HPC/hpc-cloud
7
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Compare commits

base: HPC:merlin-develop
Branches Tags
HPC:master HPC:develop HPC:merlin HPC:feature/add-variables HPC:merlin-develop HPC:feature/galera HPC:feature/cinder-volume-encryption
HPC:umcg-0.2 HPC:umcg-0.1
..
compare: HPC:30c453e32bbd1cf37d468b27450817051ee26ce2
Branches Tags
HPC:develop HPC:merlin HPC:master HPC:feature/add-variables HPC:merlin-develop HPC:feature/galera HPC:feature/cinder-volume-encryption
HPC:umcg-0.2 HPC:umcg-0.1

3 Commits
merlin-dev ... 30c453e32b

Author SHA1 Message Date
Egon Rijpkema
30c453e32b make a loop for more flexibility. 2017-09-19 17:11:34 +02:00
Egon Rijpkema
d0a2a7fc41 Updated url of docker registry. 2017-09-19 11:57:20 +02:00
Egon Rijpkema
07a89c6ce4 added cinder to site.yml 2017-08-31 15:02:47 +02:00
43 changed files with 163 additions and 629 deletions
Expand all files Collapse all files

2
ansible.cfg
View File

@ -1,2 +1,2 @@
[defaults]
inventory = merlin
hostfile = hosts

35
gcc-post-install.yml
View File

@ -1,35 +0,0 @@
---
- hosts: all
name: Dummy to gather facts
tasks: []
- hosts: keystone
become: True
vars_files:
- settings.yml
tasks:
- name: copy public key
copy:
content: "{{ rsa_pub }}"
dest: /srv/keystone/root/id_rsa.pub
- name: post install configuration
command: docker exec -i keystone.service bash -c "source /root/admin-openrc.sh && {{ item }}"
with_items:
- openstack network create --share --external --provider-physical-network provider --provider-network-type vlan --provider-segment 985 vlan985
- >
openstack subnet create --subnet-range 172.23.34.0/24 --gateway 172.23.34.1
--network vlan985 --allocation-pool start=172.23.34.50,end=172.23.34.60
--dns-nameserver 8.8.4.4 vlan985_subnet
- openstack network create --share --external --provider-physical-network provider --provider-network-type vlan --provider-segment 16 vlan16
- >
openstack subnet create --subnet-range 195.169.22.0/23 --gateway 195.169.23.251
--network vlan16 --allocation-pool start=195.169.22.237,end=195.169.22.237
--dns-nameserver 8.8.4.4 vlan16_subnet
- openstack flavor create --ram 4096 --disk 40 --vcpus 2 "Molgenis Dual"
- openstack flavor create --ram 16384 --disk 40 --vcpus 4 "Molgenis Quad 16GB"
- openstack flavor create --ram 8192 --disk 40 --vcpus 4 "Molgenis Quad 8GB"
- openstack keypair create --public-key /root/id_rsa.pub adminkey

4
generate_secrets.py
View File

@ -5,7 +5,6 @@ Open the secrets.yml and replace all passwords.
Original is backed up.
"""
from os import path
import random
import string
from subprocess import call
@ -28,8 +27,7 @@ for key, value in data.iteritems():
for _ in range(pass_length))
# Make numbered backups of the secrets file.
if path.isfile('secrets.yml'):
call(['cp', '--backup=numbered', 'secrets.yml', 'secrets.yml.bak'])
call(['cp', '--backup=numbered', 'secrets.yml', 'secrets.yml.bak'])
with open('secrets.yml', 'w') as f:
dump(data, f, Dumper=Dumper, default_flow_style=False)

9
heat.yml
View File

@ -1,9 +0,0 @@
---
- hosts: all
name: Dummy to gather facts
tasks: []
- hosts: heat
become: True
roles:
- heat

23
hosts
View File

@ -1,9 +1,5 @@
# A demo cluster of three nodes.
[databases]
openstack01-node01
openstack01-node02
openstack01-node03
[keystone]
openstack01-node03
@ -19,11 +15,26 @@ openstack01-node01
openstack01-node02
openstack01-node03
#[cassandra]
#openstack01-node[01:03]
#openstack01-node01
#
#[next_cassandra]
#openstack01-node02
#openstack01-node03
[memcached]
openstack01-node03
#[first_cassandra:vars]
#run_options=""
#
#[next_cassandra:vars]
#run_options="-e CASSANDRA_SEEDS=172.23.41.1"
[neutron-controller]
openstack01-node01 physical_interface_mappings=provider:ens192
openstack01-node01 provider_interface_name=ens192
[nova-controller]
openstack01-node03
@ -35,4 +46,4 @@ openstack01-node03
openstack01-node01 storage_volume=/dev/loop0
[nova-compute]
openstack01-node04 physical_interface_mappings=provider:enp4s0f0
openstack01-node04 provider_interface_name=dummy0

7
mariadb.yml
View File

@ -4,10 +4,3 @@
become: True
roles:
- mariadb
vars:
hostname_node0: "{{ hostvars[groups['databases'][0]]['ansible_hostname'] }}"
hostname_node1: "{{ hostvars[groups['databases'][1]]['ansible_hostname'] }}"
hostname_node2: "{{ hostvars[groups['databases'][2]]['ansible_hostname'] }}"
ip_node0: "{{ hostvars[groups['databases'][0]]['listen_ip'] | default(hostvars[groups['databases'][0]]['ansible_default_ipv4']['address']) }}"
ip_node1: "{{ hostvars[groups['databases'][1]]['listen_ip'] | default(hostvars[groups['databases'][1]]['ansible_default_ipv4']['address']) }}"
ip_node2: "{{ hostvars[groups['databases'][2]]['listen_ip'] | default(hostvars[groups['databases'][2]]['ansible_default_ipv4']['address']) }}"

39
merlin
View File

@ -1,39 +0,0 @@
[nova-compute]
merlin-node012 physical_interface_mappings=provider:enp129s0f1 overlay_ip=172.23.43.12
merlin-node013 physical_interface_mappings=provider:enp129s0f1 overlay_ip=172.23.43.13
merlin-node006 physical_interface_mappings=provider:enp130s0f0 overlay_ip=172.23.43.6
merlin-node007 physical_interface_mappings=provider:enp130s0f0 overlay_ip=172.23.43.7
merlin-node008 physical_interface_mappings=provider:enp130s0f0 overlay_ip=172.23.43.8
merlin-node009 physical_interface_mappings=provider:enp130s0f0 overlay_ip=172.23.43.9
merlin-node010 physical_interface_mappings=provider:enp130s0f0 overlay_ip=172.23.43.10
[databases]
merlin-node011
merlin-node012
merlin-node013
[rabbitmq]
merlin-node011
merlin-node012
merlin-node013
[horizon]
merlin-node011
[memcached]
merlin-node011
[nova-controller]
merlin-node011
[keystone]
merlin-node011
[neutron-controller]
merlin-node011 physical_interface_mappings=provider:enp129s0f1 overlay_ip=172.23.43.11
[heat]
merlin-node011
[glance-controller]
merlin-node011

