|
||||||
ExecStartPre=-/usr/bin/docker rm %n
|
ExecStartPre=-/usr/bin/docker rm %n
|
||||||
ExecStartPre=/usr/bin/docker pull rabbitmq:latest
|
ExecStartPre=/usr/bin/docker pull rabbitmq:latest
|
||||||
ExecStart=/usr/bin/docker run \
|
ExecStart=/usr/bin/docker run \
|
||||||
@ -14,8 +14,8 @@ ExecStart=/usr/bin/docker run \
|
|||||||
--add-host "{{ hostvars[groups['rabbitmq'][1]]['ansible_hostname'] }}:{{ hostvars[groups['rabbitmq'][1]]['ansible_default_ipv4']['address'] }}" \
|
--add-host "{{ hostvars[groups['rabbitmq'][1]]['ansible_hostname'] }}:{{ hostvars[groups['rabbitmq'][1]]['ansible_default_ipv4']['address'] }}" \
|
||||||
--add-host "{{ hostvars[groups['rabbitmq'][2]]['ansible_hostname'] }}:{{ hostvars[groups['rabbitmq'][2]]['ansible_default_ipv4']['address'] }}" \
|
--add-host "{{ hostvars[groups['rabbitmq'][2]]['ansible_hostname'] }}:{{ hostvars[groups['rabbitmq'][2]]['ansible_default_ipv4']['address'] }}" \
|
||||||
-p 4369:4369 -p 25679:25679 -p 25672:25672 -p 5671-5672:5671-5672 -p 8080:15672 \
|
-p 4369:4369 -p 25679:25679 -p 25672:25672 -p 5671-5672:5671-5672 -p 8080:15672 \
|
||||||
-e "RABBITMQ_DEFAULT_USER=user" -e "RABBITMQ_DEFAULT_PASS={{ secrets['RABBIT_PASSWORD'] }}" \
|
-e "RABBITMQ_DEFAULT_USER=user" -e "RABBITMQ_DEFAULT_PASS=password" \
|
||||||
-e "RABBITMQ_ERLANG_COOKIE={{ secrets['RABBITMQ_ERLANG_COOKIE'] }}" \
|
-e "RABBITMQ_ERLANG_COOKIE=IHyW9HpfbXRL+pZkhGd8pA==" \
|
||||||
-e "RABBITMQ_NODENAME=rabbit_{{ ansible_nodename }}" \
|
-e "RABBITMQ_NODENAME=rabbit_{{ ansible_nodename }}" \
|
||||||
--hostname "{{ ansible_nodename }}" --name %n rabbitmq:3-management
|
--hostname "{{ ansible_nodename }}" --name %n rabbitmq:3-management
|
||||||
|
|
||||||
|
@ -1,13 +1,5 @@
|
|||||||
# Install a docker based rabbitMQ.
|
# Install a docker based rabbitMQ.
|
||||||
---
|
---
|
||||||
- name: include secrets
|
|
||||||
include_vars:
|
|
||||||
file: ../../secrets.yml
|
|
||||||
name: secrets
|
|
||||||
|
|
||||||
- include_vars:
|
|
||||||
dir: 'vars'
|
|
||||||
|
|
||||||
- name: install service file.
|
- name: install service file.
|
||||||
template:
|
template:
|
||||||
src: files/rabbitmq.service
|
src: files/rabbitmq.service
|
||||||
@ -26,7 +18,7 @@
|
|||||||
|
|
||||||
- name: wait for container to be started
|
- name: wait for container to be started
|
||||||
wait_for:
|
wait_for:
|
||||||
port: 5672
|
port: 15671
|
||||||
|
|
||||||
- name: setup the cluster
|
- name: setup the cluster
|
||||||
command: "docker exec -i rabbitmq.service {{ item }}"
|
command: "docker exec -i rabbitmq.service {{ item }}"
|
||||||
@ -39,7 +31,7 @@
|
|||||||
- name: create openstack user
|
- name: create openstack user
|
||||||
command: "docker exec -i rabbitmq.service {{ item }}"
|
command: "docker exec -i rabbitmq.service {{ item }}"
|
||||||
with_items:
|
with_items:
|
||||||
- rabbitmqctl add_user openstack "{{ secrets['RABBIT_PASSWORD'] }}"
|
- rabbitmqctl add_user openstack geheim
|
||||||
- rabbitmqctl set_permissions openstack ".*" ".*" ".*"
|
- rabbitmqctl set_permissions openstack ".*" ".*" ".*"
|
||||||
when: ansible_nodename == hostname_node0
|
when: ansible_nodename == hostname_node0
|
||||||
register: command_result
|
register: command_result
|
||||||
|
Loading…
Reference in New Issue
Block a user