39
merlin-bagpipe
View File

@ -1,39 +0,0 @@
[nova-compute]
merlin-managementnode002 physical_interface_mappings=provider:enp5s0f1 overlay_ip=129.125.60.109
merlin-managementnode003 physical_interface_mappings=provider:enp5s0f1 overlay_ip=129.125.60.110
merlin-node001 physical_interface_mappings=provider:enp130s0f0 overlay_ip=129.125.60.117
merlin-node002 physical_interface_mappings=provider:enp130s0f0 overlay_ip=129.125.60.118
merlin-node003 physical_interface_mappings=provider:enp130s0f0 overlay_ip=129.125.60.119
merlin-node004 physical_interface_mappings=provider:enp130s0f0 overlay_ip=129.125.60.122
merlin-node005 physical_interface_mappings=provider:enp130s0f0 overlay_ip=129.125.60.123
[databases]
merlin-managementnode001
merlin-managementnode002
merlin-managementnode003
[rabbitmq]
merlin-managementnode001
merlin-managementnode002
merlin-managementnode003
[horizon]
merlin-managementnode001
[memcached]
merlin-managementnode001
[nova-controller]
merlin-managementnode001
[keystone]
merlin-managementnode001
[neutron-controller]
merlin-managementnode001 physical_interface_mappings=provider:enp5s0f1 overlay_ip=129.125.60.108
[heat]
merlin-managementnode001
[glance-controller]
merlin-managementnode001

1
meta/main.yml
View File

@ -1 +0,0 @@
---

21
nuke.yml
View File

@ -1,21 +0,0 @@
---
# This playbook will reset the instalation to facilitate a new installation.
# All data is lost!
- hosts: all
become: True
name: Dummy to gather facts
tasks:
- name: Stop docker service
shell: "systemctl stop docker"
- name: Verify docker is stopped.
systemd:
name: docker
state: stopped
- name: remove volumes
shell: "rm -rf /srv"
- hosts: cinder-storage
become: True
tasks:
- name: wipe cinder storage.
shell: "dd if=/dev/zero of={{ storage_volume }} bs=1M count=1 && sync"

35
openstack03
View File

@ -1,35 +0,0 @@
[databases]
openstack03
[keystone]
openstack03
[glance-controller]
openstack03
[horizon]
openstack03
[rabbitmq]
openstack03
[memcached]
openstack03
[neutron-controller]
openstack03 physical_interface_mappings=provider:enp4s0f0
[nova-controller]
openstack03
[cinder-controller]
openstack03
[cinder-storage]
openstack03 storage_volume=/dev/sdb1
[nova-compute]
openstack03 physical_interface_mappings=provider:enp4s0f0
[all:vars]
listen_ip=172.23.40.243

37
os-test
View File

@ -1,37 +0,0 @@
# An all in one
[databases]
os-test
[keystone]
os-test
[glance-controller]
os-test
[horizon]
os-test
[rabbitmq]
os-test
[memcached]
os-test
[neutron-controller]
os-test physical_interface_mappings=provider:enp4s0f0
[nova-controller]
os-test
[cinder-controller]
os-test
[cinder-storage]
os-test storage_volume=/dev/sdb
[nova-compute]
os-test physical_interface_mappings=provider:enp4s0f0
[all:vars]
listen_ip=129.125.60.194

5
post-install.yml
View File

@ -16,7 +16,10 @@
command: docker exec -i keystone.service bash -c "source /root/admin-openrc.sh && {{ item }}"
with_items:
- openstack network create --share --external --provider-physical-network provider --provider-network-type flat provider
- openstack network set --external provider
- >
openstack subnet create --network provider
--allocation-pool start={{ allocation_pool['start'] }},end={{ allocation_pool['end'] }}
--dns-nameserver {{ dns_nameserver }} --gateway {{ gateway }} --subnet-range {{ subnet_range }} provider
- openstack flavor create --id 0 --vcpus 1 --ram 64 --disk 1 m1.nano
- openstack keypair create --public-key /root/id_rsa.pub adminkey

5
roles/cassandra/tasks/main.yml
View File

@ -7,14 +7,9 @@
mode: 644
owner: root
group: root
- name: install service file
command: systemctl daemon-reload
- name: make sure service is started
systemd:
name: cassandra.service
state: started
- name: start service at boot.
command: systemctl reenable cassandra.service

15
roles/cinder-controller/tasks/main.yml
View File

@ -8,16 +8,16 @@
- set_fact:
docker_image: registry.webhosting.rug.nl/hpc/openstack-cinder-controller:latest
env_vars: >
-e "MY_IP={{ listen_ip | default(ansible_default_ipv4.address) }}"
-e "CINDER_HOST={{ listen_ip | default(hostvars[groups['cinder-controller'][0]]['ansible_default_ipv4']['address']) }}"
-e "MY_IP={{ ansible_default_ipv4.address }}"
-e "CINDER_HOST={{ hostvars[groups['cinder-controller'][0]]['ansible_default_ipv4']['address'] }}"
-e "CINDER_PASSWORD={{ secrets['CINDER_PASSWORD'] }}"
-e "CINDER_USER=cinder"
-e "KEYSTONE_HOST={{ listen_ip | default(hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address']) }}"
-e "MEMCACHED_HOST={{ listen_ip | default(hostvars[groups['memcached'][0]]['ansible_default_ipv4']['address']) }}"
-e "MYSQL_HOST={{ listen_ip | default(hostvars[groups['databases'][0]]['ansible_default_ipv4']['address']) }}"
-e "KEYSTONE_HOST={{ hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address'] }}"
-e "MEMCACHED_HOST={{ hostvars[groups['memcached'][0]]['ansible_default_ipv4']['address'] }}"
-e "MYSQL_HOST={{ hostvars[groups['databases'][0]]['ansible_default_ipv4']['address'] }}"
-e "MYSQL_ROOT_PASSWORD={{ secrets['MYSQL_ROOT_PASSWORD'] }}"
-e "OS_PASSWORD={{ secrets['OS_PASSWORD'] }}"
-e "RABBIT_HOST={{ listen_ip | default(hostvars[groups['rabbitmq'][0]]['ansible_default_ipv4']['address']) }}"
-e "RABBIT_HOST={{ hostvars[groups['rabbitmq'][0]]['ansible_default_ipv4']['address'] }}"
-e "RABBIT_PASSWORD={{ secrets['RABBIT_PASSWORD'] }}"
-e "RABBIT_USER=openstack"
@ -43,9 +43,6 @@
owner: root
group: root
- name: start service at boot.
command: systemctl reenable cinder-controller.service
- command: systemctl daemon-reload
- name: Initialize database.

19
roles/cinder-storage/tasks/main.yml
View File

@ -4,24 +4,22 @@
include_vars:
file: ../../secrets.yml
name: secrets
tags: vars
- set_fact:
docker_image: registry.webhosting.rug.nl/hpc/openstack-cinder-storage:latest
env_vars: >
-e "MY_IP={{ listen_ip | default(ansible_default_ipv4.address) }}"
-e "CINDER_HOST={{ listen_ip | default(hostvars[groups['cinder-storage'][0]]['ansible_default_ipv4']['address']) }}"
-e "MY_IP={{ ansible_default_ipv4.address }}"
-e "CINDER_HOST={{ hostvars[groups['cinder-storage'][0]]['ansible_default_ipv4']['address'] }}"
-e "CINDER_PASSWORD={{ secrets['CINDER_PASSWORD'] }}"
-e "CINDER_USER=cinder"
-e "GLANCE_HOST={{ listen_ip | default(hostvars[groups['glance-controller'][0]]['ansible_default_ipv4']['address']) }}"
-e "KEYSTONE_HOST={{ listen_ip | default(hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address']) }}"
-e "MYSQL_HOST={{ listen_ip | default(hostvars[groups['databases'][0]]['ansible_default_ipv4']['address']) }}"
-e "GLANCE_HOST={{ hostvars[groups['glance-controller'][0]]['ansible_default_ipv4']['address'] }}"
-e "KEYSTONE_HOST={{ hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address'] }}"
-e "MYSQL_HOST={{ hostvars[groups['databases'][0]]['ansible_default_ipv4']['address'] }}"
-e "MYSQL_ROOT_PASSWORD={{ secrets['MYSQL_ROOT_PASSWORD'] }}"
-e "OS_PASSWORD={{ secrets['OS_PASSWORD'] }}"
-e "RABBIT_HOST={{ listen_ip | default(hostvars[groups['rabbitmq'][0]]['ansible_default_ipv4']['address']) }}"
-e "RABBIT_HOST={{ hostvars[groups['rabbitmq'][0]]['ansible_default_ipv4']['address'] }}"
-e "RABBIT_PASSWORD={{ secrets['RABBIT_PASSWORD'] }}"
-e "RABBIT_USER=openstack"
tags: vars
- name: pull docker image
docker_image:
@ -54,13 +52,8 @@
mode: 644
owner: root
group: root
tags: systemd
- command: systemctl daemon-reload
tags: systemd
- name: start service at boot.
command: systemctl reenable cinder-storage.service
- name: make sure service is started
systemd:

8
roles/cinder-storage/templates/cinder-storage.service
View File

@ -1,5 +1,5 @@
[Unit]
Description=Openstack Cinder Storage container
Description=Openstack Glance Container
After=docker.service
Requires=docker.service
@ -11,13 +11,9 @@ ExecStartPre=-/usr/bin/docker rm %n
ExecStart=/usr/bin/docker run --name %n \
--privileged \
{{ env_vars | replace('\n', '') }} \
-v "/dev/cinder-volumes/":/dev/cinder-volumes \
-v /srv/cinder-storage/root:/root \
-v "{{ storage_volume }}":/dev/cinder_storage_volume \
-v "/dev/lvm":/dev/lvm \
-v "/srv/cinder-storage/volumes/:/var/lib/cinder/volumes/" \
-p 8777:8776 \
-p 3260:3260 \
-p 8776:8776 \
{{ docker_image }}
[Install]

5
roles/common/tasks/docker.yml
View File

@ -13,8 +13,3 @@
with_items:
- docker-engine
- python-docker
- name: make sure service is started
systemd:
name: docker.service
state: started

5
roles/dockerregistry/tasks/main.yml
View File

@ -7,18 +7,13 @@
mode: 644
owner: root
group: root
- name: install service file
command: systemctl daemon-reload
- name: make sure service is started
systemd:
name: dockerregistry.service
state: started
- name: start service at boot.
command: systemctl reenable dockerregistry.service
- name: Copy certificates and passwd file
copy:
src: "{{ item }}"

16
roles/glance-controller/tasks/main.yml
View File

@ -8,15 +8,15 @@
- set_fact:
docker_image: registry.webhosting.rug.nl/hpc/openstack-glance:latest
env_vars: >
-e "GLANCE_HOST={{ listen_ip | default(hostvars[groups['glance-controller'][0]]['ansible_default_ipv4']['address']) }}"
-e "GLANCE_HOST={{ hostvars[groups['glance-controller'][0]]['ansible_default_ipv4']['address'] }}"
-e "GLANCE_PASSWORD={{ secrets['GLANCE_PASSWORD'] }}"
-e "GLANCE_USER=glance"
-e "KEYSTONE_HOST={{ listen_ip | default(hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address']) }}"
-e "MEMCACHED_HOST={{ listen_ip | default(hostvars[groups['memcached'][0]]['ansible_default_ipv4']['address']) }}"
-e "MYSQL_HOST={{ listen_ip | default(hostvars[groups['databases'][0]]['ansible_default_ipv4']['address']) }}"
-e "KEYSTONE_HOST={{ hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address'] }}"
-e "MEMCACHED_HOST={{ hostvars[groups['memcached'][0]]['ansible_default_ipv4']['address'] }}"
-e "MYSQL_HOST={{ hostvars[groups['databases'][0]]['ansible_default_ipv4']['address'] }}"
-e "MYSQL_ROOT_PASSWORD={{ secrets['MYSQL_ROOT_PASSWORD'] }}"
-e "OS_PASSWORD={{ secrets['OS_PASSWORD'] }}"
-e "RABBIT_HOST={{ listen_ip | default(hostvars[groups['rabbitmq'][0]]['ansible_default_ipv4']['address']) }}"
-e "RABBIT_HOST={{ hostvars[groups['rabbitmq'][0]]['ansible_default_ipv4']['address'] }}"
-e "RABBIT_PASSWORD={{ secrets['RABBIT_PASSWORD'] }}"
-e "RABBIT_USER=openstack"
@ -42,18 +42,14 @@
owner: root
group: root
- name: start service at boot.
command: systemctl reenable glance.service
- command: systemctl daemon-reload
- name: Initialize database.
command: >
/usr/bin/docker run --rm
{{ env_vars }}
--add-host=keystone:{{ listen_ip | default(hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address']) }} \
--add-host=keystone:{{ hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address'] }} \
-v /srv/glance/root:/root \
-v /var/lib/glance/images:/var/lib/glance/images \
{{ docker_image }} /etc/bootstrap.sh
tags: bootstrap

1
roles/glance-controller/templates/glance.service
View File

@ -11,7 +11,6 @@ ExecStartPre=-/usr/bin/docker rm %n
ExecStart=/usr/bin/docker run --name %n \
{{ env_vars | replace('\n', '') }} \
-v /srv/glance/root:/root \
-v /var/lib/glance/images:/var/lib/glance/images \
-p 9292:9292 \
{{ docker_image }}

62
roles/heat/tasks/main.yml
View File

@ -1,62 +0,0 @@
# Build and install a docker image for heat.
---
- name: include secrets
include_vars:
file: ../../secrets.yml
name: secrets
- set_fact:
docker_image: registry.webhosting.rug.nl/hpc/openstack-heat:latest
env_vars: >
-e "HEAT_HOST={{ listen_ip | default(hostvars[groups['heat'][0]]['ansible_default_ipv4']['address']) }}"
-e "HEAT_PASSWORD={{ secrets['HEAT_PASSWORD'] }}"
-e "HEAT_USER=heat"
-e "KEYSTONE_HOST={{ listen_ip | default(hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address']) }}"
-e "MEMCACHED_HOST={{ listen_ip | default(hostvars[groups['memcached'][0]]['ansible_default_ipv4']['address']) }}"
-e "MYSQL_HOST={{ listen_ip | default(hostvars[groups['databases'][0]]['ansible_default_ipv4']['address']) }}"
-e "MYSQL_ROOT_PASSWORD={{ secrets['MYSQL_ROOT_PASSWORD'] }}"
-e "OS_PASSWORD={{ secrets['OS_PASSWORD'] }}"
-e "RABBIT_HOST={{ listen_ip | default(hostvars[groups['rabbitmq'][0]]['ansible_default_ipv4']['address']) }}"
-e "RABBIT_PASSWORD={{ secrets['RABBIT_PASSWORD'] }}"
-e "RABBIT_USER=openstack"
- name: pull docker image
docker_image:
name: "{{ docker_image }}"
tags: pull
- name: Make build and persistent directories
file:
path: "{{ item }}"
state: directory
mode: 0777
with_items:
- /srv/heat
- /srv/heat/root
- name: install service file.
template:
src: templates/heat.service
dest: /etc/systemd/system/heat.service
mode: 644
owner: root
group: root
- name: start service at boot.
command: systemctl reenable heat.service
- command: systemctl daemon-reload
- name: Initialize database.
command: >
/usr/bin/docker run --rm
{{ env_vars }}
--add-host=keystone:{{ listen_ip | default(hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address']) }} \
-v /srv/heat/root:/root \
{{ docker_image }} /etc/bootstrap.sh
tags: bootstrap
- name: make sure service is started
systemd:
name: heat.service
state: restarted

19
roles/heat/templates/heat.service
View File

@ -1,19 +0,0 @@
[Unit]
Description=Openstack heat Container
After=docker.service
Requires=docker.service
[Service]
TimeoutStartSec=0
Restart=always
ExecStartPre=-/usr/bin/docker kill %n
ExecStartPre=-/usr/bin/docker rm %n
ExecStart=/usr/bin/docker run --name %n \
{{ env_vars | replace('\n', '') }} \
-v /srv/heat/root:/root \
-p 8000:8000 \
-p 8004:8004 \
{{ docker_image }}
[Install]
WantedBy=multi-user.target

3
roles/horizon/tasks/main.yml
View File

@ -19,9 +19,6 @@
- command: systemctl daemon-reload
- name: start service at boot.
command: systemctl reenable horizon.service
- name: make sure service is started
systemd:
name: horizon.service

8
roles/horizon/templates/horizon.service
View File

@ -1,5 +1,5 @@
[Unit]
Description=Openstack Horizon Container
Description=Openstack Glance Container
After=docker.service
Requires=docker.service
@ -9,9 +9,9 @@ Restart=always
ExecStartPre=-/usr/bin/docker kill %n
ExecStartPre=-/usr/bin/docker rm %n
ExecStart=/usr/bin/docker run --name %n \
-e "MEMCACHED_SERVER={{ hostvars[groups['memcached'][0]]['listen_ip'] | default(hostvars[groups['memcached'][0]]['ansible_default_ipv4']['address']) }}" \
-e "KEYSTONE_HOST={{ hostvars[groups['keystone'][0]]['listen_ip'] | default(hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address']) }}" \
--add-host=keystone:{{ hostvars[groups['keystone'][0]]['listen_ip'] | default(hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address']) }} \
-e "MEMCACHED_SERVER={{ hostvars[groups['memcached'][0]]['ansible_default_ipv4']['address'] }}" \
-e "KEYSTONE_HOST={{ hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address'] }}" \
--add-host=keystone:{{ hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address'] }} \
-p 80:80 \
{{ docker_image }}

52
roles/keystone/tasks/main.yml
View File

@ -36,14 +36,11 @@
- name: install service file
command: systemctl daemon-reload
- name: start service at boot.
command: systemctl reenable keystone.service
- name: Initialize db
script: scripts/initialize_db.sh
environment:
MYSQL_ROOT_PASSWORD: "{{ secrets['MYSQL_ROOT_PASSWORD'] }}"
DB_HOST: "{{ listen_ip | default(hostvars[groups['databases'][0]]['ansible_default_ipv4']['address']) }}"
DB_HOST: "{{ hostvars[groups['databases'][0]]['ansible_default_ipv4']['address'] }}"
register: result
until: result|succeeded
# sometimes the initial connect fails.
@ -52,12 +49,12 @@
delay: 3
ignore_errors: yes
- name: keystone manage commands to setup db_sync
- name: keystone manage commands to setup db
command: >
/usr/bin/docker run --rm
--add-host=mariadb:{{ listen_ip | default(hostvars[groups['databases'][0]]['ansible_default_ipv4']['address']) }}
--add-host=mariadb:{{ hostvars[groups['databases'][0]]['ansible_default_ipv4']['address'] }}
-v /srv/keystone/fernet-keys:/etc/keystone/fernet-keys
-e "KEYSTONE_HOST={{ listen_ip | default(hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address']) }}"
-e "KEYSTONE_HOST={{ hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address'] }}"
{{ docker_image }} keystone-manage {{ item }}
with_items:
- db_sync
@ -65,15 +62,10 @@
- credential_setup --keystone-user keystone --keystone-group keystone
- >
bootstrap --bootstrap-password {{ secrets['OS_PASSWORD'] }}
--bootstrap-admin-url http://{{ listen_ip | default(hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address']) }}:35357/v3/
--bootstrap-internal-url http://{{ listen_ip | default(hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address']) }}:35357/v3/
--bootstrap-public-url http://{{ listen_ip | default(hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address']) }}:5000/v3/
--bootstrap-admin-url http://{{ hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address'] }}:35357/v3/
--bootstrap-internal-url http://{{ hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address'] }}:35357/v3/
--bootstrap-public-url http://{{ hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address'] }}:5000/v3/
--bootstrap-region-id RegionOne
# sometimes the initial connect fails.
# Retry until it succeeds.
retries: 7
delay: 3
ignore_errors: yes
- name: make sure service is started
systemd:
@ -83,36 +75,10 @@
- name: Create a domain, projects users and roles
command: >
/usr/bin/docker run --rm
--add-host=mariadb:{{ listen_ip | default(hostvars[groups['databases'][0]]['ansible_default_ipv4']['address']) }}
--add-host=mariadb:{{ hostvars[groups['databases'][0]]['ansible_default_ipv4']['address'] }}
-v /srv/keystone/fernet-keys:/etc/keystone/fernet-keys
-v /srv/keystone/root:/root
-e "KEYSTONE_HOST={{ listen_ip | default(hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address']) }}"
-e "KEYSTONE_HOST={{ hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address'] }}"
-e "OS_AUTH_URL=http://${KEYSTONE_HOST}:35357/v3"
-e "OS_PASSWORD={{ secrets['OS_PASSWORD'] }}"
{{ docker_image }} bash /etc/bootstrap.sh
register: result
retries: 7
delay: 3
- name: install openstack repo key host.
command: apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 5EDB1B62EC4926EA
tags: openstackclient
- name: install openstack repo on host.
apt_repository:
repo: "deb http://ubuntu-cloud.archive.canonical.com/ubuntu xenial-updates/ocata main"
filename: ocata
tags: openstackclient
- name: install openstack client for management
apt:
name: python-openstackclient
state: latest
update_cache: yes
tags: openstackclient
- name: source admin-openrc.sh in root .bashrc
lineinfile:
path: /root/.bashrc
line: 'source /srv/keystone/root/admin-openrc.sh'

4
roles/keystone/templates/keystone.service
View File

@ -9,8 +9,8 @@ Restart=always
ExecStartPre=-/usr/bin/docker kill %n
ExecStartPre=-/usr/bin/docker rm %n
ExecStart=/usr/bin/docker run --name %n \
--add-host=mariadb:{{ hostvars[groups['databases'][0]]['listen_ip'] | default(hostvars[groups['databases'][0]]['ansible_default_ipv4']['address']) }} \
-e "KEYSTONE_HOST={{ hostvars[groups['keystone'][0]]['listen_ip'] | default(hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address']) }}" \
--add-host=mariadb:{{ hostvars[groups['databases'][0]]['ansible_default_ipv4']['address'] }} \
-e "KEYSTONE_HOST={{ hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address'] }}" \
-p 5000:5000 -p 35357:35357 \
-v /srv/keystone/fernet-keys:/etc/keystone/fernet-keys \
-v /srv/keystone/root:/root \

20
roles/mariadb/files/galera.cnf
View File

@ -1,20 +0,0 @@
[mysqld]
binlog_format=ROW
default-storage-engine=innodb
innodb_autoinc_lock_mode=2
bind-address=0.0.0.0
# Galera Provider Configuration
wsrep_on=ON
wsrep_provider=/usr/lib/galera/libgalera_smm.so
# Galera Cluster Configuration
wsrep_cluster_name="test_cluster"
wsrep_cluster_address="gcomm://{{ ip_node0 }},{{ ip_node1 }},{{ ip_node2 }}"
# Galera Synchronization Configuration
wsrep_sst_method=rsync
# Galera Node Configuration
wsrep_node_address="{{ listen_ip | default(ansible_default_ipv4.address) }}"
wsrep_node_name="{{ ansible_nodename }}"

61
roles/mariadb/tasks/main.yml
View File

@ -5,6 +5,14 @@
file: ../../secrets.yml
name: secrets
- name: install service file.
template:
src: templates/mysql.service
dest: /etc/systemd/system/mysql.service
mode: 644
owner: root
group: root
- name: make mariadb settings volume
file:
path: "{{ item }}"
@ -13,65 +21,16 @@
with_items:
- /srv/mariadb/lib/mysql
- /srv/mariadb/etc/mysql
- /srv/mariadb/etc/mysql/conf.d
- name: place settings file
copy:
src: files/my.cnf
dest: /srv/mariadb/etc/mysql/conf.d/my.cnf
dest: /srv/mariadb/etc/mysql
mode: 660
- name: Set galara.cnf on node if we have at least three nodes.
template:
src: files/galera.cnf
dest: /srv/mariadb/etc/mysql/conf.d/galera.cnf
mode: 660
when: groups['databases'] | length >= 3
# This mimics galera_new_cluster.sh
- name: Initialize a new cluster.
block:
- set_fact:
mariadb_args: "--wsrep-new-cluster"
- template:
src: templates/mysql.service
dest: /etc/systemd/system/mysql.service
mode: 644
owner: root
group: root
- command: systemctl daemon-reload
- systemd:
name: mysql.service
state: started
when: groups['databases'] | length >= 3 and ansible_hostname == hostname_node0
- name: install service file.
block:
- set_fact:
mariadb_args: ""
- template:
src: templates/mysql.service
dest: /etc/systemd/system/mysql.service
mode: 644
owner: root
group: root
- name: Give the master node some time to initialize the cluster.
command: bash -c "sleep 60 && systemctl daemon-reload"
- command: systemctl daemon-reload
- name: make sure service is started
systemd:
name: mysql.service
state: started
- name: start service at boot.
command: systemctl reenable mysql.service
- name: Give the cluster some time to initialize replication.
command: bash -c "sleep 60 && systemctl daemon-reload"
when: groups['databases'] | length >= 3

7
roles/mariadb/templates/mysql.service
View File

@ -9,11 +9,10 @@ Restart=always
ExecStartPre=-/usr/bin/docker kill %n || /bin/true
ExecStartPre=-/usr/bin/docker rm %n
ExecStartPre=/usr/bin/docker pull mariadb:10.2
ExecStart=/usr/bin/docker run --name %n \
--network host \
ExecStart=/usr/bin/docker run -p 3306:3306 --name %n \
-v /srv/mariadb/lib/mysql:/var/lib/mysql \
-v /srv/mariadb/etc/mysql/conf.d:/etc/mysql/conf.d \
-e MYSQL_ROOT_PASSWORD={{ secrets['MYSQL_ROOT_PASSWORD'] }} mariadb:10.2 {{ mariadb_args }}
-v /srv/mariadb/etc/mysql:/etc/mysql \
-e MYSQL_ROOT_PASSWORD={{ secrets['MYSQL_ROOT_PASSWORD'] }} mariadb:10.2
[Install]
WantedBy=multi-user.target

5
roles/memcached/tasks/main.yml
View File

@ -7,13 +7,8 @@
mode: 644
owner: root
group: root
- name: install service file
command: systemctl daemon-reload
- name: start service at boot.
command: systemctl reenable memcached.service
- name: make sure service is started
systemd:
name: memcached.service

22
roles/neutron-controller/tasks/main.yml
View File

@ -6,7 +6,7 @@
name: secrets
- set_fact:
docker_image: "registry.webhosting.rug.nl/hpc/openstack-neutron-controller-merlin:latest"
docker_image: "registry.webhosting.rug.nl/hpc/openstack-neutron-controller:latest"
- name: pull docker image
docker_image:
@ -16,22 +16,21 @@
- set_fact:
env_vars: >
-e "KEYSTONE_HOST={{ listen_ip | default(hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address']) }}"
-e "MEMCACHED_HOST={{ listen_ip | default(hostvars[groups['memcached'][0]]['ansible_default_ipv4']['address']) }}"
-e "KEYSTONE_HOST={{ hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address'] }}"
-e "MEMCACHED_HOST={{ hostvars[groups['memcached'][0]]['ansible_default_ipv4']['address'] }}"
-e "METADATA_SECRET={{ secrets['METADATA_SECRET'] }}"
-e "MY_IP={{ listen_ip | default(hostvars[groups['neutron-controller'][0]]['ansible_default_ipv4']['address']) }}"
-e "MYSQL_HOST={{ listen_ip | default(hostvars[groups['databases'][0]]['ansible_default_ipv4']['address']) }}"
-e "MY_IP={{ hostvars[groups['neutron-controller'][0]]['ansible_default_ipv4']['address'] }}"
-e "MYSQL_HOST={{ hostvars[groups['databases'][0]]['ansible_default_ipv4']['address'] }}"
-e "MYSQL_ROOT_PASSWORD={{ secrets['MYSQL_ROOT_PASSWORD'] }}"
-e "NEUTRON_PASSWORD={{ secrets['NEUTRON_PASSWORD'] }}"
-e "NEUTRON_USER=neutron"
-e "NOVA_USER=nova"
-e "NOVA_PASSWORD={{ secrets['NOVA_PASSWORD'] }}"
-e "NOVA_CONTROLLER_HOST={{ listen_ip | default(hostvars[groups['nova-controller'][0]]['ansible_default_ipv4']['address']) }}"
-e "NOVA_CONTROLLER_HOST={{ hostvars[groups['nova-controller'][0]]['ansible_default_ipv4']['address'] }}"
-e "NOVA_PLACEMENT_PASSWORD={{ secrets['NOVA_PLACEMENT_PASSWORD'] }}"
-e "NOVA_PLACEMENT_USER=placement"
-e "OVERLAY_IP={{ overlay_ip }}"
-e "OS_PASSWORD={{ secrets['OS_PASSWORD'] }}"
-e "PHYSICAL_INTERFACE_MAPPINGS={{ physical_interface_mappings }}"
-e "PROVIDER_INTERFACE_NAME={{ provider_interface_name }}"
-e "RABBIT_PASSWORD={{ secrets['RABBIT_PASSWORD'] }}"
-e "RABBIT_USER=openstack"
tags: env
@ -46,15 +45,12 @@
- command: systemctl daemon-reload
- name: start service at boot.
command: systemctl reenable neutron-controller.service
- name: Initialize neutron
command: >
/usr/bin/docker run --rm
{{ env_vars }}
--add-host=mariadb:{{ listen_ip | default(hostvars[groups['databases'][0]]['ansible_default_ipv4']['address']) }}
--add-host=keystone:{{ listen_ip | default(hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address']) }}
--add-host=mariadb:{{ hostvars[groups['databases'][0]]['ansible_default_ipv4']['address'] }}
--add-host=keystone:{{ hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address'] }}
--network host
{{ docker_image }}
/etc/bootstrap.sh

6
roles/neutron-controller/templates/neutron-controller.service
View File

@ -10,9 +10,9 @@ ExecStartPre=-/usr/bin/docker kill %n
ExecStartPre=-/usr/bin/docker rm %n
ExecStart=/usr/bin/docker run --name %n \
{{ env_vars | replace('\n', '') }} \
--add-host=nova-controller:{{ hostvars[groups['nova-controller'][0]]['listen_ip'] | default(hostvars[groups['nova-controller'][0]]['ansible_default_ipv4']['address']) }} \
--add-host=mariadb:{{ hostvars[groups['databases'][0]]['listen_ip'] | default(hostvars[groups['databases'][0]]['ansible_default_ipv4']['address']) }} \
--add-host=keystone:{{ hostvars[groups['keystone'][0]]['listen_ip'] | default(hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address']) }} \
--add-host=nova-controller:{{ hostvars[groups['nova-controller'][0]]['ansible_default_ipv4']['address'] }} \
--add-host=mariadb:{{ hostvars[groups['databases'][0]]['ansible_default_ipv4']['address'] }} \
--add-host=keystone:{{ hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address'] }} \
--add-host={{ ansible_nodename }}:{{ ansible_default_ipv4.address }} \
--privileged \
--network host \

14
roles/nova-compute/tasks/main.yml
View File

@ -4,11 +4,10 @@
include_vars:
file: ../../secrets.yml
name: secrets
tags: vars
- set_fact:
docker_image: registry.webhosting.rug.nl/hpc/openstack-nova-compute-merlin:latest
tags: vars
docker_image: registry.webhosting.rug.nl/hpc/openstack-nova-compute:latest
tags: facts
- name: pull docker image
docker_image:
@ -23,13 +22,11 @@
mode: 644
owner: root
group: root
tags: systemd
- command: systemctl daemon-reload
tags: systemd
- apt:
name: "{{ item }}"
name: '{{ item }}'
with_items:
- kvm
- libvirt0
@ -41,9 +38,6 @@
name: nova-compute.service
state: restarted
- name: start service at boot.
command: systemctl reenable nova-compute.service
- name: let nova controler discover new host
shell: "sleep 10 && docker exec -i nova-controller.service nova-manage cell_v2 discover_hosts"
command: docker exec -i nova-controller.service nova-manage cell_v2 discover_hosts
delegate_to: "{{ hostvars[groups['nova-controller'][0]]['ansible_hostname'] }}"

25
roles/nova-compute/templates/nova-compute.service
View File

@ -9,33 +9,30 @@ Restart=always
ExecStartPre=-/usr/bin/docker kill %n
ExecStartPre=-/usr/bin/docker rm %n
ExecStart=/usr/bin/docker run --name %n \
-e "GLANCE_CONTROLLER_HOST={{ hostvars[groups['glance-controller'][0]]['listen_ip'] | default(hostvars[groups['glance-controller'][0]]['ansible_default_ipv4']['address']) }}" \
-e "KEYSTONE_HOST={{ hostvars[groups['keystone'][0]]['listen_ip'] | default(hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address']) }}" \
-e "METADATA_SECRET={{ secrets['METADATA_SECRET'] }}" \
-e "MEMCACHED_HOST={{ hostvars[groups['memcached'][0]]['listen_ip'] | default(hostvars[groups['memcached'][0]]['ansible_default_ipv4']['address']) }}" \
-e "MY_IP={{ listen_ip | default(ansible_default_ipv4.address) }}" \
-e "MYSQL_HOST={{ hostvars[groups['databases'][0]]['listen_ip'] | default(hostvars[groups['databases'][0]]['ansible_default_ipv4']['address']) }}" \
-e "GLANCE_CONTROLLER_HOST={{ hostvars[groups['glance-controller'][0]]['ansible_default_ipv4']['address'] }}" \
-e "KEYSTONE_HOST={{ hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address'] }}" \
-e "MEMCACHED_HOST={{ hostvars[groups['memcached'][0]]['ansible_default_ipv4']['address'] }}" \
-e "MY_IP={{ hostvars[groups['nova-compute'][0]]['ansible_default_ipv4']['address'] }}" \
-e "MYSQL_HOST={{ hostvars[groups['databases'][0]]['ansible_default_ipv4']['address'] }}" \
-e "MYSQL_ROOT_PASSWORD={{ secrets['MYSQL_ROOT_PASSWORD'] }}" \
-e "NEUTRON_CONTROLLER_HOST={{ hostvars[groups['neutron-controller'][0]]['listen_ip'] | default(hostvars[groups['neutron-controller'][0]]['ansible_default_ipv4']['address']) }}" \
-e "NEUTRON_CONTROLLER_HOST={{ hostvars[groups['neutron-controller'][0]]['ansible_default_ipv4']['address'] }}" \
-e "NEUTRON_PASSWORD={{ secrets['NEUTRON_PASSWORD'] }}" \
-e "NEUTRON_USER=neutron" \
-e "NOVA_COMPUTE_USER=nova_compute" \
-e "NOVA_CONTROLLER_HOST={{ hostvars[groups['nova-controller'][0]]['listen_ip'] | default(hostvars[groups['nova-controller'][0]]['ansible_default_ipv4']['address']) }}" \
-e "NOVA_CONTROLLER_HOST={{ hostvars[groups['nova-controller'][0]]['ansible_default_ipv4']['address'] }}" \
-e "NOVA_PASSWORD={{ secrets['NOVA_PASSWORD'] }}" \
-e "NOVA_PASSWORD={{ secrets['NOVA_PASSWORD'] }}" \
-e "NOVA_PLACEMENT_PASSWORD={{ secrets['NOVA_PLACEMENT_PASSWORD'] }}" \
-e "NOVA_PLACEMENT_USER=placement" \
-e "NOVA_USER=nova" \
-e "OVERLAY_IP={{ overlay_ip }}" \
-e "OS_PASSWORD={{ secrets['OS_PASSWORD'] }}" \
-e "PHYSICAL_INTERFACE_MAPPINGS={{ physical_interface_mappings }}" \
-e "RABBIT_HOST={{ hostvars[groups['rabbitmq'][0]]['listen_ip'] | default(hostvars[groups['rabbitmq'][0]]['ansible_default_ipv4']['address']) }}" \
-e "PROVIDER_INTERFACE_NAME={{ provider_interface_name }}" \
-e "RABBIT_HOST={{ hostvars[groups['rabbitmq'][0]]['ansible_default_ipv4']['address'] }}" \
-e "RABBIT_PASSWORD={{ secrets['RABBIT_PASSWORD'] }}" \
-e "RABBIT_USER=openstack" \
--add-host=keystone:{{ hostvars[groups['keystone'][0]]['listen_ip'] | default(hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address']) }} \
--add-host=mariadb:{{ hostvars[groups['databases'][0]]['listen_ip'] | default(hostvars[groups['databases'][0]]['ansible_default_ipv4']['address']) }} \
--add-host=keystone:{{ hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address'] }} \
--add-host=mariadb:{{ hostvars[groups['databases'][0]]['ansible_default_ipv4']['address'] }} \
--privileged \
-v /dev:/dev \
-v /var/run/libvirt/libvirt-sock:/var/run/libvirt/libvirt-sock \
-v /var/lib/nova/instances:/var/lib/nova/instances \
-v /lib/modules:/lib/modules \

22
roles/nova-controller/tasks/main.yml
View File

@ -17,17 +17,16 @@
- set_fact:
docker_image: registry.webhosting.rug.nl/hpc/openstack-nova-service:latest
env_vars: >
-e "GLANCE_CONTROLLER_HOST={{ listen_ip | default(hostvars[groups['glance-controller'][0]]['ansible_default_ipv4']['address']) }}"
-e "KEYSTONE_HOST={{ listen_ip | default(hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address']) }}"
-e "METADATA_SECRET={{ secrets['METADATA_SECRET'] }}"
-e "MEMCACHED_HOST={{ listen_ip | default(hostvars[groups['memcached'][0]]['ansible_default_ipv4']['address']) }}"
-e "MY_IP={{ listen_ip | default(ansible_default_ipv4.address) }}"
-e "MYSQL_HOST={{ listen_ip | default(hostvars[groups['databases'][0]]['ansible_default_ipv4']['address']) }}"
-e "GLANCE_CONTROLLER_HOST={{ hostvars[groups['glance-controller'][0]]['ansible_default_ipv4']['address'] }}"
-e "KEYSTONE_HOST={{ hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address'] }}"
-e "MEMCACHED_HOST={{ hostvars[groups['memcached'][0]]['ansible_default_ipv4']['address'] }}"
-e "MY_IP={{ hostvars[groups['nova-controller'][0]]['ansible_default_ipv4']['address'] }}"
-e "MYSQL_HOST={{ hostvars[groups['databases'][0]]['ansible_default_ipv4']['address'] }}"
-e "MYSQL_ROOT_PASSWORD={{ secrets['MYSQL_ROOT_PASSWORD'] }}"
-e "NEUTRON_CONTROLLER_HOST={{ hostvars[groups['neutron-controller'][0]]['listen_ip'] | default(hostvars[groups['neutron-controller'][0]]['ansible_default_ipv4']['address']) }}"
-e "NEUTRON_CONTROLLER_HOST={{ hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address'] }}"
-e "NEUTRON_PASSWORD={{ secrets['NEUTRON_PASSWORD'] }}"
-e "NEUTRON_USER=neutron"
-e "NOVA_CONTROLLER_HOST={{ listen_ip | default(hostvars[groups['nova-controller'][0]]['ansible_default_ipv4']['address']) }}"
-e "NOVA_CONTROLLER_HOST={{ hostvars[groups['nova-controller'][0]]['ansible_default_ipv4']['address'] }}"
-e "NOVA_PASSWORD={{ secrets['NOVA_PASSWORD'] }}"
-e "NOVA_PLACEMENT_PASSWORD={{ secrets['NOVA_PLACEMENT_PASSWORD'] }}"
-e "NOVA_PLACEMENT_USER=placement"
@ -53,15 +52,12 @@
- command: systemctl daemon-reload
- name: start service at boot.
command: systemctl reenable nova-controller.service
- name: Initialize database.
command: >
/usr/bin/docker run --rm
{{ env_vars }}
--add-host=mariadb:{{ listen_ip | default(hostvars[groups['databases'][0]]['ansible_default_ipv4']['address']) }}
--add-host=keystone:{{ listen_ip | default(hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address']) }}
--add-host=mariadb:{{ hostvars[groups['databases'][0]]['ansible_default_ipv4']['address'] }}
--add-host=keystone:{{ hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address'] }}
-v /srv/nova-controller/root:/root
{{ docker_image }}
/etc/bootstrap.sh

5
roles/nova-controller/templates/nova-controller.service
View File

@ -10,12 +10,11 @@ ExecStartPre=-/usr/bin/docker kill %n
ExecStartPre=-/usr/bin/docker rm %n
ExecStart=/usr/bin/docker run --name %n \
{{ env_vars | replace('\n', '') }} \
--add-host=mariadb:{{ hostvars[groups['databases'][0]]['listen_ip'] | default(hostvars[groups['databases'][0]]['ansible_default_ipv4']['address']) }} \
--add-host=keystone:{{ hostvars[groups['keystone'][0]]['listen_ip'] | default(hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address']) }} \
--add-host=mariadb:{{ hostvars[groups['databases'][0]]['ansible_default_ipv4']['address'] }} \
--add-host=keystone:{{ hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address'] }} \
--privileged \
-v /srv/nova-controller/root:/root \
-p 8774:8774 \
-p 8775:8775 \
-p 8778:8778 \
-p 6080:6080 \
{{ docker_image }} /etc/run.sh

4
roles/rabbitmq/files/rabbitmq.service
View File

@ -11,10 +11,10 @@ ExecStartPre=-/usr/bin/docker rm %n
ExecStartPre=/usr/bin/docker pull rabbitmq:latest
ExecStart=/usr/bin/docker run \
{% for host in groups['rabbitmq'] %}
--add-host "{{ host }}:{{ hostvars[host]['listen_ip'] | default(hostvars[host]['ansible_default_ipv4']['address']) }}" \
--add-host "{{ host }}:{{ hostvars[host]['ansible_default_ipv4']['address'] }}" \
{% endfor %}
-p 4369:4369 -p 25679:25679 -p 25672:25672 -p 5671-5672:5671-5672 -p 8080:15672 \
-e "RABBITMQ_DEFAULT_USER=openstack" -e "RABBITMQ_DEFAULT_PASS={{ secrets['RABBIT_PASSWORD'] }}" \
-e "RABBITMQ_DEFAULT_USER=user" -e "RABBITMQ_DEFAULT_PASS={{ secrets['RABBIT_PASSWORD'] }}" \
-e "RABBITMQ_ERLANG_COOKIE={{ secrets['RABBITMQ_ERLANG_COOKIE'] }}" \
-e "RABBITMQ_NODENAME=rabbit_{{ ansible_nodename }}" \
--hostname "{{ ansible_nodename }}" --name %n rabbitmq:3-management

15
roles/rabbitmq/tasks/main.yml
View File

@ -5,6 +5,9 @@
file: ../../secrets.yml
name: secrets
- include_vars:
dir: 'vars'
- name: install service file.
template:
src: files/rabbitmq.service
@ -16,9 +19,6 @@
- name: install service file
command: systemctl daemon-reload
- name: start service at boot.
command: systemctl reenable rabbitmq.service
- name: make sure service is started
systemd:
name: rabbitmq.service
@ -27,7 +27,6 @@
- name: wait for container to be started
wait_for:
port: 5672
delay: 5
- name: setup the cluster
command: "docker exec -i rabbitmq.service {{ item }}"
@ -37,3 +36,11 @@
- rabbitmqctl start_app
when: ansible_nodename != hostname_node0
- name: create openstack user
command: "docker exec -i rabbitmq.service {{ item }}"
with_items:
- rabbitmqctl add_user openstack "{{ secrets['RABBIT_PASSWORD'] }}"
- rabbitmqctl set_permissions openstack ".*" ".*" ".*"
when: ansible_nodename == hostname_node0
register: command_result
failed_when: "command_result.rc not in (0, 70)"

60
secrets.yml
View File

@ -1,32 +1,30 @@
$ANSIBLE_VAULT;1.1;AES256
32313865346461323861313234623330633830663561353636396161643566353733393931303232
3134353364393034626564333866383065633162383561390a656463303464616434303435303037
63313232373630616136626464373464646535353030396136656361343162666165366566383737
6133326539393432390a386162393639636137326532393939633665326637373461663766656565
36636661653939373134313165383261353832373362613533366431626330313831643836363932
38623937663335646134323130636539333335636265313564323032623065393031343235633832
33336138653336633932383133366566656464356331306265663662356166613135663234326434
64343765366439303766613062363830346238376435366138323662366463353634623937376663
39313263613764623533323562333932656564346462333961663538353366313065343263383431
39643734353632336134663965343062373933656461393264323938303261316563313962343837
66623562333031646633643734383439386130653033343962633930613031313433633033383561
65366230663263346661343339636537336332323266623230646534323563373934356332663136
30626231623534616562323033333437353239306538653835623931363164383536336562336136
30666265366536313436646535383632626137613831633132666666653830383566323532306332
34353534336331653330663137323936303337306134333036633932363664643864333534316438
31623062303137376637353061643838383831663561663436663130663064323665316261316531
32616533333165636130623334373130316339326538343330646366383933353137623631323530
39653437343432383161323661643931346664663265326664336461373033646563666333353661
61633865373764346131623131346266373331626336663735303439376230333537386562303939
65363139346564653464663633326639323930333464376136353064393039373535613231623138
61373434323065646238356436373730333939613965666237616265653033333230353466316266
30383939376335656632626232663061623332636337646234653565363561353334643462376666
30326438303333336265306463313137656334313235643434616238333564373761333235633639
66346161316130633463623435646639366136386335386139613230653064663230366265633036
33613132633035393337653436613031383765616638323663363866393165613030306637393134
38333734373939626364343533306662393463646264666161346434363832623239643864303431
39383931333139633338663761646335613935636239636439383333313531633364653439323036
35373639363164386666366335313934336231333261623763633133393562656237313761356631
39663234653339313466326534333435306662316461333035623339353435383137383735373733
32373535303338646266346539386364356233616631316661633037346665353762353138376538
386535333439313233663464353534376535
62633134346438356462333363626164393762356139653666323461333037393536373631653565
6631306631333538353534663738313062636232633339610a303161323131373739393735666463
65353135626430353737373239623361306137326334333761626235353463393465383830666666
6138616530346563310a306263316331346263356139383435316239346230313266636363313564
36633130393062373936363765636361343939313639326237633337353665666338633338343837
34613534333063303537323738396436333964613362636664366264313334663365336132623464
64656131373261376466356638636338643135393139386534626132323262393064626666323462
64323664373262356632393465653932303939313338656665336639613966626234636666373163
35633231666338643863623737396435626364333365656536613130666435323837323136663339
61363936336434656530313538643463663737613831646265313731363734356635356438353062
34323063346265393737343834343065616139656234666230323131366138396265393737666236
39353766643239323339623534393962666432656331323462656439306365613539366230643133
36316138303361313134336431343137343433383430616137376563383233303432383664333930
61613531313638303531643232343066376565663032326533313461363839383664366338356439
37363233666663653736376538386536653262653633323065363830623032363063393635653762
32636365656362323362303962306538336234626533323830656230386432666461343063663832
62373133343933353563653762333836333862376232353339313662363865616439623635393839
37346433346264633036343761613230396434366132653261643137386466326235613030306235
34333065623232303939623233373762393939653639333734336336303762326662386530356563
65303165623564303635356337353662363433626466653939323438633938386166386262623435
64376431396631623034386434393431616631363663393835343035313639663538643565616330
65353365303131326335646164333231306564383936396139643935646331393235326666336230
38326165663865343966356335326438303133663239656235313935626332323332376665343132
62336139643262333938303537313533623535333736643163373137343035393034613939663061
36323063643734343865333138356434643266663436653435353132386330636238343637653434
65616361333263336332643262623034343439383737366663373166643433653466313237613930
32373162646461323266353662326134343839613264313339306430366165633838663831666565
65333337623962313561306333616232393334353934316565666331336561633934623339353138
62656339386530333036383831613762353234643461656436623033613930353531

2
secrets.yml.topol
View File

@ -9,5 +9,3 @@ OS_PASSWORD: # Keystone admin password
OS_DEMO_PASSWORD: # Keystone demo user password
RABBIT_PASSWORD:
RABBITMQ_ERLANG_COOKIE:
CINDER_PASSWORD:
HEAT_PASSWORD:

3
site.yml
View File

@ -11,5 +11,4 @@
- include: cinder-storage.yml
- include: nova-compute.yml
- include: horizon.yml
- include: heat.yml
#- include: post-install.yml
- include: post-install.yml

42
test_hosts
View File

@ -1,48 +1,28 @@
[databases]
openstack-test05
openstack-test06
openstack-test07
ansible-test-2
[keystone]
openstack-test05
ansible-test-3
[glance-controller]
openstack-test05
ansible-test-2
[horizon]
openstack-test05
ansible-test-3
[rabbitmq]
openstack-test05
openstack-test06
openstack-test07
ansible-test
ansible-test-2
ansible-test-3
[memcached]
openstack-test05
ansible-test-3
[neutron-controller]
openstack-test05 physical_interface_mappings=provider:enp4s0f0
ansible-test provider_interface_name=ens10
[nova-controller]
openstack-test05
[cinder-controller]
openstack-test05
[heat]
openstack-test05
[cinder-storage]
openstack-test05 storage_volume=/dev/openstack-test05-vg/cinder
openstack-test06 storage_volume=/dev/openstack-test06-vg/cinder
openstack-test07 storage_volume=/dev/openstack-test07-vg/cinder
openstack-test08 storage_volume=/dev/openstack-test08-vg/cinder
openstack-test09 storage_volume=/dev/openstack-test09-vg/cinder
openstack-test10 storage_volume=/dev/openstack-test10-vg/cinder
ansible-test
[nova-compute]
openstack-test06 physical_interface_mappings=provider:enp4s0f0
openstack-test07 physical_interface_mappings=provider:enp4s0f0
openstack-test08 physical_interface_mappings=provider:enp4s0f0
openstack-test09 physical_interface_mappings=provider:enp4s0f0
openstack-test10 physical_interface_mappings=provider:enp4s0f0
ansible-test-2 provider_interface_name=ens10